blabno/a1_simple.js

## a1_simple.js
'use strict';

var Joi = require('joi');

module.exports = function (harvester) {

    harvester
        .resource('categories', {
            name: Types.string().required().description('a name'),
            links: {
                brand: 'brands'
            }
        })

    // register all routes :
    // GET /categories, GET /categories/:id, GET /categories/changes/stream, POST /categories,
    // PUT /categories/:id, DELETE /categories/:id,

    // all of these are bootstrapped with the default authorization function, swagger spec and validation
    // the Joi schema attributes are used to evaluate body or query params depending on the verb

    .register();

};

## b_swagger_override.js
'use strict';

var Joi = require('joi');

module.exports = function (harvester) {

    var categories = harvester
        .resource('categories', {
            name: Types.string().required().description('a name'),
            links: {
                brand: 'brands'
            }
        });
    var models = harvester
        .resource('models', {
            name: Types.string().required().description('a name'),
            links: {
                brand: 'brands'
            }
        })


    //so now categories is pointing still to harvester, but the `.resource('models'` has overriden the getById, and the call below will modify the models resource
    categories.getById().docs({summary: 'all the lovely categories by id'})

    .register();

};

## c_validation_override.js
'use strict';

var Joi = require('joi');

module.exports = function (harvester) {

    harvester
        .resource('categories', {
            name: Types.string().required().description('a name'),
            links: {
                brand: 'brands'
            }
        })
    .get().validate({query: {myAwesomeParam: Joi.string().required().description('My awesome parameter')}})

    .register();

};

## d1_authorize_override.js
'use strict';
var Joi = require('joi');
var Promise = require('bluebird');
module.exports = function (harvester) {

    harvester
        .resource('categories', {
            name: Types.string().required().description('a name'),
            links: {
                brand: 'brands'
            }
        })

    .get().authorize(false)
    .getById().authorize(false)

    .delete().before(function(req) {
        var resource = this;
        return dynamicAuthorizeDelete(req).then(function() {
            return resource;
        });
    })

    .register();

    function dynamicAuthorizeDelete(req) {
            var _category;
            return Promise.resolve()
                .then(function(){
                    harvester.adapter.find('category',req.params.id)
                })
                .then(function(category){
                    _category = category;
                    // lookup identity with whoamIfunction
                    return $http.get('/whoami') //header should have authentication
                })
                .then(function(resp) {
                    if (resp.dealerUser && dealerUser.id==_category.links.dealerUser){
                        return true;
                    }else{
                        throw new JSONAPI_Error({403, 'something went wrong'}))
                    }
                })
            }
        }

};

## f_fullmonty.js
'use strict';

var Joi = require('joi');
var roles = require('./roles');

module.exports = function (harvester) {

    harvester
        .resource('categories', {
            name: Types.string().required().description('a name'),
            links: {
                brand: 'brands'
            }
        })
        .roles([roles.dealerRegular])

    // the values expressed in the .roles declaration clause will override/replace values defined at a higher level (e.g. .resource({}).roles(...))

    // declaring disableAuthorization() in a route causes the authorization strategy function to be skipped
    // a roles definition is required for every route unless disableAuthorization() is used
    // this definition can be either inherited through the .resource({}).roles definition, or be expressed on the route itself
    .get().disableAuthorization().validate({query: {myAwesomeParam: Joi.string().required().description('My awesome parameter')}})
    .getById().disableAuthorization().docs({summary: 'all the lovely categories by id'})

    .delete().roles([roles.dealerAdmin, roles.dealerRegular]).before(function(req) {
        var resource = this;
        return dynamicAuthorizeDelete(req).then(function() {
            return resource;
        });
    })

    .register();

    function dynamicAuthorizeDelete(req) {
            var _category;
            return Promise.resolve()
                .then(function(){
                    harvester.adapter.find('category',req.params.id)
                })
                .then(function(category){
                    _category = category;
                    // lookup identity with whoamIfunction
                    return $http.get('/whoami') //header should have authentication
                })
                .then(function(resp) {
                    if (resp.dealerUser && dealerUser.id==_category.links.dealerUser){
                        return true;
                    }else{
                        throw new JSONAPI_Error({403, 'something went wrong'}))
                    }
                })
            }
        }

};

## g_express_handler.js
'use strict';

var Joi = require('joi');

module.exports = function (harvester) {

    var category = harvester
        .resource('categories', {
            name: Types.string().required().description('a name'),
            links: {
                brand: 'brands'
            }
        });

    // retrieve express from app namespace
    var app = harvester.app;

    app.get('/categories', category.get().handler());
    app.get('/categories/:id', category.getById().handler());
    app.get('/categories/changes/stream', category.getChangeEventsStreaming().handler());
    app.delete('/categories', category.delete().handler());

};

## immutable_readonly.js

   harvester
        .resource('categories', {
            name: Types.string().required().description('a name'),
            links: {
                brand: 'brands'
            }
        })
    .immutable() // only POST and GETs are allowed
    .register();

    harvester
        .resource('categories', {
            name: Types.string().required().description('a name'),
            links: {
                brand: 'brands'
            }
        })
    .readonly() // only GETs are allowed
    .register();
	'use strict';

	var Joi = require('joi');

	module.exports = function (harvester) {

	harvester
	.resource('categories', {
	name: Types.string().required().description('a name'),
	links: {
	brand: 'brands'
	}
	})

	// register all routes :
	// GET /categories, GET /categories/:id, GET /categories/changes/stream, POST /categories,
	// PUT /categories/:id, DELETE /categories/:id,

	// all of these are bootstrapped with the default authorization function, swagger spec and validation
	// the Joi schema attributes are used to evaluate body or query params depending on the verb

	.register();

	};
	'use strict';
	var Joi = require('joi');
	var Promise = require('bluebird');
	module.exports = function (harvester) {

	harvester
	.resource('categories', {
	name: Types.string().required().description('a name'),
	links: {
	brand: 'brands'
	}
	})

	.get().authorize(false)
	.getById().authorize(false)

	.delete().before(function(req) {
	var resource = this;
	return dynamicAuthorizeDelete(req).then(function() {
	return resource;
	});
	})

	.register();

	function dynamicAuthorizeDelete(req) {
	var _category;
	return Promise.resolve()
	.then(function(){
	harvester.adapter.find('category',req.params.id)
	})
	.then(function(category){
	_category = category;
	// lookup identity with whoamIfunction
	return $http.get('/whoami') //header should have authentication
	})
	.then(function(resp) {
	if (resp.dealerUser && dealerUser.id==_category.links.dealerUser){
	return true;
	}else{
	throw new JSONAPI_Error({403, 'something went wrong'}))
	}
	})
	}
	}

	};
	'use strict';

	var Joi = require('joi');
	var roles = require('./roles');

	module.exports = function (harvester) {

	harvester
	.resource('categories', {
	name: Types.string().required().description('a name'),
	links: {
	brand: 'brands'
	}
	})
	.roles([roles.dealerRegular])

	// the values expressed in the .roles declaration clause will override/replace values defined at a higher level (e.g. .resource({}).roles(...))

	// declaring disableAuthorization() in a route causes the authorization strategy function to be skipped
	// a roles definition is required for every route unless disableAuthorization() is used
	// this definition can be either inherited through the .resource({}).roles definition, or be expressed on the route itself
	.get().disableAuthorization().validate({query: {myAwesomeParam: Joi.string().required().description('My awesome parameter')}})
	.getById().disableAuthorization().docs({summary: 'all the lovely categories by id'})

	.delete().roles([roles.dealerAdmin, roles.dealerRegular]).before(function(req) {
	var resource = this;
	return dynamicAuthorizeDelete(req).then(function() {
	return resource;
	});
	})

	.register();

	function dynamicAuthorizeDelete(req) {
	var _category;
	return Promise.resolve()
	.then(function(){
	harvester.adapter.find('category',req.params.id)
	})
	.then(function(category){
	_category = category;
	// lookup identity with whoamIfunction
	return $http.get('/whoami') //header should have authentication
	})
	.then(function(resp) {
	if (resp.dealerUser && dealerUser.id==_category.links.dealerUser){
	return true;
	}else{
	throw new JSONAPI_Error({403, 'something went wrong'}))
	}
	})
	}
	}

	};