xfarrow/blink
0
0
Fork 0
mirror of https://github.com/xfarrow/blink synced 2025-02-16 08:00:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

delete org

Browse Source
This commit is contained in:
xfarrow 2023-10-13 12:34:15 +02:00
parent 0593b0fb01
commit 03d2283a3f
2 changed files with 42 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
backend/apis/nodejs/api.js
View File

@ -22,14 +22,15 @@ const port = process.env.API_SERVER_PORT;
app.use(express.json());
// Register a Person
app.post('/blinkapi/register', api_controller.register);
app.post('/blinkapi/register', api_controller.registerPerson);
// Login
app.post('/blinkapi/login', api_controller.login);
// Obtain Person's details
app.get('/blinkapi/person/:id', api_controller.verifyToken, api_controller.person);
app.get('/blinkapi/person/:id', api_controller.verifyToken, api_controller.getPerson);
// Create organization
app.post('/blinkapi/organization', api_controller.verifyToken, api_controller.organization);
app.post('/blinkapi/organization', api_controller.verifyToken, api_controller.createOrganization);
// Delete organization
app.delete('/blinkapi/organization/:id', api_controller.verifyToken, api_controller.deleteOrganization);
// Start the server
app.listen(port, () => {
console.log(`Blink API server is running on port ${port}`);

44
backend/apis/nodejs/api_controller.js
View File

@ -28,7 +28,7 @@ const db = pgp(database_configuration);
// ======== API ENDPOINTS ========
// POST
async function register(req, res){
async function registerPerson(req, res){
const userData = req.body;
@ -107,7 +107,7 @@ async function login(req, res){
}
// GET
async function person(req, res){
async function getPerson(req, res){
try {
const user = await db.oneOrNone('SELECT * FROM "Person" WHERE id = $1 and enabled = $2' , [req.params.id, false]);
@ -125,7 +125,7 @@ async function person(req, res){
}
// POST
async function organization(req, res){
async function createOrganization(req, res){
const organizationData = req.body;
// Ensure that the required fields are present before proceeding
@ -171,11 +171,28 @@ async function organization(req, res){
}
}
// DELETE
async function deleteOrganization(req, res){
const organizationIdToDelete = req.params.id;
try {
if(await isPersonOrganizationAdmin(req.jwt.person_id, organizationIdToDelete)){
await db.none('DELETE FROM "Organization" WHERE id = $1', [organizationIdToDelete]);
return res.status(200).json("Ok");
}
return res.status(403).json("Forbidden");
}
catch (error) {
console.error(error);
return res.status(500);
}
}
// ======== END API ENDPOINTS ========
async function checkUserCredentials(email, password){
try {
const user = await db.oneOrNone('SELECT * FROM "Person" WHERE email = $1 and enabled = $2', [email, false]);
const user = await db.oneOrNone('SELECT * FROM "Person" WHERE email = $1 and enabled = $2', [email, true]);
if(user){
const passwordMatches = await bcrypt.compare(password, user.password);
if (passwordMatches) {
@ -190,6 +207,18 @@ async function checkUserCredentials(email, password){
}
}
async function isPersonOrganizationAdmin(personId, organizationId){
try {
if(await db.oneOrNone('SELECT * FROM "OrganizationAdministrator" WHERE id_person = $1 AND id_organization = $2', [personId, organizationId])){
return true;
}
return false;
}
catch (error) {
return false;
}
}
function generateToken(person_id) {
const payload = {
person_id: person_id
@ -222,9 +251,10 @@ function verifyToken(req, res, next) {
// means making a JavaScript function defined in one
// module available for use in another module.
module.exports = {
register,
registerPerson,
login,
person,
getPerson,
verifyToken,
organization
createOrganization,
deleteOrganization
};