diff --git a/api/api.yaml b/api/api.yaml index c0a5441..9090378 100644 --- a/api/api.yaml +++ b/api/api.yaml @@ -54,7 +54,6 @@ tags: - name: / - name: /sample - name: /material - - name: /condition - name: /measurement - name: /template - name: /model diff --git a/api/schemas.yaml b/api/schemas.yaml index 6e1eeb7..e76cfb0 100644 --- a/api/schemas.yaml +++ b/api/schemas.yaml @@ -133,7 +133,7 @@ Measurement: allOf: - $ref: 'api.yaml#/components/schemas/_Id' properties: - condition_id: + sample_id: $ref: 'api.yaml#/components/schemas/Id' values: type: object diff --git a/src/index.ts b/src/index.ts index 1343442..55ca5ff 100644 --- a/src/index.ts +++ b/src/index.ts @@ -12,6 +12,7 @@ import db from './db'; // TODO: condition values not needed on initial add // TODO: add multiple samples at once // TODO: coverage +// TODO: think about the display of deleted/new samples and validation in data and UI // tell if server is running in debug or production environment console.info(process.env.NODE_ENV === 'production' ? '===== PRODUCTION =====' : process.env.NODE_ENV === 'test' ? '' :'===== DEVELOPMENT ====='); diff --git a/src/models/measurement.ts b/src/models/measurement.ts index 7db0a50..4282b29 100644 --- a/src/models/measurement.ts +++ b/src/models/measurement.ts @@ -9,6 +9,6 @@ const MeasurementSchema = new mongoose.Schema({ values: mongoose.Schema.Types.Mixed, measurement_template: {type: mongoose.Schema.Types.ObjectId, ref: MeasurementTemplateModel}, status: Number -}); +}, {minimize: false}); export default mongoose.model('measurement', MeasurementSchema); \ No newline at end of file diff --git a/src/routes/measurement.spec.ts b/src/routes/measurement.spec.ts index 8ca49ed..6e58290 100644 --- a/src/routes/measurement.spec.ts +++ b/src/routes/measurement.spec.ts @@ -3,7 +3,7 @@ import MeasurementModel from '../models/measurement'; import TestHelper from "../test/helper"; import globals from '../globals'; -// TODO: allow empty values +// TODO: restore measurements for m/a describe('/measurement', () => { @@ -19,7 +19,7 @@ describe('/measurement', () => { url: '/measurement/800000000000000000000001', auth: {basic: 'janedoe'}, httpStatus: 200, - res: {_id: '800000000000000000000001', condition_id: '700000000000000000000001', values: {dpt: [[3997.12558,98.00555],[3995.08519,98.03253],[3993.04480,98.02657]]}, measurement_template: '300000000000000000000001'} + res: {_id: '800000000000000000000001', sample_id: '400000000000000000000001', values: {dpt: [[3997.12558,98.00555],[3995.08519,98.03253],[3993.04480,98.02657]]}, measurement_template: '300000000000000000000001'} }); }); it('returns the measurement for an API key', done => { @@ -28,7 +28,24 @@ describe('/measurement', () => { url: '/measurement/800000000000000000000001', auth: {key: 'janedoe'}, httpStatus: 200, - res: {_id: '800000000000000000000001', condition_id: '700000000000000000000001', values: {dpt: [[3997.12558,98.00555],[3995.08519,98.03253],[3993.04480,98.02657]]}, measurement_template: '300000000000000000000001'} + res: {_id: '800000000000000000000001', sample_id: '400000000000000000000001', values: {dpt: [[3997.12558,98.00555],[3995.08519,98.03253],[3993.04480,98.02657]]}, measurement_template: '300000000000000000000001'} + }); + }); + it('returns deleted measurements for a maintain/admin user', done => { + TestHelper.request(server, done, { + method: 'get', + url: '/measurement/800000000000000000000004', + auth: {basic: 'admin'}, + httpStatus: 200, + res: {_id: '800000000000000000000004', sample_id: '400000000000000000000003', values: {val1: 1}, measurement_template: '300000000000000000000003'} + }); + }); + it('rejects requests for deleted measurements from a write user', done => { + TestHelper.request(server, done, { + method: 'get', + url: '/measurement/800000000000000000000004', + auth: {basic: 'janedoe'}, + httpStatus: 403 }); }); it('rejects an invalid id', done => { @@ -64,7 +81,7 @@ describe('/measurement', () => { auth: {basic: 'janedoe'}, httpStatus: 200, req: {}, - res: {_id: '800000000000000000000001', condition_id: '700000000000000000000001', values: {dpt: [[3997.12558,98.00555],[3995.08519,98.03253],[3993.04480,98.02657]]}, measurement_template: '300000000000000000000001'} + res: {_id: '800000000000000000000001', sample_id: '400000000000000000000001', values: {dpt: [[3997.12558,98.00555],[3995.08519,98.03253],[3993.04480,98.02657]]}, measurement_template: '300000000000000000000001'} }); }); it('keeps unchanged values', done => { @@ -76,7 +93,7 @@ describe('/measurement', () => { req: {values: {dpt: [[3997.12558,98.00555],[3995.08519,98.03253],[3993.04480,98.02657]]}} }).end((err, res) => { if (err) return done(err); - should(res.body).be.eql({_id: '800000000000000000000001', condition_id: '700000000000000000000001', values: {dpt: [[3997.12558,98.00555],[3995.08519,98.03253],[3993.04480,98.02657]]}, measurement_template: '300000000000000000000001'}); + should(res.body).be.eql({_id: '800000000000000000000001', sample_id: '400000000000000000000001', values: {dpt: [[3997.12558,98.00555],[3995.08519,98.03253],[3993.04480,98.02657]]}, measurement_template: '300000000000000000000001'}); MeasurementModel.findById('800000000000000000000001').lean().exec((err, data: any) => { if (err) return done(err); should(data).have.property('status',globals.status.validated); @@ -93,7 +110,7 @@ describe('/measurement', () => { req: {values: {'weight %': 0.5}} }).end((err, res) => { if (err) return done(err); - should(res.body).be.eql({_id: '800000000000000000000002', condition_id: '700000000000000000000002', values: {'weight %': 0.5, 'standard deviation': 0.2}, measurement_template: '300000000000000000000002'}); + should(res.body).be.eql({_id: '800000000000000000000002', sample_id: '400000000000000000000002', values: {'weight %': 0.5, 'standard deviation': 0.2}, measurement_template: '300000000000000000000002'}); MeasurementModel.findById('800000000000000000000002').lean().exec((err, data: any) => { if (err) return done(err); should(data).have.property('status',globals.status.validated); @@ -110,10 +127,10 @@ describe('/measurement', () => { req: {values: {dpt: [[1,2],[3,4],[5,6]]}} }).end((err, res) => { if (err) return done(err); - should(res.body).be.eql({_id: '800000000000000000000001', condition_id: '700000000000000000000001', values: {dpt: [[1,2],[3,4],[5,6]]}, measurement_template: '300000000000000000000001'}); + should(res.body).be.eql({_id: '800000000000000000000001', sample_id: '400000000000000000000001', values: {dpt: [[1,2],[3,4],[5,6]]}, measurement_template: '300000000000000000000001'}); MeasurementModel.findById('800000000000000000000001').lean().exec((err, data: any) => { - should(data).have.only.keys('_id', 'condition_id', 'values', 'measurement_template', 'status', '__v'); - should(data.condition_id.toString()).be.eql('700000000000000000000001'); + should(data).have.only.keys('_id', 'sample_id', 'values', 'measurement_template', 'status', '__v'); + should(data.sample_id.toString()).be.eql('400000000000000000000001'); should(data.measurement_template.toString()).be.eql('300000000000000000000001'); should(data).have.property('status',globals.status.new); should(data).have.property('values'); @@ -129,7 +146,17 @@ describe('/measurement', () => { auth: {basic: 'janedoe'}, httpStatus: 200, req: {values: {'weight %': 0.9}}, - res: {_id: '800000000000000000000002', condition_id: '700000000000000000000002', values: {'weight %': 0.9, 'standard deviation': 0.2}, measurement_template: '300000000000000000000002'} + res: {_id: '800000000000000000000002', sample_id: '400000000000000000000002', values: {'weight %': 0.9, 'standard deviation': 0.2}, measurement_template: '300000000000000000000002'} + }); + }); + it('allows keeping empty values empty', done => { + TestHelper.request(server, done, { + method: 'put', + url: '/measurement/800000000000000000000005', + auth: {basic: 'janedoe'}, + httpStatus: 200, + req: {values: {'weight %': 0.9}}, + res: {_id: '800000000000000000000005', sample_id: '400000000000000000000002', values: {'weight %': 0.9, 'standard deviation': null}, measurement_template: '300000000000000000000002'} }); }); it('rejects not specified values', done => { @@ -149,7 +176,7 @@ describe('/measurement', () => { auth: {basic: 'admin'}, httpStatus: 400, req: {values: {val1: 4}}, - res: {status: 'Invalid body format', details: '"val1" must be one of [1, 2, 3]'} + res: {status: 'Invalid body format', details: '"val1" must be one of [1, 2, 3, null]'} }); }); it('rejects a value below minimum range', done => { @@ -182,6 +209,16 @@ describe('/measurement', () => { res: {status: 'Invalid body format', details: '"measurement_template" is not allowed'} }); }); + it('rejects a new sample id', done => { + TestHelper.request(server, done, { + method: 'put', + url: '/measurement/800000000000000000000002', + auth: {basic: 'janedoe'}, + httpStatus: 400, + req: {values: {'weight %': 0.9, 'standard deviation': 0.3}, sample_id: '400000000000000000000002'}, + res: {status: 'Invalid body format', details: '"sample_id" is not allowed'} + }); + }); it('rejects editing a measurement for a write user who did not create this measurement', done => { TestHelper.request(server, done, { method: 'put', @@ -198,7 +235,7 @@ describe('/measurement', () => { auth: {basic: 'admin'}, httpStatus: 200, req: {values: {'weight %': 0.9, 'standard deviation': 0.3}}, - res: {_id: '800000000000000000000002', condition_id: '700000000000000000000002', values: {'weight %': 0.9, 'standard deviation': 0.3}, measurement_template: '300000000000000000000002'} + res: {_id: '800000000000000000000002', sample_id: '400000000000000000000002', values: {'weight %': 0.9, 'standard deviation': 0.3}, measurement_template: '300000000000000000000002'} }); }); it('rejects an invalid id', done => { @@ -327,12 +364,12 @@ describe('/measurement', () => { url: '/measurement/new', auth: {basic: 'janedoe'}, httpStatus: 200, - req: {condition_id: '700000000000000000000001', values: {'weight %': 0.8, 'standard deviation': 0.1}, measurement_template: '300000000000000000000002'} + req: {sample_id: '400000000000000000000001', values: {'weight %': 0.8, 'standard deviation': 0.1}, measurement_template: '300000000000000000000002'} }).end((err, res) => { if (err) return done(err); - should(res.body).have.only.keys('_id', 'condition_id', 'values', 'measurement_template'); + should(res.body).have.only.keys('_id', 'sample_id', 'values', 'measurement_template'); should(res.body).have.property('_id').be.type('string'); - should(res.body).have.property('condition_id', '700000000000000000000001'); + should(res.body).have.property('sample_id', '400000000000000000000001'); should(res.body).have.property('measurement_template', '300000000000000000000002'); should(res.body).have.property('values'); should(res.body.values).have.property('weight %', 0.8); @@ -346,13 +383,13 @@ describe('/measurement', () => { url: '/measurement/new', auth: {basic: 'janedoe'}, httpStatus: 200, - req: {condition_id: '700000000000000000000001', values: {'weight %': 0.8, 'standard deviation': 0.1}, measurement_template: '300000000000000000000002'} + req: {sample_id: '400000000000000000000001', values: {'weight %': 0.8, 'standard deviation': 0.1}, measurement_template: '300000000000000000000002'} }).end((err, res) => { if (err) return done(err); MeasurementModel.findById(res.body._id).lean().exec((err, data: any) => { if (err) return done(err); - should(data).have.only.keys('_id', 'condition_id', 'values', 'measurement_template', 'status', '__v'); - should(data.condition_id.toString()).be.eql('700000000000000000000001'); + should(data).have.only.keys('_id', 'sample_id', 'values', 'measurement_template', 'status', '__v'); + should(data.sample_id.toString()).be.eql('400000000000000000000001'); should(data.measurement_template.toString()).be.eql('300000000000000000000002'); should(data).have.property('status', 0); should(data).have.property('values'); @@ -362,24 +399,24 @@ describe('/measurement', () => { }); }); }); - it('rejects an invalid condition id', done => { + it('rejects an invalid sample id', done => { TestHelper.request(server, done, { method: 'post', url: '/measurement/new', auth: {basic: 'janedoe'}, httpStatus: 400, - req: {condition_id: '700000000000h00000000001', values: {'weight %': 0.8, 'standard deviation': 0.1}, measurement_template: '300000000000000000000002'}, - res: {status: 'Invalid body format', details: '"condition_id" with value "700000000000h00000000001" fails to match the required pattern: /[0-9a-f]{24}/'} + req: {sample_id: '400000000000h00000000001', values: {'weight %': 0.8, 'standard deviation': 0.1}, measurement_template: '300000000000000000000002'}, + res: {status: 'Invalid body format', details: '"sample_id" with value "400000000000h00000000001" fails to match the required pattern: /[0-9a-f]{24}/'} }); }); - it('rejects a condition id not available', done => { + it('rejects a sample id not available', done => { TestHelper.request(server, done, { method: 'post', url: '/measurement/new', auth: {basic: 'janedoe'}, httpStatus: 400, - req: {condition_id: '000000000000000000000001', values: {'weight %': 0.8, 'standard deviation': 0.1}, measurement_template: '300000000000000000000002'}, - res: {status: 'Condition id not available'} + req: {sample_id: '000000000000000000000001', values: {'weight %': 0.8, 'standard deviation': 0.1}, measurement_template: '300000000000000000000002'}, + res: {status: 'Sample id not available'} }); }); it('rejects an invalid measurement_template id', done => { @@ -388,7 +425,7 @@ describe('/measurement', () => { url: '/measurement/new', auth: {basic: 'janedoe'}, httpStatus: 400, - req: {condition_id: '700000000000000000000001', values: {'weight %': 0.8, 'standard deviation': 0.1}, measurement_template: '30000000000h000000000002'}, + req: {sample_id: '400000000000000000000001', values: {'weight %': 0.8, 'standard deviation': 0.1}, measurement_template: '30000000000h000000000002'}, res: {status: 'Invalid body format', details: '"measurement_template" with value "30000000000h000000000002" fails to match the required pattern: /[0-9a-f]{24}/'} }); }); @@ -398,7 +435,7 @@ describe('/measurement', () => { url: '/measurement/new', auth: {basic: 'janedoe'}, httpStatus: 400, - req: {condition_id: '700000000000000000000001', values: {'weight %': 0.8, 'standard deviation': 0.1}, measurement_template: '000000000000000000000002'}, + req: {sample_id: '400000000000000000000001', values: {'weight %': 0.8, 'standard deviation': 0.1}, measurement_template: '000000000000000000000002'}, res: {status: 'Measurement template not available'} }); }); @@ -408,18 +445,27 @@ describe('/measurement', () => { url: '/measurement/new', auth: {basic: 'janedoe'}, httpStatus: 400, - req: {condition_id: '700000000000000000000001', values: {'weight %': 0.8, 'standard deviation': 0.1, xx: 44}, measurement_template: '300000000000000000000002'}, + req: {sample_id: '400000000000000000000001', values: {'weight %': 0.8, 'standard deviation': 0.1, xx: 44}, measurement_template: '300000000000000000000002'}, res: {status: 'Invalid body format', details: '"xx" is not allowed'} }); }); - it('rejects missing values', done => { + it('accepts missing values', done => { TestHelper.request(server, done, { method: 'post', url: '/measurement/new', auth: {basic: 'janedoe'}, - httpStatus: 400, - req: {condition_id: '700000000000000000000001', values: {'weight %': 0.8}, measurement_template: '300000000000000000000002'}, - res: {status: 'Invalid body format', details: '"standard deviation" is required'} + httpStatus: 200, + req: {sample_id: '400000000000000000000001', values: {'weight %': 0.8}, measurement_template: '300000000000000000000002'} + }).end((err, res) => { + if (err) return done(err); + should(res.body).have.only.keys('_id', 'sample_id', 'values', 'measurement_template'); + should(res.body).have.property('_id').be.type('string'); + should(res.body).have.property('sample_id', '400000000000000000000001'); + should(res.body).have.property('measurement_template', '300000000000000000000002'); + should(res.body).have.property('values'); + should(res.body.values).have.property('weight %', 0.8); + should(res.body.values).have.property('standard deviation', null); + done(); }); }); it('rejects a value not in the value range', done => { @@ -428,8 +474,8 @@ describe('/measurement', () => { url: '/measurement/new', auth: {basic: 'janedoe'}, httpStatus: 400, - req: {condition_id: '700000000000000000000001', values: {val1: 4}, measurement_template: '300000000000000000000003'}, - res: {status: 'Invalid body format', details: '"val1" must be one of [1, 2, 3]'} + req: {sample_id: '400000000000000000000001', values: {val1: 4}, measurement_template: '300000000000000000000003'}, + res: {status: 'Invalid body format', details: '"val1" must be one of [1, 2, 3, null]'} }); }); it('rejects a value below minimum range', done => { @@ -438,7 +484,7 @@ describe('/measurement', () => { url: '/measurement/new', auth: {basic: 'janedoe'}, httpStatus: 400, - req: {condition_id: '700000000000000000000001', values: {'weight %': -1, 'standard deviation': 0.1}, measurement_template: '300000000000000000000002'}, + req: {sample_id: '400000000000000000000001', values: {'weight %': -1, 'standard deviation': 0.1}, measurement_template: '300000000000000000000002'}, res: {status: 'Invalid body format', details: '"weight %" must be larger than or equal to 0'} }); }); @@ -448,18 +494,18 @@ describe('/measurement', () => { url: '/measurement/new', auth: {basic: 'janedoe'}, httpStatus: 400, - req: {condition_id: '700000000000000000000001', values: {'weight %': 0.8, 'standard deviation': 2}, measurement_template: '300000000000000000000002'}, + req: {sample_id: '400000000000000000000001', values: {'weight %': 0.8, 'standard deviation': 2}, measurement_template: '300000000000000000000002'}, res: {status: 'Invalid body format', details: '"standard deviation" must be less than or equal to 0.5'} }); }); - it('rejects a missing condition id', done => { + it('rejects a missing sample id', done => { TestHelper.request(server, done, { method: 'post', url: '/measurement/new', auth: {basic: 'janedoe'}, httpStatus: 400, req: {values: {'weight %': 0.8, 'standard deviation': 0.1}, measurement_template: '300000000000000000000002'}, - res: {status: 'Invalid body format', details: '"condition_id" is required'} + res: {status: 'Invalid body format', details: '"sample_id" is required'} }); }); it('rejects a missing measurement_template', done => { @@ -468,7 +514,7 @@ describe('/measurement', () => { url: '/measurement/new', auth: {basic: 'janedoe'}, httpStatus: 400, - req: {condition_id: '700000000000000000000001', values: {'weight %': 0.8, 'standard deviation': 0.1}}, + req: {sample_id: '400000000000000000000001', values: {'weight %': 0.8, 'standard deviation': 0.1}}, res: {status: 'Invalid body format', details: '"measurement_template" is required'} }); }); @@ -478,7 +524,7 @@ describe('/measurement', () => { url: '/measurement/new', auth: {basic: 'janedoe'}, httpStatus: 403, - req: {condition_id: '700000000000000000000003', values: {'weight %': 0.8, 'standard deviation': 0.1}, measurement_template: '300000000000000000000002'} + req: {sample_id: '400000000000000000000003', values: {'weight %': 0.8, 'standard deviation': 0.1}, measurement_template: '300000000000000000000002'} }); }); it('accepts adding a measurement to the sample of another user for a maintain/admin user', done => { @@ -487,12 +533,12 @@ describe('/measurement', () => { url: '/measurement/new', auth: {basic: 'admin'}, httpStatus: 200, - req: {condition_id: '700000000000000000000001', values: {'weight %': 0.8, 'standard deviation': 0.1}, measurement_template: '300000000000000000000002'} + req: {sample_id: '400000000000000000000001', values: {'weight %': 0.8, 'standard deviation': 0.1}, measurement_template: '300000000000000000000002'} }).end((err, res) => { if (err) return done(err); - should(res.body).have.only.keys('_id', 'condition_id', 'values', 'measurement_template'); + should(res.body).have.only.keys('_id', 'sample_id', 'values', 'measurement_template'); should(res.body).have.property('_id').be.type('string'); - should(res.body).have.property('condition_id', '700000000000000000000001'); + should(res.body).have.property('sample_id', '400000000000000000000001'); should(res.body).have.property('measurement_template', '300000000000000000000002'); should(res.body).have.property('values'); should(res.body.values).have.property('weight %', 0.8); @@ -506,7 +552,7 @@ describe('/measurement', () => { url: '/measurement/new', auth: {key: 'janedoe'}, httpStatus: 401, - req: {condition_id: '700000000000000000000001', values: {'weight %': 0.8, 'standard deviation': 0.1}, measurement_template: '300000000000000000000002'} + req: {sample_id: '400000000000000000000001', values: {'weight %': 0.8, 'standard deviation': 0.1}, measurement_template: '300000000000000000000002'} }); }); it('rejects requests from a read user', done => { @@ -515,7 +561,7 @@ describe('/measurement', () => { url: '/measurement/new', auth: {basic: 'user'}, httpStatus: 403, - req: {condition_id: '700000000000000000000001', values: {'weight %': 0.8, 'standard deviation': 0.1}, measurement_template: '300000000000000000000002'} + req: {sample_id: '400000000000000000000001', values: {'weight %': 0.8, 'standard deviation': 0.1}, measurement_template: '300000000000000000000002'} }); }); it('rejects unauthorized requests', done => { @@ -523,7 +569,7 @@ describe('/measurement', () => { method: 'post', url: '/measurement/new', httpStatus: 401, - req: {condition_id: '700000000000000000000001', values: {'weight %': 0.8, 'standard deviation': 0.1}, measurement_template: '300000000000000000000002'} + req: {sample_id: '400000000000000000000001', values: {'weight %': 0.8, 'standard deviation': 0.1}, measurement_template: '300000000000000000000002'} }); }); }); diff --git a/src/routes/measurement.ts b/src/routes/measurement.ts index b9af125..78b7ec1 100644 --- a/src/routes/measurement.ts +++ b/src/routes/measurement.ts @@ -3,6 +3,7 @@ import _ from 'lodash'; import MeasurementModel from '../models/measurement'; import MeasurementTemplateModel from '../models/measurement_template'; +import SampleModel from '../models/sample'; import MeasurementValidate from './validate/measurement'; import IdValidate from './validate/id'; import res400 from './validate/res400'; @@ -15,11 +16,12 @@ const router = express.Router(); router.get('/measurement/' + IdValidate.parameter(), (req, res, next) => { if (!req.auth(res, ['read', 'write', 'maintain', 'dev', 'admin'], 'all')) return; - MeasurementModel.findById(req.params.id).lean().exec((err, data) => { + MeasurementModel.findById(req.params.id).lean().exec((err, data: any) => { if (err) return next(err); if (!data) { return res.status(404).json({status: 'Not found'}); } + if (data.status ===globals.status.deleted && !req.auth(res, ['maintain', 'admin'], 'all')) return; // deleted measurements only available for maintain/admin res.json(MeasurementValidate.output(data)); }); @@ -37,13 +39,13 @@ router.put('/measurement/' + IdValidate.parameter(), async (req, res, next) => { res.status(404).json({status: 'Not found'}); } - // add properties needed for conditionIdCheck + // add properties needed for sampleIdCheck measurement.measurement_template = data.measurement_template; - measurement.condition_id = data.condition_id; - if (!await conditionIdCheck(measurement, req, res, next)) return; + measurement.sample_id = data.sample_id; + if (!await sampleIdCheck(measurement, req, res, next)) return; // check for changes - if (measurement.values) { + if (measurement.values) { // fill not changed values from database measurement.values = _.assign({}, data.values, measurement.values); if (!_.isEqual(measurement.values, data.values)) { measurement.status = globals.status.new; // set status to new @@ -53,6 +55,7 @@ router.put('/measurement/' + IdValidate.parameter(), async (req, res, next) => { if (!await templateCheck(measurement, 'change', res, next)) return; await MeasurementModel.findByIdAndUpdate(req.params.id, measurement, {new: true}).lean().exec((err, data) => { if (err) return next(err); + console.log(data); res.json(MeasurementValidate.output(data)); }); }); @@ -65,7 +68,7 @@ router.delete('/measurement/' + IdValidate.parameter(), (req, res, next) => { if (!data) { res.status(404).json({status: 'Not found'}); } - if (!await conditionIdCheck(data, req, res, next)) return; + if (!await sampleIdCheck(data, req, res, next)) return; await MeasurementModel.findByIdAndUpdate(req.params.id, {status:globals.status.deleted}).lean().exec(err => { if (err) return next(err); res.json({status: 'OK'}); @@ -79,12 +82,14 @@ router.post('/measurement/new', async (req, res, next) => { const {error, value: measurement} = MeasurementValidate.input(req.body, 'new'); if (error) return res400(error, res); - if (!await conditionIdCheck(measurement, req, res, next)) return; - if (!await templateCheck(measurement, 'new', res, next)) return; + if (!await sampleIdCheck(measurement, req, res, next)) return; + measurement.values = await templateCheck(measurement, 'new', res, next); + if (!measurement.values) return; measurement.status = 0; await new MeasurementModel(measurement).save((err, data) => { if (err) return next(err); + console.log(data); res.json(MeasurementValidate.output(data.toObject())); }); }); @@ -93,25 +98,38 @@ router.post('/measurement/new', async (req, res, next) => { module.exports = router; -async function conditionIdCheck (measurement, req, res, next) { // validate condition_id, returns false if invalid // TODO - // const sampleData = await ConditionModel.findById(measurement.condition_id).populate('sample_id').lean().exec().catch(err => {next(err); return false;}) as any; - // if (!sampleData) { // sample_id not found - // res.status(400).json({status: 'Condition id not available'}); +async function sampleIdCheck (measurement, req, res, next) { // validate sample_id, returns false if invalid or user has no access for this sample + const sampleData = await SampleModel.findById(measurement.sample_id).lean().exec().catch(err => {next(err); return false;}) as any; + if (!sampleData) { // sample_id not found + res.status(400).json({status: 'Sample id not available'}); return false - // } - // if (sampleData.sample_id.user_id.toString() !== req.authDetails.id && !req.auth(res, ['maintain', 'admin'], 'basic')) return false; // sample does not belong to user - // return true; + } + if (sampleData.user_id.toString() !== req.authDetails.id && !req.auth(res, ['maintain', 'admin'], 'basic')) return false; // sample does not belong to user + return true; } -async function templateCheck (measurement, param, res, next) { // validate measurement_template and values, param for new/change +async function templateCheck (measurement, param, res, next) { // validate measurement_template and values, returns values, true if values are {} or false if invalid, param for 'new'/'change' const templateData = await MeasurementTemplateModel.findById(measurement.measurement_template).lean().exec().catch(err => {next(err); return false;}) as any; if (!templateData) { // template not found res.status(400).json({status: 'Measurement template not available'}); return false } + // fill not given values for new measurements + if (param === 'new') { + if (Object.keys(measurement.values).length === 0) { + res.status(400).json({status: 'At least one value is required'}); + return false + } + const fillValues = {}; // initialize not given values with null + templateData.parameters.forEach(parameter => { + fillValues[parameter.name] = null; + }); + measurement.values = _.assign({}, fillValues, measurement.values); + } + // validate values - const {error, value: ignore} = ParametersValidate.input(measurement.values, templateData.parameters, param); + const {error, value} = ParametersValidate.input(measurement.values, templateData.parameters, 'null'); if (error) {res400(error, res); return false;} - return true; + return value || true; } \ No newline at end of file diff --git a/src/routes/user.spec.ts b/src/routes/user.spec.ts index 6a7d69e..a7a2ddb 100644 --- a/src/routes/user.spec.ts +++ b/src/routes/user.spec.ts @@ -288,7 +288,7 @@ describe('/user', () => { auth: {basic: 'admin'}, httpStatus: 400, req: {pass: 'password'}, - res: {status: 'Invalid body format', details: '"pass" with value "password" fails to match the required pattern: /^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*[!"#%&\'()*+,-.\\/:;<=>?@[\\]^_`{|}~])(?=\\S+$).{8,}$/'} + res: {status: 'Invalid body format', details: '"pass" with value "password" fails to match the required pattern: /^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*[!"#%&\'()*+,-.\\/:;<=>?@[\\]^_`{|}~])(?=\\S+$)[a-zA-Z0-9!"#%&\'()*+,\\-.\\/:;<=>?@[\\]^_`{|}~]{8,}$/'} }); }); it('rejects requests from non-admins for another user', done => { @@ -546,7 +546,7 @@ describe('/user', () => { auth: {basic: 'admin'}, httpStatus: 400, req: {email: 'john.doe@bosch.com', name: 'johndoe', pass: 'password', level: 'read', location: 'Rng', device_name: 'Alpha II'}, - res: {status: 'Invalid body format', details: '"pass" with value "password" fails to match the required pattern: /^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*[!"#%&\'()*+,-.\\/:;<=>?@[\\]^_`{|}~])(?=\\S+$).{8,}$/'} + res: {status: 'Invalid body format', details: '"pass" with value "password" fails to match the required pattern: /^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*[!"#%&\'()*+,-.\\/:;<=>?@[\\]^_`{|}~])(?=\\S+$)[a-zA-Z0-9!"#%&\'()*+,\\-.\\/:;<=>?@[\\]^_`{|}~]{8,}$/'} }); }); it('rejects requests from non-admins', done => { diff --git a/src/routes/validate/measurement.ts b/src/routes/validate/measurement.ts index 21b38a2..74c2409 100644 --- a/src/routes/validate/measurement.ts +++ b/src/routes/validate/measurement.ts @@ -12,13 +12,14 @@ export default class MeasurementValidate { Joi.boolean(), Joi.array() ) + .allow(null) ) }; static input (data, param) { // validate input, set param to 'new' to make all attributes required if (param === 'new') { return Joi.object({ - condition_id: IdValidate.get().required(), + sample_id: IdValidate.get().required(), values: this.measurement.values.required(), measurement_template: IdValidate.get().required() }).validate(data); @@ -37,7 +38,7 @@ export default class MeasurementValidate { data = IdValidate.stringify(data); const {value, error} = Joi.object({ _id: IdValidate.get(), - condition_id: IdValidate.get(), + sample_id: IdValidate.get(), values: this.measurement.values, measurement_template: IdValidate.get() }).validate(data, {stripUnknown: true}); diff --git a/src/routes/validate/parameters.ts b/src/routes/validate/parameters.ts index 79e62ef..e6070b0 100644 --- a/src/routes/validate/parameters.ts +++ b/src/routes/validate/parameters.ts @@ -1,7 +1,7 @@ import Joi from '@hapi/joi'; export default class ParametersValidate { - static input (data, parameters, param) { // data to validate, parameters from template, param: 'new', 'change' + static input (data, parameters, param) { // data to validate, parameters from template, param: 'new', 'change', 'null'(null values are allowed) let joiObject = {}; parameters.forEach(parameter => { if (parameter.range.hasOwnProperty('values')) { // append right validation method according to parameter @@ -39,6 +39,9 @@ export default class ParametersValidate { if (param === 'new') { joiObject[parameter.name] = joiObject[parameter.name].required() } + else if (param === 'null') { + joiObject[parameter.name] = joiObject[parameter.name].allow(null) + } }); return Joi.object(joiObject).validate(data); } diff --git a/src/routes/validate/template.ts b/src/routes/validate/template.ts index 6b96a42..111951e 100644 --- a/src/routes/validate/template.ts +++ b/src/routes/validate/template.ts @@ -10,7 +10,6 @@ export default class TemplateValidate { .min(1), parameters: Joi.array() - .min(1) .items( Joi.object({ name: Joi.string() diff --git a/src/test/db.json b/src/test/db.json index 7760208..372b09a 100644 --- a/src/test/db.json +++ b/src/test/db.json @@ -305,6 +305,27 @@ "status": 0, "measurement_template": {"$oid":"300000000000000000000003"}, "__v": 0 + }, + { + "_id": {"$oid":"800000000000000000000004"}, + "sample_id": {"$oid":"400000000000000000000003"}, + "values": { + "val1": 1 + }, + "status": -1, + "measurement_template": {"$oid":"300000000000000000000003"}, + "__v": 0 + }, + { + "_id": {"$oid":"800000000000000000000005"}, + "sample_id": {"$oid":"400000000000000000000002"}, + "values": { + "weight %": 0.5, + "standard deviation":null + }, + "status": 10, + "measurement_template": {"$oid":"300000000000000000000002"}, + "__v": 0 } ], "condition_templates": [