UBA-GCOEN · UBA-GCOEN · Oct 9, 2023 · Oct 7, 2023 · Oct 7, 2023 · Oct 9, 2023
diff --git a/server/index.js b/server/index.js
@@ -28,7 +28,7 @@ import user from "./src/api/routes/user.js";
 import profile from "./src/api/routes/profile.js";
 import event from "./src/api/routes/events.js";
 import googleAuth from "./src/api/routes/googleAuth.js"
-
+import notification from "./src/api/routes/notify.js"
 
 
 //rate limiter
@@ -49,10 +49,10 @@ app.use("/test", testRoute)
 app.use("/user", user)
 app.use("/profile", profile)
 app.use("/event", event)
-app.use("/auth",googleAuth)
-
+app.use("/auth", googleAuth)
+app.use("/notification", notification)
 
-app.use(csrf)
+// app.use(csrf)
 
 
 mongoose

diff --git a/server/src/api/controllers/changePassword.js b/server/src/api/controllers/changePassword.js
@@ -9,9 +9,8 @@ import userModel from "../models/userModel.js"
  * Desc: change the password
  */
 export const changePassword = async (req, res) => {
-    const role = req.role
 
-    const email = req.session.user.user.email
+    const email = req.email
 
     const oldPassword = req.body.oldPassword
     const newPassword = req.body.newPassword
@@ -30,26 +29,8 @@ export const changePassword = async (req, res) => {
     try {
 
 
-        //geting userschema based on role
-        if(role == 'admin'){
-            oldUser = await userAdminModel.findOne({email})
-        }
-        else if(role == 'student'){
-            oldUser = await userStudentModel.findOne({email})
-        }
-        else if(role == 'faculty'){
-            oldUser = await userFacultyModel.findOne({email})
-        }
-        else if(role == 'staff'){
-            oldUser = await userStaffModel.findOne({email})
-        }
-        else if(role == 'visitor'){
-            oldUser = await userVisitorModel.findOne({email})
-        }
-        else{
-            res.send("invalid role")
-            return
-        }
+        oldUser = await userModel.findOne({email})
+
 
 
         //hashing and updating new password

diff --git a/server/src/api/controllers/deleteUser.js b/server/src/api/controllers/deleteUser.js
@@ -2,6 +2,8 @@ import userModel from "../models/userModel.js"
 import bcrypt from 'bcrypt'
 
 
+
+
 /**
  * Route: /getDeletePage
  * Desc: get the details of 
@@ -10,13 +12,11 @@ import bcrypt from 'bcrypt'
  */
 export const getDeletePage = async (req, res) => {
     var email = req.session.user.user.email
-    var role = req.role
     var name = req.session.user.user.name
 
-    res.json({
+    res.status(200).json({
         name,
         email,
-        role
     })
 }
 
@@ -31,9 +31,9 @@ export const getDeletePage = async (req, res) => {
  */
 export const deleteUser = async (req, res) => {
 
-    var { email, name, password } = req.body
+    var { name, password } = req.body
 
-    var role = req.role
+    var email = req.email
 
     const emailDomains = [
         "@gmail.com",
@@ -61,93 +61,35 @@ export const deleteUser = async (req, res) => {
 
 
 
+
        /**
         * checking field types
         * to avoid sql attacks
         */
-       if (typeof name !== "string") {
-        res.status(400).json({ status: "error"+name+ typeof name });
-        return;
-      }
-
-      if (typeof email !== "string") {
-        res.status(400).json({ status: "error"+email+typeof email });
-        return;
-      }
+        if (typeof name !== "string") {
+            res.status(400).json({ status: "error"+name+ typeof name });
+            return;
+        }
+
+        if (typeof email !== "string") {
+            res.status(400).json({ status: "error"+email+typeof email });
+            return;
+        }
 
 
 
-
-
-
-        // conditions to figure out role
-        if(role === 'admin'){
 
-            var oldUser = await userAdminModel.findOne({email})
-            var isPasswordCorrect = bcrypt.compare(oldUser.password, password)
-
-            if(isPasswordCorrect) {
-                oldUser = await userAdminModel.deleteOne({email})
-                res.send("User deleted successffuly")
-            }
-            else{
-                res.send("Incorrect Password")
-            }
-
-        }
-        else if(role === 'student'){
-
-
-            var oldUser = await userStudentModel.findOne({email})
-            var isPasswordCorrect = bcrypt.compare(oldUser.password, password)
-
-            if(isPasswordCorrect) {
-                oldUser = await userStudentModel.deleteOne({email})
-                res.send("User deleted successffuly")
-            }
-            else{
-                res.send("Incorrect Password")
-            }
+        var oldUser = await userModel.findOne({email})
+        var isPasswordCorrect = bcrypt.compare(password, oldUser.password)
+
+        if(isPasswordCorrect) {
+            oldUser = await userModel.deleteOne({email})
+            res.send("User deleted successffuly")
         }
-        else if(role === 'staff'){
-
-            var oldUser = await userStaffModel.findOne({email})
-            var isPasswordCorrect = bcrypt.compare(oldUser.password, password)
-
-            if(isPasswordCorrect) {
-                oldUser = await userStaffModel.deleteOne({email})
-                res.send("User deleted successffuly")
-            }
-            else{
-                res.send("Incorrect Password")
-            }
-        }
-        else if(role === 'faculty'){
-
-            var oldUser = await userFacultyModel.findOne({email})
-            var isPasswordCorrect = bcrypt.compare(oldUser.password, password)
-
-            if(isPasswordCorrect) {
-                oldUser = await userFacultyModel.deleteOne({email})
-                res.send("User deleted successffuly")
-            }
-            else{
-                res.send("Incorrect Password")
-            }
-        }
-        else if(role == 'visitor'){
-
-            var oldUser = await userVisitorModel.findOne({email})
-            var isPasswordCorrect = bcrypt.compare(oldUser.password, password)
-
-            if(isPasswordCorrect) {
-                oldUser = await userVisitorModel.deleteOne({email})
-                res.send("User deleted successffuly")
-            }
-            else{
-                res.send("Incorrect Password")
-            }
+        else{
+            res.send("Incorrect Password")
         }
 
+
 
 }
diff --git a/server/src/api/controllers/events.js b/server/src/api/controllers/events.js
@@ -6,7 +6,7 @@ import eventModel from '../models/eventModel.js'
  * Desc: create event 
  */
 export const createEvent = async (req, res) => {
-    let role = req.role
+    let email = req.email
 
     const { 
         title,
@@ -52,9 +52,18 @@ export const createEvent = async (req, res) => {
         return
     }
 
+    if(typeof email !== 'string' ){
+        res.send("invalid email")
+        return
+    }
+
 
 
 
+    //detrmine current logged in role 
+    const olduser = await userModel.findOne({email})
+    const role = olduser.role
+
 
     // Event creation in database
 
@@ -111,7 +120,7 @@ export const createEvent = async (req, res) => {
  * Desc: update the event information or status
  */
 export const updateEvent = async (req, res) => {
-    let role = req.role
+    let email = req.email
 
     const { 
         _id,
@@ -165,6 +174,11 @@ export const updateEvent = async (req, res) => {
 
 
 
+    //detrmine current logged in role 
+    const olduser = await userModel.findOne({email})
+    const role = olduser.role
+
+
     // Event updation in database
     if(role == 'admin' || role == 'faculty'){
 
@@ -219,7 +233,7 @@ export const updateEvent = async (req, res) => {
  * Desc: delete the event
  */
 export const deleteEvent = async (req, res) =>{
-    let role = req.role
+    let email = req.email
 
     const { 
         _id 
@@ -233,6 +247,13 @@ export const deleteEvent = async (req, res) =>{
     }
 
 
+
+    //detrmine current logged in role 
+    const olduser = await userModel.findOne({email})
+    const role = olduser.role    
+
+
+
     if(role == 'admin' || role == 'faculty'){
 
         try{