surya/freeplanet_serverside
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
26715cda44784317d4c79a3a904665ddba0169ad
freeplanet_serverside/src/server/router/index_router.js
Paolo Arena 26715cda44 - Billettera 
- Lista Ingressi
 - Send a Tutti la propria Lavagna.
2020-02-19 16:09:16 +01:00

728 lines
21 KiB
JavaScript
Raw Blame History

const express = require('express');
const router = express.Router(),
fs = require('fs'),
path = require('path');
const jwt = require('jsonwebtoken');
const telegrambot = require('../telegram/telegrambot');
const sendemail = require('../sendemail');
const { authenticate, authenticate_noerror } = require('../middleware/authenticate');
const { ObjectID } = require('mongodb');
const mongoose = require('mongoose');
const cfgserver = mongoose.model('cfgserver');
const ftp = require('../ftp/FTPClient'),
formidable = require('formidable'),
folder = path.join(__dirname, 'upload');
if (!fs.existsSync(folder)) {
fs.mkdirSync(folder)
}
const _ = require('lodash');
const { User } = require('../models/user');
const { ExtraList } = require('../models/extralist');
const { Booking } = require('../models/booking');
const { Operator } = require('../models/operator');
const { Where } = require('../models/where');
const { MyEvent } = require('../models/myevent');
const { Contribtype } = require('../models/contribtype');
const { PaymentType } = require('../models/paymenttype');
const { Discipline } = require('../models/discipline');
const { Newstosent } = require('../models/newstosent');
const { MyPage } = require('../models/mypage');
const { CalZoom } = require('../models/calzoom');
const { Gallery } = require('../models/gallery');
const { TemplEmail } = require('../models/templemail');
const { OpzEmail } = require('../models/opzemail');
const { MailingList } = require('../models/mailinglist');
const { Settings } = require('../models/settings');
const { SendMsg } = require('../models/sendmsg');
const { Permission } = require('../models/permission');
const tools = require('../tools/general');
const server_constants = require('../tools/server_constants');
const actions = require('./api/actions');
router.post(process.env.LINKVERIF_REG, (req, res) => {
const body = _.pick(req.body, ['idapp', 'idlink']);
const idapp = body.idapp;
const idlink = body.idlink;
// console.log("LINKVERIF_REG POST " + process.env.LINKVERIF_REG + " idapp= " + idapp + " idlink = " + idlink);
// Cerco l'idlink se è ancora da Verificare
User.findByLinkreg(idapp, idlink).then((user) => {
if (!user) {
//console.log("NON TROVATO!");
return res.status(404).send();
} else {
console.log('user', user);
if (user.verified_email) {
res.send({
code: server_constants.RIS_CODE_EMAIL_ALREADY_VERIFIED,
msg: tools.getres__("L'Email è già stata Verificata", res)
});
} else {
user.verified_email = true;
user.lasttimeonline = new Date();
user.save().then(() => {
//console.log("TROVATOOOOOO!");
res.send({ code: server_constants.RIS_CODE_EMAIL_VERIFIED, msg: tools.getres__('EMAIL', res) + ' ' + tools.getres__('VERIF', res) });
});
}
}
}).catch((e) => {
console.log(e);
res.status(400).send();
});
});
// Faccio richiesta di una Nuova Password
router.post(process.env.LINK_REQUEST_NEWPASSWORD, (req, res) => {
const body = _.pick(req.body, ['idapp', 'email']);
const idapp = body.idapp;
const email = body.email;
console.log("POST " + process.env.LINK_REQUEST_NEWPASSWORD + " idapp= " + idapp + " email = " + email);
User.findByEmail(idapp, email).then(async (user) => {
if (!user) {
await tools.snooze(5000);
return res.status(200).send({ code: server_constants.RIS_CODE_EMAIL_NOT_EXIST, msg: '' });
} else {
// Creo il tokenforgot
user.tokenforgot = jwt.sign(user._id.toHexString(), process.env.SIGNCODE).toString();
user.date_tokenforgot = new Date();
user.lasttimeonline = new Date();
user.save().then(async () => {
await sendemail.sendEmail_RequestNewPassword(res.locale, user, user.email, user.idapp, user.tokenforgot);
res.send({ code: server_constants.RIS_CODE_OK, msg: '' });
});
}
}).catch((e) => {
console.log(e);
res.status(400).send();
res.send({ code: server_constants.RIS_CODE_ERR, msg: e });
});
});
// Invio la Nuova Password richiesta dal reset!
// Ritorna il token per poter effettuare le chiamate...
router.post(process.env.LINK_UPDATE_PWD, (req, res) => {
const body = _.pick(req.body, ['idapp', 'email', 'tokenforgot', 'password']);
const idapp = body.idapp;
const email = body.email;
const tokenforgot = body.tokenforgot;
const password = body.password;
const msg = "Richiesta Nuova Password: idapp= " + idapp + " email = " + email;
console.log(msg);
// telegrambot.sendMsgTelegramToTheManagers(body.idapp, msg);
User.findByLinkTokenforgot(idapp, email, tokenforgot).then((user) => {
if (!user) {
return res.send({ code: server_constants.RIS_CODE_TOKEN_RESETPASSWORD_NOT_FOUND });
} else {
// aggiorna la nuova password
user.password = password;
user.lasttimeonline = new Date();
// Crea token
user.generateAuthToken(req).then(token => {
user.tokenforgot = ''; // Svuota il tokenforgot perché non ti servirà più...
// Salva lo User
user.save().then(() => {
res.header('x-auth', token).send({ code: server_constants.RIS_CODE_OK }); // Ritorna il token di ritorno
});
})
}
}).catch((e) => {
console.log(e);
res.status(400).send();
});
});
function getTableByTableName(tablename) {
mytable = '';
if (tablename === 'users')
mytable = User;
else if (tablename === 'extralist')
mytable = ExtraList;
else if (tablename === 'bookings')
mytable = Booking;
else if (tablename === 'operators')
mytable = Operator;
else if (tablename === 'sendmsgs')
mytable = SendMsg;
else if (tablename === 'wheres')
mytable = Where;
else if (tablename === 'myevents')
mytable = MyEvent;
else if (tablename === 'contribtype')
mytable = Contribtype;
else if (tablename === 'paymenttypes')
mytable = PaymentType;
else if (tablename === 'disciplines')
mytable = Discipline;
else if (tablename === 'newstosent')
mytable = Newstosent;
else if (tablename === 'gallery')
mytable = Gallery;
else if (tablename === 'mypage')
mytable = MyPage;
else if (tablename === 'calzoom')
mytable = CalZoom;
else if (tablename === 'templemail')
mytable = TemplEmail;
else if (tablename === 'opzemail')
mytable = OpzEmail;
else if (tablename === 'settings')
mytable = Settings;
else if (tablename === 'permissions')
mytable = Permission;
else if (tablename === 'mailinglist')
mytable = MailingList;
return mytable
}
router.post('/settable', authenticate, (req, res) => {
const params = req.body;
const mytable = getTableByTableName(params.table);
const mydata = req.body.data;
mydata.idapp = req.user.idapp;
if (params.table === 'permissions') {
if (mydata["_id"] === undefined) {
mydata._id = 1;
}
} else {
if (mydata["_id"] === undefined) {
mydata._id = new ObjectID()
}
}
mytablerec = new mytable(mydata);
console.log('mytablerec', mytablerec);
return mytablerec.save()
.then(rec => {
// tools.mylog('rec', rec);
return res.send(rec);
}).catch((e) => {
console.log(e);
res.status(400).send(e);
});
});
router.post('/gettable', authenticate, (req, res) => {
const params = req.body;
const mytable = getTableByTableName(params.table);
// console.log('mytable', mytable);
if (!mytable) {
console.log(`Table ${params.table} not found`);
return res.status(400).send({});
}
return mytable.executeQueryTable(req.user.idapp, params).then(ris => {
return res.send(ris);
}).catch((e) => {
console.log(e);
res.status(400).send(e);
});
});
router.patch('/chval', authenticate, (req, res) => {
// const idapp = req.body.idapp;
const id = req.body.data.id;
const idapp = req.body.idapp;
const mydata = req.body.data;
const mytable = getTableByTableName(mydata.table);
const fieldsvalue = mydata.fieldsvalue;
tools.mylogshow('PATCH CHVAL: ', id, fieldsvalue);
// If I change my record...
if ((!User.isAdmin(req.user.perm) && !User.isManager(req.user.perm)) && !(req.user._id.toString() === id) && !tools.ModificheConsentite(mydata.table, fieldsvalue)) {
// If without permissions, exit
return res.status(404).send({ code: server_constants.RIS_CODE_ERR_UNAUTHORIZED, msg: '' });
}
mytable.findByIdAndUpdate(id, { $set: fieldsvalue }).then(async (rec) => {
// tools.mylogshow(' REC TO MODIFY: ', rec);
if (!rec) {
return res.status(404).send();
} else {
if (mydata.notifBot) {
// Send Notification to the BOT
telegrambot.sendMsgTelegram(idapp, mydata.notifBot.un, mydata.notifBot.txt);
addtext = '[Msg Inviato a ' + mydata.notifBot.un + ']:' + '\n' + mydata.notifBot.txt;
telegrambot.sendMsgTelegramToTheManagers(idapp, addtext);
}
if (tools.ModificheConsentite(mydata.table, fieldsvalue)) {
let msg = '';
if (mydata.table === 'users') {
if ('aportador_solidario' in fieldsvalue) {
const nomecognomenuovo = await User.getNameSurnameByUsername(idapp, fieldsvalue.aportador_solidario);
const nomecognomeas = await User.getNameSurnameByUsername(idapp, rec.aportador_solidario);
msg = `Variato l'invitante di ` + rec.name + ' ' + rec.surname + '\nmodificato da ' + req.user.name + ' ' + req.user.surname + ' \n' +
'Prima: ' + nomecognomeas + ' (' + rec.aportador_solidario + ')\n' +
'Dopo: ' + nomecognomenuovo + ' (' + fieldsvalue.aportador_solidario + ') ]';
}
}
if (msg !== '')
telegrambot.sendMsgTelegramToTheManagers(idapp, msg);
}
res.send({ code: server_constants.RIS_CODE_OK, msg: '' });
}
}).catch((e) => {
tools.mylogserr('Error patch USER: ', e);
res.status(400).send();
})
});
router.get('/copyfromapptoapp/:idapporig/:idappdest', async (req, res) => {
// const idapporig = req.params.idapporig;
// const idappdest = req.params.idappdest;
// if (!idapporig || !idappdest)
// res.status(400).send();
//
// const mytablesstr = ['settings', 'users', 'templemail', 'contribtype'];
//
// try {
// let numrectot = 0;
// for (const table of mytablesstr) {
// const mytable = getTableByTableName(table);
//
// tools.mylogshow('copyfromapptoapp: ', table, mytable);
//
// await mytable.DuplicateAllRecords(idapporig, idappdest).then((numrec) => {
// // tools.mylogshow(' REC TO MODIFY: ', rec);
// numrectot += numrec
// });
// }
//
// res.send({ code: server_constants.RIS_CODE_OK, msg: '', numrectot });
//
// } catch (e) {
// tools.mylogserr('Error copyfromapptoapp: ', e);
// res.status(400).send();
// }
});
router.delete('/delrec/:table/:id', authenticate, (req, res) => {
const id = req.params.id;
const idapp = req.user.idapp;
const tablename = req.params.table;
let notifBot = false;
// const idapp = req.body.idapp;
console.log('id', id, 'table', tablename);
const mytable = getTableByTableName(tablename);
if ((!User.isAdmin(req.user.perm) && !User.isManager(req.user.perm)) && (tablename !== 'extralist')) {
// If without permissions, exit
return res.status(404).send({ code: server_constants.RIS_CODE_ERR_UNAUTHORIZED, msg: '' });
}
notifBot = tools.NotifyIfDelRecord(tablename);
return mytable.findByIdAndRemove(id).then((rec) => {
if (!rec) {
return res.status(404).send();
}
tools.mylog('DELETED ', rec._id);
// Do extra things after deleted
return actions.doOtherThingsAfterDeleted(tablename, rec).then((ris) => {
if (ris) {
if (notifBot) {
// Send Notification to the BOT
let nomerecord = '';
if ((tablename === 'users') || (tablename === 'extralist')) {
nomerecord = rec.name + ' ' + rec.surname + ' (' + rec.username + ')';
}
addtext = 'Eliminato il Record "' + nomerecord + '" dalla tabella ' + tablename + '\n' +
'Eseguito da ' + req.user.name + ' ' + req.user.surname + ' \n';
telegrambot.sendMsgTelegramToTheManagers(idapp, addtext);
}
tools.mylog('DELETED Others things ...');
return res.send({ code: server_constants.RIS_CODE_OK, msg: '' });
}
});
}).catch((e) => {
console.log(e);
res.status(400).send();
});
});
router.post('/duprec/:table/:id', authenticate, (req, res) => {
const id = req.params.id;
const tablename = req.params.table;
// const idapp = req.body.idapp;
console.log('id', id, 'table', tablename);
const mytable = getTableByTableName(tablename);
if (!req.user) {
return res.status(404).send({ code: server_constants.RIS_CODE_ERR_UNAUTHORIZED, msg: '' });
}
if (!User.isAdmin(req.user.perm) && !User.isManager(req.user.perm)) {
// If without permissions, exit
return res.status(404).send({ code: server_constants.RIS_CODE_ERR_UNAUTHORIZED, msg: '' });
}
return mytable.findById(id).then((mydata) => {
const datadup = tools.CloneRecordToNew(mydata);
const mynewrec = new mytable(datadup);
return mynewrec.save()
.then((rec) => {
if (!rec) {
return res.status(404).send();
}
tools.mylog('DUPLICATED ', rec);
// Do extra things after deleted
return actions.doOtherThingsAfterDuplicated(tablename, rec).then(({ myrec }) => {
// ...
mytable.findById(myrec._id).then((record) => {
return res.send({ code: server_constants.RIS_CODE_OK, record, msg: '' });
});
});
}).catch((e) => {
console.error(e);
res.status(400).send();
});
})
});
function doOtherThingsAfterDeleted() {
}
router.get('/loadsite/:userId/:idapp/:sall', authenticate_noerror, (req, res) => {
const userId = req.params.userId;
const idapp = req.params.idapp;
const sall = req.params.sall;
// var category = req.params.category;
// tools.mylog('loadsite : ', req.params);
let bookedevent = [];
let msgs = [];
if (userId !== '0') {
// LOGGED WITH USERID
bookedevent = Booking.findAllByUserIdAndIdApp(userId, idapp, sall);
}
// Extract all the todos of the userId only
const eventlist = MyEvent.findAllIdApp(idapp);
const operators = Operator.findAllIdApp(idapp);
const wheres = Where.findAllIdApp(idapp);
const contribtype = Contribtype.findAllIdApp(idapp);
const paymenttype = PaymentType.findAllIdApp(idapp);
const disciplines = Discipline.findAllIdApp(idapp);
const settings = Settings.findAllIdApp(idapp, false);
const permissions = Permission.findAllIdApp();
let newstosent = Promise.resolve([]);
let mailinglist = Promise.resolve([]);
let mypage = MyPage.findAllIdApp(idapp);
let calzoom = CalZoom.findAllIdApp(idapp);
let gallery = Gallery.findAllIdApp(idapp);
if (sall) {
newstosent = Newstosent.findAllIdApp(idapp);
}
let calcstat = null;
if (req.user)
calcstat = User.calculateStat(idapp, req.user.username);
return Promise.all([bookedevent, eventlist, operators, wheres, contribtype, settings, permissions, disciplines, newstosent, mailinglist, mypage, gallery, paymenttype, calcstat, calzoom])
.then((arrdata) => {
// console.table(arrdata);
const myuser = req.user;
if (myuser) {
myuser.password = '';
myuser._doc.calcstat = arrdata[13];
}
res.send({
bookedevent: arrdata[0],
eventlist: arrdata[1],
operators: arrdata[2],
wheres: arrdata[3],
contribtype: arrdata[4],
settings: arrdata[5],
permissions: arrdata[6],
disciplines: arrdata[7],
newstosent: arrdata[8],
mailinglist: arrdata[9],
mypage: arrdata[10],
gallery: arrdata[11],
paymenttypes: arrdata[12],
calzoom: arrdata[14],
myuser,
});
})
.catch((e) => {
console.log(e);
res.status(400).send(e);
});
});
router.get(process.env.LINK_CHECK_UPDATES, authenticate, (req, res) => {
const userId = req.user._id;
// console.log("POST " + process.env.LINK_CHECK_UPDATES + " userId=" + userId);
if (!ObjectID.isValid(userId)) {
return res.status(404).send();
}
cfgserver.find().then((arrcfgrec) => {
if (!arrcfgrec)
return res.status(404).send();
// ++Todo: Add to Log Stat ....
// const sall = '0';
// msgs = SendMsg.findAllByUserIdAndIdApp(userId, req.user.username, req.user.idapp);
last_msgs = SendMsg.findLastGroupByUserIdAndIdApp(userId, req.user.username, req.user.idapp);
let usersList = null;
if (req.user) {
// If User is Admin, then send user Lists
if (User.isAdmin(req.user.perm)) {
// Send UsersList
usersList = User.getUsersList(req.user.idapp)
}
}
return Promise.all([usersList, last_msgs])
.then((arrdata) => {
// console.table(arrdata);
return res.send({
cfgServer: arrcfgrec,
usersList: arrdata[0],
last_msgs: arrdata[1],
});
});
}).catch((e) => {
console.log(e);
res.status(400).send({ code: server_constants.RIS_CODE_ERR, msg: e });
});
});
router.post('/upload_from_other_server/:dir', authenticate, (req, res) => {
const dir = req.params.dir;
const idapp = req.user.idapp;
/*
const form = new formidable.IncomingForm();
form.parse(req);
const client = new ftp(process.env.FTPSERVER_HOST, process.env.FTPSERVER_PORT, process.env.FTPSERVER_USER + idapp + '@associazioneshen.it', process.env.FTPSERVER_PWD + idapp, false, 134217728);
// SSL_OP_NO_TLSv1_2 = 134217728
// console.log('client', client);
form.uploadDir = folder + '/' + dir;
try {
form.on('fileBegin', async function (name, file){
file.path = folder + '/' + file.name;
});
form.on('file', async function (name, file){
try {
// Create directory remote
if (!!dir)
await client.createDir(dir);
const miofile = (dir) ? dir + ` / ` + file.name : file.name;
console.log('Upload...');
const ret = await client.upload(file.path, miofile, 755);
console.log('Uploaded ' + file.name, 'status:', ret);
if (!ret)
res.status(400).send();
else {
// Delete file from local directory
fs.unlinkSync(file.path);
res.end();
}
}catch (e) {
console.log('error', e);
res.status(400).send();
}
});
form.on('aborted', () => {
console.error('Request aborted by the user');
res.status(400).send();
});
form.on('error', (err) => {
console.error('Error Uploading', err);
res.status(400).send();
});
} catch (e) {
console.log('Error', e)
}
*/
});
router.post('/upload/:dir', authenticate, (req, res) => {
const dir = req.params.dir;
const idapp = req.user.idapp;
// console.log('/upload dir:' + dir);
const form = new formidable.IncomingForm();
form.parse(req);
form.uploadDir = folder + '/' + dir;
try {
form.on('fileBegin', async function (name, file) {
file.path = folder + '/' + file.name;
});
form.on('file', async function (name, file) {
try {
console.log('Uploaded ' + file.name);
const mydir = tools.getdirByIdApp(idapp) + '/statics/upload/' + dir;
// Create Dir if doesn't exist:
tools.mkdirpath(mydir);
newname = mydir + '/' + file.name;
console.log('move from ', file.path, 'to :', newname);
// For local: ... resolve this... sending through the static folder...
// res.sendFile(path.resolve(file.name));
// Move in the folder application !
tools.move(file.path, newname, (err) => {
if (err)
console.log('err:', err);
res.end();
});
} catch (e) {
console.log('error', e);
res.status(400).send();
}
});
form.on('aborted', () => {
console.error('Request aborted by the user');
res.status(400).send();
});
form.on('error', (err) => {
console.error('Error Uploading', err);
res.status(400).send();
});
} catch (e) {
console.log('Error', e)
}
});
router.delete('/delfile', authenticate, (req, res) => {
const relativefile = req.query.filename;
const idapp = req.user.idapp;
try {
try {
console.log('Delete file ' + relativefile);
// ++ Move in the folder application !
fullpathfile = tools.getdirByIdApp(idapp) + '/' + relativefile;
tools.delete(fullpathfile, (err) => {
if (err) console.log('err', err);
if (err === undefined || err.errno === -2)
res.send({ code: server_constants.RIS_CODE_OK, msg: '' });
});
} catch (e) {
console.log('error', e);
res.status(400).send();
}
} catch (e) {
console.log('Error', e)
}
});
module.exports = router;
Reference in New Issue View Git Blame Copy Permalink