ease typescript rules

.dockerignore

@@ -0,0 +1 @@
+node_modules/

.gitignore

@@ -2,6 +2,8 @@
 
 /dist
 
+.env
+
 *.gen.ts
 
 *.local*

Dockerfile

@@ -0,0 +1,17 @@
+FROM node:alpine AS builder
+WORKDIR /backend
+COPY package.json /backend/package.json
+RUN yarn
+COPY . /backend
+RUN yarn prisma generate && yarn codegen && yarn build
+
+FROM node:alpine
+WORKDIR /backend
+COPY --from=builder /backend/dist /backend
+COPY package.json /backend/package.json
+RUN yarn install --prod
+COPY --from=builder /backend/node_modules/@prisma/client /backend/node_modules/@prisma/client
+COPY --from=builder /backend/node_modules/.prisma/client/ /backend/node_modules/.prisma/client/
+COPY --from=builder /backend/prisma /backend/prisma
+USER node
+CMD [ "node", "./index.js" ]

package.json

@@ -7,19 +7,17 @@
   "dependencies": {
     "@prisma/client": "^2.7.1",
     "@sendgrid/mail": "^7.2.6",
-    "@types/jsonwebtoken": "^8.5.0",
     "apollo-server-express": "^2.18.2",
     "express-jwt": "^6.0.0",
     "graphql": "^15.3.0",
     "jsonwebtoken": "^8.5.1",
-    "jwks-rsa": "^1.10.1",
-    "nodemon": "^2.0.4"
+    "jwks-rsa": "^1.10.1"
   },
   "scripts": {
     "dev": "nodemon",
     "start": "ts-node src/index.ts",
-    "copy-assets": "cp src/typeDefs/typeDefs.gql dist/typeDefs/typeDefs.gql && cp .env.example dist/.env && vi dist/.env",
-    "build": "tsc && npm copy-assets",
+    "copy-assets": "cp src/typeDefs/typeDefs.gql dist/typeDefs/typeDefs.gql",
+    "build": "tsc && yarn copy-assets",
     "codegen": "graphql-codegen --config codegen.yml",
     "lint": "eslint",
     "test": "echo \"Error: no test specified\" && exit 1"
@@ -29,8 +27,11 @@
     "@graphql-codegen/introspection": "1.18.0",
     "@graphql-codegen/typescript": "1.17.10",
     "@graphql-codegen/typescript-resolvers": "1.17.10",
+    "@prisma/cli": "2.8.1",
     "@types/dotenv": "^8.2.0",
+    "@types/jsonwebtoken": "^8.5.0",
     "dotenv": "^8.2.0",
+    "nodemon": "^2.0.4",
     "ts-node": "^9.0.0",
     "typescript": "^4.0.3"
   }

prisma/migrations/20201104091229-renamed-user-form-submissions-name/README.md

@@ -0,0 +1,41 @@
+# Migration `20201104091229-renamed-user-form-submissions-name`
+
+This migration has been generated by Dm1tr1y147 at 11/4/2020, 2:12:29 PM.
+You can check out the [state of the schema](./schema.prisma) after the migration.
+
+## Database Steps
+
+```sql
+
+```
+
+## Changes
+
+```diff
+diff --git schema.prisma schema.prisma
+migration 20201009145620-add-user-email..20201104091229-renamed-user-form-submissions-name
+--- datamodel.dml
++++ datamodel.dml
+@@ -2,9 +2,9 @@
+ // learn more about it in the docs: https://pris.ly/d/prisma-schema
+ datasource db {
+   provider = "postgres"
+-  url = "***"
++  url = "***"
+ }
+ generator client {
+   provider = "prisma-client-js"
+@@ -60,10 +60,10 @@
+   name  String
+   email String @unique @default("test@mail.com")
+   forms Form[]
+-  id               Int              @id @default(autoincrement())
+-  formsSubmissions FormSubmission[]
++  id              Int              @id @default(autoincrement())
++  formSubmissions FormSubmission[]
+ }
+ model FormSubmission {
+   answers Answer[]
+```
+
+

prisma/migrations/20201104091229-renamed-user-form-submissions-name/schema.prisma

@@ -0,0 +1,92 @@
+// This is your Prisma schema file,
+// learn more about it in the docs: https://pris.ly/d/prisma-schema
+
+datasource db {
+  provider = "postgres"
+  url = "***"
+}
+
+generator client {
+  provider = "prisma-client-js"
+}
+
+model Form {
+  title            String
+  choisesQuestions ChoisesQuestion[]
+  inputQuestions   InputQuestion[]
+  submissions      FormSubmission[]
+  dateCreated      DateTime          @default(now())
+  author           User              @relation(fields: [userId], references: [id])
+
+  id     Int @id @default(autoincrement())
+  userId Int
+}
+
+model ChoisesQuestion {
+  title    String
+  variants Variant[]
+  type     ChoiseType
+  number   Int
+
+  id     Int   @id @default(autoincrement())
+  Form   Form? @relation(fields: [formId], references: [id])
+  formId Int?
+}
+
+model Variant {
+  text String
+
+  id                Int              @id @default(autoincrement())
+  ChoisesQuestion   ChoisesQuestion? @relation(fields: [choisesQuestionId], references: [id])
+  choisesQuestionId Int?
+}
+
+model InputQuestion {
+  title  String
+  number Int
+
+  id     Int   @id @default(autoincrement())
+  Form   Form? @relation(fields: [formId], references: [id])
+  formId Int?
+}
+
+enum ChoiseType {
+  SELECT
+  CHECK
+  CHOOSE
+}
+
+model User {
+  name  String
+  email String @unique @default("test@mail.com")
+  forms Form[]
+
+  id              Int              @id @default(autoincrement())
+  formSubmissions FormSubmission[]
+}
+
+model FormSubmission {
+  answers Answer[]
+  date    DateTime @default(now())
+  user    User     @relation(fields: [userId], references: [id])
+
+  id     Int   @id @default(autoincrement())
+  userId Int
+  Form   Form? @relation(fields: [formId], references: [id])
+  formId Int?
+}
+
+model Answer {
+  userInput  String?
+  userChoise Int?
+  type       AnswerType
+
+  id               Int             @id @default(autoincrement())
+  FormSubmission   FormSubmission? @relation(fields: [formSubmissionId], references: [id])
+  formSubmissionId Int?
+}
+
+enum AnswerType {
+  INPUT
+  CHOISE
+}

prisma/migrations/20201104091229-renamed-user-form-submissions-name/steps.json

@@ -0,0 +1,17 @@
+{
+  "version": "0.3.14-fixed",
+  "steps": [
+    {
+      "tag": "CreateField",
+      "model": "User",
+      "field": "formSubmissions",
+      "type": "FormSubmission",
+      "arity": "List"
+    },
+    {
+      "tag": "DeleteField",
+      "model": "User",
+      "field": "formsSubmissions"
+    }
+  ]
+}

prisma/migrations/migrate.lock

@@ -3,4 +3,5 @@
 20201006125838-initial-migration
 20201006185953-improved-schema-structure
 20201007134933-fix-optional-values
-20201009145620-add-user-email
+20201009145620-add-user-email
+20201104091229-renamed-user-form-submissions-name

prisma/schema.prisma

@@ -61,8 +61,8 @@ model User {
   email String @unique @default("test@mail.com")
   forms Form[]
 
-  id               Int              @id @default(autoincrement())
-  formsSubmissions FormSubmission[]
+  id              Int              @id @default(autoincrement())
+  formSubmissions FormSubmission[]
 }
 
 model FormSubmission {

src/controllers/auth.ts

@@ -6,12 +6,12 @@ import {
 } from 'apollo-server-express'
 import { PrismaClient } from '@prisma/client'
 
-require('dotenv').config()
-
 import { CheckRightsAndResolve } from './types'
 import { getDBFormAuthor } from '../db'
 import { sendToken } from './mailer'
 
+if (process.env.NODE_ENV === 'development') require('dotenv').config()
+
 const checkRightsAndResolve: CheckRightsAndResolve = async (params) => {
   const { user, expected, controller } = params
 
@@ -35,10 +35,12 @@ const getFormAuthor = async (db: PrismaClient, id: number) => {
 }
 
 const tokenGenerate = (email: string, id: number) => {
-  return jwt.sign({ email, id }, '' + process.env.JWT_SECRET, {
+  const token = jwt.sign({ email, id }, '' + process.env.JWT_SECRET, {
     algorithm: 'HS256',
     expiresIn: '7 days',
   })
+
+  return token
 }
 
 const genAndSendToken = async (

src/controllers/form.ts

@@ -23,12 +23,25 @@ import {
   getDBForm,
   getDBFormsByUser,
   submitDBAnswer,
+  getDBFormToSubmit,
 } from '../db'
+import {
+  validateCreateFormParameters,
+  validateSubmitAnswerParameters,
+} from './validate'
+
+const formatQuestions = (
+  choisesQuestions: (ChoisesQuestion & {
+    variants: Variant[]
+  })[],
+  inputQuestions: InputQuestion[]
+) =>
+  [...choisesQuestions, ...inputQuestions].sort((a, b) => a.number - b.number)
 
 const getForm = async (
   db: PrismaClient,
   id: number,
-  user: { requesterId: number; userId: number }
+  user: { requesterId: number; ownerId: number }
 ): Promise<GraphqlForm> => {
   try {
     const dbForm = await getDBForm(db, id, user)
@@ -39,12 +52,19 @@ const getForm = async (
       author: dbForm.author,
       dateCreated: dbForm.dateCreated.toString(),
       id: dbForm.id,
-      questions: [...dbForm.choisesQuestions, ...dbForm.inputQuestions],
-      submissions: dbForm.submissions.map((submission) => ({
-        answers: submission.answers,
-        date: submission.date.toString(),
-        id: submission.id,
-      })),
+      questions: formatQuestions(
+        dbForm.choisesQuestions,
+        dbForm.inputQuestions
+      ),
+      submissions:
+        user.ownerId == user.requesterId || !(dbForm.submissions.length == 0)
+          ? dbForm.submissions.map((submission) => ({
+              user: submission.user,
+              answers: submission.answers,
+              date: submission.date.toString(),
+              id: submission.id,
+            }))
+          : null,
       title: dbForm.title,
     }
 
@@ -68,6 +88,7 @@ const getForms = async (
       id: form.id,
       questions: [...form.choisesQuestions, ...form.inputQuestions],
       submissions: form.submissions.map((submission) => ({
+        user: submission.user,
         answers: submission.answers,
         date: submission.date.toString(),
         id: submission.id,
@@ -89,6 +110,8 @@ const createFormFrom = async (
   try {
     const parsedQuestions = <UploadedQuestion[]>JSON.parse(params.questions)
 
+    await validateCreateFormParameters(params.title, parsedQuestions)
+
     const newForm: FormConstructor = {
       choisesQuestions: {
         create: parsedQuestions.flatMap<CreateChoises>(
@@ -135,8 +158,21 @@ const submitAnswer = async (
   userId: number
 ): Promise<ServerAnswer> => {
   try {
+    const form = await getDBFormToSubmit(db, formId)
+    if (!form) throw new UserInputError("Can't submit form")
+
+    form.submissions.forEach((submission) => {
+      if (submission.userId === userId)
+        throw new UserInputError("Can't submit same form more than once")
+    })
+
     const parsedAnswers = <DbAnswer[]>JSON.parse(answers)
 
+    await validateSubmitAnswerParameters(
+      parsedAnswers,
+      formatQuestions(form.choisesQuestions, form.inputQuestions)
+    )
+
     const res = await submitDBAnswer(db, userId, formId, parsedAnswers)
 
     if (!res) throw new UserInputError("Can't submit form")
@@ -155,15 +191,16 @@ const formatForms = (
     inputQuestions: InputQuestion[]
     submissions: (Omit<FormSubmission, 'date'> & { date: Date })[]
   })[]
-) =>
-  forms.map((form) => ({
+): GraphqlForm[] =>
+  forms.map<GraphqlForm>((form) => ({
     dateCreated: form.dateCreated.toString(),
     id: form.id,
-    questions: [...form.choisesQuestions, ...form.inputQuestions],
+    questions: formatQuestions(form.choisesQuestions, form.inputQuestions),
     submissions: form.submissions.map((submission) => ({
       answers: submission.answers,
       date: submission.date.toString(),
       id: submission.id,
+      user: submission.user,
     })),
     title: form.title,
   }))

src/controllers/mailer.ts

@@ -1,6 +1,6 @@
 import sgMail from '@sendgrid/mail'
 
-require('dotenv').config()
+if (process.env.NODE_ENV === 'development') require('dotenv').config()
 
 sgMail.setApiKey('' + process.env.SENDGRID_API_KEY)
 

src/controllers/user.ts

@@ -4,6 +4,7 @@ import { MutationRegisterArgs, User } from '../typeDefs/typeDefs.gen'
 import { PrismaClient } from '@prisma/client'
 import { ApolloError, UserInputError } from 'apollo-server-express'
 import { formatForms } from './form'
+import { formSubmitMutation, formsQuery } from 'resolvers/Form'
 
 const createUser = async (
   db: PrismaClient,
@@ -36,9 +37,17 @@ const findUserBy = async (
 
     if (!dbUser) throw new UserInputError('No such user')
 
-    const user = {
+    const user: User = {
       ...dbUser,
       forms: formatForms(dbUser.forms),
+      formSubmissions: dbUser.formSubmissions.map((formSubmission) => ({
+        ...formSubmission,
+        date: formSubmission.date.toString(),
+        form: formSubmission.Form && {
+          ...formSubmission.Form,
+          dateCreated: formSubmission.Form?.dateCreated.toString(),
+        },
+      })),
     }
 
     return user

src/controllers/validate.ts

@@ -0,0 +1,127 @@
+'use strict'
+import { UserInputError } from 'apollo-server-express'
+import { Answer } from '@prisma/client'
+import {
+  UploadedChoisesQuestion,
+  UploadedInputQuestion,
+  UploadedQuestion,
+} from './types'
+import { ChoisesQuestion, InputQuestion, Variant } from 'typeDefs/typeDefs.gen'
+
+const choisesVariants = ['CHECK', 'CHOOSE', 'SELECT']
+
+const validateCreateFormParameters = async (
+  title: string,
+  questions: UploadedQuestion[]
+) => {
+  if (!title)
+    throw new UserInputError("Form title can't be empty", {
+      invalidArgs: ['title'],
+    })
+
+  questions.forEach(
+    (question: UploadedChoisesQuestion | UploadedInputQuestion) => {
+      if (!question.title)
+        throw new UserInputError("Question title can't be empty", {
+          invalidArgs: ['questions'],
+        })
+
+      if ('type' in question) {
+        if (!question.variants || question.variants.length < 1)
+          throw new UserInputError(
+            'Question with choises must have at least one answer variant',
+            { invalidArgs: ['questions'] }
+          )
+
+        question.variants.forEach((variant) => {
+          if (!variant.text || variant.text.length < 1)
+            throw new UserInputError("Choises variant text can't be empty", {
+              invalidArgs: ['questions'],
+            })
+        })
+
+        if (!choisesVariants.includes(question.type))
+          throw new UserInputError(
+            'Question with choises must be of one of supported types',
+            { invalidArgs: ['questions'] }
+          )
+      }
+    }
+  )
+}
+
+const validateSubmitAnswerParameters = async (
+  answers: Answer[],
+  questions: (
+    | (ChoisesQuestion & {
+        variants: Variant[]
+      })
+    | InputQuestion
+  )[]
+) => {
+  questions.forEach((question, questionIndex) => {
+    const answer = answers[questionIndex]
+
+    if (!answer)
+      throw new UserInputError('Every required question must have answer', {
+        invalidArgs: ['answers'],
+      })
+
+    if (!answer.type)
+      throw new UserInputError('Type must be specified for answer', {
+        invalidArgs: ['answers'],
+      })
+
+    if (answer.type !== 'CHOISE' && answer.type !== 'INPUT')
+      throw new UserInputError('Answer must have supported type', {
+        invalidArgs: ['answers'],
+      })
+
+    if (answer.type === 'CHOISE' && !('type' in question))
+      throw new UserInputError(
+        `Answer ${questionIndex + 1} must be of 'INPUT' type`,
+        {
+          invalidArgs: ['answers'],
+        }
+      )
+
+    if (answer.type === 'INPUT' && 'type' in question)
+      throw new UserInputError(
+        `Answer ${questionIndex + 1} must be of 'CHOISE' type`,
+        {
+          invalidArgs: ['answers'],
+        }
+      )
+
+    if (answer.type === 'CHOISE' && answer.userChoise === null)
+      throw new UserInputError(
+        "Question of type 'CHOISE' must have choise number set",
+        {
+          invalidArgs: ['answers'],
+        }
+      )
+
+    if (answer.type === 'INPUT' && answer.userInput === null)
+      throw new UserInputError(
+        "Question of type 'INPUT' must have input string",
+        {
+          invalidArgs: ['answers'],
+        }
+      )
+
+    if (
+      answer.userChoise !== null &&
+      (question as ChoisesQuestion).variants &&
+      answer.userChoise > (question as ChoisesQuestion).variants.length - 1
+    )
+      throw new UserInputError(
+        "Can't have chosen number bigger than amount of variants: " +
+          (question as ChoisesQuestion).variants.length,
+        {
+          invalidArgs: ['answers'],
+        }
+      )
+  })
+}
+
+export { validateCreateFormParameters, validateSubmitAnswerParameters }

src/db/index.ts

@@ -19,10 +19,10 @@ const getDBForm = (
   formId: number,
   {
     requesterId,
-    userId,
+    ownerId: ownerId,
   }: {
     requesterId: number
-    userId: number
+    ownerId: number
   }
 ) =>
   db.form.findOne({
@@ -42,10 +42,11 @@ const getDBForm = (
       inputQuestions: true,
       submissions: {
         include: {
+          user: true,
           answers: true,
         },
         where:
-          requesterId != userId
+          requesterId != ownerId
             ? {
                 user: {
                   id: requesterId,
@@ -77,6 +78,7 @@ const getDBFormsByUser = (db: PrismaClient, id: number) =>
       inputQuestions: true,
       submissions: {
         include: {
+          user: true,
           answers: true,
         },
       },
@@ -126,14 +128,16 @@ const findDBUserBy = (db: PrismaClient, params: IFindUserParams) =>
           inputQuestions: true,
           submissions: {
             include: {
+              user: true,
               answers: true,
             },
           },
         },
       },
-      formsSubmissions: {
+      formSubmissions: {
         include: {
           answers: true,
+          Form: true,
         },
       },
     },
@@ -173,6 +177,26 @@ const submitDBAnswer = (
     },
   })
 
+const getDBFormToSubmit = async (db: PrismaClient, formId: number) =>
+  db.form.findOne({
+    where: {
+      id: formId,
+    },
+    select: {
+      choisesQuestions: {
+        include: {
+          variants: true,
+        },
+      },
+      inputQuestions: true,
+      submissions: {
+        select: {
+          userId: true,
+        },
+      },
+    },
+  })
+
 export {
   createDBForm,
   createDBUser,
@@ -181,4 +205,5 @@ export {
   getDBFormAuthor,
   getDBFormsByUser,
   submitDBAnswer,
+  getDBFormToSubmit,
 }

src/index.ts

@@ -6,7 +6,7 @@ import { ApolloContextType, JwtPayloadType } from './types'
 import { ApolloServer, makeExecutableSchema } from 'apollo-server-express'
 import { PrismaClient } from '@prisma/client'
 
-require('dotenv').config()
+if (process.env.NODE_ENV === 'development') require('dotenv').config()
 
 const app = express()
 
@@ -18,6 +18,14 @@ app.use(
   })
 )
 
+const errorHandler: express.ErrorRequestHandler = (err, _, res, __) => {
+  if (err.name === 'UnauthorizedError') {
+    res.status(401).send('Invalid token')
+  }
+}
+
+app.use(errorHandler)
+
 const db = new PrismaClient()
 
 const server = new ApolloServer({
@@ -43,6 +51,8 @@ const server = new ApolloServer({
 
 server.applyMiddleware({ app })
 
-app.listen(4000, () => {
-  console.log('Server ready at http://localhost:4000')
+const port = process.env.BACKEND_PORT || 4000
+
+app.listen(port, () => {
+  console.log(`Server ready at http://localhost:${port}`)
 })

src/resolvers/Form.ts

@@ -26,8 +26,8 @@ const formQuery: Resolver<Form, {}, ApolloContextType, QueryFormArgs> = async (
   try {
     const ownerId = await getFormAuthor(db, id)
 
-    const getFormById = (userId: number) =>
-      getForm(db, id, { requesterId: userId, userId: ownerId })
+    const getFormById = (requesterId: number) =>
+      getForm(db, id, { requesterId, ownerId })
 
     return await checkRightsAndResolve({
       controller: getFormById,
@@ -74,7 +74,10 @@ const createFormMutation: Resolver<
 > = async (_, params, { db, user }) => {
   const createNewForm = (id: number) => createFormFrom(db, params, id)
 
-  return await checkRightsAndResolve({
+  return await checkRightsAndResolve<
+    ServerAnswer,
+    (id: number) => Promise<ServerAnswer>
+  >({
     controller: createNewForm,
     expected: {
       id: 0,
@@ -92,7 +95,10 @@ const formSubmitMutation: Resolver<
 > = async (_, params, { db, user }) => {
   const submitNewAnswer = (userId: number) => submitAnswer(db, params, userId)
 
-  return await checkRightsAndResolve({
+  return await checkRightsAndResolve<
+    ServerAnswer,
+    (userId: number) => Promise<ServerAnswer>
+  >({
     controller: submitNewAnswer,
     expected: {
       id: 0,

src/resolvers/User.ts

@@ -23,7 +23,7 @@ const loginMutation: Resolver<
   try {
     const user = await findUserBy(db, { email })
 
-    if (user instanceof Error) throw user // Needed to a strange error
+    if (user instanceof Error) throw user // Needed to fix a strange error
 
     await genAndSendToken(email, user)
 
@@ -42,7 +42,7 @@ const registerMutation: Resolver<
   try {
     const user = await createUser(db, { email, name })
 
-    if (user instanceof Error) throw user // Needed to a strange error
+    if (user instanceof Error) throw user // Needed to fix a strange error
 
     await genAndSendToken(email, user)
 

src/typeDefs/typeDefs.gql

@@ -15,7 +15,7 @@ type Form {
   author: User
   dateCreated: String!
   id: Int!
-  questions: [Question!]!
+  questions: [Question!]
   submissions: [FormSubmission!]
   title: String!
 }
@@ -42,9 +42,11 @@ type InputQuestion implements Question {
 }
 
 type FormSubmission {
+  user: User
   answers: [Answer!]!
   date: String!
   id: Int!
+  form: Form
 }
 
 interface Answer {
@@ -77,6 +79,7 @@ type User {
   forms: [Form!]
   id: Int!
   name: String!
+  formSubmissions: [FormSubmission!]
 }
 
 type serverAnswer {

tsconfig.json

@@ -4,7 +4,7 @@
     "module": "CommonJS" /* Specify module code generation: 'none', 'commonjs', 'amd', 'system', 'umd', 'es2015', 'es2020', or 'ESNext'. */,
     "strict": true /* Enable all strict type-checking options. */,
     "outDir": "dist",
-    "noImplicitAny": true,
+    "noImplicitAny": false,
     "moduleResolution": "Node",
     "baseUrl": "src",
     "incremental": true,