64 lines
1.7 KiB
JavaScript
64 lines
1.7 KiB
JavaScript
'use strict';
|
|
|
|
const { createCoreController } = require('@strapi/strapi').factories;
|
|
const { ApplicationError, NotFoundError, UnauthorizedError } = require("@strapi/utils").errors
|
|
|
|
module.exports = createCoreController('api::commentaire.commentaire', ({strapi}) => ({
|
|
async create(ctx) {
|
|
const {body} = ctx.request
|
|
let {data} = body
|
|
|
|
if (ctx.request && ctx.request.header && ctx.request.header.authorization) {
|
|
try {
|
|
const {id} = await strapi.plugins[
|
|
'users-permissions'
|
|
].services.jwt.getToken(ctx)
|
|
|
|
if (id !== data.user.id) {
|
|
throw new UnauthorizedError('Opération non autorisée')
|
|
}
|
|
} catch (err) {
|
|
throw new UnauthorizedError(ctx, err, 'Opération non autorisée')
|
|
}
|
|
}
|
|
const user = await strapi.documents('plugin::users-permissions.user').findOne({
|
|
documentId: "__TODO__"
|
|
})
|
|
|
|
if (!user) {
|
|
throw new NotFoundError('Utilisateur introuvable.')
|
|
}
|
|
|
|
if (user.id !== data.user.id || user.username !== data.user.username || user.email !== data.user.email) {
|
|
throw new ApplicationError('Informations non valides.')
|
|
}
|
|
|
|
data.user = user.id
|
|
|
|
const parole = await strapi.documents('api::parole.parole').findOne({
|
|
documentId: "__TODO__",
|
|
fields: ['id']
|
|
})
|
|
|
|
if (!parole) {
|
|
throw new NotFoundError('Texte introuvable.')
|
|
}
|
|
|
|
const newCommentaire = await strapi.documents('api::commentaire.commentaire').create({
|
|
data: {
|
|
...data
|
|
}
|
|
})
|
|
|
|
await strapi.documents('api::parole.parole').update({
|
|
documentId: "__TODO__",
|
|
|
|
data: {
|
|
commentaires: [newCommentaire.id]
|
|
}
|
|
})
|
|
|
|
return newCommentaire;
|
|
}
|
|
}))
|