1
0
forked from blue/pica

update delete and list transaction requests

This commit is contained in:
Blue 2024-04-17 18:37:15 -03:00
parent e1d5b6c76c
commit 7c4adaf450
Signed by untrusted user: blue
GPG Key ID: 9B203B252A63EE38
11 changed files with 277 additions and 4 deletions

View File

@ -59,7 +59,7 @@ public:
virtual DB::Transaction addTransaction(const DB::Transaction& transaction) = 0;
virtual std::vector<DB::Transaction> listTransactions(uint32_t owner) = 0;
virtual void updateTransaction(const DB::Transaction& transaction) = 0;
virtual void deleteTransaction(uint32_t id) = 0;
virtual bool deleteTransaction(uint32_t id, uint32_t actorId) = 0;
protected:
Interface(Type type);

View File

@ -39,7 +39,7 @@ constexpr const char* updateTransactionQuery = "UPDATE transactions SET"
" `initiator` = ?, `type` = 1, `asset` = ?,"
" `parent` = ?, `value` = ?, `performed` = ?"
" WHERE `id` = ?";
constexpr const char* deleteTransactionQuery = "DELETE FROM transactions where `id` = ? OR `parent` = ?";
constexpr const char* deleteTransactionQuery = "DELETE FROM transactions where (`id` = ? OR `parent` = ?) AND `initiator` = ?";
constexpr const char* selectAllTransactions = "WITH RECURSIVE AllTransactions AS ("
" SELECT t.id, t.initiator, t.asset, t.parent, t.value, t.modified, t.performed t.notes FROM transactions t"
" JOIN assets a ON t.asset = a.id"
@ -475,13 +475,19 @@ void DB::MySQL::updateTransaction(const DB::Transaction& transaction) {
upd.execute();
}
void DB::MySQL::deleteTransaction(uint32_t id) {
bool DB::MySQL::deleteTransaction(uint32_t id, uint32_t actorId) {
MYSQL* con = &connection;
Statement del(con, deleteTransactionQuery);
del.bind(&id, MYSQL_TYPE_LONG, true); //for actual transactions
del.bind(&id, MYSQL_TYPE_LONG, true); //for potential children
del.bind(&actorId, MYSQL_TYPE_LONG, true); //for preventing unauthorized removal, but it needs to be improved
del.execute(); //need to think of a parent with no children transactions...
if (del.affectedRows() == 0)
return false;
return true;
}
std::vector<DB::Transaction> DB::MySQL::listTransactions(uint32_t owner) {

View File

@ -46,7 +46,7 @@ public:
DB::Transaction addTransaction(const DB::Transaction& transaction) override;
std::vector<DB::Transaction> listTransactions(uint32_t owner) override;
void updateTransaction(const DB::Transaction& transaction) override;
void deleteTransaction(uint32_t id) override;
bool deleteTransaction(uint32_t id, uint32_t actorId) override;
private:
void executeFile (const std::filesystem::path& relativePath);

View File

@ -14,6 +14,9 @@ set(HEADERS
updateasset.h
currencies.h
addtransaction.h
transactions.h
deletetransaction.h
updatetransaction.h
)
set(SOURCES
@ -29,6 +32,9 @@ set(SOURCES
updateasset.cpp
currencies.cpp
addtransaction.cpp
transactions.cpp
deletetransaction.cpp
updatetransaction.cpp
)
target_sources(${PROJECT_NAME} PRIVATE ${SOURCES})

View File

@ -0,0 +1,59 @@
//SPDX-FileCopyrightText: 2024 Yury Gubich <blue@macaw.me>
//SPDX-License-Identifier: GPL-3.0-or-later
#include "deletetransaction.h"
#include "server/server.h"
#include "server/session.h"
#include "database/exceptions.h"
Handler::DeleteTransaction::DeleteTransaction (const std::shared_ptr<Server>& server):
Handler("deleteTransaction", Request::Method::post),
server(server)
{}
void Handler::DeleteTransaction::handle (Request& request) {
std::string access = request.getAuthorizationToken();
if (access.empty())
return error(request, Response::Status::unauthorized);
if (access.size() != 32)
return error(request, Response::Status::badRequest);
std::shared_ptr<Server> srv = server.lock();
if (!srv)
return error(request, Response::Status::internalError);
std::map form = request.getForm();
std::map<std::string, std::string>::const_iterator itr = form.find("id");
if (itr == form.end())
return error(request, Response::Status::badRequest);
unsigned int txnId;
try {
txnId = std::stoul(itr->second);
} catch (const std::exception& e) {
return error(request, Response::Status::badRequest);
}
try {
Session& session = srv->getSession(access);
bool success = srv->getDatabase()->deleteTransaction(txnId, session.owner);
if (!success)
return error(request, Response::Status::forbidden);
Response& res = request.createResponse(Response::Status::ok);
res.send();
session.transactionRemoved(txnId);
} catch (const DB::NoSession& e) {
return error(request, Response::Status::unauthorized);
} catch (const std::exception& e) {
std::cerr << "Exception on " << path << ":\n\t" << e.what() << std::endl;
return error(request, Response::Status::internalError);
} catch (...) {
std::cerr << "Unknown exception on " << path << std::endl;
return error(request, Response::Status::internalError);
}
}

View File

@ -0,0 +1,21 @@
//SPDX-FileCopyrightText: 2024 Yury Gubich <blue@macaw.me>
//SPDX-License-Identifier: GPL-3.0-or-later
#pragma once
#include <memory>
#include "handler.h"
class Server;
namespace Handler {
class DeleteTransaction : public Handler {
public:
DeleteTransaction (const std::shared_ptr<Server>& server);
virtual void handle (Request& request) override;
private:
std::weak_ptr<Server> server;
};
}

51
handler/transactions.cpp Normal file
View File

@ -0,0 +1,51 @@
//SPDX-FileCopyrightText: 2024 Yury Gubich <blue@macaw.me>
//SPDX-License-Identifier: GPL-3.0-or-later
#include "transactions.h"
#include "server/server.h"
#include "server/session.h"
#include "database/exceptions.h"
Handler::Transactions::Transactions (const std::shared_ptr<Server>& server):
Handler("transactions", Request::Method::get),
server(server)
{}
void Handler::Transactions::handle (Request& request) {
std::string access = request.getAuthorizationToken();
if (access.empty())
return error(request, Response::Status::unauthorized);
if (access.size() != 32)
return error(request, Response::Status::badRequest);
std::shared_ptr<Server> srv = server.lock();
if (!srv)
return error(request, Response::Status::internalError);
try {
Session& session = srv->getSession(access);
std::vector<DB::Transaction> transactions = srv->getDatabase()->listTransactions(session.owner);
nlohmann::json arr = nlohmann::json::array();
for (const DB::Transaction& transaction : transactions)
arr.push_back(transaction.toJSON());
nlohmann::json body = nlohmann::json::object();
body["transactions"] = arr;
Response& res = request.createResponse(Response::Status::ok);
res.setBody(body);
res.send();
} catch (const DB::NoSession& e) {
return error(request, Response::Status::unauthorized);
} catch (const std::exception& e) {
std::cerr << "Exception on " << path << ":\n\t" << e.what() << std::endl;
return error(request, Response::Status::internalError);
} catch (...) {
std::cerr << "Unknown exception on " << path << std::endl;
return error(request, Response::Status::internalError);
}
}

20
handler/transactions.h Normal file
View File

@ -0,0 +1,20 @@
//SPDX-FileCopyrightText: 2024 Yury Gubich <blue@macaw.me>
//SPDX-License-Identifier: GPL-3.0-or-later
#pragma once
#include <memory>
#include "handler.h"
class Server;
namespace Handler {
class Transactions : public Handler::Handler {
public:
Transactions (const std::shared_ptr<Server>& server);
void handle (Request& request) override;
private:
std::weak_ptr<Server> server;
};
}

View File

@ -0,0 +1,84 @@
//SPDX-FileCopyrightText: 2024 Yury Gubich <blue@macaw.me>
//SPDX-License-Identifier: GPL-3.0-or-later
#include "updatetransaction.h"
#include <map>
#include "server/server.h"
#include "server/session.h"
#include "database/exceptions.h"
Handler::UpdateTransaction::UpdateTransaction (const std::shared_ptr<Server>& server):
Handler("updateTransaction", Request::Method::post),
server(server)
{}
void Handler::UpdateTransaction::handle (Request& request) {
std::string access = request.getAuthorizationToken();
if (access.empty())
return error(request, Response::Status::unauthorized);
if (access.size() != 32)
return error(request, Response::Status::badRequest);
std::shared_ptr<Server> srv = server.lock();
if (!srv)
return error(request, Response::Status::internalError);
std::map form = request.getForm();
std::map<std::string, std::string>::const_iterator itr = form.find("id");
if (itr == form.end())
return error(request, Response::Status::badRequest);
DB::Transaction txn;
txn.id = std::stoul(itr->second);
itr = form.find("asset");
if (itr == form.end())
return error(request, Response::Status::badRequest);
txn.asset = std::stoul(itr->second);
//TODO validate the asset
itr = form.find("value");
if (itr == form.end())
return error(request, Response::Status::badRequest);
txn.value = std::stod(itr->second);
itr = form.find("performed");
if (itr == form.end())
return error(request, Response::Status::badRequest);
txn.performed = std::stoul(itr->second);
itr = form.find("notes");
if (itr != form.end())
txn.notes = itr->second;
itr = form.find("parent");
if (itr != form.end())
txn.parent = std::stoul(itr->second);
try {
Session& session = srv->getSession(access);
txn.initiator = session.owner;
srv->getDatabase()->updateTransaction(txn);
Response& res = request.createResponse(Response::Status::ok);
res.send();
session.transactionChanged(txn);
} catch (const DB::NoSession& e) {
return error(request, Response::Status::unauthorized);
} catch (const std::exception& e) {
std::cerr << "Exception on " << path << ":\n\t" << e.what() << std::endl;
return error(request, Response::Status::internalError);
} catch (...) {
std::cerr << "Unknown exception on " << path << std::endl;
return error(request, Response::Status::internalError);
}
}

View File

@ -0,0 +1,20 @@
//SPDX-FileCopyrightText: 2024 Yury Gubich <blue@macaw.me>
//SPDX-License-Identifier: GPL-3.0-or-later
#pragma once
#include <memory>
#include "handler.h"
class Server;
namespace Handler {
class UpdateTransaction : public Handler {
public:
UpdateTransaction (const std::shared_ptr<Server>& server);
virtual void handle (Request& request) override;
private:
std::weak_ptr<Server> server;
};
}

View File

@ -18,6 +18,9 @@
#include "handler/currencies.h"
#include "handler/updateasset.h"
#include "handler/addtransaction.h"
#include "handler/transactions.h"
#include "handler/deletetransaction.h"
#include "handler/updatetransaction.h"
#include "taskmanager/route.h"
@ -81,6 +84,9 @@ void Server::run (int socketDescriptor) {
router->addRoute(std::make_unique<Handler::Currencies>(srv));
router->addRoute(std::make_unique<Handler::UpdateAsset>(srv));
router->addRoute(std::make_unique<Handler::AddTransaction>(srv));
router->addRoute(std::make_unique<Handler::Transactions>(srv));
router->addRoute(std::make_unique<Handler::DeleteTransaction>(srv));
router->addRoute(std::make_unique<Handler::UpdateTransaction>(srv));
taskManager->start();
scheduler->start();