#90 added auth on DateTimeTaskId search

planner-api/src/helpers.ts

@@ -62,6 +62,45 @@ export const authAuthorOrExecutorOfTask = async(req: Request,res: Response, next
     next()
 };
 
+export const authAuthorOrExecutorOfDateTimeTask = async(req: Request,res: Response, next:NextFunction):Promise<void | express.Response<Response>>=>{
+    const token = req.get('Authorization');
+    let dateTimeTaskId = null
+    req.body={...req.body,executorStatus:false}
+    req.body={...req.body,authorStatus:false}
+    dateTimeTaskId = req.body.dateTimeTaskId
+    if (req.body?.dateTimeTaskId) {
+        console.log('gotin rebody')
+        dateTimeTaskId = req.body.dateTimeTaskId
+    } else if (req.params?.dateTimeTaskId){
+        console.log('gotin params')
+        dateTimeTaskId = req.params.dateTimeTaskId
+    } else return res.send({vessage:"there are no dateTimeTaskId found"})
+    const task = await dataSource
+    .createQueryBuilder()
+    .select(["task"])
+    .from(Task,"task")
+    .leftJoinAndSelect("task.executor","user")
+    .leftJoinAndSelect("task.dateTimeTasks","dateTimeTask")
+    .leftJoinAndSelect("task.author","users")
+    .where("dateTimeTask.id = :dateTimeTaskId", {dateTimeTaskId})
+    .getOne()
+    console.log('task', task)
+    if (!task) return res.status(404).send({message:'task with possible user involved is not found'})
+
+    if(task?.executor?.token === token) {
+        console.log('executorStatus:trues')
+        req.body={...req.body,executorStatus:true}
+    }
+      if (task?.author?.token === token ) {
+        console.log('authorStatus:true')
+        req.body={...req.body,authorStatus:true}
+    }
+    next()
+}
+
+
+
+
 /**task finder by id, return one task */
 export const taskFinderById = async (taskId:string):Promise<null | Task>=>{
     const task = await dataSource

planner-api/src/routers/copyTasks.ts

@@ -5,7 +5,7 @@ import { User } from '../models/User';
 import { Member } from '../models/Member';
 import { In } from 'typeorm';
 import { DateTimeTask } from '../models/DateTimeTask';
-import { auth, authAuthorOrExecutorOfTask } from '../helpers';
+import { auth, authAuthorOrExecutorOfDateTimeTask, authAuthorOrExecutorOfTask } from '../helpers';
 const router:Router = express.Router();
 const dataSource = myDataSource;
 
@@ -42,7 +42,7 @@ router.post("/make-copy", async(req:Request, res:Response):Promise<Response>=>{
 
 /** change date time of copy of task in calendar view */
 router.put("/change-copy", authAuthorOrExecutorOfTask, async(req:Request, res: Response):Promise<Response>=>{
-    const {dateTimeTaskId, taskId, dateTimeStart, dateTimeDue, description, title, priority} = req.body
+    const {executorStatus, dateTimeTaskId, taskId, dateTimeStart, dateTimeDue, description, title, priority} = req.body
     const dateTimeTask = await dataSource
     .createQueryBuilder()
     .select('dateTimeTask')
@@ -63,9 +63,10 @@ router.put("/change-copy", authAuthorOrExecutorOfTask, async(req:Request, res: R
 })
 
 /**delete copyTask by dateTimeTaskId */
-router.delete('/:dateTimeTaskId', async(req:Request, res:Response):Promise<Response>=>{
-    // router.delete('/:dateTimeTaskId', authAuthorOrExecutorOfTask, async(req:Request, res:Response):Promise<Response>=>{
- const {dateTimeTaskId} = req.params
+router.delete('/:dateTimeTaskId',authAuthorOrExecutorOfDateTimeTask, async(req:Request, res:Response):Promise<Response|void>=>{
+    const {executorStatus} = req.body
+    if(executorStatus){
+    const {dateTimeTaskId} = req.params
     await myDataSource
     .createQueryBuilder()
     .delete()
@@ -74,6 +75,7 @@ router.delete('/:dateTimeTaskId', async(req:Request, res:Response):Promise<Respo
     .execute()
     return res.send({message:"copyTask delete succesfully"})
 }
+}
 )
 
 export default router;