diff --git a/.bruno/Plan Endpoints/delete plan.bru b/.bruno/Plan Endpoints/delete plan.bru index e18478f..6420739 100644 --- a/.bruno/Plan Endpoints/delete plan.bru +++ b/.bruno/Plan Endpoints/delete plan.bru @@ -1,7 +1,7 @@ meta { name: delete plan type: http - seq: 2 + seq: 5 } delete { diff --git a/.bruno/Plan Endpoints/move plan.bru b/.bruno/Plan Endpoints/move plan.bru new file mode 100644 index 0000000..25dbe06 --- /dev/null +++ b/.bruno/Plan Endpoints/move plan.bru @@ -0,0 +1,24 @@ +meta { + name: move plan + type: http + seq: 4 +} + +put { + url: http://localhost:14014/api/move/[planId] + body: json + auth: inherit +} + +body:json { + { + "name": "test", + "pin": "1234", + "folder": "new folder name" + } +} + +settings { + encodeUrl: true + timeout: 0 +} diff --git a/.bruno/Plan Endpoints/rename plan.bru b/.bruno/Plan Endpoints/rename plan.bru new file mode 100644 index 0000000..81a84c4 --- /dev/null +++ b/.bruno/Plan Endpoints/rename plan.bru @@ -0,0 +1,24 @@ +meta { + name: rename plan + type: http + seq: 3 +} + +put { + url: http://localhost:14014/api/rename/[planId] + body: json + auth: inherit +} + +body:json { + { + "name": "test", + "pin": "1234", + "planName": "new plan name" + } +} + +settings { + encodeUrl: true + timeout: 0 +} diff --git a/.bruno/Plan Endpoints/undelete plan.bru b/.bruno/Plan Endpoints/undelete plan.bru index c3be850..3e80ffb 100644 --- a/.bruno/Plan Endpoints/undelete plan.bru +++ b/.bruno/Plan Endpoints/undelete plan.bru @@ -1,7 +1,7 @@ meta { name: undelete plan type: http - seq: 3 + seq: 6 } put { diff --git a/.bruno/Plan Endpoints/update plan.bru b/.bruno/Plan Endpoints/update plan.bru new file mode 100644 index 0000000..1df83d4 --- /dev/null +++ b/.bruno/Plan Endpoints/update plan.bru @@ -0,0 +1,24 @@ +meta { + name: update plan + type: http + seq: 2 +} + +put { + url: http://localhost:14014/api/move/[planId] + body: json + auth: inherit +} + +body:json { + { + "name": "test", + "pin": "1234", + "data": "new plan data" + } +} + +settings { + encodeUrl: true + timeout: 0 +} diff --git a/README.md b/README.md index a9b0aff..f1710b4 100644 --- a/README.md +++ b/README.md @@ -47,6 +47,7 @@ The API will be a combination API and basic SSR. - /api/create - API Page: **POST** to save new plan to DB, requires name, **PIN**, and data (optionally folder), api will generate a nanoid for the PK - /api/update/[planId] - API Page: **PUT** to overwrite plan while keeping same name and id, requires **PIN** and data - /api/rename/[planId] - API Page: **PUT** to rename plan while keeping same data and id, requires **PIN** and name + - /api/move/[planId] - API Page: **PUT** to change what folder a plan is in while keeping same data, name, and id, requires **PIN** and name - /api/undelete/[planId] - API Page: **PUT** to unmark plan as deleted, requires **PIN** - /api/delete/[planId] - API Page: **DELETE** to mark plan as deleted, requires **PIN** - /api/auth - API Page: **POST** to check if you are who you say you are, requires username and **PIN**, returns userId and boolean of if email was set diff --git a/mod.ts b/mod.ts index 0250c2e..df3bece 100644 --- a/mod.ts +++ b/mod.ts @@ -104,6 +104,52 @@ Deno.serve({ port: config.api.port }, async (req) => { }); if (failed) return genericResponse(STATUS_CODE.InternalServerError, "Couldn't update DB."); return genericResponse(STATUS_CODE.OK, 'Plan deleted.'); + } else if (path.startsWith('/update/')) { + const planId = path.replace('/update/', ''); + const planMatch = await dbClient.query('SELECT ownerId FROM plans WHERE id = ?', [planId]).catch(() => { + failed = true; + }); + if (failed) return genericResponse(STATUS_CODE.InternalServerError, "Couldn't read DB."); + if (!planMatch.length) return genericResponse(STATUS_CODE.NotFound, 'Plan ID does not exist.'); + if (planMatch[0].ownerId !== id) return genericResponse(STATUS_CODE.Forbidden, "You don't own this plan."); + + await dbClient.execute('UPDATE plans SET data = ? WHERE id = ?', [body.data, planId]).catch(() => { + failed = true; + }); + if (failed) return genericResponse(STATUS_CODE.InternalServerError, "Couldn't update DB."); + return genericResponse(STATUS_CODE.OK, 'Plan updated.'); + } else if (path.startsWith('/rename/')) { + if (body.planName.trim().length > 200) return genericResponse(STATUS_CODE.BadRequest, 'Name too long.'); + + const planId = path.replace('/rename/', ''); + const planMatch = await dbClient.query('SELECT ownerId FROM plans WHERE id = ?', [planId]).catch(() => { + failed = true; + }); + if (failed) return genericResponse(STATUS_CODE.InternalServerError, "Couldn't read DB."); + if (!planMatch.length) return genericResponse(STATUS_CODE.NotFound, 'Plan ID does not exist.'); + if (planMatch[0].ownerId !== id) return genericResponse(STATUS_CODE.Forbidden, "You don't own this plan."); + + await dbClient.execute('UPDATE plans SET name = ? WHERE id = ?', [body.planName, planId]).catch(() => { + failed = true; + }); + if (failed) return genericResponse(STATUS_CODE.InternalServerError, "Couldn't update DB."); + return genericResponse(STATUS_CODE.OK, 'Plan renamed.'); + } else if (path.startsWith('/move/')) { + if (body.planName.trim().length > 200) return genericResponse(STATUS_CODE.BadRequest, 'Folder name too long.'); + + const planId = path.replace('/move/', ''); + const planMatch = await dbClient.query('SELECT ownerId FROM plans WHERE id = ?', [planId]).catch(() => { + failed = true; + }); + if (failed) return genericResponse(STATUS_CODE.InternalServerError, "Couldn't read DB."); + if (!planMatch.length) return genericResponse(STATUS_CODE.NotFound, 'Plan ID does not exist.'); + if (planMatch[0].ownerId !== id) return genericResponse(STATUS_CODE.Forbidden, "You don't own this plan."); + + await dbClient.execute('UPDATE plans SET folder = ? WHERE id = ?', [body.folder, planId]).catch(() => { + failed = true; + }); + if (failed) return genericResponse(STATUS_CODE.InternalServerError, "Couldn't update DB."); + return genericResponse(STATUS_CODE.OK, 'Plan moved.'); } break; case 'DELETE':