122 lines
4.5 KiB
JavaScript
122 lines
4.5 KiB
JavaScript
import express from 'express';
|
|
import { error } from '../modules/logManager';
|
|
import { pool } from '../modules/databaseManager';
|
|
import { verifyToken } from '../modules/tokenManager';
|
|
import { checkPermissions, checkBanned } from '../modules/permissionManager';
|
|
import { respondWithStatus, respondWithStatusJSON } from '../modules/requestHandler';
|
|
|
|
const router = express.Router();
|
|
|
|
router.get('/', verifyToken, checkBanned, checkPermissions('service', 1), async (req, res) => {
|
|
try {
|
|
const [rows] = await pool.execute('SELECT * FROM services WHERE 1');
|
|
if (rows.length === 0) return await respondWithStatus(res, 404, 'Services not found');
|
|
return await respondWithStatusJSON(res, 200, rows);
|
|
}
|
|
catch (err) {
|
|
error(err);
|
|
return await respondWithStatus(res, 500, 'An error has occured');
|
|
}
|
|
});
|
|
|
|
router.post('/', verifyToken, checkBanned, checkPermissions('service', 2), async (req, res) => {
|
|
const { name, description, price } = req.body;
|
|
if ([ name, description, price ].every(Boolean)) {
|
|
try {
|
|
const [result] = await pool.execute(
|
|
'INSERT INTO services (name, description, price) VALUES (?, ?, ?)',
|
|
[ name, description, price ],
|
|
);
|
|
if (result.affectedRows === 0) return await respondWithStatus(res, 500, 'Error storing service');
|
|
return await respondWithStatus(res, 200, 'Service created successfully');
|
|
}
|
|
catch (err) {
|
|
error(err);
|
|
return await respondWithStatus(res, 500, 'An error has occured');
|
|
}
|
|
}
|
|
else {
|
|
return await respondWithStatus(res, 400, 'Missing fields');
|
|
}
|
|
});
|
|
|
|
router.get('/:serviceId', verifyToken, checkBanned, checkPermissions('service', 1), async (req, res) => {
|
|
try {
|
|
const [rows] = await pool.execute('SELECT * FROM services WHERE id = ? LIMIT 1', [req.params.serviceId]);
|
|
if (rows.length === 0) return await respondWithStatus(res, 404, 'Services not found');
|
|
return await respondWithStatusJSON(res, 200, rows[0]);
|
|
}
|
|
catch (err) {
|
|
error(err);
|
|
return await respondWithStatus(res, 500, 'An error has occured');
|
|
}
|
|
});
|
|
|
|
router.patch('/:serviceId', verifyToken, checkBanned, checkPermissions('service', 2), async (req, res) => {
|
|
try {
|
|
const { type, value } = req.body;
|
|
const [rows] = await pool.execute('SELECT * FROM services WHERE id = ? LIMIT 1', [req.params.serviceId]);
|
|
if (rows.length === 0) return await respondWithStatus(res, 404, 'Service not found');
|
|
|
|
const fields = rows.map(row => Object.keys(row));
|
|
if (fields[0].includes(type)) {
|
|
const [result] = await pool.execute(`UPDATE services SET ${type} = ? WHERE id = ?`, [value, req.params.serviceId]);
|
|
if (result.affectedRows === 0) return await respondWithStatus(res, 500, 'Error updating service');
|
|
return await respondWithStatus(res, 200, 'Service updated successfully');
|
|
}
|
|
else {
|
|
return await respondWithStatus(res, 400, 'Invalid type');
|
|
}
|
|
}
|
|
catch (err) {
|
|
error(err);
|
|
return await respondWithStatus(res, 500, 'An error has occured');
|
|
}
|
|
});
|
|
|
|
router.put('/:serviceId', verifyToken, checkBanned, checkPermissions('service', 2), async (req, res) => {
|
|
const id = req.params.serviceId;
|
|
const { name, description, price } = req.body;
|
|
if ([ name, description, price ].every(Boolean)) {
|
|
try {
|
|
const [rows] = await pool.execute('SELECT * FROM services WHERE id = ? LIMIT 1', [id]);
|
|
|
|
if (rows.length === 0) {
|
|
return await respondWithStatus(res, 404, 'Service not found');
|
|
}
|
|
const [result] = await pool.execute(
|
|
'UPDATE services SET name = ?, description = ?, price = ? WHERE id = ?',
|
|
[name, description, price, id],
|
|
);
|
|
|
|
if (result.affectedRows === 0) {
|
|
return await respondWithStatus(res, 500, 'Error updating Service');
|
|
}
|
|
return await respondWithStatus(res, 200, 'Service updated successfully');
|
|
}
|
|
catch (err) {
|
|
error(err);
|
|
return await respondWithStatus(res, 500, 'An error has occured');
|
|
}
|
|
}
|
|
else {
|
|
return await respondWithStatus(res, 400, 'Missing fields');
|
|
}
|
|
});
|
|
|
|
router.delete('/:serviceId', verifyToken, checkBanned, checkPermissions('service', 4), async (req, res) => {
|
|
try {
|
|
const [rows] = await pool.execute('SELECT * FROM services WHERE id = ? LIMIT 1', [req.params.serviceId]);
|
|
if (rows.length === 0) return await respondWithStatus(res, 404, 'service not found');
|
|
|
|
const [result] = await pool.execute('DELETE FROM services WHERE id = ?', [req.params.serviceId]);
|
|
if (result.affectedRows === 0) return await respondWithStatus(res, 500, 'Error removing Service');
|
|
return await respondWithStatus(res, 200, 'Service deleted successfully');
|
|
}
|
|
catch (err) {
|
|
error(err);
|
|
return await respondWithStatus(res, 500, 'An error has occured');
|
|
}
|
|
});
|
|
|
|
export default router; |