#90 edit auth of task Author Executor checker

parent 96603a34
...@@ -25,7 +25,14 @@ export const auth = async(req: Request,res: Response, next:NextFunction):Promise ...@@ -25,7 +25,14 @@ export const auth = async(req: Request,res: Response, next:NextFunction):Promise
/**Check if user with the given token is executor or author of task with the given Id(taskId) */ /**Check if user with the given token is executor or author of task with the given Id(taskId) */
export const authAuthorOrExecutorOfTask = async(req: Request,res: Response, next:NextFunction):Promise<void | express.Response<Response>>=>{ export const authAuthorOrExecutorOfTask = async(req: Request,res: Response, next:NextFunction):Promise<void | express.Response<Response>>=>{
const token = req.get('Authorization'); const token = req.get('Authorization');
const {taskId} = req.body let taskId = null
taskId = req.body.taskId
if (req.body?.taskId) {
taskId = req.body.taskId
} else if (req.params?.taskId){
taskId = req.params.taskId
} else return res.send({vessage:"there are no taskId found"})
if(!token) return res.status(401).send({Message:'token not exists'}) if(!token) return res.status(401).send({Message:'token not exists'})
req.body={...req.body,executorStatus:false} req.body={...req.body,executorStatus:false}
...@@ -53,15 +60,17 @@ export const authAuthorOrExecutorOfTask = async(req: Request,res: Response, next ...@@ -53,15 +60,17 @@ export const authAuthorOrExecutorOfTask = async(req: Request,res: Response, next
}, },
]}) ]})
if (!task) return res.status(404).send({message:'task with possible user involved is not found'}) if (!task) return res.status(404).send({message:'task with possible user involved is not found'})
if (task?.author?.token === token ) { if(task?.executor?.token === token) {
req.body={...req.body,authorStatus:true}
} else if(task?.executor?.token === token) {
req.body={...req.body,executorStatus:true} req.body={...req.body,executorStatus:true}
} else { }
if (task?.author?.token === token ) {
req.body={...req.body,authorStatus:true}
} }
next() next()
}; };
/**Check if user with the given token is executor or author of task with the given dateTimeTaskId */
export const authAuthorOrExecutorOfDateTimeTask = async(req: Request,res: Response, next:NextFunction):Promise<void | express.Response<Response>>=>{ export const authAuthorOrExecutorOfDateTimeTask = async(req: Request,res: Response, next:NextFunction):Promise<void | express.Response<Response>>=>{
const token = req.get('Authorization'); const token = req.get('Authorization');
let dateTimeTaskId = null let dateTimeTaskId = null
...@@ -69,10 +78,8 @@ export const authAuthorOrExecutorOfDateTimeTask = async(req: Request,res: Respon ...@@ -69,10 +78,8 @@ export const authAuthorOrExecutorOfDateTimeTask = async(req: Request,res: Respon
req.body={...req.body,authorStatus:false} req.body={...req.body,authorStatus:false}
dateTimeTaskId = req.body.dateTimeTaskId dateTimeTaskId = req.body.dateTimeTaskId
if (req.body?.dateTimeTaskId) { if (req.body?.dateTimeTaskId) {
console.log('gotin rebody')
dateTimeTaskId = req.body.dateTimeTaskId dateTimeTaskId = req.body.dateTimeTaskId
} else if (req.params?.dateTimeTaskId){ } else if (req.params?.dateTimeTaskId){
console.log('gotin params')
dateTimeTaskId = req.params.dateTimeTaskId dateTimeTaskId = req.params.dateTimeTaskId
} else return res.send({vessage:"there are no dateTimeTaskId found"}) } else return res.send({vessage:"there are no dateTimeTaskId found"})
const task = await dataSource const task = await dataSource
...@@ -84,15 +91,12 @@ export const authAuthorOrExecutorOfDateTimeTask = async(req: Request,res: Respon ...@@ -84,15 +91,12 @@ export const authAuthorOrExecutorOfDateTimeTask = async(req: Request,res: Respon
.leftJoinAndSelect("task.author","users") .leftJoinAndSelect("task.author","users")
.where("dateTimeTask.id = :dateTimeTaskId", {dateTimeTaskId}) .where("dateTimeTask.id = :dateTimeTaskId", {dateTimeTaskId})
.getOne() .getOne()
console.log('task', task)
if (!task) return res.status(404).send({message:'task with possible user involved is not found'}) if (!task) return res.status(404).send({message:'task with possible user involved is not found'})
if(task?.executor?.token === token) { if(task?.executor?.token === token) {
console.log('executorStatus:trues')
req.body={...req.body,executorStatus:true} req.body={...req.body,executorStatus:true}
} }
if (task?.author?.token === token ) { if (task?.author?.token === token ) {
console.log('authorStatus:true')
req.body={...req.body,authorStatus:true} req.body={...req.body,authorStatus:true}
} }
next() next()
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment