From 772ba8ecba4edfff899aeaeb9fb623dfcc9ffaf1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nguy=E1=BB=85n=20Tu=E1=BA=A5n=20D=C5=A9ng?= Date: Thu, 7 Mar 2019 14:23:15 +0700 Subject: [PATCH 1/7] Fix incorrect `count` variable --- src/data/database.js | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/data/database.js b/src/data/database.js index 3fd66c41..7c39cbaf 100644 --- a/src/data/database.js +++ b/src/data/database.js @@ -244,9 +244,11 @@ async function updateUserPassword(user_id, old_pass, new_pass) { /** * Count number of submissions */ -function countSubmissions() { +function countSubmissions(user_id) { + let query = {}; + if (user_id) query = { user_id }; return new Promise((resolve, reject) => { - db.submissions.count({}, function(err, count) { + db.submissions.count(query, function(err, count) { if (err) reject(err); else resolve(count); }); @@ -356,7 +358,7 @@ function readSubmission(sub_id) { */ async function readUserSubmission(user_id, page, size, count) { const username = await readUserByID(user_id); - const maxSize = await countSubmissions(); + const maxSize = await countSubmissions(user_id); ({ page, size, count } = verifySubsQuery(page, size, count, maxSize)); return new Promise((resolve, reject) => { From 1e3b9650b097848a32e8144f5fc6a45b1f9514b4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nguy=E1=BB=85n=20Tu=E1=BA=A5n=20D=C5=A9ng?= Date: Thu, 7 Mar 2019 14:48:00 +0700 Subject: [PATCH 2/7] Fix incorrect username returned --- src/data/database.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/data/database.js b/src/data/database.js index 7c39cbaf..c041e899 100644 --- a/src/data/database.js +++ b/src/data/database.js @@ -357,7 +357,7 @@ function readSubmission(sub_id) { * @returns {Promise>} Array of user's submissions if success */ async function readUserSubmission(user_id, page, size, count) { - const username = await readUserByID(user_id); + const userData = await readUserByID(user_id); const maxSize = await countSubmissions(user_id); ({ page, size, count } = verifySubsQuery(page, size, count, maxSize)); @@ -383,7 +383,7 @@ async function readUserSubmission(user_id, page, size, count) { if (err) reject(err); else { let serialized = docs.map((doc) => { - doc.username = username; + doc.username = userData.username; return doc; }); resolve({ From 576ab5afe02556e27f9aab610c0ccdd9751aa379 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nguy=E1=BB=85n=20Tu=E1=BA=A5n=20D=C5=A9ng?= Date: Thu, 7 Mar 2019 14:57:41 +0700 Subject: [PATCH 3/7] Add username in return of readSubmission --- src/data/database.js | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/src/data/database.js b/src/data/database.js index c041e899..1d9ef5d4 100644 --- a/src/data/database.js +++ b/src/data/database.js @@ -341,7 +341,15 @@ function readSubmission(sub_id) { if (err) reject(err); else if (docs === null) reject(new Error(`Invalid Submission's ID: ${sub_id}`)); - else resolve(docs); + + readUserByID(docs.user_id) + .then((res) => { + docs.username = res.username; + resolve(docs); + }) + .catch((err) => { + reject(err); + }); } ); }); From a877ce965a8fc2a011d1acee90d46a48a038b7f4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nguy=E1=BB=85n=20Tu=E1=BA=A5n=20D=C5=A9ng?= Date: Thu, 7 Mar 2019 15:11:37 +0700 Subject: [PATCH 4/7] Still resolve even if user_id is invalid --- src/data/database.js | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/src/data/database.js b/src/data/database.js index 1d9ef5d4..51d6623e 100644 --- a/src/data/database.js +++ b/src/data/database.js @@ -345,10 +345,9 @@ function readSubmission(sub_id) { readUserByID(docs.user_id) .then((res) => { docs.username = res.username; - resolve(docs); }) - .catch((err) => { - reject(err); + .finally(() => { + resolve(docs); }); } ); From d94d5e834995e57baee03f7c4f6335a166f712e3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nguy=E1=BB=85n=20Tu=E1=BA=A5n=20D=C5=A9ng?= Date: Thu, 7 Mar 2019 15:12:01 +0700 Subject: [PATCH 5/7] Allow admin to read seperate submissions --- src/routes/subs.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/routes/subs.js b/src/routes/subs.js index 5382f752..e9435892 100644 --- a/src/routes/subs.js +++ b/src/routes/subs.js @@ -56,7 +56,8 @@ router router.get("/:id", (req, res) => { readSubmission(req.params.id).then( (docs) => { - if (docs.user_id === req.user._id) res.send(docs); + if (docs.user_id === req.user._id || req.user.isAdmin) + res.send(docs); else res.sendStatus(401); }, (err) => { From 18fb5218e6b32e1da986e4dedca7d6feef51544f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nguy=E1=BB=85n=20Tu=E1=BA=A5n=20D=C5=A9ng?= Date: Thu, 7 Mar 2019 15:20:50 +0700 Subject: [PATCH 6/7] Add else to do the right condition --- src/data/database.js | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/src/data/database.js b/src/data/database.js index 51d6623e..295e7523 100644 --- a/src/data/database.js +++ b/src/data/database.js @@ -341,14 +341,14 @@ function readSubmission(sub_id) { if (err) reject(err); else if (docs === null) reject(new Error(`Invalid Submission's ID: ${sub_id}`)); - - readUserByID(docs.user_id) - .then((res) => { - docs.username = res.username; - }) - .finally(() => { - resolve(docs); - }); + else + readUserByID(docs.user_id) + .then((res) => { + docs.username = res.username; + }) + .finally(() => { + resolve(docs); + }); } ); }); From 349a874b3c351751f9f525a3cf77f1b716a07c48 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nguy=E1=BB=85n=20Tu=E1=BA=A5n=20D=C5=A9ng?= Date: Thu, 7 Mar 2019 16:09:39 +0700 Subject: [PATCH 7/7] Seperate function --- src/data/database.js | 25 +++++++++++++++++++------ 1 file changed, 19 insertions(+), 6 deletions(-) diff --git a/src/data/database.js b/src/data/database.js index 295e7523..fdb50999 100644 --- a/src/data/database.js +++ b/src/data/database.js @@ -244,11 +244,22 @@ async function updateUserPassword(user_id, old_pass, new_pass) { /** * Count number of submissions */ -function countSubmissions(user_id) { - let query = {}; - if (user_id) query = { user_id }; +function countAllSubmissions() { return new Promise((resolve, reject) => { - db.submissions.count(query, function(err, count) { + db.submissions.count({}, function(err, count) { + if (err) reject(err); + else resolve(count); + }); + }); +} + +/** + * Count number of submissions from user_id + * @param {String} user_id User's ID + */ +function countUserSubmissions(user_id) { + return new Promise((resolve, reject) => { + db.submissions.count({ user_id }, function(err, count) { if (err) reject(err); else resolve(count); }); @@ -274,7 +285,7 @@ function verifySubsQuery(page, size, count, maxSize) { * @returns {Promise>} Array of submission if success */ async function readAllSubmissions(page, size, count) { - const maxSize = await countSubmissions(); + const maxSize = await countAllSubmissions(); ({ page, size, count } = verifySubsQuery(page, size, count, maxSize)); return new Promise((resolve, reject) => { @@ -365,7 +376,7 @@ function readSubmission(sub_id) { */ async function readUserSubmission(user_id, page, size, count) { const userData = await readUserByID(user_id); - const maxSize = await countSubmissions(user_id); + const maxSize = await countUserSubmissions(user_id); ({ page, size, count } = verifySubsQuery(page, size, count, maxSize)); return new Promise((resolve, reject) => { @@ -563,6 +574,8 @@ module.exports = { readUserPassHash, updateUserName, updateUserPassword, + countAllSubmissions, + countUserSubmissions, readAllSubmissions, readSubmission, readUserSubmission,