Initial commit

endpoints/addpermission.js

@@ -0,0 +1,11 @@
+//Call for adding a permission to a group or user
+//
+const handleAddPermission = (req, res, db) => {
+    //Parsing req body 
+    const { reqowner, reqownertype, reqobjname, reqtype} =req.body;
+    res.json('Trying to add a permission');
+}
+
+module.exports = {
+    handleAddPermission
+}

endpoints/addusertogroup.js

@@ -0,0 +1,60 @@
+//Call for adding a user to a group
+//
+const handleAddUserToGroup = (req, res, db) => {
+    //Parsing req body 
+    const { reqgroup, requser} =req.body;
+    //Checking if user-group combination existis in DB table groups
+    //if yes returns error if no inserts in DB table
+    db.transaction (trx => {
+        trx.select('groupname')
+        .from('groups')
+        .where('groupname', 'ilike', reqgroup)
+        .andWhere('username','ilike', requser)
+        .then( data => {
+            if (data.length===0) {
+                return trx('groups')
+                .returning('*')
+                .insert({
+                    groupname: reqgroup,
+                    username: requser
+                })
+                .into('groups')
+                .then( group => {
+                    res.json(group[0]);
+                })
+            } 
+            return res.status(400).json('This user already exists in this group.');
+        })
+        .then(trx.commit)
+        .catch(trx.rollback)
+        .catch (err => res.status(400).json('Error accesing database.'))
+    })
+    //Checking if user existis in DB table users 
+    //if no inserts new user (implicitly)
+    db.transaction (trx => {
+        trx.select('username')
+        .from('users')
+        .where('username', 'ilike', requser)
+        .then ( data => {
+            if (data.length===0) {
+                return trx('users')
+                .returning('*')
+                .insert( {
+                    username: requser
+                })
+                .then(user => {
+                    console.log('Inserted new user implicitly.');
+                })
+            }
+        })
+        .then(trx.commit)
+        .catch(trx.rollback)
+    })
+}
+
+module.exports = {
+    handleAddUserToGroup
+}
+
+
+

endpoints/cleargroup.js

@@ -0,0 +1,23 @@
+//Call for clearing all users from group
+//
+const handleClearGroup = (req, res, db) => {
+    //Parsing req body 
+    const { reqgroup} =req.body;
+    //Checking for groupname in table groups and deleting users
+    db('groups')
+        .where('groupname', 'ilike', reqgroup)
+        .del()
+        .then (count => {
+            if (count!==0) {
+                res.json(`Total of ${count} users cleared from group.`)
+            }
+            else {
+                throw err
+            }
+        })
+        .catch (err => res.status(400).json('Error finding group in database.'))
+}
+
+module.exports = {
+    handleClearGroup
+}

package.json

@@ -0,0 +1,23 @@
+{
+  "name": "permissions_api",
+  "version": "1.0.0",
+  "description": "",
+  "main": "permissions.js",
+  "scripts": {
+    "start": "nodemon permissions.js",
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "author": "",
+  "license": "ISC",
+  "dependencies": {
+    "body-parser": "^1.19.0",
+    "cors": "^2.8.5",
+    "express": "^4.17.1",
+    "express-validator": "^6.2.0",
+    "knex": "^0.20.0",
+    "pg": "^7.12.1"
+  },
+  "devDependencies": {
+    "nodemon": "^1.19.4"
+  }
+}

permissions.js

@@ -0,0 +1,76 @@
+//Main API for managing user permissions database
+const express=require('express');
+const cors= require('cors');
+const bodyParser= require('body-parser');
+const knex= require ('knex');
+const { check, validationResult } = require('express-validator');
+
+const app=express();
+//Enabling CORS
+app.use(cors());
+//Enabling req body parsing
+app.use(bodyParser.json());
+//Connection with database -locally
+const db = knex ({
+    client: 'pg',
+    connection: {
+      host : '127.0.0.1',
+      user : 'postgres',
+      password : '0904',
+      database : 'testdb'
+    }
+});
+
+//Requiremenst for JSON endpoint calls
+const addusertogroup= require('./endpoints/addusertogroup');
+const cleargroup= require('./endpoints/cleargroup');
+const addpermission= require('./endpoints/addpermission');
+
+//Checking basics
+app.get('/', (req, res) => {
+     res.send("Work in progress...");
+})
+
+//Call for adding a user to a group
+app.post('/addusertogroup', [
+    //Simple input validation with express-validator
+    check('reqgroup').isAlphanumeric().isLength({min:3}),
+    check('requser').isAlphanumeric().isLength({min:3})
+], (req, res) => {
+    const errors = validationResult(req)
+    if (!errors.isEmpty()) {
+      return res.status(422).json('Incorrect input data. Can not add an user.');
+    }
+    addusertogroup.handleAddUserToGroup(req, res, db)});
+
+//Call for deleting all users from group
+app.delete('/cleargroup', (req,res) => {
+    cleargroup.handleClearGroup(req, res, db)
+});
+
+//Call for adding a permission to a user or group
+app.post('/addpermission', [
+    //Simple input validation with express-validator
+    check('reqowner').isAlphanumeric().isLength({min:3}),
+    check('reqobjname').isAlphanumeric().isLength({min:3}),
+    check('reqtype').isAlphanumeric().isLength({min:3}),
+    check('reqownertype').custom((value, {req, loc, pah}) => {
+        if (value.toLowerCase()==='group' || value.toLowerCase()==='user') {
+            return value;
+        }
+        else {
+            return false;
+        }
+    })
+], (req, res) => {
+    const errors = validationResult(req)
+    if (!errors.isEmpty()) {
+      return res.status(422).json('Incorrect input data. Can not add a permission.');
+    }
+    addpermission.handleAddPermission(req, res, db)});
+
+
+//Listening on local port 3000 -temporary, to be changed to env Var
+app.listen(3000, () => {
+    console.log(`App is running on port 3000`);
+})