tien
/
upload-file-backend
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: tien:d9a228ce8898e9bc7170b2465f771751ca79edd3
Branches Tags
tien:master
...
compare: tien:76b231804e862a4813d8b23509c35c8d91c87977
Branches Tags
tien:master

2 Commits
d9a228ce88 ... 76b231804e

Author SHA1 Message Date
tnud0 76b231804e Merge remote-tracking branch 'origin/master'
2 years ago
tnud0 6d1e51c96a Add features for super admin, fix error of list all staff
2 years ago
12 changed files with 160 additions and 82 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats
  1. 15
      src/api/controllers/v1/path.controller.js
  2. 80
      src/api/controllers/v1/staff.controller.js
  3. 38
      src/api/controllers/v1/user.controller.js
  4. 4
      src/api/middlewares/auth.middleware.js
  5. 19
      src/api/middlewares/staff.middleware.js
  6. 24
      src/api/middlewares/user.middleware.js
  7. 4
      src/api/routes/v1/image.route.js
  8. 36
      src/api/routes/v1/staff.route.js
  9. 10
      src/api/routes/v1/user.route.js
  10. 2
      src/common/models/user.model.js
  11. 7
      src/common/utils/Permissions.js
  12. 3
      src/config/locales/en.json

15
src/api/controllers/v1/path.controller.js
Unescape View File

@ -193,17 +193,4 @@ exports.deleteMultiple = (req, res, next) => {
} catch (ex) {
return ErrorHandel(ex, req, res, next);
}
};
// exports.downloadZipFolder = (req,res,next) => {
// try{
// const user = req.user;
// const namefile = `${user.name}-${Date.now()}.zip`;
// const dir = `${storageConfig.uri}/${user.id}/${namefile}`;
// }catch(ex ) {
// return ErrorHandel(ex,req,res,next);
// }
// };
};

80
src/api/controllers/v1/staff.controller.js
Unescape View File

@ -31,20 +31,7 @@ exports.create = async (req, res, next) => {
ErrorHandler(ex, req, res, next);
});
// await User.destroy({
// where : {
// email: "teststaff@gmail.com"
// }
// }).then( rs => {
// return res.json({
// ms: "success"
// });
// }).catch(ex => {
// ErrorHandler(ex,req,res,next);
// })
});
};
/**
@ -57,10 +44,15 @@ exports.create = async (req, res, next) => {
exports.list = async (req, res, next) => {
req.query.services = User.Services.STAFF;
// console.log(req.query)
await User.list(
req.query
await User.findAll(
{
where : {
is_active: true,
service : "staff"
}
}
).then(result => {
console.log(result );
// console.log(result );
res.json({
code: 0,
count: req.totalRecords,
@ -92,6 +84,12 @@ exports.get = async (req, res, next) => res.json({ data: User.transform(req.loca
*/
exports.update = async (req, res, next) => {
const { user } = req.locals;
if (user.service !== "service") {
return res.status(404).json({
code: 404,
message : messages.NOT_FOUND
})
}
return User.update(
req.body,
@ -119,6 +117,12 @@ exports.update = async (req, res, next) => {
*/
exports.delete = async (req, res, next) => {
const { user } = req.locals;
if (user.service !== "service") {
return res.status(404).json({
code: 404,
message : messages.NOT_FOUND
})
}
return User.update(
{
@ -139,6 +143,7 @@ exports.delete = async (req, res, next) => {
}).catch(ex => {
ErrorHandler(ex, req, res, next);
});
};
exports.getStaffPermission = async (req, res, next) => {
@ -197,3 +202,44 @@ exports.active = async (req, res, next) => {
ErrorHandler(ex, req, res, next);
});
};
exports.addService = async (req,res,next) => {
const {user} = req.locals;
return User.update({
service: 'service'
}, {
where: {
id: user.id
}
}).then(() => {
res.json({
code: 0,
message: messages.UPDATE_SUCCESS
});
}).catch(ex => {
ErrorHandler(ex, req, res, next);
})
};
exports.changePassword = async(req,res,next) => {
const {current_password, new_password } = req.body;
const {user} = req.locals;
const rounds = 10;
const new_pass = await hash(new_password, rounds);
return User.update(
{password: new_pass},
{
where: {
id: user.id
}
},
).then( async () => {
res.json({
code: 0,
message: messages.UPDATE_SUCCESS
});
}).catch(ex => {
ErrorHandler(ex, req, res, next);
});
};

38
src/api/controllers/v1/user.controller.js
Unescape View File

@ -42,8 +42,11 @@ exports.create = async (req, res, next) => {
*/
exports.list = async (req, res, next) => {
req.query.services = User.Services.USER;
User.list(
req.query
// console.log(req.query.services);
User.list( {
service : "user",
is_active: true
}
).then(result => {
res.json({
code: 0,
@ -142,37 +145,6 @@ exports.getStaffPermission = async (req, res, next) => {
data: story
});
};
// exports.addRole = async(req,res,next) => {
// const {user} = req.locals;
// const admin = ['administrator'];
// // const user.permissions[0] = admin;
// return User.update({
// permissions: admin,
// service: 'administrator'
// },
// {
// where : {id : user.id}
// }
// ).then( async () => {
// const new_user = await User.get(req.params.id);
// console.log(new_user);
// res.json(
// {
// code: 0,
// messages: messages.CREATE_SUCCESS
// }
// );
// }).catch( ex => {
// ErrorHandler(ex, req, res, next);
// })
// }
exports.updatePassword = async(req,res,next) => {
const {new_password} = req.body;
const {user} = req.locals;

4
src/api/middlewares/auth.middleware.js
Unescape View File

@ -238,10 +238,12 @@ const checkPermission = async (req, permissions, additionalCheck) => {
switch (req.authInfo.accessLevel) {
case ConsumerGroups.SERVICE:
// allow all access with service level
return null;
case ConsumerGroups.STAFF:
// remove user permission
// console.log("1231231232");
console.log("from staff");
if (userPermissionIndex !== -1) {
permissionsToCheck.splice(userPermissionIndex, 1);
}
@ -252,7 +254,7 @@ const checkPermission = async (req, permissions, additionalCheck) => {
}
break;
case ConsumerGroups.USER:
console.log("req.authInfo.accessLevel1");
// console.log("from user");
if (userPermissionIndex === -1) {
apiError.status = httpStatus.FORBIDDEN;
apiError.message = 'Forbidden';

19
src/api/middlewares/staff.middleware.js
Unescape View File

@ -3,6 +3,7 @@ import { cloneDeep, pick } from 'lodash';
import { hash } from 'bcryptjs';
import { handler as ErrorHandler } from './error';
import User from '../../common/models/user.model';
import messages from '../../config/messages';
/**
* Converter
* @param {*} str
@ -71,7 +72,7 @@ exports.checkExistingEmail = async (req, res, next) => {
where: { email: req.body.email }
});
if (user) {
return res.status(400).json({ message: 'email have aldready exist', data: user , email: req.body.email});
return res.status(400).json({ message: 'email have aldready exist'});
}
return next();
} catch (ex) {
@ -122,3 +123,19 @@ exports.prepareParamsUpdated = async (req, res, next) => {
next();
};
// check current password
exports.checkCurrentPassword = async (req,res,next) => {
const {current_password, new_password} = req.body;
const {user} = req.locals;
const isCheck = await User.passwordMatches(user, current_password);
if (!isCheck) {
return res.status(404).json({
code : 0,
message : "email or password is incorrect!"
})
};
return next();
}

24
src/api/middlewares/user.middleware.js
Unescape View File

@ -3,6 +3,8 @@ import Moment from 'moment-timezone';
import JWT from 'jsonwebtoken';
import { handler as ErrorHandler } from './error';
import User from '../../common/models/user.model';
import permissions from '../../common/utils/Permissions';
/**
* Load item by id add to req locals.
*/
@ -27,12 +29,34 @@ exports.count = async (req, res, next) => {
req.totalRecords = await User.totalRecords(
req.query
);
return next();
} catch (ex) {
return ErrorHandler(ex, req, res, next);
}
};
/**
* Load count account with user service
*/
exports.countUser = async(req,res,next) => {
try{
req.totalRecords = await User.count({
where: {
is_active: true,
service : permissions.USER
}
});
console.log(req.query);
return next();
} catch (ex ) {
return ErrorHandler(ex,req,res,next);
};
};
/**
* Load item by id add to req locals.
*/

4
src/api/routes/v1/image.route.js
Unescape View File

@ -1,7 +1,7 @@
import express from 'express';
// import validate from 'express-validation';
// import { authorize } from '../../middlewares/auth.middleware';
// import Permissions from '../../../common/utils/Permissions';
import { authorize } from '../../middlewares/auth.middleware';
import Permissions from '../../../common/utils/Permissions';
import { uploader } from '../../../common/services/adapters/upload-adapter';
import controller from '../../controllers/v1/image.controller';

36
src/api/routes/v1/staff.route.js
Unescape View File

@ -16,13 +16,15 @@ const router = express.Router();
router
.route('/')
.get(
authorize([permissions.LOGGED_IN]),
authorize([permissions.SERVICE]),
middleware.count,
// middleware.load,
controller.list
)
.post(
validate(createValidation),
authorize([permissions.LOGGED_IN]),
authorize([permissions.SERVICE]),
middleware.prepareParams,
middleware.checkExistingEmail,
controller.create
@ -31,34 +33,56 @@ router
router
.route('/:id')
.get(
authorize([permissions.SERVICE]),
middleware.load,
controller.get
// controller.addService
)
.put(
validate(updateValidation),
authorize([permissions.LOGGED_IN]),
authorize([permissions.SERVICE]),
middleware.load,
middleware.prepareParamsUpdated,
controller.update
)
.delete(
authorize([permissions.LOGGED_IN]),
authorize([permissions.SERVICE]),
middleware.load,
controller.delete
);
router
.route('/:id/block')
.post(
authorize([permissions.LOGGED_IN]),
authorize([permissions.STAFF]),
middleware.load,
controller.block
);
router
.route('/:id/active')
.post(
authorize([permissions.LOGGED_IN]),
authorize([permissions.STAFF]),
middleware.load,
controller.active
);
// super admin change password for themself
router
.route("/resetpassword/:id")
.post(
authorize([permissions.SERVICE]),
middleware.load,
middleware.checkCurrentPassword,
controller.changePassword
);
//super admin change password for admin
router
.route("/change-password/:id")
.post(
authorize([permissions.SERVICE]),
middleware.load,
controller.changePassword
);
export default router;

10
src/api/routes/v1/user.route.js
Unescape View File

@ -15,11 +15,13 @@ const router = express.Router();
router
.route('/')
.get(
authorize([permissions.STAFF]),
validate(listValidation),
middleware.count,
middleware.countUser,
controller.list
)
.post(
authorize([permissions.STAFF]),
validate(createValidation),
// authorize([permissions.USER_CREATE]),
middleware.checkEmail,
@ -34,12 +36,12 @@ router
)
.put(
validate(updateValidation),
authorize([permissions.LOGGED_IN]),
authorize([permissions.STAFF]),
middleware.load,
controller.update
)
.delete(
authorize([permissions.LOGGED_IN]),
authorize([permissions.STAFF]),
middleware.load,
controller.delete
);
@ -55,7 +57,7 @@ router.route("/:id/reset-password").
router.route("/change-password/:id").
post(
authorize([permissions.LOGGED_IN]),
authorize([permissions.STAFF]),
middleware.load,
// middleware.checkCurrentPassword,
controller.updatePassword

2
src/common/models/user.model.js
Unescape View File

@ -770,7 +770,7 @@ User.get = async (userId) => {
is_active: true
}
});
console.log(user);
// console.log(user);
if (isNil(user)) {
throw new APIError({
status: httpStatus.NOT_FOUND,

7
src/common/utils/Permissions.js
Unescape View File

@ -2,9 +2,12 @@ import { serviceName } from '../../config/vars';
export default {
// Service Permission
// service: user : 'user'
USER: 'user',
// ADMINISTRATOR : 'administrator',
LOGGED_IN: 'staff',
// service: staff : 'staff'
STAFF: 'staff',
SERVICE: 'service',
// For Product Route
PRODUCT_VIEW: `${serviceName}_product_view`,

3
src/config/locales/en.json
Unescape View File

@ -27,5 +27,6 @@
"column user.services does not exist": "column user.services does not exist",
"log is not defined": "log is not defined",
"connect ETIMEDOUT 113.177.27.200:5432": "connect ETIMEDOUT 113.177.27.200:5432",
"Validation error: Validation isEmail on email failed": "Validation error: Validation isEmail on email failed"
"Validation error: Validation isEmail on email failed": "Validation error: Validation isEmail on email failed",
"WHERE parameter \"id\" has invalid \"undefined\" value": "WHERE parameter \"id\" has invalid \"undefined\" value"
}
Write Preview
Loading…
Cancel
Save