dwayne
/
flexor-api
1
0
Fork 0
Code Releases Activity
[ABANDONED] API server for Flexor social network.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
27 Commits
1 Branch
0 Tags
290 KiB
 
Tree: f3bcfa581f
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'f3bcfa581f'
${ noResults }
flexor-api/src/plugins/api/groups.ts

898 lines
29 KiB
Raw Blame History

import {
FastifyInstance,
Plugin,
DefaultQuery,
DefaultParams,
DefaultBody,
RouteShorthandOptions,
DefaultHeaders,
} from 'fastify'
import { Server, IncomingMessage, ServerResponse } from 'http'
import merge from 'lodash/merge'
import { MIN_ID_LENGTH, MAX_NAME_LENGTH, GROUP_LISTING_PARTITION_KEY } from '../../constants'
import { errorSchema, groupListingSchema, userSchema } from '../../schemas'
import { unauthorizedError, badRequestError, notFoundError, serverError } from '../../lib/errors'
import { getUsers, getUserMembership } from '../../lib/collections'
import { containerFor, createQuerySpec, queryItems, getItem, normalize } from '../../lib/database'
import { createInvitationCode } from '../../lib/utils'
import {
User,
Group,
GroupListing,
GroupMembership,
UserBlock,
GroupBlock,
GroupRegistrationType,
GroupStatus,
GroupMembershipType,
GroupItemType,
BlockType,
UserItemType,
GroupLog,
GroupInvitation,
} from '../../types/collections'
import { PluginOptions } from '../../types'
function availabilityRoute(server: FastifyInstance<Server, IncomingMessage, ServerResponse>) {
interface Body {
name: string
}
const options: RouteShorthandOptions = {
schema: {
body: {
type: 'object',
required: ['name'],
properties: {
name: {
type: 'string',
maxLength: MAX_NAME_LENGTH,
},
},
},
response: {
200: {
type: 'object',
properties: {
id: { type: 'string' },
available: { type: 'boolean' },
},
},
400: errorSchema,
},
},
}
server.post<DefaultQuery, DefaultParams, DefaultHeaders, Body>('/api/group/available', options, async (request, reply) => {
if (!server.database) return serverError(reply)
const id = normalize(request.body.name)
const group = await getItem<Group>({
container: containerFor(server.database.client, 'Groups'),
id,
})
return {
id,
available: !group,
}
})
}
function createRoute(server: FastifyInstance<Server, IncomingMessage, ServerResponse>) {
interface Body {
name: string
about?: string
registration: GroupRegistrationType
}
const options: RouteShorthandOptions = {
schema: {
body: {
type: 'object',
required: ['name', 'registration'],
properties: {
name: {
type: 'string',
minLength: MIN_ID_LENGTH,
maxLength: MAX_NAME_LENGTH,
},
about: { type: 'string' },
registration: {
type: 'string',
enum: ['open', 'approval', 'closed'],
},
},
},
response: {
200: {
type: 'object',
properties: {
id: { type: 'string' },
},
},
400: errorSchema,
},
},
}
server.post<DefaultQuery, DefaultParams, DefaultHeaders, Body>('/api/group', options, async (request, reply) => {
if (!server.database) return serverError(reply)
if (!request.viewer) return unauthorizedError(reply)
const viewerItem = containerFor(server.database.client, 'Users').item(request.viewer.id, request.viewer.id)
const { resource: viewer } = await viewerItem.read<User>()
const groupContainer = containerFor(server.database.client, 'Groups')
if (viewer.group) return badRequestError(reply)
const { name, about, registration } = request.body
const id = normalize(name)
const existingGroup = await getItem<Group>({ container: groupContainer, id })
if (existingGroup) return badRequestError(reply, 'Name already used')
const group: Group = {
id: id,
pk: id,
t: GroupItemType.Group,
userId: request.viewer.id,
name,
about,
registration,
status: GroupStatus.Pending,
active: true,
created: Date.now(),
}
const membership: GroupMembership = {
id: request.viewer.id,
pk: id,
t: GroupItemType.Membership,
userId: request.viewer.id,
pending: false,
membership: GroupMembershipType.Admin,
created: Date.now(),
}
await groupContainer.items.create(group)
await groupContainer.items.create(membership)
await viewerItem.replace<User>({
...viewer,
group: {
id: group.id,
name: group.name,
imageUrl: group.imageUrl,
coverImageUrl: group.coverImageUrl,
},
})
await groupContainer.items.create<GroupLog>({
pk: group.id,
t: GroupItemType.Log,
userId: request.viewer.id,
content: 'created',
created: Date.now(),
})
return {
id: group.id,
}
})
}
function getRoute(server: FastifyInstance<Server, IncomingMessage, ServerResponse>) {
interface Params {
id: string
}
const options: RouteShorthandOptions = {
schema: {
params: {
type: 'object',
properties: {
id: { type: 'string' },
},
},
response: {
200: groupListingSchema,
},
},
}
server.get<DefaultQuery, Params, DefaultHeaders, DefaultBody>('/api/group/:id', options, async (request, reply) => {
if (!server.database) return serverError(reply)
const groupContainer = containerFor(server.database.client, 'Groups')
const listing = await getItem<GroupListing>({
container: containerFor(server.database.client, 'GroupDirectory'),
id: request.params.id,
partitionKey: 'pk',
})
const group = await getItem<Group>({
container: groupContainer,
id: request.params.id,
})
const combine = async (group: Group, listing: GroupListing) => {
if (request.viewer) {
const memberships = await queryItems<GroupMembership>({
container: groupContainer,
query: createQuerySpec(
`
SELECT * FROM Groups g WHERE
g.pk = @pk AND
g.t = @type AND
g.userId = @userId AND
g.pending = false
`,
{
pk: group.id,
type: GroupItemType.Membership,
userId: request.viewer.id,
}
),
logger: request.log,
})
if (memberships.length > 0) {
return merge(group, listing, {
membership: memberships[0].membership,
})
}
}
return merge(group, listing)
}
if (!group || !listing) return notFoundError(reply)
return combine(group, listing)
})
}
function updateRoute(server: FastifyInstance<Server, IncomingMessage, ServerResponse>) {
interface Body {
name?: string
about?: string
registration?: string
}
const options: RouteShorthandOptions = {
schema: {
body: {
type: 'object',
properties: {
name: {
type: 'string',
minLength: MIN_ID_LENGTH,
maxLength: MAX_NAME_LENGTH,
},
about: { type: 'string' },
registration: {
type: 'string',
enum: ['open', 'approval', 'closed'],
},
},
},
response: {
400: errorSchema,
},
},
}
server.put<DefaultQuery, DefaultParams, DefaultHeaders, Body>('/api/group/:id', options, async (request, reply) => {
if (!server.database) return serverError(reply)
if (!request.viewer) return unauthorizedError(reply)
const membership = await getUserMembership(server.database.client, request.viewer.id, request.log)
if (!membership || membership.membership !== GroupMembershipType.Admin) return unauthorizedError(reply)
const groupContainer = containerFor(server.database.client, 'Groups')
const directoryContainer = containerFor(server.database.client, 'GroupDirectory')
const groupItem = groupContainer.item(request.params.id, request.params.id)
const groupListingItem = directoryContainer.item(request.params.id, GROUP_LISTING_PARTITION_KEY)
const { resource: group } = await groupItem.read<Group>()
if (!group) return notFoundError(reply)
const { resource: groupListing } = await groupListingItem.read<GroupListing>()
interface Updates {
name?: string
about?: string
registration?: GroupRegistrationType
}
let updates: Updates = {}
if (request.body.name) updates.name = request.body.name
if (request.body.about) updates.about = request.body.about
if (request.body.registration) updates.registration = request.body.registration as GroupRegistrationType
await groupItem.replace<Group>({
...group,
...updates,
})
if (groupListing) {
await groupListingItem.replace<GroupListing>({
...groupListing,
...updates,
})
}
await groupContainer.items.create<GroupLog>({
pk: group.id,
t: GroupItemType.Log,
userId: request.viewer.id,
content: 'updated',
created: Date.now(),
})
reply.code(204)
})
}
function blockRoute(server: FastifyInstance<Server, IncomingMessage, ServerResponse>) {
interface Params {
id: string
}
interface Body {
description?: string
}
const options: RouteShorthandOptions = {
schema: {
params: {
type: 'object',
properties: {
id: { type: 'string' },
},
},
body: {
type: 'object',
properties: {
description: { type: 'string' },
},
},
},
}
server.post<DefaultQuery, Params, DefaultHeaders, Body>('/api/group/:id/block', options, async (request, reply) => {
if (!server.database) return serverError(reply)
if (!request.viewer) return unauthorizedError(reply)
const groupContainer = containerFor(server.database.client, 'Groups')
const group = await getItem<Group>({ container: groupContainer, id: request.params.id })
if (!group) return notFoundError(reply)
await containerFor(server.database.client, 'Users').items.create<UserBlock>({
blockedId: group.id,
pk: request.viewer.id,
t: UserItemType.Block,
blockType: BlockType.Group,
description: request.body.description,
created: Date.now(),
})
await groupContainer.items.create<GroupBlock>({
pk: group.id,
t: GroupItemType.Block,
blockedId: group.id,
userId: request.viewer.id,
created: Date.now(),
})
reply.code(204)
})
}
function unblockRoute(server: FastifyInstance<Server, IncomingMessage, ServerResponse>) {
interface Params {
id: string
}
const options: RouteShorthandOptions = {
schema: {
params: {
type: 'object',
properties: {
id: { type: 'string' },
},
},
},
}
server.post<DefaultQuery, Params, DefaultHeaders, DefaultBody>('/api/group/:id/unblock', options, async (request, reply) => {
if (!server.database) return serverError(reply)
if (!request.viewer) return unauthorizedError(reply)
const userContainer = containerFor(server.database.client, 'Users')
const groupContainer = containerFor(server.database.client, 'Groups')
const group = await getItem<Group>({ container: groupContainer, id: request.params.id })
if (!group) return notFoundError(reply)
const userBlockQuery = createQuerySpec(`SELECT u.id FROM Users u WHERE u.pk = @pk AND u.blockedId = @blocked AND u.t = @type`, {
pk: request.viewer.id,
blocked: group.id,
type: UserItemType.Block,
})
const userBlocks = await queryItems<UserBlock>({
container: userContainer,
query: userBlockQuery,
logger: request.log
})
for (const userBlock of userBlocks) {
await userContainer.item(userBlock.id!, request.viewer.id).delete()
}
const groupBlockQuery = createQuerySpec(
`SELECT g.id FROM Groups g WHERE g.pk = @pk AND u.blockedId = @blocked AND u.userId = @viewer AND u.t = @type`,
{
pk: group.id,
blocked: group.id,
viewer: request.viewer.id,
type: GroupItemType.Block,
}
)
const groupBlocks = await queryItems<UserBlock>({
container: groupContainer,
query: groupBlockQuery,
logger: request.log
})
for (const groupBlock of groupBlocks) {
await groupContainer.item(groupBlock.id!, group.id).delete()
}
reply.code(204)
})
}
function activateRoute(server: FastifyInstance<Server, IncomingMessage, ServerResponse>) {
interface Params {
id: string
}
const options: RouteShorthandOptions = {
schema: {
params: {
type: 'object',
properties: {
id: { type: 'string' },
},
},
},
}
server.post<DefaultQuery, Params, DefaultHeaders, DefaultBody>('/api/group/:id/activate', options, async (request, reply) => {
if (!server.database) return serverError(reply)
const container = containerFor(server.database.client, 'Groups')
const groupItem = container.item(request.params.id, request.params.id)
const { resource: group } = await groupItem.read<Group>()
if (!group) return notFoundError(reply)
if (group.active && group.status === 'paid') {
return badRequestError(reply, 'Already activated')
}
await groupItem.replace<Group>({
...group,
active: true,
status: GroupStatus.Paid,
})
const directoryContainer = containerFor(server.database.client, 'GroupDirectory')
const listingItem = directoryContainer.item(request.params.id, GROUP_LISTING_PARTITION_KEY)
const { resource: listing } = await listingItem.read<GroupListing>()
if (!listing) {
await directoryContainer.items.create<GroupListing>({
id: group.id,
name: group.name,
pk: GROUP_LISTING_PARTITION_KEY,
registration: group.registration,
members: 1,
posts: 0,
awards: 0,
points: 0,
latestAwards: [],
created: Date.now(),
})
}
reply.code(204)
})
}
function listRoute(server: FastifyInstance<Server, IncomingMessage, ServerResponse>) {
interface Query {
sort?: string
registration?: GroupRegistrationType
continuation?: string
}
const options: RouteShorthandOptions = {
schema: {
querystring: {
type: 'object',
properties: {
sort: {
type: 'string',
enum: ['name', 'members', 'points'],
},
registration: {
type: 'string',
enum: ['open', 'approval', 'closed'],
},
continuation: { type: 'string' },
},
},
response: {
200: {
type: 'object',
properties: {
groups: {
type: 'array',
items: groupListingSchema,
},
continuation: { type: 'string' },
}
},
400: errorSchema,
}
},
}
server.get<Query, DefaultParams, DefaultHeaders, DefaultBody>('/api/groups', options, async (request, reply) => {
if (!server.database) return serverError(reply)
const { sort = 'members', registration, continuation } = request.query
let registrationString = ''
if (registration) {
registrationString = `AND d.registration = '${registration}'`
}
const container = containerFor(server.database.client, 'GroupDirectory')
const { resources: groups, requestCharge, continuation: newContinuation } = await container.items.query<GroupListing>(
`SELECT * FROM GroupDirectory d WHERE d.pk = '${GROUP_LISTING_PARTITION_KEY}' ${registrationString} ORDER BY d.${sort}`,
{
maxItemCount: 40,
continuation,
}
).fetchAll()
request.log.trace('Query: %d', requestCharge)
return {
groups,
continuation: newContinuation,
}
})
}
function membersRoute(server: FastifyInstance<Server, IncomingMessage, ServerResponse>) {
interface Query {
type?: string
continuation?: string
}
const options: RouteShorthandOptions = {
schema: {
querystring: {
type: 'object',
properties: {
type: {
type: 'string',
enum: ['admin', 'moderator', 'member'],
},
continuation: { type: 'string' },
},
},
response: {
200: {
type: 'object',
properties: {
members: {
type: 'array',
items: userSchema,
},
continuation: { type: 'string' },
}
},
400: errorSchema,
}
},
}
server.get<Query, DefaultParams, DefaultHeaders, DefaultBody>('/api/group/:id/members', options, async (request, reply) => {
if (!server.database) return serverError(reply)
const groupContainer = containerFor(server.database.client, 'Groups')
const group = await getItem<Group>({ container: groupContainer, id: request.params.id })
if (!group) return notFoundError(reply)
const { type, continuation } = request.query
let typeString = ''
if (type) {
typeString = `AND g.membership = '${type}'`
}
const container = containerFor(server.database.client, 'Groups')
const { resources: memberships, requestCharge, continuation: newContinuation } = await container.items.query<GroupMembership>(
`SELECT g.userId, g.membership FROM Groups g WHERE g.pk = '${group.id}' AND g.t = '${GroupItemType.Membership}' ${typeString} ORDER BY g.created DESC`,
{
maxItemCount: 100,
continuation,
}
).fetchAll()
request.log.trace('Query: %d', requestCharge)
const users = await getUsers(server.database.client, memberships.map(membership => membership.userId), request.log)
return {
members: users.map(user => {
const m = memberships.find(membership => membership.userId === user.id)
return {
...user,
membership: m ? m.membership : undefined,
}
}),
continuation: newContinuation,
}
})
}
function createInvitationRoute(server: FastifyInstance<Server, IncomingMessage, ServerResponse>) {
interface Body {
expiration?: number
limit?: number
}
const options: RouteShorthandOptions = {
schema: {
body: {
type: 'object',
properties: {
expiration: { type: 'number' },
limit: { type: 'number' },
},
},
response: {
200: {
type: 'object',
properties: {
code: { type: 'string' },
},
},
},
},
}
server.post<DefaultQuery, DefaultParams, DefaultHeaders, Body>('/api/group/:id/invitation', options, async (request, reply) => {
if (!server.database) return serverError(reply)
if (!request.viewer) return unauthorizedError(reply)
const membership = await getUserMembership(server.database.client, request.viewer.id, request.log)
if (!membership || membership.membership !== GroupMembershipType.Admin) return unauthorizedError(reply)
const container = containerFor(server.database.client, 'Groups')
const group = await getItem<Group>({ container, id: request.params.id })
if (!group) return notFoundError(reply)
const code = createInvitationCode()
await container.items.create<GroupInvitation>({
id: code,
pk: group.id,
t: GroupItemType.Invitation,
userId: request.viewer.id,
limit: request.body.limit,
expiration: request.body.expiration,
uses: 0,
active: true,
created: Date.now(),
})
await container.items.create<GroupLog>({
pk: group.id,
t: GroupItemType.Log,
userId: request.viewer.id,
content: `created invitation: ${code}`,
created: Date.now(),
})
return {
code,
}
})
}
function invitationsRoute(server: FastifyInstance<Server, IncomingMessage, ServerResponse>) {
interface Query {
continuation?: string
}
const options: RouteShorthandOptions = {
schema: {
querystring: {
type: 'object',
properties: {
continuation: { type: 'string' },
},
},
response: {
200: {
type: 'object',
properties: {
invitations: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
user: userSchema,
uses: { type: 'number' },
expiration: { type: 'number' },
limit: { type: 'number' },
created: { type: 'number' },
},
},
},
continuation: { type: 'string' },
},
},
400: errorSchema,
},
},
}
server.get<Query, DefaultParams, DefaultHeaders, DefaultBody>('/api/group/:id/invitations', options, async (request, reply) => {
if (!server.database) return serverError(reply)
if (!request.viewer) return unauthorizedError(reply)
const membership = await getUserMembership(server.database.client, request.viewer.id, request.log)
if (!membership || membership.membership !== GroupMembershipType.Admin) return unauthorizedError(reply)
const container = containerFor(server.database.client, 'Groups')
const group = await getItem<Group>({ container, id: request.params.id })
if (!group) return notFoundError(reply)
const { continuation } = request.query
const { resources: invitations, requestCharge, continuation: newContinuation } = await container.items.query<GroupLog>(
`SELECT * FROM Groups g WHERE
g.pk = '${group.id}' AND
g.t = '${GroupItemType.Invitation}' AND
g.expiration < GETCURRENTTIMESTAMP() AND
g.active = true ORDER BY g.created DESC`,
{
maxItemCount: 80,
continuation,
}
).fetchAll()
request.log.trace('Query: %d', requestCharge)
const users = await getUsers(server.database.client, invitations.map(invitation => invitation.userId), request.log)
return {
invitations: invitations.map(invitation => ({
...invitation,
user: users.find(user => user.id === invitation.userId),
userId: undefined,
})),
continuation: newContinuation,
}
})
}
function logsRoute(server: FastifyInstance<Server, IncomingMessage, ServerResponse>) {
interface Query {
continuation?: string
}
const options: RouteShorthandOptions = {
schema: {
querystring: {
type: 'object',
properties: {
continuation: { type: 'string' },
},
},
response: {
200: {
type: 'object',
properties: {
logs: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
user: userSchema,
content: { type: 'string' },
created: { type: 'number' },
},
},
},
continuation: { type: 'string' },
},
},
400: errorSchema,
},
},
}
server.get<Query, DefaultParams, DefaultHeaders, DefaultBody>('/api/group/:id/logs', options, async (request, reply) => {
if (!server.database) return serverError(reply)
if (!request.viewer) return unauthorizedError(reply)
const membership = await getUserMembership(server.database.client, request.viewer.id, request.log)
if (!membership || membership.membership !== GroupMembershipType.Admin) return unauthorizedError(reply)
const container = containerFor(server.database.client, 'Groups')
const group = await getItem<Group>({ container, id: request.params.id })
if (!group) return notFoundError(reply)
const { continuation } = request.query
const { resources: logs, requestCharge, continuation: newContinuation } = await container.items.query<GroupLog>(
`SELECT * FROM Groups g WHERE g.pk = '${group.id}' AND g.t = '${GroupItemType.Log}' ORDER BY g.created DESC`,
{
maxItemCount: 80,
continuation,
}
).fetchAll()
request.log.trace('Query: %d', requestCharge)
const users = await getUsers(server.database.client, logs.map(log => log.userId), request.log)
return {
logs: logs.map(log => ({
...log,
user: users.find(user => user.id === log.userId),
userId: undefined,
})),
continuation: newContinuation,
}
})
}
const plugin: Plugin<Server, IncomingMessage, ServerResponse, PluginOptions> = async server => {
availabilityRoute(server)
createRoute(server)
getRoute(server)
updateRoute(server)
blockRoute(server)
unblockRoute(server)
activateRoute(server)
listRoute(server)
membersRoute(server)
createInvitationRoute(server)
invitationsRoute(server)
logsRoute(server)
}
export default plugin