k8s/Kubernetes>> checkpoint-document-management>> 返回
项目作者: tomily1

项目描述 :
Final Checkpoint
高级语言: JavaScript
项目地址: git://github.com/tomily1/checkpoint-document-management.git
创建时间: 2017-01-16T13:35:54Z
项目社区:https://github.com/tomily1/checkpoint-document-management
开源协议:MIT License
下载


Document Management System API

Code Climate
Coverage Status
Build Status

About Document Management Systems

This a Javascript implemented document management api with access levels, roles and priviledges.
Each document defines access rights; the document defines which roles can access it. Also, each document specifies the date it was published.
Users are categorized by roles.

Postman Collection

Run the App on POSTMAN.

Run in Postman

Features

Features

  1. Authentication
  • It uses JWT for authentication.
  • It generates a token and returns to the client.
  • It verifies the token on every request to authenticated endpoints.
  1. Users
  • It allows users to be created.
  • It sets a newly created user’s role to regular by default.
  • It allows only the created user to edit, and update its information.
  • All registered users can be retrieved by the admin user.
  1. Roles
  • It ensures that users have a role.
  • It ensures users roles could be admin or regular.
  • It ensures new roles can be created, updated and deleted by an admin user.
  • It returns all roles to an admin user.
  1. Documents
  • It allows new documents to be created/saved by users.
  • It ensures all documents have an access defined (default access is public).
  • It allows only admin users to retrieve all documents regardless of the document access.
  • It ensures ONLY private and public access documents to be retrieved by its owners, along with documents with role access of the user.
  • It ensures only authenticated users can delete, edit and update documents they own.
  • It allows admin to delete any document regardless of the document access level.

API Endpoints

HTTP Verb Endpoint Functionality
POST /users/login Logs a user in and returns a token which should be subsequently used to access authenticated endpoints. request parameters include email and password
POST /users/logout Logs a user out
POST /users/ Creates a new user. Required attributes are firstName, lastName, email, password. If a role is not specified, a defualt role of regular is created
GET /users/ Fetch all registered users (admin privilege required)
GET /users/:id Fetch a user by specific id (admin privilege required). parameter: id of the particular user as url query
PUT /users/:id Update a specific user (by id) attributes. parameter: id of the particular user as url query
DELETE /users/:id Delete a specific user by id. (admin privilege required). parameter: id of the particular user as url query
POST /documents/ Creates a new document instance. Required attributes are title, content and access. If an access is NOT specified, the document is marked public by default
GET /documents/ Fetch all documents (returns all documents based on each document access right and the requesters role)
GET /documents/:id Fectch a specific document by it’s id. parameter: id of the particular document as url query
PUT /documents/:id Update specific document attributes by it’s id. parameter: id of the particular document as url query
DELETE /documents/:id Delete a specific document by it’s id. parameter: id of the particular document as url query
GET /users/:id/documents Find all documents belonging to the specified user. parameter: id of the particular user as url query to get the correponding documents belonging to that user
POST /roles/ Create a new role (admin privilege required)
GET /roles/ Fetches all roles (admin privilege required)
GET /roles/:id Find a role by id (admin privilege required). parameter: id of the particular role as url query
PUT /roles/:id Update role attributes (admin privilege required). parameter: id of the particular role as url query
DELETE /delete/:id Delete role (admin privilege required). parameter: id of the particular role as url query

Sample Requests and Responses

Roles

Endpoints for role API

Get Roles

Request

  • Endpoint: GET: /roles
  • Requires: Authentication and Admin Access Level

Response

  • Status: 200: OK
  • Body (application/json)
    1. [
    2. {
    3.   "id": 1,
    4.   "title": "admin",
    5.   "createdAt": "2017-03-03T13:28:22.003Z",
    6.   "updatedAt": "2017-03-03T13:28:22.003Z"
    7. }
    8. {
    9.   "id": 3,
    10.   "title": "regular",
    11.   "createdAt": "2017-03-03T13:28:22.003Z",
    12.   "updatedAt": "2017-03-03T13:28:22.003Z"
    13. }
    14. ]

Create Role

Request

  • Endpoint: POST: /roles
  • Requires: Authentication and Admin Access Level
  • Body (application/json)
    1. { "title": "supervisor" }

    Response

  • Status: 201: Created
  • Body (application/json)
    1. "role": {
    2.   "id": 3,
    3.   "title": "supervisor",
    4.   "updatedAt": "2017-03-07T15:57:29.019Z",
    5.   "createdAt": "2017-03-07T15:57:29.019Z"
    6. }

Delete Role

Request

  • Endpoint: DELETE: /roles/:id
  • Requires: Authentication and Admin Access Level

Response

  • Status: 200: OK
  • Body (application/json)
    1. {
    2. "success": true,
    3. "message": "Role Successfully deleted from database"
    4. }

Users

Endpoint for Users API.

Create User

Request

  • Endpoint: POST: /users
  • Body (application/json)
    1. {
    2. "username": "uniqueuser",
    3. "firstname": "First Name",
    4. "lastname": "Last Name",
    5. "email": "uniqueuser@unique.com",
    6. "password": "password"
    7. }

Response

  • Status: 201: Created
  • Body (application/json)
    1. {
    2. "success": true,
    3. "message": "User successfully signed up",
    4. "RoleId": 2,
    5. "token": "eyJhbGciOiJIUzI1NiIsInR5cCsdfdfdI6IkpXVCJ9.eyJpZCI6MSwidXNlcm5hbWUiOiJzdXBlcmFkbWluIiwiZmlyc3RuYW1lIjoiRGFyaXVzIiwibGFzdG5hbWUiOiJKYXN0IiwiZW1haWwiOiJvcmViYW40dUB5YWhvby5jby51ayIsImRlcGFydG1lbnRJZCI6MSwiaWF0IjoxNDg4OTA4ODczLCJleHAiOjE0ODg5MTYwNzN9.ou0fzsufXyPNojT1shLa4N2zEuV9rvtPKcrs_amlYrQ",
    6. "expiresIn": "86400"
    7. }

Get Users

Request

  • Endpoint: GET: /users
  • Requires: Authentication and Admin access.

Response

  • Status: 200: OK
  • Body (application/json)
    1. [
    2.   {
    3.     "id": 1,
    4.     "username": "super",
    5.     "firstname": "Sydnie",
    6.     "lastname": "Mitchell"
    7.   },
    8.   {
    9.     "id": 2,
    10.     "username": "cook",
    11.     "firstname": "Louisa",
    12.     "lastname": "Murazik"
    13.   }
    14. ]

Get Single User

Request

  • Endpoint: GET: /users/:id
  • Requires: Authentication

Response

  • Status: 200: OK
  • Body (application/json)
    1. {
    2. "id": 1,
    3. "username": "super",
    4. "firstname": "Sydnie",
    5. "lastname": "Mitchell"
    6. }

Edit User

Request

  • Endpoint: PUT: /users/:id
  • Requires: Authentication and Admin/Owner Access Level
  • Body (application/json)
    1. {
    2. "username": "editeduser",
    3. "firstname": "Edited User",
    4. "lastname": "Edited User",
    5. "email": "editeduser@unique.com",
    6. "password": "password"
    7. }

Response

  • Status: 200: OK
  • Body (application/json)
    1. {
    2.   "id": 9,
    3.   "username": "edited",
    4.   "firstname": "editeduser",
    5.   "lastname": "user",
    6.   "email": "editeduser@admin.com",
    7.   "createdAt": "2017-03-07T16:56:09.880Z",
    8.   "updatedAt": "2017-03-07T17:30:07.385Z"
    9.   }

Delete User

Request

  • Endpoint: DELETE: /user/:id
  • Requires: Authentication and Super Admin Access Level

Response

  • Status: 200: OK
  • Body (application/json)
    1. {
    2. "success": true,
    3. "message": "User Successfully deleted from database"
    4. }

Login

Request

  • Endpoint: POST: users/login
  • Requires: Authentication of User or Admin to gain token for access.
  • Body (application/json)
    1. {
    2. "email": "test@test.com",
    3. "password": "test"
    4. }

Response

  • Status 200: OK
  • Body (application/json)
    1. {
    2. "token": "eyJhbGciOiJIUzI1NiIsInR5cCsdfdfdI6IkpXVCJ9.eyJpZCI6MSwidXNlcm5hbWUiOiJzdXBlcmFkbWluIiwiZmlyc3RuYW1lIjoiRGFyaXVzIiwibGFzdG5hbWUiOiJKYXN0IiwiZW1haWwiOiJvcmViYW40dUB5YWhvby5jby51ayIsImRlcGFydG1lbnRJZCI6MSwiaWF0IjoxNDg4OTA4ODczLCJleHAiOjE0ODg5MTYwNzN9.ou0fzsufXyPNojT1shLa4N2zEuV9rvtPKcrs_amlYrQ",
    3. "expiresIn": "86400"
    4. }

Logout

Request

  • Endpoint: POST: users/logout
  • Requires: Authentication of User or Admin to delete token from localStorage.
  • Body (application/json)

Response

  • Status 200: OK
  • Body (application/json)
    1. {
    2. "success": true,
    3. "message": "User logged out successfully"
    4. }

Documents

Endpoint for Documents.

Create Document

Request

  • Endpoint: POST: /documents
  • Body (application/json)
    1. {
    2. "title": "readmi",
    3. "content": "this is a demo dare to ask for the impossible.",
    4. "access": "public",
    5. "OwnerId": 2
    6. }

Response

  • Status: 201: Created
  • Body (application/json)
    1. {
    2. "success": true,
    3. "message": "Document successfully created",
    4. "document": {
    5.   "id": 8,
    6.   "title": "readmi",
    7.   "content": "this is a demo dare to ask for the impossible.",
    8.   "access": "public",
    9.   "OwnerId": 2,
    10.   "updatedAt": "2017-03-07T18:20:20.929Z",
    11.   "createdAt": "2017-03-07T18:20:20.929Z"
    12. }
    13. }

Get Documents

Request

  • Endpoint: GET: /documents
  • Requires: Authentication

Response

  • Status: 200: OK
  • Body (application/json)
    1. {
    2. "success": true,
    3. "results": [
    4.   {
    5.     "id": 1,
    6.     "title": "Integrated regional info-mediaries",
    7.     "content": "Voluptas et nostrum assumenda ea velit facere molestiae reprehenderit atque. Optio laboriosam harum. Aut ut nemo tenetur. Architecto praesentium aut at. Corrupti totam quo.",
    8.     "OwnerId": 3,
    9.     "access": "public",
    10.     "createdAt": "2017-03-06T12:02:27.902Z"
    11.   },
    12.   {
    13.     "id": 2,
    14.     "title": "we worship forever",
    15.     "content": "Reiciendis voluptate error voluptatem possimus dolores provident neque aut nemo. Ab in quia ut quos ipsum veritatis consequatur alias. Quae aut facilis.",
    16.     "OwnerId": 5,
    17.     "access": "public",
    18.     "createdAt": "2017-03-06T12:02:27.902Z"
    19.   }
    20. ]
    21. }

Get Single Document

Request

  • Endpoint: GET: /documents/:id
  • Requires: Authentication, Admin or user Access for public documents, Admin/Owner access for private documents, admin/role access for role documents

Response

  • Status: 200: OK
  • Body (application/json)
    1. {
    2. "success": true,
    3. "message": "Document found",
    4. "document": {
    5.   "id": 6,
    6.   "title": "Enhanced client-driven focus group",
    7.   "content": "Placeat aspernatur dolores corporis. Ipsum similique maiores quisquam ratione vel.",
    8.   "OwnerId": 3,
    9.   "access": "public",
    10.   "createdAt": "2017-03-06T12:02:27.902Z",
    11.   "updatedAt": "2017-03-06T12:02:27.902Z"
    12. }
    13. }

Edit Document

Request

  • Endpoint: PUT: /documents/:id
  • Requires: Authentication and Super Admin/Owner Access Level
  • Body (application/json)
    1. {
    2. "title": "readmi",
    3. "content": "this is a demo dareasdfasdfsfaf to ask for the impossible.",
    4. "access": "private"
    5. }

Response

  • Status: 200: OK
  • Body (application/json)
    1. {
    2. "id": 6,
    3. "title": "readmi",
    4. "content": "this is a demo dareasdfasdfsfaf to ask for the impossible.",
    5. "access": "private",
    6. "OwnerId": 3,
    7. "createdAt": "2017-03-06T12:02:27.902Z",
    8. "updatedAt": "2017-03-07T18:40:19.108Z"
    9. }

Delete Document

Request

  • Endpoint: DELETE: /documents/:id
  • Requires: Authentication and Admin Access Level or Owner access level

Response

  • Status: 200: OK
  • Body (application/json)
    1. {
    2. "success": true,
    3. "message": "Document has been successfully deleted"
    4. }

Search Documents

Request

  • Endpoint: GET: /documents/?query=searchQuery
  • Requires: Authentication

Response

  • Status: 200: OK
  • Body (application/json)
    1. {
    2. "success": true,
    3. "results": [{
    4.     "id": 1,
    5.     "title": "Integrated regional info-mediaries",
    6.     "content": "Voluptas et nostrum assumenda ea velit facere molestiae reprehenderit atque. Optio laboriosam harum. Aut ut nemo tenetur. Architecto praesentium aut at. Corrupti totam quo.",
    7.     "OwnerId": 3,
    8.     "access": "public",
    9.     "createdAt": "2017-03-06T12:02:27.902Z"
    10.   },
    11.   {
    12.     "id": 2,
    13.     "title": "we worship forever",
    14.     "content": "Reiciendis voluptate error voluptatem possimus dolores provident neque aut nemo. Ab in quia ut quos ipsum veritatis consequatur alias. Quae aut facilis.",
    15.     "OwnerId": 7,
    16.     "access": "public",
    17.     "createdAt": "2017-03-06T12:02:27.902Z"
    18.   }]
    19. }

Get User Documents

Request

  • Endpoint: GET: /users/:UserId/documents/. e.g /users/2/documents
  • Requires: Authentication

Response

  • Status: 200: OK
  • Body (application/json)
    1. [
    2. {
    3.   "id": 1,
    4.   "title": "Integrated regional info-mediaries",
    5.   "content": "Voluptas et nostrum assumenda ea velit facere molestiae reprehenderit atque. Optio laboriosam harum. Aut ut nemo tenetur. Architecto praesentium aut at. Corrupti totam quo.",
    6.   "OwnerId": 2,
    7.   "access": "public",
    8.   "createdAt": "2017-03-06T12:02:27.902Z"
    9. },
    10. {
    11.   "id": 2,
    12.   "title": "we worship forever",
    13.   "content": "Reiciendis voluptate error voluptatem possimus dolores provident neque aut nemo. Ab in quia ut quos ipsum veritatis consequatur alias. Quae aut facilis.",
    14.   "OwnerId": 2,
    15.   "access": "public",
    16.   "createdAt": "2017-03-06T12:02:27.902Z"
    17. }
    18. ]

Contributing

  1. Fork this repository to your GitHub account
  2. Clone the forked repository
  3. Create your feature branch
  4. Commit your changes
  5. Push to the remote branch
  6. Open a Pull Request

Technologies

Technologies Used in the development of this api include the following

  • node.js - evented I/O for the backend
  • [babel-cli] - Babel Command line interface
  • [babel-core] - Babel Core for javascript transpiling
  • [babel-loader] - Adds Babel support to Webpack
  • [babel-preset-es2015] - Babel preset for ES2015
  • [babel-preset-react] - Add JSX support to Babel
  • [babel-preset-react-hmre] - Hot reloading preset for Babel
  • [babel-register] - Register Babel to transpile our Mocha tests]
  • [eslint] - Lints JavaScript
  • [expect] - Assertion library for use with Mocha
  • [express] - Serves development and production builds]
  • mocha - JavaScript testing library
  • npm-run-all - Display results of multiple commands on single command line
  • [webpack] - Bundler with plugin system and integrated development server
  • [webpack-dev-middleware] - Adds middleware support to webpack
  • [webpack-hot-middleware] - Adds hot reloading to webpack

[babel-cli]: https://babeljs.io
[babel-core]: https://babeljs.io
[babel-loader]: https://babeljs.io
[babel-preset-es2015]: https://babeljs.io
[babel-preset-react]: https://babeljs.io
[babel-preset-react-hmre]: https://babeljs.io
[babel-register]: https://babeljs.io
[eslint]: http://eslint.org
[expect]: http://chaijs.com/api/bdd
[express]: http://expressjs.com
mocha: https://mochajs.org

[webpack]: https://webpack.github.io
[webpack-dev-middleware]: https://webpack.github.io
[webpack-hot-middleware]: https://webpack.github.io

LICENSE

© Tomilayo Israel