Add methods to insert, update and delete events

Add credentials check and rework request structure
2022-12-25 15:38:13 +01:00 · 2022-12-25 13:49:38 +01:00
5 changed files with 232 additions and 14 deletions
--- a/package.json
+++ b/package.json
@ -19,7 +19,7 @@
 		"cors": "^2.8.5",
 		"debug": "^4.3.1",
 		"dotenv": "^8.2.0",
-		"express": "^4.17.1",
+		"express": "^4.18.2",
 		"guid-typescript": "^1.0.9",
 		"mariadb": "^3.0.2",
 		"random-words": "^1.1.1",
@ -31,8 +31,9 @@
 		"@types/app-root-path": "^1.2.4",
 		"@types/bcrypt": "^3.0.1",
 		"@types/debug": "^4.1.5",
-		"@types/express": "^4.17.11",
+		"@types/express": "^4.17.15",
 		"@types/jest": "^28.1.3",
+		"@types/node": "^18.11.17",
 		"@types/random-words": "^1.1.2",
 		"@types/swagger-jsdoc": "^6.0.1",
 		"@types/swagger-ui-express": "^4.1.3",
@ -43,7 +44,7 @@
 		"source-map-support": "^0.5.19",
 		"ts-jest": "^28.0.5",
 		"tslint": "^6.1.3",
-		"typescript": "^4.1.5"
+		"typescript": "^4.9.4"
 	},
 	"jestSonar": {
 		"sonar56x": true,
--- a/src/models/calendar/events/credentials.service.ts
+++ b/src/models/calendar/events/credentials.service.ts
@ -0,0 +1,29 @@
+import * as dotenv from 'dotenv';
+
+
+dotenv.config();
+
+export const checkAdminPrivileges = (password: string) => {
+	return password == process.env.ADMIN_CREDENTIAL;
+}
+
+export const checkMemberPrivileges = (password: string) => {
+	return password == process.env.MEMBER_CREDENTIAL;
+}
+
+export const checkManagementPrivileges = (password: string) => {
+	return password == process.env.MANAGEMENT_CREDENTIAL;
+}
+
+export const hasAccess = (calendarName: string, password: string) => {
+	switch (calendarName) {
+		case 'public':
+			return true;
+		case 'members':
+			return checkMemberPrivileges(password);
+		case 'management':
+			return checkManagementPrivileges(password);
+		default:
+			return false;
+	}
+}
--- a/src/models/calendar/events/events.router.ts
+++ b/src/models/calendar/events/events.router.ts
@ -3,8 +3,10 @@
 */

 import express, {Request, Response} from 'express';
+import {Event} from './event.interface';
 import * as EventService from './events.service';
 import * as iCalService from './icalgenerator.service';
+import * as CredentialService from './credentials.service';
 import {Guid} from 'guid-typescript';
 import logger from '../../../middleware/logger';

@ -18,17 +20,39 @@ export const eventsRouter = express.Router();
 /**
 * Constants
 */
-const fileNames = ['Nachklang_calendar', 'Nachklang_internal_calendar', 'Nachklang_management_calendar'];
+export const calendarNames = new Map<string, any>([
+	['public', {id: 1, name: 'Nachklang_calendar'}],
+	['members', {id: 2, name: 'Nachklang_internal_calendar'}],
+	['management', {id: 3, name: 'Nachklang_management_calendar'}]
+]);


 /**
 * Controller Definitions
 */

-eventsRouter.get('/json', async (req: Request, res: Response) => {
+eventsRouter.get('/:calendar/json', async (req: Request, res: Response) => {
 	try {
 		// Get request params
-		let calendarId: number = parseInt(req.query.calendar as string ?? '', 10);
+		let calendarName: string = req.params.calendar as string ?? '';
+		let password: string = req.query.password as string ?? '';
+
+		if (calendarName.length < 1) {
+			res.status(401).send({'message': 'Please state the name of the calendar you want events from.'});
+			return;
+		}
+
+		if (!Array.from(calendarNames.keys()).includes(calendarName)) {
+			res.status(401).send({'message': 'Unknown calendar.'});
+			return;
+		}
+
+		let calendarId: number = calendarNames.get(calendarName)!.id;
+
+		if (!CredentialService.hasAccess(calendarName, password)) {
+			res.status(401).send({'message': 'You do not have access to the specified calendar.'});
+			return;
+		}

 		// Get events
 		let events = await EventService.getAllEvents(calendarId);
@ -37,20 +61,38 @@ eventsRouter.get('/json', async (req: Request, res: Response) => {
 		res.status(200).send(events);
 	} catch (e: any) {
 		console.log('Error handling a request: ' + e.message);
-		res.status(500).send(JSON.stringify({'message': 'Internal Server Error. Try again later.'}));
+		res.status(500).send({'message': 'Internal Server Error. Try again later.'});
 	}
 });

-eventsRouter.get('/ical', async (req: Request, res: Response) => {
+eventsRouter.get('/:calendar/ical', async (req: Request, res: Response) => {
 	try {
 		// Get request params
-		let calendarId: number = parseInt(req.query.calendar as string ?? '', 10);
+		let calendarName: string = req.params.calendar as string ?? '';
+		let password: string = req.query.password as string ?? '';
+
+		if (calendarName.length < 1) {
+			res.status(401).send({'message': 'Please state the name of the calendar you want events from.'});
+			return;
+		}
+
+		if (!Array.from(calendarNames.keys()).includes(calendarName)) {
+			res.status(401).send({'message': 'Unknown calendar.'});
+			return;
+		}
+
+		let calendarId: number = calendarNames.get(calendarName)!.id;
+
+		if (!CredentialService.hasAccess(calendarName, password)) {
+			res.status(401).send({'message': 'You do not have access to the specified calendar.'});
+			return;
+		}

 		// Get events
 		let events = await EventService.getAllEvents(calendarId);

 		// generate file name
-		let fileName = fileNames[calendarId];
+		let fileName = calendarNames.get(calendarName)!.name;
 		let file = await iCalService.convertToIcal(events);

 		// Send the ical file back
@ -59,7 +101,6 @@ eventsRouter.get('/ical', async (req: Request, res: Response) => {
 	} catch (e: any) {
 		let errorGuid = Guid.create().toString();
 		logger.error('Error handling a request: ' + e.message, {reference: errorGuid});
-		logger.error('Stacktrace: ' + e.stack, {reference: errorGuid});
 		res.status(500).send({
 			'status': 'PROCESSING_ERROR',
 			'message': 'Internal Server Error. Try again later.',
@ -67,3 +108,109 @@ eventsRouter.get('/ical', async (req: Request, res: Response) => {
 		});
 	}
 });
+
+eventsRouter.post('/', async (req: Request, res: Response) => {
+	try {
+		// Get params
+		let password = req.body.password;
+
+		if (!CredentialService.checkAdminPrivileges(password)) {
+			res.status(403).send({'message': 'Insufficient privileges.'});
+			return;
+		}
+
+		if (
+			req.body.calendarId === undefined ||
+			isNullOrBlank(req.body.name) ||
+			req.body.startDateTime === undefined ||
+			req.body.endDateTime === undefined
+		) {
+			res.status(401).send({'message': 'Required parameters missing'});
+			return;
+		}
+
+		let event: Event = {
+			event_id: -1,
+			calendar_id: req.body.calendarId,
+			uuid: '',
+			name: req.body.name,
+			description: req.body.description ?? '',
+			start_datetime: new Date(req.body.startDateTime),
+			end_datetime: new Date(req.body.endDateTime),
+			created_date: new Date(),
+			location: req.body.location ?? '',
+			created_by: req.body.createdBy ?? '',
+			url: req.body.url ?? ''
+		};
+
+		let eventId = await EventService.createEvent(event);
+
+		res.status(201).send({'message': 'Event with id ' + eventId + ' was created successfully.'});
+	} catch (e: any) {
+		let errorGuid = Guid.create().toString();
+		logger.error('Error handling a request: ' + e.message, {reference: errorGuid});
+		res.status(500).send({
+			'status': 'PROCESSING_ERROR',
+			'message': 'Internal Server Error. Try again later.',
+			'reference': errorGuid
+		});
+	}
+});
+
+eventsRouter.put('/:eventId', async (req: Request, res: Response) => {
+	try {
+		// Get params
+		let password = req.body.password;
+
+		if (!CredentialService.checkAdminPrivileges(password)) {
+			res.status(403).send({'message': 'Insufficient privileges.'});
+			return;
+		}
+
+		if (
+			req.params.eventId === undefined ||
+			req.body.calendarId === undefined ||
+			isNullOrBlank(req.body.name) ||
+			req.body.startDateTime === undefined ||
+			req.body.endDateTime === undefined
+		) {
+			res.status(401).send({'message': 'Required parameters missing'});
+			return;
+		}
+
+		let event: Event = {
+			event_id: parseInt(req.params.eventId, 10),
+			calendar_id: req.body.calendarId,
+			uuid: '',
+			name: req.body.name,
+			description: req.body.description ?? '',
+			start_datetime: new Date(req.body.startDateTime),
+			end_datetime: new Date(req.body.endDateTime),
+			created_date: new Date(),
+			location: req.body.location ?? '',
+			created_by: req.body.createdBy ?? '',
+			url: req.body.url ?? ''
+		};
+
+		let success = await EventService.updateEvent(event);
+
+
+		res.status(200).send({'message': 'Event was successfully updated'});
+	} catch (e: any) {
+		let errorGuid = Guid.create().toString();
+		logger.error('Error handling a request: ' + e.message, {reference: errorGuid});
+		res.status(500).send({
+			'status': 'PROCESSING_ERROR',
+			'message': 'Internal Server Error. Try again later.',
+			'reference': errorGuid
+		});
+	}
+});
+
+/**
+ * Checks if a given string is null, undefined or blank
+ * @param str The string to check
+ */
+function isNullOrBlank(str: string | null): boolean {
+	return str === null || str === undefined || str.trim() === '';
+}
--- a/src/models/calendar/events/events.service.ts
+++ b/src/models/calendar/events/events.service.ts
@ -1,5 +1,4 @@
 import * as dotenv from 'dotenv';
-import * as bcrypt from 'bcrypt';
 import {Guid} from 'guid-typescript';
 import {Event} from './event.interface';
 import {NachklangCalendarDB} from '../Calendar.db';
@ -30,3 +29,45 @@ export const getAllEvents = async (calendarId: number): Promise<Event[]> => {
 		await conn.end();
 	}
 };
+
+/**
+ * Create the given event in the database
+ * @param event The event to create
+ */
+export const createEvent = async (event: Event): Promise<number> => {
+	let conn = await NachklangCalendarDB.getConnection();
+	try {
+		let eventUUID = Guid.create().toString();
+		const eventsQuery = 'INSERT INTO events (calendar_id, uuid, name, description, start_datetime, end_datetime, location, created_by, url) VALUES (?,?,?,?,?,?,?,?,?) RETURNING event_id';
+		const eventsRes = await conn.query(eventsQuery, [event.calendar_id, eventUUID, event.name, event.description, event.start_datetime, event.end_datetime, event.location, event.created_by, event.url]);
+
+		return eventsRes[0].event_id;
+	} catch (err) {
+		throw err;
+	} finally {
+		// Return connection
+		await conn.end();
+	}
+};
+
+/**
+ * Update the given event in the database
+ * @param event The event to update
+ */
+export const updateEvent = async (event: Event): Promise<boolean> => {
+	let conn = await NachklangCalendarDB.getConnection();
+	try {
+		let eventUUID = Guid.create().toString();
+		const eventsQuery = 'UPDATE events SET name = ?, description = ?, start_datetime = ?, end_datetime = ?, location = ?, created_by = ?, url = ? WHERE event_id = ?';
+		const eventsRes = await conn.query(eventsQuery, [event.name, event.description, event.start_datetime, event.end_datetime, event.location, event.created_by, event.url, event.event_id]);
+
+		console.log(eventsRes);
+
+		return eventsRes.affectedRows === 1;
+	} catch (err) {
+		throw err;
+	} finally {
+		// Return connection
+		await conn.end();
+	}
+};
--- a/src/models/calendar/events/icalgenerator.service.ts
+++ b/src/models/calendar/events/icalgenerator.service.ts
@ -49,7 +49,7 @@ const serializeIcalEvent = (icalevent: iCalEvent): string => {
 const generateHeaderInfo = (ical: iCalFile) => {
 	ical.header = 'BEGIN:VCALENDAR\n' +
 		'VERSION:2.0\n' +
-		'PRODID:-//hacksw/handcal//NONSGML v1.0//EN\n' +
+		'PRODID:-//Nachklang e.V./Nachklang Calendar//NONSGML v1.0//EN\n' +
 		'CALSCALE:GREGORIAN\n' +
 		'BEGIN:VTIMEZONE\n' +
 		'TZID:Europe/Berlin\n' +
Author	SHA1	Message	Date
Patrick Mueller	83c9d090e1	Add methods to insert, update and delete events All checks were successful Jenkins Production Deployment Details	2022-12-25 15:38:13 +01:00
Patrick Mueller	0348d89121	Add credentials check and rework request structure	2022-12-25 13:49:38 +01:00