astria
/
3RESIT
1
0
Fork 0
Code Issues Pull Requests 1 Projects 1 Releases 6 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
118 Commits
17 Branches
7 Tags
80 MiB
 
 
 
 
Tree: 77d1180331
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '77d1180331'
${ noResults }
3RESIT/backend/app/middlewares/channel.middleware.js

114 lines
3.6 KiB
Raw Blame History

import {body, param} from "express-validator";
import {getClient} from "../utils/database.js";
import jwt from "jsonwebtoken";
export const Channel = {
id: param("id").notEmpty().isNumeric().trim(),
name: body("name").notEmpty().isAlphanumeric("fr-FR", {
ignore: " _-"
}).trim(),
description: body("description").optional({values: "falsy"}).isLength({ max: 500 }).trim(),
owner: body("owner").notEmpty().isNumeric().trim().withMessage("bad owner"),
}
export const ChannelCreate = {
name: body("name").notEmpty().isAlphanumeric("fr-FR", {
ignore: " _-"
}).trim(),
description: body("description").optional({values: "falsy"}).isLength({ max: 500 }).trim(),
owner: body("owner").notEmpty().isNumeric().trim(),
}
export async function doUserHaveChannel(req, res, next) {
const client = await getClient();
const logger = req.body.logger;
try {
const query = `SELECT id FROM channels WHERE owner = $1`;
const result = await client.query(query, [req.body.owner]);
if (result.rows[0]) {
logger.write("failed because user already has a channel", 400);
res.status(400).json({error: "User already own a channel"})
} else {
next()
}
} finally {
client.release();
}
}
export async function doChannelNameExists(req, res, next) {
const client = await getClient();
const logger = req.body.logger;
try {
const query = `SELECT * FROM channels WHERE name = $1`;
const result = await client.query(query, [req.body.name]);
if (result.rows[0]) {
logger.write("failed because channel name already exist", 400)
res.status(400).json({error: "Channel name already used"})
} else {
next()
}
} finally {
client.release();
}
}
export async function doChannelExists(req, res, next) {
const client = await getClient();
const logger = req.body.logger;
try {
const query = `SELECT id FROM channels WHERE id = $1`;
const result = await client.query(query, [req.params.id]);
if (result.rows[0]) {
next()
} else {
logger.write("failed to retrieve channel because it doesn't exist", 404);
res.status(404).json({error: "Not Found"})
}
} finally {
client.release();
}
}
export async function doChannelExistBody(req, res, next) {
const client = await getClient();
const logger = req.body.logger;
try {
const query = `SELECT id FROM channels WHERE id = $1`;
const result = await client.query(query, [req.body.channel]);
if (result.rows[0]) {
next()
} else {
logger.write("failed to retrieve channel because it doesn't exist", 404);
res.status(404).json({error: "Not Found"})
}
} finally {
client.release();
}
}
export async function isOwner(req, res, next) {
const id = req.params.id;
const token = req.headers.authorization.split(" ")[1];
const claims = jwt.decode(token);
const logger = req.body.logger;
const client = await getClient();
try {
const query = `SELECT id, owner FROM channels WHERE id = $1`;
const result = await client.query(query, [id]);
const channel = result.rows[0];
if (channel.owner != claims.id) {
logger.write("failed because user do not own the channel", 403);
res.status(403).json({error: "You're not the owner of the channel"})
} else {
next()
}
} finally {
client.release();
}
}