Issues in prepaid.js (dev) - Issues in dev - FalkenDev/SparkRentals-REST-API - Measure and Improve Code Quality continuously with Scrutinizer

Issues (50)

v1/models/prepaid.js (14 issues)

Labels

Severity

const bcrypt = require('bcryptjs');

var hat = require('hat');
const sanitize = require('mongo-sanitize'); // To prevent malicious users overwriting (NoSQL Injection)
const { MongoClient, ObjectId } = require("mongodb");
const mongoURI = process.env.DBURI;

const prepaids = {
    getAllPrepaids: async function(res) {
        let prepaids = null;

        let client = new MongoClient(mongoURI);
        try {
            let db = client.db("spark-rentals");
            let prepaids_collection = db.collection("prepaid");
            prepaids = await prepaids_collection.find().toArray();
        } catch(e) { res.status(500).send(); } finally { await client.close(); }

        // If nothing in db collection
        if (prepaids === null || !prepaids.length) {
            return res.status(401).json({
                errors: {
                    status: 401,
                    source: "GET prepaids" + path,

                    title: "Prepaids collection is empty",
                    detail: "Prepaids collection is empty in database."
                }
            });
        };
        res.status(200).send({ prepaids }); // Sends the whole collection data

    },
    
    getSpeceifcPrepaid: async function(res, prepaid_id) {
        let prepaidId = sanitize(prepaid_id); // Sanitize to prevent SQL Injection Attacks.
        let prepaid = null;

        // Check if the prepaid_id are a valid MongoDB id.
        if (!ObjectId.isValid(prepaidId)) {
            return res.status(400).json({
                errors: {
                    status: 400,
                    detail: "The prepaid_id is not a valid MongoDB id."
                }
            });
        }

        // Get the specific prepaid with the prepaidId
        let client = new MongoClient(mongoURI);
        try {
            let db = client.db("spark-rentals");
            let prepaids_collection = db.collection("prepaid");
            prepaid = await prepaids_collection.findOne({_id: ObjectId(prepaidId)});
        } catch(e) { return res.status(500).send(); } finally { await client.close(); }


        // If nothing in collection with the specific prepaidId
        if (prepaid === null || !Object.keys(prepaid).length) {
            return res.status(401).json({
                errors: {
                    status: 401,
                    source: "GET cities" + path,

                    title: "Prepaid not exists in database",
                    detail: "The prepaid dosen't exists in database with the specified prepaid_id."
                }
            });
        }

        res.status(200).send({ prepaid }); // Sends data from the specific admin

    },

    registerPrepaid: async function(res, body) {
        const totalUses = sanitize(body.total_uses)
        let prepaidCode = sanitize(body.code);
        const prepaidAmount = parseFloat(sanitize(body.amount));

        // Check if something is missing
        if (!prepaidAmount || ! totalUses) {
            return res.status(401).json({
                errors: {
                    status: 401,
                    source: "POST prepaids" + path,

                    title: "Attribute missing",
                    detail: "A attribute is missing in body request"
                }
            });
        }

        if (prepaidCode == undefined) {

            prepaidCode = hat()
        }

        // Create prepaid data field
        let prepaidDataField = {
            code: prepaidCode,
            totalUses: parseInt(totalUses),
            users: [],
            usesLeft: parseInt(totalUses),
            amount: parseFloat(prepaidAmount)
        }

        // Insert the registered data
        let registerClient = new MongoClient(mongoURI);
        try {
            let db = registerClient.db("spark-rentals");
            let prepaids_collection = db.collection("prepaid");
            await prepaids_collection.insertOne(prepaidDataField);

            res.status(204).send(); // Everything went good
        } catch(e) { return res.status(500).send(); } finally { await registerClient.close(); }

    },

    deletePrepaid: async function(res, prepaid_id) {
        let prepaidId = sanitize(prepaid_id)
        let answer = null;

        // Check if the prepaidId are a valid MongoDB id.
        if (!ObjectId.isValid(prepaidId)) {
            return res.status(400).json({
                errors: {
                    status: 400,
                    detail: "The prepaid_id is not a valid MongoDB id."
                }
            });
        }

        // Delete the specific prepaid
        let client = new MongoClient(mongoURI);
        try {
                let db = client.db("spark-rentals");
                let prepaids_collection = db.collection("prepaid");
                answer = await prepaids_collection.deleteOne({_id: ObjectId(prepaidId)});
        } catch(e) { return res.status(500).send(); } finally { await client.close(); }


        // Check if nothing has been deleted in MongoDB = the prepaid_id dosen't exists
        if (answer.deletedCount <= 0) {
            return res.status(401).json({
                errors: {
                    status: 401,
                    source: "DELETE prepaids" + path,

                    title: "Prepaid not exists in database",
                    detail: "The prepaid card dosen't exists in database with the specified prepaid_id."
                }
            });
        } else {

            return res.status(204).send(); // Everything went good
        }
    },

    editPrepaid: async function(res, body) {
        let prepaidId = sanitize(body.prepaid_id);
        let updateFields = {};
        let prepaidDataField = {
            code: "String",
            totalUses: "Int",
            users: "Array",
            usesLeft: "Int",
            amount: "Float"
        };

        // Check if the prepaidId are valid MongoDB id.
        if (!ObjectId.isValid(prepaidId)) {
            return res.status(400).json({
                errors: {
                    status: 400,
                    detail: "The prepaid_id is not a valid id."
                }
            });
        };    

        // Lookup if the prepaid exists in database
        let client = new MongoClient(mongoURI);
        try {
            let db = client.db("spark-rentals");
            let prepaids_collection = db.collection("prepaid");
            let prepaid = await prepaids_collection.findOne({_id: ObjectId(prepaidId)});

            // If the scooter dosen't exists
            if (prepaid === null) {
                return res.status(401).json({
                    errors: {
                        status: 401,
                        source: "PUT prepaids" + path,

                        title: "Prepaid not exists in database",
                        detail: "The prepaid dosen't exists in database with the specified prepaid_id."
                    }
                });
            }

            // Put in the data the client has requested to update
            for (const field in prepaidDataField) {
                if (body[field] !== undefined) {
                    if (field == "usesLeft" || field == "totalUses"){
                        updateFields[field] = parseInt(sanitize(body[field]));
                    } else if (field == "amount") {
                        updateFields[field] = parseFloat(sanitize(body[field]));
                    } else {
                        updateFields[field] = sanitize(body[field]);
                    }
                }
            }

            await prepaids_collection.updateOne({_id: ObjectId(prepaidId)}, {$set: updateFields}); // Update the fields in the specific prepaid

        } catch(e) { return res.status(500).send(); } finally { await client.close(); }


        return res.status(204).send(); // Everything went good
    }

}

module.exports = prepaids;

1			const bcrypt = require('bcryptjs');
			0 ignored issues – show Unused Code introduced 2022-12-23 10:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this The constant `bcrypt` seems to be never used. Consider removing it. Loading history...
2			var hat = require('hat');
3			const sanitize = require('mongo-sanitize'); // To prevent malicious users overwriting (NoSQL Injection)
4			const { MongoClient, ObjectId } = require("mongodb");
5			const mongoURI = process.env.DBURI;
6
7			const prepaids = {
8			getAllPrepaids: async function(res) {
9			let prepaids = null;
10
11			let client = new MongoClient(mongoURI);
12			try {
13			let db = client.db("spark-rentals");
14			let prepaids_collection = db.collection("prepaid");
15			prepaids = await prepaids_collection.find().toArray();
16			} catch(e) { res.status(500).send(); } finally { await client.close(); }
17
18			// If nothing in db collection
19			if (prepaids === null \|\| !prepaids.length) {
20			return res.status(401).json({
21			errors: {
22			status: 401,
23			source: "GET prepaids" + path,
			0 ignored issues – show Bug introduced 2022-12-23 10:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable `path` seems to be never declared. If this is a global, consider adding a `/** global: path */` comment. This checks looks for references to variables that have not been declared. This is most likey a typographical error or a variable has been renamed. To learn more about declaring variables in Javascript, see the MDN. Loading history...
24			title: "Prepaids collection is empty",
25			detail: "Prepaids collection is empty in database."
26			}
27			});
28			};
29			res.status(200).send({ prepaids }); // Sends the whole collection data
			0 ignored issues – show Best Practice introduced 2022-12-23 10:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this There is no `return` statement in this branch, but you do return something in other branches. Did you maybe miss it? If you do not want to return anything, consider adding `return undefined;` explicitly. Loading history...
30			},
31
32			getSpeceifcPrepaid: async function(res, prepaid_id) {
33			let prepaidId = sanitize(prepaid_id); // Sanitize to prevent SQL Injection Attacks.
34			let prepaid = null;
35
36			// Check if the prepaid_id are a valid MongoDB id.
37			if (!ObjectId.isValid(prepaidId)) {
38			return res.status(400).json({
39			errors: {
40			status: 400,
41			detail: "The prepaid_id is not a valid MongoDB id."
42			}
43			});
44			}
45
46			// Get the specific prepaid with the prepaidId
47			let client = new MongoClient(mongoURI);
48			try {
49			let db = client.db("spark-rentals");
50			let prepaids_collection = db.collection("prepaid");
51			prepaid = await prepaids_collection.findOne({_id: ObjectId(prepaidId)});
52			} catch(e) { return res.status(500).send(); } finally { await client.close(); }
			0 ignored issues – show Best Practice introduced 2022-12-23 10:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this There is no `return` statement in this branch, but you do return something in other branches. Did you maybe miss it? If you do not want to return anything, consider adding `return undefined;` explicitly. Loading history...
53
54			// If nothing in collection with the specific prepaidId
55			if (prepaid === null \|\| !Object.keys(prepaid).length) {
56			return res.status(401).json({
57			errors: {
58			status: 401,
59			source: "GET cities" + path,
			0 ignored issues – show Bug introduced 2022-12-23 10:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable `path` seems to be never declared. If this is a global, consider adding a `/** global: path */` comment. This checks looks for references to variables that have not been declared. This is most likey a typographical error or a variable has been renamed. To learn more about declaring variables in Javascript, see the MDN. Loading history...
60			title: "Prepaid not exists in database",
61			detail: "The prepaid dosen't exists in database with the specified prepaid_id."
62			}
63			});
64			}
65
66			res.status(200).send({ prepaid }); // Sends data from the specific admin
			0 ignored issues – show Best Practice introduced 2022-12-23 10:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this There is no `return` statement in this branch, but you do return something in other branches. Did you maybe miss it? If you do not want to return anything, consider adding `return undefined;` explicitly. Loading history...
67			},
68
69			registerPrepaid: async function(res, body) {
70			const totalUses = sanitize(body.total_uses)
71			let prepaidCode = sanitize(body.code);
72			const prepaidAmount = parseFloat(sanitize(body.amount));
73
74			// Check if something is missing
75			if (!prepaidAmount \|\| ! totalUses) {
76			return res.status(401).json({
77			errors: {
78			status: 401,
79			source: "POST prepaids" + path,
			0 ignored issues – show Bug introduced 2022-12-23 10:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable `path` seems to be never declared. If this is a global, consider adding a `/** global: path */` comment. This checks looks for references to variables that have not been declared. This is most likey a typographical error or a variable has been renamed. To learn more about declaring variables in Javascript, see the MDN. Loading history...
80			title: "Attribute missing",
81			detail: "A attribute is missing in body request"
82			}
83			});
84			}
85
86			if (prepaidCode == undefined) {
			0 ignored issues – show Best Practice introduced 2022-12-23 10:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this Comparing `prepaidCode` to `undefined` using the `==` operator is not safe. Consider using `===` instead. Loading history...
87			prepaidCode = hat()
88			}
89
90			// Create prepaid data field
91			let prepaidDataField = {
92			code: prepaidCode,
93			totalUses: parseInt(totalUses),
94			users: [],
95			usesLeft: parseInt(totalUses),
96			amount: parseFloat(prepaidAmount)
97			}
98
99			// Insert the registered data
100			let registerClient = new MongoClient(mongoURI);
101			try {
102			let db = registerClient.db("spark-rentals");
103			let prepaids_collection = db.collection("prepaid");
104			await prepaids_collection.insertOne(prepaidDataField);
105
106			res.status(204).send(); // Everything went good
107			} catch(e) { return res.status(500).send(); } finally { await registerClient.close(); }
			0 ignored issues – show Best Practice introduced 2022-12-23 10:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this There is no `return` statement in this branch, but you do return something in other branches. Did you maybe miss it? If you do not want to return anything, consider adding `return undefined;` explicitly. Loading history...
108			},
109
110			deletePrepaid: async function(res, prepaid_id) {
111			let prepaidId = sanitize(prepaid_id)
112			let answer = null;
113
114			// Check if the prepaidId are a valid MongoDB id.
115			if (!ObjectId.isValid(prepaidId)) {
116			return res.status(400).json({
117			errors: {
118			status: 400,
119			detail: "The prepaid_id is not a valid MongoDB id."
120			}
121			});
122			}
123
124			// Delete the specific prepaid
125			let client = new MongoClient(mongoURI);
126			try {
127			let db = client.db("spark-rentals");
128			let prepaids_collection = db.collection("prepaid");
129			answer = await prepaids_collection.deleteOne({_id: ObjectId(prepaidId)});
130			} catch(e) { return res.status(500).send(); } finally { await client.close(); }
			0 ignored issues – show Best Practice introduced 2022-12-23 10:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this There is no `return` statement in this branch, but you do return something in other branches. Did you maybe miss it? If you do not want to return anything, consider adding `return undefined;` explicitly. Loading history...
131
132			// Check if nothing has been deleted in MongoDB = the prepaid_id dosen't exists
133			if (answer.deletedCount <= 0) {
134			return res.status(401).json({
135			errors: {
136			status: 401,
137			source: "DELETE prepaids" + path,
			0 ignored issues – show Bug introduced 2022-12-23 10:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable `path` seems to be never declared. If this is a global, consider adding a `/** global: path */` comment. This checks looks for references to variables that have not been declared. This is most likey a typographical error or a variable has been renamed. To learn more about declaring variables in Javascript, see the MDN. Loading history...
138			title: "Prepaid not exists in database",
139			detail: "The prepaid card dosen't exists in database with the specified prepaid_id."
140			}
141			});
142			} else {
			0 ignored issues – show Comprehensibility introduced 2022-12-23 10:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this `else` is not necessary here since all `if` branches return, consider removing it to reduce nesting and make code more readable. Loading history...
143			return res.status(204).send(); // Everything went good
144			}
145			},
146
147			editPrepaid: async function(res, body) {
148			let prepaidId = sanitize(body.prepaid_id);
149			let updateFields = {};
150			let prepaidDataField = {
151			code: "String",
152			totalUses: "Int",
153			users: "Array",
154			usesLeft: "Int",
155			amount: "Float"
156			};
157
158			// Check if the prepaidId are valid MongoDB id.
159			if (!ObjectId.isValid(prepaidId)) {
160			return res.status(400).json({
161			errors: {
162			status: 400,
163			detail: "The prepaid_id is not a valid id."
164			}
165			});
166			};
167
168			// Lookup if the prepaid exists in database
169			let client = new MongoClient(mongoURI);
170			try {
171			let db = client.db("spark-rentals");
172			let prepaids_collection = db.collection("prepaid");
173			let prepaid = await prepaids_collection.findOne({_id: ObjectId(prepaidId)});
174
175			// If the scooter dosen't exists
176			if (prepaid === null) {
177			return res.status(401).json({
178			errors: {
179			status: 401,
180			source: "PUT prepaids" + path,
			0 ignored issues – show Bug introduced 2022-12-23 10:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable `path` seems to be never declared. If this is a global, consider adding a `/** global: path */` comment. This checks looks for references to variables that have not been declared. This is most likey a typographical error or a variable has been renamed. To learn more about declaring variables in Javascript, see the MDN. Loading history...
181			title: "Prepaid not exists in database",
182			detail: "The prepaid dosen't exists in database with the specified prepaid_id."
183			}
184			});
185			}
186
187			// Put in the data the client has requested to update
188			for (const field in prepaidDataField) {
189			if (body[field] !== undefined) {
190			if (field == "usesLeft" \|\| field == "totalUses"){
191			updateFields[field] = parseInt(sanitize(body[field]));
192			} else if (field == "amount") {
193			updateFields[field] = parseFloat(sanitize(body[field]));
194			} else {
195			updateFields[field] = sanitize(body[field]);
196			}
197			}
198			}
199
200			await prepaids_collection.updateOne({_id: ObjectId(prepaidId)}, {$set: updateFields}); // Update the fields in the specific prepaid
201
202			} catch(e) { return res.status(500).send(); } finally { await client.close(); }
			0 ignored issues – show Best Practice introduced 2022-12-23 10:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this There is no `return` statement in this branch, but you do return something in other branches. Did you maybe miss it? If you do not want to return anything, consider adding `return undefined;` explicitly. Loading history...
203
204			return res.status(204).send(); // Everything went good
205			}
206
207			}
208
209			module.exports = prepaids;

FalkenDev / SparkRentals-REST-API

Issues (50)

v1/models/prepaid.js (14 issues)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like