From a380a465ce02059a630ef678fecd6666cbdf8f30 Mon Sep 17 00:00:00 2001
From: alex <alex@alexloehr.net>
Date: Fri, 28 Nov 2025 10:21:00 +0000
Subject: [PATCH] GS-2333
---
app.js | 124 ++++++++++++++++++++++++++++++----------
1 files changed, 92 insertions(+), 32 deletions(-)
diff --git a/app.js b/app.js
index e7f9dce..05e0430 100644
--- a/app.js
+++ b/app.js
@@ -8,6 +8,7 @@
const dayjs = require("dayjs")
const log = require("./logger")
+log.info("")
log.info(`--- STARTUP ${dayjs().format("DD.MM.YYYY HH:mm:ss")} ---`)
const db = require("./lib/db")
@@ -29,15 +30,21 @@
// console.log(req.url)
const token = req.query.token
- if (token !== settings.authtoken && !req.url.startsWith("/ui/")) {
+ if (token !== settings.authtoken && !req.url.startsWith("/ui/") && !req.url.startsWith("/api/version")) {
log.error("# AUTH ERROR #", token)
await promiseDelay(500) // delay response to avoid denial of service attacks
res.code(403)
return res.send({status: "error", error: "access denied"})
- }
- else {
+ } else {
// log.debug("AUTH FOR ", req.url)
}
+})
+
+/////// VERSION ////////////////////////////////////////////////////////////////
+
+fastify.get("/api/version", async function (req, res) {
+ const {version} = require("./package.json")
+ return res.send({version})
})
/////// SEARCH ////////////////////////////////////////////////////////////////
@@ -45,14 +52,14 @@
const searchLib = require("./lib/search")
const {setStatus} = require("./lib/db")
searchLib.doIndex().catch(console.error)
+
fastify
.get("/api/search/user", async function (req, res) {
log.info(req.query)
const search = req.query?.search
if (!search) {
return res.code(422).send({status: "error", msg: "no search"})
- }
- else {
+ } else {
log.info(search)
const data = await searchLib.search(search)
return res.send(data)
@@ -68,8 +75,10 @@
})
})
+
+/////// USER ////////////////////////////////////////////////////////////////
+
fastify
- /////// USER ////////////////////////////////////////////////////////////////
.get('/api/user', async function (req, res) {
const {offset, limit, search} = req.query
const users = await db.getUsers(offset, limit, search)
@@ -84,8 +93,7 @@
const user = await db.getUserByLogin(login)
if (user) {
return res.send(user)
- }
- else {
+ } else {
return res.code(404).send({status: "error", msg: "not found"})
}
})
@@ -97,8 +105,7 @@
const user = await db.getUserByUserId(userid)
if (user) {
return res.send(user)
- }
- else {
+ } else {
return res.code(404).send({status: "error", msg: "not found"})
}
})
@@ -111,8 +118,7 @@
const tn = await db.getUserTeilnahmen(userId)
if (tn) {
return res.send(tn)
- }
- else {
+ } else {
return res.code(404).send({status: "error", msg: "not found"})
}
})
@@ -123,16 +129,11 @@
return res.send(res2)
})
- .delete("/api/user", async function (req, res) { // DELETE ALL users
- const res2 = await libIlias.deleteAllUsers()
- return res.send(res2)
- })
.delete("/api/user/:usr_id", async function (req, res) {
const {usr_id} = req.params
if (!usr_id || isNaN(Number(usr_id))) {
return res.code(500).send({status: "error", msg: "userId error"})
- }
- else {
+ } else {
const res2 = await libIlias.deleteUser(usr_id)
log.info(res2)
return res.send(res2)
@@ -146,8 +147,7 @@
const data = await db.getObjIdFromRefId(ref_id)
if (data) {
return res.send(data)
- }
- else {
+ } else {
return res.code(404).send({status: "error", msg: "not found"})
}
})
@@ -156,8 +156,7 @@
let data = await db.getRefIdFromObjId(obj_id)
if (data) {
return res.send(data)
- }
- else {
+ } else {
return res.code(404).send({status: "error", msg: "not found"})
}
})
@@ -168,8 +167,7 @@
let data = await db.getKurse()
if (data) {
return res.send(data)
- }
- else {
+ } else {
return res.code(404).send({status: "error", msg: "not found"})
}
})
@@ -178,8 +176,7 @@
let data = await db.getKurs(refId)
if (data) {
return res.send(data)
- }
- else {
+ } else {
return res.code(404).send({status: "error", msg: "not found"})
}
})
@@ -188,8 +185,7 @@
let data = await db.getKursItems2(refId)
if (data) {
return res.send(data)
- }
- else {
+ } else {
return res.code(404).send({status: "error", msg: "not found"})
}
})
@@ -198,8 +194,20 @@
let data = await db.getKursTeilnehmer(refId)
if (data) {
return res.send(data)
+ } else {
+ return res.code(404).send({status: "error", msg: "not found"})
}
- else {
+ })
+ .get("/api/kurs/:refId/lp", async function (req, res) {
+ const {refId} = req.params
+ const {obj_id: objId} = await db.getObjIdFromRefId(refId)
+
+ const raw = req.query.raw
+ let data = await db.getKursLp(objId, raw)
+
+ if (data) {
+ return res.send(data)
+ } else {
return res.code(404).send({status: "error", msg: "not found"})
}
})
@@ -219,8 +227,7 @@
let data = await db.getSingleKursTeilnehmer(refId, userId)
if (data) {
return res.send(data)
- }
- else {
+ } else {
return res.code(404).send({status: "error", msg: "not found"})
}
})
@@ -260,6 +267,36 @@
}
})
+ .get("/api/kurs/:refId/offline", async function (req, res) {
+ const refId = Number(req.params.refId)
+
+ try {
+ const {obj_id} = await db.getObjIdFromRefId(refId)
+ const res2 = await db.getKursOffline(obj_id)
+ return res.send(res2)
+ } catch (err) {
+ console.error(err)
+ log.error(err.message)
+ return res.code(500).send({status: "error", message: err.message})
+ }
+ })
+ .post("/api/kurs/:refId/offline", async function (req, res) {
+ const refId = Number(req.params.refId)
+ const {offline} = req.body
+ // console.dir(req.body, {depth: null, colors: true, maxArrayLength: null})
+
+ try {
+ const {obj_id} = await db.getObjIdFromRefId(refId)
+ const res2 = await db.setKursOffline(offline, obj_id)
+ return res.send(res2)
+ } catch (err) {
+ console.error(err)
+ log.error(err.message)
+ return res.code(500).send({status: "error", message: err.message})
+ }
+ })
+
+ // abmelden
.delete("/api/kurs/:refId/teilnehmer/:usrId", async function (req, res) {
const {refId, usrId} = req.params
if (!refId || !usrId) throw {status: "error", msg: "refId and usrId requried"}
@@ -278,6 +315,29 @@
return res.code(500).send({status: "error", msg})
}
})
+
+ // Kurs Admins - über Rolle
+ .get("/api/kurs/rolle/admin", async function (req, res) {
+ try {
+ const data = await db.getCourseAdminRoles()
+ return res.send(data)
+ } catch (err) {
+ console.error(err)
+ return res.code(500).send({status: "error", error: err.toString()})
+ }
+ })
+
+ // Kurs Admins - über Rolle - FEHLENDE Zuweisung eines tatsächlichen Users
+ .get("/api/kurs/rolle/noadmin", async function (req, res) {
+ try {
+ const data = await db.getCourseWithoutAdminRoles()
+ return res.send(data)
+ } catch (err) {
+ console.error(err)
+ return res.code(500).send({status: "error", error: err.toString()})
+ }
+ })
+
/////// STATIC / SPA ////////////////////////////////////////////////////////////////
@@ -313,7 +373,7 @@
/////////////////////////////////////////////////////////////////////////
-async function promiseDelay (ms) {
+async function promiseDelay(ms) {
return new Promise(resolve => setTimeout(resolve, ms))
}
--
Gitblit v1.8.0