From 7e4819e92e4e824025b8ee6a33da3a22e75285fc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jo=C3=A3o=20Victor=20Tozatti=20Risso?= <jvtr12@c3sl.ufpr.br>
Date: Tue, 2 Aug 2016 10:06:54 -0300
Subject: [PATCH] Refactor enrollments route to use function chaining
---
libs/routes/api.js | 117 +++++++++++++++++++++++++++++++++++----------
1 file changed, 92 insertions(+), 25 deletions(-)
diff --git a/libs/routes/api.js b/libs/routes/api.js
index aa13166f..9bea796c 100644
--- a/libs/routes/api.js
+++ b/libs/routes/api.js
@@ -1,3 +1,5 @@
+'use strict';
+
var express = require('express')
var xml = require('js2xmlparser')
var router = express.Router()
@@ -56,39 +58,34 @@ router.get('/data', function(req, res) {
})
})
-router.get('/enrollments', function(req, res) {
- var params = req.query;
- var id = 0;
- var location_id = 0;
- var adm_dependency_id = 0;
- var census_year = 0;
- var enrollmentSql = "";
+router.get('/enrollments', function(req, res, next) {
+ const params = req.query;
- if (params.id)
- {
- id = parseInt(params.id, 10);
+ if (params.id) {
+ req.id = parseInt(params.id, 10);
}
- if (params.location_id)
- {
- location_id = parseInt(params.location_id, 10);
+ if (params.location_id) {
+ req.location_id = parseInt(params.location_id, 10);
}
- if (params.adm_dependency_id)
- {
- adm_dependency_id = parseInt(params.adm_dependency_id, 10);
+ if (params.adm_dependency_id) {
+ req.adm_dependency_id = parseInt(params.adm_dependency_id, 10);
}
- if (params.census_year)
- {
- census_year = parseInt(params.census_year, 10);
+ if (params.census_year) {
+ req.census_year = parseInt(params.census_year, 10);
}
- /**
- * FIXME: parameter substitution in the queries is not safe (vulnerable to
- * SQL injection). Substitution from MonetDB module is not working for some
- * reason.
- */
+ if (params.aggregate) {
+ log.debug('aggregate parameter detected');
+ next('route');
+ } else {
+ log.debug('No aggregate parameter detected');
+ next();
+ }
+
+ /*
switch(params.aggregate)
{
case "city":
@@ -132,7 +129,77 @@ router.get('/enrollments', function(req, res) {
});
}
log.debug("All resources were released");
+ }, function(error) {
+
});
-})
+ */
+}, function(req, res, next) {
+ /** When no +aggregate+ parameter value is specified on the request, then
+ * assign the query to compute the result for the whole country.
+ */
+ log.debug('Using SQL query for the whole country');
+ req.sql_query = 'SELECT * FROM turmas LIMIT 1';
+ next('route');
+});
+
+router.get('/enrollments', function(req, res, next) {
+ const params = req.query;
+ if (!params.aggregate) {
+ next('route');
+ } else if (params.aggregate == 'region') {
+ log.debug('Using enrollments query for regions');
+ req.sql_query = 'SELECT * FROM turmas LIMIT 1';
+ }
+ next('route');
+});
+
+router.get('/enrollments', function(req, res, next) {
+ const params = req.query;
+ if (!params.aggregate) {
+ next('route');
+ } else if (params.aggregate == 'state') {
+ log.debug('Using enrollments query for states');
+ req.sql_query = 'SELECT * FROM turmas LIMIT 1';
+ }
+ next('route');
+});
+
+router.get('/enrollments', function(req, res, next) {
+ const params = req.query;
+ if (!params.aggregate) {
+ next('route');
+ } else if (params.aggregate == 'city') {
+ log.debug('Using enrollments query for cities');
+ req.sql_query = 'SELECT * FROM turmas LIMIT 1';
+ }
+ next('route');
+});
+
+router.get('/enrollments', function(req, res, next) {
+ log.debug('Request parameters: ${req}?');
+ if (!req.sql_query) {
+ /* Should only happen if there is a bug in the chaining of the
+ * '/enrollments' route, since when no +aggregate+ parameter is given,
+ * it defaults to use the query for the whole country.
+ */
+ log.error('BUG -- No SQL query was found to be executed!');
+ res.status(501).end();
+ } else {
+ log.debug('SQL query: ${req.sql_query}?');
+ conn.query(req.sql_query, true).then(function(result) {
+ log.debug(result);
+ if (req.query.format === 'csv') {
+ res.csv(result.data);
+ } else if (req.query.format === 'xml') {
+ res.send(xml('result', JSON.stringify({enrollments: result.data})));
+ } else {
+ res.json({ result: result.data });
+ }
+ }, function(error) {
+ log.error('SQL query error: ${error}?');
+ res.status(501).end();
+ });
+ }
+});
module.exports = router
--
GitLab