innohub/tatort
7
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

f034_sqlite_database #19

Merged
jared merged 34 commits from f034_sqlite_database into development 2025-07-24 14:34:39 +02:00
Conversation 8 Commits 34 Files Changed 21 +74 -76
10 changed files with 74 additions and 76 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 143bb128a5 - Show all commits

14
src/lib/server/vorgangService.ts
View File

@@ -6,11 +6,11 @@ import { db } from './dbService';
/** /**
* Get Vorgang and corresponend list of tatorte * Get Vorgang and corresponend list of tatorte
* @param caseId * @param caseToken
* @returns * @returns
*/ */
export const getVorgangByCaseId = async (caseId: string) => { export const getCrimesListByToken = async (caseToken: string) => {
const prefix = `${caseId}/`; const prefix = `${caseToken}/`;
const stream = client.listObjectsV2(BUCKET, prefix, false, ''); const stream = client.listObjectsV2(BUCKET, prefix, false, '');
@@ -174,14 +174,14 @@ export const hasValidToken = async (caseId: string, caseToken: string) => {
} }
}; };
export const tokenValid = function (caseId, caseToken) { export const passwordValid = function (caseToken, casePassword) {
if (!caseToken) { if (!casePassword) {
return false; return false;
} }
const vorg = getVorgangByToken(caseId); const vorg = getVorgangByToken(caseToken);
if (!vorg || vorg.pw !== caseToken) { if (!vorg || vorg.pw !== casePassword) {
return false; return false;
} }

2
src/routes/(angemeldet)/list/+page.svelte
View File

@@ -46,7 +46,7 @@
<ul role="list" class="divide-y divide-gray-100"> <ul role="list" class="divide-y divide-gray-100">
{#each caseList as item} {#each caseList as item}
<li> <li>
<a href="/list/{item.token}?token={item.pw}" class="flex justify-between gap-x-6 py-5"> <a href="/list/{item.token}?pw={item.pw}" class="flex justify-between gap-x-6 py-5">
<div class="flex gap-x-4"> <div class="flex gap-x-4">
<!-- Ordner --> <!-- Ordner -->
<Folder /> <Folder />

32
src/routes/(angemeldet)/upload/+page.server.ts
View File

@@ -1,11 +1,10 @@
import { Buffer } from 'buffer';
import { Readable } from 'stream'; import { Readable } from 'stream';
import { client } from '$lib/minio'; import { client } from '$lib/minio';
import { fail } from '@sveltejs/kit'; import { fail } from '@sveltejs/kit';
import { v4 as uuidv4 } from 'uuid'; import { v4 as uuidv4 } from 'uuid';
import { db } from '$lib/server/dbService'; import { db } from '$lib/server/dbService';
import { getVorgangByName, vorgangExists, vorgangNameExists } from '$lib/server/vorgangService'; import { getVorgangByName, vorgangNameExists } from '$lib/server/vorgangService';
const isRequiredFieldValid = (value: unknown) => { const isRequiredFieldValid = (value: unknown) => {
if (value == null) return false; if (value == null) return false;
@@ -18,36 +17,36 @@ const isRequiredFieldValid = (value: unknown) => {
export const actions = { export const actions = {
url: async ({ request }: { request: Request }) => { url: async ({ request }: { request: Request }) => {
const data = await request.formData(); const data = await request.formData();
const vorgang = data.get('vorgang'); const caseName = data.get('vorgang');
const name = data.get('name'); const crimeName = data.get('name');
const type = data.get('type'); const type = data.get('type');
const pw = data.get('zugangscode'); const password = data.get('password');
const fileName = data.get('fileName'); const fileName = data.get('fileName');
// store case in database // store case in database
// skip if Vorgang exists and token not changed // skip if Vorgang exists and token not changed
const vorgangExists = vorgangNameExists(vorgang); const vorgangExists = vorgangNameExists(caseName);
let token; let token;
if (!vorgangExists) { if (!vorgangExists) {
token = uuidv4(); token = uuidv4();
let insertSQLStmt = `INSERT INTO cases (token, name, pw) VALUES (?, ?, ?)`; let insertSQLStatement = `INSERT INTO cases (token, name, pw) VALUES (?, ?, ?)`;
const statement = db.prepare(insertSQLStmt); const statement = db.prepare(insertSQLStatement);
statement.run(token, vorgang, pw); statement.run(token, caseName, password);
} else { } else {
// vorgang exists // vorgang exists
// check if PW was changed, and update DB if it was // check if PW was changed, and update DB if it was
const vorg = getVorgangByName(vorg); const vorg = getVorgangByName(caseName);
token = vorg.token; token = vorg.token;
if (vorg.pw != pw) { if (vorg.pw != password) {
let updateSQLStmt = `UPDATE cases SET pw = ? WHERE name = ?`; let updateSQLStmt = `UPDATE cases SET pw = ? WHERE name = ?`;
const statement = db.prepare(updateSQLStmt); const statement = db.prepare(updateSQLStmt);
statement.run(pw, vorg); statement.run(password, vorg);
} }
} }
let objectName = `${token}/${name}`; let objectName = `${token}/${crimeName}`;
switch (type) { switch (type) {
case 'image/png': case 'image/png':
if (!objectName.endsWith('.png')) objectName += '.png'; if (!objectName.endsWith('.png')) objectName += '.png';
@@ -66,10 +65,9 @@ export const actions = {
const data = Object.fromEntries(requestData); const data = Object.fromEntries(requestData);
const vorgang = data.vorgang; const vorgang = data.vorgang;
const name = data.name; const name = data.name;
const zugangscode = data.zugangscode; const password = data.password;
jared marked this conversation as resolved
trachi93 commented 2025-07-22 11:33:11 +02:00
Review
Copy Link

[JB] Was meint hier password? Ist es nicht der vorgangstoken?

[JB] Was meint hier password? Ist es nicht der vorgangstoken?
trachi93 commented 2025-07-23 12:59:31 +02:00
Review
Copy Link

Projektweite Umbenennung erfolgt im separaten branch.

Projektweite Umbenennung erfolgt im separaten branch.
let success = true; let success = true;
const err = {}; const err = {};
if (isRequiredFieldValid(vorgang)) err.vorgang = null; if (isRequiredFieldValid(vorgang)) err.vorgang = null;
else { else {
err.vorgang = 'Das Feld Vorgang darf nicht leer bleiben.'; err.vorgang = 'Das Feld Vorgang darf nicht leer bleiben.';
@@ -82,9 +80,9 @@ export const actions = {
success = false; success = false;
} }
if (isRequiredFieldValid(zugangscode)) err.zugangscode = null; if (isRequiredFieldValid(password)) err.password = null;
else { else {
err.zugangscode = 'Das Feld Zugangscode darf nicht leer bleiben.'; err.password = 'Das Feld Zugangspasswort darf nicht leer bleiben.';
success = false; success = false;
} }

31
src/routes/(angemeldet)/upload/+page.svelte
View File

@@ -17,15 +17,15 @@
let vorgang = ''; let vorgang = '';
const code_len = 8; const code_len = 8;
function generate_token() { function generatePassword() {
jared marked this conversation as resolved
trachi93 commented 2025-07-22 11:33:35 +02:00
Review
Copy Link

[JB] Ich würde es nicht Password nennen, entweder vorgangsPassword oder vorgangsToken oder so und das stringent durch, an allen Codestellen.

[JB] Ich würde es nicht Password nennen, entweder vorgangsPassword oder vorgangsToken oder so und das stringent durch, an allen Codestellen.
return Math.random() return Math.random()
.toString(36) .toString(36)
.slice(2, 2 + code_len); .slice(2, 2 + code_len);
} }
let zugangscode = '' let zugangspasswort = ''
let zugangscodeOld = '' let zugangspasswordOld = ''
$: zugangscodeOld = generate_token(); $: zugangspasswordOld = generatePassword();
$: zugangscode = zugangscodeOld $: zugangspasswort = zugangspasswordOld
let caseExisting = undefined; let caseExisting = undefined;
$: caseExisting = false; $: caseExisting = false;
@@ -42,7 +42,7 @@
let data = new FormData(); let data = new FormData();
data.append('vorgang', vorgang); data.append('vorgang', vorgang);
data.append('name', name); data.append('name', name);
data.append('zugangscode', zugangscode); data.append('password', zugangspasswort);
const response = await fetch('?/validate', { method: 'POST', body: data }); const response = await fetch('?/validate', { method: 'POST', body: data });
/** @type {import('@sveltejs/kit').ActionResult} */ /** @type {import('@sveltejs/kit').ActionResult} */
const result = deserialize(await response.text()); const result = deserialize(await response.text());
@@ -64,7 +64,6 @@
formErrors = { file: 'Keine gültige .GLD-Datei', ...formErrors }; formErrors = { file: 'Keine gültige .GLD-Datei', ...formErrors };
success = false; success = false;
} }
return success; return success;
} }
@@ -72,7 +71,7 @@
let data = new FormData(); let data = new FormData();
data.append('vorgang', vorgang); data.append('vorgang', vorgang);
data.append('name', name); data.append('name', name);
data.append('zugangscode', zugangscode); data.append('password', zugangspasswort);
if (files?.length === 1) { if (files?.length === 1) {
data.append('type', files[0].type); data.append('type', files[0].type);
data.append('fileName', files[0].name); data.append('fileName', files[0].name);
@@ -155,7 +154,7 @@
async function caseExists(caseName: string) { async function caseExists(caseName: string) {
if (caseName == '') { if (caseName == '') {
zugangscode = zugangscodeOld; zugangspasswort = zugangspasswordOld;
return; return;
} }
@@ -166,19 +165,19 @@
if (status == 200) { if (status == 200) {
caseExisting = true; caseExisting = true;
const code = await getCode(caseName); const passwort = await getPassword(caseName);
zugangscode = code; zugangspasswort = passwort;
return true return true
} else { } else {
caseExisting = false; caseExisting = false;
zugangscode = zugangscodeOld; zugangspasswort = zugangspasswordOld;
return false return false
} }
} }
async function getCode(caseName: string) { async function getPassword(caseName: string) {
if (caseName == '') return; if (caseName == '') return;
@@ -280,11 +279,11 @@
class="flex rounded-md shadow-sm ring-1 ring-inset ring-gray-300 focus-within:ring-2 focus-within:ring-inset focus-within:ring-indigo-600" class="flex rounded-md shadow-sm ring-1 ring-inset ring-gray-300 focus-within:ring-2 focus-within:ring-inset focus-within:ring-indigo-600"
> >
<input <input
bind:value={zugangscode} bind:value={zugangspasswort}
type="text" type="text"
name="zugangscode" name="zugangscode"
id="zugangscode" id="zugangscode"
on:input="{ (ev) => { zugangscodeOld = ev.target.value }}" on:input="{ (ev) => { zugangspasswordOld = ev.target.value }}"
class="block flex-1 border-0 bg-transparent py-1.5 pl-1 text-gray-900 placeholder:text-gray-400 focus:ring-0 sm:text-sm sm:leading-6" class="block flex-1 border-0 bg-transparent py-1.5 pl-1 text-gray-900 placeholder:text-gray-400 focus:ring-0 sm:text-sm sm:leading-6"
/> />
@@ -292,7 +291,7 @@
<button <button
class="rounded-md bg-blue-500 px-3 py-2 text-sm font-semibold text-white shadow-sm hover:bg-indigo-500 focus-visible:outline focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-indigo-600" class="rounded-md bg-blue-500 px-3 py-2 text-sm font-semibold text-white shadow-sm hover:bg-indigo-500 focus-visible:outline focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-indigo-600"
on:click="{() => { on:click="{() => {
zugangscode = zugangscodeOld = generate_token(); }}" zugangspasswort = zugangspasswordOld = generatePassword(); }}"
type="button"> type="button">
Generiere Zugangscode Generiere Zugangscode
</button> </button>

12
src/routes/(token-based)/+layout.server.ts
View File

@@ -1,7 +1,7 @@
import { import {
checkIfVorgangExists, checkIfVorgangExists,
hasValidToken, hasValidToken,
tokenValid, passwordValid,
vorgangExists vorgangExists
} from '$lib/server/vorgangService'; } from '$lib/server/vorgangService';
import { redirect } from '@sveltejs/kit'; import { redirect } from '@sveltejs/kit';
@@ -14,11 +14,11 @@ export const load: PageServerLoad = async ({ params, url, locals }) => {
}; };
} }
const caseId = params.vorgang; const caseToken = params.vorgang;
const caseToken = url.searchParams.get('token'); const casePassword = url.searchParams.get('pw');
const isVorgangValid = vorgangExists(caseId); const isVorgangValid = vorgangExists(caseToken);
const isTokenValid = tokenValid(caseId, caseToken); const isPasswordValid = passwordValid(caseToken, casePassword);
if (!isVorgangValid || !isTokenValid) throw redirect(303, `/anmeldung?vorgang=${caseId}`); if (!isVorgangValid || !isPasswordValid) throw redirect(303, `/anmeldung?vorgang=${caseToken}`);
}; };

14
src/routes/(token-based)/list/[vorgang]/+page.server.ts
View File

@@ -1,16 +1,16 @@
import { getVorgangByToken, getVorgangByCaseId } from '$lib/server/vorgangService'; import { getVorgangByToken, getCrimesListByToken } from '$lib/server/vorgangService';
import type { PageServerLoad } from './$types'; import type { PageServerLoad } from './$types';
export const load: PageServerLoad = async ({ params, url }) => { export const load: PageServerLoad = async ({ params, url }) => {
const caseId = params.vorgang; const caseToken = params.vorgang;
const caseToken = url.searchParams.get('token'); const casePassword = url.searchParams.get('pw');
const crimesList = await getVorgangByCaseId(caseId); const crimesList = await getCrimesListByToken(caseToken);
const vorg = getVorgangByToken(caseId); const vorgang = getVorgangByToken(caseToken);
return { return {
crimesList, crimesList,
caseToken, casePassword,
vorg vorgang
}; };
}; };

10
src/routes/(token-based)/list/[vorgang]/+page.svelte
View File

@@ -26,9 +26,9 @@
// add other properties as needed // add other properties as needed
} }
const vorg = data.vorg; const vorgang = data.vorgang;
const crimesList: ListItem[] = data.crimesList; const crimesList: ListItem[] = data.crimesList;
const token: string = data.caseToken; const password: string = data.casePassword;
let open = false; let open = false;
$: open; $: open;
@@ -141,9 +141,9 @@
<div class="-z-10 bg-white"> <div class="-z-10 bg-white">
<div class="flex flex-col items-center justify-center w-full"> <div class="flex flex-col items-center justify-center w-full">
<h1 class="text-xl">Vorgang {vorg.name}</h1> <h1 class="text-xl">Vorgang {vorgang.name}</h1>
{#if data?.user?.admin} {#if data?.user?.admin}
Zugangspasswort: {vorg.pw} Zugangspasswort: {vorgang.pw}
<Button on:click={() => setClipboard($page.url.toString().split('?')[0])}>Copy Link</Button> <Button on:click={() => setClipboard($page.url.toString().split('?')[0])}>Copy Link</Button>
{/if} {/if}
</div> </div>
@@ -152,7 +152,7 @@
{#each crimesList as item, i} {#each crimesList as item, i}
<li> <li>
<a <a
href="/view/{$page.params.vorgang}/{item.name}?token={token}" href="/view/{$page.params.vorgang}/{item.name}?pw={password}"
class=" flex justify-between gap-x-6 py-5" class=" flex justify-between gap-x-6 py-5"
aria-label="zum 3D-modell" aria-label="zum 3D-modell"
> >

12
src/routes/anmeldung/+page.server.ts
View File

@@ -4,13 +4,15 @@ import { redirect } from '@sveltejs/kit';
export const actions = { export const actions = {
login: ({ request, cookies }) => loginUser({ request, cookies }), login: ({ request, cookies }) => loginUser({ request, cookies }),
logout: (event) => logoutUser(event), logout: (event) => logoutUser(event),
getVorgangById: async ({ request }) => { getVorgangByToken: async ({ request }) => {
const data = await request.formData(); const data = await request.formData();
const caseId = data.get('case-id');
const caseToken = data.get('case-token'); const caseToken = data.get('case-token');
const casePassword = data.get('case-password');
if (!caseId || !caseToken) return; console.log(`+++ ${caseToken} + ${casePassword}`);
throw redirect(303, `/list/${caseId}?token=${caseToken}`); if (!caseToken || !casePassword) return;
throw redirect(303, `/list/${caseToken}?pw=${casePassword}`);
} }
} as const; } as const;

18
src/routes/anmeldung/+page.svelte
View File

@@ -13,7 +13,7 @@
export let open = false; export let open = false;
import { page } from '$app/state'; import { page } from '$app/state';
const vorgang_token = page.url.searchParams.get('vorgang'); const vorgangToken = page.url.searchParams.get('vorgang');
</script> </script>
<div class="flex min-h-full flex-col justify-center px-6 py-12 lg:px-8"> <div class="flex min-h-full flex-col justify-center px-6 py-12 lg:px-8">
@@ -27,21 +27,21 @@
<div class="w-full max-w-sm mx-auto"> <div class="w-full max-w-sm mx-auto">
<div class="relative mt-5 bg-gray-50 rounded-xl shadow-xl p-3 pt-1"> <div class="relative mt-5 bg-gray-50 rounded-xl shadow-xl p-3 pt-1">
<div class="mt-10"> <div class="mt-10">
<form action="?/getVorgangById" method="POST"> <form action="?/getVorgangByToken" method="POST">
<BaseInputField <BaseInputField
id="case-id" id="case-token"
name="case-id" name="case-token"
label="Vorgangskennung" label="Vorgangskennung"
type="text" type="text"
value={vorgang_token} value={vorgangToken}
/> />
<div class="mt-5"> <div class="mt-5">
<BaseInputField <BaseInputField
id="case-token" id="case-password"
name="case-token" name="case-password"
label="Zugangscode" label="Zugangspasswort"
type="text" type="text"
value={form?.token} value={form?.password}
error={form?.error?.message} error={form?.error?.message}
/> />
</div> </div>

5
src/routes/api/list/[vorgang]/code/+server.ts
View File

@@ -1,12 +1,11 @@
import { client } from '$lib/minio';
import { db } from '$lib/server/dbService'; import { db } from '$lib/server/dbService';
trachi93 marked this conversation as resolved Outdated
trachi93 commented 2025-07-22 11:34:33 +02:00
Outdated
Review
Copy Link

[JB] Der Pfad [vorgang]/code/.. sollte geändert werden in die entsprechende Vokabel also zugangstoken o. ä. s.o.

[JB] Der Pfad [vorgang]/code/.. sollte geändert werden in die entsprechende Vokabel also zugangstoken o. ä. s.o.
/** @type {import('./$types').RequestHandler} */ /** @type {import('./$types').RequestHandler} */
export async function GET({ params }) { export async function GET({ params }) {
const vorgangName = params.vorgang; const vorgangName = params.vorgang;
let getCodeSQLStmt = `SELECT pw FROM cases WHERE name = ?;`; let getCodeSQLStatement = `SELECT pw FROM cases WHERE name = ?;`;
const row = db.prepare(getCodeSQLStmt).get(vorgangName); const row = db.prepare(getCodeSQLStatement).get(vorgangName);
let password = row.pw; let password = row.pw;
if (password) { if (password) {