-
Notifications
You must be signed in to change notification settings - Fork 0
/
note
115 lines (95 loc) · 3.5 KB
/
note
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
// Do this:
// function isValidaUrl(url) {
// const parsed = new URL(url)
// return [‘https:’, ‘http:’].includes(parsed.protocol)
// }
// <a href={isValidUrl(url) ? url : ‘#’}>Click here!</a>
// Don’t do this:
// <a href={userControlledUrl}>Click here!</a>
// ex: <a href={javascript:alert(document.cookie}>Click here!</a>
const express = require("express");
const { body } = require("express-validator");
const authMiddleware = require("../middleware/auth");
const validateMiddleware = require("../middleware/validation");
const employeeController = require("../controllers/employeeController");
let resumable = require('../resumable-node.js')('/tmp/resumable.js/');
const multer = require("multer");
const path = require("path");
const fs = require("fs").promises;
const router = express.Router();
router.use(authMiddleware);
const storage = multer.diskStorage({
destination: (res, file, cb) => {
const uploadPath = "D:/EMS_images/upload";
fs.mkdir(uploadPath, { recursive: true })
.then(() => cb(null, uploadPath))
.catch((err) => cb(err));
},
filename: (req, file, cb) => {
const filename = file.originalname;
cb(null, filename);
},
});
let upload = multer({ storage: storage });
router.post(
"/create",
upload.single("emp_img"),
[
body("name").notEmpty().withMessage("Name is required"),
body("email").isEmail().withMessage("Invalid email"),
body("phone").isInt().withMessage("Invalid phone number"),
body("gender").isInt().withMessage("Invalid gender"),
body("dob").isDate().withMessage("Invalid date of birth"),
body("dept_id").notEmpty().withMessage("Department ID is required"),
// body("emp_img").notEmpty().withMessage("Image is required"),
],
async (req, res) => {
try {
await resumable.post(req, async (status, filename, original_filename, identifier) => {
if (status === 'done') {
console.log('File upload completed:', filename);
await validateMiddleware(req, res, async () => {
await employeeController.createEmployee(req, res);
});
} else {
console.log('Chunk uploaded:', filename);
}
});
} catch (err) {
console.error('Error uploading file:', err);
res.status(500).json({ error: 'Internal server error' });
}
}
);
router.post(
"/createempanddep",
[
body("name").notEmpty().withMessage("Name is required"),
body("email").isEmail().withMessage("Invalid email"),
body("phone").isInt().withMessage("Invalid phone number"),
body("gender").isInt().withMessage("Invalid gender"),
body("dob").isDate().withMessage("Invalid date of birth"),
body("dept_name").notEmpty().withMessage("Invalid department Name"),
],
validateMiddleware,
employeeController.createEmployeeAndDept
);
router.get("/empanddep", employeeController.getEmpAndDep);
router.get("/", employeeController.getAllEmployees);
router.get("/:id", employeeController.getOneEmployees);
router.put(
"/:id",
upload.single("emp_img"),
[
body("name").notEmpty().withMessage("Name is required"),
body("email").isEmail().withMessage("Invalid email"),
body("phone").isInt().withMessage("Invalid phone number"),
body("gender").isInt().withMessage("Invalid gender"),
body("dob").isDate().withMessage("Invalid date of birth"),
body("dept_id").notEmpty().withMessage("Invalid department ID"),
],
validateMiddleware,
employeeController.updateEmployee
);
router.delete("/:id", employeeController.deleteEmployee);
module.exports = router;