Merge branch 'development' into separate-controllers

This commit is contained in:
Ceferino Patino 2022-04-13 21:20:32 -05:00
commit 266892bb26
21 changed files with 56 additions and 4 deletions

View file

@ -30,6 +30,7 @@ function RecordMp3() {
)
.then((res) => {
setUploadedFile(() => {
// Retrieve audio file of user if exists
return new File([res.data], 'userAudio.mp3', {
type: res.data.type,
lastModified: Date.now(),
@ -40,10 +41,12 @@ function RecordMp3() {
function togglePlay() {
if (audio && !audio.ended) {
// Reset audio and reset if track is playing
audio.pause();
audio.currentTime = 0;
setAudio(() => null);
} else {
// Set audio to file and play
const audioFile = new Audio(URL.createObjectURL(uploadedFile));
setAudio(() => audioFile);
audioFile.play();
@ -52,6 +55,7 @@ function RecordMp3() {
function record() {
if (recording) {
// Stop recording then set uploaded file to mp3 instance
setRecording(() => false);
recorder
.stop()
@ -65,6 +69,7 @@ function RecordMp3() {
});
});
} else {
// Start recording
setRecording(() => true);
recorder.start().catch((e) => {
console.error(e);
@ -81,6 +86,7 @@ function RecordMp3() {
async function handleSubmit(e) {
e.preventDefault();
// Create form data object and attach file and user token
var formData = new FormData();
formData.append('audioFile', uploadedFile, 'userAudio.mp3');
formData.append('token', Cookies.get('token'));

View file

@ -5,18 +5,20 @@ async function basicAuth(req, res, next) {
const email = req.body.email;
const password = req.body.password;
// Make sure that email and password exists with in the form
if (!email || !password) {
return res.status(400).send('Request lacking information');
}
// Make sure that a user exists with that email
const result = await User.findOne({
where: { email: email },
});
if (!result) {
return res.status(400).send('Unauthorized user');
}
// Hash the password and verify that the user hash is identical
const hashedPassword = forge.md.sha512
.create()
.update(password)

View file

@ -4,6 +4,7 @@ async function GetOrg(req, res, next) {
const user = req.user;
const orgID = req.params.orgID || req.query.orgID || req.body.orgID;
// Get all organizations by the provided ID, with a list of members and owner
const result = await Organization.findByPk(orgID, {
include: [
{
@ -19,10 +20,12 @@ async function GetOrg(req, res, next) {
],
});
// Verify that there is an organization that the specified id.
if (!result) {
return res.status(500).send('There is no organization with this id.');
}
// Verify that the user who submitted the request exists as an owner or member
if (!result.owner && result.member.length == 0) {
return res
.status(403)

View file

@ -4,10 +4,12 @@ async function checkKnownUser(req, res, next) {
const user = req.user;
const userID = req.params.userID || req.query.userID || req.body.userID;
// Return result immediately if the user is querying themselves
if (user.id == userID) {
return next();
}
// Find the queried user and the members of their owned organizations and owner/members of their member organizations
const result = await User.findByPk(userID, {
include: [
{
@ -35,15 +37,18 @@ async function checkKnownUser(req, res, next) {
],
});
// Confirm that a user with that ID exists within the database
if (!result) {
return res.status(500).send('No user with that ID exists.');
}
// Filter for an organization where the user is a member or an owner
const filteredResult = result.memberOrg.filter(
(org) => org.member.length != 0 || org.owner
);
if (filteredResult.length == 0 && result.ownedOrg) {
// Error if there is not an organization that includes that user and they are not in an owned organization
if (filteredResult.length == 0 && result.ownedOrg.length == 0) {
return res.status(403).send('You do not have contact with this user.');
}

View file

@ -1,6 +1,7 @@
const formidable = require('formidable');
function parseFormData(req, res, next) {
// Parse multipart form data into formidable object and set static file save location
var form = formidable();
form.uploadDir = `${__dirname}/../public/`;

View file

@ -3,14 +3,17 @@ const { Token } = require('../db/models/index');
async function tokenAuth(req, res, next) {
const token = req.query.token || req.body.token;
// Verify that a token exists on the request
if (!token) {
return res.status(403).send('Unauthorized user');
}
// Find token and make sure that it is not expired
const result = await Token.findByPk(token);
const date = new Date();
// Destroy token if it is expired or does not exist
if (
!result ||
(token.expires == true &&
@ -20,6 +23,7 @@ async function tokenAuth(req, res, next) {
return res.status(511).send('Session expired');
}
// Attach user object to request
const user = await result.getUser();
req.user = user;

View file

@ -4,10 +4,12 @@ const { User, Organization } = require('../../db/models/index');
async function CreateUser(req, res, next) {
const body = req.body;
// Verify that the object body contains all SQL required fields
if (!body.firstName || !body.lastName || !body.email || !body.password) {
return res.status(400).send('The request is missing required fields.');
}
// Make sure that no existing user exists with that email
const existingUsers = await User.count({
where: {
email: req.body.email,
@ -18,6 +20,7 @@ async function CreateUser(req, res, next) {
return res.status(500).send('A user with that email already exists.');
}
// Hash password for storage into database
const passwordHash = forge.md.sha512
.create()
.update(body.password)
@ -26,9 +29,11 @@ async function CreateUser(req, res, next) {
if (body.orgID) {
try {
// If there is an orgID attached, retrieve the organization and create user as member
const org = await Organization.findByPk(body.orgID);
if (!org) {
// Create user regularly if organization is not found
const result = await User.create({
...body,
password: passwordHash,
@ -52,6 +57,7 @@ async function CreateUser(req, res, next) {
}
} else {
try {
// Create user regularly if their is not orgID
const result = await User.create({
...body,
password: passwordHash,

View file

@ -1,4 +1,5 @@
async function GetMemberOrgs(req, res, next) {
// Retrieve all of the organizations the user is a part of
const user = req.user;
const result = await user.getMemberOrg({

View file

@ -1,4 +1,5 @@
async function GetOwnedOrgs(req, res, next) {
// Retrieve all organizations the user owns
const user = req.user;
const result = await user.getOwnedOrg({

View file

@ -4,10 +4,12 @@ async function GetUserDetails(req, res, next) {
const user = req.user;
const userID = req.params.userID;
// Immediately respond if user is querying themselves
if (user.id == userID) {
return res.send(user);
}
// Retrieve user while excluding sensitive information
const result = await User.findOne({
where: { id: userID },
attributes: { exclude: ['password', 'createdAt', 'updatedAt'] },

View file

@ -4,6 +4,7 @@ async function Login(req, res, next) {
const user = req.user;
const remember = req.body.remember;
// Create token for user while setting expiry
await Token.destroy({ where: { ownerID: user.id } });
const newToken = await user.createToken({
expires: remember,

View file

@ -5,16 +5,19 @@ const { User, ResetRequest } = require('../../db/models/index');
async function RequestReset(req, res, next) {
try {
// Make sure that the request contains an email
const email = req.query.email;
if (!email) {
return res.status(400).send('Request missing required fields');
}
// Confirm that a user exists with that email
const result = await User.findOne({ where: { email: email } });
if (!result) {
return res.status(500).send('Whoops something went wrong');
}
// Create resetRequest instance and send email containing reset information
const courier = CourierClient({
authorizationToken: process.env.COURIER_AUTH_TOKEN,
});

View file

@ -5,18 +5,20 @@ async function ResetPassword(req, res, next) {
const reqID = req.params.id;
const password = req.body.password;
// Verify that the form contains a new password
if (!password) {
return res.status(400).send('Form missing required information.');
}
// Confirm that there is a reset request for the user with that ID
const result = await ResetRequest.findByPk(reqID);
if (!result) {
return res
.status(500)
.send('A reset request with this ID does not exist');
}
// Hash the submitted password and update model
const hashedPassword = forge.md.sha512
.create()
.update(password)

View file

@ -5,10 +5,12 @@ function SetAudio(req, res, next) {
const oldLocation = req.files.audioFile.filepath;
// Set new auto file location to static asset folder
const uploadDir = `${__dirname}/../../public/audio`;
const fileName = `${user.id}.mp3`;
const newLocation = `${uploadDir}/${fileName}`;
// Move file from public to folder
fs.rename(oldLocation, newLocation, (err) => {
if (err) console.log(err);
});

View file

@ -4,6 +4,7 @@ const { User } = require('../../db/models/index');
async function UpdateUserDetails(req, res, next) {
const { token, ...body } = req.body;
// Verify that the email is not a duplicate, if it exists
if (body.email) {
const result = await User.findOne({
where: {

View file

@ -4,12 +4,13 @@ async function AddOrgMember(req, res, next) {
const user = req.user;
const orgID = req.params.orgID;
// Verify that an organization exists with the ID provided
const result = await Organization.findByPk(orgID);
if (!result) {
return res.status(404).send('No organization exists with that id.');
}
// Add the as a member to the found organization
await result.addMember(user.id);
return res.send('User added to organization.');

View file

@ -2,10 +2,12 @@ async function CreateOrg(req, res, next) {
const user = req.user;
const orgName = req.body.orgName;
// Error if the form does not contain an organization name
if (!orgName) {
return res.status(400).send('Form missing necessary fields');
}
// Verify that no owned organizations have the same name
const existing = await user.countOwnedOrg({
where: { name: orgName },
});

View file

@ -4,10 +4,12 @@ async function DeleteOrg(req, res, next) {
const user = req.user;
const orgID = req.query.orgID;
// Error if an organization id was not provided
if (!orgID) {
return res.status(400).send('Form missing required fields');
}
// Destroy all organizations with that ID
await Organization.destroy({
where: { id: orgID, ownerID: user.id },
});

View file

@ -4,6 +4,7 @@ async function GetOrg(req, res, next) {
const user = req.user;
const orgID = req.params.orgID;
// Retrieve organization, owner, and members
const org = await Organization.findByPk(orgID, {
attributes: { exclude: ['updatedAt'] },
include: [
@ -23,6 +24,7 @@ async function GetOrg(req, res, next) {
],
});
// Verify whether user is an owner of the organization
const status = org.ownerID == user.id;
return res.send({

View file

@ -5,6 +5,7 @@ async function RemoveOrgMember(req, res, next) {
const orgID = req.params.orgID;
const doomedUserIDs = req.body.doomedUsers;
// Verify that an organization exists with the id
const result = await Organization.findByPk(orgID, {
include: { association: 'owner' },
});
@ -13,6 +14,7 @@ async function RemoveOrgMember(req, res, next) {
return res.status(500).send('No organization exists with that id.');
}
// Remove self if doomedUserIDs does not exist, otherwise destroy all users in doomedUserIDs
if (!doomedUserIDs) {
await result.removeMember(user.id);
} else {

View file

@ -3,10 +3,12 @@ async function UpdateOrgDetails(req, res, next) {
const orgName = req.body.orgName;
const orgID = req.body.orgID;
// Verify that an name and id exist on the form
if (!orgName || !orgID) {
return res.status(400).send('Form missing required information.');
}
// Confirm that an organization exists with that ID
const result = await user.getOwnedOrg({ where: { id: orgID } });
if (result.length < 1) {
@ -15,6 +17,7 @@ async function UpdateOrgDetails(req, res, next) {
.send('You do not own an organization with that id.');
}
// Update the name fo the organization
result[0].update({ name: orgName });
return res.send(result[0]);