Merge branch 'release-1.0.22' into main

hackforla · Oct 6, 2020 · 465be04 · 465be04
2 parents 574ec13 + 0f7a340
commit 465be04
Show file tree

Hide file tree

Showing 51 changed files with 1,034 additions and 1,426 deletions.
diff --git a/app/controllers/stakeholder-best-controller.js b/app/controllers/stakeholder-best-controller.js
@@ -0,0 +1,43 @@
+const stakeholderService = require("../services/stakeholder-best-service");
+
+const search = (req, res) => {
+  let categoryIds = req.query.categoryIds;
+  if (!req.query.latitude || !req.query.longitude) {
+    res
+      .status(404)
+      .json("Bad request: needs latitude and longitude parameters");
+  }
+  if (!categoryIds) {
+    // If no filter, just use active categories.
+    categoryIds = ["1", "3", "8", "9", "10", "11", "12"];
+  } else if (typeof categoryIds == "string") {
+    categoryIds = [categoryIds];
+  }
+  const params = { ...req.query, categoryIds };
+  stakeholderService
+    .search(params)
+    .then((resp) => {
+      res.send(resp);
+    })
+    .catch((err) => {
+      console.log(err);
+      res.status("404").json({ error: err.toString() });
+    });
+};
+
+const getById = (req, res) => {
+  const { id } = req.params;
+  stakeholderService
+    .selectById(id)
+    .then((resp) => {
+      res.send(resp);
+    })
+    .catch((err) => {
+      res.status("500").json({ error: err.toString() });
+    });
+};
+
+module.exports = {
+  search,
+  getById,
+};
diff --git a/app/controllers/stakeholder-controller.js b/app/controllers/stakeholder-controller.js
@@ -3,31 +3,6 @@ const { Readable } = require("stream");
 const stringify = require("csv-stringify");
 
 const search = (req, res) => {
-  let categoryIds = req.query.categoryIds;
-  if (!req.query.latitude || !req.query.longitude) {
-    res
-      .status(404)
-      .json("Bad request: needs latitude and longitude parameters");
-  }
-  if (!categoryIds) {
-    // If no filter, just use active categories.
-    categoryIds = ["1", "3", "8", "9", "10", "11", "12"];
-  } else if (typeof categoryIds == "string") {
-    categoryIds = [categoryIds];
-  }
-  const params = { ...req.query, categoryIds };
-  stakeholderService
-    .search(params)
-    .then((resp) => {
-      res.send(resp);
-    })
-    .catch((err) => {
-      console.log(err);
-      res.status("404").json({ error: err.toString() });
-    });
-};
-
-const searchDashboard = (req, res) => {
   if (req.distance && (!req.latitude || !req.longitude)) {
     res
       .status(404)
@@ -42,7 +17,7 @@ const searchDashboard = (req, res) => {
   }
   const params = { ...req.query, categoryIds };
   stakeholderService
-    .searchDashboard(params)
+    .search(params)
     .then((resp) => {
       res.send(resp);
     })
@@ -210,9 +185,8 @@ const claim = (req, res) => {
 
 module.exports = {
   search,
-  searchDashboard,
-  csv,
   getById,
+  csv,
   post,
   put,
   remove,

diff --git a/app/controllers/stakeholder-log-controller.js b/app/controllers/stakeholder-log-controller.js
@@ -0,0 +1,17 @@
+const stakeholderLogService = require("../services/stakeholder-log-service");
+
+const getById = (req, res) => {
+  const { id } = req.params;
+  stakeholderLogService
+    .selectById(id)
+    .then((resp) => {
+      res.send(resp);
+    })
+    .catch((err) => {
+      res.status("500").json({ error: err.toString() });
+    });
+};
+
+module.exports = {
+  getById,
+};
diff --git a/app/routes/index.js b/app/routes/index.js
@@ -8,13 +8,17 @@ const suggestionRouter = require("./suggestion-router");
 
 const faqRouter = require("./faq-router");
 const stakeholderRouter = require("./stakeholder-router");
+const stakeholderBestRouter = require("./stakeholder-best-router");
+const stakeholderLogRouter = require("./stakeholder-log-router");
 const importRouter = require("./import-router");
 const loadRouter = require("./load-router");
 const esriRouter = require("./esri-router");
 
 module.exports = router;
 
 router.use("/api/stakeholders", stakeholderRouter);
+router.use("/api/stakeholderbests", stakeholderBestRouter);
+router.use("/api/stakeholderlogs", stakeholderLogRouter);
 router.use("/api/tenants", tenantRouter);
 router.use("/api/accounts", accountRouter);
 router.use("/api/categories", categoryRouter);

diff --git a/app/routes/stakeholder-best-router.js b/app/routes/stakeholder-best-router.js
@@ -0,0 +1,7 @@
+const router = require("express").Router();
+const stakeholderBestController = require("../controllers/stakeholder-best-controller");
+
+router.get("/", stakeholderBestController.search);
+router.get("/:id", stakeholderBestController.getById);
+
+module.exports = router;
diff --git a/app/routes/stakeholder-log-router.js b/app/routes/stakeholder-log-router.js
@@ -0,0 +1,6 @@
+const router = require("express").Router();
+const stakeholderLogController = require("../controllers/stakeholder-log-controller");
+
+router.get("/:id", stakeholderLogController.getById);
+
+module.exports = router;
diff --git a/app/routes/stakeholder-router.js b/app/routes/stakeholder-router.js
@@ -2,15 +2,14 @@ const router = require("express").Router();
 const stakeholderController = require("../controllers/stakeholder-controller");
 const jwtSession = require("../../middleware/jwt-session");
 
-router.get("/", stakeholderController.search);
 router.get(
-  "/dashboard",
+  "/",
   jwtSession.validateUserHasRequiredRoles([
     "admin",
     "data_entry",
     "coordinator",
   ]),
-  stakeholderController.searchDashboard
+  stakeholderController.search
 );
 router.get(
   "/:id",

diff --git a/app/services/account-service.js b/app/services/account-service.js
@@ -1,6 +1,5 @@
 const { pool } = require("./postgres-pool");
 const { promisify } = require("util");
-const { toSqlBoolean } = require("./postgres-utils");
 const moment = require("moment");
 const bcrypt = require("bcrypt");
 const {
@@ -32,8 +31,8 @@ const selectAll = () => {
 };
 
 const selectById = (id) => {
-  const sql = `select * from login where id = ${id}`;
-  return pool.query(sql).then((res) => {
+  const sql = `select * from login where id = $1`;
+  return pool.query(sql, [id]).then((res) => {
     const row = res.rows[0];
     return {
       id: row.id,
@@ -51,8 +50,8 @@ const selectById = (id) => {
 };
 
 const selectByEmail = (email) => {
-  const sql = `select * from login where email ilike '${email}'`;
-  return pool.query(sql).then((res) => {
+  const sql = `select * from login where email ilike $1`;
+  return pool.query(sql, [email]).then((res) => {
     const row = res.rows[0];
     if (row) {
       return {
@@ -80,9 +79,13 @@ const register = async (model) => {
   try {
     const sql = `insert into login (first_name, last_name, email,
         password_hash)
-        values ('${firstName}', '${lastName}', '${email}',
-        '${model.passwordHash}') returning id`;
-    const insertResult = await pool.query(sql);
+        values ($1, $2, $3, $4) returning id`;
+    const insertResult = await pool.query(sql, [
+      firstName,
+      lastName,
+      email,
+      model.passwordHash,
+    ]);
     result = {
       isSuccess: true,
       code: "REG_SUCCESS",
@@ -104,8 +107,8 @@ const register = async (model) => {
 const resendConfirmationEmail = async (email) => {
   let result = null;
   try {
-    const sql = `select id from  login where email = '${email}'`;
-    const insertResult = await pool.query(sql);
+    const sql = `select id from  login where email ilike $1`;
+    const insertResult = await pool.query(sql, [email]);
     result = {
       success: true,
       code: "REG_SUCCESS",
@@ -131,8 +134,8 @@ const requestRegistrationConfirmation = async (email, result) => {
   const token = uuid4();
   try {
     const sqlToken = `insert into security_token (token, email)
-        values ('${token}', '${email}') `;
-    await pool.query(sqlToken);
+        values ($1, $2) `;
+    await pool.query(sqlToken, [token, email]);
     await sendRegistrationConfirmation(email, token);
     return result;
   } catch (err) {
@@ -146,9 +149,9 @@ const requestRegistrationConfirmation = async (email, result) => {
 
 const confirmRegistration = async (token) => {
   const sql = `select email, date_created
-    from security_token where token = '${token}'`;
+    from security_token where token = $1;`;
   try {
-    const sqlResult = await pool.query(sql);
+    const sqlResult = await pool.query(sql, [token]);
     const now = moment();
 
     if (sqlResult.rows.length < 1) {
@@ -171,8 +174,8 @@ const confirmRegistration = async (token) => {
     const email = sqlResult.rows[0].email;
     const confirmSql = `update login
             set email_confirmed = true
-            where email = '${email}'`;
-    await pool.query(confirmSql);
+            where email ilike $1`;
+    await pool.query(confirmSql, [email]);
 
     return {
       success: true,
@@ -191,8 +194,8 @@ const forgotPassword = async (model) => {
   const { email } = model;
   let result = null;
   try {
-    const sql = `select id from  login where email = '${email}'`;
-    const checkAccountResult = await pool.query(sql);
+    const sql = `select id from  login where email ilike $1`;
+    const checkAccountResult = await pool.query(sql, [email]);
     if (
       checkAccountResult &&
       checkAccountResult.rows &&
@@ -226,8 +229,8 @@ const requestResetPasswordConfirmation = async (email, result) => {
   const token = uuid4();
   try {
     const sqlToken = `insert into security_token (token, email)
-        values ('${token}', '${email}') `;
-    await pool.query(sqlToken);
+        values ($1, $2); `;
+    await pool.query(sqlToken, [token, email]);
     result = await sendResetPasswordConfirmation(email, token);
     return result;
   } catch (err) {
@@ -242,11 +245,11 @@ const requestResetPasswordConfirmation = async (email, result) => {
 // Verify password reset token and change password
 const resetPassword = async ({ token, password }) => {
   const sql = `select email, date_created
-    from security_token where token = '${token}'`;
+    from security_token where token = $1; `;
   const now = moment();
   let email = "";
   try {
-    const sqlResult = await pool.query(sql);
+    const sqlResult = await pool.query(sql, [token]);
 
     if (sqlResult.rows.length < 1) {
       return {
@@ -268,9 +271,9 @@ const resetPassword = async ({ token, password }) => {
     const passwordHash = await promisify(bcrypt.hash)(password, SALT_ROUNDS);
     email = sqlResult.rows[0].email;
     const resetSql = `update login
-            set password_hash = '${passwordHash}'
-            where email = '${email}'`;
-    await pool.query(resetSql);
+            set password_hash = $1
+            where email ilike $2 ;`;
+    await pool.query(resetSql, [passwordHash, email]);
 
     return {
       isSuccess: true,
@@ -347,17 +350,17 @@ const authenticate = async (email, password) => {
 const update = (model) => {
   const { id, firstName, lastName } = model;
   const sql = `update login
-               set firstName = '${firstName}',
-                lastName = '${lastName}'
-                where id = ${id}`;
-  return pool.query(sql).then((res) => {
+               set firstName = $1,
+                lastName = $2
+                where id = $3;`;
+  return pool.query(sql, [firstName, lastName, id]).then((res) => {
     return res;
   });
 };
 
 const remove = (id) => {
-  const sql = `delete from login where id = ${id}`;
-  return pool.query(sql).then((res) => {
+  const sql = `delete from login where id = $1`;
+  return pool.query(sql, [id]).then((res) => {
     return res;
   });
 };
@@ -399,10 +402,8 @@ const setPermissions = async (userId, permissionName, value) => {
   try {
     // do a tiny bit of sanity checking on our input
     var booleanValue = Boolean(value);
-    const updateSql = `update login set ${permissionName}=${toSqlBoolean(
-      booleanValue
-    )} where id = ${userId}`;
-    await pool.query(updateSql);
+    const updateSql = `update login set ${permissionName}=$1} where id = ${userId};`;
+    await pool.query(updateSql, [booleanValue]);
     return {
       success: true,
       code: "UPDATE_SUCCESS",

diff --git a/app/services/category-service.js b/app/services/category-service.js
@@ -2,7 +2,7 @@ const { pool } = require("./postgres-pool");
 
 const selectAll = () => {
   const sql = `
-    select id, name, inactive
+    select id, name, display_order as displayOrder, inactive
     from category
     order by name
   `;
@@ -12,7 +12,7 @@ const selectAll = () => {
 };
 
 const selectById = (id) => {
-  const sql = `select id, name, inactive
+  const sql = `select id, name, display_order as displayOrder, inactive
    from category where id = ${id}`;
   return pool.query(sql).then((res) => {
     return res.rows[0];

diff --git a/app/services/esri-service.js b/app/services/esri-service.js
@@ -1,7 +1,7 @@
 const axios = require("axios");
 
-const getTokenUrl = `http://www.arcgis.com/sharing/oauth2/token`;
-const findAddressCandidateUrl = `http://geocode.arcgis.com/arcgis/rest/services/World/GeocodeServer/findAddressCandidates`;
+const getTokenUrl = `https://www.arcgis.com/sharing/oauth2/token`;
+const findAddressCandidateUrl = `https://geocode.arcgis.com/arcgis/rest/services/World/GeocodeServer/findAddressCandidates`;
 
 let esriToken = "";