From 501cd1907eaed779cf5e7de217679300e17e9405 Mon Sep 17 00:00:00 2001 From: VLE2FE Date: Sun, 9 Aug 2020 17:10:47 +0200 Subject: [PATCH] CSP fix --- api/sample.yaml | 2 +- data_import/import.js | 78 ++++++++++++++++++++++++++++++++----------- src/index.ts | 2 +- src/routes/sample.ts | 32 +++++++++--------- 4 files changed, 78 insertions(+), 36 deletions(-) diff --git a/api/sample.yaml b/api/sample.yaml index 193e9de..e39a122 100644 --- a/api/sample.yaml +++ b/api/sample.yaml @@ -57,7 +57,7 @@ example: ['number', 'batch'] - name: filters[] description: "the filters to apply as an array of URIComponent encoded objects in the form {mode: - 'eq/ne/lt/lte/gt/gte/in/nin', field: 'material.m', values: ['15']} using encodeURIComponent(JSON.stringify({}))" + 'eq/ne/lt/lte/gt/gte/in/nin/stringin', field: 'material.m', values: ['15']} using encodeURIComponent(JSON.stringify({}))" in: query schema: type: array diff --git a/data_import/import.js b/data_import/import.js index 565336a..7dfcea3 100644 --- a/data_import/import.js +++ b/data_import/import.js @@ -14,24 +14,24 @@ const stages = { } const docs = [ - "C:\\Users\\vle2fe\\Documents\\Data\\All_200717\\Metadata__AnP2.csv", - "C:\\Users\\vle2fe\\Documents\\Data\\All_200717\\Metadata__AnP2_A.csv", - "C:\\Users\\vle2fe\\Documents\\Data\\All_200717\\Metadata__AnP2_B.csv", - "C:\\Users\\vle2fe\\Documents\\Data\\All_200717\\Metadata_Ap.csv", - "C:\\Users\\vle2fe\\Documents\\Data\\All_200717\\Metadata_Bj.csv", - "C:\\Users\\vle2fe\\Documents\\Data\\All_200717\\Metadata_Eh.csv", - "C:\\Users\\vle2fe\\Documents\\Data\\All_200717\\Metadata_Eh_B.csv", - "C:\\Users\\vle2fe\\Documents\\Data\\All_200717\\Metadata_Eh_Duroplasten.csv", - "C:\\Users\\vle2fe\\Documents\\Data\\All_200717\\Metadata_Rng_aktuell.csv", - "C:\\Users\\vle2fe\\Documents\\Data\\All_200717\\Metadata_Rng_aktuell_A.csv", - "C:\\Users\\vle2fe\\Documents\\Data\\All_200717\\Metadata_Rng_aktuell_B.csv", - "C:\\Users\\vle2fe\\Documents\\Data\\All_200717\\Metadata_WaP.csv", + "C:\\Users\\vle2fe\\Documents\\Data\\All_200807\\Metadata__AnP2.csv", + "C:\\Users\\vle2fe\\Documents\\Data\\All_200807\\Metadata__AnP2_A.csv", + "C:\\Users\\vle2fe\\Documents\\Data\\All_200807\\Metadata__AnP2_B.csv", + "C:\\Users\\vle2fe\\Documents\\Data\\All_200807\\Metadata_Ap.csv", + "C:\\Users\\vle2fe\\Documents\\Data\\All_200807\\Metadata_Bj.csv", + "C:\\Users\\vle2fe\\Documents\\Data\\All_200807\\Metadata_Eh.csv", + "C:\\Users\\vle2fe\\Documents\\Data\\All_200807\\Metadata_Eh_B.csv", + "C:\\Users\\vle2fe\\Documents\\Data\\All_200807\\Metadata_Eh_Duroplasten.csv", + "C:\\Users\\vle2fe\\Documents\\Data\\All_200807\\Metadata_Rng_aktuell.csv", + "C:\\Users\\vle2fe\\Documents\\Data\\All_200807\\Metadata_Rng_aktuell_A.csv", + "C:\\Users\\vle2fe\\Documents\\Data\\All_200807\\Metadata_Rng_aktuell_B.csv", + "C:\\Users\\vle2fe\\Documents\\Data\\All_200807\\Metadata_WaP.csv", ]; const errors = []; -const nmDocs = 'C:\\Users\\vle2fe\\Documents\\Data\\All_200717\\nmDocs'; // NormMaster Documents -const dptFiles = 'C:\\Users\\vle2fe\\Documents\\Data\\All_200717\\DPT'; // Spectrum files -const host = 'http://localhost:3000'; -// const host = 'https://definma-api.apps.de1.bosch-iot-cloud.com'; +const nmDocs = 'C:\\Users\\vle2fe\\Documents\\Data\\All_200807\\nmDocs'; // NormMaster Documents +const dptFiles = 'C:\\Users\\vle2fe\\Documents\\Data\\All_200807\\DPT'; // Spectrum files +// const host = 'http://localhost:3000'; +const host = 'https://definma-api.apps.de1.bosch-iot-cloud.com'; const requiredProperties = ['samplenumber','materialnumber','materialname','supplier','reinforcementmaterial','material','granulate/part','color','charge/batch','comments']; dict = { // dictionary 'Granulat': 'granulate', @@ -202,16 +202,26 @@ async function allDpts() { username: 'admin', password: 'Abc123!#' } + }).catch(err => { + if (err.response) { + console.error(err.response.data); + errors.push(`Could not fetch /template/measurements: ${JSON.stringify(err.response.data)}`); + } }); const measurement_templates = res.data.filter(e => e.name === 'spectrum'); const measurement_template = measurement_templates[measurement_templates.length - 1]._id; res = await axios({ method: 'get', - url: host + '/samples?status=all', + url: host + '/samples?status[]=validated&status[]=new', auth: { username: 'admin', password: 'Abc123!#' } + }).catch(err => { + if (err.response) { + console.error(err.response.data); + errors.push(`Could not fetch /samples?status[]=validated&status[]=new: ${JSON.stringify(err.response.data)}`); + } }); const sampleIds = {}; res.data.forEach(sample => { @@ -340,17 +350,27 @@ async function allMcVn() { username: 'admin', password: 'Abc123!#' } + }).catch(err => { + if (err.response) { + console.error(err.response.data); + errors.push(`Could not fetch /template/measurements: ${JSON.stringify(err.response.data)}`); + } }); const mc_template = res.data.filter(e => e.name === 'moisture content').sort((a, b) => b.version - a.version)[0]._id; const vn_template = res.data.filter(e => e.name === 'vn').sort((a, b) => b.version - a.version)[0]._id; const rmc_template = res.data.filter(e => e.name === 'reinforcement material content').sort((a, b) => b.version - a.version)[0]._id; res = await axios({ method: 'get', - url: host + '/samples?status=all', + url: host + '/samples?status[]=validated&status[]=new', auth: { username: 'admin', password: 'Abc123!#' } + }).catch(err => { + if (err.response) { + console.error(err.response.data); + errors.push(`Could not fetch /samples?status[]=validated&status[]=new: ${JSON.stringify(err.response.data)}`); + } }); const sampleIds = {}; res.data.forEach(sample => { @@ -443,6 +463,11 @@ async function allSamples() { username: 'admin', password: 'Abc123!#' } + }).catch(err => { + if (err.response) { + console.error(err.response.data); + errors.push(`Could not fetch /materials?status=all: ${JSON.stringify(err.response.data)}`); + } }); const dbMaterials = {} res.data.forEach(m => { @@ -451,11 +476,16 @@ async function allSamples() { }) res = await axios({ method: 'get', - url: host + '/samples?status=all', + url: host + '/samples?status[]=validated&status[]=new', auth: { username: 'admin', password: 'Abc123!#' } + }).catch(err => { + if (err.response) { + console.error(err.response.data); + errors.push(`Could not fetch /samples?status[]=validated&status[]=new: ${JSON.stringify(err.response.data)}`); + } }); const sampleColors = {}; res.data.forEach(sample => { @@ -610,6 +640,11 @@ async function allMaterials() { username: 'admin', password: 'Abc123!#' } + }).catch(err => { + if (err.response) { + console.error(err.response.data); + errors.push(`Could not fetch /template/materials: ${JSON.stringify(err.response.data)}`); + } }); const materialTemplate = res.data.filter(e => e.name === 'plastic').sort((a, b) => b.version - a.version)[0]._id; @@ -751,6 +786,11 @@ async function getNormMaster(fetchAgain = false) { const res = await axios({ method: 'get', url: 'http://rb-normen.bosch.com/cgi-bin/searchRBNorm4TradeName' + }).catch(err => { + if (err.response) { + console.error(err.response.data); + errors.push(`Could not fetch http://rb-normen.bosch.com/cgi-bin/searchRBNorm4TradeName: ${JSON.stringify(err.response.data)}`); + } }); console.info('finding documents...'); diff --git a/src/index.ts b/src/index.ts index 5d9eb2b..2f21958 100644 --- a/src/index.ts +++ b/src/index.ts @@ -56,7 +56,7 @@ app.use('/api-doc', helmet.contentSecurityPolicy({ } })); // special CSP header for the intro-presentation -app.use('/static/intro-presentation/index.html', helmet.contentSecurityPolicy({ +app.use('/static/intro-presentation/$|index.html', helmet.contentSecurityPolicy({ ...defaultHeaderConfig, directives: { defaultSrc: [`'none'`], diff --git a/src/routes/sample.ts b/src/routes/sample.ts index 922b576..dc29af9 100644 --- a/src/routes/sample.ts +++ b/src/routes/sample.ts @@ -41,6 +41,8 @@ router.get('/samples', async (req, res, next) => { const sampleKeys = ['_id', 'color', 'number', 'type', 'batch', 'added', 'condition', 'material_id', 'note_id', 'user_id']; + // TODO find further optimizations from bachelor thesis + // evaluate sort parameter from 'color-asc' to ['color', 1] filters.sort = filters.sort.split('-'); filters.sort[0] = filters.sort[0] === 'added' ? '_id' : filters.sort[0]; // route added sorting criteria to _id @@ -193,15 +195,15 @@ router.get('/samples', async (req, res, next) => { {$addFields: {'material.group': { $arrayElemAt: ['$material.group.name', 0]}}} ); } - if (sortFilterKeys.find(e => e === 'material.number')) { // add material number if needed - materialQuery.push( - {$addFields: {'material.number': { $arrayElemAt: [ - '$material.numbers.number', {$indexOfArray: ['$material.numbers.color', '$color']} - ]}}} - ); - } + // if (sortFilterKeys.find(e => e === 'material.number')) { // add material number if needed // TODO: adapt code to new numbers format + // materialQuery.push( + // {$addFields: {'material.number': { $arrayElemAt: [ + // '$material.numbers.number', {$indexOfArray: ['$material.numbers.color', '$color']} + // ]}}} + // ); + // } const specialMFilters = sortFilterKeys.filter(e => /material\./.test(e)) - .filter(e => ['material.supplier', 'material.group', 'material.number'].indexOf(e) >= 0); + .filter(e => ['material.supplier', 'material.group', 'material.number'].indexOf(e) >= 0); // TODO // base material filters addFilterQueries(materialQuery, filters.filters.filter(e => specialMFilters.indexOf(e.field) >= 0)); queryPtr.push(...materialQuery); @@ -304,13 +306,13 @@ router.get('/samples', async (req, res, next) => { {$addFields: {'material.group': { $arrayElemAt: ['$material.group.name', 0]}}} ); } - if (fieldsToAdd.indexOf('material.number') >= 0) { // add material number if needed - queryPtr.push( - {$addFields: {'material.number': { - $arrayElemAt: ['$material.numbers.number', {$indexOfArray: ['$material.numbers.color', '$color']}] - }}} - ); - } + // if (fieldsToAdd.indexOf('material.number') >= 0) { // add material number if needed // TODO + // queryPtr.push( + // {$addFields: {'material.number': { + // $arrayElemAt: ['$material.numbers.number', {$indexOfArray: ['$material.numbers.color', '$color']}] + // }}} + // ); + // } let measurementFieldsFields: string[] = _.uniq( fieldsToAdd.filter(e => /measurements\./.test(e)).map(e => e.split('.')[1])