Compare commits

...

2 Commits

Author SHA1 Message Date
83c9d090e1
Add methods to insert, update and delete events
All checks were successful
Jenkins Production Deployment
2022-12-25 15:38:13 +01:00
0348d89121
Add credentials check and rework request structure 2022-12-25 13:49:38 +01:00
5 changed files with 232 additions and 14 deletions

View File

@ -19,7 +19,7 @@
"cors": "^2.8.5",
"debug": "^4.3.1",
"dotenv": "^8.2.0",
"express": "^4.17.1",
"express": "^4.18.2",
"guid-typescript": "^1.0.9",
"mariadb": "^3.0.2",
"random-words": "^1.1.1",
@ -31,8 +31,9 @@
"@types/app-root-path": "^1.2.4",
"@types/bcrypt": "^3.0.1",
"@types/debug": "^4.1.5",
"@types/express": "^4.17.11",
"@types/express": "^4.17.15",
"@types/jest": "^28.1.3",
"@types/node": "^18.11.17",
"@types/random-words": "^1.1.2",
"@types/swagger-jsdoc": "^6.0.1",
"@types/swagger-ui-express": "^4.1.3",
@ -43,7 +44,7 @@
"source-map-support": "^0.5.19",
"ts-jest": "^28.0.5",
"tslint": "^6.1.3",
"typescript": "^4.1.5"
"typescript": "^4.9.4"
},
"jestSonar": {
"sonar56x": true,

View File

@ -0,0 +1,29 @@
import * as dotenv from 'dotenv';
dotenv.config();
export const checkAdminPrivileges = (password: string) => {
return password == process.env.ADMIN_CREDENTIAL;
}
export const checkMemberPrivileges = (password: string) => {
return password == process.env.MEMBER_CREDENTIAL;
}
export const checkManagementPrivileges = (password: string) => {
return password == process.env.MANAGEMENT_CREDENTIAL;
}
export const hasAccess = (calendarName: string, password: string) => {
switch (calendarName) {
case 'public':
return true;
case 'members':
return checkMemberPrivileges(password);
case 'management':
return checkManagementPrivileges(password);
default:
return false;
}
}

View File

@ -3,8 +3,10 @@
*/
import express, {Request, Response} from 'express';
import {Event} from './event.interface';
import * as EventService from './events.service';
import * as iCalService from './icalgenerator.service';
import * as CredentialService from './credentials.service';
import {Guid} from 'guid-typescript';
import logger from '../../../middleware/logger';
@ -18,17 +20,39 @@ export const eventsRouter = express.Router();
/**
* Constants
*/
const fileNames = ['Nachklang_calendar', 'Nachklang_internal_calendar', 'Nachklang_management_calendar'];
export const calendarNames = new Map<string, any>([
['public', {id: 1, name: 'Nachklang_calendar'}],
['members', {id: 2, name: 'Nachklang_internal_calendar'}],
['management', {id: 3, name: 'Nachklang_management_calendar'}]
]);
/**
* Controller Definitions
*/
eventsRouter.get('/json', async (req: Request, res: Response) => {
eventsRouter.get('/:calendar/json', async (req: Request, res: Response) => {
try {
// Get request params
let calendarId: number = parseInt(req.query.calendar as string ?? '', 10);
let calendarName: string = req.params.calendar as string ?? '';
let password: string = req.query.password as string ?? '';
if (calendarName.length < 1) {
res.status(401).send({'message': 'Please state the name of the calendar you want events from.'});
return;
}
if (!Array.from(calendarNames.keys()).includes(calendarName)) {
res.status(401).send({'message': 'Unknown calendar.'});
return;
}
let calendarId: number = calendarNames.get(calendarName)!.id;
if (!CredentialService.hasAccess(calendarName, password)) {
res.status(401).send({'message': 'You do not have access to the specified calendar.'});
return;
}
// Get events
let events = await EventService.getAllEvents(calendarId);
@ -37,20 +61,38 @@ eventsRouter.get('/json', async (req: Request, res: Response) => {
res.status(200).send(events);
} catch (e: any) {
console.log('Error handling a request: ' + e.message);
res.status(500).send(JSON.stringify({'message': 'Internal Server Error. Try again later.'}));
res.status(500).send({'message': 'Internal Server Error. Try again later.'});
}
});
eventsRouter.get('/ical', async (req: Request, res: Response) => {
eventsRouter.get('/:calendar/ical', async (req: Request, res: Response) => {
try {
// Get request params
let calendarId: number = parseInt(req.query.calendar as string ?? '', 10);
let calendarName: string = req.params.calendar as string ?? '';
let password: string = req.query.password as string ?? '';
if (calendarName.length < 1) {
res.status(401).send({'message': 'Please state the name of the calendar you want events from.'});
return;
}
if (!Array.from(calendarNames.keys()).includes(calendarName)) {
res.status(401).send({'message': 'Unknown calendar.'});
return;
}
let calendarId: number = calendarNames.get(calendarName)!.id;
if (!CredentialService.hasAccess(calendarName, password)) {
res.status(401).send({'message': 'You do not have access to the specified calendar.'});
return;
}
// Get events
let events = await EventService.getAllEvents(calendarId);
// generate file name
let fileName = fileNames[calendarId];
let fileName = calendarNames.get(calendarName)!.name;
let file = await iCalService.convertToIcal(events);
// Send the ical file back
@ -59,7 +101,6 @@ eventsRouter.get('/ical', async (req: Request, res: Response) => {
} catch (e: any) {
let errorGuid = Guid.create().toString();
logger.error('Error handling a request: ' + e.message, {reference: errorGuid});
logger.error('Stacktrace: ' + e.stack, {reference: errorGuid});
res.status(500).send({
'status': 'PROCESSING_ERROR',
'message': 'Internal Server Error. Try again later.',
@ -67,3 +108,109 @@ eventsRouter.get('/ical', async (req: Request, res: Response) => {
});
}
});
eventsRouter.post('/', async (req: Request, res: Response) => {
try {
// Get params
let password = req.body.password;
if (!CredentialService.checkAdminPrivileges(password)) {
res.status(403).send({'message': 'Insufficient privileges.'});
return;
}
if (
req.body.calendarId === undefined ||
isNullOrBlank(req.body.name) ||
req.body.startDateTime === undefined ||
req.body.endDateTime === undefined
) {
res.status(401).send({'message': 'Required parameters missing'});
return;
}
let event: Event = {
event_id: -1,
calendar_id: req.body.calendarId,
uuid: '',
name: req.body.name,
description: req.body.description ?? '',
start_datetime: new Date(req.body.startDateTime),
end_datetime: new Date(req.body.endDateTime),
created_date: new Date(),
location: req.body.location ?? '',
created_by: req.body.createdBy ?? '',
url: req.body.url ?? ''
};
let eventId = await EventService.createEvent(event);
res.status(201).send({'message': 'Event with id ' + eventId + ' was created successfully.'});
} catch (e: any) {
let errorGuid = Guid.create().toString();
logger.error('Error handling a request: ' + e.message, {reference: errorGuid});
res.status(500).send({
'status': 'PROCESSING_ERROR',
'message': 'Internal Server Error. Try again later.',
'reference': errorGuid
});
}
});
eventsRouter.put('/:eventId', async (req: Request, res: Response) => {
try {
// Get params
let password = req.body.password;
if (!CredentialService.checkAdminPrivileges(password)) {
res.status(403).send({'message': 'Insufficient privileges.'});
return;
}
if (
req.params.eventId === undefined ||
req.body.calendarId === undefined ||
isNullOrBlank(req.body.name) ||
req.body.startDateTime === undefined ||
req.body.endDateTime === undefined
) {
res.status(401).send({'message': 'Required parameters missing'});
return;
}
let event: Event = {
event_id: parseInt(req.params.eventId, 10),
calendar_id: req.body.calendarId,
uuid: '',
name: req.body.name,
description: req.body.description ?? '',
start_datetime: new Date(req.body.startDateTime),
end_datetime: new Date(req.body.endDateTime),
created_date: new Date(),
location: req.body.location ?? '',
created_by: req.body.createdBy ?? '',
url: req.body.url ?? ''
};
let success = await EventService.updateEvent(event);
res.status(200).send({'message': 'Event was successfully updated'});
} catch (e: any) {
let errorGuid = Guid.create().toString();
logger.error('Error handling a request: ' + e.message, {reference: errorGuid});
res.status(500).send({
'status': 'PROCESSING_ERROR',
'message': 'Internal Server Error. Try again later.',
'reference': errorGuid
});
}
});
/**
* Checks if a given string is null, undefined or blank
* @param str The string to check
*/
function isNullOrBlank(str: string | null): boolean {
return str === null || str === undefined || str.trim() === '';
}

View File

@ -1,5 +1,4 @@
import * as dotenv from 'dotenv';
import * as bcrypt from 'bcrypt';
import {Guid} from 'guid-typescript';
import {Event} from './event.interface';
import {NachklangCalendarDB} from '../Calendar.db';
@ -18,7 +17,7 @@ export const getAllEvents = async (calendarId: number): Promise<Event[]> => {
const eventsQuery = 'SELECT * FROM events WHERE calendar_id = ?';
const eventsRes = await conn.query(eventsQuery, calendarId);
for(let row of eventsRes) {
for (let row of eventsRes) {
eventRows.push(row);
}
@ -30,3 +29,45 @@ export const getAllEvents = async (calendarId: number): Promise<Event[]> => {
await conn.end();
}
};
/**
* Create the given event in the database
* @param event The event to create
*/
export const createEvent = async (event: Event): Promise<number> => {
let conn = await NachklangCalendarDB.getConnection();
try {
let eventUUID = Guid.create().toString();
const eventsQuery = 'INSERT INTO events (calendar_id, uuid, name, description, start_datetime, end_datetime, location, created_by, url) VALUES (?,?,?,?,?,?,?,?,?) RETURNING event_id';
const eventsRes = await conn.query(eventsQuery, [event.calendar_id, eventUUID, event.name, event.description, event.start_datetime, event.end_datetime, event.location, event.created_by, event.url]);
return eventsRes[0].event_id;
} catch (err) {
throw err;
} finally {
// Return connection
await conn.end();
}
};
/**
* Update the given event in the database
* @param event The event to update
*/
export const updateEvent = async (event: Event): Promise<boolean> => {
let conn = await NachklangCalendarDB.getConnection();
try {
let eventUUID = Guid.create().toString();
const eventsQuery = 'UPDATE events SET name = ?, description = ?, start_datetime = ?, end_datetime = ?, location = ?, created_by = ?, url = ? WHERE event_id = ?';
const eventsRes = await conn.query(eventsQuery, [event.name, event.description, event.start_datetime, event.end_datetime, event.location, event.created_by, event.url, event.event_id]);
console.log(eventsRes);
return eventsRes.affectedRows === 1;
} catch (err) {
throw err;
} finally {
// Return connection
await conn.end();
}
};

View File

@ -49,7 +49,7 @@ const serializeIcalEvent = (icalevent: iCalEvent): string => {
const generateHeaderInfo = (ical: iCalFile) => {
ical.header = 'BEGIN:VCALENDAR\n' +
'VERSION:2.0\n' +
'PRODID:-//hacksw/handcal//NONSGML v1.0//EN\n' +
'PRODID:-//Nachklang e.V./Nachklang Calendar//NONSGML v1.0//EN\n' +
'CALSCALE:GREGORIAN\n' +
'BEGIN:VTIMEZONE\n' +
'TZID:Europe/Berlin\n' +