Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Contribute to GitLab
Sign in
Toggle navigation
P
planner-team-one
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
21
Issues
21
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Евгений Положенцев
planner-team-one
Commits
475e4580
Commit
475e4580
authored
Dec 10, 2022
by
Евгений Положенцев
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
#93
added check on admin rpoject rights while addd remove user and delete project
parent
5b0ba753
Show whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
93 additions
and
37 deletions
+93
-37
helpers.ts
planner-api/src/helpers.ts
+48
-0
Member.ts
planner-api/src/models/Member.ts
+2
-2
Project.ts
planner-api/src/models/Project.ts
+1
-1
User.ts
planner-api/src/models/User.ts
+1
-1
projects.ts
planner-api/src/routers/projects.ts
+41
-33
No files found.
planner-api/src/helpers.ts
View file @
475e4580
...
@@ -3,6 +3,7 @@ import { myDataSource } from "./app-data-source";
...
@@ -3,6 +3,7 @@ import { myDataSource } from "./app-data-source";
import
{
Task
}
from
"./models/Task"
;
import
{
Task
}
from
"./models/Task"
;
import
{
User
}
from
"./models/User"
;
import
{
User
}
from
"./models/User"
;
import
nodemailer
from
'nodemailer'
;
import
nodemailer
from
'nodemailer'
;
import
{
Member
}
from
"./models/Member"
;
const
dataSource
=
myDataSource
;
const
dataSource
=
myDataSource
;
...
@@ -103,6 +104,29 @@ export const authAuthorOrExecutorOfDateTimeTask = async(req: Request,res: Respon
...
@@ -103,6 +104,29 @@ export const authAuthorOrExecutorOfDateTimeTask = async(req: Request,res: Respon
}
}
/**check if user is admin of the project, receives userId and projectId*/
export
const
authAdminProject
=
async
(
req
:
Request
,
res
:
Response
,
next
:
NextFunction
):
Promise
<
void
|
express
.
Response
<
Response
>>=>
{
const
token
=
req
.
get
(
'Authorization'
);
const
{
projectId
}
=
req
.
body
;
const
adminOfProject
=
await
dataSource
.
createQueryBuilder
()
.
select
(
"user"
)
.
from
(
User
,
"user"
)
.
leftJoinAndSelect
(
"user.members"
,
"member"
)
.
leftJoinAndSelect
(
'member.project'
,
'project'
)
.
where
(
"user.token = :token"
,
{
token
})
.
andWhere
(
'project.id=:projectId'
,{
projectId
})
.
andWhere
(
'member.roleProject=:roleProject'
,{
roleProject
:
'admin'
})
.
getOne
()
if
(
!
adminOfProject
){
return
res
.
send
({
message
:
'User is not authorized'
})
}
req
.
body
=
{...
req
.
body
,
adminStatus
:
true
}
next
()
}
/** return user if is in the given project, recieves userId adn projectId */
/**task finder by id, return one task */
/**task finder by id, return one task */
...
@@ -122,6 +146,30 @@ export const taskFinderById = async (taskId:string):Promise<null | Task>=>{
...
@@ -122,6 +146,30 @@ export const taskFinderById = async (taskId:string):Promise<null | Task>=>{
return
task
return
task
}
}
/**member finder by userId and projectId, return one task */
export
const
memberFinderById
=
async
(
userId
:
string
,
projectId
:
string
)
=>
{
const
member
=
await
dataSource
.
getRepository
(
Member
)
.
findOne
({
relations
:{
user
:
true
,
project
:
true
,
},
where
:{
user
:{
id
:
userId
},
project
:{
id
:
projectId
}
}
})
return
member
}
export
let
transporter
=
nodemailer
.
createTransport
({
export
let
transporter
=
nodemailer
.
createTransport
({
...
...
planner-api/src/models/Member.ts
View file @
475e4580
...
@@ -32,10 +32,10 @@ import {
...
@@ -32,10 +32,10 @@ import {
@
CreateDateColumn
({
name
:
'createdAt'
,
type
:
Date
,
default
:
new
Date
()
})
@
CreateDateColumn
({
name
:
'createdAt'
,
type
:
Date
,
default
:
new
Date
()
})
createdAt
!
:
Date
;
createdAt
!
:
Date
;
@
ManyToOne
(()
=>
User
,
(
user
:
{
members
:
Member
[];
})
=>
user
.
members
,{
cascade
:
true
,
onUpdate
:
'CASCADE'
,
eager
:
true
})
@
ManyToOne
(()
=>
User
,
(
user
:
{
members
:
Member
[];
})
=>
user
.
members
,{
cascade
:
true
,
onUpdate
:
'CASCADE'
,
onDelete
:
'CASCADE'
,
eager
:
true
})
user
!
:
User
;
user
!
:
User
;
@
ManyToOne
(()
=>
Project
,
(
project
:
{
members
:
Member
[];
})
=>
project
.
members
,{
cascade
:
true
,
onUpdate
:
'CASCADE'
,
nullable
:
true
})
@
ManyToOne
(()
=>
Project
,
(
project
:
{
members
:
Member
[];
})
=>
project
.
members
,{
cascade
:
true
,
onUpdate
:
'CASCADE'
,
onDelete
:
'CASCADE'
,
nullable
:
true
})
project
!
:
Project
;
project
!
:
Project
;
@
Column
({
@
Column
({
...
...
planner-api/src/models/Project.ts
View file @
475e4580
...
@@ -46,7 +46,7 @@ import {
...
@@ -46,7 +46,7 @@ import {
@
OneToMany
(()
=>
Task
,
(
task
:
{
project
:
Project
;
})
=>
task
.
project
,{
nullable
:
true
})
@
OneToMany
(()
=>
Task
,
(
task
:
{
project
:
Project
;
})
=>
task
.
project
,{
nullable
:
true
})
tasks
!
:
Task
[];
tasks
!
:
Task
[];
@
OneToMany
(()
=>
Member
,
(
member
:
{
project
:
Project
;
})
=>
member
.
project
)
@
OneToMany
(()
=>
Member
,
(
member
:
{
project
:
Project
;
})
=>
member
.
project
,
{
onDelete
:
'CASCADE'
}
)
members
!
:
Member
[];
members
!
:
Member
[];
}
}
\ No newline at end of file
planner-api/src/models/User.ts
View file @
475e4580
...
@@ -80,7 +80,7 @@ export class User extends BaseEntity implements IUser {
...
@@ -80,7 +80,7 @@ export class User extends BaseEntity implements IUser {
@
OneToMany
(()
=>
Task
,
(
task
:
{
user
:
User
})
=>
task
.
user
)
@
OneToMany
(()
=>
Task
,
(
task
:
{
user
:
User
})
=>
task
.
user
)
tasks
!
:
Task
[];
tasks
!
:
Task
[];
@
OneToMany
(()
=>
Member
,
(
member
:
{
user
:
User
})
=>
member
.
user
)
@
OneToMany
(()
=>
Member
,
(
member
:
{
user
:
User
})
=>
member
.
user
,
{
onDelete
:
'CASCADE'
}
)
members
!
:
Member
[];
members
!
:
Member
[];
...
...
planner-api/src/routers/projects.ts
View file @
475e4580
import
express
,{
Router
,
Request
,
Response
}
from
'express'
;
import
express
,{
Router
,
Request
,
Response
}
from
'express'
;
import
{
Project
}
from
'../models/Project'
;
import
{
Project
}
from
'../models/Project'
;
import
{
myDataSource
}
from
'../app-data-source'
;
import
{
myDataSource
}
from
'../app-data-source'
;
import
{
User
}
from
'../models/User'
;
import
{
Member
,
MemberRole
}
from
'../models/Member'
;
import
{
Member
,
MemberRole
}
from
'../models/Member'
;
import
{
userInfo
}
from
'os'
;
import
{
auth
,
authAdminProject
}
from
'../helpers'
;
import
{
Task
}
from
'../models/Task'
;
import
{
auth
}
from
'../helpers'
;
const
router
:
Router
=
express
.
Router
();
const
router
:
Router
=
express
.
Router
();
const
dataSource
=
myDataSource
;
const
dataSource
=
myDataSource
;
...
@@ -91,7 +88,7 @@ router.get("/:id",async (req:Request, res:Response): Promise<Response> => {
...
@@ -91,7 +88,7 @@ router.get("/:id",async (req:Request, res:Response): Promise<Response> => {
})
})
/** Delete project by project ID*/
/** Delete project by project ID*/
router
.
delete
(
'/:projectId'
,
async
(
req
:
Request
,
res
:
Response
):
Promise
<
Response
>=>
{
router
.
delete
(
'/:projectId'
,
a
uthAdminProject
,
a
sync
(
req
:
Request
,
res
:
Response
):
Promise
<
Response
>=>
{
const
projectId
=
req
.
params
.
projectId
;
const
projectId
=
req
.
params
.
projectId
;
await
myDataSource
await
myDataSource
.
createQueryBuilder
()
.
createQueryBuilder
()
...
@@ -119,9 +116,8 @@ router.get('/user/:userId', async (req : Request, res : Response): Promise<Respo
...
@@ -119,9 +116,8 @@ router.get('/user/:userId', async (req : Request, res : Response): Promise<Respo
/** Add user to specific project */
/** Add user to specific project */
router
.
post
(
'/add-user/'
,
async
(
req
:
Request
,
res
:
Response
):
Promise
<
Response
>=>
{
router
.
post
(
'/add-user/'
,
a
uthAdminProject
,
a
sync
(
req
:
Request
,
res
:
Response
):
Promise
<
Response
>=>
{
const
{
userId
,
projectId
,
roleProject
}
=
req
.
body
;
const
{
userId
,
projectId
,
roleProject
}
=
req
.
body
;
console
.
log
(
"req body"
+
req
.
body
)
const
newMember
:
Member
=
new
Member
();
const
newMember
:
Member
=
new
Member
();
try
{
try
{
newMember
.
user
=
userId
;
newMember
.
user
=
userId
;
...
@@ -136,38 +132,50 @@ router.post('/add-user/', async (req: Request, res: Response):Promise<Response>=
...
@@ -136,38 +132,50 @@ router.post('/add-user/', async (req: Request, res: Response):Promise<Response>=
})
})
/** Remove user from specific project */
/** Remove user from specific project by userId */
router
.
post
(
'/remove-user'
,
async
(
req
:
Request
,
res
:
Response
):
Promise
<
Response
>=>
{
const
token
=
req
.
get
(
'Authorization'
);
const
{
userId
,
projectId
}
=
req
.
body
;
const
adminOfProject
=
await
dataSource
.
createQueryBuilder
()
.
select
(
"user"
)
.
from
(
User
,
"user"
)
.
leftJoinAndSelect
(
"user.members"
,
"member"
)
.
leftJoinAndSelect
(
'member.project'
,
'project'
)
.
where
(
"user.token = :token"
,
{
token
})
.
andWhere
(
'project.id=:projectId'
,{
projectId
})
.
andWhere
(
'member.roleProject=:roleProject'
,{
roleProject
:
'admin'
})
.
getOne
()
if
(
!
adminOfProject
){
return
res
.
send
({
message
:
'User is not authorized'
})
}
router
.
delete
(
'/remove-user/:userId'
,
authAdminProject
,
async
(
req
:
Request
,
res
:
Response
):
Promise
<
Response
>=>
{
const
{
projectId
}
=
req
.
body
;
const
{
userId
}
=
req
.
params
;
try
{
try
{
await
dataSource
await
dataSource
.
createQueryBuilder
()
.
createQueryBuilder
()
.
delete
()
.
delete
()
.
from
(
Member
)
.
from
(
Member
)
.
where
(
"user
= :userId"
,
{
userId
})
.
where
(
"user
= :userId"
,
{
userId
})
.
andWhere
(
"project=:projectId"
,{
projectId
})
.
andWhere
(
"project=:projectId"
,{
projectId
})
.
execute
()
.
execute
()
return
res
.
send
({
message
:
"User removed from project successfully"
})
return
res
.
send
({
message
:
"User removed from project successfully"
})
}
catch
(
e
){
}
catch
(
e
){
return
res
.
send
({
message
:
'Failed to remove user from project'
})
return
res
.
send
({
message
:
'Failed to remove user from project'
})
}
}
})
})
/**change rights of user inside of project by admin, recieve userId, new roleProject */
router
.
put
(
'/change-project-role/:userId'
,
authAdminProject
,
async
(
req
:
Request
,
res
:
Response
):
Promise
<
Response
|
void
>
=>
{
const
{
userId
}
=
req
.
params
const
{
projectId
,
newRoleProject
}
=
req
.
body
const
member
=
await
dataSource
.
createQueryBuilder
()
.
select
(
"member"
)
.
from
(
Member
,
"member"
)
.
leftJoinAndSelect
(
"member.user"
,
"user"
)
.
leftJoinAndSelect
(
'member.project'
,
'project'
)
.
where
(
"user.id = :userId"
,
{
userId
})
.
andWhere
(
"project.id=:projectId"
,{
projectId
})
.
getOne
()
if
(
!
member
)
return
res
.
status
(
404
).
send
({
Message
:
'user and project are not relevant'
})
try
{
member
.
roleProject
=
newRoleProject
await
member
.
save
()
}
catch
(
e
){
return
res
.
send
({
message
:
"failed to change role"
})
}
return
res
.
send
({
message
:
"User's new role "
,
newRoleProject
})
})
export
default
router
;
export
default
router
;
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment