add new features

Author: sameer2210

backend/src/app.js

@@ -5,10 +5,19 @@ import morgan from 'morgan';
 import { errorHandler, notFound } from '../src/middleware/error.middleware.js';
 
 import authRoutes from './routes/auth.routes.js';
+import awardRoutes from './routes/award.routes.js';
+import categoryRoutes from './routes/category.routes.js';
+import clientProfileRoutes from './routes/clientProfile.routes.js';
+import developerProfileRoutes from './routes/developerProfile.routes.js';
+import matchRoutes from './routes/match.routes.js';
+import messageRoutes from './routes/message.routes.js';
+import notificationRoutes from './routes/notification.routes.js';
+import projectRoutes from './routes/project.routes.js';
+import projectRequestRoutes from './routes/projectRequest.routes.js';
 import productRoutes from './routes/product.routes.js';
+import reviewRoutes from './routes/review.routes.js';
+import technologyRoutes from './routes/technology.routes.js';
 import userRoutes from './routes/user.routes.js';
-// import orderRoutes from "./routes/order.routes.js";
-// import uploadRoutes from "./routes/upload.routes.js";
 
 const app = express();
 
@@ -29,12 +38,22 @@ app.use(
 );
 
 app.use('/api/auth', authRoutes);
+app.use('/api/awards', awardRoutes);
+app.use('/api/categories', categoryRoutes);
+app.use('/api/client-profiles', clientProfileRoutes);
+app.use('/api/developer-profiles', developerProfileRoutes);
+app.use('/api/matches', matchRoutes);
+app.use('/api/messages', messageRoutes);
+app.use('/api/notifications', notificationRoutes);
+app.use('/api/projects', projectRoutes);
+app.use('/api/project-requests', projectRequestRoutes);
 app.use('/api/user', userRoutes);
 app.use('/api/product', productRoutes);
+app.use('/api/reviews', reviewRoutes);
+app.use('/api/technologies', technologyRoutes);
 // Legacy/Frontend-friendly routes
 app.use('/products', productRoutes);
-// app.use("/api/upload", uploadRoutes);
-// app.use("/api/order", orderRoutes);
+app.use('/projects', projectRoutes);
 
 //test Route
 app.get('/', (req, res) => {

backend/src/controllers/auth.controller.js

@@ -3,21 +3,25 @@ import User from '../models/user.model.js';
 import generateToken from '../utils/generateToken.js';
 
 // REGISTER (only for normal users, admin comes from seed file)
+const allowedRoles = new Set(["developer", "client"]);
+
 export const registerUser = async (req, res, next) => {
   try {
-    const { name, email, password } = req.body;
+    const { name, email, password, role } = req.body;
 
     const userExists = await User.findOne({ email });
     if (userExists) {
       res.status(400);
       throw new Error('User already exists');
     }
 
+    const safeRole = allowedRoles.has(role) ? role : "client";
+
     const user = await User.create({
       name,
       email,
       password,
-      role: 'user', //  Enforce only "user" role here
+      role: safeRole,
     });
 
     res.status(201).json({

backend/src/controllers/award.controller.js

@@ -0,0 +1,15 @@
+import Award from '../models/award.model.js';
+import { buildCrudController } from './crud.controller.js';
+
+const { list, getById, create, update, remove } = buildCrudController(Award, {
+  resourceName: 'Award',
+  searchFields: ['name', 'type'],
+  filterFields: ['type', 'projectId', 'developerId', 'year'],
+  allowedPopulate: ['projectId', 'developerId'],
+});
+
+export const getAwards = list;
+export const getAwardById = getById;
+export const createAward = create;
+export const updateAward = update;
+export const deleteAward = remove;

backend/src/controllers/category.controller.js

@@ -0,0 +1,18 @@
+import Category from '../models/category.model.js';
+import { buildCrudController } from './crud.controller.js';
+
+const { list, getById, create, update, remove } = buildCrudController(
+  Category,
+  {
+    resourceName: 'Category',
+    searchFields: ['name', 'description'],
+    filterFields: ['name'],
+    defaultSort: 'name',
+  }
+);
+
+export const getCategories = list;
+export const getCategoryById = getById;
+export const createCategory = create;
+export const updateCategory = update;
+export const deleteCategory = remove;

backend/src/controllers/clientProfile.controller.js

@@ -0,0 +1,50 @@
+import ClientProfile from '../models/clientProfile.model.js';
+import { buildCrudController } from './crud.controller.js';
+
+const { list, getById, create, update, remove } = buildCrudController(
+  ClientProfile,
+  {
+    resourceName: 'Client profile',
+    searchFields: ['companyName', 'industry', 'location', 'description'],
+    filterFields: ['userId', 'industry', 'companySize', 'location'],
+    ownerField: 'userId',
+    assignOwnerOnCreate: true,
+  }
+);
+
+export const getClientProfiles = list;
+export const getClientProfileById = getById;
+export const createClientProfile = create;
+export const updateClientProfile = update;
+export const deleteClientProfile = remove;
+
+export const getMyClientProfile = async (req, res, next) => {
+  try {
+    const profile = await ClientProfile.findOne({ userId: req.user._id });
+    if (!profile) {
+      return res.status(404).json({ message: 'Client profile not found' });
+    }
+    res.json(profile);
+  } catch (error) {
+    next(error);
+  }
+};
+
+export const upsertMyClientProfile = async (req, res, next) => {
+  try {
+    const payload = { ...req.body, userId: req.user._id };
+    const profile = await ClientProfile.findOneAndUpdate(
+      { userId: req.user._id },
+      payload,
+      {
+        new: true,
+        upsert: true,
+        runValidators: true,
+        setDefaultsOnInsert: true,
+      }
+    );
+    res.json(profile);
+  } catch (error) {
+    next(error);
+  }
+};

backend/src/controllers/crud.controller.js

@@ -0,0 +1,231 @@
+const parsePositiveInt = (value) => {
+  if (value === undefined || value === null || value === "") return null;
+  const num = Number(value);
+  if (!Number.isFinite(num) || num < 0) return null;
+  return Math.floor(num);
+};
+
+const escapeRegExp = (value) =>
+  value.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
+
+const getPagination = (req) => {
+  const start = parsePositiveInt(req.query._start);
+  const limit = parsePositiveInt(req.query._limit);
+
+  if (start !== null || limit !== null) {
+    return { skip: start || 0, limit: limit || 0 };
+  }
+
+  const page = parsePositiveInt(req.query.page);
+  const pageLimit = parsePositiveInt(req.query.limit);
+  if (pageLimit !== null) {
+    const safePage = page && page > 0 ? page : 1;
+    return { skip: (safePage - 1) * pageLimit, limit: pageLimit };
+  }
+
+  return { skip: 0, limit: 0 };
+};
+
+const parseCommaList = (value) =>
+  value
+    .split(",")
+    .map((item) => item.trim())
+    .filter(Boolean);
+
+const buildFilters = (query, allowedFields = []) => {
+  const filters = {};
+  for (const field of allowedFields) {
+    const raw = query[field];
+    if (raw === undefined) continue;
+    if (typeof raw === "string" && raw.includes(",")) {
+      filters[field] = { $in: parseCommaList(raw) };
+    } else {
+      filters[field] = raw;
+    }
+  }
+  return filters;
+};
+
+const buildSearchFilter = (searchTerm, searchFields = []) => {
+  if (!searchTerm || !searchFields.length) return null;
+  const regex = new RegExp(escapeRegExp(searchTerm), "i");
+  return {
+    $or: searchFields.map((field) => ({ [field]: regex })),
+  };
+};
+
+const applyPopulate = (query, req, allowedPopulate = [], defaultPopulate = []) => {
+  const raw = req.query.populate;
+  const requested = typeof raw === "string" ? parseCommaList(raw) : [];
+  const populateFields = new Set([
+    ...defaultPopulate,
+    ...requested.filter((path) => allowedPopulate.includes(path)),
+  ]);
+  for (const path of populateFields) {
+    query = query.populate(path);
+  }
+  return query;
+};
+
+const pickAllowed = (payload, allowedFields) => {
+  if (!Array.isArray(allowedFields) || !allowedFields.length) {
+    return { ...payload };
+  }
+  const picked = {};
+  for (const field of allowedFields) {
+    if (payload[field] !== undefined) {
+      picked[field] = payload[field];
+    }
+  }
+  return picked;
+};
+
+const isAdmin = (req) => req.user && req.user.role === "admin";
+
+const ensureOwner = (doc, req, ownerField) => {
+  if (!ownerField || isAdmin(req)) return true;
+  const ownerId = doc?.[ownerField]?.toString();
+  const userId = req.user?._id?.toString();
+  return ownerId && userId && ownerId === userId;
+};
+
+const assignOwner = (payload, req, ownerField, allowAdminOverride = true) => {
+  if (!ownerField || !req.user) return payload;
+  if (!isAdmin(req) || !allowAdminOverride) {
+    return { ...payload, [ownerField]: req.user._id };
+  }
+  if (!payload[ownerField]) {
+    return { ...payload, [ownerField]: req.user._id };
+  }
+  return payload;
+};
+
+const sanitizePayload = (payload, req, ownerField, allowedFields) => {
+  const cleaned = pickAllowed(payload, allowedFields);
+  if (ownerField && !isAdmin(req)) {
+    delete cleaned[ownerField];
+  }
+  return cleaned;
+};
+
+export const buildCrudController = (
+  Model,
+  {
+    resourceName = "Resource",
+    searchFields = [],
+    filterFields = [],
+    defaultSort = "-createdAt",
+    allowedPopulate = [],
+    defaultPopulate = [],
+    ownerField = null,
+    assignOwnerOnCreate = false,
+    allowAdminOverride = true,
+    allowedFields = null,
+    scopeToUser = false,
+  } = {}
+) => {
+  const list = async (req, res, next) => {
+    try {
+      const { skip, limit } = getPagination(req);
+      const filters = buildFilters(req.query, filterFields);
+      if (scopeToUser && ownerField && req.user && !isAdmin(req)) {
+        filters[ownerField] = req.user._id;
+      }
+
+      const searchTerm = (req.query.q || req.query.search || "").trim();
+      const searchFilter = buildSearchFilter(searchTerm, searchFields);
+
+      let query = Model.find(filters);
+      if (searchFilter) {
+        query = query.find(searchFilter);
+      }
+
+      if (skip) query = query.skip(skip);
+      if (limit) query = query.limit(limit);
+      query = query.sort(req.query.sort || defaultSort);
+      query = applyPopulate(query, req, allowedPopulate, defaultPopulate);
+
+      const docs = await query.exec();
+      res.json(docs);
+    } catch (error) {
+      next(error);
+    }
+  };
+
+  const getById = async (req, res, next) => {
+    try {
+      let query = Model.findById(req.params.id);
+      query = applyPopulate(query, req, allowedPopulate, defaultPopulate);
+      const doc = await query.exec();
+      if (!doc) {
+        res.status(404);
+        throw new Error(`${resourceName} not found`);
+      }
+      res.json(doc);
+    } catch (error) {
+      next(error);
+    }
+  };
+
+  const create = async (req, res, next) => {
+    try {
+      let payload = sanitizePayload(req.body || {}, req, ownerField, allowedFields);
+      if (assignOwnerOnCreate) {
+        payload = assignOwner(payload, req, ownerField, allowAdminOverride);
+      }
+      const created = await Model.create(payload);
+      res.status(201).json(created);
+    } catch (error) {
+      next(error);
+    }
+  };
+
+  const update = async (req, res, next) => {
+    try {
+      const doc = await Model.findById(req.params.id);
+      if (!doc) {
+        res.status(404);
+        throw new Error(`${resourceName} not found`);
+      }
+      if (!ensureOwner(doc, req, ownerField)) {
+        res.status(403);
+        throw new Error("Not authorized to update this resource");
+      }
+      const updates = sanitizePayload(req.body || {}, req, ownerField, allowedFields);
+      Object.assign(doc, updates);
+      const updated = await doc.save();
+      res.json(updated);
+    } catch (error) {
+      next(error);
+    }
+  };
+
+  const remove = async (req, res, next) => {
+    try {
+      const doc = await Model.findById(req.params.id);
+      if (!doc) {
+        res.status(404);
+        throw new Error(`${resourceName} not found`);
+      }
+      if (!ensureOwner(doc, req, ownerField)) {
+        res.status(403);
+        throw new Error("Not authorized to delete this resource");
+      }
+      await doc.deleteOne();
+      res.json({ message: `${resourceName} deleted`, id: req.params.id });
+    } catch (error) {
+      next(error);
+    }
+  };
+
+  return { list, getById, create, update, remove };
+};
+
+export {
+  applyPopulate,
+  buildFilters,
+  buildSearchFilter,
+  escapeRegExp,
+  getPagination,
+  parsePositiveInt,
+};