Create data injection middleware and start centralizing lookups
This commit is contained in:
@@ -15,16 +15,7 @@ class File extends Controller {
|
||||
}
|
||||
|
||||
async create_config(req, res) {
|
||||
const PageId = req.params.PageId
|
||||
|
||||
let page = await Page.findOne({UUID: PageId})
|
||||
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
|
||||
if ( !(await page.is_accessible_by(req.user, 'update')) ) return req.security.deny()
|
||||
|
||||
const NodeId = req.params.NodeId
|
||||
|
||||
let node = await Node.findOne({UUID: NodeId})
|
||||
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
|
||||
const { page, node } = req.form
|
||||
|
||||
const group = new FileGroup({
|
||||
NodeId: node.UUID,
|
||||
@@ -47,70 +38,30 @@ class File extends Controller {
|
||||
}
|
||||
|
||||
async get_config(req, res) {
|
||||
const PageId = req.params.PageId
|
||||
|
||||
let page = await Page.findOne({UUID: PageId})
|
||||
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
|
||||
if ( !(await page.is_accessible_by(req.user)) ) return req.security.deny()
|
||||
|
||||
const NodeId = req.params.NodeId
|
||||
|
||||
let node = await Node.findOne({UUID: NodeId})
|
||||
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
|
||||
|
||||
const group = await FileGroup.findOne({UUID: req.params.FilesId})
|
||||
if ( !group ) return res.status(404).message('Invalid file group.').api({})
|
||||
// if ( !group.accessible_by(req.user) ) return req.security.deny()
|
||||
const { page, node, file_group } = req.form
|
||||
|
||||
const File = this.models.get('upload::File')
|
||||
const files = await File.find({_id: {$in: group.FileIds.map(x => ObjectId(x))}})
|
||||
group.files = files
|
||||
file_group.files = await File.find({_id: {$in: file_group.FileIds.map(x => ObjectId(x))}})
|
||||
|
||||
return res.api(group)
|
||||
return res.api(file_group)
|
||||
}
|
||||
|
||||
async save_upload(req, res) {
|
||||
const PageId = req.params.PageId
|
||||
|
||||
let page = await Page.findOne({UUID: PageId})
|
||||
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
|
||||
if ( !(await page.is_accessible_by(req.user, 'update')) ) return req.security.deny()
|
||||
|
||||
const NodeId = req.params.NodeId
|
||||
|
||||
let node = await Node.findOne({UUID: NodeId})
|
||||
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
|
||||
|
||||
const group = await FileGroup.findOne({UUID: req.params.FilesId})
|
||||
if ( !group ) return res.status(404).message('Invalid file group.').api({})
|
||||
// if ( !group.accessible_by(req.user) ) return req.security.deny()
|
||||
const { page, node, file_group } = req.form
|
||||
|
||||
let file_name = ''
|
||||
if ( req.uploads.uploaded_file ) {
|
||||
group.FileIds.push(req.uploads.uploaded_file.id)
|
||||
file_group.FileIds.push(req.uploads.uploaded_file.id)
|
||||
}
|
||||
|
||||
await group.version_save(`Added file${file_name ? ' "'+file_name+'"' : ''}`, req.user.id)
|
||||
await file_group.version_save(`Added file${file_name ? ' "'+file_name+'"' : ''}`, req.user.id)
|
||||
return res.redirect(req.body.redirectTo ? req.body.redirectTo : '/')
|
||||
}
|
||||
|
||||
async download(req, res) {
|
||||
const PageId = req.params.PageId
|
||||
const { page, node, file_group } = req.form
|
||||
|
||||
let page = await Page.findOne({UUID: PageId})
|
||||
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
|
||||
if ( !(await page.is_accessible_by(req.user)) ) return req.security.deny()
|
||||
|
||||
const NodeId = req.params.NodeId
|
||||
|
||||
let node = await Node.findOne({UUID: NodeId})
|
||||
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
|
||||
|
||||
const group = await FileGroup.findOne({UUID: req.params.FilesId})
|
||||
if ( !group ) return res.status(404).message('Invalid file group.').api({})
|
||||
// if ( !group.accessible_by(req.user) ) return req.security.deny()
|
||||
|
||||
if ( !group.FileIds.includes(req.params.FileId) ) {
|
||||
if ( !file_group.FileIds.includes(req.params.FileId) ) {
|
||||
return req.security.deny()
|
||||
}
|
||||
|
||||
@@ -122,22 +73,9 @@ class File extends Controller {
|
||||
}
|
||||
|
||||
async delete_group(req, res) {
|
||||
const PageId = req.params.PageId
|
||||
const { page, node, file_group } = req.form
|
||||
|
||||
let page = await Page.findOne({UUID: PageId})
|
||||
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
|
||||
if ( !(await page.is_accessible_by(req.user, 'update')) ) return req.security.deny()
|
||||
|
||||
const NodeId = req.params.NodeId
|
||||
|
||||
let node = await Node.findOne({UUID: NodeId})
|
||||
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
|
||||
|
||||
const group = await FileGroup.findOne({UUID: req.params.FilesId})
|
||||
if ( !group ) return res.status(404).message('Invalid file group.').api({})
|
||||
// if ( !group.accessible_by(req.user) ) return req.security.deny()
|
||||
|
||||
await group.delete()
|
||||
await file_group.delete()
|
||||
return res.api({})
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,7 +1,5 @@
|
||||
const Controller = require('libflitter/controller/Controller')
|
||||
const Codium = require('../../../models/api/Codium.model')
|
||||
const Page = require('../../../models/api/Page.model')
|
||||
const Node = require('../../../models/api/Node.model')
|
||||
|
||||
/*
|
||||
* FormCode Controller
|
||||
@@ -11,16 +9,7 @@ const Node = require('../../../models/api/Node.model')
|
||||
class FormCode extends Controller {
|
||||
|
||||
async create_new(req, res) {
|
||||
const PageId = req.params.PageId
|
||||
|
||||
let page = await Page.findOne({UUID: PageId})
|
||||
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
|
||||
if ( !(await page.is_accessible_by(req.user, 'update')) ) return req.security.deny()
|
||||
|
||||
const NodeId = req.params.NodeId
|
||||
|
||||
let node = await Node.findOne({UUID: NodeId})
|
||||
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
|
||||
const { page, node } = req.form
|
||||
|
||||
const code = new Codium({
|
||||
NodeId: node.UUID,
|
||||
@@ -48,63 +37,25 @@ class FormCode extends Controller {
|
||||
}
|
||||
|
||||
async get_config(req, res) {
|
||||
const PageId = req.params.PageId
|
||||
|
||||
let page = await Page.findOne({UUID: PageId})
|
||||
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
|
||||
if ( !(await page.is_accessible_by(req.user)) ) return req.security.deny()
|
||||
|
||||
const NodeId = req.params.NodeId
|
||||
|
||||
let node = await Node.findOne({UUID: NodeId})
|
||||
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
|
||||
|
||||
const code = await Codium.findOne({UUID: req.params.CodiumId})
|
||||
if ( !code ) return res.status(404).message('Unable to find code with that ID.').api({})
|
||||
|
||||
return res.api(code)
|
||||
return res.api(req.form.codium)
|
||||
}
|
||||
|
||||
async set_values(req, res) {
|
||||
const PageId = req.params.PageId
|
||||
const { page, node, codium } = req.form
|
||||
|
||||
let page = await Page.findOne({UUID: PageId})
|
||||
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
|
||||
if ( !(await page.is_accessible_by(req.user, 'update')) ) return req.security.deny()
|
||||
|
||||
const NodeId = req.params.NodeId
|
||||
|
||||
let node = await Node.findOne({UUID: NodeId})
|
||||
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
|
||||
|
||||
const code = await Codium.findOne({UUID: req.params.CodiumId})
|
||||
if ( !code ) return res.status(404).message('Unable to find code with that ID.').api({})
|
||||
|
||||
code.code = req.body.code
|
||||
code.Language = req.body.Language
|
||||
code.NodeId = node.UUID
|
||||
code.PageId = page.UUID
|
||||
await code.version_save(`Updated in page "${page.Name}"`, req.user.id)
|
||||
return res.api(code)
|
||||
codium.code = req.body.code
|
||||
codium.Language = req.body.Language
|
||||
codium.NodeId = node.UUID
|
||||
codium.PageId = page.UUID
|
||||
await codium.version_save(`Updated in page "${page.Name}"`, req.user.id)
|
||||
return res.api(codium)
|
||||
}
|
||||
|
||||
async drop_code(req, res) {
|
||||
const PageId = req.params.PageId
|
||||
const { codium } = req.form
|
||||
|
||||
let page = await Page.findOne({UUID: PageId})
|
||||
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
|
||||
if ( !(await page.is_accessible_by(req.user, 'update')) ) return req.security.deny()
|
||||
|
||||
const NodeId = req.params.NodeId
|
||||
|
||||
let node = await Node.findOne({UUID: NodeId})
|
||||
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
|
||||
|
||||
const code = await Codium.findOne({UUID: req.params.CodiumId})
|
||||
if ( !code ) return res.status(404).message('Unable to find code with that ID.').api({})
|
||||
|
||||
code.Active = false
|
||||
await code.version_save(`Deleted`, req.user.id)
|
||||
codium.Active = false
|
||||
await codium.version_save(`Deleted`, req.user.id)
|
||||
return res.api({})
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,6 +1,4 @@
|
||||
const Controller = require('libflitter/controller/Controller')
|
||||
const Page = require('../../../models/api/Page.model')
|
||||
const Node = require('../../../models/api/Node.model')
|
||||
const Database = require('../../../models/api/db/Database.model')
|
||||
const ColumnDef = require('../../../models/api/db/ColumnDef.model')
|
||||
const DBEntry = require('../../../models/api/db/DBEntry.model')
|
||||
@@ -13,16 +11,7 @@ const DBEntry = require('../../../models/api/db/DBEntry.model')
|
||||
class FormDatabase extends Controller {
|
||||
|
||||
async create_new(req, res) {
|
||||
const PageId = req.params.PageId
|
||||
|
||||
let page = await Page.findOne({UUID: PageId})
|
||||
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
|
||||
if ( !(await page.is_accessible_by(req.user, 'update')) ) return req.security.deny()
|
||||
|
||||
const NodeId = req.params.NodeId
|
||||
|
||||
let node = await Node.findOne({UUID: NodeId})
|
||||
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
|
||||
const { page, node } = req.form
|
||||
|
||||
const db = new Database({
|
||||
Name: req.body.name || req.body.Name || 'New Database',
|
||||
@@ -46,43 +35,16 @@ class FormDatabase extends Controller {
|
||||
}
|
||||
|
||||
async get_config(req, res) {
|
||||
const PageId = req.params.PageId
|
||||
const { page, node, database } = req.form
|
||||
|
||||
let page = await Page.findOne({UUID: PageId})
|
||||
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
|
||||
if ( !(await page.is_accessible_by(req.user)) ) return req.security.deny()
|
||||
|
||||
const NodeId = req.params.NodeId
|
||||
|
||||
let node = await Node.findOne({UUID: NodeId})
|
||||
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
|
||||
|
||||
const DatabaseId = req.params.DatabaseId
|
||||
const db = await Database.findOne({UUID: DatabaseId})
|
||||
if ( !db ) return res.status(404).message('Database not found with that ID.').api({})
|
||||
// if ( !db.accessible_by(req.user) ) return req.security.deny()
|
||||
|
||||
return res.api(db)
|
||||
return res.api(database)
|
||||
}
|
||||
|
||||
async get_columns(req, res) {
|
||||
const PageId = req.params.PageId
|
||||
|
||||
let page = await Page.findOne({UUID: PageId})
|
||||
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
|
||||
if ( !(await page.is_accessible_by(req.user)) ) return req.security.deny()
|
||||
|
||||
const NodeId = req.params.NodeId
|
||||
|
||||
let node = await Node.findOne({UUID: NodeId})
|
||||
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
|
||||
|
||||
const DatabaseId = req.params.DatabaseId
|
||||
const db = await Database.findOne({UUID: DatabaseId})
|
||||
if ( !db ) return res.status(404).message('Database not found with that ID.').api({})
|
||||
const { page, node, database } = req.form
|
||||
|
||||
const columns = []
|
||||
for ( const col_id of db.ColumnIds ) {
|
||||
for ( const col_id of database.ColumnIds ) {
|
||||
const rec = await ColumnDef.findOne({UUID: col_id})
|
||||
if ( rec ) {
|
||||
rec.additionalData = rec.data()
|
||||
@@ -92,7 +54,7 @@ class FormDatabase extends Controller {
|
||||
|
||||
// Fallback for backwards compat
|
||||
if ( columns.length < 1 ) {
|
||||
return res.api((await ColumnDef.find({DatabaseId: db.UUID})).map(x => {
|
||||
return res.api((await ColumnDef.find({DatabaseId: database.UUID})).map(x => {
|
||||
x.additionalData = x.data()
|
||||
return x
|
||||
}))
|
||||
@@ -108,50 +70,22 @@ class FormDatabase extends Controller {
|
||||
.api()
|
||||
}
|
||||
|
||||
const PageId = req.params.PageId
|
||||
const { page, node, database } = req.form
|
||||
|
||||
let page = await Page.findOne({UUID: PageId})
|
||||
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
|
||||
if ( !(await page.is_accessible_by(req.user, 'update')) ) return req.security.deny()
|
||||
|
||||
const NodeId = req.params.NodeId
|
||||
|
||||
let node = await Node.findOne({UUID: NodeId})
|
||||
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
|
||||
|
||||
const DatabaseId = req.params.DatabaseId
|
||||
const db = await Database.findOne({UUID: DatabaseId})
|
||||
if ( !db ) return res.status(404).message('Database not found with that ID.').api({})
|
||||
// if ( !db.accessible_by(req.user, 'update') ) return req.security.deny()
|
||||
|
||||
if ( req.body.Name !== db.Name ) {
|
||||
db.Name = req.body.Name
|
||||
await db.version_save(`Changed database name to "${req.body.Name}"`, req.user.id)
|
||||
if ( req.body.Name !== database.Name ) {
|
||||
database.Name = req.body.Name
|
||||
await database.version_save(`Changed database name to "${req.body.Name}"`, req.user.id)
|
||||
} else {
|
||||
await db.save()
|
||||
await database.save()
|
||||
}
|
||||
|
||||
return res.api(db)
|
||||
return res.api(database)
|
||||
}
|
||||
|
||||
async set_columns(req, res) {
|
||||
const PageId = req.params.PageId
|
||||
const { page, node, database } = req.form
|
||||
|
||||
let page = await Page.findOne({UUID: PageId})
|
||||
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
|
||||
if ( !(await page.is_accessible_by(req.user, 'update')) ) return req.security.deny()
|
||||
|
||||
const NodeId = req.params.NodeId
|
||||
|
||||
let node = await Node.findOne({UUID: NodeId})
|
||||
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
|
||||
|
||||
const DatabaseId = req.params.DatabaseId
|
||||
const db = await Database.findOne({UUID: DatabaseId})
|
||||
if ( !db ) return res.status(404).message('Database not found with that ID.').api({})
|
||||
// if ( !db.accessible_by(req.user, 'update') ) return req.security.deny()
|
||||
|
||||
const existing_columns = await ColumnDef.find({ DatabaseId: db.UUID })
|
||||
const existing_columns = await ColumnDef.find({ DatabaseId: database.UUID })
|
||||
const assoc_columns = []
|
||||
existing_columns.forEach(col => assoc_columns[col.UUID] = col)
|
||||
|
||||
@@ -160,7 +94,7 @@ class FormDatabase extends Controller {
|
||||
if ( col.UUID && assoc_columns[col.UUID] ) {
|
||||
assoc_columns[col.UUID].headerName = col.headerName
|
||||
assoc_columns[col.UUID].field = col.field
|
||||
assoc_columns[col.UUID].DatabaseId = db.UUID
|
||||
assoc_columns[col.UUID].DatabaseId = database.UUID
|
||||
assoc_columns[col.UUID].Type = col.Type
|
||||
assoc_columns[col.UUID].additionalData = JSON.stringify(col.additionalData)
|
||||
await assoc_columns[col.UUID].version_save(`Updated in page "${page.Name}"`, req.user.id)
|
||||
@@ -169,7 +103,7 @@ class FormDatabase extends Controller {
|
||||
const new_col = new ColumnDef({
|
||||
headerName: col.headerName,
|
||||
field: col.field,
|
||||
DatabaseId: db.UUID,
|
||||
DatabaseId: database.UUID,
|
||||
Type: col.Type,
|
||||
additionalData: JSON.stringify(col.additionalData),
|
||||
})
|
||||
@@ -193,62 +127,34 @@ class FormDatabase extends Controller {
|
||||
}
|
||||
|
||||
const new_cols = update_columns.map(x => x.UUID)
|
||||
const no_updates = (new_cols.length === db.ColumnIds.length) && (new_cols.every(val => db.ColumnIds.includes(val)));
|
||||
const no_updates = (new_cols.length === database.ColumnIds.length) && (new_cols.every(val => database.ColumnIds.includes(val)));
|
||||
if ( !no_updates ) {
|
||||
db.ColumnIds = new_cols
|
||||
await db.version_save('Updated columns', req.user.id)
|
||||
database.ColumnIds = new_cols
|
||||
await database.version_save('Updated columns', req.user.id)
|
||||
} else {
|
||||
await db.save()
|
||||
await database.save()
|
||||
}
|
||||
|
||||
return res.api(update_columns)
|
||||
}
|
||||
|
||||
async get_data(req, res) {
|
||||
const PageId = req.params.PageId
|
||||
const { page, node, database } = req.form
|
||||
|
||||
let page = await Page.findOne({UUID: PageId})
|
||||
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
|
||||
if ( !(await page.is_accessible_by(req.user)) ) return req.security.deny()
|
||||
|
||||
const NodeId = req.params.NodeId
|
||||
|
||||
let node = await Node.findOne({UUID: NodeId})
|
||||
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
|
||||
|
||||
const DatabaseId = req.params.DatabaseId
|
||||
const db = await Database.findOne({UUID: DatabaseId})
|
||||
if ( !db ) return res.status(404).message('Database not found with that ID.').api({})
|
||||
// if ( !db.accessible_by(req.user) ) return req.security.deny()
|
||||
|
||||
const entries = await DBEntry.find({DatabaseId: db.UUID})
|
||||
const entries = await DBEntry.find({DatabaseId: database.UUID})
|
||||
entries.forEach(entry => entry.RowData.UUID = entry.UUID)
|
||||
|
||||
return res.api(entries)
|
||||
}
|
||||
|
||||
async set_data(req, res) {
|
||||
const PageId = req.params.PageId
|
||||
const { page, node, database } = req.form
|
||||
|
||||
let page = await Page.findOne({UUID: PageId})
|
||||
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
|
||||
if ( !(await page.is_accessible_by(req.user, 'update')) ) return req.security.deny()
|
||||
|
||||
const NodeId = req.params.NodeId
|
||||
|
||||
let node = await Node.findOne({UUID: NodeId})
|
||||
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
|
||||
|
||||
const DatabaseId = req.params.DatabaseId
|
||||
const db = await Database.findOne({UUID: DatabaseId})
|
||||
if ( !db ) return res.status(404).message('Database not found with that ID.').api({})
|
||||
// if ( !db.accessible_by(req.user) ) return req.security.deny()
|
||||
|
||||
await DBEntry.deleteMany({DatabaseId: db.UUID})
|
||||
await DBEntry.deleteMany({DatabaseId: database.UUID})
|
||||
|
||||
const new_recs = []
|
||||
for ( const rec of req.body ) {
|
||||
const data = {DatabaseId: db.UUID}
|
||||
const data = {DatabaseId: database.UUID}
|
||||
if ( rec.UUID ) data.UUID = rec.UUID
|
||||
delete rec.UUID
|
||||
data.RowData = rec
|
||||
@@ -259,30 +165,16 @@ class FormDatabase extends Controller {
|
||||
new_recs.push(dbe)
|
||||
}
|
||||
|
||||
await db.version_save('Updated data', req.user.id)
|
||||
return res.api(await this._set_indices(db, new_recs))
|
||||
await database.version_save('Updated data', req.user.id)
|
||||
return res.api(await this._set_indices(database, new_recs))
|
||||
}
|
||||
|
||||
async drop_database(req, res) {
|
||||
const PageId = req.params.PageId
|
||||
const { page, node, database } = req.form
|
||||
|
||||
let page = await Page.findOne({UUID: PageId})
|
||||
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
|
||||
if ( !(await page.is_accessible_by(req.user, 'update')) ) return req.security.deny()
|
||||
|
||||
const NodeId = req.params.NodeId
|
||||
|
||||
let node = await Node.findOne({UUID: NodeId})
|
||||
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
|
||||
|
||||
const DatabaseId = req.params.DatabaseId
|
||||
const db = await Database.findOne({UUID: DatabaseId})
|
||||
if ( !db ) return res.status(404).message('Database not found with that ID.').api({})
|
||||
// if ( !db.accessible_by(req.user) ) return req.security.deny()
|
||||
|
||||
await DBEntry.deleteMany({DatabaseId: db.UUID})
|
||||
await db.version_save('Deleted', req.user.id)
|
||||
await db.delete()
|
||||
await DBEntry.deleteMany({DatabaseId: database.UUID})
|
||||
await database.version_save('Deleted', req.user.id)
|
||||
await database.delete()
|
||||
return res.api({})
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user