Refactoring & bug-fixes (#18)

* Bug-fix

* Added Copy to Clipboard functionality.

* Updated schema

* Refactoring

* Updated schema

added attribute „published“ to comments, if review is still in progress

* Updated queries

* Adopted comments in apiControllers

* Renamed admin into member-client

(will also be done for user-client)

* Adopted commentControllers and service in user-client

* fixed portugese document generation

* Added German and Portuguese Project Descriptions to Review Page
Added missing Concerns to Review Page
Improved Layout

* Updated setup.js

added config.js support

* Renamed user in user-client

* Updated schema

renamed Reviews to Reviewers

* Updated queries

* Updated apiControllers

regarding renamed reviewers

* Updated templates in user-client

added „general_comment“ and „reviewer(s)“ to submission-view

* Updated schema

Added attribute „updated“ to Revisions to show the submitted timestamp
inside the user-/admin-clients

* Updated queries

* Updated templates

* Added missing fields in accountEditController

* Refactoring

- integrated navController inside mainController
- fixed promises in documentDetailsController
- fixed editDocument-template

* Changes

* Added Authorization to apiControllers

- updated apiControllers
- updated routes
- updated queries

* Bug-fixes

* Fixes

* Started admin-client implementation

* Fixed queries & apiControllers

* Added services, templates and controllers to member-client

(still in progress)

* fixed new user creation.

* added missing English translations.
refactored all text on site into languages.js

* Fixed document Creation.
Fixed infinite loading screen after User Creation.

* Changes

* Changes

* Changes

* Changes

* Changes

* Fixed registration & sign-up in user-client

* Changes

* Changes

* Updated queries and apiController

with authorization

* Updated queries and apiControllers

for filtering documents by user or course

* Implemented controllers and services in admin-client

(still in progress)

* fixed wrong symbols.

* Added missing English Translations.

* Improved Layout.

* Altered Login-Message on Member client.

* Changes

* Changes

* Changes

* Added missing translations

* Changes

* Updated schema

- Renamed „Research_Groups“ as „Working_Groups“ (for better name
convention, regarding non-research-groups, like the webteam)
- Renamed „deleted“ as „former“ in Members, Institutes, Working_Groups
- Renamed „deleted“ as „blocked“ in Users
- Set „university_id“, „institute_id“, „working_group_id“ as real
reference keys in Members and Users

* Renaming research_groups as working_groups

* Changes

* Fixed queries

* Cleaned up repository

deleted old admin-client

* Updated schema

* Fixed queries

(updating apiControllers is still in progress)

* Fixed apiControllers

* Fixed templates and controllers in user-client

* Added reviewController and updated templates in admin-client

(still in progress)

* Template improvements

* Updated queries, apiControllers and routes

* Implemented reviewController

(still in progress)

* Translations

* Implemented reviewController & apiControllers

(reviewing is finally working, but some parts are still in progress)

* Added missing controllers in admin-client & template improvements

(still in progress)

* Fixed and added missing apiControllers

(still in progress)

* Template and controller improvements

(still not finished)

* removed 'Signature of Participant' from  Statement of Researcher

* Updated dependencies

* Improvements for createCourseController and template

(adding responsibilities is still in progress)

* Code-cleaning

* Template improvements

* Fixed filtering for documents

With this fix, documents will be always filter by the institute, the
institute_id is given by the authenticated member, so that documents of
other institutes can not be seen and reviewed

* Fixed queries

* Template improvements

* Typo-fix

* Fixed Authorization for admins

* Fixed apiControllers and queries

Users, members and courses will be filtered by the institute, which the
authenticated member belongs to

* Template and controller improvements

* Fixed document in navbar

* Caching filter settings

* Code-cleaning

* Added missing controllers and templates in member-client

* Template improvements in member-client

* Template improvements in member-client

* Added Introduction to App to UC.

* fixed constraints in SQL Schema.

* Refactored group_id to working_group_id in API controller.

* Added Delete Functionality for Universities, Institutes, WorkingGroups.
- Added controllers
- Added Templates
- Activated routes
- Activated in index.html

* Template improvements

* Added warning-boxes before deleting administrative entries

* Implemented pagination for documents

* Updated languages

* Template improvements

* Fixes

* Added missing English Translations.
fixed typo in Template

* fixed typo.
Added link to User-Client on login Page of MC

* Added automatic refresh for documents

in documentListController

* Updated queries and apiControllers

for creating and editing Courses and their corresponding
Responsibilities

* Typo-fixes

* Implemented create- and editCourseController in member-client

* Updated services in member-client

* Updated translations and templates

* Typo-fixes

* Typo-fixes

* Updated queries for application-wide paginations

* Updated apiControllers

(still in progress)

* Implemented application-wide paginations

(universityDetailsController and instituteDetailsController are
temporary not fully working, will be fixed soon, after the server-side
implementation)

* Changes

* Added createUniversity Functionality.

* Fixes

* bugfixes.

* Added editUniversity Functionality.

* Fixed queries and apiControllers

* Fixed related institutes of a university

in the member-client

* Changes

* Implemented missing apiControllers

* Typo-fixes

* Updated queries and apiControllers

* Improvements for services, controllers and templates

in member- and user-client

* Typo-fix

* Typo-fixes

* Added manual

* Template improvements

* Added createInstitute Functionality.

* fixed typo.

* Added createWorkingGroup Functionality.

* added Edit Functionality for Institutes and Working Groups.
Fixed API Controller for institutes.put.

* Typo-fixes

* Updated queries and apiControllers

* Added pagination for members in user-client

* Fixed apiController

* Updated translations

* Updated languages and templates

* Changes

* Updated languages and templates

* Updated languages and templates

* Updated languages and templates

* Updated languages and templates

* Updated queries and apiControllers

* Updated apiControllers

* Template improvements

* Updated schema

* Implemented documentDeleteController in member-client

* Implemented documentFilesController in member-client

* Implemented userCreate- & userEditController in member-client

* Updated email-templates

* Added ngCloak to the user- and member-client

* Improved email-templates

(still in progress)

* Improved and added new email-templates

* Updated apiControllers

revised controllers and added email-support

* Added FAQ, Troubleshooting, Contact.

* bugfixes.

* bugfix.

* Added missing translations.

* Fixed typos.
Uncommented Test Placeholders.
Added final Submit Warning.

* Updated apiControllers & fixed queries

* Updated languages

* Improved & fixed email-templates

* Changes

* Changes

* Updated queries and apiControllers

* Implemented memberCreate- & memberEditController in member-client

(editAccountController in member-client is still in progress)

* Typo-fixes

* Implemented accountEditController in member-client

* Bug-fixes

* Implemented server-side sorting

updated queries & apiControllers

* Fixed queries and apiControllers

* Added sorting in all templates of the member-client

* Added information before overwriting a review

* Fixed queries

* Updated services

* Fixed queries

* Added sorting and pagination to detailsController in member-client

* Updated defaults.sql.sample and examples.sql.sample

* Implemented login by document in member-client

* Improved templates

- Added info-fields to document edit template in user-client
- Added info-field to document review template

* Fixes

* Implemented recovery and reset password controllers

in API and member-client

* Fixed JWTs

* Improved templates in user-client

* Template improvements

* Updated schema

Added new relation „Notes“

* Implemented apiControllers for notes

and updated queries and other apiControllers

* Implemented notes in member-client

for auto-saving working-notes

* Added missing apiController

to retrieve a course by document

* Added editSettingsController for a document in member-client

(still in progress)

* Improved templates

* Updated queries

* Updated languages

* Updated schema

Added „secret“ attribute members to setup one administrator, which can
not be deleted

* Updated queries and apiController

to filter documents also with/without a course

* Improved templates

* Updated queries and apiController

to filter all accepted by review and auto accepted documents

* Added reviseController in user-client

* Removed hard-coded port

* Typo-fixes in services

* Implemented editSettingsController in member-client

* Added server-port

* Fixed queries and apiControllers

Improved the filtering by an attribute for 3 cases: attribute is „true“
or „false“ or „both“ (=when the boolean is „undefined“)

* Fixed services and controllers

- renamed global „filter“ to „cached_filter“, as well as corresponding
functions, „getFilter“ and „setFilter“ to „getCachedFilter“,
„setCachedFilter“ to different the global filters setting from the
local filters
- fixed filtering by former/blocked attribute

* Improved templates

* Typo-fixes

* Fixed createDocumentController in user-client

* Fixed apiControllers

* Fixes for connecting a document to a course

* Fixed controllers and improved templates

* Fixed queries and apiController

* Fixed controllers and templates in member- and user-client

- Updated local filters to retrieve the correct list of
dropdown-options (without „former“, „blocked“ status in
createControllers - with „former“, „blocked“ status in editControllers)
- Fixed autocompletes in templates

* Implemented full text search for documents in member-client #15

* Cleaned up repository

* Updated services

for full text search

* Fixed queries

* Typo-fixes

* Implemented full text search for universities, institutes & workingGroups in member-client #15

* Implemented full text search for courses in member-client #15

* Implemented full text search for members in member-client #15

* Implemented full text search for users in member-client #15

* Improved templates and controllers

* Bug-fixes

Fixed bug in dropdowns, caused by options, which have been set in the
meantime to former

* Improved MC Manual.

* fixed.

* Updated queries and apiController

* Template improvements

* Implemented reviseController in user-client

(still in progress)

* Implemented reviseController in user-client

* Added translations

* Changes

* Updated README

* Update README.md

* Bug-fix in apiController

* fixed typos.
rephrased to proper English.

* - Fixed the missing translation on submit page.
- Moved the "Start Review"/"Open Review" Buttons to top of the page
- Added subtitles to Files at download (provided by fhillen)

* updated showfiles template.

* fixed typo.

* Template improvements

* Updated language.js

* Updated config.js

* Bug-fixes and refactoring

- deleted config.js and replaced it with an .env-file, following the
dotenv-guidline
- Code-cleaning
- bug-fixes in email-templates and notifications

Author: nicho90

.env.sample

@@ -0,0 +1,21 @@
+NODE_ENV='development'
+SERVER_URL='http://localhost'
+SERVER_PORT=5000
+HTTP_PORT=5000
+HTTPS_PORT=5443
+POSTGRES_HOST='localhost'
+POSTGRES_PORT=5432
+POSTGRES_DB_NAME='ethics-app'
+POSTGRES_USERNAME='username'
+POSTGRES_PASSWORD='password'
+POSTGRES_SSL=false
+DEFAULTS=true
+EXAMPLES=false
+SENDER_NAME='Ethics-App'
+SENDER_EMAIL_ADDRESS='ifgi-ethics@uni-muenster.de'
+SMTP_HOST='smtp.gmail.com'
+SMTP_PORT=465
+SMTP_SSL=true
+SMTP_EMAIL_ADDRESS='example@gmail.com'
+SMTP_PASSWORD='password'
+JWTSECRET='secret'

.gitignore

@@ -2,7 +2,7 @@ node_modules/*
 ssl/*
 public/bower_components/*
 public/files/temp/*
-.DS_Store
-/config.js
 sql/schema/examples.sql
 sql/schema/defaults.sql
+.env
+.DS_Store

README.md

@@ -116,22 +116,24 @@ CREATE DATABASE ethics-app;
 node setup.js
 ```
 
-* Before you execute the `setup.js`, please make sure, that you have already created the  `/sql/schema/defaults.sql` file or follow the instructions of [1.4.](#default-values) first. Check also if you have already created the `config.js` file or provide the following **NODE ENVIRONMENT VARIABLES** before you run the script:
+* Before you execute the `setup.js`, please make sure, that you have already created the  `/sql/schema/defaults.sql` file or follow the instructions of [1.4.](#default-values) first. Check also if you have already created the `.env` file or provide the following **NODE ENVIRONMENT VARIABLES** before you run the script:
     * `POSTGRES_HOST`: Postgres host address (default: `localhost`)
     * `POSTGRES_PORT`: Postgres port number (default: `5432`)
     * `POSTGRES_DB_NAME`: Postgres database name (default: `ethics-app`)
     * `POSTGRES_USERNAME`: Postgres username (default: `admin `)
     * `POSTGRES_PASSWORD`: Postgres password (default: `admin`)
     * `POSTGRES_SSL`: Postgres ssl connection (default: `false`)
+    * `DEFAULTS`: Load default entries for the database with the file `sql/schema/defaults.sql` (see [1.4.](#default-values) for reference) (default: `false`)
+    * `EXAMPLES`: Load example entries for the database with the file`sql/schema/examples.sql` (see [1.5.](#example-values) for reference) (default: `false`)
 
-* If you are using NODE ENVIRONMENT VARIABLES, instead of the `config.js`, then start the script with the following command:
+* If you are using NODE ENVIRONMENT VARIABLES, instead of the `.env`, then start the script with the following command:
 
 ```
 # Linux & macOS
-node setup.js
+DEFAULTS=true node setup.js
 
 # Windows
-set node setup.js
+set DEFAULTS=true node setup.js
 ```
 
 ##### 1.4. Default values (administrator account)
@@ -143,6 +145,7 @@ cp defaults.sql.sample defaults.sql
 ```
 
 * Next create inside the `/sql/schema/defaults.sql` file an overall administrator account. This account needs to be `secret`, which will be hidden from the view of the users. The secret administrator is NOT a part of the Ethics committee and only there for hosting and administrating the app. There can be more administrators, if it is required, but it is recommended to split administrators from committee members. Administrators have full access to all data inside the application, which is critical, when entries, like universities, institutes, working groups, members and users would be deleted. Please checkout the upper database schema to get a full overview about all required attributes and dependencies.
+* Don't forget to update the settings `DEFAULTS=true` inside the `.env`.
 
 ##### 1.5. Example values
 
@@ -152,6 +155,8 @@ cp defaults.sql.sample defaults.sql
 cp examples.sql.sample examples.sql
 ```
 
+* Don't forget to update the settings `EXAMPLES=true` inside the `.env`!
+
 ### 2. Ethics-app
 
 ##### 2.1. Git/GitHub
@@ -199,15 +204,15 @@ bower install
 sudo bower install --allow-root
 ```
 
-##### 2.3. Node-server configuration
+##### 2.3. Server configuration
 
 Execute the following command inside our local repository-folder:
 
 ```
-cp config.js.sample config.js
+cp .env.sample .env
 ```
 
-Open the `config.js` with your preferred text editor and configure the app appropiately for your host-server.
+Open the `.env` with your preferred text editor and configure the app appropriately for your host-server.
 
 
 ##### 2.4 Host-server configuration
@@ -246,7 +251,7 @@ Open the `config.js` with your preferred text editor and configure the app appro
 node server.js
 ```
 
-* Before you start the server, please create a `config.js` file or start the websever with the following **NODE ENVIRONMENT VARIABLES**:
+* Before you start the server, please create a `.env` file or start the websever with the following **NODE ENVIRONMENT VARIABLES**:
     * `NODE_ENV`: server environment (default: `development`, option: `production`, which uses https with a certificate)
     * `SERVER_URL`: url/domain of the host-server (default: `http://ethics-app.uni-muenster.de`)
     * `SERVER_PORT`: port number of the host-server (default: `80`)
@@ -258,7 +263,8 @@ node server.js
     * `POSTGRES_USERNAME`: Postgres username (default: `admin `)
     * `POSTGRES_PASSWORD`: Postgres password (default: `admin`)
     * `POSTGRES_SSL`: Postgres ssl connection (default: `false`)
-    * `FROM`: Email-address for users to reply, if they have question (default: `ifgi-ethics@uni-muenster.de`)
+    * `SENDER_NAME`: Name of the sender for Emails (default: `Ethics-App`)
+    * `SENDER_EMAIL_ADDRESS`: Email-address of the sender, so users can reply to it, if they have question (default: `ifgi-ethics@uni-muenster.de`)
     * `SMTP_HOST`: SMTP host address (default: `smtp.gmail.com`)
     * `SMTP_PORT`: SMTP port number (default: `465`)
     * `SMTP_SSL`: SMTP ssl connection (default: `true`)
@@ -268,7 +274,7 @@ node server.js
 
 * If you want to run the application, you need to specify the `SMTP_EMAIL_ADDRESS` and `SMTP_PASSWORD`, otherwise no Emails with the document-IDs can be sent.
 
-* If you are using NODE ENVIRONMENT VARIABLES instead of the `config.js`, then start the script with the following command:
+* If you are using NODE ENVIRONMENT VARIABLES instead of the `.env`, then start the script with the following command:
 
 ```
 # Linux & macOS

config.js.sample

@@ -6,8 +6,6 @@ types.setTypeParser(1700, 'text', parseFloat);
 var _ = require('underscore');
 var jwt = require('jsonwebtoken');
 var pool = require('../../server.js').pool;
-var server_url = require('../../server.js').server_url;
-var jwtSecret = require('../../server.js').jwtSecret;
 
 var fs = require("fs");
 var dir = "/../../sql/queries/comments/";
@@ -35,7 +33,7 @@ exports.request = function(req, res) {
                 var token = req.headers.authorization.substring(7);
 
                 // Verify token
-                jwt.verify(token, jwtSecret, function(err, decoded) {
+                jwt.verify(token, process.env.JWTSECRET, function(err, decoded) {
                     if(err){
                         callback(new Error("Authorization failed"), 401);
                     } else {

controllers/comments/put.js

@@ -26,10 +26,6 @@ exports.request = function(req, res) {
                 }
             });
         },
-        function(client, done, callback) {
-            // TODO: Authentication
-            callback(null, client, done);
-        },
         function(client, done, callback) {
             // Database query
             client.query(query_get_concern, [

controllers/concerns/put.js

@@ -6,8 +6,6 @@ types.setTypeParser(1700, 'text', parseFloat);
 var _ = require('underscore');
 var jwt = require('jsonwebtoken');
 var pool = require('../../server.js').pool;
-var server_url = require('../../server.js').server_url;
-var jwtSecret = require('../../server.js').jwtSecret;
 
 var fs = require("fs");
 var dir = "/../../sql/queries/courses/";
@@ -35,7 +33,7 @@ exports.request = function(req, res) {
                 var token = req.headers.authorization.substring(7);
 
                 // Verify token
-                jwt.verify(token, jwtSecret, function(err, decoded) {
+                jwt.verify(token, process.env.JWTSECRET, function(err, decoded) {
                     if(err){
                         callback(new Error("Authorization failed"), 401);
                     } else {

controllers/courses/delete.js

@@ -6,8 +6,6 @@ types.setTypeParser(1700, 'text', parseFloat);
 var _ = require('underscore');
 var jwt = require('jsonwebtoken');
 var pool = require('../../server.js').pool;
-var server_url = require('../../server.js').server_url;
-var jwtSecret = require('../../server.js').jwtSecret;
 
 var fs = require("fs");
 var dir_1 = "/../../sql/queries/documents/";
@@ -36,7 +34,7 @@ exports.request = function(req, res) {
                 var token = req.headers.authorization.substring(7);
 
                 // Verify token
-                jwt.verify(token, jwtSecret, function(err, decoded) {
+                jwt.verify(token, process.env.JWTSECRET, function(err, decoded) {
                     if(err){
                         callback(new Error("Authorization failed"), 401);
                     } else {

controllers/courses/get_by_document.js

@@ -6,8 +6,6 @@ types.setTypeParser(1700, 'text', parseFloat);
 var _ = require('underscore');
 var jwt = require('jsonwebtoken');
 var pool = require('../../server.js').pool;
-var server_url = require('../../server.js').server_url;
-var jwtSecret = require('../../server.js').jwtSecret;
 
 var fs = require("fs");
 var dir_1 = "/../../sql/queries/members/";
@@ -37,7 +35,7 @@ exports.request = function(req, res) {
                 var token = req.headers.authorization.substring(7);
 
                 // Verify token
-                jwt.verify(token, jwtSecret, function(err, decoded) {
+                jwt.verify(token, process.env.JWTSECRET, function(err, decoded) {
                     if(err){
                         callback(new Error("Authorization failed"), 401);
                     } else {

controllers/courses/list.js

@@ -4,10 +4,7 @@ var pg = require('pg');
 var types = require('pg').types;
 types.setTypeParser(1700, 'text', parseFloat);
 var _ = require('underscore');
-var jwt = require('jsonwebtoken');
 var pool = require('../../server.js').pool;
-var server_url = require('../../server.js').server_url;
-var jwtSecret = require('../../server.js').jwtSecret;
 
 var fs = require("fs");
 var dir_1 = "/../../sql/queries/institutes/";