2017-10-21 21:10:33 -04:00
|
|
|
"use strict";
|
|
|
|
|
|
2017-10-14 23:31:44 -04:00
|
|
|
const express = require('express');
|
|
|
|
|
const router = express.Router();
|
2017-10-15 19:47:05 -04:00
|
|
|
const sql = require('../../services/sql');
|
|
|
|
|
const audit_category = require('../../services/audit_category');
|
|
|
|
|
const auth = require('../../services/auth');
|
2017-10-14 23:31:44 -04:00
|
|
|
|
|
|
|
|
const ALLOWED_OPTIONS = ['encryption_session_timeout', 'history_snapshot_time_interval'];
|
|
|
|
|
|
2017-10-15 16:32:49 -04:00
|
|
|
router.get('/', auth.checkApiAuth, async (req, res, next) => {
|
2017-10-14 23:31:44 -04:00
|
|
|
const dict = {};
|
|
|
|
|
|
|
|
|
|
const settings = await sql.getResults("SELECT opt_name, opt_value FROM options WHERE opt_name IN ("
|
|
|
|
|
+ ALLOWED_OPTIONS.map(x => '?').join(",") + ")", ALLOWED_OPTIONS);
|
|
|
|
|
|
|
|
|
|
for (const set of settings) {
|
|
|
|
|
dict[set['opt_name']] = set['opt_value'];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
res.send(dict);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
router.post('/', async (req, res, next) => {
|
2017-10-24 22:58:59 -04:00
|
|
|
const body = req.body;
|
2017-10-14 23:31:44 -04:00
|
|
|
|
|
|
|
|
if (ALLOWED_OPTIONS.includes(body['name'])) {
|
|
|
|
|
const optionName = await sql.getOption(body['name']);
|
|
|
|
|
|
2017-10-29 18:50:28 -04:00
|
|
|
await sql.doInTransaction(async () => {
|
|
|
|
|
await sql.addAudit(audit_category.SETTINGS, req, null, optionName, body['value'], body['name']);
|
2017-10-14 23:31:44 -04:00
|
|
|
|
2017-10-29 18:50:28 -04:00
|
|
|
await sql.setOption(body['name'], body['value']);
|
|
|
|
|
});
|
2017-10-14 23:31:44 -04:00
|
|
|
|
|
|
|
|
res.send({});
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
res.send("not allowed option to set");
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
module.exports = router;
|
