Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2,013 changes: 2,009 additions & 4 deletions package-lock.json

Large diffs are not rendered by default.

6 changes: 4 additions & 2 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@
"test:ci": "npm test -- --coverage",
"lint": "eslint ./src --ext .js,.jsx --max-warnings=2000 --ignore-pattern '**/node_modules/**' --ignore-pattern '**/coverage/**' --ignore-pattern '**/dist/**' --ignore-pattern '**/build/**'",
"lint:fix": "eslint ./src --ext .js,.jsx --fix --ignore-pattern '**/node_modules/**' --ignore-pattern '**/coverage/**' --ignore-pattern '**/dist/**' --ignore-pattern '**/build/**'",
"build": "babel src -d dist && mkdir -p dist/data && cp -r src/data/* dist/data/ 2>/dev/null || true",
"build": "babel src -d dist && shx mkdir -p dist/data && shx cp -r src/data/* dist/data/",
"buildw": "babel src -d dist --watch",
"start": "node dist/server.js",
"dev": "nodemon --exec \"babel-node --only src src/server.js\"",
Expand All @@ -42,6 +42,7 @@
"@types/node": "^8.10.61",
"@types/supertest": "^6.0.2",
"babel-jest": "^29.7.0",
"baseline-browser-mapping": "^2.10.29",
"eslint": "^8.47.0",
"eslint-config-airbnb": "^19.0.4",
"eslint-config-airbnb-base": "^15.0.0",
Expand All @@ -60,6 +61,7 @@
"pidtree": "^0.6.0",
"prettier": "3.2.5",
"puppeteer": "^24.40.0",
"shx": "^0.4.0",
"supertest": "^6.3.4"
},
"dependencies": {
Expand Down Expand Up @@ -87,7 +89,7 @@
"body-parser": "^1.20.4",
"card-validator": "^10.0.2",
"cheerio": "^0.22.0",
"cloudinary": "^2.8.0",
"cloudinary": "^2.9.0",
"compression": "^1.8.0",
"cors": "^2.8.4",
"cron": "^1.8.2",
Expand Down
21 changes: 9 additions & 12 deletions src/app.js
Original file line number Diff line number Diff line change
Expand Up @@ -7,33 +7,30 @@ const logger = require('./startup/logger');
const globalErrorHandler = require('./utilities/errorHandling/globalErrorHandler');
// const experienceRoutes = require('./routes/applicantAnalyticsRoutes');

// 1. Core initialization
logger.init();

app.use(Sentry.Handlers.requestHandler());

// Then load all other setup
// 2. Load essential middleware (The "Engine")
require('./startup/compression')(app);
require('./startup/cors')(app);
require('./startup/bodyParser')(app);
require('./startup/session')(app); // Add session before middleware and routes
require('./startup/bodyParser')(app); // <--- Crucial this runs before routes
require('./startup/session')(app);

// 3. Define Routes (The "Destination")
// It is better to move these INSIDE startup/routes.js, but if they stay here:
app.use('/api/test', testRoutes);

const helpFeedbackRouter = require('./routes/helpFeedbackRouter');
const helpRequestRouter = require('./routes/helpRequestRouter');

app.use('/api/feedback', helpFeedbackRouter);
app.use('/api/helprequest', helpRequestRouter);

require('./startup/middleware')(app);
// This handles all other routes and likely has your 404 handler
require('./startup/routes')(app);

const weeklyReportsRouter = require('./routes/weeklyReportsRouter');

app.use('/api', weeklyReportsRouter);

// ⚠ This must come *after* your custom /api routes
require('./startup/routes')(app);

// 4. Error Handling (The "Safety Net")
app.use(Sentry.Handlers.errorHandler());
app.use(globalErrorHandler);

Expand Down
53 changes: 53 additions & 0 deletions src/controllers/activityLogController.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
const ActivityLog = require('../models/activityLog');
const UserProfile = require('../models/userProfile');
const { hasPermission } = require('../utilities/permissions');

const activityLogController = function () {
async function fetchSupportDailyLog(req, res) {
try {
const { studentId } = req.params;
const { requestor } = req.body;

if (!studentId) return res.status(400).json({ error: 'Missing studentId' });

if (!(await hasPermission(requestor, 'fetchSupportDailyLog'))) {
return res
.status(403)
.json({ error: 'Forbidden: Only support role can access this endpoint' });
}

const studentProfile = await UserProfile.findById(studentId).select('orgId');
if (!studentProfile) {
return res.status(404).json({ error: 'Student not found' });
}

if (String(studentProfile.orgId) !== String(requestor.orgId)) {
return res
.status(403)
.json({ error: 'Forbidden: Cannot access student outside your organization' });
}

// fetch logs
const logs = await ActivityLog.find({ actor_id: studentId })
.sort({ created_at: -1 })
.select('action_type metadata created_at actor_id');

await ActivityLog.create({
actor_id: requestor.requestorId,
action_type: 'view_student_daily_log',
metadata: { viewedStudentId: studentId },
created_at: new Date(),
});

res.json(logs);
} catch (err) {
res.status(500).json({ error: err.message });
}
}

return {
fetchSupportDailyLog,
};
};

module.exports = activityLogController;
Loading