const express = require('express'); const { clearSessionValue, emptyCart, getCountryList, getId, sendEmail, getEmailTemplate, clearCustomer, paginateData } = require('../lib/common'); const { restrict, checkAccess } = require('../lib/auth'); const { indexOrders } = require('../lib/indexing'); const router = express.Router(); // Show orders router.get('/admin/orders/:page?', restrict, async (req, res, next) => { let pageNum = 1; if(req.params.page){ pageNum = req.params.page; } // Get our paginated data const orders = await paginateData(false, req, pageNum, 'orders', {}, { orderDate: -1 }); // If API request, return json if(req.apiAuthenticated){ res.status(200).json({ orders }); return; } res.render('orders', { title: 'Cart', orders: orders.data, totalItemCount: orders.totalItems, pageNum, paginateUrl: 'admin/orders', admin: true, config: req.app.config, session: req.session, message: clearSessionValue(req.session, 'message'), messageType: clearSessionValue(req.session, 'messageType'), helpers: req.handlebars.helpers }); }); // Admin section router.get('/admin/orders/bystatus/:orderstatus', restrict, async (req, res, next) => { const db = req.app.db; if(typeof req.params.orderstatus === 'undefined'){ res.redirect('/admin/orders'); return; } // case insensitive search const regex = new RegExp(['^', req.params.orderstatus, '$'].join(''), 'i'); const orders = await db.orders.find({ orderStatus: regex }).sort({ orderDate: -1 }).limit(10).toArray(); // If API request, return json if(req.apiAuthenticated){ res.status(200).json({ orders }); return; } res.render('orders', { title: 'Cart', orders: orders, admin: true, filteredOrders: true, filteredStatus: req.params.orderstatus, config: req.app.config, session: req.session, message: clearSessionValue(req.session, 'message'), messageType: clearSessionValue(req.session, 'messageType'), helpers: req.handlebars.helpers }); }); // render the editor router.get('/admin/order/view/:id', restrict, async (req, res) => { const db = req.app.db; const order = await db.orders.findOne({ _id: getId(req.params.id) }); res.render('order', { title: 'View order', result: order, config: req.app.config, session: req.session, message: clearSessionValue(req.session, 'message'), messageType: clearSessionValue(req.session, 'messageType'), editor: true, admin: true, helpers: req.handlebars.helpers }); }); // render the editor router.get('/admin/order/create', restrict, async (req, res) => { res.render('order-create', { title: 'Create order', config: req.app.config, session: req.session, message: clearSessionValue(req.session, 'message'), messageType: clearSessionValue(req.session, 'messageType'), countryList: getCountryList(), editor: true, admin: true, helpers: req.handlebars.helpers }); }); router.post('/admin/order/create', async (req, res, next) => { const db = req.app.db; const config = req.app.config; // Check if cart is empty if(!req.session.cart){ res.status(400).json({ message: 'The cart is empty. You will need to add items to the cart first.' }); } const orderDoc = { orderPaymentId: getId(), orderPaymentGateway: 'Instore', orderPaymentMessage: 'Your payment was successfully completed', orderTotal: req.session.totalCartAmount, orderShipping: req.session.totalCartShipping, orderItemCount: req.session.totalCartItems, orderProductCount: req.session.totalCartProducts, orderCustomer: getId(req.session.customerId), orderEmail: req.body.email || req.session.customerEmail, orderCompany: req.body.company || req.session.customerCompany, orderFirstname: req.body.firstName || req.session.customerFirstname, orderLastname: req.body.lastName || req.session.customerLastname, orderAddr1: req.body.address1 || req.session.customerAddress1, orderAddr2: req.body.address2 || req.session.customerAddress2, orderCountry: req.body.country || req.session.customerCountry, orderState: req.body.state || req.session.customerState, orderPostcode: req.body.postcode || req.session.customerPostcode, orderPhoneNumber: req.body.phone || req.session.customerPhone, orderComment: req.body.orderComment || req.session.orderComment, orderStatus: req.body.orderStatus, orderDate: new Date(), orderProducts: req.session.cart, orderType: 'Single' }; // insert order into DB try{ const newDoc = await db.orders.insertOne(orderDoc); // get the new ID const orderId = newDoc.insertedId; // add to lunr index indexOrders(req.app) .then(() => { // set the results req.session.messageType = 'success'; req.session.message = 'Your order was successfully placed. Payment for your order will be completed instore.'; req.session.paymentEmailAddr = newDoc.ops[0].orderEmail; req.session.paymentApproved = true; req.session.paymentDetails = `

Order ID: ${orderId}

Transaction ID: ${orderDoc.orderPaymentId}

`; // set payment results for email const paymentResults = { message: req.session.message, messageType: req.session.messageType, paymentEmailAddr: req.session.paymentEmailAddr, paymentApproved: true, paymentDetails: req.session.paymentDetails }; // clear the cart if(req.session.cart){ emptyCart(req, res, 'function'); } // Clear customer session clearCustomer(req); // send the email with the response // TODO: Should fix this to properly handle result sendEmail(req.session.paymentEmailAddr, `Your order with ${config.cartTitle}`, getEmailTemplate(paymentResults)); // redirect to outcome res.status(200).json({ message: 'Order created successfully', orderId }); }); }catch(ex){ res.status(400).json({ err: 'Your order declined. Please try again' }); } }); // Admin section router.get('/admin/orders/filter/:search', restrict, async (req, res, next) => { const db = req.app.db; const searchTerm = req.params.search; const ordersIndex = req.app.ordersIndex; const lunrIdArray = []; ordersIndex.search(searchTerm).forEach((id) => { lunrIdArray.push(getId(id.ref)); }); // we search on the lunr indexes const orders = await db.orders.find({ _id: { $in: lunrIdArray } }).toArray(); // If API request, return json if(req.apiAuthenticated){ res.status(200).json({ orders }); return; } res.render('orders', { title: 'Order results', orders: orders, admin: true, config: req.app.config, session: req.session, searchTerm: searchTerm, message: clearSessionValue(req.session, 'message'), messageType: clearSessionValue(req.session, 'messageType'), helpers: req.handlebars.helpers }); }); // order product router.get('/admin/order/delete/:id', restrict, async(req, res) => { const db = req.app.db; // remove the order try{ await db.orders.deleteOne({ _id: getId(req.params.id) }); // remove the index indexOrders(req.app) .then(() => { if(req.apiAuthenticated){ res.status(200).json({ message: 'Order successfully deleted' }); return; } // redirect home req.session.message = 'Order successfully deleted'; req.session.messageType = 'success'; res.redirect('/admin/orders'); }); }catch(ex){ console.log('Cannot delete order', ex); if(req.apiAuthenticated){ res.status(200).json({ message: 'Error deleting order' }); return; } // redirect home req.session.message = 'Error deleting order'; req.session.messageType = 'danger'; res.redirect('/admin/orders'); } }); // update order status router.post('/admin/order/statusupdate', restrict, checkAccess, async (req, res) => { const db = req.app.db; try{ await db.orders.updateOne({ _id: getId(req.body.order_id) }, { $set: { orderStatus: req.body.status } }, { multi: false }); return res.status(200).json({ message: 'Status successfully updated' }); }catch(ex){ console.info('Error updating status', ex); return res.status(400).json({ message: 'Failed to update the order status' }); } }); module.exports = router;