This is a full stack document management system, complete with roles and privileges . Each document defines access rights; the document defines which roles can access it. Also, each document specifies the date it was published. Users are categorized by roles.

1. Authentication

• It uses JWT for authentication.
• It generates and returns a token on successful login or creation of a user.
• It verifies the token on every request to authenticated endpoints.

2. Users

• It allows creation of new users.
• It ensures no other user can be assigned the admin role (there is only one admin)
• It sets a newly created user's role category to regular by default if a valid role is not specified.
• It allows created user to edit/update their information.
• Only the admin user can update/edit other users information.
• All registered users can be retrieved by the admin user or other registered users (it doesn't return sensitive information of the users retrieved).

3. Roles

• It ensures that created users have a role defined (default role is regular).
• It ensures new roles can be created, updated and deleted by only the admin user.
• It allows only the admin user carry out CRUD operations on the roles.

4. Documents

• It allows new documents to be created/saved by users.
• It ensures all documents have an access type defined (default access type is public).
• It allows only admin users retrieve all documents regardless of the document required access type.
• It ensures private access typed documents can only be retrieved by their owners, public access typed documents can be retrieved by all users and role access typed documents can be retrieved by ONLY users with the same role level as the document owner.
• It ensures only authenticated users can delete, edit and update documents they own and users cannot delete documents they do not own (with the exception of the admin).

1. Create User

• Request
  • Endpoint - post: /api/users
  • Body - application/json

  {
    "firstName": "Unique User",
    "lastName": "lastname",
    "email": "[email protected]",
    "password": "password"
  }

• Response
  • Status - 201
  • Body - application/json

  {
    "id": 5,
    "roleId": 2,
    "email": "[email protected]",
    "firstName": "firstname",
    "lastName": "lastname",
    "createdAt": "2017-03-08T18:13:42.019Z",
    "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9"
  }

2. User Log In

• Request
  • Endpoint - post: /api/users/login
  • Body - application/json

  {
    "email": "[email protected]",
    "password": "password"
  }

• Response
  • Status - 200
  • Body - application/json

  {
    "id": 5,
    "roleId": 2,
    "email": "[email protected]",
    "firstName": "firstname",
    "lastName": "lastname",
    "createdAt": "2017-03-08T18:13:42.019Z",
    "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9"
  }

3. User Log out

• Request

  • Endpoint - post: /api/users/logout
  • Header - x-access-token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9

• Response

  • Status - 200
  • Body - application/json

  {
    "message": "Successfully logged out"
  }

4. Get users

• Request

  • Endpoint - get: /api/users
  • Header - x-access-token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9

• Response

  • Status - 200
  • Body - application/json

  {
    [
      {
        "id": 5,
        "email": "[email protected]",
        "firstName": "firstname",
        "lastName": "lastname",
        "createdAt": "2017-03-08T18:13:42.019Z"
      },
      {
        "id": 4,
        "email": "[email protected]",
        "firstName": "test",
        "lastName": "user",
        "createdAt": "2017-03-08T16:02:50.822Z"
      },
      {
        "id": 3,
        "email": "[email protected]",
        "firstName": "test2",
        "lastName": "user2",
        "createdAt": "2017-03-08T15:46:08.499Z"
      }
    ]
  }

1. Create Document

• Request
  • Endpoint - post: /api/documents
  • Header - x-access-token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9
  • Body - application/json

  {
    "title": "Sample Title",
    "content": "Sample content",
    "access": "public"
  }

• Response
  • Status - 201
  • Body - application/json

  {
    "id": 14,
    "title": "Sample Title",
    "content": "Sample Content",
    "ownerId": 1,
    "access": "public",
    "createdAt": "2017-03-08T18:29:02.187Z"
  }

2. Get Documents

• Request
  • Endpoint - get: /api/documents
  • Body - application/json
  • Header - x-access-token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9
• Response
  • Status - 200
  • Body - application/json

    [
      {
        "id": 14,
        "ownerId": 1,
        "access": "public",
        "title": "Sample Title",
        "content": "Sample Content",
        "createdAt": "2017-03-08T18:29:02.187Z"
      },
      {
        "id": 13,
        "ownerId": 1,
        "access": "public",
        "title": "the titles",
        "content": "the contents again and again",
        "createdAt": "2017-03-08T17:19:20.629Z"
      },
      {
        "id": 12,
        "ownerId": 4,
        "access": "private",
        "title": "rerererr",
        "content": "theh re",
        "createdAt": "2017-03-08T16:05:48.160Z"
      },
      {
        "id": 4,
        "ownerId": 2,
        "access": "public",
        "title": "Test Document 4",
        "content": "Test Document 4",
        "createdAt": "2017-03-08T15:46:08.509Z"
      }
    ]

3. Delete Document

• Request

  • Endpoint - delete: /api/documents/14
  • Header- x-access-token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9

• Response

  • Status - 200
  • Body - application/json

  {
    "message": "Successfully Deleted"
  }

4. Update Document

• Request
  • Endpoint - put: /api/documents/14
  • Header- x-access-token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9
• Response
  • Status - 200
  • body - application/json

  {
      "message": "Document Updated"
  }

1. Create Role

• Request
  • Endpoint - post: /api/roles
  • Header - x-access-token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9
  • Body - application/json

  {
    "title": "guest"
  }

• Response
  • Status - 201
  • Body - application/json

  {
      "id": 3,
      "title": "guest"
  }

2. Get Roles

• Request
  • Endpoint - get: /api/roles
  • Body - application/json
  • Header - x-access-token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9
• Response
  • Status - 200
  • Body - application/json

    [
      {
        "id": 2,
        "title": "Sample Title",
        "createdAt": "2017-03-08T18:38:22.308Z"
      },
      {
        "id": 1,
        "title": "regular",
        "createdAt": "2017-03-08T15:46:08.245Z"
      }
    ]

3. Delete Role

• Request
  • Endpoint - delete: /api/roles/3
  • Header- x-access-token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9
• Response
  • Status - 200
  • Body - application/json

  {
    "message": "Successfully Deleted"
  }

4. Update Role

• Request
  • Endpoint - put: /api/roles/3
  • Header- x-access-token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9

  {
    "title": "ghosts"
  }

• Response
  • Status - 200
  • Body - application/json

  {
      "message": "Role Updated"
  }

1. Fork this repository to your GitHub account
2. Clone the forked repository and cd into it
3. Create a .env file in the root of the project using this sample configuration (text within the < > represent placeholders)

   SECRET_KEY=mysecretkey
   DATABASE_URL=postgres://<username>:<password>@<mydatabaseservice.com>:<port>/<databasename>
   TEST_DB_URL=postgres://<username>:<password>@<mydatabaseservice.com>:<port>/<databasename>
   DEV_DB_URL=postgres:postgres://<username>:<password>@<mydatabaseservice.com>:<port>/<databasename>
   ADMIN_EMAIL=<[email protected]>
   ADMIN_FIRST_NAME=<admin_first_name>
   ADMIN_LAST_NAME=<admin_lastname>
   ADMIN_PASSWORD=<mypassword>
   

4. Install all dependencies by running this command below in your terminal/shell

   npm install
   

5. Run the command below in your terminal/shell (initializes and seeds the database tables)

   sequelize db:migrate && sequelize db:seed:all
   

6. To run the development server enter the command below in your terminal/shell

   npm run develop:server
   

   You should also explore the scripts section of the package.json to gain familiarity with other npm commands available for this app.
7. Create your feature branch
8. Commit your changes
9. Push to the remote branch
10. Open a Pull Request

• Setup Version Control System
• Integrate Slack BOT notifications
• Integrate Hound CI service
• Integrate Travis CI service
• Integrate Code Coverage and Code Quality service
• ORM (Sequelize) setup
• Create specified API endpoints
• Implement Feedback from API defense
• Set up Webpack to run mundane tasks for development of the Client side
• create a frontend/client side interface using React with Redux architecture

CP3-Document-Management-System is implemented using a number of technologies, these include:

• node.js - evented I/O for the backend
• babel-cli - Babel Command line interface
• babel-core - Babel Core for javascript transpiling
• babel-loader - Adds Babel support to Webpack
• babel-preset-es2015 - Babel preset for ES2015
• babel-preset-react - Add JSX support to Babel
• babel-preset-react-hmre - Hot reloading preset for Babel
• babel-register - Register Babel to transpile our Mocha tests]
• eslint - Lints JavaScript
• expect - Assertion library for use with Mocha
• express - Serves development and production builds]
• mocha - JavaScript testing library
• npm-run-all - Display results of multiple commands on single command line
• webpack - Bundler with plugin system and integrated development server
• webpack-dev-middleware - Adds middleware support to webpack
• webpack-hot-middleware - Adds hot reloading to webpack