copilot manager updates

Author: gondzo

src/constants.js

@@ -34,7 +34,12 @@ export const USER_ROLE = {
 
 export const ADMIN_ROLES = [USER_ROLE.CONNECT_ADMIN, USER_ROLE.TOPCODER_ADMIN];
 
-export const MANAGER_ROLES = [...ADMIN_ROLES, USER_ROLE.MANAGER, PROJECT_MEMBER_ROLE.ACCOUNT_MANAGER];
+export const MANAGER_ROLES = [
+  ...ADMIN_ROLES,
+  USER_ROLE.MANAGER,
+  USER_ROLE.TOPCODER_ACCOUNT_MANAGER,
+  USER_ROLE.COPILOT_MANAGER,
+];
 
 export const EVENT = {
   ROUTING_KEY: {
@@ -162,5 +167,8 @@ export const INVITE_STATUS = {
   PENDING: 'pending',
   ACCEPTED: 'accepted',
   REFUSED: 'refused',
+  REQUESTED: 'requested',
+  REQUEST_REJECTED: 'request_rejected',
+  REQUEST_APPROVED: 'request_approved',
   CANCELED: 'canceled',
 };

src/events/busApi.js

@@ -697,15 +697,16 @@ module.exports = (app, logger) => {
     }
   });
 
-  app.on(EVENT.ROUTING_KEY.PROJECT_MEMBER_INVITE_CREATED, ({ req, userId, email, role }) => {
+  app.on(EVENT.ROUTING_KEY.PROJECT_MEMBER_INVITE_CREATED, ({ req, userId, email, status, role }) => {
     logger.debug('receive PROJECT_MEMBER_INVITE_CREATED event');
     const projectId = _.parseInt(req.params.projectId);
 
-    if (role === PROJECT_MEMBER_ROLE.COPILOT) {
+    if (status === INVITE_STATUS.REQUESTED) {
       createEvent(BUS_API_EVENT.PROJECT_MEMBER_INVITE_REQUESTED, {
         projectId,
         userId,
         email,
+        role,
         initiatorUserId: req.authUser.userId,
       }, logger);
     } else {
@@ -714,6 +715,7 @@ module.exports = (app, logger) => {
         projectId,
         userId,
         email,
+        role,
         initiatorUserId: req.authUser.userId,
       }, logger);
     }
@@ -723,23 +725,25 @@ module.exports = (app, logger) => {
     logger.debug('receive PROJECT_MEMBER_INVITE_UPDATED event');
     const projectId = _.parseInt(req.params.projectId);
 
-    if (role === PROJECT_MEMBER_ROLE.COPILOT && status === INVITE_STATUS.ACCEPTED) {
+    if (status === INVITE_STATUS.REQUEST_APPROVED) {
       // send event to bus api
       createEvent(BUS_API_EVENT.PROJECT_MEMBER_INVITE_APPROVED, {
         projectId,
         userId,
         originator: createdBy,
         email,
+        role,
         status,
         initiatorUserId: req.authUser.userId,
       }, logger);
-    } else if (role === PROJECT_MEMBER_ROLE.COPILOT && status === INVITE_STATUS.REFUSED) {
+    } else if (status === INVITE_STATUS.REQUEST_REJECTED) {
       // send event to bus api
       createEvent(BUS_API_EVENT.PROJECT_MEMBER_INVITE_REJECTED, {
         projectId,
         userId,
         originator: createdBy,
         email,
+        role,
         status,
         initiatorUserId: req.authUser.userId,
       }, logger);
@@ -749,6 +753,7 @@ module.exports = (app, logger) => {
         projectId,
         userId,
         email,
+        role,
         status,
         initiatorUserId: req.authUser.userId,
       }, logger);

src/models/projectMemberInvite.js

@@ -55,6 +55,15 @@ module.exports = function defineProjectMemberInvite(sequelize, DataTypes) {
           raw: true,
         });
       },
+      getPendingAndReguestedInvitesForProject(projectId) {
+        return this.findAll({
+          where: {
+            projectId,
+            status: { $in: [INVITE_STATUS.PENDING, INVITE_STATUS.REQUESTED] },
+          },
+          raw: true,
+        });
+      },
       getPendingInviteByEmailOrUserId(projectId, email, userId) {
         const where = { projectId, status: INVITE_STATUS.PENDING };
 
@@ -69,6 +78,16 @@ module.exports = function defineProjectMemberInvite(sequelize, DataTypes) {
           where,
         });
       },
+      getRequestedInvite(projectId, userId) {
+        const where = { projectId, status: INVITE_STATUS.REQUESTED };
+
+        if (userId) {
+          _.assign(where, { userId });
+        }
+        return this.findOne({
+          where,
+        });
+      },
       getProjectInvitesForUser(email, userId) {
         const where = { status: INVITE_STATUS.PENDING };
 

src/permissions/project.edit.js

@@ -3,7 +3,7 @@
 import _ from 'lodash';
 import util from '../util';
 import models from '../models';
-import { USER_ROLE } from '../constants';
+import { MANAGER_ROLES } from '../constants';
 
 /**
  * Super admin, Topcoder Managers are allowed to edit any project
@@ -20,7 +20,7 @@ module.exports = freq => new Promise((resolve, reject) => {
         req.context.currentProjectMembers = members;
         // check if auth user has acecss to this project
         const hasAccess = util.hasAdminRole(req)
-          || util.hasRole(req, USER_ROLE.MANAGER)
+          || util.hasRoles(req, MANAGER_ROLES)
           || !_.isUndefined(_.find(members, m => m.userId === req.authUser.userId));
 
         if (!hasAccess) {

src/permissions/project.view.js

@@ -2,7 +2,7 @@
 import _ from 'lodash';
 import util from '../util';
 import models from '../models';
-import { USER_ROLE, PROJECT_STATUS, PROJECT_MEMBER_ROLE } from '../constants';
+import { USER_ROLE, PROJECT_STATUS, PROJECT_MEMBER_ROLE, MANAGER_ROLES } from '../constants';
 
 /**
  * Super admin, Topcoder Managers are allowed to view any projects
@@ -21,8 +21,7 @@ module.exports = freq => new Promise((resolve, reject) => {
         req.context.currentProjectMembers = members;
         // check if auth user has acecss to this project
         const hasAccess = util.hasAdminRole(req)
-          || util.hasRole(req, USER_ROLE.MANAGER)
-          || util.hasRole(req, USER_ROLE.TOPCODER_ACCOUNT_MANAGER)
+          || util.hasRoles(req, MANAGER_ROLES)
           || !_.isUndefined(_.find(members, m => m.userId === currentUserId));
 
         // if user is co-pilot and the project doesn't have any copilots then

src/routes/projectMemberInvites/create.js

@@ -8,7 +8,7 @@ import { middleware as tcMiddleware } from 'tc-core-library-js';
 import models from '../../models';
 import util from '../../util';
 import { PROJECT_MEMBER_ROLE, PROJECT_MEMBER_MANAGER_ROLES,
-  MANAGER_ROLES, INVITE_STATUS, EVENT, BUS_API_EVENT } from '../../constants';
+  MANAGER_ROLES, INVITE_STATUS, EVENT, BUS_API_EVENT, USER_ROLE } from '../../constants';
 import { createEvent } from '../../services/busApi';
 
 
@@ -224,7 +224,11 @@ module.exports = [
           const data = {
             projectId,
             role: invite.role,
-            status: INVITE_STATUS.PENDING,
+            // invite directly if user is admin or copilot manager
+            status: (invite.role !== PROJECT_MEMBER_ROLE.COPILOT ||
+                    util.hasRoles(req, [USER_ROLE.CONNECT_ADMIN, USER_ROLE.COPILOT_MANAGER]))
+                      ? INVITE_STATUS.PENDING
+                      : INVITE_STATUS.REQUESTED,
             createdBy: req.authUser.userId,
             updatedBy: req.authUser.userId,
           };
@@ -243,6 +247,7 @@ module.exports = [
                       req,
                       userId: v.userId,
                       email: v.email,
+                      status: v.status,
                       role: v.role,
                     });
                     req.app.services.pubsub.publish(
@@ -251,7 +256,7 @@ module.exports = [
                             { correlationId: req.id },
                         );
                     // send email invite (async)
-                    if (v.email && !v.userId && v.role !== PROJECT_MEMBER_ROLE.COPILOT) {
+                    if (v.email && !v.userId && v.status === INVITE_STATUS.PENDING) {
                       sendInviteEmail(req, projectId, v);
                     }
                   });

src/routes/projectMemberInvites/update.js

@@ -44,13 +44,17 @@ module.exports = [
     }
 
     let invite;
+    let requestedInvite;
     return models.ProjectMemberInvite.getPendingInviteByEmailOrUserId(
       projectId,
       putInvite.email,
       putInvite.userId,
     ).then((_invite) => {
       invite = _invite;
-      if (!invite) {
+    }).then(() => models.ProjectMemberInvite.getRequestedInvite(projectId, putInvite.userId))
+    .then((_requestedInvite) => {
+      requestedInvite = _requestedInvite;
+      if (!invite && !requestedInvite) {
         // check there is an existing invite for the user with status PENDING
         // handle 404
         const err = new Error(
@@ -60,18 +64,20 @@ module.exports = [
         return next(err);
       }
 
+      invite = invite || requestedInvite;
+
       req.log.debug('Chekcing user permission for updating invite');
       let error = null;
-      if (putInvite.status === INVITE_STATUS.CANCELED) {
+      if (invite.status === INVITE_STATUS.REQUESTED &&
+          !util.hasRoles(req, [USER_ROLE.CONNECT_ADMIN, USER_ROLE.COPILOT_MANAGER])) {
+        error = 'Requested invites can only be updated by Copilot manager';
+      } else if (putInvite.status === INVITE_STATUS.CANCELED) {
         if (!util.hasRoles(req, MANAGER_ROLES) && invite.role !== PROJECT_MEMBER_ROLE.CUSTOMER) {
           error = `Project members can cancel invites only for ${PROJECT_MEMBER_ROLE.CUSTOMER}`;
         }
-      } else if ((!!invite.role && invite.role === PROJECT_MEMBER_ROLE.COPILOT) &&
-                !req.authUser.roles.includes(USER_ROLE.COPILOT_MANAGER)) {
-        error = 'Only Connect copilot manager can add copilots';
       } else if (((!!putInvite.userId && putInvite.userId !== req.authUser.userId) ||
                  (!!putInvite.email && putInvite.email !== req.authUser.email)) &&
-                 (!!invite.role && invite.role !== PROJECT_MEMBER_ROLE.COPILOT)) {
+                 !util.hasRoles(req, [USER_ROLE.CONNECT_ADMIN, USER_ROLE.COPILOT_MANAGER])) {
         error = 'Project members can only update invites for themselves';
       }
 
@@ -101,7 +107,8 @@ module.exports = [
 
           req.log.debug('Adding user to project');
           // add user to project if accept invite
-          if (updatedInvite.status === INVITE_STATUS.ACCEPTED) {
+          if (updatedInvite.status === INVITE_STATUS.ACCEPTED ||
+              updatedInvite.status === INVITE_STATUS.REQUEST_APPROVED) {
             return models.ProjectMember.getActiveProjectMembers(projectId)
               .then((members) => {
                 req.context = req.context || {};

src/routes/projectMemberInvites/update.spec.js

@@ -62,7 +62,7 @@ describe('Project member invite update', () => {
               });
               models.ProjectMemberInvite.create({
                 projectId: project1.id,
-                userId: 40051332,
+                userId: 40051334,
                 email: null,
                 role: PROJECT_MEMBER_ROLE.MANAGER,
                 status: INVITE_STATUS.PENDING,
@@ -79,7 +79,7 @@ describe('Project member invite update', () => {
                   userId: 40051332,
                   email: null,
                   role: PROJECT_MEMBER_ROLE.COPILOT,
-                  status: INVITE_STATUS.PENDING,
+                  status: INVITE_STATUS.REQUESTED,
                   createdBy: 1,
                   updatedBy: 1,
                   createdAt: '2016-06-30 00:33:07+00',
@@ -298,7 +298,7 @@ describe('Project member invite update', () => {
             should.exist(resJson);
             res.body.result.status.should.equal(403);
             const errorMessage = _.get(resJson, 'message', '');
-            sinon.assert.match(errorMessage, 'Only Connect copilot manager can add copilots');
+            sinon.assert.match(errorMessage, 'Requested invites can only be updated by Copilot manager');
             done();
           }
         });

src/routes/projects/create.js

@@ -7,7 +7,8 @@ import config from 'config';
 import moment from 'moment';
 
 import models from '../../models';
-import { PROJECT_MEMBER_ROLE, PROJECT_STATUS, PROJECT_PHASE_STATUS, USER_ROLE, EVENT, REGEX } from '../../constants';
+import { PROJECT_MEMBER_ROLE, MANAGER_ROLES, PROJECT_STATUS, PROJECT_PHASE_STATUS,
+  EVENT, REGEX } from '../../constants';
 import fieldLookupValidation from '../../middlewares/fieldLookupValidation';
 import util from '../../util';
 import directProject from '../../services/directProject';
@@ -197,7 +198,7 @@ module.exports = [
   (req, res, next) => {
     const project = req.body.param;
     // by default connect admin and managers joins projects as manager
-    const userRole = util.hasRoles(req, [USER_ROLE.CONNECT_ADMIN, USER_ROLE.MANAGER])
+    const userRole = util.hasRoles(req, MANAGER_ROLES)
       ? PROJECT_MEMBER_ROLE.MANAGER
       : PROJECT_MEMBER_ROLE.CUSTOMER;
     // set defaults

src/routes/projects/get.js

@@ -64,7 +64,7 @@ module.exports = [
         if (attachments) {
           project.attachments = attachments;
         }
-        return models.ProjectMemberInvite.getPendingInvitesForProject(projectId);
+        return models.ProjectMemberInvite.getPendingAndReguestedInvitesForProject(projectId);
       })
       .then((invites) => {
         project.invites = invites;