206 lines
5.0 KiB
JavaScript
206 lines
5.0 KiB
JavaScript
const express = require('express');
|
|
const router = express.Router();
|
|
|
|
// DB pool (same as used in api/index.js)
|
|
const pool = require('../db');
|
|
|
|
// POST /application
|
|
router.post('/', async (req, res) => {
|
|
try {
|
|
const App = req.body?.App || {};
|
|
|
|
// TODO: replace with current user ID
|
|
const memberId = 1;
|
|
|
|
const sql = `INSERT INTO applications (member_id, app_version, app_data) VALUES (?, ?, ?);`;
|
|
const appVersion = 1;
|
|
|
|
const params = [memberId, appVersion, JSON.stringify(App)]
|
|
|
|
console.log(params)
|
|
|
|
await pool.query(sql, params);
|
|
|
|
res.sendStatus(201);
|
|
} catch (err) {
|
|
console.error('Insert failed:', err);
|
|
res.status(500).json({ error: 'Failed to save application' });
|
|
}
|
|
});
|
|
|
|
// GET /application/all
|
|
router.get('/all', async (req, res) => {
|
|
try {
|
|
const sql = `SELECT
|
|
member.name AS member_name,
|
|
app.id,
|
|
app.member_id,
|
|
app.submitted_at,
|
|
app.app_status
|
|
FROM applications AS app
|
|
LEFT JOIN members AS member
|
|
ON member.id = app.member_id;`
|
|
|
|
const rows = await pool.query(sql);
|
|
|
|
res.status(200).json(rows);
|
|
} catch (err) {
|
|
console.error(err);
|
|
res.status(500);
|
|
}
|
|
});
|
|
|
|
// GET /application/:id
|
|
router.get('/:id', async (req, res) => {
|
|
let appID = req.params.id;
|
|
|
|
//TODO: Replace with real user Authorization and whatnot
|
|
// if the application is not "me" and I am not a recruiter, deny access to the application (return 403 or whatever)
|
|
if (appID === "me")
|
|
appID = 2;
|
|
|
|
try {
|
|
const conn = await pool.getConnection()
|
|
|
|
const application = await conn.query(
|
|
`SELECT app.*,
|
|
member.name AS member_name
|
|
FROM applications AS app
|
|
INNER JOIN members AS member ON member.id = app.member_id
|
|
WHERE app.id = ?;`,
|
|
[appID]
|
|
);
|
|
|
|
if (!Array.isArray(application) || application.length === 0) {
|
|
conn.release();
|
|
return res.status(204).json("Application Not Found");
|
|
}
|
|
|
|
const comments = await conn.query(`SELECT app.id AS comment_id,
|
|
app.post_content,
|
|
app.poster_id,
|
|
app.post_time,
|
|
app.last_modified,
|
|
member.name AS poster_name
|
|
FROM application_comments AS app
|
|
INNER JOIN members AS member ON member.id = app.poster_id
|
|
WHERE app.application_id = ?;`,
|
|
[appID]);
|
|
|
|
conn.release()
|
|
|
|
const output = {
|
|
application: application[0],
|
|
comments,
|
|
}
|
|
return res.status(200).json(output);
|
|
}
|
|
catch (err) {
|
|
console.error('Query failed:', err);
|
|
return res.status(500).json({ error: 'Failed to load application' });
|
|
}
|
|
});
|
|
|
|
// POST /application/approve/:id
|
|
router.post('/approve/:id', async (req, res) => {
|
|
const appID = req.params.id;
|
|
|
|
const sql = `
|
|
UPDATE applications
|
|
SET approved_at = NOW()
|
|
WHERE id = ?
|
|
AND approved_at IS NULL
|
|
AND denied_at IS NULL
|
|
`;
|
|
try {
|
|
const result = await pool.execute(sql, appID);
|
|
|
|
console.log(result);
|
|
|
|
if (result.affectedRows === 0) {
|
|
res.status(400).json('Something went wrong approving the application');
|
|
}
|
|
|
|
if (result.affectedRows == 1) {
|
|
res.sendStatus(200);
|
|
}
|
|
|
|
} catch (err) {
|
|
console.error('Approve failed:', err);
|
|
res.status(500).json({ error: 'Failed to approve application' });
|
|
}
|
|
});
|
|
|
|
// POST /application/deny/:id
|
|
router.post('/deny/:id', async (req, res) => {
|
|
const appID = req.params.id;
|
|
|
|
const sql = `
|
|
UPDATE applications
|
|
SET denied_at = NOW()
|
|
WHERE id = ?
|
|
AND approved_at IS NULL
|
|
AND denied_at IS NULL
|
|
`;
|
|
try {
|
|
const result = await pool.execute(sql, appID);
|
|
|
|
console.log(result);
|
|
|
|
if (result.affectedRows === 0) {
|
|
res.status(400).json('Something went wrong denying the application');
|
|
}
|
|
|
|
if (result.affectedRows == 1) {
|
|
res.sendStatus(200);
|
|
}
|
|
|
|
} catch (err) {
|
|
console.error('Approve failed:', err);
|
|
res.status(500).json({ error: 'Failed to deny application' });
|
|
}
|
|
});
|
|
|
|
// POST /application/:id/comment
|
|
router.post('/:id/comment', async (req, res) => {
|
|
const appID = req.params.id;
|
|
const data = req.body.message;
|
|
const user = 1;
|
|
|
|
const sql = `INSERT INTO application_comments(
|
|
application_id,
|
|
poster_id,
|
|
post_content
|
|
)
|
|
VALUES(?, ?, ?);`
|
|
|
|
try {
|
|
const conn = await pool.getConnection();
|
|
|
|
const result = await conn.query(sql, [appID, user, data])
|
|
console.log(result)
|
|
if (result.affectedRows !== 1) {
|
|
conn.release();
|
|
throw new Error("Insert Failure")
|
|
}
|
|
|
|
const getSQL = `SELECT app.id AS comment_id,
|
|
app.post_content,
|
|
app.poster_id,
|
|
app.post_time,
|
|
app.last_modified,
|
|
member.name AS poster_name
|
|
FROM application_comments AS app
|
|
INNER JOIN members AS member ON member.id = app.poster_id
|
|
WHERE app.id = ?; `;
|
|
const comment = await conn.query(getSQL, [result.insertId])
|
|
res.status(201).json(comment[0]);
|
|
|
|
} catch (err) {
|
|
console.error('Comment failed:', err);
|
|
res.status(500).json({ error: 'Could not post comment' });
|
|
}
|
|
});
|
|
|
|
module.exports = router;
|