Merge branch 'MLAB-501' into 'testing'

Mlab 501 See merge request !80

Merge branch 'MLAB-501' into 'testing'
Mlab 501 See merge request !80
3dbef16c · Rosanny Sihombing · 9c928de9 · dd0965d8 · 3dbef16c · 3dbef16c
Commit 3dbef16c authored May 05, 2021 by Rosanny Sihombing
--- a/README.md
+++ b/README.md
 User Account Management

-MLAB-481 branch should be created from this branch
\ No newline at end of file
+This is the repository of the User Account of the TransferPortal.
\ No newline at end of file
--- a/app.js
+++ b/app.js
@@ -11,6 +11,7 @@ const flash = require('express-flash-2');
 const fileUpload = require('express-fileupload');
 const helmet = require('helmet');
 const compression = require('compression');
+const methodOverride = require('method-override');

 const i18n = require('i18n'); // internationalization
 i18n.configure({
@@ -35,6 +36,7 @@ app.use(fileUpload({
  }
 }));

+app.use(methodOverride('_method'));
 app.use(helmet());
 app.use(compression());
 app.use(morgan('combined'));

--- a/package-lock.json
+++ b/package-lock.json
@@ -5013,6 +5013,32 @@
      "resolved": "https://registry.npmjs.org/messageformat-parser/-/messageformat-parser-4.1.2.tgz",
      "integrity": "sha1-/TTsOZEqFIaKFZXq63QkhauKs3I="
    },
+    "method-override": {
+      "version": "3.0.0",
+      "resolved": "https://registry.npmjs.org/method-override/-/method-override-3.0.0.tgz",
+      "integrity": "sha512-IJ2NNN/mSl9w3kzWB92rcdHpz+HjkxhDJWNDBqSlas+zQdP8wBiJzITPg08M/k2uVvMow7Sk41atndNtt/PHSA==",
+      "requires": {
+        "debug": "3.1.0",
+        "methods": "~1.1.2",
+        "parseurl": "~1.3.2",
+        "vary": "~1.1.2"
+      },
+      "dependencies": {
+        "debug": {
+          "version": "3.1.0",
+          "resolved": "https://registry.npmjs.org/debug/-/debug-3.1.0.tgz",
+          "integrity": "sha512-OX8XqP7/1a9cqkxYw2yXss15f26NKWBpDXQd0/uK/KPqdQhxbPa994hnzjcE2VqQpDslf55723cKPUOGSmMY3g==",
+          "requires": {
+            "ms": "2.0.0"
+          }
+        },
+        "ms": {
+          "version": "2.0.0",
+          "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz",
+          "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g="
+        }
+      }
+    },
    "methods": {
      "version": "1.1.2",
      "resolved": "https://registry.npmjs.org/methods/-/methods-1.1.2.tgz",

--- a/package.json
+++ b/package.json
@@ -37,6 +37,7 @@
    "helmet": "^3.23.3",
    "i18n": "^0.8.5",
    "jest": "^26.6.3",
+    "method-override": "^3.0.0",
    "morgan": "^1.9.1",
    "mysql": "^2.17.1",
    "mysql2": "^2.2.5",

--- a/routes/gitlab.js
+++ b/routes/gitlab.js
@@ -66,6 +66,24 @@ var gitlab = {
            data: err.response.data
        })
    },
+    deleteProjectById: function(projectId){
+        // https://docs.gitlab.com/ee/api/projects.html#delete-project
+        return axios({
+            method: 'delete',
+            url: 'https://transfer.hft-stuttgart.de/gitlab/api/v4/projects/'+projectId,
+            headers: { 
+                'Authorization': 'Bearer '+config.gitlab.token_readWriteProjects 
+            }
+        })
+        .then(res => res = {
+            error: false,
+            data: res.data
+        })
+        .catch(err => res = {
+            error: true,
+            data: err.response.data
+        })
+    },
    getUserProjects: async function(gitlabUserId) {
        return axios({
            method: 'get',
@@ -96,7 +114,6 @@ var gitlab = {
        .then(res => res.data[0].status)
        .catch(err => console.error(err))
    },
-    // delete peoject: https://docs.gitlab.com/ee/api/projects.html#delete-project
    //
    // test GraphQL
    getGraphqlTest: function(callback) {

--- a/routes/routes-account.js
+++ b/routes/routes-account.js
@@ -562,10 +562,13 @@ module.exports = function (app, config, passport, i18n) {
      } else {
        let project = await gitlab.getProjectById(req.query.id)
        if (!project) {
-          console.log(" =================== error or no project found")
+          console.log(" ========= Error or no project found")
+          res.redirect('/account/services')
+        } else if (!project.owner) {
+          console.log(" ========= Project cannot be accessed, since it does not have an owner")
          res.redirect('/account/services')
        } else if (project.owner.id != loggedInUser.getGitlabUserId()) {
-          console.log(" =================== not your project")
+          console.log(" ========= Access denied: Not your project")
          res.redirect('/account/services')
        } else {
          let curInformation = new projectInformation(loggedInUser.getGitlabUserId(), req.query.id, project.name, project.description,
@@ -579,7 +582,7 @@ module.exports = function (app, config, passport, i18n) {
      }
    }
  })
-
+  // update a website
  app.post('/updateInformation', async function(req, res){
    if( !req.isAuthenticated() ) {
      res.redirect('/login')
@@ -635,7 +638,35 @@ module.exports = function (app, config, passport, i18n) {
    }
  })

-  // RS: delete projektInformation?
+  app.delete('/deleteProject', async function(req, res){
+    console.log("delete project")
+
+    if( !req.isAuthenticated() ) {
+      res.redirect('/login')
+    } else {
+      let loggedInUser = await getLoggedInUserData(req.user.email)
+      let projectId = req.body.id
+
+      if (projectId) {
+        // check if the owner is valid
+        let project = await gitlab.getProjectById(projectId)
+        if (!project) {
+          console.log(" ========= Error or no project found")
+        } else if (!project.owner) {
+          console.log(" ========= Project cannot be accessed, since it does not have an owner")
+        } else if (project.owner.id != loggedInUser.getGitlabUserId()) {
+          console.log(" ========= Access denied: Not your project")
+        } else {
+          // delete project
+          let project = await gitlab.deleteProjectById(projectId)
+          if (project.error) {
+            res.flash("error", "Project cannot be deleted. Please try again.")
+          }
+        }
+      }
+      res.redirect('/account/services')
+    }
+  })

  // ============= NEW USERS REGISTRATION ===========================
  app.get('/registration', function(req, res) {

--- a/views/DE/account/updateInformation.pug
+++ b/views/DE/account/updateInformation.pug
@@ -82,6 +82,29 @@ html(lang="de")
                        div(class="card-body") Passen Sie die Werte für projektname und projektseitenlink an, indem Sie die entsprechenden Werte in die Anführungszeichen schreiben.
                            img(src="https://m4lab.hft-stuttgart.de/img/help/edit_settings.png", class="img-fluid", style="border: 1px solid gray;", alt="setting.js")
                            p Klicken Sie anschließend auf <i>commit changes</i>, um die Änderungen zu speichern.
+                hr
+                div(class="mx-4")
+                    div(class="alert alert-danger" role="alert") <h5><strong>Webseite löschen</strong></h5>
+                        p Dies wird <strong><em>#{information.name}</em></strong> sofort endgültig löschen, inklusive ihrer Repositorien und aller zugehöriger Ressourcen.
+                        p Sind Sie WIRKLICH SICHER, dass Sie diese Webseite löschen wollen? 
+                        button(type="button" class="btn btn-danger" data-toggle="modal" data-target="#deleteWebsiteConfirmation") Löschen
+
+    // Modal
+    div(class="modal" id="deleteWebsiteConfirmation" tabindex="-1" role="dialog" aria-labelledby="modalLabel" aria-hidden="true")
+        div(class="modal-dialog" role="document")
+            div(class="modal-content")
+                div(class="modal-header")
+                    h5(class="modal-title" id="modalLabel") Sind Sie WIRKLICH SICHER?
+                    button(type="button" class="close" data-dismiss="modal" aria-label="Close")
+                        span(aria-hidden="true") &times;
+                div(class="modal-body")
+                    | <p>Sie sind dabei, diese Webseite, ihr Repositorium und alle zugehörigen Ressourcen, inklusive aller Inhalte, Bilder etc. endgültig zu löschen.</p>
+                    | <p>Sobald eine Webseite endgültig gelöscht ist, kann sie nicht wiederhergestellt werden. <strong>Diese Aktion kann nicht rückgängig gemacht werden.</strong></p>
+                div(class="modal-footer")
+                    form(method="POST", action="/deleteProject?_method=DELETE", encType="multipart/form-data")
+                        input(name="id", value=information.id, type="hidden")
+                        button(type="button" class="btn btn-primary mx-2" data-dismiss="modal") Abbrechen, Webseite behalten
+                        button(type="submit" class="btn btn-danger") Ja, Webseite löschen

    // jQuery
    script(src="https://code.jquery.com/jquery-3.3.1.min.js")