From 5e84eaea70bd60820c9d1fb87c197188744173be Mon Sep 17 00:00:00 2001 From: Patrick Mueller Date: Mon, 15 May 2023 19:40:44 +0200 Subject: [PATCH] Future-proof admin interface of the api, make the api fully capable of handling event status --- src/models/calendar/events/event.interface.ts | 3 +- src/models/calendar/events/events.router.ts | 28 ++++++++---- src/models/calendar/events/events.service.ts | 43 +++++++++++++++++-- 3 files changed, 61 insertions(+), 13 deletions(-) diff --git a/src/models/calendar/events/event.interface.ts b/src/models/calendar/events/event.interface.ts index 7ee9058..1f0965d 100644 --- a/src/models/calendar/events/event.interface.ts +++ b/src/models/calendar/events/event.interface.ts @@ -9,7 +9,8 @@ export interface Event { createdDate: Date; location: string; createdBy?: string; - createdById: number, + createdById: number; url: string; wholeDay: boolean; + status?: string; } diff --git a/src/models/calendar/events/events.router.ts b/src/models/calendar/events/events.router.ts index 168c017..fea28cd 100644 --- a/src/models/calendar/events/events.router.ts +++ b/src/models/calendar/events/events.router.ts @@ -53,13 +53,22 @@ eventsRouter.get('/:calendar/json', async (req: Request, res: Response) => { let calendarId: number = calendarNames.get(calendarName)!.id; - if (! await CredentialService.hasAccess(calendarName, sessionId, sessionKey, password, ip)) { - res.status(403).send({'message': 'You do not have access to the specified calendar.'}); - return; + let user = await UserService.checkSession(sessionId, sessionKey, ip); + + if(user === null || !user.isActive) { + if (! await CredentialService.hasAccess(calendarName, sessionId, sessionKey, password, ip)) { + res.status(403).send({'message': 'You do not have access to the specified calendar.'}); + return; + } } - // Get events - let events = await EventService.getAllEvents(calendarId); + let events: Event[]; + + if(user.isActive) { + events = await EventService.getAllEventsAdmin(calendarId); + } else { + events = await EventService.getAllEvents(calendarId); + } // Send the events back res.status(200).send(events); @@ -152,7 +161,8 @@ eventsRouter.post('/', async (req: Request, res: Response) => { location: req.body.location ?? '', createdById: user.userId ?? -1, url: req.body.url ?? '', - wholeDay: req.body.wholeDay ?? false + wholeDay: req.body.wholeDay ?? false, + status: req.body.status ?? 'PUBLIC' }; let eventId = await EventService.createEvent(event); @@ -210,7 +220,8 @@ eventsRouter.put('/:eventId', async (req: Request, res: Response) => { createdBy: req.body.createdBy ?? '', createdById: user.userId ?? -1, url: req.body.url ?? '', - wholeDay: req.body.wholeDay ?? false + wholeDay: req.body.wholeDay ?? false, + status: req.body.status ?? 'PUBLIC' }; let successRows = await EventService.updateEvent(event); @@ -267,7 +278,8 @@ eventsRouter.delete('/:eventId', async (req: Request, res: Response) => { createdBy: '', createdById: -1, url: '', - wholeDay: false + wholeDay: false, + status: 'DELETED' }; let success = await EventService.deleteEvent(event); diff --git a/src/models/calendar/events/events.service.ts b/src/models/calendar/events/events.service.ts index 62ecc71..a52a5d7 100644 --- a/src/models/calendar/events/events.service.ts +++ b/src/models/calendar/events/events.service.ts @@ -44,6 +44,41 @@ export const getAllEvents = async (calendarId: number): Promise => { } }; +export const getAllEventsAdmin = async (calendarId: number): Promise => { + let conn = await NachklangCalendarDB.getConnection(); + let eventRows: Event[] = []; + try { + const eventsQuery = 'SELECT e.*, u.full_name FROM events e LEFT OUTER JOIN users u ON e.created_by_id = u.user_id WHERE calendar_id = ?'; + const eventsRes = await conn.query(eventsQuery, calendarId); + + for (let row of eventsRes) { + eventRows.push({ + eventId: row.event_id, + calendarId: row.calendar_id, + uuid: row.uuid, + name: row.name, + description: row.description, + startDateTime: row.start_datetime, + endDateTime: row.end_datetime, + createdDate: row.created_date, + location: row.location, + createdBy: row.full_name, + createdById: row.created_by_id, + url: row.url, + wholeDay: row.whole_day, + status: row.status + }); + } + + return eventRows; + } catch (err) { + throw err; + } finally { + // Return connection + await conn.end(); + } +}; + /** * Create the given event in the database * @param event The event to create @@ -52,8 +87,8 @@ export const createEvent = async (event: Event): Promise => { let conn = await NachklangCalendarDB.getConnection(); try { let eventUUID = Guid.create().toString(); - const eventsQuery = 'INSERT INTO events (calendar_id, uuid, name, description, start_datetime, end_datetime, location, created_by_id, url, whole_day, status) VALUES (?,?,?,?,?,?,?,?,?,?, \'PUBLIC\') RETURNING event_id'; - const eventsRes = await conn.execute(eventsQuery, [event.calendarId, eventUUID, event.name, event.description, event.startDateTime, event.endDateTime, event.location, event.createdById, event.url, event.wholeDay]); + const eventsQuery = 'INSERT INTO events (calendar_id, uuid, name, description, start_datetime, end_datetime, location, created_by_id, url, whole_day, status) VALUES (?,?,?,?,?,?,?,?,?,?,?) RETURNING event_id'; + const eventsRes = await conn.execute(eventsQuery, [event.calendarId, eventUUID, event.name, event.description, event.startDateTime, event.endDateTime, event.location, event.createdById, event.url, event.wholeDay, event.status]); return eventsRes[0].event_id; } catch (err) { @@ -73,8 +108,8 @@ export const createEvent = async (event: Event): Promise => { export const updateEvent = async (event: Event): Promise => { let conn = await NachklangCalendarDB.getConnection(); try { - const eventsQuery = 'UPDATE events SET name = ?, description = ?, start_datetime = ?, end_datetime = ?, location = ?, created_by_id = ?, url = ?, whole_day = ? WHERE event_id = ?'; - const eventsRes = await conn.execute(eventsQuery, [event.name, event.description, event.startDateTime, event.endDateTime, event.location, event.createdById, event.url, event.wholeDay, event.eventId]); + const eventsQuery = 'UPDATE events SET name = ?, description = ?, start_datetime = ?, end_datetime = ?, location = ?, created_by_id = ?, url = ?, whole_day = ?, status = ? WHERE event_id = ?'; + const eventsRes = await conn.execute(eventsQuery, [event.name, event.description, event.startDateTime, event.endDateTime, event.location, event.createdById, event.url, event.wholeDay, event.status, event.eventId]); return eventsRes.affectedRows; } catch (err) {