PUT method

api/api.yaml

@@ -27,6 +27,13 @@ info:
       <li>no whitespace</li>
       <li>at least 8 characters</li>
     </ul>
+  x-doc: |
+    status:
+    <ul>
+      <li>-10: deleted</li>
+      <li>0: newly added/changed</li>
+      <li>10: validated</li>
+    </ul>
 # TODO: Link to new documentation page
 
 

api/measurement.yaml

@@ -24,6 +24,7 @@
   put:
     summary: TODO change measurement
     description: 'Auth: basic, levels: write, maintain, dev, admin'
+    x-doc: status is reset to 0 on any changes
     tags:
       - /measurement
     security:
@@ -33,7 +34,9 @@
       content:
         application/json:
           schema:
-            $ref: 'api.yaml#/components/schemas/Measurement'
+            properties:
+              values:
+                type: object
     responses:
       200:
         description: measurement details

package-lock.json

@@ -137,6 +137,12 @@
         "@types/range-parser": "*"
       }
     },
+    "@types/lodash": {
+      "version": "4.14.150",
+      "resolved": "https://registry.npmjs.org/@types/lodash/-/lodash-4.14.150.tgz",
+      "integrity": "sha512-kMNLM5JBcasgYscD9x/Gvr6lTAv2NVgsKtet/hm93qMyf/D1pt+7jeEZklKJKxMVmXjxbRVQQGfqDSfipYCO6w==",
+      "dev": true
+    },
     "@types/mime": {
       "version": "2.0.1",
       "resolved": "https://registry.npmjs.org/@types/mime/-/mime-2.0.1.tgz",
@@ -1345,8 +1351,7 @@
     "lodash": {
       "version": "4.17.15",
       "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz",
-      "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==",
-      "dev": true
+      "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A=="
     },
     "log-symbols": {
       "version": "3.0.0",

package.json

@@ -32,6 +32,7 @@
     "content-filter": "^1.1.2",
     "express": "^4.17.1",
     "json-schema": "^0.2.5",
+    "lodash": "^4.17.15",
     "mongo-sanitize": "^1.1.0",
     "mongoose": "^5.8.7",
     "nodemon": "^2.0.3",
@@ -40,6 +41,7 @@
     "typescript": "^3.7.4"
   },
   "devDependencies": {
+    "@types/lodash": "^4.14.150",
     "mocha": "^7.1.2",
     "should": "^13.2.3",
     "supertest": "^4.0.2"

src/routes/condition.spec.ts

@@ -184,7 +184,7 @@ describe('/condition', () => {
         req: {parameters: {material: 'hot air', weeks: 10}}
       });
     });
-    it('rejects requests form a read user', done => {
+    it('rejects requests from a read user', done => {
       TestHelper.request(server, done, {
         method: 'put',
         url: '/condition/700000000000000000000001',

src/routes/condition.ts

@@ -48,7 +48,6 @@ router.put('/condition/' + IdValidate.parameter(), async (req, res, next) => {
   }
   if (!await treatmentCheck(condition, 'change', res, next)) return;
 
-  console.log(condition);
   await ConditionModel.findByIdAndUpdate(req.params.id, condition, {new: true}).lean().exec((err, data) => {
     if (err) return next(err);
     res.json(ConditionValidate.output(data));

src/routes/material.ts

@@ -1,4 +1,5 @@
 import express from 'express';
+import _ from 'lodash';
 
 import MaterialValidate from './validate/material';
 import MaterialModel from '../models/material'
@@ -15,7 +16,7 @@ router.get('/materials', (req, res, next) => {
 
   MaterialModel.find({}).lean().exec((err, data) => {
     if (err) return next(err);
-    res.json(data.map(e => MaterialValidate.output(e)).filter(e => e !== null));  // validate all and filter null values from validation errors
+    res.json(_.compact(data.map(e => MaterialValidate.output(e))));  // validate all and filter null values from validation errors
   });
 });
 

src/routes/measurement.spec.ts

@@ -52,6 +52,177 @@ describe('/measurement', () => {
     });
   });
 
+  describe('PUT /measurement/{id}', () => {
+    it('returns the right measurement', done => {
+      TestHelper.request(server, done, {
+        method: 'put',
+        url: '/measurement/800000000000000000000001',
+        auth: {basic: 'janedoe'},
+        httpStatus: 200,
+        req: {},
+        res: {_id: '800000000000000000000001', condition_id: '700000000000000000000001', values: {dpt: [[3997.12558,98.00555],[3995.08519,98.03253],[3993.04480,98.02657]]}, measurement_template: '300000000000000000000001'}
+      });
+    });
+    it('keeps unchanged values', done => {
+      TestHelper.request(server, done, {
+        method: 'put',
+        url: '/measurement/800000000000000000000001',
+        auth: {basic: 'janedoe'},
+        httpStatus: 200,
+        req: {values: {dpt: [[3997.12558,98.00555],[3995.08519,98.03253],[3993.04480,98.02657]]}}
+      }).end((err, res) => {
+        if (err) return done(err);
+        should(res.body).be.eql({_id: '800000000000000000000001', condition_id: '700000000000000000000001', values: {dpt: [[3997.12558,98.00555],[3995.08519,98.03253],[3993.04480,98.02657]]}, measurement_template: '300000000000000000000001'});
+        MeasurementModel.findById('800000000000000000000001').lean().exec((err, data: any) => {
+          should(data).have.property('status', 10);
+          done();
+        });
+      });
+    });
+    it('changes the given values', done => {
+      TestHelper.request(server, done, {
+        method: 'put',
+        url: '/measurement/800000000000000000000001',
+        auth: {basic: 'janedoe'},
+        httpStatus: 200,
+        req: {values: {dpt: [[1,2],[3,4],[5,6]]}}
+      }).end((err, res) => {
+        if (err) return done(err);
+        should(res.body).be.eql({_id: '800000000000000000000001', condition_id: '700000000000000000000001', values: {dpt: [[1,2],[3,4],[5,6]]}, measurement_template: '300000000000000000000001'});
+        MeasurementModel.findById('800000000000000000000001').lean().exec((err, data: any) => {
+          should(data).have.only.keys('_id', 'condition_id', 'values', 'measurement_template', 'status', '__v');
+          should(data.condition_id.toString()).be.eql('700000000000000000000001');
+          should(data.measurement_template.toString()).be.eql('300000000000000000000001');
+          should(data).have.property('status', 0);
+          should(data).have.property('values');
+          should(data.values).have.property('dpt', [[1,2],[3,4],[5,6]]);
+          done();
+        });
+      });
+    });
+    it('allows changing only one value', done => {
+      TestHelper.request(server, done, {
+        method: 'put',
+        url: '/measurement/800000000000000000000002',
+        auth: {basic: 'janedoe'},
+        httpStatus: 200,
+        req: {values: {'weight %': 0.9}},
+        res: {_id: '800000000000000000000002', condition_id: '700000000000000000000002', values: {'weight %': 0.9, 'standard deviation': 0.2}, measurement_template: '300000000000000000000002'}
+      });
+    });
+    it('rejects not specified values', done => {
+      TestHelper.request(server, done, {
+        method: 'put',
+        url: '/measurement/800000000000000000000002',
+        auth: {basic: 'janedoe'},
+        httpStatus: 400,
+        req: {values: {'weight %': 0.9, 'standard deviation': 0.3, xx: 44}},
+        res: {status: 'Invalid body format', details: '"xx" is not allowed'}
+      });
+    });
+    it('rejects a value not in the value range', done => {
+      TestHelper.request(server, done, {
+        method: 'put',
+        url: '/measurement/800000000000000000000003',
+        auth: {basic: 'admin'},
+        httpStatus: 400,
+        req: {values: {val1: 4}},
+        res: {status: 'Invalid body format', details: '"val1" must be one of [1, 2, 3]'}
+      });
+    });
+    it('rejects a value below minimum range', done => {
+      TestHelper.request(server, done, {
+        method: 'put',
+        url: '/measurement/800000000000000000000002',
+        auth: {basic: 'janedoe'},
+        httpStatus: 400,
+        req: {values: {'weight %': -1, 'standard deviation': 0.3}},
+        res: {status: 'Invalid body format', details: '"weight %" must be larger than or equal to 0'}
+      });
+    });
+    it('rejects a value above maximum range', done => {
+      TestHelper.request(server, done, {
+        method: 'put',
+        url: '/measurement/800000000000000000000002',
+        auth: {basic: 'janedoe'},
+        httpStatus: 400,
+        req: {values: {'weight %': 0.9, 'standard deviation': 3}},
+        res: {status: 'Invalid body format', details: '"standard deviation" must be less than or equal to 0.5'}
+      });
+    });
+    it('rejects a new measurement template', done => {
+      TestHelper.request(server, done, {
+        method: 'put',
+        url: '/measurement/800000000000000000000002',
+        auth: {basic: 'janedoe'},
+        httpStatus: 400,
+        req: {values: {'weight %': 0.9, 'standard deviation': 0.3}, measurement_template: '300000000000000000000001'},
+        res: {status: 'Invalid body format', details: '"measurement_template" is not allowed'}
+      });
+    });
+    it('rejects editing a measurement for a write user who did not create this measurement', done => {
+      TestHelper.request(server, done, {
+        method: 'put',
+        url: '/measurement/800000000000000000000003',
+        auth: {basic: 'janedoe'},
+        httpStatus: 403,
+        req: {values: {val1: 2}}
+      });
+    });
+    it('accepts editing a measurement of another user for a maintain/admin user', done => {
+      TestHelper.request(server, done, {
+        method: 'put',
+        url: '/measurement/800000000000000000000002',
+        auth: {basic: 'admin'},
+        httpStatus: 200,
+        req: {values: {'weight %': 0.9, 'standard deviation': 0.3}},
+        res: {_id: '800000000000000000000002', condition_id: '700000000000000000000002', values: {'weight %': 0.9, 'standard deviation': 0.3}, measurement_template: '300000000000000000000002'}
+      });
+    });
+    it('rejects an invalid id', done => {
+      TestHelper.request(server, done, {
+        method: 'put',
+        url: '/measurement/800000000h00000000000002',
+        auth: {basic: 'janedoe'},
+        httpStatus: 404
+      });
+    });
+    it('rejects an unknown id', done => {
+      TestHelper.request(server, done, {
+        method: 'put',
+        url: '/measurement/000000000000000000000002',
+        auth: {basic: 'janedoe'},
+        httpStatus: 404
+      });
+    });
+    it('rejects an API key', done => {
+      TestHelper.request(server, done, {
+        method: 'put',
+        url: '/measurement/800000000000000000000002',
+        auth: {key: 'janedoe'},
+        httpStatus: 401,
+        req: {values: {'weight %': 0.9, 'standard deviation': 0.3}},
+      });
+    });
+    it('rejects requests from a read user', done => {
+      TestHelper.request(server, done, {
+        method: 'put',
+        url: '/measurement/800000000000000000000002',
+        auth: {basic: 'user'},
+        httpStatus: 403,
+        req: {values: {'weight %': 0.9, 'standard deviation': 0.3}},
+      });
+    });
+    it('rejects unauthorized requests', done => {
+      TestHelper.request(server, done, {
+        method: 'put',
+        url: '/measurement/800000000000000000000002',
+        httpStatus: 401,
+        req: {values: {'weight %': 0.9, 'standard deviation': 0.3}},
+      });
+    });
+  });
+
   describe('POST /measurement/new', () => {
     it('returns the right measurement', done => {
       TestHelper.request(server, done, {
@@ -82,6 +253,7 @@ describe('/measurement', () => {
       }).end((err, res) => {
         if (err) return done(err);
         MeasurementModel.findById(res.body._id).lean().exec((err, data: any) => {
+          if (err) return done(err);
           should(data).have.only.keys('_id', 'condition_id', 'values', 'measurement_template', 'status', '__v');
           should(data.condition_id.toString()).be.eql('700000000000000000000001');
           should(data.measurement_template.toString()).be.eql('300000000000000000000002');

src/routes/measurement.ts

@@ -1,4 +1,5 @@
 import express from 'express';
+import _ from 'lodash';
 
 import MeasurementModel from '../models/measurement';
 import ConditionModel from '../models/condition';
@@ -24,6 +25,36 @@ router.get('/measurement/' + IdValidate.parameter(), (req, res, next) => {
   });
 });
 
+router.put('/measurement/' + IdValidate.parameter(), async (req, res, next) => {
+  if (!req.auth(res, ['write', 'maintain', 'dev', 'admin'], 'basic')) return;
+
+  const {error, value: measurement} = MeasurementValidate.input(req.body, 'change');
+  if (error) return res400(error, res);
+
+  const data = await MeasurementModel.findById(req.params.id).lean().exec().catch(err => {next(err);}) as any;
+  if (data instanceof Error) {
+    return;
+  }
+  if (!data) {
+    res.status(404).json({status: 'Not found'});
+  }
+  // add properties needed for conditionIdCheck
+  measurement.measurement_template = data.measurement_template;
+  measurement.condition_id = data.condition_id;
+  if (measurement.hasOwnProperty('values') && !_.isEqual(measurement.values, data.values)) {
+    measurement.status = 0;
+  }
+  if (!await conditionIdCheck(measurement, req, res, next)) return;
+  if (measurement.values) {
+    measurement.values = Object.assign(data.values, measurement.values);
+  }
+  if (!await templateCheck(measurement, 'change', res, next)) return;
+  await MeasurementModel.findByIdAndUpdate(req.params.id, measurement, {new: true}).lean().exec((err, data) => {
+    if (err) return next(err);
+    res.json(MeasurementValidate.output(data));
+  });
+});
+
 router.post('/measurement/new', async (req, res, next) => {
   if (!req.auth(res, ['write', 'maintain', 'dev', 'admin'], 'basic')) return;
 
@@ -33,7 +64,7 @@ router.post('/measurement/new', async (req, res, next) => {
   if (!await conditionIdCheck(measurement, req, res, next)) return;
   if (!await templateCheck(measurement, 'new', res, next)) return;
 
-  measurement.status = 
+  measurement.status = 0;
   await new MeasurementModel(measurement).save((err, data) => {
     if (err) return next(err);
     res.json(MeasurementValidate.output(data.toObject()));

src/routes/sample.ts

@@ -1,4 +1,5 @@
 import express from 'express';
+import _ from 'lodash';
 
 import SampleValidate from './validate/sample';
 import NoteFieldValidate from './validate/note_field';
@@ -17,7 +18,7 @@ router.get('/samples', (req, res, next) => {
 
   SampleModel.find({}).lean().exec((err, data) => {
     if (err) return next(err);
-    res.json(data.map(e => SampleValidate.output(e)).filter(e => e !== null));  // validate all and filter null values from validation errors
+    res.json(_.compact(data.map(e => SampleValidate.output(e))));  // validate all and filter null values from validation errors
   })
 });
 
@@ -141,7 +142,7 @@ router.get('/sample/notes/fields', (req, res, next) => {
 
   NoteFieldModel.find({}).lean().exec((err, data) => {
     if (err) return next(err);
-    res.json(data.map(e => NoteFieldValidate.output(e)).filter(e => e !== null));  // validate all and filter null values from validation errors
+    res.json(_.compact(data.map(e => NoteFieldValidate.output(e))));  // validate all and filter null values from validation errors
   })
 });
 

src/routes/template.ts

@@ -1,4 +1,5 @@
 import express from 'express';
+import _ from 'lodash';
 
 import TemplateValidate from './validate/template';
 import TemplateTreatmentModel from '../models/treatment_template';
@@ -14,7 +15,7 @@ router.get('/template/:collection(measurements|treatments)', (req, res, next) =>
   (req.params.collection === 'treatments' ? TemplateTreatmentModel : TemplateMeasurementModel)
     .find({}).lean().exec((err, data) => {
      if (err) next (err);
-     res.json(data.map(e => TemplateValidate.output(e)).filter(e => e !== null));  // validate all and filter null values from validation errors
+     res.json(_.compact(data.map(e => TemplateValidate.output(e))));  // validate all and filter null values from validation errors
   });
 });
 

src/routes/user.ts

@@ -1,6 +1,7 @@
 import express from 'express';
 import mongoose from 'mongoose';
 import bcrypt from 'bcryptjs';
+import _ from 'lodash';
 
 import UserValidate from './validate/user';
 import UserModel from '../models/user';
@@ -14,7 +15,7 @@ router.get('/users', (req, res) => {
   if (!req.auth(res, ['admin'], 'basic')) return;
 
   UserModel.find({}).lean().exec(  (err, data:any) => {
-    res.json(data.map(e => UserValidate.output(e)).filter(e => e !== null));  // validate all and filter null values from validation errors
+    res.json(_.compact(data.map(e => UserValidate.output(e))));  // validate all and filter null values from validation errors
   });
 });
 

src/routes/validate/parameters.ts

@@ -6,7 +6,7 @@ export default class ParametersValidate {
     parameters.forEach(parameter => {
       if (parameter.range.hasOwnProperty('values')) {
         joiObject[parameter.name] = Joi.alternatives()
-          .try(Joi.string(), Joi.number(), Joi.boolean())
+          .try(Joi.string().max(128), Joi.number(), Joi.boolean())
           .valid(...parameter.range.values);
       }
       else if (parameter.range.hasOwnProperty('min') && parameter.range.hasOwnProperty('max')) {
@@ -22,9 +22,19 @@ export default class ParametersValidate {
         joiObject[parameter.name] = Joi.number()
           .max(parameter.range.max);
       }
+      else if (parameter.range.hasOwnProperty('type')) {
+        switch (parameter.range.type) {
+          case 'array':
+            joiObject[parameter.name] = Joi.array();
+            break;
+          default:
+            joiObject[parameter.name] = Joi.string().max(128);
+            break;
+        }
+      }
       else {
         joiObject[parameter.name] = Joi.alternatives()
-          .try(Joi.string(), Joi.number(), Joi.boolean());
+          .try(Joi.string().max(128), Joi.number(), Joi.boolean());
       }
       if (param === 'new') {
         joiObject[parameter.name] = joiObject[parameter.name].required()

src/test/db.json

@@ -243,6 +243,27 @@
         "status": 10,
         "measurement_template": {"$oid":"300000000000000000000001"},
         "__v": 0
+      },
+      {
+        "_id": {"$oid":"800000000000000000000002"},
+        "condition_id": {"$oid":"700000000000000000000002"},
+        "values": {
+          "weight %": 0.5,
+          "standard deviation": 0.2
+        },
+        "status": 10,
+        "measurement_template": {"$oid":"300000000000000000000002"},
+        "__v": 0
+      },
+      {
+        "_id": {"$oid":"800000000000000000000003"},
+        "condition_id": {"$oid":"700000000000000000000003"},
+        "values": {
+          "val1": 1
+        },
+        "status": 0,
+        "measurement_template": {"$oid":"300000000000000000000003"},
+        "__v": 0
       }
     ],
     "treatment_templates": [