From 74d2b7c31239044753e4cd1521882b18aab94fc4 Mon Sep 17 00:00:00 2001
From: Hanen Alrwasheda <alrwasheda@mi.fu-berlin.de>
Date: Sun, 16 Jan 2022 06:43:31 +0100
Subject: [PATCH] some fixes in accounts route+controller
---
.../src/controllers/accounts.controllers.ts | 35 +++++++++----------
server/src/routes/accounts.routes.ts | 4 +--
2 files changed, 18 insertions(+), 21 deletions(-)
diff --git a/server/src/controllers/accounts.controllers.ts b/server/src/controllers/accounts.controllers.ts
index 31b3e09..b2f7772 100644
--- a/server/src/controllers/accounts.controllers.ts
+++ b/server/src/controllers/accounts.controllers.ts
@@ -4,46 +4,49 @@ import Employee from "../db/models/Employee";
//create new account
const createAccountController = async (req: Request, res: Response) => {
try {
+ //check if user is coordinator
if (!(res.locals.user.role === "coordinator")) {
return res
.status(403)
.json({ success: false, error: "MustBeCoordinator" });
}
- const { first_name, last_name, email, password, role } = req.body;
+ //get input from req.body
+ const input = req.body;
+ //get all accounts with same given email
const existedAccount = await Employee.findAll({
where: {
- email: email,
+ email: input.email,
},
});
+ //if account with same given email was found
if (existedAccount.length > 0) {
return res
.status(409)
.json({ success: false, error: "AccountAlreadyExists" });
}
- const hashedPassword = await bcrypt.hash(password, 10);
+ //encrypt given password
+ input.password = await bcrypt.hash(input.password, 10);
- const newAccount = await Employee.create({
- email,
- first_name: first_name,
- last_name: last_name,
- password: hashedPassword,
- role,
- });
+ //creating new Account
+ const newAccount = await Employee.create(input);
+ //returning result
return res.status(201).send({
success: true,
account: {
+ id: newAccount.id,
first_name: newAccount.first_name,
last_name: newAccount.last_name,
email: newAccount.email,
role: newAccount.role,
},
});
- } catch {
+ } catch (error) {
+ console.error(error.message);
return res.status(500).json({ success: false, error: "serverError" });
}
};
@@ -105,7 +108,6 @@ const showAccountById = async (req: Request, res: Response) => {
//update account by id
const updateAccount = async (req: Request, res: Response) => {
- //input needs validation: handleValidationResult!?
//by trying to update email, duplicates could be found which leads to server-error: must be handled seperately?
try {
@@ -120,14 +122,9 @@ const updateAccount = async (req: Request, res: Response) => {
const givenId = req.params.id;
//check if given ID exists in DB
- const checkIfIdExists = await Employee.findOne({
- attributes: ["id"],
- where: {
- id: givenId,
- },
- });
+ const foundEmployee = await Employee.findByPk(givenId);
- if (checkIfIdExists === null) {
+ if (foundEmployee === null) {
return res.status(404).json({ success: false, error: "accountNotFound" });
}
diff --git a/server/src/routes/accounts.routes.ts b/server/src/routes/accounts.routes.ts
index 3acae1a..be9cab0 100644
--- a/server/src/routes/accounts.routes.ts
+++ b/server/src/routes/accounts.routes.ts
@@ -13,7 +13,7 @@ accountsRouter.post(
body("last_name").not().isEmpty(),
body("email").isEmail().normalizeEmail(),
body("role").isIn(["coordinator", "boatManager"]),
- body("password").isLength({ min: 6 }),
+ body("password").isLength({ min: 6 }).isString(),
handleValidationResult,
validateToken,
accountsControllers.createAccountController
@@ -37,7 +37,7 @@ accountsRouter.patch(
body("last_name").if(body("last_name").exists()).not().isEmpty(),
body("email").if(body("email").exists()).isEmail().normalizeEmail(),
body("role").if(body("role").exists()).isIn(["coordinator", "boatManager"]),
- body("password").if(body("password").exists()).isLength({ min: 6 }),
+ body("password").if(body("password").exists()).isLength({ min: 6 }).isString(),
handleValidationResult,
validateToken,
accountsControllers.updateAccount
--
GitLab