get, create, update, delete for qr codes (#226)

* get

* create

* update

* update

* delete

* readme

* dishid

* dishID

* rename

* fix: addressed comments

* fix readme

* fix: reformat code

---------

Co-authored-by: armaankatyal <armaankatyal3@gmail.com>

Author: GurveerSohal

backend/README.md

@@ -124,7 +124,7 @@ The dish routes are defined in the `src/routes/dish.ts` file. The routes are mou
     }
     ```
 
-- #### POST `/api/dish/condition?qid=`
+- #### POST `/api/dish/condition?id=`
     This route will update the condition for the dish.
 
     headers:
@@ -135,8 +135,7 @@ The dish routes are defined in the `src/routes/dish.ts` file. The routes are mou
 
     query:
     ```
-    qid: qr_code of the dish to be returned
-    id: id of the dish to be returned (required if qid is not provided)
+    id: id of the dish
     ```
 
     body:
@@ -202,3 +201,66 @@ the user routes are defined in the `src/routes/user.ts` file. The routes are mou
     }
     ```
     notes: when type is set to role, role property is required and only admin can update the role.
+
+### QR Codes
+the qr code routes are defined in the `src/routes/qrCode.ts` file. The routes are mounted on the `/qrcode` path. The routes are:
+
+- #### GET `/api/qrcode?qid=`
+    This route returns all the qr codes in the database only if the user is admin.
+    
+    headers:
+    ```
+    x-api-key: preset constant api key
+    session-token: generated sessionCookie from firebase after login
+    ```
+    query:
+    ```
+    qid: return the qr code with this qid
+    ```
+
+- #### POST `/api/qrcode/create`
+    Create a qr code with the given request body only if user is admin
+    
+    headers:
+    ```
+    x-api-key: preset constant api key
+    session-token: generated sessionCookie from firebase after login
+    ```
+
+    body:
+    ```
+    qrCode: {
+        qid: number,     * required
+        dishId: string,  * required
+    }
+    ```
+
+- #### POST `/api/qrcode/update`
+    Update an existing qr code with the given request body only if user is admin
+    
+    headers:
+    ```
+    x-api-key: preset constant api key
+    session-token: generated sessionCookie from firebase after login
+    ```
+
+    body:
+    ```
+    qrCode: {
+        qid: number,     * required
+        dishId: string,  * required
+    }
+    ```
+
+- #### DELETE `/api/qrcode?qid=`
+    This route deletes the qr code with the given qid only if the user is admin.
+    
+    headers:
+    ```
+    x-api-key: preset constant api key
+    session-token: generated sessionCookie from firebase after login
+    ```
+    query:
+    ```
+    qid: delete the qr code with this qid
+    ```

backend/src/app.ts

@@ -7,6 +7,7 @@ import { transactionsRouter } from './routes/transactions'
 import { userRouter } from './routes/users'
 import { authRouter } from './routes/auth'
 import cookieParser from 'cookie-parser'
+import { qrCodeRouter } from './routes/qrCode'
 
 const app = express()
 dotenv.config()
@@ -40,5 +41,6 @@ app.use('/api/auth', authRouter)
 app.use('/api/dish', dishRouter)
 app.use('/api/transactions', transactionsRouter)
 app.use('/api/users', userRouter)
+app.use('/api/qrcode', qrCodeRouter)
 
 export { app }

backend/src/controllers/dish.ts

@@ -16,7 +16,7 @@ import {
 import { CustomRequest } from '../middlewares/auth'
 import Logger from '../utils/logger'
 import { verifyIfUserAdmin } from '../services/users'
-import { getTransaction, registerTransaction, getTransactionByDishId } from '../services/transactions'
+import { getTransaction, registerTransaction, getTransactionBydishId } from '../services/transactions'
 import { getQrCode } from '../services/qrCode'
 import { db } from '../services/firebase'
 import nodeConfig from 'config'
@@ -335,7 +335,7 @@ export const returnDish = async (req: Request, res: Response) => {
             return res.status(400).json({ error: 'operation_not_allowed', message: 'Dish not borrowed' })
         }
 
-        ongoingTransaction = await getTransactionByDishId(userClaims, id!)
+        ongoingTransaction = await getTransactionBydishId(userClaims, id!)
         if (!ongoingTransaction) {
             Logger.error({
                 module: 'dish.controller',

backend/src/controllers/qrCode.ts

@@ -0,0 +1,160 @@
+import { Request, Response } from 'express'
+import { verifyIfUserAdmin } from '../services/users'
+import Logger from '../utils/logger'
+import { CustomRequest } from '../middlewares/auth'
+import { createQrCodeInDatabase, deleteQrCodeFromDatabase, getAllQrCodes, getQrCode } from '../services/qrCode'
+
+export const getQrCodes = async (req: Request, res: Response) => {
+    let userClaims = (req as CustomRequest).firebase
+    let qid = req.query['qid']?.toString()
+
+    if (!qid) {
+        // check if user is admin
+        // if yes, return all qr codes
+
+        if (!verifyIfUserAdmin(userClaims)) {
+            Logger.error({
+                module: 'qrCode.controller',
+                message: 'User is not admin',
+                statusCode: 403,
+            })
+            return res.status(403).json({ error: 'forbidden' })
+        }
+
+        let codes = await getAllQrCodes()
+
+        Logger.info({
+            module: 'qrCode.controller',
+            function: 'getQrCodes',
+            message: 'retrieved all qr codes',
+            status: 200,
+        })
+
+        return res.status(200).json({ qrCodes: codes })
+    }
+
+    // return qr code by qid
+    try {
+        let qrCode = await getQrCode(qid.toString())
+        if (!qrCode) {
+            Logger.error({
+                message: 'qr code does not exist',
+                statusCode: 404,
+                module: 'qrCode.controller',
+                function: 'getQRCodes',
+            })
+            return res.status(400).json({ error: 'qr_code_not_found' })
+        }
+        Logger.info({
+            message: 'retrieved qrCode',
+            module: 'qrCode.controller',
+            function: 'getQRCodes',
+        })
+        return res.status(200).json({ qrCode: qrCode })
+    } catch (error: any) {
+        Logger.error({
+            message: 'Error when retrieving qr code',
+            error,
+            statusCode: 500,
+            module: 'qrCode.controller',
+            function: 'getQRCodes',
+        })
+        return res.status(500).json({ error: 'internal_server_error', message: error.message })
+    }
+}
+
+export const createQrCode = async (req: Request, res: Response) => {
+    let userClaims = (req as CustomRequest).firebase
+    if (!verifyIfUserAdmin(userClaims)) {
+        Logger.error({
+            module: 'qrCode.controller',
+            message: 'User is not admin',
+            statusCode: 403,
+        })
+        return res.status(403).json({ error: 'forbidden' })
+    }
+
+    try {
+        let qrCode = await createQrCodeInDatabase(req.body.qrCode, false)
+        return res.status(201).json({ qrCode })
+    } catch (error: any) {
+        Logger.error({
+            module: 'qrCode.controller',
+            error,
+            message: 'Error when creating qr code in database',
+            statusCode: 500,
+        })
+        return res.status(500).json({ error: 'internal_server_error', message: error.message })
+    }
+}
+
+export const updateQrCode = async (req: Request, res: Response) => {
+    let userClaims = (req as CustomRequest).firebase
+    if (!verifyIfUserAdmin(userClaims)) {
+        Logger.error({
+            module: 'qrCode.controller',
+            message: 'User is not admin',
+            statusCode: 403,
+        })
+        return res.status(403).json({ error: 'forbidden' })
+    }
+
+    // check if qrcode exists
+    let existingQrCode = await getQrCode(req.body.qrCode.qid.toString())
+    if (!existingQrCode) {
+        Logger.error({
+            module: 'qrCode.services',
+            message: 'qrCode does not exist',
+            status: 500,
+        })
+        return res.status(500).json({ error: 'internal_server_error', message: 'qr code does not exist' })
+    }
+
+    try {
+        let qrCode = await createQrCodeInDatabase(req.body.qrCode, true)
+        return res.status(200).json({ qrCode })
+    } catch (error: any) {
+        Logger.error({
+            module: 'qrCode.controller',
+            error,
+            message: 'Error when creating qr code in database',
+            statusCode: 500,
+        })
+        return res.status(500).json({ error: 'internal_server_error', message: error.message })
+    }
+}
+
+export const deleteQrCode = async (req: Request, res: Response) => {
+    let userClaims = (req as CustomRequest).firebase
+    if (!verifyIfUserAdmin(userClaims)) {
+        Logger.error({
+            module: 'qrCode.controller',
+            message: 'User is not admin',
+            statusCode: 403,
+        })
+        return res.status(403).json({ error: 'forbidden' })
+    }
+
+    let qid = req.query['qid']?.toString()
+    if (!qid) {
+        Logger.error({
+            module: 'qrCOde.controller',
+            message: 'No qid provided',
+            statusCode: 400,
+        })
+        return res.status(400).json({ error: 'bad_request' })
+    }
+
+    try {
+        await deleteQrCodeFromDatabase(qid)
+        return res.status(200).json({ message: 'deleted qr code' })
+    } catch (error: any) {
+        Logger.error({
+            module: 'qrCode.controller',
+            error,
+            message: 'Error when creating qr code in database',
+            statusCode: 500,
+        })
+        return res.status(500).json({ error: 'internal_server_error', message: error.message })
+    }
+}

backend/src/models/qrCode.ts

@@ -0,0 +1,4 @@
+export type QrCode = {
+    qid: number
+    dishId: string
+}

backend/src/routes/qrCode.ts

@@ -0,0 +1,12 @@
+import express from 'express'
+import { verifyApiKey, verifyFirebaseToken } from '../middlewares/auth'
+import { createQrCode, deleteQrCode, getQrCodes, updateQrCode } from '../controllers/qrCode'
+
+const router = express.Router()
+
+router.get('/', verifyApiKey, verifyFirebaseToken, getQrCodes)
+router.post('/create', verifyApiKey, verifyFirebaseToken, createQrCode)
+router.post('/update', verifyApiKey, verifyFirebaseToken, updateQrCode)
+router.post('/delete', verifyApiKey, verifyFirebaseToken, deleteQrCode)
+
+export { router as qrCodeRouter }