Spaces:
Running
Running
| const Review = require('../models/reviewModel'); | |
| const Product = require('../models/productModel'); | |
| // create a review | |
| exports.createReview = async (req, res) => { | |
| try { | |
| const { product, rating, review } = req.body; | |
| // Ensure product exists | |
| const existingProduct = await Product.findById(product); | |
| if (!existingProduct) { | |
| return res.status(400).json({ message: 'Invalid product ID' }); | |
| } | |
| // Prevent duplicate reviews by same user | |
| const existingReview = await Review.findOne({ | |
| product, | |
| user: req.user._id, | |
| }); | |
| if (existingReview) { | |
| return res | |
| .status(400) | |
| .json({ message: 'You already reviewed this product' }); | |
| } | |
| // Create review | |
| const newReview = await Review.create({ | |
| product, | |
| user: req.user._id, | |
| rating, | |
| review, | |
| }); | |
| res.status(201).json({ | |
| status: 'success', | |
| data: newReview, | |
| }); | |
| } catch (error) { | |
| res.status(500).json({ message: error.message }); | |
| } | |
| }; | |
| // get all reviews | |
| exports.getAllReviews = async (req, res) => { | |
| try { | |
| const reviews = await Review.find().populate({ | |
| path: 'product', | |
| select: 'nameEn nameAr price imageCover', | |
| }); | |
| res.status(200).json({ | |
| status: 'success', | |
| results: reviews.length, | |
| data: reviews, | |
| }); | |
| } catch (error) { | |
| res.status(500).json({ message: error.message }); | |
| } | |
| }; | |
| // get all reviews for a product | |
| exports.getProductReviews = async (req, res) => { | |
| try { | |
| const reviews = await Review.find({ product: req.params.productId }); | |
| res.status(200).json({ | |
| status: 'success', | |
| results: reviews.length, | |
| data: reviews, | |
| }); | |
| } catch (error) { | |
| res.status(500).json({ message: error.message }); | |
| } | |
| }; | |
| // Update a review | |
| exports.updateReview = async (req, res) => { | |
| try { | |
| const review = await Review.findById(req.params.id); | |
| if (!review) { | |
| return res.status(404).json({ message: 'Review not found' }); | |
| } | |
| // Only review owner can edit | |
| if (review.user.toString() !== req.user._id.toString()) { | |
| return res.status(403).json({ message: 'Not authorized' }); | |
| } | |
| const updated = await Review.findByIdAndUpdate( | |
| req.params.id, | |
| { rating: req.body.rating, review: req.body.review }, | |
| { new: true, runValidators: true }, | |
| ); | |
| // Trigger recalculation manually (because findByIdAndUpdate doesn’t trigger post('save')) | |
| await Review.calcAverageRatings(review.product); | |
| res.status(200).json({ | |
| status: 'success', | |
| data: updated, | |
| }); | |
| } catch (error) { | |
| res.status(500).json({ message: error.message }); | |
| } | |
| }; | |
| // Delete a review | |
| exports.deleteReview = async (req, res) => { | |
| try { | |
| const review = await Review.findById(req.params.id); | |
| if (!review) { | |
| return res.status(404).json({ message: 'Review not found' }); | |
| } | |
| // Only review owner or admin can delete | |
| if (review.user.toString() !== req.user._id.toString()) { | |
| return res.status(403).json({ message: 'Not authorized' }); | |
| } | |
| await Review.findByIdAndDelete(req.params.id); | |
| await Review.calcAverageRatings(review.product); | |
| res.status(204).json({ status: 'success', data: null }); | |
| } catch (error) { | |
| res.status(500).json({ message: error.message }); | |
| } | |
| }; | |