tdpeuter/2025SELab2-project-Dwengo
tdpeuter/2025SELab2-project-Dwengo
Archived
1
Fork 0
Code Issues Releases 4 Packages 2 Wiki Activity

Merge branch 'dev' into feat/caching

Browse source
This commit is contained in:
Tibo De Peuter 2025-05-16 23:28:47 +02:00
commit a72fec0cd5
Signed by: tdpeuter
GPG key ID: 38297DE43F75FFE2
120 changed files with 3385 additions and 612 deletions
Download patch file Download diff file Expand all files Collapse all files

1
backend/.env.test
View file

@ -8,6 +8,7 @@
### Dwengo ###
DWENGO_PORT=3000
DWENGO_RUN_MODE=test
DWENGO_DB_NAME=":memory:"
DWENGO_DB_UPDATE=true

6
backend/package.json
View file

@ -29,6 +29,7 @@
"cross-env": "^7.0.3",
"dotenv": "^16.4.7",
"express": "^5.0.1",
"express-fileupload": "^1.5.1",
"express-jwt": "^8.5.1",
"gift-pegjs": "^1.0.2",
"isomorphic-dompurify": "^2.22.0",
@ -38,9 +39,11 @@
"loki-logger-ts": "^1.0.2",
"marked": "^15.0.7",
"memjs": "^1.3.2",
"mime-types": "^3.0.1",
"nanoid": "^5.1.5",
"response-time": "^2.3.3",
"swagger-ui-express": "^5.0.1",
"unzipper": "^0.12.3",
"uuid": "^11.1.0",
"winston": "^3.17.0",
"winston-loki": "^6.1.3"
@ -49,11 +52,14 @@
"@mikro-orm/cli": "6.4.12",
"@types/cors": "^2.8.17",
"@types/express": "^5.0.0",
"@types/express-fileupload": "^1.5.1",
"@types/js-yaml": "^4.0.9",
"@types/memjs": "^1.3.3",
"@types/mime-types": "^2.1.4",
"@types/node": "^22.13.4",
"@types/response-time": "^2.3.8",
"@types/swagger-ui-express": "^4.1.8",
"@types/unzipper": "^0.10.11",
"globals": "^15.15.0",
"ts-node": "^10.9.2",
"tsx": "^4.19.3",

13
backend/src/controllers/auth.ts
View file

@ -1,10 +1,11 @@
import { UnauthorizedException } from '../exceptions/unauthorized-exception.js';
import { getLogger } from '../logging/initalize.js';
import { AuthenticatedRequest } from '../middleware/auth/authenticated-request.js';
import { createOrUpdateStudent } from '../services/students.js';
import { createOrUpdateTeacher } from '../services/teachers.js';
import { envVars, getEnvVar } from '../util/envVars.js';
import { Response } from 'express';
import { createOrUpdateStudent } from '../services/students.js';
import { Request, Response } from 'express';
import { createOrUpdateTeacher } from '../services/teachers.js';
import { AccountType } from '@dwengo-1/common/util/account-types';
interface FrontendIdpConfig {
authority: string;
@ -40,6 +41,10 @@ export function getFrontendAuthConfig(): FrontendAuthConfig {
};
}
export function handleGetFrontendAuthConfig(_req: Request, res: Response): void {
res.json(getFrontendAuthConfig());
}
export async function postHelloHandler(req: AuthenticatedRequest, res: Response): Promise<void> {
const auth = req.auth;
if (!auth) {
@ -51,7 +56,7 @@ export async function postHelloHandler(req: AuthenticatedRequest, res: Response)
firstName: auth.firstName ?? '',
lastName: auth.lastName ?? '',
};
if (auth.accountType === 'student') {
if (auth.accountType === AccountType.Student) {
await createOrUpdateStudent(userData);
logger.debug(`Synchronized student ${userData.username} with IDP`);
} else {

66
backend/src/controllers/learning-objects.ts
View file

@ -7,6 +7,9 @@ import { BadRequestException } from '../exceptions/bad-request-exception.js';
import { NotFoundException } from '../exceptions/not-found-exception.js';
import { envVars, getEnvVar } from '../util/envVars.js';
import { FilteredLearningObject, LearningObjectIdentifierDTO, LearningPathIdentifier } from '@dwengo-1/common/interfaces/learning-content';
import { UploadedFile } from 'express-fileupload';
import { AuthenticatedRequest } from '../middleware/auth/authenticated-request';
import { requireFields } from './error-helper.js';
function getLearningObjectIdentifierFromRequest(req: Request): LearningObjectIdentifierDTO {
if (!req.params.hruid) {
@ -20,27 +23,35 @@ function getLearningObjectIdentifierFromRequest(req: Request): LearningObjectIde
}
function getLearningPathIdentifierFromRequest(req: Request): LearningPathIdentifier {
if (!req.query.hruid) {
throw new BadRequestException('HRUID is required.');
}
const { hruid, language } = req.params;
requireFields({ hruid });
return {
hruid: req.params.hruid,
language: (req.query.language as Language) || FALLBACK_LANG,
hruid,
language: (language as Language) || FALLBACK_LANG,
};
}
export async function getAllLearningObjects(req: Request, res: Response): Promise<void> {
const learningPathId = getLearningPathIdentifierFromRequest(req);
const full = req.query.full;
if (req.query.admin) {
// If the admin query parameter is present, the user wants to have all learning objects with this admin.
const learningObjects = await learningObjectService.getLearningObjectsAdministratedBy(req.query.admin as string);
let learningObjects: FilteredLearningObject[] | string[];
if (full) {
learningObjects = await learningObjectService.getLearningObjectsFromPath(learningPathId);
res.json(learningObjects);
} else {
learningObjects = await learningObjectService.getLearningObjectIdsFromPath(learningPathId);
}
// Else he/she wants all learning objects on the path specified by the request parameters.
const learningPathId = getLearningPathIdentifierFromRequest(req);
const full = req.query.full;
res.json({ learningObjects: learningObjects });
let learningObjects: FilteredLearningObject[] | string[];
if (full) {
learningObjects = await learningObjectService.getLearningObjectsFromPath(learningPathId);
} else {
learningObjects = await learningObjectService.getLearningObjectIdsFromPath(learningPathId);
}
res.json({ learningObjects: learningObjects });
}
}
export async function getLearningObject(req: Request, res: Response): Promise<void> {
@ -72,3 +83,32 @@ export async function getAttachment(req: Request, res: Response): Promise<void>
}
res.setHeader('Content-Type', attachment.mimeType).send(attachment.content);
}
export async function handlePostLearningObject(req: AuthenticatedRequest, res: Response): Promise<void> {
if (!req.files || !req.files.learningObject) {
throw new BadRequestException('No file uploaded');
}
const learningObject = await learningObjectService.storeLearningObject((req.files.learningObject as UploadedFile).tempFilePath, [
req.auth!.username,
]);
res.json(learningObject);
}
export async function handleDeleteLearningObject(req: AuthenticatedRequest, res: Response): Promise<void> {
const learningObjectId = getLearningObjectIdentifierFromRequest(req);
if (!learningObjectId.version) {
throw new BadRequestException('When deleting a learning object, a version must be specified.');
}
const deletedLearningObject = await learningObjectService.deleteLearningObject({
hruid: learningObjectId.hruid,
version: learningObjectId.version,
language: learningObjectId.language,
});
if (deletedLearningObject) {
res.json(deletedLearningObject);
} else {
throw new NotFoundException('Learning object not found');
}
}

132
backend/src/controllers/learning-paths.ts
View file

@ -7,51 +7,103 @@ import { BadRequestException } from '../exceptions/bad-request-exception.js';
import { NotFoundException } from '../exceptions/not-found-exception.js';
import { Group } from '../entities/assignments/group.entity.js';
import { getAssignmentRepository, getGroupRepository } from '../data/repositories.js';
import { AuthenticatedRequest } from '../middleware/auth/authenticated-request.js';
import { LearningPath, LearningPathIdentifier } from '@dwengo-1/common/interfaces/learning-content';
import { getTeacher } from '../services/teachers.js';
import { requireFields } from './error-helper.js';
/**
* Fetch learning paths based on query parameters.
*/
export async function getLearningPaths(req: Request, res: Response): Promise<void> {
const hruids = req.query.hruid;
const themeKey = req.query.theme as string;
const searchQuery = req.query.search as string;
const language = (req.query.language as string) || FALLBACK_LANG;
const forGroupNo = req.query.forGroup as string;
const assignmentNo = req.query.assignmentNo as string;
const classId = req.query.classId as string;
let forGroup: Group | undefined;
if (forGroupNo) {
if (!assignmentNo || !classId) {
throw new BadRequestException('If forGroupNo is specified, assignmentNo and classId must also be specified.');
}
const assignment = await getAssignmentRepository().findByClassIdAndAssignmentId(classId, parseInt(assignmentNo));
if (assignment) {
forGroup = (await getGroupRepository().findByAssignmentAndGroupNumber(assignment, parseInt(forGroupNo))) ?? undefined;
}
}
let hruidList;
if (hruids) {
hruidList = Array.isArray(hruids) ? hruids.map(String) : [String(hruids)];
} else if (themeKey) {
const theme = themes.find((t) => t.title === themeKey);
if (theme) {
hruidList = theme.hruids;
} else {
throw new NotFoundException(`Theme "${themeKey}" not found.`);
}
} else if (searchQuery) {
const searchResults = await learningPathService.searchLearningPaths(searchQuery, language as Language, forGroup);
res.json(searchResults);
return;
const admin = req.query.admin;
if (admin) {
const paths = await learningPathService.getLearningPathsAdministratedBy(admin as string);
res.json(paths);
} else {
hruidList = themes.flatMap((theme) => theme.hruids);
}
const hruids = req.query.hruid;
const themeKey = req.query.theme as string;
const searchQuery = req.query.search as string;
const language = (req.query.language as string) || FALLBACK_LANG;
const learningPaths = await learningPathService.fetchLearningPaths(hruidList, language as Language, `HRUIDs: ${hruidList.join(', ')}`, forGroup);
res.json(learningPaths.data);
const forGroupNo = req.query.forGroup as string;
const assignmentNo = req.query.assignmentNo as string;
const classId = req.query.classId as string;
let forGroup: Group | undefined;
if (forGroupNo) {
if (!assignmentNo || !classId) {
throw new BadRequestException('If forGroupNo is specified, assignmentNo and classId must also be specified.');
}
const assignment = await getAssignmentRepository().findByClassIdAndAssignmentId(classId, parseInt(assignmentNo));
if (assignment) {
forGroup = (await getGroupRepository().findByAssignmentAndGroupNumber(assignment, parseInt(forGroupNo))) ?? undefined;
}
}
let hruidList;
if (hruids) {
hruidList = Array.isArray(hruids) ? hruids.map(String) : [String(hruids)];
} else if (themeKey) {
const theme = themes.find((t) => t.title === themeKey);
if (theme) {
hruidList = theme.hruids;
} else {
throw new NotFoundException(`Theme "${themeKey}" not found.`);
}
} else if (searchQuery) {
const searchResults = await learningPathService.searchLearningPaths(searchQuery, language as Language, forGroup);
res.json(searchResults);
return;
} else {
hruidList = themes.flatMap((theme) => theme.hruids);
}
const learningPaths = await learningPathService.fetchLearningPaths(
hruidList,
language as Language,
`HRUIDs: ${hruidList.join(', ')}`,
forGroup
);
res.json(learningPaths.data);
}
}
function postOrPutLearningPath(isPut: boolean): (req: AuthenticatedRequest, res: Response) => Promise<void> {
return async (req, res) => {
const path = req.body as LearningPath;
const { hruid: hruidParam, language: languageParam } = req.params;
if (isPut) {
requireFields({ hruidParam, languageParam, path });
}
const teacher = await getTeacher(req.auth!.username);
if (isPut) {
if (req.params.hruid !== path.hruid || req.params.language !== path.language) {
throw new BadRequestException('id_not_matching_query_params');
}
await learningPathService.deleteLearningPath({ hruid: path.hruid, language: path.language as Language });
}
res.json(await learningPathService.createNewLearningPath(path, [teacher]));
};
}
export const postLearningPath = postOrPutLearningPath(false);
export const putLearningPath = postOrPutLearningPath(true);
export async function deleteLearningPath(req: AuthenticatedRequest, res: Response): Promise<void> {
const { hruid, language } = req.params;
requireFields({ hruid, language });
const id: LearningPathIdentifier = { hruid, language: language as Language };
const deletedPath = await learningPathService.deleteLearningPath(id);
if (deletedPath) {
res.json(deletedPath);
} else {
throw new NotFoundException('The learning path could not be found.');
}
}

2
backend/src/controllers/students.ts
View file

@ -113,7 +113,7 @@ export async function createStudentRequestHandler(req: Request, res: Response):
const classId = req.body.classId;
requireFields({ username, classId });
const request = await createClassJoinRequest(username, classId);
const request = await createClassJoinRequest(username, classId.toUpperCase());
res.json({ request });
}

5
backend/src/controllers/teacher-invitations.ts
View file

@ -2,6 +2,7 @@ import { Request, Response } from 'express';
import { requireFields } from './error-helper.js';
import { createInvitation, deleteInvitation, getAllInvitations, getInvitation, updateInvitation } from '../services/teacher-invitations.js';
import { TeacherInvitationData } from '@dwengo-1/common/interfaces/teacher-invitation';
import { ConflictException } from '../exceptions/conflict-exception.js';
export async function getAllInvitationsHandler(req: Request, res: Response): Promise<void> {
const username = req.params.username;
@ -30,6 +31,10 @@ export async function createInvitationHandler(req: Request, res: Response): Prom
const classId = req.body.class;
requireFields({ sender, receiver, classId });
if (sender === receiver) {
throw new ConflictException('Cannot send an invitation to yourself');
}
const data = req.body as TeacherInvitationData;
const invitation = await createInvitation(data);

21
backend/src/data/content/learning-object-repository.ts
View file

@ -12,7 +12,7 @@ export class LearningObjectRepository extends DwengoEntityRepository<LearningObj
version: identifier.version,
},
{
populate: ['keywords'],
populate: ['keywords', 'admins'],
}
);
}
@ -31,4 +31,23 @@ export class LearningObjectRepository extends DwengoEntityRepository<LearningObj
}
);
}
public async findAllByAdmin(adminUsername: string): Promise<LearningObject[]> {
return this.find(
{
admins: {
username: adminUsername,
},
},
{ populate: ['admins'] } // Make sure to load admin relations
);
}
public async removeByIdentifier(identifier: LearningObjectIdentifier): Promise<LearningObject | null> {
const learningObject = await this.findByIdentifier(identifier);
if (learningObject) {
await this.em.removeAndFlush(learningObject);
}
return learningObject;
}
}

40
backend/src/data/content/learning-path-repository.ts
View file

@ -4,11 +4,10 @@ import { Language } from '@dwengo-1/common/util/language';
import { LearningPathNode } from '../../entities/content/learning-path-node.entity.js';
import { RequiredEntityData } from '@mikro-orm/core';
import { LearningPathTransition } from '../../entities/content/learning-path-transition.entity.js';
import { EntityAlreadyExistsException } from '../../exceptions/entity-already-exists-exception.js';
export class LearningPathRepository extends DwengoEntityRepository<LearningPath> {
public async findByHruidAndLanguage(hruid: string, language: Language): Promise<LearningPath | null> {
return this.findOne({ hruid: hruid, language: language }, { populate: ['nodes', 'nodes.transitions'] });
return this.findOne({ hruid: hruid, language: language }, { populate: ['nodes', 'nodes.transitions', 'admins'] });
}
/**
@ -24,7 +23,21 @@ export class LearningPathRepository extends DwengoEntityRepository<LearningPath>
language: language,
$or: [{ title: { $like: `%${query}%` } }, { description: { $like: `%${query}%` } }],
},
populate: ['nodes', 'nodes.transitions'],
populate: ['nodes', 'nodes.transitions', 'admins'],
});
}
/**
* Returns all learning paths which have the user with the given username as an administrator.
*/
public async findAllByAdminUsername(adminUsername: string): Promise<LearningPath[]> {
return this.findAll({
where: {
admins: {
username: adminUsername,
},
},
populate: ['nodes', 'nodes.transitions', 'admins'],
});
}
@ -36,18 +49,15 @@ export class LearningPathRepository extends DwengoEntityRepository<LearningPath>
return this.em.create(LearningPathTransition, transitionData);
}
public async saveLearningPathNodesAndTransitions(
path: LearningPath,
nodes: LearningPathNode[],
transitions: LearningPathTransition[],
options?: { preventOverwrite?: boolean }
): Promise<void> {
if (options?.preventOverwrite && (await this.findOne(path))) {
throw new EntityAlreadyExistsException('A learning path with this hruid/language combination already exists.');
/**
* Deletes the learning path with the given hruid and language.
* @returns the deleted learning path or null if it was not found.
*/
public async deleteByHruidAndLanguage(hruid: string, language: Language): Promise<LearningPath | null> {
const path = await this.findByHruidAndLanguage(hruid, language);
if (path) {
await this.em.removeAndFlush(path);
}
const em = this.getEntityManager();
await em.persistAndFlush(path);
await Promise.all(nodes.map(async (it) => em.persistAndFlush(it)));
await Promise.all(transitions.map(async (it) => em.persistAndFlush(it)));
return path;
}
}

2
backend/src/data/questions/question-repository.ts
View file

@ -3,9 +3,9 @@ import { Question } from '../../entities/questions/question.entity.js';
import { LearningObjectIdentifier } from '../../entities/content/learning-object-identifier.js';
import { Student } from '../../entities/users/student.entity.js';
import { LearningObject } from '../../entities/content/learning-object.entity.js';
import { Group } from '../../entities/assignments/group.entity.js';
import { Assignment } from '../../entities/assignments/assignment.entity.js';
import { Loaded } from '@mikro-orm/core';
import { Group } from '../../entities/assignments/group.entity';
export class QuestionRepository extends DwengoEntityRepository<Question> {
public async createQuestion(question: { loId: LearningObjectIdentifier; author: Student; inGroup: Group; content: string }): Promise<Question> {

1
backend/src/entities/content/attachment.entity.ts
View file

@ -9,6 +9,7 @@ export class Attachment {
@ManyToOne({
entity: () => LearningObject,
primary: true,
deleteRule: 'cascade',
})
learningObject!: LearningObject;

6
backend/src/entities/content/learning-object.entity.ts
View file

@ -1,4 +1,4 @@
import { ArrayType, Embedded, Entity, Enum, ManyToMany, OneToMany, PrimaryKey, Property } from '@mikro-orm/core';
import { ArrayType, Collection, Embedded, Entity, Enum, ManyToMany, OneToMany, PrimaryKey, Property } from '@mikro-orm/core';
import { Attachment } from './attachment.entity.js';
import { Teacher } from '../users/teacher.entity.js';
import { DwengoContentType } from '../../services/learning-objects/processing/content-type.js';
@ -28,7 +28,7 @@ export class LearningObject {
@ManyToMany({
entity: () => Teacher,
})
admins!: Teacher[];
admins: Collection<Teacher> = new Collection<Teacher>(this);
@Property({ type: 'string' })
title!: string;
@ -84,7 +84,7 @@ export class LearningObject {
entity: () => Attachment,
mappedBy: 'learningObject',
})
attachments: Attachment[] = [];
attachments: Collection<Attachment> = new Collection<Attachment>(this);
@Property({ type: 'blob' })
content!: Buffer;

4
backend/src/entities/content/learning-path-node.entity.ts
View file

@ -1,4 +1,4 @@
import { Collection, Entity, Enum, ManyToOne, OneToMany, PrimaryKey, Property, Rel } from '@mikro-orm/core';
import { Cascade, Collection, Entity, Enum, ManyToOne, OneToMany, PrimaryKey, Property, Rel } from '@mikro-orm/core';
import { LearningPath } from './learning-path.entity.js';
import { LearningPathTransition } from './learning-path-transition.entity.js';
import { Language } from '@dwengo-1/common/util/language';
@ -26,7 +26,7 @@ export class LearningPathNode {
@Property({ type: 'bool' })
startNode!: boolean;
@OneToMany({ entity: () => LearningPathTransition, mappedBy: 'node' })
@OneToMany({ entity: () => LearningPathTransition, mappedBy: 'node', cascade: [Cascade.ALL] })
transitions!: Collection<LearningPathTransition>;
@Property({ length: 3 })

4
backend/src/entities/content/learning-path.entity.ts
View file

@ -1,4 +1,4 @@
import { Collection, Entity, Enum, ManyToMany, OneToMany, PrimaryKey, Property } from '@mikro-orm/core';
import { Cascade, Collection, Entity, Enum, ManyToMany, OneToMany, PrimaryKey, Property } from '@mikro-orm/core';
import { Teacher } from '../users/teacher.entity.js';
import { LearningPathRepository } from '../../data/content/learning-path-repository.js';
import { LearningPathNode } from './learning-path-node.entity.js';
@ -24,6 +24,6 @@ export class LearningPath {
@Property({ type: 'blob', nullable: true })
image: Buffer | null = null;
@OneToMany({ entity: () => LearningPathNode, mappedBy: 'learningPath' })
@OneToMany({ entity: () => LearningPathNode, mappedBy: 'learningPath', cascade: [Cascade.ALL] })
nodes: Collection<LearningPathNode> = new Collection<LearningPathNode>(this);
}

4
backend/src/interfaces/user.ts
View file

@ -10,6 +10,10 @@ export function mapToUserDTO(user: User): UserDTO {
};
}
export function mapToUsername(user: { username: string }): string {
return user.username;
}
export function mapToUser<T extends User>(userData: UserDTO, userInstance: T): T {
userInstance.username = userData.username;
userInstance.firstName = userData.firstName;

34
backend/src/middleware/auth/auth.ts
View file

@ -7,7 +7,6 @@ import * as express from 'express';
import { AuthenticatedRequest } from './authenticated-request.js';
import { AuthenticationInfo } from './authentication-info.js';
import { UnauthorizedException } from '../../exceptions/unauthorized-exception.js';
import { ForbiddenException } from '../../exceptions/forbidden-exception.js';
const JWKS_CACHE = true;
const JWKS_RATE_LIMIT = true;
@ -108,36 +107,3 @@ function addAuthenticationInfo(req: AuthenticatedRequest, _res: express.Response
}
export const authenticateUser = [verifyJwtToken, addAuthenticationInfo];
/**
* Middleware which rejects unauthenticated users (with HTTP 401) and authenticated users which do not fulfill
* the given access condition.
* @param accessCondition Predicate over the current AuthenticationInfo. Access is only granted when this evaluates
* to true.
*/
export function authorize(accessCondition: (auth: AuthenticationInfo) => boolean) {
return (req: AuthenticatedRequest, _res: express.Response, next: express.NextFunction): void => {
if (!req.auth) {
throw new UnauthorizedException();
} else if (!accessCondition(req.auth)) {
throw new ForbiddenException();
} else {
next();
}
};
}
/**
* Middleware which rejects all unauthenticated users, but accepts all authenticated users.
*/
export const authenticatedOnly = authorize((_) => true);
/**
* Middleware which rejects requests from unauthenticated users or users that aren't students.
*/
export const studentsOnly = authorize((auth) => auth.accountType === 'student');
/**
* Middleware which rejects requests from unauthenticated users or users that aren't teachers.
*/
export const teachersOnly = authorize((auth) => auth.accountType === 'teacher');

9
backend/src/middleware/auth/authenticated-request.d.ts vendored
View file

@ -1,8 +1,15 @@
import { Request } from 'express';
import { JwtPayload } from 'jsonwebtoken';
import { AuthenticationInfo } from './authentication-info.js';
import * as core from 'express-serve-static-core';
export interface AuthenticatedRequest extends Request {
export interface AuthenticatedRequest<
P = core.ParamsDictionary,
ResBody = unknown,
ReqBody = unknown,
ReqQuery = core.Query,
Locals extends Record<string, unknown> = Record<string, unknown>,
> extends Request<P, ResBody, ReqBody, ReqQuery, Locals> {
// Properties are optional since the user is not necessarily authenticated.
jwtPayload?: JwtPayload;
auth?: AuthenticationInfo;

21
backend/src/middleware/auth/checks/assignment-auth-checks.ts Normal file
View file

@ -0,0 +1,21 @@
import { authorize } from './auth-checks.js';
import { fetchClass } from '../../../services/classes.js';
import { fetchAllGroups } from '../../../services/groups.js';
import { mapToUsername } from '../../../interfaces/user.js';
import { AccountType } from '@dwengo-1/common/util/account-types';
/**
* Expects the path to contain the path parameters 'classId' and 'id' (meaning the ID of the assignment).
* Only allows requests from users who are
* - either teachers of the class the assignment was posted in,
* - or students in a group of the assignment.
*/
export const onlyAllowIfHasAccessToAssignment = authorize(async (auth, req) => {
const { classid: classId, id: assignmentId } = req.params as { classid: string; id: number };
if (auth.accountType === AccountType.Teacher) {
const clazz = await fetchClass(classId);
return clazz.teachers.map(mapToUsername).includes(auth.username);
}
const groups = await fetchAllGroups(classId, assignmentId);
return groups.some((group) => group.members.map((member) => member.username).includes(auth.username));
});

61
backend/src/middleware/auth/checks/auth-checks.ts Normal file
View file

@ -0,0 +1,61 @@
import { AuthenticationInfo } from '../authentication-info.js';
import { AuthenticatedRequest } from '../authenticated-request.js';
import * as express from 'express';
import { RequestHandler } from 'express';
import { UnauthorizedException } from '../../../exceptions/unauthorized-exception.js';
import { ForbiddenException } from '../../../exceptions/forbidden-exception.js';
import { envVars, getEnvVar } from '../../../util/envVars.js';
import { AccountType } from '@dwengo-1/common/util/account-types';
/**
* Middleware which rejects unauthenticated users (with HTTP 401) and authenticated users which do not fulfill
* the given access condition.
* @param accessCondition Predicate over the current AuthenticationInfo. Access is only granted when this evaluates
* to true.
*/
export function authorize<P, ResBody, ReqBody, ReqQuery, Locals extends Record<string, unknown>>(
accessCondition: (auth: AuthenticationInfo, req: AuthenticatedRequest<P, ResBody, ReqBody, ReqQuery, Locals>) => boolean | Promise<boolean>
): RequestHandler<P, ResBody, ReqBody, ReqQuery, Locals> {
// Bypass authentication during testing
if (getEnvVar(envVars.RunMode) === 'test') {
return async (
_req: AuthenticatedRequest<P, ResBody, ReqBody, ReqQuery, Locals>,
_res: express.Response,
next: express.NextFunction
): Promise<void> => {
next();
};
}
return async (
req: AuthenticatedRequest<P, ResBody, ReqBody, ReqQuery, Locals>,
_res: express.Response,
next: express.NextFunction
): Promise<void> => {
if (!req.auth) {
throw new UnauthorizedException();
} else if (!(await accessCondition(req.auth, req))) {
throw new ForbiddenException();
} else {
next();
}
};
}
/**
* Middleware which rejects all unauthenticated users, but accepts all authenticated users.
*/
export const authenticatedOnly = authorize((_) => true);
/**
* Middleware which rejects requests from unauthenticated users or users that aren't students.
*/
export const studentsOnly = authorize((auth) => auth.accountType === AccountType.Student);
/**
* Middleware which rejects requests from unauthenticated users or users that aren't teachers.
*/
export const teachersOnly = authorize((auth) => auth.accountType === AccountType.Teacher);
/**
* Middleware which is to be used on requests no normal user should be able to execute.
* Since there is no concept of administrator accounts yet, currently, those requests will always be blocked.
*/
export const adminOnly = authorize(() => false);

70
backend/src/middleware/auth/checks/class-auth-checks.ts Normal file
View file

@ -0,0 +1,70 @@
import { authorize } from './auth-checks.js';
import { AuthenticationInfo } from '../authentication-info.js';
import { AuthenticatedRequest } from '../authenticated-request.js';
import { fetchClass } from '../../../services/classes.js';
import { mapToUsername } from '../../../interfaces/user.js';
import { getAllInvitations } from '../../../services/teacher-invitations.js';
import { AccountType } from '@dwengo-1/common/util/account-types';
async function teaches(teacherUsername: string, classId: string): Promise<boolean> {
const clazz = await fetchClass(classId);
return clazz.teachers.map(mapToUsername).includes(teacherUsername);
}
/**
* To be used on a request with path parameters username and classId.
* Only allows requests whose username parameter is equal to the username of the user who is logged in and requests
* whose classId parameter references a class the logged-in user is a teacher of.
*/
export const onlyAllowStudentHimselfAndTeachersOfClass = authorize(async (auth: AuthenticationInfo, req: AuthenticatedRequest) => {
if (req.params.username === auth.username) {
return true;
} else if (auth.accountType === AccountType.Teacher) {
return teaches(auth.username, req.params.classId);
}
return false;
});
/**
* Only let the request pass through if its path parameter "username" is the username of the currently logged-in
* teacher and the path parameter "classId" refers to a class the teacher teaches.
*/
export const onlyAllowTeacherOfClass = authorize(
async (auth: AuthenticationInfo, req: AuthenticatedRequest) => req.params.username === auth.username && teaches(auth.username, req.params.classId)
);
/**
* Only let the request pass through if the class id in it refers to a class the current user is in (as a student
* or teacher)
*/
export const onlyAllowIfInClass = authorize(async (auth: AuthenticationInfo, req: AuthenticatedRequest) => {
const classId = req.params.classId ?? req.params.classid ?? req.params.id;
const clazz = await fetchClass(classId);
if (auth.accountType === AccountType.Teacher) {
return clazz.teachers.map(mapToUsername).includes(auth.username);
}
return clazz.students.map(mapToUsername).includes(auth.username);
});
export const onlyAllowIfInClassOrInvited = authorize(async (auth: AuthenticationInfo, req: AuthenticatedRequest) => {
const classId = req.params.classId ?? req.params.classid ?? req.params.id;
const clazz = await fetchClass(classId);
if (auth.accountType === AccountType.Teacher) {
const invitations = await getAllInvitations(auth.username, false);
return clazz.teachers.map(mapToUsername).includes(auth.username) || invitations.some((invitation) => invitation.classId === classId);
}
return clazz.students.map(mapToUsername).includes(auth.username);
});
/**
* Only allows the request to pass if the 'class' property in its body is a class the current user is a member of.
*/
export const onlyAllowOwnClassInBody = authorize(async (auth, req) => {
const classId = (req.body as { class: string })?.class;
const clazz = await fetchClass(classId);
if (auth.accountType === AccountType.Teacher) {
return clazz.teachers.map(mapToUsername).includes(auth.username);
}
return clazz.students.map(mapToUsername).includes(auth.username);
});

26
backend/src/middleware/auth/checks/group-auth-checker.ts Normal file
View file

@ -0,0 +1,26 @@
import { authorize } from './auth-checks.js';
import { fetchClass } from '../../../services/classes.js';
import { fetchGroup } from '../../../services/groups.js';
import { mapToUsername } from '../../../interfaces/user.js';
import { AccountType } from '@dwengo-1/common/util/account-types';
/**
* Expects the path to contain the path parameters 'classid', 'assignmentid' and 'groupid'.
* Only allows requests from users who are
* - either teachers of the class the assignment for the group was posted in,
* - or students in the group
*/
export const onlyAllowIfHasAccessToGroup = authorize(async (auth, req) => {
const {
classid: classId,
assignmentid: assignmentId,
groupid: groupId,
} = req.params as { classid: string; assignmentid: number; groupid: number };
if (auth.accountType === AccountType.Teacher) {
const clazz = await fetchClass(classId);
return clazz.teachers.map(mapToUsername).includes(auth.username);
} // User is student
const group = await fetchGroup(classId, assignmentId, groupId);
return group.members.map(mapToUsername).includes(auth.username);
});

21
backend/src/middleware/auth/checks/learning-content-auth-checks.ts Normal file
View file

@ -0,0 +1,21 @@
import { authorize } from './auth-checks';
import { AuthenticationInfo } from '../authentication-info';
import { AuthenticatedRequest } from '../authenticated-request';
import { AccountType } from '@dwengo-1/common/util/account-types';
/**
* Only allows requests whose learning path personalization query parameters ('forGroup' / 'assignmentNo' / 'classId')
* are
* - either not set
* - or set to a group the user is in,
* - or set to anything if the user is a teacher.
*/
export const onlyAllowPersonalizationForOwnGroup = authorize(async (auth: AuthenticationInfo, req: AuthenticatedRequest) => {
const { forGroup, assignmentNo, classId } = req.params;
if (auth.accountType === AccountType.Student && forGroup && assignmentNo && classId) {
// TODO: groupNumber?
// Const group = await fetchGroup(Number(classId), Number(assignmentNo), )
return false;
}
return true;
});

16
backend/src/middleware/auth/checks/learning-object-auth-checks.ts Normal file
View file

@ -0,0 +1,16 @@
import { Language } from '@dwengo-1/common/util/language';
import learningObjectService from '../../../services/learning-objects/learning-object-service.js';
import { AuthenticatedRequest } from '../authenticated-request.js';
import { AuthenticationInfo } from '../authentication-info.js';
import { authorize } from './auth-checks.js';
export const onlyAdminsForLearningObject = authorize(async (auth: AuthenticationInfo, req: AuthenticatedRequest) => {
const { hruid } = req.params;
const { version, language } = req.query;
const admins = await learningObjectService.getAdmins({
hruid,
language: language as Language,
version: parseInt(version as string),
});
return admins.includes(auth.username);
});

13
backend/src/middleware/auth/checks/learning-path-auth-checks.ts Normal file
View file

@ -0,0 +1,13 @@
import { Language } from '@dwengo-1/common/util/language';
import learningPathService from '../../../services/learning-paths/learning-path-service.js';
import { AuthenticatedRequest } from '../authenticated-request.js';
import { AuthenticationInfo } from '../authentication-info.js';
import { authorize } from './auth-checks.js';
export const onlyAdminsForLearningPath = authorize(async (auth: AuthenticationInfo, req: AuthenticatedRequest) => {
const adminsForLearningPath = await learningPathService.getAdmins({
hruid: req.params.hruid,
language: req.params.language as Language,
});
return adminsForLearningPath && adminsForLearningPath.includes(auth.username);
});

66
backend/src/middleware/auth/checks/question-checks.ts Normal file
View file

@ -0,0 +1,66 @@
import { authorize } from './auth-checks.js';
import { AuthenticationInfo } from '../authentication-info.js';
import { AuthenticatedRequest } from '../authenticated-request.js';
import { requireFields } from '../../../controllers/error-helper.js';
import { getLearningObjectId, getQuestionId } from '../../../controllers/questions.js';
import { fetchQuestion } from '../../../services/questions.js';
import { FALLBACK_SEQ_NUM } from '../../../config.js';
import { fetchAnswer } from '../../../services/answers.js';
import { mapToUsername } from '../../../interfaces/user.js';
import { AccountType } from '@dwengo-1/common/util/account-types';
export const onlyAllowAuthor = authorize(
(auth: AuthenticationInfo, req: AuthenticatedRequest) => (req.body as { author: string }).author === auth.username
);
export const onlyAllowAuthorRequest = authorize(async (auth: AuthenticationInfo, req: AuthenticatedRequest) => {
const hruid = req.params.hruid;
const version = req.params.version;
const language = req.query.lang as string;
const seq = req.params.seq;
requireFields({ hruid });
const learningObjectId = getLearningObjectId(hruid, version, language);
const questionId = getQuestionId(learningObjectId, seq);
const question = await fetchQuestion(questionId);
return question.author.username === auth.username;
});
export const onlyAllowAuthorRequestAnswer = authorize(async (auth: AuthenticationInfo, req: AuthenticatedRequest) => {
const hruid = req.params.hruid;
const version = req.params.version;
const language = req.query.lang as string;
const seq = req.params.seq;
const seqAnswer = req.params.seqAnswer;
requireFields({ hruid });
const learningObjectId = getLearningObjectId(hruid, version, language);
const questionId = getQuestionId(learningObjectId, seq);
const sequenceNumber = Number(seqAnswer) || FALLBACK_SEQ_NUM;
const answer = await fetchAnswer(questionId, sequenceNumber);
return answer.author.username === auth.username;
});
export const onlyAllowIfHasAccessToQuestion = authorize(async (auth: AuthenticationInfo, req: AuthenticatedRequest) => {
const hruid = req.params.hruid;
const version = req.params.version;
const language = req.query.lang as string;
const seq = req.params.seq;
requireFields({ hruid });
const learningObjectId = getLearningObjectId(hruid, version, language);
const questionId = getQuestionId(learningObjectId, seq);
const question = await fetchQuestion(questionId);
const group = question.inGroup;
if (auth.accountType === AccountType.Teacher) {
const cls = group.assignment.within; // TODO check if contains full objects
return cls.teachers.map(mapToUsername).includes(auth.username);
} // User is student
return group.members.map(mapToUsername).includes(auth.username);
});

28
backend/src/middleware/auth/checks/submission-checks.ts Normal file
View file

@ -0,0 +1,28 @@
import { languageMap } from '@dwengo-1/common/util/language';
import { LearningObjectIdentifier } from '../../../entities/content/learning-object-identifier.js';
import { fetchSubmission } from '../../../services/submissions.js';
import { AuthenticatedRequest } from '../authenticated-request.js';
import { AuthenticationInfo } from '../authentication-info.js';
import { authorize } from './auth-checks.js';
import { FALLBACK_LANG } from '../../../config.js';
import { mapToUsername } from '../../../interfaces/user.js';
import { AccountType } from '@dwengo-1/common/util/account-types';
export const onlyAllowSubmitter = authorize(
(auth: AuthenticationInfo, req: AuthenticatedRequest) => (req.body as { submitter: string }).submitter === auth.username
);
export const onlyAllowIfHasAccessToSubmission = authorize(async (auth: AuthenticationInfo, req: AuthenticatedRequest) => {
const { hruid: lohruid, id: submissionNumber } = req.params;
const { language: lang, version: version } = req.query;
const loId = new LearningObjectIdentifier(lohruid, languageMap[lang as string] ?? FALLBACK_LANG, Number(version));
const submission = await fetchSubmission(loId, Number(submissionNumber));
if (auth.accountType === AccountType.Teacher) {
// Dit kan niet werken om dat al deze objecten niet gepopulate zijn.
return submission.onBehalfOf.assignment.within.teachers.map(mapToUsername).includes(auth.username);
}
return submission.onBehalfOf.members.map(mapToUsername).includes(auth.username);
});

17
backend/src/middleware/auth/checks/teacher-invitation-checks.ts Normal file
View file

@ -0,0 +1,17 @@
import { authorize } from './auth-checks.js';
import { AuthenticationInfo } from '../authentication-info.js';
import { AuthenticatedRequest } from '../authenticated-request.js';
export const onlyAllowSenderOrReceiver = authorize(
(auth: AuthenticationInfo, req: AuthenticatedRequest) => req.params.sender === auth.username || req.params.receiver === auth.username
);
export const onlyAllowSender = authorize((auth: AuthenticationInfo, req: AuthenticatedRequest) => req.params.sender === auth.username);
export const onlyAllowSenderBody = authorize(
(auth: AuthenticationInfo, req: AuthenticatedRequest) => (req.body as { sender: string }).sender === auth.username
);
export const onlyAllowReceiverBody = authorize(
(auth: AuthenticationInfo, req: AuthenticatedRequest) => (req.body as { receiver: string }).receiver === auth.username
);

8
backend/src/middleware/auth/checks/user-auth-checks.ts Normal file
View file

@ -0,0 +1,8 @@
import { authorize } from './auth-checks.js';
import { AuthenticationInfo } from '../authentication-info.js';
import { AuthenticatedRequest } from '../authenticated-request.js';
/**
* Only allow the user whose username is in the path parameter "username" to access the endpoint.
*/
export const preventImpersonation = authorize((auth: AuthenticationInfo, req: AuthenticatedRequest) => req.params.username === auth.username);

12
backend/src/routes/answers.ts
View file

@ -1,16 +1,18 @@
import express from 'express';
import { createAnswerHandler, deleteAnswerHandler, getAnswerHandler, getAllAnswersHandler, updateAnswerHandler } from '../controllers/answers.js';
import { authenticatedOnly, teachersOnly } from '../middleware/auth/checks/auth-checks.js';
import { onlyAllowAuthor, onlyAllowAuthorRequestAnswer, onlyAllowIfHasAccessToQuestion } from '../middleware/auth/checks/question-checks.js';
const router = express.Router({ mergeParams: true });
router.get('/', getAllAnswersHandler);
router.get('/', authenticatedOnly, getAllAnswersHandler);
router.post('/', createAnswerHandler);
router.post('/', teachersOnly, onlyAllowAuthor, createAnswerHandler);
router.get('/:seqAnswer', getAnswerHandler);
router.get('/:seqAnswer', onlyAllowIfHasAccessToQuestion, getAnswerHandler);
router.delete('/:seqAnswer', deleteAnswerHandler);
router.delete('/:seqAnswer', teachersOnly, onlyAllowAuthorRequestAnswer, deleteAnswerHandler);
router.put('/:seqAnswer', updateAnswerHandler);
router.put('/:seqAnswer', teachersOnly, onlyAllowAuthorRequestAnswer, updateAnswerHandler);
export default router;

17
backend/src/routes/assignments.ts
View file

@ -9,22 +9,25 @@ import {
putAssignmentHandler,
} from '../controllers/assignments.js';
import groupRouter from './groups.js';
import { teachersOnly } from '../middleware/auth/checks/auth-checks.js';
import { onlyAllowIfInClass } from '../middleware/auth/checks/class-auth-checks.js';
import { onlyAllowIfHasAccessToAssignment } from '../middleware/auth/checks/assignment-auth-checks.js';
const router = express.Router({ mergeParams: true });
router.get('/', getAllAssignmentsHandler);
router.get('/', teachersOnly, onlyAllowIfInClass, getAllAssignmentsHandler);
router.post('/', createAssignmentHandler);
router.post('/', teachersOnly, onlyAllowIfInClass, createAssignmentHandler);
router.get('/:id', getAssignmentHandler);
router.get('/:id', onlyAllowIfHasAccessToAssignment, getAssignmentHandler);
router.put('/:id', putAssignmentHandler);
router.put('/:id', teachersOnly, onlyAllowIfHasAccessToAssignment, putAssignmentHandler);
router.delete('/:id', deleteAssignmentHandler);
router.delete('/:id', teachersOnly, onlyAllowIfHasAccessToAssignment, deleteAssignmentHandler);
router.get('/:id/submissions', getAssignmentsSubmissionsHandler);
router.get('/:id/submissions', teachersOnly, onlyAllowIfHasAccessToAssignment, getAssignmentsSubmissionsHandler);
router.get('/:id/questions', getAssignmentQuestionsHandler);
router.get('/:id/questions', teachersOnly, onlyAllowIfHasAccessToAssignment, getAssignmentQuestionsHandler);
router.use('/:assignmentid/groups', groupRouter);

25
backend/src/routes/auth.ts
View file

@ -1,28 +1,35 @@
import express from 'express';
import { getFrontendAuthConfig, postHelloHandler } from '../controllers/auth.js';
import { authenticatedOnly, studentsOnly, teachersOnly } from '../middleware/auth/auth.js';
import { handleGetFrontendAuthConfig, postHelloHandler } from '../controllers/auth.js';
import { authenticatedOnly, studentsOnly, teachersOnly } from '../middleware/auth/checks/auth-checks.js';
const router = express.Router();
// Returns auth configuration for frontend
router.get('/config', (_req, res) => {
res.json(getFrontendAuthConfig());
});
router.get('/config', handleGetFrontendAuthConfig);
router.get('/testAuthenticatedOnly', authenticatedOnly, (_req, res) => {
/* #swagger.security = [{ "student": [ ] }, { "teacher": [ ] }] */
/* #swagger.security = [{ "studentProduction": [ ] }, { "teacherProduction": [ ] }, { "studentStaging": [ ] }, { "teacherStaging": [ ] }, { "studentDev": [ ] }, { "teacherDev": [ ] }] */
res.json({ message: 'If you see this, you should be authenticated!' });
});
router.get('/testStudentsOnly', studentsOnly, (_req, res) => {
/* #swagger.security = [{ "student": [ ] }] */
/* #swagger.security = [{ "studentProduction": [ ] }, { "studentStaging": [ ] }, { "studentDev": [ ] }] */
res.json({ message: 'If you see this, you should be a student!' });
});
router.get('/testTeachersOnly', teachersOnly, (_req, res) => {
/* #swagger.security = [{ "teacher": [ ] }] */
/* #swagger.security = [{ "teacherProduction": [ ] }, { "teacherStaging": [ ] }, { "teacherDev": [ ] }] */
res.json({ message: 'If you see this, you should be a teacher!' });
});
router.post('/hello', authenticatedOnly, postHelloHandler);
// This endpoint is called by the client when the user has just logged in.
// It creates or updates the user entity based on the authentication data the endpoint was called with.
router.post(
'/hello',
authenticatedOnly,
/*
#swagger.security = [{ "studentProduction": [ ] }, { "teacherProduction": [ ] }, { "studentStaging": [ ] }, { "teacherStaging": [ ] }, { "studentDev": [ ] }, { "teacherDev": [ ] }]
*/ postHelloHandler
);
export default router;

28
backend/src/routes/classes.ts
View file

@ -14,33 +14,35 @@ import {
putClassHandler,
} from '../controllers/classes.js';
import assignmentRouter from './assignments.js';
import { adminOnly, teachersOnly } from '../middleware/auth/checks/auth-checks.js';
import { onlyAllowIfInClass, onlyAllowIfInClassOrInvited } from '../middleware/auth/checks/class-auth-checks.js';
const router = express.Router();
// Root endpoint used to search objects
router.get('/', getAllClassesHandler);
router.get('/', adminOnly, getAllClassesHandler);
router.post('/', createClassHandler);
router.post('/', teachersOnly, createClassHandler);
router.get('/:id', getClassHandler);
router.get('/:id', onlyAllowIfInClassOrInvited, getClassHandler);
router.put('/:id', putClassHandler);
router.put('/:id', teachersOnly, onlyAllowIfInClass, putClassHandler);
router.delete('/:id', deleteClassHandler);
router.delete('/:id', teachersOnly, onlyAllowIfInClass, deleteClassHandler);
router.get('/:id/teacher-invitations', getTeacherInvitationsHandler);
router.get('/:id/teacher-invitations', teachersOnly, onlyAllowIfInClass, getTeacherInvitationsHandler);
router.get('/:id/students', getClassStudentsHandler);
router.get('/:id/students', onlyAllowIfInClass, getClassStudentsHandler);
router.post('/:id/students', addClassStudentHandler);
router.post('/:id/students', teachersOnly, onlyAllowIfInClass, addClassStudentHandler);
router.delete('/:id/students/:username', deleteClassStudentHandler);
router.delete('/:id/students/:username', teachersOnly, onlyAllowIfInClass, deleteClassStudentHandler);
router.get('/:id/teachers', getClassTeachersHandler);
router.get('/:id/teachers', onlyAllowIfInClass, getClassTeachersHandler);
router.post('/:id/teachers', addClassTeacherHandler);
// De combinatie van deze POST en DELETE endpoints kan lethal zijn
router.post('/:id/teachers', teachersOnly, onlyAllowIfInClass, addClassTeacherHandler);
router.delete('/:id/teachers/:username', deleteClassTeacherHandler);
router.delete('/:id/teachers/:username', teachersOnly, onlyAllowIfInClass, deleteClassTeacherHandler);
router.use('/:classid/assignments', assignmentRouter);

18
backend/src/routes/groups.ts
View file

@ -8,22 +8,24 @@ import {
getGroupSubmissionsHandler,
putGroupHandler,
} from '../controllers/groups.js';
import { onlyAllowIfHasAccessToGroup } from '../middleware/auth/checks/group-auth-checker.js';
import { teachersOnly } from '../middleware/auth/checks/auth-checks.js';
import { onlyAllowIfHasAccessToAssignment } from '../middleware/auth/checks/assignment-auth-checks.js';
const router = express.Router({ mergeParams: true });
// Root endpoint used to search objects
router.get('/', getAllGroupsHandler);
router.get('/', onlyAllowIfHasAccessToAssignment, getAllGroupsHandler);
router.post('/', createGroupHandler);
router.post('/', teachersOnly, onlyAllowIfHasAccessToAssignment, createGroupHandler);
router.get('/:groupid', getGroupHandler);
router.get('/:groupid', onlyAllowIfHasAccessToAssignment, getGroupHandler);
router.put('/:groupid', putGroupHandler);
router.put('/:groupid', teachersOnly, onlyAllowIfHasAccessToAssignment, putGroupHandler);
router.delete('/:groupid', deleteGroupHandler);
router.delete('/:groupid', teachersOnly, onlyAllowIfHasAccessToAssignment, deleteGroupHandler);
router.get('/:groupid/submissions', getGroupSubmissionsHandler);
router.get('/:groupid/submissions', onlyAllowIfHasAccessToGroup, getGroupSubmissionsHandler);
router.get('/:groupid/questions', getGroupQuestionsHandler);
router.get('/:groupid/questions', onlyAllowIfHasAccessToGroup, getGroupQuestionsHandler);
export default router;

29
backend/src/routes/learning-objects.ts
View file

@ -1,8 +1,17 @@
import express from 'express';
import { getAllLearningObjects, getAttachment, getLearningObject, getLearningObjectHTML } from '../controllers/learning-objects.js';
import {
getAllLearningObjects,
getAttachment,
getLearningObject,
getLearningObjectHTML,
handleDeleteLearningObject,
handlePostLearningObject,
} from '../controllers/learning-objects.js';
import submissionRoutes from './submissions.js';
import questionRoutes from './questions.js';
import fileUpload from 'express-fileupload';
import { onlyAdminsForLearningObject } from '../middleware/auth/checks/learning-object-auth-checks.js';
import { authenticatedOnly, teachersOnly } from '../middleware/auth/checks/auth-checks.js';
const router = express.Router();
@ -16,13 +25,21 @@ const router = express.Router();
// Route 2: list of object data
// Example 2: http://localhost:3000/learningObject?full=true&hruid=un_artificiele_intelligentie
router.get('/', getAllLearningObjects);
router.get('/', authenticatedOnly, getAllLearningObjects);
router.post('/', teachersOnly, fileUpload({ useTempFiles: true }), handlePostLearningObject);
// Parameter: hruid of learning object
// Query: language
// Route to fetch data of one learning object based on its hruid
// Example: http://localhost:3000/learningObject/un_ai7
router.get('/:hruid', getLearningObject);
router.get('/:hruid', authenticatedOnly, getLearningObject);
// Parameter: hruid of learning object
// Query: language
// Route to delete a learning object based on its hruid.
// Example: http://localhost:3000/learningObject/un_ai7?language=nl&version=1
router.delete('/:hruid', onlyAdminsForLearningObject, handleDeleteLearningObject);
router.use('/:hruid/submissions', submissionRoutes);
@ -32,12 +49,12 @@ router.use('/:hruid/:version/questions', questionRoutes);
// Query: language, version (optional)
// Route to fetch the HTML rendering of one learning object based on its hruid.
// Example: http://localhost:3000/learningObject/un_ai7/html
router.get('/:hruid/html', getLearningObjectHTML);
router.get('/:hruid/html', authenticatedOnly, getLearningObjectHTML);
// Parameter: hruid of learning object, name of attachment.
// Query: language, version (optional).
// Route to get the raw data of the attachment for one learning object based on its hruid.
// Example: http://localhost:3000/learningObject/u_test/attachment/testimage.png
router.get('/:hruid/html/:attachmentName', getAttachment);
router.get('/:hruid/html/:attachmentName', authenticatedOnly, getAttachment);
export default router;

10
backend/src/routes/learning-paths.ts
View file

@ -1,5 +1,7 @@
import express from 'express';
import { getLearningPaths } from '../controllers/learning-paths.js';
import { authenticatedOnly, teachersOnly } from '../middleware/auth/checks/auth-checks.js';
import { deleteLearningPath, getLearningPaths, postLearningPath, putLearningPath } from '../controllers/learning-paths.js';
import { onlyAdminsForLearningPath } from '../middleware/auth/checks/learning-path-auth-checks.js';
const router = express.Router();
@ -22,6 +24,10 @@ const router = express.Router();
// Route to fetch learning paths based on a theme
// Example: http://localhost:3000/learningPath?theme=kiks
router.get('/', getLearningPaths);
router.get('/', authenticatedOnly, getLearningPaths);
router.post('/', teachersOnly, postLearningPath);
router.put('/:hruid/:language', onlyAdminsForLearningPath, putLearningPath);
router.delete('/:hruid/:language', onlyAdminsForLearningPath, deleteLearningPath);
export default router;

15
backend/src/routes/questions.ts
View file

@ -1,20 +1,25 @@
import express from 'express';
import { createQuestionHandler, deleteQuestionHandler, getAllQuestionsHandler, getQuestionHandler } from '../controllers/questions.js';
import answerRoutes from './answers.js';
import { authenticatedOnly, studentsOnly } from '../middleware/auth/checks/auth-checks.js';
import { updateAnswerHandler } from '../controllers/answers.js';
import { onlyAllowAuthor, onlyAllowAuthorRequest, onlyAllowIfHasAccessToQuestion } from '../middleware/auth/checks/question-checks.js';
const router = express.Router({ mergeParams: true });
// Query language
// Root endpoint used to search objects
router.get('/', getAllQuestionsHandler);
router.get('/', authenticatedOnly, getAllQuestionsHandler);
router.post('/', createQuestionHandler);
router.delete('/:seq', deleteQuestionHandler);
router.post('/', studentsOnly, onlyAllowAuthor, createQuestionHandler);
// Information about a question with id
router.get('/:seq', getQuestionHandler);
router.get('/:seq', onlyAllowIfHasAccessToQuestion, getQuestionHandler);
router.delete('/:seq', studentsOnly, onlyAllowAuthorRequest, deleteQuestionHandler);
router.put('/:seq', studentsOnly, onlyAllowAuthorRequest, updateAnswerHandler);
router.use('/:seq/answers', answerRoutes);

30
backend/src/routes/router.ts
View file

@ -18,12 +18,30 @@ router.get('/', (_, res: Response) => {
});
});
router.use('/student', studentRouter /* #swagger.tags = ['Student'] */);
router.use('/teacher', teacherRouter /* #swagger.tags = ['Teacher'] */);
router.use('/class', classRouter /* #swagger.tags = ['Class'] */);
router.use('/auth', authRouter /* #swagger.tags = ['Auth'] */);
router.use('/theme', themeRoutes /* #swagger.tags = ['Theme'] */);
router.use('/learningPath', learningPathRoutes /* #swagger.tags = ['Learning Path'] */);
router.use('/learningObject', learningObjectRoutes /* #swagger.tags = ['Learning Object'] */);
router.use(
'/class',
classRouter /* #swagger.tags = ['Class'], #swagger.security = [{ "studentProduction": [ ] }, { "teacherProduction": [ ] }, { "studentStaging": [ ] }, { "teacherStaging": [ ] }, { "studentDev": [ ] }, { "teacherDev": [ ] }] */
);
router.use(
'/learningObject',
learningObjectRoutes /* #swagger.tags = ['Learning Object'], #swagger.security = [{ "studentProduction": [ ] }, { "teacherProduction": [ ] }, { "studentStaging": [ ] }, { "teacherStaging": [ ] }, { "studentDev": [ ] }, { "teacherDev": [ ] }] */
);
router.use(
'/learningPath',
learningPathRoutes /* #swagger.tags = ['Learning Path'], #swagger.security = [{ "studentProduction": [ ] }, { "teacherProduction": [ ] }, { "studentStaging": [ ] }, { "teacherStaging": [ ] }, { "studentDev": [ ] }, { "teacherDev": [ ] }] */
);
router.use(
'/student',
studentRouter /* #swagger.tags = ['Student'], #swagger.security = [{ "studentProduction": [ ] }, { "teacherProduction": [ ] }, { "studentStaging": [ ] }, { "teacherStaging": [ ] }, { "studentDev": [ ] }, { "teacherDev": [ ] }] */
);
router.use(
'/teacher',
teacherRouter /* #swagger.tags = ['Teacher'], #swagger.security = [{ "studentProduction": [ ] }, { "teacherProduction": [ ] }, { "studentStaging": [ ] }, { "teacherStaging": [ ] }, { "studentDev": [ ] }, { "teacherDev": [ ] }] */
);
router.use(
'/theme',
themeRoutes /* #swagger.tags = ['Theme'], #swagger.security = [{ "studentProduction": [ ] }, { "teacherProduction": [ ] }, { "studentStaging": [ ] }, { "teacherStaging": [ ] }, { "studentDev": [ ] }, { "teacherDev": [ ] }] */
);
export default router;

12
backend/src/routes/student-join-requests.ts
View file

@ -5,15 +5,19 @@ import {
getStudentRequestHandler,
getStudentRequestsHandler,
} from '../controllers/students.js';
import { preventImpersonation } from '../middleware/auth/checks/user-auth-checks.js';
import { onlyAllowStudentHimselfAndTeachersOfClass } from '../middleware/auth/checks/class-auth-checks.js';
// Under /:username/joinRequests/
const router = express.Router({ mergeParams: true });
router.get('/', getStudentRequestsHandler);
router.get('/', preventImpersonation, getStudentRequestsHandler);
router.post('/', createStudentRequestHandler);
router.post('/', preventImpersonation, createStudentRequestHandler);
router.get('/:classId', getStudentRequestHandler);
router.get('/:classId', onlyAllowStudentHimselfAndTeachersOfClass, getStudentRequestHandler);
router.delete('/:classId', deleteClassJoinRequestHandler);
router.delete('/:classId', onlyAllowStudentHimselfAndTeachersOfClass, deleteClassJoinRequestHandler);
export default router;

22
backend/src/routes/students.ts
View file

@ -11,33 +11,37 @@ import {
getStudentSubmissionsHandler,
} from '../controllers/students.js';
import joinRequestRouter from './student-join-requests.js';
import { preventImpersonation } from '../middleware/auth/checks/user-auth-checks.js';
import { adminOnly } from '../middleware/auth/checks/auth-checks.js';
const router = express.Router();
// Root endpoint used to search objects
router.get('/', getAllStudentsHandler);
router.get('/', adminOnly, getAllStudentsHandler);
router.post('/', createStudentHandler);
// Users will be created automatically when some resource is created for them. Therefore, this endpoint
// Can only be used by an administrator.
router.post('/', adminOnly, createStudentHandler);
router.delete('/:username', deleteStudentHandler);
router.delete('/:username', preventImpersonation, deleteStudentHandler);
// Information about a student's profile
router.get('/:username', getStudentHandler);
router.get('/:username', preventImpersonation, getStudentHandler);
// The list of classes a student is in
router.get('/:username/classes', getStudentClassesHandler);
router.get('/:username/classes', preventImpersonation, getStudentClassesHandler);
// The list of submissions a student has made
router.get('/:username/submissions', getStudentSubmissionsHandler);
router.get('/:username/submissions', preventImpersonation, getStudentSubmissionsHandler);
// The list of assignments a student has
router.get('/:username/assignments', getStudentAssignmentsHandler);
router.get('/:username/assignments', preventImpersonation, getStudentAssignmentsHandler);
// The list of groups a student is in
router.get('/:username/groups', getStudentGroupsHandler);
router.get('/:username/groups', preventImpersonation, getStudentGroupsHandler);
// A list of questions a user has created
router.get('/:username/questions', getStudentQuestionsHandler);
router.get('/:username/questions', preventImpersonation, getStudentQuestionsHandler);
router.use('/:username/joinRequests', joinRequestRouter);

12
backend/src/routes/submissions.ts
View file

@ -1,15 +1,15 @@
import express from 'express';
import { createSubmissionHandler, deleteSubmissionHandler, getSubmissionHandler, getSubmissionsHandler } from '../controllers/submissions.js';
import { onlyAllowIfHasAccessToSubmission, onlyAllowSubmitter } from '../middleware/auth/checks/submission-checks.js';
import { adminOnly, studentsOnly } from '../middleware/auth/checks/auth-checks.js';
const router = express.Router({ mergeParams: true });
// Root endpoint used to search objects
router.get('/', getSubmissionsHandler);
router.get('/', adminOnly, getSubmissionsHandler);
router.post('/', createSubmissionHandler);
router.post('/', studentsOnly, onlyAllowSubmitter, createSubmissionHandler);
// Information about an submission with id 'id'
router.get('/:id', getSubmissionHandler);
router.get('/:id', onlyAllowIfHasAccessToSubmission, getSubmissionHandler);
router.delete('/:id', deleteSubmissionHandler);
router.delete('/:id', onlyAllowIfHasAccessToSubmission, deleteSubmissionHandler);
export default router;

17
backend/src/routes/teacher-invitations.ts
View file

@ -6,17 +6,24 @@ import {
getInvitationHandler,
updateInvitationHandler,
} from '../controllers/teacher-invitations.js';
import { preventImpersonation } from '../middleware/auth/checks/user-auth-checks.js';
import {
onlyAllowReceiverBody,
onlyAllowSender,
onlyAllowSenderBody,
onlyAllowSenderOrReceiver,
} from '../middleware/auth/checks/teacher-invitation-checks.js';
const router = express.Router({ mergeParams: true });
router.get('/:username', getAllInvitationsHandler);
router.get('/:username', preventImpersonation, getAllInvitationsHandler);
router.get('/:sender/:receiver/:classId', getInvitationHandler);
router.get('/:sender/:receiver/:classId', onlyAllowSenderOrReceiver, getInvitationHandler);
router.post('/', createInvitationHandler);
router.post('/', onlyAllowSenderBody, createInvitationHandler);
router.put('/', updateInvitationHandler);
router.put('/', onlyAllowReceiverBody, updateInvitationHandler);
router.delete('/:sender/:receiver/:classId', deleteInvitationHandler);
router.delete('/:sender/:receiver/:classId', onlyAllowSender, deleteInvitationHandler);
export default router;

20
backend/src/routes/teachers.ts
View file

@ -10,25 +10,27 @@ import {
updateStudentJoinRequestHandler,
} from '../controllers/teachers.js';
import invitationRouter from './teacher-invitations.js';
import { adminOnly } from '../middleware/auth/checks/auth-checks.js';
import { preventImpersonation } from '../middleware/auth/checks/user-auth-checks.js';
import { onlyAllowTeacherOfClass } from '../middleware/auth/checks/class-auth-checks.js';
const router = express.Router();
// Root endpoint used to search objects
router.get('/', getAllTeachersHandler);
router.get('/', adminOnly, getAllTeachersHandler);
router.post('/', createTeacherHandler);
router.post('/', adminOnly, createTeacherHandler);
router.get('/:username', getTeacherHandler);
router.get('/:username', preventImpersonation, getTeacherHandler);
router.delete('/:username', deleteTeacherHandler);
router.delete('/:username', preventImpersonation, deleteTeacherHandler);
router.get('/:username/classes', getTeacherClassHandler);
router.get('/:username/classes', preventImpersonation, getTeacherClassHandler);
router.get('/:username/students', getTeacherStudentHandler);
router.get('/:username/students', preventImpersonation, getTeacherStudentHandler);
router.get('/:username/joinRequests/:classId', getStudentJoinRequestHandler);
router.get('/:username/joinRequests/:classId', onlyAllowTeacherOfClass, getStudentJoinRequestHandler);
router.put('/:username/joinRequests/:classId/:studentUsername', updateStudentJoinRequestHandler);
router.put('/:username/joinRequests/:classId/:studentUsername', onlyAllowTeacherOfClass, updateStudentJoinRequestHandler);
// Invitations to other classes a teacher received
router.use('/invitations', invitationRouter);

5
backend/src/routes/themes.ts
View file

@ -1,14 +1,15 @@
import express from 'express';
import { getThemesHandler, getHruidsByThemeHandler } from '../controllers/themes.js';
import { authenticatedOnly } from '../middleware/auth/checks/auth-checks.js';
const router = express.Router();
// Query: language
// Route to fetch list of {key, title, description, image} themes in their respective language
router.get('/', getThemesHandler);
router.get('/', authenticatedOnly, getThemesHandler);
// Arg: theme (key)
// Route to fetch list of hruids based on theme
router.get('/:theme', getHruidsByThemeHandler);
router.get('/:theme', authenticatedOnly, getHruidsByThemeHandler);
export default router;

2
backend/src/services/answers.ts
View file

@ -34,7 +34,7 @@ export async function createAnswer(questionId: QuestionId, answerData: AnswerDat
return mapToAnswerDTO(answer);
}
async function fetchAnswer(questionId: QuestionId, sequenceNumber: number): Promise<Answer> {
export async function fetchAnswer(questionId: QuestionId, sequenceNumber: number): Promise<Answer> {
const answerRepository = getAnswerRepository();
const question = await fetchQuestion(questionId);
const answer = await answerRepository.findAnswer(question, sequenceNumber);

9
backend/src/services/groups.ts
View file

@ -34,6 +34,15 @@ export async function fetchGroup(classId: string, assignmentNumber: number, grou
return group;
}
export async function fetchAllGroups(classId: string, assignmentNumber: number): Promise<Group[]> {
const assignment = await fetchAssignment(classId, assignmentNumber);
const groupRepository = getGroupRepository();
const groups = await groupRepository.findAllGroupsForAssignment(assignment);
return groups;
}
export async function getGroup(classId: string, assignmentNumber: number, groupNumber: number): Promise<GroupDTO> {
const group = await fetchGroup(classId, assignmentNumber, groupNumber);
return mapToGroupDTO(group, group.assignment.within);

9
backend/src/services/learning-objects/database-learning-object-provider.ts
View file

@ -109,6 +109,15 @@ const databaseLearningObjectProvider: LearningObjectProvider = {
);
return learningObjects.filter((it) => it !== null);
},
/**
* Returns all learning objects containing the given username as an admin.
*/
async getLearningObjectsAdministratedBy(adminUsername: string): Promise<FilteredLearningObject[]> {
const learningObjectRepo = getLearningObjectRepository();
const learningObjects = await learningObjectRepo.findAllByAdmin(adminUsername);
return learningObjects.map((it) => convertLearningObject(it)).filter((it) => it !== null);
},
};
export default databaseLearningObjectProvider;

7
backend/src/services/learning-objects/dwengo-api-learning-object-provider.ts
View file

@ -135,6 +135,13 @@ const dwengoApiLearningObjectProvider: LearningObjectProvider = {
return html;
},
/**
* Obtain all learning objects who have the user with the given username as an admin.
*/
async getLearningObjectsAdministratedBy(_adminUsername: string): Promise<FilteredLearningObject[]> {
return []; // The dwengo database does not contain any learning objects administrated by users.
},
};
export default dwengoApiLearningObjectProvider;

5
backend/src/services/learning-objects/learning-object-provider.ts
View file

@ -20,4 +20,9 @@ export interface LearningObjectProvider {
* Obtain a HTML-rendering of the learning object with the given identifier (as a string).
*/
getLearningObjectHTML(id: LearningObjectIdentifierDTO): Promise<string | null>;
/**
* Obtain all learning object who have the user with the given username as an admin.
*/
getLearningObjectsAdministratedBy(username: string): Promise<FilteredLearningObject[]>;
}

65
backend/src/services/learning-objects/learning-object-service.ts
View file

@ -3,6 +3,11 @@ import { LearningObjectProvider } from './learning-object-provider.js';
import { envVars, getEnvVar } from '../../util/envVars.js';
import databaseLearningObjectProvider from './database-learning-object-provider.js';
import { FilteredLearningObject, LearningObjectIdentifierDTO, LearningPathIdentifier } from '@dwengo-1/common/interfaces/learning-content';
import { getLearningObjectRepository, getTeacherRepository } from '../../data/repositories.js';
import { processLearningObjectZip } from './learning-object-zip-processing-service.js';
import { LearningObject } from '../../entities/content/learning-object.entity.js';
import { LearningObjectIdentifier } from '../../entities/content/learning-object-identifier.js';
import { NotFoundException } from '../../exceptions/not-found-exception.js';
function getProvider(id: LearningObjectIdentifierDTO): LearningObjectProvider {
if (id.hruid.startsWith(getEnvVar(envVars.UserContentPrefix))) {
@ -42,6 +47,66 @@ const learningObjectService = {
async getLearningObjectHTML(id: LearningObjectIdentifierDTO): Promise<string | null> {
return getProvider(id).getLearningObjectHTML(id);
},
/**
* Obtain all learning objects administrated by the user with the given username.
*/
async getLearningObjectsAdministratedBy(adminUsername: string): Promise<FilteredLearningObject[]> {
return databaseLearningObjectProvider.getLearningObjectsAdministratedBy(adminUsername);
},
/**
* Store the learning object in the given zip file in the database.
* @param learningObjectPath The path where the uploaded learning object resides.
* @param admins The usernames of the users which should be administrators of the learning object.
*/
async storeLearningObject(learningObjectPath: string, admins: string[]): Promise<LearningObject> {
const learningObjectRepository = getLearningObjectRepository();
const learningObject = await processLearningObjectZip(learningObjectPath);
if (!learningObject.hruid.startsWith(getEnvVar(envVars.UserContentPrefix))) {
learningObject.hruid = getEnvVar(envVars.UserContentPrefix) + learningObject.hruid;
}
// Lookup the admin teachers based on their usernames and add them to the admins of the learning object.
const teacherRepo = getTeacherRepository();
const adminTeachers = await Promise.all(admins.map(async (it) => teacherRepo.findByUsername(it)));
adminTeachers.forEach((it) => {
if (it !== null) {
learningObject.admins.add(it);
}
});
try {
await learningObjectRepository.save(learningObject, { preventOverwrite: true });
} catch (e: unknown) {
learningObjectRepository.getEntityManager().clear();
throw e;
}
return learningObject;
},
/**
* Deletes the learning object with the given identifier.
*/
async deleteLearningObject(id: LearningObjectIdentifier): Promise<LearningObject | null> {
const learningObjectRepository = getLearningObjectRepository();
return await learningObjectRepository.removeByIdentifier(id);
},
/**
* Returns a list of the usernames of the administrators of the learning object with the given identifier.
* @throws NotFoundException if the specified learning object was not found in the database.
*/
async getAdmins(id: LearningObjectIdentifier): Promise<string[]> {
const learningObjectRepo = getLearningObjectRepository();
const learningObject = await learningObjectRepo.findByIdentifier(id);
if (!learningObject) {
throw new NotFoundException('learningObjectNotFound');
}
return learningObject.admins.map((admin) => admin.username);
},
};
export default learningObjectService;

119
backend/src/services/learning-objects/learning-object-zip-processing-service.ts Normal file
View file

@ -0,0 +1,119 @@
import unzipper from 'unzipper';
import mime from 'mime-types';
import { LearningObject } from '../../entities/content/learning-object.entity.js';
import { getAttachmentRepository, getLearningObjectRepository } from '../../data/repositories.js';
import { BadRequestException } from '../../exceptions/bad-request-exception.js';
import { LearningObjectMetadata } from '@dwengo-1/common/interfaces/learning-content';
import { DwengoContentType } from './processing/content-type.js';
import { v4 } from 'uuid';
const METADATA_PATH_REGEX = /.*[/^]metadata\.json$/;
const CONTENT_PATH_REGEX = /.*[/^]content\.[a-zA-Z]*$/;
/**
* Process an uploaded zip file and construct a LearningObject from its contents.
* @param filePath Path of the zip file to process.
*/
export async function processLearningObjectZip(filePath: string): Promise<LearningObject> {
let zip: unzipper.CentralDirectory;
try {
zip = await unzipper.Open.file(filePath);
} catch (_: unknown) {
throw new BadRequestException('invalidZip');
}
let metadata: LearningObjectMetadata | undefined = undefined;
const attachments: { name: string; content: Buffer }[] = [];
let content: Buffer | undefined = undefined;
if (zip.files.length === 0) {
throw new BadRequestException('emptyZip');
}
await Promise.all(
zip.files.map(async (file) => {
if (file.type !== 'Directory') {
if (METADATA_PATH_REGEX.test(file.path)) {
metadata = await processMetadataJson(file);
} else if (CONTENT_PATH_REGEX.test(file.path)) {
content = await processFile(file);
} else {
attachments.push({
name: file.path,
content: await processFile(file),
});
}
}
})
);
if (!metadata) {
throw new BadRequestException('missingMetadata');
}
if (!content) {
throw new BadRequestException('missingIndex');
}
const learningObject = createLearningObject(metadata, content, attachments);
return learningObject;
}
function createLearningObject(metadata: LearningObjectMetadata, content: Buffer, attachments: { name: string; content: Buffer }[]): LearningObject {
const learningObjectRepo = getLearningObjectRepository();
const attachmentRepo = getAttachmentRepository();
const returnValue = {
callbackUrl: metadata.return_value?.callback_url ?? '',
callbackSchema: metadata.return_value?.callback_schema ? JSON.stringify(metadata.return_value.callback_schema) : '',
};
if (!metadata.target_ages || metadata.target_ages.length === 0) {
throw new BadRequestException('targetAgesMandatory');
}
const learningObject = learningObjectRepo.create({
admins: [],
available: metadata.available ?? true,
content: content,
contentType: metadata.content_type as DwengoContentType,
copyright: metadata.copyright ?? '',
description: metadata.description ?? '',
educationalGoals: metadata.educational_goals ?? [],
hruid: metadata.hruid,
keywords: metadata.keywords,
language: metadata.language,
license: metadata.license ?? '',
returnValue,
skosConcepts: metadata.skos_concepts ?? [],
teacherExclusive: metadata.teacher_exclusive,
title: metadata.title,
version: metadata.version,
estimatedTime: metadata.estimated_time ?? 1,
targetAges: metadata.target_ages ?? [],
difficulty: metadata.difficulty ?? 1,
uuid: v4(),
});
const attachmentEntities = attachments.map((it) =>
attachmentRepo.create({
name: it.name,
content: it.content,
mimeType: mime.lookup(it.name) || 'text/plain',
learningObject,
})
);
attachmentEntities.forEach((it) => {
learningObject.attachments.add(it);
});
return learningObject;
}
async function processMetadataJson(file: unzipper.File): Promise<LearningObjectMetadata> {
const buf = await file.buffer();
const content = buf.toString();
return JSON.parse(content);
}
async function processFile(file: unzipper.File): Promise<Buffer> {
return await file.buffer();
}

32
backend/src/services/learning-paths/database-learning-path-provider.ts
View file

@ -16,6 +16,9 @@ import { Language } from '@dwengo-1/common/util/language';
import { Group } from '../../entities/assignments/group.entity';
import { Collection } from '@mikro-orm/core';
import { v4 } from 'uuid';
import { getLogger } from '../../logging/initalize.js';
const logger = getLogger();
/**
* Fetches the corresponding learning object for each of the nodes and creates a map that maps each node to its
@ -38,8 +41,13 @@ async function getLearningObjectsForNodes(nodes: Collection<LearningPathNode>):
)
)
);
if (Array.from(nullableNodesToLearningObjects.values()).some((it) => it === null)) {
throw new Error('At least one of the learning objects on this path could not be found.');
// Ignore all learning objects that cannot be found such that the rest of the learning path keeps working.
for (const [key, value] of nullableNodesToLearningObjects) {
if (value === null) {
logger.warn(`Learning object ${key.learningObjectHruid}/${key.language}/${key.version} not found!`);
nullableNodesToLearningObjects.delete(key);
}
}
return nullableNodesToLearningObjects as Map<LearningPathNode, FilteredLearningObject>;
}
@ -102,7 +110,15 @@ async function convertNode(
!personalizedFor || // If we do not want a personalized learning path, keep all transitions
isTransitionPossible(trans, optionalJsonStringToObject(lastSubmission?.content)) // Otherwise remove all transitions that aren't possible.
)
.map((trans, i) => convertTransition(trans, i, nodesToLearningObjects));
.map((trans, i) => {
try {
return convertTransition(trans, i, nodesToLearningObjects);
} catch (_: unknown) {
logger.error(`Transition could not be resolved: ${JSON.stringify(trans)}`);
return undefined; // Do not crash on invalid transitions, just ignore them so the rest of the learning path keeps working.
}
})
.filter((it) => it !== undefined);
return {
_id: learningObject.uuid,
language: learningObject.language,
@ -164,6 +180,7 @@ function convertTransition(
return {
_id: String(index), // Retained for backwards compatibility. The index uniquely identifies the transition within the learning path.
default: false, // We don't work with default transitions but retain this for backwards compatibility.
condition: transition.condition,
next: {
_id: nextNode._id ? nextNode._id + index : v4(), // Construct a unique ID for the transition for backwards compatibility.
hruid: transition.next.learningObjectHruid,
@ -198,6 +215,15 @@ const databaseLearningPathProvider: LearningPathProvider = {
};
},
/**
* Returns all the learning paths which have the user with the given username as an administrator.
*/
async getLearningPathsAdministratedBy(adminUsername: string): Promise<LearningPath[]> {
const repo = getLearningPathRepository();
const paths = await repo.findAllByAdminUsername(adminUsername);
return await Promise.all(paths.map(async (result, index) => convertLearningPath(result, index)));
},
/**
* Search learning paths in the database using the given search string.
*/

4
backend/src/services/learning-paths/dwengo-api-learning-path-provider.ts
View file

@ -73,6 +73,10 @@ const dwengoApiLearningPathProvider: LearningPathProvider = {
}
return searchResults ?? [];
},
async getLearningPathsAdministratedBy(_adminUsername: string) {
return []; // Learning paths fetched from the Dwengo API cannot be administrated by a user.
},
};
export default dwengoApiLearningPathProvider;

5
backend/src/services/learning-paths/learning-path-provider.ts
View file

@ -15,4 +15,9 @@ export interface LearningPathProvider {
* Search learning paths in the data source using the given search string.
*/
searchLearningPaths(query: string, language: Language, personalizedFor?: Group): Promise<LearningPath[]>;
/**
* Get all learning paths which have the teacher with the given user as an administrator.
*/
getLearningPathsAdministratedBy(adminUsername: string): Promise<LearningPath[]>;
}

110
backend/src/services/learning-paths/learning-path-service.ts
View file

@ -1,7 +1,7 @@
import dwengoApiLearningPathProvider from './dwengo-api-learning-path-provider.js';
import databaseLearningPathProvider from './database-learning-path-provider.js';
import { envVars, getEnvVar } from '../../util/envVars.js';
import { LearningObjectNode, LearningPath, LearningPathResponse } from '@dwengo-1/common/interfaces/learning-content';
import { LearningObjectNode, LearningPath, LearningPathIdentifier, LearningPathResponse } from '@dwengo-1/common/interfaces/learning-content';
import { Language } from '@dwengo-1/common/util/language';
import { Group } from '../../entities/assignments/group.entity.js';
import { LearningPath as LearningPathEntity } from '../../entities/content/learning-path.entity.js';
@ -12,6 +12,9 @@ import { base64ToArrayBuffer } from '../../util/base64-buffer-conversion.js';
import { TeacherDTO } from '@dwengo-1/common/interfaces/teacher';
import { mapToTeacher } from '../../interfaces/teacher.js';
import { Collection } from '@mikro-orm/core';
import { NotFoundException } from '../../exceptions/not-found-exception.js';
import { BadRequestException } from '../../exceptions/bad-request-exception.js';
import learningObjectService from '../learning-objects/learning-object-service.js';
const userContentPrefix = getEnvVar(envVars.UserContentPrefix);
const allProviders = [dwengoApiLearningPathProvider, databaseLearningPathProvider];
@ -43,27 +46,24 @@ export function mapToLearningPath(dto: LearningPath, adminsDto: TeacherDTO[]): L
const fromNode = nodes.find(
(it) => it.learningObjectHruid === nodeDto.learningobject_hruid && it.language === nodeDto.language && it.version === nodeDto.version
)!;
const transitions = nodeDto.transitions
.map((transDto, i) => {
const toNode = nodes.find(
(it) =>
it.learningObjectHruid === transDto.next.hruid &&
it.language === transDto.next.language &&
it.version === transDto.next.version
);
const transitions = nodeDto.transitions.map((transDto, i) => {
const toNode = nodes.find(
(it) =>
it.learningObjectHruid === transDto.next.hruid && it.language === transDto.next.language && it.version === transDto.next.version
);
if (toNode) {
return repo.createTransition({
transitionNumber: i,
node: fromNode,
next: toNode,
condition: transDto.condition ?? 'true',
});
}
return undefined;
})
.filter((it) => it)
.map((it) => it!);
if (toNode) {
return repo.createTransition({
transitionNumber: i,
node: fromNode,
next: toNode,
condition: transDto.condition ?? 'true',
});
}
throw new BadRequestException(
`Invalid transition destination: ${JSON.stringify(transDto.next)}: This learning object does not exist in this learning path.`
);
});
fromNode.transitions = new Collection<LearningPathTransition>(fromNode, transitions);
});
@ -105,6 +105,14 @@ const learningPathService = {
};
},
/**
* Fetch the learning paths administrated by the teacher with the given username.
*/
async getLearningPathsAdministratedBy(adminUsername: string): Promise<LearningPath[]> {
const providerResponses = await Promise.all(allProviders.map(async (provider) => provider.getLearningPathsAdministratedBy(adminUsername)));
return providerResponses.flat();
},
/**
* Search learning paths in the data source using the given search string.
*/
@ -119,11 +127,67 @@ const learningPathService = {
* Add a new learning path to the database.
* @param dto Learning path DTO from which the learning path will be created.
* @param admins Teachers who should become an admin of the learning path.
* @returns the created learning path.
*/
async createNewLearningPath(dto: LearningPath, admins: TeacherDTO[]): Promise<void> {
async createNewLearningPath(dto: LearningPath, admins: TeacherDTO[]): Promise<LearningPathEntity> {
const repo = getLearningPathRepository();
const userContentPrefix = getEnvVar(envVars.UserContentPrefix);
if (!dto.hruid.startsWith(userContentPrefix)) {
dto.hruid = userContentPrefix + dto.hruid;
}
const path = mapToLearningPath(dto, admins);
await repo.save(path, { preventOverwrite: true });
// Verify that all specified learning objects actually exist.
const learningObjectsOnPath = await Promise.all(
path.nodes.map(async (node) =>
learningObjectService.getLearningObjectById({
hruid: node.learningObjectHruid,
language: node.language,
version: node.version,
})
)
);
if (learningObjectsOnPath.some((it) => !it)) {
throw new BadRequestException('pathContainsNonExistingLearningObjects');
}
try {
await repo.save(path, { preventOverwrite: true });
} catch (e: unknown) {
repo.getEntityManager().clear();
throw e;
}
return path;
},
/**
* Deletes the learning path with the given identifier from the database.
* @param id Identifier of the learning path to delete.
* @returns the deleted learning path.
*/
async deleteLearningPath(id: LearningPathIdentifier): Promise<LearningPathEntity> {
const repo = getLearningPathRepository();
const deletedPath = await repo.deleteByHruidAndLanguage(id.hruid, id.language);
if (deletedPath) {
return deletedPath;
}
throw new NotFoundException('No learning path with the given identifier found.');
},
/**
* Returns a list of the usernames of the administrators of the learning path with the given identifier.
* @param id The identifier of the learning path whose admins should be fetched.
*/
async getAdmins(id: LearningPathIdentifier): Promise<string[]> {
const repo = getLearningPathRepository();
const path = await repo.findByHruidAndLanguage(id.hruid, id.language);
if (!path) {
throw new NotFoundException('No learning path with the given identifier found.');
}
return path.admins.map((admin) => admin.username);
},
};

11
backend/src/services/questions.ts
View file

@ -13,6 +13,7 @@ import { fetchStudent } from './students.js';
import { NotFoundException } from '../exceptions/not-found-exception.js';
import { FALLBACK_VERSION_NUM } from '../config.js';
import { fetchAssignment } from './assignments.js';
import { ConflictException } from '../exceptions/conflict-exception.js';
export async function getQuestionsAboutLearningObjectInAssignment(
loId: LearningObjectIdentifier,
@ -99,10 +100,18 @@ export async function createQuestion(loId: LearningObjectIdentifier, questionDat
const inGroup = await getGroupRepository().findByAssignmentAndGroupNumber(assignment, questionData.inGroup.groupNumber);
if (!inGroup) {
throw new NotFoundException('Group with id and assignment not found');
}
if (!inGroup.members.contains(author)) {
throw new ConflictException('Author is not part of this group');
}
const question = await questionRepository.createQuestion({
loId,
author,
inGroup: inGroup!,
inGroup: inGroup,
content,
});

7
backend/src/services/students.ts
View file

@ -24,7 +24,8 @@ import { SubmissionDTO, SubmissionDTOId } from '@dwengo-1/common/interfaces/subm
import { QuestionDTO, QuestionId } from '@dwengo-1/common/interfaces/question';
import { ClassJoinRequestDTO } from '@dwengo-1/common/interfaces/class-join-request';
import { ConflictException } from '../exceptions/conflict-exception.js';
import { Submission } from '../entities/assignments/submission.entity';
import { Submission } from '../entities/assignments/submission.entity.js';
import { mapToUsername } from '../interfaces/user.js';
export async function getAllStudents(full: boolean): Promise<StudentDTO[] | string[]> {
const studentRepository = getStudentRepository();
@ -34,7 +35,7 @@ export async function getAllStudents(full: boolean): Promise<StudentDTO[] | stri
return users.map(mapToStudentDTO);
}
return users.map((user) => user.username);
return users.map(mapToUsername);
}
export async function fetchStudent(username: string): Promise<Student> {
@ -64,7 +65,7 @@ export async function createStudent(userData: StudentDTO): Promise<StudentDTO> {
const newStudent = mapToStudent(userData);
await studentRepository.save(newStudent, { preventOverwrite: true });
return userData;
return mapToStudentDTO(newStudent);
}
export async function createOrUpdateStudent(userData: StudentDTO): Promise<StudentDTO> {

4
backend/src/services/teacher-invitations.ts
View file

@ -32,6 +32,10 @@ export async function createInvitation(data: TeacherInvitationData): Promise<Tea
throw new ConflictException('The teacher sending the invite is not part of the class');
}
if (cls.teachers.contains(receiver)) {
throw new ConflictException('The teacher receiving the invite is already part of the class');
}
const newInvitation = mapToInvitation(sender, receiver, cls);
await teacherInvitationRepository.save(newInvitation, { preventOverwrite: true });

10
backend/src/services/teachers.ts
View file

@ -18,6 +18,7 @@ import { StudentDTO } from '@dwengo-1/common/interfaces/student';
import { ClassJoinRequestDTO } from '@dwengo-1/common/interfaces/class-join-request';
import { ClassStatus } from '@dwengo-1/common/util/class-join-request';
import { ConflictException } from '../exceptions/conflict-exception.js';
import { mapToUsername } from '../interfaces/user.js';
export async function getAllTeachers(full: boolean): Promise<TeacherDTO[] | string[]> {
const teacherRepository: TeacherRepository = getTeacherRepository();
@ -26,7 +27,7 @@ export async function getAllTeachers(full: boolean): Promise<TeacherDTO[] | stri
if (full) {
return users.map(mapToTeacherDTO);
}
return users.map((user) => user.username);
return users.map(mapToUsername);
}
export async function fetchTeacher(username: string): Promise<Teacher> {
@ -45,7 +46,8 @@ export async function getTeacher(username: string): Promise<TeacherDTO> {
return mapToTeacherDTO(user);
}
export async function createTeacher(userData: TeacherDTO): Promise<TeacherDTO> {
// TODO update parameter
export async function createTeacher(userData: TeacherDTO, _update?: boolean): Promise<TeacherDTO> {
const teacherRepository: TeacherRepository = getTeacherRepository();
const newTeacher = mapToTeacher(userData);
@ -98,7 +100,9 @@ export async function getStudentsByTeacher(username: string, full: boolean): Pro
const classIds: string[] = classes.map((cls) => cls.id);
const students: StudentDTO[] = (await Promise.all(classIds.map(async (username) => await getClassStudentsDTO(username)))).flat();
const students: StudentDTO[] = (await Promise.all(classIds.map(async (classId) => await getClassStudentsDTO(classId))))
.flat()
.filter((student, index, self) => self.findIndex((s) => s.username === student.username) === index);
if (full) {
return students;

6
backend/tests/controllers/teachers.test.ts
View file

@ -15,7 +15,6 @@ import {
import { BadRequestException } from '../../src/exceptions/bad-request-exception.js';
import { EntityAlreadyExistsException } from '../../src/exceptions/entity-already-exists-exception.js';
import { getStudentRequestsHandler } from '../../src/controllers/students.js';
import { TeacherDTO } from '@dwengo-1/common/interfaces/teacher';
import { getClassHandler } from '../../src/controllers/classes';
import { getClass02 } from '../test_assets/classes/classes.testdata';
@ -97,7 +96,7 @@ describe('Teacher controllers', () => {
});
it('Teacher list', async () => {
req = { query: { full: 'true' } };
req = { query: { full: 'false' } };
await getAllTeachersHandler(req as Request, res as Response);
@ -105,8 +104,7 @@ describe('Teacher controllers', () => {
const result = jsonMock.mock.lastCall?.[0];
const teacherUsernames = result.teachers.map((s: TeacherDTO) => s.username);
expect(teacherUsernames).toContain('testleerkracht1');
expect(result.teachers).toContain('testleerkracht1');
expect(result.teachers).toHaveLength(5);
});

6
common/src/interfaces/learning-content.ts
View file

@ -25,8 +25,8 @@ export interface LearningObjectNode {
language: Language;
start_node?: boolean;
transitions: Transition[];
created_at: string;
updatedAt: string;
created_at?: string;
updatedAt?: string;
done?: boolean; // True if a submission exists for this node by the user for whom the learning path is customized.
}
@ -79,6 +79,8 @@ export interface LearningObjectMetadata {
target_ages: number[];
content_type: string; // Markdown, image, etc.
content_location?: string;
copyright?: string;
license?: string;
skos_concepts?: string[];
return_value?: ReturnValue;
}

2
common/src/interfaces/question.ts
View file

@ -13,8 +13,8 @@ export interface QuestionDTO {
export interface QuestionData {
author?: string;
content: string;
inGroup: GroupDTO;
content: string;
}
export interface QuestionId {

4
common/src/util/account-types.ts Normal file
View file

@ -0,0 +1,4 @@
export enum AccountType {
Student = 'student',
Teacher = 'teacher',
}

22
compose.production.yml
View file

@ -67,8 +67,6 @@ services:
- 'traefik.enable=true'
- 'traefik.http.routers.idp.rule=PathPrefix(`/idp`)'
- 'traefik.http.services.idp.loadbalancer.server.port=7080'
- 'traefik.http.routers.block-admin.rule=PathPrefix(`/idp/admin`)'
- 'traefik.http.routers.block-admin.service=web'
depends_on:
- keycloak-db
volumes:
@ -95,6 +93,9 @@ services:
- '80:80/tcp'
- '443:443/tcp'
command:
# Enable web UI
- '--api=true'
# Add Docker provider
- '--providers.docker=true'
- '--providers.docker.exposedbydefault=false'
@ -115,6 +116,17 @@ services:
- '--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web'
- '--certificatesresolvers.letsencrypt.acme.email=timo.demeyst@ugent.be'
- '--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json'
labels:
# BasicAuth middleware
# To create a user:password pair, the following command can be used:
# echo $(htpasswd -nb user password) | sed -e s/\\$/\\$\\$/g
- 'traefik.http.middlewares.protected-sub-path.basicauth.users=dwengo.org:$$apr1$$FdALqAjI$$7ZhPq0I/qEQ6k3OYqxJKZ1'
# Proxying
- 'traefik.enable=true'
- 'traefik.http.routers.proxy.middlewares=protected-sub-path'
- 'traefik.http.routers.proxy.service=api@internal'
- 'traefik.http.routers.proxy.rule=PathPrefix(`/proxy`)'
- 'traefik.http.services.proxy.loadbalancer.server.port=8080'
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
@ -137,8 +149,10 @@ services:
dashboards:
image: grafana/grafana:latest
ports:
- '9002:3000'
labels:
- 'traefik.enable=true'
- 'traefik.http.routers.graphs.rule=PathPrefix(`/graphs`)'
- 'traefik.http.services.graphs.loadbalancer.server.port=3000'
restart: unless-stopped
volumes:
- dwengo_grafana_data:/var/lib/grafana

11
compose.staging.yml
View file

@ -60,6 +60,13 @@ services:
# Add web entrypoint
- '--entrypoints.web.address=:80/tcp'
# Proxying the web UI on a sub-path
- '--api.basePath=/proxy'
labels:
- 'traefik.http.routers.proxy.service=api@internal'
- 'traefik.http.routers.proxy.rule=PathPrefix(`/proxy`)'
- 'traefik.http.services.proxy.loadbalancer.server.port=8080'
ports:
- '9000:8080'
- '80:80/tcp'
@ -82,8 +89,12 @@ services:
image: grafana/grafana:latest
ports:
- '9002:3000'
labels:
- 'traefik.http.routers.graphs.rule=PathPrefix(`/graphs`)'
- 'traefik.http.services.graphs.loadbalancer.server.port=3000'
volumes:
- dwengo_grafana_data:/var/lib/grafana
- ./config/grafana/grafana.ini:/etc/grafana/grafana.ini
restart: unless-stopped
caching:

8
config/grafana/grafana.ini Normal file
View file

@ -0,0 +1,8 @@
[server]
root_url = http://localhost:3000/graphs
serve_from_sub_path = true
[security]
admin_user = dwengo.org

56
docs/api/generate.ts
View file

@ -26,7 +26,59 @@ const doc = {
],
components: {
securitySchemes: {
student: {
studentDev: {
type: 'oauth2',
flows: {
implicit: {
authorizationUrl: 'http://localhost:7080/realms/student/protocol/openid-connect/auth',
scopes: {
openid: 'openid',
profile: 'profile',
email: 'email',
},
},
},
},
teacherDev: {
type: 'oauth2',
flows: {
implicit: {
authorizationUrl: 'http://localhost:7080/realms/teacher/protocol/openid-connect/auth',
scopes: {
openid: 'openid',
profile: 'profile',
email: 'email',
},
},
},
},
studentStaging: {
type: 'oauth2',
flows: {
implicit: {
authorizationUrl: 'http://localhost/idp/realms/student/protocol/openid-connect/auth',
scopes: {
openid: 'openid',
profile: 'profile',
email: 'email',
},
},
},
},
teacherStaging: {
type: 'oauth2',
flows: {
implicit: {
authorizationUrl: 'http://localhost/idp/realms/teacher/protocol/openid-connect/auth',
scopes: {
openid: 'openid',
profile: 'profile',
email: 'email',
},
},
},
},
studentProduction: {
type: 'oauth2',
flows: {
implicit: {
@ -39,7 +91,7 @@ const doc = {
},
},
},
teacher: {
teacherProduction: {
type: 'oauth2',
flows: {
implicit: {

18
frontend/Dockerfile
View file

@ -3,22 +3,28 @@ FROM node:22 AS build-stage
# install simple http server for serving static content
RUN npm install -g http-server
WORKDIR /app
WORKDIR /app/dwengo
# Install dependencies
COPY package*.json ./
COPY ./frontend/package.json ./frontend/
# Frontend depends on common
COPY common/package.json ./common/
RUN npm install --silent
# Build the frontend
# Root tsconfig.json
COPY tsconfig.json ./
COPY assets ./assets/
COPY tsconfig.json tsconfig.build.json ./
WORKDIR /app/frontend
COPY assets ./assets
COPY common ./common
RUN npm run build --workspace=common
WORKDIR /app/dwengo/frontend
COPY frontend ./
@ -28,8 +34,8 @@ FROM nginx:stable AS production-stage
COPY config/nginx/nginx.conf /etc/nginx/nginx.conf
COPY --from=build-stage /app/assets /usr/share/nginx/html/assets
COPY --from=build-stage /app/frontend/dist /usr/share/nginx/html
COPY --from=build-stage /app/dwengo/assets /usr/share/nginx/html/assets
COPY --from=build-stage /app/dwengo/frontend/dist /usr/share/nginx/html
EXPOSE 8080

81
frontend/e2e/assignments.spec.ts Normal file
View file

@ -0,0 +1,81 @@
import { test, expect } from "@playwright/test";
test("Teacher can create new assignment", async ({ page }) => {
await page.goto("/");
// Login
await page.getByRole("link", { name: "log in" }).click();
await page.getByRole("button", { name: "teacher" }).click();
await page.getByRole("textbox", { name: "Username or email" }).fill("testleerkracht1");
await page.getByRole("textbox", { name: "Password" }).fill("password");
await page.getByRole("button", { name: "Sign In" }).click();
// Go to assignments
await expect(page.getByRole("banner").getByRole("link", { name: "Assignments" })).toBeVisible();
await page.getByRole("banner").getByRole("link", { name: "Assignments" }).click();
await expect(page.getByRole("heading", { name: "Assignments" })).toBeVisible();
await expect(page.getByRole("button", { name: "New Assignment" })).toBeVisible();
// Create new assignment
await page.getByRole("button", { name: "New Assignment" }).click();
await expect(page.getByRole("button", { name: "submit" })).toBeVisible();
await expect(page.getByRole("link", { name: "cancel" })).toBeVisible();
await page.getByRole("textbox", { name: "Title Title" }).fill("Assignment test 1");
await page.getByRole("textbox", { name: "Select a learning path Select" }).click();
await page.getByText("Using notebooks").click();
await page.getByRole("textbox", { name: "Pick a class Pick a class" }).click();
await page.getByText("class01").click();
await page.getByRole("textbox", { name: "Select Deadline Select" }).fill("2099-01-01T12:34");
await page.getByRole("textbox", { name: "Description Description" }).fill("Assignment description");
await page.getByRole("button", { name: "submit" }).click();
await expect(page.getByText("Assignment test")).toBeVisible();
await expect(page.getByRole("main").getByRole("button").first()).toBeVisible();
await expect(page.getByRole("main")).toContainText("Assignment test 1");
await expect(page.getByRole("link", { name: "Learning path" })).toBeVisible();
await expect(page.getByRole("main")).toContainText("Assignment description");
});
test("Student can see list of assignments", async ({ page }) => {
await page.goto("/");
// Login
await page.getByRole("link", { name: "log in" }).click();
await page.getByRole("button", { name: "student" }).click();
await page.getByRole("textbox", { name: "Username or email" }).fill("testleerling1");
await page.getByRole("textbox", { name: "Password" }).fill("password");
await page.getByRole("button", { name: "Sign In" }).click();
// Go to assignments
await expect(page.getByRole("banner").getByRole("link", { name: "Assignments" })).toBeVisible();
await page.getByRole("banner").getByRole("link", { name: "Assignments" }).click();
await expect(page.getByRole("heading", { name: "Assignments" })).toBeVisible();
await expect(page.getByText("dire straits")).toBeVisible();
await expect(page.locator(".button-row > .v-btn").first()).toBeVisible();
await expect(page.getByText("Class: class01").first()).toBeVisible();
});
test("Student can see assignment details", async ({ page }) => {
await page.goto("/");
// Login
await page.getByRole("link", { name: "log in" }).click();
await page.getByRole("button", { name: "student" }).click();
await page.getByRole("textbox", { name: "Username or email" }).fill("testleerling1");
await page.getByRole("textbox", { name: "Password" }).fill("password");
await page.getByRole("button", { name: "Sign In" }).click();
// Go to assignments
await expect(page.getByRole("banner").getByRole("link", { name: "Assignments" })).toBeVisible();
await page.getByRole("banner").getByRole("link", { name: "Assignments" }).click();
await expect(page.getByText("Assignment: Conditional")).toBeVisible();
await expect(page.locator("div:nth-child(2) > .v-card > .button-row > .v-btn")).toBeVisible();
// View assignment details
await page.locator("div:nth-child(2) > .v-card > .button-row > .v-btn").click();
await expect(page.getByText("Assignment: Conditional")).toBeVisible();
await expect(page.getByRole("link", { name: "Learning path" })).toBeVisible();
await expect(page.getByRole("progressbar").locator("div").first()).toBeVisible();
});

12
frontend/e2e/basic-learning.spec.ts
View file

@ -1,8 +1,16 @@
import { test, expect } from "./fixtures.js";
import { test, expect } from "@playwright/test";
test("Users can filter", async ({ page }) => {
await page.goto("/user");
await page.goto("/");
// Login
await page.getByRole("link", { name: "log in" }).click();
await page.getByRole("button", { name: "teacher" }).click();
await page.getByRole("textbox", { name: "Username or email" }).fill("testleerkracht1");
await page.getByRole("textbox", { name: "Password" }).fill("password");
await page.getByRole("button", { name: "Sign In" }).click();
// Filter
await page.getByRole("combobox").filter({ hasText: "Select a themeAll" }).locator("i").click();
await page.getByText("Nature and climate").click();
await page.getByRole("combobox").filter({ hasText: "Select ageAll agesSelect age" }).locator("i").click();

5
frontend/e2e/basic-learning.ts
View file

@ -1,5 +0,0 @@
import { test, expect } from "./fixtures.js";
test("myTest", async ({ page }) => {
await expect(page).toHaveURL("/");
});

107
frontend/e2e/class.spec.ts Normal file
View file

@ -0,0 +1,107 @@
import { test, expect } from "@playwright/test";
test("Teacher can create a class", async ({ page }) => {
const className = "DeTijdLoze";
await page.goto("/");
// Login
await page.getByRole("link", { name: "log in" }).click();
await page.getByRole("button", { name: "teacher" }).click();
await page.getByRole("textbox", { name: "Username or email" }).fill("testleerkracht1");
await page.getByRole("textbox", { name: "Password" }).fill("password");
await page.getByRole("button", { name: "Sign In" }).click();
// Go to class
await expect(page.getByRole("banner").getByRole("link", { name: "Classes" })).toBeVisible();
await page.getByRole("banner").getByRole("link", { name: "Classes" }).click();
// Check if the class page is visible
await expect(page.getByRole("heading", { name: "Classes" })).toBeVisible();
await expect(page.getByRole("textbox", { name: "classname classname" })).toBeVisible();
await expect(page.getByRole("button", { name: "create" })).toBeVisible();
// Create a class
await page.getByRole("textbox", { name: "classname classname" }).click();
await page.getByRole("textbox", { name: "classname classname" }).fill(className);
await page.getByRole("button", { name: "create" }).click();
// Check if the class is created
await expect(page.getByRole("dialog").getByText("code")).toBeVisible();
await expect(page.getByRole("button", { name: "close" })).toBeVisible();
});
test("Teacher can share a class by code", async ({ page }) => {
await page.goto("/");
// Login
await page.getByRole("link", { name: "log in" }).click();
await page.getByRole("button", { name: "teacher" }).click();
await page.getByRole("textbox", { name: "Username or email" }).fill("testleerkracht1");
await page.getByRole("textbox", { name: "Password" }).fill("password");
await page.getByRole("button", { name: "Sign In" }).click();
// Go to classes
await expect(page.getByRole("banner").getByRole("link", { name: "Classes" })).toBeVisible();
await page.getByRole("banner").getByRole("link", { name: "Classes" }).click();
await expect(page.getByRole("row", { name: "class01" }).locator("i").nth(1)).toBeVisible();
await page.getByRole("row", { name: "class01" }).locator("i").nth(1).click();
await expect(page.getByRole("button").filter({ hasText: /^$/ }).nth(2)).toBeVisible();
await expect(page.getByRole("button").filter({ hasText: /^$/ }).nth(3)).toBeVisible();
await page.getByRole("button").filter({ hasText: /^$/ }).nth(3).click();
await expect(page.getByText("copied!")).toBeVisible();
await page.getByRole("button", { name: "close" }).click();
});
test("Student can join class by code", async ({ page }) => {
await page.goto("/");
// Login
await page.getByRole("link", { name: "log in" }).click();
await page.getByRole("button", { name: "student" }).click();
await page.getByRole("textbox", { name: "Username or email" }).fill("testleerling1");
await page.getByRole("textbox", { name: "Password" }).fill("password");
await page.getByRole("button", { name: "Sign In" }).click();
// Go to class
await expect(page.getByRole("banner").getByRole("link", { name: "Classes" })).toBeVisible();
await page.getByRole("banner").getByRole("link", { name: "Classes" }).click();
// Check if the class page is visible
await expect(page.getByRole("heading", { name: "Classes" })).toBeVisible();
await expect(page.getByRole("heading", { name: "Join class" })).toBeVisible();
await expect(page.getByRole("textbox", { name: "CODE CODE" })).toBeVisible();
await expect(page.getByRole("button", { name: "submit" })).toBeVisible();
// Join a class
await page.getByRole("textbox", { name: "CODE CODE" }).click();
await page.getByRole("textbox", { name: "CODE CODE" }).fill("X2J9QT");
await page.getByRole("button", { name: "submit" }).click();
});
test("Teacher can remove student from class", async ({ page }) => {
await page.goto("/");
// Login
await page.getByRole("link", { name: "log in" }).click();
await page.getByRole("button", { name: "teacher" }).click();
await page.getByRole("textbox", { name: "Username or email" }).fill("testleerkracht1");
await page.getByRole("textbox", { name: "Password" }).fill("password");
await page.getByRole("button", { name: "Sign In" }).click();
await expect(page.getByRole("banner").getByRole("link", { name: "Classes" })).toBeVisible();
await page.getByRole("banner").getByRole("link", { name: "Classes" }).click();
await expect(page.getByRole("link", { name: "class01" })).toBeVisible();
await expect(page.locator("#app")).toContainText("8");
await page.getByRole("link", { name: "class01" }).click();
await expect(page.getByRole("cell", { name: "Kurt Cobain" })).toBeVisible();
await expect(page.getByRole("row", { name: "Kurt Cobain remove" }).getByRole("button")).toBeVisible();
await page.getByRole("row", { name: "Kurt Cobain remove" }).getByRole("button").click();
await expect(page.getByText("Are you sure?")).toBeVisible();
await expect(page.getByRole("button", { name: "cancel" })).toBeVisible();
await expect(page.getByRole("button", { name: "yes" })).toBeVisible();
await page.getByRole("button", { name: "yes" }).click();
await page.getByRole("banner").getByRole("link", { name: "Classes" }).click();
await expect(page.locator("#app")).toContainText("7");
});

2
frontend/package.json
View file

@ -17,10 +17,12 @@
"test:e2e": "playwright test"
},
"dependencies": {
"@dwengo-1/common": "^0.2.0",
"@tanstack/react-query": "^5.69.0",
"@tanstack/vue-query": "^5.69.0",
"@vueuse/core": "^13.1.0",
"axios": "^1.8.2",
"json-editor-vue": "^0.18.1",
"oidc-client-ts": "^3.1.0",
"rollup": "^4.40.0",
"uuid": "^11.1.0",

20
frontend/src/components/BrowseThemes.vue
View file

@ -5,6 +5,7 @@
import { AGE_TO_THEMES, THEMESITEMS } from "@/utils/constants.ts";
import { useThemeQuery } from "@/queries/themes.ts";
import type { Theme } from "@/data-objects/theme.ts";
import authService from "@/services/auth/auth-service";
const props = defineProps({
selectedTheme: { type: String, required: true },
@ -33,6 +34,8 @@
cards.value = themes;
}
});
const isTeacher = computed(() => authService.authState.activeRole === "teacher");
</script>
<template>
@ -73,6 +76,23 @@
class="fill-height grey-bg-card"
/>
</v-col>
<v-col
v-if="isTeacher"
cols="12"
sm="6"
md="4"
lg="4"
class="d-flex"
>
<ThemeCard
path="/my-content"
:is-absolute-path="true"
:title="t('ownLearningContentTitle')"
:description="t('ownLearningContentDescription')"
icon="mdi-pencil"
class="fill-height grey-bg-card"
/>
</v-col>
<v-col
v-for="card in cards"
:key="card.key"

63
frontend/src/components/ButtonWithConfirmation.vue Normal file
View file

@ -0,0 +1,63 @@
<script setup lang="ts">
import { useI18n } from "vue-i18n";
const props = defineProps<{
text: string;
prependIcon?: string;
appendIcon?: string;
confirmQueryText: string;
variant?: "flat" | "text" | "elevated" | "tonal" | "outlined" | "plain" | undefined;
color?: string;
disabled?: boolean;
}>();
const emit = defineEmits<{ (e: "confirm"): void }>();
const { t } = useI18n();
function confirm(): void {
emit("confirm");
}
</script>
<template>
<v-dialog max-width="500">
<template v-slot:activator="{ props: activatorProps }">
<v-btn
v-bind="activatorProps"
:text="props.text"
:prependIcon="props.prependIcon"
:appendIcon="props.appendIcon"
:variant="props.variant"
:color="color"
:disabled="props.disabled"
></v-btn>
</template>
<template v-slot:default="{ isActive }">
<v-card :title="t('confirmDialogTitle')">
<v-card-text>
{{ props.confirmQueryText }}
</v-card-text>
<v-card-actions>
<v-spacer></v-spacer>
<v-btn
:text="t('yes')"
@click="
confirm();
isActive.value = false;
"
></v-btn>
<v-btn
:text="t('cancel')"
@click="isActive.value = false"
></v-btn>
</v-card-actions>
</v-card>
</template>
</v-dialog>
</template>
<style scoped></style>

7
frontend/src/components/LearningPathSearchField.vue
View file

@ -31,4 +31,9 @@
></v-text-field>
</template>
<style scoped></style>
<style scoped>
.search-field {
width: 25%;
min-width: 300px;
}
</style>

4
frontend/src/components/LearningPathsGrid.vue
View file

@ -53,9 +53,9 @@
white-space: normal;
}
.results-grid {
margin: 20px;
margin: 20px auto;
display: flex;
align-items: stretch;
justify-content: center;
gap: 20px;
flex-wrap: wrap;
}

13
frontend/src/components/MenuBar.vue
View file

@ -7,13 +7,16 @@
// Import assets
import dwengoLogo from "../../../assets/img/dwengo-groen-zwart.svg";
import { useLocale } from "vuetify";
const { t, locale } = useI18n();
const { current: vuetifyLocale } = useLocale();
const role = auth.authState.activeRole;
const _router = useRouter(); // Zonder '_' gaf dit een linter error voor unused variable
const name: string = auth.authState.user!.profile.name!;
const username = auth.authState.user!.profile.preferred_username!;
const email = auth.authState.user!.profile.email;
const initials: string = name
.split(" ")
@ -31,6 +34,7 @@
// Logic to change the language of the website to the selected language
function changeLanguage(langCode: string): void {
locale.value = langCode;
vuetifyLocale.value = langCode;
localStorage.setItem("user-lang", langCode);
}
@ -180,10 +184,15 @@
<v-card>
<v-card-text>
<div class="mx-auto text-center">
<v-avatar color="#0e6942">
<span class="text-h5">{{ initials }}</span>
<v-avatar
color="#0e6942"
size="large"
class="user-button mb-3"
>
<span>{{ initials }}</span>
</v-avatar>
<h3>{{ name }}</h3>
<p class="text-caption mt-1">{{ username }}</p>
<p class="text-caption mt-1">{{ email }}</p>
<v-divider class="my-3"></v-divider>
<v-btn

3
frontend/src/components/SingleQuestion.vue
View file

@ -6,6 +6,7 @@
import type { AnswersResponse } from "@/controllers/answers";
import type { AnswerData, AnswerDTO } from "@dwengo-1/common/interfaces/answer";
import authService from "@/services/auth/auth-service";
import { AccountType } from "@dwengo-1/common/util/account-types";
const props = defineProps<{
question: QuestionDTO;
@ -80,7 +81,7 @@
{{ question.content }}
</div>
<div
v-if="authService.authState.activeRole === 'teacher'"
v-if="authService.authState.activeRole === AccountType.Teacher"
class="answer-input-container"
>
<input

2
frontend/src/components/UsingQueryResult.vue
View file

@ -27,7 +27,7 @@
<div v-if="isError">
<v-empty-state
icon="mdi-alert-circle-outline"
:text="errorMessage"
:text="t(errorMessage)"
:title="t('error_title')"
></v-empty-state>
</div>

27
frontend/src/controllers/base-controller.ts
View file

@ -37,6 +37,33 @@ export abstract class BaseController {
return response.data;
}
/**
* Sends a POST-request with a form-data body with the given file.
*
* @param path Relative path in the api to send the request to.
* @param formFieldName The name of the form field in which the file should be.
* @param file The file to upload.
* @param queryParams The query parameters.
* @returns The response the POST request generated.
*/
protected async postFile<T>(
path: string,
formFieldName: string,
file: File,
queryParams?: QueryParams,
): Promise<T> {
const formData = new FormData();
formData.append(formFieldName, file);
const response = await apiClient.post<T>(this.absolutePathFor(path), formData, {
params: queryParams,
headers: {
"Content-Type": "multipart/form-data",
},
});
BaseController.assertSuccessResponse(response);
return response.data;
}
protected async delete<T>(path: string, queryParams?: QueryParams): Promise<T> {
const response = await apiClient.delete<T>(this.absolutePathFor(path), { params: queryParams });
BaseController.assertSuccessResponse(response);

12
frontend/src/controllers/learning-objects.ts
View file

@ -14,4 +14,16 @@ export class LearningObjectController extends BaseController {
async getHTML(hruid: string, language: Language, version: number): Promise<Document> {
return this.get<Document>(`/${hruid}/html`, { language, version }, "document");
}
async getAllAdministratedBy(admin: string): Promise<LearningObject[]> {
return this.get<LearningObject[]>("/", { admin });
}
async upload(learningObjectZip: File): Promise<LearningObject> {
return this.postFile<LearningObject>("/", "learningObject", learningObjectZip);
}
async deleteLearningObject(hruid: string, language: Language, version: number): Promise<LearningObject> {
return this.delete<LearningObject>(`/${hruid}`, { language, version });
}
}

27
frontend/src/controllers/learning-paths.ts
View file

@ -1,8 +1,8 @@
import { BaseController } from "@/controllers/base-controller.ts";
import { LearningPath } from "@/data-objects/learning-paths/learning-path.ts";
import type { Language } from "@/data-objects/language.ts";
import { single } from "@/utils/response-assertions.ts";
import type { LearningPathDTO } from "@/data-objects/learning-paths/learning-path-dto.ts";
import { LearningPath } from "@/data-objects/learning-paths/learning-path";
import { NotFoundException } from "@/exception/not-found-exception";
import type { LearningPath as LearningPathDTO } from "@dwengo-1/common/interfaces/learning-content";
export class LearningPathController extends BaseController {
constructor() {
@ -24,7 +24,10 @@ export class LearningPathController extends BaseController {
assignmentNo: forGroup?.assignmentNo,
classId: forGroup?.classId,
});
return LearningPath.fromDTO(single(dtos));
if (dtos.length === 0) {
throw new NotFoundException("learningPathNotFound");
}
return LearningPath.fromDTO(dtos[0]);
}
async getAllByThemeAndLanguage(theme: string, language: Language): Promise<LearningPath[]> {
const dtos = await this.get<LearningPathDTO[]>("/", { theme, language });
@ -36,4 +39,20 @@ export class LearningPathController extends BaseController {
const dtos = await this.get<LearningPathDTO[]>("/", query);
return dtos.map((dto) => LearningPath.fromDTO(dto));
}
async getAllByAdminRaw(admin: string): Promise<LearningPathDTO[]> {
return await this.get<LearningPathDTO[]>("/", { admin });
}
async postLearningPath(learningPath: Partial<LearningPathDTO>): Promise<LearningPathDTO> {
return await this.post<LearningPathDTO>("/", learningPath);
}
async putLearningPath(learningPath: Partial<LearningPathDTO>): Promise<LearningPathDTO> {
return await this.put<LearningPathDTO>(`/${learningPath.hruid}/${learningPath.language}`, learningPath);
}
async deleteLearningPath(hruid: string, language: string): Promise<LearningPathDTO> {
return await this.delete<LearningPathDTO>(`/${hruid}/${language}`);
}
}

10
frontend/src/data-objects/learning-paths/learning-path-node.ts
View file

@ -1,5 +1,5 @@
import type { Language } from "@/data-objects/language.ts";
import type { LearningPathNodeDTO } from "@/data-objects/learning-paths/learning-path.ts";
import type { LearningObjectNode as LearningPathNodeDTO } from "@dwengo-1/common/interfaces/learning-content";
export class LearningPathNode {
public readonly learningobjectHruid: string;
@ -14,7 +14,7 @@ export class LearningPathNode {
learningobjectHruid: string;
version: number;
language: Language;
transitions: { next: LearningPathNode; default: boolean }[];
transitions: { next: LearningPathNode; default?: boolean }[];
createdAt: Date;
updatedAt: Date;
done?: boolean;
@ -22,7 +22,7 @@ export class LearningPathNode {
this.learningobjectHruid = options.learningobjectHruid;
this.version = options.version;
this.language = options.language;
this.transitions = options.transitions;
this.transitions = options.transitions.map((it) => ({ next: it.next, default: it.default ?? false }));
this.createdAt = options.createdAt;
this.updatedAt = options.updatedAt;
this.done = options.done || false;
@ -50,8 +50,8 @@ export class LearningPathNode {
return undefined;
})
.filter((it) => it !== undefined),
createdAt: new Date(dto.created_at),
updatedAt: new Date(dto.updatedAt),
createdAt: dto.created_at ? new Date(dto.created_at) : new Date(),
updatedAt: dto.updatedAt ? new Date(dto.updatedAt) : new Date(),
done: dto.done,
});
}

18
frontend/src/data-objects/learning-paths/learning-path.ts
View file

@ -1,6 +1,6 @@
import type { Language } from "@/data-objects/language.ts";
import { LearningPathNode } from "@/data-objects/learning-paths/learning-path-node.ts";
import type { LearningPathDTO } from "@/data-objects/learning-paths/learning-path-dto.ts";
import type { LearningObjectNode, LearningPath as LearningPathDTO } from "@dwengo-1/common/interfaces/learning-content";
export interface LearningPathNodeDTO {
_id: string;
@ -77,20 +77,26 @@ export class LearningPath {
hruid: dto.hruid,
title: dto.title,
description: dto.description,
amountOfNodes: dto.num_nodes,
amountOfNodesLeft: dto.num_nodes_left,
amountOfNodes: dto.num_nodes ?? dto.nodes.length,
amountOfNodesLeft: dto.num_nodes_left ?? dto.nodes.length,
keywords: dto.keywords.split(" "),
targetAges: { min: dto.min_age, max: dto.max_age },
targetAges: {
min: dto.min_age ?? NaN,
max: dto.max_age ?? NaN,
},
startNode: LearningPathNode.fromDTOAndOtherNodes(LearningPath.getStartNode(dto), dto.nodes),
image: dto.image,
});
}
static getStartNode(dto: LearningPathDTO): LearningPathNodeDTO {
static getStartNode(dto: LearningPathDTO): LearningObjectNode {
const startNodeDtos = dto.nodes.filter((it) => it.start_node === true);
if (startNodeDtos.length < 1) {
// The learning path has no starting node -> use the first node.
return dto.nodes[0];
if (dto.nodes.length > 0) {
return dto.nodes[0];
}
throw new Error("emptyLearningPath");
} // The learning path has 1 or more starting nodes -> use the first start node.
return startNodeDtos[0];
}

33
frontend/src/i18n/locale/de.json
View file

@ -135,5 +135,36 @@
"valid-username": "Bitte geben Sie einen gültigen Benutzernamen ein",
"creationFailed": "Erstellung fehlgeschlagen, bitte versuchen Sie es erneut",
"no-assignments": "Derzeit gibt es keine Zuweisungen.",
"deadline": "deadline"
"deadline": "deadline",
"learningObjects": "Lernobjekte",
"learningPaths": "Lernpfade",
"hruid": "HRUID",
"language": "Sprache",
"version": "Version",
"previewFor": "Vorschau für ",
"upload": "Hochladen",
"learningObjectUploadTitle": "Lernobjekt hochladen",
"uploadFailed": "Hochladen fehlgeschlagen",
"invalidZip": "Dies ist keine gültige ZIP-Datei.",
"emptyZip": "Diese ZIP-Datei ist leer.",
"missingMetadata": "Dieses Lernobjekt enthält keine metadata.json-Datei.",
"missingContent": "Dieses Lernobjekt enthält keine content.*-Datei.",
"open": "öffnen",
"editLearningPath": "Lernpfad bearbeiten",
"newLearningPath": "Neuen Lernpfad erstellen",
"saveChanges": "Änderungen speichern",
"newLearningObject": "Lernobjekt hochladen",
"confirmDialogTitle": "Bitte bestätigen",
"learningPathDeleteQuery": "Möchten Sie diesen Lernpfad wirklich löschen?",
"learningObjectDeleteQuery": "Möchten Sie dieses Lernobjekt wirklich löschen?",
"learningPathCantModifyId": "Der HRUID oder die Sprache eines Lernpfads kann nicht geändert werden.",
"error": "Fehler",
"ownLearningContentTitle": "Eigene Lerninhalte",
"ownLearningContentDescription": "Erstellen und verwalten Sie eigene Lernobjekte und Lernpfade. Nur für fortgeschrittene Nutzer.",
"learningPathNotFound": "Dieser Lernpfad konnte nicht gefunden werden.",
"emptyLearningPath": "Dieser Lernpfad enthält keine Lernobjekte.",
"pathContainsNonExistingLearningObjects": "Mindestens eines der in diesem Pfad referenzierten Lernobjekte existiert nicht.",
"targetAgesMandatory": "Zielalter müssen angegeben werden.",
"hintRemoveIfUnconditionalTransition": "(entfernen, wenn dies ein bedingungsloser Übergang sein soll)",
"hintKeywordsSeparatedBySpaces": "Schlüsselwörter durch Leerzeichen getrennt"
}

33
frontend/src/i18n/locale/en.json
View file

@ -135,5 +135,36 @@
"valid-username": "please enter a valid username",
"creationFailed": "creation failed, please try again",
"no-assignments": "There are currently no assignments.",
"deadline": "deadline"
"deadline": "deadline",
"learningObjects": "Learning objects",
"learningPaths": "Learning paths",
"hruid": "HRUID",
"language": "Language",
"version": "Version",
"previewFor": "Preview for ",
"upload": "Upload",
"learningObjectUploadTitle": "Upload a learning object",
"uploadFailed": "Upload failed",
"invalidZip": "This is not a valid zip file.",
"emptyZip": "This zip file is empty",
"missingMetadata": "This learning object is missing a metadata.json file.",
"missingContent": "This learning object is missing a content.* file.",
"open": "open",
"editLearningPath": "Edit learning path",
"newLearningPath": "Create a new learning path",
"saveChanges": "Save changes",
"newLearningObject": "Upload learning object",
"confirmDialogTitle": "Please confirm",
"learningPathDeleteQuery": "Are you sure you want to delete this learning path?",
"learningObjectDeleteQuery": "Are you sure you want to delete this learning object?",
"learningPathCantModifyId": "The HRUID or language of a learning path cannot be modified.",
"error": "Error",
"ownLearningContentTitle": "Own learning content",
"ownLearningContentDescription": "Create and administrate your own learning objects and learning paths. For advanced users only.",
"learningPathNotFound": "This learning path could not be found.",
"emptyLearningPath": "This learning path does not contain any learning objects.",
"pathContainsNonExistingLearningObjects": "At least one of the learning objects referenced in this path does not exist.",
"targetAgesMandatory": "Target ages must be specified.",
"hintRemoveIfUnconditionalTransition": "(remove this if this should be an unconditional transition)",
"hintKeywordsSeparatedBySpaces": "Keywords separated by spaces"
}

33
frontend/src/i18n/locale/fr.json
View file

@ -136,5 +136,36 @@
"valid-username": "veuillez entrer un nom d'utilisateur valide",
"creationFailed": "échec de la création, veuillez réessayer",
"no-assignments": "Il n'y a actuellement aucun travail.",
"deadline": "délai"
"deadline": "délai",
"learningObjects": "Objets dapprentissage",
"learningPaths": "Parcours dapprentissage",
"hruid": "HRUID",
"language": "Langue",
"version": "Version",
"previewFor": "Aperçu de ",
"upload": "Téléverser",
"learningObjectUploadTitle": "Téléverser un objet dapprentissage",
"uploadFailed": "Échec du téléversement",
"invalidZip": "Ce nest pas un fichier ZIP valide.",
"emptyZip": "Ce fichier ZIP est vide.",
"missingMetadata": "Il manque un fichier metadata.json à cet objet dapprentissage.",
"missingContent": "Il manque un fichier content.* à cet objet dapprentissage.",
"open": "ouvrir",
"editLearningPath": "Modifier le parcours",
"newLearningPath": "Créer un nouveau parcours",
"saveChanges": "Enregistrer les modifications",
"newLearningObject": "Téléverser un objet dapprentissage",
"confirmDialogTitle": "Veuillez confirmer",
"learningPathDeleteQuery": "Voulez-vous vraiment supprimer ce parcours dapprentissage ?",
"learningObjectDeleteQuery": "Voulez-vous vraiment supprimer cet objet dapprentissage ?",
"learningPathCantModifyId": "Le HRUID ou la langue dun parcours ne peuvent pas être modifiés.",
"error": "Erreur",
"ownLearningContentTitle": "Contenu dapprentissage personnel",
"ownLearningContentDescription": "Créez et gérez vos propres objets et parcours dapprentissage. Réservé aux utilisateurs avancés.",
"learningPathNotFound": "Ce parcours d'apprentissage est introuvable.",
"emptyLearningPath": "Ce parcours d'apprentissage ne contient aucun objet d'apprentissage.",
"pathContainsNonExistingLearningObjects": "Au moins un des objets dapprentissage référencés dans ce chemin nexiste pas.",
"targetAgesMandatory": "Les âges cibles doivent être spécifiés.",
"hintRemoveIfUnconditionalTransition": "(supprimer ceci sil sagit dune transition inconditionnelle)",
"hintKeywordsSeparatedBySpaces": "Mots-clés séparés par des espaces"
}

33
frontend/src/i18n/locale/nl.json
View file

@ -135,5 +135,36 @@
"valid-username": "voer een geldige gebruikersnaam in",
"creationFailed": "aanmaak mislukt, probeer het opnieuw",
"no-assignments": "Er zijn momenteel geen opdrachten.",
"deadline": "deadline"
"deadline": "deadline",
"learningObjects": "Leerobjecten",
"learningPaths": "Leerpaden",
"hruid": "HRUID",
"language": "Taal",
"version": "Versie",
"previewFor": "Voorbeeld van ",
"upload": "Uploaden",
"learningObjectUploadTitle": "Leerobject uploaden",
"uploadFailed": "Upload mislukt",
"invalidZip": "Dit is geen geldig zipbestand.",
"emptyZip": "Dit zipbestand is leeg.",
"missingMetadata": "Dit leerobject mist een metadata.json-bestand.",
"missingContent": "Dit leerobject mist een content.*-bestand.",
"open": "openen",
"editLearningPath": "Leerpad bewerken",
"newLearningPath": "Nieuw leerpad aanmaken",
"saveChanges": "Wijzigingen opslaan",
"newLearningObject": "Leerobject uploaden",
"confirmDialogTitle": "Bevestig alstublieft",
"learningPathDeleteQuery": "Weet u zeker dat u dit leerpad wilt verwijderen?",
"learningObjectDeleteQuery": "Weet u zeker dat u dit leerobject wilt verwijderen?",
"learningPathCantModifyId": "De HRUID of taal van een leerpad kan niet worden gewijzigd.",
"error": "Fout",
"ownLearningContentTitle": "Eigen leerinhoud",
"ownLearningContentDescription": "Maak en beheer je eigen leerobjecten en leerpads. Alleen voor gevorderde gebruikers.",
"learningPathNotFound": "Dit leerpad kon niet gevonden worden.",
"emptyLearningPath": "Dit leerpad bevat geen leerobjecten.",
"pathContainsNonExistingLearningObjects": "Ten minste één van de leerobjecten in dit pad bestaat niet.",
"targetAgesMandatory": "Doelleeftijden moeten worden opgegeven.",
"hintRemoveIfUnconditionalTransition": "(verwijder dit voor onvoorwaardelijke overgangen)",
"hintKeywordsSeparatedBySpaces": "Trefwoorden gescheiden door spaties"
}

10
frontend/src/main.ts
View file

@ -7,15 +7,20 @@ import * as components from "vuetify/components";
import * as directives from "vuetify/directives";
import i18n from "./i18n/i18n.ts";
// JSON-editor
import JsonEditorVue from "json-editor-vue";
// Components
import App from "./App.vue";
import router from "./router";
import { aliases, mdi } from "vuetify/iconsets/mdi";
import { VueQueryPlugin, QueryClient } from "@tanstack/vue-query";
import { de, en, fr, nl } from "vuetify/locale";
const app = createApp(App);
app.use(router);
app.use(JsonEditorVue, {});
const link = document.createElement("link");
link.rel = "stylesheet";
@ -32,6 +37,11 @@ const vuetify = createVuetify({
mdi,
},
},
locale: {
locale: i18n.global.locale,
fallback: "en",
messages: { nl, en, de, fr },
},
});
const queryClient = new QueryClient({

3
frontend/src/queries/classes.ts
View file

@ -15,6 +15,7 @@ import { invalidateAllGroupKeys } from "./groups";
import { invalidateAllSubmissionKeys } from "./submissions";
import type { TeachersResponse } from "@/controllers/teachers";
import type { TeacherInvitationsResponse } from "@/controllers/teacher-invitations";
import { studentClassesQueryKey } from "@/queries/students.ts";
const classController = new ClassController();
@ -171,6 +172,8 @@ export function useClassDeleteStudentMutation(): UseMutationReturnType<
await queryClient.invalidateQueries({ queryKey: classQueryKey(data.class.id) });
await queryClient.invalidateQueries({ queryKey: classStudentsKey(data.class.id, true) });
await queryClient.invalidateQueries({ queryKey: classStudentsKey(data.class.id, false) });
await queryClient.invalidateQueries({ queryKey: studentClassesQueryKey(data.class.id, false) });
await queryClient.invalidateQueries({ queryKey: studentClassesQueryKey(data.class.id, true) });
},
});
}

63
frontend/src/queries/learning-objects.ts
View file

@ -1,9 +1,16 @@
import { type MaybeRefOrGetter, toValue } from "vue";
import type { Language } from "@/data-objects/language.ts";
import { useQuery, type UseQueryReturnType } from "@tanstack/vue-query";
import {
useMutation,
useQuery,
useQueryClient,
type UseMutationReturnType,
type UseQueryReturnType,
} from "@tanstack/vue-query";
import { getLearningObjectController } from "@/controllers/controllers.ts";
import type { LearningObject } from "@/data-objects/learning-objects/learning-object.ts";
import type { LearningPath } from "@/data-objects/learning-paths/learning-path.ts";
import type { AxiosError } from "axios";
export const LEARNING_OBJECT_KEY = "learningObject";
const learningObjectController = getLearningObjectController();
@ -24,15 +31,15 @@ export function useLearningObjectMetadataQuery(
}
export function useLearningObjectHTMLQuery(
hruid: MaybeRefOrGetter<string>,
language: MaybeRefOrGetter<Language>,
version: MaybeRefOrGetter<number>,
hruid: MaybeRefOrGetter<string | undefined>,
language: MaybeRefOrGetter<Language | undefined>,
version: MaybeRefOrGetter<number | undefined>,
): UseQueryReturnType<Document, Error> {
return useQuery({
queryKey: [LEARNING_OBJECT_KEY, "html", hruid, language, version],
queryFn: async () => {
const [hruidVal, languageVal, versionVal] = [toValue(hruid), toValue(language), toValue(version)];
return learningObjectController.getHTML(hruidVal, languageVal, versionVal);
return learningObjectController.getHTML(hruidVal!, languageVal!, versionVal!);
},
enabled: () => Boolean(toValue(hruid)) && Boolean(toValue(language)) && Boolean(toValue(version)),
});
@ -55,3 +62,49 @@ export function useLearningObjectListForPathQuery(
enabled: () => Boolean(toValue(learningPath)),
});
}
export function useLearningObjectListForAdminQuery(
admin: MaybeRefOrGetter<string | undefined>,
): UseQueryReturnType<LearningObject[], Error> {
return useQuery({
queryKey: [LEARNING_OBJECT_KEY, "forAdmin", admin],
queryFn: async () => {
const adminVal = toValue(admin);
return await learningObjectController.getAllAdministratedBy(adminVal!);
},
enabled: () => toValue(admin) !== undefined,
});
}
export function useUploadLearningObjectMutation(): UseMutationReturnType<
LearningObject,
AxiosError,
{ learningObjectZip: File },
unknown
> {
const queryClient = useQueryClient();
return useMutation({
mutationFn: async ({ learningObjectZip }) => await learningObjectController.upload(learningObjectZip),
onSuccess: async () => {
await queryClient.invalidateQueries({ queryKey: [LEARNING_OBJECT_KEY, "forAdmin"] });
},
});
}
export function useDeleteLearningObjectMutation(): UseMutationReturnType<
LearningObject,
AxiosError,
{ hruid: string; language: Language; version: number },
unknown
> {
const queryClient = useQueryClient();
return useMutation({
mutationFn: async ({ hruid, language, version }) =>
await learningObjectController.deleteLearningObject(hruid, language, version),
onSuccess: async () => {
await queryClient.invalidateQueries({ queryKey: [LEARNING_OBJECT_KEY, "forAdmin"] });
},
});
}

64
frontend/src/queries/learning-paths.ts
View file

@ -1,8 +1,16 @@
import { type MaybeRefOrGetter, toValue } from "vue";
import type { Language } from "@/data-objects/language.ts";
import { useQuery, type UseQueryReturnType } from "@tanstack/vue-query";
import {
useMutation,
useQuery,
useQueryClient,
type UseMutationReturnType,
type UseQueryReturnType,
} from "@tanstack/vue-query";
import { getLearningPathController } from "@/controllers/controllers";
import type { LearningPath } from "@/data-objects/learning-paths/learning-path.ts";
import type { AxiosError } from "axios";
import type { LearningPath as LearningPathDTO } from "@dwengo-1/common/interfaces/learning-content";
import type { LearningPath } from "@/data-objects/learning-paths/learning-path";
export const LEARNING_PATH_KEY = "learningPath";
const learningPathController = getLearningPathController();
@ -33,6 +41,58 @@ export function useGetAllLearningPathsByThemeAndLanguageQuery(
});
}
export function useGetAllLearningPathsByAdminQuery(
admin: MaybeRefOrGetter<string | undefined>,
): UseQueryReturnType<LearningPathDTO[], AxiosError> {
return useQuery({
queryKey: [LEARNING_PATH_KEY, "getAllByAdmin", admin],
queryFn: async () => learningPathController.getAllByAdminRaw(toValue(admin)!),
enabled: () => Boolean(toValue(admin)),
});
}
export function usePostLearningPathMutation(): UseMutationReturnType<
LearningPathDTO,
AxiosError,
{ learningPath: Partial<LearningPathDTO> },
unknown
> {
const queryClient = useQueryClient();
return useMutation({
mutationFn: async ({ learningPath }) => learningPathController.postLearningPath(learningPath),
onSuccess: async () => queryClient.invalidateQueries({ queryKey: [LEARNING_PATH_KEY] }),
});
}
export function usePutLearningPathMutation(): UseMutationReturnType<
LearningPathDTO,
AxiosError,
{ learningPath: Partial<LearningPathDTO> },
unknown
> {
const queryClient = useQueryClient();
return useMutation({
mutationFn: async ({ learningPath }) => learningPathController.putLearningPath(learningPath),
onSuccess: async () => queryClient.invalidateQueries({ queryKey: [LEARNING_PATH_KEY] }),
});
}
export function useDeleteLearningPathMutation(): UseMutationReturnType<
LearningPathDTO,
AxiosError,
{ hruid: string; language: Language },
unknown
> {
const queryClient = useQueryClient();
return useMutation({
mutationFn: async ({ hruid, language }) => learningPathController.deleteLearningPath(hruid, language),
onSuccess: async () => queryClient.invalidateQueries({ queryKey: [LEARNING_PATH_KEY] }),
});
}
export function useSearchLearningPathQuery(
query: MaybeRefOrGetter<string | undefined>,
language: MaybeRefOrGetter<string | undefined>,

2
frontend/src/queries/students.ts
View file

@ -33,7 +33,7 @@ function studentsQueryKey(full: boolean): [string, boolean] {
function studentQueryKey(username: string): [string, string] {
return ["student", username];
}
function studentClassesQueryKey(username: string, full: boolean): [string, string, boolean] {
export function studentClassesQueryKey(username: string, full: boolean): [string, string, boolean] {
return ["student-classes", username, full];
}
function studentAssignmentsQueryKey(username: string, full: boolean): [string, string, boolean] {

14
frontend/src/router/index.ts
View file

@ -14,6 +14,8 @@ import UserHomePage from "@/views/homepage/UserHomePage.vue";
import SingleTheme from "@/views/SingleTheme.vue";
import LearningObjectView from "@/views/learning-paths/learning-object/LearningObjectView.vue";
import authService from "@/services/auth/auth-service";
import OwnLearningContentPage from "@/views/own-learning-content/OwnLearningContentPage.vue";
import { allowRedirect, Redirect } from "@/utils/redirect.ts";
const router = createRouter({
history: createWebHistory(import.meta.env.BASE_URL),
@ -105,6 +107,12 @@ const router = createRouter({
component: SingleDiscussion,
meta: { requiresAuth: true },
},
{
path: "/my-content",
name: "OwnLearningContentPage",
component: OwnLearningContentPage,
meta: { requiresAuth: true },
},
{
path: "/learningPath",
children: [
@ -143,7 +151,11 @@ router.beforeEach(async (to, _from, next) => {
// Verify if user is logged in before accessing certain routes
if (to.meta.requiresAuth) {
if (!authService.isLoggedIn.value && !(await authService.loadUser())) {
next("/login");
const path = to.fullPath;
if (allowRedirect(path)) {
localStorage.setItem(Redirect.AFTER_LOGIN_KEY, path);
}
next(Redirect.LOGIN);
} else {
next();
}

12
frontend/src/utils/redirect.ts Normal file
View file

@ -0,0 +1,12 @@
export enum Redirect {
AFTER_LOGIN_KEY = "redirectAfterLogin",
HOME = "/user",
LOGIN = "/login",
ROOT = "/",
}
const NOT_ALLOWED_REDIRECTS = new Set<Redirect>([Redirect.HOME, Redirect.ROOT, Redirect.LOGIN]);
export function allowRedirect(path: string): boolean {
return !NOT_ALLOWED_REDIRECTS.has(path as Redirect);
}

13
frontend/src/views/CallbackPage.vue
View file

@ -3,6 +3,7 @@
import { useI18n } from "vue-i18n";
import { onMounted, ref, type Ref } from "vue";
import auth from "../services/auth/auth-service.ts";
import { Redirect } from "@/utils/redirect.ts";
const { t } = useI18n();
@ -10,10 +11,20 @@
const errorMessage: Ref<string | null> = ref(null);
async function redirectPage(): Promise<void> {
const redirectUrl = localStorage.getItem(Redirect.AFTER_LOGIN_KEY);
if (redirectUrl) {
localStorage.removeItem(Redirect.AFTER_LOGIN_KEY);
await router.replace(redirectUrl);
} else {
await router.replace(Redirect.HOME);
}
}
onMounted(async () => {
try {
await auth.handleLoginCallback();
await router.replace("/user"); // Redirect to theme page
await redirectPage();
} catch (error) {
errorMessage.value = `${t("loginUnexpectedError")}: ${error}`;
}

5
frontend/src/views/LoginPage.vue
View file

@ -3,6 +3,7 @@
import dwengoLogo from "../../../assets/img/dwengo-groen-zwart.svg";
import auth from "@/services/auth/auth-service.ts";
import { watch } from "vue";
import { AccountType } from "@dwengo-1/common/util/account-types";
const router = useRouter();
@ -17,11 +18,11 @@
);
async function loginAsStudent(): Promise<void> {
await auth.loginAs("student");
await auth.loginAs(AccountType.Student);
}
async function loginAsTeacher(): Promise<void> {
await auth.loginAs("teacher");
await auth.loginAs(AccountType.Teacher);
}
</script>

15
frontend/src/views/SingleTheme.vue
View file

@ -35,13 +35,14 @@
</script>
<template>
<div class="container">
<div class="container d-flex flex-column align-items-center justify-center">
<using-query-result :query-result="themeQueryResult">
<h1>{{ currentThemeInfo!!.title }}</h1>
<p>{{ currentThemeInfo!!.description }}</p>
<div class="search-field-container">
<br />
<div class="search-field-container mt-sm-6">
<v-text-field
class="search-field"
class="search-field mx-auto"
:label="t('search')"
append-inner-icon="mdi-magnify"
v-model="searchFilter"
@ -60,13 +61,15 @@
<style scoped>
.search-field-container {
display: block;
margin: 20px;
justify-content: center !important;
}
.search-field {
max-width: 300px;
width: 25%;
min-width: 300px;
}
.container {
padding: 20px;
justify-content: center;
justify-items: center;
}
</style>

3
frontend/src/views/assignments/CreateAssignment.vue
View file

@ -14,6 +14,7 @@
import type { AssignmentDTO } from "@dwengo-1/common/interfaces/assignment";
import { useCreateAssignmentMutation } from "@/queries/assignments.ts";
import { useRoute } from "vue-router";
import { AccountType } from "@dwengo-1/common/util/account-types";
const route = useRoute();
const router = useRouter();
@ -23,7 +24,7 @@
onMounted(async () => {
// Redirect student
if (role.value === "student") {
if (role.value === AccountType.Student) {
await router.push("/user");
}

3
frontend/src/views/assignments/SingleAssignment.vue
View file

@ -8,9 +8,10 @@
import { useGetLearningPathQuery } from "@/queries/learning-paths.ts";
import type { LearningPath } from "@/data-objects/learning-paths/learning-path.ts";
import type { GroupDTO } from "@dwengo-1/common/interfaces/group";
import { AccountType } from "@dwengo-1/common/util/account-types";
const role = auth.authState.activeRole;
const isTeacher = computed(() => role === "teacher");
const isTeacher = computed(() => role === AccountType.Teacher);
const route = useRoute();
const classId = ref<string>(route.params.classId as string);

Some files were not shown because too many files have changed in this diff Show more