Merge pull request 'r70_variable_names' (#20 ) from r70_variable_names into development

Reviewed-on: #20 Reviewed-by: jared <jared.busch@polizei.niedersachsen.de>
adjust to renaming of object keys of vorgangItem in list view
2025-07-30 08:56:54 +02:00 · 2025-07-30 08:23:08 +02:00 · 2025-07-29 14:00:11 +02:00 · 2025-07-28 11:39:33 +02:00 · 2025-07-25 14:21:37 +02:00 · 2025-07-25 14:21:23 +02:00
26 changed files with 2090 additions and 251 deletions
--- a/.dockerignore
+++ b/.dockerignore
@@ -1,2 +1,3 @@
 node_modules
-build
+build
 config.json
--- a/.gitignore
+++ b/.gitignore
@@ -1,5 +1,6 @@
 test-results
 node_modules
 config.json
 # Output
 .output
--- a/README.md
+++ b/README.md
@@ -56,4 +56,4 @@ Cases
 - id
 - token
 - name
- pw
+- pin
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@@ -14,7 +14,7 @@
 		"lint": "prettier --check . && eslint .",
 		"test:unit": "vitest",
 		"test": "npm run test:unit -- --run && npm run test:e2e",
-		"init_db": "npx vite-node src/init/init_db.ts"
+		"init-db": "tsx ./src/init/init_db.ts"
 	},
 	"devDependencies": {
 		"@eslint/compat": "^1.2.9",
@@ -25,6 +25,7 @@
 		"@testing-library/jest-dom": "^6.6.3",
 		"@testing-library/svelte": "^5.2.8",
 		"@tsconfig/svelte": "^5.0.4",
 		"@types/better-sqlite3": "^7.6.13",
 		"@types/jsonwebtoken": "^9.0.9",
 		"eslint": "^9.28.0",
 		"eslint-config-prettier": "^10.1.5",
@@ -35,6 +36,7 @@
 		"prettier-plugin-svelte": "^3.4.0",
 		"svelte": "^5.33.18",
 		"svelte-check": "^4.2.1",
 		"tsx": "^4.20.3",
 		"typescript": "^5.8.3",
 		"typescript-eslint": "^8.34.0",
 		"vite": "^6.3.5",
--- a/src/init/init_db.ts
+++ b/src/init/init_db.ts
@@ -10,15 +10,14 @@ let createSQLStmt = `CREATE TABLE IF NOT EXISTS users
 db.exec(createSQLStmt);
 // check if there are any users; if not add one default admin one
-let password = 'pass-123';
+const userPassword = 'pass-123';
-let hashedPassword = new jsSHA('SHA-512', 'TEXT').update(password).getHash('HEX');
+const hashedUserPassword = new jsSHA('SHA-512', 'TEXT').update(userPassword).getHash('HEX');
-
+const checkInsertSQLStmt = `INSERT INTO users (name, pw) SELECT 'admin', '${hashedUserPassword}'
 let checkInsertSQLStmt = `INSERT INTO users (name, pw) SELECT 'admin', '${hashedPassword}'
                    WHERE NOT EXISTS (SELECT * FROM users);`;
 db.exec(checkInsertSQLStmt);
-let usersSQLStmt = `SELECT * FROM USERS`;
+const usersSQLStmt = `SELECT * FROM USERS`;
 let SQLStatement = db.prepare(usersSQLStmt);
 // cases table
@@ -27,11 +26,11 @@ createSQLStmt = `CREATE TABLE IF NOT EXISTS cases
        (id INTEGER PRIMARY KEY AUTOINCREMENT,
        token TEXT NOT NULL UNIQUE,
        name TEXT NOT NULL UNIQUE,
-        pw TEXT NOT NULL)`;
+        pin TEXT NOT NULL)`;
 db.exec(createSQLStmt);
-let casesSQLStmt = `SELECT * FROM cases`;
+const vorgangSQLStmt = `SELECT * FROM cases`;
-SQLStatement = db.prepare(casesSQLStmt);
+SQLStatement = db.prepare(vorgangSQLStmt);
 db.close();
--- a/src/lib/auth.ts
+++ b/src/lib/auth.ts
@@ -1,6 +1,5 @@
 import jwt from 'jsonwebtoken';
 import jsSHA from 'jssha';
 import process from 'process';
 import { db } from '$lib/server/dbService';
 import config from '$lib/config';
@@ -8,7 +7,6 @@ import config from '$lib/config';
 const SECRET = config.jwt.secret;
 const EXPIRES_IN = config.jwt.expiresIn;
 const AUTH = config.auth;
 export function createToken(userData) {
 	return jwt.sign(userData, SECRET, { expiresIn: EXPIRES_IN });
@@ -18,15 +16,15 @@ export function decryptToken(token: string) {
 	return jwt.verify(token, SECRET);
 }
-export function authenticate(user, pass) {
+export function authenticate(user, password) {
 	let JWTToken;
 	// hash user password
-	let hashedPW = new jsSHA('SHA-512', 'TEXT').update(pass).getHash('HEX');
+	const hashedPW = new jsSHA('SHA-512', 'TEXT').update(password).getHash('HEX');
-	let getUserSQLStmt = 'SELECT name, pw FROM users WHERE name = ?';
+	const getUserSQLStmt = 'SELECT name, pw FROM users WHERE name = ?';
 	const row = db.prepare(getUserSQLStmt).get(user);
-	let storedPW = row.pw;
+	const storedPW = row.pw;
 	if (hashedPW && hashedPW === storedPW) {
 		JWTToken = createToken({ id: user, admin: true });
--- a/src/lib/data/tatort.db
+++ b/src/lib/data/tatort.db
--- a/src/lib/helper/getCode.ts
+++ b/src/lib/helper/getCode.ts
@@ -1,10 +0,0 @@
 export default async function get_code(case_no) {
 	let url = `/api/list/${case_no}/casepw`;
 	const response = await fetch(url);
 	if (response.status == 200) {
 		return response.text();
 	} else {
 		return -1;
 	}
 }
--- a/src/lib/helper/vorgangNumberOccupied.ts
+++ b/src/lib/helper/vorgangNumberOccupied.ts
@@ -1,7 +1,7 @@
 import { client } from '$lib/minio';
-export default async function caseNumberOccupied (caseNumber: string): Promise<boolean> {
+export default async function vorgangNumberOccupied (vorgangNumber: string): Promise<boolean> {
-	const prefix = `${caseNumber}`;
+	const prefix = `${vorgangNumber}`;
 	const promise: Promise<boolean> = new Promise((resolve) => {
 		const stream = client.listObjectsV2('tatort', prefix, false, '');
 		stream.on('data', () => {
--- a/src/lib/server/vorgangService.ts
+++ b/src/lib/server/vorgangService.ts
@@ -6,11 +6,11 @@ import { db } from './dbService';
 /**
 * Get Vorgang and corresponend list of tatorte
- * @param caseToken
+ * @param vorgangToken
 * @returns
 */
-export const getCrimesListByToken = async (caseToken: string) => {
+export const getCrimesListByToken = async (vorgangToken: string) => {
-	const prefix = `${caseToken}/`;
+	const prefix = `${vorgangToken}/`;
 	const stream = client.listObjectsV2(BUCKET, prefix, false, '');
@@ -28,46 +28,46 @@ export const getCrimesListByToken = async (caseToken: string) => {
 /**
 * Get Vorgang
- * @param caseToken
+ * @param vorgangToken
- * @returns caseObj with keys `token`, `name`, `pw` || undefined
+ * @returns vorgangObj with keys `token`, `name`, `pin` || undefined
 */
-export const getVorgangByToken = function (caseToken: string) {
+export const getVorgangByToken = (vorgangToken: string): {token: string, name:string, pin: string} | undefined => {
-	let getVorgangSQLStmt = `SELECT token, name, pw FROM cases WHERE token = ?`;
+	const getVorgangSQLStmt = `SELECT token, name, pin FROM cases WHERE token = ?`;
 	const statement = db.prepare(getVorgangSQLStmt);
-	const result = statement.get(caseToken);
+	const result = statement.get(vorgangToken) as {token: string, name:string, pin: string} | undefined;
 	return result;
 };
 /**
 * Get Vorgang
- * @param caseName
+ * @param vorgangName
- * @returns caseObj with keys `token`, `name`, `pw` || undefined
+ * @returns vorgangObj with keys `token`, `name`, `pin` || undefined
 */
-export const getVorgangByName = function (caseName: string) {
+export const getVorgangByName = (vorgangName: string): {token: string, name: string, pin: string} | undefined => {
-	let getVorgangByNameSQLStmt = `SELECT token, name, pw FROM cases WHERE name = ?`;
+	const getVorgangByNameSQLStmt = `SELECT token, name, pin FROM cases WHERE name = ?`;
 	const statement = db.prepare(getVorgangByNameSQLStmt);
-	const result = statement.get(caseName);
+	const result = statement.get(vorgangName) as {token: string, name: string, pin: string} | undefined;
 	return result;
 };
 /**
 * Delete Vorgang
- * @param caseToken
+ * @param vorgangToken
 * @returns int: number of changes
 */
-export const deleteVorgangByToken = function (caseToken: string) {
+export const deleteVorgangByToken = function (vorgangToken: string) {
-	let deleteSQLStmt = 'DELETE FROM cases WHERE token = ?';
+	const deleteSQLStmt = 'DELETE FROM cases WHERE token = ?';
 	const statement = db.prepare(deleteSQLStmt);
-	const info = statement.run(caseToken);
+	const info = statement.run(vorgangToken);
 	return info.changes;
 };
 /**
 * Fetches list of vorgänge from s3 bucket
- * @returns list of available cases
+ * @returns list of available vorgaenge
 */
 export const getListOfVorgänge = async () => {
 	const stream = client.listObjectsV2(BUCKET, '', false, '');
@@ -86,15 +86,15 @@ export const getListOfVorgänge = async () => {
 /**
 * Fetches list of vorgänge from database
- * @returns list with of available cases
+ * @returns list with of available vorgaenge
 */
-export const getVorgaenge = function () {
+export const getVorgaenge = (): {vorgangToken: string, vorgangName: string, vorgangPIN: string}[] => {
-	let getVorgaengeSQLStmt = `SELECT token, name, pw from cases`;
+	const getVorgaengeSQLStmt = `SELECT token, name, pin from cases`;
 	const statement = db.prepare(getVorgaengeSQLStmt);
-	const result = statement.all();
+	const result = statement.all() as { token: string; name: string; pin: string }[];
-	const vorgaenge_list = [];
+	const vorgaenge_list: {vorgangToken: string, vorgangName: string, vorgangPIN: string}[] = [];
-	for (const r of result) {
+	for (const resultItem of result) {
-		const vorg = { token: r.token, name: r.name, pw: r.pw };
+		const vorg = { vorgangToken: resultItem.token, vorgangName: resultItem.name, vorgangPIN: resultItem.pin };
 		vorgaenge_list.push(vorg);
 	}
@@ -106,19 +106,19 @@ export const getVorgaenge = function () {
 * @param request
 * @returns fail or true
 */
-export const checkIfVorgangExists = async (caseId: string | null) => {
+export const checkIfVorgangExists = async (vorgangId: string | null) => {
-	if (!caseId) {
+	if (!vorgangId) {
 		return fail(400, {
 			success: false,
-			caseId,
+			vorgangId,
 			error: { message: 'Die Vorgangsnummer darf nicht leer sein.' }
 		});
 	}
-	if (typeof caseId === 'string' && !(await checkIfExactDirectoryExists(caseId))) {
+	if (typeof vorgangId === 'string' && !(await checkIfExactDirectoryExists(vorgangId))) {
 		return fail(400, {
 			success: false,
-			caseId,
+			vorgangId,
 			error: { message: 'Die Vorgangsnummer existiert in dieser Anwendung nicht.' }
 		});
 	}
@@ -126,42 +126,42 @@ export const checkIfVorgangExists = async (caseId: string | null) => {
 	return true;
 };
-export const vorgangExists = function (caseToken: string | null) {
+export const vorgangExists = function (vorgangToken: string | null) {
-	if (!caseToken) {
+	if (!vorgangToken) {
 		return fail(400, {
 			success: false,
-			caseId: caseToken,
+			vorgangId: vorgangToken,
 			error: { message: 'Die Vorgangsnummer darf nicht leer sein.' }
 		});
 	}
-	let vorgaenge = getVorgaenge();
+	const vorgaenge = getVorgaenge();
-	const vorgaenge_tokens = vorgaenge.map((vorg) => vorg.token);
+	const vorgaengeTokens = vorgaenge.map((vorgang) => vorgang.vorgangToken);
-	const found = vorgaenge_tokens.indexOf(caseToken) != -1;
+	const found = vorgaengeTokens.indexOf(vorgangToken) != -1;
 	return found;
 };
-export const vorgangNameExists = function (caseName: string) {
+export const vorgangNameExists = (vorgangName: string) => {
-	let vorgaenge = getVorgaenge();
+	const vorgaenge = getVorgaenge();
-	const vorgaengeNames = vorgaenge.map((vorg) => vorg.name);
+	const vorgaengeNames = vorgaenge.map((vorgang) => vorgang.vorgangName);
-	const found = vorgaengeNames.indexOf(caseName) != -1;
+	const found = vorgaengeNames.indexOf(vorgangName) != -1;
 	return found;
 };
-export const hasValidToken = async (caseId: string, caseToken: string) => {
+export const hasValidToken = async (vorgangId: string, vorgangToken: string) => {
-	const objPath = `${caseId}/${TOKENFILENAME}`;
+	const objPath = `${vorgangId}/${TOKENFILENAME}`;
 	try {
-		if (!caseToken) {
+		if (!vorgangToken) {
 			return false;
 		}
 		const token = await getContentOfTextObject(BUCKET, objPath);
-		if (!token || token !== caseToken) {
+		if (!token || token !== vorgangToken) {
 			return false;
 		}
@@ -174,14 +174,14 @@ export const hasValidToken = async (caseId: string, caseToken: string) => {
 	}
 };
-export const passwordValid = function (caseToken, casePassword) {
+export const vorgangPINValidation = function (vorgangToken: string, vorgangPIN: string) {
-	if (!casePassword) {
+	if (!vorgangPIN) {
 		return false;
 	}
-	const vorg = getVorgangByToken(caseToken);
+	const vorgang = getVorgangByToken(vorgangToken);
-	if (!vorg || vorg.pw !== casePassword) {
+	if (!vorgang || vorgang.pin !== vorgangPIN) {
 		return false;
 	}
--- a/src/routes/(angemeldet)/list/+page.server.ts
+++ b/src/routes/(angemeldet)/list/+page.server.ts
@@ -1,11 +1,10 @@
-import { getListOfVorgänge, getVorgaenge } from '$lib/server/vorgangService';
+import { getVorgaenge } from '$lib/server/vorgangService';
 import type { PageServerLoad } from '../../(token-based)/view/$types';
 export const load: PageServerLoad = async () => {
-	// const caseList = await getListOfVorgänge();
+	const vorgangList = await getVorgaenge();
 	const caseList = getVorgaenge();
 	return {
-		caseList
+		vorgangList
 	};
 };
--- a/src/routes/(angemeldet)/list/+page.svelte
+++ b/src/routes/(angemeldet)/list/+page.svelte
@@ -5,7 +5,7 @@
 	export let data: PageData;
-	const caseList = data.caseList;
+	const vorgangList = data.vorgangList;
 	async function delete_item(ev: Event) {
 		let delete_item = window.confirm('Bist du sicher?');
@@ -44,20 +44,20 @@
 	</div>
 	<div class="mx-auto flex justify-center max-w-7xl h-full">
 		<ul role="list" class="divide-y divide-gray-100">
-			{#each caseList as item}
+			{#each vorgangList as vorgangItem}
 				<li>
-					<a href="/list/{item.token}?pw={item.pw}" class="flex justify-between gap-x-6 py-5">
+					<a href="/list/{vorgangItem.vorgangToken}?pin={vorgangItem.vorgangPIN}" class="flex justify-between gap-x-6 py-5">
 						<div class="flex gap-x-4">
 							<!-- Ordner -->
 							<Folder />
 							<div class="min-w-0 flex-auto">
-								<span class="text-sm font-semibold leading-6 text-gray-900">{item.name}</span>
+								<span class="text-sm font-semibold leading-6 text-gray-900">{vorgangItem.vorgangName}</span>
 								<!-- Delete button -->
 								<button
 									style="padding: 2px"
-									id="del__{item.token}"
+									id="del__{vorgangItem.vorgangToken}"
 									on:click|preventDefault={delete_item}
-									aria-label="Vorgang {item.name} löschen"
+									aria-label="Vorgang {vorgangItem.name} löschen"
 								>
 									<Trash />
 								</button>
--- a/src/routes/(angemeldet)/tatorte/+page.server.ts
+++ b/src/routes/(angemeldet)/tatorte/+page.server.ts
@@ -1,34 +1,34 @@
 import { client } from '$lib/minio';
 import { fail } from '@sveltejs/kit';
-import caseNumberOccupied from '$lib/helper/caseNumberOccupied';
+import vorgangNumberOccupied from '$lib/helper/vorgangNumberOccupied.js';
 /** @type {import('./$types').Actions} */
 export const actions = {
 	default: async ({ request }: {request: Request}) => {
 		const data = await request.formData();
-		const caseNumber = data.get('caseNumber');
+		const vorgangNumber = data.get('vorgangNumber');
 		const description = data.get('description');
-		if (!caseNumber) {
+		if (!vorgangNumber) {
 			return fail(400, {
-				caseNumber,
+				vorgangNumber,
 				description,
-				error: { caseNumber: 'Es muss eine Vorgangsnummer vorhanden sein.' }
+				error: { vorgangNumber: 'Es muss eine Vorgangsnummer vorhanden sein.' }
 			});
 		}
-		if (await caseNumberOccupied(`${caseNumber}`)) {
+		if (await vorgangNumberOccupied(`${vorgangNumber}`)) {
 			return fail(400, {
-				caseNumber,
+				vorgangNumber,
 				description,
-				error: { caseNumber: 'Die Vorgangsnummer wurde im System bereits angelegt.' }
+				error: { vorgangNumber: 'Die Vorgangsnummer wurde im System bereits angelegt.' }
 			});
 		}
-		const config = `${JSON.stringify({ caseNumber, description, version: 1 })}\n`;
+		const config = `${JSON.stringify({ vorgangNumber, description, version: 1 })}\n`;
-		await client.putObject('tatort', `${caseNumber}/config.json`, config, undefined, {
+		await client.putObject('tatort', `${vorgangNumber}/config.json`, config, undefined, {
 			'Content-Type': 'application/json'
 		});
--- a/src/routes/(angemeldet)/tatorte/+page.svelte
+++ b/src/routes/(angemeldet)/tatorte/+page.svelte
@@ -27,9 +27,9 @@
 				<div class="mt-10 grid grid-cols-1 gap-x-6 gap-y-8">
 					<div>
-						<label for="caseNumber" class="block text-sm font-medium leading-6 text-gray-900"
+						<label for="vorgangNumber" class="block text-sm font-medium leading-6 text-gray-900"
 							><span class="flex"
-								>{#if form?.error?.caseNumber}
+								>{#if form?.error?.vorgangNumber}
 									<span class="inline-block mr-1"><Exclamation /></span>
 								{/if} Vorgangs-Nr.</span
 							></label
@@ -39,16 +39,16 @@
 								class="flex rounded-md shadow-sm ring-1 ring-inset ring-gray-300 focus-within:ring-2 focus-within:ring-inset focus-within:ring-indigo-600"
 							>
 								<input
-									value={form?.caseNumber ?? ''}
+									value={form?.vorgangNumber ?? ''}
 									type="text"
-									name="caseNumber"
+									name="vorgangNumber"
-									id="caseNumber"
+									id="vorgangNumber"
 									class="block flex-1 border-0 bg-transparent py-1.5 pl-1 text-gray-900 placeholder:text-gray-400 focus:ring-0 text-sm leading-6"
 								/>
 							</div>
 						</div>
-						{#if form?.error?.caseNumber}
+						{#if form?.error?.vorgangNumber}
-							<p class="block text-sm leading-6 text-red-900 mt-2">{form.error.caseNumber}</p>
+							<p class="block text-sm leading-6 text-red-900 mt-2">{form.error.vorgangNumber}</p>
 						{/if}
 					</div>
@@ -74,8 +74,8 @@
 						{/if}
 					</div>
-					<label for="code">
+					<label for="vorgang-token">
-					<span >Zugangscode (optional) </span>
+					<span >Zugangstoken (optional) </span>
 					</label>
 					<div class="mt-2">
@@ -83,7 +83,7 @@
 					>
 						<input
 							type="text"
-							id="code"
+							id="vorgang-token"
 						/>
 					</div>
 					</div>
--- a/src/routes/(angemeldet)/upload/+page.server.ts
+++ b/src/routes/(angemeldet)/upload/+page.server.ts
@@ -17,36 +17,31 @@ const isRequiredFieldValid = (value: unknown) => {
 export const actions = {
 	url: async ({ request }: { request: Request }) => {
 		const data = await request.formData();
-		const caseName = data.get('vorgang');
+		const vorgangName = data.get('vorgang');
 		const crimeName = data.get('name');
 		const type = data.get('type');
-		const password = data.get('password');
+		const vorgangPIN = data.get('vorgangPIN');
 		const fileName = data.get('fileName');
-		// store case in database
+		const vorgangExists = vorgangNameExists(vorgangName);
-		// skip if Vorgang exists and token not changed
+		let vorgangToken;
 		const vorgangExists = vorgangNameExists(caseName);
 		let token;
 		if (!vorgangExists) {
-			token = uuidv4();
+			vorgangToken = uuidv4();
-			let insertSQLStatement = `INSERT INTO cases (token, name, pw) VALUES (?, ?, ?)`;
+			const insertSQLStatement = `INSERT INTO cases (token, name, pin) VALUES (?, ?, ?)`;
 			const statement = db.prepare(insertSQLStatement);
-			statement.run(token, caseName, password);
+			statement.run(vorgangToken, vorgangName, vorgangPIN);
 		} else {
-			// vorgang exists
+			const vorgang = getVorgangByName(vorgangName);
-			// check if PW was changed, and update DB if it was
+			vorgangToken = vorgang.token;
-			const vorg = getVorgangByName(caseName);
+			if (vorgang && vorgang.pin != vorgangPIN) {
-			token = vorg.token;
+				const updateSQLStmt = `UPDATE cases SET pin = ? WHERE name = ?`;
 			if (vorg.pw != password) {
 				let updateSQLStmt = `UPDATE cases SET pw = ? WHERE name = ?`;
 				const statement = db.prepare(updateSQLStmt);
-				statement.run(password, vorg);
+				statement.run(vorgangPIN, vorgang);
 			}
 		}
-		let objectName = `${token}/${crimeName}`;
+		let objectName = `${vorgangToken}/${crimeName}`;
 		switch (type) {
 			case 'image/png':
 				if (!objectName.endsWith('.png')) objectName += '.png';
@@ -65,24 +60,27 @@ export const actions = {
 		const data = Object.fromEntries(requestData);
 		const vorgang = data.vorgang;
 		const name = data.name;
-		const password = data.password;
+		const vorgangPIN = data.vorgangPIN;
 		let success = true;
 		const err = {};
-		if (isRequiredFieldValid(vorgang)) err.vorgang = null;
+		if (isRequiredFieldValid(vorgang)) {
-		else {
+			err.vorgang = null;
 		} else {
 			err.vorgang = 'Das Feld Vorgang darf nicht leer bleiben.';
 			success = false;
 		}
-		if (isRequiredFieldValid(name)) err.name = null;
+		if (isRequiredFieldValid(name)) {
-		else {
+			err.name = null;
 		} else {
 			err.name = 'Das Feld Name darf nicht leer bleiben.';
 			success = false;
 		}
-		if (isRequiredFieldValid(password)) err.password = null;
+		if (isRequiredFieldValid(vorgangPIN)) {
-		else {
+			err.vorgangPIN = null;
-			err.password = 'Das Feld Zugangspasswort darf nicht leer bleiben.';
+		} else {
 			err.vorgangPIN = 'Das Feld Zugangspasswort darf nicht leer bleiben.';
 			success = false;
 		}
--- a/src/routes/(angemeldet)/upload/+page.svelte
+++ b/src/routes/(angemeldet)/upload/+page.svelte
@@ -15,20 +15,20 @@
 	let open = false;
 	let inProgress = false;
 	let vorgang = '';
-	const code_len = 8;
+	const PINLength = 8;
-	function generatePassword() {
+	function generatePIN() {
 		return Math.random()
-		.toString(36)
+			.toString(36)
-		.slice(2, 2 + code_len);
+			.slice(2, 2 + PINLength);
 	}
-	let zugangspasswort = ''
+	let vorgangPIN = '';
-	let zugangspasswordOld = ''
+	let vorgangPINOld = '';
-	$: zugangspasswordOld = generatePassword();
+	$: vorgangPINOld = generatePIN();
-	$: zugangspasswort = zugangspasswordOld
+	$: vorgangPIN = vorgangPINOld;
-	let caseExisting = undefined;
+	let vorgangExists = undefined;
-	$: caseExisting = false;
+	$: vorgangExists = false;
 	let name = '';
 	let etag: string | null = null;
@@ -36,13 +36,13 @@
 	$: inProgress = form === null;
-	let formErrors: Record<string,any> | null;
+	let formErrors: Record<string, any> | null;
 	async function validateForm() {
 		let data = new FormData();
 		data.append('vorgang', vorgang);
 		data.append('name', name);
-		data.append('password', zugangspasswort);
+		data.append('vorgangPIN', vorgangPIN);
 		const response = await fetch('?/validate', { method: 'POST', body: data });
 		/** @type {import('@sveltejs/kit').ActionResult} */
 		const result = deserialize(await response.text());
@@ -71,7 +71,7 @@
 		let data = new FormData();
 		data.append('vorgang', vorgang);
 		data.append('name', name);
-		data.append('password', zugangspasswort);
+		data.append('vorgangPIN', vorgangPIN);
 		if (files?.length === 1) {
 			data.append('type', files[0].type);
 			data.append('fileName', files[0].name);
@@ -139,6 +139,7 @@
 		// big endian!
 		let file = files[0];
 		let file_header = file.slice(0, 4);
 		console.log(file_header);
 		let header_bytes = await file_header.bytes();
 		let file_header_hex = '0x' + header_bytes.toHex().toString();
@@ -151,37 +152,40 @@
 	}
 	// `/(angemeldet)/view` return true or false
-	async function caseExists(caseName: string) {
+	async function checkVorgangExists(vorgangName: string) {
-
+		if (vorgangName == '') {
-		if (caseName == '') {
+			vorgangPIN = vorgangPINOld;
 			zugangspasswort = zugangspasswordOld;
 			return;
 		}
-		let url = `/api/list/${caseName}`
+		try {
 			const url = `/api/list/${vorgangName}`;
 			const response = await fetch(url, { method: 'HEAD' });
-		const response = await fetch(url, { method: 'HEAD'});
+			if (response.status === 200) {
-		const status = response.status;
+				console.log('Vorgang existiert:', vorgangName);
-
+				vorgangExists = true;
-		if (status == 200) {
+				const token = await getVorgangPIN(vorgangName);
-			caseExisting = true;
+				vorgangPIN = token;
-			const passwort = await getPassword(caseName);
+				return true;
-			zugangspasswort = passwort;
+			} else {
-
+				console.log('Vorgang existiert nicht!');
-			return true
+				vorgangExists = false;
-
+				vorgangPIN = vorgangPINOld;
-		} else {
+				return false;
-			caseExisting = false;
+			}
-			zugangspasswort = zugangspasswordOld;
+		} catch (err) {
-			return false
+			console.error('Fehler bei checkVorgangExists:', err);
 			vorgangExists = false;
 			vorgangPIN = vorgangPINOld;
 			return false;
 		}
 	}
-	async function getPassword(caseName: string) {
+	async function getVorgangPIN(vorgangName: string) {
 		if (vorgangName == '') return;
-		if (caseName == '') return;
+		let url = `/api/list/${vorgangName}/vorgangPIN`;
 		let url = `/api/list/${caseName}/casepw`;
 		const response = await fetch(url);
 		if (response.status == 200) {
@@ -190,7 +194,6 @@
 			return -1;
 		}
 	}
 </script>
 <div class="mx-auto max-w-2xl">
@@ -211,7 +214,7 @@
 							><span class="flex"
 								>{#if formErrors?.vorgang}
 									<span class="inline-block mr-1"><Exclamation /></span>
-								{/if} Vorgang</span
+								{/if} Vorgangsname</span
 							></label
 						>
 						<div class="mt-2">
@@ -225,14 +228,14 @@
 									id="vorgang"
 									autocomplete={vorgang}
 									class="block flex-1 border-0 bg-transparent py-1.5 pl-1 text-gray-900 placeholder:text-gray-400 focus:ring-0 sm:text-sm sm:leading-6"
-									on:input={() => caseExists(vorgang)}
+									on:input={() => checkVorgangExists(vorgang)}
 								/>
 							</div>
 						</div>
 						{#if formErrors?.vorgang}
 							<p class="block text-sm leading-6 text-red-900 mt-2">{formErrors.vorgang}</p>
 						{/if}
-						{#if caseExisting && vorgang.length > 0}
+						{#if vorgangExists && vorgang.length > 0}
 							<span>Datei wird zum existierenden Vorgang hinzugefügt.</span>
 						{:else if vorgang.length > 0}
 							<span>Neuer Vorgang wird angelegt.</span>
@@ -241,10 +244,10 @@
 					<div>
 						<label for="name" class="block text-sm font-medium leading-6 text-gray-900"
-						><span class="flex"
+							><span class="flex"
-							>{#if formErrors?.name}
+								>{#if formErrors?.name}
 									<span class="inline-block mr-1"><Exclamation /></span>
-								{/if} Name</span
+								{/if} Modellname</span
 							></label
 						>
 						<div class="mt-2">
@@ -267,11 +270,11 @@
 					</div>
 					<div>
-						<label for="zugangscode" class="block text-sm font-medium leading-6 text-gray-900"
+						<label for="vorgang-pin" class="block text-sm font-medium leading-6 text-gray-900"
 							><span class="flex"
-								>{#if formErrors?.zugangscode}
+								>{#if formErrors?.vorgangPIN}
 									<span class="inline-block mr-1"><Exclamation /></span>
-								{/if} Zugangscode</span
+								{/if} Zugangs-PIN</span
 							></label
 						>
 						<div class="mt-2">
@@ -279,25 +282,28 @@
 								class="flex rounded-md shadow-sm ring-1 ring-inset ring-gray-300 focus-within:ring-2 focus-within:ring-inset focus-within:ring-indigo-600"
 							>
 								<input
-									bind:value={zugangspasswort}
+									bind:value={vorgangPIN}
 									type="text"
-									name="zugangscode"
+									name="vorgang-pin"
-									id="zugangscode"
+									id="vorgang-pin"
-									on:input="{ (ev) => { zugangspasswordOld = ev.target.value }}"
+									on:input={(ev) => {
 										vorgangPINOld = ev.target.value;
 									}}
 									class="block flex-1 border-0 bg-transparent py-1.5 pl-1 text-gray-900 placeholder:text-gray-400 focus:ring-0 sm:text-sm sm:leading-6"
 								/>
 							</div>
 							<button
-							class="rounded-md bg-blue-500 px-3 py-2 text-sm font-semibold text-white shadow-sm hover:bg-indigo-500 focus-visible:outline focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-indigo-600"
+								class="rounded-md bg-blue-500 px-3 py-2 text-sm font-semibold text-white shadow-sm hover:bg-indigo-500 focus-visible:outline focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-indigo-600"
-							on:click="{() => {
+								on:click={() => {
-							zugangspasswort = zugangspasswordOld = generatePassword(); }}"
+									vorgangPIN = vorgangPINOld = generatePIN();
-							type="button">
+								}}
-								Generiere Zugangscode
+								type="button"
 							>
 								Generiere Zugangs-PIN
 							</button>
 						</div>
-						{#if formErrors?.code}
+						{#if formErrors?.vorgangPIN}
-							<p class="block text-sm leading-6 text-red-900 mt-2">{formErrors.code}</p>
+							<p class="block text-sm leading-6 text-red-900 mt-2">{formErrors.vorgangPIN}</p>
 						{/if}
 					</div>
--- a/src/routes/(token-based)/+layout.server.ts
+++ b/src/routes/(token-based)/+layout.server.ts
@@ -1,7 +1,5 @@
 import {
-	checkIfVorgangExists,
+	vorgangPINValidation,
 	hasValidToken,
 	passwordValid,
 	vorgangExists
 } from '$lib/server/vorgangService';
 import { redirect } from '@sveltejs/kit';
@@ -14,11 +12,11 @@ export const load: PageServerLoad = async ({ params, url, locals }) => {
 		};
 	}
-	const caseToken = params.vorgang;
+	const vorgangToken = params.vorgang;
-	const casePassword = url.searchParams.get('pw');
+	const vorgangPIN = url.searchParams.get('pin');
-	const isVorgangValid = vorgangExists(caseToken);
+	const isVorgangValid = vorgangExists(vorgangToken);
-	const isPasswordValid = passwordValid(caseToken, casePassword);
+	const isVorgangPINValid = vorgangPINValidation(vorgangToken, vorgangPIN);
-	if (!isVorgangValid || !isPasswordValid) throw redirect(303, `/anmeldung?vorgang=${caseToken}`);
+	if (!isVorgangValid || !isVorgangPINValid) throw redirect(303, `/anmeldung?vorgang=${vorgangToken}`);
 };
--- a/src/routes/(token-based)/list/[vorgang]/+page.server.ts
+++ b/src/routes/(token-based)/list/[vorgang]/+page.server.ts
@@ -2,15 +2,15 @@ import { getVorgangByToken, getCrimesListByToken } from '$lib/server/vorgangServ
 import type { PageServerLoad } from './$types';
 export const load: PageServerLoad = async ({ params, url }) => {
-	const caseToken = params.vorgang;
+	const vorgangToken = params.vorgang;
-	const casePassword = url.searchParams.get('pw');
+	const vorgangPIN = url.searchParams.get('pin');
-	const crimesList = await getCrimesListByToken(caseToken);
+	const crimesList = await getCrimesListByToken(vorgangToken);
-	const vorgang = getVorgangByToken(caseToken);
+	const vorgang = getVorgangByToken(vorgangToken);
 	return {
 		crimesList,
-		casePassword,
+		vorgangPIN,
 		vorgang
 	};
 };
--- a/src/routes/(token-based)/list/[vorgang]/+page.svelte
+++ b/src/routes/(token-based)/list/[vorgang]/+page.svelte
@@ -28,7 +28,7 @@
 	const vorgang = data.vorgang;
 	const crimesList: ListItem[] = data.crimesList;
-	const password: string = data.casePassword;
+	const vorgangPIN: string = data.vorgangPIN;
 	let open = false;
 	$: open;
@@ -143,7 +143,7 @@
 	<div class="flex flex-col items-center justify-center w-full">
 		<h1 class="text-xl">Vorgang {vorgang.name}</h1>
 		{#if data?.user?.admin}
-		Zugangspasswort: {vorgang.pw}
+		Zugangs-PIN: {vorgang.pin}
 		<Button on:click={() => setClipboard($page.url.toString().split('?')[0])}>Copy Link</Button>
 		{/if}
 	</div>
@@ -152,7 +152,7 @@
 			{#each crimesList as item, i}
 				<li>
 					<a
-						href="/view/{$page.params.vorgang}/{item.name}?pw={password}"
+						href="/view/{$page.params.vorgang}/{item.name}?pin={vorgangPIN}"
 						class=" flex justify-between gap-x-6 py-5"
 						aria-label="zum 3D-modell"
 					>
--- a/src/routes/(token-based)/view/+page.server.ts
+++ b/src/routes/(token-based)/view/+page.server.ts
@@ -3,9 +3,9 @@ import { redirect } from '@sveltejs/kit';
 export const actions = {
 	default: async ({request}: {request: Request}) => {
 		const data = await request.formData();
-		const caseId = data.get('case-id');
+		const vorgangId = data.get('vorgang-id');
-		const caseToken = data.get('case-token');
+		const vorgangToken = data.get('vorgang-token');
-		if( caseId && caseToken) throw redirect(303, `/list/${caseId}?token=${caseToken}`);
+		if( vorgangId && vorgangToken) throw redirect(303, `/list/${vorgangId}?token=${vorgangToken}`);
 	} 
 }
--- a/src/routes/(token-based)/view/+page.svelte
+++ b/src/routes/(token-based)/view/+page.svelte
@@ -16,19 +16,19 @@
 	</p>
 	<form method="POST">
 		<BaseInputField
-			id="case-id"
+			id="vorgang-id"
-			name="case-id"
+			name="vorgang-id"
 			label="Vorgangskennung"
 			type="text"
-			value={form?.caseId}
+			value={form?.vorgangId}
 		/>
 		<div class="mt-5">
 			<BaseInputField
-				id="case-token"
+				id="vorgang-token"
-				name="case-token"
+				name="vorgang-token"
-				label="Zugangscode"
+				label="Zugangstoken"
 				type="text"
-				value={form?.token}
+				value={form?.vorgangToken}
 				error={form?.error?.message}
 			/>
 		</div>
--- a/src/routes/anmeldung/+page.server.ts
+++ b/src/routes/anmeldung/+page.server.ts
@@ -6,13 +6,11 @@ export const actions = {
 	logout: (event) => logoutUser(event),
 	getVorgangByToken: async ({ request }) => {
 		const data = await request.formData();
-		const caseToken = data.get('case-token');
+		const vorgangToken = data.get('vorgang-token');
-		const casePassword = data.get('case-password');
+		const vorgangPIN = data.get('vorgang-pin');
-		console.log(`+++ ${caseToken} + ${casePassword}`);
+		if (!vorgangToken || !vorgangPIN) return;
-		if (!caseToken || !casePassword) return;
+		throw redirect(303, `/list/${vorgangToken}?pin=${vorgangPIN}`);
 		throw redirect(303, `/list/${caseToken}?pw=${casePassword}`);
 	}
 } as const;
--- a/src/routes/anmeldung/+page.svelte
+++ b/src/routes/anmeldung/+page.svelte
@@ -29,19 +29,19 @@
 			<div class="mt-10">
 				<form action="?/getVorgangByToken" method="POST">
 					<BaseInputField
-						id="case-token"
+						id="vorgang-token"
-						name="case-token"
+						name="vorgang-token"
 						label="Vorgangskennung"
 						type="text"
 						value={vorgangToken}
 					/>
 					<div class="mt-5">
 						<BaseInputField
-							id="case-password"
+							id="vorgang-pin"
-							name="case-password"
+							name="vorgang-pin"
-							label="Zugangspasswort"
+							label="Zugangs-PIN"
 							type="text"
-							value={form?.password}
+							value={form?.vorgangPIN}
 							error={form?.error?.message}
 						/>
 					</div>
--- a/src/routes/api/list/[vorgang]/+server.ts
+++ b/src/routes/api/list/[vorgang]/+server.ts
@@ -1,11 +1,5 @@
 import { client } from '$lib/minio';
-import { db } from '$lib/server/dbService';
+import { deleteVorgangByToken, vorgangNameExists } from '$lib/server/vorgangService';
 import {
 	deleteVorgangByToken,
 	getVorgangByToken,
 	getVorgangByName,
 	vorgangNameExists
 } from '$lib/server/vorgangService';
 export async function DELETE({ params }) {
 	const vorgangToken = params.vorgang;
@@ -32,13 +26,15 @@ export async function DELETE({ params }) {
 }
 export async function HEAD({ params }) {
-	const vorgangName = params.vorgang;
+	try {
 		const vorgangName = params.vorgang;
 		const existing = vorgangNameExists(vorgangName);
-	const existing = vorgangNameExists(vorgangName);
+		return new Response(null, {
-
+			status: existing ? 200 : 404
-	if (existing) {
+		});
-		return new Response(null, { status: 200 });
+	} catch (err) {
-	} else {
+		console.error('Fehler im HEAD-Handler:', err);
-		return new Response(null, { status: 404 });
+		return new Response(null, { status: 500 });
 	}
 }
--- a/src/routes/api/list/[vorgang]/vorgangPIN/+server.ts
+++ b/src/routes/api/list/[vorgang]/vorgangPIN/+server.ts
@@ -4,12 +4,12 @@ import { db } from '$lib/server/dbService';
 export async function GET({ params }) {
 	const vorgangName = params.vorgang;
-	let getCodeSQLStatement = `SELECT pw FROM cases WHERE name = ?;`;
+	const getPINSQLStatement = `SELECT pin FROM cases WHERE name = ?;`;
-	const row = db.prepare(getCodeSQLStatement).get(vorgangName);
+	const row = db.prepare(getPINSQLStatement).get(vorgangName);
-	let password = row.pw;
+	const vorgangPIN = row?.pin;
-	if (password) {
+	if (vorgangPIN) {
-		return new Response(password, { status: 200 });
+		return new Response(vorgangPIN, { status: 200 });
 	} else {
 		return new Response(null, { status: 404 });
 	}
Author	SHA1	Message	Date
jared	0f2cf87a78	Merge pull request 'r70_variable_names' (#20 ) from r70_variable_names into development Some checks failed InnoHub Processor/tatort/pipeline/head There was a failure building this commit Details Reviewed-on: #20 Reviewed-by: jared <jared.busch@polizei.niedersachsen.de>	2025-07-30 08:56:54 +02:00
Chi Cong Tran	1fd6cb3ab3	adjust to renaming of object keys of vorgangItem in list view	2025-07-30 08:23:08 +02:00
Chi Cong Tran	d402282efe	minor adjustments: pin parameter, async and await functions	2025-07-29 14:00:11 +02:00
Jared	dfa5c9ade1	revised init db pw to pin, and check name routine	2025-07-28 11:39:33 +02:00
Jared	4406a86f44	renaming pw to vorgangPIN, case to vorgang, password to vorgangToken	2025-07-25 14:21:37 +02:00
Jared	08d83c9ed4	renaming pw to vorgangPIN, case to vorgang, password to vorgangToken	2025-07-25 14:21:23 +02:00