innohub/tatort
7
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: innohub:b8e50316693fd43b987d10efe3448ffe5d2af082
Branches Tags
innohub:main innohub:development innohub:f117_remaining_test_todos
innohub:archive/f03_remote innohub:archive/f03_temp_Chico-lokal
...
compare: innohub:bd9275c378220fb0a40f19f5d5aafeac16070a06
Branches Tags
innohub:main innohub:development innohub:f117_remaining_test_todos
innohub:archive/f03_remote innohub:archive/f03_temp_Chico-lokal

3 Commits
b8e5031669 ... bd9275c378

Author SHA1 Message Date
Chi Cong Tran
bd9275c378 refactoring part 3: delete function of vorgang uses caseToken 2025-07-17 08:23:13 +02:00
Chi Cong Tran
143bb128a5 refactoring part 2: mainly consolidation of token, ids and passwort 2025-07-17 08:09:17 +02:00
Chi Cong Tran
34d5034a71 refactoring part 1: camelcase naming, token vs pw naming 2025-07-16 09:39:02 +02:00
13 changed files with 152 additions and 152 deletions
Expand all files Collapse all files

28
src/init/init_db.js
View File

@@ -3,42 +3,42 @@ import jsSHA from 'jssha';
const db = new Database('./src/lib/data/tatort.db'); const db = new Database('./src/lib/data/tatort.db');
let create_stmt = `CREATE TABLE IF NOT EXISTS users let createSQLStmt = `CREATE TABLE IF NOT EXISTS users
(id INTEGER PRIMARY KEY AUTOINCREMENT, (id INTEGER PRIMARY KEY AUTOINCREMENT,
name TEXT NOT NULL, name TEXT NOT NULL,
pw TEXT NOT NULL)`; pw TEXT NOT NULL)`;
db.exec(create_stmt); db.exec(createSQLStmt);
// check if there are any users; if not add one default admin one // check if there are any users; if not add one default admin one
let pw = 'pass-123'; let password = 'pass-123';
let hashed_pw = new jsSHA('SHA-512', 'TEXT').update(pw).getHash('HEX'); let hashedPassword = new jsSHA('SHA-512', 'TEXT').update(password).getHash('HEX');
let check_ins_stmt = `INSERT INTO users (name, pw) SELECT 'admin', '${hashed_pw}' let checkInsertSQLStmt = `INSERT INTO users (name, pw) SELECT 'admin', '${hashedPassword}'
WHERE NOT EXISTS (SELECT * FROM users);`; WHERE NOT EXISTS (SELECT * FROM users);`;
db.exec(check_ins_stmt); db.exec(checkInsertSQLStmt);
let users_stmt = `SELECT * FROM USERS`; let usersSQLStmt = `SELECT * FROM USERS`;
let stmt = db.prepare(users_stmt); let SQLStatement = db.prepare(usersSQLStmt);
console.log(`\n`, `*** Users table`); console.log(`\n`, `*** Users table`);
for (const usr of stmt.iterate()) { for (const usr of SQLStatement.iterate()) {
console.log(`[r] ${usr.name} + ${usr.pw}`); console.log(`[r] ${usr.name} + ${usr.pw}`);
} }
// cases table // cases table
create_stmt = `CREATE TABLE IF NOT EXISTS cases createSQLStmt = `CREATE TABLE IF NOT EXISTS cases
(id INTEGER PRIMARY KEY AUTOINCREMENT, (id INTEGER PRIMARY KEY AUTOINCREMENT,
token TEXT NOT NULL UNIQUE, token TEXT NOT NULL UNIQUE,
name TEXT NOT NULL UNIQUE, name TEXT NOT NULL UNIQUE,
pw TEXT NOT NULL)`; pw TEXT NOT NULL)`;
db.exec(create_stmt); db.exec(createSQLStmt);
let cases_stmt = `SELECT * FROM cases`; let casesSQLStmt = `SELECT * FROM cases`;
stmt = db.prepare(cases_stmt); SQLStatement = db.prepare(casesSQLStmt);
console.log(`\n`, `*** Cases table`); console.log(`\n`, `*** Cases table`);
for (const usr of stmt.iterate()) { for (const usr of SQLStatement.iterate()) {
console.log(`[r] ${usr.name} + ${usr.token} + ${usr.pw}`); console.log(`[r] ${usr.name} + ${usr.token} + ${usr.pw}`);
} }

16
src/lib/auth.ts
View File

@@ -19,18 +19,18 @@ export function decryptToken(token: string) {
} }
export function authenticate(user, pass) { export function authenticate(user, pass) {
let token; let JWTToken;
// hash user password // hash user password
let hashed_pw = new jsSHA('SHA-512', 'TEXT').update(pass).getHash('HEX'); let hashedPW = new jsSHA('SHA-512', 'TEXT').update(pass).getHash('HEX');
let get_usr_stmt = 'SELECT name, pw FROM users WHERE name = ?'; let getUserSQLStmt = 'SELECT name, pw FROM users WHERE name = ?';
const row = db.prepare(get_usr_stmt).get(user); const row = db.prepare(getUserSQLStmt).get(user);
let stored_pw = row.pw; let storedPW = row.pw;
if (hashed_pw && hashed_pw === stored_pw) { if (hashedPW && hashedPW === storedPW) {
token = createToken({ id: user, admin: true }); JWTToken = createToken({ id: user, admin: true });
} }
return token; return JWTToken;
} }

69
src/lib/server/vorgangService.ts
View File

@@ -6,11 +6,11 @@ import { db } from './dbService';
/** /**
* Get Vorgang and corresponend list of tatorte * Get Vorgang and corresponend list of tatorte
* @param caseId * @param caseToken
* @returns * @returns
*/ */
export const getVorgangByCaseId = async (caseId: string) => { export const getCrimesListByToken = async (caseToken: string) => {
const prefix = `${caseId}/`; const prefix = `${caseToken}/`;
const stream = client.listObjectsV2(BUCKET, prefix, false, ''); const stream = client.listObjectsV2(BUCKET, prefix, false, '');
@@ -28,34 +28,39 @@ export const getVorgangByCaseId = async (caseId: string) => {
/** /**
* Get Vorgang * Get Vorgang
* @param caseId * @param caseToken
* @returns caseObj with keys `token`, `name`, `pw` || undefined * @returns caseObj with keys `token`, `name`, `pw` || undefined
*/ */
export const getVorgang = function (caseId: string) { export const getVorgangByToken = function (caseToken: string) {
let getVorgang_stmt = `SELECT token, name, pw FROM cases WHERE token = ?`; let getVorgangSQLStmt = `SELECT token, name, pw FROM cases WHERE token = ?`;
const stmt = db.prepare(getVorgang_stmt); const statement = db.prepare(getVorgangSQLStmt);
const res = stmt.get(caseId); const result = statement.get(caseToken);
return res; return result;
}; };
/**
* Get Vorgang
* @param caseName
* @returns caseObj with keys `token`, `name`, `pw` || undefined
*/
export const getVorgangByName = function (caseName: string) { export const getVorgangByName = function (caseName: string) {
let getVorgangByName_stmt = `SELECT token, name, pw FROM cases WHERE name = ?`; let getVorgangByNameSQLStmt = `SELECT token, name, pw FROM cases WHERE name = ?`;
const stmt = db.prepare(getVorgangByName_stmt); const statement = db.prepare(getVorgangByNameSQLStmt);
const res = stmt.get(caseName); const result = statement.get(caseName);
return res; return result;
}; };
/** /**
* Delete Vorgang * Delete Vorgang
* @param caseName * @param caseToken
* @returns int: number of changes * @returns int: number of changes
*/ */
export const deleteVorgangByName = function (caseName: string) { export const deleteVorgangByToken = function (caseToken: string) {
let delete_stmt = 'DELETE FROM cases WHERE name = ?'; let deleteSQLStmt = 'DELETE FROM cases WHERE token = ?';
const stmt = db.prepare(delete_stmt); const statement = db.prepare(deleteSQLStmt);
const info = stmt.run(caseName); const info = statement.run(caseToken);
return info.changes; return info.changes;
}; };
@@ -84,11 +89,11 @@ export const getListOfVorgänge = async () => {
* @returns list with of available cases * @returns list with of available cases
*/ */
export const getVorgaenge = function () { export const getVorgaenge = function () {
let getVorgaenge_stmt = `SELECT token, name, pw from cases`; let getVorgaengeSQLStmt = `SELECT token, name, pw from cases`;
const stmt = db.prepare(getVorgaenge_stmt); const statement = db.prepare(getVorgaengeSQLStmt);
const res = stmt.all(); const result = statement.all();
const vorgaenge_list = []; const vorgaenge_list = [];
for (const r of res) { for (const r of result) {
const vorg = { token: r.token, name: r.name, pw: r.pw }; const vorg = { token: r.token, name: r.name, pw: r.pw };
vorgaenge_list.push(vorg); vorgaenge_list.push(vorg);
} }
@@ -121,11 +126,11 @@ export const checkIfVorgangExists = async (caseId: string | null) => {
return true; return true;
}; };
export const vorgangExists = function (caseId: string | null) { export const vorgangExists = function (caseToken: string | null) {
if (!caseId) { if (!caseToken) {
return fail(400, { return fail(400, {
success: false, success: false,
caseId, caseId: caseToken,
error: { message: 'Die Vorgangsnummer darf nicht leer sein.' } error: { message: 'Die Vorgangsnummer darf nicht leer sein.' }
}); });
} }
@@ -133,16 +138,16 @@ export const vorgangExists = function (caseId: string | null) {
let vorgaenge = getVorgaenge(); let vorgaenge = getVorgaenge();
const vorgaenge_tokens = vorgaenge.map((vorg) => vorg.token); const vorgaenge_tokens = vorgaenge.map((vorg) => vorg.token);
const found = vorgaenge_tokens.indexOf(caseId) != -1; const found = vorgaenge_tokens.indexOf(caseToken) != -1;
return found; return found;
}; };
export const vorgangNameExists = function (caseName: string) { export const vorgangNameExists = function (caseName: string) {
let vorgaenge = getVorgaenge(); let vorgaenge = getVorgaenge();
const vorgaenge_names = vorgaenge.map((vorg) => vorg.name); const vorgaengeNames = vorgaenge.map((vorg) => vorg.name);
const found = vorgaenge_names.indexOf(caseName) != -1; const found = vorgaengeNames.indexOf(caseName) != -1;
return found; return found;
}; };
@@ -169,14 +174,14 @@ export const hasValidToken = async (caseId: string, caseToken: string) => {
} }
}; };
export const tokenValid = function (caseId, caseToken) { export const passwordValid = function (caseToken, casePassword) {
if (!caseToken) { if (!casePassword) {
return false; return false;
} }
const vorg = getVorgang(caseId); const vorg = getVorgangByToken(caseToken);
if (!vorg || vorg.pw !== caseToken) { if (!vorg || vorg.pw !== casePassword) {
return false; return false;
} }

4
src/routes/(angemeldet)/list/+page.svelte
View File

@@ -46,7 +46,7 @@
<ul role="list" class="divide-y divide-gray-100"> <ul role="list" class="divide-y divide-gray-100">
{#each caseList as item} {#each caseList as item}
<li> <li>
<a href="/list/{item.token}?token={item.pw}" class="flex justify-between gap-x-6 py-5"> <a href="/list/{item.token}?pw={item.pw}" class="flex justify-between gap-x-6 py-5">
<div class="flex gap-x-4"> <div class="flex gap-x-4">
<!-- Ordner --> <!-- Ordner -->
<Folder /> <Folder />
@@ -55,7 +55,7 @@
<!-- Delete button --> <!-- Delete button -->
<button <button
style="padding: 2px" style="padding: 2px"
id="del__{item.name}" id="del__{item.token}"
on:click|preventDefault={delete_item} on:click|preventDefault={delete_item}
aria-label="Vorgang {item.name} löschen" aria-label="Vorgang {item.name} löschen"
> >

38
src/routes/(angemeldet)/upload/+page.server.ts
View File

@@ -1,11 +1,10 @@
import { Buffer } from 'buffer';
import { Readable } from 'stream'; import { Readable } from 'stream';
import { client } from '$lib/minio'; import { client } from '$lib/minio';
import { fail } from '@sveltejs/kit'; import { fail } from '@sveltejs/kit';
import { v4 as uuidv4 } from 'uuid'; import { v4 as uuidv4 } from 'uuid';
import { db } from '$lib/server/dbService'; import { db } from '$lib/server/dbService';
import { getVorgangByName, vorgangExists, vorgangNameExists } from '$lib/server/vorgangService'; import { getVorgangByName, vorgangNameExists } from '$lib/server/vorgangService';
const isRequiredFieldValid = (value: unknown) => { const isRequiredFieldValid = (value: unknown) => {
if (value == null) return false; if (value == null) return false;
@@ -18,36 +17,36 @@ const isRequiredFieldValid = (value: unknown) => {
export const actions = { export const actions = {
url: async ({ request }: { request: Request }) => { url: async ({ request }: { request: Request }) => {
const data = await request.formData(); const data = await request.formData();
const vorgang = data.get('vorgang'); const caseName = data.get('vorgang');
const name = data.get('name'); const crimeName = data.get('name');
const type = data.get('type'); const type = data.get('type');
const code = data.get('zugangscode'); const password = data.get('password');
const fileName = data.get('fileName'); const fileName = data.get('fileName');
// store case in database // store case in database
// skip if Vorgang exists and token not changed // skip if Vorgang exists and token not changed
const vorgang_exists = vorgangNameExists(vorgang); const vorgangExists = vorgangNameExists(caseName);
let token; let token;
if (!vorgang_exists) { if (!vorgangExists) {
token = uuidv4(); token = uuidv4();
let insert_stmt = `INSERT INTO cases (token, name, pw) VALUES (?, ?, ?)`; let insertSQLStatement = `INSERT INTO cases (token, name, pw) VALUES (?, ?, ?)`;
const stmt = db.prepare(insert_stmt); const statement = db.prepare(insertSQLStatement);
stmt.run(token, vorgang, code); statement.run(token, caseName, password);
} else { } else {
// vorgang exists // vorgang exists
// check if PW was changed, and update DB if it was // check if PW was changed, and update DB if it was
const vorg = getVorgangByName(vorgang); const vorg = getVorgangByName(caseName);
token = vorg.token; token = vorg.token;
if (vorg.pw != code) { if (vorg.pw != password) {
let update_stmt = `UPDATE cases SET pw = ? WHERE name = ?`; let updateSQLStmt = `UPDATE cases SET pw = ? WHERE name = ?`;
const stmt = db.prepare(update_stmt); const statement = db.prepare(updateSQLStmt);
stmt.run(code, vorgang); statement.run(password, vorg);
} }
} }
let objectName = `${token}/${name}`; let objectName = `${token}/${crimeName}`;
switch (type) { switch (type) {
case 'image/png': case 'image/png':
if (!objectName.endsWith('.png')) objectName += '.png'; if (!objectName.endsWith('.png')) objectName += '.png';
@@ -66,10 +65,9 @@ export const actions = {
const data = Object.fromEntries(requestData); const data = Object.fromEntries(requestData);
const vorgang = data.vorgang; const vorgang = data.vorgang;
const name = data.name; const name = data.name;
const zugangscode = data.zugangscode; const password = data.password;
let success = true; let success = true;
const err = {}; const err = {};
if (isRequiredFieldValid(vorgang)) err.vorgang = null; if (isRequiredFieldValid(vorgang)) err.vorgang = null;
else { else {
err.vorgang = 'Das Feld Vorgang darf nicht leer bleiben.'; err.vorgang = 'Das Feld Vorgang darf nicht leer bleiben.';
@@ -82,9 +80,9 @@ export const actions = {
success = false; success = false;
} }
if (isRequiredFieldValid(zugangscode)) err.zugangscode = null; if (isRequiredFieldValid(password)) err.password = null;
else { else {
err.zugangscode = 'Das Feld Zugangscode darf nicht leer bleiben.'; err.password = 'Das Feld Zugangspasswort darf nicht leer bleiben.';
success = false; success = false;
} }

53
src/routes/(angemeldet)/upload/+page.svelte
View File

@@ -17,18 +17,18 @@
let vorgang = ''; let vorgang = '';
const code_len = 8; const code_len = 8;
function generate_token() { function generatePassword() {
return Math.random() return Math.random()
.toString(36) .toString(36)
.slice(2, 2 + code_len); .slice(2, 2 + code_len);
} }
let zugangscode = '' let zugangspasswort = ''
let zugangscode_old = '' let zugangspasswordOld = ''
$: zugangscode_old = generate_token(); $: zugangspasswordOld = generatePassword();
$: zugangscode = zugangscode_old $: zugangspasswort = zugangspasswordOld
let case_existing = undefined; let caseExisting = undefined;
$: case_existing = false; $: caseExisting = false;
let name = ''; let name = '';
let etag: string | null = null; let etag: string | null = null;
@@ -42,7 +42,7 @@
let data = new FormData(); let data = new FormData();
data.append('vorgang', vorgang); data.append('vorgang', vorgang);
data.append('name', name); data.append('name', name);
data.append('zugangscode', zugangscode); data.append('password', zugangspasswort);
const response = await fetch('?/validate', { method: 'POST', body: data }); const response = await fetch('?/validate', { method: 'POST', body: data });
/** @type {import('@sveltejs/kit').ActionResult} */ /** @type {import('@sveltejs/kit').ActionResult} */
const result = deserialize(await response.text()); const result = deserialize(await response.text());
@@ -64,7 +64,6 @@
formErrors = { file: 'Keine gültige .GLD-Datei', ...formErrors }; formErrors = { file: 'Keine gültige .GLD-Datei', ...formErrors };
success = false; success = false;
} }
return success; return success;
} }
@@ -72,7 +71,7 @@
let data = new FormData(); let data = new FormData();
data.append('vorgang', vorgang); data.append('vorgang', vorgang);
data.append('name', name); data.append('name', name);
data.append('zugangscode', zugangscode); data.append('password', zugangspasswort);
if (files?.length === 1) { if (files?.length === 1) {
data.append('type', files[0].type); data.append('type', files[0].type);
data.append('fileName', files[0].name); data.append('fileName', files[0].name);
@@ -152,37 +151,37 @@
} }
// `/(angemeldet)/view` return true or false // `/(angemeldet)/view` return true or false
async function case_exists(case_name: string) { async function caseExists(caseName: string) {
if (case_name == '') { if (caseName == '') {
zugangscode = zugangscode_old; zugangspasswort = zugangspasswordOld;
return; return;
} }
let url = `/api/list/${case_name}` let url = `/api/list/${caseName}`
const response = await fetch(url, { method: 'HEAD'}); const response = await fetch(url, { method: 'HEAD'});
const status = response.status; const status = response.status;
if (status == 200) { if (status == 200) {
case_existing = true; caseExisting = true;
const code = await get_code(case_name); const passwort = await getPassword(caseName);
zugangscode = code; zugangspasswort = passwort;
return true return true
} else { } else {
case_existing = false; caseExisting = false;
zugangscode = zugangscode_old; zugangspasswort = zugangspasswordOld;
return false return false
} }
} }
async function get_code(case_no: string) { async function getPassword(caseName: string) {
if (case_no == '') return; if (caseName == '') return;
let url = `/api/list/${case_no}/code`; let url = `/api/list/${caseName}/code`;
const response = await fetch(url); const response = await fetch(url);
if (response.status == 200) { if (response.status == 200) {
@@ -226,14 +225,14 @@
id="vorgang" id="vorgang"
autocomplete={vorgang} autocomplete={vorgang}
class="block flex-1 border-0 bg-transparent py-1.5 pl-1 text-gray-900 placeholder:text-gray-400 focus:ring-0 sm:text-sm sm:leading-6" class="block flex-1 border-0 bg-transparent py-1.5 pl-1 text-gray-900 placeholder:text-gray-400 focus:ring-0 sm:text-sm sm:leading-6"
on:input={() => case_exists(vorgang)} on:input={() => caseExists(vorgang)}
/> />
</div> </div>
</div> </div>
{#if formErrors?.vorgang} {#if formErrors?.vorgang}
<p class="block text-sm leading-6 text-red-900 mt-2">{formErrors.vorgang}</p> <p class="block text-sm leading-6 text-red-900 mt-2">{formErrors.vorgang}</p>
{/if} {/if}
{#if case_existing && vorgang.length > 0} {#if caseExisting && vorgang.length > 0}
<span>Datei wird zum existierenden Vorgang hinzugefügt.</span> <span>Datei wird zum existierenden Vorgang hinzugefügt.</span>
{:else if vorgang.length > 0} {:else if vorgang.length > 0}
<span>Neuer Vorgang wird angelegt.</span> <span>Neuer Vorgang wird angelegt.</span>
@@ -280,11 +279,11 @@
class="flex rounded-md shadow-sm ring-1 ring-inset ring-gray-300 focus-within:ring-2 focus-within:ring-inset focus-within:ring-indigo-600" class="flex rounded-md shadow-sm ring-1 ring-inset ring-gray-300 focus-within:ring-2 focus-within:ring-inset focus-within:ring-indigo-600"
> >
<input <input
bind:value={zugangscode} bind:value={zugangspasswort}
type="text" type="text"
name="zugangscode" name="zugangscode"
id="zugangscode" id="zugangscode"
on:input="{ (ev) => { zugangscode_old = ev.target.value }}" on:input="{ (ev) => { zugangspasswordOld = ev.target.value }}"
class="block flex-1 border-0 bg-transparent py-1.5 pl-1 text-gray-900 placeholder:text-gray-400 focus:ring-0 sm:text-sm sm:leading-6" class="block flex-1 border-0 bg-transparent py-1.5 pl-1 text-gray-900 placeholder:text-gray-400 focus:ring-0 sm:text-sm sm:leading-6"
/> />
@@ -292,7 +291,7 @@
<button <button
class="rounded-md bg-blue-500 px-3 py-2 text-sm font-semibold text-white shadow-sm hover:bg-indigo-500 focus-visible:outline focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-indigo-600" class="rounded-md bg-blue-500 px-3 py-2 text-sm font-semibold text-white shadow-sm hover:bg-indigo-500 focus-visible:outline focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-indigo-600"
on:click="{() => { on:click="{() => {
zugangscode = zugangscode_old = generate_token(); }}" zugangspasswort = zugangspasswordOld = generatePassword(); }}"
type="button"> type="button">
Generiere Zugangscode Generiere Zugangscode
</button> </button>

12
src/routes/(token-based)/+layout.server.ts
View File

@@ -1,7 +1,7 @@
import { import {
checkIfVorgangExists, checkIfVorgangExists,
hasValidToken, hasValidToken,
tokenValid, passwordValid,
vorgangExists vorgangExists
} from '$lib/server/vorgangService'; } from '$lib/server/vorgangService';
import { redirect } from '@sveltejs/kit'; import { redirect } from '@sveltejs/kit';
@@ -14,11 +14,11 @@ export const load: PageServerLoad = async ({ params, url, locals }) => {
}; };
} }
const caseId = params.vorgang; const caseToken = params.vorgang;
const caseToken = url.searchParams.get('token'); const casePassword = url.searchParams.get('pw');
const isVorgangValid = vorgangExists(caseId); const isVorgangValid = vorgangExists(caseToken);
const isTokenValid = tokenValid(caseId, caseToken); const isPasswordValid = passwordValid(caseToken, casePassword);
if (!isVorgangValid || !isTokenValid) throw redirect(303, `/anmeldung?vorgang=${caseId}`); if (!isVorgangValid || !isPasswordValid) throw redirect(303, `/anmeldung?vorgang=${caseToken}`);
}; };

14
src/routes/(token-based)/list/[vorgang]/+page.server.ts
View File

@@ -1,16 +1,16 @@
import { getVorgang, getVorgangByCaseId } from '$lib/server/vorgangService'; import { getVorgangByToken, getCrimesListByToken } from '$lib/server/vorgangService';
import type { PageServerLoad } from './$types'; import type { PageServerLoad } from './$types';
export const load: PageServerLoad = async ({ params, url }) => { export const load: PageServerLoad = async ({ params, url }) => {
const caseId = params.vorgang; const caseToken = params.vorgang;
const caseToken = url.searchParams.get('token'); const casePassword = url.searchParams.get('pw');
const crimesList = await getVorgangByCaseId(caseId); const crimesList = await getCrimesListByToken(caseToken);
const vorg = getVorgang(caseId); const vorgang = getVorgangByToken(caseToken);
return { return {
crimesList, crimesList,
caseToken, casePassword,
vorg vorgang
}; };
}; };

10
src/routes/(token-based)/list/[vorgang]/+page.svelte
View File

@@ -26,9 +26,9 @@
// add other properties as needed // add other properties as needed
} }
const vorg = data.vorg; const vorgang = data.vorgang;
const crimesList: ListItem[] = data.crimesList; const crimesList: ListItem[] = data.crimesList;
const token: string = data.caseToken; const password: string = data.casePassword;
let open = false; let open = false;
$: open; $: open;
@@ -141,9 +141,9 @@
<div class="-z-10 bg-white"> <div class="-z-10 bg-white">
<div class="flex flex-col items-center justify-center w-full"> <div class="flex flex-col items-center justify-center w-full">
<h1 class="text-xl">Vorgang {vorg.name}</h1> <h1 class="text-xl">Vorgang {vorgang.name}</h1>
{#if data?.user?.admin} {#if data?.user?.admin}
Zugangscode: {vorg.pw} Zugangspasswort: {vorgang.pw}
<Button on:click={() => setClipboard($page.url.toString().split('?')[0])}>Copy Link</Button> <Button on:click={() => setClipboard($page.url.toString().split('?')[0])}>Copy Link</Button>
{/if} {/if}
</div> </div>
@@ -152,7 +152,7 @@
{#each crimesList as item, i} {#each crimesList as item, i}
<li> <li>
<a <a
href="/view/{$page.params.vorgang}/{item.name}?token={token}" href="/view/{$page.params.vorgang}/{item.name}?pw={password}"
class=" flex justify-between gap-x-6 py-5" class=" flex justify-between gap-x-6 py-5"
aria-label="zum 3D-modell" aria-label="zum 3D-modell"
> >

10
src/routes/anmeldung/+page.server.ts
View File

@@ -4,13 +4,15 @@ import { redirect } from '@sveltejs/kit';
export const actions = { export const actions = {
login: ({ request, cookies }) => loginUser({ request, cookies }), login: ({ request, cookies }) => loginUser({ request, cookies }),
logout: (event) => logoutUser(event), logout: (event) => logoutUser(event),
getVorgangById: async ({ request }) => { getVorgangByToken: async ({ request }) => {
const data = await request.formData(); const data = await request.formData();
const caseId = data.get('case-id');
const caseToken = data.get('case-token'); const caseToken = data.get('case-token');
const casePassword = data.get('case-password');
if (!caseId || !caseToken) return; console.log(`+++ ${caseToken} + ${casePassword}`);
throw redirect(303, `/list/${caseId}?token=${caseToken}`); if (!caseToken || !casePassword) return;
throw redirect(303, `/list/${caseToken}?pw=${casePassword}`);
} }
} as const; } as const;

24
src/routes/anmeldung/+page.svelte
View File

@@ -13,7 +13,7 @@
export let open = false; export let open = false;
import { page } from '$app/state'; import { page } from '$app/state';
const vorgang_token = page.url.searchParams.get('vorgang'); const vorgangToken = page.url.searchParams.get('vorgang');
</script> </script>
<div class="flex min-h-full flex-col justify-center px-6 py-12 lg:px-8"> <div class="flex min-h-full flex-col justify-center px-6 py-12 lg:px-8">
@@ -27,21 +27,21 @@
<div class="w-full max-w-sm mx-auto"> <div class="w-full max-w-sm mx-auto">
<div class="relative mt-5 bg-gray-50 rounded-xl shadow-xl p-3 pt-1"> <div class="relative mt-5 bg-gray-50 rounded-xl shadow-xl p-3 pt-1">
<div class="mt-10"> <div class="mt-10">
<form action="?/getVorgangById" method="POST"> <form action="?/getVorgangByToken" method="POST">
<BaseInputField
id="case-id"
name="case-id"
label="Vorgangskennung"
type="text"
value={vorgang_token}
/>
<div class="mt-5">
<BaseInputField <BaseInputField
id="case-token" id="case-token"
name="case-token" name="case-token"
label="Zugangscode" label="Vorgangskennung"
type="text" type="text"
value={form?.token} value={vorgangToken}
/>
<div class="mt-5">
<BaseInputField
id="case-password"
name="case-password"
label="Zugangspasswort"
type="text"
value={form?.password}
error={form?.error?.message} error={form?.error?.message}
/> />
</div> </div>

17
src/routes/api/list/[vorgang]/+server.ts
View File

@@ -1,21 +1,18 @@
import { client } from '$lib/minio'; import { client } from '$lib/minio';
import { db } from '$lib/server/dbService'; import { db } from '$lib/server/dbService';
import { import {
deleteVorgangByName, deleteVorgangByToken,
getVorgang, getVorgangByToken,
getVorgangByName, getVorgangByName,
vorgangNameExists vorgangNameExists
} from '$lib/server/vorgangService'; } from '$lib/server/vorgangService';
export async function DELETE({ params }) { export async function DELETE({ params }) {
const vorgang = params.vorgang; const vorgangToken = params.vorgang;
const vorg = getVorgangByName(vorgang);
let vorg_token = vorg.token;
const object_list = await new Promise((resolve, reject) => { const object_list = await new Promise((resolve, reject) => {
const res = []; const res = [];
const items_str = client.listObjects('tatort', vorg_token, true); const items_str = client.listObjects('tatort', vorgangToken, true);
items_str.on('data', (obj) => { items_str.on('data', (obj) => {
res.push(obj.name); res.push(obj.name);
@@ -29,15 +26,15 @@ export async function DELETE({ params }) {
}); });
await client.removeObjects('tatort', object_list); await client.removeObjects('tatort', object_list);
deleteVorgangByName(vorgang); deleteVorgangByToken(vorgangToken);
return new Response(null, { status: 204 }); return new Response(null, { status: 204 });
} }
export async function HEAD({ params }) { export async function HEAD({ params }) {
const vorgang_name = params.vorgang; const vorgangName = params.vorgang;
const existing = vorgangNameExists(vorgang_name); const existing = vorgangNameExists(vorgangName);
if (existing) { if (existing) {
return new Response(null, { status: 200 }); return new Response(null, { status: 200 });

13
src/routes/api/list/[vorgang]/code/+server.ts
View File

@@ -1,16 +1,15 @@
import { client } from '$lib/minio';
import { db } from '$lib/server/dbService'; import { db } from '$lib/server/dbService';
/** @type {import('./$types').RequestHandler} */ /** @type {import('./$types').RequestHandler} */
export async function GET({ params }) { export async function GET({ params }) {
const vorgang_name = params.vorgang; const vorgangName = params.vorgang;
let get_code_stmt = `SELECT pw FROM cases WHERE name = ?;`; let getCodeSQLStatement = `SELECT pw FROM cases WHERE name = ?;`;
const row = db.prepare(get_code_stmt).get(vorgang_name); const row = db.prepare(getCodeSQLStatement).get(vorgangName);
let pw = row.pw; let password = row.pw;
if (pw) { if (password) {
return new Response(pw, { status: 200 }); return new Response(password, { status: 200 });
} else { } else {
return new Response(null, { status: 404 }); return new Response(null, { status: 404 });
} }