2014-06-03 10:14:10 -04:00
|
|
|
log = require 'winston'
|
|
|
|
errors = require '../commons/errors'
|
|
|
|
handlers = require('../commons/mapping').handlers
|
|
|
|
|
2014-06-03 16:54:56 -04:00
|
|
|
mongoose = require('mongoose')
|
|
|
|
|
2014-06-03 10:14:10 -04:00
|
|
|
module.exports.setup = (app) ->
|
2014-06-03 16:54:56 -04:00
|
|
|
app.post '/admin/*', (req, res) ->
|
|
|
|
# TODO apparently I can leave this out as long as I use res.send
|
2014-06-03 10:14:10 -04:00
|
|
|
res.setHeader('Content-Type', 'application/json')
|
|
|
|
|
|
|
|
module = req.path[7..]
|
|
|
|
parts = module.split('/')
|
|
|
|
module = parts[0]
|
|
|
|
|
|
|
|
return errors.unauthorized(res, 'Must be admin to access this area.') unless req.user?.isAdmin()
|
|
|
|
|
|
|
|
try
|
|
|
|
moduleName = module.replace '.', '_'
|
|
|
|
name = handlers[moduleName]
|
|
|
|
handler = require('../' + name)
|
|
|
|
|
|
|
|
return handler[parts[1]](req, res, parts[2..]...) if parts[1] of handler
|
|
|
|
|
|
|
|
catch error
|
|
|
|
log.error("Error trying db method '#{req.route.method}' route '#{parts}' from #{name}: #{error}")
|
|
|
|
errors.notFound(res, "Route #{req.path} not found.")
|