Noded/backend
3
0
Fork 0
Code Issues 19 Pull Requests Releases Wiki Activity

Create data injection middleware and start centralizing lookups
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone Build is passing
Details

Browse Source
This commit is contained in:
Garrett Mills
2020-11-11 13:54:20 -06:00
parent 9df5f2d5f4
commit 42b7ccad7f
7 changed files with 250 additions and 290 deletions
Download Patch File Download Diff File Expand all files Collapse all files

110
app/routing/middleware/api/DataInjection.middleware.js Normal file
View File

@@ -0,0 +1,110 @@
const { Middleware } = require('libflitter')
class DataInjectionMiddleware extends Middleware {
static get services() {
return [...super.services, 'models']
}
// manage, update, view
async test(req, res, next, { access_level = 'view' }) {
if ( !req.user ) {
return res.status(401)
.message('Unauthenticated session.')
.api()
}
if ( !req.form ) req.form = {}
// Try to load in the page
if ( !req.params.PageId ) return next()
const Page = this.models.get('api:Page')
const page = await Page.findOne({ UUID: req.params.PageId })
if ( !page ) {
return res.status(404)
.message('Invalid page ID.')
.api()
}
// Make sure the user has access to the given page
if ( !(await page.is_accessible_by(req.user, access_level)) ) {
return res.status(401).api()
}
req.form.page = page
// Try to load in the node
if ( req.params.NodeId ) {
const Node = this.models.get('api:Node')
const node = await Node.findOne({ UUID: req.params.NodeId })
if ( !node || !page.NodeIds.includes(node.UUID) ) {
return res.status(404)
.message('Invalid node ID.')
.api()
}
req.form.node = node
}
// Try to load in the code snippets
if ( req.params.CodiumId ) {
const Codium = this.models.get('api:Codium')
const codium = await Codium.findOne({
UUID: req.params.CodiumId,
Active: true,
PageId: req.params.PageId,
...(req.form.node ? {NodeId: req.form.node.UUID} : {}),
})
if ( !codium ) {
return res.status(404)
.message('Invalid code snippet ID.')
.api()
}
req.form.codium = codium
}
// Try to load in the database
if ( req.params.DatabaseId ) {
const Database = this.models.get('api:db:Database')
const database = await Database.findOne({
UUID: req.params.DatabaseId,
Active: true,
PageId: req.params.PageId,
...(req.form.node ? {NodeId: req.form.node.UUID} : {}),
})
if ( !database ) {
return res.status(404)
.message('Invalid database ID.')
.api()
}
req.form.database = database
}
// Try to load in the file group
if ( req.params.FilesId ) {
const FileGroup = this.models.get('api:FileGroup')
const file_group = await FileGroup.findOne({
UUID: req.params.FilesId,
PageId: req.params.PageId,
...(req.form.node ? {NodeId: req.form.node.UUID} : {}),
})
if ( !file_group ) {
return res.status(404)
.message('Invalid file group ID.')
.api()
}
req.form.file_group = file_group
}
return next()
}
}
module.exports = exports = DataInjectionMiddleware

24
app/routing/routers/api/v1/code.routes.js
View File

@@ -6,17 +6,33 @@ module.exports = exports = {
get: {
// Get the code ref node config for the specified code editor
'/:PageId/:NodeId/get/:CodiumId': ['middleware::auth:ApiRoute', 'controller::api:v1:FormCode.get_config'],
'/:PageId/:NodeId/get/:CodiumId': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'view' }],
'controller::api:v1:FormCode.get_config',
],
},
post: {
// Create a new code ref config
'/:PageId/:NodeId/create': ['middleware::auth:ApiRoute', 'controller::api:v1:FormCode.create_new'],
'/:PageId/:NodeId/create': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'update' }],
'controller::api:v1:FormCode.create_new',
],
// Set the data for the specified code ref
'/:PageId/:NodeId/set/:CodiumId': ['middleware::auth:ApiRoute', 'controller::api:v1:FormCode.set_values'],
'/:PageId/:NodeId/set/:CodiumId': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'update' }],
'controller::api:v1:FormCode.set_values',
],
// delete the specified code ref
'/:PageId/:NodeId/delete/:CodiumId': ['middleware::auth:ApiRoute', 'controller::api:v1:FormCode.drop_code'],
'/:PageId/:NodeId/delete/:CodiumId': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'update' }],
'controller::api:v1:FormCode.drop_code',
],
},
}

48
app/routing/routers/api/v1/db.routes.js
View File

@@ -6,29 +6,61 @@ module.exports = exports = {
get: {
// Get the database ref node config for the specified database
'/:PageId/:NodeId/get/:DatabaseId': ['middleware::auth:ApiRoute', 'controller::api:v1:FormDatabase.get_config'],
'/:PageId/:NodeId/get/:DatabaseId': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'view' }],
'controller::api:v1:FormDatabase.get_config',
],
// Get the column config records for the specified database
'/:PageId/:NodeId/get/:DatabaseId/columns': [ 'middleware::auth:ApiRoute', 'controller::api:v1:FormDatabase.get_columns' ],
'/:PageId/:NodeId/get/:DatabaseId/columns': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'view' }],
'controller::api:v1:FormDatabase.get_columns',
],
// Get the row records for the specified database
'/:PageId/:NodeId/get/:DatabaseId/data': [ 'middleware::auth:ApiRoute', 'controller::api:v1:FormDatabase.get_data' ],
'/:PageId/:NodeId/get/:DatabaseId/data': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'view' }],
'controller::api:v1:FormDatabase.get_data',
],
},
post: {
// Create a new database ref config
'/:PageId/:NodeId/create': ['middleware::auth:ApiRoute', 'controller::api:v1:FormDatabase.create_new'],
'/:PageId/:NodeId/create': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'update' }],
'controller::api:v1:FormDatabase.create_new',
],
// Set the column configs for a database ref
'/:PageId/:NodeId/set/:DatabaseId/columns': [ 'middleware::auth:ApiRoute', 'controller::api:v1:FormDatabase.set_columns' ],
'/:PageId/:NodeId/set/:DatabaseId/columns': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'update' }],
'controller::api:v1:FormDatabase.set_columns',
],
// Set the database name
'/:PageId/:NodeId/set/:DatabaseId/Name': [ 'middleware::auth:ApiRoute', 'controller::api:v1:FormDatabase.set_name' ],
'/:PageId/:NodeId/set/:DatabaseId/Name': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'update' }],
'controller::api:v1:FormDatabase.set_name',
],
// Delete the specified database ref
'/:PageId/:NodeId/drop/:DatabaseId': [ 'middleware::auth:ApiRoute', 'controller::api:v1:FormDatabase.drop_database' ],
'/:PageId/:NodeId/drop/:DatabaseId': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'update' }],
'controller::api:v1:FormDatabase.drop_database',
],
// Set the row data for the specified database ref
'/:PageId/:NodeId/set/:DatabaseId/data': ['middleware::auth:ApiRoute', 'controller::api:v1:FormDatabase.set_data'],
'/:PageId/:NodeId/set/:DatabaseId/data': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'update' }],
'controller::api:v1:FormDatabase.set_data',
],
},
}

31
app/routing/routers/api/v1/files.routes.js
View File

@@ -6,21 +6,42 @@ module.exports = exports = {
get: {
// Get the file ref node config for the specified file ref
'/:PageId/:NodeId/get/:FilesId': ['middleware::auth:ApiRoute', 'controller::api:v1:File.get_config'],
'/:PageId/:NodeId/get/:FilesId': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'view' }],
'controller::api:v1:File.get_config',
],
// Download the specified file ID from the specified file ref node
'/:PageId/:NodeId/get/:FilesId/:FileId': ['middleware::auth:ApiRoute', 'controller::api:v1:File.download'],
'/:PageId/:NodeId/get/:FilesId/:FileId': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'view' }],
'controller::api:v1:File.download',
],
},
post: {
// FIXME - files, not file. Fix in front-end!
// Upload the file in the 'uploaded_file' key to the specified file ref node
'/file/upload/:PageId/:NodeId/:FilesId': ['middleware::auth:ApiRoute', 'middleware::upload:UploadFile', 'controller::api:v1:File.save_upload'],
'/file/upload/:PageId/:NodeId/:FilesId': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'update' }],
'middleware::upload:UploadFile',
'controller::api:v1:File.save_upload',
],
// Create a new file ref node
'/:PageId/:NodeId/create': ['middleware::auth:ApiRoute', 'controller::api:v1:File.create_config'],
'/:PageId/:NodeId/create': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'update' }],
'controller::api:v1:File.create_config',
],
// Delete a file ref node and its files
'/:PageId/:NodeId/delete/:FilesId': ['middleware::auth:ApiRoute', 'controller::api:v1:File.delete_group'],
'/:PageId/:NodeId/delete/:FilesId': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'update' }],
'controller::api:v1:File.delete_group',
],
},
}