/* global __appdir */ var path = require('path') var db = require(path.join(__appdir, 'lib', 'sequelize')) var groupHelper = require(path.join(__appdir, 'lib', 'grouphelper')) var express = require('express') const { decorateApp } = require('@awaitjs/express') var router = decorateApp(express.Router()) const zmq = require('zeromq') const socket = zmq.socket('push') socket.connect('ipc:///tmp/bas_zeromq_events') const log = require(path.join(__appdir, 'lib', 'log')) const HttpResponse = require(path.join(__appdir, 'lib', 'httpresponse')) // Permission check middleware router.all(['', '/:x'], async (req, res, next) => { switch (req.method) { case 'GET': if (!await req.user.hasPermission('events.view')) return res.status(403).send({ error: 'Missing permission', permission: 'events.view' }) break case 'POST': // TODO: Add Group-Permission check if (req.params.x === 'getChilds') break if (!await req.user.hasPermission('events.edit')) return res.status(403).send({ error: 'Missing permission', permission: 'events.edit' }) break default: return res.status(400).send() } next() }) // ############################################################################ // ########################### GET requests ################################# /* * @return: Returns event of given id. */ router.getAsync('/:id', async (req, res) => { var event = await db.event.findOne({ where: { id: req.params.id }, include: ['config', 'clients', 'groups'] }) if (event) res.send(event) else res.status(404).end() }) /* * @return: Returns a list of all events in the database. */ router.getAsync('', async (req, res) => { var events = await db.event.findAll({ include: ['config', 'clients', 'groups'] }) if (events) res.status(200).send(events) else res.status(404).end() }) // ############################################################################ // ########################## POST requests ################################# /* * @return: Returns a list of all childs of the given groups */ router.postAsync('/getChilds', async (req, res) => { if (req.body.groups) { var childs = await groupHelper.getAllChildren(req.body.groups) res.send(childs) } else res.status(404).end() }) // Create, Update or Delete POST router.postAsync(['', '/:id'], async (req, res) => { if (req.query.delete !== undefined && req.query.delete !== 'false') { const user = await db.user.findOne({ where: { id: req.user.id } }) // Only need to log batch request if there is more than one event to delete. if (req.body.ids.length > 1) { await log({ category: 'EVENT_BATCH_DELETE', description: 'Event batch deletion of ' + req.body.ids.length + ' events initiated by user.', user, userId: req.user.id }) } let deletionCounter = 0 // Delete every event on its own, to get a better log for (let index in req.body.ids) { const event = await db.event.findOne({ where: { id: req.body.ids[index] } }) const count = await db.event.destroy({ where: { id: req.body.ids[index] } }) if (count !== 1) { await log({ category: 'ERROR_EVENT_DELETE', description: '[' + event.id + '] ' + event.name + ': Event could not be deleted.\n' + 'ID: ' + event.id + '\n' + 'Name: ' + event.name + '\n' + 'Description: ' + event.description + '\n' + 'Times: ' + event.times + '\n' + 'Important: ' + event.important + '\n' + 'Wake-on-Lan: ' + event.wakeonlan + '\n' + 'Config ID: ' + event.configId, user, userId: req.user.id }) } else { await log({ category: 'EVENT_DELETE', description: '[' + event.id + '] ' + event.name + ': Event successfully deleted.\n' + 'ID: ' + event.id + '\n' + 'Name: ' + event.name + '\n' + 'Description: ' + event.description + '\n' + 'Times: ' + event.times + '\n' + 'Important: ' + event.important + '\n' + 'Wake-on-Lan: ' + event.wakeonlan + '\n' + 'Config ID: ' + event.configId, user, userId: req.user.id }) deletionCounter++ } } if (req.body.ids.length > 1) { log({ category: 'EVENT_BATCH_DELETE', description: deletionCounter + '/' + req.body.ids.length + ' events successfully deleted.', user, userId: req.user.id }) } HttpResponse.successBatch('deleted', 'event', deletionCounter).send(res) await db.event.destroy({ where: { id: req.body.ids } }).then(count => { res.send({ count }) }) req.body.ids.forEach(id => { socket.send(id) }) } else { var promises = [] var promisesBlacklist = [] var eventDb if (req.body.config.length !== 1) req.body.config = null if (req.body.times.length === 0) req.body.times = null if (req.params.id > 0) { // Update existing event eventDb = await db.event.findOne({ where: { id: req.params.id } }) if (eventDb !== null) { promises.push(eventDb.update({ name: req.body.name, description: req.body.description, times: req.body.times, important: req.body.important, wakeonlan: req.body.wakeonlan, configId: req.body.config || null })) promises.push(eventDb.setGroups(req.body.groups, { through: { blacklist: 0 } })) promises.push(eventDb.setClients(req.body.clients, { through: { blacklist: 0 } })) await Promise.all(promises) promisesBlacklist.push(eventDb.addGroups(req.body.blacklistGroups, { through: { blacklist: 1 } })) promisesBlacklist.push(eventDb.addClients(req.body.blacklistClients, { through: { blacklist: 1 } })) await Promise.all(promisesBlacklist) log({ category: 'EVENT_EDIT', description: '[' + eventDb.id + '] ' + eventDb.name + ': Event successfully edited.\n' + 'ID: ' + eventDb.id + '\n' + 'Name: ' + eventDb.name + '\n' + 'Description: ' + eventDb.description + '\n' + 'Times: ' + eventDb.times + '\n' + 'Important: ' + eventDb.important + '\n' + 'Wake-on-Lan: ' + eventDb.wakeonlan + '\n' + 'Config ID: ' + eventDb.configId + '\n' + 'Groups: ' + req.body.groups + '\n' + 'Clients: ' + req.body.clients + '\n' + 'Blacklist-Groups: ' + req.body.blacklistGroups + '\n' + 'Blacklist-Clients: ' + req.body.blacklistClients, userId: req.user.id }) socket.send(eventDb.id) res.send({ id: req.params.id }) } else { res.status(404).end() } } else if (req.params.id === undefined) { // Create new event eventDb = await db.event.create({ name: req.body.name, description: req.body.description, times: req.body.times, important: req.body.important, wakeonlan: req.body.wakeonlan, configId: req.body.config || null }) promises.push(eventDb.setGroups(req.body.groups, { through: { blacklist: 0 } })) promises.push(eventDb.setClients(req.body.clients, { through: { blacklist: 0 } })) await Promise.all(promises) promisesBlacklist.push(eventDb.addGroups(req.body.blacklistGroups, { through: { blacklist: 1 } })) promisesBlacklist.push(eventDb.addClients(req.body.blacklistClients, { through: { blacklist: 1 } })) await Promise.all(promisesBlacklist) log({ category: 'EVENT_CREATE', description: '[' + eventDb.id + '] ' + eventDb.name + ': Event successfully created.\n' + 'ID: ' + eventDb.id + '\n' + 'Name: ' + eventDb.name + '\n' + 'Description: ' + eventDb.description + '\n' + 'Times: ' + eventDb.times + '\n' + 'Important: ' + eventDb.important + '\n' + 'Wake-on-Lan: ' + eventDb.wakeonlan + '\n' + 'Config ID: ' + eventDb.configId + '\n' + 'Groups: ' + req.body.groups + '\n' + 'Clients: ' + req.body.clients + '\n' + 'Blacklist-Groups: ' + req.body.blacklistGroups + '\n' + 'Blacklist-Clients: ' + req.body.blacklistClients, userId: req.user.id }) socket.send(eventDb.id) res.send({ id: req.body.id }) } } }) // ############################################################################ // ############################################################################ module.exports.router = router