Compare commits
No commits in common. "main" and "v1.0.2" have entirely different histories.
51 changed files with 57 additions and 1256 deletions
|
@ -18,5 +18,5 @@ MAIL_HOST = mail_hoststring
|
||||||
MAIL_PORT = mail_portnumber
|
MAIL_PORT = mail_portnumber
|
||||||
MAIL_SECURE (true|false) // true for port 465, fals for other ports
|
MAIL_SECURE (true|false) // true for port 465, fals for other ports
|
||||||
|
|
||||||
CLUB_NAME = clubname #default FF Admin
|
CLUB_NAME = clubname
|
||||||
CLUB_WEBSITE = https://my-club-website-url
|
CLUB_WEBSITE = https://my-club-website-url
|
|
@ -6,7 +6,7 @@ Administration für Feuerwehren und Vereine (Backend).
|
||||||
|
|
||||||
Dieses Projekt, `ff-admin-server`, ist das Backend zur Verwaltung von Mitgliederdaten. Die zugehörige Webapp ist im Repository [ff-admin-ui](https://forgejo.jk-effects.cloud/Ehrenamt/ff-admin) zu finden.
|
Dieses Projekt, `ff-admin-server`, ist das Backend zur Verwaltung von Mitgliederdaten. Die zugehörige Webapp ist im Repository [ff-admin-ui](https://forgejo.jk-effects.cloud/Ehrenamt/ff-admin) zu finden.
|
||||||
|
|
||||||
Eine Demo zusammen mit der `ff-admin` finden Sie unter [https://admin-demo.ff-admin.de](https://admin-demo.ff-admin.de).
|
Eine Demo zusammen mit der `ff-admin` finden Sie unter [ff-admin-demo.jk-effects.cloud](ff-admin-demo.jk-effects.cloud).
|
||||||
|
|
||||||
## Installation
|
## Installation
|
||||||
|
|
||||||
|
@ -40,7 +40,7 @@ services:
|
||||||
- MAIL_HOST=<url>
|
- MAIL_HOST=<url>
|
||||||
- MAIL_PORT=<port> # default ist auf 578 gesetzt
|
- MAIL_PORT=<port> # default ist auf 578 gesetzt
|
||||||
- MAIL_SECURE=<boolean> # default ist auf false gesetzt
|
- MAIL_SECURE=<boolean> # default ist auf false gesetzt
|
||||||
- CLUB_NAME=<tobemodified> # default ist auf FF Admin gesetzt
|
- CLUB_NAME=<tobemodified>
|
||||||
- CLUB_WEBSITE=<tobemodified>
|
- CLUB_WEBSITE=<tobemodified>
|
||||||
volumes:
|
volumes:
|
||||||
- <volume|local path>:/app/files
|
- <volume|local path>:/app/files
|
||||||
|
|
52
package-lock.json
generated
52
package-lock.json
generated
|
@ -1,12 +1,12 @@
|
||||||
{
|
{
|
||||||
"name": "ff-admin-server",
|
"name": "ff-admin-server",
|
||||||
"version": "1.2.0",
|
"version": "1.0.2",
|
||||||
"lockfileVersion": 3,
|
"lockfileVersion": 3,
|
||||||
"requires": true,
|
"requires": true,
|
||||||
"packages": {
|
"packages": {
|
||||||
"": {
|
"": {
|
||||||
"name": "ff-admin-server",
|
"name": "ff-admin-server",
|
||||||
"version": "1.2.0",
|
"version": "1.0.2",
|
||||||
"license": "GPL-3.0-only",
|
"license": "GPL-3.0-only",
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"cors": "^2.8.5",
|
"cors": "^2.8.5",
|
||||||
|
@ -24,7 +24,6 @@
|
||||||
"puppeteer": "^23.11.1",
|
"puppeteer": "^23.11.1",
|
||||||
"qrcode": "^1.5.4",
|
"qrcode": "^1.5.4",
|
||||||
"reflect-metadata": "^0.2.2",
|
"reflect-metadata": "^0.2.2",
|
||||||
"rss-parser": "^3.13.0",
|
|
||||||
"socket.io": "^4.7.5",
|
"socket.io": "^4.7.5",
|
||||||
"speakeasy": "^2.0.0",
|
"speakeasy": "^2.0.0",
|
||||||
"typeorm": "^0.3.20",
|
"typeorm": "^0.3.20",
|
||||||
|
@ -1497,15 +1496,6 @@
|
||||||
"resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz",
|
"resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz",
|
||||||
"integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w=="
|
"integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w=="
|
||||||
},
|
},
|
||||||
"node_modules/entities": {
|
|
||||||
"version": "2.2.0",
|
|
||||||
"resolved": "https://registry.npmjs.org/entities/-/entities-2.2.0.tgz",
|
|
||||||
"integrity": "sha512-p92if5Nz619I0w+akJrLZH0MX0Pb5DX39XOwQTtXSdQQOaYH03S1uIQp4mhOZtAXrxq4ViO67YTiLBo2638o9A==",
|
|
||||||
"license": "BSD-2-Clause",
|
|
||||||
"funding": {
|
|
||||||
"url": "https://github.com/fb55/entities?sponsor=1"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"node_modules/env-paths": {
|
"node_modules/env-paths": {
|
||||||
"version": "2.2.1",
|
"version": "2.2.1",
|
||||||
"resolved": "https://registry.npmjs.org/env-paths/-/env-paths-2.2.1.tgz",
|
"resolved": "https://registry.npmjs.org/env-paths/-/env-paths-2.2.1.tgz",
|
||||||
|
@ -3162,16 +3152,6 @@
|
||||||
"node": ">= 0.10"
|
"node": ">= 0.10"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"node_modules/rss-parser": {
|
|
||||||
"version": "3.13.0",
|
|
||||||
"resolved": "https://registry.npmjs.org/rss-parser/-/rss-parser-3.13.0.tgz",
|
|
||||||
"integrity": "sha512-7jWUBV5yGN3rqMMj7CZufl/291QAhvrrGpDNE4k/02ZchL0npisiYYqULF71jCEKoIiHvK/Q2e6IkDwPziT7+w==",
|
|
||||||
"license": "MIT",
|
|
||||||
"dependencies": {
|
|
||||||
"entities": "^2.0.3",
|
|
||||||
"xml2js": "^0.5.0"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"node_modules/runes2": {
|
"node_modules/runes2": {
|
||||||
"version": "1.1.4",
|
"version": "1.1.4",
|
||||||
"resolved": "https://registry.npmjs.org/runes2/-/runes2-1.1.4.tgz",
|
"resolved": "https://registry.npmjs.org/runes2/-/runes2-1.1.4.tgz",
|
||||||
|
@ -3202,12 +3182,6 @@
|
||||||
"resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz",
|
"resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz",
|
||||||
"integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg=="
|
"integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg=="
|
||||||
},
|
},
|
||||||
"node_modules/sax": {
|
|
||||||
"version": "1.4.1",
|
|
||||||
"resolved": "https://registry.npmjs.org/sax/-/sax-1.4.1.tgz",
|
|
||||||
"integrity": "sha512-+aWOz7yVScEGoKNd4PA10LZ8sk0A/z5+nXQG5giUO5rprX9jgYsTdov9qCchZiPIZezbZH+jRut8nPodFAX4Jg==",
|
|
||||||
"license": "ISC"
|
|
||||||
},
|
|
||||||
"node_modules/semver": {
|
"node_modules/semver": {
|
||||||
"version": "7.6.3",
|
"version": "7.6.3",
|
||||||
"resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz",
|
"resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz",
|
||||||
|
@ -4279,28 +4253,6 @@
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"node_modules/xml2js": {
|
|
||||||
"version": "0.5.0",
|
|
||||||
"resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.5.0.tgz",
|
|
||||||
"integrity": "sha512-drPFnkQJik/O+uPKpqSgr22mpuFHqKdbS835iAQrUC73L2F5WkboIRd63ai/2Yg6I1jzifPFKH2NTK+cfglkIA==",
|
|
||||||
"license": "MIT",
|
|
||||||
"dependencies": {
|
|
||||||
"sax": ">=0.6.0",
|
|
||||||
"xmlbuilder": "~11.0.0"
|
|
||||||
},
|
|
||||||
"engines": {
|
|
||||||
"node": ">=4.0.0"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"node_modules/xmlbuilder": {
|
|
||||||
"version": "11.0.1",
|
|
||||||
"resolved": "https://registry.npmjs.org/xmlbuilder/-/xmlbuilder-11.0.1.tgz",
|
|
||||||
"integrity": "sha512-fDlsI/kFEx7gLvbecc0/ohLG50fugQp8ryHzMTuW9vSa1GJ0XYWKnhsUx7oie3G98+r56aTQIUB4kht42R3JvA==",
|
|
||||||
"license": "MIT",
|
|
||||||
"engines": {
|
|
||||||
"node": ">=4.0"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"node_modules/y18n": {
|
"node_modules/y18n": {
|
||||||
"version": "4.0.3",
|
"version": "4.0.3",
|
||||||
"resolved": "https://registry.npmjs.org/y18n/-/y18n-4.0.3.tgz",
|
"resolved": "https://registry.npmjs.org/y18n/-/y18n-4.0.3.tgz",
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
{
|
{
|
||||||
"name": "ff-admin-server",
|
"name": "ff-admin-server",
|
||||||
"version": "1.2.0",
|
"version": "1.0.2",
|
||||||
"description": "Feuerwehr/Verein Mitgliederverwaltung Server",
|
"description": "Feuerwehr/Verein Mitgliederverwaltung Server",
|
||||||
"main": "dist/index.js",
|
"main": "dist/index.js",
|
||||||
"scripts": {
|
"scripts": {
|
||||||
|
@ -39,7 +39,6 @@
|
||||||
"puppeteer": "^23.11.1",
|
"puppeteer": "^23.11.1",
|
||||||
"qrcode": "^1.5.4",
|
"qrcode": "^1.5.4",
|
||||||
"reflect-metadata": "^0.2.2",
|
"reflect-metadata": "^0.2.2",
|
||||||
"rss-parser": "^3.13.0",
|
|
||||||
"socket.io": "^4.7.5",
|
"socket.io": "^4.7.5",
|
||||||
"speakeasy": "^2.0.0",
|
"speakeasy": "^2.0.0",
|
||||||
"typeorm": "^0.3.20",
|
"typeorm": "^0.3.20",
|
||||||
|
|
|
@ -33,10 +33,7 @@ export default abstract class MemberCommandHandler {
|
||||||
return result.identifiers[0].id;
|
return result.identifiers[0].id;
|
||||||
})
|
})
|
||||||
.catch((err) => {
|
.catch((err) => {
|
||||||
throw new InternalException(
|
throw new InternalException("Failed creating member", err);
|
||||||
`Failed creating member${err.code.includes("ER_DUP_ENTRY") ? " due to duplicate entry for column" : ""}`,
|
|
||||||
err
|
|
||||||
);
|
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -61,10 +58,7 @@ export default abstract class MemberCommandHandler {
|
||||||
.execute()
|
.execute()
|
||||||
.then(() => {})
|
.then(() => {})
|
||||||
.catch((err) => {
|
.catch((err) => {
|
||||||
throw new InternalException(
|
throw new InternalException("Failed updating member", err);
|
||||||
`Failed updating member${err.code.includes("ER_DUP_ENTRY") ? " due to duplicate entry for column" : ""}`,
|
|
||||||
err
|
|
||||||
);
|
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -89,7 +83,7 @@ export default abstract class MemberCommandHandler {
|
||||||
.execute()
|
.execute()
|
||||||
.then(() => {})
|
.then(() => {})
|
||||||
.catch((err) => {
|
.catch((err) => {
|
||||||
throw new InternalException(`Failed updating member`, err);
|
throw new InternalException("Failed updating member", err);
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -6,5 +6,4 @@ export interface SynchronizeProtocolPresenceCommand {
|
||||||
export interface ProtocolPresenceCommand {
|
export interface ProtocolPresenceCommand {
|
||||||
memberId: number;
|
memberId: number;
|
||||||
absent: boolean;
|
absent: boolean;
|
||||||
excused: boolean;
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -74,7 +74,6 @@ export default abstract class ProtocolPresenceCommandHandler {
|
||||||
.update(protocolPresence)
|
.update(protocolPresence)
|
||||||
.set({
|
.set({
|
||||||
absent: member.absent,
|
absent: member.absent,
|
||||||
excused: member.excused,
|
|
||||||
})
|
})
|
||||||
.where("memberId = :memberId", { memberId: member.memberId })
|
.where("memberId = :memberId", { memberId: member.memberId })
|
||||||
.andWhere("protocolId = :protocolId", { protocolId })
|
.andWhere("protocolId = :protocolId", { protocolId })
|
||||||
|
|
|
@ -1,19 +0,0 @@
|
||||||
export interface CreateWebapiCommand {
|
|
||||||
title: string;
|
|
||||||
token: string;
|
|
||||||
expiry?: Date;
|
|
||||||
}
|
|
||||||
|
|
||||||
export interface UpdateWebapiCommand {
|
|
||||||
id: number;
|
|
||||||
title: string;
|
|
||||||
expiry?: Date;
|
|
||||||
}
|
|
||||||
|
|
||||||
export interface UpdateLastUsageWebapiCommand {
|
|
||||||
id: number;
|
|
||||||
}
|
|
||||||
|
|
||||||
export interface DeleteWebapiCommand {
|
|
||||||
id: number;
|
|
||||||
}
|
|
|
@ -1,100 +0,0 @@
|
||||||
import { dataSource } from "../../../data-source";
|
|
||||||
import { webapi } from "../../../entity/user/webapi";
|
|
||||||
import InternalException from "../../../exceptions/internalException";
|
|
||||||
import {
|
|
||||||
CreateWebapiCommand,
|
|
||||||
DeleteWebapiCommand,
|
|
||||||
UpdateLastUsageWebapiCommand,
|
|
||||||
UpdateWebapiCommand,
|
|
||||||
} from "./webapiCommand";
|
|
||||||
|
|
||||||
export default abstract class WebapiCommandHandler {
|
|
||||||
/**
|
|
||||||
* @description create api
|
|
||||||
* @param {CreateWebapiCommand} createWebapi
|
|
||||||
* @returns {Promise<number>}
|
|
||||||
*/
|
|
||||||
static async create(createWebapi: CreateWebapiCommand): Promise<number> {
|
|
||||||
return await dataSource
|
|
||||||
.createQueryBuilder()
|
|
||||||
.insert()
|
|
||||||
.into(webapi)
|
|
||||||
.values({
|
|
||||||
token: createWebapi.token,
|
|
||||||
title: createWebapi.title,
|
|
||||||
expiry: createWebapi.expiry,
|
|
||||||
})
|
|
||||||
.execute()
|
|
||||||
.then((result) => {
|
|
||||||
return result.identifiers[0].token;
|
|
||||||
})
|
|
||||||
.catch((err) => {
|
|
||||||
throw new InternalException(
|
|
||||||
`Failed creating api${err.code.includes("ER_DUP_ENTRY") ? " due to duplicate entry for column" : ""}`,
|
|
||||||
err
|
|
||||||
);
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @description update api
|
|
||||||
* @param {UpdateWebapiCommand} updateWebapi
|
|
||||||
* @returns {Promise<void>}
|
|
||||||
*/
|
|
||||||
static async update(updateWebapi: UpdateWebapiCommand): Promise<void> {
|
|
||||||
return await dataSource
|
|
||||||
.createQueryBuilder()
|
|
||||||
.update(webapi)
|
|
||||||
.set({
|
|
||||||
title: updateWebapi.title,
|
|
||||||
expiry: updateWebapi.expiry,
|
|
||||||
})
|
|
||||||
.where("id = :id", { id: updateWebapi.id })
|
|
||||||
.execute()
|
|
||||||
.then(() => {})
|
|
||||||
.catch((err) => {
|
|
||||||
throw new InternalException(
|
|
||||||
`Failed updating api${err.code.includes("ER_DUP_ENTRY") ? " due to duplicate entry for column" : ""}`,
|
|
||||||
err
|
|
||||||
);
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @description update api usage
|
|
||||||
* @param {UpdateLastUsageWebapiCommand} updateWebapi
|
|
||||||
* @returns {Promise<void>}
|
|
||||||
*/
|
|
||||||
static async updateUsage(updateWebapi: UpdateLastUsageWebapiCommand): Promise<void> {
|
|
||||||
return await dataSource
|
|
||||||
.createQueryBuilder()
|
|
||||||
.update(webapi)
|
|
||||||
.set({
|
|
||||||
lastUsage: new Date(),
|
|
||||||
})
|
|
||||||
.where("id = :id", { id: updateWebapi.id })
|
|
||||||
.execute()
|
|
||||||
.then(() => {})
|
|
||||||
.catch((err) => {
|
|
||||||
throw new InternalException(`Failed updating api last usage`, err);
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @description delete api
|
|
||||||
* @param {DeleteWebapiCommand} deleteWebapi
|
|
||||||
* @returns {Promise<void>}
|
|
||||||
*/
|
|
||||||
static async delete(deleteWebapi: DeleteWebapiCommand): Promise<void> {
|
|
||||||
return await dataSource
|
|
||||||
.createQueryBuilder()
|
|
||||||
.delete()
|
|
||||||
.from(webapi)
|
|
||||||
.where("id = :id", { id: deleteWebapi.id })
|
|
||||||
.execute()
|
|
||||||
.then(() => {})
|
|
||||||
.catch((err) => {
|
|
||||||
throw new InternalException("Failed deleting api", err);
|
|
||||||
});
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,16 +0,0 @@
|
||||||
import { PermissionString } from "../../../type/permissionTypes";
|
|
||||||
|
|
||||||
export interface CreateWebapiPermissionCommand {
|
|
||||||
permission: PermissionString;
|
|
||||||
webapiId: number;
|
|
||||||
}
|
|
||||||
|
|
||||||
export interface DeleteWebapiPermissionCommand {
|
|
||||||
permission: PermissionString;
|
|
||||||
webapiId: number;
|
|
||||||
}
|
|
||||||
|
|
||||||
export interface UpdateWebapiPermissionsCommand {
|
|
||||||
webapiId: number;
|
|
||||||
permissions: Array<PermissionString>;
|
|
||||||
}
|
|
|
@ -1,119 +0,0 @@
|
||||||
import { DeleteResult, EntityManager, InsertResult } from "typeorm";
|
|
||||||
import { dataSource } from "../../../data-source";
|
|
||||||
import { webapiPermission } from "../../../entity/user/webapi_permission";
|
|
||||||
import InternalException from "../../../exceptions/internalException";
|
|
||||||
import WebapiService from "../../../service/user/webapiService";
|
|
||||||
import {
|
|
||||||
CreateWebapiPermissionCommand,
|
|
||||||
DeleteWebapiPermissionCommand,
|
|
||||||
UpdateWebapiPermissionsCommand,
|
|
||||||
} from "./webapiPermissionCommand";
|
|
||||||
import PermissionHelper from "../../../helpers/permissionHelper";
|
|
||||||
import WebapiPermissionService from "../../../service/user/webapiPermissionService";
|
|
||||||
import { PermissionString } from "../../../type/permissionTypes";
|
|
||||||
|
|
||||||
export default abstract class WebapiPermissionCommandHandler {
|
|
||||||
/**
|
|
||||||
* @description update api permissions
|
|
||||||
* @param {UpdateWebapiPermissionsCommand} updateWebapiPermissions
|
|
||||||
* @returns {Promise<void>}
|
|
||||||
*/
|
|
||||||
static async updatePermissions(updateWebapiPermissions: UpdateWebapiPermissionsCommand): Promise<void> {
|
|
||||||
let currentPermissions = (await WebapiPermissionService.getByApi(updateWebapiPermissions.webapiId)).map(
|
|
||||||
(r) => r.permission
|
|
||||||
);
|
|
||||||
return await dataSource.manager
|
|
||||||
.transaction(async (manager) => {
|
|
||||||
let newPermissions = PermissionHelper.getWhatToAdd(currentPermissions, updateWebapiPermissions.permissions);
|
|
||||||
let removePermissions = PermissionHelper.getWhatToRemove(
|
|
||||||
currentPermissions,
|
|
||||||
updateWebapiPermissions.permissions
|
|
||||||
);
|
|
||||||
if (newPermissions.length != 0) {
|
|
||||||
await this.updatePermissionsAdd(manager, updateWebapiPermissions.webapiId, newPermissions);
|
|
||||||
}
|
|
||||||
if (removePermissions.length != 0) {
|
|
||||||
await this.updatePermissionsRemove(manager, updateWebapiPermissions.webapiId, removePermissions);
|
|
||||||
}
|
|
||||||
})
|
|
||||||
.then(() => {})
|
|
||||||
.catch((err) => {
|
|
||||||
throw new InternalException("Failed saving api permissions", err);
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
private static async updatePermissionsAdd(
|
|
||||||
manager: EntityManager,
|
|
||||||
webapiId: number,
|
|
||||||
permissions: Array<PermissionString>
|
|
||||||
): Promise<InsertResult> {
|
|
||||||
return await manager
|
|
||||||
.createQueryBuilder()
|
|
||||||
.insert()
|
|
||||||
.into(webapiPermission)
|
|
||||||
.values(
|
|
||||||
permissions.map((p) => ({
|
|
||||||
permission: p,
|
|
||||||
webapiId: webapiId,
|
|
||||||
}))
|
|
||||||
)
|
|
||||||
.orIgnore()
|
|
||||||
.execute();
|
|
||||||
}
|
|
||||||
|
|
||||||
private static async updatePermissionsRemove(
|
|
||||||
manager: EntityManager,
|
|
||||||
webapiId: number,
|
|
||||||
permissions: Array<PermissionString>
|
|
||||||
): Promise<DeleteResult> {
|
|
||||||
return await manager
|
|
||||||
.createQueryBuilder()
|
|
||||||
.delete()
|
|
||||||
.from(webapiPermission)
|
|
||||||
.where("webapiId = :id", { id: webapiId })
|
|
||||||
.andWhere("permission IN (:...permission)", { permission: permissions })
|
|
||||||
.execute();
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @description grant permission to user
|
|
||||||
* @param {CreateWebapiPermissionCommand} createPermission
|
|
||||||
* @returns {Promise<number>}
|
|
||||||
*/
|
|
||||||
static async create(createPermission: CreateWebapiPermissionCommand): Promise<number> {
|
|
||||||
return await dataSource
|
|
||||||
.createQueryBuilder()
|
|
||||||
.insert()
|
|
||||||
.into(webapiPermission)
|
|
||||||
.values({
|
|
||||||
permission: createPermission.permission,
|
|
||||||
webapiId: createPermission.webapiId,
|
|
||||||
})
|
|
||||||
.execute()
|
|
||||||
.then((result) => {
|
|
||||||
return result.identifiers[0].id;
|
|
||||||
})
|
|
||||||
.catch((err) => {
|
|
||||||
throw new InternalException("Failed saving api permission", err);
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @description remove permission from api
|
|
||||||
* @param {DeleteWebapiPermissionCommand} deletePermission
|
|
||||||
* @returns {Promise<any>}
|
|
||||||
*/
|
|
||||||
static async delete(deletePermission: DeleteWebapiPermissionCommand): Promise<any> {
|
|
||||||
return await dataSource
|
|
||||||
.createQueryBuilder()
|
|
||||||
.delete()
|
|
||||||
.from(webapiPermission)
|
|
||||||
.where("webapiId = :id", { id: deletePermission.webapiId })
|
|
||||||
.andWhere("permission = :permission", { permission: deletePermission.permission })
|
|
||||||
.execute()
|
|
||||||
.then(() => {})
|
|
||||||
.catch((err) => {
|
|
||||||
throw new InternalException("failed api permission removal", err);
|
|
||||||
});
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -61,13 +61,8 @@ export async function getAllMembers(req: Request, res: Response): Promise<any> {
|
||||||
let offset = parseInt((req.query.offset as string) ?? "0");
|
let offset = parseInt((req.query.offset as string) ?? "0");
|
||||||
let count = parseInt((req.query.count as string) ?? "25");
|
let count = parseInt((req.query.count as string) ?? "25");
|
||||||
let search = (req.query.search as string) ?? "";
|
let search = (req.query.search as string) ?? "";
|
||||||
let noLimit = req.query.noLimit === "true";
|
|
||||||
let ids = ((req.query.ids ?? "") as string)
|
|
||||||
.split(",")
|
|
||||||
.filter((i) => i)
|
|
||||||
.map((i) => parseInt(i));
|
|
||||||
|
|
||||||
let [members, total] = await MemberService.getAll({ offset, count, search, noLimit, ids });
|
let [members, total] = await MemberService.getAll(offset, count, search);
|
||||||
|
|
||||||
res.json({
|
res.json({
|
||||||
members: MemberFactory.mapToBase(members),
|
members: MemberFactory.mapToBase(members),
|
||||||
|
@ -90,19 +85,6 @@ export async function getMemberById(req: Request, res: Response): Promise<any> {
|
||||||
res.json(MemberFactory.mapToSingle(member));
|
res.json(MemberFactory.mapToSingle(member));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* @description get member statistics by id
|
|
||||||
* @param req {Request} Express req object
|
|
||||||
* @param res {Response} Express res object
|
|
||||||
* @returns {Promise<*>}
|
|
||||||
*/
|
|
||||||
export async function getMemberStatisticsById(req: Request, res: Response): Promise<any> {
|
|
||||||
const memberId = parseInt(req.params.id);
|
|
||||||
let member = await MemberService.getStatisticsById(memberId);
|
|
||||||
|
|
||||||
res.json(MemberFactory.mapToMemberStatistic(member));
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @description get memberships by member
|
* @description get memberships by member
|
||||||
* @param req {Request} Express req object
|
* @param req {Request} Express req object
|
||||||
|
@ -116,19 +98,6 @@ export async function getMembershipsByMember(req: Request, res: Response): Promi
|
||||||
res.json(MembershipFactory.mapToBase(memberships));
|
res.json(MembershipFactory.mapToBase(memberships));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* @description get member statistics by id
|
|
||||||
* @param req {Request} Express req object
|
|
||||||
* @param res {Response} Express res object
|
|
||||||
* @returns {Promise<*>}
|
|
||||||
*/
|
|
||||||
export async function getMembershipStatisticsById(req: Request, res: Response): Promise<any> {
|
|
||||||
const memberId = parseInt(req.params.memberId);
|
|
||||||
let member = await MembershipService.getStatisticsById(memberId);
|
|
||||||
|
|
||||||
res.json(MembershipFactory.mapToBaseStatistics(member));
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @description get membership by member and record
|
* @description get membership by member and record
|
||||||
* @param req {Request} Express req object
|
* @param req {Request} Express req object
|
||||||
|
|
|
@ -260,9 +260,7 @@ export async function createProtocolPrintoutById(req: Request, res: Response): P
|
||||||
agenda,
|
agenda,
|
||||||
decisions,
|
decisions,
|
||||||
presence: presence.filter((p) => !p.absent).map((p) => p.member),
|
presence: presence.filter((p) => !p.absent).map((p) => p.member),
|
||||||
absent: presence.filter((p) => p.absent).map((p) => ({ ...p.member, excused: p.excused })),
|
absent: presence.filter((p) => p.absent).map((p) => p.member),
|
||||||
excused_absent: presence.filter((p) => p.absent && p.excused).map((p) => p.member),
|
|
||||||
unexcused_absent: presence.filter((p) => p.absent && !p.excused).map((p) => p.member),
|
|
||||||
votings,
|
votings,
|
||||||
},
|
},
|
||||||
});
|
});
|
||||||
|
@ -391,7 +389,6 @@ export async function synchronizeProtocolPrecenseById(req: Request, res: Respons
|
||||||
members: presence.map((p) => ({
|
members: presence.map((p) => ({
|
||||||
memberId: p.memberId,
|
memberId: p.memberId,
|
||||||
absent: p.absent,
|
absent: p.absent,
|
||||||
excused: p.excused,
|
|
||||||
})),
|
})),
|
||||||
protocolId,
|
protocolId,
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,155 +0,0 @@
|
||||||
import { Request, Response } from "express";
|
|
||||||
import WebapiService from "../../../service/user/webapiService";
|
|
||||||
import ApiFactory from "../../../factory/admin/user/webapi";
|
|
||||||
import WebapiPermissionService from "../../../service/user/webapiPermissionService";
|
|
||||||
import PermissionHelper from "../../../helpers/permissionHelper";
|
|
||||||
import {
|
|
||||||
CreateWebapiCommand,
|
|
||||||
DeleteWebapiCommand,
|
|
||||||
UpdateWebapiCommand,
|
|
||||||
} from "../../../command/user/webapi/webapiCommand";
|
|
||||||
import WebapiCommandHandler from "../../../command/user/webapi/webapiCommandHandler";
|
|
||||||
import { UpdateWebapiPermissionsCommand } from "../../../command/user/webapi/webapiPermissionCommand";
|
|
||||||
import WebapiPermissionCommandHandler from "../../../command/user/webapi/webapiPermissionCommandHandler";
|
|
||||||
import { JWTHelper } from "../../../helpers/jwtHelper";
|
|
||||||
import { CLUB_NAME } from "../../../env.defaults";
|
|
||||||
import { StringHelper } from "../../../helpers/stringHelper";
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @description get All apis
|
|
||||||
* @param req {Request} Express req object
|
|
||||||
* @param res {Response} Express res object
|
|
||||||
* @returns {Promise<*>}
|
|
||||||
*/
|
|
||||||
export async function getAllWebapis(req: Request, res: Response): Promise<any> {
|
|
||||||
let apis = await WebapiService.getAll();
|
|
||||||
|
|
||||||
res.json(ApiFactory.mapToBase(apis));
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @description get api by id
|
|
||||||
* @param req {Request} Express req object
|
|
||||||
* @param res {Response} Express res object
|
|
||||||
* @returns {Promise<*>}
|
|
||||||
*/
|
|
||||||
export async function getWebapiById(req: Request, res: Response): Promise<any> {
|
|
||||||
const id = parseInt(req.params.id);
|
|
||||||
let api = await WebapiService.getById(id);
|
|
||||||
|
|
||||||
res.json(ApiFactory.mapToSingle(api));
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @description get api token by id
|
|
||||||
* @param req {Request} Express req object
|
|
||||||
* @param res {Response} Express res object
|
|
||||||
* @returns {Promise<*>}
|
|
||||||
*/
|
|
||||||
export async function getWebapiTokenById(req: Request, res: Response): Promise<any> {
|
|
||||||
const id = parseInt(req.params.id);
|
|
||||||
let { token } = await WebapiService.getTokenById(id);
|
|
||||||
|
|
||||||
res.send(token);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @description get permissions by api
|
|
||||||
* @param req {Request} Express req object
|
|
||||||
* @param res {Response} Express res object
|
|
||||||
* @returns {Promise<*>}
|
|
||||||
*/
|
|
||||||
export async function getWebapiPermissions(req: Request, res: Response): Promise<any> {
|
|
||||||
const id = parseInt(req.params.id);
|
|
||||||
let permissions = await WebapiPermissionService.getByApi(id);
|
|
||||||
|
|
||||||
res.json(PermissionHelper.convertToObject(permissions.map((p) => p.permission)));
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @description create new api
|
|
||||||
* @param req {Request} Express req object
|
|
||||||
* @param res {Response} Express res object
|
|
||||||
* @returns {Promise<*>}
|
|
||||||
*/
|
|
||||||
export async function createWebapi(req: Request, res: Response): Promise<any> {
|
|
||||||
let title = req.body.title;
|
|
||||||
let expiry = req.body.expiry || null;
|
|
||||||
|
|
||||||
let token = await JWTHelper.create(
|
|
||||||
{
|
|
||||||
iss: CLUB_NAME,
|
|
||||||
sub: "api_token_retrieve",
|
|
||||||
aud: StringHelper.random(32),
|
|
||||||
},
|
|
||||||
{ useExpiration: false }
|
|
||||||
);
|
|
||||||
|
|
||||||
let createApi: CreateWebapiCommand = {
|
|
||||||
token: token,
|
|
||||||
title: title,
|
|
||||||
expiry: expiry,
|
|
||||||
};
|
|
||||||
await WebapiCommandHandler.create(createApi);
|
|
||||||
|
|
||||||
res.sendStatus(204);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @description update api data
|
|
||||||
* @param req {Request} Express req object
|
|
||||||
* @param res {Response} Express res object
|
|
||||||
* @returns {Promise<*>}
|
|
||||||
*/
|
|
||||||
export async function updateWebapi(req: Request, res: Response): Promise<any> {
|
|
||||||
const id = parseInt(req.params.id);
|
|
||||||
let title = req.body.title;
|
|
||||||
let expiry = req.body.expiry || null;
|
|
||||||
|
|
||||||
let updateApi: UpdateWebapiCommand = {
|
|
||||||
id: id,
|
|
||||||
title: title,
|
|
||||||
expiry: expiry,
|
|
||||||
};
|
|
||||||
await WebapiCommandHandler.update(updateApi);
|
|
||||||
|
|
||||||
res.sendStatus(204);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @description update api assigned permission strings
|
|
||||||
* @param req {Request} Express req object
|
|
||||||
* @param res {Response} Express res object
|
|
||||||
* @returns {Promise<*>}
|
|
||||||
*/
|
|
||||||
export async function updateWebapiPermissions(req: Request, res: Response): Promise<any> {
|
|
||||||
const id = parseInt(req.params.id);
|
|
||||||
let permissions = req.body.permissions;
|
|
||||||
|
|
||||||
let permissionStrings = PermissionHelper.convertToStringArray(permissions);
|
|
||||||
|
|
||||||
let updateApiPermissions: UpdateWebapiPermissionsCommand = {
|
|
||||||
webapiId: id,
|
|
||||||
permissions: permissionStrings,
|
|
||||||
};
|
|
||||||
await WebapiPermissionCommandHandler.updatePermissions(updateApiPermissions);
|
|
||||||
|
|
||||||
res.sendStatus(204);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @description delete api by id
|
|
||||||
* @param req {Request} Express req object
|
|
||||||
* @param res {Response} Express res object
|
|
||||||
* @returns {Promise<*>}
|
|
||||||
*/
|
|
||||||
export async function deleteWebapi(req: Request, res: Response): Promise<any> {
|
|
||||||
const id = parseInt(req.params.id);
|
|
||||||
|
|
||||||
let deleteApi: DeleteWebapiCommand = {
|
|
||||||
id: id,
|
|
||||||
};
|
|
||||||
await WebapiCommandHandler.delete(deleteApi);
|
|
||||||
|
|
||||||
res.sendStatus(204);
|
|
||||||
}
|
|
|
@ -1,37 +0,0 @@
|
||||||
import { Request, Response } from "express";
|
|
||||||
import { JWTHelper } from "../helpers/jwtHelper";
|
|
||||||
import { JWTToken } from "../type/jwtTypes";
|
|
||||||
import InternalException from "../exceptions/internalException";
|
|
||||||
import RefreshCommandHandler from "../command/refreshCommandHandler";
|
|
||||||
import { CreateRefreshCommand, DeleteRefreshCommand } from "../command/refreshCommand";
|
|
||||||
import UserService from "../service/user/userService";
|
|
||||||
import speakeasy from "speakeasy";
|
|
||||||
import UnauthorizedRequestException from "../exceptions/unauthorizedRequestException";
|
|
||||||
import RefreshService from "../service/refreshService";
|
|
||||||
import WebapiService from "../service/user/webapiService";
|
|
||||||
import ForbiddenRequestException from "../exceptions/forbiddenRequestException";
|
|
||||||
import WebapiCommandHandler from "../command/user/webapi/webapiCommandHandler";
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @description Check authentication status by token
|
|
||||||
* @param req {Request} Express req object
|
|
||||||
* @param res {Response} Express res object
|
|
||||||
* @returns {Promise<*>}
|
|
||||||
*/
|
|
||||||
export async function getWebApiAccess(req: Request, res: Response): Promise<any> {
|
|
||||||
const bearer = req.headers.authorization?.split(" ")?.[1] ?? undefined;
|
|
||||||
|
|
||||||
let { id, expiry } = await WebapiService.getByToken(bearer);
|
|
||||||
|
|
||||||
if (expiry != null && new Date() > new Date(expiry)) {
|
|
||||||
throw new ForbiddenRequestException("api token expired");
|
|
||||||
}
|
|
||||||
|
|
||||||
await WebapiCommandHandler.updateUsage({ id });
|
|
||||||
|
|
||||||
let accessToken = await JWTHelper.buildWebapiToken(bearer, expiry);
|
|
||||||
|
|
||||||
res.json({
|
|
||||||
accessToken,
|
|
||||||
});
|
|
||||||
}
|
|
|
@ -67,10 +67,6 @@ import { ProtocolAbsent1736072179716 } from "./migrations/1736072179716-protocol
|
||||||
import { Memberlist1736079005086 } from "./migrations/1736079005086-memberlist";
|
import { Memberlist1736079005086 } from "./migrations/1736079005086-memberlist";
|
||||||
import { ExtendViewValues1736084198860 } from "./migrations/1736084198860-extendViewValues";
|
import { ExtendViewValues1736084198860 } from "./migrations/1736084198860-extendViewValues";
|
||||||
import { FinishInternalIdTransfer1736505324488 } from "./migrations/1736505324488-finishInternalIdTransfer";
|
import { FinishInternalIdTransfer1736505324488 } from "./migrations/1736505324488-finishInternalIdTransfer";
|
||||||
import { ProtocolPresenceExcuse1737287798828 } from "./migrations/1737287798828-protocolPresenceExcuse";
|
|
||||||
import { webapi } from "./entity/user/webapi";
|
|
||||||
import { webapiPermission } from "./entity/user/webapi_permission";
|
|
||||||
import { AddWebapiTokens1737453096674 } from "./migrations/1737453096674-addwebapiTokens";
|
|
||||||
|
|
||||||
const dataSource = new DataSource({
|
const dataSource = new DataSource({
|
||||||
type: DB_TYPE as any,
|
type: DB_TYPE as any,
|
||||||
|
@ -120,8 +116,6 @@ const dataSource = new DataSource({
|
||||||
memberExecutivePositionsView,
|
memberExecutivePositionsView,
|
||||||
memberQualificationsView,
|
memberQualificationsView,
|
||||||
membershipView,
|
membershipView,
|
||||||
webapi,
|
|
||||||
webapiPermission,
|
|
||||||
],
|
],
|
||||||
migrations: [
|
migrations: [
|
||||||
Initial1724317398939,
|
Initial1724317398939,
|
||||||
|
@ -150,8 +144,6 @@ const dataSource = new DataSource({
|
||||||
Memberlist1736079005086,
|
Memberlist1736079005086,
|
||||||
ExtendViewValues1736084198860,
|
ExtendViewValues1736084198860,
|
||||||
FinishInternalIdTransfer1736505324488,
|
FinishInternalIdTransfer1736505324488,
|
||||||
ProtocolPresenceExcuse1737287798828,
|
|
||||||
AddWebapiTokens1737453096674,
|
|
||||||
],
|
],
|
||||||
migrationsRun: true,
|
migrationsRun: true,
|
||||||
migrationsTransactionMode: "each",
|
migrationsTransactionMode: "each",
|
||||||
|
|
|
@ -13,9 +13,6 @@ export class protocolPresence {
|
||||||
@Column({ type: "boolean", default: false })
|
@Column({ type: "boolean", default: false })
|
||||||
absent: boolean;
|
absent: boolean;
|
||||||
|
|
||||||
@Column({ type: "boolean", default: true })
|
|
||||||
excused: boolean;
|
|
||||||
|
|
||||||
@ManyToOne(() => member, {
|
@ManyToOne(() => member, {
|
||||||
nullable: false,
|
nullable: false,
|
||||||
onDelete: "CASCADE",
|
onDelete: "CASCADE",
|
||||||
|
|
|
@ -1,26 +0,0 @@
|
||||||
import { Column, CreateDateColumn, Entity, OneToMany, PrimaryColumn } from "typeorm";
|
|
||||||
import { webapiPermission } from "./webapi_permission";
|
|
||||||
|
|
||||||
@Entity()
|
|
||||||
export class webapi {
|
|
||||||
@PrimaryColumn({ generated: "increment", type: "int" })
|
|
||||||
id: number;
|
|
||||||
|
|
||||||
@Column({ type: "text", unique: true, select: false })
|
|
||||||
token: string;
|
|
||||||
|
|
||||||
@Column({ type: "varchar", length: 255, unique: true })
|
|
||||||
title: string;
|
|
||||||
|
|
||||||
@CreateDateColumn()
|
|
||||||
createdAt: Date;
|
|
||||||
|
|
||||||
@Column({ type: "datetime", nullable: true })
|
|
||||||
lastUsage?: Date;
|
|
||||||
|
|
||||||
@Column({ type: "date", nullable: true })
|
|
||||||
expiry?: Date;
|
|
||||||
|
|
||||||
@OneToMany(() => webapiPermission, (apiPermission) => apiPermission.webapi)
|
|
||||||
permissions: webapiPermission[];
|
|
||||||
}
|
|
|
@ -1,19 +0,0 @@
|
||||||
import { Column, Entity, ManyToOne, OneToMany, PrimaryColumn } from "typeorm";
|
|
||||||
import { PermissionObject, PermissionString } from "../../type/permissionTypes";
|
|
||||||
import { webapi } from "./webapi";
|
|
||||||
|
|
||||||
@Entity()
|
|
||||||
export class webapiPermission {
|
|
||||||
@PrimaryColumn({ type: "int" })
|
|
||||||
webapiId: number;
|
|
||||||
|
|
||||||
@PrimaryColumn({ type: "varchar", length: 255 })
|
|
||||||
permission: PermissionString;
|
|
||||||
|
|
||||||
@ManyToOne(() => webapi, {
|
|
||||||
nullable: false,
|
|
||||||
onDelete: "CASCADE",
|
|
||||||
onUpdate: "RESTRICT",
|
|
||||||
})
|
|
||||||
webapi: webapi;
|
|
||||||
}
|
|
|
@ -21,7 +21,7 @@ export const MAIL_HOST = process.env.MAIL_HOST ?? "";
|
||||||
export const MAIL_PORT = Number(process.env.MAIL_PORT ?? "587");
|
export const MAIL_PORT = Number(process.env.MAIL_PORT ?? "587");
|
||||||
export const MAIL_SECURE = process.env.MAIL_SECURE ?? "false";
|
export const MAIL_SECURE = process.env.MAIL_SECURE ?? "false";
|
||||||
|
|
||||||
export const CLUB_NAME = process.env.CLUB_NAME ?? "FF Admin";
|
export const CLUB_NAME = process.env.CLUB_NAME ?? "";
|
||||||
export const CLUB_WEBSITE = process.env.CLUB_WEBSITE ?? "";
|
export const CLUB_WEBSITE = process.env.CLUB_WEBSITE ?? "";
|
||||||
|
|
||||||
export function configCheck() {
|
export function configCheck() {
|
||||||
|
|
|
@ -1,6 +1,5 @@
|
||||||
import { member } from "../../../../entity/club/member/member";
|
import { member } from "../../../../entity/club/member/member";
|
||||||
import { MemberStatisticsViewModel, MemberViewModel } from "../../../../viewmodel/admin/club/member/member.models";
|
import { MemberViewModel } from "../../../../viewmodel/admin/club/member/member.models";
|
||||||
import { memberView } from "../../../../views/memberView";
|
|
||||||
import CommunicationFactory from "./communication";
|
import CommunicationFactory from "./communication";
|
||||||
import MembershipFactory from "./membership";
|
import MembershipFactory from "./membership";
|
||||||
|
|
||||||
|
@ -41,23 +40,4 @@ export default abstract class MemberFactory {
|
||||||
public static mapToBase(records: Array<member>): Array<MemberViewModel> {
|
public static mapToBase(records: Array<member>): Array<MemberViewModel> {
|
||||||
return records.map((r) => this.mapToSingle(r));
|
return records.map((r) => this.mapToSingle(r));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* @description map view record to MemberMembershipStatisticsViewModel
|
|
||||||
* @param {memberView} record
|
|
||||||
* @returns {MemberStatisticsViewModel}
|
|
||||||
*/
|
|
||||||
public static mapToMemberStatistic(record: memberView): MemberStatisticsViewModel {
|
|
||||||
return {
|
|
||||||
id: record.id,
|
|
||||||
salutation: record.salutation,
|
|
||||||
firstname: record.firstname,
|
|
||||||
lastname: record.lastname,
|
|
||||||
nameaffix: record.nameaffix,
|
|
||||||
birthdate: record.birthdate,
|
|
||||||
todayAge: record.todayAge,
|
|
||||||
ageThisYear: record.ageThisYear,
|
|
||||||
exactAge: record.exactAge,
|
|
||||||
};
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,9 +1,5 @@
|
||||||
import { membership } from "../../../../entity/club/member/membership";
|
import { membership } from "../../../../entity/club/member/membership";
|
||||||
import {
|
import { MembershipViewModel } from "../../../../viewmodel/admin/club/member/membership.models";
|
||||||
MembershipStatisticsViewModel,
|
|
||||||
MembershipViewModel,
|
|
||||||
} from "../../../../viewmodel/admin/club/member/membership.models";
|
|
||||||
import { membershipView } from "../../../../views/membershipsView";
|
|
||||||
|
|
||||||
export default abstract class MembershipFactory {
|
export default abstract class MembershipFactory {
|
||||||
/**
|
/**
|
||||||
|
@ -30,33 +26,4 @@ export default abstract class MembershipFactory {
|
||||||
public static mapToBase(records: Array<membership>): Array<MembershipViewModel> {
|
public static mapToBase(records: Array<membership>): Array<MembershipViewModel> {
|
||||||
return records.map((r) => this.mapToSingle(r));
|
return records.map((r) => this.mapToSingle(r));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* @description map view record to MembershipStatisticsViewModel
|
|
||||||
* @param {membershipView} record
|
|
||||||
* @returns {MembershipStatisticsViewModel}
|
|
||||||
*/
|
|
||||||
public static mapToSingleStatistic(record: membershipView): MembershipStatisticsViewModel {
|
|
||||||
return {
|
|
||||||
durationInDays: record.durationInDays,
|
|
||||||
durationInYears: record.durationInYears,
|
|
||||||
status: record.status,
|
|
||||||
statusId: record.statusId,
|
|
||||||
memberId: record.memberId,
|
|
||||||
memberSalutation: record.memberSalutation,
|
|
||||||
memberFirstname: record.memberFirstname,
|
|
||||||
memberLastname: record.memberLastname,
|
|
||||||
memberNameaffix: record.memberNameaffix,
|
|
||||||
memberBirthdate: record.memberBirthdate,
|
|
||||||
};
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @description map records to MembershipStatisticsViewModel
|
|
||||||
* @param {Array<membershipView>} records
|
|
||||||
* @returns {Array<MembershipStatisticsViewModel>}
|
|
||||||
*/
|
|
||||||
public static mapToBaseStatistics(records: Array<membershipView>): Array<MembershipStatisticsViewModel> {
|
|
||||||
return records.map((r) => this.mapToSingleStatistic(r));
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -12,7 +12,6 @@ export default abstract class ProtocolPresenceFactory {
|
||||||
return {
|
return {
|
||||||
memberId: record.member.id,
|
memberId: record.member.id,
|
||||||
absent: record.absent,
|
absent: record.absent,
|
||||||
excused: record.excused,
|
|
||||||
protocolId: record.protocolId,
|
protocolId: record.protocolId,
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,30 +0,0 @@
|
||||||
import { webapi } from "../../../entity/user/webapi";
|
|
||||||
import PermissionHelper from "../../../helpers/permissionHelper";
|
|
||||||
import { ApiViewModel } from "../../../viewmodel/admin/user/webapi.models";
|
|
||||||
|
|
||||||
export default abstract class ApiFactory {
|
|
||||||
/**
|
|
||||||
* @description map record to api
|
|
||||||
* @param {webapi} record
|
|
||||||
* @returns {apiViewModel}
|
|
||||||
*/
|
|
||||||
public static mapToSingle(record: webapi): ApiViewModel {
|
|
||||||
return {
|
|
||||||
id: record.id,
|
|
||||||
permissions: PermissionHelper.convertToObject(record.permissions.map((e) => e.permission)),
|
|
||||||
title: record.title,
|
|
||||||
expiry: record.expiry,
|
|
||||||
lastUsage: record.lastUsage,
|
|
||||||
createdAt: record.createdAt,
|
|
||||||
};
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @description map records to api
|
|
||||||
* @param {Array<webapi>} records
|
|
||||||
* @returns {Array<apiViewModel>}
|
|
||||||
*/
|
|
||||||
public static mapToBase(records: Array<webapi>): Array<ApiViewModel> {
|
|
||||||
return records.map((r) => this.mapToSingle(r));
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -6,9 +6,6 @@ import RolePermissionService from "../service/user/rolePermissionService";
|
||||||
import UserPermissionService from "../service/user/userPermissionService";
|
import UserPermissionService from "../service/user/userPermissionService";
|
||||||
import UserService from "../service/user/userService";
|
import UserService from "../service/user/userService";
|
||||||
import PermissionHelper from "./permissionHelper";
|
import PermissionHelper from "./permissionHelper";
|
||||||
import WebapiService from "../service/user/webapiService";
|
|
||||||
import WebapiPermissionService from "../service/user/webapiPermissionService";
|
|
||||||
import ms from "ms";
|
|
||||||
|
|
||||||
export abstract class JWTHelper {
|
export abstract class JWTHelper {
|
||||||
static validate(token: string): Promise<string | jwt.JwtPayload> {
|
static validate(token: string): Promise<string | jwt.JwtPayload> {
|
||||||
|
@ -20,16 +17,13 @@ export abstract class JWTHelper {
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
static create(
|
static create(data: JWTData): Promise<string> {
|
||||||
data: JWTData,
|
|
||||||
{ expOverwrite, useExpiration }: { expOverwrite?: number; useExpiration?: boolean } = { useExpiration: true }
|
|
||||||
): Promise<string> {
|
|
||||||
return new Promise<string>((resolve, reject) => {
|
return new Promise<string>((resolve, reject) => {
|
||||||
jwt.sign(
|
jwt.sign(
|
||||||
data,
|
data,
|
||||||
JWT_SECRET,
|
JWT_SECRET,
|
||||||
{
|
{
|
||||||
...(useExpiration ?? true ? { expiresIn: expOverwrite ?? JWT_EXPIRATION } : {}),
|
expiresIn: JWT_EXPIRATION,
|
||||||
},
|
},
|
||||||
(err, token) => {
|
(err, token) => {
|
||||||
if (err) reject(err.message);
|
if (err) reject(err.message);
|
||||||
|
@ -78,35 +72,4 @@ export abstract class JWTHelper {
|
||||||
throw new InternalException("Failed accessToken creation", err);
|
throw new InternalException("Failed accessToken creation", err);
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
static async buildWebapiToken(token: string, expiration?: Date): Promise<string> {
|
|
||||||
let { id, title } = await WebapiService.getByToken(token);
|
|
||||||
let webapiPermissions = await WebapiPermissionService.getByApi(id);
|
|
||||||
let webapiPermissionStrings = webapiPermissions.map((e) => e.permission);
|
|
||||||
let permissionObject = PermissionHelper.convertToObject(webapiPermissionStrings);
|
|
||||||
|
|
||||||
let jwtData: JWTToken = {
|
|
||||||
userId: id,
|
|
||||||
mail: "",
|
|
||||||
username: title,
|
|
||||||
firstname: "",
|
|
||||||
lastname: "",
|
|
||||||
isOwner: false,
|
|
||||||
permissions: permissionObject,
|
|
||||||
sub: "webapi_access_token",
|
|
||||||
};
|
|
||||||
|
|
||||||
let overwriteExpiration =
|
|
||||||
ms(JWT_EXPIRATION) < new Date().getTime() - new Date(expiration).getTime()
|
|
||||||
? null
|
|
||||||
: Date.now() - new Date(expiration).getTime();
|
|
||||||
|
|
||||||
return await JWTHelper.create(jwtData, { expOverwrite: overwriteExpiration, useExpiration: true })
|
|
||||||
.then((result) => {
|
|
||||||
return result;
|
|
||||||
})
|
|
||||||
.catch((err) => {
|
|
||||||
throw new InternalException("Failed webapi accessToken creation", err);
|
|
||||||
});
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -141,7 +141,7 @@ export abstract class NewsletterHelper {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
let members = await MemberService.getAll({ noLimit: true });
|
let members = await MemberService.getAll(0, 1000);
|
||||||
|
|
||||||
return members[0].filter((m) => queryMemberIds.includes(m.id));
|
return members[0].filter((m) => queryMemberIds.includes(m.id));
|
||||||
}
|
}
|
||||||
|
|
|
@ -89,19 +89,6 @@ export default class PermissionHelper {
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
static isAdminMiddleware(): (req: Request, res: Response, next: Function) => void {
|
|
||||||
return (req: Request, res: Response, next: Function) => {
|
|
||||||
const permissions = req.permissions;
|
|
||||||
const isOwner = req.isOwner;
|
|
||||||
|
|
||||||
if (isOwner || permissions.admin) {
|
|
||||||
next();
|
|
||||||
} else {
|
|
||||||
throw new ForbiddenRequestException(`missing admin permission`);
|
|
||||||
}
|
|
||||||
};
|
|
||||||
}
|
|
||||||
|
|
||||||
static convertToObject(permissions: Array<PermissionString>): PermissionObject {
|
static convertToObject(permissions: Array<PermissionString>): PermissionObject {
|
||||||
if (permissions.includes("*")) {
|
if (permissions.includes("*")) {
|
||||||
return {
|
return {
|
||||||
|
|
|
@ -13,7 +13,6 @@ declare global {
|
||||||
isOwner: boolean;
|
isOwner: boolean;
|
||||||
permissions: PermissionObject;
|
permissions: PermissionObject;
|
||||||
isPWA: boolean;
|
isPWA: boolean;
|
||||||
isWebApiRequest: boolean;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -29,15 +29,10 @@ export default async function authenticate(req: Request, res: Response, next: Fu
|
||||||
throw new InternalException("process failed");
|
throw new InternalException("process failed");
|
||||||
}
|
}
|
||||||
|
|
||||||
if (decoded?.sub == "api_token_retrieve") {
|
|
||||||
throw new BadRequestException("This token is only authorized to get temporary access tokens via GET /api/webapi");
|
|
||||||
}
|
|
||||||
|
|
||||||
req.userId = decoded.userId;
|
req.userId = decoded.userId;
|
||||||
req.username = decoded.username;
|
req.username = decoded.username;
|
||||||
req.isOwner = decoded.isOwner;
|
req.isOwner = decoded.isOwner;
|
||||||
req.permissions = decoded.permissions;
|
req.permissions = decoded.permissions;
|
||||||
req.isWebApiRequest = decoded?.sub == "webapi_access_token";
|
|
||||||
|
|
||||||
next();
|
next();
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,37 +0,0 @@
|
||||||
import { Request, Response } from "express";
|
|
||||||
import jwt from "jsonwebtoken";
|
|
||||||
import BadRequestException from "../exceptions/badRequestException";
|
|
||||||
import UnauthorizedRequestException from "../exceptions/unauthorizedRequestException";
|
|
||||||
import InternalException from "../exceptions/internalException";
|
|
||||||
import { JWTHelper } from "../helpers/jwtHelper";
|
|
||||||
|
|
||||||
export default async function authenticateAPI(req: Request, res: Response, next: Function) {
|
|
||||||
const bearer = req.headers.authorization?.split(" ")?.[1] ?? undefined;
|
|
||||||
|
|
||||||
if (!bearer) {
|
|
||||||
throw new BadRequestException("Provide valid Authorization Header");
|
|
||||||
}
|
|
||||||
|
|
||||||
let decoded: string | jwt.JwtPayload;
|
|
||||||
await JWTHelper.validate(bearer)
|
|
||||||
.then((result) => {
|
|
||||||
decoded = result;
|
|
||||||
})
|
|
||||||
.catch((err) => {
|
|
||||||
if (err == "jwt expired") {
|
|
||||||
throw new UnauthorizedRequestException("Token expired", err);
|
|
||||||
} else {
|
|
||||||
throw new BadRequestException("Failed Authorization Header decoding", err);
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
if (typeof decoded == "string" || !decoded) {
|
|
||||||
throw new InternalException("process failed");
|
|
||||||
}
|
|
||||||
|
|
||||||
if (decoded?.sub != "api_token_retrieve") {
|
|
||||||
throw new BadRequestException("This route can only be accessed via a api token");
|
|
||||||
}
|
|
||||||
|
|
||||||
next();
|
|
||||||
}
|
|
|
@ -1,10 +0,0 @@
|
||||||
import { Request, Response } from "express";
|
|
||||||
import ForbiddenRequestException from "../exceptions/forbiddenRequestException";
|
|
||||||
|
|
||||||
export default async function preventWebapiAccess(req: Request, res: Response, next: Function) {
|
|
||||||
if (req.isWebApiRequest) {
|
|
||||||
throw new ForbiddenRequestException("This route cannot be accessed via webapi");
|
|
||||||
} else {
|
|
||||||
next();
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,21 +0,0 @@
|
||||||
import { MigrationInterface, QueryRunner, TableColumn } from "typeorm";
|
|
||||||
|
|
||||||
export class ProtocolPresenceExcuse1737287798828 implements MigrationInterface {
|
|
||||||
name = "ProtocolPresenceExcuse1737287798828";
|
|
||||||
|
|
||||||
public async up(queryRunner: QueryRunner): Promise<void> {
|
|
||||||
await queryRunner.addColumn(
|
|
||||||
"protocol_presence",
|
|
||||||
new TableColumn({
|
|
||||||
name: "excused",
|
|
||||||
type: "tinyint",
|
|
||||||
default: "1",
|
|
||||||
isNullable: false,
|
|
||||||
})
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
public async down(queryRunner: QueryRunner): Promise<void> {
|
|
||||||
await queryRunner.dropColumn("protocol_presence", "excused");
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,55 +0,0 @@
|
||||||
import { MigrationInterface, QueryRunner, Table, TableForeignKey } from "typeorm";
|
|
||||||
import { DB_TYPE } from "../env.defaults";
|
|
||||||
|
|
||||||
export class AddWebapiTokens1737453096674 implements MigrationInterface {
|
|
||||||
name = "AddWebApiTokens1737453096674";
|
|
||||||
|
|
||||||
public async up(queryRunner: QueryRunner): Promise<void> {
|
|
||||||
const variableType_int = DB_TYPE == "mysql" ? "int" : "integer";
|
|
||||||
|
|
||||||
await queryRunner.createTable(
|
|
||||||
new Table({
|
|
||||||
name: "webapi",
|
|
||||||
columns: [
|
|
||||||
{ name: "id", type: variableType_int, isPrimary: true, isGenerated: true, generationStrategy: "increment" },
|
|
||||||
{ name: "token", type: "text", isUnique: true, isNullable: false },
|
|
||||||
{ name: "title", type: "varchar", isUnique: true, length: "255", isNullable: false },
|
|
||||||
{ name: "createdAt", type: "datetime", default: "CURRENT_TIMESTAMP(6)", isNullable: false },
|
|
||||||
{ name: "lastUsage", type: "datetime", isNullable: true, default: null },
|
|
||||||
{ name: "expiry", type: "date", isNullable: true, default: null },
|
|
||||||
],
|
|
||||||
}),
|
|
||||||
true
|
|
||||||
);
|
|
||||||
|
|
||||||
await queryRunner.createTable(
|
|
||||||
new Table({
|
|
||||||
name: "webapi_permission",
|
|
||||||
columns: [
|
|
||||||
{ name: "webapiId", type: variableType_int, isPrimary: true, isNullable: false },
|
|
||||||
{ name: "permission", type: "varchar", length: "255", isPrimary: true, isNullable: false },
|
|
||||||
],
|
|
||||||
}),
|
|
||||||
true
|
|
||||||
);
|
|
||||||
|
|
||||||
await queryRunner.createForeignKey(
|
|
||||||
"webapi_permission",
|
|
||||||
new TableForeignKey({
|
|
||||||
columnNames: ["webapiId"],
|
|
||||||
referencedColumnNames: ["id"],
|
|
||||||
referencedTableName: "webapi",
|
|
||||||
onDelete: "CASCADE",
|
|
||||||
onUpdate: "RESTRICT",
|
|
||||||
})
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
public async down(queryRunner: QueryRunner): Promise<void> {
|
|
||||||
const table = await queryRunner.getTable("webapi_permission");
|
|
||||||
const foreignKey = table.foreignKeys.find((fk) => fk.columnNames.indexOf("webapiId") !== -1);
|
|
||||||
await queryRunner.dropForeignKey("webapi_permission", foreignKey);
|
|
||||||
await queryRunner.dropTable("webapi_permission");
|
|
||||||
await queryRunner.dropTable("webapi");
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,38 +1,36 @@
|
||||||
import express, { Request, Response } from "express";
|
import express, { Request, Response } from "express";
|
||||||
import {
|
import {
|
||||||
addAwardToMember,
|
addAwardToMember,
|
||||||
addCommunicationToMember,
|
addCommunicationToMember,
|
||||||
addExecutivePositionToMember,
|
addExecutivePositionToMember,
|
||||||
addMembershipToMember,
|
addMembershipToMember,
|
||||||
addQualificationToMember,
|
addQualificationToMember,
|
||||||
createMember,
|
createMember,
|
||||||
createMemberPrintoutList,
|
createMemberPrintoutList,
|
||||||
deleteAwardOfMember,
|
deleteAwardOfMember,
|
||||||
deleteCommunicationOfMember,
|
deleteCommunicationOfMember,
|
||||||
deleteExecutivePositionOfMember,
|
deleteExecutivePositionOfMember,
|
||||||
deleteMemberById,
|
deleteMemberById,
|
||||||
deleteMembershipOfMember,
|
deleteMembershipOfMember,
|
||||||
deleteQualificationOfMember,
|
deleteQualificationOfMember,
|
||||||
getAllMembers,
|
getAllMembers,
|
||||||
getAwardByMemberAndRecord,
|
getAwardByMemberAndRecord,
|
||||||
getAwardsByMember,
|
getAwardsByMember,
|
||||||
getCommunicationByMemberAndRecord,
|
getCommunicationByMemberAndRecord,
|
||||||
getCommunicationsByMember,
|
getCommunicationsByMember,
|
||||||
getExecutivePositionByMemberAndRecord,
|
getExecutivePositionByMemberAndRecord,
|
||||||
getExecutivePositionsByMember,
|
getExecutivePositionsByMember,
|
||||||
getMemberById,
|
getMemberById,
|
||||||
getMembershipByMemberAndRecord,
|
getMembershipByMemberAndRecord,
|
||||||
getMembershipsByMember,
|
getMembershipsByMember,
|
||||||
getMembershipStatisticsById,
|
getQualificationByMemberAndRecord,
|
||||||
getMemberStatisticsById,
|
getQualificationsByMember,
|
||||||
getQualificationByMemberAndRecord,
|
updateAwardOfMember,
|
||||||
getQualificationsByMember,
|
updateCommunicationOfMember,
|
||||||
updateAwardOfMember,
|
updateExecutivePositionOfMember,
|
||||||
updateCommunicationOfMember,
|
updateMemberById,
|
||||||
updateExecutivePositionOfMember,
|
updateMembershipOfMember,
|
||||||
updateMemberById,
|
updateQualificationOfMember,
|
||||||
updateMembershipOfMember,
|
|
||||||
updateQualificationOfMember,
|
|
||||||
} from "../../../controller/admin/club/memberController";
|
} from "../../../controller/admin/club/memberController";
|
||||||
import PermissionHelper from "../../../helpers/permissionHelper";
|
import PermissionHelper from "../../../helpers/permissionHelper";
|
||||||
|
|
||||||
|
@ -46,22 +44,14 @@ router.get("/:id", async (req: Request, res: Response) => {
|
||||||
await getMemberById(req, res);
|
await getMemberById(req, res);
|
||||||
});
|
});
|
||||||
|
|
||||||
router.get("/:id/statistics", async (req: Request, res: Response) => {
|
|
||||||
await getMemberStatisticsById(req, res);
|
|
||||||
});
|
|
||||||
|
|
||||||
router.get("/print/namelist", async (req: Request, res: Response) => {
|
router.get("/print/namelist", async (req: Request, res: Response) => {
|
||||||
await createMemberPrintoutList(req, res);
|
await createMemberPrintoutList(req, res);
|
||||||
});
|
});
|
||||||
|
|
||||||
router.get("/:memberId/memberships", async (req: Request, res: Response) => {
|
router.get("/:memberId/memberships", async (req: Request, res: Response) => {
|
||||||
await getMembershipsByMember(req, res);
|
await getMembershipsByMember(req, res);
|
||||||
});
|
});
|
||||||
|
|
||||||
router.get("/:memberId/memberships/statistics", async (req: Request, res: Response) => {
|
|
||||||
await getMembershipStatisticsById(req, res);
|
|
||||||
});
|
|
||||||
|
|
||||||
router.get("/:memberId/membership/:id", async (req: Request, res: Response) => {
|
router.get("/:memberId/membership/:id", async (req: Request, res: Response) => {
|
||||||
await getMembershipByMemberAndRecord(req, res);
|
await getMembershipByMemberAndRecord(req, res);
|
||||||
});
|
});
|
||||||
|
|
|
@ -21,8 +21,6 @@ import newsletter from "./club/newsletter";
|
||||||
import role from "./user/role";
|
import role from "./user/role";
|
||||||
import user from "./user/user";
|
import user from "./user/user";
|
||||||
import invite from "./user/invite";
|
import invite from "./user/invite";
|
||||||
import api from "./user/webapi";
|
|
||||||
import preventWebapiAccess from "../../middleware/preventWebApiAccess";
|
|
||||||
|
|
||||||
var router = express.Router({ mergeParams: true });
|
var router = express.Router({ mergeParams: true });
|
||||||
|
|
||||||
|
@ -62,6 +60,5 @@ router.use("/newsletter", PermissionHelper.passCheckMiddleware("read", "club", "
|
||||||
router.use("/role", PermissionHelper.passCheckMiddleware("read", "user", "role"), role);
|
router.use("/role", PermissionHelper.passCheckMiddleware("read", "user", "role"), role);
|
||||||
router.use("/user", PermissionHelper.passCheckMiddleware("read", "user", "user"), user);
|
router.use("/user", PermissionHelper.passCheckMiddleware("read", "user", "user"), user);
|
||||||
router.use("/invite", PermissionHelper.passCheckMiddleware("read", "user", "user"), invite);
|
router.use("/invite", PermissionHelper.passCheckMiddleware("read", "user", "user"), invite);
|
||||||
router.use("/webapi", preventWebapiAccess, PermissionHelper.passCheckMiddleware("read", "user", "webapi"), api);
|
|
||||||
|
|
||||||
export default router;
|
export default router;
|
||||||
|
|
|
@ -1,64 +0,0 @@
|
||||||
import express, { Request, Response } from "express";
|
|
||||||
import PermissionHelper from "../../../helpers/permissionHelper";
|
|
||||||
import {
|
|
||||||
createWebapi,
|
|
||||||
deleteWebapi,
|
|
||||||
getAllWebapis,
|
|
||||||
getWebapiById,
|
|
||||||
getWebapiPermissions,
|
|
||||||
getWebapiTokenById,
|
|
||||||
updateWebapi,
|
|
||||||
updateWebapiPermissions,
|
|
||||||
} from "../../../controller/admin/user/webapiController";
|
|
||||||
|
|
||||||
var router = express.Router({ mergeParams: true });
|
|
||||||
|
|
||||||
router.get("/", async (req: Request, res: Response) => {
|
|
||||||
await getAllWebapis(req, res);
|
|
||||||
});
|
|
||||||
|
|
||||||
router.get("/:id", async (req: Request, res: Response) => {
|
|
||||||
await getWebapiById(req, res);
|
|
||||||
});
|
|
||||||
|
|
||||||
router.get("/:id/token", async (req: Request, res: Response) => {
|
|
||||||
await getWebapiTokenById(req, res);
|
|
||||||
});
|
|
||||||
|
|
||||||
router.get("/:id/permissions", async (req: Request, res: Response) => {
|
|
||||||
await getWebapiPermissions(req, res);
|
|
||||||
});
|
|
||||||
|
|
||||||
router.post(
|
|
||||||
"/",
|
|
||||||
PermissionHelper.passCheckMiddleware("create", "user", "webapi"),
|
|
||||||
async (req: Request, res: Response) => {
|
|
||||||
await createWebapi(req, res);
|
|
||||||
}
|
|
||||||
);
|
|
||||||
|
|
||||||
router.patch(
|
|
||||||
"/:id",
|
|
||||||
PermissionHelper.passCheckMiddleware("update", "user", "webapi"),
|
|
||||||
async (req: Request, res: Response) => {
|
|
||||||
await updateWebapi(req, res);
|
|
||||||
}
|
|
||||||
);
|
|
||||||
|
|
||||||
router.patch(
|
|
||||||
"/:id/permissions",
|
|
||||||
PermissionHelper.passCheckMiddleware("admin", "user", "webapi"),
|
|
||||||
async (req: Request, res: Response) => {
|
|
||||||
await updateWebapiPermissions(req, res);
|
|
||||||
}
|
|
||||||
);
|
|
||||||
|
|
||||||
router.delete(
|
|
||||||
"/:id",
|
|
||||||
PermissionHelper.passCheckMiddleware("delete", "user", "webapi"),
|
|
||||||
async (req: Request, res: Response) => {
|
|
||||||
await deleteWebapi(req, res);
|
|
||||||
}
|
|
||||||
);
|
|
||||||
|
|
||||||
export default router;
|
|
|
@ -14,10 +14,6 @@ import auth from "./auth";
|
||||||
import admin from "./admin/index";
|
import admin from "./admin/index";
|
||||||
import user from "./user";
|
import user from "./user";
|
||||||
import detectPWA from "../middleware/detectPWA";
|
import detectPWA from "../middleware/detectPWA";
|
||||||
import api from "./webapi";
|
|
||||||
import authenticateAPI from "../middleware/authenticateAPI";
|
|
||||||
import server from "./server";
|
|
||||||
import PermissionHelper from "../helpers/permissionHelper";
|
|
||||||
|
|
||||||
export default (app: Express) => {
|
export default (app: Express) => {
|
||||||
app.set("query parser", "extended");
|
app.set("query parser", "extended");
|
||||||
|
@ -36,10 +32,8 @@ export default (app: Express) => {
|
||||||
app.use("/api/reset", reset);
|
app.use("/api/reset", reset);
|
||||||
app.use("/api/invite", invite);
|
app.use("/api/invite", invite);
|
||||||
app.use("/api/auth", auth);
|
app.use("/api/auth", auth);
|
||||||
app.use("/api/webapi", authenticateAPI, api);
|
|
||||||
app.use(authenticate);
|
app.use(authenticate);
|
||||||
app.use("/api/admin", admin);
|
app.use("/api/admin", admin);
|
||||||
app.use("/api/user", user);
|
app.use("/api/user", user);
|
||||||
app.use("/api/server", PermissionHelper.isAdminMiddleware(), server);
|
|
||||||
app.use(errorHandler);
|
app.use(errorHandler);
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,35 +0,0 @@
|
||||||
import express, { Request, Response } from "express";
|
|
||||||
import { FileSystemHelper } from "../helpers/fileSystemHelper";
|
|
||||||
import Parser from "rss-parser";
|
|
||||||
|
|
||||||
var router = express.Router({ mergeParams: true });
|
|
||||||
|
|
||||||
router.get("/version", async (req: Request, res: Response) => {
|
|
||||||
let serverPackage = FileSystemHelper.readTemplateFile("/package.json");
|
|
||||||
let serverJson = JSON.parse(serverPackage);
|
|
||||||
res.send({
|
|
||||||
name: serverJson.name,
|
|
||||||
description: serverJson.description,
|
|
||||||
version: serverJson.version,
|
|
||||||
author: serverJson.author,
|
|
||||||
license: serverJson.license,
|
|
||||||
});
|
|
||||||
});
|
|
||||||
|
|
||||||
router.get("/settings", async (req: Request, res: Response) => {
|
|
||||||
res.json({});
|
|
||||||
});
|
|
||||||
|
|
||||||
router.get("/serverrss", async (req: Request, res: Response) => {
|
|
||||||
const parser = new Parser();
|
|
||||||
let feed = await parser.parseURL("https://forgejo.jk-effects.cloud/Ehrenamt/ff-admin-server/releases.rss");
|
|
||||||
res.json(feed);
|
|
||||||
});
|
|
||||||
|
|
||||||
router.get("/clientrss", async (req: Request, res: Response) => {
|
|
||||||
const parser = new Parser();
|
|
||||||
let feed = await parser.parseURL("https://forgejo.jk-effects.cloud/Ehrenamt/ff-admin/releases.rss");
|
|
||||||
res.json(feed);
|
|
||||||
});
|
|
||||||
|
|
||||||
export default router;
|
|
|
@ -1,10 +0,0 @@
|
||||||
import express, { Request, Response } from "express";
|
|
||||||
import { getWebApiAccess } from "../controller/webapiController";
|
|
||||||
|
|
||||||
var router = express.Router({ mergeParams: true });
|
|
||||||
|
|
||||||
router.get("/retrieve", async (req: Request, res: Response) => {
|
|
||||||
await getWebApiAccess(req, res);
|
|
||||||
});
|
|
||||||
|
|
||||||
export default router;
|
|
|
@ -2,26 +2,13 @@ import { dataSource } from "../../../data-source";
|
||||||
import { member } from "../../../entity/club/member/member";
|
import { member } from "../../../entity/club/member/member";
|
||||||
import { membership } from "../../../entity/club/member/membership";
|
import { membership } from "../../../entity/club/member/membership";
|
||||||
import InternalException from "../../../exceptions/internalException";
|
import InternalException from "../../../exceptions/internalException";
|
||||||
import { memberView } from "../../../views/memberView";
|
|
||||||
|
|
||||||
export default abstract class MemberService {
|
export default abstract class MemberService {
|
||||||
/**
|
/**
|
||||||
* @description get all members
|
* @description get all members
|
||||||
* @returns {Promise<[Array<member>, number]>}
|
* @returns {Promise<[Array<member>, number]>}
|
||||||
*/
|
*/
|
||||||
static async getAll({
|
static async getAll(offset: number = 0, count: number = 25, search: string = ""): Promise<[Array<member>, number]> {
|
||||||
offset = 0,
|
|
||||||
count = 25,
|
|
||||||
search = "",
|
|
||||||
noLimit = false,
|
|
||||||
ids = [],
|
|
||||||
}: {
|
|
||||||
offset?: number;
|
|
||||||
count?: number;
|
|
||||||
search?: string;
|
|
||||||
noLimit?: boolean;
|
|
||||||
ids?: Array<number>;
|
|
||||||
}): Promise<[Array<member>, number]> {
|
|
||||||
let query = dataSource
|
let query = dataSource
|
||||||
.getRepository(member)
|
.getRepository(member)
|
||||||
.createQueryBuilder("member")
|
.createQueryBuilder("member")
|
||||||
|
@ -67,15 +54,9 @@ export default abstract class MemberService {
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ids.length != 0) {
|
|
||||||
query = query.where({ id: ids });
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!noLimit) {
|
|
||||||
query = query.offset(offset).limit(count);
|
|
||||||
}
|
|
||||||
|
|
||||||
return await query
|
return await query
|
||||||
|
.offset(offset)
|
||||||
|
.limit(count)
|
||||||
.orderBy("member.lastname")
|
.orderBy("member.lastname")
|
||||||
.addOrderBy("member.firstname")
|
.addOrderBy("member.firstname")
|
||||||
.addOrderBy("member.nameaffix")
|
.addOrderBy("member.nameaffix")
|
||||||
|
@ -133,25 +114,6 @@ export default abstract class MemberService {
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* @description get member statistics by id
|
|
||||||
* @param {number} id
|
|
||||||
* @returns {Promise<memberView>}
|
|
||||||
*/
|
|
||||||
static async getStatisticsById(id: number): Promise<memberView> {
|
|
||||||
return await dataSource
|
|
||||||
.getRepository(memberView)
|
|
||||||
.createQueryBuilder("memberView")
|
|
||||||
.where("memberView.id = :id", { id: id })
|
|
||||||
.getOneOrFail()
|
|
||||||
.then((res) => {
|
|
||||||
return res;
|
|
||||||
})
|
|
||||||
.catch((err) => {
|
|
||||||
throw new InternalException("memberView not found by id", err);
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @description get members where membership is setz
|
* @description get members where membership is setz
|
||||||
* @returns {Promise<member>}
|
* @returns {Promise<member>}
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
import { dataSource } from "../../../data-source";
|
import { dataSource } from "../../../data-source";
|
||||||
import { membership } from "../../../entity/club/member/membership";
|
import { membership } from "../../../entity/club/member/membership";
|
||||||
import InternalException from "../../../exceptions/internalException";
|
import InternalException from "../../../exceptions/internalException";
|
||||||
import { membershipView } from "../../../views/membershipsView";
|
|
||||||
|
|
||||||
export default abstract class MembershipService {
|
export default abstract class MembershipService {
|
||||||
/**
|
/**
|
||||||
|
@ -46,23 +45,4 @@ export default abstract class MembershipService {
|
||||||
throw new InternalException("member membership not found by id", err);
|
throw new InternalException("member membership not found by id", err);
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* @description get membership statistics by memberId
|
|
||||||
* @param {number} memberId
|
|
||||||
* @returns {Promise<Array<membershipView>>}
|
|
||||||
*/
|
|
||||||
static async getStatisticsById(memberId: number): Promise<Array<membershipView>> {
|
|
||||||
return await dataSource
|
|
||||||
.getRepository(membershipView)
|
|
||||||
.createQueryBuilder("membershipView")
|
|
||||||
.where("membershipView.memberId = :memberId", { memberId: memberId })
|
|
||||||
.getMany()
|
|
||||||
.then((res) => {
|
|
||||||
return res;
|
|
||||||
})
|
|
||||||
.catch((err) => {
|
|
||||||
throw new InternalException("membershipView not found by id", err);
|
|
||||||
});
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,24 +0,0 @@
|
||||||
import { dataSource } from "../../data-source";
|
|
||||||
import { webapiPermission } from "../../entity/user/webapi_permission";
|
|
||||||
import InternalException from "../../exceptions/internalException";
|
|
||||||
|
|
||||||
export default abstract class WebapiPermissionService {
|
|
||||||
/**
|
|
||||||
* @description get permission by api
|
|
||||||
* @param webapiId number
|
|
||||||
* @returns {Promise<Array<webapiPermission>>}
|
|
||||||
*/
|
|
||||||
static async getByApi(webapiId: number): Promise<Array<webapiPermission>> {
|
|
||||||
return await dataSource
|
|
||||||
.getRepository(webapiPermission)
|
|
||||||
.createQueryBuilder("webapi_permission")
|
|
||||||
.where("webapi_permission.webapiId = :webapiId", { webapiId: webapiId })
|
|
||||||
.getMany()
|
|
||||||
.then((res) => {
|
|
||||||
return res;
|
|
||||||
})
|
|
||||||
.catch((err) => {
|
|
||||||
throw new InternalException("webapi permissions not found by api", err);
|
|
||||||
});
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,83 +0,0 @@
|
||||||
import { dataSource } from "../../data-source";
|
|
||||||
import { webapi } from "../../entity/user/webapi";
|
|
||||||
import InternalException from "../../exceptions/internalException";
|
|
||||||
|
|
||||||
export default abstract class WebapiService {
|
|
||||||
/**
|
|
||||||
* @description get apis
|
|
||||||
* @returns {Promise<Array<webapi>>}
|
|
||||||
*/
|
|
||||||
static async getAll(): Promise<Array<webapi>> {
|
|
||||||
return await dataSource
|
|
||||||
.getRepository(webapi)
|
|
||||||
.createQueryBuilder("webapi")
|
|
||||||
.leftJoinAndSelect("webapi.permissions", "permissions")
|
|
||||||
.getMany()
|
|
||||||
.then((res) => {
|
|
||||||
return res;
|
|
||||||
})
|
|
||||||
.catch((err) => {
|
|
||||||
throw new InternalException("webapis not found", err);
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @description get api by id
|
|
||||||
* @param id number
|
|
||||||
* @returns {Promise<webapi>}
|
|
||||||
*/
|
|
||||||
static async getById(id: number): Promise<webapi> {
|
|
||||||
return await dataSource
|
|
||||||
.getRepository(webapi)
|
|
||||||
.createQueryBuilder("webapi")
|
|
||||||
.leftJoinAndSelect("webapi.permissions", "permissions")
|
|
||||||
.where("webapi.id = :id", { id: id })
|
|
||||||
.getOneOrFail()
|
|
||||||
.then((res) => {
|
|
||||||
return res;
|
|
||||||
})
|
|
||||||
.catch((err) => {
|
|
||||||
throw new InternalException("webapi not found by id", err);
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @description get api by token
|
|
||||||
* @param token string
|
|
||||||
* @returns {Promise<webapi>}
|
|
||||||
*/
|
|
||||||
static async getByToken(token: string): Promise<webapi> {
|
|
||||||
return await dataSource
|
|
||||||
.getRepository(webapi)
|
|
||||||
.createQueryBuilder("webapi")
|
|
||||||
.leftJoinAndSelect("webapi.permissions", "permissions")
|
|
||||||
.where("webapi.token = :token", { token: token })
|
|
||||||
.getOneOrFail()
|
|
||||||
.then((res) => {
|
|
||||||
return res;
|
|
||||||
})
|
|
||||||
.catch((err) => {
|
|
||||||
throw new InternalException("webapi not found by token", err);
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @description get api by id
|
|
||||||
* @param id number
|
|
||||||
* @returns {Promise<webapi>}
|
|
||||||
*/
|
|
||||||
static async getTokenById(id: number): Promise<webapi> {
|
|
||||||
return await dataSource
|
|
||||||
.getRepository(webapi)
|
|
||||||
.createQueryBuilder("webapi")
|
|
||||||
.select("webapi.token")
|
|
||||||
.where("webapi.id = :id", { id: id })
|
|
||||||
.getOneOrFail()
|
|
||||||
.then((res) => {
|
|
||||||
return res;
|
|
||||||
})
|
|
||||||
.catch((err) => {
|
|
||||||
throw new InternalException("webapi token not found by id", err);
|
|
||||||
});
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -14,19 +14,9 @@
|
||||||
<br />
|
<br />
|
||||||
<br />
|
<br />
|
||||||
<h2>Anwesenheit ({{presence.length}})</h2>
|
<h2>Anwesenheit ({{presence.length}})</h2>
|
||||||
<p>
|
<p>{{#each presence}} {{this.firstname}} {{this.lastname}}{{#unless @last}}, {{/unless}} {{/each}}</p>
|
||||||
{{#each presence}}{{this.firstname}} {{this.lastname}}{{#unless @last}}, {{/unless}}{{/each}}{{#unless
|
|
||||||
presence.length}}---{{/unless}}
|
|
||||||
</p>
|
|
||||||
<h2>Abwesenheit ({{absent.length}})</h2>
|
<h2>Abwesenheit ({{absent.length}})</h2>
|
||||||
<p>
|
<p>{{#each absent}} {{this.firstname}} {{this.lastname}}{{#unless @last}}, {{/unless}} {{/each}}</p>
|
||||||
entschuldigt: {{#each excused_absent}}{{this.firstname}} {{this.lastname}}{{#unless @last}},
|
|
||||||
{{/unless}}{{/each}}{{#unless excused_absent.length}}---{{/unless}}
|
|
||||||
</p>
|
|
||||||
<p>
|
|
||||||
unentschuldigt: {{#each unexcused_absent}}{{this.firstname}} {{this.lastname}}{{#unless @last}},
|
|
||||||
{{/unless}}{{/each}}{{#unless unexcused_absent.length}}---{{/unless}}
|
|
||||||
</p>
|
|
||||||
<br />
|
<br />
|
||||||
<h2>Agenda</h2>
|
<h2>Agenda</h2>
|
||||||
{{#each agenda}}
|
{{#each agenda}}
|
||||||
|
|
|
@ -14,7 +14,6 @@ export type PermissionModule =
|
||||||
| "calendar_type"
|
| "calendar_type"
|
||||||
| "user"
|
| "user"
|
||||||
| "role"
|
| "role"
|
||||||
| "webapi"
|
|
||||||
| "query"
|
| "query"
|
||||||
| "query_store"
|
| "query_store"
|
||||||
| "template"
|
| "template"
|
||||||
|
@ -56,7 +55,6 @@ export const permissionModules: Array<PermissionModule> = [
|
||||||
"calendar_type",
|
"calendar_type",
|
||||||
"user",
|
"user",
|
||||||
"role",
|
"role",
|
||||||
"webapi",
|
|
||||||
"query",
|
"query",
|
||||||
"query_store",
|
"query_store",
|
||||||
"template",
|
"template",
|
||||||
|
@ -77,5 +75,5 @@ export const sectionsAndModules: SectionsAndModulesObject = {
|
||||||
"template_usage",
|
"template_usage",
|
||||||
"newsletter_config",
|
"newsletter_config",
|
||||||
],
|
],
|
||||||
user: ["user", "role", "webapi"],
|
user: ["user", "role"],
|
||||||
};
|
};
|
||||||
|
|
|
@ -16,15 +16,3 @@ export interface MemberViewModel {
|
||||||
smsAlarming?: Array<CommunicationViewModel>;
|
smsAlarming?: Array<CommunicationViewModel>;
|
||||||
preferredCommunication?: Array<CommunicationViewModel>;
|
preferredCommunication?: Array<CommunicationViewModel>;
|
||||||
}
|
}
|
||||||
|
|
||||||
export interface MemberStatisticsViewModel {
|
|
||||||
id: number;
|
|
||||||
salutation: Salutation;
|
|
||||||
firstname: string;
|
|
||||||
lastname: string;
|
|
||||||
nameaffix: string;
|
|
||||||
birthdate: Date;
|
|
||||||
todayAge: number;
|
|
||||||
ageThisYear: number;
|
|
||||||
exactAge: string;
|
|
||||||
}
|
|
||||||
|
|
|
@ -1,5 +1,3 @@
|
||||||
import { Salutation } from "../../../../enums/salutation";
|
|
||||||
|
|
||||||
export interface MembershipViewModel {
|
export interface MembershipViewModel {
|
||||||
id: number;
|
id: number;
|
||||||
start: Date;
|
start: Date;
|
||||||
|
@ -8,16 +6,3 @@ export interface MembershipViewModel {
|
||||||
status: string;
|
status: string;
|
||||||
statusId: number;
|
statusId: number;
|
||||||
}
|
}
|
||||||
|
|
||||||
export interface MembershipStatisticsViewModel {
|
|
||||||
durationInDays: number;
|
|
||||||
durationInYears: string;
|
|
||||||
status: string;
|
|
||||||
statusId: number;
|
|
||||||
memberId: number;
|
|
||||||
memberSalutation: Salutation;
|
|
||||||
memberFirstname: string;
|
|
||||||
memberLastname: string;
|
|
||||||
memberNameaffix: string;
|
|
||||||
memberBirthdate: Date;
|
|
||||||
}
|
|
||||||
|
|
|
@ -3,6 +3,5 @@ import { MemberViewModel } from "../member/member.models";
|
||||||
export interface ProtocolPresenceViewModel {
|
export interface ProtocolPresenceViewModel {
|
||||||
memberId: number;
|
memberId: number;
|
||||||
absent: boolean;
|
absent: boolean;
|
||||||
excused: boolean;
|
|
||||||
protocolId: number;
|
protocolId: number;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,10 +0,0 @@
|
||||||
import { PermissionObject } from "../../../type/permissionTypes";
|
|
||||||
|
|
||||||
export interface ApiViewModel {
|
|
||||||
id: number;
|
|
||||||
permissions: PermissionObject;
|
|
||||||
title: string;
|
|
||||||
createdAt: Date;
|
|
||||||
lastUsage?: Date;
|
|
||||||
expiry?: Date;
|
|
||||||
}
|
|
|
@ -43,5 +43,5 @@ export class memberView {
|
||||||
ageThisYear: number;
|
ageThisYear: number;
|
||||||
|
|
||||||
@ViewColumn()
|
@ViewColumn()
|
||||||
exactAge: string;
|
exactAge: Date;
|
||||||
}
|
}
|
||||||
|
|
|
@ -30,7 +30,7 @@ export class membershipView {
|
||||||
durationInDays: number;
|
durationInDays: number;
|
||||||
|
|
||||||
@ViewColumn()
|
@ViewColumn()
|
||||||
durationInYears: string;
|
durationInYears: Date;
|
||||||
|
|
||||||
@ViewColumn()
|
@ViewColumn()
|
||||||
status: string;
|
status: string;
|
||||||
|
|
Loading…
Reference in a new issue