From ebd5e7416ade582bf82fda9ab2dc02cb0bb99e8f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jovan=20Ili=C4=87?= Date: Mon, 16 Sep 2024 00:12:33 +0200 Subject: [PATCH] minor fixes, more tests --- .env | 2 +- package-lock.json | 4 +- package.json | 2 +- public/profile/santaProfile.html | 12 +--- routers/admin-router.js | 2 +- routers/history-router.js | 8 +-- routers/profile-router.js | 10 ++- routers/santa-router.js | 2 +- routers/session-router.js | 7 +- tests/admin.spec.js | 33 ++++++++- tests/chat.spec.js | 15 +++- tests/history.spec.js | 18 ++++- tests/home.spec.js | 15 ++++ tests/profile.spec.js | 119 +++++++++++++++++++++++++++++++ tests/session.spec.js | 25 +++++-- utils/adminPipeline.js | 48 ++++++------- utils/chatPipeline.js | 10 +-- utils/friendsPipeline.js | 10 +-- utils/historyPipeline.js | 32 ++++----- utils/loginPipeline.js | 4 +- utils/mail-local.js | 2 +- utils/renderer.js | 3 +- utils/santaPipeline.js | 5 +- 23 files changed, 296 insertions(+), 92 deletions(-) create mode 100644 tests/profile.spec.js diff --git a/.env b/.env index db4bf89..f940f68 100644 --- a/.env +++ b/.env @@ -1,5 +1,5 @@ profile=development -adminElevatedPrivileges=false +adminElevatedPrivileges=true sessionKey= mongodbUsername=root mongodbPassword=root diff --git a/package-lock.json b/package-lock.json index de4d8a2..2de8eba 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "secretsanta", - "version": "5.1.1", + "version": "5.1.2", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "secretsanta", - "version": "5.1.1", + "version": "5.1.2", "license": "MIT", "dependencies": { "@sendgrid/mail": "^8.1.3", diff --git a/package.json b/package.json index d3e1293..5c8b482 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "secretsanta", - "version": "5.1.1", + "version": "5.1.2", "description": "SecretSanta source code", "author": "Zaista", "license": "MIT", diff --git a/public/profile/santaProfile.html b/public/profile/santaProfile.html index adf15ec..b953d2a 100644 --- a/public/profile/santaProfile.html +++ b/public/profile/santaProfile.html @@ -12,7 +12,7 @@ name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" /> - Secret Santa + Secret Santa Profile @@ -120,13 +120,7 @@
- +
diff --git a/routers/admin-router.js b/routers/admin-router.js index a630f78..8c64fed 100644 --- a/routers/admin-router.js +++ b/routers/admin-router.js @@ -33,7 +33,7 @@ const adminRouter = express.Router(); // define the home page route adminRouter.get('/', (req, res) => { if (!req.user) return res.status(401).redirect('session/login'); - else if (req.session.activeGroup.role !== ROLES.admin) + else if (req.session.activeGroup?.role !== ROLES.admin) return res.status(401).redirect('/'); res.sendFile('public/admin/santaAdmin.html', { root: '.' }); }); diff --git a/routers/history-router.js b/routers/history-router.js index 8ce4c95..c391fe3 100644 --- a/routers/history-router.js +++ b/routers/history-router.js @@ -55,8 +55,8 @@ historyRouter.get('/year/api/location-image', async (req, res) => { res.setHeader('Content-Type', 'image/jpeg'); res.setHeader('Cache-Control', 'public, max-age=31536000'); // Cache for 1 year objectStream.pipe(res); - } catch (e) { - log.error('ERROR 1: ' + e.message); + } catch (err) { + log.error('ERROR 1: ' + err); res.sendFile('public/resources/images/placeholder.png', { root: '.' }); } }); @@ -72,7 +72,7 @@ historyRouter.post('/year/api/location-image', async (req, res) => { await updateLocationImage(req.query.id); res.send({ success: 'Location image was uploaded successfully' }); } catch (e) { - log.error('ERROR 2: ' + e.message); + log.error('ERROR 2: ' + e); res.send({ error: 'Failed to upload the year location image' }); } }); @@ -88,7 +88,7 @@ historyRouter.post('/year/api/gift-image', async (req, res) => { await updateGiftImage(req.query.yearId, req.query.giftId); res.send({ success: 'Gift image was uploaded successfully' }); } catch (e) { - log.error('ERROR 3: ' + e.message); + log.error('ERROR 3: ' + e); res.send({ error: 'Failed to upload the gift image' }); } }); diff --git a/routers/profile-router.js b/routers/profile-router.js index a113124..7562bcb 100644 --- a/routers/profile-router.js +++ b/routers/profile-router.js @@ -18,7 +18,11 @@ profileRouter.get('/', async (req, res) => { if (req.query.id === undefined || req.user._id.toString() === req.query.id) { isCurrentUser = true; } - res.render('profile/santaProfile.html', { isCurrentUser }); + const options = { + isCurrentUser: isCurrentUser, + activeGroup: req.session.activeGroup, + }; + res.render('profile/santaProfile.html', options); }); profileRouter.get('/api/list', async (req, res) => { @@ -57,7 +61,7 @@ profileRouter.get('/api/image', async (req, res) => { res.setHeader('Cache-Control', 'public, max-age=31536000'); // Cache for 1 year objectStream.pipe(res); } catch (e) { - log.error('ERROR 1: ' + e.message); + log.error('ERROR 1: ' + e); res.sendFile('public/resources/images/placeholder.png', { root: '.' }); } }); @@ -77,7 +81,7 @@ profileRouter.post('/api/image', async (req, res) => { await updateProfileImage(userId); res.send({ success: 'Profile image updated successfully' }); } catch (e) { - log.error('ERROR 2: ' + e.message); + log.error('ERROR 2: ' + e); res.send({ error: 'Failed to update the profile image' }); } }); diff --git a/routers/santa-router.js b/routers/santa-router.js index 97c060e..784a700 100644 --- a/routers/santa-router.js +++ b/routers/santa-router.js @@ -20,7 +20,7 @@ santaRouter.get('/api/santa', async (req, res) => { } return res.send(santa[0]); } else { - return res.send({ warning: 'No active group' }); + return res.send({ warning: 'No Secret Santa group selected' }); } }); diff --git a/routers/session-router.js b/routers/session-router.js index dc5c14f..7ccbb57 100644 --- a/routers/session-router.js +++ b/routers/session-router.js @@ -13,7 +13,7 @@ import { sendEmail } from '../utils/environment.js'; import { checkIfUserExists, createNewUser } from '../utils/adminPipeline.js'; const sessionRouter = express.Router(); -const log = getLogger('seesion'); +const log = getLogger('session'); sessionRouter.get('/login', (req, res) => { if (req.user) return res.redirect('/'); @@ -126,12 +126,13 @@ passport.serializeUser(function (user, done) { done(null, serializedUser); }); -passport.deserializeUser(async function (serializedUser, done) { +passport.deserializeUser(async function (req, serializedUser, done) { const deserializedUser = deserialize(Buffer.from(serializedUser)); const user = await getUserById(deserializedUser._id); - if (user.length === 0) { + if (user === null || user.length === 0) { done(null, null, { error: 'User not found' }); } else { + req.session.activeGroup = user[0].groups[0]; done(null, user[0]); } }); diff --git a/tests/admin.spec.js b/tests/admin.spec.js index e124a24..3537598 100644 --- a/tests/admin.spec.js +++ b/tests/admin.spec.js @@ -7,7 +7,7 @@ import { inviteUserToGroup, addForbiddenPair, } from './helpers/admin.js'; -import { createDraftedGroup } from './helpers/setup.js'; +import { createNewGroup, createDraftedGroup } from './helpers/setup.js'; test.describe('admin tests', () => { test.describe('group settings tests', () => { @@ -137,4 +137,35 @@ test.describe('admin tests', () => { ); }); }); + + test.describe('admin access tests', () => { + test('user cannot access admin page', async ({ page }) => { + const groupData = await createNewGroup(page.request); + await login( + page.request, + groupData.users.user1.email, + groupData.users.user1.password + ); + await page.goto('/admin'); + + await expect(page).toHaveTitle('Secret Santa'); + await expect(page.getByRole('listitem', { name: 'Admin' })).toBeHidden(); + }); + + test('user with no group cannot access admin page', async ({ page }) => { + const user = { + email: faker.internet.email(), + password: faker.internet.password(), + }; + await registerUser(page.request, user); + + await page.goto('/admin'); + + await expect(page).toHaveTitle('Secret Santa'); + await expect(page.getByRole('listitem', { name: 'Admin' })).toBeHidden(); + await expect(page.locator('#footerAlert')).toHaveText( + 'No Secret Santa group selected' + ); + }); + }); }); diff --git a/tests/chat.spec.js b/tests/chat.spec.js index aea1020..107f31e 100644 --- a/tests/chat.spec.js +++ b/tests/chat.spec.js @@ -1,7 +1,7 @@ // @ts-check import { test, expect } from '@playwright/test'; import { faker } from '@faker-js/faker'; -import { login } from './helpers/login.js'; +import { login, registerUser } from './helpers/login.js'; import { sendMessage } from './helpers/chat.js'; import { createNewGroup } from './helpers/setup.js'; @@ -63,4 +63,17 @@ test.describe('chat tests', () => { 'From: Anonymous' ); }); + + test('user with no group cannot access chat page', async ({ page }) => { + const user = { + email: faker.internet.email(), + password: faker.internet.password(), + }; + await registerUser(page.request, user); + + await page.goto('/chat'); + + await expect(page).toHaveTitle('Secret Santa Chat'); + await expect(page.locator('#footerAlert')).toHaveText('No chat activity'); + }); }); diff --git a/tests/history.spec.js b/tests/history.spec.js index 3385868..2f58db3 100644 --- a/tests/history.spec.js +++ b/tests/history.spec.js @@ -1,7 +1,8 @@ // @ts-check import { test, expect } from '@playwright/test'; -import { login } from './helpers/login.js'; +import { login, registerUser } from './helpers/login.js'; import { createRevealedGroup } from './helpers/setup.js'; +import { faker } from '@faker-js/faker'; test.describe('history tests', () => { test('user can edit santa history', async ({ page }) => { @@ -65,4 +66,19 @@ test.describe('history tests', () => { ); await expect(page.getByText('Random location')).toBeVisible(); }); + + test('user with no group cannot access history page', async ({ page }) => { + const user = { + email: faker.internet.email(), + password: faker.internet.password(), + }; + await registerUser(page.request, user); + + await page.goto('/history'); + + await expect(page).toHaveTitle('Secret Santa History'); + await expect(page.locator('#footerAlert')).toHaveText( + 'No recorded history' + ); + }); }); diff --git a/tests/home.spec.js b/tests/home.spec.js index c57330e..548d05f 100644 --- a/tests/home.spec.js +++ b/tests/home.spec.js @@ -69,4 +69,19 @@ test.describe('home tests', () => { ).toBeVisible(); await expect(page).toHaveTitle('Secret Santa Admin'); }); + + test('user with no group cannot access home page', async ({ page }) => { + const user = { + email: faker.internet.email(), + password: faker.internet.password(), + }; + await registerUser(page.request, user); + + await page.goto('/'); + + await expect(page).toHaveTitle('Secret Santa'); + await expect(page.locator('#footerAlert')).toHaveText( + 'No Secret Santa group selected' + ); + }); }); diff --git a/tests/profile.spec.js b/tests/profile.spec.js new file mode 100644 index 0000000..12e2ef4 --- /dev/null +++ b/tests/profile.spec.js @@ -0,0 +1,119 @@ +// @ts-check +import { test, expect } from '@playwright/test'; +import { faker } from '@faker-js/faker'; +import { login, registerUser } from './helpers/login.js'; +import { createNewGroup } from './helpers/setup.js'; + +test.describe('profile tests', () => { + let groupData; + let page; + + test.beforeAll('setup', async ({ browser }) => { + page = await browser.newPage(); + groupData = await createNewGroup(page.request); + }); + + test('user can update his own profile', async ({ page }) => { + await login( + page.request, + groupData.users.user1.email, + groupData.users.user1.password + ); + await page.goto('/profile'); + await expect(page).toHaveTitle('Secret Santa Profile'); + + await expect(page.getByPlaceholder('Name')).toHaveValue( + groupData.users.user1.name + ); + await expect(page.getByPlaceholder('Description')).toHaveValue(''); + await expect(page.getByPlaceholder('Street')).toHaveValue( + groupData.users.user1.address.street + ); + await expect(page.getByPlaceholder('Postal code')).toHaveValue( + groupData.users.user1.address.postalCode + ); + await expect(page.getByPlaceholder('City')).toHaveValue( + groupData.users.user1.address.city + ); + await expect(page.getByPlaceholder('State')).toHaveValue( + groupData.users.user1.address.state + ); + await expect(page.getByLabel('Email')).toHaveValue( + groupData.users.user1.email + ); + await expect(page.getByLabel('Email')).toBeDisabled(); + + await page.getByPlaceholder('Description').fill(faker.word.words()); + await page.getByRole('button', { name: 'Save changes' }).click(); + await expect(page.locator('#footerAlert')).toHaveText( + 'Profile updated successfully' + ); + + await page.locator('#image').click(); + await page.locator('#uploadImage').setInputFiles('tests/santaGift.jpg'); + await page.getByText('Upload image').click(); + await expect( + page.getByText('Profile image updated successfully') + ).toBeVisible(); + await expect(page.locator('#image')).toHaveAttribute( + 'src', + /data:image\/png/ + ); + }); + + test('admin can update other profiles', async ({ page }) => { + await login( + page.request, + groupData.users.admin.email, + groupData.users.admin.password + ); + await page.goto('/friends'); + await page.getByText(groupData.users.user1.name).click(); + + await expect(page.getByPlaceholder('Name')).toHaveValue( + groupData.users.user1.name + ); + await page.getByPlaceholder('Description').fill(faker.word.words()); + await page.getByRole('button', { name: 'Save changes' }).click(); + await expect(page.locator('#footerAlert')).toHaveText( + 'Profile updated successfully' + ); + }); + + test('user cannot update other profiles', async ({ page }) => { + await login( + page.request, + groupData.users.user1.email, + groupData.users.user1.password + ); + await page.goto('/friends'); + await page.getByText(groupData.users.user2.name).click(); + + await expect(page.getByPlaceholder('Name')).toHaveValue( + groupData.users.user2.name + ); + await expect(page.getByPlaceholder('Name')).toBeDisabled(); + await expect(page.getByPlaceholder('Description')).toBeDisabled(); + await expect(page.getByPlaceholder('Street')).toBeDisabled(); + await expect(page.getByPlaceholder('Postal code')).toBeDisabled(); + await expect(page.getByPlaceholder('City')).toBeDisabled(); + await expect(page.getByPlaceholder('State')).toBeDisabled(); + await expect(page.getByLabel('Email')).toBeDisabled(); + await expect( + page.getByRole('button', { name: 'Save changes' }) + ).toBeHidden(); + }); + + test('user with no group can see his profile', async ({ page }) => { + const user = { + email: faker.internet.email(), + password: faker.internet.password(), + }; + await registerUser(page.request, user); + + await page.goto('/profile'); + + await expect(page).toHaveTitle('Secret Santa Profile'); + await expect(page.getByPlaceholder('Name')).toHaveValue(''); + }); +}); diff --git a/tests/session.spec.js b/tests/session.spec.js index 107a06d..ade5b57 100644 --- a/tests/session.spec.js +++ b/tests/session.spec.js @@ -33,21 +33,32 @@ test.describe('session tests', () => { await page.goto('/'); await page.getByLabel('Santa email').fill(user.email); - await page.getByLabel('Santa password').fill(faker.internet.password()); - + await page.getByLabel('Santa password').fill(user.password); await page.getByRole('button', { name: 'Login' }).click(); await expect(page.locator('#footerAlert')).toHaveText( - 'Email or password wrong' + 'No Secret Santa group selected' ); - await page.getByLabel('Santa password').fill(user.password); - await page.getByRole('button', { name: 'Login' }).click(); - await expect(page.locator('#footerAlert')).toHaveText('No active group'); - await expect(page).toHaveTitle(/Secret Santa/); await expect(page.locator('#unavailableImage')).toBeVisible(); }); + test('unknown user cannot login', async ({ page }) => { + const user = { + email: faker.internet.email(), + password: faker.internet.password(), + }; + + await page.goto('/'); + await page.getByLabel('Santa email').fill(user.email); + await page.getByLabel('Santa password').fill(user.password); + + await page.getByRole('button', { name: 'Login' }).click(); + await expect(page.locator('#footerAlert')).toHaveText( + 'Email or password wrong' + ); + }); + test('user can request password', async ({ request, page }) => { const user = { email: faker.internet.email(), diff --git a/utils/adminPipeline.js b/utils/adminPipeline.js index d37bdc0..5a8dd2f 100644 --- a/utils/adminPipeline.js +++ b/utils/adminPipeline.js @@ -7,7 +7,7 @@ const log = getLogger('adminPipeline'); export async function getUsers(groupId) { const client = await getClient(); - const query = { 'groups.groupId': ObjectId.createFromHexString(groupId) }; + const query = { 'groups.groupId': groupId }; const options = { projection: { name: 1, email: 1 }, sort: { name: 1 }, @@ -20,7 +20,7 @@ export async function getUsers(groupId) { .find(query, options) .toArray(); } catch (err) { - log.error('ERROR getUsers: ' + err.stack); + log.error('getUsers: ' + err); return null; } } @@ -36,7 +36,7 @@ export async function getUsersAndRoles(groupId) { }, { $match: { - 'groups.groupId': ObjectId.createFromHexString(groupId), + 'groups.groupId': groupId, }, }, { @@ -54,7 +54,7 @@ export async function getUsersAndRoles(groupId) { .aggregate(pipeline) .toArray(); } catch (err) { - log.error('ERROR getUsersAndRoles: ' + err.stack); + log.error('getUsersAndRoles: ' + err); return null; } } @@ -69,7 +69,7 @@ export async function checkIfUserExists(email) { .collection('users') .findOne(query); } catch (err) { - log.error('ERROR checkIfUserExists: ' + err.stack); + log.error('checkIfUserExists: ' + err); return null; } } @@ -94,7 +94,7 @@ export async function addUserToGroup(groupId, email, role) { } return true; } catch (err) { - log.error('ERROR addUserToGroup: ' + err.stack); + log.error('addUserToGroup: ' + err); return null; } } @@ -104,7 +104,7 @@ export async function removeUserFromGroup(userId, groupId) { const filter = { _id: userId }; const update = { $pull: { - groups: { groupId: ObjectId.createFromHexString(groupId) }, + groups: { groupId: groupId }, }, }; @@ -115,13 +115,13 @@ export async function removeUserFromGroup(userId, groupId) { .updateOne(filter, update); if (result.acknowledged !== true || result.modifiedCount !== 1) { log.error( - 'ERROR removeUserFromGroup: failed to remove the user from the group' + 'removeUserFromGroup: failed to remove the user from the group' ); return null; } return true; } catch (err) { - log.error('ERROR removeUserFromGroup: ' + err.stack); + log.error('removeUserFromGroup: ' + err); return null; } } @@ -141,7 +141,7 @@ export async function addNewUser(groupId, email, password) { .collection('users') .insertOne(user); } catch (err) { - log.error('ERROR addNewUser: ' + err.stack); + log.error('addNewUser: ' + err); return null; } } @@ -154,7 +154,7 @@ export async function createNewUser(user) { .collection('users') .insertOne(user); } catch (err) { - log.error('ERROR createNewUser: ' + err.stack); + log.error('createNewUser: ' + err); return null; } } @@ -165,7 +165,7 @@ export async function updateUsersRoles(groupId, usersRoles) { let modifiedCount = 0; for (const userData of usersRoles) { const filter = { - 'groups.groupId': ObjectId.createFromHexString(groupId), + 'groups.groupId': groupId, _id: userData._id, }; const update = { @@ -181,14 +181,14 @@ export async function updateUsersRoles(groupId, usersRoles) { } return modifiedCount; } catch (err) { - log.error('ERROR updateUsersRoles: ' + err.stack); + log.error('updateUsersRoles: ' + err); return null; } } export async function getGroup(groupId) { const client = await getClient(); - const query = { _id: ObjectId.createFromHexString(groupId) }; + const query = { _id: groupId }; try { return await client @@ -196,7 +196,7 @@ export async function getGroup(groupId) { .collection('groups') .findOne(query); } catch (err) { - log.error('ERROR getGroup: ' + err.stack); + log.error('getGroup: ' + err); return null; } } @@ -223,14 +223,14 @@ export async function createGroup(groupName) { group._id = result.insertedId; return group; } catch (err) { - log.error('ERROR createGroup: ' + err.stack); + log.error('createGroup: ' + err); return null; } } export async function updateGroup(groupId, groupData) { const client = await getClient(); - const filter = { _id: ObjectId.createFromHexString(groupId) }; + const filter = { _id: groupId }; const update = { $set: groupData, }; @@ -241,7 +241,7 @@ export async function updateGroup(groupId, groupData) { .collection('groups') .updateOne(filter, update); } catch (err) { - log.error('ERROR updateGroup: ' + err.stack); + log.error('updateGroup: ' + err); return null; } } @@ -256,7 +256,7 @@ export async function deleteForbiddenPair(_id) { .collection('forbiddenPairs') .deleteOne(filter); } catch (err) { - log.error('ERROR deleteForbiddenPair: ' + err.stack); + log.error('deleteForbiddenPair: ' + err); return null; } } @@ -266,7 +266,7 @@ export async function getForbiddenPairs(groupId) { const pipeline = [ { $match: { - groupId: ObjectId.createFromHexString(groupId), + groupId: groupId, }, }, { @@ -304,7 +304,7 @@ export async function getForbiddenPairs(groupId) { .aggregate(pipeline) .toArray(); } catch (err) { - log.error('ERROR getForbiddenPairs: ' + err.stack); + log.error('getForbiddenPairs: ' + err); return null; } } @@ -319,7 +319,7 @@ export async function createForbiddenPair(groupId, forbiddenPair) { } const document = { - groupId: ObjectId.createFromHexString(groupId), + groupId: groupId, userId: ObjectId.createFromHexString(forbiddenPair.forbiddenUser1Id), forbiddenPairId: ObjectId.createFromHexString( forbiddenPair.forbiddenUser2Id @@ -331,7 +331,7 @@ export async function createForbiddenPair(groupId, forbiddenPair) { .collection('forbiddenPairs') .insertOne(document); } catch (err) { - log.error('ERROR createForbiddenPair: ' + err.stack); + log.error('createForbiddenPair: ' + err); return null; } } @@ -341,7 +341,7 @@ async function findExistingPair(client, groupId, forbiddenPair) { .db(process.env.database) .collection('forbiddenPairs') .findOne({ - groupId: ObjectId.createFromHexString(groupId), + groupId: groupId, $or: [ { userId: ObjectId.createFromHexString(forbiddenPair.forbiddenUser1Id), diff --git a/utils/chatPipeline.js b/utils/chatPipeline.js index d94c921..f604076 100644 --- a/utils/chatPipeline.js +++ b/utils/chatPipeline.js @@ -9,7 +9,7 @@ export async function getChat(groupId) { const pipeline = [ { $match: { - groupId: ObjectId.createFromHexString(groupId), + groupId: groupId, }, }, { @@ -45,7 +45,7 @@ export async function getChat(groupId) { .aggregate(pipeline) .toArray(); } catch (err) { - log.error('ERROR getChat: ' + err.stack); + log.error('getChat: ' + err); return null; } } @@ -60,7 +60,7 @@ export async function deleteChatMessage(_id) { .collection('chat') .deleteOne(filter); } catch (err) { - log.error('ERROR deleteChatMessage: ' + err.stack); + log.error('deleteChatMessage: ' + err); return null; } } @@ -70,7 +70,7 @@ export async function sendMessage(message, userId, groupId) { const document = { message, userId: ObjectId.createFromHexString(userId), - groupId: ObjectId.createFromHexString(groupId), + groupId: groupId, timestamp: new Date(), }; try { @@ -79,7 +79,7 @@ export async function sendMessage(message, userId, groupId) { .collection('chat') .insertOne(document); } catch (err) { - log.error('ERROR sendMessage: ' + err.stack); + log.error('sendMessage: ' + err); return null; } } diff --git a/utils/friendsPipeline.js b/utils/friendsPipeline.js index f551e31..4b00f6c 100644 --- a/utils/friendsPipeline.js +++ b/utils/friendsPipeline.js @@ -6,7 +6,7 @@ const log = getLogger('friendsPipeline'); export async function getFriends(groupId) { const client = await getClient(); - const query = { 'groups.groupId': ObjectId.createFromHexString(groupId) }; + const query = { 'groups.groupId': groupId }; const options = { projection: { password: 0, chat: 0 } }; try { @@ -16,7 +16,7 @@ export async function getFriends(groupId) { .find(query, options) .toArray(); } catch (err) { - log.error('ERROR getFriends: ' + err.stack); + log.error('getFriends: ' + err); return null; } } @@ -36,7 +36,7 @@ export async function getProfile(_id) { .collection('users') .findOne(query, options); } catch (err) { - log.error('ERROR getProfile: ' + err.stack); + log.error('getProfile: ' + err); return null; } } @@ -58,7 +58,7 @@ export async function updateProfile(_id, friend) { .collection('users') .updateOne(filter, update); } catch (err) { - log.error('ERROR updateProfile: ' + err.stack); + log.error('updateProfile: ' + err); return null; } } @@ -78,7 +78,7 @@ export async function updateProfileImage(_id) { .collection('users') .updateOne(filter, update); } catch (err) { - log.error('ERROR updateProfileImage: ' + err.stack); + log.error('updateProfileImage: ' + err); return null; } } diff --git a/utils/historyPipeline.js b/utils/historyPipeline.js index 786981c..b40a0ba 100644 --- a/utils/historyPipeline.js +++ b/utils/historyPipeline.js @@ -8,7 +8,7 @@ export async function getYearsByGroup(groupId) { const pipeline = [ { $match: { - groupId: ObjectId.createFromHexString(groupId), + groupId: groupId, }, }, { @@ -31,7 +31,7 @@ export async function getYearsByGroup(groupId) { .aggregate(pipeline) .toArray(); } catch (err) { - log.error('ERROR getYearsByGroup: ' + err.stack); + log.error('getYearsByGroup: ' + err); return null; } } @@ -41,7 +41,7 @@ export async function getGiftsByYear(groupId, yearId) { { $match: { _id: ObjectId.createFromHexString(yearId), - groupId: ObjectId.createFromHexString(groupId), + groupId: groupId, revealed: true, }, }, @@ -114,7 +114,7 @@ export async function getGiftsByYear(groupId, yearId) { .aggregate(pipeline) .toArray(); } catch (err) { - log.error('ERROR getClient: ' + err.stack); + log.error('getClient: ' + err); return null; } } @@ -125,7 +125,7 @@ export async function addDraftsForNextYear(groupId, santaPairs) { location: null, imageUploaded: false, gifts: [], - groupId: ObjectId.createFromHexString(groupId), + groupId: groupId, revealed: false, }; @@ -147,7 +147,7 @@ export async function addDraftsForNextYear(groupId, santaPairs) { .collection('history') .insertOne(document); } catch (err) { - log.error('ERROR addDraftsForNextYear: ' + err.stack); + log.error('addDraftsForNextYear: ' + err); return null; } } @@ -155,7 +155,7 @@ export async function addDraftsForNextYear(groupId, santaPairs) { export async function isNextYearDrafted(groupId) { const client = await getClient(); const query = { - groupId: ObjectId.createFromHexString(groupId), + groupId: groupId, year: new Date().getFullYear() + 1, }; @@ -167,7 +167,7 @@ export async function isNextYearDrafted(groupId) { return !result; } catch (err) { - log.error('ERROR isNextYearDrafted: ' + err.stack); + log.error('isNextYearDrafted: ' + err); return null; } } @@ -175,7 +175,7 @@ export async function isNextYearDrafted(groupId) { export async function isLastYearRevealed(groupId) { const client = await getClient(); const query = { - groupId: ObjectId.createFromHexString(groupId), + groupId: groupId, }; const options = { sort: { year: -1 }, @@ -190,7 +190,7 @@ export async function isLastYearRevealed(groupId) { return result?.revealed; } catch (err) { - log.error('ERROR isLastYearRevealed: ' + err.stack); + log.error('isLastYearRevealed: ' + err); return null; } } @@ -198,7 +198,7 @@ export async function isLastYearRevealed(groupId) { export async function setLastYearRevealed(groupId, year) { const client = await getClient(); const filter = { - groupId: ObjectId.createFromHexString(groupId), + groupId: groupId, year, }; const update = { $set: { revealed: true } }; @@ -209,7 +209,7 @@ export async function setLastYearRevealed(groupId, year) { .collection('history') .updateOne(filter, update); } catch (err) { - log.error('ERROR setLastYearRevealed: ' + err.stack); + log.error('setLastYearRevealed: ' + err); return null; } } @@ -229,7 +229,7 @@ export async function updateLocationImage(yearId) { .collection('history') .updateOne(filter, update); } catch (err) { - log.error('ERROR updateLocationImage: ' + err.stack); + log.error('updateLocationImage: ' + err); return null; } } @@ -252,7 +252,7 @@ export async function updateGiftImage(yearId, giftId) { .collection('history') .updateOne(filter, update); } catch (err) { - log.error('ERROR updateGiftImage: ' + err.stack); + log.error('updateGiftImage: ' + err); return null; } } @@ -272,7 +272,7 @@ export async function updateGiftDescription(giftId, description) { .collection('history') .updateOne(filter, update); } catch (err) { - log.error('ERROR updateGiftDescription: ' + err.stack); + log.error('updateGiftDescription: ' + err); return null; } } @@ -292,7 +292,7 @@ export async function updateYearDescription(yearId, description) { .collection('history') .updateOne(filter, update); } catch (err) { - log.error('ERROR updateYearDescription: ' + err.stack); + log.error('updateYearDescription: ' + err); return null; } } diff --git a/utils/loginPipeline.js b/utils/loginPipeline.js index dcd65b2..c30c75a 100644 --- a/utils/loginPipeline.js +++ b/utils/loginPipeline.js @@ -31,7 +31,7 @@ export async function checkEmail(email) { .collection('users') .findOne(query, options); } catch (err) { - log.error('ERROR checkEmail: ' + err.stack); + log.error('checkEmail: ' + err); return null; } } @@ -110,7 +110,7 @@ async function getUser($match) { .aggregate(pipeline) .toArray(); } catch (err) { - log.error('ERROR getUser: ' + err.stack); + log.error('getUser: ' + err); return null; } } diff --git a/utils/mail-local.js b/utils/mail-local.js index 601f449..61287b8 100644 --- a/utils/mail-local.js +++ b/utils/mail-local.js @@ -7,7 +7,7 @@ let mailTransporter; // Generate SMTP service account from ethereal.email await nodemailer.createTestAccount((err, account) => { if (err) { - log.error('Failed to create a testing account. ' + err.message); + log.error('Failed to create a testing account. ' + err); } mailTransporter = nodemailer.createTransport({ diff --git a/utils/renderer.js b/utils/renderer.js index 872c7ec..73176e6 100644 --- a/utils/renderer.js +++ b/utils/renderer.js @@ -38,7 +38,8 @@ export const renderer = (filePath, options, callback) => { if (filePath.includes('santaProfile.html')) { const elevatedPrivileges = - process.env.adminElevatedPrivileges.toLowerCase() === 'true'; + process.env.adminElevatedPrivileges.toLowerCase() === 'true' && + options.activeGroup?.role === ROLES.admin; rendered = rendered.replaceAll( '{{isHidden}}', elevatedPrivileges || options.isCurrentUser ? '' : 'hidden' diff --git a/utils/santaPipeline.js b/utils/santaPipeline.js index eb9e7df..ba71c9b 100644 --- a/utils/santaPipeline.js +++ b/utils/santaPipeline.js @@ -1,4 +1,3 @@ -import { ObjectId } from 'mongodb'; import { getClient } from './database.js'; import { getLogger } from './logger.js'; @@ -8,7 +7,7 @@ export async function getSanta(_id, groupId) { const pipeline = [ { $match: { - groupId: ObjectId.createFromHexString(groupId), + groupId: groupId, year: new Date().getFullYear() + 1, }, }, @@ -58,7 +57,7 @@ export async function getSanta(_id, groupId) { .aggregate(pipeline) .toArray(); } catch (err) { - log.error('ERROR getSanta: ' + err.stack); + log.error('getSanta: ' + err); return null; } }