From 63c2fb88e0eb45dca0ae330bbb9a43bce7161479 Mon Sep 17 00:00:00 2001
From: Jonasz Bigda <jonasz@bankai.pl>
Date: Thu, 1 Oct 2020 20:21:01 +0200
Subject: [PATCH] server v1.0.7

---
 routes/routeDish.js          | 11 +++++++----
 routes/routeRestaurant.js    |  1 +
 services/azureServices.js    | 21 +++++++++++++++------
 services/dataPrepServices.js | 28 ++++++----------------------
 services/databaseServices.js |  1 +
 services/services.js         |  8 +++-----
 6 files changed, 33 insertions(+), 37 deletions(-)

diff --git a/routes/routeDish.js b/routes/routeDish.js
index f0e9f63..afb0372 100644
--- a/routes/routeDish.js
+++ b/routes/routeDish.js
@@ -2,6 +2,7 @@ import express from "express";
 import { createDish } from "../services/dataPrepServices.js";
 import {
   removeDish,
+  fetchDish,
   addDishToRestaurant,
   setDishVisibility,
 } from "../services/databaseServices.js";
@@ -33,7 +34,7 @@ router.post("/", async (req, res) => {
     await validateRestaurant(req.body.restaurantId);
     const token = req.headers["x-auth-token"];
     validateUserToken(token);
-    const dish = await createDish(req.body, req.body.restaurantId, true);
+    const dish = await createDish(req.body, req.body.restaurantId);
     await dish.save();
     await addDishToRestaurant(req.body.restaurantId, dish._id);
     res.status(201).send(dish._id);
@@ -77,10 +78,12 @@ router.put("/", async (req, res) => {
   try {
     await validateDishId(req.body.dishId);
     const token = req.headers["x-auth-token"];
-    validateUserToken(token);
-    const dish = createDish(req.body.dish, req.body.restaurantId, false);
+    const decodedToken = validateUserToken(token);
+    await verifyDishAccess(req.body.dishId, decodedToken);
+    const oldDish = await fetchDish(req.body.dishId);
+    const dish = await createDish(req.body, req.body.restaurantId, oldDish);
     await Dish.replaceOne({ _id: req.body.dishId }, dish);
-    res.sendStatus(200);
+    res.send(dish);
   } catch (error) {
     handleError(error, res);
   }
diff --git a/routes/routeRestaurant.js b/routes/routeRestaurant.js
index cad5163..63b28c8 100644
--- a/routes/routeRestaurant.js
+++ b/routes/routeRestaurant.js
@@ -59,6 +59,7 @@ router.put("/", async (req, res) => {
     const user = validateUserToken(token);
     const oldRestaurant = await fetchRestaurant(req.body.restaurantId);
     const newRestaurant = await createRestaurant(req.body, oldRestaurant);
+    await verifyRestaurantAccess(req.body.restaurantId, user);
     await Restaurant.replaceOne({ _id: req.body.restaurantId }, newRestaurant);
     res.send(newRestaurant);
   } catch (error) {
diff --git a/services/azureServices.js b/services/azureServices.js
index 978bc25..5fe2a3b 100644
--- a/services/azureServices.js
+++ b/services/azureServices.js
@@ -1,4 +1,5 @@
 import azureBlob from "@azure/storage-blob";
+import e from "express";
 import getStream from "into-stream";
 import { newError } from "./services.js";
 
@@ -77,10 +78,18 @@ export function setDeleteTempBlobTimer(blobName, containerClient, minutes) {
 }
 
 export async function deleteImage(url) {
-  const containerClient = blobServiceClient.getContainerClient(container);
-  const containerUrl = containerClient.url + "/";
-  const blobName = url.replace(containerUrl, "");
-  console.log(`BLOB NAME = ${blobName}`);
-  const blob = containerClient.getBlobClient(blobName);
-  await blob.delete();
+  if (!url || url === "" || url === "empty") {
+    return;
+  } else {
+    try {
+      const containerClient = blobServiceClient.getContainerClient(container);
+      const containerUrl = containerClient.url + "/";
+      const blobName = url.replace(containerUrl, "");
+      console.log(`BLOB NAME = ${blobName}`);
+      const blob = containerClient.getBlobClient(blobName);
+      await blob.delete();
+    } catch (error) {
+      console.log(error);
+    }
+  }
 }
diff --git a/services/dataPrepServices.js b/services/dataPrepServices.js
index 9f7e403..08b7df3 100644
--- a/services/dataPrepServices.js
+++ b/services/dataPrepServices.js
@@ -113,9 +113,9 @@ export async function prepareSafeUser(user) {
   return safeUser;
 }
 
-export async function createDish(dish, restaurantId, generateId) {
+export async function createDish(dish, restaurantId, oldDish) {
   try {
-    if (generateId) {
+    if (!oldDish) {
       const img = await handleImageUpdate(dish);
       const newDish = new Dish({
         _id: new mongoose.Types.ObjectId(),
@@ -126,15 +126,7 @@ export async function createDish(dish, restaurantId, generateId) {
         notes: sanitizer.sanitize.keepUnicode(dish.notes),
         imgUrl: img,
         weight: dish.weight,
-        allergens: {
-          gluten: dish.allergens.gluten,
-          lactose: dish.allergens.lactose,
-          soy: dish.allergens.soy,
-          eggs: dish.allergens.eggs,
-          seaFood: dish.allergens.seaFood,
-          peanuts: dish.allergens.peanuts,
-          sesame: dish.allergens.sesame,
-        },
+        allergens: dish.allergens,
         ingredients: dish.ingredients,
         glicemicIndex: dish.glicemicIndex,
         kCal: dish.kCal,
@@ -143,24 +135,16 @@ export async function createDish(dish, restaurantId, generateId) {
       });
       return newDish;
     } else {
-      const img = "";
+      const img = await handleImageUpdate(dish, oldDish);
       const newDish = new Dish({
-        restaurantId: restaurantId,
+        restaurantId: oldDish.restaurantId,
         name: sanitizer.sanitize.keepUnicode(dish.name),
         category: dish.category,
         price: dish.price,
         notes: sanitizer.sanitize.keepUnicode(dish.notes),
         imgUrl: img,
         weight: dish.weight,
-        allergens: {
-          gluten: dish.allergens.gluten,
-          lactose: dish.allergens.lactose,
-          soy: dish.allergens.soy,
-          eggs: dish.allergens.eggs,
-          seaFood: dish.allergens.seaFood,
-          peanuts: dish.allergens.peanuts,
-          sesame: dish.allergens.sesame,
-        },
+        allergens: dish.allergens,
         ingredients: dish.ingredients,
         glicemicIndex: dish.glicemicIndex,
         kCal: dish.kCal,
diff --git a/services/databaseServices.js b/services/databaseServices.js
index 9161760..d650951 100644
--- a/services/databaseServices.js
+++ b/services/databaseServices.js
@@ -14,6 +14,7 @@ export async function removeDish(dishId) {
   const deletedDoc = await Dish.findByIdAndDelete(dishId).catch((e) => {
     throw newError("Usunięcie dania nie powiodło się.", 500);
   });
+  await deleteImage(deletedDoc.imgUrl);
   await Restaurant.findByIdAndUpdate(deletedDoc.restaurantId, {
     $pull: { dishes: dishId },
   }).catch((error) => {
diff --git a/services/services.js b/services/services.js
index 6f98f20..a0325d5 100644
--- a/services/services.js
+++ b/services/services.js
@@ -112,11 +112,9 @@ export async function verifyDishAccess(dishId, decodedToken) {
     }
   );
   const restaurants = fetch.restaurants;
-  const restaurantId = await Dish.findById(dishId, "restaurantId").catch(
-    (error) => {
-      throw newError("Nie znaleziono dania.", 404);
-    }
-  );
+  const restaurantId = await Dish.findById(dishId).catch((error) => {
+    throw newError("Nie znaleziono dania.", 404);
+  });
   const valid = restaurants.includes(restaurantId.restaurantId);
   if (!valid) throw newError("Nie masz dostępu do tego dania.", 401);
 }