dwayne
/
flexor-api
1
0
Fork 0
Code Releases Activity
Browse Source

WIP

master
Dwayne Harris 4 years ago
parent
022de50e64
commit
a0720c4e50
6 changed files with 33 additions and 32 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 10
      src/plugins/api/apps.ts
  2. 4
      src/plugins/api/authentication.ts
  3. 12
      src/plugins/api/groups.ts
  4. 8
      src/plugins/api/media.ts
  5. 10
      src/plugins/api/posts.ts
  6. 21
      src/plugins/api/users.ts

10
src/plugins/api/apps.ts
View File

@ -15,7 +15,7 @@ import { appSchema, errorSchema } from '../../schemas'
import { getUsers, userIdIsValid, userIsValid } from '../../lib/collections'
import { generateString } from '../../lib/crypto'
import { containerFor, getItem, normalize, queryItems, createQuerySpec } from '../../lib/database'
import { unauthorizedError, serverError, badRequestError, notFoundError } from '../../lib/errors'
import { unauthorizedError, serverError, badRequestError, notFoundError, forbiddenError } from '../../lib/errors'
import { attachMedia, deleteMedia } from '../../lib/media'
import { createInstallationId } from '../../lib/utils'
@ -466,7 +466,7 @@ function getRoute(server: FastifyInstance<Server, IncomingMessage, ServerRespons
const options: RouteShorthandOptions = {
schema: {
description: 'Get App.',
description: 'Get an App.',
tags: ['app'],
params: {
type: 'object',
@ -548,7 +548,7 @@ function installRoute(server: FastifyInstance<Server, IncomingMessage, ServerRes
if (!app) return notFoundError(reply)
const { resource: viewer } = await viewerItem.read<User>()
if (!userIsValid(viewer)) return unauthorizedError(reply)
if (!userIsValid(viewer)) return forbiddenError(reply)
const installations = await queryItems<Installation>({
container: appContainer,
@ -635,7 +635,7 @@ function uninstallRoute(server: FastifyInstance<Server, IncomingMessage, ServerR
if (!app) return notFoundError(reply)
const { resource: viewer } = await viewerItem.read<User>()
if (!userIsValid(viewer)) return unauthorizedError(reply)
if (!userIsValid(viewer)) return forbiddenError(reply)
const installations = await queryItems<Installation>({
container: appContainer,
@ -716,7 +716,7 @@ function installationsRoute(server: FastifyInstance<Server, IncomingMessage, Ser
})
if (!viewer) return unauthorizedError(reply)
if (!userIsValid(viewer)) return unauthorizedError(reply)
if (!userIsValid(viewer)) return forbiddenError(reply)
const container = containerFor(server.database.client, 'Apps')

4
src/plugins/api/authentication.ts
View File

@ -10,7 +10,7 @@ import {
import { Server, IncomingMessage, ServerResponse } from 'http'
import { MIN_ID_LENGTH, MAX_ID_LENGTH, MAX_NAME_LENGTH, MIN_PASSWORD_LENGTH, INSTALLATION_PARTITION_KEY } from '../../constants'
import { MIN_ID_LENGTH, MAX_ID_LENGTH, MAX_NAME_LENGTH, MIN_PASSWORD_LENGTH, INSTALLATION_PARTITION_KEY, APP_PARTITION_KEY } from '../../constants'
import { tokenResponseSchema, selfSchema, errorSchema } from '../../schemas'
import { createAccessToken, createRefreshToken } from '../../lib/authentication'
import { getUser, getUserIdFromEmail, getUserIdFromPhone } from '../../lib/collections'
@ -164,7 +164,7 @@ function registerRoute(server: FastifyInstance<Server, IncomingMessage, ServerRe
const apps = await queryItems<App>({
container: appContainer,
query: 'SELECT * FROM Apps a WHERE a.active = true AND a.preinstall = true',
query: `SELECT * FROM Apps a WHERE a.pk = '${APP_PARTITION_KEY}' AND a.active = true AND a.preinstall = true`,
logger: request.log,
})

12
src/plugins/api/groups.ts
View File

@ -783,7 +783,7 @@ function createInvitationRoute(server: FastifyInstance<Server, IncomingMessage,
},
}
server.post<DefaultQuery, DefaultParams, DefaultHeaders, Body>('/v1/group/:id/invitation', options, async (request, reply) => {
server.post<DefaultQuery, DefaultParams, DefaultHeaders, Body>('/v1/group/invitation', options, async (request, reply) => {
if (!server.database) return serverError(reply)
if (!request.viewer) return unauthorizedError(reply)
@ -792,7 +792,7 @@ function createInvitationRoute(server: FastifyInstance<Server, IncomingMessage,
const container = containerFor(server.database.client, 'Groups')
const group = await getItem<Group>({ container, id: request.params.id })
const group = await getItem<Group>({ container, id: membership.pk })
if (!group) return notFoundError(reply)
const code = createInvitationCode()
@ -867,7 +867,7 @@ function invitationsRoute(server: FastifyInstance<Server, IncomingMessage, Serve
},
}
server.get<Query, DefaultParams, DefaultHeaders, DefaultBody>('/v1/group/:id/invitations', options, async (request, reply) => {
server.get<Query, DefaultParams, DefaultHeaders, DefaultBody>('/v1/group/invitations', options, async (request, reply) => {
if (!server.database) return serverError(reply)
if (!request.viewer) return unauthorizedError(reply)
@ -876,7 +876,7 @@ function invitationsRoute(server: FastifyInstance<Server, IncomingMessage, Serve
const container = containerFor(server.database.client, 'Groups')
const group = await getItem<Group>({ container, id: request.params.id })
const group = await getItem<Group>({ container, id: membership.pk })
if (!group) return notFoundError(reply)
const { continuation } = request.query
@ -948,7 +948,7 @@ function logsRoute(server: FastifyInstance<Server, IncomingMessage, ServerRespon
},
}
server.get<Query, DefaultParams, DefaultHeaders, DefaultBody>('/v1/group/:id/logs', options, async (request, reply) => {
server.get<Query, DefaultParams, DefaultHeaders, DefaultBody>('/v1/group/logs', options, async (request, reply) => {
if (!server.database) return serverError(reply)
if (!request.viewer) return unauthorizedError(reply)
@ -957,7 +957,7 @@ function logsRoute(server: FastifyInstance<Server, IncomingMessage, ServerRespon
const container = containerFor(server.database.client, 'Groups')
const group = await getItem<Group>({ container, id: request.params.id })
const group = await getItem<Group>({ container, id: membership.pk })
if (!group) return notFoundError(reply)
const { continuation } = request.query

8
src/plugins/api/media.ts
View File

@ -106,7 +106,7 @@ function addRoute(server: FastifyInstance<Server, IncomingMessage, ServerRespons
}
function deleteRoute(server: FastifyInstance<Server, IncomingMessage, ServerResponse>) {
interface Body {
interface Params {
name: string
}
@ -114,7 +114,7 @@ function deleteRoute(server: FastifyInstance<Server, IncomingMessage, ServerResp
schema: {
description: 'Delete a media item.',
tags: ['media'],
body: {
querystring: {
type: 'object',
required: ['name'],
properties: {
@ -131,10 +131,10 @@ function deleteRoute(server: FastifyInstance<Server, IncomingMessage, ServerResp
},
}
server.post<DefaultQuery, DefaultParams, DefaultHeaders, Body>('/v1/media/delete', options, async (request, reply) => {
server.delete<DefaultQuery, Params, DefaultHeaders, DefaultBody>('/v1/media', options, async (request, reply) => {
if (!server.database) return serverError(reply)
const mediaItem = containerFor(server.database.client, 'Media').item(request.body.name, MEDIA_PARTITION_KEY)
const mediaItem = containerFor(server.database.client, 'Media').item(request.query.name, MEDIA_PARTITION_KEY)
const { resource: media } = await mediaItem.read<Media>()
if (!media) return badRequestError(reply)

10
src/plugins/api/posts.ts
View File

@ -375,7 +375,7 @@ function postsByUserRoute(server: FastifyInstance<Server, IncomingMessage, Serve
const viewer = await getItem<User>({ container: userContainer, id: request.viewer.id })
if (!viewer) return serverError(reply)
if (!viewer.groupId) return unauthorizedError(reply)
if (!userIsValid(viewer)) return forbiddenError(reply)
const subscriptions = await getApprovedSubscriptions(server.database.client, user.id, request.viewer.id, request.log)
if (viewer.groupId !== user.groupId && subscriptions.length === 0) return unauthorizedError(reply)
@ -387,9 +387,9 @@ function postsByUserRoute(server: FastifyInstance<Server, IncomingMessage, Serve
if (request.viewer) {
const viewer = await getItem<User>({ container: userContainer, id: request.viewer.id })
if (!viewer) return serverError(reply)
if (!viewer.groupId) return unauthorizedError(reply)
if (!userIsValid(viewer)) return forbiddenError(reply)
const blocks = await getUserBlocks(server.database.client, user.id, [viewer.id, viewer.groupId], request.log)
const blocks = await getUserBlocks(server.database.client, user.id, [viewer.id, viewer.groupId!], request.log)
if (blocks.length > 0) return unauthorizedError(reply)
}
@ -575,7 +575,7 @@ function postRoute(server: FastifyInstance<Server, IncomingMessage, ServerRespon
if (request.viewer) {
const viewer = await getItem<User>({ container: containerFor(server.database.client, 'Users'), id: request.viewer.id })
if (!viewer) return serverError(reply)
if (!viewer.groupId) return unauthorizedError(reply)
if (!userIsValid(viewer)) return forbiddenError(reply)
const blockQuery = createQuerySpec(`
SELECT g.userId FROM Groups g WHERE
@ -585,7 +585,7 @@ function postRoute(server: FastifyInstance<Server, IncomingMessage, ServerRespon
ARRAY_CONTAINS(@ids, g.userId)
`, {
viewer: viewer.id,
viewerGroup: viewer.groupId,
viewerGroup: viewer.groupId!,
ids: userIds,
type: GroupItemType.Block,
})

21
src/plugins/api/users.ts
View File

@ -10,8 +10,8 @@ import {
import { Server, IncomingMessage, ServerResponse } from 'http'
import { unauthorizedError, serverError, notFoundError, badRequestError, badRequestFormError } from '../../lib/errors'
import { getUserBlocks, getUser, getUserIdFromPhone, getUserIdFromEmail } from '../../lib/collections'
import { unauthorizedError, serverError, notFoundError, badRequestError, badRequestFormError, forbiddenError } from '../../lib/errors'
import { getUserBlocks, getUser, getUserIdFromPhone, getUserIdFromEmail, userIsValid } from '../../lib/collections'
import { containerFor, createQuerySpec, queryItems, getItem, normalize } from '../../lib/database'
import { deleteMedia, attachMedia } from '../../lib/media'
@ -140,6 +140,7 @@ function updateRoute(server: FastifyInstance<Server, IncomingMessage, ServerResp
const { resource: viewer } = await viewerItem.read<User>()
if (!viewer) return serverError(reply)
if (!userIsValid(viewer)) return forbiddenError(reply)
const {
name,
@ -253,9 +254,9 @@ function getRoute(server: FastifyInstance<Server, IncomingMessage, ServerRespons
if (request.viewer && request.viewer.id !== user.id) {
const viewer = await getItem<User>({ container: userContainer, id: request.viewer.id })
if (!viewer) return serverError(reply)
if (!viewer.groupId) return unauthorizedError(reply)
if (!userIsValid(viewer)) return forbiddenError(reply)
const blocks = await getUserBlocks(server.database.client, user.id, [viewer.id, viewer.groupId], request.log)
const blocks = await getUserBlocks(server.database.client, user.id, [viewer.id, viewer.groupId!], request.log)
if (blocks.length > 0) return unauthorizedError(reply)
const subscription = (await queryItems<UserSubscription>({
@ -331,7 +332,7 @@ function subscribeRoute(server: FastifyInstance<Server, IncomingMessage, ServerR
if (!server.database) return serverError(reply)
if (!request.viewer) return unauthorizedError(reply)
if (request.viewer.id === request.params.id) return badRequestError(reply)
if (request.viewer.id === request.params.id) return badRequestError(reply, 'Cannot subscribe to self')
const userContainer = containerFor(server.database.client, 'Users')
const user = await getItem<User>({ container: userContainer, id: request.params.id })
@ -339,7 +340,7 @@ function subscribeRoute(server: FastifyInstance<Server, IncomingMessage, ServerR
if (!user) return notFoundError(reply)
if (!viewer) return serverError(reply)
if (!viewer.groupId) return unauthorizedError(reply)
if (!userIsValid(viewer)) return forbiddenError(reply)
const subscriptionQuery = createQuerySpec(`SELECT u.id FROM Users u WHERE u.id = @user AND u.pk = @viewer AND u.t = @type`, {
user: user.id,
@ -370,14 +371,14 @@ function subscribeRoute(server: FastifyInstance<Server, IncomingMessage, ServerR
(g.blockedId = @viewer OR g.blockedId = @viewerGroup)
`, {
user: user.id,
viewerGroup: viewer.groupId,
viewerGroup: viewer.groupId!,
type: GroupItemType.Block,
})
const blocks = await queryItems<GroupBlock>({
container: containerFor(server.database.client, 'Groups'),
query: blockQuery,
logger: request.log
logger: request.log,
})
if (blocks.length > 0) return badRequestError(reply, 'Invalid operation')
@ -563,7 +564,7 @@ function unblockRoute(server: FastifyInstance<Server, IncomingMessage, ServerRes
const user = await getItem<User>({ container: userContainer, id: request.params.id })
if (!user) return notFoundError(reply)
if (!user.groupId) return badRequestError(reply, 'Invalid operation')
if (!user.groupId) return badRequestError(reply)
const userBlockQuery = createQuerySpec(`SELECT u.id FROM Users u WHERE u.pk = @pk AND u.blockedId = @blocked AND u.t = @type`, {
pk: request.viewer.id,
@ -574,7 +575,7 @@ function unblockRoute(server: FastifyInstance<Server, IncomingMessage, ServerRes
const userBlocks = await queryItems<UserBlock>({
container: userContainer,
query: userBlockQuery,
logger: request.log
logger: request.log,
})
for (const userBlock of userBlocks) {

Write Preview
Loading…
Cancel
Save