From 19164ab8eaa7fddfd238c5c6715f5a1432a1dfdf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabian=20B=C3=BChler?= Date: Wed, 20 Dec 2017 21:50:58 +0100 Subject: [PATCH 1/6] started using db instead of json files --- src/adminPage/app/controllers/beverage.js | 4 +- src/api.js | 76 ++++++++++------------- 2 files changed, 35 insertions(+), 45 deletions(-) diff --git a/src/adminPage/app/controllers/beverage.js b/src/adminPage/app/controllers/beverage.js index 675449d..1f5f2a8 100644 --- a/src/adminPage/app/controllers/beverage.js +++ b/src/adminPage/app/controllers/beverage.js @@ -6,7 +6,7 @@ app.controller('beverageController', function($scope, $http, $window) { $scope.title = "Beverage Overview"; $scope.icon = "fa-beer"; - + $scope.searchableGlobal = false; $scope.searchableLocal = true; $scope.enumerate = true; @@ -142,7 +142,7 @@ app.controller('beverageController', function($scope, $http, $window) { } }, { - name: "count", + name: "stock", displayname: "Currently in Stock:", display: function(data) { return data; diff --git a/src/api.js b/src/api.js index 6a69ada..e349414 100644 --- a/src/api.js +++ b/src/api.js @@ -152,14 +152,14 @@ api.get('/token', adminAccess(function (req, res) { api.post('/orders', userAccess(function (req, res) { let user = req.query.user; let beverage = req.query.beverage; - + if (user == undefined || beverage == undefined || user === '' || beverage === '' || !contains(users.keys(), user) || !contains(beverages, beverage)) { res.status(400).end('Fail to order the beverage for the user'); return; } else { let cost = 0; - for (i = 0; i < beverages.length; i++) { + for (let i = 0; i < beverages.length; i++) { if (beverages[i].name === beverage) { cost = beverages[i].price; beverages[i].count--; @@ -169,14 +169,14 @@ api.post('/orders', userAccess(function (req, res) { break; } } - + users.get(user).balance -= cost; fs.writeFile(dirname + '/data/users.json', JSON.stringify(users), 'utf8'); - - var stmt = db.prepare("INSERT INTO History(id, user, reason, amount, timestamp) VALUES (?, ?, ?, ?, ?);"); - stmt.run(uuidv4(), user, beverage, -cost, new Date().toUTCString()); + + var stmt = db.prepare("INSERT INTO History(id, user, reason, amount) VALUES (?, ?, ?, ?);"); + stmt.run(uuidv4(), user, beverage, -cost); stmt.finalize(); - + res.sendStatus(200); } })); @@ -189,7 +189,9 @@ api.get('/orders', userAccess(function (req, res) { } let histories = []; - db.each("SELECT id, user, reason, amount, timestamp FROM History LIMIT " + limit, function(err, row) { + var stmt = db.prepare("SELECT id, user, reason, amount, timestamp FROM History ORDER BY timestamp DESC LIMIT ?;"); + console.log(stmt); + stmt.each(limit, function(err, row) { histories.push(row); }, function() { res.status(200).end(JSON.stringify(histories)); @@ -207,7 +209,8 @@ api.get('/orders/:userId', userAccess(function (req, res) { limit = 1000; } let userHistories = []; - db.each("SELECT id, user, reason, amount, timestamp FROM History WHERE user = '" + userId + "' LIMIT " + limit, function(err, row) { + var stmt = db.prepare("SELECT id, user, reason, amount, timestamp FROM History WHERE user = ? ORDER BY timestamp DESC LIMIT ?;"); + stmt.each(userId, limit, function(err, row) { userHistories.push(row); }, function() { res.status(200).end(JSON.stringify(userHistories)); @@ -232,7 +235,7 @@ api.delete('/orders/:orderId', function (req, res) { if (orderId != undefined && orderId != '') { let deleted = true; //TODO check for error in sql - var stmt = db.prepare("DELETE FROM History WHERE id == ?;"); + var stmt = db.prepare("DELETE FROM History WHERE id = ?;"); stmt.run(orderId); stmt.finalize(); @@ -247,20 +250,21 @@ api.delete('/orders/:orderId', function (req, res) { }); api.get('/beverages', userAccess(function (req, res) { - res.status(200).end(JSON.stringify(beverages)); + let beverages = []; + var stmt = db.prepare("SELECT name, stock, price FROM Beverages ORDER BY name;"); + stmt.each(function(err, row) { + beverages.push(row); + }, function() { + res.status(200).end(JSON.stringify(beverages)); + }); })); api.post('/beverages', adminAccess(function (req, res) { let bev = req.query.beverage; let price = req.query.price; if (bev != undefined && price != undefined && bev != '') { - let beverage = { - name: bev, - price: price, - count: 0 - }; - beverages.push(beverage); - fs.writeFile(dirname + '/data/beverages.json', JSON.stringify(beverages), 'utf8'); + let stmt = db.prepare("INSERT INTO Beverages (name, price) VALUES (?, ?)"); + stmt.run(bev, price); res.sendStatus(200); } else { throw new Error('Test Error'); @@ -272,19 +276,13 @@ api.patch('/beverages/:beverage', adminAccess(function (req, res) { let price = req.query.price; let count = req.query.count; if (bev != undefined && bev != '') { - for (let i = 0; i < beverages.length; i++) { - let beverage = beverages[i]; - console.log(beverage); - if (beverage.name == bev) { - if (price != undefined) { - beverage.price = price; - } - if (count != undefined) { - beverage.count += new Number(count); - } - fs.writeFile(dirname + '/data/beverages.json', JSON.stringify(beverages), 'utf8'); - break; - } + if (price != undefined) { + let stmt = db.prepere("UPDATE Beverages SET price = ? WHERE name = ?;"); + stmt.run(parseInt(price), bev); + } + if (count != undefined) { + let stmt = db.prepere("UPDATE Beverages SET stock = stock + ? WHERE name = ?;"); + stmt.run(parseInt(count), bev); } res.sendStatus(200); } else { @@ -295,16 +293,8 @@ api.patch('/beverages/:beverage', adminAccess(function (req, res) { api.delete('/beverages/:beverage', adminAccess(function (req, res) { let bev = req.params.beverage; if (bev != undefined && bev != '') { - let index = 0; - for (let i = 0; i < beverages.length; i++) { - let beverage = beverages[i]; - if (beverage.name == bev) { - index = i; - break; - } - } - beverages.splice(index, 1); - fs.writeFile(dirname + '/data/beverages.json', JSON.stringify(beverages), 'utf8'); + let stmt = db.prepare("DELETE FROM Beverages WHERE name = ?;"); + stmt.run(bev); res.sendStatus(200); } else { res.sendStatus(400); @@ -363,7 +353,7 @@ api.patch('/users/:userId', adminAccess(function (req, res) { if (userId != undefined && amount != undefined && reason != undefined && userId != '' && reason != '' && amount != '' && users.has(userId)) { amount = new Number(amount); - + var stmt = db.prepare("INSERT INTO History(id, user, reason, amount, timestamp) VALUES (?, ?, ?, ?, ?);"); stmt.run(uuidv4(), userId, reason, amount, new Date().toUTCString()); stmt.finalize(); @@ -388,4 +378,4 @@ api.post('/logout', function (req, res) { api.use(function (err, req, res, next) { console.error(err.stack); res.status(500).send('We messed up, sry!'); -}); \ No newline at end of file +}); From f6d93277f0a2ee4bca6a58b40f5023aabffd5a23 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabian=20B=C3=BChler?= Date: Wed, 20 Dec 2017 22:27:58 +0100 Subject: [PATCH 2/6] added debug task --- .gitignore | 1 + package.json | 1 + 2 files changed, 2 insertions(+) diff --git a/.gitignore b/.gitignore index 76b1852..1fcc421 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ node_modules src/data/* data/* +.vscode \ No newline at end of file diff --git a/package.json b/package.json index 9142487..df2b060 100644 --- a/package.json +++ b/package.json @@ -6,6 +6,7 @@ "scripts": { "test": "echo \"Error: no test specified\" && exit 1", "start": "nodemon --ignore 'data/*' src/server.js", + "start-debug": "nodemon --inspect --ignore 'data/*' src/server.js", "postinstall": "node src/install.js" }, "repository": { From 96994263896e1a3ddbbb9da44a1c11ca3ac41719 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabian=20B=C3=BChler?= Date: Wed, 20 Dec 2017 23:46:52 +0100 Subject: [PATCH 3/6] complete migration to db, removed unused time check function time check moved into sql command --- src/api.js | 106 +++++++++++++++++++++++++++++++++++------------------ 1 file changed, 70 insertions(+), 36 deletions(-) diff --git a/src/api.js b/src/api.js index e349414..1110ff7 100644 --- a/src/api.js +++ b/src/api.js @@ -4,6 +4,9 @@ * Author: Sandro Speth * Author: Tobias Wältken */ + +/* jslint esversion: 6 */ + // Imports const sqlite3 = require('sqlite3'); const express = require('express'); @@ -43,11 +46,6 @@ function contains(array, item) { return bool; } -// Actual wrong method -function isTimePassed(date) { - return !(+(new Date(new Date(date).getTime() + 30000)) > +(new Date())); -} - /** * This function wraps a given middleware function with a check for the user * tokens in the request to reduce code clutter. @@ -173,9 +171,28 @@ api.post('/orders', userAccess(function (req, res) { users.get(user).balance -= cost; fs.writeFile(dirname + '/data/users.json', JSON.stringify(users), 'utf8'); - var stmt = db.prepare("INSERT INTO History(id, user, reason, amount) VALUES (?, ?, ?, ?);"); - stmt.run(uuidv4(), user, beverage, -cost); - stmt.finalize(); + let stmt = db.prepare("SELECT price, stock FROM Beverages WHERE name = ?;"); + stmt.get(beverage, function(err, result) { + if (result == undefined) { + console.log('[API] [FAIL] can\'t find beverage '+beverage); + return; + } + if (result.stock === 0) { + console.log('[API] [FAIL] no more '+beverage+' in stock'); + return; + } + let cost = result.price; + + let stmt1 = db.prepare("UPDATE Beverages SET stock = stock-1 WHERE name = ?;"); + stmt1.run(beverage); + + let stmt2 = db.prepare("UPDATE Users SET balance = balance - ? WHERE name = ?;"); + stmt2.run(cost, user); + + var stmt3 = db.prepare("INSERT INTO History(id, user, reason, amount) VALUES (?, ?, ?, ?);"); + stmt3.run(uuidv4(), user, beverage, -cost); + }); + res.sendStatus(200); } @@ -233,17 +250,18 @@ api.delete('/orders/:orderId', function (req, res) { // return; //} if (orderId != undefined && orderId != '') { - let deleted = true; //TODO check for error in sql - - var stmt = db.prepare("DELETE FROM History WHERE id = ?;"); - stmt.run(orderId); - stmt.finalize(); - if (deleted) { - res.sendStatus(200); - } else { - res.sendStatus(400); - } + let stmt = db.prepare("SELECT FROM History WHERE id = ? and timestamp > (DATETIME('now', '-30 seconds', 'localtime')) LIMIT 1;"); + stmt.get(orderId, function(err, result) { + if (result == undefined && !tokens.get(token).root) { + // too late to delete + res.sendStatus(400); + return; + } + var stmt = db.prepare("DELETE FROM History WHERE id = ?;"); + stmt.run(orderId); + stmt.finalize(); + }); } else { res.sendStatus(400); } @@ -303,31 +321,46 @@ api.delete('/beverages/:beverage', adminAccess(function (req, res) { api.get('/users', userAccess(function (req, res) { let token = req.header('X-Auth-Token'); + + let users = []; + var stmt = db.prepare("SELECT name FROM Users ORDER BY name;"); + var stmtAdmin = db.prepare("SELECT name, balance FROM Users ORDER BY name;"); if (!tokens.get(token).root) { - res.status(200).end(JSON.stringify(users.keys())); + stmt.each(function(err, row) { + users.push(row.name); + }, function() { + res.status(200).end(JSON.stringify(users)); + }); } else { - res.status(200).end(JSON.stringify(users.values())); + stmtAdmin.each(function(err, row) { + users.push(row); + }, function() { + res.status(200).end(JSON.stringify(users)); + }); } })); api.get('/users/:userId', userAccess(function (req, res) { let userId = req.params.userId; - if (userId === undefined || userId === '' || !users.has(userId)) { + var stmt = db.prepare("SELECT name, balance FROM Users WHERE name = ?;"); + if (userId === undefined || userId === '') { res.status(404).end('User not found'); } else { - res.status(200).end(JSON.stringify(users.get(userId))); + stmt.get(userId, function(err, result) { + if (result == undefined) { + res.status(404).end('User not found'); + return; + } + res.status(200).end(JSON.stringify(result)); + }); } })); api.post('/users/:userId', adminAccess(function (req, res) { let userId = req.params.userId; if (userId != undefined && userId != '') { - let user = { - name: userId, - balance: 0 - }; - users.set(userId, user); - fs.writeFile(dirname + '/data/users.json', JSON.stringify(users), 'utf8'); + let stmt = db.prepare("INSERT INTO Users (name) VALUES (?);"); + stmt.run(userId); res.sendStatus(200); } else { res.sendStatus(400); @@ -337,10 +370,11 @@ api.post('/users/:userId', adminAccess(function (req, res) { api.delete('/users/:userId', adminAccess(function (req, res) { let userId = req.params.userId; if (userId != undefined && userId != '' && users.has(userId)) { - let user = users.get(userId); - users.remove(userId); - fs.writeFile(dirname + '/data/users.json', JSON.stringify(users), 'utf8'); - res.status(200).send(JSON.stringify(user)); + let stmt = db.prepare("DELETE FROM Users WHERE name = ?;"); + stmt.run(userId); + res.sendStatus(200); + // why return old user? + // res.status(200).send(JSON.stringify(user)); } else { res.sendStatus(400); } @@ -354,12 +388,12 @@ api.patch('/users/:userId', adminAccess(function (req, res) { && userId != '' && reason != '' && amount != '' && users.has(userId)) { amount = new Number(amount); - var stmt = db.prepare("INSERT INTO History(id, user, reason, amount, timestamp) VALUES (?, ?, ?, ?, ?);"); - stmt.run(uuidv4(), userId, reason, amount, new Date().toUTCString()); + var stmt = db.prepare("INSERT INTO History(id, user, reason, amount) VALUES (?, ?, ?, ?);"); + stmt.run(uuidv4(), userId, reason, amount); stmt.finalize(); - users.get(userId).balance += amount; - fs.writeFile(dirname + '/data/users.json', JSON.stringify(users), 'utf8'); + let stmt2 = db.prepare("UPDATE Users SET balance = balance + ? WHERE name = ?;"); + stmt2.run(amount, userId); res.sendStatus(200); } else { res.sendStatus(400); From 103451c1158639cf22250e74bcc3b7ff9daf5aae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabian=20B=C3=BChler?= Date: Wed, 20 Dec 2017 23:50:15 +0100 Subject: [PATCH 4/6] removed json update code --- src/api.js | 25 ++++--------------------- 1 file changed, 4 insertions(+), 21 deletions(-) diff --git a/src/api.js b/src/api.js index 1110ff7..564fc10 100644 --- a/src/api.js +++ b/src/api.js @@ -20,10 +20,8 @@ const dirname = fs.realpathSync('./'); // Database var db = new sqlite3.Database(dirname + '/data/history.db'); // Arrays -var beverages = JSON.parse(fs.readFileSync(dirname + '/data/beverages.json', 'utf8')); var auth = JSON.parse(fs.readFileSync(dirname + '/data/auth.json', 'utf8')); // NodeJS HashMap -var users = new HashMap(JSON.parse(fs.readFileSync(dirname + '/data/users.json', 'utf8'))); var tokens = new HashMap(); /** @@ -152,25 +150,10 @@ api.post('/orders', userAccess(function (req, res) { let beverage = req.query.beverage; if (user == undefined || beverage == undefined || - user === '' || beverage === '' || !contains(users.keys(), user) || !contains(beverages, beverage)) { + user === '' || beverage === '') { res.status(400).end('Fail to order the beverage for the user'); return; } else { - let cost = 0; - for (let i = 0; i < beverages.length; i++) { - if (beverages[i].name === beverage) { - cost = beverages[i].price; - beverages[i].count--; - fs.writeFile(dirname + '/data/beverages.json', JSON.stringify(beverages), 'utf8', function(error) { - console.log('[API] [FAIL] can\'t write /data/beverages.json'); - }); - break; - } - } - - users.get(user).balance -= cost; - fs.writeFile(dirname + '/data/users.json', JSON.stringify(users), 'utf8'); - let stmt = db.prepare("SELECT price, stock FROM Beverages WHERE name = ?;"); stmt.get(beverage, function(err, result) { if (result == undefined) { @@ -218,7 +201,7 @@ api.get('/orders', userAccess(function (req, res) { api.get('/orders/:userId', userAccess(function (req, res) { let userId = req.params.userId; let limit = req.query.limit; - if (userId === undefined || userId === '' || !users.has(userId)) { + if (userId === undefined || userId === '') { res.status(404).end('User not found'); return; } else { @@ -369,7 +352,7 @@ api.post('/users/:userId', adminAccess(function (req, res) { api.delete('/users/:userId', adminAccess(function (req, res) { let userId = req.params.userId; - if (userId != undefined && userId != '' && users.has(userId)) { + if (userId != undefined && userId != '') { let stmt = db.prepare("DELETE FROM Users WHERE name = ?;"); stmt.run(userId); res.sendStatus(200); @@ -385,7 +368,7 @@ api.patch('/users/:userId', adminAccess(function (req, res) { let amount = req.query.amount; let reason = req.query.reason; if (userId != undefined && amount != undefined && reason != undefined - && userId != '' && reason != '' && amount != '' && users.has(userId)) { + && userId != '' && reason != '' && amount != '') { amount = new Number(amount); var stmt = db.prepare("INSERT INTO History(id, user, reason, amount) VALUES (?, ?, ?, ?);"); From c7a0367967d20b71b4815b620abddc5c7449edda Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabian=20B=C3=BChler?= Date: Thu, 21 Dec 2017 15:21:39 +0100 Subject: [PATCH 5/6] fix for issue 5 --- src/api.js | 60 ++++++++++++++++++++++++++++++++++++-------------- src/install.js | 2 +- 2 files changed, 45 insertions(+), 17 deletions(-) diff --git a/src/api.js b/src/api.js index 564fc10..4df0556 100644 --- a/src/api.js +++ b/src/api.js @@ -172,8 +172,8 @@ api.post('/orders', userAccess(function (req, res) { let stmt2 = db.prepare("UPDATE Users SET balance = balance - ? WHERE name = ?;"); stmt2.run(cost, user); - var stmt3 = db.prepare("INSERT INTO History(id, user, reason, amount) VALUES (?, ?, ?, ?);"); - stmt3.run(uuidv4(), user, beverage, -cost); + var stmt3 = db.prepare("INSERT INTO History(id, user, reason, amount, beverage, beverage_count) VALUES (?, ?, ?, ?, ?, ?);"); + stmt3.run(uuidv4(), user, beverage, -cost, beverage, 1); }); @@ -189,8 +189,7 @@ api.get('/orders', userAccess(function (req, res) { } let histories = []; - var stmt = db.prepare("SELECT id, user, reason, amount, timestamp FROM History ORDER BY timestamp DESC LIMIT ?;"); - console.log(stmt); + var stmt = db.prepare("SELECT id, user, reason, amount, beverage, beverage_count, timestamp FROM History ORDER BY timestamp DESC LIMIT ?;"); stmt.each(limit, function(err, row) { histories.push(row); }, function() { @@ -209,7 +208,7 @@ api.get('/orders/:userId', userAccess(function (req, res) { limit = 1000; } let userHistories = []; - var stmt = db.prepare("SELECT id, user, reason, amount, timestamp FROM History WHERE user = ? ORDER BY timestamp DESC LIMIT ?;"); + var stmt = db.prepare("SELECT id, user, reason, amount, beverage, beverage_count, timestamp FROM History WHERE user = ? ORDER BY timestamp DESC LIMIT ?;"); stmt.each(userId, limit, function(err, row) { userHistories.push(row); }, function() { @@ -219,8 +218,6 @@ api.get('/orders/:userId', userAccess(function (req, res) { })); api.delete('/orders/:orderId', function (req, res) { - // FIXME think about using userAccess, adminAcces or keep it locally when - // solving Issue#5 (https://github.com/spethso/Drinklist/issues/5) let orderId = req.params.orderId; let token = req.header('X-Auth-Token'); if (!tokens.has(token)) { @@ -228,22 +225,53 @@ api.delete('/orders/:orderId', function (req, res) { res.status(403).end('Forbidden'); return; } - //if (!tokens.get(token).root) { - // res.status(401).end('Unauthorized'); - // return; - //} if (orderId != undefined && orderId != '') { - let stmt = db.prepare("SELECT FROM History WHERE id = ? and timestamp > (DATETIME('now', '-30 seconds', 'localtime')) LIMIT 1;"); + let stmt = db.prepare("SELECT timestamp > (DATETIME('now', '-30 seconds', 'localtime')) as fresh, id, user, amount, beverage, beverage_count, timestamp FROM History WHERE id = ? LIMIT 1;"); stmt.get(orderId, function(err, result) { - if (result == undefined && !tokens.get(token).root) { + if (result == undefined) { + // no order to delete! + return; + } + + if (result.fresh == false && !tokens.get(token).root) { // too late to delete res.sendStatus(400); return; } - var stmt = db.prepare("DELETE FROM History WHERE id = ?;"); - stmt.run(orderId); - stmt.finalize(); + + function updateUserAndBeverage(result) { + if (result.amount !== 0 && result.user !== '') { + let stmt = db.prepare("UPDATE Users SET balance = balance - ? WHERE name = ?;"); + stmt.run(result.amount, result.user); + } + + if (result.beverage !== '') { + let stmt = db.prepare("UPDATE Beverages SET stock = stock + ? WHERE name = ?"); + stmt.run(result.beverage_count, result.beverage); + } + } + + if (result.fresh) { + updateUserAndBeverage(result); + var stmt = db.prepare("DELETE FROM History WHERE id = ?;"); + stmt.run(orderId); + stmt.finalize(); + res.sendStatus(200); + } else { + let stmt = db.prepare("SELECT * FROM History WHERE reason = ? LIMIT 1;"); + stmt.get(result.id, function(err, existing) { + if (existing == undefined) { // prevent double undo + updateUserAndBeverage(result); + let stmt = db.prepare("INSERT INTO History(id, user, reason, amount, beverage, beverage_count) VALUES (?, ?, ?, ?, ?, ?);"); + stmt.run(uuidv4(), result.user, result.id, -result.amount, result.beverage, -result.beverage_count); + res.sendStatus(200); + } else { + // double undo error code here... + res.sendStatus(500); + } + }); + } }); } else { res.sendStatus(400); diff --git a/src/install.js b/src/install.js index 6f40113..28ee9b8 100644 --- a/src/install.js +++ b/src/install.js @@ -19,7 +19,7 @@ var authData = [ db.serialize(function() { db.run('DROP TABLE IF EXISTS History;'); - db.run("CREATE TABLE History (id VARCHAR(255), user VARCHAR(255) NOT NULL, reason VARCHAR(255), amount INTEGER NOT NULL DEFAULT 0, timestamp DATETIME NOT NULL DEFAULT (DATETIME('now', 'localtime')));"); + db.run("CREATE TABLE History (id VARCHAR(255), user VARCHAR(255) NOT NULL, reason VARCHAR(255), amount INTEGER NOT NULL DEFAULT 0, beverage VARCHAR(255) NOT NULL DEFAULT '', beverage_count INTEGER NOT NULL DEFAULT 0, timestamp DATETIME NOT NULL DEFAULT (DATETIME('now', 'localtime')));"); db.run('DROP TABLE IF EXISTS Users;'); db.run("CREATE TABLE Users (name VARCHAR(255) PRIMARY KEY, balance INTEGER NOT NULL DEFAULT 0);"); db.run('DROP TABLE IF EXISTS Beverages;'); From 241379417487b639813265a6c7be755c5152531c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabian=20B=C3=BChler?= Date: Mon, 8 Jan 2018 19:53:42 +0100 Subject: [PATCH 6/6] fixes from review --- src/api.js | 6 ------ 1 file changed, 6 deletions(-) diff --git a/src/api.js b/src/api.js index 4df0556..f4c1afc 100644 --- a/src/api.js +++ b/src/api.js @@ -160,10 +160,6 @@ api.post('/orders', userAccess(function (req, res) { console.log('[API] [FAIL] can\'t find beverage '+beverage); return; } - if (result.stock === 0) { - console.log('[API] [FAIL] no more '+beverage+' in stock'); - return; - } let cost = result.price; let stmt1 = db.prepare("UPDATE Beverages SET stock = stock-1 WHERE name = ?;"); @@ -384,8 +380,6 @@ api.delete('/users/:userId', adminAccess(function (req, res) { let stmt = db.prepare("DELETE FROM Users WHERE name = ?;"); stmt.run(userId); res.sendStatus(200); - // why return old user? - // res.status(200).send(JSON.stringify(user)); } else { res.sendStatus(400); }