rohit/spurrin-backend
1
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ntfs, msg

Browse Source
This commit is contained in:
Ubuntu 2025-08-04 13:55:45 +05:30
parent 1362dd52be
commit b0325d4860
2 changed files with 152 additions and 152 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/controllers/hospitalController.js
View File

@ -1573,7 +1573,7 @@ exports.updatePublicSignup = async (req, res) => {
console.log("req user-----", req.user)
// Check if user has permission
if (!["Spurrinadmin", "Superadmin", 7, 6].includes(req.user.role)) {
if (!["Spurrinadmin", "Superadmin","Admin", 7, 6,8].includes(req.user.role)) {
return res.status(403).json({
error: "You are not authorized to update public signup settings"
});

64
src/services/secondaryWebsocket.js
View File

@ -8,8 +8,8 @@ const db = require("../config/database");
const base_url = "https://backend.spurrinai.com";
const server = https.createServer({
cert: fs.readFileSync("/home/ubuntu/spurrin-cleaned-node/certificates/fullchain.pem"),
key: fs.readFileSync("/home/ubuntu/spurrin-cleaned-node/certificates/privkey.pem")
cert: fs.readFileSync("/home/ubuntu/spurrin-backend/certificates/fullchain.pem"),
key: fs.readFileSync("/home/ubuntu/spurrin-backend/certificates/privkey.pem")
});
const wss = new WebSocket.Server({ server, perMessageDeflate: false });
@ -187,7 +187,7 @@ wss.on("connection", (ws) => {
const decoded = jwt.verify(data.token, process.env.JWT_ACCESS_TOKEN_SECRET);
// Only hospital users (role 7, 8, or 9) are allowed
if (!["Superadmin","Admin",7, 8].includes(decoded.role)) {
if (!["Superadmin", "Admin", 7, 8].includes(decoded.role)) {
emitEvent("get-app-user-byhospital-feedback", { error: "Unauthorized access" }, ws.userId);
return;
}
@ -329,7 +329,7 @@ wss.on("connection", (ws) => {
emitEvent("app-usersby-hospitalid", { error: error.message }, ws.userId);
}
}
if (data.event === "get-signup-notifications") {
if (data.event === "get-signup-notifications") {
if (!data.token) {
emitEvent("get-signup-notifications", { error: "Token missing" }, ws.userId);
@ -348,7 +348,7 @@ if (data.event === "get-signup-notifications") {
// Fetch hospital_code from the DB
const result = await db.query(
"SELECT hospital_code FROM hospitals WHERE id = ?",
"SELECT hospital_code FROM hospital_users WHERE id = ?",
[decoded.id]
);
@ -362,7 +362,7 @@ if (data.event === "get-signup-notifications") {
// Fetch signup notifications
const notifications = await db.query(
"SELECT * FROM hospitals WHERE hospital_code = ? AND checked = 0",
"SELECT * FROM app_users WHERE hospital_code = ? AND checked = 0",
[hospital_code]
);
@ -375,19 +375,19 @@ if (data.event === "get-signup-notifications") {
console.error("Error fetching signup notifications:", error);
emitEvent("get-signup-notifications", { error: error.message }, ws.userId);
}
}
}
if(data.event === "get-app-queries"){
if (data.event === "get-app-queries") {
if (!data.token || (!data.hospital_code || !data.app_user_id) ) {
if (!data.token || (!data.hospital_code || !data.app_user_id)) {
emitEvent("get-app-queries", { error: "Token missing or hospital_code or app_user_id missing" }, ws.userId);
return;
}
try {
const decoded = jwt.verify(data.token, process.env.JWT_ACCESS_TOKEN_SECRET);
const allowedRoles = ['Admin','Superadmin',8,7];
const allowedRoles = ['Admin', 'Superadmin', 8, 7];
// Role-based access check
if (!allowedRoles.includes(decoded.role)) {
@ -401,16 +401,16 @@ if (data.event === "get-signup-notifications") {
let interaction_logs;
// Fetch notifications of new signup
if(data.hospital_code.length == 0){
if (data.hospital_code.length == 0) {
interaction_logs = await db.query(
"SELECT * FROM interaction_logs WHERE app_user_id = ?",
[data.app_user_id]
);
}
else if(data.app_user_id.length == 0){
else if (data.app_user_id.length == 0) {
interaction_logs = await db.query(
"SELECT * FROM interaction_logs WHERE app_user_id = ?",
[ data.app_user_id]
[data.app_user_id]
);
}
@ -441,11 +441,11 @@ if (data.event === "get-signup-notifications") {
return;
}
console.log("decoded token ----",decoded)
console.log("decoded token ----", decoded)
// Fetch hospital_code from hospitals table
const result = await db.query(
"SELECT hospital_code FROM hospitals WHERE id = ?",
"SELECT hospital_code FROM hospital_users WHERE id = ?",
[decoded.id]
);
@ -458,7 +458,7 @@ if (data.event === "get-signup-notifications") {
// Fetch notifications of new signups
const notifications = await db.query(
"SELECT * FROM hospitals WHERE hospital_code = ? AND checked = 0",
"SELECT * FROM app_users WHERE hospital_code = ? AND checked = 0",
[hospital_code]
);
@ -470,8 +470,7 @@ if (data.event === "get-signup-notifications") {
} catch (error) {
emitEvent("get-signup-notifications", { error: error.message }, ws.userId);
}
}
}
@ -488,20 +487,21 @@ if (data.event === "get-signup-notifications") {
});
});
// function emitEvent(event, data, userId = null) {
// if (userId && userSockets.has(userId)) {
// const client = userSockets.get(userId);
// if (client.readyState === WebSocket.OPEN) {
// client.send(JSON.stringify({ event, data }));
// }
// } else {
// wss.clients.forEach((client) => {
// if (client.readyState === WebSocket.OPEN) {
// client.send(JSON.stringify({ event, data }));
// }
// });
// }
// }
// Add this function before the server.listen() call
function emitEvent(event, data, userId = null) {
if (userId && userSockets.has(userId)) {
const client = userSockets.get(userId);
if (client.readyState === WebSocket.OPEN) {
client.send(JSON.stringify({ event, data }));
}
} else {
wss.clients.forEach((client) => {
if (client.readyState === WebSocket.OPEN) {
client.send(JSON.stringify({ event, data }));
}
});
}
}
server.listen(40520, () => {
console.log("📡 Secure WebSocket server listening on wss://backend.spurrinai.com:40520");