diff --git a/src/controllers/bmdashboard/bmNewLessonController.js b/src/controllers/bmdashboard/bmNewLessonController.js new file mode 100644 index 000000000..049c79222 --- /dev/null +++ b/src/controllers/bmdashboard/bmNewLessonController.js @@ -0,0 +1,27 @@ +const mongoose = require('mongoose'); + +const bmNewLessonController = function (BuildingNewLesson) { + const bmGetLessonList = async (req, res) => { + try { + BuildingNewLesson + .find() + .populate() + .then(result => res.status(200).send(result)) + .catch(error => res.status(500).send(error)); + } catch (err) { + res.json(err); + } + }; + const bmPostLessonList = async (req, res) => { + try { + const newLesson = BuildingNewLesson.create(req.body) + .then(result => res.status(201).send(result)) + .catch(error => res.status(500).send(error)); + } catch (err) { + res.json(err); + } + }; + return { bmPostLessonList, bmGetLessonList }; +}; + +module.exports = bmNewLessonController; diff --git a/src/controllers/userProfileController.js b/src/controllers/userProfileController.js index c86d4c139..52da2c3c1 100644 --- a/src/controllers/userProfileController.js +++ b/src/controllers/userProfileController.js @@ -2,7 +2,7 @@ const moment = require('moment-timezone'); const mongoose = require('mongoose'); const bcrypt = require('bcryptjs'); -const fetch = require("node-fetch"); +const fetch = require('node-fetch'); const moment_ = require('moment'); const jwt = require('jsonwebtoken'); @@ -111,7 +111,6 @@ const userProfileController = function (UserProfile) { }; const postUserProfile = async function (req, res) { - if (!await hasPermission(req.body.requestor, 'postUserProfile')) { res.status(403).send('You are not authorized to create new users'); return; @@ -142,12 +141,12 @@ const userProfileController = function (UserProfile) { // In dev environment, if newly created user is Owner or Administrator, make fetch request to Beta login route with actualEmail and actual Password if (process.env.dbName === 'hgnData_dev') { if (req.body.role === 'Owner' || req.body.role === 'Administrator') { - const email = req.body.actualEmail - const password = req.body.actualPassword - const url = "https://hgn-rest-beta.azurewebsites.net/api/" + const email = req.body.actualEmail; + const password = req.body.actualPassword; + const url = 'https://hgn-rest-beta.azurewebsites.net/api/'; try { // Log in to Beta login route using provided credentials - const response = await fetch(url + 'login', { + const response = await fetch(`${url}login`, { method: 'POST', headers: { 'Content-Type': 'application/json', @@ -276,14 +275,6 @@ const userProfileController = function (UserProfile) { return; } - const canEditTeamCode = req.body.requestor.role === 'Owner' - || req.body.requestor.role === 'Administrator' - || req.body.requestor.permissions?.frontPermissions.includes('editTeamCode'); - - if (!canEditTeamCode) { - res.status(403).send('You are not authorized to edit team code.'); - return; - } if (req.body.role === 'Owner' && !await hasPermission(req.body.requestor, 'addDeleteEditOwners')) { res.status(403).send('You are not authorized to update this user'); @@ -307,6 +298,15 @@ const userProfileController = function (UserProfile) { } } + const canEditTeamCode = req.body.requestor.role === 'Owner' + || req.body.requestor.role === 'Administrator' + || req.body.requestor.permissions?.frontPermissions.includes('editTeamCode'); + + if (!canEditTeamCode && record.teamCode !== req.body.teamCode) { + res.status(403).send('You are not authorized to edit team code.'); + return; + } + const originalinfringements = record.infringements ? record.infringements : []; @@ -890,7 +890,7 @@ const userProfileController = function (UserProfile) { const currentRefreshToken = jwt.sign(jwtPayload, JWT_SECRET); res.status(200).send({ refreshToken: currentRefreshToken }); }; - + return { postUserProfile, getUserProfiles, diff --git a/src/models/bmdashboard/buildingInventoryItem.js b/src/models/bmdashboard/buildingInventoryItem.js index fdcfde3dd..ba89fa026 100644 --- a/src/models/bmdashboard/buildingInventoryItem.js +++ b/src/models/bmdashboard/buildingInventoryItem.js @@ -17,7 +17,6 @@ const smallItemBaseSchema = mongoose.Schema({ // TODO: can stockAvailable default be a function? stockAvailable: { type: Number, default: 0 }, // available = bought - (used + wasted/destroyed) purchaseRecord: [{ - _id: false, // do not add _id field to subdocument date: { type: Date, default: Date.now() }, requestedBy: { type: mongoose.SchemaTypes.ObjectId, ref: 'userProfile' }, quantity: { type: Number, required: true, default: 1 }, // default 1 for tool or equipment purchases @@ -26,7 +25,6 @@ const smallItemBaseSchema = mongoose.Schema({ status: { type: String, default: 'Pending', enum: ['Approved', 'Pending', 'Rejected'] }, }], updateRecord: [{ - _id: false, date: { type: Date, required: true }, createdBy: { type: mongoose.SchemaTypes.ObjectId, ref: 'userProfile' }, quantityUsed: { type: Number, required: true }, @@ -49,7 +47,6 @@ const largeItemBaseSchema = mongoose.Schema({ rentalDueDate: { type: Date, required: () => this.purchaseStatus === 'Rental' }, imageUrl: String, purchaseRecord: [{ - _id: false, // do not add _id field to subdocument date: { type: Date, default: Date.now() }, requestedBy: { type: mongoose.SchemaTypes.ObjectId, ref: 'userProfile' }, priority: { type: String, enum: ['Low', 'Medium', 'High'], required: true }, @@ -58,13 +55,11 @@ const largeItemBaseSchema = mongoose.Schema({ status: { type: String, default: 'Pending', enum: ['Approved', 'Pending', 'Rejected'] }, }], updateRecord: [{ // track tool condition updates - _id: false, date: { type: Date, default: Date.now() }, createdBy: { type: mongoose.SchemaTypes.ObjectId, ref: 'userProfile' }, condition: { type: String, enum: ['Good', 'Needs Repair', 'Out of Order'] }, }], logRecord: [{ // track tool daily check in/out and responsible user - _id: false, date: { type: Date, default: Date.now() }, createdBy: { type: mongoose.SchemaTypes.ObjectId, ref: 'userProfile' }, responsibleUser: { type: mongoose.SchemaTypes.ObjectId, ref: 'userProfile' }, diff --git a/src/models/bmdashboard/buildingMaterial.js b/src/models/bmdashboard/buildingMaterial.js index bc86884ed..5dae11ee3 100644 --- a/src/models/bmdashboard/buildingMaterial.js +++ b/src/models/bmdashboard/buildingMaterial.js @@ -10,7 +10,6 @@ const buildingMaterial = new Schema({ stockWasted: { type: Number, default: 0 }, // total amount of item wasted/ruined/lost in the project stockAvailable: { type: Number, default: 0 }, // bought - (used + wasted) purchaseRecord: [{ - _id: false, // do not add _id field to subdocument date: { type: Date, default: Date.now() }, requestedBy: { type: mongoose.SchemaTypes.ObjectId, ref: 'userProfile' }, quantity: { type: Number, required: true }, @@ -19,7 +18,6 @@ const buildingMaterial = new Schema({ status: { type: String, default: 'Pending', enum: ['Approved', 'Pending', 'Rejected'] }, }], updateRecord: [{ - _id: false, date: { type: Date, required: true }, createdBy: { type: mongoose.SchemaTypes.ObjectId, ref: 'userProfile' }, quantityUsed: { type: Number, required: true }, diff --git a/src/models/bmdashboard/buildingNewLesson.js b/src/models/bmdashboard/buildingNewLesson.js new file mode 100644 index 000000000..21bf77fc6 --- /dev/null +++ b/src/models/bmdashboard/buildingNewLesson.js @@ -0,0 +1,14 @@ +const mongoose = require('mongoose'); + +const { Schema } = mongoose; + +const buildingNewLesson = new Schema({ + title: { type: String, required: true, maxLength: 20 }, + content: { type: String, required: true, maxLength: 500 }, + date: { type: Date, required: true, default: Date.now() }, + author: { type: mongoose.SchemaTypes.ObjectId, ref: 'userProfile', required: true }, + tags: [{ type: String, required: true, maxLength: 10 }], + relatedProject: { type: mongoose.SchemaTypes.ObjectId, ref: 'buildingProject', required: true }, +}); + +module.exports = mongoose.model('buildingNewLesson', buildingNewLesson, 'buildingNewLessons'); diff --git a/src/routes/bmdashboard/bmNewLessonRouter.js b/src/routes/bmdashboard/bmNewLessonRouter.js new file mode 100644 index 000000000..b1cf3fb85 --- /dev/null +++ b/src/routes/bmdashboard/bmNewLessonRouter.js @@ -0,0 +1,15 @@ +const express = require('express'); + +const routes = function (buildingNewLesson) { + const NewLessonRouter = express.Router(); + const controller = require('../../controllers/bmdashboard/bmNewLessonController')(buildingNewLesson); + + // having GET request just for testing: + NewLessonRouter.route('/lessons') + .get(controller.bmGetLessonList); + + NewLessonRouter.route('/lessons/new') + .post(controller.bmPostLessonList); + return NewLessonRouter; +}; +module.exports = routes; diff --git a/src/startup/routes.js b/src/startup/routes.js index 492e455cd..4701a9f61 100644 --- a/src/startup/routes.js +++ b/src/startup/routes.js @@ -24,6 +24,7 @@ const mouseoverText = require('../models/mouseoverText'); // const inventoryItemMaterial = require('../models/inventoryItemMaterial'); const mapLocations = require('../models/mapLocation'); const buildingProject = require('../models/bmdashboard/buildingProject'); +const buildingNewLesson = require('../models/bmdashboard/buildingNewLesson'); // const buildingMaterial = require('../models/bmdashboard/buildingMaterial'); const { invTypeBase, @@ -78,6 +79,7 @@ const mapLocationRouter = require('../routes/mapLocationsRouter')(mapLocations); const bmLoginRouter = require('../routes/bmdashboard/bmLoginRouter')(); const bmMaterialsRouter = require('../routes/bmdashboard/bmMaterialsRouter')(buildingMaterial); const bmProjectRouter = require('../routes/bmdashboard/bmProjectRouter')(buildingProject); +const bmNewLessonRouter = require('../routes/bmdashboard/bmNewLessonRouter')(buildingNewLesson); const bmConsumablesRouter = require('../routes/bmdashboard/bmConsumablesRouter')(buildingConsumable); const bmInventoryTypeRouter = require('../routes/bmdashboard/bmInventoryTypeRouter')(invTypeBase, materialType, consumableType, reusableType, toolType, equipmentType); const bmToolRouter = require('../routes/bmdashboard/bmToolRouter')(buildingTool); @@ -116,7 +118,8 @@ module.exports = function (app) { app.use('/api/bm', bmLoginRouter); app.use('/api/bm', bmMaterialsRouter); app.use('/api/bm', bmProjectRouter); + app.use('/api/bm', bmNewLessonRouter); app.use('/api/bm', bmInventoryTypeRouter); app.use('/api/bm', bmToolRouter); app.use('/api/bm', bmConsumablesRouter); -}; \ No newline at end of file +};