Merge commit '0919997e0f90ec5463f63f470213acd7e39493af' into #54-Application-tweaks

api/src/routes/auth.js

@@ -21,12 +21,13 @@ passport.use(new OpenIDConnectStrategy({
     scope: ['openid', 'profile']
 }, async function verify(issuer, sub, profile, jwtClaims, accessToken, refreshToken, params, cb) {
 
-    // console.log('--- OIDC verify() called ---');
-    // console.log('issuer:', issuer);
-    // console.log('sub:', sub);
+    console.log('--- OIDC verify() called ---');
+    console.log('issuer:', issuer);
+    console.log('sub:', sub);
     // console.log('profile:', JSON.stringify(profile, null, 2));
-    // console.log('id_token claims:', JSON.stringify(jwtClaims, null, 2));
-    // console.log('preferred_username:', jwtClaims?.preferred_username);
+    console.log('profile:', profile);
+    console.log('id_token claims:', JSON.stringify(jwtClaims, null, 2));
+    console.log('preferred_username:', jwtClaims?.preferred_username);
 
     const con = await pool.getConnection();
     try {

api/src/routes/loa.js

@@ -1,56 +0,0 @@
-const express = require('express');
-const router = express.Router();
-
-import pool from '../db';
-
-//post a new LOA
-router.post("/", async (req, res) => {
-    const { member_id, filed_date, start_date, end_date, reason } = req.body;
-
-    if (!member_id || !filed_date || !start_date || !end_date) {
-        return res.status(400).json({ error: "Missing required fields" });
-    }
-
-    try {
-        const result = await pool.query(
-            `INSERT INTO leave_of_absences 
-                (member_id, filed_date, start_date, end_date, reason) 
-             VALUES (?, ?, ?, ?, ?)`,
-            [member_id, filed_date, start_date, end_date, reason]
-        );
-        res.sendStatus(201);
-    } catch (error) {
-        console.error(error);
-        res.status(500).send('Something went wrong', error);
-    }
-});
-
-//get my current LOA
-router.get("/me", async (req, res) => {
-    //TODO: implement current user getter
-    const user = 89;
-
-    try {
-        const result = await pool.query("SELECT * FROM leave_of_absences WHERE member_id = ?", [user])
-        res.status(200).json(result)
-    } catch (error) {
-        console.error(error);
-        res.status(500).send(error);
-    }
-})
-
-router.get('/all', async (req, res) => {
-    try {
-        const result = await pool.query(
-            `SELECT loa.*, members.name
-            FROM leave_of_absences AS loa
-            INNER JOIN members ON loa.member_id = members.id;
-            `);
-        res.status(200).json(result)
-    } catch (error) {
-        console.error(error);
-        res.status(500).send(error);
-    }
-})
-
-module.exports = router;

api/src/routes/loa.ts

@@ -0,0 +1,148 @@
+const express = require('express');
+const router = express.Router();
+
+import { Request, Response } from 'express';
+import pool from '../db';
+import { closeLOA, createNewLOA, getAllLOA, getLOAbyID, getLoaTypes, getUserLOA, setLOAExtension } from '../services/loaService';
+import { LOARequest } from '@app/shared/types/loa';
+
+//member posts LOA
+router.post("/", async (req: Request, res: Response) => {
+    let LOARequest = req.body as LOARequest;
+    LOARequest.member_id = req.user.id;
+    LOARequest.created_by = req.user.id;
+    LOARequest.filed_date = new Date();
+
+    try {
+        await createNewLOA(LOARequest);
+        res.sendStatus(201);
+    } catch (error) {
+        console.error(error);
+        res.status(500).send(error);
+    }
+});
+
+//admin posts LOA
+router.post("/admin", async (req: Request, res: Response) => {
+    let LOARequest = req.body as LOARequest;
+    LOARequest.created_by = req.user.id;
+    LOARequest.filed_date = new Date();
+
+    console.log(LOARequest);
+
+    try {
+        await createNewLOA(LOARequest);
+        res.sendStatus(201);
+    } catch (error) {
+        console.error(error);
+        res.status(500).send(error);
+    }
+});
+
+//get my current LOA
+router.get("/me", async (req: Request, res: Response) => {
+    const user = req.user.id;
+    try {
+        const result = await getUserLOA(user);
+        res.status(200).json(result)
+    } catch (error) {
+        console.error(error);
+        res.status(500).send(error);
+    }
+})
+
+//get my LOA history
+router.get("/history", async (req: Request, res: Response) => {
+    const user = req.user.id;
+    try {
+        const result = await getUserLOA(user);
+        res.status(200).json(result)
+    } catch (error) {
+        console.error(error);
+        res.status(500).send(error);
+    }
+})
+
+router.get('/all', async (req, res) => {
+    try {
+        const result = await getAllLOA();
+        res.status(200).json(result)
+    } catch (error) {
+        console.error(error);
+        res.status(500).send(error);
+    }
+})
+
+router.get('/types', async (req: Request, res: Response) => {
+    try {
+        let out = await getLoaTypes();
+        res.status(200).json(out);
+    } catch (error) {
+        res.status(500).json(error);
+        console.error(error);
+    }
+})
+
+router.post('/cancel/:id', async (req: Request, res: Response) => {
+    let closer = req.user.id;
+    let id = Number(req.params.id);
+    try {
+        let loa = await getLOAbyID(id);
+        if (loa.member_id != closer) {
+            return res.sendStatus(403);
+        }
+
+        await closeLOA(Number(req.params.id), closer);
+        res.sendStatus(200);
+    } catch (error) {
+        console.error(error);
+        res.status(500).json(error);
+    }
+})
+
+//TODO: enforce admin only
+router.post('/adminCancel/:id', async (req: Request, res: Response) => {
+    let closer = req.user.id;
+    try {
+        await closeLOA(Number(req.params.id), closer);
+        res.sendStatus(200);
+    } catch (error) {
+        console.error(error);
+        res.status(500).json(error);
+    }
+})
+
+// TODO: Enforce admin only
+router.post('/extend/:id', async (req: Request, res: Response) => {
+    const to: Date = req.body.to;
+
+    if (!to) {
+        res.status(400).send("Extension length is required");
+    }
+
+    try {
+        await setLOAExtension(Number(req.params.id), to);
+        res.sendStatus(200);
+    } catch (error) {
+        console.error(error)
+        res.status(500).json(error);
+    }
+})
+
+router.get('/policy', async (req: Request, res: Response) => {
+    const output = await fetch(`${process.env.DOC_HOST}/api/pages/42`, {
+        headers: {
+            Authorization: `Token ${process.env.DOC_TOKEN_ID}:${process.env.DOC_TOKEN_SECRET}`,
+        }
+    })
+
+    if (output.ok) {
+        const out = await output.json();
+        res.status(200).json(out.html);
+    } else {
+        console.error("Failed to fetch LOA policy from bookstack");
+        res.sendStatus(500);
+    }
+})
+
+module.exports = router;

api/src/routes/members.js

@@ -2,6 +2,7 @@ const express = require('express');
 const router = express.Router();
 
 import pool from '../db';
+import { getUserActiveLOA } from '../services/loaService';
 import { getUserData } from '../services/memberService';
 import { getUserRoles } from '../services/rolesService';
 
@@ -40,12 +41,13 @@ router.get('/me', async (req, res) => {
 
     try {
         const { id, name, state } = await getUserData(req.user.id);
-        const LOAData = await pool.query(
-            `SELECT *
-            FROM leave_of_absences
-            WHERE member_id = ?
-            AND deleted = 0 
-            AND UTC_TIMESTAMP() BETWEEN start_date AND end_date;`, req.user.id);
+        // const LOAData = await pool.query(
+        //     `SELECT *
+        //     FROM leave_of_absences
+        //     WHERE member_id = ?
+        //     AND deleted = 0 
+        //     AND UTC_TIMESTAMP() BETWEEN start_date AND end_date;`, req.user.id);
+        const LOAData = await getUserActiveLOA(req.user.id);
 
         const roleData = await getUserRoles(req.user.id);