Merge pull request #4 from Billmike/feature/implement-id-validation

Ft:implement id validation
Billmike · Apr 10, 2018 · 396e90d · 396e90d
2 parents a9429db + 4172857
commit 396e90d
Show file tree

Hide file tree

Showing 17 changed files with 4,745 additions and 1,804 deletions.
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -13,6 +13,7 @@
     "body-parser": "^1.18.2",
     "dotenv": "^5.0.1",
     "express": "^4.16.3",
+    "jest": "^22.4.3",
     "jsonwebtoken": "^8.2.1",
     "lodash": "^4.17.5",
     "morgan": "^1.9.0",
@@ -34,7 +35,7 @@
   "scripts": {
     "start": "nodemon --exec babel-node ./server/bin/www.js",
     "seed-test-db": "sequelize db:seed:all --env test",
-    "test": "npm run drop-test-db && npm run seed-test-db && cross-env NODE_ENV=test mocha --compilers js:babel-core/register server/tests/user.test.js --timeout 50000 --exit",
+    "test": "npm run drop-test-db && npm run seed-test-db && cross-env NODE_ENV=test mocha --compilers js:babel-core/register server/tests/index.js --timeout 50000 --exit",
     "drop-test-db": "sequelize db:migrate:undo:all --env test && sequelize db:migrate --env test"
   },
   "keywords": [],

diff --git a/server/controllers/center.js b/server/controllers/center.js
@@ -0,0 +1,50 @@
+import db from '../models';
+import serverError from '../errorHandler/serverError';
+import validateInput from '../validators/validateAddCenter';
+
+const { Center } = db;
+
+class CenterController {
+  static createCenter(request, response) {
+
+    const { errors, isValid } = validateInput(request.body);
+
+    if (!isValid) {
+      return response.status(400).json(errors);
+    }
+
+    const {
+      name, state, location,
+      description, image, capacity, equipments, availability, price
+    } = request.body;
+
+    if (request.userDetails.username !== 'adminuser') {
+      return response.status(401).json({
+        message: 'You need admin priviledges to access this resource'
+      });
+    }
+    return Center.create({
+      name,
+      state,
+      image,
+      description,
+      location,
+      capacity,
+      equipments,
+      availability,
+      price,
+      owner: request.userDetails.id
+    }).then((center) => {
+      return response.status(201).json({
+        message: 'Center created successfully.',
+        centerDetails: center
+      });
+    }).catch((error) => {
+      return response.status(500).json({
+        message: error.message
+      });
+    });
+  }
+}
+
+export default CenterController;
diff --git a/server/controllers/user.js b/server/controllers/user.js
@@ -61,7 +61,7 @@ class Users {
       });
   }
 
-  static userSignin (request, response) {
+  static userSignin(request, response) {
     const { errors, isValid } = validateSignin(request.body);
     if (!isValid) {
       return response.status(400).json(errors);

diff --git a/server/errorHandler/serverError.js b/server/errorHandler/serverError.js
@@ -0,0 +1,3 @@
+const serverError = 'Something went wrong! We are currently working on resolving this issue.';
+
+export default serverError;
diff --git a/server/middleware/SessionControl.js b/server/middleware/SessionControl.js
@@ -0,0 +1,50 @@
+import jwt from 'jsonwebtoken';
+import db from '../models';
+import serverError from '../errorHandler/serverError';
+
+const { User } = db;
+
+class SessionControl {
+  static isAdmin(request, response, next) {
+
+  }
+  static isLoggedIn(request, response, next) {
+    request.token = request.headers['x-access-token']
+    || request.query.token || request.headers.token;
+    if (!request.token) {
+      return response.status(401).json({
+        message: 'Please sign into your account to access this resource.'
+      });
+    }
+    next();
+  }
+
+  static isUser(request, response, next) {
+    let verifyToken;
+    request.userDetails = {};
+    try {
+      verifyToken = jwt.verify(request.token, process.env.SECRET);
+    } catch (error) {
+      response.status(400).json({
+        message: 'Unable to verify user.'
+      });
+    }
+    User.findById(verifyToken.id)
+      .then((user) => {
+        if (!user) {
+          response.status(400).json({
+            message: 'Unable to verify user.'
+          });
+          return next();
+        }
+        request.userDetails = verifyToken;
+        return next();
+      }).catch(() => {
+        return response.status(500).json({
+          message: serverError
+        });
+      });
+  }
+}
+
+export default SessionControl;
diff --git a/server/migrations/20180408214725-create-event.js b/server/migrations/20180408214725-create-event.js
@@ -12,6 +12,10 @@ module.exports = {
         allowNull: false,
         type: Sequelize.STRING
       },
+      image: {
+        defaultValue: 'https://pieceloveandchocolate.com/product/plc-dairy-freevegan-chocoholics-delight-gift-basket',
+        type: Sequelize.TEXT
+      },
       date: {
         allowNull: false,
         type: Sequelize.DATE
@@ -37,16 +41,6 @@ module.exports = {
           key: 'id',
           as: 'organizer'
         }
-      },
-      venue: {
-        type: Sequelize.INTEGER,
-        allowNull: false,
-        onDelete: 'cascade',
-        references: {
-          model: 'Centers',
-          key: 'id',
-          as: 'venue'
-        }
       }
     });
   },

diff --git a/server/models/center.js b/server/models/center.js
@@ -38,7 +38,7 @@ module.exports = (sequelize, DataTypes) => {
       type: DataTypes.INTEGER
     }
   });
-  Center.associate = models => {
+  Center.associate = (models) => {
     Center.belongsTo(models.User, {
       foreignKey: 'owner'
     });

diff --git a/server/models/event.js b/server/models/event.js
@@ -4,16 +4,24 @@ module.exports = (sequelize, DataTypes) => {
       allowNull: false,
       type: DataTypes.TEXT
     },
+    image: {
+      defaultValue: 'https://pieceloveandchocolate.com/product/plc-dairy-freevegan-chocoholics-delight-gift-basket',
+      type: DataTypes.TEXT
+    },
     date: {
       allowNull: false,
       type: DataTypes.DATE
     },
     duration: {
       allowNull: false,
       type: DataTypes.INTEGER
+    },
+    venue: {
+      allowNull: false,
+      type: DataTypes.STRING
     }
   });
-  Event.associate = models => {
+  Event.associate = (models) => {
     Event.belongsTo(models.Center, {
       foreignKey: 'venue',
       onDelete: 'CASCADE'

diff --git a/server/models/user.js b/server/models/user.js
@@ -18,7 +18,7 @@ module.exports = (sequelize, DataTypes) => {
       type: DataTypes.STRING
     }
   });
-  User.associate = models => {
+  User.associate = (models) => {
     User.hasMany(models.Center, {
       foreignKey: 'owner',
       as: 'centers'

diff --git a/server/routes/index.js b/server/routes/index.js
@@ -1,4 +1,6 @@
 import userController from '../controllers/user';
+import centerController from '../controllers/center';
+import sessionControl from '../middleware/SessionControl';
 
 module.exports = (app) => {
   app.get('/api', (request, response) =>
@@ -8,4 +10,5 @@ module.exports = (app) => {
 
   app.post('/api/v1/users/signup', userController.userSignup);
   app.post('/api/v1/users/signin', userController.userSignin);
+  app.post('/api/v1/centers', sessionControl.isLoggedIn, sessionControl.isUser, centerController.createCenter);
 };
diff --git a/server/seeders/20180409073557-user-seed.js b/server/seeders/20180409073557-user-seed.js
@@ -3,6 +3,13 @@
 module.exports = {
   up: (queryInterface, Sequelize) => {
     return queryInterface.bulkInsert('Users', [
+      {
+        username: 'adminuser',
+        email: 'admin@localhost.com',
+        password: 'qwertyuiop',
+        createdAt: '2018-03-05 12:01:18.936+01',
+        updatedAt: '2018-03-05 12:01:18.936+01'
+      },
       {
         username: 'piedpiper',
         email: 'qwertyuiop@gmail.com',