import express from 'express'; import _ from 'lodash'; import SampleValidate from './validate/sample'; import NoteFieldValidate from './validate/note_field'; import res400 from './validate/res400'; import SampleModel from '../models/sample' import MeasurementModel from '../models/measurement'; import MaterialModel from '../models/material'; import NoteModel from '../models/note'; import NoteFieldModel from '../models/note_field'; import IdValidate from './validate/id'; import mongoose from 'mongoose'; import ConditionTemplateModel from '../models/condition_template'; import ParametersValidate from './validate/parameters'; import globals from '../globals'; import db from '../db'; const router = express.Router(); router.get('/samples', (req, res, next) => { if (!req.auth(res, ['read', 'write', 'maintain', 'dev', 'admin'], 'all')) return; SampleModel.find({status: globals.status.validated}).lean().exec((err, data) => { if (err) return next(err); res.json(_.compact(data.map(e => SampleValidate.output(e)))); // validate all and filter null values from validation errors }) }); router.get('/samples/:state(new|deleted)', (req, res, next) => { if (!req.auth(res, ['maintain', 'admin'], 'basic')) return; SampleModel.find({status: globals.status[req.params.state]}).lean().exec((err, data) => { if (err) return next(err); res.json(_.compact(data.map(e => SampleValidate.output(e)))); // validate all and filter null values from validation errors }); }); router.get('/sample/' + IdValidate.parameter(), (req, res, next) => { if (!req.auth(res, ['read', 'write', 'maintain', 'dev', 'admin'], 'all')) return; SampleModel.findById(req.params.id).populate('material_id').populate('user_id', 'name').populate('note_id').exec(async (err, sampleData: any) => { if (err) return next(err); if (sampleData) { await sampleData.populate('material_id.group_id').populate('material_id.supplier_id').execPopulate().catch(err => next(err)); if (sampleData instanceof Error) return; sampleData = sampleData.toObject(); if (sampleData.status === globals.status.deleted && !req.auth(res, ['maintain', 'admin'], 'all')) return; // deleted samples only available for maintain/admin sampleData.material = sampleData.material_id; // map data to right keys sampleData.material.group = sampleData.material.group_id.name; sampleData.material.supplier = sampleData.material.supplier_id.name; sampleData.user = sampleData.user_id.name; sampleData.notes = sampleData.note_id ? sampleData.note_id : {}; MeasurementModel.find({sample_id: mongoose.Types.ObjectId(req.params.id)}).lean().exec((err, data) => { sampleData.measurements = data; res.json(SampleValidate.output(sampleData, 'details')); }); } else { res.status(404).json({status: 'Not found'}); } }); }); router.put('/sample/' + IdValidate.parameter(), (req, res, next) => { if (!req.auth(res, ['write', 'maintain', 'dev', 'admin'], 'basic')) return; const {error, value: sample} = SampleValidate.input(req.body, 'change'); if (error) return res400(error, res); SampleModel.findById(req.params.id).lean().exec(async (err, sampleData: any) => { // check if id exists if (err) return next(err); if (!sampleData) { return res.status(404).json({status: 'Not found'}); } if (sampleData.status === globals.status.deleted) { return res.status(403).json({status: 'Forbidden'}); } // only maintain and admin are allowed to edit other user's data if (sampleData.user_id.toString() !== req.authDetails.id && !req.auth(res, ['maintain', 'admin'], 'basic')) return; if (sample.hasOwnProperty('material_id')) { if (!await materialCheck(sample, res, next)) return; } else if (sample.hasOwnProperty('color')) { if (!await materialCheck(sample, res, next, sampleData.material_id)) return; } if (sample.hasOwnProperty('condition') && !(_.isEmpty(sample.condition) && _.isEmpty(sampleData.condition))) { // do not execute check if condition is and was empty if (!await conditionCheck(sample.condition, 'change', res, next, sampleData.condition.condition_template.toString() !== sample.condition.condition_template)) return; } if (sample.hasOwnProperty('notes')) { let newNotes = true; if (sampleData.note_id !== null) { // old notes data exists const data = await NoteModel.findById(sampleData.note_id).lean().exec().catch(err => {next(err);}) as any; if (data instanceof Error) return; newNotes = !_.isEqual(_.pick(IdValidate.stringify(data), _.keys(sample.notes)), sample.notes); // check if notes were changed if (newNotes) { if (data.hasOwnProperty('custom_fields')) { // update note_fields customFieldsChange(Object.keys(data.custom_fields), -1, req); } await NoteModel.findByIdAndDelete(sampleData.note_id).log(req).lean().exec(err => { // delete old notes if (err) return console.error(err); }); } } if (_.keys(sample.notes).length > 0 && newNotes) { // save new notes if (!await sampleRefCheck(sample, res, next)) return; if (sample.notes.hasOwnProperty('custom_fields') && Object.keys(sample.notes.custom_fields).length > 0) { // new custom_fields customFieldsChange(Object.keys(sample.notes.custom_fields), 1, req); } let data = await new NoteModel(sample.notes).save().catch(err => { return next(err)}); // save new notes db.log(req, 'notes', {_id: data._id}, data.toObject()); delete sample.notes; sample.note_id = data._id; } } // check for changes if (!_.isEqual(_.pick(IdValidate.stringify(sampleData), _.keys(sample)), _.omit(sample, ['notes']))) { sample.status = globals.status.new; } await SampleModel.findByIdAndUpdate(req.params.id, sample, {new: true}).log(req).lean().exec((err, data: any) => { if (err) return next(err); res.json(SampleValidate.output(data)); }); }); }); router.delete('/sample/' + IdValidate.parameter(), (req, res, next) => { if (!req.auth(res, ['write', 'maintain', 'dev', 'admin'], 'basic')) return; SampleModel.findById(req.params.id).lean().exec(async (err, sampleData: any) => { // check if id exists if (err) return next(err); if (!sampleData) { return res.status(404).json({status: 'Not found'}); } // only maintain and admin are allowed to edit other user's data if (sampleData.user_id.toString() !== req.authDetails.id && !req.auth(res, ['maintain', 'admin'], 'basic')) return; await SampleModel.findByIdAndUpdate(req.params.id, {status:globals.status.deleted}).log(req).lean().exec(err => { // set sample status if (err) return next(err); // set status of associated measurements also to deleted MeasurementModel.updateMany({sample_id: mongoose.Types.ObjectId(req.params.id)}, {status: -1}).log(req).lean().exec(err => { if (err) return next(err); if (sampleData.note_id !== null) { // handle notes NoteModel.findById(sampleData.note_id).lean().exec((err, data: any) => { // find notes to update note_fields if (err) return next(err); if (data.hasOwnProperty('custom_fields')) { // update note_fields customFieldsChange(Object.keys(data.custom_fields), -1, req); } res.json({status: 'OK'}); }); } else { res.json({status: 'OK'}); } }); }); }); }); router.put('/sample/restore/' + IdValidate.parameter(), (req, res, next) => { if (!req.auth(res, ['maintain', 'admin'], 'basic')) return; SampleModel.findByIdAndUpdate(req.params.id, {status: globals.status.new}).log(req).lean().exec((err, data) => { if (err) return next(err); if (!data) { return res.status(404).json({status: 'Not found'}); } res.json({status: 'OK'}); }); }); router.put('/sample/validate/' + IdValidate.parameter(), (req, res, next) => { if (!req.auth(res, ['maintain', 'admin'], 'basic')) return; SampleModel.findById(req.params.id).lean().exec((err, data: any) => { if (err) return next(err); if (!data) { return res.status(404).json({status: 'Not found'}); } if (Object.keys(data.condition).length === 0) { return res.status(400).json({status: 'Sample without condition cannot be valid'}); } MeasurementModel.find({sample_id: mongoose.Types.ObjectId(req.params.id)}).lean().exec((err, data) => { if (err) return next(err); if (data.length === 0) { return res.status(400).json({status: 'Sample without measurements cannot be valid'}); } SampleModel.findByIdAndUpdate(req.params.id, {status: globals.status.validated}).log(req).lean().exec(err => { if (err) return next(err); res.json({status: 'OK'}); }); }); }); }); router.post('/sample/new', async (req, res, next) => { if (!req.auth(res, ['write', 'maintain', 'dev', 'admin'], 'basic')) return; if (!req.body.hasOwnProperty('condition')) { // add empty condition if not specified req.body.condition = {}; } const {error, value: sample} = SampleValidate.input(req.body, 'new' + (req.authDetails.level === 'admin' ? '-admin' : '')); if (error) return res400(error, res); if (!await materialCheck(sample, res, next)) return; if (!await sampleRefCheck(sample, res, next)) return; if (sample.notes.hasOwnProperty('custom_fields') && Object.keys(sample.notes.custom_fields).length > 0) { // new custom_fields customFieldsChange(Object.keys(sample.notes.custom_fields), 1, req); } if (!_.isEmpty(sample.condition)) { // do not execute check if condition is empty if (!await conditionCheck(sample.condition, 'change', res, next)) return; } sample.status = globals.status.new; // set status to new if (sample.hasOwnProperty('number')) { if (!await numberCheck(sample, res, next)) return; } else { sample.number = await numberGenerate(sample, req, res, next); } if (!sample.number) return; await new NoteModel(sample.notes).save((err, data) => { // save notes if (err) return next(err); db.log(req, 'notes', {_id: data._id}, data.toObject()); delete sample.notes; sample.note_id = data._id; sample.user_id = req.authDetails.id; new SampleModel(sample).save((err, data) => { if (err) return next(err); db.log(req, 'samples', {_id: data._id}, data.toObject()); res.json(SampleValidate.output(data.toObject())); }); }); }); router.get('/sample/notes/fields', (req, res, next) => { if (!req.auth(res, ['read', 'write', 'maintain', 'dev', 'admin'], 'all')) return; NoteFieldModel.find({}).lean().exec((err, data) => { if (err) return next(err); res.json(_.compact(data.map(e => NoteFieldValidate.output(e)))); // validate all and filter null values from validation errors }) }); module.exports = router; async function numberGenerate (sample, req, res, next) { // generate number in format Location32, returns false on error const sampleData = await SampleModel .findOne({number: new RegExp('^' + req.authDetails.location + '[0-9]+$', 'm')}) .sort({number: -1}) .lean() .exec() .catch(err => next(err)); if (sampleData instanceof Error) return false; return req.authDetails.location + (sampleData ? Number(sampleData.number.replace(/[^0-9]+/g, '')) + 1 : 1); } async function numberCheck(sample, res, next) { const sampleData = await SampleModel.findOne({number: sample.number}).lean().exec().catch(err => {next(err); return false;}); if (sampleData) { // found entry with sample number res.status(400).json({status: 'Sample number already taken'}); return false } return true; } async function materialCheck (sample, res, next, id = sample.material_id) { // validate material_id and color, returns false if invalid const materialData = await MaterialModel.findById(id).lean().exec().catch(err => next(err)) as any; if (materialData instanceof Error) return false; if (!materialData) { // could not find material_id res.status(400).json({status: 'Material not available'}); return false; } if (sample.hasOwnProperty('color') && !materialData.numbers.find(e => e.color === sample.color)) { // color for material not specified res.status(400).json({status: 'Color not available for material'}); return false; } return true; } async function conditionCheck (condition, param, res, next, checkVersion = true) { // validate treatment template, returns false if invalid, otherwise template data if (!condition.condition_template || !IdValidate.valid(condition.condition_template)) { // template id not found res.status(400).json({status: 'Condition template not available'}); return false; } const conditionData = await ConditionTemplateModel.findById(condition.condition_template).lean().exec().catch(err => next(err)) as any; if (conditionData instanceof Error) return false; if (!conditionData) { // template not found res.status(400).json({status: 'Condition template not available'}); return false; } if (checkVersion) { // get all template versions and check if given is latest const conditionVersions = await ConditionTemplateModel.find({first_id: conditionData.first_id}).sort({version: -1}).lean().exec().catch(err => next(err)) as any; if (conditionVersions instanceof Error) return false; if (condition.condition_template !== conditionVersions[0]._id.toString()) { // template not latest res.status(400).json({status: 'Old template version not allowed'}); return false; } } // validate parameters const {error, value: ignore} = ParametersValidate.input(_.omit(condition, 'condition_template'), conditionData.parameters, param); if (error) {res400(error, res); return false;} return conditionData; } function sampleRefCheck (sample, res, next) { // validate sample_references, resolves false for invalid reference return new Promise(resolve => { if (sample.notes.hasOwnProperty('sample_references') && sample.notes.sample_references.length > 0) { // there are sample_references let referencesCount = sample.notes.sample_references.length; // count to keep track of running async operations sample.notes.sample_references.forEach(reference => { SampleModel.findById(reference.sample_id).lean().exec((err, data) => { if (err) {next(err); resolve(false)} if (!data) { res.status(400).json({status: 'Sample reference not available'}); return resolve(false); } referencesCount --; if (referencesCount <= 0) { // all async requests done resolve(true); } }); }); } else { resolve(true); } }); } function customFieldsChange (fields, amount, req) { // update custom_fields and respective quantities fields.forEach(field => { NoteFieldModel.findOneAndUpdate({name: field}, {$inc: {qty: amount}} as any, {new: true}).log(req).lean().exec((err, data: any) => { // check if field exists if (err) return console.error(err); if (!data) { // new field new NoteFieldModel({name: field, qty: 1}).save((err, data) => { if (err) return console.error(err); db.log(req, 'note_fields', {_id: data._id}, data.toObject()); }) } else if (data.qty <= 0) { // delete document if field is not used anymore NoteFieldModel.findOneAndDelete({name: field}).log(req).lean().exec(err => { if (err) return console.error(err); }); } }); }); }