From aef275322955774e0c34c69ce3c4e7722aadcb9e Mon Sep 17 00:00:00 2001 From: VLE2FE Date: Tue, 26 May 2020 09:07:01 +0200 Subject: [PATCH] added TODOs, improved password validation --- src/api.ts | 2 +- src/index.ts | 23 ++++++++++++++--------- src/routes/condition.spec.ts | 4 ++++ src/routes/material.spec.ts | 2 ++ src/routes/measurement.spec.ts | 3 +++ src/routes/sample.spec.ts | 3 +++ src/routes/template.spec.ts | 1 + src/routes/user.spec.ts | 1 + src/routes/validate/user.ts | 2 +- 9 files changed, 30 insertions(+), 11 deletions(-) diff --git a/src/api.ts b/src/api.ts index 625e738..59ce0b3 100644 --- a/src/api.ts +++ b/src/api.ts @@ -4,7 +4,7 @@ import oasParser from '@apidevtools/swagger-parser'; // modifies the normal swagger-ui-express package -// usage: app.use('/api', api.serve(), api.setup()); +// usage: app.use('/api-doc', api.serve(), api.setup()); // the paths property can be split using allOf // further route documentation can be included in the x-doc property diff --git a/src/index.ts b/src/index.ts index 362f5cb..4ce0581 100644 --- a/src/index.ts +++ b/src/index.ts @@ -5,7 +5,12 @@ import mongoSanitize from 'mongo-sanitize'; import api from './api'; import db from './db'; - +// TODO: changelog +// TODO: check executing index.js/move everything needed into dist +// TODO: One condition per sample +// TODO: validation: VZ, Humidity: min/max value, DPT: filename +// TODO: condition values not needed on initial add +// TODO: add multiple samples at once // tell if server is running in debug or production environment console.info(process.env.NODE_ENV === 'production' ? '===== PRODUCTION =====' : process.env.NODE_ENV === 'test' ? '' :'===== DEVELOPMENT ====='); @@ -44,19 +49,19 @@ app.use((req, res, next) => { // no database connection error app.use(require('./helpers/authorize')); // handle authentication // require routes -app.use('/', require('./routes/root')); -app.use('/', require('./routes/sample')); -app.use('/', require('./routes/material')); -app.use('/', require('./routes/template')); -app.use('/', require('./routes/user')); -app.use('/', require('./routes/condition')); -app.use('/', require('./routes/measurement')); +app.use('/api', require('./routes/root')); +app.use('/api', require('./routes/sample')); +app.use('/api', require('./routes/material')); +app.use('/api', require('./routes/template')); +app.use('/api', require('./routes/user')); +app.use('/api', require('./routes/condition')); +app.use('/api', require('./routes/measurement')); // static files app.use('/static', express.static('static')); // Swagger UI -app.use('/api', api.serve(), api.setup()); +app.use('/api-doc', api.serve(), api.setup()); app.use((req, res) => { // 404 error handling res.status(404).json({status: 'Not found'}); diff --git a/src/routes/condition.spec.ts b/src/routes/condition.spec.ts index ef01c89..90c7c43 100644 --- a/src/routes/condition.spec.ts +++ b/src/routes/condition.spec.ts @@ -2,6 +2,10 @@ import should from 'should/as-function'; import ConditionModel from '../models/condition'; import TestHelper from "../test/helper"; +// TODO: adding conditions allowed only for m/a +// TODO: deleted data only visible for m/a +// TODO: restore deleted +// TODO: remove number_prefix describe('/condition', () => { let server; diff --git a/src/routes/material.spec.ts b/src/routes/material.spec.ts index df58310..21a278b 100644 --- a/src/routes/material.spec.ts +++ b/src/routes/material.spec.ts @@ -3,6 +3,8 @@ import _ from 'lodash'; import MaterialModel from '../models/material'; import TestHelper from "../test/helper"; +// TODO: color name must be unique to get color number +// TODO: separate supplier/ material name into own collections describe('/material', () => { let server; diff --git a/src/routes/measurement.spec.ts b/src/routes/measurement.spec.ts index 7a604d2..7fe4b7f 100644 --- a/src/routes/measurement.spec.ts +++ b/src/routes/measurement.spec.ts @@ -2,6 +2,9 @@ import should from 'should/as-function'; import MeasurementModel from '../models/measurement'; import TestHelper from "../test/helper"; +// TODO: allow empty values + + describe('/measurement', () => { let server; before(done => TestHelper.before(done)); diff --git a/src/routes/sample.spec.ts b/src/routes/sample.spec.ts index e1a93d8..df1ad05 100644 --- a/src/routes/sample.spec.ts +++ b/src/routes/sample.spec.ts @@ -4,6 +4,9 @@ import NoteModel from '../models/note'; import NoteFieldModel from '../models/note_field'; import TestHelper from "../test/helper"; +// TODO: generate output for ML in format DPT -> data, implement filtering, field selection +// TODO: write script for data import +// TODO: delete everything (measurements, condition) with sample describe('/sample', () => { let server; diff --git a/src/routes/template.spec.ts b/src/routes/template.spec.ts index b1a3450..878b778 100644 --- a/src/routes/template.spec.ts +++ b/src/routes/template.spec.ts @@ -4,6 +4,7 @@ import TemplateTreatmentModel from '../models/treatment_template'; import TemplateMeasurementModel from '../models/measurement_template'; import TestHelper from "../test/helper"; +// TODO: do not allow usage of old templates for new samples describe('/template', () => { let server; diff --git a/src/routes/user.spec.ts b/src/routes/user.spec.ts index e294cb2..6a7d69e 100644 --- a/src/routes/user.spec.ts +++ b/src/routes/user.spec.ts @@ -2,6 +2,7 @@ import should from 'should/as-function'; import UserModel from '../models/user'; import TestHelper from "../test/helper"; +// TODO: reject usernames containing admin, etc. describe('/user', () => { let server; diff --git a/src/routes/validate/user.ts b/src/routes/validate/user.ts index 0c073d0..bd4dfbd 100644 --- a/src/routes/validate/user.ts +++ b/src/routes/validate/user.ts @@ -16,7 +16,7 @@ export default class UserValidate { // validate input for user .max(128), pass: Joi.string() - .pattern(new RegExp('^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*[!"#%&\'()*+,-.\\/:;<=>?@[\\]^_`{|}~])(?=\\S+$).{8,}$')) + .pattern(/^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*[!"#%&'()*+,-.\/:;<=>?@[\]^_`{|}~])(?=\S+$)[a-zA-Z0-9!"#%&'()*+,\-.\/:;<=>?@[\]^_`{|}~]{8,}$/) .max(128), level: Joi.string()