diff --git a/backend/controller/userController.js b/backend/controller/userController.js new file mode 100644 index 0000000000000000000000000000000000000000..ce694477cece99718ebc9843d2716e9d55a73f15 --- /dev/null +++ b/backend/controller/userController.js @@ -0,0 +1,120 @@ +const models = require('../models'); +const User = models.user; +const Role = models.role; +var bcrypt = require('bcryptjs'); + +exports.fetchAll = (req, res) => { + User.findAll({ + attributes: ['id', 'name'], + include: [{ + model: Role, + attributes: ['id', 'name'] + }] + }).then(user => { + res.status(200).json({ + "description": "Users data", + "users": user + }) + }).catch(err => { + res.status(500).json({ + "description": "Error", + "error": err + }); + }) +} + +exports.createUser = (req, res) => { + User.create({ + name: req.body.name, + email: req.body.email, + username: req.body.username, + password: bcrypt.hashSync(req.body.password), + }).then(user => { + Role.findOne({ + where: { + name: req.body.role + } + }).then(role => { + user.setRole(role).then(() => { + res.send("User created successfully!"); + }) + }).catch(err => { + res.status(500).send('Error -> ' + err); + }); + }).catch(err => { + res.status(500).send('Error -> ' + err); + }); +} + +exports.editUser = (req, res) => { + User.findOne({ + where: { + id: req.body.id + } + }).then(user => { + Role.findOne({ + where: { + name: req.body.role + } + }).then(role => { + user.setRole(role).then(() => { + user.update( + { + name: req.body.name, + email: req.body.email, + username: req.body.username, + password: bcrypt.hashSync(req.body.password) + }, + { + fields: ['name', 'email', 'username', 'password'] + } + ).then(() => { + res.send("User edited successfully!"); + }).catch(err => { + res.status(500).send('Error -> ' + err); + }); + }).catch(err => { + res.status(500).send('Error -> ' + err); + }); + }).catch(err => { + res.status(500).send('Error -> ' + err); + }); + }).catch(err => { + res.status(500).send('Error -> ' + err); + }); +} + +exports.deleteUser = (req, res) => { + User.destroy({ + where: { + id: req.body.id + } + }).then(() => { + res.send("User deleted successfully!"); + }).catch(err => { + res.status(500).send('Error -> ' + err); + }); +} + +exports.viewDetail = (req, res) => { + User.findOne({ + where: { + id: req.body.id + }, + attributes: ['id', 'name', 'email', 'username', 'password'], + include: [{ + model: Role, + attributes: ['id', 'name'] + }] + }).then(users => { + res.status(200).json({ + "description": "Users data", + "users": users + }) + }).catch(err => { + res.status(500).json({ + "description": "Error", + "error": err + }); + }) +} \ No newline at end of file diff --git a/backend/router/router.js b/backend/router/router.js index 21eb47b044639ddc8c9da3ae4030681359cce2b1..990aaf779b94ded924f882413eb109b1315fe254 100644 --- a/backend/router/router.js +++ b/backend/router/router.js @@ -4,9 +4,16 @@ const authJwt = require('./verifyJwtToken'); module.exports = function(app) { const authController = require('../controller/authController.js'); const testController = require('../controller/testController.js'); + const userController = require('../controller/userController.js'); app.post('/api/auth/signup', [verifySignUp.checkDuplicateUserNameOrEmail, verifySignUp.checkRolesExisted], authController.signup); app.post('/api/auth/login', authController.signin); app.get('/api/test/admin', [authJwt.verifyToken, authJwt.isAdmin], testController.adminContent); app.get('/api/test/member', [authJwt.verifyToken], testController.memberContent); + + app.post('/api/user/all', [authJwt.verifyToken, authJwt.isAdmin], userController.fetchAll); + app.post('/api/user/create', [authJwt.verifyToken, authJwt.isAdmin], userController.createUser); + app.post('/api/user/edit', [authJwt.verifyToken, authJwt.isAdmin], userController.editUser); + app.post('/api/user/delete', [authJwt.verifyToken, authJwt.isAdmin], userController.deleteUser); + app.post('/api/user/detail', [authJwt.verifyToken, authJwt.isAdmin], userController.viewDetail); } \ No newline at end of file diff --git a/backend/router/verifyJwtToken.js b/backend/router/verifyJwtToken.js index c2b079eb13d5558598bff119294ff26331b2358b..3dce7fa4e6026d2d88b024ac2e716c0267dcf3f8 100644 --- a/backend/router/verifyJwtToken.js +++ b/backend/router/verifyJwtToken.js @@ -27,10 +27,10 @@ verifyToken = (req, res, next) => { } isAdmin = (req, res, next) => { - User.findByPk(req.userId) + User.findByPk(req.body.userId) .then(user => { user.getRole().then(role => { - if (role === 'Master Admin Diskominfo' || role === 'Admin Diskominfo' || role === 'Admin Dinas') { + if (role.name === 'Master Admin Diskominfo' || role.name === 'Admin Diskominfo' || role.name === 'Admin Dinas') { next(); return; } diff --git a/backend/test/user_test.js b/backend/test/user_test.js index 84588a65db30406b564ffc3b19a5651f4fd7d73a..fe72f74f1c379db6e5564c4c520727bea73cefa5 100644 --- a/backend/test/user_test.js +++ b/backend/test/user_test.js @@ -7,6 +7,7 @@ const User = models.user; let app = require('../app.js') let should = chai.should(); let expect = chai.expect; +var bcrypt = require('bcryptjs') chai.use(chaiHttp); @@ -24,7 +25,7 @@ describe('Users', () => { "name": "Komi Shouko", "username": "komisama", "email":"komi@gmail.com", - "role":"Member Dinas", + "role":"Master Admin Diskominfo", "password":"komisama" }; chai.request('http://127.0.0.1:8081') @@ -37,6 +38,235 @@ describe('Users', () => { expect(res.text).to.equal('User registered successfully!'); done(); }); + + }); + }); +}); + +describe("Create user", () => { + it("Creating user", (done) => { + User.findOne({ + where: { + username:"komisama" + }, + attributes: ['id'] + }).then(result => { + console.log("Find done"); + let user = { + "username":"komisama", + "password":"komisama" + }; + chai.request('http://127.0.0.1:8081') + .post('/api/auth/login') + .send(user) + .then(res => { + console.log("sign done"); + let req = { + "userId":result.id, + "name":"Udin", + "username":"udin", + "email":"udin@udin.com", + "password":"udin", + "role":"Master Admin Diskominfo" + }; + console.log(req) + chai.request('http://127.0.0.1:8081') + .post('/api/user/create') + .set('x-access-token', res.body.accessToken) + .send(req) + .end((err, res)=>{ + console.log(res.text); + should.exist(res); + res.should.have.status(200); + expect(res.text).to.equal('User created successfully!'); + done(); + }); + }).catch(err => { + res.status(500).send('Error -> ' + err); + }); + }).catch(err => { + res.status(500).send('Error -> ' + err); + }); + }); +}); + +describe("Fetch 'em All", () => { + it('Fetch all user', (done) =>{ + User.findOne({ + where: { + username:"komisama" + }, + attributes: ['id'] + }).then(result => { + console.log("Find done"); + let user = { + "username":"komisama", + "password":"komisama" + }; + chai.request('http://127.0.0.1:8081') + .post('/api/auth/login') + .send(user) + .then(res => { + console.log("sign done"); + let req = { + "userId":result.id + }; + console.log(req) + chai.request('http://127.0.0.1:8081') + .post('/api/user/all') + .set('x-access-token', res.body.accessToken) + .send(req) + .end((err, res)=>{ + console.log(res.text); + should.exist(res); + res.should.have.status(200); + expect(res.body.users[0].id).to.equal(req.userId); + expect(res.body.users[0].name).to.equal('Komi Shouko'); + expect(res.body.users[0].role.id).to.equal(1); + expect(res.body.users[0].role.name).to.equal("Master Admin Diskominfo"); + done(); + }); + }).catch(err => { + res.status(500).send('Error -> ' + err); + }); + }).catch(err => { + res.status(500).send('Error -> ' + err); + }); + }); +}); + +describe("Edit user", () => { + it("Editing user", (done) => { + User.findOne({ + where: { + username:"komisama" + }, + attributes: ['id'] + }).then(result => { + console.log("Find done"); + let user = { + "username":"komisama", + "password":"komisama" + }; + chai.request('http://127.0.0.1:8081') + .post('/api/auth/login') + .send(user) + .then(res => { + console.log("sign done"); + let req = { + "userId":result.id, + "id":result.id, + "name":"Di-Komix Aja", + "username":"komisama", + "email":"komix@yahoo.com", + "password":"komisama", + "role":"Master Admin Diskominfo" + }; + console.log(req) + chai.request('http://127.0.0.1:8081') + .post('/api/user/edit') + .set('x-access-token', res.body.accessToken) + .send(req) + .end((err, res)=>{ + console.log(res.text); + should.exist(res); + res.should.have.status(200); + expect(res.text).to.equal('User edited successfully!'); + done(); + }); + }).catch(err => { + res.status(500).send('Error -> ' + err); + }); + }).catch(err => { + res.status(500).send('Error -> ' + err); + }); + }); +}); + +describe("View detail", () => { + it("Detail user", (done) => { + User.findOne({ + where: { + username:"komisama" + }, + attributes: ['id'] + }).then(result => { + console.log("Find done"); + let user = { + "username":"komisama", + "password":"komisama" + }; + chai.request('http://127.0.0.1:8081') + .post('/api/auth/login') + .send(user) + .then(res => { + console.log("sign done"); + let req = { + "userId":result.id, + "id":result.id + }; + console.log(req) + chai.request('http://127.0.0.1:8081') + .post('/api/user/detail') + .set('x-access-token', res.body.accessToken) + .send(req) + .end((err, res)=>{ + console.log(res.text); + should.exist(res); + res.should.have.status(200); + expect(res.body.users.name).to.equal('Di-Komix Aja'); + expect(res.body.users.email).to.equal('komix@yahoo.com'); + expect(res.body.users.username).to.equal('komisama'); + done(); + }); + }).catch(err => { + res.status(500).send('Error -> ' + err); + }); + }).catch(err => { + res.status(500).send('Error -> ' + err); + }); + }); +}); + +describe("Delete User", () => { + it("Delete user", (done) => { + User.findOne({ + where: { + username:"komisama" + }, + attributes: ['id'] + }).then(result => { + console.log("Find done"); + let user = { + "username":"komisama", + "password":"komisama" + }; + chai.request('http://127.0.0.1:8081') + .post('/api/auth/login') + .send(user) + .then(res => { + console.log("sign done"); + let req = { + "userId":result.id, + "id":result.id + }; + console.log(req) + chai.request('http://127.0.0.1:8081') + .post('/api/user/delete') + .set('x-access-token', res.body.accessToken) + .send(req) + .end((err, res)=>{ + console.log(res.text); + should.exist(res); + res.should.have.status(200); + expect(res.text).to.equal('User deleted successfully!'); + done(); + }); + }).catch(err => { + res.status(500).send('Error -> ' + err); + }); + }).catch(err => { + res.status(500).send('Error -> ' + err); }); }); }); \ No newline at end of file