bug(Account status accepts any value):Account status accepts any value

Account is accepting any value as account status [Starts #165635593]
Cavdy · Apr 26, 2019 · 17bc949 · 17bc949
1 parent a2e2945
commit 17bc949
Show file tree

Hide file tree

Showing 12 changed files with 659 additions and 684 deletions.
diff --git a/server/v1/config/account.sql b/server/v1/config/account.sql
diff --git a/server/v1/config/database.js b/server/v1/config/database.js
@@ -36,26 +36,6 @@ const dbConnection = {
       return debug('query')(e.stack);
     }
   },
-
-  /**
-   * Connect to database - For test
-   * @constructor
-   * @param {*} passedQuery - passed in SQL query.
-   */
-  async dbTesting(passedQuery) {
-    try {
-      return (async () => {
-        const client = await pool.connect();
-        try {
-          return await client.query(passedQuery);
-        } finally {
-          client.release();
-        }
-      })();
-    } catch (e) {
-      return debug('query')(e.stack);
-    }
-  },
 };
 
 export default dbConnection;
diff --git a/server/v1/config/transaction.sql b/server/v1/config/transaction.sql
diff --git a/server/v1/config/user.sql b/server/v1/config/user.sql
diff --git a/server/v1/helper/statusHelper.js b/server/v1/helper/statusHelper.js
@@ -22,6 +22,12 @@ const statusHelper = {
         status: 409,
         data: error,
       });
+    } else if (status === 403) { // conflict
+      res.status(403);
+      return res.json({
+        status: 403,
+        data: error,
+      });
     } else if (status === 201) { // created
       res.status(201);
       return res.json({

diff --git a/server/v1/middleware/jwt.js b/server/v1/middleware/jwt.js
@@ -1,62 +1,78 @@
-import jwt from 'jsonwebtoken';
-import dotenv from 'dotenv';
-
-dotenv.config();
-
-const jwtMiddleware = {
-  /**
-   * Check Token
-   * @constructor
-   * @param {*} req - get request.
-   * @param {*} res -get response
-   * @param {*} next - run next
-   */
-  checkToken(req, res, next) {
-    const header = req.headers.authorization;
-    if (typeof header !== 'undefined') {
-      const bearer = header.split(' ');
-      const token = bearer[1];
-      req.token = token;
-      next();
-    } else {
-      // If header is undefined return Forbidden (403)
-      res.sendStatus(403);
-    }
-  },
-
-  /**
-   * Signin Jwt
-   * @constructor
-   * @param {*} req - get request.
-   * @param {*} res -get response
-   * @param {*} next - run next
-   */
-  signinJwt(req, res, next) {
-    jwt.sign(req.body, process.env.JWTSECRETKEY, async (err, token) => {
-      if (err) {
-        return res.sendStatus(403);
-      }
-      req.signintoken = token;
-      return next();
-    });
-  },
-
-  /**
-   * Verify Jwt
-   * @constructor
-   * @param {*} req - get request.
-   * @param {*} res -get response
-   * @param {*} next - run next
-   */
-  verifyJwt(req, res, next) {
-    jwt.verify(req.token, process.env.JWTSECRETKEY, (err, authorizedData) => {
-      if (err) {
-        return res.sendStatus(403);
-      }
-      req.authorizedData = authorizedData;
-      return next();
-    });
-  },
-};
-
-export default jwtMiddleware;
+import jwt from 'jsonwebtoken';
+import dotenv from 'dotenv';
+import statusHelper from '../helper/statusHelper';
+
+dotenv.config();
+
+const jwtMiddleware = {
+  /**
+   * Check Token
+   * @constructor
+   * @param {*} req - get request.
+   * @param {*} res -get response
+   * @param {*} next - run next
+   */
+  checkToken(req, res, next) {
+    const header = req.headers.authorization;
+    if (typeof header !== 'undefined') {
+      const bearer = header.split(' ');
+      const token = bearer[1];
+      req.token = token;
+      next();
+    } else {
+      // If header is undefined return Forbidden (403)
+      return statusHelper
+        .statusHelper(req,
+          res,
+          403,
+          'you are not logged in',
+          '');
+    }
+  },
+
+  /**
+   * Signin Jwt
+   * @constructor
+   * @param {*} req - get request.
+   * @param {*} res -get response
+   * @param {*} next - run next
+   */
+  signinJwt(req, res, next) {
+    jwt.sign(req.body, process.env.JWTSECRETKEY, async (err, token) => {
+      if (err) {
+        return statusHelper
+          .statusHelper(req,
+            res,
+            403,
+            'you are not logged in',
+            '');
+      }
+      req.signintoken = token;
+      return next();
+    });
+  },
+
+  /**
+   * Verify Jwt
+   * @constructor
+   * @param {*} req - get request.
+   * @param {*} res -get response
+   * @param {*} next - run next
+   */
+  verifyJwt(req, res, next) {
+    jwt.verify(req.token, process.env.JWTSECRETKEY, (err, authorizedData) => {
+      if (err) {
+        return statusHelper
+          .statusHelper(req,
+            res,
+            403,
+            'invalid token',
+            '');
+      }
+      req.authorizedData = authorizedData;
+      return next();
+    });
+  },
+};
+
+export default jwtMiddleware;
diff --git a/server/v1/model/Transaction.js b/server/v1/model/Transaction.js
diff --git a/server/v1/model/CreateAccount.js → server/v1/model/accounts.js b/server/v1/model/CreateAccount.js → server/v1/model/accounts.js
diff --git a/server/v1/services/accounts.js b/server/v1/services/accounts.js
@@ -1,5 +1,5 @@
 import dbConnection from '../config/database';
-import AccountModel from '../model/CreateAccount';
+import AccountModel from '../model/accounts';
 
 const CreateAccountService = {
   /**
@@ -175,21 +175,26 @@ const CreateAccountService = {
     const { type, isadmin } = userDetails.rows[0];
 
     if (type === 'staff' || isadmin === true) {
-      const accountDbData = await dbConnection
-        .dbConnect('SELECT accountnumber FROM accounts WHERE accountnumber=$1',
-          [accountNumber]);
-      if (accountDbData.rows.length > 0) {
-        const updateAccount = await dbConnection
-          .dbConnect('UPDATE accounts SET status=$1 WHERE accountnumber=$2',
-            [accountUpdate.status, accountNumber]);
-        if (updateAccount.command === 'UPDATE') {
-          const userDbData = await dbConnection
-            .dbConnect('SELECT accountnumber, status FROM accounts WHERE accountnumber=$1',
-              [accountNumber]);
-          const { accountnumber, status } = userDbData.rows[0];
-          returnStatus = 200;
-          returnSuccess = { accountnumber, status };
+      if (accountUpdate.status === 'active' || accountUpdate.status === 'dormant') {
+        const accountDbData = await dbConnection
+          .dbConnect('SELECT accountnumber FROM accounts WHERE accountnumber=$1',
+            [accountNumber]);
+        if (accountDbData.rows.length > 0) {
+          const updateAccount = await dbConnection
+            .dbConnect('UPDATE accounts SET status=$1 WHERE accountnumber=$2 RETURNING accountnumber, status',
+              [accountUpdate.status, accountNumber]);
+          if (updateAccount.command === 'UPDATE') {
+            const { accountnumber, status } = updateAccount.rows[0];
+            returnStatus = 200;
+            returnSuccess = { accountnumber, status };
+          }
+        } else {
+          returnStatus = 404;
+          returnError = 'account not found';
         }
+      } else {
+        returnStatus = 422;
+        returnError = 'account status can only be active or dormant';
       }
     } else {
       returnStatus = 401;

diff --git a/server/v1/services/transaction.js b/server/v1/services/transaction.js
@@ -1,6 +1,6 @@
 /* eslint-disable no-param-reassign */
 import dbConnection from '../config/database';
-import TransactionModel from '../model/Transaction';
+import TransactionModel from '../model/transaction';
 
 const TransactionService = {