fix(skydive): migrate author field from ObjectId to UUID string

- Register SkydiverProfile model in mysql.js (fixes startup crash on association)
- Replace $toObjectId with direct string match in all 12 aggregation queries
- Guard toJSONFor on all Mongo models to fall back to MySQL user.toProfileJSONFor()
  when author is a UUID string (restores username/image in API responses)
- Pass user to toJSONFor() everywhere instead of null
- Remove dead .populate('author') calls (author: String has no ref)
- Fix ownership check in /last route: compare author string to req.payload.id
  instead of the now-absent author.username property
This commit is contained in:
2026-04-26 04:27:47 +02:00
parent da1f9437ab
commit 66821427be
17 changed files with 64 additions and 120 deletions
@@ -10,7 +10,6 @@ mailer.setApiKey(process.env.SENDGRID_API_KEY);
// Preload application objects on routes with ':application'
router.param('application', function (req, res, next, slug) {
Application.findOne({ slug: slug })
.populate('author')
.then(function (application) {
if (!application) {
return res.sendStatus(404);
@@ -52,7 +51,6 @@ router.get('/', auth.required, function (req, res, next) {
.skip(Number(offset))
.limit(Number(limit))
.sort({ createdAt: 'desc' })
.populate('author')
.exec(),
Application.countDocuments(query).exec(),
req.payload ? UserService.getUserById(req.payload.id) : null
@@ -117,8 +115,7 @@ router.post('/', auth.required, function (req, res, next) {
*/
router.get('/:application', auth.required, function (req, res, next) {
Promise.all([
req.payload ? UserService.getUserById(req.payload.id) : null,
req.application.populate('author')
req.payload ? UserService.getUserById(req.payload.id) : null
]).then(function (results) {
let user = results[0];
return res.json({ application: req.application.toJSONFor(user) });
+8 -10
View File
@@ -13,7 +13,6 @@ const { UserService } = require('../../../services');
// Preload jump objects on routes with ':jump'
router.param('jump', function (req, res, next, slug) {
Jump.findOne({ slug: slug })
.populate('author')
.populate('files')
.populate('x2data')
.then(function (jump) {
@@ -98,7 +97,6 @@ router.get('/', auth.required, function (req, res, next) {
.skip(Number(offset))
.limit(Number(limit))
.sort({ numero: 'desc' })
.populate('author')
.populate('files')
.populate('x2data')
.exec(),
@@ -107,9 +105,10 @@ router.get('/', auth.required, function (req, res, next) {
]).then(function (results) {
let jumps = results[0];
let jumpsCount = results[1];
let user = results[2];
return res.json({
jumps: jumps.map(function (jump) {
return jump.toJSONFor(null);
return jump.toJSONFor(user);
}),
jumpsCount: jumpsCount
});
@@ -283,7 +282,6 @@ router.get('/last', auth.required, function (req, res, next) {
Jump.find({author: user.id})
.limit(1)
.sort({ numero: 'desc' })
.populate('author')
.populate('files')
.populate('x2data')
.exec()
@@ -292,10 +290,10 @@ router.get('/last', auth.required, function (req, res, next) {
return res.status(404).json({ errors: { "Not Found": "aucun saut trouvé" } });
}
req.lastjump = jumps[0];
if (req.lastjump.author.username !== req.payload.username) {
if (req.lastjump.author !== req.payload.id) {
return res.status(403).json({ errors: { "Forbidden": "Vous ne disposez pas des autorisations suffisantes" } });
}
return res.json({ jump: req.lastjump.toJSONFor(null) });
return res.json({ jump: req.lastjump.toJSONFor(user) });
}).catch(next);
}).catch(next);
});
@@ -317,7 +315,7 @@ router.get('/:jump', auth.required, function (req, res, next) {
Jump.findOne({numero: (req.jump.numero + 1)}).exec(),
]).then(function (results) {
return res.json({
jump: req.jump.toJSONFor(null),
jump: req.jump.toJSONFor(user),
prevJump: results[0],
nextJump: results[1]
});
@@ -336,7 +334,7 @@ router.post('/', auth.required, function (req, res, next) {
let jump = new Jump(req.body.jump);
jump.author = user.id;
return jump.save().then(function () {
return res.json({ jump: jump.toJSONFor(null) });
return res.json({ jump: jump.toJSONFor(user) });
});
}).catch(next);
});
@@ -366,7 +364,7 @@ router.post('/data/:jump', auth.required, function (req, res, next) {
req.jump.files = files;
req.jump.x2data = x2data;
Jump.updateOne({_id: req.jump._id}, {files: files, x2data: x2data._id}).then(function () {
return res.json({ jump: req.jump.toJSONFor(null) });
return res.json({ jump: req.jump.toJSONFor(user) });
}).catch(next);
}).catch(next);
}).catch(next);
@@ -492,7 +490,7 @@ router.put('/:jump', auth.required, function (req, res, next) {
}
return req.jump.save().then(function (jump) {
return res.json({ jump: jump.toJSONFor(null) });
return res.json({ jump: jump.toJSONFor(user) });
});
}).catch(next);
});
+4 -8
View File
@@ -23,7 +23,6 @@ router.get('/aeronefs', auth.required, function (req, res, next) {
.limit(1)
.skip(0)
.sort({ numero: 'desc' })
.populate('author')
.populate('files')
.populate('x2data')
.exec(),
@@ -37,7 +36,7 @@ router.get('/aeronefs', auth.required, function (req, res, next) {
.exec()
]).then(function (results) {
if (results[0].length) {
let lastjump = results[0][0].toJSONFor(null);
let lastjump = results[0][0].toJSONFor(user);
let aeronefsByImat = results[1].map(function (data) {
return { aeronef: data._id.aeronef, imat: data._id.imat, count: data.count };
});
@@ -79,7 +78,6 @@ router.get('/canopies', auth.required, function (req, res, next) {
.limit(1)
.skip(0)
.sort({ numero: 'desc' })
.populate('author')
.populate('files')
.populate('x2data')
.exec(),
@@ -101,7 +99,7 @@ router.get('/canopies', auth.required, function (req, res, next) {
.exec()
]).then(function (results) {
if (results[0].length) {
let lastjump = results[0][0].toJSONFor(null);
let lastjump = results[0][0].toJSONFor(user);
let canopiesBySize = results[1].map(function (data) {
return { taille: data._id.taille, count: data.count };
});
@@ -146,7 +144,6 @@ router.get('/dropzones', auth.required, function (req, res, next) {
.limit(1)
.skip(0)
.sort({ numero: 'desc' })
.populate('author')
.populate('files')
.populate('x2data')
.exec(),
@@ -160,7 +157,7 @@ router.get('/dropzones', auth.required, function (req, res, next) {
.exec()
]).then(function (results) {
if (results[0].length) {
let lastjump = results[0][0].toJSONFor(null);
let lastjump = results[0][0].toJSONFor(user);
let dropZonesByOaci = results[1].map(function (data) {
return { lieu: data._id.lieu, oaci: data._id.oaci, count: data.count };
});
@@ -197,7 +194,6 @@ router.get('/jumps', auth.required, function (req, res, next) {
.limit(1)
.skip(0)
.sort({ numero: 'desc' })
.populate('author')
.populate('files')
.populate('x2data')
.exec(),
@@ -223,7 +219,7 @@ router.get('/jumps', auth.required, function (req, res, next) {
.exec()
]).then(function (results) {
if (results[0].length) {
let lastjump = results[0][0].toJSONFor(null);
let lastjump = results[0][0].toJSONFor(user);
let jumpsByYears = results[1].map(function (data) {
return { year: data._id.year, count: data.count };
});
+21 -81
View File
@@ -2,11 +2,7 @@ const queries = {
getJumpsByCategoryQuery: (userId) => {
let query = [
{
'$match': {
'$expr': {
'$eq': [ '$author' , { '$toObjectId': userId } ]
}
}
'$match': { 'author': userId }
}, {
'$group': {
'_id': {
@@ -28,11 +24,7 @@ const queries = {
getJumpsByDateQuery: (userId) => {
let query = [
{
'$match': {
'$expr': {
'$eq': [ '$author' , { '$toObjectId': userId } ]
}
}
'$match': { 'author': userId }
}, {
'$project': {
'_id': 0,
@@ -65,11 +57,7 @@ const queries = {
getJumpsByModuleByDateQuery: (userId) => {
let query = [
{
'$match': {
'$expr': {
'$eq': [ '$author' , { '$toObjectId': userId } ]
}
}
'$match': { 'author': userId }
}, {
'$project': {
'_id': 0,
@@ -105,11 +93,7 @@ const queries = {
getJumpsByModuleQuery: (userId) => {
let query = [
{
'$match': {
'$expr': {
'$eq': [ '$author' , { '$toObjectId': userId } ]
}
}
'$match': { 'author': userId }
}, {
'$project': {
'_id': 0,
@@ -137,11 +121,7 @@ const queries = {
getJumpByYearsQuery: (userId) => {
let query = [
{
'$match': {
'$expr': {
'$eq': [ '$author' , { '$toObjectId': userId } ]
}
}
'$match': { 'author': userId }
}, {
'$project': {
'_id': 0,
@@ -170,17 +150,13 @@ const queries = {
getAeronefsByImatQuery: (userId) => {
let query = [
{
'$match': {
'$expr': {
'$eq': [ '$author' , { '$toObjectId': userId } ]
}
}
'$match': { 'author': userId }
}, {
'$group': {
'_id': {
'aeronef': '$aeronef',
'imat': '$imat'
},
},
'count': {
'$sum': 1
}
@@ -198,11 +174,7 @@ const queries = {
getAeronefsByImatByYearQuery: (userId) => {
let query = [
{
'$match': {
'$expr': {
'$eq': [ '$author' , { '$toObjectId': userId } ]
}
}
'$match': { 'author': userId }
}, {
'$project': {
'_id': 0,
@@ -235,16 +207,12 @@ const queries = {
getCanopiesBySizeQuery: (userId) => {
let query = [
{
'$match': {
'$expr': {
'$eq': [ '$author' , { '$toObjectId': userId } ]
}
}
'$match': { 'author': userId }
}, {
'$group': {
'_id': {
'taille': '$taille'
},
},
'count': {
'$sum': 1
}
@@ -262,11 +230,7 @@ const queries = {
getCanopiesBySizeByYearQuery: (userId) => {
let query = [
{
'$match': {
'$expr': {
'$eq': [ '$author' , { '$toObjectId': userId } ]
}
}
'$match': { 'author': userId }
}, {
'$project': {
'_id': 0,
@@ -297,17 +261,13 @@ const queries = {
getCanopiesBySizeByModelQuery: (userId) => {
let query = [
{
'$match': {
'$expr': {
'$eq': [ '$author' , { '$toObjectId': userId } ]
}
}
'$match': { 'author': userId }
}, {
'$group': {
'_id': {
'taille': '$taille',
'voile': '$voile'
},
},
'count': {
'$sum': 1
}
@@ -325,11 +285,7 @@ const queries = {
getCanopiesBySizeByModelByYearQuery: (userId) => {
let query = [
{
'$match': {
'$expr': {
'$eq': [ '$author' , { '$toObjectId': userId } ]
}
}
'$match': { 'author': userId }
}, {
'$project': {
'_id': 0,
@@ -362,17 +318,13 @@ const queries = {
getDropZonesByOaciQuery: (userId) => {
let query = [
{
'$match': {
'$expr': {
'$eq': [ '$author' , { '$toObjectId': userId } ]
}
}
'$match': { 'author': userId }
}, {
'$group': {
'_id': {
'lieu': '$lieu',
'oaci': '$oaci'
},
},
'count': {
'$sum': 1
}
@@ -390,11 +342,7 @@ const queries = {
getDropZonesByOaciByYearQuery: (userId) => {
let query = [
{
'$match': {
'$expr': {
'$eq': [ '$author' , { '$toObjectId': userId } ]
}
}
'$match': { 'author': userId }
}, {
'$project': {
'_id': 0,
@@ -435,18 +383,10 @@ const queries = {
let query = [
{
$match: {
$expr: {
$and: [
{
$eq: [ '$author' , { '$toObjectId': userId } ]
},
{
$gte: ['$date', new Date(dateRangeStart)]
},
{
$lte: ['$date', new Date(dateRangeEnd)]
}
]
author: userId,
date: {
$gte: new Date(dateRangeStart),
$lte: new Date(dateRangeEnd)
}
}
}, {