diff --git a/models/Odmdb.js b/models/Odmdb.js
index 47228a3..89cfecb 100644
--- a/models/Odmdb.js
+++ b/models/Odmdb.js
@@ -427,7 +427,7 @@ Odmdb.search = (objectPathname, objsearch, role) => {
role.xprofils = role.xprofils.filter((e) => e !== "owner");
}
objsearch.fields.forEach((f) => {
- if (accessright.R.length==0 || accessright.R.includes(f)) {
+ if (accessright.R.length == 0 || accessright.R.includes(f)) {
ifields[f] = itm[f];
} else {
//ifields[f] = "unauthorized";
@@ -566,7 +566,7 @@ Odmdb.accessright = (apxaccessrights, role) => {
//if (log) console.log(currentmod,"apxaccessrights",apxaccessrights)
//if (log) console.log(currentmod,"role",role)
const accessright = {};
- console.log()
+ console.log();
role.xprofils.forEach((p) => {
if (apxaccessrights[p]) {
Object.keys(apxaccessrights[p]).forEach((act) => {
@@ -649,6 +649,7 @@ Odmdb.cud = (objectPathname, crud, itm, role, runindex = true) => {
},
};
}
+ const feedbackinfo = {};
const itmold = existid
? fs.readJSONSync(
`${objectPathname}/itm/${itm[getschema.data.schema.apxid]}.json`
@@ -667,7 +668,7 @@ Odmdb.cud = (objectPathname, crud, itm, role, runindex = true) => {
getschema.data.schema.apxaccessrights,
role
);
-
+ if (log) console.log(currentmod, "Accessright to: ", accessright);
if (
(crud == "C" && !accessright.C) ||
(crud == "D" && !accessright.D) ||
@@ -696,6 +697,12 @@ Odmdb.cud = (objectPathname, crud, itm, role, runindex = true) => {
let itmtostore = itm;
if (crud == "U" && accessright.U.length > 0) {
itmtostore = itmold;
+ const keynotallow = Object.keys(itm).filter(
+ (el) => !accessright.U.includes(el)
+ );
+ if (keynotallow.length > 0) {
+ feedbackinfo.keynotallow = keynotallow;
+ }
accessright.U.forEach((p) => {
itmtostore[p] = itm[p];
});
@@ -736,7 +743,7 @@ Odmdb.cud = (objectPathname, crud, itm, role, runindex = true) => {
status: 200,
ref: "Odmdb",
msg: "cudsuccessfull",
- data: {},
+ data: feedbackinfo,
};
};
/**
diff --git a/routes/pagans.js b/routes/pagans.js
index 49f5f94..84eefb5 100755
--- a/routes/pagans.js
+++ b/routes/pagans.js
@@ -1,6 +1,6 @@
const express = require("express");
const fs = require("fs-extra");
-const dayjs=require('dayjs');
+const dayjs = require("dayjs");
const path = require("path");
// Classes
const Pagans = require("../models/Pagans.js");
@@ -56,7 +56,7 @@ router.get("/alias/:alias", (req, res) => {
*
*/
router.get("/logout", checkHeaders, isAuthenticated, (req, res) => {
- if (log) console.log(currentmod,"Logout:",req.session.header);
+ if (log) console.log(currentmod, "Logout:", req.session.header);
const logout = Pagans.logout(
req.session.header.xalias,
req.session.header.xtribe,
@@ -93,7 +93,7 @@ router.get("/isauth", checkHeaders, isAuthenticated, (req, res) => {
});
});
// @a pi Body {object} schema:pagans /nationchains/schema/pagans.json
-
+
/**
* @api {post} /api/adminapi/pagans - pagan Post
* @apiName addpagan
@@ -125,38 +125,55 @@ router.get("/isauth", checkHeaders, isAuthenticated, (req, res) => {
*
*/
router.post("/", checkHeaders, isAuthenticated, async (req, res) => {
- if (log) console.log(currentmod,"post with", req.body);
+ if (log) console.log(currentmod, "post with", req.body);
const role = {
xalias: req.session.header.xalias,
xprofils: req.session.header.xprofils,
};
const emailregex =
- /^(([^<>()[\]\\.,;:\s@\"]+(\.[^<>()[\]\\.,;:\s@\"]+)*)|(\".+\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;
- if (!(req.body.trustedtribe && req.body.email && emailregex.test(req.body.email) )) {
- res.status(400).json({status:400,ref:"Pagans",msg:"emailerr", data:{email:req.body.email}})
- return
+ /^(([^<>()[\]\\.,;:\s@\"]+(\.[^<>()[\]\\.,;:\s@\"]+)*)|(\".+\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;
+ if (
+ !(
+ req.body.trustedtribe &&
+ req.body.email &&
+ emailregex.test(req.body.email)
+ )
+ ) {
+ res
+ .status(400)
+ .json({
+ status: 400,
+ ref: "Pagans",
+ msg: "emailerr",
+ data: { email: req.body.email },
+ });
+ return;
}
const objpagan = { alias: req.body.alias, publickey: req.body.publickey };
- console.log(path.resolve(`../objects/pagans`))
+ console.log(path.resolve(`../objects/pagans`));
const newpagan = Odmdb.cud(`../objects/pagans`, "C", objpagan, role);
- const createprocess={status:200, ref:"Pagans", msg:"successfulcreate",data:{alias:req.body.alias}};
+ const createprocess = {
+ status: 200,
+ ref: "Pagans",
+ msg: "successfulcreate",
+ data: { alias: req.body.alias },
+ };
if (newpagan.status == 200) {
if (req.body.email) {
const emailsent = await Pagans.sendmailkey({
- alias: req.body.alias,
- privatekey: req.body.privatekey,
- tribe: req.session.header.xtribe,
- passprhase: req.body.passphrase,
- publickey: req.body.publickey,
- email: req.body.email,
- lg: req.session.header.xlang
- }
- );
- createprocess.data.emailsent = (emailsent.status == 200);
- createprocess.data.email=req.body.email
- createprocess.data.tribe=req.session.header.xtribe;
- if (emailsent.status!=200) {
- console.log("pagans err to send email emailsent: ",emailsent)
+ alias: req.body.alias,
+ privatekey: req.body.privatekey,
+ tribe: req.session.header.xtribe,
+ passprhase: req.body.passphrase,
+ publickey: req.body.publickey,
+ email: req.body.email,
+ lg: req.session.header.xlang,
+ });
+ createprocess.data.emailsent = emailsent.status == 200;
+ createprocess.data.email = req.body.email;
+ createprocess.data.tribe = req.session.header.xtribe;
+ if (emailsent.status != 200) {
+ console.log("pagans err to send email emailsent: ", emailsent);
createprocess.data.emailerror = emailsent.data.err;
}
}
@@ -164,7 +181,7 @@ router.post("/", checkHeaders, isAuthenticated, async (req, res) => {
const persondata = {
alias: req.body.alias,
owner: req.body.alias,
- profils: ["anonymous","pagans", "persons"],
+ profils: ["anonymous", "pagans", "persons"],
recoveryauth: {
email: req.body.email,
privatekey: req.body.privatekey,
@@ -172,18 +189,28 @@ router.post("/", checkHeaders, isAuthenticated, async (req, res) => {
passphrase: req.body.passphrase,
},
};
- const personup = Odmdb.cud(`../../${req.body.trustedtribe}/objects/persons`, "C", persondata, {xprofils:["anonymous","pagans"],xalias:req.body.alias});
- if (log) console.log(currentmod,'person create',personup)
- if (personup.status==200){
- createprocess.data.createperson=true;
- }else{
- createprocess.data.createperson=false;
- createprocess.data.errorperson=true;
- createprocess.data.errpersonup=personup.data;
- if (log) console.log(currentmod,"Warning pagan created but person not created and no recovery registration", personup);
+ const personup = Odmdb.cud(
+ `../../${req.body.trustedtribe}/objects/persons`,
+ "C",
+ persondata,
+ { xprofils: ["anonymous", "pagans"], xalias: req.body.alias }
+ );
+ if (log) console.log(currentmod, "person create", personup);
+ if (personup.status == 200) {
+ createprocess.data.createperson = true;
+ } else {
+ createprocess.data.createperson = false;
+ createprocess.data.errorperson = true;
+ createprocess.data.errpersonup = personup.data;
+ if (log)
+ console.log(
+ currentmod,
+ "Warning pagan created but person not created and no recovery registration",
+ personup
+ );
}
res.status(createprocess.status).json(createprocess);
- }else{
+ } else {
res.status(newpagan.status).json(newpagan);
}
} else {
@@ -199,18 +226,31 @@ router.post("/", checkHeaders, isAuthenticated, async (req, res) => {
* Delete an alias and his publickey, this mean that publickey disapear as well as alias. We set dt_delete
* */
router.delete("/alias/:alias", checkHeaders, isAuthenticated, (req, res) => {
- const personpath=`../objects/pagans`;
+ const personpath = `../objects/pagans`;
const role = {
xalias: req.session.header.xalias,
xprofils: req.session.header.xprofils,
};
- req.session.header.role
- const delperson = Odmdb.cud(personpath,"U",{alias:req.params.alias,dt_delete:dayjs().toISOString()},role,true);
- if (log) console.log(currentmod,`DELETE person ${personpath}/${req.params.alias}.json `);
- if (log) console.log(delperson)
+ req.session.header.role;
+ const delperson = Odmdb.cud(
+ personpath,
+ "U",
+ { alias: req.params.alias, dt_delete: dayjs().toISOString() },
+ role,
+ true
+ );
+ if (log)
+ console.log(
+ currentmod,
+ `DELETE person ${personpath}/${req.params.alias}.json `
+ );
+ if (log) console.log(delperson);
res.status(delperson.status).json(delperson);
- if (log) console.log(`DELETE pagans /api/adminapi/objects/pagans/${req.params.alias}.json`);
+ if (log)
+ console.log(
+ `DELETE pagans /api/adminapi/objects/pagans/${req.params.alias}.json`
+ );
const result = Pagans.delete(req.params.alias, req.session.header);
res.status(result.status).send(result);
});
@@ -225,18 +265,33 @@ router.delete("/alias/:alias", checkHeaders, isAuthenticated, (req, res) => {
* @apiParam {string} tribe where person alias exist
* @apiParam {string} alias to delete as person
* */
-router.delete("/person/:tribe/:alias", checkHeaders, isAuthenticated, (req, res) => {
- const personpath=`../../${req.params.tribe}/objects/persons`;
- const role = {
- xalias: req.session.header.xalias,
- xprofils: req.session.header.xprofils,
- };
- req.session.header.role
- const delperson = Odmdb.cud(personpath,"D",{alias:req.params.alias},role,true);
- if (log) console.log(currentmod,`DELETE person ${personpath}/${req.params.alias}.json `);
- if (log) console.log(currentmod,"delete person ",delperson)
- res.status(delperson.status).json(delperson);
-});
+router.delete(
+ "/person/:tribe/:alias",
+ checkHeaders,
+ isAuthenticated,
+ (req, res) => {
+ const personpath = `../../${req.params.tribe}/objects/persons`;
+ const role = {
+ xalias: req.session.header.xalias,
+ xprofils: req.session.header.xprofils,
+ };
+ req.session.header.role;
+ const delperson = Odmdb.cud(
+ personpath,
+ "D",
+ { alias: req.params.alias },
+ role,
+ true
+ );
+ if (log)
+ console.log(
+ currentmod,
+ `DELETE person ${personpath}/${req.params.alias}.json `
+ );
+ if (log) console.log(currentmod, "delete person ", delperson);
+ res.status(delperson.status).json(delperson);
+ }
+);
/**
* @api {get} /api/adminapi/pagans/person/:alias - person Get
@@ -259,8 +314,14 @@ router.delete("/person/:tribe/:alias", checkHeaders, isAuthenticated, (req, res)
* else need accessright to on person set at R
* */
router.get("/person/:alias", checkHeaders, isAuthenticated, (req, res) => {
- console.log(path.resolve(`../../${req.session.header.xtribe}/objects/persons`))
- const getperson=Odmdb.r( `../../${req.session.header.xtribe}/objects/persons`,req.params.alias,{ xprofils: req.session.header.xprofils, xalias: req.session.header.xalias })
+ console.log(
+ path.resolve(`../../${req.session.header.xtribe}/objects/persons`)
+ );
+ const getperson = Odmdb.r(
+ `../../${req.session.header.xtribe}/objects/persons`,
+ req.params.alias,
+ { xprofils: req.session.header.xprofils, xalias: req.session.header.xalias }
+ );
res.status(getperson.status).send(getperson);
});
@@ -273,19 +334,46 @@ router.get("/person/:alias", checkHeaders, isAuthenticated, (req, res) => {
* @apiHeader {string} xalias current user
* @apiHeader {string} xprofils profil list
* @apiParam {object} schema:persons https://dnstribe/tribe/schema/persons.json
- *
+ *
*/
router.put("/person/:tribe", checkHeaders, isAuthenticated, (req, res) => {
//console.log(req.body);
- const pathobj=`../../${req.params.tribe}/objects/persons`;
- const action = (fs.existsSync(`${pathobj}/itm/${req.body.alias}.json`))? "U":"C";
+ const pathobj = `../../${req.params.tribe}/objects/persons`;
+ const action = fs.existsSync(`${pathobj}/itm/${req.body.alias}.json`)
+ ? "U"
+ : "C";
//set req.body to be in line with schema
- if (!req.body.profils){
- req.body.profils=["anonymous","pagans","persons"]
+ if (
+ action=="U" && req.body.addprofils &&
+ ["seekers", "recruiters", "interviewers"].includes(req.body.addprofils)
+ ) {
+ const person = fs.readJsonSync(`${pathobj}/itm/${req.body.alias}.json`);
+ if (!person.profils.includes(req.body.addprofils)) {
+ person.profils.push(req.body.addprofils);
+ }
+ person.dt_update= dayjs().toISOString();
+ fs.outputJSONSync(`${pathobj}/itm/${req.body.alias}.json`,person);
+ console.log(person)
+ res
+ .status(200)
+ .json({
+ status: 200,
+ ref: "Pagans",
+ msg: "profilupdate",
+ data: { alias:person.alias, profils: person.profils },
+ });
+ }
+ if (!req.body.addprofils) {
+ if (!req.body.profils) {
+ req.body.profils = ["anonymous", "pagans", "persons"];
+ }
+ const personup = Odmdb.cud(pathobj, action, req.body, {
+ xprofils: req.session.header.xprofils,
+ xalias: req.session.header.xalias,
+ });
+ if (log) console.log(currentmod, " personupdate or create:", personup);
+ res.status(personup.status).json(personup);
}
- const personup = Odmdb.cud(pathobj, action, req.body, {xprofils:req.session.header.xprofils, xalias:req.session.header.xalias});
- if (log) console.log(currentmod,' personupdate or create:',personup)
- res.status(personup.status).json(personup);
});
/**
@@ -296,48 +384,72 @@ router.put("/person/:tribe", checkHeaders, isAuthenticated, (req, res) => {
* @apiBody {string} emailalias type of search (email or alias)
* @apiBody {string} tribe tribename into looking for
* @apiBody {string} search an email or an alias
- *
+ *
* @apiSuccess {object} send recovery email
* @apiSuccessExample {json} Success-Response:
* HTTP/1.1 200 OK
* {"status":200, "ref":"Pagans", "msg":"recoveryemailsent", "data":{email,tribe,numberemailsent'}}
- *
+ *
* @apiError (404) {string} recoveryemailnotfound email does not exist for this tribe
- * @apiErrorExample {json}
+ * @apiErrorExample {json}
* {status: 404, ref:"pagans",msg:"recoveryemailnotfound",data: { tribe,email } }
*
*/
router.post("/keyrecovery", checkHeaders, (req, res) => {
- let emailist=[]
- let alias =req.body.search;
- if (req.body.emailalias=="email"){
- req.body.search=req.body.search.toLowerCase();
- const idxreco=`../../${req.body.tribe}/objects/persons/idx/emailrecovery_alias.json`;
- if (fs.existsSync(idxreco)){
+ let emailist = [];
+ let alias = req.body.search;
+ if (req.body.emailalias == "email") {
+ req.body.search = req.body.search.toLowerCase();
+ const idxreco = `../../${req.body.tribe}/objects/persons/idx/emailrecovery_alias.json`;
+ if (fs.existsSync(idxreco)) {
const emailreco = fs.readJSONSync(idxreco);
- const listalias = (emailreco[req.body.search])? emailreco[req.body.search]: [];
- listalias.forEach(a=>{
- emailist.push({alias:a,tribe:req.body.tribe,lg:req.session.header.xlang})
- })
+ const listalias = emailreco[req.body.search]
+ ? emailreco[req.body.search]
+ : [];
+ listalias.forEach((a) => {
+ emailist.push({
+ alias: a,
+ tribe: req.body.tribe,
+ lg: req.session.header.xlang,
+ });
+ });
}
- }else if (req.body.emailalias=="alias"){
- const falias= `../../${req.body.tribe}/objects/persons/itm/${req.body.search}.json`;
- if (fs.existsSync(falias)){
- emailist.push({alias:req.body.search,tribe:req.body.tribe,lg:req.session.header.xlang})
+ } else if (req.body.emailalias == "alias") {
+ const falias = `../../${req.body.tribe}/objects/persons/itm/${req.body.search}.json`;
+ if (fs.existsSync(falias)) {
+ emailist.push({
+ alias: req.body.search,
+ tribe: req.body.tribe,
+ lg: req.session.header.xlang,
+ });
}
- }else{
+ } else {
//console later
}
-
- emailist.forEach(e => {
- console.log(e)
- const ret= Pagans.sendmailkey(e)
- })
- if (emailist.length>0) {
- res.status(200).json({status:200,ref:"Pagans",msg:"recoveryemailsent",data:{numberemailsent:emailist.length}});
- }else{
- res.status(404).json({status:404,ref:"Pagans",msg:"recoveryemailnotfound",data:{tribe:req.body.tribe}});
+ emailist.forEach((e) => {
+ console.log(e);
+ const ret = Pagans.sendmailkey(e);
+ });
+
+ if (emailist.length > 0) {
+ res
+ .status(200)
+ .json({
+ status: 200,
+ ref: "Pagans",
+ msg: "recoveryemailsent",
+ data: { numberemailsent: emailist.length },
+ });
+ } else {
+ res
+ .status(404)
+ .json({
+ status: 404,
+ ref: "Pagans",
+ msg: "recoveryemailnotfound",
+ data: { tribe: req.body.tribe },
+ });
}
});