diff --git a/libs/routes/api.js b/libs/routes/api.js
index ad2557193deb3e738141359bbabef3e56c6afdfe..aa13166f957aac40cdcbed5e66419e991771b7ce 100644
--- a/libs/routes/api.js
+++ b/libs/routes/api.js
@@ -23,22 +23,36 @@ router.get('/', function (req, res) {
router.get('/year_range', function(req, res) {
var yearSql = "SELECT MIN(t.ano_censo) AS start_year, MAX(t.ano_censo) AS end_year FROM turmas AS t";
conn.query(yearSql, true).then(function(result) {
+ if (req.query.format === 'csv') {
+ res.csv(result.data);
+ } else if (req.query.format === 'xml') {
+ res.send(xml("result", JSON.stringify({year_range: result.data})))
+ }
+ else {
res.json({
result: result.data
- })
+ });
+ }
});
})
router.get('/data', function(req, res) {
- console.log(req.query)
- console.log(req.query.met)
- console.log(req.query.dim)
+ log.debug(req.query)
+ log.debug(req.query.met)
+ log.debug(req.query.dim)
conn.query(
'SELECT * FROM turmas'
).then(function(result) {
+ if (req.query.format === 'csv') {
+ res.csv(result.data);
+ } else if (req.query.format === 'xml') {
+ res.send(xml("result", JSON.stringify({data: result.data})))
+ }
+ else {
res.json({
- result: result
- })
+ result: result.data
+ });
+ }
})
})
@@ -47,8 +61,7 @@ router.get('/enrollments', function(req, res) {
var id = 0;
var location_id = 0;
var adm_dependency_id = 0;
- var start_year = 0;
- var end_year = 0;
+ var census_year = 0;
var enrollmentSql = "";
if (params.id)
@@ -63,77 +76,62 @@ router.get('/enrollments', function(req, res) {
if (params.adm_dependency_id)
{
- adm_dependency_id = parseInt(params.adm_dependency_id)
- }
-
- if (!params.start_year && !params.end_year)
- {
- var yearSql = "SELECT MIN(t.ano_censo) AS start_year, MAX(t.ano_censo) AS end_year FROM turmas AS t";
- conn.query(yearSql, true).then(function(result) {
- start_year = result.data.start_year;
- end_year = result.data.end_year;
- });
- }
-
- if (params.start_year)
- {
- start_year = parseInt(params.start_year, 10);
- } else if (start_year == 0) { // if start_year was not previously set
- var yearSql = "SELECT MIN(t.ano_censo) AS start_year FROM turmas AS t";
- conn.query(yearSql, true).then(function(result) {
- start_year = result.data.start_year;
- });
+ adm_dependency_id = parseInt(params.adm_dependency_id, 10);
}
- if (params.end_year)
+ if (params.census_year)
{
- end_year = parseInt(params.end_year, 10);
- } else if (end_year == 0) { // if end_year was not previously set
- var yearSql = "SELECT MAX(t.ano_censo) AS end_year FROM turmas AS t";
- conn.query(yearSql, true).then(function(result) {
- end_year = result.data.end_year;
- });
+ census_year = parseInt(params.census_year, 10);
}
+ /**
+ * FIXME: parameter substitution in the queries is not safe (vulnerable to
+ * SQL injection). Substitution from MonetDB module is not working for some
+ * reason.
+ */
switch(params.aggregate)
{
- /** TODO: function to compute enrollments by state in the database not yet available
+ case "city":
+ if (id) {
+ enrollmentSql = "SELECT nome AS name, total FROM mat_municipio(" + id + "," + census_year + "," + adm_dependency_id + "," + location_id + ")";
+ } else {
+ enrollmentSql = "SELECT nome AS name, total FROM mat_municipios(" + census_year + "," + adm_dependency_id + "," + location_id + ")";
+ }
+ break;
case "state":
- tbl_name = "matriculas_estado";
+ if (id) {
+ enrollmentSql = "SELECT nome AS name, total FROM mat_estado(" + id + "," + census_year + "," + adm_dependency_id + "," + location_id + ")";
+ } else {
+ enrollmentSql = "SELECT nome AS name, total FROM mat_estados(" + census_year + "," + adm_dependency_id + "," + location_id + ")";
+ }
break;
- */
case "region":
- if (!id) {
- enrollmentSql = "SELECT nome AS name, total, ano_inicio AS start_year, ano_fim AS end_year \
- FROM matRegioes(" + start_year + "," + end_year + "," + adm_dependency_id + "," + location_id + ")";
+ if (id) {
+ enrollmentSql = "SELECT nome AS name, total FROM mat_regiao(" + id + "," + census_year + "," + adm_dependency_id + "," + location_id + ")";
} else {
- enrollmentSql = "SELECT nome AS name, total, ano_inicio AS start_year, ano_fim AS end_year \
- FROM matRegiao(" + id + "," + start_year + "," + end_year + "," + adm_dependency_id + "," + location_id + ")";
+ enrollmentSql = "SELECT nome AS name, total FROM mat_regioes(" + census_year + "," + adm_dependency_id + "," + location_id + ")";
}
break;
default:
- enrollmentSql = "SELECT nome AS name, total, ano_inicio AS start_year, ano_fim AS end_year \
- FROM matBrasil(" + start_year + "," + end_year + "," + adm_dependency_id + "," + location_id + ")";
+ enrollmentSql = "SELECT nome AS name, total FROM mat_brasil(" + census_year + "," + adm_dependency_id + "," + location_id + ")";
}
log.debug(params);
- log.debug("Executing query :\"" + enrollmentSql + "\"");
+ log.debug("Executing query: " + enrollmentSql);
conn.query(enrollmentSql, true).then(function(result) {
log.debug(result);
if (req.query.format === 'csv') {
- res.csv(result.data)
+ res.csv(result.data);
} else if (req.query.format === 'xml') {
- res.set('Content-Type', 'text/xml')
- res.send(xml({
- result: result.data
- }))
+ res.send(xml("result", JSON.stringify({enrollments: result.data})))
}
else {
res.json({
result: result.data
- })
+ });
}
+ log.debug("All resources were released");
});
})