simplex/applications/api.moon

import Application from require "lapis"
import assert_valid from require "lapis.validate"
import unescape from require "lapis.util"

import APIKeys, Users, Tasks from require "models"
import locate from require "locator"
import request, abort, assert_model from locate "helpers.api"
-- import random from locate "calc"
-- import escape_similar_to from locate "db"

get_task = =>
  unless @params.content or tonumber @params.id
    @params.content = unescape(@params.id)
    @params.id = nil
  if @params.id
    assert_valid @params, {
      {"id", exists: true, min_length: 1, "Attempted to select by task id, but no id specified."}
      {"id", is_integer: true, "Task id specified is not an integer."}
    }
    @task = assert_model Tasks\find id: tonumber(@params.id), user_id: @user.id
  elseif @params.content
    assert_valid @params, {
      {"content", exists: true, min_length: 1, "Attempted to select by task content, but no content specified."}
    }
    @task = assert_model Tasks\find content: @params.content, user_id: @user.id
  else
    abort "Task id or content not specified."

  abort 404, "Invalid task specified." unless @task

set_bool = (name) =>
  if @params[name] == "true"
    @params[name] = true
  elseif @params[name] == "false"
    @params[name] = false
  if @params[name] != nil and "boolean" != type @params[name]
    abort "#{name} must be true/false only."

send_task = =>
  @write json: { success: true, task: @task }

class API extends Application
  @path: "/v1"
  @name: "api_"

  @before_filter( request =>
    return if @user
    if auth = @req.headers["authorization"]
      if auth\len! > 0
        @params.api_key = auth
    abort "Auth: api_key not specified." unless @params.api_key
    @api_key = APIKeys\find key: @params.api_key
    abort "Auth: Invalid api_key." unless @api_key
    @user = Users\find id: @api_key.user_id
    abort "Auth: Invalid api_key." unless @user -- NOTE this should also delete the api_key and error (this should never happen!)
  )

  [action: "/:action(/:id)"]: request =>
    switch @params.action
      when "new"
        unless @params.content or tonumber @params.id
          @params.content = unescape(@params.id)
        assert_valid @params, { {"content", exists: true, min_length: 1, "Task content not specified."} }
        @task = assert_model Tasks\create user_id: @user.id, content: @params.content
        send_task(@)
      when "get", "do", "undo", "edit", "delete"
        get_task(@)
      else
        abort "Invalid action: #{@params.action}"

    switch @params.action
      when "do"
        @task = assert_model @task\update done: true
      when "undo"
        @task = assert_model @task\update done: false
      when "edit"
        assert_valid @params, {
          {"new_content", exists: true, min_length: 1, optional: true, "Cannot set no content on a task."}
        }
        set_bool(@, "done")
        @task = assert_model @task\update content: @params.new_content, done: @params.done
      when "delete"
        if @task\delete!
          return json: { success: true }
        else
          abort 500, "Error deleting task."

    send_task(@)



  [list: "/list"]: request =>
    assert_valid @params, {
      {"count", exists: true, is_integer: true, optional: true, "Count is not an integer."}
      {"done", exists: true, one_of: {true, false}, optional: true, "Done is not a boolean."}
      {"page", exists: true, is_integer: true, optional: true, "Page is not an integer."}
      {"order", exists: true, one_of: {"asc", "desc"}, optional: true, "Invalid order. (Must be 'asc' or 'desc'.)"}
    }
    @params.count = tonumber @params.count
    @params.count or= 50
    @params.page = tonumber @params.page
    @params.page or= 1
    @params.order or= "asc"
    @params.page = 1 if @params.page < 1

    local Paginator
    if @params.done == nil
      Paginator = Tasks\paginated "WHERE user_id = ? ORDER BY created_at #{@params.order}", @user.id, per_page: @params.count
    else
      set_bool(@, "done")
      Paginator = Tasks\paginated "WHERE user_id = ? AND done = ? ORDER BY created_at #{@params.order}", @user.id, @params.done, per_page: @params.count

    num_pages = Paginator\num_pages!
    if num_pages < @params.page
      @params.page = num_pages
    tasks = Paginator\get_page(@params.page)

    -- returns page in case it returned a different page than you asked for! (in the case you ask for an out-of-range page)
    return json: { success: true, page: @params.page, pages: num_pages, :tasks }



  [random: "/random"]: request =>
    -- assert_valid @params, {
    --   {"count", exists: true, is_integer: true, optional: true, "Count is not an integer."}
    --   {"done", exists: true, one_of: {true, false}, optional: true, "Done is not a boolean."}
    -- }
    -- @params.count or= 1
    -- @params.done = false if @params.done == nil

    abort 501, "Not implemented."

    -- possibly need to store how many items each user has and use a different strategy for users with low amounts vs high amounts
    -- key = get_key(@)
    --
    -- local tasks
    -- if @params.done
    --   offset = random Tasks\count "user_id = ? AND done = ? ORDER BY id ASC", key.user_id, @params.done
    --   tasks = Tasks\select "WHERE user_id = ? AND done = ? ORDER BY id ASC OFFSET ? LIMIT 1", key.user_id, @params.done, offset
    -- else
    --   offset = random Tasks\count "user_id = ? ORDER BY id ASC", key.user_id
    --   tasks = Tasks\select "WHERE user_id = ? ORDER BY id ASC OFFSET ? LIMIT 1", key.user_id, offset
    --
    -- if tasks and #tasks == 1
    --   return json: { success: true, task: tasks[1] }
    -- else
    --   abort!

  [new_key: "/key/new"]: request =>
    api_key = assert_model APIKeys\create(@user)
    return json: { success: true, :api_key }

  [delete_key: "/key/delete(/:key)"]: request =>
    if @params.id
      abort "api_key IDs do not exist anymore (sorry!)." -- no one should ever run into this
    elseif @params.key
      assert_valid @params, {
        {"key", exists: true, min_length: 32, max_length: 32, "Invalid api_key specified."}
      }
      @key_to_delete = assert_model APIKeys\find key: @params.key, user_id: @user.id
    else
      abort "No api_key specified."

    abort 404, "Invalid api_key specified." unless @key_to_delete
    if @key_to_delete\delete!
      return json: { success: true }
    else
      abort 500, "Error deleting api_key."