engineering
/
community-relations
3
0
Fork 0
Code Issues 2 Pull Requests Packages Projects Releases 1 Wiki Activity

Fixes for authentication and support for resolutions

merge-requests/17/head
Hiroyuki 2021-02-22 00:07:57 -04:00
parent 7591ba8f20
commit e67de98eda
No known key found for this signature in database
GPG Key ID: C15AC26538975A24
1 changed files with 331 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

365
src/api/board.ins/routes/root.ts
View File

@ -125,31 +125,185 @@ export default class Root extends Route {
}); });
}); });
this.router.post('/resolution', async (req, res) => {
if (!req.body.pin) {
return res.status(401).json({
code: this.constants.codes.UNAUTHORIZED,
message: this.constants.messages.UNAUTHORIZED,
});
}
const director = await this.server.client.db.Score.findOne({ pin: req.body.pin });
const staffGuild = this.server.client.guilds.get('446067825673633794') || await this.server.client.getRESTGuild('446067825673633794');
if (!director || !staffGuild.members.get(director.userID)?.roles?.includes('662163685439045632')) {
return res.status(401).json({
code: this.constants.codes.UNAUTHORIZED,
message: this.constants.messages.UNAUTHORIZED,
});
}
if (!req.body.subject || !req.body.body) {
return res.status(400).json({
code: this.constants.codes.CLIENT_ERROR,
message: this.constants.messages.CLIENT_ERROR,
});
}
const resolutionID = genUUID();
const staffDiscord = this.server.client.users.get(director.userID) || await this.server.client.getRESTUser(director.userID);
const staffInformation = await this.server.client.db.Staff.findOne({ userID: director.userID });
const embed = new RichEmbed();
embed.setTitle('Resolution');
embed.setAuthor(`${staffDiscord.username}#${staffDiscord.discriminator}, ${staffInformation.pn.join(', ')}`, staffDiscord.avatarURL);
embed.setColor('#29be74');
embed.addField('Subject', req.body.subject);
embed.addField('Body', req.body.body);
embed.setDescription(resolutionID);
embed.setTimestamp(new Date());
const resolution = await this.server.client.db.Resolution.create({
issuedBy: director.userID,
subject: req.body.subject,
body: req.body.body,
at: new Date(),
oID: resolutionID,
processed: false,
});
res.status(200).json({
code: this.constants.codes.SUCCESS,
message: `Created new Resolution with ID ${resolution.oID} by ${staffDiscord.username}#${staffDiscord.discriminator}, ${staffInformation.pn.join(', ')}.`,
});
});
this.router.delete('/eo/:id', async (req, res) => { this.router.delete('/eo/:id', async (req, res) => {
if (!req.params.id) return res.status(400).send(this.constants.messages.CLIENT_ERROR); if (!req.body.pin) {
if (!(await this.server.client.db.ExecutiveOrder.exists({ oID: req.params.id }))) return res.status(404).send(this.constants.messages.NOT_FOUND); return res.status(401).json({
code: this.constants.codes.UNAUTHORIZED,
message: this.constants.messages.UNAUTHORIZED,
});
}
const director = await this.server.client.db.Score.findOne({ pin: req.body.pin });
const staffGuild = this.server.client.guilds.get('446067825673633794') || await this.server.client.getRESTGuild('446067825673633794');
if (!director || !staffGuild.members.get(director.userID)?.roles?.includes('662163685439045632')) {
return res.status(401).json({
code: this.constants.codes.UNAUTHORIZED,
message: this.constants.messages.UNAUTHORIZED,
});
}
if (!req.params.id) {
return res.status(400).json({
code: this.constants.codes.CLIENT_ERROR,
message: this.constants.messages.CLIENT_ERROR,
});
}
if (!(await this.server.client.db.ExecutiveOrder.exists({ oID: req.params.id }))) {
return res.status(404).json({
code: this.constants.codes.NOT_FOUND,
message: this.constants.messages.NOT_FOUND,
});
}
await this.server.client.db.ExecutiveOrder.deleteOne({ oID: req.params.id }); await this.server.client.db.ExecutiveOrder.deleteOne({ oID: req.params.id });
res.status(200).send({ message: `Executive Order with ID ${req.params.id} deleted.` }); res.status(200).json({ message: `Executive Order with ID ${req.params.id} deleted.` });
}); });
this.router.delete('/motion/:id', async (req, res) => { this.router.delete('/motion/:id', async (req, res) => {
if (!req.params.id) return res.status(400).send(this.constants.messages.CLIENT_ERROR); if (!req.body.pin) {
if (!(await this.server.client.db.Motion.exists({ oID: req.params.id }))) return res.status(404).send(this.constants.messages.NOT_FOUND); return res.status(401).json({
code: this.constants.codes.UNAUTHORIZED,
message: this.constants.messages.UNAUTHORIZED,
});
}
const director = await this.server.client.db.Score.findOne({ pin: req.body.pin });
const staffGuild = this.server.client.guilds.get('446067825673633794') || await this.server.client.getRESTGuild('446067825673633794');
if (!director || !staffGuild.members.get(director.userID)?.roles?.includes('662163685439045632')) {
return res.status(401).json({
code: this.constants.codes.UNAUTHORIZED,
message: this.constants.messages.UNAUTHORIZED,
});
}
if (!req.params.id) {
return res.status(400).json({
code: this.constants.codes.CLIENT_ERROR,
message: this.constants.messages.CLIENT_ERROR,
});
}
if (!(await this.server.client.db.Resolution.exists({ oID: req.params.id }))) {
return res.status(404).json({
code: this.constants.codes.NOT_FOUND,
message: this.constants.messages.NOT_FOUND,
});
}
await this.server.client.db.Motion.deleteOne({ oID: req.params.id }); await this.server.client.db.Motion.deleteOne({ oID: req.params.id });
res.status(200).send({ message: `Motion with ID ${req.params.id} deleted.` }); res.status(200).json({ message: `Motion with ID ${req.params.id} deleted.` });
});
this.router.delete('/resolution/:id', async (req, res) => {
if (!req.body.pin) {
return res.status(401).json({
code: this.constants.codes.UNAUTHORIZED,
message: this.constants.messages.UNAUTHORIZED,
});
}
const director = await this.server.client.db.Score.findOne({ pin: req.body.pin });
const staffGuild = this.server.client.guilds.get('446067825673633794') || await this.server.client.getRESTGuild('446067825673633794');
if (!director || !staffGuild.members.get(director.userID)?.roles?.includes('662163685439045632')) {
return res.status(401).json({
code: this.constants.codes.UNAUTHORIZED,
message: this.constants.messages.UNAUTHORIZED,
});
}
if (!req.params.id) {
return res.status(400).json({
code: this.constants.codes.CLIENT_ERROR,
message: this.constants.messages.CLIENT_ERROR,
});
}
if (!(await this.server.client.db.Resolution.exists({ oID: req.params.id }))) {
return res.status(404).json({
code: this.constants.codes.NOT_FOUND,
message: this.constants.messages.NOT_FOUND,
});
}
await this.server.client.db.Resolution.deleteOne({ oID: req.params.id });
res.status(200).json({ message: `Resolution with ID ${req.params.id} deleted.` });
}); });
this.router.get('/eo/:id', async (req, res) => { this.router.get('/eo/:id', async (req, res) => {
if (!req.params.id) return res.status(400).send(this.constants.messages.CLIENT_ERROR); if (!req.params.id) {
if (!(await this.server.client.db.ExecutiveOrder.exists({ oID: req.params.id }))) return res.status(404).send(this.constants.messages.NOT_FOUND); return res.status(400).json({
code: this.constants.codes.CLIENT_ERROR,
message: this.constants.messages.CLIENT_ERROR,
});
}
if (!(await this.server.client.db.ExecutiveOrder.exists({ oID: req.params.id }))) {
return res.status(404).json({
code: this.constants.codes.NOT_FOUND,
message: this.constants.messages.NOT_FOUND,
});
}
const executiveOrder = await this.server.client.db.ExecutiveOrder.findOne({ oID: req.params.id }); const executiveOrder = await this.server.client.db.ExecutiveOrder.findOne({ oID: req.params.id });
res.status(200).send({ res.status(200).json({
issuedBy: executiveOrder.issuedBy, issuedBy: executiveOrder.issuedBy,
id: executiveOrder.oID, id: executiveOrder.oID,
subject: executiveOrder.subject, subject: executiveOrder.subject,
@ -159,12 +313,22 @@ export default class Root extends Route {
}); });
this.router.get('/motion/:id', async (req, res) => { this.router.get('/motion/:id', async (req, res) => {
if (!req.params.id) return res.status(400).send(this.constants.messages.CLIENT_ERROR); if (!req.params.id) {
if (!(await this.server.client.db.Motion.exists({ oID: req.params.id }))) return res.status(404).send(this.constants.messages.NOT_FOUND); return res.status(400).json({
code: this.constants.codes.CLIENT_ERROR,
message: this.constants.messages.CLIENT_ERROR,
});
}
if (!(await this.server.client.db.Motion.exists({ oID: req.params.id }))) {
return res.status(404).json({
code: this.constants.codes.NOT_FOUND,
message: this.constants.messages.NOT_FOUND,
});
}
const motion = await this.server.client.db.Motion.findOne({ oID: req.params.id }); const motion = await this.server.client.db.Motion.findOne({ oID: req.params.id });
res.status(200).send({ res.status(200).json({
issuedBy: motion.issuedBy, issuedBy: motion.issuedBy,
id: motion.oID, id: motion.oID,
subject: motion.subject, subject: motion.subject,
@ -173,10 +337,69 @@ export default class Root extends Route {
}); });
}); });
this.router.get('/resolution/:id', async (req, res) => {
if (!req.params.id) {
return res.status(400).json({
code: this.constants.codes.CLIENT_ERROR,
message: this.constants.messages.CLIENT_ERROR,
});
}
if (!(await this.server.client.db.Resolution.exists({ oID: req.params.id }))) {
return res.status(404).json({
code: this.constants.codes.NOT_FOUND,
message: this.constants.messages.NOT_FOUND,
});
}
const resolution = await this.server.client.db.Resolution.findOne({ oID: req.params.id });
res.status(200).json({
issuedBy: resolution.issuedBy,
id: resolution.oID,
subject: resolution.subject,
body: resolution.body,
at: new Date(resolution.at),
approvedAt: resolution.acceptedAt || null,
voteResults: resolution.voteResults || null,
});
});
this.router.patch('/eo/:id', async (req, res) => { this.router.patch('/eo/:id', async (req, res) => {
if (!req.params.id) return res.status(400).send(this.constants.messages.CLIENT_ERROR); if (!req.body.pin) {
if (!(await this.server.client.db.ExecutiveOrder.exists({ oID: req.params.id }))) return res.status(404).send(this.constants.messages.NOT_FOUND); return res.status(401).json({
if (!req.body.subject && !req.body.body) return res.status(400).send(this.constants.messages.CLIENT_ERROR); code: this.constants.codes.UNAUTHORIZED,
message: this.constants.messages.UNAUTHORIZED,
});
}
const director = await this.server.client.db.Score.findOne({ pin: req.body.pin });
const staffGuild = this.server.client.guilds.get('446067825673633794') || await this.server.client.getRESTGuild('446067825673633794');
if (!director || !staffGuild.members.get(director.userID)?.roles?.includes('662163685439045632')) {
return res.status(401).json({
code: this.constants.codes.UNAUTHORIZED,
message: this.constants.messages.UNAUTHORIZED,
});
}
if (!req.params.id) {
return res.status(400).json({
code: this.constants.codes.CLIENT_ERROR,
message: this.constants.messages.CLIENT_ERROR,
});
}
if (!(await this.server.client.db.ExecutiveOrder.exists({ oID: req.params.id }))) {
return res.status(404).json({
code: this.constants.codes.NOT_FOUND,
message: this.constants.messages.NOT_FOUND,
});
}
if (!req.body.subject && !req.body.body) {
return res.status(400).json({
code: this.constants.codes.CLIENT_ERROR,
message: this.constants.messages.CLIENT_ERROR,
});
}
const executiveOrder = await this.server.client.db.ExecutiveOrder.findOne({ oID: req.params.id }); const executiveOrder = await this.server.client.db.ExecutiveOrder.findOne({ oID: req.params.id });
await executiveOrder.updateOne({ await executiveOrder.updateOne({
@ -184,13 +407,45 @@ export default class Root extends Route {
body: req.body.body || executiveOrder.body, body: req.body.body || executiveOrder.body,
}); });
res.status(200).send({ message: `Updated Executive Order with ID ${executiveOrder.oID}.` }); res.status(200).json({ message: `Updated Executive Order with ID ${executiveOrder.oID}.` });
}); });
this.router.patch('/motion/:id', async (req, res) => { this.router.patch('/motion/:id', async (req, res) => {
if (!req.params.id) return res.status(400).send(this.constants.messages.CLIENT_ERROR); if (!req.body.pin) {
if (!(await this.server.client.db.Motion.exists({ oID: req.params.id }))) return res.status(404).send(this.constants.messages.NOT_FOUND); return res.status(401).json({
if (!req.body.subject && !req.body.body) return res.status(400).send(this.constants.messages.CLIENT_ERROR); code: this.constants.codes.UNAUTHORIZED,
message: this.constants.messages.UNAUTHORIZED,
});
}
const director = await this.server.client.db.Score.findOne({ pin: req.body.pin });
const staffGuild = this.server.client.guilds.get('446067825673633794') || await this.server.client.getRESTGuild('446067825673633794');
if (!director || !staffGuild.members.get(director.userID)?.roles?.includes('662163685439045632')) {
return res.status(401).json({
code: this.constants.codes.UNAUTHORIZED,
message: this.constants.messages.UNAUTHORIZED,
});
}
if (!req.params.id) {
return res.status(400).json({
code: this.constants.codes.CLIENT_ERROR,
message: this.constants.messages.CLIENT_ERROR,
});
}
if (!(await this.server.client.db.Motion.exists({ oID: req.params.id }))) {
return res.status(404).json({
code: this.constants.codes.NOT_FOUND,
message: this.constants.messages.NOT_FOUND,
});
}
if (!req.body.subject && !req.body.body) {
return res.status(400).json({
code: this.constants.codes.CLIENT_ERROR,
message: this.constants.messages.CLIENT_ERROR,
});
}
const motion = await this.server.client.db.Motion.findOne({ oID: req.params.id }); const motion = await this.server.client.db.Motion.findOne({ oID: req.params.id });
await motion.updateOne({ await motion.updateOne({
@ -198,31 +453,73 @@ export default class Root extends Route {
body: req.body.body || motion.body, body: req.body.body || motion.body,
}); });
res.status(200).send({ message: `Updated Motion with ID ${motion.oID}.` }); res.status(200).json({ message: `Updated Motion with ID ${motion.oID}.` });
});
this.router.patch('/resolution/:id', async (req, res) => {
if (!req.body.pin) {
return res.status(401).json({
code: this.constants.codes.UNAUTHORIZED,
message: this.constants.messages.UNAUTHORIZED,
});
}
const director = await this.server.client.db.Score.findOne({ pin: req.body.pin });
const staffGuild = this.server.client.guilds.get('446067825673633794') || await this.server.client.getRESTGuild('446067825673633794');
if (!director || !staffGuild.members.get(director.userID)?.roles?.includes('662163685439045632')) {
return res.status(401).json({
code: this.constants.codes.UNAUTHORIZED,
message: this.constants.messages.UNAUTHORIZED,
});
}
if (!req.params.id) {
return res.status(400).json({
code: this.constants.codes.CLIENT_ERROR,
message: this.constants.messages.CLIENT_ERROR,
});
}
if (!(await this.server.client.db.Motion.exists({ oID: req.params.id }))) {
return res.status(404).json({
code: this.constants.codes.NOT_FOUND,
message: this.constants.messages.NOT_FOUND,
});
}
if (!req.body.subject && !req.body.body) {
return res.status(400).json({
code: this.constants.codes.CLIENT_ERROR,
message: this.constants.messages.CLIENT_ERROR,
});
}
const resolution = await this.server.client.db.Resolution.findOne({ oID: req.params.id });
await resolution.updateOne({
subject: req.body.subject || resolution.subject,
body: req.body.body || resolution.body,
});
res.status(200).json({ message: `Updated Resolution with ID ${resolution.oID}.` });
});
this.router.get('/eo', async (_req, res) => {
const executiveOrders = await this.server.client.db.ExecutiveOrder.find().lean();
res.status(200).json({ executiveOrders });
}); });
this.router.get('/motion', async (_req, res) => { this.router.get('/motion', async (_req, res) => {
const motions = await this.server.client.db.Motion.find().lean(); const motions = await this.server.client.db.Motion.find().lean();
res.status(200).send({ res.status(200).json({ motions });
motions,
});
}); });
this.router.get('/resolution', async (_req, res) => { this.router.get('/resolution', async (_req, res) => {
const resolutions = await this.server.client.db.Resolution.find().lean(); const resolutions = await this.server.client.db.Resolution.find().lean();
res.status(200).send({ res.status(200).json({ resolutions });
resolutions,
});
});
this.router.get('/eo', async (_req, res) => {
const executiveOrders = await this.server.client.db.ExecutiveOrder.find().lean();
res.status(200).send({
executiveOrders,
});
}); });
} }
} }