From 9b8c1a672d339d14667e014cfcc0528cd681ac2c Mon Sep 17 00:00:00 2001 From: Rosanny Date: Fri, 30 Apr 2021 14:08:00 +0200 Subject: [PATCH 1/6] add button and confirmation to delete a website --- views/DE/account/updateInformation.pug | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/views/DE/account/updateInformation.pug b/views/DE/account/updateInformation.pug index acd0a143..dc8c609a 100644 --- a/views/DE/account/updateInformation.pug +++ b/views/DE/account/updateInformation.pug @@ -82,6 +82,27 @@ html(lang="de") div(class="card-body") Passen Sie die Werte für projektname und projektseitenlink an, indem Sie die entsprechenden Werte in die Anführungszeichen schreiben. img(src="https://m4lab.hft-stuttgart.de/img/help/edit_settings.png", class="img-fluid", style="border: 1px solid gray;", alt="setting.js") p Klicken Sie anschließend auf commit changes, um die Änderungen zu speichern. + hr + div(class="alert alert-danger" role="alert")
Delete Website
+ p This action will permanently delete #{information.name} immediately, including its repositories and all related resources, including issues, merge requests, etc. + p Are you ABSOLUTELY SURE you wish to delete this website? + button(type="button" class="btn btn-danger mx-2" data-toggle="modal" data-target="#deleteWebsiteConfirmation") Löschen + + // Modal + div(class="modal" id="deleteWebsiteConfirmation" tabindex="-1" role="dialog" aria-labelledby="modalLabel") + div(class="modal-dialog" role="document") + div(class="modal-content") + div(class="modal-header") + button(type="button" class="close" data-dismiss="modal" aria-label="Close") + span(aria-hidden="true") × + h4(class="modal-title" id="modalLabel") Are you ABSOLUTELY SURE? + div(class="modal-body") + |

You are about to permanently delete this website, its repository and all related resources, including content, images, etc.

+ |

Once a website is permanently deleted, it cannot be recovered.

+ |

This action cannot be undone.

+ div(class="modal-footer") + button(type="button" class="btn btn-primary" data-dismiss="modal") Abbrechen, keep website + button(type="button" class="btn btn-danger") Ja, delete website // jQuery script(src="https://code.jquery.com/jquery-3.3.1.min.js") -- GitLab From 83bf3ffa22e97def63e3212f39691e7ebe008c01 Mon Sep 17 00:00:00 2001 From: Rosanny Date: Fri, 30 Apr 2021 17:29:18 +0200 Subject: [PATCH 2/6] update delete section --- views/DE/account/updateInformation.pug | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/views/DE/account/updateInformation.pug b/views/DE/account/updateInformation.pug index dc8c609a..193b8af4 100644 --- a/views/DE/account/updateInformation.pug +++ b/views/DE/account/updateInformation.pug @@ -84,7 +84,7 @@ html(lang="de") p Klicken Sie anschließend auf commit changes, um die Änderungen zu speichern. hr div(class="alert alert-danger" role="alert")
Delete Website
- p This action will permanently delete #{information.name} immediately, including its repositories and all related resources, including issues, merge requests, etc. + p This action will permanently delete #{information.name} immediately, including its repositories and all related resources. p Are you ABSOLUTELY SURE you wish to delete this website? button(type="button" class="btn btn-danger mx-2" data-toggle="modal" data-target="#deleteWebsiteConfirmation") Löschen @@ -98,11 +98,12 @@ html(lang="de") h4(class="modal-title" id="modalLabel") Are you ABSOLUTELY SURE? div(class="modal-body") |

You are about to permanently delete this website, its repository and all related resources, including content, images, etc.

- |

Once a website is permanently deleted, it cannot be recovered.

- |

This action cannot be undone.

+ |

Once a website is permanently deleted, it cannot be recovered. This action cannot be undone.

div(class="modal-footer") - button(type="button" class="btn btn-primary" data-dismiss="modal") Abbrechen, keep website - button(type="button" class="btn btn-danger") Ja, delete website + form(method="POST", action="/deleteProject?_method=DELETE", encType="multipart/form-data") + input(name="id", value=information.id, type="hidden") + button(type="button" class="btn btn-primary" data-dismiss="modal") Abbrechen, keep website + button(type="submit" class="btn btn-danger") Ja, delete website // jQuery script(src="https://code.jquery.com/jquery-3.3.1.min.js") @@ -112,7 +113,7 @@ html(lang="de") // Bootstrap script(src="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js" integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM" crossorigin="anonymous") // M4_LAB - script(src="/js/headfoot.js") + script(src="https://m4lab.hft-stuttgart.de/js/headfoot.js") script. function sendPublishRequest() { $.post("/sendPublishRequest", {projectName: $("#name").val()}, function(resp){ -- GitLab From cee2980fd989a2c4bdc8c93ff0e08d03e8e5fa95 Mon Sep 17 00:00:00 2001 From: Rosanny Date: Fri, 30 Apr 2021 17:30:34 +0200 Subject: [PATCH 3/6] add a new package --- app.js | 2 ++ package-lock.json | 26 ++++++++++++++++++++++++++ package.json | 1 + 3 files changed, 29 insertions(+) diff --git a/app.js b/app.js index 8ff8ef12..5680690e 100644 --- a/app.js +++ b/app.js @@ -11,6 +11,7 @@ const flash = require('express-flash-2'); const fileUpload = require('express-fileupload'); const helmet = require('helmet'); const compression = require('compression'); +const methodOverride = require('method-override'); const i18n = require('i18n'); // internationalization i18n.configure({ @@ -35,6 +36,7 @@ app.use(fileUpload({ } })); +app.use(methodOverride('_method')); app.use(helmet()); app.use(compression()); app.use(morgan('combined')); diff --git a/package-lock.json b/package-lock.json index 5879f569..d3905286 100644 --- a/package-lock.json +++ b/package-lock.json @@ -5013,6 +5013,32 @@ "resolved": "https://registry.npmjs.org/messageformat-parser/-/messageformat-parser-4.1.2.tgz", "integrity": "sha1-/TTsOZEqFIaKFZXq63QkhauKs3I=" }, + "method-override": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/method-override/-/method-override-3.0.0.tgz", + "integrity": "sha512-IJ2NNN/mSl9w3kzWB92rcdHpz+HjkxhDJWNDBqSlas+zQdP8wBiJzITPg08M/k2uVvMow7Sk41atndNtt/PHSA==", + "requires": { + "debug": "3.1.0", + "methods": "~1.1.2", + "parseurl": "~1.3.2", + "vary": "~1.1.2" + }, + "dependencies": { + "debug": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/debug/-/debug-3.1.0.tgz", + "integrity": "sha512-OX8XqP7/1a9cqkxYw2yXss15f26NKWBpDXQd0/uK/KPqdQhxbPa994hnzjcE2VqQpDslf55723cKPUOGSmMY3g==", + "requires": { + "ms": "2.0.0" + } + }, + "ms": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=" + } + } + }, "methods": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/methods/-/methods-1.1.2.tgz", diff --git a/package.json b/package.json index 739f4247..a1b45cc0 100644 --- a/package.json +++ b/package.json @@ -37,6 +37,7 @@ "helmet": "^3.23.3", "i18n": "^0.8.5", "jest": "^26.6.3", + "method-override": "^3.0.0", "morgan": "^1.9.1", "mysql": "^2.17.1", "mysql2": "^2.2.5", -- GitLab From 1ea9adf8eeb7d0d90b73138be62115098cbe2d91 Mon Sep 17 00:00:00 2001 From: Rosanny Date: Fri, 30 Apr 2021 17:31:24 +0200 Subject: [PATCH 4/6] add deleteProjectById function --- routes/gitlab.js | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/routes/gitlab.js b/routes/gitlab.js index 9e82a8a0..62ff3650 100644 --- a/routes/gitlab.js +++ b/routes/gitlab.js @@ -66,6 +66,24 @@ var gitlab = { data: err.response.data }) }, + deleteProjectById: function(projectId){ + // https://docs.gitlab.com/ee/api/projects.html#delete-project + return axios({ + method: 'delete', + url: 'https://transfer.hft-stuttgart.de/gitlab/api/v4/projects/'+projectId, + headers: { + 'Authorization': 'Bearer '+config.gitlab.token_readWriteProjects + } + }) + .then(res => res = { + error: false, + data: res.data + }) + .catch(err => res = { + error: true, + data: err.response.data + }) + }, getUserProjects: async function(gitlabUserId) { return axios({ method: 'get', @@ -96,7 +114,6 @@ var gitlab = { .then(res => res.data[0].status) .catch(err => console.error(err)) }, - // delete peoject: https://docs.gitlab.com/ee/api/projects.html#delete-project // // test GraphQL getGraphqlTest: function(callback) { -- GitLab From e0da3a30e814d00e140862738e46cc27d013593a Mon Sep 17 00:00:00 2001 From: Rosanny Date: Fri, 30 Apr 2021 17:33:31 +0200 Subject: [PATCH 5/6] add /deleteProject --- routes/routes-account.js | 39 +++++++++++++++++++++++++++++++++++---- 1 file changed, 35 insertions(+), 4 deletions(-) diff --git a/routes/routes-account.js b/routes/routes-account.js index 0244ea77..6c931ed9 100644 --- a/routes/routes-account.js +++ b/routes/routes-account.js @@ -562,10 +562,13 @@ module.exports = function (app, config, passport, i18n) { } else { let project = await gitlab.getProjectById(req.query.id) if (!project) { - console.log(" =================== error or no project found") + console.log(" ========= Error or no project found") + res.redirect('/account/services') + } else if (!project.owner) { + console.log(" ========= Project cannot be accessed, since it does not have an owner") res.redirect('/account/services') } else if (project.owner.id != loggedInUser.getGitlabUserId()) { - console.log(" =================== not your project") + console.log(" ========= Access denied: Not your project") res.redirect('/account/services') } else { let curInformation = new projectInformation(loggedInUser.getGitlabUserId(), req.query.id, project.name, project.description, @@ -579,7 +582,7 @@ module.exports = function (app, config, passport, i18n) { } } }) - + // update a website app.post('/updateInformation', async function(req, res){ if( !req.isAuthenticated() ) { res.redirect('/login') @@ -635,7 +638,35 @@ module.exports = function (app, config, passport, i18n) { } }) - // RS: delete projektInformation? + app.delete('/deleteProject', async function(req, res){ + console.log("delete project") + + if( !req.isAuthenticated() ) { + res.redirect('/login') + } else { + let loggedInUser = await getLoggedInUserData(req.user.email) + let projectId = req.body.id + + if (projectId) { + // check if the owner is valid + let project = await gitlab.getProjectById(projectId) + if (!project) { + console.log(" ========= Error or no project found") + } else if (!project.owner) { + console.log(" ========= Project cannot be accessed, since it does not have an owner") + } else if (project.owner.id != loggedInUser.getGitlabUserId()) { + console.log(" ========= Access denied: Not your project") + } else { + // delete project + let project = await gitlab.deleteProjectById(projectId) + if (project.error) { + res.flash("error", "Project cannot be deleted. Please try again.") + } + } + } + res.redirect('/account/services') + } + }) // ============= NEW USERS REGISTRATION =========================== app.get('/registration', function(req, res) { -- GitLab From dd0965d80aa311412cc38e60b6cc7d54c0c861d1 Mon Sep 17 00:00:00 2001 From: Rosanny Date: Wed, 5 May 2021 10:18:41 +0200 Subject: [PATCH 6/6] small updates & add German wordings --- README.md | 2 +- views/DE/account/updateInformation.pug | 23 ++++++++++++----------- 2 files changed, 13 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index 4c51fd33..1ca41b18 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,3 @@ User Account Management -MLAB-481 branch should be created from this branch \ No newline at end of file +This is the repository of the User Account of the TransferPortal. \ No newline at end of file diff --git a/views/DE/account/updateInformation.pug b/views/DE/account/updateInformation.pug index 193b8af4..3c0c875b 100644 --- a/views/DE/account/updateInformation.pug +++ b/views/DE/account/updateInformation.pug @@ -83,27 +83,28 @@ html(lang="de") img(src="https://m4lab.hft-stuttgart.de/img/help/edit_settings.png", class="img-fluid", style="border: 1px solid gray;", alt="setting.js") p Klicken Sie anschließend auf commit changes, um die Änderungen zu speichern. hr - div(class="alert alert-danger" role="alert")
Delete Website
- p This action will permanently delete #{information.name} immediately, including its repositories and all related resources. - p Are you ABSOLUTELY SURE you wish to delete this website? - button(type="button" class="btn btn-danger mx-2" data-toggle="modal" data-target="#deleteWebsiteConfirmation") Löschen + div(class="mx-4") + div(class="alert alert-danger" role="alert")
Webseite löschen
+ p Dies wird #{information.name} sofort endgültig löschen, inklusive ihrer Repositorien und aller zugehöriger Ressourcen. + p Sind Sie WIRKLICH SICHER, dass Sie diese Webseite löschen wollen? + button(type="button" class="btn btn-danger" data-toggle="modal" data-target="#deleteWebsiteConfirmation") Löschen // Modal - div(class="modal" id="deleteWebsiteConfirmation" tabindex="-1" role="dialog" aria-labelledby="modalLabel") + div(class="modal" id="deleteWebsiteConfirmation" tabindex="-1" role="dialog" aria-labelledby="modalLabel" aria-hidden="true") div(class="modal-dialog" role="document") div(class="modal-content") div(class="modal-header") + h5(class="modal-title" id="modalLabel") Sind Sie WIRKLICH SICHER? button(type="button" class="close" data-dismiss="modal" aria-label="Close") span(aria-hidden="true") × - h4(class="modal-title" id="modalLabel") Are you ABSOLUTELY SURE? div(class="modal-body") - |

You are about to permanently delete this website, its repository and all related resources, including content, images, etc.

- |

Once a website is permanently deleted, it cannot be recovered. This action cannot be undone.

+ |

Sie sind dabei, diese Webseite, ihr Repositorium und alle zugehörigen Ressourcen, inklusive aller Inhalte, Bilder etc. endgültig zu löschen.

+ |

Sobald eine Webseite endgültig gelöscht ist, kann sie nicht wiederhergestellt werden. Diese Aktion kann nicht rückgängig gemacht werden.

div(class="modal-footer") form(method="POST", action="/deleteProject?_method=DELETE", encType="multipart/form-data") input(name="id", value=information.id, type="hidden") - button(type="button" class="btn btn-primary" data-dismiss="modal") Abbrechen, keep website - button(type="submit" class="btn btn-danger") Ja, delete website + button(type="button" class="btn btn-primary mx-2" data-dismiss="modal") Abbrechen, Webseite behalten + button(type="submit" class="btn btn-danger") Ja, Webseite löschen // jQuery script(src="https://code.jquery.com/jquery-3.3.1.min.js") @@ -113,7 +114,7 @@ html(lang="de") // Bootstrap script(src="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js" integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM" crossorigin="anonymous") // M4_LAB - script(src="https://m4lab.hft-stuttgart.de/js/headfoot.js") + script(src="/js/headfoot.js") script. function sendPublishRequest() { $.post("/sendPublishRequest", {projectName: $("#name").val()}, function(resp){ -- GitLab