Woctab - Document Management System

Wroctab is a full stack document management system that helps to manage documents given the different accessibility. Wroctab contains a backend API developed with Node, Express and Sequelize. A frontend developed with React using Redux architecture.

Development

This application was developed using the following frameworks.

• NodeJs
• React Redux
• Webpack
• express
• Sequelize as ORM

Application Features

User Authentication

Users are authenticated and validated using JWT web token. Generating tokens on signup and login ensures documents and API endpoints are protected.

Document Management

• Create an account
• Login with your credentials
• Create new document specifying document title, content and document access
• Edit Documents
• Delete documents
• View public documents created by other users.
• View documents created by his access group with access level set as role.
• Search a users public documents.
• View public and role access level documents of other regular users.
• Share document with specific user(s) - Upcoming
• Logout

• In addition to the general user functions, an admin user can:
  • View all users.
  • View all created documents except documents with access set to private.
  • Delete any user.
  • Update any user's record.
  • Create a new role.
  • View all created roles.
  • Search for any user.

Installation

• Ensure that you have NodeJs and Postgres installed on your machine
• Clone the repository $ git clone https://github.com/andela-aonifade/wroctab.git
• Change into the directory $ cd wroctab
• Install all required dependencies with $ npm install
• Create a .env file in your root directory as described in .env.sample file

Usage

• Run DB Migrate command with sequelize db:migrate
• Seed you DB by running this command npm run db:seed, this seeds Admin Role and Regular Role.
• Run npm run start:dev to start the application on development environment

Testing

• Run DB migrate command with npm run db:migrate:test.
• Run Test npm test
• You can undo your migrations by running this command npm run db:migrate:test:undo.

Use a separate DB for testing and development

API Documentation

---

The API has routes, each dedicated to a single task that uses HTTP response codes to indicate API status and errors.

API Features

The following features make up the Document Management System API:

Authentication

• It uses JSON Web Token (JWT) for authentication.

• It generates a token on successful login or account creation and returns it to the consumer.

• It verifies the token to ensures a user is authenticated to access protected endpoints.

Users

• It allows users to be created.

• It allows users to login and obtain a token

• It allows authenticated users to retrieve and update their information.

• It allows the admin to manage users.

Roles

• It ensures roles can be created, retrieved, updated and deleted by an admin user.
• A non-admin user cannot create, retrieve, modify, or delete roles.
• it allows for assignment of roles to users

Documents

• It allows new documents to be created by authenticated users.

• It ensures all documents are accessible based on the permission specified.

• It allows admin users to create, retrieve, modify, and delete documents.

• It ensures users can delete, edit and update documents that they own.

• It allows users to retrieve all documents they own as well as public documents.

Search

• It allows users to search public documents for a specified search term.

• It allows admin to retrieve all documents that matches search term.

• It allows admin to search users based on a specified search term

Available API Endpoints and their Functionality

EndPoint	Functionality
POST /users/login	Logs a user in.
POST /users/logout	Logs a user out.
POST /users/	Creates a new user.
GET /users/	Find matching instances of user.
GET /users/	Find user.
PUT /users/	Update user attributes.
DELETE /users/	Delete user.
GET /users/?limit={interger}&offset={interger}	Pagination for users
POST /documents/	Creates a new document instance.
GET /documents/	Find matching instances of document.
GET /documents/	Find document.
GET /documents/?limit={interger}&offset={interger}	Pagination for documents
PUT /documents/	Update document attributes.
DELETE /documents/	Delete document.
GET /users//documents	Find all documents belonging to the user.
GET /search/users/?q={username}	Gets all users with username contain the search term
GET /search/documents/?q={doctitle}	Get all documents with title containing the search query
GET /users/:id/alldocuments	Get all document owned or accessible by userId
GET /api/users/:identifier	Find user with email or username containing the identifier parameter

Role

POST HTTP Request

• POST api/roles
• Requires: Admin Authentication

  HTTP Response

• HTTP Status: 201: created
• JSON data

{
  "id": "1",
  "title": "admin",
  "createdAT": "2017-04-04T14:22:46.984z",
  "updatedAT": "2017-04-04T14:22:46.984z"
}

GET HTTP Request

• GET api/roles
• Requires: Admin Authentication

  HTTP Response

• HTTP Status: 200: OK
• JSON data

{
  "id": "2",
  "title": "manager",
  "createdAT": "2017-04-04T14:22:46.984z",
  "updatedAT": "2017-04-04T16:22:46.984z"
}

Users

POST HTTP Request

• POST api/users

  HTTP response

• HTTP Status: 201: created
• JSON data

{
  "id": "1",
  "name": "John Doe",
  "email": "[email protected]",
  "password": "password",
  "roleId": "2",
  "createdAT": "2017-04-04T14:22:46.984z",
  "updatedAT": "2017-04-04T16:22:46.984z"
}

Login HTTP Request

• POST api/users/login

  HTTP Response

• HTTP status: 200: OK
• JSON Data

{
  "message": "User authenticated successfully"
}

Get Users

GET HTTP Request

• GET api/users
• Requires: Admin Authentication

  HTTP Response

• HTTP status: 200: OK
• JSON Data

{
  "id": "1",
  "name": "John Doe",
  "email": "[email protected]",
  "password": "password",
  "roleId": "2",
  "createdAT": "2017-04-04T14:22:46.984z",
  "updatedAT": "2017-04-04T16:22:46.984z"
}

Documents

POST HTTP Request

• POST api/documents

  HTTP response

• HTTP Status: 201: created
• JSON data

{
  "id": "1",
  "title": "Test Title",
  "docContent": "This is my first diary created on this application",
  "viewAccess": "private",
  "role": "1",
  "userId": "1",
  "createdAT": "2017-04-05T14:22:46.984z",
  "updatedAT": "2017-04-05T14:22:46.984z"
}

GET HTTP Request

• GET api/documents/1

  HTTP response

• HTTP Status: 200: 0k
• JSON data

{
  "id": "1",
  "title": "Title 2",
  "docContent": "This is my first diary created on this application",
  "viewAccess": "private",
  "role": "1",
  "userId": "1",
  "createdAT": "2017-04-05T14:22:46.984z",
  "updatedAT": "2017-04-05T14:22:46.984z"
}

Contribution

Prerequisites includes

• Postgresql and
• Node.js >= v6.8.0.

Procedure

1. Clone this repository from a terminal git clone https://github.com/andela-aonifade/wroctab.git.
2. Move into the project directory cd wroctab
3. Install project dependencies npm install
4. Create Postgresql database and run migrations npm run db:migrations.
5. Start the express server npm run start:dev.
6. Run test npm test.
7. Branch out of master git checkout -b [new-branch-name]
8. Make changes and commit your changes
9. Git push and make a pull request to my repo

Limitations

Currently, we can't say our API can handle larger requests, this may be a problem when our user base grows to over million.