- Finished Booking an Event

- Starting UsersList (creating CGridTableRec component to view and edit a db table)
2019-10-13 20:44:05 +02:00
parent cebe1208de
commit c5a19f2d70
7 changed files with 125 additions and 26 deletions
--- a/server/models/user.js
+++ b/server/models/user.js
@@ -25,7 +25,7 @@ var UserSchema = new mongoose.Schema({
    required: true,
    trim: true,
    minlength: 1,
-    unique: true,
+    unique: false,
    /*validate: {
      validator: validator.isEmail,
      message: '{VALUE} is not a valid email'
@@ -40,7 +40,7 @@ var UserSchema = new mongoose.Schema({
    required: true,
    trim: true,
    minlength: 6,
-    unique: true,
+    unique: false,
  },
  name: {
    type: String,
@@ -83,6 +83,13 @@ var UserSchema = new mongoose.Schema({
      type: Date
    },
  }],
+  perm: {
+    type: Number
+  },
+  date_reg: {
+    type: Date,
+    default: Date.now()
+  },
  date_tokenforgot: {
    type: Date
  },
@@ -96,7 +103,7 @@ UserSchema.methods.toJSON = function () {
  var user = this;
  var userObject = user.toObject();

-  return _.pick(userObject, ['_id', 'email', 'verified_email', 'username', 'userId', 'name', 'surname']);
+  return _.pick(userObject, ['_id', 'email', 'verified_email', 'idapp', 'username', 'userId', 'name', 'surname', 'perm']);
 };

 UserSchema.methods.generateAuthToken = function (req) {
@@ -106,10 +113,10 @@ UserSchema.methods.generateAuthToken = function (req) {
  const useragent = req.get('User-Agent');
  tools.mylog("GENERATE USER-AGENT = ", useragent);

-  var access = 'auth';
+  const access = 'auth';
  const browser = useragent;
-  var token = jwt.sign({ _id: user._id.toHexString(), access }, process.env.SIGNCODE).toString();
-  var date_login = new Date();
+  const token = jwt.sign({ _id: user._id.toHexString(), access }, process.env.SIGNCODE).toString();
+  const date_login = new Date();

  // CANCELLA IL PRECEDENTE !
  user.tokens = user.tokens.filter(function (tok) {
@@ -127,9 +134,30 @@ UserSchema.methods.generateAuthToken = function (req) {
    });
 };

+UserSchema.statics.setPermissionsById = function (id, perm) {
+  const user = this;
+
+  return user.findByIdAndUpdate(id, { $set: { perm } }).then((user) => {
+    if (user)
+      return res.send({ code: server_constants.RIS_CODE_OK, msg: '' });
+    else
+      return res.send({ code: server_constants.RIS_CODE_ERR, msg: '' });
+  });
+
+};
+
+UserSchema.statics.isAdmin = function (user) {
+  try {
+    const ris = ((user.perm & tools.Permissions.Admin) === 1);
+    return ris;
+  }catch (e) {
+    return false
+  }
+};
+
 UserSchema.statics.findByToken = function (token, typeaccess) {
-  var User = this;
-  var decoded;
+  const User = this;
+  let decoded;

  try {
    decoded = jwt.verify(token, process.env.SIGNCODE);
@@ -160,14 +188,14 @@ UserSchema.statics.findByTokenAnyAccess = function (token) {
  });
 };

-UserSchema.statics.findByCredentials = function (username, password) {
+UserSchema.statics.findByCredentials = function (idapp, username, password) {
  var User = this;
  var pwd = "";

-  return User.findOne({ username: username }).then((user) => {
+  return User.findOne({ idapp, username: username }).then((user) => {
    if (!user) {
      // Check if with email:
-      return User.findOne({ email: username })
+      return User.findOne({ idapp, email: username })
    } else {
      return user
    }
@@ -193,10 +221,11 @@ UserSchema.statics.findByCredentials = function (username, password) {
 };


-UserSchema.statics.findByUsername = function (username) {
-  var User = this;
+UserSchema.statics.findByUsername = function (idapp, username) {
+  const User = this;

  return User.findOne({
+    'idapp': idapp,
    'username': username,
  });
 };
@@ -222,10 +251,11 @@ UserSchema.statics.findByLinkTokenforgot = function (idapp, email, tokenforgot)
 };


-UserSchema.statics.findByEmail = function (email) {
+UserSchema.statics.findByEmail = function (idapp, email) {
  var User = this;

  return User.findOne({
+    'idapp': idapp,
    'email': email,
  });
 };
@@ -249,7 +279,7 @@ UserSchema.pre('save', function (next) {
 });

 UserSchema.methods.removeToken = function (token) {
-  var user = this;
+  const user = this;

  return user.update({
    $pull: {
@@ -258,6 +288,13 @@ UserSchema.methods.removeToken = function (token) {
  });
 };

+UserSchema.statics.getUsersList = function (idapp) {
+  const User = this;
+
+  return User.find({ 'idapp': idapp }, { username: 1, name: 1, surname: 1, verified_email: 1, perm:1, email: 1 })
+
+};
+

 var User = mongoose.model('User', UserSchema);

--- a/server/reg/registration.js
+++ b/server/reg/registration.js
@@ -7,9 +7,9 @@ function toHexString(bytes) {
 }

 module.exports = {
-  getlinkregByEmail: function (email, username) {
+  getlinkregByEmail: function (idapp, email, username) {
    try{
-      mystr = email + username;
+      mystr = idapp + email + username;
    return jwt.sign(toHexString(mystr), process.env.SIGNCODE).toString();
    } catch (e) {
      console.error(e);
--- a/server/router/email_router.js
+++ b/server/router/email_router.js
@@ -3,10 +3,11 @@ const router = express.Router();

 var {User} = require('../models/user');

-router.get('/:email', (req, res) => {
+router.get('/:email/:idapp', (req, res) => {
  var email = req.params.email;
+  const idapp = req.params.idapp;

-  User.findByEmail(email).then((user) => {
+  User.findByEmail(idapp, email).then((user) => {
    if (!user) {
      return res.status(404).send();
    }
--- a/server/router/index_router.js
+++ b/server/router/index_router.js
@@ -93,12 +93,21 @@ router.get(process.env.LINK_CHECK_UPDATES, authenticate, (req, res) => {

    // ++Todo: Add to Log Stat ....

+    if (req.user) {
+      // If User is Admin, then send user Lists
+      if (User.isAdmin(req.user)) {
+        // Send UsersList
+        return User.getUsersList(req.user.idapp).then(usersList => {
+          return res.send({ cfgServer: arrcfgrec, usersList });
+        })
+      }
+    }
+
    res.send({ cfgServer: arrcfgrec });

  }).catch((e) => {
    console.log(e);
-    res.status(400).send();
-    res.send({ code: server_constants.RIS_CODE_ERR, msg: e });
+    res.status(400).send({ code: server_constants.RIS_CODE_ERR, msg: e });
  });

 });
--- a/server/router/users_router.js
+++ b/server/router/users_router.js
@@ -6,6 +6,7 @@ var { User } = require('../models/user');
 var sendemail = require('../sendemail');

 const tools = require('../tools/general');
+const shared_consts = require('../tools/shared_nodejs');

 var server_constants = require('../tools/server_constants');

@@ -37,14 +38,14 @@ router.post('/', (req, res) => {

  // tools.mylog("LANG PASSATO = " + user.lang, "IDAPP", user.idapp);

-  user.linkreg = reg.getlinkregByEmail(body.email, body.username);
+  user.linkreg = reg.getlinkregByEmail(body.idapp, body.email, body.username);
  user.verified_email = false;
  if (tools.testing()) {
    user.verified_email = true;
  }

  user.save().then(() => {
-    User.findByUsername(user.username)
+    User.findByUsername(user.idapp, user.username)
      .then((usertrovato) => {

        tools.mylog("TROVATO USERNAME ? ", user.username, usertrovato);
@@ -72,10 +73,11 @@ router.post('/', (req, res) => {
  })
 });

-router.get('/:username', (req, res) => {
+router.get('/:username/:idapp', (req, res) => {
  var username = req.params.username;
+  const idapp = req.params.idapp;

-  User.findByUsername(username).then((user) => {
+  User.findByUsername(idapp, username).then((user) => {
    if (!user) {
      return res.status(404).send();
    }
@@ -85,6 +87,31 @@ router.get('/:username', (req, res) => {
  });
 });

+router.patch('/:id', authenticate, (req, res) => {
+  const id = req.params.id;
+  const body = _.pick(req.body.user, shared_consts.fieldsUserToChange());
+
+  tools.mylogshow('PATCH USER: ', id);
+
+  if (!User.isAdmin(req.user)) {
+    // If without permissions, exit
+    return res.status(404).send();
+  }
+
+  User.findByIdAndUpdate(id, { $set: body }).then((user) => {
+    tools.mylogshow(' USER TO MODIFY: ', user);
+    if (!user) {
+      return res.status(404).send();
+    } else {
+      res.send({ code: server_constants.RIS_CODE_OK, msg: '' });
+    }
+
+  }).catch((e) => {
+    tools.mylogserr('Error patch USER: ', e);
+    res.status(400).send();
+  })
+});
+

 router.post('/login', (req, res) => {
  var body = _.pick(req.body, ['username', 'password', 'idapp', 'keyappid', 'lang']);
@@ -100,7 +127,7 @@ router.post('/login', (req, res) => {

  let resalreadysent = false;

-  User.findByCredentials(user.username, user.password)
+  User.findByCredentials(user.idapp, user.username, user.password)
    .then((user) => {
      tools.mylog("CREDENZIALI ! ");
      if (!user) {
@@ -119,6 +146,7 @@ router.post('/login', (req, res) => {
          usertosend.email = user.email;
          usertosend.userId = user._id.toHexString();
          usertosend.verified_email = user.verified_email;
+          usertosend.idapp = user.idapp;

          // tools.mylog("user.verified_email:" + user.verified_email);
          tools.mylog("usertosend.userId", usertosend.userId);
@@ -171,4 +199,15 @@ router.delete('/me/token', authenticate, (req, res) => {
  });
 });

+router.post('/setperm', authenticate, (req, res) => {
+  const body = _.pick(req.body, ['idapp', 'username', 'perm']);
+  tools.mylog("SETPERM = " + req.token);
+
+  User.setPermissionsById(res.user._id, body).then(() => {
+    res.status(200).send();
+  }, () => {
+    res.status(400).send();
+  });
+});
+
 module.exports = router;
--- a/server/tools/general.js
+++ b/server/tools/general.js
@@ -32,6 +32,12 @@ module.exports = {
  MAX_PHASES: 5,
  FIRST_PROJ: '__PROJECTS',
  EXECUTE_CALCPROJ: true,
+
+  Permissions: {
+    Normal: 0,
+    Admin: 1,
+  },
+
  getHostname: function () {
    return os.hostname()
  },
--- a/server/tools/shared_nodejs.js
+++ b/server/tools/shared_nodejs.js
@@ -0,0 +1,7 @@
+module.exports = {
+
+  fieldsUserToChange() {
+    return ['username', 'email', 'name', 'surname', 'perm', 'date_reg']
+  }
+
+};