Merge commit 'f8bb37e12f96c86bb44a53ac28d06cc522cf7ab9' as 'backend'
This commit is contained in:
@@ -0,0 +1,98 @@
|
||||
import User from "@schemas/User";
|
||||
import { Router } from "express"
|
||||
import { Perms, adminCond, adminPerm } from "@/utility";
|
||||
import security from "@/helpers/security";
|
||||
import { Types } from "mongoose";
|
||||
|
||||
const accsRouter = Router()
|
||||
|
||||
accsRouter.use(adminPerm(Perms.Accs))
|
||||
|
||||
accsRouter.get('/', async (req, res)=> {
|
||||
res.send(await User.find(undefined, {pass: 0}))
|
||||
})
|
||||
|
||||
accsRouter.get('/:id', async (req, res) => {
|
||||
res.send({
|
||||
...(await User.findById(req.params.id, {pass: 0})).toJSON(),
|
||||
lockout: !!security.check(new Types.ObjectId(req.params.id))
|
||||
})
|
||||
})
|
||||
|
||||
accsRouter.post('/', async (req, res)=> {
|
||||
if (req.body.uname == "admin") return res.status(400).send("This name is reserved").end()
|
||||
var createdUser
|
||||
if (req.body.admin) {
|
||||
if (adminCond(req.user.admin, Perms.Superadmin)) {
|
||||
if (adminCond(req.body.admin, Perms.Superadmin)) {
|
||||
res.status(400).send("Cannot set superadmin")
|
||||
} else {
|
||||
createdUser = await User.create({uname: req.body.uname, room: req.body.room, admin: req.body.admin, fname: req.body.fname, surname: req.body.surname})
|
||||
}
|
||||
}
|
||||
} else {
|
||||
createdUser = await User.create({uname: req.body.uname, room: req.body.room, fname: req.body.fname, surname: req.body.surname})
|
||||
}
|
||||
var responseCandidate = createdUser.toJSON()
|
||||
delete responseCandidate.pass
|
||||
res.status(201).send(responseCandidate)
|
||||
})
|
||||
|
||||
accsRouter.put('/:id', async (req, res)=> {
|
||||
let user = await User.findById(req.params.id)
|
||||
if (!user) {
|
||||
res.status(404).send("User not found")
|
||||
return
|
||||
}
|
||||
if (req.body.admin) {
|
||||
if (adminCond(req.user.admin, Perms.Superadmin)) {
|
||||
if (adminCond(user.admin, Perms.Superadmin)) {
|
||||
res.status(400).send("Cannot edit superadmins")
|
||||
} else {
|
||||
if (adminCond(req.body.admin, Perms.Superadmin)) {
|
||||
res.status(400).send("Cannot set superadmin")
|
||||
} else {
|
||||
await user.set({uname: req.body.uname, room: req.body.room, admin: req.body.admin, fname: req.body.fname, surname: req.body.surname, groups: req.body.groups}).save()
|
||||
res.send({status: 200})
|
||||
}
|
||||
}
|
||||
} else {
|
||||
res.sendStatus(403)
|
||||
}
|
||||
} else {
|
||||
await user.set(req.body).save()
|
||||
res.send({status: 200})
|
||||
}
|
||||
})
|
||||
|
||||
accsRouter.patch('/:id/reset', async (req, res) => {
|
||||
let user = await User.findById(req.params.id)
|
||||
if (!user) {
|
||||
res.status(404).send("User not found")
|
||||
return
|
||||
}
|
||||
if (await user.set({pass: "$2y$10$miwF6PrsbLpRzFsj8XKjY.0flJWzWDQJ7iT81HuX1ic/1s0mfmvk."}).save()) { // Pass: reset
|
||||
res.send({status: 200}).end()
|
||||
return
|
||||
} else {
|
||||
res.sendStatus(500)
|
||||
}
|
||||
})
|
||||
|
||||
accsRouter.delete('/:id', async (req, res) => {
|
||||
if (await User.findByIdAndDelete(req.params.id)) {
|
||||
res.send({status: 200}).end()
|
||||
} else {
|
||||
res.sendStatus(404)
|
||||
}
|
||||
})
|
||||
|
||||
accsRouter.delete('/:id/lockout', async (req, res) => {
|
||||
if (security.clearAcc(req.params.id)) {
|
||||
res.send({status: 200}).end()
|
||||
} else {
|
||||
res.sendStatus(400)
|
||||
}
|
||||
})
|
||||
|
||||
export {accsRouter};
|
||||
@@ -0,0 +1,98 @@
|
||||
import { Router } from "express";
|
||||
import { Perms, adminPerm } from "@/utility";
|
||||
import usettings, { Features } from "@/helpers/usettings";
|
||||
import Grade from "@schemas/Grade";
|
||||
import User from "@/schemas/User";
|
||||
import attendence from "@/helpers/attendence";
|
||||
|
||||
const cleanRouter = Router()
|
||||
cleanRouter.use(adminPerm(Perms.Clean))
|
||||
cleanRouter.use(usettings.mw(Features.Clean))
|
||||
|
||||
cleanRouter.get("/:date([0-9]{4}-[0-9]{2}-[0-9]{2})/:room", async (req, res) => {
|
||||
res.send(await Grade.findOne({
|
||||
date: new Date(req.params.date),
|
||||
room: req.params.room
|
||||
}))
|
||||
})
|
||||
|
||||
cleanRouter.post("/", async (req, res) => {
|
||||
let obj = {
|
||||
...req.body,
|
||||
date: new Date(req.body.date),
|
||||
gradeDate: new Date(),
|
||||
}
|
||||
await Grade.findOneAndReplace({
|
||||
date: new Date(req.body.date),
|
||||
room: req.body.room,
|
||||
}, obj, {upsert: true})
|
||||
res.send({status: 200})
|
||||
})
|
||||
|
||||
cleanRouter.get("/summary/:start/:stop", async (req, res) => {
|
||||
var data = await Grade.find({
|
||||
date: {
|
||||
$gte: new Date(req.params.start),
|
||||
$lte: new Date(req.params.stop)
|
||||
}
|
||||
})
|
||||
data = data.map(v => v.toJSON())
|
||||
var byRoom: {[room: string]: any[]} = {}
|
||||
data.forEach((v) => {
|
||||
let roomarray = byRoom[v.room] ? byRoom[v.room] : [];
|
||||
byRoom[v.room] = [...roomarray, {...v, room: undefined}]
|
||||
})
|
||||
var stat: {room: string, avg: number}[] = []
|
||||
for (let i in byRoom) {
|
||||
var sum: number = 0
|
||||
for (let j of byRoom[i]) {
|
||||
sum += j.grade
|
||||
}
|
||||
let avrg = sum/byRoom[i].length
|
||||
stat.push({room: i, avg: avrg})
|
||||
}
|
||||
res.send(stat)
|
||||
})
|
||||
|
||||
cleanRouter.delete("/:id", async (req, res) => {
|
||||
if (await Grade.findByIdAndDelete(req.params.id)) {
|
||||
res.send({status: 200})
|
||||
} else {
|
||||
res.sendStatus(500)
|
||||
}
|
||||
})
|
||||
|
||||
cleanRouter.get('/config', (req, res) => {
|
||||
res.send({
|
||||
rooms: usettings.value.rooms,
|
||||
things: usettings.value.cleanThings
|
||||
})
|
||||
})
|
||||
|
||||
cleanRouter.get('/attendence/:room', async (req, res) => {
|
||||
res.send({
|
||||
users: await User.find({room: req.params.room}, {fname: true, surname: true, _id: true}),
|
||||
attendence: attendence.getRoom(req.params.room)
|
||||
})
|
||||
})
|
||||
|
||||
cleanRouter.post('/attendence/:room', async (req, res) => {
|
||||
attendence.setRoom(req.params.room, req.body)
|
||||
res.send({status: 200})
|
||||
})
|
||||
|
||||
cleanRouter.delete('/attendence/:room', async (req, res) => {
|
||||
attendence.clearRoom(req.params.room)
|
||||
res.send({status: 200})
|
||||
})
|
||||
|
||||
cleanRouter.get('/attendenceSummary', async (req, res) => {
|
||||
var allRooms = usettings.value.rooms
|
||||
var graded = (await Grade.find({date: new Date().setUTCHours(24,0,0,0)})).map(v => v.room)
|
||||
var ungraded = allRooms.filter(x => !graded.includes(x))
|
||||
var summary = attendence.summary()
|
||||
var unchecked: typeof summary = ungraded.filter(x => !summary.map(v => v.room).includes(x)).map(v => ({room: v, hours: [] as string[], notes: "Nie sprawdzono", auto: true}))
|
||||
res.send([...summary, ...unchecked])
|
||||
})
|
||||
|
||||
export {cleanRouter}
|
||||
@@ -0,0 +1,32 @@
|
||||
import { Router } from "express";
|
||||
import Menu from "@schemas/Menu";
|
||||
import Vote from "@/schemas/Vote";
|
||||
import { voteStats } from "@/pipelines/vote";
|
||||
|
||||
const editorRouter = Router()
|
||||
|
||||
editorRouter.get('/', async (req, res) => {
|
||||
if (req.query.start && req.query.end) {
|
||||
const start = new Date(req.query.start.toString())
|
||||
const end = new Date(req.query.end.toString())
|
||||
res.send(await Menu.find({day: {$gte: start, $lte: end}}))
|
||||
} else {
|
||||
res.status(400).end()
|
||||
}
|
||||
})
|
||||
|
||||
editorRouter.get('/stats', async (req, res) => {
|
||||
if (req.query.date && req.query.item) {
|
||||
const date = new Date(req.query.date.toString())
|
||||
const item = req.query.item.toString()
|
||||
const menu = (await Vote.aggregate(voteStats(date, item)))[0]
|
||||
res.send({
|
||||
name: item,
|
||||
value: menu
|
||||
})
|
||||
} else {
|
||||
res.status(400).end()
|
||||
}
|
||||
})
|
||||
|
||||
export { editorRouter }
|
||||
@@ -0,0 +1,42 @@
|
||||
import Group from "@schemas/Group";
|
||||
import { Router } from "express"
|
||||
import { Perms, adminPerm } from "@/utility";
|
||||
import usettings, { Features } from "@/helpers/usettings";
|
||||
|
||||
const groupsRouter = Router()
|
||||
|
||||
groupsRouter.use(adminPerm(Perms.Groups))
|
||||
groupsRouter.use(usettings.mw(Features.Groups))
|
||||
|
||||
groupsRouter.get('/', async (req, res)=> {
|
||||
res.send(await Group.find({}))
|
||||
})
|
||||
|
||||
groupsRouter.post('/', async (req, res)=> {
|
||||
if (await Group.create({name: req.body.name})) {
|
||||
res.status(201).send({status: 201})
|
||||
} else {
|
||||
res.sendStatus(500)
|
||||
}
|
||||
})
|
||||
|
||||
groupsRouter.put('/:id', async (req, res) => {
|
||||
let group = await Group.findById(req.params.id)
|
||||
if (!group) {
|
||||
res.status(404).send("Group not found")
|
||||
return
|
||||
}
|
||||
if (await group.set(req.body).save()) {
|
||||
res.send({status: 200}).end()
|
||||
return
|
||||
} else {
|
||||
res.sendStatus(500)
|
||||
}
|
||||
})
|
||||
|
||||
groupsRouter.delete('/:id', async (req, res) => {
|
||||
await Group.findByIdAndRemove(req.params.id)
|
||||
res.send({status: 200})
|
||||
})
|
||||
|
||||
export {groupsRouter};
|
||||
@@ -0,0 +1,36 @@
|
||||
import { Router } from "express";
|
||||
import { islogged, isadmin} from "@/utility";
|
||||
import { newsRouter } from "./news";
|
||||
import { accsRouter } from "./accs";
|
||||
import { menuRouter } from "./menu";
|
||||
import { groupsRouter } from "./groups";
|
||||
import { notifRouter } from "./notif";
|
||||
import { keysRouter } from "./keys";
|
||||
import { cleanRouter } from "./clean";
|
||||
import { settingsRouter } from "./settings";
|
||||
import User from "@/schemas/User";
|
||||
import Group from "@/schemas/Group";
|
||||
import usettings from "@/helpers/usettings";
|
||||
|
||||
export const adminRouter = Router()
|
||||
|
||||
adminRouter.use(islogged, isadmin)
|
||||
adminRouter.use('/news', newsRouter)
|
||||
adminRouter.use('/accs', accsRouter)
|
||||
adminRouter.use('/menu', menuRouter)
|
||||
adminRouter.use('/groups', groupsRouter)
|
||||
adminRouter.use('/notif', notifRouter)
|
||||
adminRouter.use('/keys', keysRouter)
|
||||
adminRouter.use('/clean', cleanRouter)
|
||||
adminRouter.use('/settings', settingsRouter)
|
||||
|
||||
adminRouter.get('/usearch', async (req, res) => {
|
||||
var results = await User.find({$text: {$search: req.query['q'].toString()}}, {uname: 1, surname: 1, fname: 1, room: 1})
|
||||
res.send(results)
|
||||
})
|
||||
|
||||
adminRouter.get('/sync', async (req, res) => {
|
||||
res.send({
|
||||
groups: usettings.value.modules.groups ? await Group.find() : undefined
|
||||
})
|
||||
})
|
||||
@@ -0,0 +1,52 @@
|
||||
import { Router } from "express";
|
||||
import Key from "@schemas/Key";
|
||||
import usettings, { Features } from "@/helpers/usettings";
|
||||
import User, { IUser } from "@schemas/User";
|
||||
import { Perms, adminPerm } from "@/utility";
|
||||
|
||||
const keysRouter = Router()
|
||||
|
||||
keysRouter.use(usettings.mw(Features.Key))
|
||||
keysRouter.use(adminPerm(Perms.Key))
|
||||
|
||||
keysRouter.get("/", async (req, res) => {
|
||||
var keys = await Key.find({}, undefined, { sort: { borrow: -1 } })
|
||||
.populate
|
||||
<Pick<IUser, "uname" | "room" | "fname" | "surname"> & { _id: string }>
|
||||
({ path: "whom", select: { _id: 1, uname: 1, room: 1, fname: 1, surname: 1 } })
|
||||
res.send(keys)
|
||||
})
|
||||
|
||||
keysRouter.post("/", async (req, res) => {
|
||||
var user = await User.findById(req.body.whom._id)
|
||||
if (!user) {
|
||||
return res.status(404).send("User not found").end()
|
||||
}
|
||||
const newKey = new Key({
|
||||
room: req.body.room,
|
||||
whom: user._id
|
||||
})
|
||||
if (await newKey.save()) {
|
||||
res.status(201).send({ status: 201 })
|
||||
} else {
|
||||
res.sendStatus(500)
|
||||
}
|
||||
})
|
||||
|
||||
keysRouter.get("/available", async (req, res) => {
|
||||
var taken = await Key.find({ tb: { $exists: false } }, {}, { sort: { borrow: -1 } })
|
||||
var occ = Array.from(new Set(taken.map((v) => v.room)))
|
||||
var all = Array.from(new Set(usettings.value.keyrooms))
|
||||
var free = all.filter(x => !occ.includes(x))
|
||||
res.send(free)
|
||||
})
|
||||
|
||||
keysRouter.put("/:id", async (req, res) => {
|
||||
if (await Key.findByIdAndUpdate(req.params.id, req.body)) {
|
||||
res.send({ status: 200 })
|
||||
} else {
|
||||
res.sendStatus(500)
|
||||
}
|
||||
})
|
||||
|
||||
export { keysRouter }
|
||||
@@ -0,0 +1,196 @@
|
||||
import { Router } from "express"
|
||||
import { Perms, adminPerm, project } from "@/utility"
|
||||
import multer from "multer"
|
||||
import * as XLSX from "xlsx"
|
||||
import Menu from "@schemas/Menu"
|
||||
import { editorRouter } from "./editor"
|
||||
import usettings, { Features } from "@/helpers/usettings"
|
||||
|
||||
const menuRouter = Router()
|
||||
|
||||
const storage = multer.memoryStorage()
|
||||
const upload = multer({storage: storage})
|
||||
|
||||
interface sheetObject {
|
||||
day: string;
|
||||
sn: string;
|
||||
sn2: string;
|
||||
ob: string;
|
||||
kol: string;
|
||||
}
|
||||
|
||||
menuRouter.use(adminPerm(Perms.Menu))
|
||||
menuRouter.use(usettings.mw(Features.Menu))
|
||||
|
||||
menuRouter.get('/', async (req, res) => {
|
||||
if (req.query.start && req.query.end) {
|
||||
const start = new Date(req.query.start.toString())
|
||||
const end = new Date(req.query.end.toString())
|
||||
res.send(await Menu.find({day: {$gte: start, $lte: end}}, undefined, {sort: {day: 1}}))
|
||||
} else {
|
||||
res.status(400).end()
|
||||
}
|
||||
})
|
||||
|
||||
function dayName(date: Date) {
|
||||
switch (date.getDay()) {
|
||||
case 0:
|
||||
return "Niedziela"
|
||||
case 1:
|
||||
return "Poniedziałek"
|
||||
case 2:
|
||||
return "Wtorek"
|
||||
case 3:
|
||||
return "Środa"
|
||||
case 4:
|
||||
return "Czwartek"
|
||||
case 5:
|
||||
return "Piątek"
|
||||
case 6:
|
||||
return "Sobota"
|
||||
default:
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
menuRouter.get('/print', async (req, res) => {
|
||||
if (req.query.start && req.query.end) {
|
||||
const start = new Date(req.query.start.toString())
|
||||
const end = new Date(req.query.end.toString())
|
||||
var meals = await Menu.find({day: {$gte: start, $lte: end}}, undefined, {sort: {day: 1}})
|
||||
var doc = meals.map(s => `<tr>
|
||||
<th>${dayName(s.day)}<br>${s.day.getDate()}.${s.day.getMonth()}.${s.day.getFullYear()}r.<br>${s.dayTitle}</th>
|
||||
<td>${usettings.value.menu.defaultItems.sn.join('<br>')}<br>${s.sn.fancy.join('<br>')}<br>${s.sn.second}</td>
|
||||
<td>
|
||||
<b>Z:</b> ${s.ob.soup}<br>
|
||||
<b>V:</b> ${s.ob.vege}<br>
|
||||
${s.ob.meal}<br>
|
||||
${s.ob.condiments.length != 0 ? s.ob.condiments.join('<br>') + "<br>" : ""}
|
||||
${s.ob.drink}<br>
|
||||
${s.ob.other.join('<br>')}
|
||||
</td>
|
||||
<td>${s.day.getUTCDay() == 5 ? "<b>Kolacja w domu!</b>" : `${usettings.value.menu.defaultItems.kol.join('<br>')}<br>${s.kol}`}</td>
|
||||
</tr>`)
|
||||
var html = `<html><head><meta charset="UTF-8"><style>table,th,td{border: 0.4ch solid;}td{line-height: 1;}</style></head><body><table><caption>Jadłospis dekadowy</caption><thead><tr><th>Dzień</th><th>Śniadanie</th><th>Obiad</th><th>Kolacja</th></tr></thead><tbody>${doc.join('\n')}</tbody></table></body></html>`
|
||||
res.type('html').send(html)
|
||||
} else {
|
||||
res.status(400).end()
|
||||
}
|
||||
})
|
||||
|
||||
menuRouter.get('/opts', async (req, res) => {
|
||||
var all = await Menu.find()
|
||||
var g = {
|
||||
sn: {
|
||||
fancy: Array.from(new Set(all.flatMap(v => v.sn.fancy).filter(v => v != ""))),
|
||||
second: Array.from(new Set(all.map(v => v.sn.second).filter(v => v != "")))
|
||||
},
|
||||
ob: {
|
||||
soup: Array.from(new Set(all.map(v => v.ob.soup).filter(v => v != ""))),
|
||||
vege: Array.from(new Set(all.map(v => v.ob.vege).filter(v => v != ""))),
|
||||
meal: Array.from(new Set(all.map(v => v.ob.meal).filter(v => v != ""))),
|
||||
condiments: Array.from(new Set(all.flatMap(v => v.ob.condiments).filter(v => v != ""))),
|
||||
drink: Array.from(new Set(all.map(v => v.ob.drink).filter(v => v != ""))),
|
||||
other: Array.from(new Set(all.flatMap(v => v.ob.other).filter(v => v != "")))
|
||||
},
|
||||
kol: Array.from(new Set(all.map(v => v.kol).filter(v => v != "")))
|
||||
}
|
||||
res.send(g)
|
||||
})
|
||||
|
||||
menuRouter.post('/:date', async (req, res) => {
|
||||
if (await Menu.create({day: new Date(req.params.date)})) {
|
||||
res.status(201).send({status: 201})
|
||||
} else {
|
||||
res.sendStatus(500);
|
||||
}
|
||||
|
||||
})
|
||||
|
||||
menuRouter.post('/:start/:count', async (req, res) => {
|
||||
var dates: any[] = []
|
||||
for (let i = 0; i < Number(req.params.count); i++) {
|
||||
var date = new Date(req.params.start)
|
||||
dates.push({day: date.setDate(date.getDate() + i)})
|
||||
}
|
||||
if (await Menu.create(dates)) {
|
||||
res.status(201).send({status: 201})
|
||||
} else {
|
||||
res.sendStatus(500);
|
||||
}
|
||||
})
|
||||
|
||||
menuRouter.post('/upload', upload.single('menu'), async (req,res)=> {
|
||||
if (!req.file) {
|
||||
res.status(400).send("File required")
|
||||
return
|
||||
}
|
||||
var sheet = XLSX.read(req.file.buffer)
|
||||
var data: sheetObject[] = XLSX.utils.sheet_to_json(sheet.Sheets[sheet.SheetNames[0]], {raw: true, header: ["day", "sn", "sn2", "ob", "kol"], range: 2})
|
||||
data = data.map((val, i) => {
|
||||
var result: any = {}
|
||||
var dateparts = val.day.match(/(\d{2})\.(\d{2})\.(\d{4})/)
|
||||
if (dateparts) {
|
||||
var date = new Date(parseInt(dateparts[3]),parseInt(dateparts[2])-1,parseInt(dateparts[1]))
|
||||
date.setUTCHours(0,0,0,0)
|
||||
} else {
|
||||
res.sendStatus(500)
|
||||
return
|
||||
}
|
||||
result.day = date
|
||||
result.sn = val.sn.split('\n')
|
||||
result.sn.push(val.sn2)
|
||||
|
||||
//#region ob
|
||||
var ob = val.ob
|
||||
ob = ob.replace(/^\s*\n/gm, "")
|
||||
ob = ob.replace(/ \/ /gm, "\n")
|
||||
ob = ob.replace(/:(?!\s)/gm, ": ")
|
||||
result.ob = ob.split('\n')
|
||||
//#endregion
|
||||
|
||||
result.kol = val.kol
|
||||
if (date.getUTCDay() == 5) {
|
||||
result.kol = null
|
||||
}
|
||||
return result
|
||||
})
|
||||
|
||||
if (await Menu.insertMany(data)) {
|
||||
res.status(201).send({status: 201})
|
||||
} else {
|
||||
res.sendStatus(500)
|
||||
}
|
||||
})
|
||||
|
||||
menuRouter.put('/:id', async (req, res) => {
|
||||
let menu = await Menu.findById(req.params.id)
|
||||
if (!menu) {
|
||||
res.status(404).send("Menu not found")
|
||||
return
|
||||
}
|
||||
let projField = project(req.body, Menu.schema.obj)
|
||||
if (projField) {
|
||||
try {
|
||||
await menu.set(projField).save()
|
||||
res.send({status: 200}).end()
|
||||
} catch (error) {
|
||||
res.status(500).send(error)
|
||||
}
|
||||
} else {
|
||||
res.status(400).send("No valid fields set")
|
||||
return
|
||||
}
|
||||
})
|
||||
|
||||
menuRouter.delete('/:id', async (req, res) => {
|
||||
if (await Menu.findByIdAndDelete(req.params.id)) {
|
||||
res.send({status: 200}).end()
|
||||
} else {
|
||||
res.sendStatus(404)
|
||||
}
|
||||
})
|
||||
|
||||
menuRouter.use('/editor', editorRouter)
|
||||
|
||||
export {menuRouter};
|
||||
@@ -0,0 +1,32 @@
|
||||
import { Router } from "express";
|
||||
import News from "@schemas/News"
|
||||
import { Perms, adminPerm } from "@/utility";
|
||||
import { IUser } from "@/schemas/User";
|
||||
import usettings, { Features } from "@/helpers/usettings";
|
||||
|
||||
const newsRouter = Router()
|
||||
|
||||
newsRouter.use(adminPerm(Perms.News))
|
||||
newsRouter.use(usettings.mw(Features.News))
|
||||
|
||||
newsRouter.get('/', async (req, res) => {
|
||||
var news = await News.find(undefined, undefined, { sort: { pinned: -1, date: -1 } }).populate<{ author: Pick<IUser, "fname" | "surname" | "uname"> }>("author", ["fname", "surname", "uname"])
|
||||
res.send(news)
|
||||
})
|
||||
|
||||
newsRouter.post('/', async (req, res) => {
|
||||
await News.create({ title: req.body.title, content: req.body.content, author: req.user._id })
|
||||
res.status(201).send({ status: 201 })
|
||||
})
|
||||
|
||||
newsRouter.delete('/:id', async (req, res) => {
|
||||
await News.findByIdAndDelete(req.params.id)
|
||||
res.send({ status: 200 })
|
||||
})
|
||||
|
||||
newsRouter.put('/:id', async (req, res) => {
|
||||
await News.findByIdAndUpdate(req.params.id, { ...req.body, author: req.user._id })
|
||||
res.send({ status: 200 })
|
||||
})
|
||||
|
||||
export { newsRouter };
|
||||
@@ -0,0 +1,61 @@
|
||||
import { Request, Response, Router } from "express";
|
||||
import { Perms, adminPerm } from "@/utility";
|
||||
import Group from "@schemas/Group";
|
||||
import { Message } from "@/notif";
|
||||
import { outboxRouter } from "./outbox";
|
||||
import usettings, { Features } from "@/helpers/usettings";
|
||||
|
||||
const notifRouter = Router()
|
||||
|
||||
notifRouter.use(adminPerm(Perms.Notif))
|
||||
notifRouter.use(usettings.mw(Features.Notif))
|
||||
|
||||
type PushSendBody = {
|
||||
recp:
|
||||
{ type: "uid", uid: string } |
|
||||
{ type: "room", room: string } |
|
||||
{ type: "group", group: string },
|
||||
title: string,
|
||||
body: string
|
||||
}
|
||||
|
||||
notifRouter.post("/send", async (req: Request<undefined, undefined, PushSendBody>, res: Response) => {
|
||||
let recp: string
|
||||
switch (req.body.recp.type) {
|
||||
case "uid":
|
||||
recp = req.body.recp.uid
|
||||
break;
|
||||
case "room":
|
||||
recp = req.body.recp.room
|
||||
break;
|
||||
case "group":
|
||||
if (!usettings.value.modules.groups) return res.sendStatus(406).end()
|
||||
recp = req.body.recp.group
|
||||
break;
|
||||
default:
|
||||
res.status(400).end()
|
||||
break;
|
||||
}
|
||||
const message = new Message(req.body.title, req.body.body, req.body.recp.type, recp)
|
||||
let result = await message.send()
|
||||
if (result === false) {
|
||||
res.sendStatusMessage(404, "No recepients")
|
||||
} else {
|
||||
console.log(`
|
||||
From: ${req.user.uname} (${req.user._id})
|
||||
To: ${recp}
|
||||
Subject: ${req.body.title}
|
||||
|
||||
${req.body.body}
|
||||
`);
|
||||
res.send(result)
|
||||
}
|
||||
})
|
||||
|
||||
notifRouter.get("/groups", async (req, res) => {
|
||||
res.send(await Group.find({}, { name: 1, _id: 1 }))
|
||||
})
|
||||
|
||||
notifRouter.use("/outbox", outboxRouter)
|
||||
|
||||
export { notifRouter }
|
||||
@@ -0,0 +1,35 @@
|
||||
import Inbox from "@/schemas/Inbox";
|
||||
import { IUser } from "@/schemas/User";
|
||||
import { Response, Router } from "express";
|
||||
|
||||
export const outboxRouter = Router()
|
||||
|
||||
outboxRouter.get("/", async (req, res: Response) => {
|
||||
var result = await Inbox.find({}, {message: 1, sentDate: 1}, {sort: {sentDate: -1}})
|
||||
var final = result.map(v => {
|
||||
return {
|
||||
_id: v._id,
|
||||
sentDate: v.sentDate,
|
||||
title: v.message.title
|
||||
}
|
||||
})
|
||||
res.send(final)
|
||||
})
|
||||
|
||||
outboxRouter.get("/:id/message", async (req, res) => {
|
||||
var msg = await Inbox.findById(req.params.id, {message: 1})
|
||||
if (msg) {
|
||||
res.send(msg.message.body)
|
||||
} else {
|
||||
res.status(404).send({message: "ERR: 404 Message id not found"})
|
||||
}
|
||||
})
|
||||
|
||||
outboxRouter.get("/:id/rcpts", async (req, res) => {
|
||||
var msg = await Inbox.findById(req.params.id, {rcpt: 1}).populate<{rcpt: Pick<IUser, "uname" | "room" | "fname" | "surname">}>({path: "rcpt", select: ["uname", "room", "fname", "surname"]}).exec()
|
||||
if (msg) {
|
||||
res.send(msg.rcpt)
|
||||
} else {
|
||||
res.status(404).send({message: "ERR: 404 Message id not found"})
|
||||
}
|
||||
})
|
||||
@@ -0,0 +1,21 @@
|
||||
import { Router } from "express";
|
||||
import { adminPerm, Perms } from "@/utility";
|
||||
import usettings from "@/helpers/usettings";
|
||||
|
||||
export const settingsRouter = Router()
|
||||
|
||||
settingsRouter.use(adminPerm(Perms.Superadmin))
|
||||
|
||||
settingsRouter.get('/', (req, res) => {
|
||||
res.send(usettings.value)
|
||||
})
|
||||
|
||||
settingsRouter.post('/', (req, res) => {
|
||||
usettings.value = req.body
|
||||
res.send({status: 200})
|
||||
})
|
||||
|
||||
settingsRouter.get('/reload', (req, res) => {
|
||||
usettings.reload()
|
||||
res.send({status: 200})
|
||||
})
|
||||
@@ -0,0 +1,108 @@
|
||||
import { Request, Router } from "express";
|
||||
import { islogged } from "@/utility";
|
||||
import News from "@schemas/News";
|
||||
import Menu from "@schemas/Menu";
|
||||
import Vote from "@schemas/Vote";
|
||||
import Key, { IKey } from "@schemas/Key";
|
||||
import usettings, { Features } from "@/helpers/usettings";
|
||||
import Grade from "@schemas/Grade";
|
||||
import Inbox from "@/schemas/Inbox";
|
||||
import { IUser } from "@/schemas/User";
|
||||
import _ from "underscore";
|
||||
|
||||
export const appRouter = Router();
|
||||
|
||||
appRouter.use(islogged)
|
||||
|
||||
appRouter.get("/news", usettings.mw(Features.News), async (req, res) => {
|
||||
var news = await News.find({"visible": {"$ne": false}}, {_id: 0, visible: 0}, {sort: {pinned: -1 ,date: -1}}).populate<{author: Pick<IUser, "fname" | "surname" | "uname">}>("author", ["fname", "surname", "uname"])
|
||||
res.send(news)
|
||||
})
|
||||
|
||||
appRouter.get("/menu/:date", usettings.mw(Features.Menu), async (req, res) => {
|
||||
var final = await Menu.findOne({day: new Date(req.params.date)})
|
||||
res.send(final)
|
||||
})
|
||||
|
||||
appRouter.get("/menu/:date/stat", usettings.mw(Features.Menu), async (req, res) => {
|
||||
const data = await Vote.find({dom: new Date(req.params.date), user: req.user._id})
|
||||
|
||||
res.send(data);
|
||||
|
||||
})
|
||||
|
||||
appRouter.post("/menu/:timestamp", usettings.mw(Features.Menu), async (req: Request<{ timestamp: string }, undefined, any[]>, res) => {
|
||||
req.body.forEach(async v => {
|
||||
const a = await Vote.findOne({user: req.user._id, name: v.name, dom: new Date(req.params.timestamp)})
|
||||
if (a) {
|
||||
if (v.value) {
|
||||
if (_.isEqual(a.vote, v.value)) return
|
||||
a.set("timestamp", Date.now())
|
||||
a.set("vote", v.value)
|
||||
await a.save()
|
||||
} else {
|
||||
await a.deleteOne()
|
||||
}
|
||||
} else {
|
||||
if (!v.value) return;
|
||||
|
||||
const newVote = new Vote({
|
||||
dom: new Date(req.params.timestamp),
|
||||
name: v.name,
|
||||
tom: v.type,
|
||||
timestamp: Date.now(),
|
||||
user: req.user._id,
|
||||
vote: {
|
||||
comment: v.value.comment,
|
||||
rating: v.value.rating,
|
||||
tags: v.value.tags
|
||||
}
|
||||
})
|
||||
|
||||
await newVote.save()
|
||||
}
|
||||
})
|
||||
res.sendStatusMessage(200).end()
|
||||
})
|
||||
|
||||
appRouter.get("/keys", usettings.mw(Features.Key), async (req, res) => {
|
||||
var keys = await Key.find<Pick<IKey, "room">>({tb: {$exists: false}}, {room: 1}, {sort: {room: 1}})
|
||||
var occ = keys.map(x=>x.room)
|
||||
var all = usettings.value.keyrooms
|
||||
var free = all.filter(x=>!occ.includes(x)).sort().map(x => {
|
||||
return { room: x }
|
||||
})
|
||||
var final = [...keys, ...free]
|
||||
res.send(final)
|
||||
})
|
||||
|
||||
appRouter.get("/clean/:date", usettings.mw(Features.Clean), async (req, res) => {
|
||||
res.send(await Grade.findOne({
|
||||
room: req.user.room,
|
||||
date: new Date(req.params.date)
|
||||
}))
|
||||
})
|
||||
|
||||
appRouter.get("/notif/check", usettings.mw(Features.Notif), async (req, res) => {
|
||||
var result = await Inbox.find({rcpt: req.user._id, $nor: [{ack: req.user._id}]}, {message: 1, sentDate: 1})
|
||||
if (result) {
|
||||
res.send(result)
|
||||
} else {
|
||||
res.send([])
|
||||
}
|
||||
})
|
||||
|
||||
appRouter.post("/notif/:id/ack", usettings.mw(Features.Notif), async (req, res) => {
|
||||
var result = await Inbox.findById(req.params.id)
|
||||
if (result) {
|
||||
if (result.rcpt.includes(req.user._id) && !result.ack.includes(req.user._id)) {
|
||||
result.ack.push(req.user._id)
|
||||
await result.save({})
|
||||
res.send({status: 200})
|
||||
} else {
|
||||
res.status(403).send({status: 401, message: "User doesn't have access or message already acknowledged"})
|
||||
}
|
||||
} else {
|
||||
res.status(404).send({status: 404, message: "Message not found"})
|
||||
}
|
||||
})
|
||||
@@ -0,0 +1,8 @@
|
||||
import { Router } from "express";
|
||||
import { appRouter } from "./app";
|
||||
import { adminRouter } from "./admin";
|
||||
|
||||
export const apiRouter = Router();
|
||||
|
||||
apiRouter.use("/app", appRouter)
|
||||
apiRouter.use("/admin", adminRouter)
|
||||
@@ -0,0 +1,95 @@
|
||||
import { Router } from "express";
|
||||
import passport from "passport";
|
||||
import User, { userVisibleFields } from "@schemas/User";
|
||||
import { islogged } from "@/utility";
|
||||
import bcrypt from "bcryptjs"
|
||||
import usettings from "@/helpers/usettings";
|
||||
import vapidKeys from "@/vapidKeys";
|
||||
import { IVerifyOptions } from "passport-local";
|
||||
|
||||
const authRouter = Router()
|
||||
|
||||
authRouter.post("/login", (req, res) => {
|
||||
passport.authenticate('normal', (err: { type: string, message: string } | null, user?: Express.User | false, options?: IVerifyOptions) => {
|
||||
if (user) {
|
||||
req.login(user, (error) => {
|
||||
if (error) {
|
||||
res.status(500).send(error)
|
||||
} else {
|
||||
res.send({ status: 200, admin: req.user.admin || undefined, redirect: req.user.defaultPage })
|
||||
}
|
||||
})
|
||||
} else {
|
||||
if (err) {
|
||||
switch (err.type) {
|
||||
case "unf":
|
||||
res.sendStatusMessage(404, "Zła nazwa użytkownika lub hasło.")
|
||||
break;
|
||||
case "timeout":
|
||||
case "locked":
|
||||
res.sendStatusMessage(403, err.message)
|
||||
break;
|
||||
default:
|
||||
res.sendStatusMessage(500, err.message)
|
||||
break;
|
||||
}
|
||||
} else {
|
||||
res.sendStatusMessage(403, "Brak hasła lub loginu.")
|
||||
}
|
||||
}
|
||||
})(req, res)
|
||||
})
|
||||
|
||||
authRouter.post("/chpass", islogged, async (req, res) => {
|
||||
var id = req.user._id
|
||||
if (!await bcrypt.compare(req.body.oldPass, req.user.pass)) {
|
||||
res.sendStatus(401)
|
||||
return
|
||||
}
|
||||
var newpass = bcrypt.hashSync(req.body.newPass, 10)
|
||||
const update = await User.findByIdAndUpdate(id, {
|
||||
pass: newpass
|
||||
})
|
||||
if (update) {
|
||||
|
||||
} else {
|
||||
|
||||
}
|
||||
req.logOut((err) => {
|
||||
if (err) {
|
||||
res.sendStatus(500)
|
||||
console.error(err)
|
||||
return
|
||||
}
|
||||
})
|
||||
res.sendStatus(200)
|
||||
})
|
||||
|
||||
authRouter.delete("/logout", (req, res, next) => {
|
||||
req.logout((err) => {
|
||||
if (err) { next(err) }
|
||||
res.send({ "status": 200 })
|
||||
})
|
||||
})
|
||||
|
||||
authRouter.get("/check", islogged, (req, res, next) => {
|
||||
if (req.user.locked) {
|
||||
req.logout((err) => {
|
||||
if (err) next(err)
|
||||
res.status(401).send({ status: 401, message: "Your account has been locked." })
|
||||
})
|
||||
}
|
||||
res.send({ "admin": req.user.admin, "features": usettings.value.modules, "user": userVisibleFields(req.user), "menu": { "defaultItems": usettings.value.menu.defaultItems, "tags": usettings.value.menu.tags }, "vapid": vapidKeys.keys.publicKey })
|
||||
})
|
||||
|
||||
authRouter.put("/redirect", islogged, async (req, res) => {
|
||||
if (["", "/", "/login", "/login/", "login"].find(v => v == req.body.redirect)) return res.status(400).send({ status: 400, message: "Path in blacklist" })
|
||||
const update = await User.findByIdAndUpdate(req.user._id, { defaultPage: req.body.redirect })
|
||||
if (update) {
|
||||
res.send({ status: 200 }).end()
|
||||
} else {
|
||||
res.status(500).send({ status: 500 }).end()
|
||||
}
|
||||
})
|
||||
|
||||
export { authRouter };
|
||||
@@ -0,0 +1,39 @@
|
||||
import { Router } from "express";
|
||||
import Notification from "@schemas/Notification";
|
||||
import { islogged } from "@/utility";
|
||||
import { authRouter } from "./auth/index";
|
||||
import mongoose from "mongoose";
|
||||
import { apiRouter } from "./api";
|
||||
import sync from "@/helpers/sync";
|
||||
import usettings, { Features } from "@/helpers/usettings";
|
||||
|
||||
const router = Router();
|
||||
|
||||
router.use('/', apiRouter)
|
||||
router.use('/auth', authRouter)
|
||||
|
||||
router.get("/healthcheck", async (req, res) => {
|
||||
res.status(200).send({
|
||||
uptime: process.uptime(),
|
||||
date: new Date(),
|
||||
db: mongoose.connection.readyState
|
||||
})
|
||||
})
|
||||
|
||||
router.post("/notif", islogged, usettings.mw(Features.Notif), async (req, res) => {
|
||||
var obj = { user: req.user._id, ...req.body }
|
||||
await Notification.findOneAndUpdate(obj, obj, { upsert: true })
|
||||
res.send({ "status": 200 })
|
||||
})
|
||||
|
||||
router.get("/sync", islogged, async (req, res) => {
|
||||
const sub = sync.subscribe(req.user._id, v => {
|
||||
res.send(v)
|
||||
})
|
||||
|
||||
req.once('close', () => {
|
||||
sub.unsubscribe()
|
||||
})
|
||||
})
|
||||
|
||||
export default router;
|
||||
Reference in New Issue
Block a user