Rewrote search func

wi/http/data/account.js

@@ -0,0 +1,11 @@
+var endpoint = require('./endpoint.js');
+
+var RegisterAPI = function(app, api) {
+	endpoint.Register(app, api, 'account', 'account', 'id');
+	
+	//Can register custom controller actions here.
+};
+
+module.exports = {
+	'Register': RegisterAPI
+}

wi/http/data/endpoint.js

@@ -1,25 +1,17 @@
 var auth = require('../../core/jwt_auth.js').auth;
 var sql = require('./sql.js');
 
-var RegisterEndpoint = function(app, api, single_name, plural_name, pkey, skeys) {
+var RegisterEndpoint = function(app, api, endpoint_verb, table_name, pkey) {
-	app.get('/api/data/' + single_name, auth, function (req, res) {		
+	app.get('/api/data/' + endpoint_verb + '/:' + pkey, auth, function (req, res) {		
-		sql.RetrieveAll(req, res, plural_name, pkey);
+		sql.Retrieve(req, res, table_name, pkey);
 	});
 	
-	app.get('/api/data/' + single_name + '/:' + pkey, auth, function (req, res) {		
+	app.put('/api/data/' + endpoint_verb + '/:' + pkey, auth, function (req, res) {
-		sql.Retrieve(req, res, plural_name, pkey);
+		sql.CreateUpdate(req, res, table_name, pkey);
 	});
 	
-	app.put('/api/data/' + single_name + '/:' + pkey, auth, function (req, res) {
+	app.delete('/api/data/' + endpoint_verb + '/:' + pkey, auth, function (req, res) {
-		sql.CreateUpdate(req, res, plural_name, pkey);
+		sql.Delete(req, res, table_name, pkey);
-	});
-	
-	app.delete('/api/data/' + single_name + '/:' + pkey, auth, function (req, res) {
-		sql.Delete(req, res, plural_name, pkey);
-	});
-	
-	app.post('/api/data/' + single_name + '/search', auth, function (req, res) {
-		sql.Search(req, res, plural_name, pkey, skeys);
 	});
 };
 

wi/http/data/index.js

@@ -1,7 +1,6 @@
-var endpoint = require('./endpoint.js');
-
 var RegisterAPI = function(app, api) {
-	endpoint.Register(app, api, 'item', 'items', 'id', ['name']);
+	require('./account.js').Register(app, api);
+	require('./item.js').Register(app, api);
 };
 
 module.exports = {

wi/http/data/item.js

@@ -0,0 +1,16 @@
+var endpoint = require('./endpoint.js');
+var auth = require('../../core/jwt_auth.js').auth;
+var sql = require('./sql.js');
+
+var RegisterAPI = function(app, api) {
+	endpoint.Register(app, api, 'item', 'items', 'id');
+	
+	//Can register custom controller actions here.
+	app.post('/api/data/item/search', auth, function (req, res) {
+		sql.Search(req, res, 'items', 'id', ['id', 'name']);
+	});
+};
+
+module.exports = {
+	'Register': RegisterAPI
+}

wi/http/data/sql.js

@@ -104,48 +104,6 @@ function CreateUpdate(req, res, table, pkey) {
 	});
 }
 
-function RetrieveAll(req, res, table, pkey) {
-	req.mysql.getConnection(function(err, connection) {
-		try {
-			if(err) {
-				console.log(err);
-				connection.release();
-				res.sendStatus(500);
-				return;
-			}
-			
-			connection.query('SELECT * FROM ' + table + ' ORDER BY ' + pkey + ' ASC LIMIT 1000', [], function (error, results, fields) {
-				try {
-					var ret = [];
-					
-					for(var idx in results) {
-						var result = results[idx];
-						var obj = { };
-						
-						for(var i in result) {
-							var value = result[i];
-							obj[i] = value;
-						}
-						
-						ret.push(obj);
-					}
-					
-					connection.release();
-					res.json(ret);
-				} catch(ex) {
-					console.log(ex);
-					connection.release();
-					res.sendStatus(500);
-				}
-			});
-		} catch(ex) {
-			console.log(ex);
-			connection.release();
-			res.sendStatus(500);
-		}
-	});
-}
-
 function Retrieve(req, res, table, pkey) {
 	req.mysql.getConnection(function(err, connection) {
 		try {
@@ -223,23 +181,95 @@ function Delete(req, res, table, pkey) {
 	});
 }
 
-function Search(req, res, table, pkey, skeys) {
+function getLimit(req, columns) {
-	//Verify incoming model
+	var limit = '';
-	if(!req.body.hasOwnProperty('start')) {
+	
-		res.sendStatus(400);
+	var len = parseInt(req.body['length']);
-		return;
+	if(len > 100) {
+		len = 100;
 	}
 	
-	if(!req.body.hasOwnProperty('length')) {
+	if(req.body.hasOwnProperty('start') && len != -1) {
-		res.sendStatus(400);
+		limit = 'LIMIT ' + req.body['start'] + ', ' + req.body['length'];
-		return;
 	}
 	
-	if(!req.body.hasOwnProperty('search')) {
+	return limit;
-		res.sendStatus(400);
+}
-		return;
+
+function getOrder(req, columns) {
+	var order = '';
+	
+	if (req.body.hasOwnProperty('order') && req.body['order'].length) {
+		var orderBy = [];
+		for(var i = 0; i < req.body['order'].length; ++i) {
+			var columnIdx = parseInt(req.body['order'][i].column);
+			var column = req.body['columns'][columnIdx];
+			var columnId = column.data;
+			var dir = req.body['order'][i].dir === 'asc' ? 'ASC' : 'DESC';			
+			orderBy.push(req.mysql.escapeId(columnId) + ' ' + dir);
 		}
 		
+		order = 'ORDER BY ' + orderBy.join(',');
+	}
+	
+	return order;
+}
+
+function filter(req, columns, args) {
+	var where = '';
+	var globalSearch = [];
+	var columnSearch = [];
+	
+	if (req.body.hasOwnProperty('search') && req.body['search'].value.length) {
+		var searchTerm = req.body['search'].value;
+		for(var i = 0; i < req.body['columns'].length; ++i) {
+			var column = req.body['columns'][i];
+			
+			if(column.searchable) {
+				globalSearch.push(req.mysql.escapeId(column.data) + ' LIKE ?');
+				args.push('%' + searchTerm + '%');
+			}
+		}
+	}
+	
+	for(var i = 0; i < req.body['columns'].length; ++i) {
+		var column = req.body['columns'][i];
+		var searchTerm = column.search.value;
+		
+		if(searchTerm !== '' && column.searchable) {
+			columnSearch.push(req.mysql.escapeId(column.data) + ' LIKE ?');
+			args.push('%' + searchTerm + '%');
+		}
+	}
+	
+	if(globalSearch.length) {
+		where = globalSearch.join(' OR ');
+	}
+	
+	if(columnSearch.length) {
+		if(where === '') {
+			where = columnSearch.join(' AND ');
+		} else {
+			where += ' AND ';
+			where += columnSearch.join(' AND ');
+		}
+	}
+	
+	if(where !== '') {
+		where = 'WHERE ' + where;
+	}
+	
+	return where;
+}
+
+function Search(req, res, table, pkey, columns) {
+	var args = [];
+	var limit = getLimit(req, columns);
+	var order = getOrder(req, columns);
+	var where = filter(req, columns, args);
+
+	var query = 'SELECT ' + columns.join(', ') + ' FROM ' + table + ' ' + where + ' ' + order + ' ' + limit;
+	
 	req.mysql.getConnection(function(err, connection) {
 		try {
 			if(err) {
@@ -249,41 +279,17 @@ function Search(req, res, table, pkey, skeys) {
 				return;
 			}
 			
-			var query = 'SELECT * FROM ' + table;
-			var first = true;
-			var idx;
-			var args = [];
-			var searchTerm = '%' + req.body['search'] + '%';
-			for(idx in skeys) {
-				var skey = skeys[idx];
-				if(first) {
-					first = false;
-					query +=  ' WHERE ';
-				} else {
-					query += ' OR ';
-				}
-				
-				query += skey;
-				query += ' LIKE ?';
-				args.push(searchTerm);
-			}
-			
-			query += ' ORDER BY ' + pkey + ' ASC';
-			query += ' LIMIT ?, ?';
-			args.push(req.body['start']);
-			args.push(req.body['length']);
-			
 			connection.query(query, args, function (error, results, fields) {
 				try {
 					var ret = [];
 					
-					for(idx in results) {
+					for(var i in results) {
-						var result = results[idx];
+						var result = results[i];
-						var obj = { };
 						
-						for(var i in result) {
+						var obj = { };
-							var value = result[i];
+						for(var idx in result) {
-							obj[i] = value;
+							var value = result[idx];
+							obj[idx] = value;
 						}
 						
 						ret.push(obj);
@@ -303,12 +309,11 @@ function Search(req, res, table, pkey, skeys) {
 			res.sendStatus(500);
 		}
 	});
-}
+};
 
 module.exports = {
 	'CreateUpdate': CreateUpdate,
 	'Retrieve': Retrieve,
-	'RetrieveAll': RetrieveAll,
 	'Delete': Delete,
 	'Search': Search,
 }