diff --git a/category.model.js b/category.model.js new file mode 100644 index 0000000..31f5113 --- /dev/null +++ b/category.model.js @@ -0,0 +1,16 @@ +const mongoose = require('mongoose'); +const Schema = mongoose.Schema; + +// Database schema for an email message +let Category = new Schema({ + name: { + type: String + }, + color: { + type: String + }, +}, { + collection: 'categories' +}); + +module.exports = mongoose.model('Category', Category); \ No newline at end of file diff --git a/category.route.js b/category.route.js new file mode 100644 index 0000000..a21f76a --- /dev/null +++ b/category.route.js @@ -0,0 +1,77 @@ +const utils = require('./utils'); +const express = require('express'); +const categoryRoutes = express.Router(); + +let Post = require('./post.model'); +let Category = require('./category.model'); +let Session = require('./session.model'); +let User = require('./user.model'); + +/* + POST - /category/create + Create a category + Response: 201 - Created + 401 - Unauthorized +*/ +categoryRoutes.route('/create').post((req, res) => { + if (!req.body) { + res.status(401).send("Missing body"); + return; + } + utils.checkSession(req.body.userId, req.body.sessionId, (isValidId) => { + utils.isAdmin(req.body.userId, (isAdmin) => { + if (isValidId && isAdmin) { + let c = new Category(req.body); + c.save() + .then(() => { + res.json(c); + }) + .catch((e) => { + console.log(e); + res.status(500).send("Error creating category"); + }); + } else { + res.status(401).send("Invalid permissions to create category."); + return; + } + }) + }); +}); + +/* + GET - /category/all + Get all categories + Response: 200 - OK +*/ +categoryRoutes.route('/all').get((req, res) => { + Category.find({}, (err, cArr) => { + if (err) { + console.log(err); + res.status(500).send("Error getting categories"); + return; + } + res.status(200).send(cArr); + }); +}); + +/* + GET - /category/posts + Get all posts with specified category + Response: 200 - OK +*/ +categoryRoutes.route('/posts').get((req, res) => { + Post.find({}, (err, postArr) => { + if (err) { + console.log(err); + res.status(500).send("Error getting posts"); + return; + } + postArr = postArr.filter(post => post.category.includes(req.body._id)); + res.status(200).send(postArr); + }); +}); + + + + +module.exports = categoryRoutes; diff --git a/index.js b/index.js index cf1620e..e45073c 100644 --- a/index.js +++ b/index.js @@ -8,6 +8,8 @@ const utils = require ('./utils'); const CronJob = require('cron').CronJob; const config = require('./DB.js'); const userRoutes = require('./user.route'); +const postRoutes = require('./post.route'); +const categoryRoutes = require('./category.route'); console.log("Starting Kno-Logic Backend Server"); @@ -31,7 +33,9 @@ app.use(express.urlencoded({ extended: true })) app.use(express.json()); // Express routes -app.use('/users', userRoutes); +app.use('/user', userRoutes); +app.use('/post', postRoutes); +app.use('/category', categoryRoutes); app.listen(PORT, () => { console.log('Express server running on port:', PORT); diff --git a/message.model.js b/message.model.js index 0d86ed8..d90c5cf 100644 --- a/message.model.js +++ b/message.model.js @@ -16,4 +16,4 @@ let Message = new Schema({ collection: 'messages' }); -module.exports = mongoose.model('Message', Message); +module.exports = mongoose.model('Message', Message); \ No newline at end of file diff --git a/post.model.js b/post.model.js new file mode 100644 index 0000000..53dfd6c --- /dev/null +++ b/post.model.js @@ -0,0 +1,31 @@ +const mongoose = require('mongoose'); +const Schema = mongoose.Schema; + +// Database schema for an email message +let Post = new Schema({ + title: { + type: String + }, + description: { + type: String + }, + author: { + type: String + }, + category: { + type: Array + }, + link: { + type: String + }, + date: { + type: Date + }, + photo: { + type: String + } +}, { + collection: 'posts' +}); + +module.exports = mongoose.model('Post', Post); \ No newline at end of file diff --git a/post.route.js b/post.route.js new file mode 100644 index 0000000..1cb4330 --- /dev/null +++ b/post.route.js @@ -0,0 +1,181 @@ +const utils = require('./utils'); +const express = require('express'); +const postRoutes = express.Router(); + +let Post = require('./post.model'); +let Category = require('./category.model'); +let Session = require('./session.model'); +let User = require('./user.model'); + +/* + POST - /post/create + Create a post + Response: 201 - Created + 401 - Unauthorized +*/ +postRoutes.route('/create').post((req, res) => { + if (!req.body) { + res.status(401).send("Missing body"); + return; + } + utils.checkSession(req.body.userId, req.body.sessionId, (isValidId) => { + utils.isAdmin(req.body.userId, (isAdmin) => { + if (isValidId && isAdmin) { + let p = new Post(req.body); + p.date = utils.dateToEpoch(p.date); + p.save() + .then(() => { + res.json(p); + }) + .catch((e) => { + console.log(e); + res.status(500).send("Error creating post"); + }); + } else { + res.status(401).send("Invalid permissions to create post."); + return; + } + }) + }); +}); + +/* + POST - /post/delete + Create a post + Response: 200 - Deleted + 401 - Unauthorized +*/ +postRoutes.route('/delete').post((req, res) => { + if (!req.body) { + res.status(401).send("Missing body"); + return; + } + utils.checkSession(req.body.userId, req.body.sessionId, (isValidId) => { + utils.isAdmin(req.body.userId, (isAdmin) => { + if (isValidId && isAdmin) { + Post.findByIdAndDelete(req.body._id, (err, r) => { + if (err) { + res.status(500).send("Error deleting post"); + return; + } + res.status(200).send("Deleted post"); + }); + } else { + res.status(401).send("Invalid permissions to delete post."); + return; + } + }) + }); +}); + +/* + POST - /post/edit + Create a post + Response: 200 - Edited + 401 - Unauthorized +*/ +postRoutes.route('/edit').post((req, res) => { + if (!req.body) { + res.status(401).send("Missing body"); + return; + } + utils.checkSession(req.body.userId, req.body.sessionId, (isValidId) => { + utils.isAdmin(req.body.userId, (isAdmin) => { + if (isValidId && isAdmin) { + Post.findById(req.body._id, (err, r) => { + if (err) { + res.status(500).send("Error editing post"); + return; + } + r.save() + .then(() => { + res.json(r); + }) + .catch((e) => { + console.log(e); + res.status(500).send("Error creating post"); + }); + res.status(200).send("Edited post"); + }); + } else { + res.status(401).send("Invalid permissions to delete post."); + return; + } + }) + }); +}); + + +/* + POST - /post/id + Get post by id + Response: 200 - OK +*/ +postRoutes.route('/id').post((req, res) => { + Post.findById(req.body._id, (err, post) => { + if (err) { + console.log(err); + res.status(500).send("Error getting posts"); + return; + } + res.status(200).send(post); + }); +}); + +/* + POST - /post/date + Get post by date + Response: 200 - OK +*/ +postRoutes.route('/date').post((req, res) => { + let d = new Date(req.body.date); + d = utils.dateToEpoch(d); + Post.find({ date: d}, (err, post) => { + if (err) { + console.log(err); + res.status(500).send("Error getting posts"); + return; + } + res.status(200).send(post); + }); +}); + + +/* + GET - /post/all + Get all posts + Response: 200 - OK +*/ +postRoutes.route('/all').get((req, res) => { + Post.find({}, (err, postArr) => { + if (err) { + console.log(err); + res.status(500).send("Error getting posts"); + return; + } + res.status(200).send(postArr); + }); +}); + +/* + GET - /posts/today + Get the posts for today + Response: 200 - Removed session + 400 - No session exists +*/ +postRoutes.route('/today').get((req, res) => { + let date = new Date(); + date = utils.dateToEpoch(date); + Post.find({ date: date }, (err, postArr) => { + if (err) { + console.log(err); + res.status(500).send("Error getting posts"); + return; + } + res.status(200).send(postArr); + }); +}); + + + +module.exports = postRoutes; diff --git a/user.model.js b/user.model.js index 868e92b..33c5352 100644 --- a/user.model.js +++ b/user.model.js @@ -11,6 +11,9 @@ let User = new Schema({ }, password: { type: String + }, + permission: { + type: Number } }, { collection: 'users' diff --git a/user.route.js b/user.route.js index ab41007..6eb2feb 100644 --- a/user.route.js +++ b/user.route.js @@ -46,6 +46,7 @@ userRoutes.route('/create').post((req, res) => { res.status(409).send("Account already exists"); return; } + u.permission = 0; u.save() .then(() => { res.status(201).send("Success creating user"); @@ -66,6 +67,7 @@ userRoutes.route('/create').post((req, res) => { 401 - Incorrect */ userRoutes.route('/login').post((req, res) => { + console.log(req.body); if (!req.body) { res.status(401).send("Missing body"); return; diff --git a/utils.js b/utils.js index d15abad..736631c 100644 --- a/utils.js +++ b/utils.js @@ -95,6 +95,44 @@ const sendMail = async (user, message, replacements) => { } } + +// checkSession(userId, sessionId) checks if the sessionId is valid for the user +const checkSession = (userId, sessionId, f) => { + Session.find({userId: userId, sessionId: sessionId }, (err, res) => { + if (res) { + f(true); + return; + } + f(false); + }); +} + +// isAdmin(userId) checks if the user with userId is an administrator +const isAdmin = (userId, f) => { + User.findById(userId, (err, res) => { + if(res.permission == 1) { + f(true); + return; + } + f(false); + }) +} + +// dateToEpoch(date) change the time of the date object to epoch +function dateToEpoch(d) { + console.log(d); + if (d) { + // When comparing js dates, the timezone does not matter + // ex. May 17 EDT == May 17 GMT, May 17 EDT != May 18 GMT + return d.setHours(0,0,0,0); + } else { + return null; + } + } + module.exports.purgeSessions = purgeSessions; module.exports.loadDefaultTemplates = loadDefaultTemplates; module.exports.sendMail = sendMail; +module.exports.checkSession = checkSession; +module.exports.isAdmin = isAdmin; +module.exports.dateToEpoch = dateToEpoch;