Added new authorization middleware to routes.

grnet · Jan 24, 2023 · e10e26c · e10e26c
1 parent 374bf5d
commit e10e26c
Show file tree

Hide file tree

Showing 17 changed files with 1,070 additions and 823 deletions.
diff --git a/docker-compose-oauth2.dev.yml b/docker-compose-oauth2.dev.yml
@@ -52,7 +52,6 @@ services:
             - CLIENT_ID=$CLIENT_ID
             - CLIENT_SECRET=$CLIENT_SECRET
             - GSIS_GOV=$GSIS_GOV
-
     database:
         image: mysql:8
         ports:

diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml
@@ -50,7 +50,6 @@ services:
             - CLIENT_ID=$CLIENT_ID
             - CLIENT_SECRET=$CLIENT_SECRET
             - GSIS_GOV=$GSIS_GOV
-
     database:
         image: mysql:8
         ports:

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -31,6 +31,7 @@ services:
             - CLIENT_ID=$CLIENT_ID
             - CLIENT_SECRET=$CLIENT_SECRET
             - GSIS_GOV=$GSIS_GOV
+            - OAUTH2_LOGIN_PATH=$OAUTH2_LOGIN_PATH
     database:
         image: mysql:8
         ports:

diff --git a/middleware/auth.js b/middleware/auth.js
@@ -33,7 +33,7 @@ exports.authRole = async function (req, res, next) {
     req.session.errors.push({
       msg: "Δε σας έχει ανατεθεί ρόλος για να περιηγηθείτε στην εφαρμογή.",
     });
-    return res.redirect("./dashboard");
+    return res.redirect("/login");
   } else {
     return next();
   }
@@ -45,7 +45,7 @@ exports.authAgency = async function (req, res, next) {
     req.session.errors.push({
       msg: "Δε σας έχει ανατεθεί φορέας για να περιηγηθείτε στην εφαρμογή.",
     });
-    return res.redirect("./dashboard");
+    return res.redirect("/login");
   } else {
     return next();
   }

diff --git a/routes/create.js b/routes/create.js
@@ -2,7 +2,7 @@ const routes = require("express").Router();
 let database = require("../services/database");
 const { body, check, validationResult } = require("express-validator");
 var multer = require("multer");
-const { authUser } = require("../middleware/auth");
+const { authUser, authAgency, authRole } = require("../middleware/auth");
 const tables = require("../lib/tables");
 const ministries = require("../lib/ministries");
 const tooltipsCsv = require("../lib/tooltips");
@@ -23,59 +23,67 @@ var upload = multer({ storage: storage }).fields([
   { name: "nomosxedio", maxCount: 1 },
 ]);
 
-routes.get("/:analysis", authUser, async (req, res, next) => {
-  const type = req.params.analysis.substring(1); //removing first character
-  try {
-    //TODO: remove errors
-    const valid_errors = req.session.errors;
-    req.session.errors = null;
-    const user = req.session.user;
-
-    const tooltips = JSON.stringify(await tooltipsCsv.getTooltips());
-    const ministriesResult = await ministries.getMinistries();
-    const ministersResult = await ministries.getMinisters(ministriesResult);
+routes.get(
+  "/:analysis",
+  authUser,
+  authRole,
+  authAgency,
+  async (req, res, next) => {
+    const type = req.params.analysis.substring(1); //removing first character
+    try {
+      //TODO: remove errors
+      const valid_errors = req.session.errors;
+      req.session.errors = null;
+      const user = req.session.user;
 
-    const indexesResult = await database.indexes.findAll();
-    const indexTablesResult = await database.index_tables.findAll();
-    const indexes = {};
-    const indexTables = [];
-    for (i in indexTablesResult) {
-      indexTables.push(indexTablesResult[i].dataValues.name);
-    }
+      const tooltips = JSON.stringify(await tooltipsCsv.getTooltips());
+      const ministriesResult = await ministries.getMinistries();
+      const ministersResult = await ministries.getMinisters(ministriesResult);
+
+      const indexesResult = await database.indexes.findAll();
+      const indexTablesResult = await database.index_tables.findAll();
+      const indexes = {};
+      const indexTables = [];
+      for (i in indexTablesResult) {
+        indexTables.push(indexTablesResult[i].dataValues.name);
+      }
 
-    for (let i in indexTables) {
-      indexes[`${indexTables[i]}`] = [];
-      for (let j in indexesResult) {
-        if (
-          indexesResult[i].dataValues.id ===
-          indexesResult[j].dataValues.indexTableId
-        ) {
-          indexes[`${indexTables[i]}`].push(indexesResult[j].name);
+      for (let i in indexTables) {
+        indexes[`${indexTables[i]}`] = [];
+        for (let j in indexesResult) {
+          if (
+            indexesResult[i].dataValues.id ===
+            indexesResult[j].dataValues.indexTableId
+          ) {
+            indexes[`${indexTables[i]}`].push(indexesResult[j].name);
+          }
         }
+        indexes[`${indexTables[i]}`].sort();
       }
-      indexes[`${indexTables[i]}`].sort();
-    }
 
-    res.render("create", {
-      type: type,
-      role: req.session.user.role,
-      errors: valid_errors,
-      tooltips: tooltips,
-      ministers: ministersResult,
-      ministries: ministriesResult,
-      user: user,
-      indexes:indexes
-    });
-  } catch (err) {
-    // TODO: add status error code
-    //TODO: should collect all status errors to app.js
-    console.log("error: " + err);
+      res.render("create", {
+        type: type,
+        role: req.session.user.role,
+        errors: valid_errors,
+        tooltips: tooltips,
+        ministers: ministersResult,
+        ministries: ministriesResult,
+        user: user,
+        indexes: indexes,
+      });
+    } catch (err) {
+      // TODO: add status error code
+      //TODO: should collect all status errors to app.js
+      console.log("error: " + err);
+    }
   }
-});
+);
 
 routes.post(
   "/:analysis",
   authUser,
+  authRole,
+  authAgency,
   upload,
   [check("title", "Title is required").notEmpty()],
   async function (req, res, next) {

diff --git a/routes/create_user.js b/routes/create_user.js
@@ -1,48 +1,65 @@
 const routes = require("express").Router();
 let database = require("../services/database");
 const bcrypt = require("bcrypt");
-const { authUser, authAdmin } = require("../middleware/auth");
+const { authUser, authAdmin, authAgency, authRole } = require("../middleware/auth");
 
-routes.get("/", authUser, authAdmin, async function (req, res, next) {
-  let latest_entry = await database.ministries.max("id").catch((error) => {
-    console.log(error);
-  }); // get entry with highest id
-  const user = req.session.user;
-  let res_data = await database.ministries
-    .findOne({ where: { id: latest_entry } })
-    .catch((error) => {
+routes.get(
+  "/",
+  authUser,
+  authRole,
+  authAgency,
+  authAdmin,
+  async function (req, res, next) {
+    let latest_entry = await database.ministries.max("id").catch((error) => {
       console.log(error);
-    });
-  let ministries = [];
-  for (i in res_data.dataValues.ministries) {
-    let value = res_data.dataValues.ministries[i].ministry;
-    if (value && String(value).trim()) {
-      ministries.push({ ministry: value });
+    }); // get entry with highest id
+    const user = req.session.user;
+    let res_data = await database.ministries
+      .findOne({ where: { id: latest_entry } })
+      .catch((error) => {
+        console.log(error);
+      });
+    let ministries = [];
+    for (i in res_data.dataValues.ministries) {
+      let value = res_data.dataValues.ministries[i].ministry;
+      if (value && String(value).trim()) {
+        ministries.push({ ministry: value });
+      }
     }
+    res.render("user_views/create_user", {
+      ministries: ministries,
+      user: user,
+    });
   }
-  res.render("user_views/create_user", { ministries: ministries, user:user });
-});
+);
 
-routes.post("/", authUser, authAdmin, async function (req, res, next) {
-  const userPassword = req.body.password;
-  bcrypt.hash(userPassword, 10, async function (err, hash) {
-    //add row to user model, map values from req.body
-    if (hash) {
-      let res_data = await database.user.create({
-        fname: req.body.fname,
-        lname: req.body.lname,
-        taxId: req.body.taxId,
-        username: req.body.username,
-        password: hash,
-        role: req.body.role,
-        isAdmin: req.body.isAdmin,
-        agency: req.body.ypoyrgeio,
-      });
-      res.send(res_data);
-    } else {
-      console.log("error while hashing");
-    }
-  });
-});
+routes.post(
+  "/",
+  authUser,
+  authRole,
+  authAgency,
+  authAdmin,
+  async function (req, res, next) {
+    const userPassword = req.body.password;
+    bcrypt.hash(userPassword, 10, async function (err, hash) {
+      //add row to user model, map values from req.body
+      if (hash) {
+        let res_data = await database.user.create({
+          fname: req.body.fname,
+          lname: req.body.lname,
+          taxId: req.body.taxId,
+          username: req.body.username,
+          password: hash,
+          role: req.body.role,
+          isAdmin: req.body.isAdmin,
+          agency: req.body.ypoyrgeio,
+        });
+        res.send(res_data);
+      } else {
+        console.log("error while hashing");
+      }
+    });
+  }
+);
 
 module.exports = routes;
diff --git a/routes/dashboard.js b/routes/dashboard.js
@@ -1,18 +1,18 @@
 const routes = require('express').Router()
-const { authUser } = require('../middleware/auth');
+const { authUser, authRole, authAgency } = require("../middleware/auth");
 let database = require("../services/database")
 
-routes.get('/', authUser,async (req,res,next) =>{
-    let user = await database.user.findOne({
-      where: {
-        taxId: req.session.user.taxId,
-      },
-    });
-    if(user && user.dataValues){
-        res.render("user_views/dashboard",{user:user.dataValues})
-    }else{
-        res.status(404).send("Not found")
-    }
+routes.get("/", authUser, authRole, authAgency, async (req, res, next) => {
+  let user = await database.user.findOne({
+    where: {
+      taxId: req.session.user.taxId,
+    },
+  });
+  if (user && user.dataValues) {
+    res.render("user_views/dashboard", { user: user.dataValues });
+  } else {
+    res.status(404).send("Not found");
+  }
 });
 
 module.exports = routes;