From 2acc65823b18f8aa77fcc628d80babfaee0776b3 Mon Sep 17 00:00:00 2001
From: drake <dragonduckymarino@gmail.com>
Date: Fri, 31 Jan 2025 18:51:20 -0600
Subject: [PATCH] dev

---
 src/lib/db/index.server.ts                    |  11 +-
 src/routes/account/+page.svelte               |   4 +-
 src/routes/admin/users/create/+page.svelte    |   2 +-
 src/routes/companies/+page.svelte             |  14 +-
 .../companies/[company]/edit/+page.server.ts  |   5 +-
 .../companies/[company]/edit/+page.svelte     |  19 ++
 src/routes/companies/create/+page.server.ts   |   5 +-
 src/routes/info/+page.svelte                  |   8 +-
 src/routes/postings/+page.svelte              | 193 +++++++++---------
 src/routes/postings/[posting]/+page.svelte    |   2 +-
 .../manage/applications/+page.server.ts       |   2 +-
 .../manage/applications/+page.svelte          |   2 +-
 .../[posting]/manage/edit/+page.server.ts     |   3 +-
 src/routes/register/+page.server.ts           |   3 +-
 src/routes/register/+page.svelte              |   2 +-
 15 files changed, 162 insertions(+), 113 deletions(-)

diff --git a/src/lib/db/index.server.ts b/src/lib/db/index.server.ts
index 106d65b..598a07a 100644
--- a/src/lib/db/index.server.ts
+++ b/src/lib/db/index.server.ts
@@ -306,7 +306,7 @@ export async function deleteCompany(id: number): Promise<void> {
 
 export async function getCompany(id: number): Promise<Company> {
 	const [company] = await sql`
-		SELECT id, name, description, website, created_at AS "createdAt"
+		SELECT id, name, description, website, created_at AS "createdAt", company_code AS "companyCode"
 		FROM companies
 		WHERE id = ${id};
 	`;
@@ -750,3 +750,12 @@ export async function getApplications(postingId: number): Promise<Application[]>
 
 	return <Application[]>(<unknown>data);
 }
+
+export async function setUserCompanyId(userId: number, companyId: number): Promise<void> {
+	await sql`
+      UPDATE users
+      SET company_id   = ${companyId},
+          company_code = (SELECT company_code FROM companies WHERE id = ${companyId})
+      WHERE id = ${userId};
+	`;
+}
diff --git a/src/routes/account/+page.svelte b/src/routes/account/+page.svelte
index 8dcbba4..ad5b465 100644
--- a/src/routes/account/+page.svelte
+++ b/src/routes/account/+page.svelte
@@ -119,7 +119,7 @@
 					{#if data.user.company?.id}
 						<div class="font-semibold">
 							Employer company:
-							<div class="top-border mt-2 p-3">
+							<div class="top-border mt-2 p-3 align-top">
 								<img
 									id="logo"
 									class="mb-2 inline-block rounded"
@@ -129,7 +129,7 @@
 									height="32"
 									width="32"
 								/>
-								<div class="inline-block">
+								<div class="inline-block pl-2 align-top">
 									<div>{data.user.company.name}</div>
 									<div class="max-char-length font-normal">{data.user.company.description}</div>
 								</div>
diff --git a/src/routes/admin/users/create/+page.svelte b/src/routes/admin/users/create/+page.svelte
index af90e8b..929a501 100644
--- a/src/routes/admin/users/create/+page.svelte
+++ b/src/routes/admin/users/create/+page.svelte
@@ -147,7 +147,7 @@
 					id="phone"
 					placeholder="Phone"
 					class="w-full rounded font-normal"
-					pattern="[0-9]{3}-[0-9]{3}-[0-9]{4}"
+					pattern="([0-9]\{3}) [0-9]\{3}-[0-9]\{3}"
 				/>
 			</div>
 			<div class="mt-4 text-sm font-semibold">
diff --git a/src/routes/companies/+page.svelte b/src/routes/companies/+page.svelte
index de18187..208223f 100644
--- a/src/routes/companies/+page.svelte
+++ b/src/routes/companies/+page.svelte
@@ -1,6 +1,8 @@
 <script lang="ts">
 	import type { PageProps } from './$types';
-	import type { Company, User } from '$lib/types';
+	import type { Company } from '$lib/types';
+	import { userState } from '$lib/shared.svelte';
+	import { PERMISSIONS } from '$lib/consts';
 
 	function logoFallback(e: Event, company: Company) {
 		(e.target as HTMLImageElement).src =
@@ -13,7 +15,15 @@
 <div class="base-container-small">
 	<div class="content">
 		<div class="elevated separator-borders mb-4 mt-4 rounded">
-			<div class="p-3 font-semibold">Companies</div>
+			<div class="flex justify-between">
+				<div class="inline-block p-3 font-semibold">Companies</div>
+				{#if (userState.perms & PERMISSIONS.MANAGE_COMPANIES) > 0 || (userState.perms & PERMISSIONS.SUBMIT_POSTINGS) > 0}
+					<a
+						class="dull-primary-bg-color m-2 inline-block rounded-md px-2.5 py-1"
+						href="/companies/create">Create new company</a
+					>
+				{/if}
+			</div>
 			{#each data.companies as company}
 				<a class="top-border hover-bg-color inline-block w-full p-3" href="/companies/{company.id}">
 					<img
diff --git a/src/routes/companies/[company]/edit/+page.server.ts b/src/routes/companies/[company]/edit/+page.server.ts
index a126beb..b6e91b6 100644
--- a/src/routes/companies/[company]/edit/+page.server.ts
+++ b/src/routes/companies/[company]/edit/+page.server.ts
@@ -27,9 +27,8 @@ export const actions: Actions = {
 		const requestPerms = getUserPerms(cookies);
 		if (
 			!(
-				requestPerms >= 0 &&
-				((requestPerms & PERMISSIONS.MANAGE_COMPANIES) > 0 ||
-					((requestPerms & PERMISSIONS.SUBMIT_POSTINGS) > 0 && getUserCompanyId(cookies) === id))
+				(requestPerms >= 0 && (requestPerms & PERMISSIONS.MANAGE_COMPANIES) > 0) ||
+				(requestPerms & PERMISSIONS.SUBMIT_POSTINGS) > 0
 			)
 		) {
 			return fail(403, { errorMessage: 'You cannot preform this action!' });
diff --git a/src/routes/companies/[company]/edit/+page.svelte b/src/routes/companies/[company]/edit/+page.svelte
index 6dc8653..965b367 100644
--- a/src/routes/companies/[company]/edit/+page.svelte
+++ b/src/routes/companies/[company]/edit/+page.svelte
@@ -10,11 +10,30 @@
 		document.getElementById('deleteConfirmModal')!.style.display = 'none';
 	}
 
+	function logoFallback(e: Event) {
+		(e.target as HTMLImageElement).src =
+			`https://ui-avatars.com/api/?background=random&format=svg&name=${encodeURIComponent(data.company.name!)}`;
+	}
+
 	let { data, form }: PageProps = $props();
 </script>
 
 <div class="base-container">
 	<div class="content">
+		<div class="m-4">
+			<img
+				class="mb-2 inline-block rounded-lg"
+				src="/uploads/logos/{data.company.id}.svg?timestamp=${Date.now()}"
+				alt="User avatar"
+				onerror={logoFallback}
+				height="80"
+				width="80"
+			/>
+			<div class="inline-block pl-4 align-top">
+				<h1 class="font-bold">{data.company.name}</h1>
+				<h2>Company code: <span class="font-semibold">{data.company.companyCode}</span></h2>
+			</div>
+		</div>
 		<div class="elevated separator-borders m-4 rounded">
 			<div class="bottom-border flex place-content-between">
 				<div class="p-3 font-semibold">Edit Company {data.company.name}</div>
diff --git a/src/routes/companies/create/+page.server.ts b/src/routes/companies/create/+page.server.ts
index b55ade6..4fe7a9d 100644
--- a/src/routes/companies/create/+page.server.ts
+++ b/src/routes/companies/create/+page.server.ts
@@ -14,9 +14,8 @@ export const actions: Actions = {
 		const requestPerms = getUserPerms(cookies);
 		if (
 			!(
-				requestPerms >= 0 &&
-				((requestPerms & PERMISSIONS.MANAGE_COMPANIES) > 0 ||
-					((requestPerms & PERMISSIONS.SUBMIT_POSTINGS) > 0 && getUserCompanyId(cookies)))
+				(requestPerms >= 0 && (requestPerms & PERMISSIONS.MANAGE_COMPANIES) > 0) ||
+				(requestPerms & PERMISSIONS.SUBMIT_POSTINGS) > 0
 			)
 		) {
 			return fail(403, { errorMessage: 'You cannot preform this action!' });
diff --git a/src/routes/info/+page.svelte b/src/routes/info/+page.svelte
index f7f92b3..08aed8b 100644
--- a/src/routes/info/+page.svelte
+++ b/src/routes/info/+page.svelte
@@ -14,10 +14,10 @@
 			access to create job postings.
 		</p>
 		<p>
-			If you are your company admin, first create your account (without inputting a code). Then, go
-			to the company page, and use the button in the top right to create a new company. Once created
-			and approved by a CareerConnect admin, you will be able to see the company code, which you can
-			then give to your employees.
+			If you are your company admin, first create your account (without inputting a code). Reach out
+			to a CareerConnect admin to elevate your account privaleges. Then, go to the company page, and
+			use the button in the top right to create a new company. Once created, you will be able to see
+			the company code, which you can then give to your employees.
 		</p>
 	</div>
 </div>
diff --git a/src/routes/postings/+page.svelte b/src/routes/postings/+page.svelte
index ea494b8..87d5c8c 100644
--- a/src/routes/postings/+page.svelte
+++ b/src/routes/postings/+page.svelte
@@ -36,105 +36,116 @@
 </script>
 
 <div class="base-container">
-	<div class="content flex">
-		<div class="right-border inline-block w-1/3">
-			{#each data.postings as posting}
-				<button
-					class="bottom-border block w-full p-4 text-left {details?.id === posting.id
-						? 'accent-bg-color'
-						: ''}"
-					onclick={() => {
-						fetchDetails(posting.id);
-					}}
+	<div class="content">
+		<div class="bottom-border mb-4 flex justify-between pb-2">
+			<h1 class="inline-block p-2">Postings</h1>
+			{#if userState.companyId && (userState.perms & PERMISSIONS.SUBMIT_POSTINGS) > 0}
+				<a class="dull-primary-bg-color m-2 h-min rounded-md px-2.5 py-1" href="/postings/create"
+					>Create new posting</a
 				>
-					<img
-						class="inline-block rounded"
-						src="/uploads/logos/{posting.companyId}.svg"
-						alt="Company Logo"
-						height="48"
-						width="48"
-						onerror={(e) => logoFallback(e, posting)}
-					/>
-					<div class="inline-block pl-2 align-top">
-						<h2 class="font-semibold">{posting.title}</h2>
-						<h3>{posting.company.name}</h3>
-					</div>
-				</button>
-			{/each}
+			{/if}
 		</div>
-		{#if details !== undefined}
-			<div
-				class="elevated separator-borders top-with-navbar sticky ml-4 mt-4 inline-block h-min w-2/3 rounded p-4"
-			>
-				<div class="bottom-border flex justify-between pb-2">
-					<div class="inline-block">
+		<div class="flex">
+			<div class="right-border inline-block w-1/3">
+				{#each data.postings as posting}
+					<button
+						class="bottom-border block w-full p-4 text-left {details?.id === posting.id
+							? 'accent-bg-color'
+							: ''}"
+						onclick={() => {
+							fetchDetails(posting.id);
+						}}
+					>
 						<img
 							class="inline-block rounded"
-							src="/uploads/logos/{details.companyId || 'default'}.svg"
+							src="/uploads/logos/{posting.companyId}.svg"
 							alt="Company Logo"
-							height="64"
-							width="64"
-							onerror={(e) => logoFallback(e, details)}
+							height="48"
+							width="48"
+							onerror={(e) => logoFallback(e, posting)}
 						/>
 						<div class="inline-block pl-2 align-top">
-							<h1>{details.title}</h1>
-							<h2>Company: {details.company.name}</h2>
+							<h2 class="font-semibold">{posting.title}</h2>
+							<h3>{posting.company.name}</h3>
 						</div>
-					</div>
-					{#if userState.perms >= 0 && ((userState.perms & PERMISSIONS.MANAGE_POSTINGS) > 0 || ((userState.perms & PERMISSIONS.SUBMIT_POSTINGS) > 0 && userState.companyId === details.company.id))}
-						<a
-							class="dull-primary-bg-color inline-block h-min rounded-md px-2.5 py-1 align-top"
-							href="/postings/{details.id}/manage">Manage posting</a
-						>
-					{:else if (userState.perms & PERMISSIONS.APPLY_FOR_JOBS) > 0}
-						<a
-							class="dull-primary-bg-color inline-block h-min rounded-md px-2.5 py-1 align-top"
-							href="/postings/{details.id}/apply">Apply</a
-						>
-					{/if}
-				</div>
-				<div class="scrollbar-on-elevated details-height overflow-y-scroll">
-					<h2 class="pt-2 font-semibold">Contact</h2>
-					<p>{details.employer?.fullName} ({details.employer?.username})</p>
-					<a class="hover-hyperlink" href="mailto:{details.employer?.email}"
-						>{details.employer?.email}</a
-					>
-					<a class="hover-hyperlink" href="tel:{details.employer?.phone}"
-						>{details.employer?.phone}</a
-					>
-					<h2 class="pt-2 font-semibold">Details</h2>
-					{#if details.employmentType}
-						<p>{employmentTypeDisplayName(details.employmentType)}</p>
-					{/if}
-					{#if details.address}
-						<a
-							href="https://www.google.com/maps/search/?api=1&query={details.address}"
-							class="block w-max">Address: <span class="hover-hyperlink">{details.address}</span></a
-						>
-					{/if}
-					{#if details.wage}
-						<p>Wage: {details.wage}</p>
-					{/if}
-					{#if details.createdAt}
-						<p>Posted: {details.createdAt.toLocaleDateString('en-US', dateFormatOptions)}</p>
-					{/if}
-					{#if details.link}
-						<a href={details.link} class="block w-max"
-							>More information: <span class="hyperlink-color hyperlink-underline"
-								>{details.link}</span
-							></a
-						>
-					{/if}
-					{#if details.flyerLink}
-						<a href={details.flyerLink} class="block w-max"
-							>Flyer: <span class="hyperlink-color hyperlink-underline">{details.flyerLink}</span
-							></a
-						>
-					{/if}
-					<h2 class="pt-2 font-semibold">Job Description</h2>
-					<p class="whitespace-pre-wrap">{details.description}</p>
-				</div>
+					</button>
+				{/each}
 			</div>
-		{/if}
+			{#if details !== undefined}
+				<div
+					class="elevated separator-borders top-with-navbar sticky ml-4 inline-block h-min w-2/3 rounded p-4"
+				>
+					<div class="bottom-border flex justify-between pb-2">
+						<div class="inline-block">
+							<img
+								class="inline-block rounded"
+								src="/uploads/logos/{details.companyId || 'default'}.svg"
+								alt="Company Logo"
+								height="64"
+								width="64"
+								onerror={(e) => logoFallback(e, details)}
+							/>
+							<div class="inline-block pl-2 align-top">
+								<h1>{details.title}</h1>
+								<h2>Company: {details.company.name}</h2>
+							</div>
+						</div>
+						{#if userState.perms >= 0 && ((userState.perms & PERMISSIONS.MANAGE_POSTINGS) > 0 || ((userState.perms & PERMISSIONS.SUBMIT_POSTINGS) > 0 && userState.companyId === details.company.id))}
+							<a
+								class="dull-primary-bg-color inline-block h-min rounded-md px-2.5 py-1 align-top"
+								href="/postings/{details.id}/manage">Manage posting</a
+							>
+						{:else if (userState.perms & PERMISSIONS.APPLY_FOR_JOBS) > 0}
+							<a
+								class="dull-primary-bg-color inline-block h-min rounded-md px-2.5 py-1 align-top"
+								href="/postings/{details.id}/apply">Apply</a
+							>
+						{/if}
+					</div>
+					<div class="scrollbar-on-elevated details-height overflow-y-scroll">
+						<h2 class="pt-2 font-semibold">Contact</h2>
+						<p>{details.employer?.fullName} ({details.employer?.username})</p>
+						<a class="hover-hyperlink" href="mailto:{details.employer?.email}"
+							>{details.employer?.email}</a
+						>
+						<a class="hover-hyperlink" href="tel:{details.employer?.phone}"
+							>{details.employer?.phone}</a
+						>
+						<h2 class="pt-2 font-semibold">Details</h2>
+						{#if details.employmentType}
+							<p>{employmentTypeDisplayName(details.employmentType)}</p>
+						{/if}
+						{#if details.address}
+							<a
+								href="https://www.google.com/maps/search/?api=1&query={details.address}"
+								class="block w-max"
+								>Address: <span class="hover-hyperlink">{details.address}</span></a
+							>
+						{/if}
+						{#if details.wage}
+							<p>Wage: {details.wage}</p>
+						{/if}
+						{#if details.createdAt}
+							<p>Posted: {details.createdAt.toLocaleDateString('en-US', dateFormatOptions)}</p>
+						{/if}
+						{#if details.link}
+							<a href={details.link} class="block w-max"
+								>More information: <span class="hyperlink-color hyperlink-underline"
+									>{details.link}</span
+								></a
+							>
+						{/if}
+						{#if details.flyerLink}
+							<a href={details.flyerLink} class="block w-max"
+								>Flyer: <span class="hyperlink-color hyperlink-underline">{details.flyerLink}</span
+								></a
+							>
+						{/if}
+						<h2 class="pt-2 font-semibold">Job Description</h2>
+						<p class="whitespace-pre-wrap">{details.description}</p>
+					</div>
+				</div>
+			{/if}
+		</div>
 	</div>
 </div>
diff --git a/src/routes/postings/[posting]/+page.svelte b/src/routes/postings/[posting]/+page.svelte
index b6c7274..da5a70d 100644
--- a/src/routes/postings/[posting]/+page.svelte
+++ b/src/routes/postings/[posting]/+page.svelte
@@ -36,7 +36,7 @@
 						<h2>Company: {data.posting.company.name}</h2>
 					</div>
 				</div>
-				{#if userState.perms >= 0 && ((userState.perms & PERMISSIONS.MANAGE_POSTINGS) > 0 || ((userState.perms & PERMISSIONS.SUBMIT_POSTINGS) > 0 && userState.companyId === details.company.id))}
+				{#if userState.perms >= 0 && ((userState.perms & PERMISSIONS.MANAGE_POSTINGS) > 0 || ((userState.perms & PERMISSIONS.SUBMIT_POSTINGS) > 0 && userState.companyId === data.posting.company.id))}
 					<a
 						class="dull-primary-bg-color inline-block h-min rounded-md px-2.5 py-1 align-top"
 						href="/postings/{data.posting.id}/manage">Manage posting</a
diff --git a/src/routes/postings/[posting]/manage/applications/+page.server.ts b/src/routes/postings/[posting]/manage/applications/+page.server.ts
index 2a18893..704d25b 100644
--- a/src/routes/postings/[posting]/manage/applications/+page.server.ts
+++ b/src/routes/postings/[posting]/manage/applications/+page.server.ts
@@ -14,7 +14,7 @@ export const load: PageServerLoad = async ({ params, cookies }) => {
 	if (
 		perms >= 0 &&
 		((perms & PERMISSIONS.MANAGE_POSTINGS) > 0 ||
-			((perms & PERMISSIONS.SUBMIT_POSTINGS) > 0 && getUserCompanyId(cookies) === id))
+			((perms & PERMISSIONS.SUBMIT_POSTINGS) > 0 && getUserCompanyId(cookies)))
 	) {
 		return {
 			applications: await getApplications(id)
diff --git a/src/routes/postings/[posting]/manage/applications/+page.svelte b/src/routes/postings/[posting]/manage/applications/+page.svelte
index b44e432..643d15f 100644
--- a/src/routes/postings/[posting]/manage/applications/+page.svelte
+++ b/src/routes/postings/[posting]/manage/applications/+page.svelte
@@ -78,7 +78,7 @@
 									<p>Email: {application.user.email}</p>
 								{/if}
 								{#if application.user?.phone}
-									<p>Phone: {application.user.email}</p>
+									<p>Phone: {application.user.phone}</p>
 								{/if}
 								{#if application.createdAt}
 									<p>
diff --git a/src/routes/postings/[posting]/manage/edit/+page.server.ts b/src/routes/postings/[posting]/manage/edit/+page.server.ts
index a6a750b..66f05be 100644
--- a/src/routes/postings/[posting]/manage/edit/+page.server.ts
+++ b/src/routes/postings/[posting]/manage/edit/+page.server.ts
@@ -9,10 +9,11 @@ export const load: PageServerLoad = async ({ cookies, params }) => {
 	const id = parseInt(params.posting);
 	const perms = getUserPerms(cookies);
 
+	// TODO check if user is allowed to edit this posting
 	if (
 		perms >= 0 &&
 		((perms & PERMISSIONS.MANAGE_POSTINGS) > 0 ||
-			((perms & PERMISSIONS.SUBMIT_POSTINGS) > 0 && getUserCompanyId(cookies) === id))
+			((perms & PERMISSIONS.SUBMIT_POSTINGS) > 0 && getUserCompanyId(cookies)))
 	) {
 		return {
 			posting: await getPosting(id)
diff --git a/src/routes/register/+page.server.ts b/src/routes/register/+page.server.ts
index 7b51068..89d2655 100644
--- a/src/routes/register/+page.server.ts
+++ b/src/routes/register/+page.server.ts
@@ -47,7 +47,8 @@ export const actions: Actions = {
 				active: true,
 				email: email,
 				phone: phone,
-				fullName: fullName
+				fullName: fullName,
+				companyCode: companyCode
 			};
 			if (password === confirmPassword) {
 				try {
diff --git a/src/routes/register/+page.svelte b/src/routes/register/+page.svelte
index 2658d8f..006301a 100644
--- a/src/routes/register/+page.svelte
+++ b/src/routes/register/+page.svelte
@@ -83,7 +83,7 @@
 					id="phone"
 					placeholder="Phone"
 					class="w-full rounded font-normal"
-					pattern="[0-9]{3}-[0-9]{3}-[0-9]{4}"
+					pattern="([0-9]\{3}) [0-9]\{3}-[0-9]\{3}"
 				/>
 			</div>
 			<div class="relative mt-4 text-sm font-semibold">