Public API: Namespace private and public APIs (#1148)

* Converts import script to use public API endpoints

The endpoints don't exist yet, but this is a good way to see how
the implementation of the data structures differ.

* Exposes public API endpoint to fetch user's sketches

* Implements public API delete endpoint

* Adds helper to create custom ApplicationError classes

* Adds create project endpoint that understand API's data structure

This transforms the nested tree of file data into a mongoose
Project model

* Returns '201 Created' to match API spec

* Removes 'CustomError' variable assignment as it shows up in test output

* transformFiles will return file validation errors

* Tests API project controller

* Tests toModel()

* Creates default files if no root-level .html file is provided

* Do not auto-generate a slug if it is provided

Fixes a bug where the slug was auto-generated using the sketch name,
even if a slug property had been provided.

* Validates uniqueness of slugs for projects created by the public API

* Adds tests for slug uniqueness

* Configures node's Promise implementation for mongoose (fixes warnings)

* Moves createProject tests to match controller location

* Adds support for code to ApplicationErrors

* deleteProject controller tests

* getProjectsForUser controller tests

- implements tests
- update apiKey tests to use new User mocks

* Ensure error objects have consistent property names

`message` is used as a high-level description of the errors
`detail` is optional and has an plain language explanation of the
individual errors
`errors` is an array of each individual problem from `detail` in a
machine-readable format

* Assert environment variables are provided at script start

* Version public API

* Expect "files" property to always be provided

* Fixes linting error

* Converts import script to use public API endpoints

The endpoints don't exist yet, but this is a good way to see how
the implementation of the data structures differ.

* Exposes public API endpoint to fetch user's sketches

* Implements public API delete endpoint

* Adds helper to create custom ApplicationError classes

* Adds create project endpoint that understand API's data structure

This transforms the nested tree of file data into a mongoose
Project model

* Returns '201 Created' to match API spec

* Removes 'CustomError' variable assignment as it shows up in test output

* transformFiles will return file validation errors

* Tests API project controller

* Tests toModel()

* Creates default files if no root-level .html file is provided

* Do not auto-generate a slug if it is provided

Fixes a bug where the slug was auto-generated using the sketch name,
even if a slug property had been provided.

* Validates uniqueness of slugs for projects created by the public API

* Adds tests for slug uniqueness

* Configures node's Promise implementation for mongoose (fixes warnings)

* Moves createProject tests to match controller location

* deleteProject controller tests

* Adds support for code to ApplicationErrors

* getProjectsForUser controller tests

- implements tests
- update apiKey tests to use new User mocks

* Ensure error objects have consistent property names

`message` is used as a high-level description of the errors
`detail` is optional and has an plain language explanation of the
individual errors
`errors` is an array of each individual problem from `detail` in a
machine-readable format

* Assert environment variables are provided at script start

* Version public API

* Expect "files" property to always be provided

* Fixes linting error

* Checks that authenticated user has permission to create under this namespace

Previously, the project was always created under the authenticated user's
namespace, but this not obvious behaviour.

* Splits private and public APIs

The private API is under /editor and the public API under /api

.env.example

@@ -1,4 +1,4 @@
-API_URL=/api
+API_URL=/editor
 AWS_ACCESS_KEY=<your-aws-access-key>
 AWS_REGION=<your-aws-region>
 AWS_SECRET_KEY=<your-aws-secret-key>

app.json

@@ -16,7 +16,7 @@
   ],
   "env": {
     "API_URL": {
-      "value": "/api"
+      "value": "/editor"
     },
     "AWS_ACCESS_KEY": {
       "description": "AWS Access Key",

server/server.js

@@ -97,16 +97,19 @@ app.use(session({
 app.use(passport.initialize());
 app.use(passport.session());
 app.use('/api/v1', requestsOfTypeJSON(), api);
-app.use('/api', requestsOfTypeJSON(), users);
+app.use('/editor', requestsOfTypeJSON(), users);
-app.use('/api', requestsOfTypeJSON(), sessions);
+app.use('/editor', requestsOfTypeJSON(), sessions);
-app.use('/api', requestsOfTypeJSON(), files);
+app.use('/editor', requestsOfTypeJSON(), files);
-app.use('/api', requestsOfTypeJSON(), projects);
+app.use('/editor', requestsOfTypeJSON(), projects);
-app.use('/api', requestsOfTypeJSON(), aws);
+app.use('/editor', requestsOfTypeJSON(), aws);
 
 // This is a temporary way to test access via Personal Access Tokens
 // Sending a valid username:<personal-access-token> combination will
 // return the user's information.
-app.get('/api/auth/access-check', passport.authenticate('basic', { session: false }), (req, res) => res.json(req.user));
+app.get(
+  '/api/v1/auth/access-check',
+  passport.authenticate('basic', { session: false }), (req, res) => res.json(req.user)
+);
 
 app.use(assetRoutes);
 // this is supposed to be TEMPORARY -- until i figure out