Compare commits
22 Commits
545b317caa
...
1.2.0
| Author | SHA1 | Date | |
|---|---|---|---|
| ab6c6f9acd | |||
| 95200b7970 | |||
| ae2c4d27bc | |||
| adc9da6a40 | |||
| a988545dda | |||
| 54dcb9d389 | |||
| c34f8beea9 | |||
| a239b7e204 | |||
| 19db5a8ca5 | |||
| 4611de4b0d | |||
| 86d069651c | |||
| 82d746fee1 | |||
| ae13cdebb3 | |||
| 90db7de843 | |||
| a1996419d6 | |||
| 4d87ff4925 | |||
| 2e944231a5 | |||
| 947c657e92 | |||
| f1695e3a00 | |||
| c7d79ae586 | |||
| 5106b72e24 | |||
| 34ce7d1e14 |
@@ -92,7 +92,8 @@ jobs:
|
||||
- name: Run Database Migrations
|
||||
run: |
|
||||
cd /var/www/html/milsim-site-v4/api
|
||||
sudo -u nginx npx db-migrate up -e prod
|
||||
npx db-migrate up -e prod
|
||||
chown -R nginx:nginx .
|
||||
|
||||
- name: Reset File Permissions
|
||||
run: |
|
||||
|
||||
@@ -92,7 +92,8 @@ jobs:
|
||||
- name: Run Database Migrations
|
||||
run: |
|
||||
cd /var/www/html/milsim-site-v4/api
|
||||
sudo -u nginx npx db-migrate up -e prod
|
||||
npx db-migrate up -e prod
|
||||
chown -R nginx:nginx .
|
||||
|
||||
- name: Reset File Permissions
|
||||
run: |
|
||||
|
||||
53
api/migrations/20260212165353-audit-log.js
Normal file
53
api/migrations/20260212165353-audit-log.js
Normal file
@@ -0,0 +1,53 @@
|
||||
'use strict';
|
||||
|
||||
var dbm;
|
||||
var type;
|
||||
var seed;
|
||||
var fs = require('fs');
|
||||
var path = require('path');
|
||||
var Promise;
|
||||
|
||||
/**
|
||||
* We receive the dbmigrate dependency from dbmigrate initially.
|
||||
* This enables us to not have to rely on NODE_PATH.
|
||||
*/
|
||||
exports.setup = function(options, seedLink) {
|
||||
dbm = options.dbmigrate;
|
||||
type = dbm.dataType;
|
||||
seed = seedLink;
|
||||
Promise = options.Promise;
|
||||
};
|
||||
|
||||
exports.up = function(db) {
|
||||
var filePath = path.join(__dirname, 'sqls', '20260212165353-audit-log-up.sql');
|
||||
return new Promise( function( resolve, reject ) {
|
||||
fs.readFile(filePath, {encoding: 'utf-8'}, function(err,data){
|
||||
if (err) return reject(err);
|
||||
console.log('received data: ' + data);
|
||||
|
||||
resolve(data);
|
||||
});
|
||||
})
|
||||
.then(function(data) {
|
||||
return db.runSql(data);
|
||||
});
|
||||
};
|
||||
|
||||
exports.down = function(db) {
|
||||
var filePath = path.join(__dirname, 'sqls', '20260212165353-audit-log-down.sql');
|
||||
return new Promise( function( resolve, reject ) {
|
||||
fs.readFile(filePath, {encoding: 'utf-8'}, function(err,data){
|
||||
if (err) return reject(err);
|
||||
console.log('received data: ' + data);
|
||||
|
||||
resolve(data);
|
||||
});
|
||||
})
|
||||
.then(function(data) {
|
||||
return db.runSql(data);
|
||||
});
|
||||
};
|
||||
|
||||
exports._meta = {
|
||||
"version": 1
|
||||
};
|
||||
1
api/migrations/sqls/20260212165353-audit-log-down.sql
Normal file
1
api/migrations/sqls/20260212165353-audit-log-down.sql
Normal file
@@ -0,0 +1 @@
|
||||
/* Replace with your SQL commands */
|
||||
17
api/migrations/sqls/20260212165353-audit-log-up.sql
Normal file
17
api/migrations/sqls/20260212165353-audit-log-up.sql
Normal file
@@ -0,0 +1,17 @@
|
||||
CREATE TABLE audit_log (
|
||||
id INT PRIMARY KEY AUTO_INCREMENT,
|
||||
-- "area.action" (e.g., 'calendarEvent.create', 'member.update_rank')
|
||||
action_type VARCHAR(100) NOT NULL,
|
||||
-- The JSON blob containing detailed information
|
||||
payload JSON DEFAULT NULL,
|
||||
-- Identifying the actor
|
||||
created_by INT,
|
||||
-- The ID of the resource being acted upon
|
||||
target_id INT DEFAULT NULL,
|
||||
|
||||
created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
|
||||
CONSTRAINT fk_created_by FOREIGN KEY (created_by) REFERENCES members(id) ON DELETE
|
||||
SET NULL,
|
||||
INDEX idx_action (action_type),
|
||||
INDEX idx_target (target_id)
|
||||
);
|
||||
@@ -18,7 +18,8 @@ app.use(morgan((tokens: morgan.TokenIndexer, req: express.Request, res: express.
|
||||
}
|
||||
|
||||
const payload: LogPayload = {
|
||||
message: 'HTTP request completed',
|
||||
message: `${tokens.method(req, res)} ${tokens.url(req, res)}`,
|
||||
// message: 'HTTP request completed',
|
||||
data: {
|
||||
method: tokens.method(req, res),
|
||||
path: tokens.url(req, res),
|
||||
@@ -102,7 +103,7 @@ import { roles, memberRoles } from './routes/roles';
|
||||
import { courseRouter, eventRouter } from './routes/course';
|
||||
import { calendarRouter } from './routes/calendar';
|
||||
import { docsRouter } from './routes/docs';
|
||||
import { units } from './routes/units';
|
||||
import { memberUnits, units } from './routes/units';
|
||||
|
||||
app.use('/application', applicationRouter);
|
||||
app.use('/ranks', ranks);
|
||||
@@ -117,6 +118,7 @@ app.use('/course', courseRouter)
|
||||
app.use('/courseEvent', eventRouter)
|
||||
app.use('/calendar', calendarRouter)
|
||||
app.use('/units', units)
|
||||
app.use('/memberUnits', memberUnits);
|
||||
app.use('/docs', docsRouter)
|
||||
app.use('/', authRouter)
|
||||
|
||||
|
||||
@@ -12,6 +12,7 @@ import { Request, response, Response } from 'express';
|
||||
import { getUserRoles } from '../services/db/rolesService';
|
||||
import { requireLogin, requireRole } from '../middleware/auth';
|
||||
import { logger } from '../services/logging/logger';
|
||||
import { audit, AuditContext } from '../services/logging/auditLog';
|
||||
import { bus } from '../services/events/eventBus';
|
||||
|
||||
//get CoC
|
||||
@@ -58,6 +59,8 @@ router.post('/', [requireLogin], async (req: Request, res: Response) => {
|
||||
|
||||
res.sendStatus(201);
|
||||
|
||||
audit.application('created', { actorId: memberID, targetId: appID });
|
||||
|
||||
bus.emit("application.create", { application: appID, member_name: req.user.name, member_discord_id: req.user.discord_id || null })
|
||||
|
||||
logger.info('app', 'Application Posted', {
|
||||
@@ -228,31 +231,26 @@ router.post('/approve/:id', [requireLogin, requireRole("Recruiter")], async (req
|
||||
const app = await getApplicationByID(appID);
|
||||
|
||||
try {
|
||||
console.log("HELLO MFS")
|
||||
var con = await pool.getConnection();
|
||||
console.log("START")
|
||||
|
||||
con.beginTransaction();
|
||||
console.log("APPROVE")
|
||||
|
||||
await approveApplication(appID, approved_by, con);
|
||||
console.log("STATE")
|
||||
|
||||
//update user profile
|
||||
await setUserState(app.member_id, MemberState.Member, "Application Accepted", approved_by, con);
|
||||
|
||||
console.log("SP")
|
||||
|
||||
await con.query('CALL sp_accept_new_recruit_validation(?, ?, ?, ?)', [Number(process.env.CONFIG_ID), app.member_id, approved_by, approved_by])
|
||||
|
||||
console.log("COMMIT")
|
||||
|
||||
con.commit();
|
||||
logger.info('app', "Member application approved", {
|
||||
application: app.id,
|
||||
applicant: app.member_id,
|
||||
approver: approved_by
|
||||
})
|
||||
|
||||
audit.application('approved', { actorId: approved_by, targetId: appID }, { applicantId: app.member_id });
|
||||
|
||||
res.sendStatus(200);
|
||||
} catch (error) {
|
||||
|
||||
@@ -288,6 +286,7 @@ router.post('/deny/:id', [requireLogin, requireRole("Recruiter")], async (req: R
|
||||
applicant: app.member_id,
|
||||
approver: approver
|
||||
})
|
||||
audit.application('denied', { actorId: approver, targetId: appID }, { applicantId: app.member_id });
|
||||
res.sendStatus(200);
|
||||
} catch (error) {
|
||||
logger.error(
|
||||
@@ -305,7 +304,7 @@ router.post('/deny/:id', [requireLogin, requireRole("Recruiter")], async (req: R
|
||||
|
||||
// POST /application/:id/comment
|
||||
router.post('/:id/comment', [requireLogin], async (req: Request, res: Response) => {
|
||||
const appID = req.params.id;
|
||||
const appID = Number(req.params.id);
|
||||
const data = req.body.message;
|
||||
const user = req.user;
|
||||
|
||||
@@ -337,10 +336,12 @@ VALUES(?, ?, ?);`
|
||||
WHERE app.id = ?; `;
|
||||
const comment = await conn.query(getSQL, [result.insertId])
|
||||
|
||||
audit.record('application', 'comment_added', { actorId: user.id, targetId: appID }, { commentId: Number(result.insertId) });
|
||||
|
||||
logger.info('app', "Application comment posted", {
|
||||
application: appID,
|
||||
poster: user.id,
|
||||
comment: result.insertId,
|
||||
comment: Number(result.insertId),
|
||||
})
|
||||
|
||||
res.status(201).json(comment[0]);
|
||||
@@ -363,7 +364,7 @@ VALUES(?, ?, ?);`
|
||||
|
||||
// POST /application/:id/comment
|
||||
router.post('/:id/adminComment', [requireLogin, requireRole("Recruiter")], async (req: Request, res: Response) => {
|
||||
const appID = req.params.id;
|
||||
const appID = Number(req.params.id);
|
||||
const data = req.body.message;
|
||||
const user = req.user;
|
||||
|
||||
@@ -395,7 +396,7 @@ VALUES(?, ?, ?, 1);`
|
||||
INNER JOIN members AS member ON member.id = app.poster_id
|
||||
WHERE app.id = ?; `;
|
||||
const comment = await conn.query(getSQL, [result.insertId])
|
||||
|
||||
audit.record('application', 'comment_added', { actorId: user.id, targetId: appID }, { commentId: result.insertId });
|
||||
logger.info('app', "Admin application comment posted", {
|
||||
application: appID,
|
||||
poster: user.id,
|
||||
@@ -424,6 +425,7 @@ router.post('/restart', async (req: Request, res: Response) => {
|
||||
try {
|
||||
await setUserState(user, MemberState.Guest, "Restarted Application", user);
|
||||
|
||||
audit.application('restarted', { actorId: user, targetId: user });
|
||||
logger.info('app', "Member restarted application", {
|
||||
user: user
|
||||
})
|
||||
|
||||
@@ -4,6 +4,7 @@ import { CalendarAttendance, CalendarEvent } from "@app/shared/types/calendar";
|
||||
import { requireLogin, requireMemberState, requireRole } from "../middleware/auth";
|
||||
import { MemberState } from "@app/shared/types/member";
|
||||
import { logger } from "../services/logging/logger";
|
||||
import { audit } from "../services/logging/auditLog";
|
||||
|
||||
const express = require('express');
|
||||
const r = express.Router();
|
||||
@@ -46,10 +47,12 @@ r.get('/upcoming', async (req, res) => {
|
||||
})
|
||||
|
||||
r.post('/:id/cancel', [requireLogin, requireMemberState(MemberState.Member)], async (req: Request, res: Response) => {
|
||||
let member = req.user.id;
|
||||
try {
|
||||
const eventID = Number(req.params.id);
|
||||
setEventCancelled(eventID, true);
|
||||
await setEventCancelled(eventID, true);
|
||||
|
||||
audit.calendar('cancelled', { actorId: member, targetId: eventID });
|
||||
logger.info('app', 'Calendar event cancelled', {
|
||||
event: eventID,
|
||||
user: req.user.id
|
||||
@@ -68,10 +71,12 @@ r.post('/:id/cancel', [requireLogin, requireMemberState(MemberState.Member)], as
|
||||
}
|
||||
})
|
||||
r.post('/:id/uncancel', [requireLogin, requireMemberState(MemberState.Member)], async (req: Request, res: Response) => {
|
||||
let member = req.user.id;
|
||||
try {
|
||||
const eventID = Number(req.params.id);
|
||||
setEventCancelled(eventID, false);
|
||||
|
||||
audit.calendar('un-cancelled', { actorId: member, targetId: eventID });
|
||||
logger.info('app', 'Calendar event un-cancelled', {
|
||||
event: eventID,
|
||||
user: req.user.id
|
||||
@@ -96,8 +101,9 @@ r.post('/:id/attendance', [requireLogin, requireMemberState(MemberState.Member)]
|
||||
let member = req.user.id;
|
||||
let event = Number(req.params.id);
|
||||
let state = req.query.state as CalendarAttendance;
|
||||
setAttendanceStatus(member, event, state);
|
||||
await setAttendanceStatus(member, event, state);
|
||||
|
||||
audit.calendar('attendance_set', { actorId: member, targetId: event }, { attendanceState: state });
|
||||
logger.info('app', 'Member set calendar event attendance', {
|
||||
event: event,
|
||||
user: req.user.id,
|
||||
@@ -148,8 +154,8 @@ r.post('/', [requireLogin, requireMemberState(MemberState.Member)], async (req:
|
||||
event.creator_id = member;
|
||||
event.start = new Date(event.start);
|
||||
event.end = new Date(event.end);
|
||||
createEvent(event);
|
||||
|
||||
let eventID = await createEvent(event);
|
||||
audit.calendar('event_created', { actorId: member, targetId: eventID });
|
||||
logger.info('app', 'Calendar event posted', {
|
||||
event: event.id,
|
||||
user: req.user.id
|
||||
@@ -170,12 +176,14 @@ r.post('/', [requireLogin, requireMemberState(MemberState.Member)], async (req:
|
||||
})
|
||||
|
||||
r.put('/', [requireLogin, requireMemberState(MemberState.Member)], async (req: Request, res: Response) => {
|
||||
let member = req.user.id;
|
||||
try {
|
||||
let event: CalendarEvent = req.body;
|
||||
event.start = new Date(event.start);
|
||||
event.end = new Date(event.end);
|
||||
updateEvent(event);
|
||||
|
||||
audit.calendar('event_updated', { actorId: member, targetId: event.id });
|
||||
logger.info('app', 'Calendar event updated', {
|
||||
event: event.id,
|
||||
user: req.user.id
|
||||
|
||||
@@ -4,6 +4,7 @@ import { Request, Response, Router } from "express";
|
||||
import { requireLogin, requireMemberState } from "../middleware/auth";
|
||||
import { MemberState } from "@app/shared/types/member";
|
||||
import { logger } from "../services/logging/logger";
|
||||
import { audit } from "../services/logging/auditLog";
|
||||
|
||||
const cr = Router();
|
||||
const er = Router();
|
||||
@@ -125,6 +126,7 @@ er.post('/', async (req: Request, res: Response) => {
|
||||
data.event_date = new Date(data.event_date);
|
||||
const id = await insertCourseEvent(data);
|
||||
|
||||
audit.course('report_created', { actorId: posterID, targetId: id });
|
||||
logger.info('app', 'Training report posted', { user: posterID, report: id })
|
||||
res.status(201).json(id);
|
||||
} catch (error) {
|
||||
|
||||
@@ -7,6 +7,7 @@ import { closeLOA, createNewLOA, getAllLOA, getLOAbyID, getLoaTypes, getUserLOA,
|
||||
import { LOARequest } from '@app/shared/types/loa';
|
||||
import { requireLogin, requireRole } from '../middleware/auth';
|
||||
import { logger } from '../services/logging/logger';
|
||||
import { audit } from '../services/logging/auditLog';
|
||||
|
||||
router.use(requireLogin);
|
||||
|
||||
@@ -18,7 +19,9 @@ router.post("/", async (req: Request, res: Response) => {
|
||||
LOARequest.filed_date = new Date();
|
||||
|
||||
try {
|
||||
await createNewLOA(LOARequest);
|
||||
let loaID = await createNewLOA(LOARequest);
|
||||
|
||||
audit.leaveOfAbsence('created', { actorId: req.user.id, targetId: loaID })
|
||||
logger.info('app', 'LOA Posted', { poster: req.user.id, user: LOARequest.member_id })
|
||||
res.sendStatus(201);
|
||||
} catch (error) {
|
||||
@@ -40,7 +43,8 @@ router.post("/admin", [requireRole(['17th Administrator', '17th HQ', '17th Comma
|
||||
LOARequest.created_by = req.user.id;
|
||||
LOARequest.filed_date = new Date();
|
||||
try {
|
||||
await createNewLOA(LOARequest);
|
||||
let loaID = await createNewLOA(LOARequest);
|
||||
audit.leaveOfAbsence('admin_created', { actorId: req.user.id, targetId: loaID }, { for: LOARequest.member_id })
|
||||
logger.info('app', 'LOA Posted', { poster: req.user.id, user: LOARequest.member_id })
|
||||
res.sendStatus(201);
|
||||
} catch (error) {
|
||||
@@ -144,6 +148,7 @@ router.post('/cancel/:id', async (req: Request, res: Response) => {
|
||||
|
||||
await closeLOA(Number(req.params.id), closer);
|
||||
|
||||
audit.leaveOfAbsence('ended', { actorId: req.user.id, targetId: id });
|
||||
logger.info('app', 'LOA Closed', { closed_by: closer, LOA: id })
|
||||
|
||||
res.sendStatus(200);
|
||||
@@ -166,6 +171,7 @@ router.post('/adminCancel/:id', [requireRole(['17th Administrator', '17th HQ', '
|
||||
try {
|
||||
await closeLOA(Number(req.params.id), closer);
|
||||
|
||||
audit.leaveOfAbsence('admin_ended', { actorId: req.user.id, targetId: Number(req.params.id) });
|
||||
logger.info('app', 'LOA Closed', { closed_by: closer, LOA: req.params.id })
|
||||
|
||||
res.sendStatus(200);
|
||||
@@ -183,7 +189,50 @@ router.post('/adminCancel/:id', [requireRole(['17th Administrator', '17th HQ', '
|
||||
})
|
||||
|
||||
// extend LOA
|
||||
router.post('/extend/:id', [requireRole(['17th Administrator', '17th HQ', '17th Command'])], async (req: Request, res: Response) => {
|
||||
router.post('/extend/:id', async (req: Request, res: Response) => {
|
||||
const to: Date = req.body.to;
|
||||
|
||||
const member = req.user.id;
|
||||
|
||||
let LOA = await getLOAbyID(Number(req.params.id));
|
||||
if (!LOA) {
|
||||
return res.status(404).send("LOA not found");
|
||||
}
|
||||
|
||||
if (LOA.member_id !== member) {
|
||||
return res.status(403).send("You do not have permission to extend this LOA");
|
||||
}
|
||||
|
||||
if (LOA.extended_till !== null) {
|
||||
return res.status(409).send("You must contact the administration team to extend your LOA again");
|
||||
}
|
||||
|
||||
if (!to) {
|
||||
return res.status(400).send("Extension length is required");
|
||||
}
|
||||
|
||||
try {
|
||||
await setLOAExtension(Number(req.params.id), to);
|
||||
|
||||
audit.leaveOfAbsence('extended', { actorId: req.user.id, targetId: Number(req.params.id) });
|
||||
logger.info('app', 'LOA Extended', { extended_by: req.user.id, LOA: req.params.id })
|
||||
|
||||
res.sendStatus(200);
|
||||
} catch (error) {
|
||||
logger.error(
|
||||
'app',
|
||||
'Failed to extend LOA',
|
||||
{
|
||||
error: error instanceof Error ? error.message : String(error),
|
||||
stack: error instanceof Error ? error.stack : undefined,
|
||||
}
|
||||
);
|
||||
res.status(500).json(error);
|
||||
}
|
||||
})
|
||||
|
||||
// admin extend LOA
|
||||
router.post('/extendAdmin/:id', [requireRole(['17th Administrator', '17th HQ', '17th Command'])], async (req: Request, res: Response) => {
|
||||
const to: Date = req.body.to;
|
||||
|
||||
if (!to) {
|
||||
@@ -192,6 +241,8 @@ router.post('/extend/:id', [requireRole(['17th Administrator', '17th HQ', '17th
|
||||
|
||||
try {
|
||||
await setLOAExtension(Number(req.params.id), to);
|
||||
|
||||
audit.leaveOfAbsence('extended', { actorId: req.user.id, targetId: Number(req.params.id) });
|
||||
logger.info('app', 'LOA Extended', { extended_by: req.user.id, LOA: req.params.id })
|
||||
|
||||
res.sendStatus(200);
|
||||
|
||||
@@ -6,7 +6,7 @@ import pool from '../db';
|
||||
import { requireLogin, requireMemberState, requireRole } from '../middleware/auth';
|
||||
import { getUserActiveLOA } from '../services/db/loaService';
|
||||
import { getAllMembersLite, getMemberSettings, getMembersFull, getMembersLite, getUserData, getUserState, setUserSettings, getFilteredMembers, setUserState, getLastNonSuspendedState } from '../services/db/memberService';
|
||||
import { getUserRoles } from '../services/db/rolesService';
|
||||
import { getUserRoles, stripUserRoles } from '../services/db/rolesService';
|
||||
import { memberSettings, MemberState, myData } from '@app/shared/types/member';
|
||||
import { Discharge } from '@app/shared/schemas/dischargeSchema';
|
||||
|
||||
@@ -15,6 +15,7 @@ import { logger } from '../services/logging/logger';
|
||||
import { memberCache } from './auth';
|
||||
import { cancelLatestRank } from '../services/db/rankService';
|
||||
import { cancelLatestUnit } from '../services/db/unitService';
|
||||
import { audit } from '../services/logging/auditLog';
|
||||
|
||||
//get all users
|
||||
router.get('/', [requireLogin, requireMemberState(MemberState.Member)], async (req, res) => {
|
||||
@@ -157,7 +158,9 @@ router.put('/settings', [requireLogin], async (req: Request, res: Response) => {
|
||||
|
||||
router.get('/lite', [requireLogin], async (req: Request, res: Response) => {
|
||||
try {
|
||||
let out = await getAllMembersLite();
|
||||
let activeOnly = Boolean(req.query.active);
|
||||
console.log(activeOnly);
|
||||
let out = await getAllMembersLite(activeOnly);
|
||||
res.status(200).json(out);
|
||||
} catch (error) {
|
||||
logger.error(
|
||||
@@ -246,11 +249,15 @@ router.post('/discharge', [requireLogin, requireMemberState(MemberState.Member),
|
||||
|
||||
var data: Discharge = req.body;
|
||||
setUserState(data.userID, MemberState.Discharged, "Member Discharged", author, con, data.reason);
|
||||
stripUserRoles(data.userID, con);
|
||||
cancelLatestRank(data.userID, con);
|
||||
cancelLatestUnit(data.userID, con);
|
||||
con.commit();
|
||||
memberCache.Invalidate(data.userID);
|
||||
|
||||
|
||||
audit.member('discharged', { actorId: req.user.id, targetId: data.userID }, { reason: data.reason });
|
||||
|
||||
res.sendStatus(200);
|
||||
} catch (error) {
|
||||
logger.error('app', 'Failed to discharge user', {
|
||||
@@ -272,6 +279,9 @@ router.post('/suspend', [requireLogin, requireMemberState(MemberState.Member), r
|
||||
let target = Number(req.query.target);
|
||||
try {
|
||||
await setUserState(target, MemberState.Suspended, "Member Suspended", author, null);
|
||||
|
||||
audit.member('suspension_added', { actorId: author, targetId: target });
|
||||
|
||||
res.sendStatus(200);
|
||||
} catch (error) {
|
||||
logger.error('app', 'Failed to suspend user', {
|
||||
@@ -291,6 +301,8 @@ router.post('/unsuspend', [requireLogin, requireMemberState(MemberState.Member),
|
||||
try {
|
||||
let prevState = await getLastNonSuspendedState(target);
|
||||
await setUserState(target, prevState, "Member Suspension Removed", author, null);
|
||||
audit.member('suspension_removed', { actorId: author, targetId: target });
|
||||
|
||||
res.sendStatus(200);
|
||||
} catch (error) {
|
||||
logger.error('app', 'Failed to suspend user', {
|
||||
|
||||
@@ -5,6 +5,7 @@ import { BatchPromotion, BatchPromotionMember } from '@app/shared/schemas/promot
|
||||
|
||||
import express = require('express');
|
||||
import { logger } from "../services/logging/logger";
|
||||
import { audit } from "../services/logging/auditLog";
|
||||
const r = express.Router();
|
||||
const ur = express.Router();
|
||||
|
||||
@@ -21,6 +22,8 @@ ur.post('/', [requireRole(["17th Command", "17th Administrator", "17th HQ"]), re
|
||||
if (!change) res.sendStatus(400);
|
||||
|
||||
await batchInsertMemberRank(change, author, approver);
|
||||
|
||||
audit.member('update_rank', { actorId: author, targetId: null }, { changes: change.length });
|
||||
logger.info('app', 'Promotion batch submitted', { author: author })
|
||||
res.sendStatus(201);
|
||||
} catch (error) {
|
||||
|
||||
@@ -8,6 +8,7 @@ import { requireLogin, requireMemberState, requireRole } from '../middleware/aut
|
||||
import { assignUserGroup, createGroup, getAllRoles, getRole, getUsersWithRole } from '../services/db/rolesService';
|
||||
import { Request, Response } from 'express';
|
||||
import { logger } from '../services/logging/logger';
|
||||
import { audit } from '../services/logging/auditLog';
|
||||
|
||||
r.use(requireLogin)
|
||||
ur.use(requireLogin)
|
||||
@@ -22,6 +23,8 @@ ur.post('/', [requireMemberState(MemberState.Member), requireRole("17th Administ
|
||||
|
||||
logger.info('app', 'User assigned role', { user: body.member_id, role: body.role_id, assigner: req.user.id })
|
||||
res.sendStatus(201);
|
||||
audit.roles('add_member', { actorId: req.user.id, targetId: body.role_id }, { member: body.member_id, role: body.role_id });
|
||||
|
||||
} catch (error) {
|
||||
if (error?.code === 'ER_DUP_ENTRY') {
|
||||
return res.status(400).json({
|
||||
@@ -54,6 +57,7 @@ ur.delete('/', [requireMemberState(MemberState.Member), requireRole("17th Admini
|
||||
await pool.query(sql, [body.member_id, body.role_id])
|
||||
|
||||
logger.info('app', 'User removed role', { user: body.member_id, role: body.role_id, assigner: req.user.id })
|
||||
audit.roles('remove_member', { actorId: req.user.id, targetId: body.role_id }, { member: body.member_id, role: body.role_id });
|
||||
|
||||
res.sendStatus(200);
|
||||
}
|
||||
@@ -77,7 +81,7 @@ ur.delete('/', [requireMemberState(MemberState.Member), requireRole("17th Admini
|
||||
r.get('/', [requireMemberState(MemberState.Member)], async (req, res) => {
|
||||
try {
|
||||
const roles = await getAllRoles();
|
||||
|
||||
|
||||
res.status(200).json(roles);
|
||||
} catch (error) {
|
||||
logger.error(
|
||||
@@ -144,7 +148,8 @@ r.post('/', [requireMemberState(MemberState.Member), requireRole("dev")], async
|
||||
return res.status(400).json({ error: 'Color must be a valid hex color (#ffffff)' });
|
||||
}
|
||||
|
||||
await createGroup(name, color, description);
|
||||
let out = await createGroup(name, color, description);
|
||||
audit.roles('create', { actorId: req.user.id, targetId: out.id });
|
||||
|
||||
res.sendStatus(201);
|
||||
} catch (err) {
|
||||
@@ -159,6 +164,9 @@ r.delete('/:id', [requireMemberState(MemberState.Member), requireRole("dev")], a
|
||||
|
||||
const sql = 'DELETE FROM roles WHERE id = ?';
|
||||
const res = await pool.query(sql, [id]);
|
||||
|
||||
audit.roles('delete', { actorId: req.user.id, targetId: id });
|
||||
|
||||
res.sendStatus(200);
|
||||
} catch (error) {
|
||||
console.error(error);
|
||||
|
||||
@@ -1,10 +1,17 @@
|
||||
import express = require('express');
|
||||
const unitsRouter = express.Router();
|
||||
const memberUnitsRouter = express.Router();
|
||||
|
||||
import { Request, Response } from 'express';
|
||||
|
||||
import pool from '../db';
|
||||
import { requireLogin } from '../middleware/auth';
|
||||
import { requireLogin, requireMemberState, requireRole } from '../middleware/auth';
|
||||
import { logger } from '../services/logging/logger';
|
||||
import { Unit } from '@app/shared/types/units';
|
||||
import { MemberState } from '@app/shared/types/member';
|
||||
import { assignNewUnit } from '../services/db/unitService';
|
||||
import { audit } from '../services/logging/auditLog';
|
||||
import { forceInsertMemberRank, insertMemberRank } from '../services/db/rankService';
|
||||
|
||||
unitsRouter.use(requireLogin);
|
||||
|
||||
@@ -26,4 +33,41 @@ unitsRouter.get('/', async (req, res) => {
|
||||
}
|
||||
});
|
||||
|
||||
memberUnitsRouter.post('/admin', [requireMemberState(MemberState.Member), requireRole("17th Administrator")], async (req: Request, res: Response) => {
|
||||
const memberId = Number(req.query.memberId);
|
||||
const unitId = Number(req.query.unitId);
|
||||
const rankId = Number(req.query.rankId);
|
||||
const reason = req.query.reason as string;
|
||||
|
||||
try {
|
||||
|
||||
if (!memberId || !unitId) {
|
||||
return res.status(400).json({ error: 'memberId and unitId query parameters are required' });
|
||||
}
|
||||
|
||||
await assignNewUnit(memberId, unitId, req.user.id, req.user.id, reason);
|
||||
await forceInsertMemberRank(memberId, rankId, req.user.id, req.user.id, reason);
|
||||
logger.info('app', 'Member force assigned unit', {
|
||||
member: memberId,
|
||||
unit: unitId,
|
||||
rank: rankId,
|
||||
caller: req.user.id,
|
||||
});
|
||||
audit.member('update_unit', { actorId: req.user.id, targetId: memberId }, { unit: unitId, rank: rankId, reason: reason });
|
||||
|
||||
res.sendStatus(200);
|
||||
} catch (error) {
|
||||
logger.error('app', 'Failed to force assign unit', {
|
||||
member: memberId,
|
||||
unit: unitId,
|
||||
caller: req.user.id,
|
||||
error: error instanceof Error ? error.message : String(error),
|
||||
stack: error instanceof Error ? error.stack : undefined,
|
||||
})
|
||||
|
||||
res.sendStatus(500);
|
||||
}
|
||||
});
|
||||
|
||||
export const units = unitsRouter;
|
||||
export const memberUnits = memberUnitsRouter;
|
||||
@@ -19,7 +19,8 @@ export async function createEvent(eventObject: Omit<CalendarEvent, 'id' | 'creat
|
||||
];
|
||||
|
||||
const result = await pool.query(sql, params);
|
||||
return { id: result.insertId, ...eventObject };
|
||||
let id = Number(result.insertId);
|
||||
return id;
|
||||
}
|
||||
|
||||
export async function updateEvent(eventObject: CalendarEvent) {
|
||||
|
||||
@@ -74,12 +74,13 @@ export async function getUserActiveLOA(userId: number): Promise<LOARequest[]> {
|
||||
return LOAData;
|
||||
}
|
||||
|
||||
export async function createNewLOA(data: LOARequest) {
|
||||
export async function createNewLOA(data: LOARequest): Promise<number> {
|
||||
const sql = `INSERT INTO leave_of_absences
|
||||
(member_id, filed_date, start_date, end_date, type_id, reason)
|
||||
VALUES (?, ?, ?, ?, ?, ?)`;
|
||||
await pool.query(sql, [data.member_id, toDateTime(data.filed_date), toDateTime(data.start_date), toDateTime(data.end_date), data.type_id, data.reason])
|
||||
return;
|
||||
let out = await pool.query(sql, [data.member_id, toDateTime(data.filed_date), toDateTime(data.start_date), toDateTime(data.end_date), data.type_id, data.reason])
|
||||
|
||||
return Number(out.insertId);
|
||||
}
|
||||
|
||||
export async function closeLOA(id: number, closer: number) {
|
||||
|
||||
@@ -170,14 +170,16 @@ export async function getMembersLite(ids: number[]): Promise<MemberLight[]> {
|
||||
return res;
|
||||
}
|
||||
|
||||
export async function getAllMembersLite(): Promise<MemberLight[]> {
|
||||
export async function getAllMembersLite(activeOnly: boolean): Promise<MemberLight[]> {
|
||||
|
||||
const filter = activeOnly ? `\nWHERE member_state = ${MemberState.Member}` : ''
|
||||
const sql = `SELECT m.member_id AS id,
|
||||
m.member_name AS username,
|
||||
m.displayName,
|
||||
u.color
|
||||
FROM view_member_rank_unit_status_latest m
|
||||
LEFT JOIN units u ON u.name = m.unit;`;
|
||||
|
||||
LEFT JOIN units u ON u.name = m.unit ${filter};`;
|
||||
console.log(sql);
|
||||
const res: MemberLight[] = await pool.query(sql);
|
||||
return res;
|
||||
}
|
||||
@@ -217,7 +219,10 @@ export async function getMembersFull(ids: number[]): Promise<MemberCardDetails[]
|
||||
loa_until: row.loa_until ? new Date(row.loa_until) : undefined,
|
||||
};
|
||||
// roles comes as array of strings; parse each one
|
||||
const roles: Role[] = row.roles;
|
||||
const roles: Role[] =
|
||||
typeof row.roles === "string"
|
||||
? JSON.parse(row.roles)
|
||||
: row.roles;
|
||||
|
||||
return { member, roles };
|
||||
});
|
||||
|
||||
@@ -36,6 +36,16 @@ export async function insertMemberRank(member_id: number, rank_id: number, date?
|
||||
await pool.query(sql, params);
|
||||
}
|
||||
|
||||
export async function forceInsertMemberRank(member_id: number, rank_id: number, authorized: number, creator: number, reason: string) {
|
||||
const sql = `CALL sp_update_member_rank(?, ?, ?, ?, ?, NOW())`;
|
||||
|
||||
const result = await pool.query(sql, [member_id, rank_id, authorized, creator, reason]);
|
||||
|
||||
if (!result || result.affectedRows === 0) {
|
||||
throw new Error("Failed to update member rank");
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
export async function batchInsertMemberRank(promos: BatchPromotionMember[], author: number, approver: number) {
|
||||
try {
|
||||
|
||||
@@ -3,6 +3,7 @@ import pool from '../../db';
|
||||
import { Role, RoleSummary } from '@app/shared/types/roles'
|
||||
import { logger } from '../logging/logger';
|
||||
import { memberCache } from '../../routes/auth';
|
||||
import * as mariadb from 'mariadb';
|
||||
|
||||
export async function assignUserGroup(userID: number, roleID: number) {
|
||||
try {
|
||||
@@ -62,4 +63,16 @@ export async function getUsersWithRole(roleId: number): Promise<MemberLight[]> {
|
||||
)
|
||||
|
||||
return out as MemberLight[]
|
||||
}
|
||||
|
||||
export async function stripUserRoles(userID: number, con: mariadb.Pool | mariadb.Connection = pool) {
|
||||
try {
|
||||
const out = await con.query(`DELETE FROM members_roles WHERE member_id = ?;`, [userID]);
|
||||
return { success: true, affectedRows: out.affectedRows };
|
||||
} catch (error) {
|
||||
logger.error('app', 'Failed to strip user roles', error);
|
||||
throw error;
|
||||
} finally {
|
||||
memberCache.Invalidate(userID);
|
||||
}
|
||||
}
|
||||
@@ -10,4 +10,13 @@ export async function cancelLatestUnit(userID: number, con: mariadb.Pool | maria
|
||||
} catch (error) {
|
||||
throw error;
|
||||
}
|
||||
}
|
||||
|
||||
export async function assignNewUnit(memberID: number, unitID: number, authorizedID: number, creatorID: number, reason: string) {
|
||||
let sql = `CALL sp_update_member_unit(?, ?, ?, ?, ?, NOW())`;
|
||||
|
||||
const result = await pool.query(sql, [memberID, unitID, authorizedID, creatorID, reason]);
|
||||
if (!result || result.affectedRows === 0) {
|
||||
throw new Error('Record was not updated');
|
||||
}
|
||||
}
|
||||
61
api/src/services/logging/auditLog.ts
Normal file
61
api/src/services/logging/auditLog.ts
Normal file
@@ -0,0 +1,61 @@
|
||||
import pool from "../../db";
|
||||
import { logger } from "./logger";
|
||||
|
||||
export type AuditArea = 'member' | 'calendar' | 'roles' | 'auth' | 'leave_of_absence' | 'application' | 'course';
|
||||
|
||||
export interface AuditContext {
|
||||
actorId: number; // The person doing the action (created_by)
|
||||
targetId?: number; // The ID of the thing being changed (target_id)
|
||||
}
|
||||
|
||||
class AuditLogger {
|
||||
async record(
|
||||
area: AuditArea,
|
||||
action: string,
|
||||
context: AuditContext,
|
||||
data: Record<string, any> = {} // Already optional with default {}
|
||||
) {
|
||||
const actionType = `${area}.${action}`;
|
||||
|
||||
try {
|
||||
await pool.query(
|
||||
`INSERT INTO audit_log (action_type, payload, target_id, created_by)
|
||||
VALUES (?, ?, ?, ?)`, // Fixed: removed extra comma/placeholder
|
||||
[
|
||||
actionType,
|
||||
JSON.stringify(data),
|
||||
context.targetId || null,
|
||||
context.actorId,
|
||||
]
|
||||
);
|
||||
} catch (err) {
|
||||
logger.error('audit', `AUDIT_FAILURE: Failed to log ${actionType}`, { error: err });
|
||||
}
|
||||
}
|
||||
|
||||
member(action: 'update_rank'| 'update_unit' | 'suspension_added' | 'suspension_removed' | 'discharged', context: AuditContext, data: any = {}) {
|
||||
return this.record('member', action, context, data);
|
||||
}
|
||||
|
||||
roles(action: 'add_member' | 'remove_member' | 'create' | 'delete', context: AuditContext, data: any = {}) {
|
||||
return this.record('roles', action, context, data);
|
||||
}
|
||||
|
||||
leaveOfAbsence(action: 'created' | 'admin_created' | 'ended' | 'admin_ended' | 'extended', context: AuditContext, data: any = {}) {
|
||||
return this.record('leave_of_absence', action, context, data);
|
||||
}
|
||||
|
||||
calendar(action: 'event_created' | 'event_updated' | 'attendance_set' | 'cancelled' | 'un-cancelled', context: AuditContext, data: any = {}) {
|
||||
return this.record('calendar', action, context, data);
|
||||
}
|
||||
|
||||
application(action: 'created' | 'approved' | 'denied' | 'restarted', context: AuditContext, data: any = {}) {
|
||||
return this.record('application', action, context, data);
|
||||
}
|
||||
|
||||
course(action: 'report_created' | 'report_edited', context: AuditContext, data: any = {}) {
|
||||
return this.record('course', action, context, data);
|
||||
}
|
||||
}
|
||||
|
||||
export const audit = new AuditLogger();
|
||||
@@ -1,6 +1,6 @@
|
||||
export type LogLevel = 'debug' | 'info' | 'warn' | 'error';
|
||||
export type LogDepth = 'normal' | 'verbose' | 'profiling';
|
||||
export type LogType = 'http' | 'app' | 'auth' | 'profiling';
|
||||
export type LogType = 'http' | 'app' | 'auth' | 'profiling' | 'audit';
|
||||
|
||||
export interface LogHeader {
|
||||
timestamp: string;
|
||||
|
||||
@@ -169,6 +169,23 @@ export async function extendLOA(id: number, to: Date) {
|
||||
}
|
||||
});
|
||||
|
||||
if (res.ok) {
|
||||
return
|
||||
} else {
|
||||
throw new Error("Could not extend LOA");
|
||||
}
|
||||
}
|
||||
|
||||
export async function adminExtendLOA(id: number, to: Date) {
|
||||
const res = await fetch(`${addr}/loa/extendAdmin/${id}`, {
|
||||
method: "POST",
|
||||
credentials: 'include',
|
||||
body: JSON.stringify({ to }),
|
||||
headers: {
|
||||
"Content-Type": "application/json",
|
||||
}
|
||||
});
|
||||
|
||||
if (res.ok) {
|
||||
return
|
||||
} else {
|
||||
|
||||
@@ -66,8 +66,8 @@ export async function setMemberSettings(settings: memberSettings) {
|
||||
return;
|
||||
}
|
||||
|
||||
export async function getAllLightMembers(): Promise<MemberLight[]> {
|
||||
const response = await fetch(`${addr}/members/lite`, {
|
||||
export async function getAllLightMembers(activeOnly: boolean = true): Promise<MemberLight[]> {
|
||||
const response = await fetch(`${addr}/members/lite${activeOnly ? '?active=true' : '?active=false'}`, {
|
||||
credentials: 'include',
|
||||
headers: {
|
||||
"Content-Type": "application/json",
|
||||
|
||||
@@ -12,4 +12,15 @@ export async function getUnits(): Promise<Unit[]> {
|
||||
throw new Error("Failed to fetch units");
|
||||
}
|
||||
return response.json();
|
||||
}
|
||||
|
||||
export async function adminAssignUnit(member: number, unit: number, rank: number, reason: string) {
|
||||
const response = await fetch(`${addr}/memberUnits/admin?memberId=${member}&unitId=${unit}&rankId=${rank}&reason=${encodeURIComponent(reason)}`, {
|
||||
method: 'POST',
|
||||
credentials: 'include'
|
||||
});
|
||||
if (!response.ok) {
|
||||
throw new Error("Failed to assign unit");
|
||||
}
|
||||
return;
|
||||
}
|
||||
@@ -1,138 +1,141 @@
|
||||
<script setup lang="ts">
|
||||
import {
|
||||
Table,
|
||||
TableBody,
|
||||
TableCaption,
|
||||
TableCell,
|
||||
TableHead,
|
||||
TableHeader,
|
||||
TableRow,
|
||||
} from "@/components/ui/table"
|
||||
import { Badge } from '@/components/ui/badge'
|
||||
import {
|
||||
DropdownMenu,
|
||||
DropdownMenuContent,
|
||||
DropdownMenuItem,
|
||||
DropdownMenuTrigger,
|
||||
} from "@/components/ui/dropdown-menu"
|
||||
import { ChevronDown, ChevronUp, Ellipsis, X } from "lucide-vue-next";
|
||||
import { cancelLOA, extendLOA, getAllLOAs, getMyLOAs } from "@/api/loa";
|
||||
import { onMounted, ref, computed } from "vue";
|
||||
import { LOARequest } from "@shared/types/loa";
|
||||
import Dialog from "../ui/dialog/Dialog.vue";
|
||||
import DialogTrigger from "../ui/dialog/DialogTrigger.vue";
|
||||
import DialogContent from "../ui/dialog/DialogContent.vue";
|
||||
import DialogHeader from "../ui/dialog/DialogHeader.vue";
|
||||
import DialogTitle from "../ui/dialog/DialogTitle.vue";
|
||||
import DialogDescription from "../ui/dialog/DialogDescription.vue";
|
||||
import Button from "../ui/button/Button.vue";
|
||||
import Calendar from "../ui/calendar/Calendar.vue";
|
||||
import {
|
||||
CalendarDate,
|
||||
getLocalTimeZone,
|
||||
} from "@internationalized/date"
|
||||
import { el } from "@fullcalendar/core/internal-common";
|
||||
import MemberCard from "../members/MemberCard.vue";
|
||||
import {
|
||||
Pagination,
|
||||
PaginationContent,
|
||||
PaginationEllipsis,
|
||||
PaginationItem,
|
||||
PaginationNext,
|
||||
PaginationPrevious,
|
||||
} from '@/components/ui/pagination'
|
||||
import { pagination } from "@shared/types/pagination";
|
||||
import {
|
||||
Table,
|
||||
TableBody,
|
||||
TableCaption,
|
||||
TableCell,
|
||||
TableHead,
|
||||
TableHeader,
|
||||
TableRow,
|
||||
} from "@/components/ui/table"
|
||||
import { Badge } from '@/components/ui/badge'
|
||||
import {
|
||||
DropdownMenu,
|
||||
DropdownMenuContent,
|
||||
DropdownMenuItem,
|
||||
DropdownMenuTrigger,
|
||||
} from "@/components/ui/dropdown-menu"
|
||||
import { ChevronDown, ChevronUp, Ellipsis, X } from "lucide-vue-next";
|
||||
import { adminExtendLOA, cancelLOA, extendLOA, getAllLOAs, getMyLOAs } from "@/api/loa";
|
||||
import { onMounted, ref, computed } from "vue";
|
||||
import { LOARequest } from "@shared/types/loa";
|
||||
import Dialog from "../ui/dialog/Dialog.vue";
|
||||
import DialogTrigger from "../ui/dialog/DialogTrigger.vue";
|
||||
import DialogContent from "../ui/dialog/DialogContent.vue";
|
||||
import DialogHeader from "../ui/dialog/DialogHeader.vue";
|
||||
import DialogTitle from "../ui/dialog/DialogTitle.vue";
|
||||
import DialogDescription from "../ui/dialog/DialogDescription.vue";
|
||||
import Button from "../ui/button/Button.vue";
|
||||
import Calendar from "../ui/calendar/Calendar.vue";
|
||||
import {
|
||||
CalendarDate,
|
||||
getLocalTimeZone,
|
||||
} from "@internationalized/date"
|
||||
import { el } from "@fullcalendar/core/internal-common";
|
||||
import MemberCard from "../members/MemberCard.vue";
|
||||
import {
|
||||
Pagination,
|
||||
PaginationContent,
|
||||
PaginationEllipsis,
|
||||
PaginationItem,
|
||||
PaginationNext,
|
||||
PaginationPrevious,
|
||||
} from '@/components/ui/pagination'
|
||||
import { pagination } from "@shared/types/pagination";
|
||||
|
||||
const props = defineProps<{
|
||||
adminMode?: boolean
|
||||
}>()
|
||||
const props = defineProps<{
|
||||
adminMode?: boolean
|
||||
}>()
|
||||
|
||||
const LOAList = ref<LOARequest[]>([]);
|
||||
const LOAList = ref<LOARequest[]>([]);
|
||||
|
||||
onMounted(async () => {
|
||||
await loadLOAs();
|
||||
});
|
||||
|
||||
async function loadLOAs() {
|
||||
if (props.adminMode) {
|
||||
let result = await getAllLOAs(pageNum.value, pageSize.value);
|
||||
LOAList.value = result.data;
|
||||
pageData.value = result.pagination;
|
||||
} else {
|
||||
let result = await getMyLOAs(pageNum.value, pageSize.value);
|
||||
LOAList.value = result.data;
|
||||
pageData.value = result.pagination;
|
||||
}
|
||||
}
|
||||
|
||||
function formatDate(date: Date): string {
|
||||
if (!date) return "";
|
||||
date = typeof date === 'string' ? new Date(date) : date;
|
||||
return date.toLocaleDateString("en-US", {
|
||||
year: "numeric",
|
||||
month: "short",
|
||||
day: "numeric",
|
||||
onMounted(async () => {
|
||||
await loadLOAs();
|
||||
});
|
||||
}
|
||||
|
||||
function loaStatus(loa: LOARequest): "Upcoming" | "Active" | "Extended" | "Overdue" | "Closed" {
|
||||
if (loa.closed) return "Closed";
|
||||
async function loadLOAs() {
|
||||
if (props.adminMode) {
|
||||
let result = await getAllLOAs(pageNum.value, pageSize.value);
|
||||
LOAList.value = result.data;
|
||||
pageData.value = result.pagination;
|
||||
} else {
|
||||
let result = await getMyLOAs(pageNum.value, pageSize.value);
|
||||
LOAList.value = result.data;
|
||||
pageData.value = result.pagination;
|
||||
}
|
||||
}
|
||||
|
||||
const now = new Date();
|
||||
const start = new Date(loa.start_date);
|
||||
const end = new Date(loa.end_date);
|
||||
const extension = new Date(loa.extended_till);
|
||||
function formatDate(date: Date): string {
|
||||
if (!date) return "";
|
||||
date = typeof date === 'string' ? new Date(date) : date;
|
||||
return date.toLocaleDateString("en-US", {
|
||||
year: "numeric",
|
||||
month: "short",
|
||||
day: "numeric",
|
||||
});
|
||||
}
|
||||
|
||||
if (now < start) return "Upcoming";
|
||||
if (now >= start && (now <= end)) return "Active";
|
||||
if (now >= start && (now <= extension)) return "Extended";
|
||||
if (now > loa.extended_till || end) return "Overdue";
|
||||
function loaStatus(loa: LOARequest): "Upcoming" | "Active" | "Extended" | "Overdue" | "Closed" {
|
||||
if (loa.closed) return "Closed";
|
||||
|
||||
return "Overdue"; // fallback
|
||||
}
|
||||
const now = new Date();
|
||||
const start = new Date(loa.start_date);
|
||||
const end = new Date(loa.end_date);
|
||||
const extension = new Date(loa.extended_till);
|
||||
|
||||
async function cancelAndReload(id: number) {
|
||||
await cancelLOA(id, props.adminMode);
|
||||
await loadLOAs();
|
||||
}
|
||||
if (now < start) return "Upcoming";
|
||||
if (now >= start && (now <= end)) return "Active";
|
||||
if (now >= start && (now <= extension)) return "Extended";
|
||||
if (now > loa.extended_till || end) return "Overdue";
|
||||
|
||||
const isExtending = ref(false);
|
||||
const targetLOA = ref<LOARequest | null>(null);
|
||||
const extendTo = ref<CalendarDate | null>(null);
|
||||
return "Overdue"; // fallback
|
||||
}
|
||||
|
||||
const targetEnd = computed(() => { return targetLOA.value.extended_till ? targetLOA.value.extended_till : targetLOA.value.end_date })
|
||||
async function cancelAndReload(id: number) {
|
||||
await cancelLOA(id, props.adminMode);
|
||||
await loadLOAs();
|
||||
}
|
||||
|
||||
function toCalendarDate(date: Date): CalendarDate {
|
||||
if (typeof date === 'string')
|
||||
date = new Date(date);
|
||||
return new CalendarDate(date.getFullYear(), date.getMonth() + 1, date.getDate())
|
||||
}
|
||||
const isExtending = ref(false);
|
||||
const targetLOA = ref<LOARequest | null>(null);
|
||||
const extendTo = ref<CalendarDate | null>(null);
|
||||
|
||||
async function commitExtend() {
|
||||
await extendLOA(targetLOA.value.id, extendTo.value.toDate(getLocalTimeZone()));
|
||||
isExtending.value = false;
|
||||
await loadLOAs();
|
||||
}
|
||||
const targetEnd = computed(() => { return targetLOA.value.extended_till ? targetLOA.value.extended_till : targetLOA.value.end_date })
|
||||
function toCalendarDate(date: Date): CalendarDate {
|
||||
if (typeof date === 'string')
|
||||
date = new Date(date);
|
||||
return new CalendarDate(date.getFullYear(), date.getMonth() + 1, date.getDate())
|
||||
}
|
||||
|
||||
const expanded = ref<number | null>(null);
|
||||
const hoverID = ref<number | null>(null);
|
||||
async function commitExtend() {
|
||||
if (props.adminMode) {
|
||||
await adminExtendLOA(targetLOA.value.id, extendTo.value.toDate(getLocalTimeZone()));
|
||||
} else {
|
||||
await extendLOA(targetLOA.value.id, extendTo.value.toDate(getLocalTimeZone()));
|
||||
}
|
||||
isExtending.value = false;
|
||||
await loadLOAs();
|
||||
}
|
||||
|
||||
const pageNum = ref<number>(1);
|
||||
const pageData = ref<pagination>();
|
||||
const expanded = ref<number | null>(null);
|
||||
const hoverID = ref<number | null>(null);
|
||||
|
||||
const pageSize = ref<number>(15)
|
||||
const pageSizeOptions = [10, 15, 30]
|
||||
const pageNum = ref<number>(1);
|
||||
const pageData = ref<pagination>();
|
||||
|
||||
function setPageSize(size: number) {
|
||||
pageSize.value = size
|
||||
pageNum.value = 1;
|
||||
loadLOAs();
|
||||
}
|
||||
const pageSize = ref<number>(15)
|
||||
const pageSizeOptions = [10, 15, 30]
|
||||
|
||||
function setPage(pagenum: number) {
|
||||
pageNum.value = pagenum;
|
||||
loadLOAs();
|
||||
}
|
||||
function setPageSize(size: number) {
|
||||
pageSize.value = size
|
||||
pageNum.value = 1;
|
||||
loadLOAs();
|
||||
}
|
||||
|
||||
function setPage(pagenum: number) {
|
||||
pageNum.value = pagenum;
|
||||
loadLOAs();
|
||||
}
|
||||
</script>
|
||||
|
||||
<template>
|
||||
@@ -145,7 +148,7 @@ function setPage(pagenum: number) {
|
||||
<div class="flex gap-5">
|
||||
<Calendar v-model="extendTo" class="rounded-md border shadow-sm w-min" layout="month-and-year"
|
||||
:min-value="toCalendarDate(targetEnd)"
|
||||
:max-value="toCalendarDate(targetEnd).add({ years: 1 })" />
|
||||
:max-value="props.adminMode ? toCalendarDate(targetEnd).add({ years: 1 }) : toCalendarDate(targetEnd).add({ months: 1 })" />
|
||||
<div class="flex flex-col w-full gap-3 px-2">
|
||||
<p>Quick Options</p>
|
||||
<Button variant="outline" @click="extendTo = toCalendarDate(targetEnd).add({ days: 7 })">1
|
||||
@@ -205,9 +208,10 @@ function setPage(pagenum: number) {
|
||||
</Button>
|
||||
</DropdownMenuTrigger>
|
||||
<DropdownMenuContent>
|
||||
<DropdownMenuItem v-if="!post.closed && props.adminMode"
|
||||
<DropdownMenuItem v-if="!post.closed"
|
||||
:disabled="post.extended_till !== null && !props.adminMode"
|
||||
@click="isExtending = true; targetLOA = post">
|
||||
Extend
|
||||
{{ (post.extended_till !== null && !props.adminMode) ? 'Extend (Already Extended)' : 'Extend' }}
|
||||
</DropdownMenuItem>
|
||||
<DropdownMenuItem v-if="!post.closed" :variant="'destructive'"
|
||||
@click="cancelAndReload(post.id)">{{ loaStatus(post) === 'Upcoming' ?
|
||||
@@ -256,7 +260,7 @@ function setPage(pagenum: number) {
|
||||
<div class="">
|
||||
<p class="text-muted-foreground">Extended to</p>
|
||||
<p class="font-medium text-foreground">
|
||||
{{post.extended_till ? formatDate(post.extended_till) : 'N/A' }}
|
||||
{{ post.extended_till ? formatDate(post.extended_till) : 'N/A' }}
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@@ -26,7 +26,10 @@ const props = defineProps<{
|
||||
member: Member | null
|
||||
}>()
|
||||
|
||||
const emit = defineEmits(['update:open', 'discharged'])
|
||||
const emit = defineEmits<{
|
||||
'update:open': [value: boolean]
|
||||
'discharged': [value: { data: Discharge }]
|
||||
}>()
|
||||
|
||||
const formSchema = toTypedSchema(dischargeSchema);
|
||||
|
||||
|
||||
250
ui/src/components/members/TransferMember.vue
Normal file
250
ui/src/components/members/TransferMember.vue
Normal file
@@ -0,0 +1,250 @@
|
||||
<script setup lang="ts">
|
||||
import { computed, ref, watch } from 'vue'
|
||||
|
||||
import { adminAssignUnit, getUnits } from '@/api/units'
|
||||
import { getAllRanks } from '@/api/rank'
|
||||
import { Button } from '@/components/ui/button'
|
||||
import {
|
||||
Dialog,
|
||||
DialogContent,
|
||||
DialogDescription,
|
||||
DialogFooter,
|
||||
DialogHeader,
|
||||
DialogTitle,
|
||||
} from '@/components/ui/dialog'
|
||||
import { Field, FieldError, FieldLabel } from '@/components/ui/field'
|
||||
import { Input } from '@/components/ui/input'
|
||||
import {
|
||||
Select,
|
||||
SelectContent,
|
||||
SelectItem,
|
||||
SelectTrigger,
|
||||
SelectValue,
|
||||
} from '@/components/ui/select'
|
||||
import MemberCard from './MemberCard.vue'
|
||||
import type { Member } from '@shared/types/member'
|
||||
import type { Rank } from '@shared/types/rank'
|
||||
import type { Unit } from '@shared/types/units'
|
||||
|
||||
const props = defineProps<{
|
||||
open: boolean
|
||||
member: Member | null
|
||||
}>()
|
||||
|
||||
const emit = defineEmits<{
|
||||
'update:open': [value: boolean]
|
||||
transferred: [value: { memberId: number; unitId: number; rankId: number; reason: string }]
|
||||
}>()
|
||||
|
||||
const units = ref<Unit[]>([])
|
||||
const ranks = ref<Rank[]>([])
|
||||
const loadingUnits = ref(false)
|
||||
const loadingRanks = ref(false)
|
||||
const submitting = ref(false)
|
||||
const formError = ref('')
|
||||
|
||||
const selectedUnitId = ref('')
|
||||
const selectedRankId = ref('')
|
||||
const selectedReason = ref('transfer_request')
|
||||
const customReason = ref('')
|
||||
|
||||
const reasonOptions = [
|
||||
{ label: 'Transfer Request', value: 'transfer_request' },
|
||||
{ label: 'Leadership Vote', value: 'leadership_vote' },
|
||||
{ label: 'Appointment', value: 'appointment' },
|
||||
{ label: 'Step Down', value: 'step_down' },
|
||||
{ label: 'Custom', value: 'custom' },
|
||||
]
|
||||
|
||||
const resolvedReason = computed(() => {
|
||||
if (selectedReason.value === 'custom') {
|
||||
return customReason.value.trim()
|
||||
}
|
||||
return selectedReason.value
|
||||
})
|
||||
|
||||
const canSubmit = computed(() => {
|
||||
return !!props.member && !!selectedUnitId.value && !!selectedRankId.value && !!resolvedReason.value
|
||||
})
|
||||
|
||||
function resolveDefaultRankId(member: Member | null): string {
|
||||
if (!member || !member.rank) {
|
||||
return ''
|
||||
}
|
||||
|
||||
const normalizedMemberRank = member.rank.trim().toLowerCase()
|
||||
const matchedRank = ranks.value.find((rank) => {
|
||||
return rank.name.trim().toLowerCase() === normalizedMemberRank
|
||||
|| rank.short_name.trim().toLowerCase() === normalizedMemberRank
|
||||
})
|
||||
|
||||
return matchedRank ? String(matchedRank.id) : ''
|
||||
}
|
||||
|
||||
function resetForm() {
|
||||
selectedUnitId.value = ''
|
||||
selectedRankId.value = ''
|
||||
selectedReason.value = 'transfer_request'
|
||||
customReason.value = ''
|
||||
formError.value = ''
|
||||
}
|
||||
|
||||
async function loadUnits() {
|
||||
loadingUnits.value = true
|
||||
formError.value = ''
|
||||
try {
|
||||
units.value = await getUnits()
|
||||
} catch {
|
||||
formError.value = 'Failed to load units. Please try again.'
|
||||
} finally {
|
||||
loadingUnits.value = false
|
||||
}
|
||||
}
|
||||
|
||||
async function loadRanks() {
|
||||
loadingRanks.value = true
|
||||
formError.value = ''
|
||||
try {
|
||||
ranks.value = await getAllRanks()
|
||||
selectedRankId.value = resolveDefaultRankId(props.member)
|
||||
} catch {
|
||||
formError.value = 'Failed to load ranks. Please try again.'
|
||||
} finally {
|
||||
loadingRanks.value = false
|
||||
}
|
||||
}
|
||||
|
||||
watch(
|
||||
() => props.open,
|
||||
(isOpen) => {
|
||||
if (isOpen) {
|
||||
resetForm()
|
||||
loadUnits()
|
||||
loadRanks()
|
||||
}
|
||||
},
|
||||
)
|
||||
|
||||
async function onSubmit() {
|
||||
if (!props.member) {
|
||||
return
|
||||
}
|
||||
|
||||
if (!selectedUnitId.value) {
|
||||
formError.value = 'Please select a target unit.'
|
||||
return
|
||||
}
|
||||
|
||||
if (!selectedRankId.value) {
|
||||
formError.value = 'Please select a target rank.'
|
||||
return
|
||||
}
|
||||
|
||||
if (!resolvedReason.value) {
|
||||
formError.value = 'Please select a reason or enter a custom reason.'
|
||||
return
|
||||
}
|
||||
|
||||
submitting.value = true
|
||||
formError.value = ''
|
||||
try {
|
||||
const unitId = Number(selectedUnitId.value)
|
||||
const rankId = Number(selectedRankId.value)
|
||||
await adminAssignUnit(props.member.member_id, unitId, rankId, resolvedReason.value)
|
||||
|
||||
emit('transferred', {
|
||||
memberId: props.member.member_id,
|
||||
unitId,
|
||||
rankId,
|
||||
reason: resolvedReason.value,
|
||||
})
|
||||
emit('update:open', false)
|
||||
} catch {
|
||||
formError.value = 'Failed to transfer member. Please try again.'
|
||||
} finally {
|
||||
submitting.value = false
|
||||
}
|
||||
}
|
||||
</script>
|
||||
|
||||
<template>
|
||||
<Dialog :open="open" @update:open="emit('update:open', $event)">
|
||||
<DialogContent class="sm:max-w-[425px]">
|
||||
<DialogHeader>
|
||||
<DialogTitle>Transfer Member</DialogTitle>
|
||||
<DialogDescription>
|
||||
Select a new unit assignment for
|
||||
<MemberCard v-if="member" :member-id="member.member_id" />
|
||||
</DialogDescription>
|
||||
</DialogHeader>
|
||||
|
||||
<form id="transferForm" @submit.prevent="onSubmit" class="space-y-4 py-2">
|
||||
<Field>
|
||||
<FieldLabel>Target Unit</FieldLabel>
|
||||
<Select v-model="selectedUnitId" :disabled="loadingUnits || submitting">
|
||||
<SelectTrigger>
|
||||
<SelectValue placeholder="Select unit" />
|
||||
</SelectTrigger>
|
||||
<SelectContent>
|
||||
<SelectItem v-for="unit in units" :key="unit.id" :value="String(unit.id)">
|
||||
{{ unit.name }}
|
||||
</SelectItem>
|
||||
</SelectContent>
|
||||
</Select>
|
||||
</Field>
|
||||
|
||||
<Field>
|
||||
<FieldLabel>Target Rank</FieldLabel>
|
||||
<Select v-model="selectedRankId" :disabled="loadingRanks || submitting">
|
||||
<SelectTrigger>
|
||||
<SelectValue placeholder="Select rank" />
|
||||
</SelectTrigger>
|
||||
<SelectContent>
|
||||
<SelectItem v-for="rank in ranks" :key="rank.id" :value="String(rank.id)">
|
||||
{{ rank.name }}
|
||||
</SelectItem>
|
||||
</SelectContent>
|
||||
</Select>
|
||||
</Field>
|
||||
|
||||
<Field>
|
||||
<FieldLabel>Reason</FieldLabel>
|
||||
<Select v-model="selectedReason" :disabled="submitting">
|
||||
<SelectTrigger>
|
||||
<SelectValue placeholder="Select reason" />
|
||||
</SelectTrigger>
|
||||
<SelectContent>
|
||||
<SelectItem
|
||||
v-for="reason in reasonOptions"
|
||||
:key="reason.value"
|
||||
:value="reason.value"
|
||||
>
|
||||
{{ reason.label }}
|
||||
</SelectItem>
|
||||
</SelectContent>
|
||||
</Select>
|
||||
</Field>
|
||||
|
||||
<Field v-if="selectedReason === 'custom'">
|
||||
<FieldLabel>Custom Reason</FieldLabel>
|
||||
<Input
|
||||
v-model="customReason"
|
||||
:disabled="submitting"
|
||||
placeholder="Enter custom transfer reason"
|
||||
/>
|
||||
</Field>
|
||||
|
||||
<FieldError v-if="formError" :errors="[formError]" />
|
||||
</form>
|
||||
|
||||
<DialogFooter class="gap-2">
|
||||
<Button variant="ghost" @click="emit('update:open', false)">
|
||||
Cancel
|
||||
</Button>
|
||||
<Button type="submit" form="transferForm" :disabled="!canSubmit || loadingUnits || loadingRanks || submitting">
|
||||
{{ submitting ? 'Transferring...' : 'Transfer Member' }}
|
||||
</Button>
|
||||
</DialogFooter>
|
||||
</DialogContent>
|
||||
</Dialog>
|
||||
</template>
|
||||
@@ -32,6 +32,9 @@
|
||||
import Spinner from "@/components/ui/spinner/Spinner.vue";
|
||||
import DischargeMember from "@/components/members/DischargeMember.vue";
|
||||
import MemberCard from "@/components/members/MemberCard.vue";
|
||||
import { useMemberDirectory } from "@/stores/memberDirectory";
|
||||
import { Discharge } from "@shared/schemas/dischargeSchema";
|
||||
import TransferMember from "@/components/members/TransferMember.vue";
|
||||
|
||||
// --- State ---
|
||||
const router = useRouter();
|
||||
@@ -139,25 +142,41 @@
|
||||
|
||||
//discharge form logic
|
||||
const isDischargeOpen = ref(false)
|
||||
const targetMember = ref(null)
|
||||
const isTransferOpen = ref(false)
|
||||
const targetMember = ref<Member | null>(null)
|
||||
|
||||
function openDischargeModal(member: Member) {
|
||||
targetMember.value = member
|
||||
isDischargeOpen.value = true
|
||||
}
|
||||
|
||||
function openTransferModal(member: Member) {
|
||||
targetMember.value = member
|
||||
isTransferOpen.value = true
|
||||
}
|
||||
|
||||
async function onSuspend(member: Member) {
|
||||
await suspendMember(member.member_id);
|
||||
await fetchMembers();
|
||||
memberCache.invalidateMember(member.member_id);
|
||||
}
|
||||
|
||||
async function onUnsuspend(member: Member) {
|
||||
await unsuspendMember(member.member_id);
|
||||
await fetchMembers();
|
||||
memberCache.invalidateMember(member.member_id);
|
||||
}
|
||||
|
||||
function handleDischargeSuccess(data) {
|
||||
const memberCache = useMemberDirectory();
|
||||
|
||||
function handleDischargeSuccess(value: { data: Discharge }) {
|
||||
fetchMembers();
|
||||
memberCache.invalidateMember(value.data.userID);
|
||||
}
|
||||
|
||||
function handleTransferSuccess(value: { memberId: number; unitId: number; rankId: number; reason: string }) {
|
||||
fetchMembers();
|
||||
memberCache.invalidateMember(value.memberId);
|
||||
}
|
||||
</script>
|
||||
|
||||
@@ -165,6 +184,8 @@
|
||||
<div>
|
||||
<DischargeMember v-model:open="isDischargeOpen" :member="targetMember" @discharged="handleDischargeSuccess">
|
||||
</DischargeMember>
|
||||
<TransferMember v-model:open="isTransferOpen" :member="targetMember" @transferred="handleTransferSuccess">
|
||||
</TransferMember>
|
||||
<div class="mx-auto max-w-7xl w-full py-10 px-4">
|
||||
<div class="flex flex-col gap-2">
|
||||
<div class="flex flex-col md:flex-row md:items-center justify-between gap-4">
|
||||
@@ -245,7 +266,8 @@
|
||||
<TableCell>{{ member.rank }}</TableCell>
|
||||
<TableCell>{{ member.unit }}</TableCell>
|
||||
<TableCell>
|
||||
<Badge variant="outline" class="capitalize font-normal">{{ MemberState[member.member_state] }}</Badge>
|
||||
<Badge variant="outline" class="capitalize font-normal">{{
|
||||
MemberState[member.member_state] }}</Badge>
|
||||
</TableCell>
|
||||
<TableCell>
|
||||
<Badge v-if="member.loa_until" variant="secondary"
|
||||
@@ -262,11 +284,17 @@
|
||||
<!-- <DropdownMenuItem @click="navigateToMember(member.member_id)">
|
||||
View Profile
|
||||
</DropdownMenuItem> -->
|
||||
<DropdownMenuItem @click="openDischargeModal(member)"
|
||||
<DropdownMenuItem v-if="member.member_state === MemberState.Member"
|
||||
@click="openTransferModal(member)">
|
||||
Transfer Member
|
||||
</DropdownMenuItem>
|
||||
<DropdownMenuItem v-if="member.member_state !== MemberState.Discharged"
|
||||
@click="openDischargeModal(member)"
|
||||
class="text-destructive focus:bg-destructive focus:text-destructive-foreground font-medium">
|
||||
Discharge Member
|
||||
</DropdownMenuItem>
|
||||
<DropdownMenuItem v-if="member.member_state !== MemberState.Suspended" @click="onSuspend(member)"
|
||||
<DropdownMenuItem v-if="member.member_state !== MemberState.Suspended"
|
||||
@click="onSuspend(member)"
|
||||
class="text-destructive focus:bg-destructive focus:text-destructive-foreground font-medium">
|
||||
Suspend Member
|
||||
</DropdownMenuItem>
|
||||
|
||||
Reference in New Issue
Block a user