feature(view account by email):

[Starts #165436828]
Cavdy · Apr 18, 2019 · 01d74eb · 01d74eb
1 parent a75962a
commit 01d74eb
Show file tree

Hide file tree

Showing 7 changed files with 152 additions and 142 deletions.
diff --git a/server/v1/controllers/createAccount.js b/server/v1/controllers/createAccount.js
@@ -22,6 +22,17 @@ const CreateAccountController = {
     }).status(201);
   },
 
+  // specific account
+  async specificAccounts(req, res) {
+    const { accountNumber } = req.params;
+    const specificAccounts = await CreateAccountService
+      .specificAccounts(accountNumber);
+    return res.json({
+      status: 'success',
+      data: specificAccounts,
+    }).status(201);
+  },
+
   // get transaction history
   async allAccountTransaction(req, res) {
     const { accountNumber } = req.params;

diff --git a/server/v1/controllers/users.js b/server/v1/controllers/users.js
@@ -1,17 +1,26 @@
 import UserService from '../services/users';
 
 const UsersController = {
-  getAllUsers(req, res) {
-    const allUsers = UserService.getAllUsers(req.authorizedData);
+  async getAllUsers(req, res) {
+    const allUsers = await UserService.getAllUsers(req.authorizedData);
     return res.json({
       status: 'success',
       data: allUsers,
     }).status(201);
   },
 
-  deleteUser(req, res) {
+  async getUsersAccounts(req, res) {
+    const { email } = req.params;
+    const getUsersAccounts = await UserService.getUsersAccounts(email);
+    return res.json({
+      status: 'success',
+      data: getUsersAccounts,
+    }).status(201);
+  },
+
+  async deleteUser(req, res) {
     const { id } = req.params;
-    const deleteUser = UserService.deleteUser(id, req.authorizedData);
+    const deleteUser = await UserService.deleteUser(id, req.authorizedData);
     return res.json({
       status: 'success',
       data: deleteUser,

diff --git a/server/v1/routes/createAccount.js b/server/v1/routes/createAccount.js
@@ -6,6 +6,7 @@ const router = express.Router();
 
 // creating our routes
 router.get('/', jwtMiddleware.verifyJwt, CreateAccountController.allAccounts);
+router.get('/:accountNumber', jwtMiddleware.verifyJwt, CreateAccountController.specificAccounts);
 router.get('/:accountNumber/transactions', jwtMiddleware.verifyJwt, CreateAccountController.allAccountTransaction);
 router.post('/', jwtMiddleware.verifyJwt, CreateAccountController.createAccount);
 router.patch('/:accountNumber', jwtMiddleware.verifyJwt, CreateAccountController.patchAccount);

diff --git a/server/v1/routes/users.js b/server/v1/routes/users.js
@@ -6,6 +6,7 @@ const router = express.Router();
 
 // creating our routes
 router.get('/', jwtMiddleware.verifyJwt, UsersController.getAllUsers);
+router.get('/:email/accounts', jwtMiddleware.verifyJwt, UsersController.getUsersAccounts);
 router.delete('/:id', jwtMiddleware.verifyJwt, UsersController.deleteUser);
 
 export default router;
diff --git a/server/v1/services/createAccount.js b/server/v1/services/createAccount.js
@@ -55,6 +55,15 @@ const CreateAccountService = {
     return 'no account found';
   },
 
+  async specificAccounts(accountNumber) {
+    const userAccount = await dbConnection
+      .dbConnect('SELECT * from accounts WHERE accountnumber=$1', [accountNumber]);
+    if (userAccount.rows.length > 0) {
+      return userAccount.rows[0];
+    }
+    return 'no transaction found';
+  },
+
   async allAccountTransaction(accountNumber) {
     const userTransaction = await dbConnection
       .dbConnect('SELECT * from transactions WHERE accountnumber=$1', [accountNumber]);

diff --git a/server/v1/services/users.js b/server/v1/services/users.js
@@ -1,34 +1,49 @@
-import dummyUsers from '../../dummyJson/users';
-
-const { users } = dummyUsers;
+import dbConnection from '../config/database';
 
 const UsersServices = {
-  getAllUsers(staff) {
-    if (staff.loggedUser.type === 'staff' || staff.loggedUser.isAdmin === true) {
-      return users.map((user) => {
-        return user;
-      });
+  async getAllUsers(staff) {
+    // check the users table
+    const userDetails = await dbConnection
+      .dbConnect('SELECT id, type, isadmin FROM users WHERE email=$1', [staff.email]);
+    const { type, isadmin } = userDetails.rows[0];
+
+    if (type === 'staff' || isadmin === true) {
+      const allAccounts = await dbConnection
+        .dbConnect('SELECT * from users');
+      return allAccounts.rows;
     }
     return 'You don\'t have permission to view this page';
   },
 
-  deleteUser(id, staff) {
-    let deleteMsg;
-    if (staff.loggedUser.type === 'staff') {
-      const User = users.find(user => user.id == id && user.type != 'staff');
-      if (typeof User === 'undefined') {
-        deleteMsg = 'Sorry you can not delete a staff';
+  async getUsersAccounts(email) {
+    const allAccounts = await dbConnection
+      .dbConnect('SELECT email from users WHERE email=$1', [email]);
+    if (allAccounts.rows.length > 0) {
+      const accountDbData = await dbConnection
+        .dbConnect('SELECT * from accounts WHERE email=$1', [email]);
+      return accountDbData.rows;
+    }
+    return 'no account found';
+  },
+
+  async deleteUser(id, staff) {
+    // check the users table
+    const userDetails = await dbConnection
+      .dbConnect('SELECT id, type, isadmin FROM users WHERE email=$1', [staff.email]);
+    const { type, isadmin } = userDetails.rows[0];
+
+    if (type === 'staff' || isadmin === true) {
+      const checkusers = await dbConnection
+        .dbConnect('SELECT id FROM users WHERE id=$1', [id]);
+      if (checkusers.rows.length > 0) {
+        const accountDbData = await dbConnection
+          .dbConnect('DELETE FROM users WHERE id=$1', [id]);
+        if (accountDbData.command === 'DELETE') return 'Account successfully deleted';
       } else {
-        users.splice(User.id - 1, 1);
-        deleteMsg = 'deleted';
+        return 'no account found';
       }
-    } else if (staff.loggedUser.isAdmin === true) {
-      const User = users.find(user => user.id == id);
-      users.splice(User.id - 1, 1);
-    } else {
-      deleteMsg = 'You don\'t have permission to do this task';
     }
-    return deleteMsg;
+    return 'You don\'t have permission to view this page';
   },
 };
 

diff --git a/server/v1/test/users.js b/server/v1/test/users.js
@@ -1,121 +1,85 @@
-// /* eslint-disable no-undef */
-// import chaiHttp from 'chai-http';
-// import chai, { expect } from 'chai';
+/* eslint-disable no-undef */
+import chaiHttp from 'chai-http';
+import chai, { expect } from 'chai';
+import dbConnection from '../config/database';
 
-// import app from '../app';
+import app from '../app';
 
-// chai.use(chaiHttp);
+chai.use(chaiHttp);
 
-// describe('Testing All Users Controller', () => {
-//   describe('Testing all accounts controller', () => {
-//     it(
-//       'users should have all required details',
-//       (done) => {
-//         const signinUrl = '/api/auth/signin';
-//         chai.request(app)
-//           .post(signinUrl)
-//           .send({
-//             email: 'banka3@banka.com',
-//             password: 'passworD3@',
-//           })
-//           .end((error, response) => {
-//             const { token } = response.body.data;
-//             chai.request(app)
-//               .get('/api/v1/users')
-//               .set('Authorization', `Bearer ${token}`)
-//               .send()
-//               .end((err, res) => {
-//                 expect(res.body).to.be.an('object');
-//                 expect(res.body.status).to.equal('success');
-//                 expect(res.body.data[0]).to.have.property('id');
-//                 expect(res.body.data[0]).to.have.property('firstName');
-//                 expect(res.body.data[0]).to.have.property('lastName');
-//                 expect(res.body.data[0]).to.have.property('email');
-//                 expect(res.body.data[0]).to.have.property('password');
-//                 expect(res.body.data[0]).to.have.property('type');
-//                 expect(res.body.data[0]).to.have.property('isAdmin');
-//               });
-//             done();
-//           });
-//       },
-//     );
+describe('Testing All Users Controller', () => {
+  before(async () => {
+    await dbConnection
+      .dbConnect('INSERT into users(email, firstName, lastName, password, type, isAdmin) values($1, $2, $3, $4, $5, $6)', ['staff@banka.com', 'cavdy', 'ikenna', '$2a$10$CmmIst1.D3QjaWuafKbBaOuAFu0r9o7xxQY.0SMKiAN.h9z52a2y2', 'staff', false]);
+  });
+  describe('Testing all accounts controller', () => {
+    it(
+      'users should have all required details',
+      async () => {
+        const signinUrl = '/api/auth/signin';
+        const response = await chai.request(app)
+          .post(signinUrl)
+          .send({
+            email: 'admin@banka.com',
+            password: 'passworD4@',
+          });
+        const { token } = response.body.data[0];
+        const res = await chai.request(app)
+          .get('/api/v1/users')
+          .set('Authorization', `Bearer ${token}`)
+          .send();
+        expect(res.body).to.be.an('object');
+        expect(res.body.status).to.equal('success');
+        expect(res.body.data[0]).to.have.property('id');
+        expect(res.body.data[0]).to.have.property('firstname');
+        expect(res.body.data[0]).to.have.property('lastname');
+        expect(res.body.data[0]).to.have.property('email');
+        expect(res.body.data[0]).to.have.property('password');
+        expect(res.body.data[0]).to.have.property('type');
+        expect(res.body.data[0]).to.have.property('isadmin');
+      },
+    );
 
-//     it(
-//       'only staffs and admin can view all users',
-//       (done) => {
-//         const signinUrl = '/api/auth/signin';
-//         chai.request(app)
-//           .post(signinUrl)
-//           .send({
-//             email: 'banka@banka.com',
-//             password: 'passworD1@',
-//           })
-//           .end((error, response) => {
-//             const { token } = response.body.data;
-//             chai.request(app)
-//               .get('/api/v1/users')
-//               .set('Authorization', `Bearer ${token}`)
-//               .send()
-//               .end((err, res) => {
-//                 expect(res.body).to.be.an('object');
-//                 expect(res.body.status).to.equal('success');
-//                 expect(res.body.data).to.equal('You don\'t have permission to view this page');
-//               });
-//             done();
-//           });
-//       },
-//     );
+    it(
+      'should not see all users if not admin or staff',
+      async () => {
+        const signinUrl = '/api/auth/signin';
+        const response = await chai.request(app)
+          .post(signinUrl)
+          .send({
+            email: 'banka872@banka4.com',
+            password: 'passworD4@',
+          });
+        const { token } = response.body.data[0];
+        const res = await chai.request(app)
+          .get('/api/v1/users')
+          .set('Authorization', `Bearer ${token}`)
+          .send();
+        expect(res.body).to.be.an('object');
+        expect(res.body.status).to.equal('success');
+        expect(res.body.data).to.equal('You don\'t have permission to view this page');
+      },
+    );
 
-//     it(
-//       'only staffs and admin can delete users',
-//       (done) => {
-//         const signinUrl = '/api/auth/signin';
-//         chai.request(app)
-//           .post(signinUrl)
-//           .send({
-//             email: 'banka@banka.com',
-//             password: 'passworD1@',
-//           })
-//           .end((error, response) => {
-//             const { token } = response.body.data;
-//             chai.request(app)
-//               .delete('/api/v1/users/1')
-//               .set('Authorization', `Bearer ${token}`)
-//               .send()
-//               .end((err, res) => {
-//                 expect(res.body).to.be.an('object');
-//                 expect(res.body.status).to.equal('success');
-//                 expect(res.body.data).to.equal('You don\'t have permission to do this task');
-//               });
-//             done();
-//           });
-//       },
-//     );
-
-//     it(
-//       'only admin can delete staffs',
-//       (done) => {
-//         const signinUrl = '/api/auth/signin';
-//         chai.request(app)
-//           .post(signinUrl)
-//           .send({
-//             email: 'banka2@banka.com',
-//             password: 'passworD2@',
-//           })
-//           .end((error, response) => {
-//             const { token } = response.body.data;
-//             chai.request(app)
-//               .delete('/api/v1/users/2')
-//               .set('Authorization', `Bearer ${token}`)
-//               .send()
-//               .end((err, res) => {
-//                 expect(res.body).to.be.an('object');
-//                 expect(res.body.status).to.equal('success');
-//                 expect(res.body.data).to.equal('Sorry you can not delete a staff');
-//               });
-//             done();
-//           });
-//       },
-//     );
-//   });
-// });
+    it(
+      'only staffs and admin can delete users',
+      async () => {
+        const signinUrl = '/api/auth/signin';
+        const response = await chai.request(app)
+          .post(signinUrl)
+          .send({
+            email: 'banka872@banka4.com',
+            password: 'passworD4@',
+          });
+        const { id, token } = response.body.data[0];
+        const res = await chai.request(app)
+          .delete(`/api/v1/users/${id}`)
+          .set('Authorization', `Bearer ${token}`)
+          .send();
+        expect(res.body).to.be.an('object');
+        expect(res.body.status).to.equal('success');
+        expect(res.body.data).to.equal('You don\'t have permission to view this page');
+      },
+    );
+  });
+});