budibase/packages/server/middleware/routers.js

const Router = require("koa-router");
const session = require("./session");
const StatusCodes = require("../utilities/statusCodes");
module.exports = (config, app) => {

    const router = new Router();

    router
    /*.use(async (ctx) => {
        if(!await ctx.master.getApplication(ctx.params.appname)) {
            ctx.throw(StatusCodes.NOT_FOUND, `could not find app named ${ctx.params.appname}`);
        }
    })*/
    .use(session(config, app))
    .use(async (ctx, next) => {
        ctx.sessionId = ctx.session._sessCtx.externalKey;
        ctx.session.accessed = true;
        await next();
    })
    .get("/:appname", async (ctx) => {
        ctx.response.status = StatusCodes.OK;
        ctx.response.body = "UI Served Here";
    })
    .post("/:appname/api/authenticate", async (ctx, next) => {
        const user = await ctx.master.authenticate(
            ctx.sessionId,
            ctx.params.appname,
            ctx.request.body.username,
            ctx.request.body.password
        );
        if(!user) {
            ctx.throw(StatusCodes.UNAUTHORIZED, "invalid username or password");
        } 

        ctx.response.status = StatusCodes.OK;
    })
    .post("/:appname/api/setPasswordFromTemporaryCode", async (ctx) => {
        const instanceApi = await ctx.master.getFullAccessInstanceApiForUsername(
            ctx.params.appname,
            ctx.request.body.username
        );

        await instanceApi.authApi.setPasswordFromTemporaryCode(
            ctx.request.body.tempCode,
            ctx.request.body.newpassword); 

        ctx.response.status = StatusCodes.OK;
    })
    .post("/:appname/api/createTemporaryAccess", async (ctx) => {
        const instanceApi = await ctx.master.getFullAccessInstanceApiForUsername(
            ctx.params.appname,
            ctx.request.body.username
        );

        await instanceApi.authApi.createTemporaryAccess(
            ctx.request.body.username);
        
        ctx.response.status = StatusCodes.OK;
    })
    .use(async (ctx, next) => {

        const pathParts = ctx.path.split("/");

        if(pathParts.length < 2) {
            ctx.throw(StatusCodes.NOT_FOUND, "App Name not declared");
        }

        ctx.instance = await ctx.master.getInstanceApiForSession(
            pathParts[1],
            ctx.sessionId);

        await next();
    })
    .post("/:appname/api/changeMyPassword", async (ctx) => {
        await ctx.instance.authApi.changeMyPassword(
            ctx.request.body.currentPassword,
            ctx.request.body.newPassword
        );
        ctx.response.status = StatusCodes.OK;
    })
    .post("/:appname/api/changeMyPassword", async (ctx) => {
        await ctx.instance.authApi.changeMyPassword(
            ctx.request.body.currentPassword,
            ctx.request.body.newPassword
        );
        ctx.response.status = StatusCodes.OK;
    })
    .post("/:appname/api/executeAction/:actionname", async (ctx) => {
        ctx.body = await ctx.instance.actionApi.execute(
            ctx.request.body.actionname,
            ctx.request.body.parameters);
        ctx.response.status = StatusCodes.OK;
    })
    .post("/:appname/api/createUser", async (ctx) => {
        await ctx.instance.authApi.createUser(
            ctx.request.body.user,
            ctx.request.body.password
        );

        ctx.response.status = StatusCodes.OK;
    })
    .post("/:appname/api/enableUser", async (ctx) => {
        await ctx.instance.authApi.enableUser(
            ctx.request.body.username);
        ctx.response.status = StatusCodes.OK;
    })
    .post("/:appname/api/disableUser", async (ctx) => {
        await ctx.instance.authApi.disableUser(
            ctx.request.body.username);

        await ctx.master.removeSessionsForUser(
            ctx.params.appname,
            ctx.request.body.username
        );
        ctx.response.status = StatusCodes.OK;
    })
    .get("/:appname/api/users", async (ctx) => {
        ctx.body = await ctx.instance.authApi.getUsers();
        ctx.response.status = StatusCodes.OK;
    })
    .get("/:appname/api/accessLevels", async (ctx) => {
        ctx.body = await ctx.instance.authApi.getAccessLevels();
        ctx.response.status = StatusCodes.OK;
    })
    .post("/:appname/api/listRecords/:indexkey", async (ctx) => {
        ctx.body = await ctx.instance.indexApi.listItems(
            ctx.request.body.indexKey,
            {
                rangeStartParams:ctx.request.body.rangeStartParams, 
                rangeEndParams:ctx.request.body.rangeEndParams, 
                searchPhrase:ctx.request.body.searchPhrase
            }
        );
        ctx.response.status = StatusCodes.OK;
    })
    .post("/:appname/api/aggregates/:indexkey", async (ctx) => {
        ctx.body = await ctx.instance.indexApi.aggregates(
            ctx.request.body.indexKey,
            {
                rangeStartParams:ctx.request.body.rangeStartParams, 
                rangeEndParams:ctx.request.body.rangeEndParams, 
                searchPhrase:ctx.request.body.searchPhrase
            }
        );
        ctx.response.status = StatusCodes.OK;
    })
    .post("/:appname/api/record/:recordkey", async (ctx) => {
        ctx.body = await ctx.instance.recordApi.save(
            ctx.request.body
        );
        ctx.response.status = StatusCodes.OK;
    })
    .get("/:appname/api/record/:recordkey", async (ctx) => {
        ctx.body = await ctx.instance.recordApi.load(
            ctx.params.recordKey
        );
        ctx.response.status = StatusCodes.OK;
    })
    .del("/:appname/api/record/:recordkey", async (ctx) => {
        await ctx.instance.recordApi.delete(
            ctx.params.recordKey
        );
        ctx.response.status = StatusCodes.OK;
    })
    .post("/:appname/api/appHeirarchy", async (ctx) => {
        ctx.body = await ctx.instance.templateApi.saveApplicationHeirarchy(
            ctx.body
        );
        ctx.response.status = StatusCodes.OK;
    })
    .post("/:appname/api/actionsAndTriggers", async (ctx) => {
        ctx.body = await ctx.instance.templateApi.saveApplicationHeirarchy(
            ctx.body
        );
        ctx.response.status = StatusCodes.OK;
    })
    .get("/:appname/api/appDefinition", async (ctx) => {
        ctx.body = await ctx.instance.templateApi.saveActionsAndTriggers(
            ctx.body
        );
        ctx.response.status = StatusCodes.OK;
    });

    return router;
}

/*
front end get authenticateTemporaryAccess {}
*/
server - first passing tests 2019-06-14 21:05:46 +12:00			`const Router = require("koa-router");`
			`const session = require("./session");`
			`const StatusCodes = require("../utilities/statusCodes");`
			`module.exports = (config, app) => {`

authentication tests 2019-06-15 04:01:01 +12:00			`const router = new Router();`
server - first passing tests 2019-06-14 21:05:46 +12:00
			`router`
authentication tests 2019-06-15 04:01:01 +12:00			`/*.use(async (ctx) => {`
			`if(!await ctx.master.getApplication(ctx.params.appname)) {`
			ctx.throw(StatusCodes.NOT_FOUND, `could not find app named ${ctx.params.appname}`);
			`}`
			`})*/`
			`.use(session(config, app))`
			`.use(async (ctx, next) => {`
			`ctx.sessionId = ctx.session._sessCtx.externalKey;`
			`ctx.session.accessed = true;`
			`await next();`
			`})`
			`.get("/:appname", async (ctx) => {`
			`ctx.response.status = StatusCodes.OK;`
			`ctx.response.body = "UI Served Here";`
			`})`
			`.post("/:appname/api/authenticate", async (ctx, next) => {`
server - first passing tests 2019-06-14 21:05:46 +12:00			`const user = await ctx.master.authenticate(`
authentication tests 2019-06-15 04:01:01 +12:00			`ctx.sessionId,`
server - first passing tests 2019-06-14 21:05:46 +12:00			`ctx.params.appname,`
			`ctx.request.body.username,`
			`ctx.request.body.password`
			`);`
			`if(!user) {`
			`ctx.throw(StatusCodes.UNAUTHORIZED, "invalid username or password");`
			`}`
authentication tests 2019-06-15 04:01:01 +12:00
			`ctx.response.status = StatusCodes.OK;`
server - first passing tests 2019-06-14 21:05:46 +12:00			`})`
authentication tests 2019-06-15 04:01:01 +12:00			`.post("/:appname/api/setPasswordFromTemporaryCode", async (ctx) => {`
all http endpoints completed (not tested) 2019-06-17 09:17:22 +12:00			`const instanceApi = await ctx.master.getFullAccessInstanceApiForUsername(`
			`ctx.params.appname,`
			`ctx.request.body.username`
			`);`

			`await instanceApi.authApi.setPasswordFromTemporaryCode(`
			`ctx.request.body.tempCode,`
			`ctx.request.body.newpassword);`

			`ctx.response.status = StatusCodes.OK;`
filling out server endpoints 2019-06-16 10:55:32 +12:00			`})`
			`.post("/:appname/api/createTemporaryAccess", async (ctx) => {`
all http endpoints completed (not tested) 2019-06-17 09:17:22 +12:00			`const instanceApi = await ctx.master.getFullAccessInstanceApiForUsername(`
			`ctx.params.appname,`
			`ctx.request.body.username`
			`);`

			`await instanceApi.authApi.createTemporaryAccess(`
			`ctx.request.body.username);`
filling out server endpoints 2019-06-16 10:55:32 +12:00
all http endpoints completed (not tested) 2019-06-17 09:17:22 +12:00			`ctx.response.status = StatusCodes.OK;`
server - first passing tests 2019-06-14 21:05:46 +12:00			`})`
authentication tests 2019-06-15 04:01:01 +12:00			`.use(async (ctx, next) => {`

			`const pathParts = ctx.path.split("/");`

			`if(pathParts.length < 2) {`
			`ctx.throw(StatusCodes.NOT_FOUND, "App Name not declared");`
			`}`
server - first passing tests 2019-06-14 21:05:46 +12:00
authentication tests 2019-06-15 04:01:01 +12:00			`ctx.instance = await ctx.master.getInstanceApiForSession(`
			`pathParts[1],`
			`ctx.sessionId);`

			`await next();`
server - first passing tests 2019-06-14 21:05:46 +12:00			`})`
filling out server endpoints 2019-06-16 10:55:32 +12:00			`.post("/:appname/api/changeMyPassword", async (ctx) => {`
			`await ctx.instance.authApi.changeMyPassword(`
			`ctx.request.body.currentPassword,`
			`ctx.request.body.newPassword`
			`);`
			`ctx.response.status = StatusCodes.OK;`
			`})`
			`.post("/:appname/api/changeMyPassword", async (ctx) => {`
			`await ctx.instance.authApi.changeMyPassword(`
			`ctx.request.body.currentPassword,`
			`ctx.request.body.newPassword`
			`);`
			`ctx.response.status = StatusCodes.OK;`
			`})`
authentication tests 2019-06-15 04:01:01 +12:00			`.post("/:appname/api/executeAction/:actionname", async (ctx) => {`
filling out server endpoints 2019-06-16 10:55:32 +12:00			`ctx.body = await ctx.instance.actionApi.execute(`
			`ctx.request.body.actionname,`
			`ctx.request.body.parameters);`
			`ctx.response.status = StatusCodes.OK;`
server - first passing tests 2019-06-14 21:05:46 +12:00			`})`
authentication tests 2019-06-15 04:01:01 +12:00			`.post("/:appname/api/createUser", async (ctx) => {`
			`await ctx.instance.authApi.createUser(`
			`ctx.request.body.user,`
			`ctx.request.body.password`
			`);`
server - first passing tests 2019-06-14 21:05:46 +12:00
authentication tests 2019-06-15 04:01:01 +12:00			`ctx.response.status = StatusCodes.OK;`
server - first passing tests 2019-06-14 21:05:46 +12:00			`})`
authentication tests 2019-06-15 04:01:01 +12:00			`.post("/:appname/api/enableUser", async (ctx) => {`
filling out server endpoints 2019-06-16 10:55:32 +12:00			`await ctx.instance.authApi.enableUser(`
			`ctx.request.body.username);`
			`ctx.response.status = StatusCodes.OK;`
server - first passing tests 2019-06-14 21:05:46 +12:00			`})`
authentication tests 2019-06-15 04:01:01 +12:00			`.post("/:appname/api/disableUser", async (ctx) => {`
filling out server endpoints 2019-06-16 10:55:32 +12:00			`await ctx.instance.authApi.disableUser(`
			`ctx.request.body.username);`
streaming issue... 2019-06-20 09:05:53 +12:00
			`await ctx.master.removeSessionsForUser(`
			`ctx.params.appname,`
			`ctx.request.body.username`
			`);`
filling out server endpoints 2019-06-16 10:55:32 +12:00			`ctx.response.status = StatusCodes.OK;`
server - first passing tests 2019-06-14 21:05:46 +12:00			`})`
authentication tests 2019-06-15 04:01:01 +12:00			`.get("/:appname/api/users", async (ctx) => {`
more session testing 2019-06-15 10:03:01 +12:00			`ctx.body = await ctx.instance.authApi.getUsers();`
			`ctx.response.status = StatusCodes.OK;`
server - first passing tests 2019-06-14 21:05:46 +12:00			`})`
authentication tests 2019-06-15 04:01:01 +12:00			`.get("/:appname/api/accessLevels", async (ctx) => {`
filling out server endpoints 2019-06-16 10:55:32 +12:00			`ctx.body = await ctx.instance.authApi.getAccessLevels();`
			`ctx.response.status = StatusCodes.OK;`
server - first passing tests 2019-06-14 21:05:46 +12:00			`})`
authentication tests 2019-06-15 04:01:01 +12:00			`.post("/:appname/api/listRecords/:indexkey", async (ctx) => {`
filling out server endpoints 2019-06-16 10:55:32 +12:00			`ctx.body = await ctx.instance.indexApi.listItems(`
			`ctx.request.body.indexKey,`
			`{`
			`rangeStartParams:ctx.request.body.rangeStartParams,`
			`rangeEndParams:ctx.request.body.rangeEndParams,`
			`searchPhrase:ctx.request.body.searchPhrase`
			`}`
			`);`
			`ctx.response.status = StatusCodes.OK;`
server - first passing tests 2019-06-14 21:05:46 +12:00			`})`
filling out server endpoints 2019-06-16 10:55:32 +12:00			`.post("/:appname/api/aggregates/:indexkey", async (ctx) => {`
			`ctx.body = await ctx.instance.indexApi.aggregates(`
			`ctx.request.body.indexKey,`
			`{`
			`rangeStartParams:ctx.request.body.rangeStartParams,`
			`rangeEndParams:ctx.request.body.rangeEndParams,`
			`searchPhrase:ctx.request.body.searchPhrase`
			`}`
			`);`
			`ctx.response.status = StatusCodes.OK;`
server - first passing tests 2019-06-14 21:05:46 +12:00			`})`
authentication tests 2019-06-15 04:01:01 +12:00			`.post("/:appname/api/record/:recordkey", async (ctx) => {`
filling out server endpoints 2019-06-16 10:55:32 +12:00			`ctx.body = await ctx.instance.recordApi.save(`
			`ctx.request.body`
			`);`
			`ctx.response.status = StatusCodes.OK;`
server - first passing tests 2019-06-14 21:05:46 +12:00			`})`
authentication tests 2019-06-15 04:01:01 +12:00			`.get("/:appname/api/record/:recordkey", async (ctx) => {`
filling out server endpoints 2019-06-16 10:55:32 +12:00			`ctx.body = await ctx.instance.recordApi.load(`
			`ctx.params.recordKey`
			`);`
			`ctx.response.status = StatusCodes.OK;`
server - first passing tests 2019-06-14 21:05:46 +12:00			`})`
authentication tests 2019-06-15 04:01:01 +12:00			`.del("/:appname/api/record/:recordkey", async (ctx) => {`
filling out server endpoints 2019-06-16 10:55:32 +12:00			`await ctx.instance.recordApi.delete(`
			`ctx.params.recordKey`
			`);`
			`ctx.response.status = StatusCodes.OK;`
server - first passing tests 2019-06-14 21:05:46 +12:00			`})`
authentication tests 2019-06-15 04:01:01 +12:00			`.post("/:appname/api/appHeirarchy", async (ctx) => {`
filling out server endpoints 2019-06-16 10:55:32 +12:00			`ctx.body = await ctx.instance.templateApi.saveApplicationHeirarchy(`
			`ctx.body`
			`);`
			`ctx.response.status = StatusCodes.OK;`
server - first passing tests 2019-06-14 21:05:46 +12:00			`})`
authentication tests 2019-06-15 04:01:01 +12:00			`.post("/:appname/api/actionsAndTriggers", async (ctx) => {`
filling out server endpoints 2019-06-16 10:55:32 +12:00			`ctx.body = await ctx.instance.templateApi.saveApplicationHeirarchy(`
			`ctx.body`
			`);`
			`ctx.response.status = StatusCodes.OK;`
authentication tests 2019-06-15 04:01:01 +12:00			`})`
filling out server endpoints 2019-06-16 10:55:32 +12:00			`.get("/:appname/api/appDefinition", async (ctx) => {`
			`ctx.body = await ctx.instance.templateApi.saveActionsAndTriggers(`
			`ctx.body`
			`);`
			`ctx.response.status = StatusCodes.OK;`
authentication tests 2019-06-15 04:01:01 +12:00			`});`
server - first passing tests 2019-06-14 21:05:46 +12:00
			`return router;`
			`}`

			`/*`
			`front end get authenticateTemporaryAccess {}`
			`*/`