Commissions variable schema links usage, schema verification function

faisalnjs · faisalnjs · commit f40d5265f058 · 2025-11-18T15:24:19.000-05:00
diff --git a/frontend/pages/commission.ejs b/frontend/pages/commission.ejs
@@ -53,8 +53,7 @@
 </table>
 <div class="buttons">
 	<a class="button" href="<%= tenant.domain %><%= tenant.path %>">Back</a>
-	<% if (!commission.locked || (role !== 'user')) { %>
-	<a class="button" href="<%= tenant.domain %><%= tenant.path %>/<%= commission.id %>/edit">Edit</a>
-	<% } %>
+	<% if (!commission.locked || (role !== 'user')) { %><a class="button" href="<%= tenant.domain %><%= tenant.path %>/<%= commission.id %>/edit">Edit</a><% } %>
+	<% commission.links.forEach(link => { %><a class="button" href="<%= link.url %>" target="_blank" rel="noopener noreferrer"><%= link.label %></a><% }); %>
 </div>
 <%- include('foot.ejs') %>
diff --git a/index.js b/index.js
@@ -118,33 +118,48 @@ function getUserRole(session) {
   return 'user';
 };
 
+function verifyAgainstSchema(type, data) {
+  switch (type) {
+    case 'commission':
+      if (!Array.isArray(data)) return [];
+      return data.map(commission => {
+        if (!commission.id || !commission.user || (commission.date ? isNaN(new Date(commission.date).getTime()) : false) || (typeof commission.status !== 'string') || (typeof commission.tasks !== 'object')) return null;
+        return {
+          id: commission.id,
+          user: commission.user,
+          amount: commission.amount ? Number(commission.amount) : null,
+          currency: commission.currency ? String(commission.currency) : 'USD',
+          date: commission.date ? new Date(commission.date) : null,
+          status: commission.status,
+          fields: fields.reduce((acc, field) => {
+            acc[field.id] = (commission.fields && (commission.fields[field.id] !== undefined)) ? commission.fields[field.id] : null;
+            return acc;
+          }, {}),
+          tasks: Array.isArray(commission.tasks) ? commission.tasks.map(task => {
+            return {
+              done: task.done || false,
+              content: task.content ? String(task.content) : ''
+            }
+          }) : [],
+          locked: commission.locked || false,
+          links: Array.isArray(commission.links) ? commission.links.map(link => {
+            return {
+              label: link.label ? String(link.label) : '',
+              url: link.url ? String(link.url) : ''
+            };
+          }) : []
+        };
+      }).filter(commission => commission !== null);
+  };
+  return data;
+};
+
 app.get('/', async (req, res) => {
   if (!on) return res.render('off', { tenant, title: 'Activation' });
   if (!req.session) return res.render('session', { tenant, title: 'Session' });
   if (!tenant.slug || !tenant.name || !tenant.domain) return res.render('tenant', { tenant, title: 'Configuration' });
   if (tenant.auth && tenant.auth.enabled && vars.userId && !req.session[vars.userId]) return res.render('auth', { tenant, title: 'Authenticate' });
-  req.session[vars.commissions] = (req.session[vars.commissions] || []).map(commission => {
-    if (!commission.id || !commission.user || (commission.date ? isNaN(new Date(commission.date).getTime()) : false) || (typeof commission.status !== 'string') || (typeof commission.tasks !== 'object')) return null;
-    return {
-      id: commission.id,
-      user: commission.user,
-      amount: commission.amount ? Number(commission.amount) : null,
-      currency: commission.currency ? String(commission.currency) : 'USD',
-      date: commission.date ? new Date(commission.date) : null,
-      status: commission.status,
-      fields: fields.reduce((acc, field) => {
-        acc[field.id] = (commission.fields && (commission.fields[field.id] !== undefined)) ? commission.fields[field.id] : null;
-        return acc;
-      }, {}),
-      tasks: (commission.tasks || []).map(task => {
-        return {
-          done: task.done || false,
-          content: task.content ? String(task.content) : ''
-        }
-      }),
-      locked: commission.locked || false
-    };
-  }).filter(commission => commission !== null);
+  req.session[vars.commissions] = verifyAgainstSchema('commission', req.session[vars.commissions] || []);
   switch (getUserRole(req.session)) {
     case 'admin':
       return res.render('admin', { tenant, title: 'Admin View', session: req.session, vars });
@@ -212,28 +227,7 @@ app.get('/:id', async (req, res) => {
   if (!req.session) return res.render('session', { tenant, title: 'Session' });
   if (!tenant.slug || !tenant.name || !tenant.domain) return res.render('tenant', { tenant, title: 'Configuration' });
   if (tenant.auth && tenant.auth.enabled && vars.userId && !req.session[vars.userId]) return res.render('auth', { tenant, title: 'Authenticate' });
-  req.session[vars.commissions] = (req.session[vars.commissions] || []).map(commission => {
-    if (!commission.id || !commission.user || (commission.date ? isNaN(new Date(commission.date).getTime()) : false) || (typeof commission.status !== 'string') || (typeof commission.tasks !== 'object')) return null;
-    return {
-      id: commission.id,
-      user: commission.user,
-      amount: commission.amount ? Number(commission.amount) : null,
-      currency: commission.currency ? String(commission.currency) : 'USD',
-      date: commission.date ? new Date(commission.date) : null,
-      status: commission.status,
-      fields: fields.reduce((acc, field) => {
-        acc[field.id] = (commission.fields && (commission.fields[field.id] !== undefined)) ? commission.fields[field.id] : null;
-        return acc;
-      }, {}),
-      tasks: (commission.tasks || []).map(task => {
-        return {
-          done: task.done || false,
-          content: task.content ? String(task.content) : ''
-        }
-      }),
-      locked: commission.locked || false
-    };
-  }).filter(commission => commission !== null);
+  req.session[vars.commissions] = verifyAgainstSchema('commission', req.session[vars.commissions] || []);
   if (getUserRole(req.session) === 'user') req.session[vars.commissions] = req.session[vars.commissions].filter(commission => commission.user === req.session[vars.userId]);
   const commission = (req.session[vars.commissions] || []).find(commission => (String(commission.id) === String(req.params.id)) && (commission.user === req.session[vars.userId]));
   if (!commission) return res.status(404).render('error', { tenant, title: 'Not Found', message: 'The requested commission was not found.' });
