job offer validator

This commit is contained in:
xfarrow 2024-03-27 09:32:39 +01:00
parent af5ff0ad1b
commit 44bf3a41c6
5 changed files with 89 additions and 5 deletions

View File

@ -15,6 +15,7 @@ const JobOffer = require('../models/job_offer_model');
const jwtUtils = require('../utils/jwt_utils');
const express = require('express');
const Tag = require('../models/tags_model');
const jobOfferValidator = require('../utils/validators/job_offer_validator');
/**
* POST Request
@ -26,6 +27,13 @@ const Tag = require('../models/tags_model');
*/
async function insert(req, res) {
try {
const errors = jobOfferValidator.validationResult(req);
if (!errors.isEmpty()) {
return res.status(400).json({
errors: errors.array()
});
}
const tags = await Tag.findByTags(req.body.tags);
const insertedJobOffer = await JobOffer.insert(
req.jwt.person_id,
@ -64,6 +72,13 @@ async function insert(req, res) {
*/
async function remove(req, res) {
try {
const errors = jobOfferValidator.validationResult(req);
if (!errors.isEmpty()) {
return res.status(400).json({
errors: errors.array()
});
}
const result = await JobOffer.remove(req.jwt.person_id, req.params.jobOfferId);
if (result) {
return res.status(204).send();
@ -88,6 +103,13 @@ async function remove(req, res) {
*/
async function findByOrganizationId(req, res) {
try {
const errors = jobOfferValidator.validationResult(req);
if (!errors.isEmpty()) {
return res.status(400).json({
errors: errors.array()
});
}
const result = await JobOffer.findByOrganizationId(req.params.id);
return res.status(200).send(result);
} catch (error) {
@ -99,9 +121,9 @@ async function findByOrganizationId(req, res) {
}
const routes = express.Router();
routes.get('/:id/joboffers', findByOrganizationId);
routes.post('/:id/joboffers', jwtUtils.extractToken, insert);
routes.delete('/joboffers/:jobOfferId', jwtUtils.extractToken, remove);
routes.post('/:id/joboffers', jobOfferValidator.insertValidator, jwtUtils.extractToken, insert);
routes.delete('/joboffers/:jobOfferId', jobOfferValidator.removeValidator, jwtUtils.extractToken, remove);
routes.get('/:id/joboffers', jobOfferValidator.findByOrganizationIdValidator, findByOrganizationId);
module.exports = {
routes

View File

@ -25,8 +25,7 @@ async function add(req, res) {
if (userExists) {
const secret = crypto.randomBytes(16).toString('hex');
await ResetPassword.add(req.body.email, secret);
const body = `Click on this link: ...${secret} to reset your Blink password. If you did not ask for such a change, simply ignore this e-mail.`;
mailUtils.sendMail(req.body.email, 'Blink Reset Password', body, null);
mailUtils.sendResetPasswordLink(req.body.email, secret);
}
res.status(204).send();
} catch (error) {

View File

@ -22,6 +22,11 @@ function sendConfirmationLink(destinationAddress, code) {
sendMail(destinationAddress, 'Verify your Blink Account', null, getConfirmationLinkHtmlPage(confirmationLink));
}
function sendResetPasswordLink(destinationAddress, secret) {
const message = `A change of your Blink password has been requested. If you requested this, click on this link ${process.env.FRONT_END_URL}/reset-password.html?secret=${secret}. Otherwise you can simply ignore this e-mail`;
sendMail(destinationAddress, 'Blink Password change', message, null);
}
/**
*
* @param {*} destinationAddress Destination Address
@ -60,5 +65,6 @@ function getConfirmationLinkHtmlPage(confirmationLink) {
module.exports = {
sendConfirmationLink,
sendResetPasswordLink,
sendMail
}

View File

@ -0,0 +1,56 @@
/*
This code is part of Blink
licensed under GPLv3
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
IN THE SOFTWARE.
*/
const {
check,
validationResult
} = require("express-validator");
const {
escape
} = require('validator');
const insertValidator = [
check('id').trim().notEmpty().escape(),
check('title').trim().notEmpty().escape(),
check('description').trim().escape(),
check('requirements').trim().escape(),
check('salary').trim().notEmpty().escape().isCurrency(),
check('salary_frequency').trim().notEmpty().escape(),
check('salary_currency').trim().notEmpty().escape(),
check('location').trim().escape(),
check('tags').custom(tags => {
if (!Array.isArray(tags)) {
throw new Error('tags must be an array');
}
return true;
}).customSanitizer(tags => {
if (Array.isArray(tags)) {
return tags.map(element => escape(element));
}
})
];
const removeValidator = [
check('jobOfferId').trim().notEmpty().escape()
]
const findByOrganizationIdValidator = [
check('id').trim().notEmpty().escape()
]
module.exports = {
validationResult,
insertValidator,
removeValidator,
findByOrganizationIdValidator
}

View File

@ -10,6 +10,7 @@ CREATE TABLE IF NOT EXISTS public."JobOffer"
requirements character varying(4096),
salary money NOT NULL,
salary_frequency character varying(64) NOT NULL,
salary_currency character varying(64) NOT NULL,
location character varying(256),
organization_id integer,
CONSTRAINT "JobOffer_pkey" PRIMARY KEY (id),