adapted /materials
This commit is contained in:
parent
c4752d12ba
commit
1c2631c6fb
@ -48,7 +48,7 @@
|
|||||||
get:
|
get:
|
||||||
summary: get material details
|
summary: get material details
|
||||||
description: 'Auth: all, levels: read, write, maintain, dev, admin'
|
description: 'Auth: all, levels: read, write, maintain, dev, admin'
|
||||||
x-doc: status handling (accessible (only for maintain/admin))? # TODO after decision
|
x-doc: deleted samples are available only for maintain/admin
|
||||||
tags:
|
tags:
|
||||||
- /material
|
- /material
|
||||||
responses:
|
responses:
|
||||||
@ -67,7 +67,7 @@
|
|||||||
put:
|
put:
|
||||||
summary: change material
|
summary: change material
|
||||||
description: 'Auth: basic, levels: write, maintain, dev, admin'
|
description: 'Auth: basic, levels: write, maintain, dev, admin'
|
||||||
x-doc: status is reset to 0 on any changes
|
x-doc: status is reset to 0 on any changes, deleted samples cannot be changed
|
||||||
tags:
|
tags:
|
||||||
- /material
|
- /material
|
||||||
security:
|
security:
|
||||||
|
@ -14,6 +14,7 @@ import db from './db';
|
|||||||
// TODO: coverage
|
// TODO: coverage
|
||||||
// TODO: think about the display of deleted/new samples and validation in data and UI
|
// TODO: think about the display of deleted/new samples and validation in data and UI
|
||||||
// TODO: improve error coverage
|
// TODO: improve error coverage
|
||||||
|
// TODO: guess properties from material name in UI
|
||||||
|
|
||||||
// tell if server is running in debug or production environment
|
// tell if server is running in debug or production environment
|
||||||
console.info(process.env.NODE_ENV === 'production' ? '===== PRODUCTION =====' : process.env.NODE_ENV === 'test' ? '' :'===== DEVELOPMENT =====');
|
console.info(process.env.NODE_ENV === 'production' ? '===== PRODUCTION =====' : process.env.NODE_ENV === 'test' ? '' :'===== DEVELOPMENT =====');
|
||||||
|
@ -204,6 +204,23 @@ describe('/material', () => {
|
|||||||
res: {_id: '100000000000000000000007', name: 'Ultramid A4H', supplier: 'BASF', group: 'PA66', mineral: 0, glass_fiber: 0, carbon_fiber: 0, numbers: [{color: 'black', number: ''}]}
|
res: {_id: '100000000000000000000007', name: 'Ultramid A4H', supplier: 'BASF', group: 'PA66', mineral: 0, glass_fiber: 0, carbon_fiber: 0, numbers: [{color: 'black', number: ''}]}
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
it('returns a deleted material for a maintain/admin user', done => {
|
||||||
|
TestHelper.request(server, done, {
|
||||||
|
method: 'get',
|
||||||
|
url: '/material/100000000000000000000008',
|
||||||
|
auth: {basic: 'admin'},
|
||||||
|
httpStatus: 200,
|
||||||
|
res: {_id: '100000000000000000000008', name: 'Latamid 66 H 2 G 30', supplier: 'LATI', group: 'PA66', mineral: 0, glass_fiber: 30, carbon_fiber: 0, numbers: [{color: 'blue', number: '5513943509'}]}
|
||||||
|
});
|
||||||
|
});
|
||||||
|
it('returns 403 for a write user when requesting a deleted material', done => {
|
||||||
|
TestHelper.request(server, done, {
|
||||||
|
method: 'get',
|
||||||
|
url: '/material/100000000000000000000008',
|
||||||
|
auth: {basic: 'janedoe'},
|
||||||
|
httpStatus: 403
|
||||||
|
});
|
||||||
|
});
|
||||||
it('rejects an invalid id', done => {
|
it('rejects an invalid id', done => {
|
||||||
TestHelper.request(server, done, {
|
TestHelper.request(server, done, {
|
||||||
method: 'get',
|
method: 'get',
|
||||||
@ -363,6 +380,15 @@ describe('/material', () => {
|
|||||||
req: {},
|
req: {},
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
it('rejects editing a deleted material', done => {
|
||||||
|
TestHelper.request(server, done, {
|
||||||
|
method: 'put',
|
||||||
|
url: '/material/100000000000000000000008',
|
||||||
|
auth: {basic: 'janedoe'},
|
||||||
|
httpStatus: 403,
|
||||||
|
req: {}
|
||||||
|
});
|
||||||
|
});
|
||||||
it('rejects an API key', done => {
|
it('rejects an API key', done => {
|
||||||
TestHelper.request(server, done, {
|
TestHelper.request(server, done, {
|
||||||
method: 'put',
|
method: 'put',
|
||||||
|
@ -34,14 +34,14 @@ router.get('/materials/:group(new|deleted)', (req, res, next) => {
|
|||||||
router.get('/material/' + IdValidate.parameter(), (req, res, next) => {
|
router.get('/material/' + IdValidate.parameter(), (req, res, next) => {
|
||||||
if (!req.auth(res, ['read', 'write', 'maintain', 'dev', 'admin'], 'all')) return;
|
if (!req.auth(res, ['read', 'write', 'maintain', 'dev', 'admin'], 'all')) return;
|
||||||
|
|
||||||
MaterialModel.findById(req.params.id).lean().exec((err, data) => {
|
MaterialModel.findById(req.params.id).lean().exec((err, data: any) => {
|
||||||
if (err) return next(err);
|
if (err) return next(err);
|
||||||
if (data) {
|
|
||||||
|
if (!data) {
|
||||||
|
return res.status(404).json({status: 'Not found'});
|
||||||
|
}
|
||||||
|
if (data.status === globals.status.deleted && !req.auth(res, ['maintain', 'admin'], 'all')) return; // deleted materials only available for maintain/admin
|
||||||
res.json(MaterialValidate.output(data));
|
res.json(MaterialValidate.output(data));
|
||||||
}
|
|
||||||
else {
|
|
||||||
res.status(404).json({status: 'Not found'});
|
|
||||||
}
|
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
@ -55,6 +55,9 @@ router.put('/material/' + IdValidate.parameter(), (req, res, next) => {
|
|||||||
if (!materialData) {
|
if (!materialData) {
|
||||||
return res.status(404).json({status: 'Not found'});
|
return res.status(404).json({status: 'Not found'});
|
||||||
}
|
}
|
||||||
|
if (materialData.status === globals.status.deleted) {
|
||||||
|
return res.status(403).json({status: 'Forbidden'});
|
||||||
|
}
|
||||||
if (material.hasOwnProperty('name') && material.name !== materialData.name) {
|
if (material.hasOwnProperty('name') && material.name !== materialData.name) {
|
||||||
if (!await nameCheck(material, res, next)) return;
|
if (!await nameCheck(material, res, next)) return;
|
||||||
}
|
}
|
||||||
|
@ -268,6 +268,23 @@
|
|||||||
],
|
],
|
||||||
"status": 0,
|
"status": 0,
|
||||||
"__v": 0
|
"__v": 0
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"_id": {"$oid":"100000000000000000000008"},
|
||||||
|
"name": "Latamid 66 H 2 G 30",
|
||||||
|
"supplier": "LATI",
|
||||||
|
"group": "PA66",
|
||||||
|
"mineral": 0,
|
||||||
|
"glass_fiber": 30,
|
||||||
|
"carbon_fiber": 0,
|
||||||
|
"numbers": [
|
||||||
|
{
|
||||||
|
"color": "blue",
|
||||||
|
"number": "5513943509"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"status": -1,
|
||||||
|
"__v": 0
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"measurements": [
|
"measurements": [
|
||||||
|
Reference in New Issue
Block a user