17th-Ranger-Battalion-ORG/milsim-site-v4
8
1
Fork 0
Code Issues 38 Pull Requests 1 Actions 3 Packages Projects 1 Releases 14 Wiki Activity

Merge branch 'main' into promotions

Browse Source
This commit is contained in:
Ajdj100
2025-12-30 20:57:18 -06:00
parent 3b261bc18e eb92dcafda
commit 40e53c52b4
27 changed files with 759 additions and 415 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
api/package-lock.json generated
View File

@@ -10,7 +10,7 @@
"license": "ISC",
"dependencies": {
"@sentry/node": "^10.27.0",
"chalk": "^5.6.2",
"@types/express-session": "^1.18.2",
"connect-sqlite3": "^0.9.16",
"cors": "^2.8.5",
"dotenv": "^17.2.1",
@@ -758,7 +758,6 @@
"version": "1.19.6",
"resolved": "https://registry.npmjs.org/@types/body-parser/-/body-parser-1.19.6.tgz",
"integrity": "sha512-HLFeCYgz89uk22N5Qg3dvGvsv46B8GLvKKo1zKG4NybA8U2DiEO3w9lqGg29t/tfLRJpJ6iQxnVw4OnB7MoM9g==",
"dev": true,
"license": "MIT",
"dependencies": {
"@types/connect": "*",
@@ -778,7 +777,6 @@
"version": "5.0.3",
"resolved": "https://registry.npmjs.org/@types/express/-/express-5.0.3.tgz",
"integrity": "sha512-wGA0NX93b19/dZC1J18tKWVIYWyyF2ZjT9vin/NRu0qzzvfVzWjs04iq2rQ3H65vCTQYlRqs3YHfY7zjdV+9Kw==",
"dev": true,
"license": "MIT",
"dependencies": {
"@types/body-parser": "*",
@@ -790,7 +788,6 @@
"version": "5.1.0",
"resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-5.1.0.tgz",
"integrity": "sha512-jnHMsrd0Mwa9Cf4IdOzbz543y4XJepXrbia2T4b6+spXC2We3t1y6K44D3mR8XMFSXMCf3/l7rCgddfx7UNVBA==",
"dev": true,
"license": "MIT",
"dependencies": {
"@types/node": "*",
@@ -799,6 +796,15 @@
"@types/send": "*"
}
},
"node_modules/@types/express-session": {
"version": "1.18.2",
"resolved": "https://registry.npmjs.org/@types/express-session/-/express-session-1.18.2.tgz",
"integrity": "sha512-k+I0BxwVXsnEU2hV77cCobC08kIsn4y44C3gC0b46uxZVMaXA04lSPgRLR/bSL2w0t0ShJiG8o4jPzRG/nscFg==",
"license": "MIT",
"dependencies": {
"@types/express": "*"
}
},
"node_modules/@types/geojson": {
"version": "7946.0.16",
"resolved": "https://registry.npmjs.org/@types/geojson/-/geojson-7946.0.16.tgz",
@@ -809,14 +815,12 @@
"version": "2.0.5",
"resolved": "https://registry.npmjs.org/@types/http-errors/-/http-errors-2.0.5.tgz",
"integrity": "sha512-r8Tayk8HJnX0FztbZN7oVqGccWgw98T/0neJphO91KkmOzug1KkofZURD4UaD5uH8AqcFLfdPErnBod0u71/qg==",
"dev": true,
"license": "MIT"
},
"node_modules/@types/mime": {
"version": "1.3.5",
"resolved": "https://registry.npmjs.org/@types/mime/-/mime-1.3.5.tgz",
"integrity": "sha512-/pyBZWSLD2n0dcHE3hq8s8ZvcETHtEuF+3E7XVt0Ig2nvsVQXdghHVcEkIWjy9A0wKfTn97a/PSDYohKIlnP/w==",
"dev": true,
"license": "MIT"
},
"node_modules/@types/morgan": {
@@ -871,21 +875,18 @@
"version": "6.14.0",
"resolved": "https://registry.npmjs.org/@types/qs/-/qs-6.14.0.tgz",
"integrity": "sha512-eOunJqu0K1923aExK6y8p6fsihYEn/BYuQ4g0CxAAgFc4b/ZLN4CrsRZ55srTdqoiLzU2B2evC+apEIxprEzkQ==",
"dev": true,
"license": "MIT"
},
"node_modules/@types/range-parser": {
"version": "1.2.7",
"resolved": "https://registry.npmjs.org/@types/range-parser/-/range-parser-1.2.7.tgz",
"integrity": "sha512-hKormJbkJqzQGhziax5PItDUTMAM9uE2XXQmM37dyd4hVM+5aVl7oVxMVUiVQn2oCQFN/LKCZdvSM0pFRqbSmQ==",
"dev": true,
"license": "MIT"
},
"node_modules/@types/send": {
"version": "1.2.0",
"resolved": "https://registry.npmjs.org/@types/send/-/send-1.2.0.tgz",
"integrity": "sha512-zBF6vZJn1IaMpg3xUF25VK3gd3l8zwE0ZLRX7dsQyQi+jp4E8mMDJNGDYnYse+bQhYwWERTxVwHpi3dMOq7RKQ==",
"dev": true,
"license": "MIT",
"dependencies": {
"@types/node": "*"
@@ -895,7 +896,6 @@
"version": "1.15.9",
"resolved": "https://registry.npmjs.org/@types/serve-static/-/serve-static-1.15.9.tgz",
"integrity": "sha512-dOTIuqpWLyl3BBXU3maNQsS4A3zuuoYRNIvYSxxhebPfXg2mzWQEPne/nlJ37yOse6uGgR386uTpdsx4D0QZWA==",
"dev": true,
"license": "MIT",
"dependencies": {
"@types/http-errors": "*",
@@ -907,7 +907,6 @@
"version": "0.17.5",
"resolved": "https://registry.npmjs.org/@types/send/-/send-0.17.5.tgz",
"integrity": "sha512-z6F2D3cOStZvuk2SaP6YrwkNO65iTZcwA2ZkSABegdkAh/lf+Aa/YQndZVfmEXT5vgAp6zv06VQ3ejSVjAny4w==",
"dev": true,
"license": "MIT",
"dependencies": {
"@types/mime": "^1",
@@ -1315,18 +1314,6 @@
"url": "https://github.com/sponsors/ljharb"
}
},
"node_modules/chalk": {
"version": "5.6.2",
"resolved": "https://registry.npmjs.org/chalk/-/chalk-5.6.2.tgz",
"integrity": "sha512-7NzBL0rN6fMUW+f7A6Io4h40qQlG+xGmtMxfbnH/K7TAtt8JQWVQK+6g0UXKMeVJoyV5EkkNsErQ8pVD3bLHbA==",
"license": "MIT",
"engines": {
"node": "^12.17.0 || ^14.13 || >=16.0.0"
},
"funding": {
"url": "https://github.com/chalk/chalk?sponsor=1"
}
},
"node_modules/chokidar": {
"version": "3.6.0",
"resolved": "https://registry.npmjs.org/chokidar/-/chokidar-3.6.0.tgz",
@@ -3235,9 +3222,9 @@
}
},
"node_modules/qs": {
"version": "6.14.0",
"resolved": "https://registry.npmjs.org/qs/-/qs-6.14.0.tgz",
"integrity": "sha512-YWWTjgABSKcvs/nWBi9PycY/JiPJqOD4JA6o9Sej2AtvSGarXxKC3OQSk4pAarbdQlKAh5D4FCQkJNkW+GAn3w==",
"version": "6.14.1",
"resolved": "https://registry.npmjs.org/qs/-/qs-6.14.1.tgz",
"integrity": "sha512-4EK3+xJl8Ts67nLYNwqw/dsFVnCf+qR7RgXSK9jEEm9unao3njwMDdmsdvoKBKHzxd7tCYz5e5M+SnMjdtXGQQ==",
"license": "BSD-3-Clause",
"dependencies": {
"side-channel": "^1.1.0"

2
api/package.json
View File

@@ -13,7 +13,7 @@
},
"dependencies": {
"@sentry/node": "^10.27.0",
"chalk": "^5.6.2",
"@types/express-session": "^1.18.2",
"connect-sqlite3": "^0.9.16",
"cors": "^2.8.5",
"dotenv": "^17.2.1",

50
api/src/index.ts
View File

@@ -5,24 +5,24 @@ import express = require('express');
import cors = require('cors');
import morgan = require('morgan');
const app = express()
import chalk from 'chalk';
app.use(morgan((tokens: morgan.TokenIndexer, req: express.Request, res: express.Response) => {
const status = Number(tokens.status(req, res));
return JSON.stringify({
type: 'http',
timestamp: new Date().toISOString(),
// Colorize status code
const statusColor = status >= 500 ? chalk.red
: status >= 400 ? chalk.yellow
: status >= 300 ? chalk.cyan
: chalk.green;
method: tokens.method(req, res),
path: tokens.url(req, res),
status: Number(tokens.status(req, res)),
response_time_ms: Number(tokens['response-time'](req, res)),
return [
chalk.gray(`[${new Date().toISOString()}]`),
chalk.blue.bold(tokens.method(req, res)),
tokens.url(req, res),
statusColor(status),
chalk.magenta(tokens['response-time'](req, res) + ' ms'),
chalk.yellow(`- User: ${req.user?.name ? `${req.user.name} (${req.user.id})` : 'Unauthenticated'}`),
].join(' ');
ip: req.ip,
user_agent: req.headers['user-agent'],
user: req.user
? { id: req.user.id, name: req.user.name }
: null,
});
}, {
skip: (req: express.Request) => {
return req.originalUrl === '/members/me';
@@ -55,21 +55,27 @@ if (process.env.DISABLE_GLITCHTIP === "true") {
//session setup
import path = require('path');
// import session = require('express-session');
import session = require('express-session');
import passport = require('passport');
const SQLiteStore = require('connect-sqlite3')(session);
app.use(session({
const cookieOptions: session.CookieOptions = {
httpOnly: true,
sameSite: 'lax',
domain: process.env.CLIENT_DOMAIN,
maxAge: 1000 * 60 * 60 * 24 * 30, //30 days
}
const sessionOptions: session.SessionOptions = {
secret: 'whatever',
resave: false,
saveUninitialized: false,
store: new SQLiteStore({ db: 'sessions.db', dir: './' }),
cookie: {
httpOnly: true,
sameSite: 'lax',
domain: process.env.CLIENT_DOMAIN
}
}));
rolling: true,
cookie: cookieOptions
}
app.use(session(sessionOptions));
app.use(passport.authenticate('session'));
// Mount route modules

6
api/src/routes/applications.ts
View File

@@ -79,9 +79,11 @@ router.get('/me', [requireLogin], async (req, res) => {
try {
let application = await getMemberApplication(userID);
if (application === undefined)
if (application === undefined) {
res.sendStatus(204);
return;
}
const comments: CommentRow[] = await getApplicationComments(application.id);

27
api/src/routes/auth.ts
View File

@@ -46,32 +46,35 @@ passport.use(new OpenIDConnectStrategy({
//lookup existing user
const existing = await con.query(`SELECT id FROM members WHERE authentik_issuer = ? AND authentik_sub = ? LIMIT 1;`, [issuer, sub]);
let memberId: number;
let memberId: number | null = null;
//if member exists
if (existing.length > 0) {
memberId = existing[0].id;
} else {
//otherwise: create account
//otherwise: create account mode
const jwt = parseJwt(jwtClaims);
const discordID = jwt.discord.id as number;
const discordID = jwt.discord?.id as number;
//check if account is available to claim
memberId = await mapDiscordtoID(discordID);
if (discordID)
memberId = await mapDiscordtoID(discordID);
if (memberId === null) {
// create new account
if (discordID && memberId) {
// claim account
console.log("Claiming account");
const result = await con.query(
`UPDATE members SET authentik_sub = ?, authentik_issuer = ? WHERE id = ?;`,
[sub, issuer, memberId]
)
} else {
console.log("New Account");
// new account
const username = sub.username;
const result = await con.query(
`INSERT INTO members (name, authentik_sub, authentik_issuer) VALUES (?, ?, ?)`,
[username, sub, issuer]
)
memberId = Number(result.insertId);
} else {
// claim existing account
const result = await con.query(
`UPDATE members SET authentik_sub = ?, authentik_issuer = ? WHERE id = ?;`,
[sub, issuer, memberId]
)
}
}

8
api/src/routes/loa.ts
View File

@@ -26,7 +26,7 @@ router.post("/", async (req: Request, res: Response) => {
});
//admin posts LOA
router.post("/admin", [requireRole("17th Administrator")], async (req: Request, res: Response) => {
router.post("/admin", [requireRole(['17th Administrator', '17th HQ', '17th Command'])], async (req: Request, res: Response) => {
let LOARequest = req.body as LOARequest;
LOARequest.created_by = req.user.id;
LOARequest.filed_date = new Date();
@@ -67,7 +67,7 @@ router.get("/history", async (req: Request, res: Response) => {
}
})
router.get('/all', [requireRole("17th Administrator")], async (req: Request, res: Response) => {
router.get('/all', [requireRole(['17th Administrator', '17th HQ', '17th Command'])], async (req: Request, res: Response) => {
try {
const page = Number(req.query.page) || undefined;
const pageSize = Number(req.query.pageSize) || undefined;
@@ -107,7 +107,7 @@ router.post('/cancel/:id', async (req: Request, res: Response) => {
})
//TODO: enforce admin only
router.post('/adminCancel/:id', [requireRole("17th Administrator")], async (req: Request, res: Response) => {
router.post('/adminCancel/:id', [requireRole(['17th Administrator', '17th HQ', '17th Command'])], async (req: Request, res: Response) => {
let closer = req.user.id;
try {
await closeLOA(Number(req.params.id), closer);
@@ -119,7 +119,7 @@ router.post('/adminCancel/:id', [requireRole("17th Administrator")], async (req:
})
// TODO: Enforce admin only
router.post('/extend/:id', [requireRole("17th Administrator")], async (req: Request, res: Response) => {
router.post('/extend/:id', [requireRole(['17th Administrator', '17th HQ', '17th Command'])], async (req: Request, res: Response) => {
const to: Date = req.body.to;
if (!to) {

73
api/src/routes/roles.ts
View File

@@ -5,7 +5,8 @@ const ur = express.Router();
import { MemberState } from '@app/shared/types/member';
import pool from '../db';
import { requireLogin, requireMemberState, requireRole } from '../middleware/auth';
import { assignUserGroup, createGroup } from '../services/rolesService';
import { assignUserGroup, createGroup, getAllRoles, getRole, getUsersWithRole } from '../services/rolesService';
import { Request, Response } from 'express';
r.use(requireLogin)
ur.use(requireLogin)
@@ -15,10 +16,16 @@ ur.post('/', [requireMemberState(MemberState.Member), requireRole("17th Administ
try {
const body = req.body;
assignUserGroup(body.member_id, body.role_id);
await assignUserGroup(body.member_id, body.role_id);
res.sendStatus(201);
} catch (err) {
if (err?.code === 'ER_DUP_ENTRY') {
return res.status(400).json({
error: 'Member already has this role',
});
}
console.error('Insert failed:', err);
res.status(500).json({ error: 'Failed to add to group' });
}
@@ -44,45 +51,39 @@ ur.delete('/', [requireMemberState(MemberState.Member), requireRole("17th Admini
//get all roles
r.get('/', [requireMemberState(MemberState.Member)], async (req, res) => {
try {
var con = await pool.getConnection();
// Get all roles
const roles = await con.query('SELECT * FROM roles;');
// Get all members for each role
const membersRoles = await con.query(`
SELECT mr.role_id, v.*
FROM members_roles mr
JOIN view_member_rank_unit_status_latest v ON mr.member_id = v.member_id
`);
// Group members by role_id
const roleIdToMembers = {};
for (const row of membersRoles) {
if (!roleIdToMembers[row.role_id]) roleIdToMembers[row.role_id] = [];
// Remove role_id from member object
const { role_id, ...member } = row;
roleIdToMembers[role_id].push(member);
}
// Attach members to each role
const result = roles.map(role => ({
...role,
members: roleIdToMembers[role.id] || []
}));
res.json(result);
const roles = await getAllRoles();
res.status(200).json(roles);
} catch (err) {
console.error(err);
res.status(500).json({ error: 'Internal server error' });
} finally {
con.release();
res.sendStatus(500);
}
});
r.get('/:id/members', [requireMemberState(MemberState.Member)], async (req: Request, res: Response) => {
try {
const members = await getUsersWithRole(Number(req.params.id));
res.status(200).json(members);
} catch (err) {
console.error(err);
res.sendStatus(500);
}
})
r.get('/:id', [requireMemberState(MemberState.Member)], async (req: Request, res: Response) => {
try {
const role = await getRole(Number(req.params.id));
res.status(200).json(role);
} catch (err) {
console.error(err);
res.sendStatus(500);
}
})
//create a new role
r.post('/', [requireMemberState(MemberState.Member), requireRole("17th Administrator")], async (req, res) => {
r.post('/', [requireMemberState(MemberState.Member), requireRole("dev")], async (req, res) => {
try {
const { name, color, description } = req.body;
if (!name || !color) {
@@ -103,7 +104,7 @@ r.post('/', [requireMemberState(MemberState.Member), requireRole("17th Administr
}
})
r.delete('/:id', [requireMemberState(MemberState.Member), requireRole("17th Administrator")], async (req, res) => {
r.delete('/:id', [requireMemberState(MemberState.Member), requireRole("dev")], async (req, res) => {
try {
const id = req.params.id;

4
api/src/services/CourseSerivce.ts
View File

@@ -83,8 +83,10 @@ export async function insertCourseEvent(event: CourseEventDetails): Promise<numb
try {
var con = await pool.getConnection();
let course: Course = await getCourseByID(event.course_id);
await con.beginTransaction();
const res = await con.query("INSERT INTO course_events (course_id, event_date, remarks, created_by) VALUES (?, ?, ?, ?);", [event.course_id, toDateTime(event.event_date), event.remarks, event.created_by]);
const res = await con.query("INSERT INTO course_events (course_id, event_date, remarks, created_by, hasBookwork, hasQual) VALUES (?, ?, ?, ?, ?, ?);", [event.course_id, toDateTime(event.event_date), event.remarks, event.created_by, course.hasBookwork, course.hasQual]);
var eventID: number = res.insertId;
for (const attendee of event.attendees) {

51
api/src/services/memberService.ts
View File

@@ -1,5 +1,6 @@
import { Role } from "@app/shared/types/roles";
import pool from "../db";
import { Member, MemberLight, memberSettings, MemberState } from '@app/shared/types/member'
import { Member, MemberCardDetails, MemberLight, memberSettings, MemberState } from '@app/shared/types/member'
export async function getUserData(userID: number): Promise<Member> {
const sql = `SELECT * FROM view_member_rank_unit_status_latest WHERE member_id = ?`;
@@ -60,10 +61,50 @@ export async function getAllMembersLite(): Promise<MemberLight[]> {
return res;
}
export async function getMembersFull(ids: number[]): Promise<Member[]> {
const sql = `SELECT * FROM view_member_rank_unit_status_latest WHERE member_id IN (?);`;
const res: Member[] = await pool.query(sql, [ids]);
return res;
export async function getMembersFull(ids: number[]): Promise<MemberCardDetails[]> {
const sql = `
SELECT m.*,
COALESCE(
JSON_ARRAYAGG(
CASE
WHEN r.id IS NOT NULL THEN JSON_OBJECT(
'id', r.id,
'name', r.name,
'color', r.color,
'description', r.description
)
END
),
JSON_ARRAY()
) AS roles
FROM view_member_rank_unit_status_latest m
LEFT JOIN members_roles mr ON m.member_id = mr.member_id
LEFT JOIN roles r ON mr.role_id = r.id
WHERE m.member_id IN (?)
GROUP BY m.member_id;
`;
const rows: any[] = await pool.query(sql, [ids]);
return rows.map(row => {
const member: Member = {
member_id: row.member_id,
member_name: row.member_name,
displayName: row.displayName,
rank: row.rank,
rank_date: row.rank_date,
unit: row.unit,
unit_date: row.unit_date,
status: row.status,
status_date: row.status_date,
loa_until: row.loa_until ? new Date(row.loa_until) : undefined,
};
// roles comes as array of strings; parse each one
const roles: Role[] = JSON.parse(row.roles).map((r: string) => JSON.parse(r));
return { member, roles };
});
}
export async function mapDiscordtoID(id: number): Promise<number | null> {

34
api/src/services/rolesService.ts
View File

@@ -1,8 +1,8 @@
import { MemberLight } from '@app/shared/types/member';
import pool from '../db';
import { Role } from '@app/shared/types/roles'
import { Role, RoleSummary } from '@app/shared/types/roles'
export async function assignUserGroup(userID: number, roleID: number) {
const sql = `INSERT INTO members_roles (member_id, role_id) VALUES (?, ?);`;
const params = [userID, roleID];
@@ -24,4 +24,34 @@ export async function getUserRoles(userID: number): Promise<Role[]> {
WHERE mr.member_id = ?;`;
return await pool.query(sql, [userID]);
}
export async function getRole(id: number): Promise<Role> {
let res = await pool.query(`SELECT * FROM roles WHERE id = ?`, [id])
return res[0] as Role;
}
export async function getAllRoles(): Promise<RoleSummary> {
return await pool.query(`SELECT id, name, color FROM roles`);
}
export async function getUsersWithRole(roleId: number): Promise<MemberLight[]> {
const out = await pool.query(
`
SELECT
m.member_id AS id,
m.member_name AS username,
m.displayName,
u.color
FROM members_roles mr
JOIN view_member_rank_unit_status_latest m
ON m.member_id = mr.member_id
LEFT JOIN units u
ON u.name = m.unit
WHERE mr.role_id = ?
`,
[roleId]
)
return out as MemberLight[]
}