gogo/apxtri
1
0
Fork 0
Code Pull Requests Activity

full code

Browse Source
This commit is contained in:
philc
2023-12-07 12:04:19 +01:00
parent 484d2ad22a
commit 7656f57a11
45 changed files with 9659 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
routes/nations.js Executable file
View File

@@ -0,0 +1,35 @@
const express = require( 'express' );
const fs=require('fs-extra');
const conf = require(`../../conf/townconf.json`);
// Classes
const Nations = require( '../models/Nations.js' );
// Middlewares
const checkHeaders = require( '../middlewares/checkHeaders' );
const isAuthenticated = require( '../middlewares/isAuthenticated' );
const router = express.Router();
/*
Manage nation
A major create a nation with at least a town => nation:{name, towns:[]} contracts/nationname.js + contracts/townsname.js
Manage a new towns in a nation => update nation:[nationname:towns:[]} contracts/townname.js
*/
/**
* @api {put} /nations/viewtown/:town - nationlist from a town major
* @apigroup Nation
* @apiName nationlist
* @apiDescription get list of nation from a town to help this instance to update network topology
* @apiParam {string} town fromwhich the data come from
* @apiSuccess {object} refreshnetworktopoly
* * HTTP/1.1 200 OK
* {status:200,ref:"Nations",msg:"updated",data:{}};
*
*/
router.put( '/', checkHeaders, isAuthenticated, ( req, res ) => {
const uptown = Nations.updatetown()
res.status(uptown.status).send(uptown)
} )
module.exports = router;

30
routes/notifications.js Normal file
View File

@@ -0,0 +1,30 @@
const express = require("express");
// Classes
const Notifications = require("../models/Notifications.js");
// Middlewares
const checkHeaders = require("../middlewares/checkHeaders");
const isAuthenticated = require("../middlewares/isAuthenticated");
const router = express.Router();
/**
* @api {get} /notifications/:alias/:tribeId
* @apiName notiflist
* @apiDescription Get list of notifications for an alias and a tribe
* @apiGroup Notification
*
* @apiParam {string} alias
* @apiParam {string} tribeId
* @apiSuccess {object} notif content
* @apiSuccessExample {json} Success-Response:
* HTTP/1.1 200 OK
* {status:200,ref:"Notification",msg:"Messagelist",data:{notif:[{tribeId,msg:{from(email or uuid or alias):[{dt,msg}]}}]}
*
**/
router.get("/:alias/:tribeId", (req, res) => {
const getnot = Notification.get(req.params.alias,req.params.tribeId);
res.status(getalias.status).send(getalias);
});
module.exports=router;

600
routes/odmdb.js Normal file
View File

@@ -0,0 +1,600 @@
const express = require("express");
const glob = require("glob");
const fs = require("fs-extra");
const path = require("path");
const conf = require(`../../conf/townconf.json`);
const Odmdb = require("../models/Odmdb.js");
// Middlewares
const checkHeaders = require("../middlewares/checkHeaders.js");
const isAuthenticated = require("../middlewares/isAuthenticated.js");
const router = express.Router();
/**
* @api {get} /odmdb/objects - objects Get
* @apiGroup Odmdb
* @apiName getIndex
* @apiDescription Get objects available for header.xtribe
*
* @apiSuccess {object} contain data.indexname
* @apiSuccessExample {json} Success-Response:
* HTTP/1.1 200 OK
* {"status":200, "ref":"Odmdb", "msg":"objectslist", "data":{indexname,content:{index file}}
*
*
*/
router.get("/objects", checkHeaders, isAuthenticated, (req, res) => {
const data = {
tribe: req.session.headers.xtribe,
apx: { conf: {}, objectnames: [] },
tribe: { conf: {}, objectnames: [] },
};
glob.sync(`../nationchains/tribes/adminapi/schema/*.json`).forEach((f) => {
const objectname = path.basename(f, ".json");
if (objectname == "conf") {
data.apx.conf = fs.readJSONSync(f);
} else {
data.apx.objectnames.push(objectnames);
}
});
glob
.sync(`../nationchains/tribes/${req.session.headers.xtribe}/schema/*.json`)
.forEach((f) => {
const objectname = path.basename(f, ".json");
if (objectname == "conf") {
data.apx.conf = fs.readJSONSync(f);
} else {
data.apx.objectnames.push(objectnames);
}
});
res.status(200).json({ status: 200, ref: "Odmdb", msg: "objectslist", data });
});
/**
* @api {get} /odmdb/idx/:tribe/:objectname/:indexname - index Get
* @apiGroup Odmdb
* @apiName getIndex
* @apiDescription Get index file for an object
*
* @apiParam {string} tribe if common adminapi or tribename
* @apiParam {string} objectname If in conf.nationObjects then object is into nationchains/ else in tribes/xtribe/objectname/idx/indexname indexname
* @apiParam {String} indexname name of index file in /idx/indexnamme.json
*
*
* @apiError {json} objectNotfound the file does not exist
* @apiErrorExample {json}
* HTTP/1.1 404 Not Found
{"status":404,"ref":"Odmdb","msg":"pathnamedoesnotexist","data":{indexpath}}
*
* @apiSuccess {object} indexfile content
* @apiSuccessExample {json} Success-Response:
* HTTP/1.1 200 OK
* {"status":200, "ref":"Odmdb", "msg":"indexexist", "data":{indexname,content:{index file}}
*
*
*/
router.get(
"/idx/:tribe/:objectname/:indexname",
checkHeaders,
isAuthenticated,
(req, res) => {
console.log("passe");
// indexname = objectname_key_value.json
let objectLocation = "../nationchains/";
if (!conf.api.nationObjects.includes(req.params.objectname)) {
objectLocation += `tribes/${req.session.headers.xtribe}/`;
// check if accessright
}
const indexpath = `${objectLocation}/${req.params.objectname}/idx/${req.params.indexname}`;
if (fs.existsSync(indexpath)) {
res.status(200).json({
ref: "Odmdb",
msg: "indexexist",
data: {
indexname: req.params.indexname,
content: fs.readJsonSync(indexpath),
},
});
} else {
res.status(404).json({
ref: "Odmdb",
msg: "pathnamedoesnotexist",
data: { indexpath },
});
}
}
);
/**
* @api {get} /odmdb/rebuildidx/:objectname - index refresh all
* @apiGroup Odmdb
* @apiName refreshAllIndex
* @apiDescription Rebuild all index for an object, this can be usefull in case crash or any data conflict.
*
* @apiParam {string} objectname Mandatory
*
* @apiSuccess {object} indexfile content
* @apiSuccessExample {json} successreindex
* HTTP/1.1 200 OK
* {"status":200, "ref":"Odmdb", "msg":"successreindex", "data":{"indexlist":[]}}
*
* @apiError {json} objectNotfound the file does not exist
* @apiErrorExample {json}
* HTTP/1.1 404 Not Found
{"status":404,"ref":"Odmdb","msg":"see nationchains/model/lg/Odmdb_xx.json","data":"object to render with msg"}
*
*/
router.get(
"/rebuildidx/:objectname",
checkHeaders,
isAuthenticated,
(req, res) => {
console.log("reindex");
// check validity and accessright
const objectPathname = conf.api.nationObjects.includes(
req.params.objectname
)
? `../nationchains/${req.params.objectname}`
: `${conf.dirtown}/tribes/${req.session.header.xtribe}/${req.params.objectname}`;
//console.log(objectPathname);
if (!fs.existsSync(objectPathname)) {
res.status(404).json({
status: 404,
ref: "Odmdb",
msg: "pathnamedoesnotexist",
data: { indexpath: objectPathname },
});
return false;
}
if (
conf.api.nationObjects.includes(req.params.objectname) &&
!req.session.header.xprofils.includes("mayor")
) {
res.status(403).json({
status: 403,
ref: "Odmdb",
msg: "profilnotallow",
data: { profils: "mayor" },
});
return false;
}
if (
!conf.api.nationObjects.includes(req.params.objectname) &&
!req.session.header.xprofils.includes("druid")
) {
res.status(403).json({
status: 403,
ref: "Odmdb",
msg: "profilnotallow",
data: { profils: "druid" },
});
return false;
}
const reindex = Odmdb.idxfromitm(objectPathname, "I", {}, {}, [], {});
res.status(reindex.status).json(reindex);
}
);
/**
* @api {post} /odmdb/itm/:objectname - item Create
* @apiGroup Odmdb
* @apiName postItm
* @apiPermission none
* @apiDescription Add an new item (data) into a collection of objectname items. Before Check data integrity with the relevant schema.
* Then create a new primarykey. For multilanguage return see nationchains/model/lg/Odmdb_xx.json.
*
* @apiParam {string} objectname Place where to create new item, schema and version are available in /objectname/conf.json
*
* @apiBody {Object} data must pass Checkjson.js with schema
*
* @apiSuccess {json} data idxprimary Value of idxprimary into objectname collection
* @apiSuccessExample {json} Success-Response:
* HTTP/1.1 200 OK
* {"status":200, "ref":"Odmdb", "msg":"cudsuccessfull", "data":{"itm":{}}}
*
* @apiError {json} schemanotfound The objectname schema is not found
* @apiError {json} pathnamedoesnotexist The objectname does not exist for the tribe
* @apiError {json} missingprimarykey Body data must have primarykey to be created
* @apiError {json} unconsistencyapxidx some Body data get unique key that already exist
* @apiError {json} checkjsonfalse The body data are not consistent with the schema
* @apiErrorExample {json}
* HTTP/1.1 404 Not Found
* {"status":404,"ref":"Odmdb","msg":"see nationchains/model/lg/Odmdb_xx.json","data":"object to render with msg"}
*
*/
router.post("/itm/:objectname", checkHeaders, isAuthenticated, (req, res) => {
// Create an item of an object with no specificities
// if specificities then create a route / model that import odmdb
res.json({});
});
router.get(
"/searchitems/:objectname/:question",
checkHeaders,
isAuthenticated,
(req, res) => {
/**
*
*
*/
console.log(
"route referentials get all language" +
req.params.objectname +
"-" +
req.params.question
);
const getref = Referentials.getref(
true,
req.params.source,
req.params.idref,
req.session.header.xworkon,
req.session.header.xlang
);
// Return any status the data if any erreur return empty object
res.jsonp(getref.payload.data);
}
);
/**
* @api {get} /odmdb/itm/:objectname/:primaryindex - item Get
* @apiGroup Odmdb
* @apiName getItemFromId
* @apiDescription Get itm for a primaryid of an object
*
* @apiParam {String} objectname name Mandatory if in conf.nationObjects then file is into nationchains/ else in /nationchains/tribes/xtribe/objectname
* @apiParam {String} primaryindex the unique id where item is store
*
* @apiError {json} objectNotfound the file item does not exist
* @apiErrorExample {json}
* HTTP/1.1 404 Not Found
* {"status":404,"ref":"Odmdb","msg":"doesnotexist","data":{"objectname":"objectname","key":"apxid","val":"primaryindex"}}
*
* @apiSuccess {object} indexfile content
* @apiSuccessExample {json} Success-Response:
* HTTP/1.1 200 OK
* {"status":200, "ref":"Odmdb", "msg":"indexexist", "data":{"indexname","content":{itm file}}
*
*
*/
// indexname = objectname_key_value.json
router.get(
"/itm/:objectname/:primaryindex",
checkHeaders,
isAuthenticated,
(req, res) => {
const objectName = req.params.objectname;
const objectId = req.params.primaryindex;
let objectLocation = "../nationchains/";
if (!conf.api.nationObjects.includes(objectName)) {
objectLocation += `tribes/${req.session.headers.xtribe}/${objectName}`;
// check if accessright on object on item
// in case not res.status(403)
}
const objectpath = `${objectLocation}/${objectName}/itm/${objectId}`;
if (fs.existsSync(objectpath)) {
res.status(200).json({ data: fs.readJsonSync(objectpath) });
} else {
res.status(404).json({
ref: "Odmdb",
msg: "objectfiledoesnotexist",
data: { objectpath },
});
}
}
);
/**
* @api {get} https://wall-ants.ndda.fr/Checkjson.js - schema Checkjson.js
* @apiGroup Odmdb
* @apiName checkjsonjs
* @apiDescription Public js lib to import in a browser by :<br>
* ```<script src="wall-ants.ndda.fr/nationchains/contracts/Checkjson.js"></script>```
* to import in a node.js:<br>
* ```const Checkjson = require(`Checkjson.js`);```
*
* with functions:<br>
* <strong>Checkjson.schema.validation(schema)</strong> that return<br>
* - {status:200, ref:"Checkjson", msg:"validcheck"} => all rules are correct<br>
* - {status:406, multimsg:[{ref:"Checkjson",msg:"errorkey",data:{}}]}<br>
*
* <strong>Checkjson.schema.data(schema{json},data{json},withschemacheck{boolean})</strong> that return<br>
* - {status:200, ref:"Checkjson", msg:"validcheck"} => all data keys respect schema rules <br>
* - {status:417, multimsg:[{ref:"Checkjson",msg:"errorkey",data:{}}]}<br>
*
* To identify issues, get the language errorkey list with a get
* https://wall-ants.ndda.fr/nationchains/models/Checkjson_lg.json
*
*/
/**
* @api {get} https://wall-ants.ndda.fr/nationchains/schema/:objectname - schema Get public
* @apiGroup Odmdb
* @apiName getPublicSchema
* @apiDescription Get a Schema model from public apxtri (nations, pagans,persons,towns, tribes,wwws)
* @apiSuccess {json} contain json file
* @apiSuccessExample {json} Fichier direct
* HTTP/1.1 200 Success-response:
{
"$id": "https://smatchit.io/schema/pagan",
"$comment": "To create account bin apxtri",
"title": "Pagans identity",
"description": "A numeric id in the nationchains world",
"type": "object",
"properties": {
"publickey": {
"title": "Alias's publickey",
"description": "Public key generate with openpgp.js",
"type": "string",
"format": "pgppublickey"
},
"alias": {
"title": "Alias",
"description": "text to remember easily a public key",
"type": "string",
"minLength": 4,
"pattern": "^[a-z0-9]*$"
},
"dt_delete": {
"title": "Date of death",
"description": "Date of alias delete request, your will will be apply",
"type": "string",
"format": "date-time"
},
"will": {
"title": "Will script after death",
"description": "This will script will be apply on your data 30 days after your death",
"type": "string"
}
},
"required": ["publickey", "alias"],
"apxid": "alias",
"apxuniquekey": ["publickey"],
"apxidx": [
{ "name": "lst_alias", "keyval": "alias" },
{ "name": "alias", "keyval": "alias" }
],
"apxaccessrights": {
"owner": { "R": [], "D": [] },
"anonymous": { "C": [], "R": ["alias"] },
"pagan": { "R": ["alias", "publickey"] }
}
}
* @apiError {json} contain json file
* @apiErrorExample {string} nginx html not found message
* HTTP/1.1 404 Not Found
* <html>...</html>
**/
/**
* @api {get} https://tribedns/:tribe/schema/:objectname.json - schema Get from tribe
* @apiGroup Odmdb
* @apiName getPrivateSchema
* @apiDescription Get a tribe schema or schema/lg/:objectname_xx.json this is served by nginx not express. tribedns is the domain name (ex:smatchit.io)
*
* @apiParam {string} tribe where schema is stored ex;smatchit
* @apiParam {String} objectname the json file name ex persons.json or for language /lg/persons_fr.json
*
* @apiError {object} ref objectname note found
* @apiErrorExample {json} Error-response:
* HTTP/1.1 404 Not Found
* <html>...</html>
* @apiSuccess {json} data contains schema requested
* @apiSuccessExample {json} Success-Response for : https://smatchit.io/smatchit/schema/persons.json
* HTTP/1.1 200 Success-response:
* {{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "/smatchit/schema/sirets",
"title": "Siret is a legal french company",
"description": "A recruiter can active a jobad if a maxnumber is not reach for this siret. Maxnumber is set depending of an offer or can be set manualy",
"type": "object",
"properties": {
"siret": {
"title": "siret",
"description": "A unique string identifying a company ",
"type": "string",
"minLength": 14,
"pattern": "^[0-9]*$"
},
"owner": {
"title": "Owner of this siret",
"description": "For accessright purpose this is set by the alias that pay the first time a subscription",
"type": "string"
},
"dt_create": {
"type": "string",
"format": "date-time",
"default": "dayjs.now()"
},
"dt_update": {
"type": "string",
"format": "date-time"
},
"subscription": {
"title": "Offer subscribe",
"type": "array",
"items": {
"type": "object",
"properties": {
"offer": { "type": "string", "enum": ["A", "B", "C", "FREE"] },
"dt_payment": { "type": "string", "format": "date-time" }
}
}
},
"emailbilling":{
"type":"string",
"format":"email"
},
"namebilling":{
"type":"string"
},
"maxactivejobad": {
"title": "Number of active jobad at the same time",
"description": "Alloaw by subscription payment for a date inside the last dt_payment and offer",
"type": "integer"
},
"activejobad": {
"title": "Current number of active jobadd",
"type": "integer"
},
"frenchlocation": {
"title": "Location",
"description": "use franch gov refential to locaize",
"$ref": "nationchains/schema/frenchlocation"
},
"denomination": {
"title": "Company name",
"type": "string"
}
},
"required": ["siret"],
"additionalProperties": true,
"apxid": "siret",
"apxuniquekey": ["siret"],
"apxidx": [
{
"name": "lst_siret",
"keyval": "siret"
}
],
"apxaccessrights": {
"owner": {
"D": [],
"R": [
"siret",
"dt_create",
"dt_update",
"subscription",
"maxactivejobadd",
"activejobadd",
"frenchlocation",
"demomination"
],
"U": ["frenchlocation", "demomination"]
},
"druid": {
"C": [],
"D": [],
"R": [
"siret",
"dt_create",
"dt_update",
"subscription",
"maxactivejobadd",
"activejobadd",
"frenchlocation",
"demomination"
],
"U": [
"subscription",
"maxactivejobadd",
"activejobadd",
"frenchlocation",
"demomination"
]
},
"pagans": { "C": [] },
"adminrecruiter": {
"C": [],
"R": [
"siret",
"dt_create",
"dt_update",
"subscription",
"maxactivejobadd",
"activejobadd",
"frenchlocation",
"demomination"
],
"U": ["frenchlocation", "demomination"]
},
"recruiter": {
"R": [
"siret",
"dt_create",
"dt_update",
"subscription",
"maxactivejobadd",
"activejobadd",
"frenchlocation",
"demomination"
]
}
}
}}
*/
/**
* @api {put} https://wall-ants.ndda.fr/odmdb/schema/:tribe/:objectname - schema Put
* @apiGroup Odmdb
* @apiName putSchema
* @apiDescription Replace a schema by another one need druid profil for a tribe
*
* @apiParam {String} objectname
*
* @apiBody {string} schemapath where to store schema .../schema
* @apiBody {string} objectpath where to store object ...objectname/idx/conf.json
* @apiBody {json} schema content
* @apiBody {json} schemalang content in lg
* @apiBody {string} lang define which schemalg is (2 letters)
*
* @apiError {object} ref objectmodel to get in the right language
* @apiErrorExample {json} Error-response:
* HTTP/1.1 404 Not Found
* {"status":404,"ref":"Odmdb","msg":"schemanotfound","data":{"fullpath"}}
*
* @apiSuccess {object} data contains schema requested
* HTTP/1.1 200 Success-response:
* {"status":200,"data":{schema}}
*
*
*/
router.put(
"schema/:tribe/:objectname",
checkHeaders,
isAuthenticated,
(req, res) => {
const fullpath = path.resolve(
`${__dirname}/tribes/${req.session.header.xworkon}/schema/${req.params.pathobjectname}.json`
);
const set = Odmdb.setObject(
path.resolve(`${__dirname}/tribes/${req.session.header.xworkon}`)
);
if (fs.existsSync(fullpath)) {
res.status(200).json({ data: fs.readJsonSync(fullpath) });
} else {
res
.status(404)
.json({ msg: "schemanotfound", ref: "odmdb", data: { fullpath } });
}
}
);
/**
* @api {get} https://wall-ants.ndda.fr/nationchains/models/:modelname_lg.json - translation notif Get public
* @apiGroup Odmdb
* @apiName getPublicModelmessagekey
* @apiDescription Get a public json object for the ref: modelname in language lg, to get a template description with key msg
* @apiParam {string} modelname Mandatory
* @apiSuccess {json} contain json file
* @apiSuccessExample {json} Fichier direct
* HTTP/1.1 200 Success-response:
* {
"alreadyexist": "Un object {{objectname}} avec la clé {{key}} existe déjà avec {{val}}",
"doesnotexist": "L'object {{objectname}} avec la clé {{key}} ,'existe pas avec {{val}}",
"getschema": "Schema {{{conf.name}}}",
"schemanotfound": "Schema introuvable dans {{{schemaPath}}}",
"pathnamedoesnotexist": "Le repertoire n'existe pas {{{indexpath}}}",
"objectfiledoesnotexist": "Le fichier n'existe pas {{{objectpath}}}",
"cudsuccessfull": "Mise à jour effectuée avec succés",
"missingprimarykey": "Il manque une clé primaire apxid pour stocker et identifier les objects",
"unconsistencyapxidx": "L'index {{name}} doit contenir en objkey au moins {{apxid}} car keyval n'est pas unique",
"profilnotallow": "Vous n'avez pas le profil de {{profils}}, cette action n'est pas authorisée",
"successreindex": "Objet reindexé à partir des items, vos index sont à jour",
"indexexist":"L'indexe existe"
* }
* @apiError {json} contain json file
* @apiErrorExample {string} nginx html not found message
* HTTP/1.1 404 Not Found
* <html>...</html>
**/
module.exports = router;

327
routes/pagans.js Executable file
View File

@@ -0,0 +1,327 @@
const express = require("express");
const fs = require("fs-extra");
const path = require("path");
// Classes
const Pagans = require("../models/Pagans.js");
const Odmdb = require("../models/Odmdb.js");
// Middlewares
const checkHeaders = require("../middlewares/checkHeaders.js");
const isAuthenticated = require("../middlewares/isAuthenticated.js");
const conf = require(`../../conf/townconf.json`);
const router = express.Router();
/**
* /api/models/Pagans.js
*
* Managed:
/**
* Alias exist then return public key or not
* @api {get} /pagans/alias/:alias - alias Get
* @apiName isalias
* @apiGroup Pagans
* @apiDescription If alias exist return its publickey
*
* @param {string} alias
*
* @apiError {json} aliasdoesnotexist
* @apiErrorExample {json}
* HTTP/1.1 404 Not Found
{"status":404,"ref":"pagans","msg":"aliasdoesnotexist","data": { alias}}
*
* @apiSuccess {object} indexfile content
* @apiSuccessExample {json} Success-Response:
* HTTP/1.1 200 OK
* {"status":200, ref:"pagans","msg":"aliasexist","data": { alias, publicKey }}
* *
**/
router.get("/alias/:alias", (req, res) => {
const getalias = Pagans.getalias(req.params.alias);
res.status(getalias.status).send(getalias);
});
/**
* Remove serveur token
* @api {get} /pagans/logout - pagan Logout
* @apiName Removetoken
* @apiGroup Pagans
* @apiDescription Remove token
*
* @apiSuccess {object} indexfile content
* @apiSuccessExample {json} Success-Response:
* HTTP/1.1 200 OK
* {status: 200, ref: "Pagans", msg: "logout"
*
*/
router.get("/logout", checkHeaders, isAuthenticated, (req, res) => {
console.log(req.session.header);
const logout = Pagans.logout(
req.session.header.xalias,
req.session.header.xtribe,
req.session.header.xdays,
req.session.header.xhash
);
res.status(logout.status).json(logout);
});
/**
* @api {get} /pagans/isauth - pagan isAuthenticated?
* @apiName isAuth
* @apiGroup Pagans
* @apiDescription Check if pagan's token is still valid
*
* @apiError (400) missingheaders
* @apiError (400) xaliasdoesnotexist
* @apiError (400) signaturefailled
* @apiError (401) aliasanonymous
* @apiError (404) tribedoesnotexist
*
* @apiSuccess (200) valid
* {object} data contains indexfile requested
*
*/
router.get("/isauth", checkHeaders, isAuthenticated, (req, res) => {
res.status(200).send({
status: 200,
ref: "headers",
msg: "authenticated",
data: {
xalias: req.session.header.xalias,
xprofils: req.session.header.xprofils,
},
});
});
/**
* @api {post} /pagans - pagan Post
* @apiName addpagan
* @apiGroup Pagans
* @apiDescription
* Create a pagan account from alias, publickey, if trusted recovery =>
* Create a person in xtribe/person/xalias.json with profil.auth={email,privatekey, passphrase}
* Middleware isAuthenticated check that:
* - xhash is well signed from private key linked to the publickey of alias
* - check that alias does not already exist (if yes then verifiedsigne would be false)
* Need to wait next block chain to be sure that alias is register in the blokchain
* @apiBody {string} alias available (that does not already exist check get /api/alias/:alias that must return 404).
* @apiBody {string} publickey
* @apiBody {string} [email] if specified then an email is sent to it with public and privatekey
* @apiBody {string} [privatekey]
* @apiBody {string} [passphrase] if not specidied => passphrase=""
* @apiBody {string} [trustedtribe] the tribename if not specified then the process will only create a pagan identity, else an item person is create for trustedtribe (that must exist with profil 'person'). To create a person with an existing pagan identity use put /api/person/:alias after authenticated you (headers). In case a person is created then we use all valid other apiBody respecting rules https://smatchit.io/api/odmdb/schema/persons.json
*
* @apiError {json} objectNotfound the file does not exist
* @apiErrorExample {json}
* HTTP/1.1 404 Not Found
{"status":404,"ref":"Odmdb","msg":"pathnamedoesnotexist","data":{indexpath}}
*
* @apiSuccess {object} indexfile content
* @apiSuccessExample {json} Success-Response:
* HTTP/1.1 200 OK
* {"status":200, "ref":"Odmdb", "msg":"indexexist", "data":{indexname,content:{index file}}
*
*/
router.post("/", checkHeaders, isAuthenticated, async (req, res) => {
console.log("pass ici", req.body);
const role = {
xalias: req.session.header.xalias,
xprofils: req.session.header.xprofils,
};
const emailregex =
/^(([^<>()[\]\\.,;:\s@\"]+(\.[^<>()[\]\\.,;:\s@\"]+)*)|(\".+\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;
if (!(req.body.trustedtribe && req.body.email && emailregex.test(req.body.email) )) {
res.status(400).json({status:400,ref:"Pagans",msg:"emailerr", data:{email:req.body.email}})
return
}
const objpagan = { alias: req.body.alias, publickey: req.body.publickey };
const newpagan = Odmdb.cud(`../nationchains/pagans`, "C", objpagan, role);
const createprocess={status:200, ref:"Pagans", msg:"successfulcreate",data:{alias:req.body.alias}};
if (newpagan.status == 200) {
if (req.body.email) {
const emailsent = await Pagans.sendmailkey({
alias: req.body.alias,
privatekey: req.body.privatekey,
tribe: req.session.header.xtribe,
passprhase: req.body.passphrase,
publickey: req.body.publickey,
email: req.body.email,
lg: req.session.header.xlang
}
);
createprocess.data.emailsent = (emailsent.status == 200);
createprocess.data.email=req.body.email
createprocess.data.tribe=req.session.header.xtribe;
if (emailsent.status!=200) {
console.log("err emailsent: ",emailsent)
createprocess.data.emailerror = emailsent.data.err;
}
}
if (req.body.trustedtribe) {
const persondata = {
alias: req.body.alias,
owner: req.body.alias,
profils: ["pagans", "persons"],
recoveryauth: {
email: req.body.email,
privatekey: req.body.privatekey,
publickey: req.body.publickey,
passphrase: req.body.passphrase,
},
};
const personup = Odmdb.cud(`../nationchains/tribes/${req.body.trustedtribe}/objects/persons`, "C", persondata, {xprofils:["pagan"],xalias:req.body.alias});
console.log('personup',personup)
if (personup.status==200){
createprocess.data.createperson=true;
}else{
createprocess.data.createperson=false;
createprocess.data.errorperson=true;
createprocess.data.errpersonup=personup.data;
console.log("Warning pagan created but person not created and no recovery registration", personup);
}
res.status(createprocess.status).json(createprocess);
}else{
res.status(newpagan.status).json(newpagan);
}
} else {
//error to create pagan certaily already exist
res.status(newpagan.status).json(newpagan);
}
});
/**
* @api {delete} /pagans/alias/:alias - pagan Delete
* @apiName deletepagan
* @apiGroup Pagans
* @apiDescription
* Delete an alias and his publickey, this mean that publickey disapear as well as alias. All tribe will be inform and will delete person of this alias if they have. This alias will be availlable after 1 year.
* */
router.delete("/alias/:alias", checkHeaders, isAuthenticated, (req, res) => {
console.log(`DELETE pagans nationchains/pagans/${req.params.alias}.json`);
const result = Pagans.deletealias(req.params.id, req.session.header);
res.status(result.status).send(result);
});
/**
* @api {delete} /pagans/person/:alias - person Delete
* @apiName deleteperson
* @apiGroup Pagans
* @apiDescription
* Unsubscribe a person to a tribe => remove a person item and all data link to this alias
* */
router.delete("/person/:alias", checkHeaders, isAuthenticated, (req, res) => {
const personpath=`../nationchains/tribes/${req.session.header.xtribe}/objects/persons`;
const role = {
xalias: req.session.header.xalias,
xprofils: req.session.header.xprofils,
};
req.session.header.role
const delperson = Odmdb.cud(personpath,"D",{alias:req.params.alias},role,true);
console.log(`DELETE person ${personpath}/${req.params.alias}.json `);
console.log(delperson)
res.status(delperson.status).json(delperson);
});
/**
* @api {get} /pagans/person/:alias - person Get
* @apiName getpersondata
* @apiDescription Get person information from his alias for a xtribe (data and profils per apps)
* @apiGroup Pagans
*
* @apiParam {string} alias
*
* @apiSuccess (200) personExist
* @apiSuccessExample {json}
* {status:200, ref:"pagans",msg:"personexist",data: { person } }
*
* @apiError (404) Notfound
* @apiErrorExample {json}
* {status: 404, ref:"pagans",msg:"persondoesnotexist",data: { person } }
*
* @todo check accessright for req.session.header.xalias to see if jhe can get person data
* if req.param.alias == req.session.header.xalias => Owner
* else need accessright to on person set at R
* */
router.get("/person/:alias", checkHeaders, isAuthenticated, (req, res) => {
const getperson=Odmdb.r( `../nationchains/tribes/${req.session.header.xtribe}/objects/persons`,req.params.alias,{ xprofils: req.session.header.xprofils, xalias: req.session.header.xalias })
res.status(getperson.status).send(getperson);
});
/**
* @api {put} /pagans/person - person Put
* @apiName updateperson
* @apiGroup Pagans
* @apiDescription add or update a person = alias in a tribe. alias authenticated must have a profil with accessright into schema person.
* @apiHeader {string} xalias
* @apiParam {object} in line with schema in https://smatchit.io/api/odmdb/schema/persons
*
*/
router.put("/person", checkHeaders, isAuthenticated, (req, res) => {
//console.log(req.body);
const pathobj=`../nationchains/tribes/${req.session.header.xtribe}/objects/persons`;
const action = (fs.existsSync(`${pathobj}/itm/${req.body.alias}.json`))? "U":"C";
//set req.body to be in line with schema
if (!req.body.profils){
req.body.profils=["anonymous","pagans","persons"]
}
const personup = Odmdb.cud(pathobj, action, req.body, {xprofils:req.session.header.xprofils, xalias:req.session.header.xalias});
console.log('personup',personup)
res.status(personup.status).json(personup);
});
/**
* @api {get} /pagans/keyrecovery/tribe/email - recovery keys by email
* @apiName recoveryKey
* @apiGroup Pagans
* @apiDescription Send mails with all registers identities (one per alias where recoveryauth.email is register)
*
* @apiSuccess {object}
* @apiSuccessExample {json} Success-Response:
* HTTP/1.1 200 OK
* {"status":200, "ref":"Pagans", "msg":"recoveryemailsent", "data":{email,tribe,nbalias:'number of alias with this email', nbqent:'number of eamil sent must = nbalias'}}
*
* @apiError (404) {string} emailnotfound email does not exist for this tribe
* @apiErrorExample {json}
* {status: 404, ref:"pagans",msg:"emailnotfound",data: { tribe,email } }
*
*/
router.get("/keyrecovery/:tribe/:email", checkHeaders, (req, res) => {
const idxreco=`../../nationchains/tribes/${req.params.tribe}/objects/persons/idx/emailrecovery_alias.json`;
if (fs.existsSync(idxreco)){
const emailreco = fs.readJSONSync(idxreco);
if (emailreco[req.params.email]){
let sentemails=0;
emailreco[req.params.email].forEach(alias=>{
const ret = Pagans.sendmailkey({alias:alias,tribe:req.params.tribe,lg:req.session.header.xlang})
sentemails = (ret.status==200)? sentemails+1:sentemails;
})
return {status:200,ref:"Pagans",msg:"recoveryemailsent",data:{email:req.params.email,tribe:req.params.tribe,nbalias:emailreco[req.params.email].length, nbsent:sentemails}}
}else{
return {status:404,ref:"Pagans",msg:"emailnotfound",data:{tribe:req.params.tribe,email:req.params.email}}
}
}else{
return {status:404,ref:"Pagans",msg:"emailnotfound",data:{tribe:req.params.tribe,email:req.params.email}}
}
});
/**
* @api {get} /pagans/keyrecovery/tribe/alias - recovery keys by alias
* @apiName recoveryKey
* @apiGroup Pagans
* @apiDescription Send to email recovery if exist key files
*
* @apiSuccess {object}
* @apiSuccessExample {json} Success-Response:
* HTTP/1.1 200 OK
* {"status":200, "ref":"Pagans", "msg":"recoveryemailsent", "data":{email,tribe,nbalias:1, nbqent:1 or 0}}
*
* @apiError (404) {string} emailnotfound email does not exist for this tribe
* @apiErrorExample {json}
* {status: 404, ref:"pagans",msg:"emailnotfound",data: { tribe,email } }
*
*/
router.get("/keyrecovery/:tribe/:alias", checkHeaders, (req, res) => {
// a tester et revoir
const ret = Pagans.sendmailkey({alias:req.params.alias,tribe:req.params.tribe,lg:req.session.header.xlang})
if (ret.status==200){
return {status:200,ref:"Pagans",msg:"recoveryemailsent",data:{email:"",tribe:req.params.tribe,nbalias:1, nbsent:1}}
}else{
return {status:404,ref:"Pagans",msg:"emailnotfound",data:{tribe:req.params.tribe,email:req.params.email}}
}
});
module.exports = router;

32
routes/towns.js Executable file
View File

@@ -0,0 +1,32 @@
const express = require("express");
const path = require("path");
// Classes
const Towns = require("../models/Towns.js");
const Notifications = require("../models/Notifications.js");
// Middlewares
const checkHeaders = require("../middlewares/checkHeaders.js");
const isAuthenticated = require("../middlewares/isAuthenticated.js");
const router = express.Router();
/**
* @api {get} /towns/ownershipr/:alias - town owner change
* @apiName changeowner
* @apiGroup Towns
* @apiDescription Change owner (major role) of a town (server) after a first install or just to resale it. Only the current major can run this.
* @param {string} alias an alias that will become owner of a town
* @apiSuccess (object) ownerchangesuccess
* @apiSuccessExample {json}
* HTTP/1.1 200 OK
* {status:200, ref:"towns",msg:"ownerchangesuccess",data: { alias } }
* @apiError {object} aliasnotallow
* @apiErrorExample {json}
* HTTP/1.1 403 Forbidden
* {status:403,ref:"towns",msg:"aliasnotallow",data: { alias} }
*
**/
router.get("/changeowner/:alias",checkHeaders, isAuthenticated, (req, res) => {
res.send(Towns.changeowner(req.params.alias, req.session.header.xalias));
});
module.exports = router;

82
routes/trackings.js Normal file
View File

@@ -0,0 +1,82 @@
const express = require("express");
const glob = require("glob");
const fs = require("fs-extra");
const path = require("path");
const conf = require(`../../conf/townconf.json`);
const Odmdb = require("../models/Odmdb.js");
// Middlewares
const checkHeaders = require("../middlewares/checkHeaders");
const isAuthenticated = require("../middlewares/isAuthenticated");
const router = express.Router();
/**
* @api {get} https://dns.xx/trk/pathtofile? - tracking system
* @apiGroup Trackings
* @apiName trackingsystem
* @apiDescription
* without header:<br>
* <code>https://dns.xx/trk/pathtofile?alias=anonymous&uuid=1b506f71-1bff-416c-9057-cb8b86296f60&src=btnregister&version=1&lg=fr </code>
*
* with header<br>
* <code>https://dns.xx/trk/pathtofile?srckey=btnregister&version=1</code>
*
* where pathtofile is a ressource accessible from https://dns.xx/pathtofile
* html usage to track a loading page or email when a picture is load
* using apxwebapp in /src/ we got:
* <code> < img src="static/img/photo.jpg" data-trksrckey="loadpage" data-version="1" > </code>
*
* using html + apx.js (or at least with header {xalias,xuuid,xlang})
* <code>< img lazysrc="trk/static/img/photo.jpg data-trksrckey="loadpage" data-version="1" ></code>
*
* in js action:
*
* <code>
* <button></button>
* <a data-trksrckey="linktoblabla" href='https:..'
* onclick="apx.trackvisit("btnaction",1);actionfct();">
* </a>
* </code>
* #will hit an eventlistener<br>
* <code> axios.get("https://dns.xx/trk/cdn/empty.json?alias=anonymous&uuid=1b506f71-1bff-416c-9057-cb8b86296f60&srckey=btnregister&version=1");
* </code>
*
* #or if no js available (example:email or pdf document)<br>
* <code> < img src="https://dns.xx/trk/static/img/photo.jpg?alias=anonymous&uuid=1b506f71-1bff-416c-9057-cb8b86296f60&srckey=loadpage&version=1"</code>
*
* <code>
* <a href="https://dns.xx/trk/redirect?alias=anonymous&uuid=1b506f71-1bff-416c-9057-cb8b86296f60&srckey=loadpage&version=1&url=http://..."
* </code>
*
* will hit a tracker then redirect to url></a> *
*
*
*
* **if you use apx.js** : in html add in < button >, < img >, < a > tag data-trksrc="srckey"
* <code>
* < img src="https://dns.xx/static/img/photo.jpg" data-trkversion="1" data-trksrckey="registerform">
* < button data-trksrc="https://dns.xx/static/img/photo.jpg" data-trkversion="1" data-trksrckey="registerform">
* </code>
*
* Tracking log are store into tribe/logs/nginx/tribe_appname.trk.log
* Src have to be manage in tribe/api/models/lg/src_en.json
* <code>{"srckey":{
* "app":"presentation|app|apptest",
* "title":"",
* "description":""
* }
* }
* </code>
*
* @apiParam {String} alias=anonymous if authenticated we get from headers
* @apiParam {String} uuid a uuid v4 generate the first time a web page is open on a browser
* @apiParam {String} srckey source action that trig this get
* @apiParam {integer} version=1 can be an int, date or any version of the src
* @apiParam {integer} [tm] a timestamp of action when it is not immediate (for offline app)
*
*/
module.exports=router;

413
routes/tribes.js Executable file
View File

@@ -0,0 +1,413 @@
const express = require( 'express' );
const fs = require( 'fs-extra' );
const path = require( 'path' );
const glob = require('glob');
const conf = require(`../../conf/townconf.json`);
// Classes
const Tribes = require( '../models/Tribes.js' );
// Middlewares
const checkHeaders = require( '../middlewares/checkHeaders' );
const isAuthenticated = require( '../middlewares/isAuthenticated' );
const router = express.Router();
/**
* @api {get} /tribes/www/:tribeId - tribe list
* @apiName getlisttrib
* @apiDescription Get list of www object (space web)
* @apiGroup Tribes
*
* @apiParam {String} tribeId it identify an existing tribe*
* @apiSuccess (object) listwww contains folder name in www for tribeId
* @apiSuccessExample {json} listwww
* HTTP/1.1 200 OK
* {status:200,ref:"Tribes",msg:"listwww",data:{listwww}}
*/
router.get('www', checkHeaders,isAuthenticated,(req,res)=>{
let listwww=[]
glob.sync(`${conf.dirtown}/tribes/${req.params.tribeId}/www/*`).forEach(d=>{
listwww.push(d.split("/").pop())
})
res.status(200).json({status:200,ref:"Tribes",msg:"listwww",data:{listwww}})
})
//router.post('www/') to create a webspace
//router.put('www/:app') to update
//router.delete('www/:tribeId/:app)
router.post('/actionanonyme',checkHeaders,(req,res)=>{
if (!fs.existsSync(`${conf.dirtown}/tribes/${req.session.header.xtribe}/actions/${req.body.action}.js`)){
res.status(403).send({status:403,msg:"actionmissing",ref:"Tribes", data:{action:req.body.action,tribe:req.session.header.xtribe}})
}
const action = require(`${conf.dirtown}/tribes/${req.session.header.xtribe}/actions/${req.body.action}.js`)
const resaction= action.run(req.body,req.session.header);
res.status(resaction.status).send(resaction);
})
router.post('/action',checkHeaders,isAuthenticated,(req,res)=>{
})
router.get( '/clientconf/:tribeid', checkHeaders, isAuthenticated, ( req, res ) => {
/*
get a clientconf.json for a tribeid depending of user accessright
if tribeid == all and user is admin of apxtri => get /tmp/clientconfglob.json
req.session.header.accessrights, req.session.header.apixpaganid
*/
console.log( `Tribes/clientconf for tribeid:${req.params.tribeid}` )
if( req.params.tribeid == "all" && req.session.header.accessrights.data.apxtri && req.session.header.accessrights.data.apxtri.tribeid && req.session.header.accessrights.data.apxtri.tribeid.includes( 'R' ) ) {
res.status( 200 )
.send( { moreinfo: fs.readJsonSync( `${config.tmp}/clientconfglob.json`, 'utf-8' ) } );
return;
}
if( req.session.header.accessrights.data[ req.params.tribeid ] &&
req.session.header.accessrights.data[ req.params.tribeid ].tribeid &&
req.session.header.accessrights.data[ req.params.tribeid ].tribeid.includes( 'R' ) &&
fs.existsSync( `${config.tribes}/${req.params.tribeid}/clientconf.json` ) ) {
// const conftribeid = { moreinfo: {} }
// conftribeid.moreinfo[ req.params.tribeid ] = fs.readJsonSync( `${config.tribes}/${req.params.tribeid}/clientconf.json`, 'utf-8' );
res.status( 200 )
.send( { moreinfo: [ fs.readJsonSync( `${config.tribes}/${req.params.tribeid}/clientconf.json`, 'utf-8' ) ] } );
return;
}
// if not authorized or dos not exist return empty
// no specific message is send for security reason (check only log)
res.status( 403 )
.send( { info: [ 'forbidenAccess' ], models: 'Tribes' } )
.end();
} )
router.put( '/', checkHeaders, isAuthenticated, ( req, res ) => {
console.log( 'Create a new tribeid, with a useradmin' )
console.log( ' send data = clientconf.json with all parameter.' )
// !!!!! check for security any ; \n or so because data can be used into shell
const add = Tribes.create( req.body );
res.status( add.status )
.send( add.payload )
} )
router.delete( '/archivetribeid/:tribeid', checkHeaders, isAuthenticated, ( req, res ) => {
console.log( "request archive tribeid" )
const archive = Tribes.archive( req.params.tribeid );
res.status( archive.status )
.send( archive.payload )
} );
router.post( '/spaceweb', checkHeaders, isAuthenticated, ( req, res ) => {
// !!!!! check for security any ; \n or so because data can be used into shell
console.log( 'Create a new webapp for xworkon ' )
req.body.tribeid = req.session.header.xworkon;
const add = Tribes.addspaceweb( req.body )
res.status( add.status )
.send( add.payload )
} )
router.get( '/spaceweb/components/:tribeid/:website/:key', checkHeaders, ( req, res ) => {
// check if key is valid before continue
// exemple: get Tribes/spaceweb/components/ndda/mesa/123?rep=appmesatable/appsimpletable.mustache
const file = `${config.tribes}/${req.params.tribeid}/spacedev/${req.params.website}/src/ctatic/components/${req.query.path}`
console.log( `Request components file from ${file}` )
if( fs.existsSync( file ) ) {
res.sendFile( file );
} else {
res.send( `console.error("Missing components file in ${req.params.tribeid}/spacedev/${req.params.website}/src/ctatic/components/${req.query.path}");` );
}
} )
router.get( '/plugins/:tribeid/:pluginname/:key/:filename', ( req, res ) => {
// No accessright possible cause it is load on the fly
// @todo Check key to authorize access to the plugin (key comme from user ACCESSRIGHTS[tribeid plugin owner:pluginname]).key
// return a file into /:tribeid owner of plugin/plugins/:pluginname/components/:filename
// if not exist or invalid key then return console.error
const file = `${config.tribes}/${req.params.tribeid}/plugins/${req.params.pluginname}/components/${req.params.filename}`
console.log( 'Tribes/plugins/ ', file )
if( fs.existsSync( file ) ) {
res.sendFile( file );
} else {
res.send( `console.error("Missing plugin file in ${req.params.tribeid}/plugins/${req.params.pluginname}/components/${req.params.filename}");` );
}
} );
router.get( '/dirls', checkHeaders, isAuthenticated, ( req, res ) => {
// url /Tribes/dirls?rep=referentials/dataManagement
// request information about a req.query.rep from header xworkon/
// return
// {file:[{}],dir:[{}]}
// @todo check if isAuthorized and exist
console.log( 'request dirls', `${config.tribes}/${req.session.header.xworkon}/${req.query.rep}` );
if( !fs.existsSync( `${config.tribes}/${req.session.header.xworkon}/${req.query.rep}` ) ) {
res.status( 404 )
.send( { 'info': [ 'dirnotexist' ], model: 'Tribes' } );
}
const info = Tribes.dirls( req.session.header.xworkon, req.query.rep );
console.log( info )
res.status( info.status )
.send( info.payload );
} )
router.delete( '/ls', checkHeaders, isAuthenticated, ( req, res ) => {
// check Accessright with D or O on each
// url /Tribes/ls
// req.body.files=[listfiles file to delete ]
const authfiles = Tribes.checkaccessfiles( req.body, 'D', req.session.header.accessrights, req.session.header.apixpaganid );
authfiles.ok.forEach( f => { fs.remove( `${config.tribes}/${f}` ); } )
res.status( 200 )
.send( { 'info': [ 'fileauthdeleted' ], models: 'Tribes', moreinfo: authfiles } )
} );
router.put( '/sendjson', checkHeaders, isAuthenticated, ( req, res ) => {
//req.body = {object:spacedev, path:website/src/data/tpldataname_lg.json, data:{...}}
//console.log( req.body )
const dest = `${config.tribes}/${req.session.header.xworkon}/${req.body.object}/${req.body.path}`;
console.log( `Send json to saved to ${dest}` );
if( !( req.body.object && fs.existsSync( `${config.tribes}/${req.session.header.xworkon}/${req.body.object}` ) ) ) {
res.status( '404' )
.send( { info: [ 'objectmissiong' ], models: 'Tribes', moreinfo: `object: ${req.body.object} does not exist req.body must {object, data, path} into data ${req.session.header.xworkon}/${req.body.object}` } )
} else {
if( fs.existsSync( `${config.tribes}/${req.session.header.xworkon}/${req.body.object}/${req.body.path}` ) ) {
// exist so can be update check accessright update on this
//A REVOIR hasAccessrighton( req.body.object, "U" );
} else {
// AREVOIRhasAccessrighton( req.body.object, "C" );
}
fs.outputJsonSync( dest, req.body.data );
res.status( 200 )
.send( { info: [ 'filesaved' ], models: 'Tribes' } )
}
} );
router.post( '/downloadls', checkHeaders, isAuthenticated, ( req, res ) => {
// midlleware hasAccessrighton.js is not apply here only to access/update/create information inside an object
// to get file a user need accessrights to data: object: R or to Own it
// or if exist a .info.json into folder get shared as R in uuid
//req.body contain list of path file or folder if only 1 file then download it, otherwise zip list and send zip file
const authfiles = Tribes.checkaccessfiles( req.body.files, 'R', req.session.header.accessrights, req.session.header.xpaganid );
if( authfiles.ok.length == 1 ) {
// bidouille en attendnat de faire un .zip binaire propre
if( !authfiles.ok[ 0 ].includes( '.xml' ) ) {
res.status( 200 )
.download( `${config.tribes}/${authfiles.ok[0]}`, authfiles.ok[ 0 ] );
} else {
fs.copySync( `${config.tribes}/${authfiles.ok[0]}`, `${config.tribes}/${config.mayorId}/www/app/webapp/static/tmp/${authfiles.ok[ 0 ]}` )
}
} else if( authfiles.ok.length > 1 ) {
// on zip et on envoie
//res.status( 200 )
// .download( `${config.tribes}/${authfiles.ok[0]}`, authfiles.ok[ 0 ])
res.status( 200 )
.attachment( `${config.tribes}/${authfiles.ok[0]}` );
} else {
req.body.filepon
res.status( 403 )
.send( 'Forbidden access' )
}
} );
router.post( '/upfilepond', checkHeaders, isAuthenticated, ( req, res ) => {
console.log( 'post /Tribes/uploadfilepond' );
// Store file and return a unique id to save button
// that provide folder where to store it
const formidable = require( 'formidable' );
const form = formidable( { multiples: false } );
form.parse( req, ( err, fields, files ) => {
if( err ) { next( err ); return; }
//console.log( 'fields',fields);
// fileMetadaObject send
let context = JSON.parse( fields.filepond );
let idfile = files.filepond.path;
let name = files.filepond.name;
let subfolder = context.subfolder;
name = name.replace( /[ ,'"]/g, "_" );
//console.log( 'files.filepond:', files.filepond );
console.log( idfile, `${config.tribes}/${req.session.header.xworkon}/www/${subfolder}/${name}` )
// On le supprime s'il existe deja
fs.removeSync( `${config.tribes}/${req.session.header.xworkon}/www/${subfolder}/${name}` );
// mv tmp
fs.moveSync( idfile, `${config.tribes}/${req.session.header.xworkon}/www/${subfolder}/${name}` );
//res.status(200).send({models:"Tribes",info:["Savedsuccess"],moreinfo:{id:file.filepond.path}})
//return for filepond
res.writeHead( 200, { 'Content-Type': 'text/plain' } );
res.end( idfile );
} )
} );
router.delete( '/file', checkHeaders, isAuthenticated, ( req, res ) => {
//src = objectfolder with accessright/...
//hasAccessrighton( "www", "D" ),
if( !req.query.src ) {
res.status( 404 )
.send( { info: [ 'deleteerror' ], models: "Tribes", moreinfo: "your del req need a src" } )
return;
};
// A REVOIR hasAccessrighton( req.query.src.split( '/' )[ 0 ], "D" );
console.log( 'Remove file', `${config.tribes}/${req.session.header.xworkon}/${req.query.src}` )
console.log( req.body )
fs.removeSync( `${config.tribes}/${req.session.header.xworkon}/${req.query.src}` );
res.status( 200 )
.send( { info: [ 'Successfullremove' ], models: "Tribes" } )
} );
router.post( '/uploadfile', checkHeaders, isAuthenticated, ( req, res ) => {
console.log( 'upload a file ' )
/* Authentification is needed to get a TOKEN
curl -X POST -H "xtribe: apxtri" -H "xworkon: pvmsaveurs" -H "xlang: fr" -H "xpaganid: 1" -H "xauth: 1" -H "xapp: pvmsaveurs:pvmsaveurs" -H "Content-Type: application/json" -d '{"LOGIN":"adminapxtri","PASSWORD":"Trze3aze!"}' http://pvmsaveurs.pvmsaveurs.fr/app/users/login
if exist replace xpaganidTOKEN with payload.TOKEN value
curl -H "xtribe: pvmsaveurs" -H "xworkon: pvmsaveurs" -H "xlang: fr" -H "xpaganid: adminapxtri" -H "xauth: xpressuuisToken" -H "xapp: pvmsaveurs:pvmsaveurs" -F 'data=@filename.xx' http://pvmsaveurs.pvmsaveurs.fr/app/Tribes/uploadfile
*/
const formidable = require( 'formidable' );
const form = formidable( { multiples: false } );
form.parse( req, function ( err, fields, files ) {
//console.log( files.data )
var oldPath = files.data.path;
var newPath = `${config.tribes}/${req.session.header.xworkon}/${clientconf.uploadzip[files.data.name].dest}`;
console.log( 'oldPath', oldPath )
console.log( 'newPath', newPath )
var rawData = fs.readFileSync( oldPath )
fs.outputFile( newPath, rawData, function ( err ) {
if( err ) {
console.log( err );
return res.status( 405 )
.send( { info: [ 'savederror' ], models: "Tribes", moreinfo: "your file was not able to be saved into the server" } )
} else {
return res.status( 200 )
.send( {
info: [ "successfullsent" ],
models: "Tribes"
} );
}
} )
} );
} );
router.post( '/uploadzip', checkHeaders, ( req, res ) => {
console.log( 'uploadzip a file ' )
/* no authentification to upload a zip filename into /tribes/${xworkon}/${clientconf.uploadzip[filename].dest}
unzip it using the password ${clientconf.uploadzip[filename].psw
if no error then run the callback ${clientconf.uploadzip[filename].callback
but a password to unzip
in clientconf.json need to be set
"uploadzip": {
"articlesTribespvm.zip": {
"comment": "unzip with overwrite if same name",
"psw": "azPI1209qtrse",
"dest": "importexport/tmp",
"unzipoption": "-aoa",
"callback": "importexport/integrationitem.js"
}
},
Example:
cd where zip file is stored
curl -H "xtribe: pvmsaveurs" -H "xworkon: pvmsaveurs" -H "xlang: fr" -H "xpaganid: adminapxtri" -H "xauth: 1" -H "xapp: pvmsaveurs:pvmsaveurs" -F 'data=@articlesTribespvm.zip' http://pvmsaveurs.pvmsaveurs.fr/app/Tribes/uploadzip
*/
const clientconf = fs.readJSONSync( `${config.tribes}/${req.session.header.xworkon}/clientconf.json` )
if( !clientconf.uploadzip ) {
return res.status( '404' )
.send( { info: [ "missconf" ], models: "Tribes", moreinfo: `no uploadzip in clientconf for ${req.session.header.xworkon} please contact apxtri admin ` } );
};
const uploadzip = clientconf.uploadzip;
const formidable = require( 'formidable' );
const form = formidable( { multiples: false } );
form.parse( req, function ( err, fields, files ) {
//console.log( files.data )
var oldPath = files.data.path;
if( !Object.keys( clientconf.uploadzip )
.includes( files.data.name ) ) {
return res.status( 403 )
.send( { info: [ "notAllowed" ], models: "Tribes", moreinfo: `file ${files.data.name} not allowed to be upload` } )
} else {
console.log( "context:", clientconf.uploadzip[ files.data.name ] )
var newPath = `${config.tribes}/${req.session.header.xworkon}/${clientconf.uploadzip[files.data.name].dest}`;
//console.log( 'oldPath', oldPath )
//console.log( 'newPath', `${newPath}/${files.data.name}` )
fs.moveSync( oldPath, `${newPath}/${files.data.name}`, { overwrite: true } );
const cp = require( 'child_process' );
//console.log( `7z e -p${clientconf.uploadzip[ files.data.name ].psw} ${newPath}/${files.data.name}` );
console.log( '7z', [ 'e', `-p${clientconf.uploadzip[ files.data.name ].psw}`, `${newPath}/${files.data.name}`, `-o${config.tribes}/${req.session.header.xworkon}/${clientconf.uploadzip[ files.data.name ].dest}`, clientconf.uploadzip[ files.data.name ].unzipoption ] );
var newFiles = cp.spawnSync( '7z', [ 'e', `-p${clientconf.uploadzip[ files.data.name ].psw}`, `${newPath}/${files.data.name}`, `-o${config.tribes}/${req.session.header.xworkon}/${clientconf.uploadzip[ files.data.name ].dest}`, clientconf.uploadzip[ files.data.name ].unzipoption ] );
console.log( newFiles.output.toString() )
if( newFiles.output.toString()
.includes( 'Everything is Ok' ) ) {
if( clientconf.uploadzip[ files.data.name ].callback ) {
const integ = require( `${config.tribes}/${req.session.header.xworkon}/${clientconf.uploadzip[files.data.name].callback}` )
.run();
console.log( 'integration', integ )
return res.status( integ.status )
.send( integ.payload );
} else {
return res.status( 200 )
.send( {
info: [ "successfullsent" ],
models: "Tribes"
} );
}
} else {
return res.status( 400 )
.send( {
info: [ "zipfileerror" ],
models: "Tribes",
moreinfo: newFiles.output.toString()
} )
}
}
} )
} );
router.post( '/upload', checkHeaders, isAuthenticated, ( req, res ) => {
1 // ACHANGER VIA usage sendjson
// url /Tribes/upload?save=tmp&rep=referentials/dataManagement
// if save=tmp then store in a tmp file
// if save=ok then mv the tmp file to the folder
// midlleware hasAccessrighton.js is not apply here only to access/update/create information inside an object
// to upload a file a user need accessrights to data: object: C or to Own it
// or if dir.file exist a .info.json into folder get shared as C in uuid accessright
/*
to add in front
<form action="/upload" method="POST" enctype="multipart/form-data">
<input type="file" name="file"/>
<input type="submit" value="upload"/>
</form>
*/
console.log( 'Envoie image' )
console.log( 'body', req.body );
console.log( 'params', req.params );
//const authfolder = Tribes.checkaccessfiles( req.params.rep, 'C', req.session.header.accessrights, req.session.header.xpaganid );
// cheack autorisation to create or replace a file for this accessrights user
const authfolder = { ok: "tt" }
if( authfolder.ok ) {
if( req.params.save == 'file' ) {
if( fs.existsSync( req.body.filepond ) ) {
fs.mv( req.body.filepond, req.params.rep );
}
};
// voir si c'est toujours pertinent car upload est géré par filepond pour les image
if( req.params.save == 'upload' ) {
const form = formidable( { multiples: false } );
form.parse( req, ( err, fields, files ) => {
if( err ) { next( err ); return; }
let thefile = files.filebond.path;
fs.outputFileSync()
console.log( 'thefile:' + thefile );
res.writeHead( 200, { 'Content-Type': 'text/plain' } );
res.end( theFile );
} )
}
} else {
res.status( 403 )
.send( 'forbiden access' );
}
} );
/*
Manage tribeid into /data/tribee/tribeid
client space dedicated
@Todo
clientconfglob copy cut from Referentials.clientconfglob
clientconf.json copy cut from Referentials.clientconf
list of tribeid copy cut from Referentials.
Add a tribeid
update clientconf
*/
module.exports = router;

19
routes/wwws.js Normal file
View File

@@ -0,0 +1,19 @@
const express = require("express");
const path = require("path");
// Classes
const Wwws = require("../models/Wwws.js");
// Middlewares
const checkHeaders = require("../middlewares/checkHeaders");
const isAuthenticated = require("../middlewares/isAuthenticated");
const router = express.Router();
// GET api/wwws/conf/:tribeId/:website
// if profils accessright return the nginx conf in ${conf.dirtown}/tribes/${req.param.tribeId}/www/nginx_${req.params.tribeId}_${req.params.website}.conf
router.get("/conf/:tribeId/:website", checkHeaders, isAuthenticated, (req, res) => {
res.send(Www.configlist(req.params.tribeId));
});
router.post("/conf/:tribeId/:website", checkHeaders, isAuthenticated, (req, res) => {
res.send(Wwws.create(req.params.tribeId));
});
module.exports = router;