From a139ebedbc2816f70d119721c33a16992009602a Mon Sep 17 00:00:00 2001 From: loic Date: Sun, 25 Nov 2018 11:07:33 +0100 Subject: [PATCH 01/26] Add three dependencies Validate.js: form validation express-sanitizer: xss prevention quill delta to html: Server side rendering of Quill objects --- package.json | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/package.json b/package.json index 4d3bec5..7df48f2 100644 --- a/package.json +++ b/package.json @@ -47,6 +47,7 @@ "cookie-session": "1.3.2", "ejs": "2.5.8", "express": "4.16.2", + "express-sanitizer": "1.0.4", "lodash": "4.17.4", "mailgun-js": "0.21.0", "node-sass-middleware": "0.11.0", @@ -54,13 +55,15 @@ "pg": "7.4.1", "pg-hstore": "2.3.2", "qs": "6.5.0", + "quill-delta-to-html": "0.10.6", "request": "2.88.0", "request-promise": "4.2.2", "saga-logger": "0.0.8", "saga-managed-error": "1.0.0", "sequelize": "4.32.2", "serve-favicon": "2.4.5", - "shortid": "2.2.13" + "shortid": "2.2.13", + "validate.js": "0.12.0" }, "semistandard": { "globals": [ From 13d526f8d69eb1a02d3b4cdcf8e53185c01209d7 Mon Sep 17 00:00:00 2001 From: loic Date: Sun, 25 Nov 2018 11:07:54 +0100 Subject: [PATCH 02/26] Add projects public route --- src/authentication/index.js | 1 + 1 file changed, 1 insertion(+) diff --git a/src/authentication/index.js b/src/authentication/index.js index a247428..04f90aa 100755 --- a/src/authentication/index.js +++ b/src/authentication/index.js @@ -11,6 +11,7 @@ const publicRoutes = { '/connexion': ['GET'], '/contact': ['GET', 'POST'], '/membres': ['GET'], + '/projets': ['GET'], '/healthcheck': ['GET'], '/inscription': ['GET', 'POST'] }; From 9c6922a3fc3ec31a9dc718feda1270eb7c7e362c Mon Sep 17 00:00:00 2001 From: loic Date: Sun, 25 Nov 2018 11:08:33 +0100 Subject: [PATCH 03/26] Update model --- src/models/Machines.js | 74 ++++++++++++++++++++++++++++++++++++++++++ src/models/Projects.js | 52 +++++++++++++++++++++++++++-- src/models/Users.js | 6 +++- 3 files changed, 128 insertions(+), 4 deletions(-) create mode 100644 src/models/Machines.js diff --git a/src/models/Machines.js b/src/models/Machines.js new file mode 100644 index 0000000..97b030b --- /dev/null +++ b/src/models/Machines.js @@ -0,0 +1,74 @@ +const { + attachDeleteByIds, + attachFindByIds, + attachUpdateByIds +} = require('../helpers/models'); + +const shortid = require('shortid'); + +const setClassMethods = Machines => { + Machines.findByIds = attachFindByIds(Machines); + + Machines.deleteByIds = attachDeleteByIds(Machines); + + Machines.deleteCascade = async (ids, models) => { + return Machines.deleteByIds(ids); + }; + + Machines.updateByIds = attachUpdateByIds(Machines); +}; + +module.exports = (sequelize, DataTypes) => { // NOSONAR + const Machines = sequelize.define('machines', { + + shortid: { + type: DataTypes.TEXT, + allowNull: false, + unique: 'machines_short_id' + }, + + name: { + type: DataTypes.TEXT, + allowNull: false + }, + + description: { + type: DataTypes.TEXT, + allowNull: false + }, + + // It cool be nice to store a susbset of HTML generated by a webeditor + longDescription: { + type: DataTypes.TEXT, + field: 'long_description' + }, + + createdAt: { + type: DataTypes.DATE, + field: 'created_at' + }, + + updatedAt: { + type: DataTypes.DATE, + field: 'updated_at' + }, + + deletedAt: { + type: DataTypes.DATE, + field: 'deleted_at' + } + }, { + timestamps: true, + paranoid: true, + hooks: { + beforeCreate (result, options) { + result.shortId = shortid.generate(); + } + }, + indexes: [] + }); + + setClassMethods(Machines); + + return Machines; +}; diff --git a/src/models/Projects.js b/src/models/Projects.js index 2358fda..08f6da5 100644 --- a/src/models/Projects.js +++ b/src/models/Projects.js @@ -21,9 +21,8 @@ const setClassMethods = Projects => { module.exports = (sequelize, DataTypes) => { // NOSONAR const Projects = sequelize.define('projects', { - shortid: { + shortId: { type: DataTypes.TEXT, - allowNull: false, unique: 'projects_short_id' }, @@ -32,16 +31,46 @@ module.exports = (sequelize, DataTypes) => { // NOSONAR allowNull: false }, + // Project URL key + slug: { + type: DataTypes.STRING, + allowNull: false + }, + + imageLink: { + type: DataTypes.STRING, + field: 'image_link' + }, + description: { type: DataTypes.TEXT, allowNull: false }, + // Store Quill Delta object + longDescription: { + type: DataTypes.TEXT, + field: 'long_description' + }, + + // Hold id[] of machines used in project. + // WARN: Not Database-agnostic + machines: { + type: DataTypes.ARRAY(DataTypes.SMALLINT) + }, + link: { type: DataTypes.TEXT, allowNull: false }, + // Wether or not the project can be visible publicly + privacyLevel: { + type: DataTypes.STRING, + allowNull: false, + field: 'privacy_level' + }, + createdAt: { type: DataTypes.DATE, field: 'created_at' @@ -64,10 +93,27 @@ module.exports = (sequelize, DataTypes) => { // NOSONAR result.shortId = shortid.generate(); } }, - indexes: [] + indexes: [{ + unique: true, + fields: ['slug'] + }] }); setClassMethods(Projects); + Projects.privacyLevels = { + PRIVATE: 'private', + MEMBERS: 'members', + PUBLIC: 'public' + }; + + Projects.associate = models => { + Projects.belongsToMany(models.users, { + through: 'user_projects', + as: 'users', + foreignKey: 'projectId' + }); + }; + return Projects; }; diff --git a/src/models/Users.js b/src/models/Users.js index 8c30a87..06f910b 100644 --- a/src/models/Users.js +++ b/src/models/Users.js @@ -158,7 +158,11 @@ module.exports = (sequelize, DataTypes) => { // NOSONAR setClassMethods(Users); Users.associate = models => { - Users.hasMany(models.projects); + Users.belongsToMany(models.projects, { + through: 'user_projects', + as: 'projects', + foreignKey: 'userId' + }); Users.hasMany(models.bills); Users.hasMany(models.subscribtions); Users.hasMany(models.billingdetails); From bccd9c7af04b4e0cd7cf57a5d46a5fd20535bf83 Mon Sep 17 00:00:00 2001 From: loic Date: Sun, 25 Nov 2018 11:08:59 +0100 Subject: [PATCH 04/26] Load express-sanitizer --- src/server.js | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/server.js b/src/server.js index 63e5477..4f60f26 100644 --- a/src/server.js +++ b/src/server.js @@ -3,6 +3,7 @@ const qs = require('qs'); const express = require('express'); const bodyParser = require('body-parser'); const path = require('path'); +const expressSanitizer = require('express-sanitizer'); const ManagedError = require('saga-managed-error'); const favicon = require('serve-favicon'); const sassMiddleware = require('node-sass-middleware'); @@ -57,6 +58,8 @@ module.exports = () => { }) ); + app.use(expressSanitizer()); + app.use(favicon('./src/static/images/favicon.ico')); app.use(express.static('./src/static/')); From c3ebc70872b1cfadfaad9193cd9d2654ec13995b Mon Sep 17 00:00:00 2001 From: loic Date: Sun, 25 Nov 2018 11:09:48 +0100 Subject: [PATCH 05/26] Create custom validation for project --- .../validation/project.constraints.js | 47 +++++++++++++++++++ src/resources/validation/validators.js | 31 ++++++++++++ 2 files changed, 78 insertions(+) create mode 100644 src/resources/validation/project.constraints.js create mode 100644 src/resources/validation/validators.js diff --git a/src/resources/validation/project.constraints.js b/src/resources/validation/project.constraints.js new file mode 100644 index 0000000..a15ef42 --- /dev/null +++ b/src/resources/validation/project.constraints.js @@ -0,0 +1,47 @@ +/* +This file holds the validation constraints applied on a project creation form + */ + +const validators = require('./validators'); +const validate = require('validate.js'); + +validate.validators.asyncUniqueSlugValidator = validators.uniqueInTableValidator('projects', 'slug'); + +module.exports.projectConstraints = context => () => ({ + + title: { + presence: { + message: 'Le titre doit être spécifié' + } + }, + description: { + + }, + // No constraints on edition + slug: context && context === 'edit' ? {} : { + presence: { + message: 'Le slug doit être spécifié' + }, + asyncUniqueSlugValidator: { + message: 'Cette adresse est déjà occupée...' + }, + format: { + pattern: /^[a-z0-9]+(?:-[a-z0-9]+)*$/, + message: 'Le slug doit respecter ce format : je-suis-un-slug' + } + }, + long_description: { + + }, + imageLink: { + + }, + link: { + + }, + privacy_level: { + presence: { + message: 'Le niveau de confidentialité doit être spécifié' + } + } +}); diff --git a/src/resources/validation/validators.js b/src/resources/validation/validators.js new file mode 100644 index 0000000..93e757a --- /dev/null +++ b/src/resources/validation/validators.js @@ -0,0 +1,31 @@ +/* +This file holds custom validators for validate.js + */ + +const models = require('../../models'); + +const validate = require('validate.js'); + +/** + * Check if a database record exists with : entityName.attribute = value + * @param {string} entityName Table name + * @param {string} attribute Column name + * @return {?string} message or undefined + */ +module.exports.uniqueInTableValidator = (entityName, attribute) => (value, attributes, attributeName, options, constraints) => { + return new validate.Promise(function (resolve, reject) { + + models[entityName].find({ + here: { + [attribute]: value + } + }) + .then((response) => { + resolve(response !== null ? attributes.message : undefined); + }) + .catch((e) => { + console.error(e); + resolve(options.message); + }); + }); +}; From 66cec2992398d0bfdda71ffa95db27d4a3cc1af1 Mon Sep 17 00:00:00 2001 From: loic Date: Sun, 25 Nov 2018 11:10:27 +0100 Subject: [PATCH 06/26] Create public project pages --- src/controllers/projets/index.js | 49 ++++++++++++++++++++++++++++++++ src/views/projects/index.ejs | 23 +++++++++++++++ src/views/projects/project.ejs | 33 +++++++++++++++++++++ 3 files changed, 105 insertions(+) create mode 100644 src/controllers/projets/index.js create mode 100644 src/views/projects/index.ejs create mode 100644 src/views/projects/project.ejs diff --git a/src/controllers/projets/index.js b/src/controllers/projets/index.js new file mode 100644 index 0000000..37a1889 --- /dev/null +++ b/src/controllers/projets/index.js @@ -0,0 +1,49 @@ +const QuillDeltaToHtmlConverter = require('quill-delta-to-html').QuillDeltaToHtmlConverter; + +const models = require('../../models'); +const views = require('../../views'); + +module.exports.read = async (params, meta) => { + // Privacy level according to user identity + const privacyLevel = meta.user ? [models.projects.privacyLevels.MEMBERS, models.projects.privacyLevels.PUBLIC] : models.projects.privacyLevels.PUBLIC; + + // Asking for one particular project + if (params.id) { + const project = await models.projects.find({ + where: { + slug: params.id, + privacyLevel: privacyLevel + }, + raw: true + }); + + if (!project) { + return 404; + } + + // Convert Quill Delta object to HTML + var converter = new QuillDeltaToHtmlConverter(project.longDescription, {}); + var projectLongDescriptionHtml = converter.convert(); + + return views.render('./src/views/projects/project.ejs', { + user: meta.user, + project: project, + projectLongDescriptionHtml + }); + } + + const projects = await models.projects.findAll({ + where: { + privacyLevel: privacyLevel + }, + include: [{ + model: models.users, + as: 'users' + }] + }); + + return views.render('./src/views/projects/index.ejs', { + user: meta.user, + projects: projects + }); +}; diff --git a/src/views/projects/index.ejs b/src/views/projects/index.ejs new file mode 100644 index 0000000..7cd669a --- /dev/null +++ b/src/views/projects/index.ejs @@ -0,0 +1,23 @@ +<%- include('../layout/top', {page: 'projets'}); %> + +
+
+
+

Projets + <% if (user) { %> + | Mes projets + <% } %> +

+
+
+ +
+
+

Retrouvez ici quelques projets réalisés par les Fabiens

+
+
+ <%- include("../_partials/projectList.ejs", {projects, user}) %> +
+
+
+<%- include('../layout/bottom'); %> diff --git a/src/views/projects/project.ejs b/src/views/projects/project.ejs new file mode 100644 index 0000000..7cb2ebc --- /dev/null +++ b/src/views/projects/project.ejs @@ -0,0 +1,33 @@ +<%- include('../layout/top', {page: 'projets'}); %> +
+
+
+

+ <%= project.title %> +

+ + <% if (project.link) { %> + Voir le projet sur Github + <% } %> + +

+ <%= project.description %> +

+ +
+
+ +
+
+ <%- projectLongDescriptionHtml %> +
+
+ +
+
+ +
+
+
+
+
From 2cc2a45e0606d6b487001349b0eec5e004514d75 Mon Sep 17 00:00:00 2001 From: loic Date: Sun, 25 Nov 2018 11:13:04 +0100 Subject: [PATCH 07/26] Create menu entries --- src/views/layout/top.ejs | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/views/layout/top.ejs b/src/views/layout/top.ejs index 0f3b3d3..c39a17d 100644 --- a/src/views/layout/top.ejs +++ b/src/views/layout/top.ejs @@ -25,6 +25,11 @@
  • Membres
    • + +
  • + Projets +
    • +
  • Contactez-nous
    • @@ -44,6 +49,8 @@
  • + Mes projets +
    Editer mon profil Editer mon adresse
    From f9a5aaa8ffdcd44246612f1ce9178d2b110e266f Mon Sep 17 00:00:00 2001 From: loic Date: Sun, 25 Nov 2018 11:14:02 +0100 Subject: [PATCH 08/26] Add hook to add scripts/stylessheets Seems that there is a code formatting conflict --- src/views/layout/bottom.ejs | 69 +++++++++++++++++++++++-------------- 1 file changed, 44 insertions(+), 25 deletions(-) diff --git a/src/views/layout/bottom.ejs b/src/views/layout/bottom.ejs index f7b38ba..43e20f1 100644 --- a/src/views/layout/bottom.ejs +++ b/src/views/layout/bottom.ejs @@ -1,27 +1,46 @@ -
    -
    -
    -
    -


    OpenFab adhère à la charte des FabLabs et est reconnu par la Benelux Fab Foundation

    -
    -
    -

    - Suis nous -

    - - -
    - - - -
    -
    -


    This work is licensed under a Creative Commons Attribution NonCommercial ShareAlike 4.0 International License.
    - Design by ZuperNinja and Satblip with BootStrap and french fries.

    -
    -
    -
    +
    +
    +
    +
    +


    OpenFab adhère à la charte des FabLabs et est reconnu par la Benelux Fab Foundation

    +
    +
    +

    - Suis nous -

    + + +
    + + + +
    +
    +


    This work is licensed under a Creative Commons Attribution NonCommercial ShareAlike 4.0 International License.
    + Design by ZuperNinja and Satblip with BootStrap and french fries.

    +
    +
    +
    + + + + + + +<% if (typeof additionalLinks !== 'undefined' && additionalLinks instanceof Array) { + for (link of additionalLinks) { %> + +<% }} %> + +<% if (typeof additionalScripts !== 'undefined' && additionalScripts instanceof Array) { + for (script of additionalScripts) { %> + +<% }} %> + + + - - - - From 392bf1bb45da0d549ee5806f5c85fdeba4cbaf07 Mon Sep 17 00:00:00 2001 From: loic Date: Sun, 25 Nov 2018 11:14:51 +0100 Subject: [PATCH 09/26] Create partials for project list, form, and user icon --- src/views/_partials/projectForm.ejs | 145 ++++++++++++++++++++++++++++ src/views/_partials/projectList.ejs | 42 ++++++++ src/views/_partials/userIcon.ejs | 13 +++ 3 files changed, 200 insertions(+) create mode 100644 src/views/_partials/projectForm.ejs create mode 100644 src/views/_partials/projectList.ejs create mode 100644 src/views/_partials/userIcon.ejs diff --git a/src/views/_partials/projectForm.ejs b/src/views/_partials/projectForm.ejs new file mode 100644 index 0000000..bb6854b --- /dev/null +++ b/src/views/_partials/projectForm.ejs @@ -0,0 +1,145 @@ +
    + + + <% if(returningNewProject.id) { %> + + <% } %> + + +
    +
    + +
    + + +
    + +
    + + +
    + +
    + + +
    +
    + +
    +
    + + <%# MaxLenght due to use in meta description %> + +
    +
    + +
    + + +
    +
    + +
    +

    Hello World!

    +

    Some initial bold text

    +


    +
    + +
    +
    + +
    +
    +
    + + +
    +
    + +
    +
    + + +
    +
    +
    + +
    + +
    +

    Membres

    +
      + <% for (u of users) { %> +
    • + +
      • + <% } %> +
    +
    + + +
    +

    Machines

    +
    +
    + +
    +
    +
    + + +
    +
    +
    + + + +
    +
    diff --git a/src/views/_partials/projectList.ejs b/src/views/_partials/projectList.ejs new file mode 100644 index 0000000..08b04ca --- /dev/null +++ b/src/views/_partials/projectList.ejs @@ -0,0 +1,42 @@ +<% let isEditable = false; %> + +
    + + <% if(!projects || !projects.length) { %> +

    Il n"y a aucun projet à afficher...

    + <% } else { %> + + <% for (p of projects) { %> + <% isEditable = false; %> + +
    +
    + + +
    +     + +
    + +
    + <%= p.title %> +
    +     +

    + <%= p.description %> +

    +
    + +
    + <% p.users.forEach(u => { %> + <%- include("./userIcon.ejs", { user:u }) %> + <% if (u.id === user.id) { isEditable = true;} %> + <% }); %> + <% if (isEditable) { %> + + <% } %> +
    +
    +
    + <% }} %> +
    diff --git a/src/views/_partials/userIcon.ejs b/src/views/_partials/userIcon.ejs new file mode 100644 index 0000000..ea588b2 --- /dev/null +++ b/src/views/_partials/userIcon.ejs @@ -0,0 +1,13 @@ +<% if(typeof link === "undefined" || link === true){ %> + + <% } %> + +
    data-toggle="tooltip" + <% } %> + data-placement="right" title=" + <%= `${user.firstName} ${user.lastName}` %>"> +
    + + <% if(typeof link === "undefined" || link === true){ %> +     +<% } %> From 87c8b2db4c348fe059640c807d8a0ba6b68fbf3b Mon Sep 17 00:00:00 2001 From: loic Date: Sun, 25 Nov 2018 11:15:44 +0100 Subject: [PATCH 10/26] Create project-related private pages --- src/controllers/perso/projets/edit.js | 160 +++++++++++++++++++++++ src/controllers/perso/projets/index.js | 42 ++++++ src/controllers/perso/projets/nouveau.js | 106 +++++++++++++++ src/views/perso/projects/edit.ejs | 29 ++++ src/views/perso/projects/index.ejs | 20 +++ src/views/perso/projects/new.ejs | 29 ++++ src/views/perso/projects/project.ejs | 44 +++++++ 7 files changed, 430 insertions(+) create mode 100644 src/controllers/perso/projets/edit.js create mode 100644 src/controllers/perso/projets/index.js create mode 100644 src/controllers/perso/projets/nouveau.js create mode 100644 src/views/perso/projects/edit.ejs create mode 100644 src/views/perso/projects/index.ejs create mode 100644 src/views/perso/projects/new.ejs create mode 100644 src/views/perso/projects/project.ejs diff --git a/src/controllers/perso/projets/edit.js b/src/controllers/perso/projets/edit.js new file mode 100644 index 0000000..cdce26e --- /dev/null +++ b/src/controllers/perso/projets/edit.js @@ -0,0 +1,160 @@ +const Sequelize = require('sequelize'); +const Op = Sequelize.Op; + +const models = require('../../../models'); +const validate = require('validate.js'); + +const views = require('../../../views'); +const view = './src/views/perso/projects/edit.ejs'; + +// Form validation constraints +const { + projectConstraints +} = require('../../../resources/validation/project.constraints'); +const editProjectConstraints = projectConstraints('edit'); + +module.exports.read = async (params, meta) => { + const project = await models.projects.findOne({ + where: { + slug: params.id + } + }); + + if (!project) { + return 404; + } + + // Check if logged user belongs to the project + const users = await project.getUsers(); + if (!users.find(u => u.id === meta.user.id)) { + return 403; + } + // Store information in the object + project.users = users; + + const allUsers = await models.users.findAll({ + where: { + id: { + [Op.ne]: meta.user.id + } + }, + attributes: { + exclude: ['password'] + } + }); + + return views.render(view, { + user: meta.user, + + showLabel: true, + formAction: '.', + privacyLevels: models.projects.privacyLevels, + users: allUsers, + + returningNewProject: project, + errors: null + }); +}; + +// Using create hook to keep working directly with
    +module.exports.create = async (params, meta, req, res) => { + const allUsers = await models.users.findAll({ + where: { + id: { + [Op.ne]: meta.user.id + } + }, + attributes: { + exclude: ['password'] + } + }); + + // Form validation + try { + await validate.async(params, editProjectConstraints); + } catch (e) { + return views.render(view, { + user: meta.user, + privacyLevels: models.projects.privacyLevels, + users: allUsers, + + returningNewProject: req.body, + errors: e + }); + } + + const project = await models.projects.findOne({ + where: { + id: req.body.projectId + } + }); + + if (!project) { + return 404; + } + + // Check if logged user belongs to the project + const users = await project.getUsers(); + if (!users.find(u => u.id === meta.user.id)) { + return 403; + } + + return models.projects.update({ + title: req.body.title, + description: req.body.description, + // Cannot update slug + // slug: req.body.slug, + longDescription: req.body.long_description, + link: req.body.link, + privacyLevel: req.body.privacy_level + }, { + where: { + id: project.id + } + }) + .then(result => { + return { + redirect: `/perso/projets/${project.slug}` + // TODO: add succes message + }; + }) + .catch(async error => { + console.error(error); + + return views.render(view, { + user: meta.user, + users: allUsers, + returningNewProject: req.body, + errors: error.original.detail, + + showLabel: true, + formAction: '.', + privacyLevels: models.projects.privacyLevels + }); + }); +}; + +module.exports.destroy = async (params, meta, req, res) => { + const project = await models.projects.findById(params.id); + + if (!project) { + return 400; + } + + // Check if logged user belongs to the project + const users = await project.getUsers(); + if (!users.find(u => u.id === meta.user.id)) { + return 403; + } + + models.projects.destroy({ + where: { + id: project.id + } + }) + .then(() => 200) + .catch((e) => { + console.error(e); + return 500; + }); +}; diff --git a/src/controllers/perso/projets/index.js b/src/controllers/perso/projets/index.js new file mode 100644 index 0000000..7cbbe6f --- /dev/null +++ b/src/controllers/perso/projets/index.js @@ -0,0 +1,42 @@ +var QuillDeltaToHtmlConverter = require('quill-delta-to-html').QuillDeltaToHtmlConverter; + +const models = require('../../../models'); + +const views = require('../../../views'); + +module.exports.read = async (params, meta) => { + const user = await models.users.findById(meta.user.id); + const projects = await user.getProjects({ + include: [{ + all: true + }] + }); + + if (params.id) { + console.log(params.id); + // @TODO: escape param + const filteredProjects = projects.filter((p) => p.slug === params.id); + + if (!filteredProjects.length) { + // 404 + return 404; + } + + const project = filteredProjects[0]; + // Convert Quill Delta object to HTML + const converter = new QuillDeltaToHtmlConverter(project.longDescription, {}); + const projectLongDescriptionHtml = converter.convert(); + + console.debug(project); + return views.render('./src/views/perso/projects/project.ejs', { + user: meta.user, + project: project, + projectLongDescriptionHtml + }); + } + + return views.render('./src/views/perso/projects/index.ejs', { + user: meta.user, + projects: projects + }); +}; diff --git a/src/controllers/perso/projets/nouveau.js b/src/controllers/perso/projets/nouveau.js new file mode 100644 index 0000000..36f943b --- /dev/null +++ b/src/controllers/perso/projets/nouveau.js @@ -0,0 +1,106 @@ +const models = require('../../../models'); +const Sequelize = require('sequelize'); +const Op = Sequelize.Op; +const validate = require('validate.js'); +const views = require('../../../views'); +const view = './src/views/perso/projects/new.ejs'; + +// Form validation constraints +const { + projectConstraints +} = require('../../../resources/validation/project.constraints'); +const projectCreationConstraints = projectConstraints('create'); + +module.exports.read = async (params, meta) => { + const allUsers = await models.users.findAll({ + where: { + id: { + [Op.ne]: meta.user.id + } + }, + attributes: { + exclude: ['password'] + } + }); + + return views.render(view, { + user: meta.user, + + privacyLevels: models.projects.privacyLevels, + users: allUsers, + + returningNewProject: {users: []}, + errors: null + }); +}; + +module.exports.create = async (params, meta, req, res) => { + const allUsers = await models.users.findAll({ + where: { + id: { + [Op.ne]: meta.user.id + } + }, + attributes: { + exclude: ['password'] + } + }); + + // Validation + try { + await validate.async(params, projectCreationConstraints); + } catch (e) { + console.error(e); + return views.render(view, { + user: meta.user, + privacyLevels: models.projects.privacyLevels, + users: allUsers, + + returningNewProject: req.body, + errors: e + }); + } + + // Create project + return models.projects.create({ + title: req.body.title, + description: req.body.description, + slug: req.body.slug, + // No escape on rendering + longDescription: req.sanitize(req.body.long_description), + imageLink: req.body.imageLink, + link: req.body.link, + privacyLevel: req.body.privacy_level + }) + .then(async result => { + // Add users relations + // Adding logged user id to the choice from form + const userIds = typeof params.users === 'string' ? [params.users, meta.user.id] : params.users.concat(meta.user.id); + const users = await models.users.findAll({ + where: { + id: { + [Op.in]: userIds.map(id => parseInt(id, 10)) + } + } + }); + + result.addUsers(users.map(u => u.id)); + + return { + redirect: '/perso/projets' + // TODO: add succes message + }; + }) + .catch(error => { + console.error(error); + + return views.render(view, { + user: meta.user, + returningNewProject: req.body, + users: allUsers, + privacyLevels: models.projects.privacyLevels, + + errors: 'Erreur' + }); + }); +}; diff --git a/src/views/perso/projects/edit.ejs b/src/views/perso/projects/edit.ejs new file mode 100644 index 0000000..df064ac --- /dev/null +++ b/src/views/perso/projects/edit.ejs @@ -0,0 +1,29 @@ +<%- include('../../layout/top', {page: 'projets'}); %> + +
    +
    +
    +

    Édition

    +
    +
    + + <% if (errors) { for (key of Object.keys(errors)) { %> +
    +
    + +
    +
    + <% }} %> + +
    +
    + <%- include("../../_partials/projectForm.ejs", { privacyLevels, users }) %> +
    +
    +
    +<%- include('../../layout/bottom', { + additionalScripts: ['//cdn.quilljs.com/1.3.6/quill.min.js', '/js/projectForm.js'], + additionalLinks: ['https://cdn.quilljs.com/1.3.6/quill.snow.css'] +}); %> diff --git a/src/views/perso/projects/index.ejs b/src/views/perso/projects/index.ejs new file mode 100644 index 0000000..9fb9d87 --- /dev/null +++ b/src/views/perso/projects/index.ejs @@ -0,0 +1,20 @@ +<%- include('../../layout/top', {page: 'projets'}); %> + +
    +
    +
    +

    Mes projets + + add + Créer + +

    +
    +
    +
    +
    + <%- include("../../_partials/projectList.ejs", {projects}) %> +
    +
    +
    +<%- include('../../layout/bottom'); %> diff --git a/src/views/perso/projects/new.ejs b/src/views/perso/projects/new.ejs new file mode 100644 index 0000000..0005d0d --- /dev/null +++ b/src/views/perso/projects/new.ejs @@ -0,0 +1,29 @@ +<%- include('../../layout/top', {page: 'projets'}); %> + +
    +
    +
    +

    Créer un projet

    +
    +
    + + <% if (errors) { for (key of Object.keys(errors)) { %> +
    +
    + +
    +
    + <% }} %> + +
    +
    + <%- include("../../_partials/projectForm.ejs", { privacyLevels:privacyLevels }) %> +
    +
    +
    +<%- include('../../layout/bottom', { + additionalScripts: ['//cdn.quilljs.com/1.3.6/quill.min.js', '/js/projectForm.js'], + additionalLinks: ['https://cdn.quilljs.com/1.3.6/quill.snow.css'] +}); %> diff --git a/src/views/perso/projects/project.ejs b/src/views/perso/projects/project.ejs new file mode 100644 index 0000000..e73db55 --- /dev/null +++ b/src/views/perso/projects/project.ejs @@ -0,0 +1,44 @@ +<%- include('../../layout/top', {page: 'projets'}); %> + +
    +
    +
    +

    + <%= project.title %> + + <% if (user) { %> + Éditer + <% } %> +

    + + <% if (project.link) { %> + Voir le projet sur Github + <% } %> + +

    + <%= project.description %> +

    + +
    +
    + <% project.users.forEach(u => { %> + <%= u.name %> + <% }); %> +
    +
    + +
    +
    + <%- projectLongDescriptionHtml %> +
    +
    + +
    +
    + +
    +
    +
    +
    +
    +<%- include('../../layout/bottom'); %> From 9c3e7f7fbf701b237142a3bf835744adef8dc49a Mon Sep 17 00:00:00 2001 From: loic Date: Sun, 25 Nov 2018 11:16:44 +0100 Subject: [PATCH 11/26] Create script for form edition. Handling ajax deletion, quill editor management --- src/static/js/projectForm.js | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 src/static/js/projectForm.js diff --git a/src/static/js/projectForm.js b/src/static/js/projectForm.js new file mode 100644 index 0000000..3344a55 --- /dev/null +++ b/src/static/js/projectForm.js @@ -0,0 +1,34 @@ +'use strict'; + +$().ready(function () { + // Deletion + document.querySelector('#js-delete-project').onclick = function () { + // Send ajax request + $.ajax({ + method: 'DELETE', + url: '.', + data: { + id: '<%= returningNewProject.id %>' + } + }) + .done(function (msg) { + console.log(msg); + window.location = '/perso/projets'; + }) + .fail((e) => { + console.error(e); + alert('Échec de la suppression'); + }); + } + + // On submission, put quill editor data in corresponding field + document.querySelector('#js-project-form').onSubmit = function () { + document.querySelector('input[name=long_description]').value = JSON.stringify(projectContentEditor.getContents()); + return true; + } + + // Initialize Quill editor + window.projectContentEditor = new Quill('#editor', { + theme: 'snow' + }); +}); From 280afecd83fd507639fdb7dc9981586d47826c7b Mon Sep 17 00:00:00 2001 From: loic Date: Sun, 25 Nov 2018 11:17:13 +0100 Subject: [PATCH 12/26] Adapt members page to the new project architecture --- src/controllers/membres.js | 17 ++++++++++++----- src/views/membre.ejs | 12 +----------- 2 files changed, 13 insertions(+), 16 deletions(-) diff --git a/src/controllers/membres.js b/src/controllers/membres.js index cd45a3f..7e9dbef 100644 --- a/src/controllers/membres.js +++ b/src/controllers/membres.js @@ -12,17 +12,24 @@ module.exports.read = async (params, meta) => { where: { passportId: params.id }, - attributes: { exclude: ['password'] }, - raw: true + attributes: { exclude: ['password'] } }); + if (!member) { + return 404; + } + member.hashedEmail = hashEmail.hashMd5(member.email); + const privacyLevel = meta.user ? [models.projects.privacyLevels.MEMBERS, models.projects.privacyLevels.PUBLIC] : models.projects.privacyLevels.PUBLIC; - const projects = await models.projects.findAll({ + const projects = await member.getProjects({ where: { - userId: member.id + privacyLevel: privacyLevel }, - raw: true + include: [{ + model: models.users, + as: 'users' + }] }); return views.render('./src/views/membre.ejs', { diff --git a/src/views/membre.ejs b/src/views/membre.ejs index a0c5fd5..d8db5c4 100644 --- a/src/views/membre.ejs +++ b/src/views/membre.ejs @@ -27,17 +27,7 @@

    Projets :

    - -
    - <% projects.forEach(function (project) { %> - -
    -
    <%- project.title %>
    -
    -

    <%- project.description %>

    -     - <% }) %> -
    + <%- include("./_partials/projectList.ejs", {projects, undefined}) %>
    From 0dc09969460fca98e8f7e04c47f9007a0c87356e Mon Sep 17 00:00:00 2001 From: loic Date: Sun, 25 Nov 2018 11:18:00 +0100 Subject: [PATCH 13/26] Various style additions related to projects --- src/scss/_members.scss | 45 +++++++++++++++++++++++++++++++++++++++++ src/scss/_projects.scss | 22 ++++++++++++++++++++ src/scss/styles.scss | 1 + 3 files changed, 68 insertions(+) create mode 100644 src/scss/_projects.scss diff --git a/src/scss/_members.scss b/src/scss/_members.scss index bdf79ce..6f38d92 100644 --- a/src/scss/_members.scss +++ b/src/scss/_members.scss @@ -1,3 +1,48 @@ .card-bottom { margin-bottom: 15px; } + +.user-icon { + height: 3em; + width: 3em; + border-radius: 50%; + background-repeat: no-repeat; + background-position: center; + background-size: cover; +} + +%cardHover { + background-color: $lightgrey; + cursor: pointer; +} + +.user-list-item:checked + .card { + background-color: lighten($lightgrey, 5); + + &:hover { + @extend %cardHover; + } +} + +.card:hover { + @extend %cardHover; +} + +.select-user-option { + label { + width: 100%; + } + + .card-body { + padding: 0.25em; + } + + .user-icon { + display: inline-block; + height: 2em; + margin-left: .5em; + margin-right: .75em; + width: 2em; + vertical-align: middle; + } +} diff --git a/src/scss/_projects.scss b/src/scss/_projects.scss new file mode 100644 index 0000000..edb3d5d --- /dev/null +++ b/src/scss/_projects.scss @@ -0,0 +1,22 @@ +.project-list { + +} + +.project { + + .card-footer { + padding: .5em; + + a { + display: inline-block; + } + } +} + +.project-image { + background-position: center; + background-size: contain; + background-repeat: no-repeat; + + height: 12em; +} diff --git a/src/scss/styles.scss b/src/scss/styles.scss index 88e939b..cf6187e 100644 --- a/src/scss/styles.scss +++ b/src/scss/styles.scss @@ -7,3 +7,4 @@ @import "home"; @import "members"; @import "profile"; +@import "projects"; From d1107119e96714aa71b2e5384c7fea6cd8dae394 Mon Sep 17 00:00:00 2001 From: loic Date: Sun, 25 Nov 2018 11:07:33 +0100 Subject: [PATCH 14/26] Add three dependencies Validate.js: form validation express-sanitizer: xss prevention quill delta to html: Server side rendering of Quill objects --- package.json | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/package.json b/package.json index 4d3bec5..7df48f2 100644 --- a/package.json +++ b/package.json @@ -47,6 +47,7 @@ "cookie-session": "1.3.2", "ejs": "2.5.8", "express": "4.16.2", + "express-sanitizer": "1.0.4", "lodash": "4.17.4", "mailgun-js": "0.21.0", "node-sass-middleware": "0.11.0", @@ -54,13 +55,15 @@ "pg": "7.4.1", "pg-hstore": "2.3.2", "qs": "6.5.0", + "quill-delta-to-html": "0.10.6", "request": "2.88.0", "request-promise": "4.2.2", "saga-logger": "0.0.8", "saga-managed-error": "1.0.0", "sequelize": "4.32.2", "serve-favicon": "2.4.5", - "shortid": "2.2.13" + "shortid": "2.2.13", + "validate.js": "0.12.0" }, "semistandard": { "globals": [ From 9f33a5f1e73c4a8641e45adbd93ecf06bbbfc33a Mon Sep 17 00:00:00 2001 From: loic Date: Sun, 25 Nov 2018 11:07:54 +0100 Subject: [PATCH 15/26] Add projects public route --- src/authentication/index.js | 1 + 1 file changed, 1 insertion(+) diff --git a/src/authentication/index.js b/src/authentication/index.js index a247428..04f90aa 100755 --- a/src/authentication/index.js +++ b/src/authentication/index.js @@ -11,6 +11,7 @@ const publicRoutes = { '/connexion': ['GET'], '/contact': ['GET', 'POST'], '/membres': ['GET'], + '/projets': ['GET'], '/healthcheck': ['GET'], '/inscription': ['GET', 'POST'] }; From c7293924b7f727b92a7def608788173ea9c0867d Mon Sep 17 00:00:00 2001 From: loic Date: Sun, 25 Nov 2018 11:08:33 +0100 Subject: [PATCH 16/26] Update model --- src/models/Machines.js | 74 ++++++++++++++++++++++++++++++++++++++++++ src/models/Projects.js | 52 +++++++++++++++++++++++++++-- src/models/Users.js | 6 +++- 3 files changed, 128 insertions(+), 4 deletions(-) create mode 100644 src/models/Machines.js diff --git a/src/models/Machines.js b/src/models/Machines.js new file mode 100644 index 0000000..97b030b --- /dev/null +++ b/src/models/Machines.js @@ -0,0 +1,74 @@ +const { + attachDeleteByIds, + attachFindByIds, + attachUpdateByIds +} = require('../helpers/models'); + +const shortid = require('shortid'); + +const setClassMethods = Machines => { + Machines.findByIds = attachFindByIds(Machines); + + Machines.deleteByIds = attachDeleteByIds(Machines); + + Machines.deleteCascade = async (ids, models) => { + return Machines.deleteByIds(ids); + }; + + Machines.updateByIds = attachUpdateByIds(Machines); +}; + +module.exports = (sequelize, DataTypes) => { // NOSONAR + const Machines = sequelize.define('machines', { + + shortid: { + type: DataTypes.TEXT, + allowNull: false, + unique: 'machines_short_id' + }, + + name: { + type: DataTypes.TEXT, + allowNull: false + }, + + description: { + type: DataTypes.TEXT, + allowNull: false + }, + + // It cool be nice to store a susbset of HTML generated by a webeditor + longDescription: { + type: DataTypes.TEXT, + field: 'long_description' + }, + + createdAt: { + type: DataTypes.DATE, + field: 'created_at' + }, + + updatedAt: { + type: DataTypes.DATE, + field: 'updated_at' + }, + + deletedAt: { + type: DataTypes.DATE, + field: 'deleted_at' + } + }, { + timestamps: true, + paranoid: true, + hooks: { + beforeCreate (result, options) { + result.shortId = shortid.generate(); + } + }, + indexes: [] + }); + + setClassMethods(Machines); + + return Machines; +}; diff --git a/src/models/Projects.js b/src/models/Projects.js index 2358fda..08f6da5 100644 --- a/src/models/Projects.js +++ b/src/models/Projects.js @@ -21,9 +21,8 @@ const setClassMethods = Projects => { module.exports = (sequelize, DataTypes) => { // NOSONAR const Projects = sequelize.define('projects', { - shortid: { + shortId: { type: DataTypes.TEXT, - allowNull: false, unique: 'projects_short_id' }, @@ -32,16 +31,46 @@ module.exports = (sequelize, DataTypes) => { // NOSONAR allowNull: false }, + // Project URL key + slug: { + type: DataTypes.STRING, + allowNull: false + }, + + imageLink: { + type: DataTypes.STRING, + field: 'image_link' + }, + description: { type: DataTypes.TEXT, allowNull: false }, + // Store Quill Delta object + longDescription: { + type: DataTypes.TEXT, + field: 'long_description' + }, + + // Hold id[] of machines used in project. + // WARN: Not Database-agnostic + machines: { + type: DataTypes.ARRAY(DataTypes.SMALLINT) + }, + link: { type: DataTypes.TEXT, allowNull: false }, + // Wether or not the project can be visible publicly + privacyLevel: { + type: DataTypes.STRING, + allowNull: false, + field: 'privacy_level' + }, + createdAt: { type: DataTypes.DATE, field: 'created_at' @@ -64,10 +93,27 @@ module.exports = (sequelize, DataTypes) => { // NOSONAR result.shortId = shortid.generate(); } }, - indexes: [] + indexes: [{ + unique: true, + fields: ['slug'] + }] }); setClassMethods(Projects); + Projects.privacyLevels = { + PRIVATE: 'private', + MEMBERS: 'members', + PUBLIC: 'public' + }; + + Projects.associate = models => { + Projects.belongsToMany(models.users, { + through: 'user_projects', + as: 'users', + foreignKey: 'projectId' + }); + }; + return Projects; }; diff --git a/src/models/Users.js b/src/models/Users.js index 8c30a87..06f910b 100644 --- a/src/models/Users.js +++ b/src/models/Users.js @@ -158,7 +158,11 @@ module.exports = (sequelize, DataTypes) => { // NOSONAR setClassMethods(Users); Users.associate = models => { - Users.hasMany(models.projects); + Users.belongsToMany(models.projects, { + through: 'user_projects', + as: 'projects', + foreignKey: 'userId' + }); Users.hasMany(models.bills); Users.hasMany(models.subscribtions); Users.hasMany(models.billingdetails); From 16dae9b0445ac201165e9cd485471bc2b024ca12 Mon Sep 17 00:00:00 2001 From: loic Date: Sun, 25 Nov 2018 11:08:59 +0100 Subject: [PATCH 17/26] Load express-sanitizer --- src/server.js | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/server.js b/src/server.js index 63e5477..4f60f26 100644 --- a/src/server.js +++ b/src/server.js @@ -3,6 +3,7 @@ const qs = require('qs'); const express = require('express'); const bodyParser = require('body-parser'); const path = require('path'); +const expressSanitizer = require('express-sanitizer'); const ManagedError = require('saga-managed-error'); const favicon = require('serve-favicon'); const sassMiddleware = require('node-sass-middleware'); @@ -57,6 +58,8 @@ module.exports = () => { }) ); + app.use(expressSanitizer()); + app.use(favicon('./src/static/images/favicon.ico')); app.use(express.static('./src/static/')); From 972b924317b3cd88cd8d8462e98d679b4a941dde Mon Sep 17 00:00:00 2001 From: loic Date: Sun, 25 Nov 2018 11:09:48 +0100 Subject: [PATCH 18/26] Create custom validation for project --- .../validation/project.constraints.js | 47 +++++++++++++++++++ src/resources/validation/validators.js | 31 ++++++++++++ 2 files changed, 78 insertions(+) create mode 100644 src/resources/validation/project.constraints.js create mode 100644 src/resources/validation/validators.js diff --git a/src/resources/validation/project.constraints.js b/src/resources/validation/project.constraints.js new file mode 100644 index 0000000..a15ef42 --- /dev/null +++ b/src/resources/validation/project.constraints.js @@ -0,0 +1,47 @@ +/* +This file holds the validation constraints applied on a project creation form + */ + +const validators = require('./validators'); +const validate = require('validate.js'); + +validate.validators.asyncUniqueSlugValidator = validators.uniqueInTableValidator('projects', 'slug'); + +module.exports.projectConstraints = context => () => ({ + + title: { + presence: { + message: 'Le titre doit être spécifié' + } + }, + description: { + + }, + // No constraints on edition + slug: context && context === 'edit' ? {} : { + presence: { + message: 'Le slug doit être spécifié' + }, + asyncUniqueSlugValidator: { + message: 'Cette adresse est déjà occupée...' + }, + format: { + pattern: /^[a-z0-9]+(?:-[a-z0-9]+)*$/, + message: 'Le slug doit respecter ce format : je-suis-un-slug' + } + }, + long_description: { + + }, + imageLink: { + + }, + link: { + + }, + privacy_level: { + presence: { + message: 'Le niveau de confidentialité doit être spécifié' + } + } +}); diff --git a/src/resources/validation/validators.js b/src/resources/validation/validators.js new file mode 100644 index 0000000..93e757a --- /dev/null +++ b/src/resources/validation/validators.js @@ -0,0 +1,31 @@ +/* +This file holds custom validators for validate.js + */ + +const models = require('../../models'); + +const validate = require('validate.js'); + +/** + * Check if a database record exists with : entityName.attribute = value + * @param {string} entityName Table name + * @param {string} attribute Column name + * @return {?string} message or undefined + */ +module.exports.uniqueInTableValidator = (entityName, attribute) => (value, attributes, attributeName, options, constraints) => { + return new validate.Promise(function (resolve, reject) { + + models[entityName].find({ + here: { + [attribute]: value + } + }) + .then((response) => { + resolve(response !== null ? attributes.message : undefined); + }) + .catch((e) => { + console.error(e); + resolve(options.message); + }); + }); +}; From ebd73798ccb1c7a16922f2e2089542596f9d6bce Mon Sep 17 00:00:00 2001 From: loic Date: Sun, 25 Nov 2018 11:10:27 +0100 Subject: [PATCH 19/26] Create public project pages --- src/controllers/projets/index.js | 49 ++++++++++++++++++++++++++++++++ src/views/projects/index.ejs | 23 +++++++++++++++ src/views/projects/project.ejs | 33 +++++++++++++++++++++ 3 files changed, 105 insertions(+) create mode 100644 src/controllers/projets/index.js create mode 100644 src/views/projects/index.ejs create mode 100644 src/views/projects/project.ejs diff --git a/src/controllers/projets/index.js b/src/controllers/projets/index.js new file mode 100644 index 0000000..37a1889 --- /dev/null +++ b/src/controllers/projets/index.js @@ -0,0 +1,49 @@ +const QuillDeltaToHtmlConverter = require('quill-delta-to-html').QuillDeltaToHtmlConverter; + +const models = require('../../models'); +const views = require('../../views'); + +module.exports.read = async (params, meta) => { + // Privacy level according to user identity + const privacyLevel = meta.user ? [models.projects.privacyLevels.MEMBERS, models.projects.privacyLevels.PUBLIC] : models.projects.privacyLevels.PUBLIC; + + // Asking for one particular project + if (params.id) { + const project = await models.projects.find({ + where: { + slug: params.id, + privacyLevel: privacyLevel + }, + raw: true + }); + + if (!project) { + return 404; + } + + // Convert Quill Delta object to HTML + var converter = new QuillDeltaToHtmlConverter(project.longDescription, {}); + var projectLongDescriptionHtml = converter.convert(); + + return views.render('./src/views/projects/project.ejs', { + user: meta.user, + project: project, + projectLongDescriptionHtml + }); + } + + const projects = await models.projects.findAll({ + where: { + privacyLevel: privacyLevel + }, + include: [{ + model: models.users, + as: 'users' + }] + }); + + return views.render('./src/views/projects/index.ejs', { + user: meta.user, + projects: projects + }); +}; diff --git a/src/views/projects/index.ejs b/src/views/projects/index.ejs new file mode 100644 index 0000000..7cd669a --- /dev/null +++ b/src/views/projects/index.ejs @@ -0,0 +1,23 @@ +<%- include('../layout/top', {page: 'projets'}); %> + +
    +
    +
    +

    Projets + <% if (user) { %> + | Mes projets + <% } %> +

    +
    +
    + +
    +
    +

    Retrouvez ici quelques projets réalisés par les Fabiens

    +
    +
    + <%- include("../_partials/projectList.ejs", {projects, user}) %> +
    +
    +
    +<%- include('../layout/bottom'); %> diff --git a/src/views/projects/project.ejs b/src/views/projects/project.ejs new file mode 100644 index 0000000..7cb2ebc --- /dev/null +++ b/src/views/projects/project.ejs @@ -0,0 +1,33 @@ +<%- include('../layout/top', {page: 'projets'}); %> +
    +
    +
    +

    + <%= project.title %> +

    + + <% if (project.link) { %> + Voir le projet sur Github + <% } %> + +

    + <%= project.description %> +

    + +
    +
    + +
    +
    + <%- projectLongDescriptionHtml %> +
    +
    + +
    +
    + +
    +
    +
    +
    +
    From ffd722c5562f53f5ca43e0711acb313dde559987 Mon Sep 17 00:00:00 2001 From: loic Date: Sun, 25 Nov 2018 11:13:04 +0100 Subject: [PATCH 20/26] Create menu entries --- src/views/layout/top.ejs | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/views/layout/top.ejs b/src/views/layout/top.ejs index 0f3b3d3..c39a17d 100644 --- a/src/views/layout/top.ejs +++ b/src/views/layout/top.ejs @@ -25,6 +25,11 @@
  • Membres
    • + +
  • + Projets +
    • +
  • Contactez-nous
    • @@ -44,6 +49,8 @@
  • + Mes projets +
    Editer mon profil Editer mon adresse
    From 9dea0f1ce1ce50bb2510c64d08a8c9d1b7591f9d Mon Sep 17 00:00:00 2001 From: loic Date: Sun, 25 Nov 2018 11:14:02 +0100 Subject: [PATCH 21/26] Add hook to add scripts/stylessheets Seems that there is a code formatting conflict --- src/views/layout/bottom.ejs | 69 +++++++++++++++++++++++-------------- 1 file changed, 44 insertions(+), 25 deletions(-) diff --git a/src/views/layout/bottom.ejs b/src/views/layout/bottom.ejs index f7b38ba..43e20f1 100644 --- a/src/views/layout/bottom.ejs +++ b/src/views/layout/bottom.ejs @@ -1,27 +1,46 @@ -
    -
    -
    -
    -


    OpenFab adhère à la charte des FabLabs et est reconnu par la Benelux Fab Foundation

    -
    -
    -

    - Suis nous -

    - - -
    - - - -
    -
    -


    This work is licensed under a Creative Commons Attribution NonCommercial ShareAlike 4.0 International License.
    - Design by ZuperNinja and Satblip with BootStrap and french fries.

    -
    -
    -
    +
    +
    +
    +
    +


    OpenFab adhère à la charte des FabLabs et est reconnu par la Benelux Fab Foundation

    +
    +
    +

    - Suis nous -

    + + +
    + + + +
    +
    +


    This work is licensed under a Creative Commons Attribution NonCommercial ShareAlike 4.0 International License.
    + Design by ZuperNinja and Satblip with BootStrap and french fries.

    +
    +
    +
    + + + + + + +<% if (typeof additionalLinks !== 'undefined' && additionalLinks instanceof Array) { + for (link of additionalLinks) { %> + +<% }} %> + +<% if (typeof additionalScripts !== 'undefined' && additionalScripts instanceof Array) { + for (script of additionalScripts) { %> + +<% }} %> + + + - - - - From 6409fd1e1cbbde237ad27733f9965dd60c26ec00 Mon Sep 17 00:00:00 2001 From: loic Date: Sun, 25 Nov 2018 11:14:51 +0100 Subject: [PATCH 22/26] Create partials for project list, form, and user icon --- src/views/_partials/projectForm.ejs | 145 ++++++++++++++++++++++++++++ src/views/_partials/projectList.ejs | 42 ++++++++ src/views/_partials/userIcon.ejs | 13 +++ 3 files changed, 200 insertions(+) create mode 100644 src/views/_partials/projectForm.ejs create mode 100644 src/views/_partials/projectList.ejs create mode 100644 src/views/_partials/userIcon.ejs diff --git a/src/views/_partials/projectForm.ejs b/src/views/_partials/projectForm.ejs new file mode 100644 index 0000000..bb6854b --- /dev/null +++ b/src/views/_partials/projectForm.ejs @@ -0,0 +1,145 @@ + + + + <% if(returningNewProject.id) { %> + + <% } %> + + +
    +
    + +
    + + +
    + +
    + + +
    + +
    + + +
    +
    + +
    +
    + + <%# MaxLenght due to use in meta description %> + +
    +
    + +
    + + +
    +
    + +
    +

    Hello World!

    +

    Some initial bold text

    +


    +
    + +
    +
    + +
    +
    +
    + + +
    +
    + +
    +
    + + +
    +
    +
    + +
    + +
    +

    Membres

    +
      + <% for (u of users) { %> +
    • + +
      • + <% } %> +
    +
    + + +
    +

    Machines

    +
    +
    + +
    +
    +
    + + +
    +
    +
    + + + +
    + diff --git a/src/views/_partials/projectList.ejs b/src/views/_partials/projectList.ejs new file mode 100644 index 0000000..08b04ca --- /dev/null +++ b/src/views/_partials/projectList.ejs @@ -0,0 +1,42 @@ +<% let isEditable = false; %> + +
    + + <% if(!projects || !projects.length) { %> +

    Il n"y a aucun projet à afficher...

    + <% } else { %> + + <% for (p of projects) { %> + <% isEditable = false; %> + +
    +
    + + +
    +     + +
    + +
    + <%= p.title %> +
    +     +

    + <%= p.description %> +

    +
    + +
    + <% p.users.forEach(u => { %> + <%- include("./userIcon.ejs", { user:u }) %> + <% if (u.id === user.id) { isEditable = true;} %> + <% }); %> + <% if (isEditable) { %> + + <% } %> +
    +
    +
    + <% }} %> +
    diff --git a/src/views/_partials/userIcon.ejs b/src/views/_partials/userIcon.ejs new file mode 100644 index 0000000..ea588b2 --- /dev/null +++ b/src/views/_partials/userIcon.ejs @@ -0,0 +1,13 @@ +<% if(typeof link === "undefined" || link === true){ %> + + <% } %> + +
    data-toggle="tooltip" + <% } %> + data-placement="right" title=" + <%= `${user.firstName} ${user.lastName}` %>"> +
    + + <% if(typeof link === "undefined" || link === true){ %> +     +<% } %> From 6836773700a6c891963889c1ab1385c8b6251f33 Mon Sep 17 00:00:00 2001 From: loic Date: Sun, 25 Nov 2018 11:15:44 +0100 Subject: [PATCH 23/26] Create project-related private pages --- src/controllers/perso/projets/edit.js | 160 +++++++++++++++++++++++ src/controllers/perso/projets/index.js | 42 ++++++ src/controllers/perso/projets/nouveau.js | 106 +++++++++++++++ src/views/perso/projects/edit.ejs | 29 ++++ src/views/perso/projects/index.ejs | 20 +++ src/views/perso/projects/new.ejs | 29 ++++ src/views/perso/projects/project.ejs | 44 +++++++ 7 files changed, 430 insertions(+) create mode 100644 src/controllers/perso/projets/edit.js create mode 100644 src/controllers/perso/projets/index.js create mode 100644 src/controllers/perso/projets/nouveau.js create mode 100644 src/views/perso/projects/edit.ejs create mode 100644 src/views/perso/projects/index.ejs create mode 100644 src/views/perso/projects/new.ejs create mode 100644 src/views/perso/projects/project.ejs diff --git a/src/controllers/perso/projets/edit.js b/src/controllers/perso/projets/edit.js new file mode 100644 index 0000000..cdce26e --- /dev/null +++ b/src/controllers/perso/projets/edit.js @@ -0,0 +1,160 @@ +const Sequelize = require('sequelize'); +const Op = Sequelize.Op; + +const models = require('../../../models'); +const validate = require('validate.js'); + +const views = require('../../../views'); +const view = './src/views/perso/projects/edit.ejs'; + +// Form validation constraints +const { + projectConstraints +} = require('../../../resources/validation/project.constraints'); +const editProjectConstraints = projectConstraints('edit'); + +module.exports.read = async (params, meta) => { + const project = await models.projects.findOne({ + where: { + slug: params.id + } + }); + + if (!project) { + return 404; + } + + // Check if logged user belongs to the project + const users = await project.getUsers(); + if (!users.find(u => u.id === meta.user.id)) { + return 403; + } + // Store information in the object + project.users = users; + + const allUsers = await models.users.findAll({ + where: { + id: { + [Op.ne]: meta.user.id + } + }, + attributes: { + exclude: ['password'] + } + }); + + return views.render(view, { + user: meta.user, + + showLabel: true, + formAction: '.', + privacyLevels: models.projects.privacyLevels, + users: allUsers, + + returningNewProject: project, + errors: null + }); +}; + +// Using create hook to keep working directly with
    +module.exports.create = async (params, meta, req, res) => { + const allUsers = await models.users.findAll({ + where: { + id: { + [Op.ne]: meta.user.id + } + }, + attributes: { + exclude: ['password'] + } + }); + + // Form validation + try { + await validate.async(params, editProjectConstraints); + } catch (e) { + return views.render(view, { + user: meta.user, + privacyLevels: models.projects.privacyLevels, + users: allUsers, + + returningNewProject: req.body, + errors: e + }); + } + + const project = await models.projects.findOne({ + where: { + id: req.body.projectId + } + }); + + if (!project) { + return 404; + } + + // Check if logged user belongs to the project + const users = await project.getUsers(); + if (!users.find(u => u.id === meta.user.id)) { + return 403; + } + + return models.projects.update({ + title: req.body.title, + description: req.body.description, + // Cannot update slug + // slug: req.body.slug, + longDescription: req.body.long_description, + link: req.body.link, + privacyLevel: req.body.privacy_level + }, { + where: { + id: project.id + } + }) + .then(result => { + return { + redirect: `/perso/projets/${project.slug}` + // TODO: add succes message + }; + }) + .catch(async error => { + console.error(error); + + return views.render(view, { + user: meta.user, + users: allUsers, + returningNewProject: req.body, + errors: error.original.detail, + + showLabel: true, + formAction: '.', + privacyLevels: models.projects.privacyLevels + }); + }); +}; + +module.exports.destroy = async (params, meta, req, res) => { + const project = await models.projects.findById(params.id); + + if (!project) { + return 400; + } + + // Check if logged user belongs to the project + const users = await project.getUsers(); + if (!users.find(u => u.id === meta.user.id)) { + return 403; + } + + models.projects.destroy({ + where: { + id: project.id + } + }) + .then(() => 200) + .catch((e) => { + console.error(e); + return 500; + }); +}; diff --git a/src/controllers/perso/projets/index.js b/src/controllers/perso/projets/index.js new file mode 100644 index 0000000..7cbbe6f --- /dev/null +++ b/src/controllers/perso/projets/index.js @@ -0,0 +1,42 @@ +var QuillDeltaToHtmlConverter = require('quill-delta-to-html').QuillDeltaToHtmlConverter; + +const models = require('../../../models'); + +const views = require('../../../views'); + +module.exports.read = async (params, meta) => { + const user = await models.users.findById(meta.user.id); + const projects = await user.getProjects({ + include: [{ + all: true + }] + }); + + if (params.id) { + console.log(params.id); + // @TODO: escape param + const filteredProjects = projects.filter((p) => p.slug === params.id); + + if (!filteredProjects.length) { + // 404 + return 404; + } + + const project = filteredProjects[0]; + // Convert Quill Delta object to HTML + const converter = new QuillDeltaToHtmlConverter(project.longDescription, {}); + const projectLongDescriptionHtml = converter.convert(); + + console.debug(project); + return views.render('./src/views/perso/projects/project.ejs', { + user: meta.user, + project: project, + projectLongDescriptionHtml + }); + } + + return views.render('./src/views/perso/projects/index.ejs', { + user: meta.user, + projects: projects + }); +}; diff --git a/src/controllers/perso/projets/nouveau.js b/src/controllers/perso/projets/nouveau.js new file mode 100644 index 0000000..36f943b --- /dev/null +++ b/src/controllers/perso/projets/nouveau.js @@ -0,0 +1,106 @@ +const models = require('../../../models'); +const Sequelize = require('sequelize'); +const Op = Sequelize.Op; +const validate = require('validate.js'); +const views = require('../../../views'); +const view = './src/views/perso/projects/new.ejs'; + +// Form validation constraints +const { + projectConstraints +} = require('../../../resources/validation/project.constraints'); +const projectCreationConstraints = projectConstraints('create'); + +module.exports.read = async (params, meta) => { + const allUsers = await models.users.findAll({ + where: { + id: { + [Op.ne]: meta.user.id + } + }, + attributes: { + exclude: ['password'] + } + }); + + return views.render(view, { + user: meta.user, + + privacyLevels: models.projects.privacyLevels, + users: allUsers, + + returningNewProject: {users: []}, + errors: null + }); +}; + +module.exports.create = async (params, meta, req, res) => { + const allUsers = await models.users.findAll({ + where: { + id: { + [Op.ne]: meta.user.id + } + }, + attributes: { + exclude: ['password'] + } + }); + + // Validation + try { + await validate.async(params, projectCreationConstraints); + } catch (e) { + console.error(e); + return views.render(view, { + user: meta.user, + privacyLevels: models.projects.privacyLevels, + users: allUsers, + + returningNewProject: req.body, + errors: e + }); + } + + // Create project + return models.projects.create({ + title: req.body.title, + description: req.body.description, + slug: req.body.slug, + // No escape on rendering + longDescription: req.sanitize(req.body.long_description), + imageLink: req.body.imageLink, + link: req.body.link, + privacyLevel: req.body.privacy_level + }) + .then(async result => { + // Add users relations + // Adding logged user id to the choice from form + const userIds = typeof params.users === 'string' ? [params.users, meta.user.id] : params.users.concat(meta.user.id); + const users = await models.users.findAll({ + where: { + id: { + [Op.in]: userIds.map(id => parseInt(id, 10)) + } + } + }); + + result.addUsers(users.map(u => u.id)); + + return { + redirect: '/perso/projets' + // TODO: add succes message + }; + }) + .catch(error => { + console.error(error); + + return views.render(view, { + user: meta.user, + returningNewProject: req.body, + users: allUsers, + privacyLevels: models.projects.privacyLevels, + + errors: 'Erreur' + }); + }); +}; diff --git a/src/views/perso/projects/edit.ejs b/src/views/perso/projects/edit.ejs new file mode 100644 index 0000000..df064ac --- /dev/null +++ b/src/views/perso/projects/edit.ejs @@ -0,0 +1,29 @@ +<%- include('../../layout/top', {page: 'projets'}); %> + +
    +
    +
    +

    Édition

    +
    +
    + + <% if (errors) { for (key of Object.keys(errors)) { %> +
    +
    + +
    +
    + <% }} %> + +
    +
    + <%- include("../../_partials/projectForm.ejs", { privacyLevels, users }) %> +
    +
    +
    +<%- include('../../layout/bottom', { + additionalScripts: ['//cdn.quilljs.com/1.3.6/quill.min.js', '/js/projectForm.js'], + additionalLinks: ['https://cdn.quilljs.com/1.3.6/quill.snow.css'] +}); %> diff --git a/src/views/perso/projects/index.ejs b/src/views/perso/projects/index.ejs new file mode 100644 index 0000000..9fb9d87 --- /dev/null +++ b/src/views/perso/projects/index.ejs @@ -0,0 +1,20 @@ +<%- include('../../layout/top', {page: 'projets'}); %> + +
    +
    +
    +

    Mes projets + + add + Créer + +

    +
    +
    +
    +
    + <%- include("../../_partials/projectList.ejs", {projects}) %> +
    +
    +
    +<%- include('../../layout/bottom'); %> diff --git a/src/views/perso/projects/new.ejs b/src/views/perso/projects/new.ejs new file mode 100644 index 0000000..0005d0d --- /dev/null +++ b/src/views/perso/projects/new.ejs @@ -0,0 +1,29 @@ +<%- include('../../layout/top', {page: 'projets'}); %> + +
    +
    +
    +

    Créer un projet

    +
    +
    + + <% if (errors) { for (key of Object.keys(errors)) { %> +
    +
    + +
    +
    + <% }} %> + +
    +
    + <%- include("../../_partials/projectForm.ejs", { privacyLevels:privacyLevels }) %> +
    +
    +
    +<%- include('../../layout/bottom', { + additionalScripts: ['//cdn.quilljs.com/1.3.6/quill.min.js', '/js/projectForm.js'], + additionalLinks: ['https://cdn.quilljs.com/1.3.6/quill.snow.css'] +}); %> diff --git a/src/views/perso/projects/project.ejs b/src/views/perso/projects/project.ejs new file mode 100644 index 0000000..e73db55 --- /dev/null +++ b/src/views/perso/projects/project.ejs @@ -0,0 +1,44 @@ +<%- include('../../layout/top', {page: 'projets'}); %> + +
    +
    +
    +

    + <%= project.title %> + + <% if (user) { %> + Éditer + <% } %> +

    + + <% if (project.link) { %> + Voir le projet sur Github + <% } %> + +

    + <%= project.description %> +

    + +
    +
    + <% project.users.forEach(u => { %> + <%= u.name %> + <% }); %> +
    +
    + +
    +
    + <%- projectLongDescriptionHtml %> +
    +
    + +
    +
    + +
    +
    +
    +
    +
    +<%- include('../../layout/bottom'); %> From 4d571a2636d537f42ec8fe3138682b9223979626 Mon Sep 17 00:00:00 2001 From: loic Date: Sun, 25 Nov 2018 11:16:44 +0100 Subject: [PATCH 24/26] Create script for form edition. Handling ajax deletion, quill editor management --- src/static/js/projectForm.js | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 src/static/js/projectForm.js diff --git a/src/static/js/projectForm.js b/src/static/js/projectForm.js new file mode 100644 index 0000000..3344a55 --- /dev/null +++ b/src/static/js/projectForm.js @@ -0,0 +1,34 @@ +'use strict'; + +$().ready(function () { + // Deletion + document.querySelector('#js-delete-project').onclick = function () { + // Send ajax request + $.ajax({ + method: 'DELETE', + url: '.', + data: { + id: '<%= returningNewProject.id %>' + } + }) + .done(function (msg) { + console.log(msg); + window.location = '/perso/projets'; + }) + .fail((e) => { + console.error(e); + alert('Échec de la suppression'); + }); + } + + // On submission, put quill editor data in corresponding field + document.querySelector('#js-project-form').onSubmit = function () { + document.querySelector('input[name=long_description]').value = JSON.stringify(projectContentEditor.getContents()); + return true; + } + + // Initialize Quill editor + window.projectContentEditor = new Quill('#editor', { + theme: 'snow' + }); +}); From 02fa6cfba22a234066ed8a2d50876845ea3ce5bf Mon Sep 17 00:00:00 2001 From: loic Date: Sun, 25 Nov 2018 11:17:13 +0100 Subject: [PATCH 25/26] Adapt members page to the new project architecture --- src/controllers/membres.js | 17 ++++++++++++----- src/views/membre.ejs | 12 +----------- 2 files changed, 13 insertions(+), 16 deletions(-) diff --git a/src/controllers/membres.js b/src/controllers/membres.js index cd45a3f..7e9dbef 100644 --- a/src/controllers/membres.js +++ b/src/controllers/membres.js @@ -12,17 +12,24 @@ module.exports.read = async (params, meta) => { where: { passportId: params.id }, - attributes: { exclude: ['password'] }, - raw: true + attributes: { exclude: ['password'] } }); + if (!member) { + return 404; + } + member.hashedEmail = hashEmail.hashMd5(member.email); + const privacyLevel = meta.user ? [models.projects.privacyLevels.MEMBERS, models.projects.privacyLevels.PUBLIC] : models.projects.privacyLevels.PUBLIC; - const projects = await models.projects.findAll({ + const projects = await member.getProjects({ where: { - userId: member.id + privacyLevel: privacyLevel }, - raw: true + include: [{ + model: models.users, + as: 'users' + }] }); return views.render('./src/views/membre.ejs', { diff --git a/src/views/membre.ejs b/src/views/membre.ejs index a0c5fd5..d8db5c4 100644 --- a/src/views/membre.ejs +++ b/src/views/membre.ejs @@ -27,17 +27,7 @@

    Projets :

    - -
    - <% projects.forEach(function (project) { %> - -
    -
    <%- project.title %>
    -
    -

    <%- project.description %>

    -     - <% }) %> -
    + <%- include("./_partials/projectList.ejs", {projects, undefined}) %>
    From f9d31afe5ea29ee9a5f7dfed825f6824e13f231b Mon Sep 17 00:00:00 2001 From: loic Date: Sun, 25 Nov 2018 11:18:00 +0100 Subject: [PATCH 26/26] Various style additions related to projects --- src/scss/_members.scss | 45 +++++++++++++++++++++++++++++++++++++++++ src/scss/_projects.scss | 22 ++++++++++++++++++++ src/scss/styles.scss | 1 + 3 files changed, 68 insertions(+) create mode 100644 src/scss/_projects.scss diff --git a/src/scss/_members.scss b/src/scss/_members.scss index bdf79ce..6f38d92 100644 --- a/src/scss/_members.scss +++ b/src/scss/_members.scss @@ -1,3 +1,48 @@ .card-bottom { margin-bottom: 15px; } + +.user-icon { + height: 3em; + width: 3em; + border-radius: 50%; + background-repeat: no-repeat; + background-position: center; + background-size: cover; +} + +%cardHover { + background-color: $lightgrey; + cursor: pointer; +} + +.user-list-item:checked + .card { + background-color: lighten($lightgrey, 5); + + &:hover { + @extend %cardHover; + } +} + +.card:hover { + @extend %cardHover; +} + +.select-user-option { + label { + width: 100%; + } + + .card-body { + padding: 0.25em; + } + + .user-icon { + display: inline-block; + height: 2em; + margin-left: .5em; + margin-right: .75em; + width: 2em; + vertical-align: middle; + } +} diff --git a/src/scss/_projects.scss b/src/scss/_projects.scss new file mode 100644 index 0000000..edb3d5d --- /dev/null +++ b/src/scss/_projects.scss @@ -0,0 +1,22 @@ +.project-list { + +} + +.project { + + .card-footer { + padding: .5em; + + a { + display: inline-block; + } + } +} + +.project-image { + background-position: center; + background-size: contain; + background-repeat: no-repeat; + + height: 12em; +} diff --git a/src/scss/styles.scss b/src/scss/styles.scss index 88e939b..cf6187e 100644 --- a/src/scss/styles.scss +++ b/src/scss/styles.scss @@ -7,3 +7,4 @@ @import "home"; @import "members"; @import "profile"; +@import "projects";