mctep/gist:6b270dc2e7dab4ab6295

## gistfile1.js

// Update user by manager
router.put('/users/:id')
.use(access.perm('manager'))
.use(schema.validate({
	type: 'object',
	properties: {
		password: {
			type: 'string',
			minLength: 6,
			maxLength: 255,
			pattern: '/^[a-z_0-9-=!@#$%^&*()_+~]+$/i'
		},

		roles: {
			type: 'array',
			uniqueItems: true
		}
	},
	additionalProperties: false
})
.use(Users.update)
.use(schema.filter({
	type: 'object',
	properties: {
		id: { type: 'integer' },
		login: { type: 'string' }
		roles: { type: 'array' },
		lastlogin: { type: 'date' }
	},
	additionalProperties: false
}))
.use(send);

// Update user by client
router.put('/users/:id')
.use(access.perm('client'))
.use(access.uid('id'))
.use(schema.validate({
	type: 'object',
	properties: {
		password: {
			type: 'string',
			minLength: 6,
			maxLength: 255,
			pattern: '/^[a-z_0-9-=!@#$%^&*()_+~]+$/i'
		}
	}
}))
.use(Users.update)
.use(schema.filter({
	type: 'object',
	properties: {
		id: { type: 'integer' },
		login: { type: 'string' }
		roles: { type: 'array' },
		lastlogin: { type: 'date' }
	},
	additionalProperties: false
}))
.use(send);

// Create order by client
router.post('/users/:id/orders')
.use(access.perm('client'))
.use(access.uid('id'))
.use(schema.validate({
	type: 'object',
	properties: {
		items: {
			type: 'array',
			items: {
				type: {/* ... */}
			}
		}
	}
}))
.use(function(req, res, next) {
	req.body.user = req.params.id;
	next();
})
.use(Orders.create)
.use(schema.filter({
	type: 'object'
	properties: {/* ... */}
}))
.use(send);

	// Update user by manager
	router.put('/users/:id')
	.use(access.perm('manager'))
	.use(schema.validate({
	type: 'object',
	properties: {
	password: {
	type: 'string',
	minLength: 6,
	maxLength: 255,
	pattern: '/^[a-z_0-9-=!@#$%^&*()_+~]+$/i'
	},

	roles: {
	type: 'array',
	uniqueItems: true
	}
	},
	additionalProperties: false
	})
	.use(Users.update)
	.use(schema.filter({
	type: 'object',
	properties: {
	id: { type: 'integer' },
	login: { type: 'string' }
	roles: { type: 'array' },
	lastlogin: { type: 'date' }
	},
	additionalProperties: false
	}))
	.use(send);

	// Update user by client
	router.put('/users/:id')
	.use(access.perm('client'))
	.use(access.uid('id'))
	.use(schema.validate({
	type: 'object',
	properties: {
	password: {
	type: 'string',
	minLength: 6,
	maxLength: 255,
	pattern: '/^[a-z_0-9-=!@#$%^&*()_+~]+$/i'
	}
	}
	}))
	.use(Users.update)
	.use(schema.filter({
	type: 'object',
	properties: {
	id: { type: 'integer' },
	login: { type: 'string' }
	roles: { type: 'array' },
	lastlogin: { type: 'date' }
	},
	additionalProperties: false
	}))
	.use(send);

	// Create order by client
	router.post('/users/:id/orders')
	.use(access.perm('client'))
	.use(access.uid('id'))
	.use(schema.validate({
	type: 'object',
	properties: {
	items: {
	type: 'array',
	items: {
	type: {/* ... */}
	}
	}
	}
	}))
	.use(function(req, res, next) {
	req.body.user = req.params.id;
	next();
	})
	.use(Orders.create)
	.use(schema.filter({
	type: 'object'
	properties: {/* ... */}
	}))
	.use(send);