From 4629b42b362de1923f4277e5f489dc4db5d914d6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Y=C3=BBki=20Vachot?= Date: Tue, 2 Nov 2021 04:37:22 +0100 Subject: [PATCH] History added + User tested --- .../app/controllers/playlist.controller.js | 2 +- backend/app/controllers/user.controller.js | 247 ++++++++++++------ backend/app/controllers/video.controller.js | 6 +- backend/app/models/history.model.js | 15 ++ backend/app/models/mongodb.model.js | 4 +- backend/app/models/user.model.js | 6 +- backend/app/routes/user.routes.js | 15 -- backend/app/routes/video.routes.js | 9 +- 8 files changed, 197 insertions(+), 107 deletions(-) create mode 100644 backend/app/models/history.model.js diff --git a/backend/app/controllers/playlist.controller.js b/backend/app/controllers/playlist.controller.js index f6cefed..1b5ae3f 100644 --- a/backend/app/controllers/playlist.controller.js +++ b/backend/app/controllers/playlist.controller.js @@ -11,7 +11,7 @@ exports.create = (req, res) => { } }; -// Retrieve all Playlists + ads +// Retrieve all Playlists exports.findAll = (req, res) => { const token = checkLogin(req, res); if(token){ diff --git a/backend/app/controllers/user.controller.js b/backend/app/controllers/user.controller.js index 8904aa7..7dfa64f 100644 --- a/backend/app/controllers/user.controller.js +++ b/backend/app/controllers/user.controller.js @@ -4,6 +4,7 @@ const {checkLogin, setSessionCookie, getSession, getToken} = require("../config/ const ObjectId = require('mongoose').Types.ObjectId; const roles = require("../config/role.config"); const User = db.users; +const History = db.histories; // Authenticate a User exports.auth = (req, res) => { @@ -13,7 +14,7 @@ exports.auth = (req, res) => { } else{ // Check User in the database User - .findOne({login: req.body.login, hashPass: req.body.hashPass}, {role: true}) + .findOne({login: req.body.login, hashPass: req.body.hashPass, active: true}, {role: true}) .then(data => { if (data !== null){ setSessionCookie(req, res, {id: data._id, login: req.body.login, role: data.role}); @@ -53,39 +54,34 @@ exports.create = (req, res) => { let user; const session = getSession(req.cookies.SESSIONID); const token = getToken(session); - if(token.login === 'undefined' || token.login === -1){ - if(req.body.role === 'undefined'){ - sendError(res, 500, -1, "Must be connected to set role of a User."); - } else{ - user = new User({ - login: req.body.login, - hashPass: req.body.hashPass, - mail: req.body.mail - }); - } + if((typeof token.login === 'undefined' || token.login === -1) && typeof req.body.role === 'undefined'){ + user = new User({ + login: req.body.login, + hashPass: req.body.hashPass, + mail: req.body.mail + }); + } else if(typeof token.role !== 'undefined' && + typeof req.body.role !== 'undefined' && + typeof req.body.role.permission !== 'undefined' && + token.role.permission > req.body.role.permission) { + user = new User({ + login: req.body.login, + hashPass: req.body.hashPass, + mail: req.body.mail, + role: req.body.role + }); } else { - if(token.role !== 'undefined' && - req.body.role !== 'undefined' && - req.body.role.permission !== 'undefined' && - token.role.permission >= req.body.role.permission){ - user = new User({ - login: req.body.login, - hashPass: req.body.hashPass, - mail: req.body.mail, - role: req.body.role - }); - } else { - user = new User({ - login: req.body.login, - hashPass: req.body.hashPass, - mail: req.body.mail - }); - } + user = new User({ + login: req.body.login, + hashPass: req.body.hashPass, + mail: req.body.mail + }); } // Save User in the database user .save(user) .then(data => { + data.active = undefined; data.hashPass = undefined; // Hiding hashPass on return sendMessage(res, 1, data) }) @@ -100,12 +96,31 @@ exports.create = (req, res) => { } }; -// Retrieve all Users from the database if admin. +// Retrieve all Users from the database if at least admin. exports.findAll = (req, res) => { const token = checkLogin(req, res, roles.Admin); if(token){ const login = req.query.login; - let condition = login ? { login: { $regex: new RegExp(login), $options: "i" } } : {}; + let condition; + let active = null; + let ids = null; + if(typeof req.body.ids !== 'undefined' && typeof req.body.ids === 'object'){ + ids = {$in: req.body.ids}; + } + if(typeof req.query.active !== 'undefined'){ + active = req.query.active !== 'false'; + } + + if(ids !== null && active !== null){ + condition = login ? { login: { $regex: new RegExp(login), $options: "i" }, _id: ids, active: active} : {_id: ids, active: active}; + } else if(ids !== null){ + condition = login ? { login: { $regex: new RegExp(login), $options: "i" }, _id: ids} : {_id: ids}; + } else if(active !== null){ + condition = login ? { login: { $regex: new RegExp(login), $options: "i" }, active: active} : {active: active}; + } else{ + condition = login ? { login: { $regex: new RegExp(login), $options: "i" }} : {}; + } + User.find(condition, {hashPass: false}) .then(data => { sendMessage(res, 1, data, token) @@ -116,81 +131,157 @@ exports.findAll = (req, res) => { } }; -// Find a single User by session id or by id if admin +// Find a single User by session id exports.findOne = (req, res) => { const token = checkLogin(req, res); - if(token){ - let id; - if([roles.Admin, roles.SuperAdmin].includes(token.role)){ - if(typeof req.params.id === 'undefined'){ - id = token.id; - } else{ + if(token && typeof req.params.id !== 'undefined') { + let id = null; + if(typeof token.id !== 'undefined' && req.params.id === token.id){ + id = req.params.id; + } else { + if (typeof token.role !== 'undefined' && + typeof token.role.permission !== 'undefined' && + token.role.permission >= roles.Admin.permission) { id = req.params.id; + } else { + sendError(res, 500, -1, `Cannot find User with id=${id}. User do not have the permission`, token); } - } else{ - id = token.id; } - User.findById(new ObjectId(id), {hashPass: false}) - .then(data => { - if(data){ - sendMessage(res, 1, data, token); - } else { - sendError(res,404,-1,"User not found with id " + id, token); - } - }) - .catch(err => { - sendError(res,500,-1,err.message || "Error retrieving User with id=" + id, token); - }); + if(id){ + User.findById(id, {hashPass: false}) + .then(data => { + if(data){ + sendMessage(res, 1, data, token); + } else { + sendError(res,404,-1,"User not found with id " + id, token); + } + }) + .catch(err => { + sendError(res,500,-1,err.message || "Error retrieving User with id=" + id, token); + }); + } + } else { + sendError(res, 500, -1, `No id given`, token); } }; // Update a User by the id in the request exports.update = (req, res) => { const token = checkLogin(req, res); - if(req.body && token) { - let id; - if ([roles.Admin, roles.SuperAdmin].includes(token.role)) { + if(token && typeof req.params.id !== 'undefined') { + let id = null; + if(typeof token.id !== 'undefined' && req.params.id === token.id){ id = req.params.id; } else { - id = token.id; + if (typeof token.role !== 'undefined' && + typeof token.role.permission !== 'undefined' && + token.role.permission >= roles.Admin.permission) { + id = req.params.id; + } else { + sendError(res, 500, -1, `Cannot update User with id=${id}. User do not have the permission`, token); + } + } + if(id){ + User.findById(id, {hashPass: false}) + .then(user => { + if(user){ + const history = new History({update: user}); + history + .save(history) + .then(data => { + if(data) { + User.findByIdAndUpdate(id, req.body, {useFindAndModify: false}) + .then(data => { + data.hashPass = undefined; + console.log(data); + if (data) { + sendMessage(res, 1, {message: "User was updated successfully."}, token); + } else { + sendError(res, 404, -1, `Cannot update User with id=${id}. Maybe User was not found.`, token); + } + }) + .catch(err => { + sendError(res, 500, -1, err.message || "Error updating User with id=" + id, token); + }); + } + }) + .catch(err => { + sendError(res, 500,-1,err.message || "Some error occurred while creating the User."); + }); + } else { + sendError(res,404,-1,"User not found with id " + id, token); + } + }) + .catch(err => { + sendError(res,500,-1,err.message || "Error retrieving User with id=" + id, token); + }); } - User.findByIdAndUpdate(id, req.body, {useFindAndModify: false}) - .then(data => { - if (data) { - sendMessage(res, 1, {message: "User was updated successfully."}); - } else { - sendError(res, 404, -1, `Cannot update User with id=${id}. Maybe User was not found.`); - } - }) - .catch(err => { - sendError(res, 500, -1, err.message || "Error updating User with id=" + id); - }); } else { - sendError(res, 400, -1, "Data to update can not be empty."); + sendError(res, 500, -1, `No id given`, token); } }; // Delete a User with the specified id in the request exports.delete = (req, res) => { - const id = req.params.id; - User.findByIdAndRemove(id) - .then(data => { - if (data) { - sendMessage(res, 1, { message: "User was deleted successfully." }); + const token = checkLogin(req, res); + if(token && typeof req.params.id !== 'undefined') { + let id = null; + if(typeof token.id !== 'undefined' && req.params.id === token.id){ + id = req.params.id; + } else { + if (typeof token.role !== 'undefined' && + typeof token.role.permission !== 'undefined' && + token.role.permission >= roles.Admin.permission) { + id = req.params.id; } else { - sendError(res,404,-1,`Cannot delete User with id=${id}. Maybe User was not found.`); + sendError(res, 500, -1, `Cannot delete User with id=${id}. User do not have the permission`, token); } - }) - .catch(err => { - sendError(res,500,-1,err.message || "Could not delete User with id=" + id); - }); + } + if(id && ObjectId.isValid(id)){ + User.findById(id, {hashPass: false}) + .then(user => { + if(user){ + const history = new History({delete: user}); + history + .save(history) + .then(data => { + if(data) { + User.findByIdAndRemove(id) + .then(data => { + if (data) { + sendMessage(res, 1, {message: `User ${id} was deleted successfully.`}, token); + } else { + sendError(res, 404, -1, `Cannot delete User with id=${id}. Maybe User was not found.`, token); + } + }) + .catch(err => { + sendError(res, 500, -1, err.message || "Could not delete User with id=" + id, token); + }); + } + }) + .catch(err => { + sendError(res, 500,-1,err.message || "Some error occurred while creating the User."); + }); + } else { + sendError(res,404,-1,"User not found with id " + id, token); + } + }) + .catch(err => { + sendError(res,500,-1,err.message || "Error retrieving User with id=" + id, token); + }); + } else { + sendError(res, 500, -1, `Error id is not valid`, token); + } + } else { + sendError(res, 500, -1, `No id given`, token); + } }; -// Delete all Users from the database. +// Delete all Users from the database except superAdmin exports.deleteAll = (req, res) => { const token = checkLogin(req, res, roles.SuperAdmin); if(token) { - User.deleteMany({}) + User.deleteMany({login: {$ne: "superAdmin"}}) .then(data => { sendMessage(res, 1, { message: `${data.deletedCount} Users were deleted successfully.` diff --git a/backend/app/controllers/video.controller.js b/backend/app/controllers/video.controller.js index 30afe3c..d6e3f3d 100644 --- a/backend/app/controllers/video.controller.js +++ b/backend/app/controllers/video.controller.js @@ -3,7 +3,7 @@ const {sendError, sendMessage} = require ("../config/response.config"); const {checkLogin} = require("../config/sessionJWT.config"); const Video = db.video; -// Search Video + ads +// Search Video exports.search = (req, res) => { const token = checkLogin(req, res); if(token){ @@ -12,7 +12,7 @@ exports.search = (req, res) => { }; // History -exports.search = (req, res) => { +exports.history = (req, res) => { const token = checkLogin(req, res); if(token){ return sendError(res, 501, -1, "Video.search not Implemented", token); @@ -27,7 +27,7 @@ exports.create = (req, res) => { } }; -// Retrieve all Videos + ads +// Retrieve all Videos exports.findAll = (req, res) => { const token = checkLogin(req, res); if(token){ diff --git a/backend/app/models/history.model.js b/backend/app/models/history.model.js new file mode 100644 index 0000000..b984e99 --- /dev/null +++ b/backend/app/models/history.model.js @@ -0,0 +1,15 @@ +module.exports = mongoose => { + let schema = mongoose.Schema({ + user: Object + }, + { timestamps: true } + ); + + schema.method("toJSON", function() { + const { __v, _id, ...object } = this.toObject(); + object.id = _id; + return object; + }); + + return mongoose.model("history", schema); +}; diff --git a/backend/app/models/mongodb.model.js b/backend/app/models/mongodb.model.js index 1fb040b..1302bc4 100644 --- a/backend/app/models/mongodb.model.js +++ b/backend/app/models/mongodb.model.js @@ -8,8 +8,8 @@ db.mongoose = mongoose; db.url = dbConfig.url; db.users = require("./user.model")(mongoose); db.playlists = require("./playlist.model")(mongoose); -db.videos = require("./video.model")(mongoose); db.ads = require("./ad.model")(mongoose); -db.images = require("./image.model")(mongoose); +db.histories = require("./history.model")(mongoose); + module.exports = db; diff --git a/backend/app/models/user.model.js b/backend/app/models/user.model.js index b96961b..5d7dff4 100644 --- a/backend/app/models/user.model.js +++ b/backend/app/models/user.model.js @@ -9,7 +9,11 @@ module.exports = mongoose => { type: Object, default: roles.User }, - playlists: [] + playlists: [], + active: { + type: Boolean, + default: true + } }, { timestamps: true } ); diff --git a/backend/app/routes/user.routes.js b/backend/app/routes/user.routes.js index 5e481db..8b7fd46 100644 --- a/backend/app/routes/user.routes.js +++ b/backend/app/routes/user.routes.js @@ -2,37 +2,22 @@ const users = require("../controllers/user.controller"); module.exports = app => { let router = require("express").Router(); - // Create a new User router.post("/user/create", users.create); - // Retrieve all Users router.get("/user/findAll", users.findAll); - // Retrieve a single User with id if admin router.get("/user/findOne/:id", users.findOne); - // Retrieve a single User with session id - router.get("/user/findOne", users.findOne); - - // Update a User with id if admin router.put("/user/update/:id", users.update); - // Update a User with session id - router.put("/user/update", users.update); - - // Delete a User with id router.delete("/user/delete/:id", users.delete); - // Delete all Users router.delete("/user/deleteAll", users.deleteAll); - // Authenticate a User router.post("/user/auth", users.auth); - // Logout a User router.delete("/user/logout", users.logout); - // Get all Roles depending on the role of the User router.get("/user/roles", users.roles); app.use('/api', router); diff --git a/backend/app/routes/video.routes.js b/backend/app/routes/video.routes.js index a4bb064..1438085 100644 --- a/backend/app/routes/video.routes.js +++ b/backend/app/routes/video.routes.js @@ -2,25 +2,20 @@ const videos = require("../controllers/video.controller"); module.exports = app => { let router = require("express").Router(); - // Search Video router.post("/video/search", videos.search); - // Create a new Video + router.post("/video/history", videos.history); + router.post("/video/create", videos.create); - // Retrieve all Videos router.get("/video/findAll", videos.findAll); - // Retrieve a single Video with id router.get("/video/findOne/:id", videos.findOne); - // Update a Video with id router.put("/video/update/:id", videos.update); - // Delete a Video with id router.delete("/video/delete/:id", videos.delete); - // Delete all Videos router.delete("/video/deleteAll", videos.deleteAll); app.use('/api', router);