banana/definma-api
Archived
2
Fork 0
Code Releases Activity

adapted /materials

Browse Source
This commit is contained in:
VLE2FE 2020-05-28 14:11:19 +02:00
parent c4752d12ba
commit 1c2631c6fb
6 changed files with 56 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
api/material.yaml
View File

@ -48,7 +48,7 @@
get: get:
summary: get material details summary: get material details
description: 'Auth: all, levels: read, write, maintain, dev, admin' description: 'Auth: all, levels: read, write, maintain, dev, admin'
x-doc: status handling (accessible (only for maintain/admin))? # TODO after decision x-doc: deleted samples are available only for maintain/admin
tags: tags:
- /material - /material
responses: responses:
@ -67,7 +67,7 @@
put: put:
summary: change material summary: change material
description: 'Auth: basic, levels: write, maintain, dev, admin' description: 'Auth: basic, levels: write, maintain, dev, admin'
x-doc: status is reset to 0 on any changes x-doc: status is reset to 0 on any changes, deleted samples cannot be changed
tags: tags:
- /material - /material
security: security:

1
src/index.ts
View File

@ -14,6 +14,7 @@ import db from './db';
// TODO: coverage // TODO: coverage
// TODO: think about the display of deleted/new samples and validation in data and UI // TODO: think about the display of deleted/new samples and validation in data and UI
// TODO: improve error coverage // TODO: improve error coverage
// TODO: guess properties from material name in UI
// tell if server is running in debug or production environment // tell if server is running in debug or production environment
console.info(process.env.NODE_ENV === 'production' ? '===== PRODUCTION =====' : process.env.NODE_ENV === 'test' ? '' :'===== DEVELOPMENT ====='); console.info(process.env.NODE_ENV === 'production' ? '===== PRODUCTION =====' : process.env.NODE_ENV === 'test' ? '' :'===== DEVELOPMENT =====');

26
src/routes/material.spec.ts
View File

@ -204,6 +204,23 @@ describe('/material', () => {
res: {_id: '100000000000000000000007', name: 'Ultramid A4H', supplier: 'BASF', group: 'PA66', mineral: 0, glass_fiber: 0, carbon_fiber: 0, numbers: [{color: 'black', number: ''}]} res: {_id: '100000000000000000000007', name: 'Ultramid A4H', supplier: 'BASF', group: 'PA66', mineral: 0, glass_fiber: 0, carbon_fiber: 0, numbers: [{color: 'black', number: ''}]}
}); });
}); });
it('returns a deleted material for a maintain/admin user', done => {
TestHelper.request(server, done, {
method: 'get',
url: '/material/100000000000000000000008',
auth: {basic: 'admin'},
httpStatus: 200,
res: {_id: '100000000000000000000008', name: 'Latamid 66 H 2 G 30', supplier: 'LATI', group: 'PA66', mineral: 0, glass_fiber: 30, carbon_fiber: 0, numbers: [{color: 'blue', number: '5513943509'}]}
});
});
it('returns 403 for a write user when requesting a deleted material', done => {
TestHelper.request(server, done, {
method: 'get',
url: '/material/100000000000000000000008',
auth: {basic: 'janedoe'},
httpStatus: 403
});
});
it('rejects an invalid id', done => { it('rejects an invalid id', done => {
TestHelper.request(server, done, { TestHelper.request(server, done, {
method: 'get', method: 'get',
@ -363,6 +380,15 @@ describe('/material', () => {
req: {}, req: {},
}); });
}); });
it('rejects editing a deleted material', done => {
TestHelper.request(server, done, {
method: 'put',
url: '/material/100000000000000000000008',
auth: {basic: 'janedoe'},
httpStatus: 403,
req: {}
});
});
it('rejects an API key', done => { it('rejects an API key', done => {
TestHelper.request(server, done, { TestHelper.request(server, done, {
method: 'put', method: 'put',

15
src/routes/material.ts
View File

@ -34,14 +34,14 @@ router.get('/materials/:group(new|deleted)', (req, res, next) => {
router.get('/material/' + IdValidate.parameter(), (req, res, next) => { router.get('/material/' + IdValidate.parameter(), (req, res, next) => {
if (!req.auth(res, ['read', 'write', 'maintain', 'dev', 'admin'], 'all')) return; if (!req.auth(res, ['read', 'write', 'maintain', 'dev', 'admin'], 'all')) return;
MaterialModel.findById(req.params.id).lean().exec((err, data) => { MaterialModel.findById(req.params.id).lean().exec((err, data: any) => {
if (err) return next(err); if (err) return next(err);
if (data) {
if (!data) {
return res.status(404).json({status: 'Not found'});
}
if (data.status === globals.status.deleted && !req.auth(res, ['maintain', 'admin'], 'all')) return; // deleted materials only available for maintain/admin
res.json(MaterialValidate.output(data)); res.json(MaterialValidate.output(data));
}
else {
res.status(404).json({status: 'Not found'});
}
}); });
}); });
@ -55,6 +55,9 @@ router.put('/material/' + IdValidate.parameter(), (req, res, next) => {
if (!materialData) { if (!materialData) {
return res.status(404).json({status: 'Not found'}); return res.status(404).json({status: 'Not found'});
} }
if (materialData.status === globals.status.deleted) {
return res.status(403).json({status: 'Forbidden'});
}
if (material.hasOwnProperty('name') && material.name !== materialData.name) { if (material.hasOwnProperty('name') && material.name !== materialData.name) {
if (!await nameCheck(material, res, next)) return; if (!await nameCheck(material, res, next)) return;
} }

17
src/test/db.json
View File

@ -268,6 +268,23 @@
], ],
"status": 0, "status": 0,
"__v": 0 "__v": 0
},
{
"_id": {"$oid":"100000000000000000000008"},
"name": "Latamid 66 H 2 G 30",
"supplier": "LATI",
"group": "PA66",
"mineral": 0,
"glass_fiber": 30,
"carbon_fiber": 0,
"numbers": [
{
"color": "blue",
"number": "5513943509"
}
],
"status": -1,
"__v": 0
} }
], ],
"measurements": [ "measurements": [