diff --git a/src/api/routes/alarmRoutes.js b/src/api/routes/alarmRoutes.js
index f62aa6c..438b0d3 100644
--- a/src/api/routes/alarmRoutes.js
+++ b/src/api/routes/alarmRoutes.js
@@ -5,6 +5,7 @@ import {
} from '#api/middlewares/index.js';
import { UserType } from '#db/schemas/index.js';
import { RouteMethod } from '#api/RouteDescription.js';
+import { getUserById } from '#db/dbAccess/index.js';
/**
* @type {RouteDescription}
@@ -14,15 +15,17 @@ export const alarmByUserRoute = {
methods: {
get: new RouteMethod({
middlewares: [requireMonitor],
+ description: 'Get the alarm for a monitored user, if one is set',
async method(req, res) {
const user = await getUserById(req.params.id);
res.send(user.alarm);
}
}),
- put: new RouteMethod({
+ delete: new RouteMethod({
middlewares: [requireMonitor],
+ description: 'Clear the alarm for a monitored user',
async method(req, res) {
- const user = await getUserById(req.params.id);
+ const user = await getUserById(req.params.id).exec();
user.alarm = null;
await user.save();
res.status(204).send();
@@ -39,8 +42,20 @@ export const alarmListRoute = {
methods: {
get: new RouteMethod({
middlewares: [requireMonitor],
+ description: 'Get a list of all alarms for monitored users',
async method(req, res) {
console.log(req.user.monitoredUsers);
+ const alarms = [];
+ for (const userId of req.user.monitoredUsers) {
+ const user = await getUserById(userId).exec();
+ if (user.alarm) {
+ alarms.push({
+ user: userId,
+ alarm: user.alarm
+ });
+ }
+ }
+ res.send(alarms);
}
})
}
@@ -54,12 +69,14 @@ export const alarmRoute = {
methods: {
get: new RouteMethod({
middlewares: [requireUser],
+ description: "Get the current user's alarm",
async method(req, res) {
res.send(req.user.alarm);
}
}),
put: new RouteMethod({
middlewares: [requireUser],
+ description: 'Raise an alarm',
async method(req, res) {
req.user.alarm = req.body;
await req.user.save();
@@ -68,6 +85,7 @@ export const alarmRoute = {
}),
delete: new RouteMethod({
middlewares: [requireUser],
+ description: 'Clear alarm',
async method(req, res) {
req.user.alarm = null;
await req.user.save();
diff --git a/src/api/routes/auth/adminAccountRoutes.js b/src/api/routes/auth/adminAccountRoutes.js
index 13cca53..b485002 100644
--- a/src/api/routes/auth/adminAccountRoutes.js
+++ b/src/api/routes/auth/adminAccountRoutes.js
@@ -1,4 +1,11 @@
-import { deleteUser, loginUser, registerUser, UserType } from '#db/index.js';
+import {
+ DbUser,
+ deleteUser,
+ getUserById,
+ loginUser,
+ registerUser,
+ UserType
+} from '#db/index.js';
import { AuthDto, RegisterDto } from '#dto/index.js';
import { requireAdmin, requireRole } from '#api/middlewares/index.js';
import { RouteDescription, RouteMethod } from '#api/RouteDescription.js';
@@ -41,6 +48,7 @@ export const adminUserRoute = {
}),
delete: new RouteMethod({
middlewares: [requireAdmin],
+ description: 'Delete a user',
async method(req, res) {
await deleteUser(data);
res.status(204).send();
diff --git a/src/api/routes/auth/deviceRoutes.js b/src/api/routes/auth/deviceRoutes.js
index 40090e8..551252b 100644
--- a/src/api/routes/auth/deviceRoutes.js
+++ b/src/api/routes/auth/deviceRoutes.js
@@ -1,7 +1,7 @@
import { registerUser } from '#db/index.js';
import { RegisterDto } from '#dto/index.js';
-import { requireRole } from '#api/middlewares/index.js';
-import { RouteDescription, RouteMethod } from '#api/RouteDescription.js';
+import { requireAuth } from '#api/middlewares/index.js';
+import { RouteMethod } from '#api/RouteDescription.js';
/**
* @type {RouteDescription}
@@ -10,7 +10,8 @@ export const getDevicesRoute = {
path: '/auth/devices',
methods: {
get: new RouteMethod({
- middlewares: [requireRole({})],
+ middlewares: [requireAuth],
+ description: 'Get all devices registered to the user',
async method(req, res) {
const data = await RegisterDto.create(req.body);
const registerResult = await registerUser(data);
diff --git a/src/api/routes/budgetRoutes.js b/src/api/routes/budgetRoutes.js
index 4ad4897..a7ea097 100644
--- a/src/api/routes/budgetRoutes.js
+++ b/src/api/routes/budgetRoutes.js
@@ -20,6 +20,7 @@ export const getBudgetByUserRoute = {
methods: {
get: new RouteMethod({
middlewares: [requireMonitor],
+ description: 'Get the budget for a monitored user',
async method(req, res) {
if (req.user.type !== UserType.ADMIN) {
if (!req.user.monitoredUsers.includes(req.params.id))
@@ -43,8 +44,31 @@ export const addBudgetByUserRoute = {
path: '/budget/:id/add',
methods: {
get: new RouteMethod({
+ description: 'Add budget to a monitored user',
middlewares: [requireMonitor],
- async method(req, res) {}
+ async method(req, res) {
+ if (req.user.type !== UserType.ADMIN) {
+ if (!req.user.monitoredUsers.includes(req.params.id))
+ throw new SafeNSoundError({
+ errCode: 'UNAUTHORIZED',
+ message:
+ "You do not have permission to add budget to this user's account."
+ });
+ }
+
+ const user = await getUserById(req.params.id).exec();
+ const amount = parseFloat(req.query.amount);
+ if (isNaN(amount) || amount <= 0) {
+ throw new SafeNSoundError({
+ errCode: 'INVALID_AMOUNT',
+ message: 'Invalid amount specified.'
+ });
+ }
+
+ user.balance += amount;
+ await user.save();
+ res.send({ balance: user.balance });
+ }
})
}
};
|
