VRI-UFPR · IosBonaldi · Nov 11, 2024 · Jul 25, 2024 · Jul 30, 2024 · Aug 12, 2024
diff --git a/prisma/schema.prisma b/prisma/schema.prisma
@@ -36,6 +36,7 @@ enum ItemGroupType {
 }
 
 enum ItemType {
+  TABLEROW
   TEXTBOX
   CHECKBOX
   RADIO
@@ -223,8 +224,8 @@ model Classroom {
   visibleProtocolAnswers Protocol[] @relation(name: "ProtocolAnswersViewersClassroom") // protocols that the classroom can see the answers
   visibleApplicationAnswers Application[] @relation(name: "ApplicationAnswersViewersClassroom") // applications that the classroom can see the answers
 
-  institutionId Int
-  institution   Institution @relation(fields: [institutionId], references: [id], onDelete: Cascade)
+  institutionId Int?
+  institution   Institution? @relation(fields: [institutionId], references: [id], onDelete: Cascade)
 
   @@unique([name, institutionId])
 }

diff --git a/src/controllers/applicationAnswerController.ts b/src/controllers/applicationAnswerController.ts
@@ -13,7 +13,7 @@ import { ApplicationAnswer, User, UserRole, VisibilityMode } from '@prisma/clien
 import * as yup from 'yup';
 import prismaClient from '../services/prismaClient';
 import errorFormatter from '../services/errorFormatter';
-import { unlinkSync } from 'fs';
+import { unlinkSync, existsSync } from 'fs';
 
 const checkAuthorization = async (
     user: User,
@@ -340,7 +340,7 @@ export const createApplicationAnswer = async (req: Request, res: Response) => {
         res.status(201).json({ message: 'Application answer created.', data: createdApplicationAnswer });
     } catch (error: any) {
         const files = req.files as Express.Multer.File[];
-        for (const file of files) unlinkSync(file.path);
+        for (const file of files) if (existsSync(file.path)) unlinkSync(file.path);
         res.status(400).json(errorFormatter(error));
     }
 };
@@ -454,7 +454,7 @@ export const updateApplicationAnswer = async (req: Request, res: Response): Prom
                         },
                         select: { id: true, path: true },
                     });
-                    for (const file of filesToDelete) unlinkSync(file.path);
+                    for (const file of filesToDelete) if (existsSync(file.path)) unlinkSync(file.path);
                     await prisma.file.deleteMany({ where: { id: { in: filesToDelete.map((file) => file.id) } } });
                     // Create new files (udpating files is not supported)
                     const itemAnswerFiles = files
@@ -534,7 +534,7 @@ export const updateApplicationAnswer = async (req: Request, res: Response): Prom
         res.status(200).json({ message: 'Application answer updated.', data: upsertedApplicationAnswer });
     } catch (error: any) {
         const files = req.files as Express.Multer.File[];
-        for (const file of files) unlinkSync(file.path);
+        for (const file of files) if (existsSync(file.path)) unlinkSync(file.path);
         res.status(400).json(errorFormatter(error));
     }
 };

diff --git a/src/controllers/applicationController.ts b/src/controllers/applicationController.ts
@@ -104,12 +104,28 @@ const validateVisibility = async (
     const protocolViewers = await prismaClient.protocol.findUnique({
         where: {
             id: protocolId,
-            visibility: visibility,
-            answersVisibility: answersVisibility,
-            answersViewersUser: { every: { id: { in: answersViewersUsers } } },
-            answersViewersClassroom: { every: { id: { in: answersViewersClassrooms } } },
-            viewersUser: { every: { id: { in: viewersUsers } } },
-            viewersClassroom: { every: { id: { in: viewersClassrooms } } },
+            AND: [
+                {
+                    OR: [
+                        { visibility: 'PUBLIC' },
+                        {
+                            visibility: visibility,
+                            viewersUser: { every: { id: { in: viewersUsers } } },
+                            viewersClassroom: { every: { id: { in: viewersClassrooms } } },
+                        },
+                    ],
+                },
+                {
+                    OR: [
+                        { answersVisibility: 'PUBLIC' },
+                        {
+                            answersVisibility: answersVisibility,
+                            answersViewersUser: { every: { id: { in: answersViewersUsers } } },
+                            answersViewersClassroom: { every: { id: { in: answersViewersClassrooms } } },
+                        },
+                    ],
+                },
+            ],
         },
     });
 
@@ -130,10 +146,14 @@ const fields = {
 
 const fieldsWViewers = {
     ...fields,
-    viewersUser: { select: { id: true, username: true } },
-    viewersClassroom: { select: { id: true, institution: { select: { name: true } } } },
-    answersViewersUser: { select: { id: true, username: true } },
-    answersViewersClassroom: { select: { id: true, institution: { select: { name: true } } } },
+    viewersUser: { select: { id: true, username: true, classrooms: { select: { id: true, name: true } } } },
+    viewersClassroom: {
+        select: { id: true, name: true, institution: { select: { name: true } }, users: { select: { id: true, username: true } } },
+    },
+    answersViewersUser: { select: { id: true, username: true, classrooms: { select: { id: true, name: true } } } },
+    answersViewersClassroom: {
+        select: { id: true, name: true, institution: { select: { name: true } }, users: { select: { id: true, username: true } } },
+    },
 };
 
 const fieldsWProtocol = {
@@ -157,6 +177,7 @@ const fieldsWProtocol = {
                             type: true,
                             placement: true,
                             isRepeatable: true,
+                            tableColumns: { select: { id: true, text: true, placement: true } },
                             items: {
                                 orderBy: { placement: 'asc' as any },
                                 select: {
@@ -175,6 +196,7 @@ const fieldsWProtocol = {
                                         },
                                     },
                                     files: { select: { id: true, path: true, description: true } },
+                                    itemValidations: { select: { type: true, argument: true, customMessage: true } },
                                 },
                             },
                             dependencies: { select: { type: true, argument: true, itemId: true, customMessage: true } },
@@ -254,10 +276,10 @@ export const updateApplication = async (req: Request, res: Response): Promise<vo
             .shape({
                 visibility: yup.mixed<VisibilityMode>().oneOf(Object.values(VisibilityMode)),
                 answersVisibility: yup.mixed<VisibilityMode>().oneOf(Object.values(VisibilityMode)),
-                viewersUser: yup.array().of(yup.number()).required(),
-                viewersClassroom: yup.array().of(yup.number()).required(),
-                answersViewersUser: yup.array().of(yup.number()).required(),
-                answersViewersClassroom: yup.array().of(yup.number()).required(),
+                viewersUser: yup.array().of(yup.number()).default([]),
+                viewersClassroom: yup.array().of(yup.number()).default([]),
+                answersViewersUser: yup.array().of(yup.number()).default([]),
+                answersViewersClassroom: yup.array().of(yup.number()).default([]),
             })
             .noUnknown();
         // Yup parsing/validation

diff --git a/src/controllers/classroomController.ts b/src/controllers/classroomController.ts
@@ -24,12 +24,18 @@ const fields = {
     updatedAt: true,
 };
 
+const publicFields = {
+    id: true,
+    name: true,
+    users: { select: { id: true, name: true, username: true, role: true } },
+};
+
 // Only admins or the coordinator of the institution can perform C-UD operations on classrooms
 const checkAuthorization = async (user: User, classroomId: number | undefined, institutionId: number | undefined, action: string) => {
     switch (action) {
         case 'create':
             // Only ADMINs or members of an institution can perform create operations on its classrooms
-            if (user.role !== UserRole.ADMIN && (user.role === UserRole.USER || user.institutionId !== institutionId)) {
+            if (user.role !== UserRole.ADMIN && (user.role === UserRole.USER || (institutionId && user.institutionId !== institutionId))) {
                 throw new Error('This user is not authorized to perform this action');
             }
             break;
@@ -40,7 +46,12 @@ const checkAuthorization = async (user: User, classroomId: number | undefined, i
                 const classroom = await prismaClient.classroom.findUnique({
                     where: user.institutionId ? { id: classroomId, institutionId: user.institutionId } : { id: classroomId },
                 });
-                if (user.role === UserRole.USER || user.role === UserRole.APPLIER || !user.institutionId || !classroom) {
+                if (
+                    user.role === UserRole.USER ||
+                    user.role === UserRole.APPLIER ||
+                    (institutionId && institutionId !== user.institutionId) ||
+                    !classroom
+                ) {
                     throw new Error('This user is not authorized to perform this action');
                 }
             }
@@ -61,6 +72,11 @@ const checkAuthorization = async (user: User, classroomId: number | undefined, i
                 }
             }
             break;
+        case 'search':
+            if (user.role === UserRole.USER) {
+                throw new Error('This user is not authorized to perform this action');
+            }
+            break;
         case 'getMy':
             // All users can perform get my classrooms operation (the result will be filtered based on the user)
             break;
@@ -73,9 +89,8 @@ export const createClassroom = async (req: Request, res: Response) => {
         const createClassroomSchema = yup
             .object()
             .shape({
-                id: yup.number().min(1),
-                name: yup.string().min(1).max(255).required(),
-                institutionId: yup.number().required(),
+                name: yup.string().min(3).max(255).required(),
+                institutionId: yup.number(),
                 users: yup.array().of(yup.number()).min(2).required(),
             })
             .noUnknown();
@@ -88,9 +103,8 @@ export const createClassroom = async (req: Request, res: Response) => {
         // Prisma operation
         const createdClassroom: Classroom = await prismaClient.classroom.create({
             data: {
-                id: classroom.id,
                 name: classroom.name,
-                institutionId: classroom.institutionId,
+                institution: { connect: classroom.institutionId ? { id: classroom.institutionId } : undefined },
                 users: { connect: classroom.users.map((id) => ({ id: id })) },
             },
         });
@@ -108,18 +122,26 @@ export const updateClassroom = async (req: Request, res: Response): Promise<void
         // Yup schemas
         const updateClassroomSchema = yup
             .object()
-            .shape({ name: yup.string().min(1).max(255), users: yup.array().of(yup.number()).min(2) })
+            .shape({
+                name: yup.string().min(3).max(255),
+                institutionId: yup.number(),
+                users: yup.array().of(yup.number()).min(2),
+            })
             .noUnknown();
         // Yup parsing/validation
         const classroom = await updateClassroomSchema.validate(req.body);
         // User from Passport-JWT
         const user = req.user as User;
         // Check if user is authorized to update this classroom
-        await checkAuthorization(user, classroomId, undefined, 'update');
+        await checkAuthorization(user, classroomId, classroom.institutionId, 'update');
         // Prisma operation
         const updatedClassroom = await prismaClient.classroom.update({
             where: { id: classroomId },
-            data: { name: classroom.name, users: { set: [], connect: classroom.users?.map((id) => ({ id: id })) } },
+            data: {
+                name: classroom.name,
+                institution: { disconnect: true, connect: classroom.institutionId ? { id: classroom.institutionId } : undefined },
+                users: { set: [], connect: classroom.users?.map((id) => ({ id: id })) },
+            },
             select: fields,
         });
 
@@ -179,6 +201,33 @@ export const getMyClassrooms = async (req: Request, res: Response): Promise<void
     }
 };
 
+export const searchClassroomByName = async (req: Request, res: Response): Promise<void> => {
+    try {
+        // User from passport-jwt
+        const curUser = req.user as User;
+        // Check if user is authorized to search users
+        await checkAuthorization(curUser, undefined, undefined, 'search');
+        // Yup schemas
+        const searchUserSchema = yup
+            .object()
+            .shape({
+                term: yup.string().min(3).max(20).required(),
+            })
+            .noUnknown();
+        // Yup parsing/validation
+        const { term } = await searchUserSchema.validate(req.body);
+        // Prisma operation
+        const classrooms = await prismaClient.classroom.findMany({
+            where: { name: { startsWith: term } },
+            select: publicFields,
+        });
+
+        res.status(200).json({ message: 'Searched classrooms found.', data: classrooms });
+    } catch (error: any) {
+        res.status(400).json(errorFormatter(error));
+    }
+};
+
 export const deleteClassroom = async (req: Request, res: Response): Promise<void> => {
     try {
         // ID from params

diff --git a/src/controllers/protocolController.ts b/src/controllers/protocolController.ts
@@ -13,7 +13,7 @@ import { ItemType, ItemGroupType, PageType, ItemValidationType, User, UserRole,
 import * as yup from 'yup';
 import prismaClient from '../services/prismaClient';
 import errorFormatter from '../services/errorFormatter';
-import { unlinkSync } from 'fs';
+import { unlinkSync, existsSync } from 'fs';
 
 const checkAuthorization = async (user: User, protocolId: number | undefined, action: string) => {
     switch (action) {
@@ -325,10 +325,10 @@ const fields = {
 const fieldsWViewers = {
     ...fields,
     managers: { select: { id: true, username: true } },
-    viewersUser: { select: { id: true, username: true } },
-    viewersClassroom: { select: { id: true } },
-    answersViewersUser: { select: { id: true, username: true } },
-    answersViewersClassroom: { select: { id: true } },
+    viewersUser: { select: { id: true, username: true, classrooms: { select: { id: true, name: true } } } },
+    viewersClassroom: { select: { id: true, name: true, users: { select: { id: true, username: true } } } },
+    answersViewersUser: { select: { id: true, username: true, classrooms: { select: { id: true, name: true } } } },
+    answersViewersClassroom: { select: { id: true, name: true, users: { select: { id: true, username: true } } } },
     appliers: { select: { id: true, username: true } },
 };
 
@@ -595,7 +595,7 @@ export const createProtocol = async (req: Request, res: Response) => {
         res.status(201).json({ message: 'Protocol created.', data: createdProtocol });
     } catch (error: any) {
         const files = req.files as Express.Multer.File[];
-        for (const file of files) unlinkSync(file.path);
+        for (const file of files) if (existsSync(file.path)) unlinkSync(file.path);
         res.status(400).json(errorFormatter(error));
     }
 };
@@ -876,7 +876,7 @@ export const updateProtocol = async (req: Request, res: Response): Promise<void>
                             where: { id: { notIn: item.files.map((file) => file.id as number) }, itemId: upsertedItem.id },
                             select: { id: true, path: true },
                         });
-                        for (const file of filesToDelete) unlinkSync(file.path);
+                        for (const file of filesToDelete) if (existsSync(file.path)) unlinkSync(file.path);
                         await prisma.file.deleteMany({ where: { id: { in: filesToDelete.map((file) => file.id) } } });
                         const itemFiles = item.files.map((file, fileIndex) => {
                             const storedFile = files.find(
@@ -923,7 +923,7 @@ export const updateProtocol = async (req: Request, res: Response): Promise<void>
                                 },
                                 select: { id: true, path: true },
                             });
-                            for (const file of filesToDelete) unlinkSync(file.path);
+                            for (const file of filesToDelete) if (existsSync(file.path)) unlinkSync(file.path);
                             await prisma.file.deleteMany({ where: { id: { in: filesToDelete.map((file) => file.id) } } });
                             const itemOptionFiles = itemOption.files.map((file, fileIndex) => {
                                 const storedFile = files.find(
@@ -1045,7 +1045,7 @@ export const updateProtocol = async (req: Request, res: Response): Promise<void>
         res.status(200).json({ message: 'Protocol updated.', data: upsertedProtocol });
     } catch (error: any) {
         const files = req.files as Express.Multer.File[];
-        for (const file of files) unlinkSync(file.path);
+        for (const file of files) if (existsSync(file.path)) unlinkSync(file.path);
         res.status(400).json(errorFormatter(error));
     }
 };