Merge branch 'development' into Jiayu_fix_bug_manual_add_lost_volunte…

…er_time

package.json

@@ -34,7 +34,7 @@
     "eslint-import-resolver-babel-module": "^5.3.1",
     "eslint-plugin-import": "^2.28.0",
     "husky": "^8.0.1",
-    "jest": "^26.6.0",
+    "jest": "^29.7.0",
     "eslint-plugin-jsx-a11y": "^6.7.1",
     "eslint-plugin-react": "^7.33.1",
     "eslint-plugin-react-hooks": "^4.6.0",
@@ -69,7 +69,7 @@
     "moment": "^2.29.4",
     "moment-timezone": "^0.5.35",
     "mongodb": "^3.7.3",
-    "mongoose": "^5.13.15",
+    "mongoose": "^5.13.20",
     "mongoose-validator": "^2.1.0",
     "node-cache": "^5.1.2",
     "node-datetime": "^2.0.3",
@@ -78,7 +78,7 @@
     "sanitize-html": "^2.13.0",
     "supertest": "^6.3.4",
     "uuid": "^3.4.0",
-    "ws": "^8.8.1"
+    "ws": "^8.17.1"
   },
   "nodemonConfig": {
     "watch": [

requirements/logincontroller/getUser-usecase.md

@@ -0,0 +1,9 @@
+Check mark: ✅
+Cross Mark: ❌
+
+# GetUser 
+
+> ## Positive case
+
+1. ❌ Receives a POST request in the **/api/userProfile** route
+2. ✅ Returns **200**, with the requestor body

requirements/logincontroller/login-usecase.md

@@ -0,0 +1,21 @@
+Check mark: ✅
+Cross Mark: ❌
+
+# login 
+
+> ## Positive case
+
+1. ❌ Receives a POST request in the **/api/userProfile** route
+2. ✅  Returns 200, if the user is a new user and there is a password match
+3. ✅  Returns 200, if the user already exists and the password is a match
+
+## Negative case
+
+1. ✅ Returns error 400 if there is no email or password
+2. ✅ Returns error 403 if there is no user
+3. ✅ Returns error 403 if the user exists but is not active
+4. ✅ Returns error 403 if the password is not a match and if the user already exists - in progress
+
+## Edge case
+
+1. ✅ Returns the error if the try block fails - in progress

requirements/mouseoverTextController/createMouseoverText.md

@@ -0,0 +1,11 @@
+Check mark: ✅
+Cross Mark: ❌
+
+# createMouseoverText
+
+> ## Positive case
+1. ✅ Return 201 if create new mouseoverText successfully.
+
+> ## Negative case
+1. ✅ Returns error 500 if any error when saving the new mouseoverText
+> ## Edge case

requirements/mouseoverTextController/getMouseoverText.md

@@ -0,0 +1,11 @@
+Check mark: ✅
+Cross Mark: ❌
+
+# getMouseoverText
+
+> ## Positive case
+1. ✅ Return 200 if find mouseoverText successfully.
+
+> ## Negative case
+1. ✅ Returns error 404 if any error when finding the mouseoverText
+> ## Edge case

requirements/mouseoverTextController/updateMouseoverText.md

@@ -0,0 +1,12 @@
+Check mark: ✅
+Cross Mark: ❌
+
+# updateMouseoverText
+
+> ## Positive case
+1. ✅ Return 201 if updating mouseoverText successfully.
+
+> ## Negative case
+1. ✅ Returns error 500 if any error when finding the mouseoverText by Id
+2. ✅ Returns error 400 if any error when saving the mouseoverText
+> ## Edge case

requirements/notificationController/creatUserNotification.md

@@ -0,0 +1,15 @@
+Check mark: ✅
+Cross Mark: ❌
+
+
+# Create User Notification
+
+## Negative Cases
+
+1. ✅ Returns error 403 if requestor role is not Admin or Owner
+2. ✅ Returns error 400 if message and recipient are missing from request
+3. ✅ Returns error 500 if there is an internal error while fetching unread notifications.
+
+## Positive Cases
+
+1. ✅ Returns status 200 when notification is successfully created with sender, recipient and message

requirements/notificationController/deleteUserNotification.md

@@ -0,0 +1,14 @@
+Check mark: ✅
+Cross Mark: ❌
+
+
+# Delete User Notification
+
+## Negative Cases
+
+1. ✅ Returns error 403 if requestor role is not Admin or Owner.
+2. ✅ Returns error 500 if there is an internal error while deleting notification.
+
+## Positive Cases
+
+1. ✅ Returns status 200 when notification is successfully deleted.

requirements/notificationController/getSentNotifications.md

@@ -0,0 +1,14 @@
+Check mark: ✅
+Cross Mark: ❌
+
+
+# GET Sent Notifications
+
+## Positive Cases
+
+1. ✅ Returns status 200 Successful Data Retrieval
+
+## Negative Cases
+
+1. ✅ Returns error 403 if requestor role is not Admin or Owner
+2. ✅ Returns error 500 if there is an internal error while fetching notifications.

requirements/notificationController/getUnreadUserNotifications.md

@@ -0,0 +1,15 @@
+Check mark: ✅
+Cross Mark: ❌
+
+
+# GET Unread User Notifications
+
+## Negative Cases
+
+1. ✅ Returns error 403 if userId does not match requestorId.
+2. ✅ Returns error 400 if the userId is missing from the request.
+3. ✅ Returns error 500 if there is an internal error while fetching unread notifications.
+
+## Positive Cases
+
+1. ✅ Returns status 200 with notification data when a valid userId is provided by an Administrator or Owner querying another user's notifications.

requirements/notificationController/getUserNotifications.md

@@ -0,0 +1,15 @@
+Check mark: ✅
+Cross Mark: ❌
+
+
+# GET User Notifications
+
+## Negative Cases
+
+1. ✅ Returns error 403 if userId does not match requestorId.
+2. ✅ Returns error 400 if the userId is missing from the request.
+3. ✅ Returns error 500 if there is an internal error while fetching notifications.
+
+## Positive Cases
+
+1. ✅ Returns status 200 with notification data when a valid userId is provided by an Administrator or Owner querying another user's notifications.

requirements/notificationController/markNotificationAsRead.md

@@ -0,0 +1,14 @@
+Check mark: ✅
+Cross Mark: ❌
+
+
+# Mark Notification as Read
+
+## Negative Cases
+
+1. ✅ Returns error 400 if recipientId is missing.
+2. ✅ Returns error 500 if there is an internal error while reading notification.
+
+## Positive Cases
+
+1. ✅ Returns status 200 when notification is successfully read.

requirements/rolePresetsController/createNewPresets.md

@@ -0,0 +1,18 @@
+Check mark: ✅
+Cross Mark: ❌
+
+# createNewPreset
+
+> ## Positive case
+1. ✅ Receives a POST request in the **/api/rolePreset** route
+2. ✅ Return 201 if create New Presets successfully.
+
+> ## Negative case
+
+1. ✅ Returns error 403 if user doesn't have permissions for putRole
+2. ✅ Returns 400 if missing presetName
+3. ✅ Returns 400 if missing roleName
+4. ✅ Returns 400 if missing premissions
+5. ✅ Returns error 400 when saving new presets
+
+> ## Edge case

requirements/rolePresetsController/deletePresetById.md

@@ -0,0 +1,17 @@
+Check mark: ✅
+Cross Mark: ❌
+
+# deletePresetById
+
+> ## Positive case
+
+1. ✅ Return 200 if removing preset by id successfully.
+
+> ## Negative case
+
+1. ✅ Returns error 403 if user doesn't have permissions for putRole
+2. ✅ Returns 400 if error in finding by id
+3. ✅ Returns 400 if the route doesn't exist
+4. ✅ Returns 400 if any error when removing results
+
+> ## Edge case

requirements/rolePresetsController/getPresetsByRole.md

@@ -0,0 +1,15 @@
+Check mark: ✅
+Cross Mark: ❌
+
+# getPresetsByRole 
+
+> ## Positive case
+1. ✅ Receives a GET request in the **/api/rolePreset** route
+2. ✅ Return 200 if get Presets by roleName successfully.
+
+> ## Negative case
+
+1. ✅ Returns error 403 if user doesn't have permissions for putRole
+2. ✅ Returns 400 when catching any error in finding roleName 
+
+> ## Edge case

requirements/rolePresetsController/updatePresetById.md

@@ -0,0 +1,17 @@
+Check mark: ✅
+Cross Mark: ❌
+
+# updatePresetById
+
+> ## Positive case
+
+1. ✅ Return 200 if update preset by id successfully.
+
+> ## Negative case
+
+1. ✅ Returns error 403 if user doesn't have permissions for putRole
+2. ✅ Returns 400 if the router doesn't exist
+3. ✅ Returns 400 if error in finding by id
+3. ✅ Returns 400 if any error when saving results
+
+> ## Edge case

src/controllers/BlueSquareEmailAssignmentController.js

@@ -0,0 +1,67 @@
+const BlueSquareEmailAssignmentController = function (BlueSquareEmailAssignment, userProfile) {
+  const getBlueSquareEmailAssignment = async function (req, res) {
+    try {
+      const assignments = await BlueSquareEmailAssignment.find().populate('assignedTo').exec()
+      res.status(200).send(assignments);
+    } catch (error) {
+      console.log(error)
+      res.status(500).send(error);
+    }
+  };
+
+  const setBlueSquareEmailAssignment = async function (req, res) {
+    try {
+      const { email } = req.body;
+
+      if (!email) {
+        res.status(400).send('bad request');
+        return;
+      }
+
+      const user = await userProfile.findOne({ email });
+      if (!userProfile) {
+        return res.status(400).send('User profile not found');
+      }
+
+      const newAssignment = new BlueSquareEmailAssignment({
+        email,
+        assignedTo: user._id,
+      });
+      await newAssignment.save();
+      const assignment = await BlueSquareEmailAssignment.find({email}).populate('assignedTo').exec()
+
+      res.status(200).send(assignment[0]);
+    } catch (error) {
+      res.status(500).send(error);
+    }
+  };
+
+  const deleteBlueSquareEmailAssignment = async function (req, res) {
+    try {
+      const { id } = req.params;
+
+      if (!id) {
+        res.status(400).send('bad request');
+        return;
+      }
+
+      const deletedAssignment = await BlueSquareEmailAssignment.findOneAndDelete({ _id: id });
+      if (!deletedAssignment) {
+        res.status(404).send('Assignment not found');
+        return;
+      }
+
+      res.status(200).send({id});
+    } catch (error) {
+      res.status(500).send(error);
+    }
+  };
+
+  return {
+    getBlueSquareEmailAssignment,
+    setBlueSquareEmailAssignment,
+    deleteBlueSquareEmailAssignment,
+  };
+};
+
+module.exports = BlueSquareEmailAssignmentController;

src/controllers/badgeController.js

@@ -13,10 +13,21 @@ const badgeController = function (Badge) {
   const cache = cacheClosure();
 
   const getAllBadges = async function (req, res) {
-    if (!(await helper.hasPermission(req.body.requestor, 'seeBadges')) && !(await helper.hasPermission(req.body.requestor, 'assignBadges'))) {
+    console.log(req.body.requestor);  // Retain logging from development branch for debugging
+
+    // Check if the user has any of the following permissions
+    if (
+      !(await helper.hasPermission(req.body.requestor, 'seeBadges')) &&
+      !(await helper.hasPermission(req.body.requestor, 'assignBadges')) &&
+      !(await helper.hasPermission(req.body.requestor, 'createBadges')) &&
+      !(await helper.hasPermission(req.body.requestor, 'updateBadges')) &&
+      !(await helper.hasPermission(req.body.requestor, 'deleteBadges'))
+    ) {
+      console.log('in if statement');  // Retain logging from development branch for debugging
       res.status(403).send('You are not authorized to view all badge data.');
       return;
     }
+
     // Add cache to reduce database query and optimize performance
     if (cache.hasCache('allBadges')) {
       res.status(200).send(cache.getCache('allBadges'));
@@ -39,7 +50,7 @@ const badgeController = function (Badge) {
         cache.setCache('allBadges', results);
         res.status(200).send(results);
       })
-      .catch(error => res.status(500).send(error));
+      .catch((error) => res.status(500).send(error));
   };
 
   /**