|
|
@@ -1,4 +1,5 @@
|
|
|
import Session from "../models/Session.js";
|
|
|
+import Workout from "../models/Workout.js";
|
|
|
|
|
|
const createRoute = async (req, res, next)=>{
|
|
|
try{
|
|
|
@@ -8,6 +9,17 @@ const createRoute = async (req, res, next)=>{
|
|
|
}catch(e){next(e)}
|
|
|
}
|
|
|
|
|
|
+const getRoute = async (req, res, next)=>{
|
|
|
+ try{
|
|
|
+ const [workout, sessions] = Promise.all(
|
|
|
+ Workout.findOne({_id: req.params.workoutId}),
|
|
|
+ Session.find({workout: req.params.workoutId}).limit(5)
|
|
|
+ );
|
|
|
+ confirmWorkoutOwnership(workout, res.locals.user);
|
|
|
+ res.json(sessions.map(s => responseSession(s)));
|
|
|
+ }catch(e){next(e)}
|
|
|
+}
|
|
|
+
|
|
|
/*
|
|
|
Create a new Session object
|
|
|
@param {Object} - Body data from the object
|
|
|
@@ -23,6 +35,17 @@ const createSession = (data)=>{
|
|
|
});
|
|
|
}
|
|
|
|
|
|
+/*
|
|
|
+ Throw error if user does now own workout
|
|
|
+ @param {Workout} workout - Workout object
|
|
|
+ @param {User} user - User object
|
|
|
+ */
|
|
|
+const confirmWorkoutOwnership = (workout, user)=>{
|
|
|
+ if(workout.user.toString() !== user._id.toString()){
|
|
|
+ throw new HttpError(403, "Unauthorized");
|
|
|
+ }
|
|
|
+}
|
|
|
+
|
|
|
/*
|
|
|
Create modified Session for sending to frontend
|
|
|
@param {Session} - Session object
|
|
|
@@ -39,5 +62,6 @@ const responseSession = (session)=>{
|
|
|
}
|
|
|
|
|
|
export {
|
|
|
- createRoute
|
|
|
+ createRoute,
|
|
|
+ getRoute
|
|
|
}
|