s3-3on/backend/routes/channel.js

const express = require('express');
const passport = require('passport');
const crypto = require('crypto');

const db = require('../db');

const router = express.Router();

async function create_message(channel_id, msg, author) {
    console.log("create_message: " + channel_id + msg + author);
    let r = await db.query('SELECT * FROM channels WHERE id=$1', [channel_id]);

    if (r.rowCount < 1) {
        console.error('Channel not found');
        return false;
    }

    const channel = r.rows[0];

    if (channel.private) {
        // check permissions
        r = await db.query('SELECT * FROM allowed_users WHERE channel_id = $1 AND user_email = $2', [channel_id, author]);
        if (r.rowCount < 1) {
            console.error('You are not allowed to write in this channel');
            return false;
        }
    }

    await db.query('INSERT INTO messages (id, channel_id, data, author) VALUES ($1,$2,$3,$4)', [crypto.randomUUID(), channel_id, msg, author]);
    return true;
}

async function list_channels(user) {
    console.log("list_channel" + user);
    const r = await db.query('SELECT id, detail, private FROM channels WHERE private=FALSE UNION SELECT id, detail, private FROM channels, allowed_users WHERE id = channel_id AND user_email = $1', [user]);
    return r.rows;
}


router.get('/channel', async (req, res, next) => {
    const channels = await list_channels(req.user.email);
    res.render('channels', { channels, favorites: req.cookies });
});

router.get('/channel/:id', async (req, res, next) => {
    const chanid = req.params.id;

    let r = await db.query('SELECT * FROM channels WHERE id=$1', [chanid]);
    const channel = r.rows[0];
    r = await db.query('SELECT * FROM messages WHERE channel_id=$1', [chanid]);
    const messages = r.rows;

    if (!channel) {
        return res.status(404).send('not found');
    }

    if (channel.private) {
        let r = await db.query('SELECT user_email FROM allowed_users WHERE user_email=$1 AND channel_id=$2', [req.user.email, chanid]);

        if (r.rowCount < 1) {
            res.locals.errormsg = 'You are not allowed to do this';
            return res.status(403).render('error');
        }
    }

    res.render('channel', { channel, messages });
});

router.post('/new_channel', async (req, res, next) => {
    console.log("/ne_chanell" + req.body);
    const { channelid, detail } = req.body;
    const user = req.user.email;

    if (!/[a-zA-Z0-9]{4,40}/.test(channelid)) {
        return res.status(400).json({ error: 'Invalid channel name' });
    }

    await db.query('INSERT INTO channels (id, detail, private) VALUES ($1,$2,$3)', [channelid, detail, true]);
    await db.query('INSERT INTO allowed_users (user_email, channel_id) VALUES ($1,$2)', [user, channelid]);

    res.cookie(channelid, 'true');
    return res.json({ msg: 'Channel created' });
});

router.post('/new_message', async (req, res, next) => {
    const { msg, channelid } = req.body;
    console.log("/new_message", + req.body);
    const author = req.user.email;

    try {
        await create_message(channelid, msg, author);
        res.json({ msg: 'Message created' });
    } catch (error) {
        // console.error(error);
        res.status(500).send(error.toString());
    }
});

router.post('/invite', async (req, res, next) => {
    const { channelid, user } = req.body;
    const logged_user = req.user.email;
    console.log("/invite", + req.body);

    let r = await db.query('SELECT user_email FROM allowed_users WHERE user_email=$1 AND channel_id=$2', [logged_user, channelid]);

    if (r.rowCount < 1) {
        return res.status(403).json({ error: 'You are not allowed to do this' });
    }

    r = await db.query('SELECT email FROM users WHERE nickname=$1 OR email=$1', [user]);
    if (r.rowCount < 1) {
        return res.status(403).json({ error: 'User not found' });
    }

    const invited_email = r.rows[0].email;

    try {
        await db.query('INSERT INTO allowed_users (user_email, channel_id) VALUES ($1,$2)', [invited_email, channelid]);
    } catch (error) {
        console.log(error);
    }

    return res.json({ msg: 'User invited' });
});


router.get('/broadcast', async (req, res, next) => {
    const channels = await list_channels(req.user.email);
    res.render('broadcast', { channels, favorites: req.cookies });
});

router.post('/broadcast', async (req, res, next) => {
    console.log("/broadcast", req.body);
    let { msg } = req.body;
    const author = req.user.email;
    const channels = Object.keys(req.cookies);

    console.log('BROADCAST');
    console.error(channels);

    let promises = [];
    for (const c of channels) {
        promises.push(create_message(c, msg, author));
    }

    await Promise.all(promises);
    res.redirect('/channel');

});

module.exports = router;
Initial 2022-11-18 15:21:28 +01:00			`const express = require('express');`
			`const passport = require('passport');`
			`const crypto = require('crypto');`

			`const db = require('../db');`

			`const router = express.Router();`

			`async function create_message(channel_id, msg, author) {`
Add console logsd 2022-11-18 17:38:24 +01:00			`console.log("create_message: " + channel_id + msg + author);`
Initial 2022-11-18 15:21:28 +01:00			`let r = await db.query('SELECT * FROM channels WHERE id=$1', [channel_id]);`

			`if (r.rowCount < 1) {`
			`console.error('Channel not found');`
			`return false;`
			`}`

			`const channel = r.rows[0];`

			`if (channel.private) {`
			`// check permissions`
			`r = await db.query('SELECT * FROM allowed_users WHERE channel_id = $1 AND user_email = $2', [channel_id, author]);`
			`if (r.rowCount < 1) {`
			`console.error('You are not allowed to write in this channel');`
			`return false;`
			`}`
			`}`

			`await db.query('INSERT INTO messages (id, channel_id, data, author) VALUES ($1,$2,$3,$4)', [crypto.randomUUID(), channel_id, msg, author]);`
			`return true;`
			`}`

			`async function list_channels(user) {`
Add console logsd 2022-11-18 17:38:24 +01:00			`console.log("list_channel" + user);`
Initial 2022-11-18 15:21:28 +01:00			`const r = await db.query('SELECT id, detail, private FROM channels WHERE private=FALSE UNION SELECT id, detail, private FROM channels, allowed_users WHERE id = channel_id AND user_email = $1', [user]);`
			`return r.rows;`
			`}`


			`router.get('/channel', async (req, res, next) => {`
			`const channels = await list_channels(req.user.email);`
			`res.render('channels', { channels, favorites: req.cookies });`
			`});`

			`router.get('/channel/:id', async (req, res, next) => {`
			`const chanid = req.params.id;`

			`let r = await db.query('SELECT * FROM channels WHERE id=$1', [chanid]);`
			`const channel = r.rows[0];`
			`r = await db.query('SELECT * FROM messages WHERE channel_id=$1', [chanid]);`
			`const messages = r.rows;`

			`if (!channel) {`
			`return res.status(404).send('not found');`
			`}`

			`if (channel.private) {`
			`let r = await db.query('SELECT user_email FROM allowed_users WHERE user_email=$1 AND channel_id=$2', [req.user.email, chanid]);`

			`if (r.rowCount < 1) {`
			`res.locals.errormsg = 'You are not allowed to do this';`
			`return res.status(403).render('error');`
			`}`
			`}`

			`res.render('channel', { channel, messages });`
			`});`

			`router.post('/new_channel', async (req, res, next) => {`
Add console logsd 2022-11-18 17:38:24 +01:00			`console.log("/ne_chanell" + req.body);`
Initial 2022-11-18 15:21:28 +01:00			`const { channelid, detail } = req.body;`
			`const user = req.user.email;`

			`if (!/[a-zA-Z0-9]{4,40}/.test(channelid)) {`
			`return res.status(400).json({ error: 'Invalid channel name' });`
			`}`

			`await db.query('INSERT INTO channels (id, detail, private) VALUES ($1,$2,$3)', [channelid, detail, true]);`
			`await db.query('INSERT INTO allowed_users (user_email, channel_id) VALUES ($1,$2)', [user, channelid]);`

			`res.cookie(channelid, 'true');`
			`return res.json({ msg: 'Channel created' });`
			`});`

			`router.post('/new_message', async (req, res, next) => {`
			`const { msg, channelid } = req.body;`
Add console logsd 2022-11-18 17:38:24 +01:00			`console.log("/new_message", + req.body);`
Initial 2022-11-18 15:21:28 +01:00			`const author = req.user.email;`

			`try {`
			`await create_message(channelid, msg, author);`
			`res.json({ msg: 'Message created' });`
			`} catch (error) {`
			`// console.error(error);`
			`res.status(500).send(error.toString());`
			`}`
			`});`

			`router.post('/invite', async (req, res, next) => {`
			`const { channelid, user } = req.body;`
			`const logged_user = req.user.email;`
Add console logsd 2022-11-18 17:38:24 +01:00			`console.log("/invite", + req.body);`
Initial 2022-11-18 15:21:28 +01:00
			`let r = await db.query('SELECT user_email FROM allowed_users WHERE user_email=$1 AND channel_id=$2', [logged_user, channelid]);`

			`if (r.rowCount < 1) {`
			`return res.status(403).json({ error: 'You are not allowed to do this' });`
			`}`

			`r = await db.query('SELECT email FROM users WHERE nickname=$1 OR email=$1', [user]);`
			`if (r.rowCount < 1) {`
			`return res.status(403).json({ error: 'User not found' });`
			`}`

			`const invited_email = r.rows[0].email;`

			`try {`
			`await db.query('INSERT INTO allowed_users (user_email, channel_id) VALUES ($1,$2)', [invited_email, channelid]);`
			`} catch (error) {`
			`console.log(error);`
			`}`

			`return res.json({ msg: 'User invited' });`
			`});`


			`router.get('/broadcast', async (req, res, next) => {`
			`const channels = await list_channels(req.user.email);`
			`res.render('broadcast', { channels, favorites: req.cookies });`
			`});`

			`router.post('/broadcast', async (req, res, next) => {`
Add console logsd 2022-11-18 17:38:24 +01:00			`console.log("/broadcast", req.body);`
Initial 2022-11-18 15:21:28 +01:00			`let { msg } = req.body;`
			`const author = req.user.email;`
			`const channels = Object.keys(req.cookies);`

			`console.log('BROADCAST');`
			`console.error(channels);`

			`let promises = [];`
			`for (const c of channels) {`
			`promises.push(create_message(c, msg, author));`
			`}`

			`await Promise.all(promises);`
			`res.redirect('/channel');`

			`});`

			`module.exports = router;`