* added authorization in server side (API are safe now)

* review functionality added

Author: pnutmath

JupiterAirAPI/.gitignore

@@ -3,4 +3,7 @@
 /node_modules
 
 #config
-/config/default.json
+/config/default.json
+
+#angular UI
+/public

JupiterAirAPI/controllers/airline.js

@@ -2,53 +2,69 @@ const mongoose = require('mongoose');
 let Airline = require('../models/Airline');
 
 module.exports.addAirlineDetails = (req, res) => {
-    let airline = new Airline();
-    airline.name = req.body.name;
-    airline.slogan = req.body.slogan;
-    airline.founded_on = req.body.founded_on;
-    airline.origin_contry = req.body.origin_contry;
-    airline.hubs = req.body.hubs;
-    airline.focus_cities = req.body.focus_cities;
-    airline.best_travel_reward = req.body.best_travel_reward;
-    airline.save((err) => {
-        if (err) { console.error(err) }
-        res.status(200);
-        res.json(airline);
-    });
-    console.log(req.body);
-    console.log(airline);
+
+    if (!req.payload._id) {
+        res.status(401).json({
+            "message": "UnauthorizedError: Dont try in novice hacker way"
+        });
+    } else {
+        let airline = new Airline();
+        airline.name = req.body.name;
+        airline.slogan = req.body.slogan;
+        airline.founded_on = req.body.founded_on;
+        airline.origin_contry = req.body.origin_contry;
+        airline.hubs = req.body.hubs;
+        airline.focus_cities = req.body.focus_cities;
+        airline.best_travel_reward = req.body.best_travel_reward;
+        airline.save((err) => {
+            if (err) { console.error(err) }
+            res.status(200);
+            res.json(airline);
+        });
+    }
 }
 module.exports.updateAirlineDetails = (req, res) => {
-    Airline.findByIdAndUpdate(
-        { _id: req.params.id },
-        {
-            $set: {
-                name: req.body.name,
-                slogan: req.body.slogan,
-                founded_on: req.body.founded_on,
-                origin_contry: req.body.origin_contry,
-                hubs: req.body.hubs,
-                focus_cities: req.body.focus_cities,
-                best_travel_reward: req.body.best_travel_reward
-            }
-        }, (err, item) => {
-            if (err) {
-                res.json({ mag: "Unable to update item", err: err });
-            } else {
-                res.json({ msg: 'Item updated successfully' });
-            }
+    if (!req.payload._id) {
+        res.status(401).json({
+            "message": "UnauthorizedError: Dont try in novice hacker way"
         });
-
+    } else {
+        Airline.findByIdAndUpdate(
+            { _id: req.params.id },
+            {
+                $set: {
+                    name: req.body.name,
+                    slogan: req.body.slogan,
+                    founded_on: req.body.founded_on,
+                    origin_contry: req.body.origin_contry,
+                    hubs: req.body.hubs,
+                    focus_cities: req.body.focus_cities,
+                    best_travel_reward: req.body.best_travel_reward
+                }
+            }, (err, item) => {
+                if (err) {
+                    res.json({ msg: "Unable to update item", err: err });
+                } else {
+                    res.json({ msg: 'Item updated successfully' });
+                }
+            });
+    }
 }
 module.exports.deleteAirlineDetails = (req, res) => {
-    Airline.remove(
-        { _id: req.params.id }, (err, item) => {
-            if (err) {
-                res.json({ mag: "Unable to delete item", err: err });
-            } else {
-                res.json({ msg: 'Item delete successfully' });
-            }
+    if (!req.payload._id) {
+        res.status(401).json({
+            "message": "UnauthorizedError: Dont try in novice hacker way"
         });
+    } else {
+        Airline.remove(
+            { _id: req.params.id }, (err, item) => {
+                if (err) {
+                    res.json({ msg: "Unable to delete item", err: err });
+                } else {
+                    res.json({ msg: 'Item delete successfully' });
+                }
+            });
+    }
 }
 module.exports.getAirlinesDetails = (req, res) => {
 
@@ -57,4 +73,54 @@ module.exports.getAirlinesDetails = (req, res) => {
     });
 }
 module.exports.getAirlineDetails = (req, res) => {
-}
+}
+module.exports.submitReview = (req, res) => {
+    if (!req.payload._id) {
+        res.status(401).json({
+            "message": "UnauthorizedError: Dont try in novice hacker way"
+        });
+    } else {
+        let userid = req.payload._id;
+        let airlineid = req.params.id;
+        Airline.findById({ _id: airlineid },
+            (err, item) => {
+                if (err) {
+                    res.json({ msg: "Unable to get airline", err: err });
+                } else {
+                    let existingRating = item.rating.find(function (ele) {
+                        return ele.username == userid;
+                    });
+                    let existingComment = item.comments.find(function (ele) {
+                        return ele.username == userid;
+                    });
+                    if (existingRating) {
+                        item.rating.id(existingRating._id).rate = req.body.rating;
+                        item.comments.id(existingComment._id).comment = req.body.comment;
+                        item.save();
+                        res.json({ msg: 'Ratings updated successful' });                      
+                    } else {
+                        Airline.findByIdAndUpdate({ _id: airlineid }, {
+                            $push: {
+                                rating: {
+                                    username: userid,
+                                    rate: req.body.rating
+                                },
+                                comments: {
+                                    username: userid,
+                                    comment: req.body.comment
+                                }
+                            }
+                        }, (err, data) => {
+                            if (err) {
+                                res.json({ msg: "Unable to store your review", err: err });
+                            } else {
+                                res.json({ msg: 'Ratings updated successful' });
+                            }
+                        });
+                    }
+                }
+            })
+    }
+}
+
+

JupiterAirAPI/index.js

@@ -38,7 +38,7 @@ app.use(function (err, req, res, next) {
     }
 });
 
-app.get('/', (req, res) => res.send('Dont try to play with our API'));
+app.use('/', express.static('public'));
 
 app.listen(PORT
     , () => console.log(`app listening on port ${PORT}!`));

JupiterAirAPI/routes/api.route.js

@@ -18,20 +18,19 @@ router.use(function timeLog(req, res, next) {
 let ctrlAuth = require('../controllers/authentication');
 let airline_controller = require('../controllers/airline');
 
-// define the home page route
-router.get('/admin', auth, function (req, res) {
-  res.send('Airlines home page')
-})
 // retrive the airlines
 router.get('/airlines', airline_controller.getAirlinesDetails)
 // retrive the airline
 router.get('/airline/:id', airline_controller.getAirlineDetails)
 // add the airlines
-router.post('/airline', airline_controller.addAirlineDetails)
+router.post('/airline', auth, airline_controller.addAirlineDetails)
 // update the airlines
-router.put('/airline/:id', airline_controller.updateAirlineDetails)
+router.put('/airline/:id', auth, airline_controller.updateAirlineDetails)
 // delete the airlines
-router.delete('/airline/:id', airline_controller.deleteAirlineDetails)
+router.delete('/airline/:id', auth, airline_controller.deleteAirlineDetails)
+
+// add review
+router.post('/airline/:id/review', auth, airline_controller.submitReview)
 
 // authentication
 router.post('/register', ctrlAuth.register);

JupiterAirUI/angular.json

@@ -13,7 +13,7 @@
         "build": {
           "builder": "@angular-devkit/build-angular:browser",
           "options": {
-            "outputPath": "dist/JupiterAirUI",
+            "outputPath": "../JupiterAirAPI/public",
             "index": "src/index.html",
             "main": "src/main.ts",
             "polyfills": "src/polyfills.ts",

JupiterAirUI/src/app/app.component.html

@@ -9,7 +9,7 @@ <h5 class="my-0 mr-md-auto font-weight-normal">
       <a class="py-2 px-2 d-none d-md-inline-block" href="#">Product</a>
     </div>
   </nav>
-  <span *ngIf="auth.isLoggedIn()">Welcome {{auth.getUserDetails()?.username}}</span>  
+  <span *ngIf="auth.isLoggedIn()">Welcome {{auth.getUserDetails()?.name}}</span>  
   <a *ngIf="!auth.isLoggedIn()" routerLink="login" class="btn btn-outline-primary">login</a>
   <a *ngIf="auth.isLoggedIn()" (click)="auth.logout()" class="btn btn-outline-primary ml-3">logout</a>
 </div>

JupiterAirUI/src/app/home/home.component.css

@@ -0,0 +1,6 @@
+#star_review{
+    cursor: pointer;
+}
+.fill-star{
+    color: gold;
+}

JupiterAirUI/src/app/home/home.component.html

@@ -1,3 +1,5 @@
+<div class="alert alert-danger alert-dismissible" *ngIf="isWarning">
+  {{warningMessage}}</div>
 <section class="row">
   <div *ngFor="let airline of airlineList" class="col-md-4 col-sm-6">
     <div class="card mb-4 box-shadow">
@@ -11,9 +13,10 @@ <h4>{{airline.name}}</h4>
         <div class="d-flex justify-content-between align-items-center">
           <div class="btn-group">
             <button type="button" class="btn btn-sm btn-outline-secondary" (click)="viewAirlineDetails(viewAirlineTemplate,airline)">View</button>
-            <button type="button" class="btn btn-sm btn-outline-secondary">Comment</button>
+            <button type="button" class="btn btn-sm btn-outline-secondary" (click)="addReview(addReviewTemplate,airline)">Add Review</button>
           </div>
-          <small class="text-muted">9 mins</small>
+          <span class="badge badge-success">{{getAverageRating(airline.rating)}} star</span>
+          <small class="text-muted">{{airline.comments.length}} Comments</small>
         </div>
       </div>
     </div>
@@ -34,9 +37,49 @@ <h4 class="modal-title">{{airlineSingle.name}}</h4>
       <br/> Hubs : {{airlineSingle.hubs}}
       <br/> Rewards received: {{airlineSingle.best_travel_reward}}
     </p>
+    <h5>Comments:</h5>
+    <ul>
+      <li *ngFor="let comment of airlineSingle.comments">{{comment.comment}}</li>
+    </ul>
+    <span class="alert alert-info" *ngIf="!airlineSingle.comments.length">Be the first reviewer!</span>
   </div>
   <div class="modal-footer">
     <!-- <button type="button" class="btn btn-outline-dark" (click)="c('Close click')">Cancel</button> -->
     <button type="button" class="btn btn-dark" (click)="c('close')">Close</button>
   </div>
+</ng-template>
+
+
+<ng-template #addReviewTemplate let-c="close" let-d="dismiss">
+  <div class="modal-header">
+    <h4 class="modal-title">{{airlineSingle.name}}</h4>
+    <button type="button" class="close" aria-label="Close" (click)="d('Cross click')">
+      <span aria-hidden="true">&times;</span>
+    </button>
+  </div>
+  <div class="modal-body">
+    <form #reviewform>
+      <div id="star_review">
+        <input type="radio" name="rating" value="1" />1,
+        <input type="radio" name="rating" value="2" />2,
+        <input type="radio" name="rating" value="3" />3,
+        <input type="radio" name="rating" value="4" />4,
+        <input type="radio" name="rating" value="5" checked/>5
+        <i class="material-icons" (mouseenter)="mouseStarEnter(1)">star</i>
+        <i class="material-icons" (mouseenter)="mouseStarEnter(2)">star</i>
+        <i class="material-icons" (mouseenter)="mouseStarEnter(3)">star</i>
+        <i class="material-icons" (mouseenter)="mouseStarEnter(4)">star</i>
+        <i class="material-icons" (mouseenter)="mouseStarEnter(5)">star</i>
+      </div>
+      <div class="form-group">
+        <label for="comment">Comment:</label>
+        <textarea class="form-control" id="comment" name="comment" [(ngModel)]="comment"></textarea>
+      </div>
+      <button class="btn btn-primary" type="submit" (click)="c(reviewform)">Submit</button>
+    </form>
+  </div>
+  <div class="modal-footer">
+    <!-- <button type="button" class="btn btn-outline-dark" (click)="c('Close click')">Cancel</button> -->
+    <!-- <button type="button" class="btn btn-dark" (click)="c('close')">Close</button> -->
+  </div>
 </ng-template>

JupiterAirUI/src/app/home/home.component.ts

@@ -2,6 +2,7 @@ import { Component, OnInit } from '@angular/core';
 import { AirlineService } from '../services/airline.service';
 import { Airline } from '../models/Airline';
 import { NgbModal, ModalDismissReasons } from '@ng-bootstrap/ng-bootstrap';
+import { AuthenticationService } from '../services/authentication.service';
 
 @Component({
   selector: 'app-home',
@@ -12,7 +13,10 @@ export class HomeComponent implements OnInit {
 
   airlineList: Airline[];
   airlineSingle: Airline;
-  constructor(private airlineService: AirlineService, private modalService: NgbModal) { }
+  isWarning = false;
+  warningMessage: String;
+
+  constructor(private airlineService: AirlineService, private modalService: NgbModal, private authService: AuthenticationService) { }
 
   ngOnInit() {
     this.loadAirlines();
@@ -37,6 +41,7 @@ export class HomeComponent implements OnInit {
     });
   }
   private getDismissReason(reason: any): string {
+    this.airlineSingle = new Airline();
     if (reason === ModalDismissReasons.ESC) {
       return 'by pressing ESC';
     } else if (reason === ModalDismissReasons.BACKDROP_CLICK) {
@@ -45,4 +50,44 @@ export class HomeComponent implements OnInit {
       return `with: ${reason}`;
     }
   }
+  getAverageRating(rating: any) {
+    if (rating.length === 0) {
+      return 'No';
+    }
+    const avgRate = rating.reduce(function (ele, currentValue) {
+      return ele.rate + currentValue.rate;
+    });
+    return (avgRate.rate || avgRate) / rating.length;
+  }
+  showWarning(message: String) {
+    this.isWarning = true;
+    this.warningMessage = message;
+  }
+  addReview(content, airline: Airline) {
+    if (!this.authService.isLoggedIn()) { this.showWarning('You should login first before review'); return; }
+    this.airlineSingle = airline;
+    this.modalService.open(content).result.then((result) => {
+      const reviewData = {
+        airline_id: this.airlineSingle._id,
+        rating: result.rating.value,
+        comment: result.comment.value
+      };
+      this.airlineService.submitReview(reviewData).subscribe(res => {
+        console.log(res);
+        this.loadAirlines();
+      }, err => {
+        // if(err.statusText===" ")
+        console.error(err);
+      });
+    }, (reason) => {
+      console.log(`Dismissed ${this.getDismissReason(reason)}`);
+    });
+  }
+
+  mouseStarEnter(position: Number) {
+    for (let i = 0; i < position; i++) {
+      console.log(i);
+
+    }
+  }
 }