yvachot/PolyNotFound
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

History added + User tested

Browse source
This commit is contained in:
Yûki VACHOT 2021-11-02 04:37:22 +01:00
parent f774cf64bd
commit 4629b42b36
8 changed files with 197 additions and 107 deletions
Download patch file Download diff file Expand all files Collapse all files

2
backend/app/controllers/playlist.controller.js
View file

@ -11,7 +11,7 @@ exports.create = (req, res) => {
} }
}; };
// Retrieve all Playlists + ads // Retrieve all Playlists
exports.findAll = (req, res) => { exports.findAll = (req, res) => {
const token = checkLogin(req, res); const token = checkLogin(req, res);
if(token){ if(token){

247
backend/app/controllers/user.controller.js
View file

@ -4,6 +4,7 @@ const {checkLogin, setSessionCookie, getSession, getToken} = require("../config/
const ObjectId = require('mongoose').Types.ObjectId; const ObjectId = require('mongoose').Types.ObjectId;
const roles = require("../config/role.config"); const roles = require("../config/role.config");
const User = db.users; const User = db.users;
const History = db.histories;
// Authenticate a User // Authenticate a User
exports.auth = (req, res) => { exports.auth = (req, res) => {
@ -13,7 +14,7 @@ exports.auth = (req, res) => {
} else{ } else{
// Check User in the database // Check User in the database
User User
.findOne({login: req.body.login, hashPass: req.body.hashPass}, {role: true}) .findOne({login: req.body.login, hashPass: req.body.hashPass, active: true}, {role: true})
.then(data => { .then(data => {
if (data !== null){ if (data !== null){
setSessionCookie(req, res, {id: data._id, login: req.body.login, role: data.role}); setSessionCookie(req, res, {id: data._id, login: req.body.login, role: data.role});
@ -53,39 +54,34 @@ exports.create = (req, res) => {
let user; let user;
const session = getSession(req.cookies.SESSIONID); const session = getSession(req.cookies.SESSIONID);
const token = getToken(session); const token = getToken(session);
if(token.login === 'undefined' || token.login === -1){ if((typeof token.login === 'undefined' || token.login === -1) && typeof req.body.role === 'undefined'){
if(req.body.role === 'undefined'){ user = new User({
sendError(res, 500, -1, "Must be connected to set role of a User."); login: req.body.login,
} else{ hashPass: req.body.hashPass,
user = new User({ mail: req.body.mail
login: req.body.login, });
hashPass: req.body.hashPass, } else if(typeof token.role !== 'undefined' &&
mail: req.body.mail typeof req.body.role !== 'undefined' &&
}); typeof req.body.role.permission !== 'undefined' &&
} token.role.permission > req.body.role.permission) {
user = new User({
login: req.body.login,
hashPass: req.body.hashPass,
mail: req.body.mail,
role: req.body.role
});
} else { } else {
if(token.role !== 'undefined' && user = new User({
req.body.role !== 'undefined' && login: req.body.login,
req.body.role.permission !== 'undefined' && hashPass: req.body.hashPass,
token.role.permission >= req.body.role.permission){ mail: req.body.mail
user = new User({ });
login: req.body.login,
hashPass: req.body.hashPass,
mail: req.body.mail,
role: req.body.role
});
} else {
user = new User({
login: req.body.login,
hashPass: req.body.hashPass,
mail: req.body.mail
});
}
} }
// Save User in the database // Save User in the database
user user
.save(user) .save(user)
.then(data => { .then(data => {
data.active = undefined;
data.hashPass = undefined; // Hiding hashPass on return data.hashPass = undefined; // Hiding hashPass on return
sendMessage(res, 1, data) sendMessage(res, 1, data)
}) })
@ -100,12 +96,31 @@ exports.create = (req, res) => {
} }
}; };
// Retrieve all Users from the database if admin. // Retrieve all Users from the database if at least admin.
exports.findAll = (req, res) => { exports.findAll = (req, res) => {
const token = checkLogin(req, res, roles.Admin); const token = checkLogin(req, res, roles.Admin);
if(token){ if(token){
const login = req.query.login; const login = req.query.login;
let condition = login ? { login: { $regex: new RegExp(login), $options: "i" } } : {}; let condition;
let active = null;
let ids = null;
if(typeof req.body.ids !== 'undefined' && typeof req.body.ids === 'object'){
ids = {$in: req.body.ids};
}
if(typeof req.query.active !== 'undefined'){
active = req.query.active !== 'false';
}
if(ids !== null && active !== null){
condition = login ? { login: { $regex: new RegExp(login), $options: "i" }, _id: ids, active: active} : {_id: ids, active: active};
} else if(ids !== null){
condition = login ? { login: { $regex: new RegExp(login), $options: "i" }, _id: ids} : {_id: ids};
} else if(active !== null){
condition = login ? { login: { $regex: new RegExp(login), $options: "i" }, active: active} : {active: active};
} else{
condition = login ? { login: { $regex: new RegExp(login), $options: "i" }} : {};
}
User.find(condition, {hashPass: false}) User.find(condition, {hashPass: false})
.then(data => { .then(data => {
sendMessage(res, 1, data, token) sendMessage(res, 1, data, token)
@ -116,81 +131,157 @@ exports.findAll = (req, res) => {
} }
}; };
// Find a single User by session id or by id if admin // Find a single User by session id
exports.findOne = (req, res) => { exports.findOne = (req, res) => {
const token = checkLogin(req, res); const token = checkLogin(req, res);
if(token){ if(token && typeof req.params.id !== 'undefined') {
let id; let id = null;
if([roles.Admin, roles.SuperAdmin].includes(token.role)){ if(typeof token.id !== 'undefined' && req.params.id === token.id){
if(typeof req.params.id === 'undefined'){ id = req.params.id;
id = token.id; } else {
} else{ if (typeof token.role !== 'undefined' &&
typeof token.role.permission !== 'undefined' &&
token.role.permission >= roles.Admin.permission) {
id = req.params.id; id = req.params.id;
} else {
sendError(res, 500, -1, `Cannot find User with id=${id}. User do not have the permission`, token);
} }
} else{
id = token.id;
} }
User.findById(new ObjectId(id), {hashPass: false}) if(id){
.then(data => { User.findById(id, {hashPass: false})
if(data){ .then(data => {
sendMessage(res, 1, data, token); if(data){
} else { sendMessage(res, 1, data, token);
sendError(res,404,-1,"User not found with id " + id, token); } else {
} sendError(res,404,-1,"User not found with id " + id, token);
}) }
.catch(err => { })
sendError(res,500,-1,err.message || "Error retrieving User with id=" + id, token); .catch(err => {
}); sendError(res,500,-1,err.message || "Error retrieving User with id=" + id, token);
});
}
} else {
sendError(res, 500, -1, `No id given`, token);
} }
}; };
// Update a User by the id in the request // Update a User by the id in the request
exports.update = (req, res) => { exports.update = (req, res) => {
const token = checkLogin(req, res); const token = checkLogin(req, res);
if(req.body && token) { if(token && typeof req.params.id !== 'undefined') {
let id; let id = null;
if ([roles.Admin, roles.SuperAdmin].includes(token.role)) { if(typeof token.id !== 'undefined' && req.params.id === token.id){
id = req.params.id; id = req.params.id;
} else { } else {
id = token.id; if (typeof token.role !== 'undefined' &&
typeof token.role.permission !== 'undefined' &&
token.role.permission >= roles.Admin.permission) {
id = req.params.id;
} else {
sendError(res, 500, -1, `Cannot update User with id=${id}. User do not have the permission`, token);
}
}
if(id){
User.findById(id, {hashPass: false})
.then(user => {
if(user){
const history = new History({update: user});
history
.save(history)
.then(data => {
if(data) {
User.findByIdAndUpdate(id, req.body, {useFindAndModify: false})
.then(data => {
data.hashPass = undefined;
console.log(data);
if (data) {
sendMessage(res, 1, {message: "User was updated successfully."}, token);
} else {
sendError(res, 404, -1, `Cannot update User with id=${id}. Maybe User was not found.`, token);
}
})
.catch(err => {
sendError(res, 500, -1, err.message || "Error updating User with id=" + id, token);
});
}
})
.catch(err => {
sendError(res, 500,-1,err.message || "Some error occurred while creating the User.");
});
} else {
sendError(res,404,-1,"User not found with id " + id, token);
}
})
.catch(err => {
sendError(res,500,-1,err.message || "Error retrieving User with id=" + id, token);
});
} }
User.findByIdAndUpdate(id, req.body, {useFindAndModify: false})
.then(data => {
if (data) {
sendMessage(res, 1, {message: "User was updated successfully."});
} else {
sendError(res, 404, -1, `Cannot update User with id=${id}. Maybe User was not found.`);
}
})
.catch(err => {
sendError(res, 500, -1, err.message || "Error updating User with id=" + id);
});
} else { } else {
sendError(res, 400, -1, "Data to update can not be empty."); sendError(res, 500, -1, `No id given`, token);
} }
}; };
// Delete a User with the specified id in the request // Delete a User with the specified id in the request
exports.delete = (req, res) => { exports.delete = (req, res) => {
const id = req.params.id; const token = checkLogin(req, res);
User.findByIdAndRemove(id) if(token && typeof req.params.id !== 'undefined') {
.then(data => { let id = null;
if (data) { if(typeof token.id !== 'undefined' && req.params.id === token.id){
sendMessage(res, 1, { message: "User was deleted successfully." }); id = req.params.id;
} else {
if (typeof token.role !== 'undefined' &&
typeof token.role.permission !== 'undefined' &&
token.role.permission >= roles.Admin.permission) {
id = req.params.id;
} else { } else {
sendError(res,404,-1,`Cannot delete User with id=${id}. Maybe User was not found.`); sendError(res, 500, -1, `Cannot delete User with id=${id}. User do not have the permission`, token);
} }
}) }
.catch(err => { if(id && ObjectId.isValid(id)){
sendError(res,500,-1,err.message || "Could not delete User with id=" + id); User.findById(id, {hashPass: false})
}); .then(user => {
if(user){
const history = new History({delete: user});
history
.save(history)
.then(data => {
if(data) {
User.findByIdAndRemove(id)
.then(data => {
if (data) {
sendMessage(res, 1, {message: `User ${id} was deleted successfully.`}, token);
} else {
sendError(res, 404, -1, `Cannot delete User with id=${id}. Maybe User was not found.`, token);
}
})
.catch(err => {
sendError(res, 500, -1, err.message || "Could not delete User with id=" + id, token);
});
}
})
.catch(err => {
sendError(res, 500,-1,err.message || "Some error occurred while creating the User.");
});
} else {
sendError(res,404,-1,"User not found with id " + id, token);
}
})
.catch(err => {
sendError(res,500,-1,err.message || "Error retrieving User with id=" + id, token);
});
} else {
sendError(res, 500, -1, `Error id is not valid`, token);
}
} else {
sendError(res, 500, -1, `No id given`, token);
}
}; };
// Delete all Users from the database. // Delete all Users from the database except superAdmin
exports.deleteAll = (req, res) => { exports.deleteAll = (req, res) => {
const token = checkLogin(req, res, roles.SuperAdmin); const token = checkLogin(req, res, roles.SuperAdmin);
if(token) { if(token) {
User.deleteMany({}) User.deleteMany({login: {$ne: "superAdmin"}})
.then(data => { .then(data => {
sendMessage(res, 1, { sendMessage(res, 1, {
message: `${data.deletedCount} Users were deleted successfully.` message: `${data.deletedCount} Users were deleted successfully.`

6
backend/app/controllers/video.controller.js
View file

@ -3,7 +3,7 @@ const {sendError, sendMessage} = require ("../config/response.config");
const {checkLogin} = require("../config/sessionJWT.config"); const {checkLogin} = require("../config/sessionJWT.config");
const Video = db.video; const Video = db.video;
// Search Video + ads // Search Video
exports.search = (req, res) => { exports.search = (req, res) => {
const token = checkLogin(req, res); const token = checkLogin(req, res);
if(token){ if(token){
@ -12,7 +12,7 @@ exports.search = (req, res) => {
}; };
// History // History
exports.search = (req, res) => { exports.history = (req, res) => {
const token = checkLogin(req, res); const token = checkLogin(req, res);
if(token){ if(token){
return sendError(res, 501, -1, "Video.search not Implemented", token); return sendError(res, 501, -1, "Video.search not Implemented", token);
@ -27,7 +27,7 @@ exports.create = (req, res) => {
} }
}; };
// Retrieve all Videos + ads // Retrieve all Videos
exports.findAll = (req, res) => { exports.findAll = (req, res) => {
const token = checkLogin(req, res); const token = checkLogin(req, res);
if(token){ if(token){

15
backend/app/models/history.model.js Normal file
View file

@ -0,0 +1,15 @@
module.exports = mongoose => {
let schema = mongoose.Schema({
user: Object
},
{ timestamps: true }
);
schema.method("toJSON", function() {
const { __v, _id, ...object } = this.toObject();
object.id = _id;
return object;
});
return mongoose.model("history", schema);
};

4
backend/app/models/mongodb.model.js
View file

@ -8,8 +8,8 @@ db.mongoose = mongoose;
db.url = dbConfig.url; db.url = dbConfig.url;
db.users = require("./user.model")(mongoose); db.users = require("./user.model")(mongoose);
db.playlists = require("./playlist.model")(mongoose); db.playlists = require("./playlist.model")(mongoose);
db.videos = require("./video.model")(mongoose);
db.ads = require("./ad.model")(mongoose); db.ads = require("./ad.model")(mongoose);
db.images = require("./image.model")(mongoose); db.histories = require("./history.model")(mongoose);
module.exports = db; module.exports = db;

6
backend/app/models/user.model.js
View file

@ -9,7 +9,11 @@ module.exports = mongoose => {
type: Object, type: Object,
default: roles.User default: roles.User
}, },
playlists: [] playlists: [],
active: {
type: Boolean,
default: true
}
}, },
{ timestamps: true } { timestamps: true }
); );

15
backend/app/routes/user.routes.js
View file

@ -2,37 +2,22 @@ const users = require("../controllers/user.controller");
module.exports = app => { module.exports = app => {
let router = require("express").Router(); let router = require("express").Router();
// Create a new User
router.post("/user/create", users.create); router.post("/user/create", users.create);
// Retrieve all Users
router.get("/user/findAll", users.findAll); router.get("/user/findAll", users.findAll);
// Retrieve a single User with id if admin
router.get("/user/findOne/:id", users.findOne); router.get("/user/findOne/:id", users.findOne);
// Retrieve a single User with session id
router.get("/user/findOne", users.findOne);
// Update a User with id if admin
router.put("/user/update/:id", users.update); router.put("/user/update/:id", users.update);
// Update a User with session id
router.put("/user/update", users.update);
// Delete a User with id
router.delete("/user/delete/:id", users.delete); router.delete("/user/delete/:id", users.delete);
// Delete all Users
router.delete("/user/deleteAll", users.deleteAll); router.delete("/user/deleteAll", users.deleteAll);
// Authenticate a User
router.post("/user/auth", users.auth); router.post("/user/auth", users.auth);
// Logout a User
router.delete("/user/logout", users.logout); router.delete("/user/logout", users.logout);
// Get all Roles depending on the role of the User
router.get("/user/roles", users.roles); router.get("/user/roles", users.roles);
app.use('/api', router); app.use('/api', router);

9
backend/app/routes/video.routes.js
View file

@ -2,25 +2,20 @@ const videos = require("../controllers/video.controller");
module.exports = app => { module.exports = app => {
let router = require("express").Router(); let router = require("express").Router();
// Search Video
router.post("/video/search", videos.search); router.post("/video/search", videos.search);
// Create a new Video router.post("/video/history", videos.history);
router.post("/video/create", videos.create); router.post("/video/create", videos.create);
// Retrieve all Videos
router.get("/video/findAll", videos.findAll); router.get("/video/findAll", videos.findAll);
// Retrieve a single Video with id
router.get("/video/findOne/:id", videos.findOne); router.get("/video/findOne/:id", videos.findOne);
// Update a Video with id
router.put("/video/update/:id", videos.update); router.put("/video/update/:id", videos.update);
// Delete a Video with id
router.delete("/video/delete/:id", videos.delete); router.delete("/video/delete/:id", videos.delete);
// Delete all Videos
router.delete("/video/deleteAll", videos.deleteAll); router.delete("/video/deleteAll", videos.deleteAll);
app.use('/api', router); app.use('/api', router);