diff --git a/index.js b/index.js index 281dee3..61dbc53 100644 --- a/index.js +++ b/index.js @@ -8,10 +8,17 @@ if (!fs.existsSync(prankPath)) { fs.writeFileSync(prankPath, "{}"); } +var activityPath = "activitydata.txt"; +if (!fs.existsSync(activityPath)) { + fs.writeFileSync(activityPath, "{}"); +} + let PrankData = JSON.parse(fs.readFileSync(prankPath)); +let ActivityData = JSON.parse(fs.readFileSync(activityPath)); let AdminUsersUid = ["asyncnomi", "johan", "enthalpine", "fas", "arina", "billy", "remi", "pierre", "matmaz", "", "", ""]; let UsersToken = {}; let TokenDurationSecond = 3600; +let MaxAmountCrepe = 10; var ldapConf = JSON.parse(fs.readFileSync("ldap-conf.json")); var LDAP = new LdapAuth({ @@ -86,31 +93,56 @@ fastify.post('/addPrank', async (request, reply) => { let auth = checkAuthetification(content); if (auth.success) { if ("type" in content) { + let prankUid = makeid(16); + if ("prankUid" in content) { + let prankExists = checkPrank(content) + if (prankExists.success) { + if (PrankData[prankUid].state != "Pending") { + return { + success: false, + why: "You cannot edit already accepted prank request" + } + } else { + prankUid = content.prankUid; + } + } else { + return prankExists; + } + } let note = ("note" in content) ? content.note : "N/A"; switch (content.type) { case "crêpe": if ("where" in content - && "amount" in content) { - let prankUid = makeid(16); - PrankData[prankUid] = { - creator: content.uid, - type: content.type, - where: content.where, - amount: content.amount, - note: content.note, - state: "Pending", - manageBy: null - } - saveData(); - return { - sucess: true, - uid: prankUid, - newPrank: PrankData[prankUid] + && "amount" in content + && "supplement" in content) { + if (amound < MaxAmountCrepe) { + let prankUid = makeid(16); + PrankData[prankUid] = { + creator: content.uid, + type: content.type, + where: content.where, + amount: content.amount, + supplement: content.supplement, + note: content.note, + state: "Pending", + manageBy: null + } + saveData(prankPath, PrankData); + return { + sucess: true, + uid: prankUid, + prank: PrankData[prankUid] + } + } else { + return { + success: false, + why: "Too much" + } } } else { return { success: false, - why: "Missing amount or where" + why: "Missing amount, where or supplement" } } break; @@ -127,11 +159,11 @@ fastify.post('/addPrank', async (request, reply) => { state: "Pending", manageBy: null } - saveData(); + saveData(prankPath, PrankData); return { sucess: true, uid: prankUid, - newPrank: PrankData[prankUid] + prank: PrankData[prankUid] } } else { return { @@ -230,14 +262,85 @@ fastify.post('/refusePrank', async (request, reply) => { } }) -fastify.post('/getPrank', async (request, reply) => { +fastify.post('/get', async (request, reply) => { + let content = request.body; + let auth = checkAuthetification(content); + if (auth.success) { + if ("type" in content) { + switch (content.type) { + case "prank": + if (AdminUsersUid.includes(content.uid)) { + return { + sucess: true, + prankData: PrankData + } + } else { + return { + success: false, + why: "Not Allowed" + } + } + break; + case "activity": + return { + sucess: true, + prankData: ActivityData + } + break; + default: + return { + success: false, + why: "Unknown type" + } + } + } else { + return { + success: false, + why: "Missing type" + } + } + } else { + return auth + } +}) + +fastify.post('/addActivity', async (request, reply) => { let content = request.body; let auth = checkAuthetification(content); if (auth.success) { if (AdminUsersUid.includes(content.uid)) { - return { - sucess: true, - prankData: PrankData + if ("title" in content + && "desc" in content + && "start" in content + && "end" in content + && "where" in content) { + let activityUid = makeid(16); + if ("activityUid" in content) { + let activityExists = checkActivity(content) + if (activityExists.success) { + activityUid = content.activityUid; + } else { + return activityExists; + } + } + ActivityData[activityUid] = { + title: content.title, + desc: content.desc, + start: content.start, + end: content.end, + where: content.where + } + saveData(activityPath, ActivityData); + return { + sucess: true, + uid: activityUid, + activity: ActivityData[activityUid] + } + } else { + return { + success: false, + why: "Missing title, desc, start, end or where" + } } } else { return { @@ -245,14 +348,34 @@ fastify.post('/getPrank', async (request, reply) => { why: "Not Allowed" } } + } +}) + +fastify.post('/delActivity', async (request, reply) => { + let content = request.body; + let auth = checkAuthetification(content); + if (auth.success) { + if (AdminUsersUid.includes(content.uid)) { + let activityExists = checkActivity(content) + if (activityExists.success) { + delete ActivityData[content.activityUid] + } else { + return activityExists + } + } else { + return { + success: false, + why: "Not allowed" + } + } } else { return auth } }) -function saveData() { - fs.writeFileSync(prankPath, JSON.stringify(PrankData)); +function saveData(path, data) { + fs.writeFileSync(path, JSON.stringify(data)); } function authenticate(user, pwd) { @@ -318,6 +441,26 @@ function checkPrank(content) { } } +function checkActivity(content) { + if ("activityUid" in content) { + if (content.activityUid in ActivityData) { + return { + success: true, + } + } else { + return { + success: false, + why: "Unknow activityUid" + } + } + } else { + return { + success: false, + why: "Missing activityUid" + } + } +} + function checkManagePrank(content) { let auth = checkAuthetification(content); if (auth.success) {