diff --git a/models/Odmdb.js b/models/Odmdb.js
index 89cfecb..f784e1d 100644
--- a/models/Odmdb.js
+++ b/models/Odmdb.js
@@ -338,6 +338,16 @@ Odmdb.Schema = (objectPathname, validschema, lg = "en") => {
}
if (res.data.schema.apxidx) {
//add apxidx to apxuniquekey in case not
+
+ if (!res.data.schema.apxuniquekey) {
+ return {
+ status: 406,
+ ref: "Odmdb",
+ msg: "missingapxuniquekey",
+ data: {},
+ };
+ }
+
if (!res.data.schema.apxuniquekey.includes(res.data.schema.apxid)) {
res.data.schema.apxuniquekey.push(res.data.schema.apxid);
}
@@ -639,7 +649,7 @@ Odmdb.cud = (objectPathname, crud, itm, role, runindex = true) => {
}
if (!existid && ["U", "D"].includes(crud)) {
return {
- status: 406,
+ status: 404,
ref: "Odmdb",
msg: "doesnotexist",
data: {
@@ -668,7 +678,12 @@ Odmdb.cud = (objectPathname, crud, itm, role, runindex = true) => {
getschema.data.schema.apxaccessrights,
role
);
+
if (log) console.log(currentmod, "Accessright to: ", accessright);
+ if (getschema.data.schema.apxaccessrights.contextrules) {
+ //Need to check context to validate accessright
+ //require('../../')
+ }
if (
(crud == "C" && !accessright.C) ||
(crud == "D" && !accessright.D) ||
@@ -683,6 +698,7 @@ Odmdb.cud = (objectPathname, crud, itm, role, runindex = true) => {
};
}
//delete or save
+
if (crud == "D") {
itmold["dt_delete"] = dayjs().toISOString();
fs.outputJSONSync(
@@ -703,11 +719,38 @@ Odmdb.cud = (objectPathname, crud, itm, role, runindex = true) => {
if (keynotallow.length > 0) {
feedbackinfo.keynotallow = keynotallow;
}
- accessright.U.forEach((p) => {
+ accessright.U.forEach(async (p) => {
itmtostore[p] = itm[p];
});
itmtostore.dt_update = dayjs().toISOString();
}
+ Object.keys(itmtostore).forEach((k) => {
+ //Manage base64 case image to convert ans store in webp
+ if (k.includes("imgbase64_") && itmtostore[k] != "") {
+ fs.ensureDirSync(`${objectPathname}/img/`);
+ const imgb64 = itmtostore[k];
+ const extension = imgb64.split(";base64,")[0].split("/")[1];
+ const newk = k.split("_").slice(1).join("_");
+ const filenameimg = `/img/${
+ itmtostore[getschema.data.schema.apxid]
+ }_${newk}.${extension}`;
+ if (!getschema.data.schema.properties[newk]) {
+ if (log)
+ console.log(
+ currentmod,
+ " Check your schema it miss a propertie because imgbase64_blabla must have a blabla propertie to host the pathfile image"
+ );
+ } else {
+ const objectname = objectPathname.split("/").slice(-1)[0];
+ itmtostore[newk] = `${objectname}/${filenameimg}`;
+ //const webp = require("webp-converter");
+ const buf = Buffer.from(itmtostore[k], 'base64');
+ //const imgwebp = await webp.bufferToWebp(buf);
+ fs.writeFileSync(`${objectPathname}/${filenameimg}`, buf);
+ itmtostore[k] = "";
+ }
+ }
+ });
if (crud == "C") itmtostore.dt_create = dayjs().toISOString();
// check consistency of datatostore
const chkdata = Checkjson.schema.data(
diff --git a/models/Pagans.js b/models/Pagans.js
index 177f914..4a7bfbe 100644
--- a/models/Pagans.js
+++ b/models/Pagans.js
@@ -112,6 +112,14 @@ Pagans.sendmailkey = (data) => {
data: { alias:data.alias, tribe:data.tribe },
};
}
+ if (!persondata.recoveryauth){
+ return {
+ status:404,
+ ref:"Pagans",
+ msg:"personhasnorecoveryauth",
+ data:{alias:data.alias, tribe:data.tribe,email:data.email}
+ }
+ }
const persondata= fs.readJsonSync(personfile);
person.email = persondata.recoveryauth.email;
person.publickey = persondata.recoveryauth.publickey;
diff --git a/routes/odmdb.js b/routes/odmdb.js
index d5060ed..0e60ead 100644
--- a/routes/odmdb.js
+++ b/routes/odmdb.js
@@ -327,19 +327,21 @@ router.put(
* {"status":404,"ref":"Odmdb","msg":"see nationchains/model/lg/Odmdb_xx.json","data":"object to render with msg"}
*
*/
-router.put(
- "/itm/:tribe/:objectname",
+router.delete(
+ "/itm/:tribe/:objectname/:apxid/:primaryid",
checkHeaders,
isAuthenticated,
(req, res) => {
// Create an item of an object with no specificities
// if specificities then create a route / model that import odmdb
const objectPathname = `../../${req.params.tribe}/objects/${req.params.objectname}`;
- const postitm = Odmdb.cud(objectPathname, "U", req.body, {
+ const itmtoremove={}
+ itmtoremove[req.params.apxid]=req.params.primaryid;
+ const delitm = Odmdb.cud(objectPathname, "D", itmtoremove, {
xprofils: req.session.header.xprofils,
xalias: req.session.header.xalias,
});
- res.status(postitm.status).json(postitm);
+ res.status(delitm.status).json(delitm);
}
);
diff --git a/routes/pagans.js b/routes/pagans.js
index 84eefb5..08e6ade 100755
--- a/routes/pagans.js
+++ b/routes/pagans.js
@@ -139,14 +139,12 @@ router.post("/", checkHeaders, isAuthenticated, async (req, res) => {
emailregex.test(req.body.email)
)
) {
- res
- .status(400)
- .json({
- status: 400,
- ref: "Pagans",
- msg: "emailerr",
- data: { email: req.body.email },
- });
+ res.status(400).json({
+ status: 400,
+ ref: "Pagans",
+ msg: "emailerr",
+ data: { email: req.body.email },
+ });
return;
}
const objpagan = { alias: req.body.alias, publickey: req.body.publickey };
@@ -329,12 +327,14 @@ router.get("/person/:alias", checkHeaders, isAuthenticated, (req, res) => {
* @api {put} /api/adminapi/pagans/person/:tribe - person Put
* @apiName updateperson
* @apiGroup Pagans
- * @apiDescription add or update a person = alias in tribe. xalias authenticated (in header) must have a profil with accessright into schema person to create a person.
+ * @apiDescription add a person = alias in tribe. xalias must be authenticated. This end point have to be use the first time a person is create then use item Update PUT /api/adminapi/odmdb/itm/:tribe/persons.
This endpoint is the only way to change profils of a person by itself (authenitcated alias = person.alias) and can be done only with req.body.addprofils req.body.removeprofils.
* @apiHeader {string} xhash authenthicate hash with current user keys
* @apiHeader {string} xalias current user
* @apiHeader {string} xprofils profil list
- * @apiParam {object} schema:persons https://dnstribe/tribe/schema/persons.json
- *
+ * @apiParam {string} tribe an existing tribe
+ * @apiBody {object} schema:persons https://dnstribe/tribe/schema/persons.json
+ * @apiBody {string} [addprofils] must be alone no other Body field
+ * @apiBody {string} [removeprofils] must be alone
*/
router.put("/person/:tribe", checkHeaders, isAuthenticated, (req, res) => {
//console.log(req.body);
@@ -344,24 +344,34 @@ router.put("/person/:tribe", checkHeaders, isAuthenticated, (req, res) => {
: "C";
//set req.body to be in line with schema
if (
- action=="U" && req.body.addprofils &&
- ["seekers", "recruiters", "interviewers"].includes(req.body.addprofils)
+ action == "U" &&
+ ((req.body.addprofils &&
+ ["seekers", "recruiters", "interviewers"].includes(
+ req.body.addprofils
+ )) ||
+ (req.body.removeprofils &&
+ ["seekers", "recruiters", "interviewers"].includes(
+ req.body.removeprofils
+ )))
) {
const person = fs.readJsonSync(`${pathobj}/itm/${req.body.alias}.json`);
if (!person.profils.includes(req.body.addprofils)) {
- person.profils.push(req.body.addprofils);
+ if (req.body.addprofils) {
+ person.profils.push(req.body.addprofils);
+ }
+ if (req.body.removeprofils) {
+ //@todo
+ }
}
- person.dt_update= dayjs().toISOString();
- fs.outputJSONSync(`${pathobj}/itm/${req.body.alias}.json`,person);
- console.log(person)
- res
- .status(200)
- .json({
- status: 200,
- ref: "Pagans",
- msg: "profilupdate",
- data: { alias:person.alias, profils: person.profils },
- });
+ person.dt_update = dayjs().toISOString();
+ fs.outputJSONSync(`${pathobj}/itm/${req.body.alias}.json`, person);
+ //console.log(person)
+ res.status(200).json({
+ status: 200,
+ ref: "Pagans",
+ msg: "profilupdate",
+ data: { alias: person.alias, profils: person.profils },
+ });
}
if (!req.body.addprofils) {
if (!req.body.profils) {
@@ -433,23 +443,19 @@ router.post("/keyrecovery", checkHeaders, (req, res) => {
});
if (emailist.length > 0) {
- res
- .status(200)
- .json({
- status: 200,
- ref: "Pagans",
- msg: "recoveryemailsent",
- data: { numberemailsent: emailist.length },
- });
+ res.status(200).json({
+ status: 200,
+ ref: "Pagans",
+ msg: "recoveryemailsent",
+ data: { numberemailsent: emailist.length },
+ });
} else {
- res
- .status(404)
- .json({
- status: 404,
- ref: "Pagans",
- msg: "recoveryemailnotfound",
- data: { tribe: req.body.tribe },
- });
+ res.status(404).json({
+ status: 404,
+ ref: "Pagans",
+ msg: "recoveryemailnotfound",
+ data: { tribe: req.body.tribe },
+ });
}
});
diff --git a/routes/wwws.js b/routes/wwws.js
index 7544f35..c0872ff 100644
--- a/routes/wwws.js
+++ b/routes/wwws.js
@@ -29,7 +29,7 @@ router.post(
/**
- * @api {get} /api/adminapi/wwws/updatelocaldbanonymous/:tribe/:appname/:pagename/:version - Get app data model for anonymous only
+ * @api {get} /adminapi/wwws/updatelocaldbanonymous/:tribe/:appname/:pagename/:version - Get app data model for anonymous only
* @apiGroup Wwws
* @apiName getappcontextforanonymous
* @apiDescription Get data base from backend to localstorage for anonymous (see Get app data model)
@@ -60,7 +60,7 @@ router.get(
);
/**
- * @api {get} /api/adminapi/wwws/updatelocaldb/:tribe/:appname/:pagename/:version - Get app data model
+ * @api {get} /adminapi/wwws/updatelocaldb/:tribe/:appname/:pagename/:version - Get app data model
* @apiGroup Wwws
* @apiName getappcontext
* @apiDescription Get data base from backend to localstorage for authenticated user