kaverti
/
cubash-archive
forked from kaverti/website
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
cubash-archive/routes/team_admin.js

253 lines
8.5 KiB
JavaScript
Raw Blame History

/*
@swagger
components:
schemas:
Book:
type: object
required:
- title
- author
- finished
properties:
id:
type: integer
description: The auto-generated id of the book.
title:
type: string
description: The title of your book.
author:
type: string
description: Who wrote the book?
finished:
type: boolean
description: Have you finished reading it?
createdAt:
type: string
format: date
description: The date of the record creation.
example:
title: The Pragmatic Programmer
author: Andy Hunt / Dave Thomas
finished: true
*/
let bcrypt = require('bcryptjs')
let multer = require('multer')
let express = require('express')
let router = express.Router()
const auth = require('../lib/auth')
var Recaptcha = require('express-recaptcha').RecaptchaV3;
var recaptcha = new Recaptcha('6LdlbrwZAAAAAKvtcVQhVl_QaNOqmQ4PgyW3SKHy', '6LdlbrwZAAAAAMAWPVDrL8eNPxrws6AMDtLf1bgd');
var reCAPTCHASecret = "6LdlbrwZAAAAAKvtcVQhVl_QaNOqmQ4PgyW3SKHy";
const Errors = require('../lib/errors.js')
var format = require('date-format');
let {
User, Post, teamPicture, userWall, StaffApplications, AdminToken, PassKey, Thread, Category, Sequelize, Ip, Ban, sequelize, Team, TeamMembers, TeamRoles
} = require('../models')
let pagination = require('../lib/pagination.js')
const sgMail = require('@sendgrid/mail');
const MailGen = require('mailgen')
const crypto = require("crypto")
const cryptoRandomString = require("crypto-random-string")
let Promise = require('bluebird');
const rateLimit = require("express-rate-limit");
let upload = multer({
storage: multer.memoryStorage(),
limits:{
fileSize: 1024 * 1024
}
})
const emailLimiter = rateLimit({
windowMs: 60000,
max: 1, // limit each IP to 100 requests per windowMs
message: "{\"errors\":[{\"name\":\"rateLimit\",\"message\":\"You may only make 1 request to this endpoint per minute.\",\"status\":429}]}"
});
router.post('/:username/picture', auth, upload.single('picture'), async (req, res, next) => {
try {
let user = await Team.findOne({
where: {
username: req.params.username
}
})
let picture = await teamPicture.findOne({
where: { TeamId: user.id }
})
let pictureObj = {
file: req.file.buffer,
mimetype: req.file.mimetype,
TeamId: user.id
}
//No picture set yet
if(!picture) {
await teamPicture.create(pictureObj)
} else {
await picture.update(pictureObj)
}
//Add random query to end to force browser to reload background images
await user.update({
picture: '/api/v1/teams/view/' + req.params.username + '/picture?rand=' + Date.now()
})
res.json(user.toJSON())
} catch (e) { next(e) }
})
router.put('/modify/:username', auth, async(req, res, next) => {
try {
if(!req.userData.username) {
throw Errors.requestNotAuthorized
}
await Ban.ReadOnlyMode(req.userData.username)
let user1 = await Team.findOne({ where: {
username: req.params.username
}})
let user2 = await User.findOne({ where: {
username: req.userData.username
}})
console.log(user1.OwnerId, user2.id)
if(user1 && user2.id === user1.OwnerId) {
if(req.autosan.body.description !== undefined, req.autosan.body.name !== undefined) {
let user = await Team.update({description: req.autosan.body.description, name: req.autosan.body.name}, {
where: {
username: req.params.username
}
})
res.status(200)
res.json({success: true})
} else {
throw Errors.requestNotAuthorized
}
} else {
throw Errors.requestNotAuthorized
}
} catch (e) { next(e) }
})
router.post('/roles/create/:username', auth, async(req, res, next) => {
try {
let team = await Team.findOne({
where: {username: req.params.username}
});
if(team) {
let queryObj3 = {
where: {userId: req.userData.UserId, teamId: team.id},
}
if(team.banned) {
res.status(200)
res.json({success: false})
}
let teamJoinTest = await TeamMembers.findOne(queryObj3)
if (teamJoinTest) {
let makeRole = {
name: req.body.name,
administrator: req.body.administrator,
inviteUsers: req.body.inviteUsers,
changeTeamMeta: req.body.changeTeamMeta,
forumAdministrator: req.body.forumAdministrator,
moderateForumThreads: req.body.moderateForumThreads,
changeTeamPrivacy: req.body.changeTeamPrivacy,
submitTeamItems: req.body.submitTeamItems,
priority: req.body.priority,
teamId: team.id
}
let teamCreate = await TeamRoles.create(makeRole)
res.status(200)
res.json(teamCreate.toJSON())
} else if (!teamJoinTest) {
res.status(400)
res.json({success: false})
}
} else {
throw Errors.teamDoesNotExist
}
} catch (e) { next(e) }
})
router.put('/roles/modify/:username/:id', auth, async(req, res, next) => {
try {
let team = await Team.findOne({
where: {username: req.params.username}
});
if(team) {
let queryObj3 = {
where: {userId: req.userData.UserId, teamId: team.id},
}
if(team.banned) {
res.status(200)
res.json({success: false})
}
let teamJoinTest = await TeamMembers.findOne(queryObj3)
if (teamJoinTest) {
if(req.body.name) {
let find = await TeamRoles.findOne({
where: {
id: req.params.id,
teamId: team.id
}
})
if(find) {
let update = await TeamRoles.update({
priority: req.body.priority,
name: req.body.name,
administrator: req.body.administrator,
inviteUsers: req.body.inviteUsers,
changeTeamMeta: req.body.changeTeamMeta,
forumAdministrator: req.body.forumAdministrator,
moderateForumThreads: req.body.moderateForumThreads,
changeTeamPrivacy: req.body.changeTeamPrivacy,
submitTeamItems: req.body.submitTeamItems,
}, {
where: {
id: req.params.id,
teamId: team.id
}
})
res.status(200)
res.json({success: true})
} else {
res.status(400)
res.json({success: false})
}
} else if(req.body.priority && !req.body.name) {
let find = await TeamRoles.findOne({
where: {
id: req.params.id,
teamId: team.id
}
})
if(find) {
await TeamRoles.update({priority: req.body.priority}, {
where: {
id: req.params.id,
teamId: team.id
}
})
res.status(200)
res.json({success:true})
} else {
res.status(400)
res.json({success: false})
}
} else {
res.status(400)
res.json({success: false})
}
} else if (!teamJoinTest) {
res.status(400)
res.json({success: false})
}
} else {
throw Errors.teamDoesNotExist
}
} catch (e) { next(e) }
})
module.exports = router;
Reference in New Issue View Git Blame Copy Permalink