From a9b1523f93a81fa0868de2942e73822fd03ae8c8 Mon Sep 17 00:00:00 2001 From: Paul Trowbridge Date: Fri, 27 Nov 2020 11:41:47 -0500 Subject: [PATCH] get rid of old routes and update readme to reflect sql parameterizaion --- index.js | 81 +++++-------------------------------------------------- readme.md | 1 + 2 files changed, 8 insertions(+), 74 deletions(-) diff --git a/index.js b/index.js index c07a75d..ede9c35 100644 --- a/index.js +++ b/index.js @@ -6,23 +6,22 @@ var https = require('https'); var bodyParser = require('body-parser'); const server = express(); const pg = require('pg'); - -//---------read sql files into variables---------------- var fs = require('fs'); var readline = require('readline'); -//------------------------------------------------------- +//-----------------------------point to ssl info------------------------------------ var options = { key: fs.readFileSync(process.env.wd + 'key.pem'), cert: fs.readFileSync(process.env.wd + 'cert.pem'), passprase: [] }; +//-----------------------------create server process-------------------------------- https.createServer(options, server).listen(process.env.nodeport, () => { console.log('started on ' + process.env.nodeport) }); -//server.listen(3000, () => console.log('started')) +//-----------------------------create permanent database connetion------------------ var Postgres = new pg.Client({ user: process.env.user, password: process.env.password, @@ -34,6 +33,7 @@ var Postgres = new pg.Client({ }); Postgres.connect(); +//------------create a callable sql exec func that return first rows---------------- Postgres.FirstRow = function(inSQL, args, inResponse) { Postgres.query(inSQL, args, (err, res) => { if (err === null) { @@ -45,8 +45,10 @@ Postgres.FirstRow = function(inSQL, args, inResponse) { }); }; -server.get('/', (req, res) => res.send('node.js express is up and running')) +//------------route to test if the process is running------------------------------- +server.get('/', (req, res) => res.send('pivotscale api is running')) +//------------build forecast baseline that is a mirror of the target period--------- server.get('/baseline', bodyParser.json(), function(req, res) { var sql = ""; @@ -91,72 +93,3 @@ server.get('/baseline', bodyParser.json(), function(req, res) { Postgres.FirstRow(sql, [], res) }; }) - -server.get('/scenario_package', bodyParser.json(), function(req, res) { - - var sql = ""; - var w = ""; - var c = 1; - var d = 1; - var args = []; - var path = './route_sql/scenario_package.sql'; - - fs.readFile(path, 'utf8', function(err, data) { - if (!err) { - callback(data); - } else { - console.log("fatal error pulling sql file") - callback(err); - } - }); - - var callback = function(arg) { - sql = arg; - - //parse request body into a where clause - ({ c, w, d } = build_where(req, c, w, d, args)); - - //if there was no body sent, return with nothing - if (c == 1) { - res.send("no body was sent"); - return; - } - console.log(new Date().toISOString() + "-------------------------get scenario:------------------------------") - console.log(req.body); - //parse the where clause into the main sql statement - sql = sql.replace(new RegExp("where_clause", 'g'), w) - //execute the sql and send the result - console.log(sql); - Postgres.FirstRow(sql, [], res) - }; -}) - -function build_where(req, c, w, d, args) { - for (var i in req.body.scenario) { - //console.log(i); - ///console.log(req.body[i]); - if (c > 1) { - w = w + - ` - AND `; - } - if (Array.isArray(req.body.scenario[i])) { - //if the scenario key has a value that is an array of items, push it into an `IN` statement - //iter = [stage1, stage2] --> SQL --> iter IN ('stag1', stage2') - w = w + i + " IN ("; - for (var j in req.body.scenario[i]) { - if (d > 1) { - w = w + ","; - } - w = w + "'" + req.body.scenario[i][j] + "'"; - d = d + 1; - } - w = w + ")"; - } else { - w = w + i + " = '" + req.body.scenario[i] + "'"; - } - args.push(req.body.scenario[i]); - c = c + 1; - }; - return { c, w, d }; -} diff --git a/readme.md b/readme.md index 38735da..74d4a2d 100644 --- a/readme.md +++ b/readme.md @@ -33,6 +33,7 @@ TO-DO: - [ ] some of the app parameters can be consolidated, the baseline period could be one large range potentially, instead of 2 stacked periods - [x] setup something to fill in sql parameters to do testing on the function - [ ] update node to handle forecast name parameter +- [ ] clean up SQL generation to prevent injection running problem list ----------------------------------------------------------------------------------------------------------------------------------------------------