From 89ec2312f8ddc231288a7263ab5d0c5d9522708e Mon Sep 17 00:00:00 2001 From: z1glr Date: Mon, 27 Jan 2025 22:48:18 +0000 Subject: [PATCH] added validaton for assigning users to events --- .../pkg/db/availabilities/availabilities.go | 8 ++++--- backend/pkg/db/events/events.go | 14 ++++++++++- backend/pkg/router/events.go | 24 +++++++++++++------ backend/pkg/router/router.go | 4 ++-- backend/setup.sql | 2 +- 5 files changed, 38 insertions(+), 14 deletions(-) diff --git a/backend/pkg/db/availabilities/availabilities.go b/backend/pkg/db/availabilities/availabilities.go index 733a723..ce29d59 100644 --- a/backend/pkg/db/availabilities/availabilities.go +++ b/backend/pkg/db/availabilities/availabilities.go @@ -4,8 +4,10 @@ import ( "github.com/johannesbuehl/golunteer/backend/pkg/db" ) +type AvailabilityID int + type AvailabilityDB struct { - AvailabilityID int `db:"availabilityID" json:"availabilityID" validate:"required"` + AvailabilityID AvailabilityID `db:"availabilityID" json:"availabilityID" validate:"required"` Availability `validate:"required"` } @@ -38,12 +40,12 @@ func Slice() ([]AvailabilityDB, error) { } } -func Keys() (map[int]Availability, error) { +func Keys() (map[AvailabilityID]Availability, error) { if availabilitiesRaw, err := Slice(); err != nil { return nil, err } else { // convert the result in a map - availabilities := map[int]Availability{} + availabilities := map[AvailabilityID]Availability{} for _, a := range availabilitiesRaw { availabilities[a.AvailabilityID] = Availability{ diff --git a/backend/pkg/db/events/events.go b/backend/pkg/db/events/events.go index 670bb5b..7bf53e2 100644 --- a/backend/pkg/db/events/events.go +++ b/backend/pkg/db/events/events.go @@ -235,6 +235,18 @@ func WithAvailabilities() ([]EventWithAvailabilities, error) { } } +func GetUserAvailability(eventID int, userName string) (*availabilities.AvailabilityID, error) { + var availabilityID struct { + AvailabilityID *availabilities.AvailabilityID `db:"availabilityID"` + } + + if err := db.DB.QueryRowx("SELECT availabilityID FROM USER_AVAILABILITIES WHERE eventID = $1 AND userName = $2", eventID, userName).StructScan(&availabilityID); err != nil { + return availabilityID.AvailabilityID, err + } else { + return availabilityID.AvailabilityID, nil + } +} + func WithUserAvailability(userName string) ([]EventWithAssignmentsUserAvailability, error) { var events []EventWithAssignmentsUserAvailability @@ -325,7 +337,7 @@ func User(userName string) ([]EventWithAssignments, error) { } // set the availability of an user for a specific event -func UserAvailability(eventID, availabilityID int, userName string) error { +func SetUserAvailability(eventID, availabilityID int, userName string) error { _, err := db.DB.Exec("INSERT INTO USER_AVAILABILITIES (userName, eventID, availabilityID) VALUES ($1, $2, $3) ON CONFLICT (userName, eventID) DO UPDATE SET availabilityID = $3", userName, eventID, availabilityID) return err diff --git a/backend/pkg/router/events.go b/backend/pkg/router/events.go index 5d34692..fdfbf22 100644 --- a/backend/pkg/router/events.go +++ b/backend/pkg/router/events.go @@ -146,12 +146,14 @@ func (a *Handler) putEventUserAvailability() { a.Status = fiber.StatusBadRequest logger.Log().Msgf("setting user-event-availability failed: can't get parse: %v", err) - + } else { + // if there was already an availability entered for this user-event-combi, check for existing assignments and remove them // insert the availability into the database - } else if err := events.UserAvailability(eventID, availabilityID, a.UserName); err != nil { - a.Status = fiber.StatusInternalServerError + if err := events.SetUserAvailability(eventID, availabilityID, a.UserName); err != nil { + a.Status = fiber.StatusInternalServerError - logger.Error().Msgf("setting user-event-availability failed: can't write availability to database: %v", err) + logger.Error().Msgf("setting user-event-availability failed: can't write availability to database: %v", err) + } } } } @@ -173,13 +175,22 @@ func (a *Handler) putEventAssignment() { } else if taskID := a.C.QueryInt("taskID", -1); taskID == -1 { a.Status = fiber.StatusBadRequest - logger.Warn().Msg("setting event-assignment failed: query is missing \"taskID\"") + logger.Log().Msg("setting event-assignment failed: query is missing \"taskID\"") // parse the body } else if userName := string(a.C.Body()); userName == "" { a.Status = fiber.StatusBadRequest - logger.Warn().Msg("setting event-assignment failed: body is missing") + logger.Log().Msg("setting event-assignment failed: body is missing") + // check wether the user has actually entered an availability for the event + } else if availabilityID, err := events.GetUserAvailability(eventID, userName); err != nil { + a.Status = fiber.StatusBadRequest + + logger.Log().Msgf("setting event-assignment failed: can't check users availability: %v", err) + } else if availabilityID == nil { + a.Status = fiber.StatusConflict + + logger.Log().Msgf("setting event-assignment failed: user %q isn't available for event with eventID = %d", userName, eventID) // set the availability in the database } else if err := events.SetAssignment(eventID, taskID, userName); err != nil { @@ -187,7 +198,6 @@ func (a *Handler) putEventAssignment() { logger.Warn().Msgf("setting event-assignment failed: can't write to database: %v", err) } - } func (a *Handler) deleteEventAssignment() { diff --git a/backend/pkg/router/router.go b/backend/pkg/router/router.go index e956044..5fbce0d 100644 --- a/backend/pkg/router/router.go +++ b/backend/pkg/router/router.go @@ -146,10 +146,10 @@ func init() { args.Status = fiber.StatusUnauthorized logger.Log().Msgf("user not authorized") + } else { + handler(&args) } - handler(&args) - return args.send(c) }) } diff --git a/backend/setup.sql b/backend/setup.sql index d66c05a..262c40f 100644 --- a/backend/setup.sql +++ b/backend/setup.sql @@ -15,7 +15,7 @@ CREATE TABLE IF NOT EXISTS USERS ( userName varchar(64) PRIMARY KEY, password BLOB NOT NULL, admin BOOL NOT NULL DEFAULT(false), - tokenID varchar(64) NOT NULL, + tokenID varchar(36) NOT NULL, CHECK (length(password) = 60), CHECK (length(tokenID) = 36) );