Merge pull request #39 from StreetSupport/feature/3017-create-location-specific-content-management-system

3017 create location specific content management system

Author: o-seliuchenko

src/controllers/resourceController.ts

@@ -1,28 +1,179 @@
 import { Request, Response } from 'express';
 import { asyncHandler } from '../utils/asyncHandler.js';
-import { sendError } from '../utils/apiResponses.js';
+import { sendSuccess, sendBadRequest, sendNotFound } from '../utils/apiResponses.js';
+import Resource from '../models/resourceModel.js';
+import { validateResource } from '../schemas/resourceSchema.js';
+import { deleteFile } from '../middleware/uploadMiddleware.js';
 
-// Stub CRUD handlers for Resources
+// Get all resources with optional search
 export const getResources = asyncHandler(async (req: Request, res: Response) => {
-  return sendError(res, 501, 'Not implemented');
-});
-
-export const getResourceById = asyncHandler(async (req: Request, res: Response) => {
-  return sendError(res, 501, 'Not implemented');
-});
+  const { search } = req.query;
+  
+  const query: any = {};
+  
+  // Apply search filter across multiple fields
+  if (search && typeof search === 'string') {
+    const searchTerm = search.trim();
 
-export const getResourcesByLocation = asyncHandler(async (req: Request, res: Response) => {
-  return sendError(res, 501, 'Not implemented');
+    query.$or = [
+      { Key: { $regex: searchTerm, $options: 'i' } },
+      { Name: { $regex: searchTerm, $options: 'i' } },
+      { Header: { $regex: searchTerm, $options: 'i' } },
+      { ShortDescription: { $regex: searchTerm, $options: 'i' } },
+      { Body: { $regex: searchTerm, $options: 'i' } },
+      { 'LinkList.Name': { $regex: searchTerm, $options: 'i' } },
+      { 'LinkList.Description': { $regex: searchTerm, $options: 'i' } },
+      { 'LinkList.Links.Title': { $regex: searchTerm, $options: 'i' } },
+      { 'LinkList.Links.Link': { $regex: searchTerm, $options: 'i' } }
+    ];
+  }
+  
+  const resources = await Resource.find(query)
+    .sort({ DocumentModifiedDate: -1 })
+    .lean();
+    
+  return sendSuccess(res, resources);
 });
 
-export const createResource = asyncHandler(async (req: Request, res: Response) => {
-  return sendError(res, 501, 'Not implemented');
+// Get single resource by key
+export const getResourceByKey = asyncHandler(async (req: Request, res: Response) => {
+  const { key } = req.params;
+  
+  const resource = await Resource.findOne({ Key: key }).lean();
+  
+  if (!resource) {
+    return sendNotFound(res, 'Resource not found');
+  }
+  
+  return sendSuccess(res, resource);
 });
 
+// Update existing resource
 export const updateResource = asyncHandler(async (req: Request, res: Response) => {
-  return sendError(res, 501, 'Not implemented');
-});
+  const { key } = req.params;
+  
+  // Find existing resource
+  const existingResource = await Resource.findOne({ Key: key });
+  
+  if (!existingResource) {
+    return sendNotFound(res, 'Resource not found');
+  }
+
+  // Process file replacements - extract old file URLs for cleanup
+  const oldFileUrls: string[] = [];
+  
+  // Collect all existing file URLs from the resource
+  if (existingResource.LinkList) {
+    existingResource.LinkList.forEach((linkList) => {
+      if (linkList.Links && Array.isArray(linkList.Links)) {
+        linkList.Links.forEach((item) => {
+          if (item.Link && item.Link.startsWith('http')) {
+            oldFileUrls.push(item.Link);
+          }
+        });
+      }
+    });
+  }
+
+  // Process form data and merge uploaded files
+  const processedData = processResourceFormData(req.body);
+
+  // Validate the processed data
+  const validation = validateResource(processedData);
+  
+  if (!validation.success) {
+    const errorMessages = validation.errors?.map(err => err.message).join(', ') || 'Validation failed';
+    return sendBadRequest(res, `Validation failed: ${errorMessages}`);
+  }
 
-export const deleteResource = asyncHandler(async (req: Request, res: Response) => {
-  return sendError(res, 501, 'Not implemented');
+  if (!validation.data) {
+    return sendBadRequest(res, 'Validation data is missing');
+  }
+
+  // Update resource
+  const updateData = {
+    ...validation.data,
+    DocumentModifiedDate: new Date(),
+  };
+
+  const updatedResource = await Resource.findOneAndUpdate(
+    { Key: key },
+    updateData,
+    { new: true, runValidators: true }
+  );
+
+  if (!updatedResource) {
+    return sendNotFound(res, 'Resource not found');
+  }
+
+  // Clean up old files that are no longer in the updated resource (non-blocking)
+  if (oldFileUrls.length > 0 && updatedResource.LinkList) {
+    const newFileUrls = new Set<string>();
+    updatedResource.LinkList.forEach((linkList) => {
+      if (linkList.Links && Array.isArray(linkList.Links)) {
+        linkList.Links.forEach((item) => {
+          if (item.Link && item.Link.startsWith('http')) {
+            newFileUrls.add(item.Link);
+          }
+        });
+      }
+    });
+    
+    // Only delete files that are no longer referenced
+    const filesToDelete = oldFileUrls.filter(url => !newFileUrls.has(url));
+    if (filesToDelete.length > 0) {
+      Promise.all(filesToDelete.map(url => deleteFile(url)))
+        .catch(error => console.error('Error cleaning up old files:', error));
+    }
+  }
+
+  return sendSuccess(res, updatedResource);
 });
+
+// Helper function to process form data and merge uploaded files
+function processResourceFormData(body: any): any {
+  const data = { ...body };
+  
+  // Parse LinkList if it's a string
+  if (typeof data.LinkList === 'string') {
+    try {
+      data.LinkList = JSON.parse(data.LinkList);
+    } catch (error) {
+      console.error('Error parsing LinkList:', error);
+      data.LinkList = [];
+    }
+  }
+  
+  // Process LinkList to merge uploaded file URLs
+  if (data.LinkList && Array.isArray(data.LinkList)) {
+    data.LinkList = data.LinkList.map((linkList: any, listIndex: number) => {
+      if (linkList.Links && Array.isArray(linkList.Links)) {
+        linkList.Links = linkList.Links.map((item: any, itemIndex: number) => {
+          const fieldName = `newfile_LinkList_${listIndex}_Links_${itemIndex}`;
+          const uploadedFileUrl = data[fieldName];
+          
+          // If file was uploaded for this item, use the uploaded URL
+          if (uploadedFileUrl) {
+            return {
+              ...item,
+              Link: uploadedFileUrl
+            };
+          }
+          
+          return item;
+        });
+      }
+      
+      return linkList;
+    });
+  }
+  
+  // Remove file field entries from data (they're already merged into LinkList)
+  Object.keys(data).forEach(key => {
+    if (key.startsWith('newfile_LinkList_')) {
+      delete data[key];
+    }
+  });
+  
+  return data;
+}

src/jobs/disablingOrganisationJob.ts

@@ -103,7 +103,7 @@ export function startDisablingJob() {
     }
   });
 
-  console.log('Organisation disabling job scheduled to run daily at midnight (00:00)');
+  console.log('Organisation disabling job scheduled to run daily at midnight (00:05)');
 }
 
 /**

src/jobs/verificationOrganisationJob.ts

@@ -108,7 +108,7 @@ export function startVerificationJob() {
     }
   });
 
-  console.log('Verification job scheduled to run daily at 9:00 AM');
+  console.log('Organisation verification job scheduled to run daily at 9:00 AM');
 }
 
 /**

src/middleware/authMiddleware.ts

@@ -1557,54 +1557,15 @@ export const swepBannersGetAuth = [
 ];
 
 /**
- * Middleware for resource access control with location validation
+ * Middleware for resource access control
  */
 export const requireResourceAccess = asyncHandler(async (req: Request, res: Response, next: NextFunction) => {
   if (ensureAuthenticated(req, res)) return;
 
   const userAuthClaims = req.user?.AuthClaims || [];
 
   // SuperAdmin global rule
-  if (handleSuperAdminAccess(userAuthClaims)) { return next(); }
-
-  // Check if user is a CityAdmin
-  if (!userAuthClaims.includes(ROLES.CITY_ADMIN)) {
-    return sendForbidden(res);
-  }
-
-  // For operations on specific resources, check LocationId access
-  const resourceId = req.params.id;
-  if (resourceId && (req.method === HTTP_METHODS.GET || req.method === HTTP_METHODS.PUT || req.method === HTTP_METHODS.DELETE)) {
-    try{
-      // TODO: When Resource model is created with LocationId field, validate against user's CityAdminFor claims
-      // For now, allow any CityAdmin to access
-      // const resource = await Resource.findById(resourceId).lean();
-
-      // // For location-based access, check the LocationSlug
-      // const locations = (banner?.LocationSlug || '').split(',').map(l => l.trim()).filter(Boolean);
-        
-      // if (validateCityAdminLocationsAccess(userAuthClaims, locations, res)) {
-      //   return; // Access denied, response already sent
-      // }
-
-      // next();
-    }
-    catch (error) {
-      console.error('Error validating resource access:', error);
-      return sendInternalError(res);
-    }   
-  }
-
-  if (req.body && req.method === HTTP_METHODS.POST) {
-    // For location-based access, check the LocationSlug
-    const locations = (req.body?.LocationId || '').split(',').map(l => l.trim()).filter(Boolean);
-      
-    if (validateCityAdminLocationsAccess(userAuthClaims, locations, res)) {
-      return; // Access denied, response already sent
-    }
-
-    return next();
-  }
+  if (handleSuperAdminAccess(userAuthClaims) || handleVolunteerAdminAccess(userAuthClaims)) { return next(); }
 
   return sendForbidden(res);
 });
@@ -1616,37 +1577,3 @@ export const resourcesAuth = [
   authenticate,
   requireResourceAccess
 ];
-
-/**
- * Middleware for resource location-based access (GET /resources/location/:locationId)
- */
-export const requireResourceLocationAccess = (req: Request, res: Response, next: NextFunction) => {
-  if (ensureAuthenticated(req, res)) return;
-
-  const userAuthClaims = req.user?.AuthClaims || [];
-  
-  // SuperAdmin global rule
-  if (handleSuperAdminAccess(userAuthClaims)) { return next(); }
-
-  // Check if user is a CityAdmin
-  if (!userAuthClaims.includes(ROLES.CITY_ADMIN)) {
-    return sendForbidden(res);
-  }
-
-  // For location-based access, check the location and locations param
-  const locations = extractLocationsFromQuery(req);
-  
-  if (validateCityAdminLocationsAccess(userAuthClaims, locations, res)) {
-    return; // Access denied, response already sent
-  }
-
-  next();
-};
-
-/**
- * Combined middleware for resources endpoint by location
- */
-export const resourcesByLocationAuth = [
-  authenticate,
-  requireResourceLocationAccess
-];

src/middleware/uploadMiddleware.ts

@@ -15,6 +15,7 @@ dotenv.config();
 const AZURE_STORAGE_CONNECTION_STRING = process.env.AZURE_STORAGE_CONNECTION_STRING;
 const BANNERS_CONTAINER_NAME = process.env.AZURE_BANNERS_CONTAINER_NAME || 'banners';
 const SWEPS_CONTAINER_NAME = process.env.AZURE_SWEPS_CONTAINER_NAME || 'sweps';
+const RESOURCES_CONTAINER_NAME = process.env.AZURE_RESOURCES_CONTAINER_NAME || 'resources';
 
 let blobServiceClient: BlobServiceClient | null = null;
 if (AZURE_STORAGE_CONNECTION_STRING) {
@@ -279,6 +280,47 @@ export const uploadSwepImage = async (req: Request, res: Response, next: NextFun
   });
 };
 
+// Resources-specific upload middleware - handles multiple file uploads to resources container
+export const uploadResourceFiles = async (req: Request, res: Response, next: NextFunction) => {
+  // This will handle files with names like: newfile_LinkList_0_List_0, newfile_LinkList_0_List_1, etc.
+  const uploadAny = upload.any();
+  
+  uploadAny(req, res, async (err) => {
+    if (err) {
+      return sendBadRequest(res, `File upload error: ${err.message}`);
+    }
+
+    try {
+      const files = req.files as Express.Multer.File[];
+      
+      if (!files || files.length === 0) {
+        // No files uploaded, just continue
+        return next();
+      }
+
+      // Process each uploaded file and attach to request body
+      for (const file of files) {
+        // Upload file to resources container
+        let fileUrl: string;
+        if (blobServiceClient) {
+          fileUrl = await uploadToAzure(file, RESOURCES_CONTAINER_NAME);
+        } else {
+          fileUrl = saveToLocal(file, RESOURCES_CONTAINER_NAME);
+        }
+
+        // Attach uploaded file URL to request body using the field name
+        // Field names are like: newfile_LinkList_0_List_0
+        req.body[file.fieldname] = fileUrl;
+      }
+
+      next();
+    } catch (error) {
+      console.error('Resources upload error:', error);
+      sendInternalError(res, 'File upload failed');
+    }
+  });
+};
+
 // Single file upload middleware
 export const uploadSingle = (fieldName: string) => [
   upload.single(fieldName),