// @ts-check
/**
* @import {ExpressRequestAuthorized, ExpressResponse} from '../../types.js'
*/
import {UUID2hex} from '@commtool/sql-query'
import * as service from './service.js'
import {query,pool} from '@commtool/sql-query'
import {requestUpdateLogger, readLogger, errorLoggerRead, errorLoggerUpdate} from '../../utils/requestLogger.js'
import { isAdmin, isListAdmin } from '../../utils/authChecks.js';
/**
* Controller for PUT /list/:owner
* @param {ExpressRequestAuthorized} req
* @param {ExpressResponse} res
*/
export const putListOwner = async (req,res)=>{
try{
const ownerUID=UUID2hex(req.params.owner)
const result= await service.insertList(req,ownerUID,'list')
res.json(result)
}
catch(e){
errorLoggerUpdate(e)
}
}
/**
* Controller for PUT /dlist/:owner
* @param {ExpressRequestAuthorized} req
* @param {ExpressResponse} res
*/
export const putDlistOwner = async (req,res)=>{
try{
const ownerUID=UUID2hex(req.params.owner)
const result= await service.insertList(req,ownerUID,'dlist')
res.json(result)
}
catch(e){
errorLoggerUpdate(e)
}
}
/**
* Controller for POST /list/:UID
* @param {ExpressRequestAuthorized} req
* @param {ExpressResponse} res
*/
export const postListUID = async (req,res)=>{
try{
if(!await isListAdmin(req,req.params.UID)){
res.json({message: 'user not authorized', success: false})
return
}
const UID=UUID2hex(req.params.UID)
const result= await service.updateList(req,UID,'list')
res.json(result)
}
catch(e){
errorLoggerUpdate(e)
}
}
/**
* Controller for POST /dlist/:UID
* @param {ExpressRequestAuthorized} req
* @param {ExpressResponse} res
*/
export const postDlistUID = async (req,res)=>{
try{
if(!await isListAdmin(req,req.params.UID)){
res.json({message: 'user not authorized', success: false})
return
}
const UID=UUID2hex(req.params.UID)
const result= await service.updateList(req,UID,'dlist')
res.json(result)
}
catch(e){
errorLoggerUpdate(e)
}
}
/**
* Controller for GET /dlist/:UID
* @param {ExpressRequestAuthorized} req
* @param {ExpressResponse} res
*/
export const getDlistUID = async (req,res)=>{
try{
const UID=UUID2hex(req.params.UID)
const result= await service.getList(req,UID,'dlist')
res.json(result)
}
catch(e){
errorLoggerRead(e)
}
}
/**
* Controller for GET /list/:UID
* @param {ExpressRequestAuthorized} req
* @param {ExpressResponse} res
*/
export const getListUID = async (req,res)=>{
try{
const UID=UUID2hex(req.params.UID)
const result= await service.getList(req,UID,'list')
res.json(result)
}
catch(e){
errorLoggerRead(e)
}
}
/**
* Controller for DELETE /list/:UID
* @param {ExpressRequestAuthorized} req
* @param {ExpressResponse} res
*/
export const deleteListUID = async (req,res)=>{
try{
const result=await service.deleteList(req,'list')
res.json(result)
}
catch(e){
errorLoggerUpdate(e)
}
}
/**
* Controller for DELETE /dlist/:UID
* @param {ExpressRequestAuthorized} req
* @param {ExpressResponse} res
*/
export const deleteDlistUID = async (req,res)=>{
try{
const result=await service.deleteList(req,'dlist')
res.json(result)
}
catch(e){
errorLoggerUpdate(e)
}
}
/**
* Controller for GET /list/
* @param {ExpressRequestAuthorized} req
* @param {ExpressResponse} res
*/
export const listRootGet = async (req,res)=>{
try{
let type=['list','dlist','email']
let authReq;
try{
authReq = /** @type {ExpressRequestAuthorized} */ (/** @type {unknown} */ (req));
if (req.query.type) {
const t = req.query.type;
if (Array.isArray(t)) {
type = t.map(v => String(v));
} else {
try {
type = JSON.parse(String(t));
}
catch (e) {
type = [String(t)];
}
}
}
}
catch(e){
// fallback: keep default type
}
let dataFields=""
if(req.query.Data)
{
if(req.query.Data==='all')
{
dataFields+=`,Member.Data AS Data`
}
else
{
let fields=[]
try
{
fields= req.query.Data ? JSON.parse(String(req.query.Data)) : null
}
catch(e)
{
fields[0]=[req.query.Data]
}
for(const field of fields)
{
if(field.query)
dataFields+= `,JSON_QUERY(Member.Data,${pool.escape(field.path)}) AS ${pool.escape(field.alias)}`
else
dataFields+= `,JSON_VALUE(Member.Data,${pool.escape(field.path)}) AS ${pool.escape(field.alias)}`
}
}
if(req.query.ExtraData)
{
dataFields += `,ObjectBase.Data AS ExtraData`
}
}
let visibility=` AND Visible.UIDUser=U_UUID2BIN('${authReq.session.user}')`
if(req.query.all && await isAdmin(authReq.session))
{
visibility= ''
}
type=type.filter(el=>(['list','dlist','email'].includes(el)))
const result= await query(`
SELECT
Main.UID, Main.Type, Main.UIDBelongsTo, Main.Title ,Member.Display , Member.SortName ,
pgroup.UID AS UIDgroup , ListMember.Display AS member, ListMember.UID AS UIDmember,
CONCAT(pgroup.Title ,' ', pmember.Display) AS pGroup,
Main.hierarchie, Main.stage, Main.gender, Main.dindex, UNIX_TIMESTAMP(Main.validFrom) AS validFrom
${dataFields}
FROM
ObjectBase AS Main
INNER JOIN Member ON (Member.UID=Main.UID)
LEFT JOIN (ObjectBase AS pgroup
INNER JOIN Member AS pmember ON (pmember.UID=pgroup.UID)
INNER JOIN Links AS GLink
ON (GLink.UIDTarget = pgroup.UID )
)
ON (GLink.UID =Main.UID AND GLink.Type ='memberA')
LEFT JOIN (Member AS ListMember
INNER JOIN Links AS MLink
ON (MLink.UIDTarget = ListMember.UID )
)
ON (MLink.UID =Main.UID AND MLink.Type ='member')
INNER JOIN Links ON ( Links.UID=Main.UID AND Links.Type IN('member','memberA'))
INNER JOIN Visible ON (Visible.UID=Main.UID)
WHERE
Main.Type IN (?) ${visibility}
GROUP BY
Main.UID
ORDER BY
Main.validFrom DESC
`,[type,UUID2hex(authReq.session.user)],{cast:['UUID','json']})
res.json({success:true, result:result})
}
catch(e){
errorLoggerRead(e)
}
}
/**
* Controller for GET /list/admin/:UID
* @param {ExpressRequestAuthorized} req
* @param {ExpressResponse} res
*/
export const adminListCheck = async (req,res)=>{
try{
const admin= await isListAdmin(req,req.params.UID)
res.json({success:true, result:admin})
}
catch(e){
errorLoggerRead(e)
}
}
/**
* Controller for GET /dlist/admin/:UID
* @param {ExpressRequestAuthorized} req
* @param {ExpressResponse} res
*/
export const adminDlistCheck = async (req,res)=>{
try{
const admin= await isListAdmin(req,req.params.UID)
res.json({success:true, result:admin})
}
catch(e){
errorLoggerRead(e)
}
}