refuses to load private bins; fixed NodeJS startup error connectiong to Postgres
This commit is contained in:
brian
+92
-57
@@ -30,40 +30,13 @@ const load_notes_stmt =
|
||||
+" JOIN note AS n"
|
||||
+" ON n.id = bn.note_id"
|
||||
+" WHERE bn.bin_id = $1";
|
||||
// {bin_id}
|
||||
router.post('/load-notes', (req, res)=>{
|
||||
const bin_id = req.body.bin_id;
|
||||
db.query(load_notes_stmt, [bin_id])
|
||||
.then(result => {
|
||||
res.json({success:true, notes:result.rows})
|
||||
});
|
||||
});
|
||||
|
||||
const load_bin_stmt =
|
||||
"SELECT b.id, b.name FROM bin AS b"
|
||||
"SELECT b.id, b.name, bu.user_id as owner_user_id, s.user_id as session_user_id FROM bin AS b"
|
||||
+" FULL JOIN bin_user AS bu" // we want the bin regardless of whether it has an associated user, hence LEFT JOIN
|
||||
+" ON bu.bin_id = b.id"
|
||||
+" INNER JOIN session AS s"
|
||||
+" ON (bu.bin_id IS NULL) OR (s.id = $2 AND s.user_id = bu.user_id)"
|
||||
+" FULL JOIN session AS s"
|
||||
+" ON s.id = $2"
|
||||
+" WHERE b.id = $1";
|
||||
router.post('/load-bin', (req, res)=>{
|
||||
const {bin_id, session_id} = req.body;
|
||||
// if a bin has no associated user, it's considered public and can be accessed even when not logged-in.
|
||||
// if a bin has an associated user, it can only be accessed by that user
|
||||
db.query(load_bin_stmt, [bin_id, session_id])
|
||||
.then(result => {
|
||||
const bin = result.rows[0];
|
||||
// if a bin with given id was found:
|
||||
if(result.rows.length>0){
|
||||
res.json({success:true, bin:{id:bin.id, name:bin.name}});
|
||||
}
|
||||
else{
|
||||
res.json({success:true, bin:{id:bin_id, name:bin_id}});
|
||||
}
|
||||
});
|
||||
// {status: 'ok', bin:{id:bin.id}, notes: bin.notes}
|
||||
});
|
||||
|
||||
const search_stmt =
|
||||
"SELECT n.id, n.text, n.modified FROM note AS n"
|
||||
+" INNER JOIN bin_note AS bn"
|
||||
@@ -71,15 +44,6 @@ const search_stmt =
|
||||
+" WHERE n.text LIKE '%' || $1 || '%'"; // need to use string concat otherwise the `$1` is viewed as part of the string instead of a placeholder
|
||||
const order_desc_stmt = " ORDER BY n.modified DESC";
|
||||
const order_asc_stmt = " ORDER BY n.modified ASC";
|
||||
// {search_term, sorting, bin_id}
|
||||
router.post('/search', (req, res)=>{
|
||||
const {search_term, bin_id, sorting} = req.body;
|
||||
db.query(search_stmt+(sorting==='old->new'?order_asc_stmt:order_desc_stmt), [search_term, bin_id])
|
||||
.then(result => {
|
||||
res.json({success:true, notes:result.rows});
|
||||
});
|
||||
});
|
||||
|
||||
const upsert_note_stmt =
|
||||
"INSERT INTO note (id, text, modified) VALUES ($1, $2, NOW())"
|
||||
+" ON CONFLICT (id)"
|
||||
@@ -97,6 +61,93 @@ const upsert_bin_user_stmt =
|
||||
+" (SELECT $1, s.user_id FROM session AS s WHERE s.id = $2)"
|
||||
+" ON CONFLICT (bin_id, user_id)"
|
||||
+" DO NOTHING";
|
||||
const login_check_stmt =
|
||||
"SELECT id, password FROM user_ AS u"
|
||||
+" WHERE u.username = $1";
|
||||
const register_stmt =
|
||||
"INSERT INTO user_ (id, username, password) VALUES ($1, $2, $3)";
|
||||
const session_create_stmt =
|
||||
"INSERT INTO session (id, user_id) VALUES ($1, $2)";
|
||||
const user_bin_list_stmt =
|
||||
"SELECT b.id, b.name FROM bin_user AS bu"
|
||||
+" INNER JOIN bin AS b"
|
||||
+" ON bu.bin_id = b.id"
|
||||
+" WHERE bu.user_id = $1";
|
||||
const delete_session_stmt =
|
||||
"DELETE FROM session WHERE id = $1";
|
||||
const rename_bin_stmt =
|
||||
"INSERT INTO bin (id, name) VALUES ($1, $2)"
|
||||
+" ON CONFLICT (id)"
|
||||
+" DO UPDATE SET name = EXCLUDED.name;";
|
||||
|
||||
|
||||
// {bin_id}
|
||||
router.post('/load-notes', (req, res)=>{
|
||||
const {bin_id, session_id} = req.body;
|
||||
db.query(load_bin_stmt, [bin_id, session_id])
|
||||
.then(bin_result =>{
|
||||
if(bin_result.rows.length > 0){
|
||||
const bin = bin_result.rows[0];
|
||||
// if it's a public bin:
|
||||
if(bin.owner_user_id===null){
|
||||
db.query(load_notes_stmt, [bin_id])
|
||||
.then(result => {
|
||||
res.json({success:true, authorized:false, notes:result.rows})
|
||||
});
|
||||
}
|
||||
// if it's a private bin, and the owner is signed-in:
|
||||
else if(bin.owner_user_id===bin.session_user_id){
|
||||
db.query(load_notes_stmt, [bin_id])
|
||||
.then(result => {
|
||||
res.json({success:true, authorized:true, notes:result.rows})
|
||||
});
|
||||
}
|
||||
else{
|
||||
res.json({success:false, authorized:false});
|
||||
}
|
||||
|
||||
}
|
||||
});
|
||||
});
|
||||
|
||||
router.post('/load-bin', (req, res)=>{
|
||||
const {bin_id, session_id} = req.body;
|
||||
// if a bin has no associated user, it's considered public and can be accessed even when not logged-in.
|
||||
// if a bin has an associated user, it can only be accessed by that user
|
||||
db.query(load_bin_stmt, [bin_id, session_id])
|
||||
.then(result => {
|
||||
const bin = result.rows[0];
|
||||
// if a bin with given id was found:
|
||||
if(result.rows.length>0){
|
||||
const bin = result.rows[0];
|
||||
// if it's a public bin:
|
||||
if(bin.owner_user_id===null){
|
||||
res.json({success:true, authorized:false, bin:{id:bin.id, name:bin.name}});
|
||||
}
|
||||
// if it's a private bin, and the owner is signed-in:
|
||||
else if(bin.owner_user_id===bin.session_user_id){
|
||||
res.json({success:true, authorized:true, bin:{id:bin.id, name:bin.name}});
|
||||
}
|
||||
else{
|
||||
res.json({success:false, authorized:false});
|
||||
}
|
||||
}
|
||||
else{
|
||||
res.json({success:true, authorized:true, bin:{id:bin_id, name:bin_id}});
|
||||
}
|
||||
});
|
||||
// {status: 'ok', bin:{id:bin.id}, notes: bin.notes}
|
||||
});
|
||||
|
||||
// {search_term, sorting, bin_id}
|
||||
router.post('/search', (req, res)=>{
|
||||
const {search_term, bin_id, sorting} = req.body;
|
||||
db.query(search_stmt+(sorting==='old->new'?order_asc_stmt:order_desc_stmt), [search_term, bin_id])
|
||||
.then(result => {
|
||||
res.json({success:true, notes:result.rows});
|
||||
});
|
||||
});
|
||||
|
||||
// {bin_id, note_id, text}
|
||||
router.post('/save', (req, res)=>{
|
||||
const {bin_id, note_id, text, session_id} = req.body;
|
||||
@@ -116,18 +167,6 @@ router.post('/save', (req, res)=>{
|
||||
// {status: 'ok'}
|
||||
});
|
||||
|
||||
const login_check_stmt =
|
||||
"SELECT id, password FROM user_ AS u"
|
||||
+" WHERE u.username = $1";
|
||||
const register_stmt =
|
||||
"INSERT INTO user_ (id, username, password) VALUES ($1, $2, $3)";
|
||||
const session_create_stmt =
|
||||
"INSERT INTO session (id, user_id) VALUES ($1, $2)";
|
||||
const user_bin_list_stmt =
|
||||
"SELECT b.id, b.name FROM bin_user AS bu"
|
||||
+" INNER JOIN bin AS b"
|
||||
+" ON bu.bin_id = b.id"
|
||||
+" WHERE bu.user_id = $1";
|
||||
router.post('/login', (req, res)=>{
|
||||
const {username, password} = req.body;
|
||||
const password_from_client=password;
|
||||
@@ -165,17 +204,13 @@ router.post('/login', (req, res)=>{
|
||||
});
|
||||
});
|
||||
|
||||
const delete_session_stmt =
|
||||
"DELETE FROM session WHERE id = $1";
|
||||
|
||||
router.post('/logout', (req, res)=>{
|
||||
db.query(delete_session_stmt, [req.body.session_id]);
|
||||
res.json({success:true});
|
||||
});
|
||||
|
||||
const rename_bin_stmt =
|
||||
"INSERT INTO bin (id, name) VALUES ($1, $2)"
|
||||
+" ON CONFLICT (id)"
|
||||
+" DO UPDATE SET name = EXCLUDED.name;";
|
||||
|
||||
router.post('/bin-rename', (req,res)=>{
|
||||
const {bin_id, name, session_id} = req.body;
|
||||
db.query(rename_bin_stmt, [bin_id, name])
|
||||
|
||||
Reference in New Issue
Block a user