modified hospital APIs

ducphamle2 · Jun 11, 2020 · a0c7341 · a0c7341
1 parent ccc12c4
commit a0c7341
Show file tree

Hide file tree

Showing 6 changed files with 121 additions and 447 deletions.
diff --git a/.env.example b/.env.example
diff --git a/controllers/blood_order/bloodOrderController.js b/controllers/blood_order/bloodOrderController.js
@@ -17,32 +17,26 @@ module.exports = {
                     error: "Forbidden !! You are not allowed to call this function"
                 })
             } else {
-                //get hospital - red cross info
-                db.query("select * from hospital where hospital_id = ?", [req.userData.id], function (err, result) {
-                    if (err) return res.status(500).json({ error: err })
-
-                    let order_id = bloodOrderId()
-                    let values = [
-                        [
-                            order_id,
-                            req.userData.id,
-                            req.body.red_cross_id,
-                            req.body.date,
-                            req.body.amount,
-                            req.body.blood_type,
-                            constants.pending
-                        ]
+                let order_id = bloodOrderId()
+                let values = [
+                    [
+                        order_id,
+                        req.userData.id,
+                        req.body.date,
+                        req.body.amount,
+                        req.body.blood_type,
+                        constants.unsent
                     ]
+                ]
 
-                    db.query("insert into blood_order values ?", [values], function (err, result) {
-                        if (err) return res.status(500).json({ error: err })
+                db.query("insert into blood_order values ?", [values], function (err, result) {
+                    if (err) return res.status(500).json({ error: err })
 
-                        return res.status(200).json({
-                            message: "Your order has been created successfully",
-                            order_id: order_id
-                        });
-                    })
-                });
+                    return res.status(200).json({
+                        message: "Your order has been created successfully",
+                        order_id: order_id
+                    });
+                })
             }
         }
     },
@@ -57,22 +51,22 @@ module.exports = {
                     error: "Forbidden !! You are not allowed to call this function"
                 })
             } else {
-                db.query("select * from blood_order where order_id = ?", [req.body.order_id], function (err, result) {
+                db.query("select * from blood_order where order_id = ?", [req.body.id], function (err, result) {
                     if (result.length === 0) {
                         return res.status(404).json({
                             error: "Cannot find the order",
                         })
                     } else if (err) {
-                        return res.status(500).json({error: err});
+                        return res.status(500).json({ error: err });
                     } else {
                         let values = {
                             order_date: req.body.date,
                             amount: req.body.amount,
                             blood_type: req.body.blood_type
                         }
-                        db.query("update blood_order set ? where order_id = ?", [values, req.body.order_id], function (err, result){
+                        db.query("update blood_order set ? where order_id = ?", [values, req.body.id], function (err, result) {
                             if (err) {
-                                return res.status(500).json({error: err})
+                                return res.status(500).json({ error: err })
                             } else if (result.affectedRows === 0) {
                                 return res.status(404).json({
                                     error: "Cannot find order id"
@@ -82,66 +76,35 @@ module.exports = {
                                     message: "Updated successfully"
                                 })
                             }
-                        } )
+                        })
                     }
                 })
             }
         }
     },
 
-    updateOrderStatus: (req, res) => {
-        const errors = validationResult(req);
-        if (!errors.isEmpty()) {
-            return res.status(422).json({ errors: errors.array() });
-        } else {
-            if (req.userData.role !== constants.role.red_cross) {
-                return res.status(403).json({
-                    error: "Forbidden !! You are not allowed to call this function"
-                })
+    sendOrder: (req, res) => {
+        db.query("update blood_order set status = ? where order_id = ?", [constants.pending, req.params.id], function (err, result) {
+            if (err) {
+              console.log("ERROR: ", err)
+              return res.status(500).json({ error: "there is something wrong with the database" })
             } else {
-                db.query("select * from blood_order where order_id = ?", [req.body.order_id], function (err, result) {
-                    if (result.length === 0) {
-                        return res.status(404).json({
-                            error: "Cannot find the order",
-                        })
-                    } else if (err) {
-                        return res.status(500).json({error: err});
-                    } else {
-                        let values = {
-                            order_date: req.body.date,
-                            amount: req.body.amount,
-                            blood_type: req.body.blood_type
-                        }
-                        db.query("update blood_order set ? where order_id = ?", [values, req.body.order_id], function (err, result){
-                            if (err) {
-                                return res.status(500).json({error: err})
-                            } else if (result.affectedRows === 0) {
-                                return res.status(404).json({
-                                    error: "Cannot find order id"
-                                })
-                            } else {
-                                return res.status(200).json({
-                                    message: "Updated successfully"
-                                })
-                            }
-                        } )
-                    }
-                })
+              return res.status(200).json({ message: "success", data: result })
             }
-        }
+          })
     },
 
     deleteOrder: (req, res) => {
         const errors = validationResult(req);
         if (!errors.isEmpty()) {
-            return res.status(422).json( {errors: errors.array()});
+            return res.status(422).json({ errors: errors.array() });
         } else {
             if (req.userData.role !== constants.role.hospital) {
                 return res.status(403).json({
                     error: "Forbidden !! You are not allowed to call this function!"
                 })
             } else {
-                db.query("select * from blood_order where order_id = ?", [req.body.order_id], function (err, result) {
+                db.query("select * from blood_order where order_id = ?", [req.body.id], function (err, result) {
                     if (result.length === 0) {
                         return res.status(404).json({
                             error: "Cannot find the order",
@@ -151,10 +114,10 @@ module.exports = {
                             error: err
                         })
                     } else {
-                        db.query("delete from blood_order where order_id = ?", [req.body.order_id], function (err, result) {
-                            if (err) {return res.status(500).json({error: err})}
-                            else if (result.affectedRows === 0) {return res.status(404).json({error: err})}
-                            else return res.status(200).json({message: "Deleted"})
+                        db.query("delete from blood_order where order_id = ?", [req.body.id], function (err, result) {
+                            if (err) { return res.status(500).json({ error: err }) }
+                            else if (result.affectedRows === 0) { return res.status(404).json({ error: err }) }
+                            else return res.status(200).json({ message: "Deleted" })
                         })
                     }
                 })
@@ -165,9 +128,9 @@ module.exports = {
     searchOrderWithDate: (req, res) => {
         const errors = validationResult(req);
         if (!errors.isEmpty()) {
-            return res.status(422).json({errors: errors.array()})
+            return res.status(422).json({ errors: errors.array() })
         } else {
-            db.query("select * from blood_order where order_date = ?", [req.body.order_date], function(err, result) {
+            db.query("select * from blood_order where order_date = ?", [req.body.order_date], function (err, result) {
                 if (err) {
                     return res.status(500).json({
                         error: err
@@ -184,14 +147,70 @@ module.exports = {
 
     //TODO: limit, offset (pagnitation)
     getAllOrders: (req, res) => {
-        if (req.userData.role === constants.role.hospital) {
-            let sql = "select * from blood_order where hospital_id = ?"
-        } else if (req.userData.role === constants.role.red_cross) {
-            let sql = "select * from blood_order where red_cross_id = ?"
+        const errors = validationResult(req);
+        if (!errors.isEmpty()) {
+            return res.status(422).json({ errors: errors.array() });
+        } else {
+            if (req.userData.role !== constants.role.hospital) {
+                return res.status(403).json({
+                    error: "Forbidden !! You are not allowed to call this function!"
+                })
+            } else {
+                let sql = "select * from blood_order where hospital_id = ?"
+                db.query(sql, [req.userData.id], function (err, result) {
+                    if (err) return res.status(500).json({ error: err })
+                    return res.status(200).json({ message: "success", data: result })
+                })
+            }
         }
-        db.query(sql, [req.userData.id], function (err, result) {
-            if (err) return res.status(500).json({ error: err })
+    },
+
+    getAllUnsentOrders: (req, res) => {
+        const errors = validationResult(req);
+        if (!errors.isEmpty()) {
+            return res.status(422).json({ errors: errors.array() });
+        } else {
+            if (req.userData.role !== constants.role.hospital) {
+                return res.status(403).json({
+                    error: "Forbidden !! You are not allowed to call this function!"
+                })
+            } else {
+                let sql = "select * from blood_order where hospital_id = ? and status = ?"
+                db.query(sql, [req.userData.id, constants.unsent], function (err, result) {
+                    if (err) return res.status(500).json({ error: err })
+                    return res.status(200).json({ message: "success", data: result })
+                })
+            }
+        }
+    },
+
+    getAllSentOrders: (req, res) => {
+        const errors = validationResult(req);
+        if (!errors.isEmpty()) {
+            return res.status(422).json({ errors: errors.array() });
+        } else {
+            if (req.userData.role !== constants.role.hospital) {
+                return res.status(403).json({
+                    error: "Forbidden !! You are not allowed to call this function!"
+                })
+            } else {
+                let sql = "select * from blood_order where hospital_id = ? and status != ?"
+                db.query(sql, [req.userData.id, constants.unsent], function (err, result) {
+                    if (err) return res.status(500).json({ error: err })
+                    return res.status(200).json({ message: "success", data: result })
+                })
+            }
+        }
+    },
+
+    getOrderWithID: (req, res) => {
+        db.query("select * from blood_order where order_id = ?", [req.params.id], function (err, result) {
+          if (err) {
+            console.log("ERROR: ", err)
+            return res.status(500).json({ error: "there is something wrong with the database" })
+          } else {
             return res.status(200).json({ message: "success", data: result })
+          }
         })
-    }
+      }
 };
diff --git a/controllers/blood_order/index.js b/controllers/blood_order/index.js
@@ -7,37 +7,43 @@ const { check } = require("express-validator/check");
 const router = express.Router();
 
 router.post("/create_order", authMiddleware, [
-    check("date").matches(/^([0-9]{2,4})-([0-1][0-9])-([0-3][0-9])(?:( [0-2][0-9]):([0-5][0-9]):([0-5][0-9]))?$/, "i"),
+    check("date").isInt(),
 
 ],
     controller.createOrder);
 
 router.post("/update_order_info/:id", [
     check("id").isLength({ min: 32, max: 32 }),
-    check("date").exists().
-        matches(/^([0-9]{2,4})-([0-1][0-9])-([0-3][0-9])(?:( [0-2][0-9]):([0-5][0-9]):([0-5][0-9]))?$/, "i"),
+    check("date").isInt(),
 ],
     authMiddleware,
     controller.updateOrderInfo);
 
-router.post("/update_order_status/:id", [
-    check("id").isLength({ min: 32, max: 32 }),
-    check("date").exists().
-        matches(/^([0-9]{2,4})-([0-1][0-9])-([0-3][0-9])(?:( [0-2][0-9]):([0-5][0-9]):([0-5][0-9]))?$/, "i"),
-],
-    authMiddleware,
-    controller.updateOrderStatus);
+// router.post("/update_order_status/:id", [
+//     check("id").isLength({ min: 32, max: 32 }),
+//     check("date").isInt(),
+// ],
+//     authMiddleware,
+//     controller.updateOrderStatus);
 
 router.delete("/delete_order/:id", authMiddleware, [
     check("id").isLength({ min: 32, max: 32 }),
 ],
     controller.deleteOrder);
 
 router.post("/search_with_date",
-    check("date").
-        matches(/^([0-9]{2,4})-([0-1][0-9])-([0-3][0-9])(?:( [0-2][0-9]):([0-5][0-9]):([0-5][0-9]))?$/, "i"),
+    check("date").isInt(),
     controller.searchOrderWithDate);
 
-router.get("/get_orders", controller.getAllOrders)
+router.post("/send_order/:id", [
+    check("id").isLength({ min: 32, max: 32 }),
+],
+    authMiddleware,
+    controller.sendOrder);
+
+router.get("/get_orders", authMiddleware, controller.getAllOrders)
+router.get("/get_sent_orders", authMiddleware, controller.getAllSentOrders)
+router.get("/get_unsent_orders", authMiddleware, controller.getAllUnsentOrders)
+router.get("/get_order/:id", authMiddleware, controller.getOrderWithID)
 
 module.exports = router;