From c0225d52a3e532d667ebeeca090a59edb534e638 Mon Sep 17 00:00:00 2001
From: alex <alex@alexloehr.net>
Date: Mon, 02 Jun 2025 16:12:44 +0000
Subject: [PATCH] adding new routes
---
lib/db.js | 147 ++++++++++++++++++++++++++++++++++++++++++++++---
1 files changed, 138 insertions(+), 9 deletions(-)
diff --git a/lib/db.js b/lib/db.js
index 3ff3fc7..8f8c3f5 100644
--- a/lib/db.js
+++ b/lib/db.js
@@ -23,30 +23,49 @@
getUserCount,
getUserByLogin,
getUserByUserId,
+ getUserDefinedFields,
+ getUserDefinedField,
+
+ getObjIdFromRefId,
+ getRefIdFromObjId,
+
+ getKurse,
+ getKursItems,
+ // getKursByObjId,
+ // getKursByRefId,
+ getTeilnehmer,
}
/////////////////////////////////////////////////////////////////////////
-async function getUsers (limit = 10, offset = 0) {
+async function getUsers (offset = 0, limit = 10) {
const sel = `usr_id, login, firstname, lastname, gender, email, institution, street, city, zipcode, country, department, active`
// TODO user defined fields
+ // TODO check args for SQL Injection
const pool = await poolP
const [results, fields] = await pool.query(
`SELECT ${sel}
- FROM ilias.usr_data AS ud
+ FROM ${database}.usr_data AS ud
WHERE login REGEXP '^[0-9]+$'
LIMIT ${limit}
OFFSET ${offset}
`
)
- return results
+ const count = await getUserCount()
+ return {
+ total: count,
+ offset, limit,
+ data: results,
+ }
}
async function getUserCount () {
const pool = await poolP
const [results, fields] = await pool.query(
- `SELECT COUNT(*) FROM ilias.usr_data AS ud WHERE login REGEXP '^[0-9]+$'`
+ `SELECT COUNT(*)
+ FROM ${database}.usr_data AS ud
+ WHERE login REGEXP '^[0-9]+$'`
)
return results[0]["COUNT(*)"]
}
@@ -54,27 +73,77 @@
async function getUserByLogin (login) {
const sel = `usr_id, login, firstname, lastname, gender, email, institution, street, city, zipcode, country, department, active`
// TODO user defined fields
+ // TODO check args for SQL Injection
const pool = await poolP
const [results, fields] = await pool.query(
`SELECT ${sel}
- FROM ilias.usr_data AS ud
- WHERE login = '${login}' AND login REGEXP '^[0-9]+$'`
+ FROM ${database}.usr_data AS ud
+ WHERE login = '${login}'
+ AND login REGEXP '^[0-9]+$'`
)
- return results
+ return joinUDF(results[0])
}
async function getUserByUserId (userId) {
const sel = `usr_id, login, firstname, lastname, gender, email, institution, street, city, zipcode, country, department, active`
// TODO user defined fields
+ // TODO check args for SQL Injection
const pool = await poolP
const [results, fields] = await pool.query(
`SELECT ${sel}
- FROM ilias.usr_data AS ud
- WHERE usr_id = '${userId}' AND login REGEXP '^[0-9]+$'`
+ FROM ${database}.usr_data AS ud
+ WHERE usr_id = '${userId}'
+ AND login REGEXP '^[0-9]+$'`
+ )
+ return joinUDF(results[0])
+}
+
+async function getUserDefinedFields () {
+ const pool = await poolP
+ const [results] = await pool.query(
+ `SELECT ut.usr_id, ud.field_name, ut.value
+ FROM ${database}.udf_definition ud
+ JOIN ${database}.udf_text ut ON ut.field_id = ud.field_id`
)
return results
+}
+
+async function getUserDefinedField (usr_id) {
+ const pool = await poolP
+ const [results] = await pool.query(
+ `SELECT ut.usr_id, ud.field_name, ut.value
+ FROM ${database}.udf_definition ud
+ JOIN ${database}.udf_text ut ON ut.field_id = ud.field_id
+ WHERE ut.usr_id = '${usr_id}'
+ `
+ )
+ return results
+}
+
+/////// obj_id / ref_id ////////////////////////////////////////////////////////////////
+
+async function getObjIdFromRefId (refId) {
+ const pool = await poolP
+ const [results] = await pool.query(
+ `SELECT ref_id, obj_id
+ FROM ${database}.object_reference as obr
+ WHERE obr.ref_id = ${refId}
+ `
+ )
+ return results.length ? results[0] : undefined
+}
+
+async function getRefIdFromObjId (objId) {
+ const pool = await poolP
+ const [results] = await pool.query(
+ `SELECT ref_id, obj_id
+ FROM ${database}.object_reference as obr
+ WHERE obr.obj_id = ${objId}
+ `
+ )
+ return results.length ? results[0] : undefined
}
/////////////////////////////////////////////////////////////////////////
@@ -82,3 +151,63 @@
async function promiseDelay (ms) {
return new Promise(resolve => setTimeout(resolve, ms))
}
+
+async function joinUDF (user) {
+ const fields = await getUserDefinedField(user.usr_id)
+ for (const field of fields) {
+ user[field.field_name] = field.value
+ }
+ return user
+}
+
+/////// Kurs ////////////////////////////////////////////////////////////////
+
+async function getKurse () {
+ const pool = await poolP
+ const q = `SELECT or2.ref_id, or2.obj_id, od.title, od.description, od.type
+ FROM ${database}.object_reference or2
+ INNER JOIN ${database}.object_data od ON od.obj_id = or2.obj_id
+ WHERE od.type = 'crs' AND or2.deleted IS NULL
+ `
+ const [results] = await pool.query(q)
+ return results
+}
+
+// async function getKursByRefId (refId) {
+// const {ref_id, obj_id} = await getObjIdFromRefId(refId)
+// return getKursByObjId(obj_id)
+// }
+
+async function getKursItems (ref_id) {
+ const pool = await poolP
+ // const q = `SELECT or2.ref_id, or2.obj_id, od.title, od.description, od.type
+ // FROM ${database}.object_reference or2
+ // INNER JOIN ${database}.object_data od ON od.obj_id = or2.obj_id
+ // WHERE or2.obj_id = '${obj_id}'
+ // `
+ const q = `SELECT ci.parent_id, or2.ref_id, or2.obj_id, od.title, od.type
+ FROM ${database}.crs_items ci
+ INNER JOIN ${database}.object_reference or2 ON or2.ref_id = ci.obj_id
+ INNER JOIN ${database}.object_data od ON od.obj_id = or2.obj_id
+ WHERE or2.ref_id = ${ref_id} OR parent_id = ${ref_id}
+ `
+ const [results] = await pool.query(q)
+ return results
+ // return results.length ? results[0] : undefined
+}
+
+async function getTeilnehmer (obj_id) {
+ const pool = await poolP
+ const q = `SELECT ci.parent_id, or2.ref_id, or2.obj_id, od.title, od.\`type\`, om.usr_id, ulm.status
+ FROM ${database}.crs_items ci
+ INNER JOIN ${database}.object_reference or2 ON or2.ref_id = ci.obj_id
+ INNER JOIN ${database}.object_data od ON od.obj_id = or2.obj_id
+ INNER JOIN ${database}.obj_members om ON om.obj_id = or2.obj_id
+ INNER JOIN ${database}.ut_lp_marks ulm
+ ON ulm.obj_id = or2.obj_id AND ulm.usr_id = om.usr_id
+ WHERE (or2.ref_id = ${obj_id}
+ OR parent_id = ${obj_id}) # Fliesenratgeber #AND om.usr_id = 6573 # Holger Börner / nicht-bestanden -
+ `
+ const [results] = await pool.query(q)
+ return results
+}
--
Gitblit v1.8.0