PR for Issue#332 [BE: API key & code snippet]

backend/.env

@@ -13,6 +13,9 @@ EMAIL_ENABLE=false
 # JWT Secret Key
 JWT_SECRET="NKrbO2lpCsOpVAlqAPsjZ0tZXzIoKru7gAmYZ7XlHn0=qqwqeq"
 
+# API KEY ENCRYPTION SECRET KEY
+API_KEY_ENCRYPTION_KEY="\wd?jqf7o5*v;[{/s$9_u3`h+i4r2(^ymt'#|kn-@~!x1ea6pb"
+
 TEST_DB_USERNAME=user123
 TEST_DB_PASSWORD=password123
 TEST_DB_NAME=onboarding_db_test

backend/.env.production

@@ -9,3 +9,6 @@ PROD_DB_PORT=5432
 
 # JWT Secret Key
 JWT_SECRET=your_prod_jwt_secret_key_here
+
+# API KEY ENCRYPTION SECRET KEY
+API_KEY_ENCRYPTION_KEY=your_prod_api_key_encryption_key_here

backend/.env.test

@@ -13,3 +13,6 @@ POSTGRES_DB=onboarding_db_test
 
 # JWT Secret Key
 JWT_SECRET=your_test_jwt_secret_key_here
+
+# API KEY ENCRYPTION SECRET KEY
+API_KEY_ENCRYPTION_KEY=your_prod_api_key_encryption_key_here

backend/config/settings.js

@@ -23,6 +23,7 @@ module.exports = {
       popups: [userRole.ADMIN],
       hints: [userRole.ADMIN],
       banners: [userRole.ADMIN],
+      serverUrlAndApiKey: [userRole.ADMIN],
       links: [userRole.ADMIN],
       tours: [userRole.ADMIN],
     }

backend/migrations/20241115084356-api_key_server_url_cols_teams_rel.js

@@ -0,0 +1,21 @@
+'use strict';
+
+module.exports = {
+  async up (queryInterface, Sequelize) {
+    await queryInterface.addColumn('teams', 'apiKey', {
+      type: Sequelize.TEXT,
+      allowNull: true,
+      defaultValue: null,
+    })
+    await queryInterface.addColumn('teams', 'serverUrl', {
+      type: Sequelize.TEXT,
+      allowNull: true,
+      defaultValue: null,
+    })
+  },
+
+  async down (queryInterface, Sequelize) {
+    await queryInterface.removeColumn('teams', 'apiKey')
+    await queryInterface.removeColumn('teams', 'serverUrl')
+  }
+};

backend/migrations/20241210225728-add-action-url-banner.js

@@ -0,0 +1,18 @@
+"use strict";
+
+/** @type {import('sequelize-cli').Migration} */
+module.exports = {
+  async up(queryInterface, Sequelize) {
+    await queryInterface.addColumn("banners", "actionUrl", {
+      type: Sequelize.STRING,
+      allowNull: true,
+      validate: {
+        isUrl: true,
+      },
+    });
+  },
+
+  async down(queryInterface, Sequelize) {
+    await queryInterface.removeColumn("banners", "actionUrl");
+  },
+};

backend/migrations/20241210225734-add-action-url-popup.js

@@ -0,0 +1,18 @@
+"use strict";
+
+/** @type {import('sequelize-cli').Migration} */
+module.exports = {
+  async up(queryInterface, Sequelize) {
+    await queryInterface.addColumn("popup", "actionUrl", {
+      type: Sequelize.STRING,
+      allowNull: true,
+      validate: {
+        isUrl: true,
+      },
+    });
+  },
+
+  async down(queryInterface, Sequelize) {
+    await queryInterface.removeColumn("popup", "actionUrl");
+  },
+};

backend/src/controllers/banner.controller.js

@@ -1,33 +1,61 @@
 const bannerService = require("../service/banner.service.js");
 const { internalServerError } = require("../utils/errors.helper");
 const { validateCloseButtonAction } = require("../utils/guide.helper");
-const { validatePosition } = require("../utils/banner.helper");
+const {
+  validatePosition,
+  validateUrl,
+  validateRelativeUrl,
+} = require("../utils/banner.helper");
 const { checkColorFieldsFail } = require("../utils/guide.helper");
 
 class BannerController {
   async addBanner(req, res) {
     const userId = req.user.id;
-    const { position, closeButtonAction, fontColor, backgroundColor } = req.body;
+    const {
+      position,
+      closeButtonAction,
+      fontColor,
+      backgroundColor,
+      actionUrl,
+      url,
+    } = req.body;
 
     if (!position || !closeButtonAction) {
-      return res
-        .status(400)
-        .json({
-          errors: [{ msg: "position and closeButtonAction are required" }],
-        });
+      return res.status(400).json({
+        errors: [{ msg: "position and closeButtonAction are required" }],
+      });
     }
 
-    if (!validatePosition(position) || !validateCloseButtonAction(closeButtonAction)) {
-      return res
-        .status(400)
-        .json({
-          errors: [{ msg: "Invalid value entered" }],
-        });
+    if (
+      !validatePosition(position) ||
+      !validateCloseButtonAction(closeButtonAction)
+    ) {
+      return res.status(400).json({
+        errors: [{ msg: "Invalid value entered" }],
+      });
+    }
+
+    if (actionUrl) {
+      try {
+        validateUrl(actionUrl, "actionUrl");
+      } catch (err) {
+        return res.status(400).json({ errors: [{ msg: err.message }] });
+      }
+    }
+
+    if (url) {
+      try {
+        validateRelativeUrl(url, "url");
+      } catch (err) {
+        return res.status(400).json({ errors: [{ msg: err.message }] });
+      }
     }
 
     const colorFields = { fontColor, backgroundColor };
-    const colorCheck = checkColorFieldsFail(colorFields, res)
-    if (colorCheck) { return colorCheck };
+    const colorCheck = checkColorFieldsFail(colorFields, res);
+    if (colorCheck) {
+      return colorCheck;
+    }
 
     try {
       const newBannerData = { ...req.body, createdBy: userId };
@@ -37,7 +65,7 @@ class BannerController {
       console.log(err);
       const { statusCode, payload } = internalServerError(
         "CREATE_BANNER_ERROR",
-        err.message,
+        err.message
       );
       res.status(statusCode).json(payload);
     }
@@ -54,11 +82,9 @@ class BannerController {
       const deletionResult = await bannerService.deleteBanner(id);
 
       if (!deletionResult) {
-        return res
-          .status(400)
-          .json({
-            errors: [{ msg: "Banner with the specified id does not exist" }],
-          });
+        return res.status(400).json({
+          errors: [{ msg: "Banner with the specified id does not exist" }],
+        });
       }
 
       res
@@ -67,7 +93,7 @@ class BannerController {
     } catch (err) {
       const { statusCode, payload } = internalServerError(
         "DELETE_BANNER_ERROR",
-        err.message,
+        err.message
       );
       res.status(statusCode).json(payload);
     }
@@ -76,14 +102,19 @@ class BannerController {
   async editBanner(req, res) {
     try {
       const { id } = req.params;
-      const { fontColor, backgroundColor, url, position, closeButtonAction, bannerText } = req.body;
+      const {
+        fontColor,
+        backgroundColor,
+        url,
+        position,
+        closeButtonAction,
+        actionUrl,
+      } = req.body;
 
       if (!position || !closeButtonAction) {
-        return res
-          .status(400)
-          .json({
-            errors: [{ msg: "position and closeButtonAction are required" }],
-          });
+        return res.status(400).json({
+          errors: [{ msg: "position and closeButtonAction are required" }],
+        });
       }
 
       if (!validatePosition(position)) {
@@ -98,16 +129,34 @@ class BannerController {
           .json({ errors: [{ msg: "Invalid value for closeButtonAction" }] });
       }
 
+      if (actionUrl) {
+        try {
+          validateUrl(actionUrl, "actionUrl");
+        } catch (err) {
+          return res.status(400).json({ errors: [{ msg: err.message }] });
+        }
+      }
+
+      if (url) {
+        try {
+          validateRelativeUrl(url, "url");
+        } catch (err) {
+          return res.status(400).json({ errors: [{ msg: err.message }] });
+        }
+      }
+
       const colorFields = { fontColor, backgroundColor };
-      const colorCheck = checkColorFieldsFail(colorFields, res)
-      if (colorCheck) { return colorCheck };
+      const colorCheck = checkColorFieldsFail(colorFields, res);
+      if (colorCheck) {
+        return colorCheck;
+      }
 
       const updatedBanner = await bannerService.updateBanner(id, req.body);
       res.status(200).json(updatedBanner);
     } catch (err) {
       const { statusCode, payload } = internalServerError(
         "EDIT_BANNER_ERROR",
-        err.message,
+        err.message
       );
       res.status(statusCode).json(payload);
     }
@@ -120,7 +169,7 @@ class BannerController {
     } catch (err) {
       const { statusCode, payload } = internalServerError(
         "GET_ALL_BANNERS_ERROR",
-        err.message,
+        err.message
       );
       res.status(statusCode).json(payload);
     }
@@ -133,8 +182,8 @@ class BannerController {
       res.status(200).json(banners);
     } catch (err) {
       const { statusCode, payload } = internalServerError(
-        "GET\_BANNERS_ERROR",
-        err.message,
+        "GET_BANNERS_ERROR",
+        err.message
       );
       res.status(statusCode).json(payload);
     }
@@ -158,7 +207,7 @@ class BannerController {
     } catch (err) {
       const { statusCode, payload } = internalServerError(
         "GET_BANNER_BY_ID_ERROR",
-        err.message,
+        err.message
       );
       res.status(statusCode).json(payload);
     }
@@ -167,19 +216,22 @@ class BannerController {
     try {
       const { url } = req.body;
 
-      if (!url || typeof url !== 'string' ) {
-        return res.status(400).json({ errors: [{ msg: "URL is missing or invalid" }] });
+      if (!url || typeof url !== "string") {
+        return res
+          .status(400)
+          .json({ errors: [{ msg: "URL is missing or invalid" }] });
       }
 
       const banner = await bannerService.getBannerByUrl(url);
-      res.status(200).json({banner});
+      res.status(200).json({ banner });
     } catch (error) {
-      internalServerError(
+      const { payload, statusCode } = internalServerError(
         "GET_BANNER_BY_URL_ERROR",
-        error.message,
+        error.message
       );
+      res.status(statusCode).json(payload);
     }
-  };
+  }
 }
 
 module.exports = new BannerController();