Skip to content

Commit 4d9e9f9

Browse files
Merge pull request #2223 from OneCommunityGlobal/revert-2215-revert-2214-development
Revert "Revert "Backend Release to Main [3.06]""
2 parents f1c5dea + b64d899 commit 4d9e9f9

21 files changed

Lines changed: 14218 additions & 209 deletions

package-lock.json

Lines changed: 2009 additions & 4 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@
2222
"test:ci": "npm test -- --coverage",
2323
"lint": "eslint ./src --ext .js,.jsx --max-warnings=2000 --ignore-pattern '**/node_modules/**' --ignore-pattern '**/coverage/**' --ignore-pattern '**/dist/**' --ignore-pattern '**/build/**'",
2424
"lint:fix": "eslint ./src --ext .js,.jsx --fix --ignore-pattern '**/node_modules/**' --ignore-pattern '**/coverage/**' --ignore-pattern '**/dist/**' --ignore-pattern '**/build/**'",
25-
"build": "babel src -d dist && mkdir -p dist/data && cp -r src/data/* dist/data/ 2>/dev/null || true",
25+
"build": "babel src -d dist && shx mkdir -p dist/data && shx cp -r src/data/* dist/data/",
2626
"buildw": "babel src -d dist --watch",
2727
"start": "node dist/server.js",
2828
"dev": "nodemon --exec \"babel-node --only src src/server.js\"",
@@ -42,6 +42,7 @@
4242
"@types/node": "^8.10.61",
4343
"@types/supertest": "^6.0.2",
4444
"babel-jest": "^29.7.0",
45+
"baseline-browser-mapping": "^2.10.29",
4546
"eslint": "^8.47.0",
4647
"eslint-config-airbnb": "^19.0.4",
4748
"eslint-config-airbnb-base": "^15.0.0",
@@ -60,6 +61,7 @@
6061
"pidtree": "^0.6.0",
6162
"prettier": "3.2.5",
6263
"puppeteer": "^24.40.0",
64+
"shx": "^0.4.0",
6365
"supertest": "^6.3.4"
6466
},
6567
"dependencies": {
@@ -87,7 +89,7 @@
8789
"body-parser": "^1.20.4",
8890
"card-validator": "^10.0.2",
8991
"cheerio": "^0.22.0",
90-
"cloudinary": "^2.8.0",
92+
"cloudinary": "^2.9.0",
9193
"compression": "^1.8.0",
9294
"cors": "^2.8.4",
9395
"cron": "^1.8.2",

src/app.js

Lines changed: 9 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -7,33 +7,30 @@ const logger = require('./startup/logger');
77
const globalErrorHandler = require('./utilities/errorHandling/globalErrorHandler');
88
// const experienceRoutes = require('./routes/applicantAnalyticsRoutes');
99

10+
// 1. Core initialization
1011
logger.init();
11-
1212
app.use(Sentry.Handlers.requestHandler());
1313

14-
// Then load all other setup
14+
// 2. Load essential middleware (The "Engine")
1515
require('./startup/compression')(app);
1616
require('./startup/cors')(app);
17-
require('./startup/bodyParser')(app);
18-
require('./startup/session')(app); // Add session before middleware and routes
17+
require('./startup/bodyParser')(app); // <--- Crucial this runs before routes
18+
require('./startup/session')(app);
1919

20+
// 3. Define Routes (The "Destination")
21+
// It is better to move these INSIDE startup/routes.js, but if they stay here:
2022
app.use('/api/test', testRoutes);
2123

2224
const helpFeedbackRouter = require('./routes/helpFeedbackRouter');
2325
const helpRequestRouter = require('./routes/helpRequestRouter');
24-
2526
app.use('/api/feedback', helpFeedbackRouter);
2627
app.use('/api/helprequest', helpRequestRouter);
2728

2829
require('./startup/middleware')(app);
30+
// This handles all other routes and likely has your 404 handler
31+
require('./startup/routes')(app);
2932

30-
const weeklyReportsRouter = require('./routes/weeklyReportsRouter');
31-
32-
app.use('/api', weeklyReportsRouter);
33-
34-
// ⚠ This must come *after* your custom /api routes
35-
require('./startup/routes')(app);
36-
33+
// 4. Error Handling (The "Safety Net")
3734
app.use(Sentry.Handlers.errorHandler());
3835
app.use(globalErrorHandler);
3936

Lines changed: 53 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,53 @@
1+
const ActivityLog = require('../models/activityLog');
2+
const UserProfile = require('../models/userProfile');
3+
const { hasPermission } = require('../utilities/permissions');
4+
5+
const activityLogController = function () {
6+
async function fetchSupportDailyLog(req, res) {
7+
try {
8+
const { studentId } = req.params;
9+
const { requestor } = req.body;
10+
11+
if (!studentId) return res.status(400).json({ error: 'Missing studentId' });
12+
13+
if (!(await hasPermission(requestor, 'fetchSupportDailyLog'))) {
14+
return res
15+
.status(403)
16+
.json({ error: 'Forbidden: Only support role can access this endpoint' });
17+
}
18+
19+
const studentProfile = await UserProfile.findById(studentId).select('orgId');
20+
if (!studentProfile) {
21+
return res.status(404).json({ error: 'Student not found' });
22+
}
23+
24+
if (String(studentProfile.orgId) !== String(requestor.orgId)) {
25+
return res
26+
.status(403)
27+
.json({ error: 'Forbidden: Cannot access student outside your organization' });
28+
}
29+
30+
// fetch logs
31+
const logs = await ActivityLog.find({ actor_id: studentId })
32+
.sort({ created_at: -1 })
33+
.select('action_type metadata created_at actor_id');
34+
35+
await ActivityLog.create({
36+
actor_id: requestor.requestorId,
37+
action_type: 'view_student_daily_log',
38+
metadata: { viewedStudentId: studentId },
39+
created_at: new Date(),
40+
});
41+
42+
res.json(logs);
43+
} catch (err) {
44+
res.status(500).json({ error: err.message });
45+
}
46+
}
47+
48+
return {
49+
fetchSupportDailyLog,
50+
};
51+
};
52+
53+
module.exports = activityLogController;

0 commit comments

Comments
 (0)