Make consistent with report
parent
8a7a967b6d
commit
963ea853bb
|
|
@ -16,6 +16,8 @@ A school event planner and timetable
|
||||||
- [ ] hide/protect certain element
|
- [ ] hide/protect certain element
|
||||||
- [x] fake validator for jwt at protected endpoints
|
- [x] fake validator for jwt at protected endpoints
|
||||||
- [ ] assume user is admin
|
- [ ] assume user is admin
|
||||||
|
- [ ] Decide between email-validated OID or storing identity strictly
|
||||||
|
- [ ] Additional email-based auth mechanism with tokens (like asciinema)
|
||||||
- [ ] Redirect when not logged in
|
- [ ] Redirect when not logged in
|
||||||
- [x] Create group
|
- [x] Create group
|
||||||
- [x] Create one-off events
|
- [x] Create one-off events
|
||||||
|
|
|
||||||
|
|
@ -42,7 +42,7 @@ export default class API {
|
||||||
this.database.getSchoolWithAuth(req.params.school)
|
this.database.getSchoolWithAuth(req.params.school)
|
||||||
.then((data) => {
|
.then((data) => {
|
||||||
res.json(Object.assign(data, {
|
res.json(Object.assign(data, {
|
||||||
auth: data.auth.map(a => Object.assign(a, { oid_csecret: undefined })),
|
auth: data.auth,
|
||||||
}));
|
}));
|
||||||
})
|
})
|
||||||
.catch(next);
|
.catch(next);
|
||||||
|
|
@ -82,10 +82,7 @@ export default class API {
|
||||||
this.router.get('/schools/:school/users/:id', this.auth, (req, res, next) => {
|
this.router.get('/schools/:school/users/:id', this.auth, (req, res, next) => {
|
||||||
this.database.getUser(req.params.school, req.params.id)
|
this.database.getUser(req.params.school, req.params.id)
|
||||||
.then((data) => {
|
.then((data) => {
|
||||||
res.json(Object.assign(data, {
|
res.json(data);
|
||||||
pwd_hash: undefined,
|
|
||||||
oid_id: undefined,
|
|
||||||
}));
|
|
||||||
})
|
})
|
||||||
.catch(next);
|
.catch(next);
|
||||||
});
|
});
|
||||||
|
|
@ -212,9 +209,10 @@ export default class API {
|
||||||
}
|
}
|
||||||
return verified;
|
return verified;
|
||||||
};
|
};
|
||||||
if (options.type === 'PWD') { // not used
|
if (options.type === 'EMAIL') { // not used
|
||||||
return this.database.getUserByEmail(school, options.email)
|
return this.database.getUserByEmail(school, options.email)
|
||||||
.then(data => checkLoginPassword(data.pwd_hash, options.pwd) && data);
|
.then(data => checkLoginPassword(data.pwd_hash, options.pwd) && data);
|
||||||
|
// whoops, should have been sendAuthEmail
|
||||||
} else if (options.type === 'OID') { // TODO: create user if user not found? no.
|
} else if (options.type === 'OID') { // TODO: create user if user not found? no.
|
||||||
return checkLoginToken(school, options.id_token)
|
return checkLoginToken(school, options.id_token)
|
||||||
.then(data => this.database.getUserByEmail(school, data.upn));
|
.then(data => this.database.getUserByEmail(school, data.upn));
|
||||||
|
|
|
||||||
|
|
@ -85,7 +85,7 @@ export default class Database {
|
||||||
|
|
||||||
async getGroups(school) {
|
async getGroups(school) {
|
||||||
return this.query(`
|
return this.query(`
|
||||||
SELECT group_.*
|
SELECT DISTINCT group_.*
|
||||||
FROM user, member, group_
|
FROM user, member, group_
|
||||||
WHERE member.group_ = group_.id
|
WHERE member.group_ = group_.id
|
||||||
AND member.user = user.id
|
AND member.user = user.id
|
||||||
|
|
@ -137,10 +137,7 @@ export default class Database {
|
||||||
`, [id]);
|
`, [id]);
|
||||||
return Promise.all([getGroup, getMembers, getEventsOnce, getEventsWeekly])
|
return Promise.all([getGroup, getMembers, getEventsOnce, getEventsWeekly])
|
||||||
.then(results => Object.assign({}, results[0], {
|
.then(results => Object.assign({}, results[0], {
|
||||||
members: results[1].map(m => Object.assign(m, {
|
members: results[1],
|
||||||
pwd_hash: undefined,
|
|
||||||
oid_id: undefined,
|
|
||||||
})),
|
|
||||||
// eslint-disable-next-line no-underscore-dangle
|
// eslint-disable-next-line no-underscore-dangle
|
||||||
eventsOnce: results[2].map(e => Object.assign({ group: e.group_ }, e)),
|
eventsOnce: results[2].map(e => Object.assign({ group: e.group_ }, e)),
|
||||||
// eslint-disable-next-line no-underscore-dangle
|
// eslint-disable-next-line no-underscore-dangle
|
||||||
|
|
@ -262,6 +259,7 @@ export default class Database {
|
||||||
oid_meta VARCHAR(128),
|
oid_meta VARCHAR(128),
|
||||||
oid_cid VARCHAR(64),
|
oid_cid VARCHAR(64),
|
||||||
oid_csecret VARCHAR(64),
|
oid_csecret VARCHAR(64),
|
||||||
|
email_regex VARCHAR(128),
|
||||||
PRIMARY KEY (school, id),
|
PRIMARY KEY (school, id),
|
||||||
FOREIGN KEY (school) REFERENCES school(id) ON DELETE CASCADE ON UPDATE CASCADE
|
FOREIGN KEY (school) REFERENCES school(id) ON DELETE CASCADE ON UPDATE CASCADE
|
||||||
)`,
|
)`,
|
||||||
|
|
@ -283,8 +281,6 @@ export default class Database {
|
||||||
id INT AUTO_INCREMENT NOT NULL,
|
id INT AUTO_INCREMENT NOT NULL,
|
||||||
name VARCHAR(64),
|
name VARCHAR(64),
|
||||||
email VARCHAR(64),
|
email VARCHAR(64),
|
||||||
oid_id VARCHAR(64),
|
|
||||||
pwd_hash VARCHAR(64),
|
|
||||||
role CHAR(3),
|
role CHAR(3),
|
||||||
PRIMARY KEY (id),
|
PRIMARY KEY (id),
|
||||||
FOREIGN KEY (school) REFERENCES school(id) ON DELETE CASCADE ON UPDATE CASCADE
|
FOREIGN KEY (school) REFERENCES school(id) ON DELETE CASCADE ON UPDATE CASCADE
|
||||||
|
|
@ -305,6 +301,7 @@ export default class Database {
|
||||||
`CREATE TABLE member (
|
`CREATE TABLE member (
|
||||||
user INT NOT NULL,
|
user INT NOT NULL,
|
||||||
group_ INT NOT NULL,
|
group_ INT NOT NULL,
|
||||||
|
role CHAR(3),
|
||||||
FOREIGN KEY (user) REFERENCES user(id) ON DELETE CASCADE ON UPDATE CASCADE,
|
FOREIGN KEY (user) REFERENCES user(id) ON DELETE CASCADE ON UPDATE CASCADE,
|
||||||
FOREIGN KEY (group_) REFERENCES group_(id) ON DELETE CASCADE ON UPDATE CASCADE
|
FOREIGN KEY (group_) REFERENCES group_(id) ON DELETE CASCADE ON UPDATE CASCADE
|
||||||
)`,
|
)`,
|
||||||
|
|
@ -335,7 +332,7 @@ export default class Database {
|
||||||
PRIMARY KEY (id),
|
PRIMARY KEY (id),
|
||||||
FOREIGN KEY (group_) REFERENCES group_(id) ON DELETE CASCADE ON UPDATE CASCADE
|
FOREIGN KEY (group_) REFERENCES group_(id) ON DELETE CASCADE ON UPDATE CASCADE
|
||||||
)`,
|
)`,
|
||||||
`CREATE TABLE ignored (
|
`CREATE TABLE ignored (
|
||||||
user INT NOT NULL,
|
user INT NOT NULL,
|
||||||
event_weekly INT NOT NULL,
|
event_weekly INT NOT NULL,
|
||||||
FOREIGN KEY (user) REFERENCES user(id) ON DELETE CASCADE ON UPDATE CASCADE,
|
FOREIGN KEY (user) REFERENCES user(id) ON DELETE CASCADE ON UPDATE CASCADE,
|
||||||
|
|
@ -360,9 +357,9 @@ export default class Database {
|
||||||
VALUES (?, ?)
|
VALUES (?, ?)
|
||||||
`, ['NUS High School', 'nushigh.edu.sg']);
|
`, ['NUS High School', 'nushigh.edu.sg']);
|
||||||
await this.query(`
|
await this.query(`
|
||||||
INSERT INTO user (school, name, email, pwd_hash, role)
|
INSERT INTO user (school, name, email, role)
|
||||||
VALUES (?, ?, ?, ?, ?)
|
VALUES (?, ?, ?, ?)
|
||||||
`, [firstSchool.insertId, 'Ambrose Chua', 'h1310031@nushigh.edu.sg', '', 'OWN']);
|
`, [firstSchool.insertId, 'Admin', 'admin@nushigh.edu.sg', 'OWN']);
|
||||||
|
|
||||||
// eslint-disable-next-line global-require
|
// eslint-disable-next-line global-require
|
||||||
const fs = require('fs');
|
const fs = require('fs');
|
||||||
|
|
@ -372,6 +369,9 @@ export default class Database {
|
||||||
VALUES (?, ?, ?, ?, ?)
|
VALUES (?, ?, ?, ?, ?)
|
||||||
`, [firstSchool.insertId, 'OID', tmpsettings.oid_meta, tmpsettings.oid_cid, tmpsettings.oid_csecret]);
|
`, [firstSchool.insertId, 'OID', tmpsettings.oid_meta, tmpsettings.oid_cid, tmpsettings.oid_csecret]);
|
||||||
|
|
||||||
|
if (process.env.GENERATE_DB_ONLY === 'true') {
|
||||||
|
process.exit(0);
|
||||||
|
}
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue