#119 added auth to the functions with user should be checked as author or executor

parent a7a0a978
...@@ -63,7 +63,7 @@ export const authAuthorOrExecutorOfTask = async(req: Request,res: Response, next ...@@ -63,7 +63,7 @@ export const authAuthorOrExecutorOfTask = async(req: Request,res: Response, next
} }
req.body={...req.body, task:task} req.body={...req.body, task:task}
next() next()
}; };
/**Check if user with the given token is executor or author of task with the given dateTimeTaskId */ /**Check if user with the given token is executor or author of task with the given dateTimeTaskId */
......
...@@ -2,13 +2,13 @@ import express,{Router, Request, Response } from 'express'; ...@@ -2,13 +2,13 @@ import express,{Router, Request, Response } from 'express';
import {Task} from '../models/Task'; import {Task} from '../models/Task';
import {myDataSource} from '../app-data-source'; import {myDataSource} from '../app-data-source';
import { DateTimeTask } from '../models/DateTimeTask'; import { DateTimeTask } from '../models/DateTimeTask';
import { authAuthorOrExecutorOfDateTimeTask, authAuthorOrExecutorOfTask } from '../helpers'; import { auth, authAuthorOrExecutorOfDateTimeTask, authAuthorOrExecutorOfTask } from '../helpers';
const router:Router = express.Router(); const router:Router = express.Router();
const dataSource = myDataSource; const dataSource = myDataSource;
/** make copy of task in calendar view */ /** make copy of task in calendar view */
router.post("/make-copy",authAuthorOrExecutorOfTask, async(req:Request, res:Response):Promise<Response>=>{ router.post("/make-copy",auth,authAuthorOrExecutorOfTask, async(req:Request, res:Response):Promise<Response>=>{
const {taskId, dateTimeDue, dateTimeStart, authorStatus, executorStatus, task} = req.body; const {taskId, dateTimeDue, dateTimeStart, authorStatus, executorStatus, task} = req.body;
if(!task) return res.status(401).send({message:'task with possible user involved is not found'}) if(!task) return res.status(401).send({message:'task with possible user involved is not found'})
const newDateTimeTask = new DateTimeTask(); const newDateTimeTask = new DateTimeTask();
...@@ -20,7 +20,7 @@ router.post("/make-copy",authAuthorOrExecutorOfTask, async(req:Request, res:Resp ...@@ -20,7 +20,7 @@ router.post("/make-copy",authAuthorOrExecutorOfTask, async(req:Request, res:Resp
} ) } )
/** change date time of copy of task in calendar view */ /** change date time of copy of task in calendar view */
router.put("/change-copy/:dateTimeTaskId", authAuthorOrExecutorOfTask, async(req:Request, res: Response):Promise<Response>=>{ router.put("/change-copy/:dateTimeTaskId",auth, authAuthorOrExecutorOfTask, async(req:Request, res: Response):Promise<Response>=>{
const {dateTimeTaskId} = req.params const {dateTimeTaskId} = req.params
const {executorStatus,authorStatus, task, dateTimeStart, dateTimeDue, description, title, priority} = req.body const {executorStatus,authorStatus, task, dateTimeStart, dateTimeDue, description, title, priority} = req.body
if(authorStatus){ if(authorStatus){
......
...@@ -41,7 +41,9 @@ export default function EnhancedTable() { ...@@ -41,7 +41,9 @@ export default function EnhancedTable() {
if (tasks && tasks?.length > 0) { if (tasks && tasks?.length > 0) {
setRecievedTasks(tasks); setRecievedTasks(tasks);
} }
}, [ tasks?.length,addTaskForm, setAddTaskForm, dispatch]); }, [
tasks?.length,
addTaskForm, setAddTaskForm, dispatch]);
console.log('tasks ', tasks, 'projects ', projects) console.log('tasks ', tasks, 'projects ', projects)
...@@ -177,6 +179,7 @@ export default function EnhancedTable() { ...@@ -177,6 +179,7 @@ export default function EnhancedTable() {
if (projectIdListForTaskSelect.length>0) { if (projectIdListForTaskSelect.length>0) {
tasksFilteredByProject = tasks.filter(task=>projectIdListForTaskSelect.includes(task.project?.id)) tasksFilteredByProject = tasks.filter(task=>projectIdListForTaskSelect.includes(task.project?.id))
} }
console.log('tasksFilteredByProject ', tasksFilteredByProject)
setRecievedTasks(tasksFilteredByProject) setRecievedTasks(tasksFilteredByProject)
setFilterProjectTumbler(true) setFilterProjectTumbler(true)
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment