added 3 functions for public and private vendor queries.

backend/controllers/VendorController.js

@@ -105,6 +105,26 @@ const getVendors = async (req, res, next) => {
   }
 };
 
+const getPublicVendors = async (req, res, next) => {
+  try {
+    // Retrieve all public vendors from the database
+    const vendors = await db.manyOrNone(
+        'SELECT * FROM vendor_full WHERE is_public = TRUE',
+    );
+    // If vendors are found, add them to res.locals.data
+    if (vendors.length) {
+      res.locals.data = vendors;
+      next(); // Proceed to the next middleware or route handler
+    } else {
+      // If no vendors are found, send a message indicating this
+      res.status(404).json({message: 'No vendors found'});
+    }
+  } catch (error) {
+    console.error(error);
+    res.status(500).json({error: 'Internal Server Error'});
+  }
+};
+
 const getVendorById = async (req, res, next) => {
   const {vendorId} = req.params;
 
@@ -126,10 +146,52 @@ const getVendorById = async (req, res, next) => {
   }
 };
 
+const getPublicVendorById = async (req, res, next) => {
+  const {vendorId} = req.params;
+
+  try {
+    const vendor = await db.oneOrNone(
+        'SELECT * FROM vendor_full WHERE vendor_id = $1 AND is_public = TRUE',
+        [vendorId],
+    );
+    if (vendor) {
+      // Store the vendor data in res.locals.data for the middleware
+      res.locals.data = vendor;
+      next(); // Pass control to the next middleware
+    } else {
+      res.status(404).json({message: 'Vendor not found'});
+    }
+  } catch (err) {
+    console.error(err);
+    res.status(500).json({error: 'Internal Server Error'});
+  }
+};
+
+const getSelfVendor = async (req, res, next) => {
+  const vendor = res.locals.vendor;
+
+  try {
+    const selfVendor = await db.oneOrNone(
+        'SELECT * FROM vendor_full WHERE vendor_id = $1',
+        [vendor.vendor_id],
+    );
+    if (selfVendor) {
+      // Store the vendor data in res.locals.data for the middleware
+      res.locals.data = selfVendor;
+      next(); // Pass control to the next middleware
+    } else {
+      res.status(404).json({message: 'Vendor not found'});
+    }
+  } catch (err) {
+    console.error(err);
+    res.status(500).json({error: 'Internal Server Error'});
+  }
+};
+
 // Registers the vendor in the database
 const createVendor = async (req, res, next) => {
   // Get the values from the request body
-  const {name, email, phoneNumber, password, website, instagram, facebook, twitter, tiktok, youtube, pinterest} = req.body;
+  const {name, email, phoneNumber, password, website, instagram, facebook, twitter, tiktok, youtube, pinterest, is_public} = req.body;
 
   // Checks if the required fields are present, password is no longer required
   if (!email || !name) {
@@ -159,15 +221,16 @@ const createVendor = async (req, res, next) => {
                 email, \
                 phone_number, \
                 password, \
-                website,\
+                website, \
+                is_public,\
                 instagram, \
                 facebook, \
                 twitter, \
                 tiktok, \
                 youtube,\
                 pinterest \
-            ) VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11)',
-        [name, email, phoneNumber, passwordHash, website, instagram, facebook, twitter, tiktok, youtube, pinterest],
+            ) VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12)',
+        [name, email, phoneNumber, passwordHash, website, instagram, facebook, twitter, tiktok, youtube, pinterest, is_public],
     );
   } catch (err) {
     // Duplicate emails are not allowed
@@ -287,89 +350,46 @@ const updateVendor = async (req, res, next) => {
     youtube,
     pinterest,
     id,
+    is_public,
   } = req.body;
 
-
-  if('password' in req.body){
-    // Hashes the password using bcrypt
-    const {password} = req.body;
-    let passwordHash;
-    try {
-      const salt = await genSalt(10);
-      passwordHash = await hash(password, salt);
-    } catch (err) {
-      console.log(err);
-      res.status(495).json({error: "Error hashing password"});
-      return;
-    }
-    try {
-      await db.none(
-          'UPDATE Vendors SET\
-                  name = $1, \
-                  email = $2, \
-                  phone_number = $3, \
-                  password = $4, \
-                  website = $5,\
-                  instagram = $6, \
-                  facebook = $7, \
-                  twitter = $8, \
-                  tiktok = $9, \
-                  youtube = $10,\
-                  pinterest = $11 \
-              WHERE vendor_id = $12',
-          [name, email, phoneNumber, passwordHash, website, instagram, facebook, twitter, tiktok, youtube, pinterest, id],
-      );
-    } catch (err) {
-      // Duplicate emails are not allowed
-      if (err.code === '23505') {
-        res
-            .status(400)
-            .json({error: 'A vendor with that email already exists'});
-        return;
-      }
-
-      // Other internal error
-      console.log(err);
-      res.status(500).json({error: "Internal Server Error"});
-      return;
-    }
-
-    next();
-  } else {
-    try {
-      await db.none(
-        'UPDATE Vendors SET\
-          name = $1, \
-          email = $2, \
-          phone_number = $3, \
-          website = $4,\
-          instagram = $5, \
-          facebook = $6, \
-          twitter = $7, \
-          tiktok = $8, \
-          youtube = $9,\
-          pinterest = $10 \
-      WHERE vendor_id = $11',
-      [name, email, phoneNumber, website, instagram, facebook, twitter, tiktok, youtube, pinterest, id],
-      );
-    } catch (err) {
-      // Duplicate emails are not allowed
-      if (err.code === '23505') {
-        res
-            .status(400)
-            .json({error: 'A vendor with that email already exists'});
-        return;
-      }
-
-      // Other internal error
-      console.log(err);
-      res.status(500).json({error: "Internal Server Error"});
+  // Hashes the password using bcrypt
+  let passwordHash;
+  try {
+    const salt = await genSalt(10);
+    passwordHash = await hash(password, salt);
+  } catch (err) {
+    console.log(err);
+    res.status(500).json({error: err});
+    return;
+  }
+
+  try {
+    await db.none(
+        'UPDATE Vendors SET \
+                name = $1, \
+                email = $2, \
+                phone_number = $3, \
+                password = $4, \
+                website = $5, \
+                is_public = $6 \
+            WHERE vendor_id = $7',
+        [name, email, phone_number, passwordHash, website, is_public, vendorId],
+    );
+  } catch (err) {
+    // Duplicate emails are not allowed
+    if (err.code === '23505') {
+      res.status(400).json({error: 'A vendor with that email already exists'});
       return;
     }
-
-    next();
+
+    // Other internal error
+    console.log(err);
+    res.status(500).json({error: err});
+    return;
   }
 
+  next();
 };
 
 // Upload a profile pic. If one exists for the vendor, remove it.
@@ -481,8 +501,11 @@ const verifyVendorHasSameVendorId = async (req, res, next) => {
 module.exports = {
   getVendor,
   getVendors,
+  getPublicVendors,
   createVendor,
   getVendorById,
+  getPublicVendorById,
+  getSelfVendor,
   authenticateVendor,
   createEventRequest,
   getEventRequest,

backend/routes/VendorRouter.js

@@ -3,8 +3,11 @@
 const {
   getVendor,
   getVendors,
+  getPublicVendors,
   createVendor,
   getVendorById,
+  getPublicVendorById,
+  getSelfVendor,
   authenticateVendor,
   createEventRequest,
   getEventRequest,
@@ -29,11 +32,20 @@
 router.post('/login', getVendor, authenticateVendor, signToken, sendSuccessResponse);
 
 // Fetches all vendors
-router.get('/', getVendors, sendSuccessResponse);
+router.get('/', verify('admin'), getVendors, sendSuccessResponse);
+
+// Fetches public vendors
+router.get('/public', getPublicVendors, sendSuccessResponse);
 
 // Fetches a single vendor by ID
 router.get('/:vendorId', getVendorById, sendSuccessResponse);
 
+// Fetches a single vendor by ID that is public
+router.get('/public/:vendorId', verify('admin'), getPublicVendorById, sendSuccessResponse);
+
+// Fetches vendor that is self
+router.get('/self', verify('vendor'), getSelfVendor, sendSuccessResponse);
+
 // Creates a new vendor
 router.post('/', createVendor, sendSuccessResponse);
 
@@ -45,7 +57,7 @@
 
 // Edit vendor by id
 // This probably should be an admin-protected route. How does that work?
 router.put('/:vendorId', verify('admin'), updateVendor, sendSuccessResponse);
 
 router.get('/violations/:vendorId', verify('vendor'), canEditVendor, getViolationsByVendorId, sendSuccessResponse);
 

frontend/package.json

@@ -58,6 +58,6 @@
     "eslint": "^8.53.0",
     "eslint-config-google": "^0.14.0",
     "eslint-plugin-react": "^7.33.2",
-    "tailwindcss": "^3.3.5"
+    "tailwindcss": "^3.4.4"
   }
 }

frontend/src/objects/Vendor.js

@@ -10,7 +10,7 @@ export default class Vendor {
     phone_number: string - (Optional) phone number of the vendor.
     */
   constructor(id, name, email, website = undefined, phoneNumber = undefined, image = undefined, instagram = undefined,
-      facebook = undefined, twitter = undefined, youtube = undefined, tiktok = undefined, pinterest = undefined) {
+      facebook = undefined, twitter = undefined, youtube = undefined, tiktok = undefined, pinterest = undefined, isPublic = false) {
     this.id = id;
     this.name = name;
     this.email = email;
@@ -23,6 +23,7 @@ export default class Vendor {
     this.youtube = youtube;
     this.tiktok = tiktok;
     this.pinterest = pinterest;
+    this.is_public = isPublic;
   }
 
   // Create a vendor object from json representation

frontend/src/services/Vendors/VendorsRepository.js

@@ -13,6 +13,16 @@ export default class VendorsRepository {
     }
   }
 
+  async getPublicVendors() {
+    try {
+      const response = await this.httpClient.axiosInstance.get('/vendors/public');
+      return response.data;
+    } catch (error) {
+      console.error('Error fetching public vendors');
+      return undefined;
+    }
+  }
+
   async getVendorById(vendorId) {
     try {
       const response = await this.httpClient.axiosInstance.get(`/vendors/${vendorId}`);
@@ -23,6 +33,26 @@ export default class VendorsRepository {
     }
   }
 
+  async getPublicVendorById(vendorId) {
+    try {
+      const response = await this.httpClient.axiosInstance.get(`/vendors/public/${vendorId}`);
+      return response.data;
+    } catch (error) {
+      console.error(`Error fetching public vendor with ID ${vendorId}:`);
+      return undefined;
+    }
+  }
+
+  async getSelfVendor() {
+    try {
+      const response = await this.httpClient.axiosInstance.get('/vendors/self');
+      return response.data;
+    } catch (error) {
+      console.error('Error fetching self vendor:');
+      return undefined;
+    }
+  }
+
   async authenticateVendor(vendorData) {
     try {
       const response = await this.httpClient.axiosInstance.post('vendors/login', vendorData);