History added + User tested

2021-11-02 04:37:22 +01:00 · 2021-11-02 04:37:22 +01:00 · 4629b42b36
commit 4629b42b36
parent f774cf64bd
8 changed files with 197 additions and 107 deletions
--- a/backend/app/controllers/playlist.controller.js
+++ b/backend/app/controllers/playlist.controller.js
@ -11,7 +11,7 @@ exports.create = (req, res) => {
  }
 };

-// Retrieve all Playlists + ads
+// Retrieve all Playlists
 exports.findAll = (req, res) => {
  const token = checkLogin(req, res);
  if(token){
--- a/backend/app/controllers/user.controller.js
+++ b/backend/app/controllers/user.controller.js
@ -4,6 +4,7 @@ const {checkLogin, setSessionCookie, getSession, getToken} = require("../config/
 const ObjectId = require('mongoose').Types.ObjectId;
 const roles = require("../config/role.config");
 const User = db.users;
+const History = db.histories;

 // Authenticate a User
 exports.auth = (req, res) => {
@ -13,7 +14,7 @@ exports.auth = (req, res) => {
  } else{
    // Check User in the database
    User
-      .findOne({login: req.body.login, hashPass: req.body.hashPass}, {role: true})
+      .findOne({login: req.body.login, hashPass: req.body.hashPass, active: true}, {role: true})
      .then(data => {
        if (data !== null){
          setSessionCookie(req, res, {id: data._id, login: req.body.login, role: data.role});
@ -53,21 +54,16 @@ exports.create = (req, res) => {
          let user;
          const session = getSession(req.cookies.SESSIONID);
          const token = getToken(session);
-          if(token.login === 'undefined' || token.login === -1){
-            if(req.body.role === 'undefined'){
-              sendError(res, 500, -1, "Must be connected to set role of a User.");
-            } else{
+          if((typeof token.login === 'undefined' || token.login === -1) && typeof req.body.role === 'undefined'){
            user = new User({
              login: req.body.login,
              hashPass: req.body.hashPass,
              mail: req.body.mail
            });
-            }
-          } else {
-            if(token.role !== 'undefined' &&
-              req.body.role !== 'undefined' &&
-              req.body.role.permission !== 'undefined' &&
-              token.role.permission >= req.body.role.permission){
+          } else if(typeof token.role !== 'undefined' &&
+              typeof req.body.role !== 'undefined' &&
+            typeof req.body.role.permission !== 'undefined' &&
+            token.role.permission > req.body.role.permission) {
            user = new User({
              login: req.body.login,
              hashPass: req.body.hashPass,
@ -81,11 +77,11 @@ exports.create = (req, res) => {
              mail: req.body.mail
            });
          }
-          }
          // Save User in the database
          user
            .save(user)
            .then(data => {
+              data.active = undefined;
              data.hashPass = undefined; // Hiding hashPass on return
              sendMessage(res, 1, data)
            })
@ -100,12 +96,31 @@ exports.create = (req, res) => {
  }
 };

-// Retrieve all Users from the database if admin.
+// Retrieve all Users from the database if at least admin.
 exports.findAll = (req, res) => {
  const token = checkLogin(req, res, roles.Admin);
  if(token){
    const login = req.query.login;
-    let condition = login ? { login: { $regex: new RegExp(login), $options: "i" } } : {};
+    let condition;
+    let active = null;
+    let ids = null;
+    if(typeof req.body.ids !== 'undefined' && typeof req.body.ids === 'object'){
+      ids = {$in: req.body.ids};
+    }
+    if(typeof req.query.active !== 'undefined'){
+      active = req.query.active !== 'false';
+    }
+
+    if(ids !== null && active !== null){
+      condition = login ? { login: { $regex: new RegExp(login), $options: "i" }, _id: ids, active: active} : {_id: ids, active: active};
+    } else if(ids !== null){
+      condition = login ? { login: { $regex: new RegExp(login), $options: "i" }, _id: ids} : {_id: ids};
+    } else if(active !== null){
+      condition = login ? { login: { $regex: new RegExp(login), $options: "i" }, active: active} : {active: active};
+    } else{
+      condition = login ? { login: { $regex: new RegExp(login), $options: "i" }} : {};
+    }
+
    User.find(condition, {hashPass: false})
      .then(data => {
        sendMessage(res, 1, data, token)
@ -116,21 +131,24 @@ exports.findAll = (req, res) => {
  }
 };

-// Find a single User by session id or by id if admin
+// Find a single User by session id
 exports.findOne = (req, res) => {
  const token = checkLogin(req, res);
-  if(token){
-    let id;
-    if([roles.Admin, roles.SuperAdmin].includes(token.role)){
-      if(typeof req.params.id === 'undefined'){
-        id = token.id;
-      } else{
+  if(token && typeof req.params.id !== 'undefined') {
+    let id = null;
+    if(typeof token.id !== 'undefined' && req.params.id === token.id){
      id = req.params.id;
-      }
    } else {
-      id = token.id;
+      if (typeof token.role !== 'undefined' &&
+        typeof token.role.permission !== 'undefined' &&
+        token.role.permission >= roles.Admin.permission) {
+        id = req.params.id;
+      } else {
+        sendError(res, 500, -1, `Cannot find User with id=${id}. User do not have the permission`, token);
      }
-    User.findById(new ObjectId(id), {hashPass: false})
+    }
+    if(id){
+      User.findById(id, {hashPass: false})
        .then(data => {
          if(data){
            sendMessage(res, 1, data, token);
@ -142,55 +160,128 @@ exports.findOne = (req, res) => {
          sendError(res,500,-1,err.message || "Error retrieving User with id=" + id, token);
        });
    }
+  } else {
+    sendError(res, 500, -1, `No id given`, token);
+  }
 };

 // Update a User by the id in the request
 exports.update = (req, res) => {
  const token = checkLogin(req, res);
-  if(req.body && token) {
-    let id;
-    if ([roles.Admin, roles.SuperAdmin].includes(token.role)) {
+  if(token && typeof req.params.id !== 'undefined') {
+    let id = null;
+    if(typeof token.id !== 'undefined' && req.params.id === token.id){
      id = req.params.id;
    } else {
-      id = token.id;
+      if (typeof token.role !== 'undefined' &&
+        typeof token.role.permission !== 'undefined' &&
+        token.role.permission >= roles.Admin.permission) {
+        id = req.params.id;
+      } else {
+        sendError(res, 500, -1, `Cannot update User with id=${id}. User do not have the permission`, token);
      }
-    User.findByIdAndUpdate(id, req.body, {useFindAndModify: false})
+    }
+    if(id){
+      User.findById(id, {hashPass: false})
+        .then(user => {
+          if(user){
+            const history = new History({update: user});
+            history
+              .save(history)
              .then(data => {
                if(data) {
-          sendMessage(res, 1, {message: "User was updated successfully."});
+                  User.findByIdAndUpdate(id, req.body, {useFindAndModify: false})
+                    .then(data => {
+                      data.hashPass = undefined;
+                      console.log(data);
+                      if (data) {
+                        sendMessage(res, 1, {message: "User was updated successfully."}, token);
                      } else {
-          sendError(res, 404, -1, `Cannot update User with id=${id}. Maybe User was not found.`);
+                        sendError(res, 404, -1, `Cannot update User with id=${id}. Maybe User was not found.`, token);
                      }
                    })
                    .catch(err => {
-        sendError(res, 500, -1, err.message || "Error updating User with id=" + id);
+                      sendError(res, 500, -1, err.message || "Error updating User with id=" + id, token);
+                    });
+                }
+              })
+              .catch(err => {
+                sendError(res, 500,-1,err.message || "Some error occurred while creating the User.");
              });
          } else {
-    sendError(res, 400, -1, "Data to update can not be empty.");
+            sendError(res,404,-1,"User not found with id " + id, token);
+          }
+        })
+        .catch(err => {
+          sendError(res,500,-1,err.message || "Error retrieving User with id=" + id, token);
+        });
+    }
+  } else {
+    sendError(res, 500, -1, `No id given`, token);
  }
 };

 // Delete a User with the specified id in the request
 exports.delete = (req, res) => {
-  const id = req.params.id;
+  const token = checkLogin(req, res);
+  if(token && typeof req.params.id !== 'undefined') {
+    let id = null;
+    if(typeof token.id !== 'undefined' && req.params.id === token.id){
+      id = req.params.id;
+    } else {
+      if (typeof token.role !== 'undefined' &&
+        typeof token.role.permission !== 'undefined' &&
+        token.role.permission >= roles.Admin.permission) {
+        id = req.params.id;
+      } else {
+        sendError(res, 500, -1, `Cannot delete User with id=${id}. User do not have the permission`, token);
+      }
+    }
+    if(id && ObjectId.isValid(id)){
+      User.findById(id, {hashPass: false})
+        .then(user => {
+          if(user){
+            const history = new History({delete: user});
+            history
+              .save(history)
+              .then(data => {
+                if(data) {
                  User.findByIdAndRemove(id)
                    .then(data => {
                      if (data) {
-        sendMessage(res, 1, { message: "User was deleted successfully." });
+                        sendMessage(res, 1, {message: `User ${id} was deleted successfully.`}, token);
                      } else {
-        sendError(res,404,-1,`Cannot delete User with id=${id}. Maybe User was not found.`);
+                        sendError(res, 404, -1, `Cannot delete User with id=${id}. Maybe User was not found.`, token);
                      }
                    })
                    .catch(err => {
-      sendError(res,500,-1,err.message || "Could not delete User with id=" + id);
+                      sendError(res, 500, -1, err.message || "Could not delete User with id=" + id, token);
                    });
+                }
+              })
+              .catch(err => {
+                sendError(res, 500,-1,err.message || "Some error occurred while creating the User.");
+              });
+          } else {
+            sendError(res,404,-1,"User not found with id " + id, token);
+          }
+        })
+        .catch(err => {
+          sendError(res,500,-1,err.message || "Error retrieving User with id=" + id, token);
+        });
+    } else {
+      sendError(res, 500, -1, `Error id is not valid`, token);
+    }
+  } else {
+    sendError(res, 500, -1, `No id given`, token);
+  }
 };

-// Delete all Users from the database.
+// Delete all Users from the database except superAdmin
 exports.deleteAll = (req, res) => {
  const token = checkLogin(req, res, roles.SuperAdmin);
  if(token) {
-    User.deleteMany({})
+    User.deleteMany({login: {$ne: "superAdmin"}})
      .then(data => {
        sendMessage(res, 1, {
          message: `${data.deletedCount} Users were deleted successfully.`
--- a/backend/app/controllers/video.controller.js
+++ b/backend/app/controllers/video.controller.js
@ -3,7 +3,7 @@ const {sendError, sendMessage} = require ("../config/response.config");
 const {checkLogin} = require("../config/sessionJWT.config");
 const Video = db.video;

-// Search Video + ads
+// Search Video
 exports.search = (req, res) => {
  const token = checkLogin(req, res);
  if(token){
@ -12,7 +12,7 @@ exports.search = (req, res) => {
 };

 // History
-exports.search = (req, res) => {
+exports.history = (req, res) => {
  const token = checkLogin(req, res);
  if(token){
    return sendError(res, 501, -1, "Video.search not Implemented", token);
@ -27,7 +27,7 @@ exports.create = (req, res) => {
  }
 };

-// Retrieve all Videos + ads
+// Retrieve all Videos
 exports.findAll = (req, res) => {
  const token = checkLogin(req, res);
  if(token){
--- a/backend/app/models/history.model.js
+++ b/backend/app/models/history.model.js
@ -0,0 +1,15 @@
+module.exports = mongoose => {
+  let schema = mongoose.Schema({
+      user: Object
+    },
+    { timestamps: true }
+  );
+
+  schema.method("toJSON", function() {
+    const { __v, _id, ...object } = this.toObject();
+    object.id = _id;
+    return object;
+  });
+
+  return mongoose.model("history", schema);
+};
--- a/backend/app/models/mongodb.model.js
+++ b/backend/app/models/mongodb.model.js
@ -8,8 +8,8 @@ db.mongoose = mongoose;
 db.url = dbConfig.url;
 db.users = require("./user.model")(mongoose);
 db.playlists = require("./playlist.model")(mongoose);
-db.videos = require("./video.model")(mongoose);
 db.ads = require("./ad.model")(mongoose);
-db.images = require("./image.model")(mongoose);
+db.histories = require("./history.model")(mongoose);
+

 module.exports = db;
--- a/backend/app/models/user.model.js
+++ b/backend/app/models/user.model.js
@ -9,7 +9,11 @@ module.exports = mongoose => {
        type: Object,
        default: roles.User
      },
-      playlists: []
+      playlists: [],
+      active: {
+        type: Boolean,
+        default: true
+      }
    },
    { timestamps: true }
  );
--- a/backend/app/routes/user.routes.js
+++ b/backend/app/routes/user.routes.js
@ -2,37 +2,22 @@ const users = require("../controllers/user.controller");
 module.exports = app => {
  let router = require("express").Router();

-  // Create a new User
  router.post("/user/create", users.create);

-  // Retrieve all Users
  router.get("/user/findAll", users.findAll);

-  // Retrieve a single User with id if admin
  router.get("/user/findOne/:id", users.findOne);

-  // Retrieve a single User with session id
-  router.get("/user/findOne", users.findOne);
-
-  // Update a User with id if admin
  router.put("/user/update/:id", users.update);

-  // Update a User with session id
-  router.put("/user/update", users.update);
-
-  // Delete a User with id
  router.delete("/user/delete/:id", users.delete);

-  // Delete all Users
  router.delete("/user/deleteAll", users.deleteAll);

-  // Authenticate a User
  router.post("/user/auth", users.auth);

-  // Logout a User
  router.delete("/user/logout", users.logout);

-  // Get all Roles depending on the role of the User
  router.get("/user/roles", users.roles);

  app.use('/api', router);
--- a/backend/app/routes/video.routes.js
+++ b/backend/app/routes/video.routes.js
@ -2,25 +2,20 @@ const videos = require("../controllers/video.controller");
 module.exports = app => {
  let router = require("express").Router();

-  // Search Video
  router.post("/video/search", videos.search);

-  // Create a new Video
+  router.post("/video/history", videos.history);
+
  router.post("/video/create", videos.create);

-  // Retrieve all Videos
  router.get("/video/findAll", videos.findAll);

-  // Retrieve a single Video with id
  router.get("/video/findOne/:id", videos.findOne);

-  // Update a Video with id
  router.put("/video/update/:id", videos.update);

-  // Delete a Video with id
  router.delete("/video/delete/:id", videos.delete);

-  // Delete all Videos
  router.delete("/video/deleteAll", videos.deleteAll);

  app.use('/api', router);