From 67116c06cda883ddc3a050812b9ecff8e7a79542 Mon Sep 17 00:00:00 2001
From: Mathew Henson <mat@webinate.net>
Date: Tue, 17 May 2016 15:51:51 +0100
Subject: [PATCH] Updated post + comment endpoints to use hasId function with
 parameters

---
 server/src/controllers/comments-controller.ts | 31 +++----------------
 server/src/controllers/posts-controller.ts    | 18 +++++------
 2 files changed, 13 insertions(+), 36 deletions(-)

diff --git a/server/src/controllers/comments-controller.ts b/server/src/controllers/comments-controller.ts
index a5bce432..bbe32d94 100644
--- a/server/src/controllers/comments-controller.ts
+++ b/server/src/controllers/comments-controller.ts
@@ -35,10 +35,10 @@ export default class CommentsController extends Controller
 		router.use(bodyParser.json({ type: 'application/vnd.api+json' }));
 
         router.get("/comments", <any>[isAdmin, this.getComments.bind(this)]);
-        router.get("/users/:user/comments/:id", <any>[hasId, this.getComment.bind(this)]);
-        router.delete("/users/:user/comments/:id", <any>[canEdit, hasId, this.remove.bind(this)]);
-        router.put("/users/:user/comments/:id", <any>[canEdit, hasId, this.update.bind(this)]);
-        router.post("/comments/:target", <any>[canEdit, this.verifyTarget, this.create.bind(this)]);
+        router.get("/users/:user/comments/:id", <any>[hasId("id", "ID"), this.getComment.bind(this)]);
+        router.delete("/users/:user/comments/:id", <any>[canEdit, hasId("id", "ID"), this.remove.bind(this)]);
+        router.put("/users/:user/comments/:id", <any>[canEdit, hasId("id", "ID"), this.update.bind(this)]);
+        router.post("/posts/:postId/comments/:target?", <any>[canEdit, hasId("postId", "Post ID"), hasId("target", "Target ID"), this.create.bind(this)]);
 
 		// Register the path
 		e.use( "/api", router );
@@ -184,29 +184,6 @@ export default class CommentsController extends Controller
         };
     }
 
-    /**
-    * Checks the request for a target ID. This will throw an error if none is found, or its invalid
-    * @param {mp.IAuthReq} req
-    * @param {express.Response} res
-    * @param {Function} next
-    */
-    private verifyTarget(req: mp.IAuthReq, res: express.Response, next: Function)
-    {
-        // Make sure the target id
-        if (!req.params.target)
-        {
-             okJson<mp.IResponse>( {
-                error: true,
-                message:  "Please specify a target ID"
-            }, res);
-        }
-        // Make sure the target id format is correct
-        else if ( !mongodb.ObjectID.isValid(req.params.target))
-        {
-            errJson(new Error("Invalid target ID format"), res);
-        }
-    }
-
     /**
     * Attempts to remove a comment by ID
     * @param {express.Request} req
diff --git a/server/src/controllers/posts-controller.ts b/server/src/controllers/posts-controller.ts
index 4ec72795..3238b120 100644
--- a/server/src/controllers/posts-controller.ts
+++ b/server/src/controllers/posts-controller.ts
@@ -35,17 +35,17 @@ export default class PostsController extends Controller
 		router.use(bodyParser.json());
 		router.use(bodyParser.json({ type: 'application/vnd.api+json' }));
 
-        router.get("/get-posts", <any>[getUser, this.getPosts.bind(this)]);
-        router.get("/get-post/:slug", <any>[getUser, this.getPost.bind(this)]);
-        router.get("/get-categories", this.getCategories.bind(this));
-        router.delete("/remove-post/:id", <any>[isAdmin, hasId, this.removePost.bind(this)]);
-        router.delete("/remove-category/:id", <any>[isAdmin, hasId, this.removeCategory.bind(this)]);
-        router.put("/update-post/:id", <any>[isAdmin, hasId, this.updatePost.bind(this)]);
-        router.post("/create-post", <any>[isAdmin, this.createPost.bind(this)]);
-        router.post("/create-category", <any>[isAdmin, this.createCategory.bind(this)]);
+        router.get("posts/get-posts", <any>[getUser, this.getPosts.bind(this)]);
+        router.get("posts/get-post/:slug", <any>[getUser, this.getPost.bind(this)]);
+        router.get("posts/get-categories", this.getCategories.bind(this));
+        router.delete("posts/remove-post/:id", <any>[isAdmin, hasId("id", "ID"), this.removePost.bind(this)]);
+        router.delete("posts/remove-category/:id", <any>[isAdmin, hasId("id", "ID"), this.removeCategory.bind(this)]);
+        router.put("posts/update-post/:id", <any>[isAdmin, hasId("id", "ID"), this.updatePost.bind(this)]);
+        router.post("posts/create-post", <any>[isAdmin, this.createPost.bind(this)]);
+        router.post("posts/create-category", <any>[isAdmin, this.createCategory.bind(this)]);
 
 		// Register the path
-		e.use( "/api/posts", router );
+		e.use( "/api", router );
     }
 
     /**