Document Management System is a react redux application based on RESTful API for users to create and manage documents giving different privileges based on user roles and managing authentication using JWT.
This application was developed using the following frameworks.
Users are authenticated and validated us JWT web token. Generating tokens on signup and login ensures documents and API endpoints are protected.
- Create an account
- Login with your credentials
- Create new document with specifying document title, content and document access
- Edit Documents
- Delete documents
- View public documents created by other users.
- View documents created by his access group with access level set as
role. - Search a users public documents.
- View
publicandroleaccess level documents of other regular users. - Logout
- In addition to the general user functions, an admin user can:
- View all users.
- View all created documents except documents with access set to private.
- Delete any user.
- Update any user's record.
- Create a new role.
- View all created roles.
- Search for any user.
- Ensure that you have NodeJs and Postgres installed on your machine
- Clone the repository
$ git clone https://github.com/andela-osubair/doc-management.git - Change into the directory
$ cd doc-management - Install all required dependencies with
$ npm install - Create a
.envfile in your root directory as described in.env.samplefile
- Run DB Migrate command with
sequelize db:migrate - Seed you DB by running this command
npm run db:seed, this seeds Admin Role and Regular Role. - Run
npm run start:devto start the application on development environment
- Run DB migrate command with
npm run db:migrate:test. - Run Test
npm test - You can undo your migrations by running this command
npm run db:migrate:test:undo.
I strongly suggest using separate DB for testing and development
The API has routes, each dedicated to a single task that uses HTTP response codes to indicate API status and errors.
The following features make up the Document Management System API:
-
It uses JSON Web Token (JWT) for authentication.
-
It generates a token on successful login or account creation and returns it to the consumer.
-
It verifies the token to ensures a user is authenticated to access protected endpoints.
-
It allows users to be created.
-
It allows users to login and obtain a token
-
It allows authenticated users to retrieve and update their information.
-
It allows the admin to manage users.
- It ensures roles can be created, retrieved, updated and deleted by an admin user.
- A non-admin user cannot create, retrieve, modify, or delete roles.
- it allows for assignment of roles to users
-
It allows new documents to be created by authenticated users.
-
It ensures all documents are accessible based on the permission specified.
-
It allows admin users to create, retrieve, modify, and delete documents.
-
It ensures users can delete, edit and update documents that they own.
-
It allows users to retrieve all documents they own as well as public documents.
-
It allows users to search public documents for a specified search term.
-
It allows admin to retrieve all documents that matches search term.
-
It allows admin to search users based on a specified search term
| EndPoint | Functionality |
|---|---|
| POST /users/login | Logs a user in. |
| POST /users/logout | Logs a user out. |
| POST /users/ | Creates a new user. |
| GET /users/ | Find matching instances of user. |
| GET /users/ | Find user. |
| PUT /users/ | Update user attributes. |
| DELETE /users/ | Delete user. |
| GET /users/?limit={interger}&offset={interger} | Pagination for users |
| POST /documents/ | Creates a new document instance. |
| GET /documents/ | Find matching instances of document. |
| GET /documents/ | Find document. |
| GET /documents/?limit={interger}&offset={interger} | Pagination for documents |
| PUT /documents/ | Update document attributes. |
| DELETE /documents/ | Delete document. |
| GET /users//documents | Find all documents belonging to the user. |
| GET /search/users/?q={username} | Gets all users with username contain the search term |
| GET /search/documents/?q={doctitle} | Get all documents with title containing the search query |
| GET /users/:id/alldocuments | Get all document owned or accessible by userId |
| GET /api/users/:identifier | Find user with email or username containing the identifier parameter |
POST /roles- Requires: Admin Authentication
- HTTP Status:
201: created - JSON data
{
"id": "1",
"title": "normal",
"createdAT": "2017-04-04T14:22:46.984z",
"updatedAT": "2017-04-04T14:22:46.984z"
}GET /roles- Requires: Admin Authentication
- HTTP Status:
200: OK - JSON data
{
"id": "1",
"title": "normal user",
"createdAT": "2017-04-04T14:22:46.984z",
"updatedAT": "2017-04-04T16:22:46.984z"
}POST /users- HTTP Status:
201: created - JSON data
{
"id": "1",
"name": "Loral Denzel",
"username": "lorri",
"email": "denzel.lorri@email.com",
"password": "password",
"roleId": "2",
"createdAT": "2017-04-04T14:22:46.984z",
"updatedAT": "2017-04-04T16:22:46.984z"
}POST /users/login- HTTP status:
200: OK - JSON Data
{
"message": "User authenticated successfully"
}GET /users- Requires: Admin Authentication
- HTTP status:
200: OK - JSON Data
{
"id": "1",
"name": "Loral Denzel",
"username": "lorri",
"email": "denzel.lorri@email.com",
"password": "password",
"roleId": "2",
"createdAT": "2017-04-04T14:22:46.984z",
"updatedAT": "2017-04-04T16:22:46.984z"
}POST /documents- HTTP Status:
201: created - JSON data
{
"id": "1",
"title": "My First Online Diary",
"docContent": "This is my first diary created on this application",
"viewAccess": "private",
"role": "1",
"userId": "1",
"createdAT": "2017-04-05T14:22:46.984z",
"updatedAT": "2017-04-05T14:22:46.984z"
}GET /documents/1- HTTP Status:
200: 0k - JSON data
{
"id": "1",
"title": "My First Online Diary",
"docContent": "This is my first diary created on this application",
"viewAccess": "private",
"role": "1",
"userId": "1",
"createdAT": "2017-04-05T14:22:46.984z",
"updatedAT": "2017-04-05T14:22:46.984z"
}- Postgresql and
- Node.js >= v6.8.0.
- Clone this repository from a terminal
git clone https://github.com/andela-osubair/doc-management.git. - Move into the project directory
cd doc-management - Install project dependencies
npm install - Create Postgresql database and run migrations
npm run db:migrations. - Start the express server
npm run start:dev. - Run test
npm test. - Branch out of master
git checkout -b [new-branch-name] - Make changes and commit your changes
- Git push and make a pull request to my repo
Currently, we can't say our API can handle larger requests, this may be a problem when our user base grows to over million.