Add session handling for teams and related
This commit is contained in:
parent
7b1d838997
commit
0cc2a4fbd1
GPG Key ID:
F40E70337AB24C9B
|
|
@ -282,7 +282,7 @@ func (ld *ListDuplicate) Create(s *xorm.Session, a web.Auth) (err error) {
|
|||
if up != nil {
|
||||
up.ID = 0
|
||||
up.FileID = file.ID
|
||||
if err := up.Save(); err != nil {
|
||||
if err := up.Save(s); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -77,7 +77,7 @@ func (tl *TeamList) Create(s *xorm.Session, a web.Auth) (err error) {
|
|||
}
|
||||
|
||||
// Check if the team exists
|
||||
_, err = GetTeamByID(tl.TeamID)
|
||||
_, err = GetTeamByID(s, tl.TeamID)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
|
@ -125,7 +125,7 @@ func (tl *TeamList) Create(s *xorm.Session, a web.Auth) (err error) {
|
|||
func (tl *TeamList) Delete(s *xorm.Session) (err error) {
|
||||
|
||||
// Check if the team exists
|
||||
_, err = GetTeamByID(tl.TeamID)
|
||||
_, err = GetTeamByID(s, tl.TeamID)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
|
@ -201,7 +201,7 @@ func (tl *TeamList) ReadAll(s *xorm.Session, a web.Auth, search string, page int
|
|||
teams = append(teams, &t.Team)
|
||||
}
|
||||
|
||||
err = addMoreInfoToTeams(teams)
|
||||
err = addMoreInfoToTeams(s, teams)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
|
|
|||
|
|
@ -71,7 +71,7 @@ func (tn *TeamNamespace) Create(s *xorm.Session, a web.Auth) (err error) {
|
|||
}
|
||||
|
||||
// Check if the team exists
|
||||
_, err = GetTeamByID(tn.TeamID)
|
||||
_, err = GetTeamByID(s, tn.TeamID)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
|
@ -115,7 +115,7 @@ func (tn *TeamNamespace) Create(s *xorm.Session, a web.Auth) (err error) {
|
|||
func (tn *TeamNamespace) Delete(s *xorm.Session) (err error) {
|
||||
|
||||
// Check if the team exists
|
||||
_, err = GetTeamByID(tn.TeamID)
|
||||
_, err = GetTeamByID(s, tn.TeamID)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
|
@ -189,7 +189,7 @@ func (tn *TeamNamespace) ReadAll(s *xorm.Session, a web.Auth, search string, pag
|
|||
teams = append(teams, &t.Team)
|
||||
}
|
||||
|
||||
err = addMoreInfoToTeams(teams)
|
||||
err = addMoreInfoToTeams(s, teams)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
|
|
|||
|
|
@ -19,6 +19,7 @@ package models
|
|||
import (
|
||||
user2 "code.vikunja.io/api/pkg/user"
|
||||
"code.vikunja.io/web"
|
||||
"xorm.io/xorm"
|
||||
)
|
||||
|
||||
// Create implements the create method to assign a user to a team
|
||||
|
|
@ -35,10 +36,10 @@ import (
|
|||
// @Failure 403 {object} web.HTTPError "The user does not have access to the team"
|
||||
// @Failure 500 {object} models.Message "Internal error"
|
||||
// @Router /teams/{id}/members [put]
|
||||
func (tm *TeamMember) Create(a web.Auth) (err error) {
|
||||
func (tm *TeamMember) Create(s *xorm.Session, a web.Auth) (err error) {
|
||||
|
||||
// Check if the team extst
|
||||
_, err = GetTeamByID(tm.TeamID)
|
||||
_, err = GetTeamByID(s, tm.TeamID)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
|
@ -51,7 +52,8 @@ func (tm *TeamMember) Create(a web.Auth) (err error) {
|
|||
tm.UserID = user.ID
|
||||
|
||||
// Check if that user is already part of the team
|
||||
exists, err := x.Where("team_id = ? AND user_id = ?", tm.TeamID, tm.UserID).
|
||||
exists, err := s.
|
||||
Where("team_id = ? AND user_id = ?", tm.TeamID, tm.UserID).
|
||||
Get(&TeamMember{})
|
||||
if err != nil {
|
||||
return
|
||||
|
|
@ -61,7 +63,7 @@ func (tm *TeamMember) Create(a web.Auth) (err error) {
|
|||
}
|
||||
|
||||
// Insert the user
|
||||
_, err = x.Insert(tm)
|
||||
_, err = s.Insert(tm)
|
||||
return
|
||||
}
|
||||
|
||||
|
|
@ -76,9 +78,9 @@ func (tm *TeamMember) Create(a web.Auth) (err error) {
|
|||
// @Success 200 {object} models.Message "The user was successfully removed from the team."
|
||||
// @Failure 500 {object} models.Message "Internal error"
|
||||
// @Router /teams/{id}/members/{userID} [delete]
|
||||
func (tm *TeamMember) Delete() (err error) {
|
||||
func (tm *TeamMember) Delete(s *xorm.Session) (err error) {
|
||||
|
||||
total, err := x.Where("team_id = ?", tm.TeamID).Count(&TeamMember{})
|
||||
total, err := s.Where("team_id = ?", tm.TeamID).Count(&TeamMember{})
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
|
@ -93,7 +95,7 @@ func (tm *TeamMember) Delete() (err error) {
|
|||
}
|
||||
tm.UserID = user.ID
|
||||
|
||||
_, err = x.Where("team_id = ? AND user_id = ?", tm.TeamID, tm.UserID).Delete(&TeamMember{})
|
||||
_, err = s.Where("team_id = ? AND user_id = ?", tm.TeamID, tm.UserID).Delete(&TeamMember{})
|
||||
return
|
||||
}
|
||||
|
||||
|
|
@ -108,7 +110,7 @@ func (tm *TeamMember) Delete() (err error) {
|
|||
// @Success 200 {object} models.Message "The member right was successfully changed."
|
||||
// @Failure 500 {object} models.Message "Internal error"
|
||||
// @Router /teams/{id}/members/{userID}/admin [post]
|
||||
func (tm *TeamMember) Update() (err error) {
|
||||
func (tm *TeamMember) Update(s *xorm.Session) (err error) {
|
||||
// Find the numeric user id
|
||||
user, err := user2.GetUserByUsername(tm.Username)
|
||||
if err != nil {
|
||||
|
|
@ -118,7 +120,7 @@ func (tm *TeamMember) Update() (err error) {
|
|||
|
||||
// Get the full member object and change the admin right
|
||||
ttm := &TeamMember{}
|
||||
_, err = x.
|
||||
_, err = s.
|
||||
Where("team_id = ? AND user_id = ?", tm.TeamID, tm.UserID).
|
||||
Get(ttm)
|
||||
if err != nil {
|
||||
|
|
@ -127,7 +129,7 @@ func (tm *TeamMember) Update() (err error) {
|
|||
ttm.Admin = !ttm.Admin
|
||||
|
||||
// Do the update
|
||||
_, err = x.
|
||||
_, err = s.
|
||||
Where("team_id = ? AND user_id = ?", tm.TeamID, tm.UserID).
|
||||
Cols("admin").
|
||||
Update(ttm)
|
||||
|
|
|
|||
|
|
@ -18,32 +18,34 @@ package models
|
|||
|
||||
import (
|
||||
"code.vikunja.io/web"
|
||||
"xorm.io/xorm"
|
||||
)
|
||||
|
||||
// CanCreate checks if the user can add a new tem member
|
||||
func (tm *TeamMember) CanCreate(a web.Auth) (bool, error) {
|
||||
return tm.IsAdmin(a)
|
||||
func (tm *TeamMember) CanCreate(s *xorm.Session, a web.Auth) (bool, error) {
|
||||
return tm.IsAdmin(s, a)
|
||||
}
|
||||
|
||||
// CanDelete checks if the user can delete a new team member
|
||||
func (tm *TeamMember) CanDelete(a web.Auth) (bool, error) {
|
||||
return tm.IsAdmin(a)
|
||||
func (tm *TeamMember) CanDelete(s *xorm.Session, a web.Auth) (bool, error) {
|
||||
return tm.IsAdmin(s, a)
|
||||
}
|
||||
|
||||
// CanUpdate checks if the user can modify a team member's right
|
||||
func (tm *TeamMember) CanUpdate(a web.Auth) (bool, error) {
|
||||
return tm.IsAdmin(a)
|
||||
func (tm *TeamMember) CanUpdate(s *xorm.Session, a web.Auth) (bool, error) {
|
||||
return tm.IsAdmin(s, a)
|
||||
}
|
||||
|
||||
// IsAdmin checks if the user is team admin
|
||||
func (tm *TeamMember) IsAdmin(a web.Auth) (bool, error) {
|
||||
func (tm *TeamMember) IsAdmin(s *xorm.Session, a web.Auth) (bool, error) {
|
||||
// Don't allow anything if we're dealing with a list share here
|
||||
if _, is := a.(*LinkSharing); is {
|
||||
return false, nil
|
||||
}
|
||||
|
||||
// A user can add a member to a team if he is admin of that team
|
||||
exists, err := x.Where("user_id = ? AND team_id = ? AND admin = ?", a.GetID(), tm.TeamID, true).
|
||||
exists, err := s.
|
||||
Where("user_id = ? AND team_id = ? AND admin = ?", a.GetID(), tm.TeamID, true).
|
||||
Get(&TeamMember{})
|
||||
return exists, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -32,12 +32,18 @@ func TestTeamMember_Create(t *testing.T) {
|
|||
|
||||
t.Run("normal", func(t *testing.T) {
|
||||
db.LoadAndAssertFixtures(t)
|
||||
s := x.NewSession()
|
||||
defer s.Close()
|
||||
|
||||
tm := &TeamMember{
|
||||
TeamID: 1,
|
||||
Username: "user3",
|
||||
}
|
||||
err := tm.Create(doer)
|
||||
err := tm.Create(s, doer)
|
||||
assert.NoError(t, err)
|
||||
err = s.Commit()
|
||||
assert.NoError(t, err)
|
||||
|
||||
db.AssertExists(t, "team_members", map[string]interface{}{
|
||||
"id": tm.ID,
|
||||
"team_id": 1,
|
||||
|
|
@ -46,31 +52,40 @@ func TestTeamMember_Create(t *testing.T) {
|
|||
})
|
||||
t.Run("already existing", func(t *testing.T) {
|
||||
db.LoadAndAssertFixtures(t)
|
||||
s := x.NewSession()
|
||||
defer s.Close()
|
||||
|
||||
tm := &TeamMember{
|
||||
TeamID: 1,
|
||||
Username: "user1",
|
||||
}
|
||||
err := tm.Create(doer)
|
||||
err := tm.Create(s, doer)
|
||||
assert.Error(t, err)
|
||||
assert.True(t, IsErrUserIsMemberOfTeam(err))
|
||||
})
|
||||
t.Run("nonexisting user", func(t *testing.T) {
|
||||
db.LoadAndAssertFixtures(t)
|
||||
s := x.NewSession()
|
||||
defer s.Close()
|
||||
|
||||
tm := &TeamMember{
|
||||
TeamID: 1,
|
||||
Username: "nonexistinguser",
|
||||
}
|
||||
err := tm.Create(doer)
|
||||
err := tm.Create(s, doer)
|
||||
assert.Error(t, err)
|
||||
assert.True(t, user.IsErrUserDoesNotExist(err))
|
||||
})
|
||||
t.Run("nonexisting team", func(t *testing.T) {
|
||||
db.LoadAndAssertFixtures(t)
|
||||
s := x.NewSession()
|
||||
defer s.Close()
|
||||
|
||||
tm := &TeamMember{
|
||||
TeamID: 9999999,
|
||||
Username: "user1",
|
||||
}
|
||||
err := tm.Create(doer)
|
||||
err := tm.Create(s, doer)
|
||||
assert.Error(t, err)
|
||||
assert.True(t, IsErrTeamDoesNotExist(err))
|
||||
})
|
||||
|
|
@ -79,12 +94,18 @@ func TestTeamMember_Create(t *testing.T) {
|
|||
func TestTeamMember_Delete(t *testing.T) {
|
||||
t.Run("normal", func(t *testing.T) {
|
||||
db.LoadAndAssertFixtures(t)
|
||||
s := x.NewSession()
|
||||
defer s.Close()
|
||||
|
||||
tm := &TeamMember{
|
||||
TeamID: 1,
|
||||
Username: "user1",
|
||||
}
|
||||
err := tm.Delete()
|
||||
err := tm.Delete(s)
|
||||
assert.NoError(t, err)
|
||||
err = s.Commit()
|
||||
assert.NoError(t, err)
|
||||
|
||||
db.AssertMissing(t, "team_members", map[string]interface{}{
|
||||
"team_id": 1,
|
||||
"user_id": 1,
|
||||
|
|
@ -95,14 +116,20 @@ func TestTeamMember_Delete(t *testing.T) {
|
|||
func TestTeamMember_Update(t *testing.T) {
|
||||
t.Run("normal", func(t *testing.T) {
|
||||
db.LoadAndAssertFixtures(t)
|
||||
s := x.NewSession()
|
||||
defer s.Close()
|
||||
|
||||
tm := &TeamMember{
|
||||
TeamID: 1,
|
||||
Username: "user1",
|
||||
Admin: true,
|
||||
}
|
||||
err := tm.Update()
|
||||
err := tm.Update(s)
|
||||
assert.NoError(t, err)
|
||||
assert.False(t, tm.Admin) // Since this endpoint toggles the right, we should get a false for admin back.
|
||||
err = s.Commit()
|
||||
assert.NoError(t, err)
|
||||
|
||||
db.AssertExists(t, "team_members", map[string]interface{}{
|
||||
"team_id": 1,
|
||||
"user_id": 1,
|
||||
|
|
@ -113,14 +140,20 @@ func TestTeamMember_Update(t *testing.T) {
|
|||
// should ignore what was passed.
|
||||
t.Run("explicitly false in payload", func(t *testing.T) {
|
||||
db.LoadAndAssertFixtures(t)
|
||||
s := x.NewSession()
|
||||
defer s.Close()
|
||||
|
||||
tm := &TeamMember{
|
||||
TeamID: 1,
|
||||
Username: "user1",
|
||||
Admin: true,
|
||||
}
|
||||
err := tm.Update()
|
||||
err := tm.Update(s)
|
||||
assert.NoError(t, err)
|
||||
assert.False(t, tm.Admin)
|
||||
err = s.Commit()
|
||||
assert.NoError(t, err)
|
||||
|
||||
db.AssertExists(t, "team_members", map[string]interface{}{
|
||||
"team_id": 1,
|
||||
"user_id": 1,
|
||||
|
|
|
|||
|
|
@ -18,6 +18,7 @@ package models
|
|||
|
||||
import (
|
||||
"time"
|
||||
"xorm.io/xorm"
|
||||
|
||||
"code.vikunja.io/api/pkg/metrics"
|
||||
"code.vikunja.io/api/pkg/user"
|
||||
|
|
@ -54,10 +55,6 @@ func (Team) TableName() string {
|
|||
return "teams"
|
||||
}
|
||||
|
||||
// AfterLoad gets the created by user object
|
||||
func (t *Team) AfterLoad() {
|
||||
}
|
||||
|
||||
// TeamMember defines the relationship between a user and a team
|
||||
type TeamMember struct {
|
||||
// The unique, numeric id of this team member relation.
|
||||
|
|
@ -92,14 +89,14 @@ type TeamUser struct {
|
|||
}
|
||||
|
||||
// GetTeamByID gets a team by its ID
|
||||
func GetTeamByID(id int64) (team *Team, err error) {
|
||||
func GetTeamByID(s *xorm.Session, id int64) (team *Team, err error) {
|
||||
if id < 1 {
|
||||
return team, ErrTeamDoesNotExist{id}
|
||||
}
|
||||
|
||||
t := Team{}
|
||||
|
||||
exists, err := x.
|
||||
exists, err := s.
|
||||
Where("id = ?", id).
|
||||
Get(&t)
|
||||
if err != nil {
|
||||
|
|
@ -110,7 +107,7 @@ func GetTeamByID(id int64) (team *Team, err error) {
|
|||
}
|
||||
|
||||
teamSlice := []*Team{&t}
|
||||
err = addMoreInfoToTeams(teamSlice)
|
||||
err = addMoreInfoToTeams(s, teamSlice)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
|
@ -120,7 +117,7 @@ func GetTeamByID(id int64) (team *Team, err error) {
|
|||
return
|
||||
}
|
||||
|
||||
func addMoreInfoToTeams(teams []*Team) (err error) {
|
||||
func addMoreInfoToTeams(s *xorm.Session, teams []*Team) (err error) {
|
||||
// Put the teams in a map to make assigning more info to it more efficient
|
||||
teamMap := make(map[int64]*Team, len(teams))
|
||||
var teamIDs []int64
|
||||
|
|
@ -133,7 +130,8 @@ func addMoreInfoToTeams(teams []*Team) (err error) {
|
|||
|
||||
// Get all owners and team members
|
||||
users := make(map[int64]*TeamUser)
|
||||
err = x.Select("*").
|
||||
err = s.
|
||||
Select("*").
|
||||
Table("users").
|
||||
Join("LEFT", "team_members", "team_members.user_id = users.id").
|
||||
Join("LEFT", "teams", "team_members.team_id = teams.id").
|
||||
|
|
@ -178,8 +176,8 @@ func addMoreInfoToTeams(teams []*Team) (err error) {
|
|||
// @Failure 403 {object} web.HTTPError "The user does not have access to the team"
|
||||
// @Failure 500 {object} models.Message "Internal error"
|
||||
// @Router /teams/{id} [get]
|
||||
func (t *Team) ReadOne() (err error) {
|
||||
team, err := GetTeamByID(t.ID)
|
||||
func (t *Team) ReadOne(s *xorm.Session) (err error) {
|
||||
team, err := GetTeamByID(s, t.ID)
|
||||
if team != nil {
|
||||
*t = *team
|
||||
}
|
||||
|
|
@ -199,7 +197,7 @@ func (t *Team) ReadOne() (err error) {
|
|||
// @Success 200 {array} models.Team "The teams."
|
||||
// @Failure 500 {object} models.Message "Internal error"
|
||||
// @Router /teams [get]
|
||||
func (t *Team) ReadAll(a web.Auth, search string, page int, perPage int) (result interface{}, resultCount int, numberOfTotalItems int64, err error) {
|
||||
func (t *Team) ReadAll(s *xorm.Session, a web.Auth, search string, page int, perPage int) (result interface{}, resultCount int, numberOfTotalItems int64, err error) {
|
||||
if _, is := a.(*LinkSharing); is {
|
||||
return nil, 0, 0, ErrGenericForbidden{}
|
||||
}
|
||||
|
|
@ -207,7 +205,7 @@ func (t *Team) ReadAll(a web.Auth, search string, page int, perPage int) (result
|
|||
limit, start := getLimitFromPageIndex(page, perPage)
|
||||
|
||||
all := []*Team{}
|
||||
query := x.Select("teams.*").
|
||||
query := s.Select("teams.*").
|
||||
Table("teams").
|
||||
Join("INNER", "team_members", "team_members.team_id = teams.id").
|
||||
Where("team_members.user_id = ?", a.GetID()).
|
||||
|
|
@ -220,12 +218,12 @@ func (t *Team) ReadAll(a web.Auth, search string, page int, perPage int) (result
|
|||
return nil, 0, 0, err
|
||||
}
|
||||
|
||||
err = addMoreInfoToTeams(all)
|
||||
err = addMoreInfoToTeams(s, all)
|
||||
if err != nil {
|
||||
return nil, 0, 0, err
|
||||
}
|
||||
|
||||
numberOfTotalItems, err = x.
|
||||
numberOfTotalItems, err = s.
|
||||
Table("teams").
|
||||
Join("INNER", "team_members", "team_members.team_id = teams.id").
|
||||
Where("team_members.user_id = ?", a.GetID()).
|
||||
|
|
@ -246,7 +244,7 @@ func (t *Team) ReadAll(a web.Auth, search string, page int, perPage int) (result
|
|||
// @Failure 400 {object} web.HTTPError "Invalid team object provided."
|
||||
// @Failure 500 {object} models.Message "Internal error"
|
||||
// @Router /teams [put]
|
||||
func (t *Team) Create(a web.Auth) (err error) {
|
||||
func (t *Team) Create(s *xorm.Session, a web.Auth) (err error) {
|
||||
doer, err := user.GetFromAuth(a)
|
||||
if err != nil {
|
||||
return err
|
||||
|
|
@ -260,14 +258,14 @@ func (t *Team) Create(a web.Auth) (err error) {
|
|||
t.CreatedByID = doer.ID
|
||||
t.CreatedBy = doer
|
||||
|
||||
_, err = x.Insert(t)
|
||||
_, err = s.Insert(t)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
||||
// Insert the current user as member and admin
|
||||
tm := TeamMember{TeamID: t.ID, Username: doer.Username, Admin: true}
|
||||
if err = tm.Create(doer); err != nil {
|
||||
if err = tm.Create(s, doer); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
|
|
@ -286,28 +284,28 @@ func (t *Team) Create(a web.Auth) (err error) {
|
|||
// @Failure 400 {object} web.HTTPError "Invalid team object provided."
|
||||
// @Failure 500 {object} models.Message "Internal error"
|
||||
// @Router /teams/{id} [delete]
|
||||
func (t *Team) Delete() (err error) {
|
||||
func (t *Team) Delete(s *xorm.Session) (err error) {
|
||||
|
||||
// Delete the team
|
||||
_, err = x.ID(t.ID).Delete(&Team{})
|
||||
_, err = s.ID(t.ID).Delete(&Team{})
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
||||
// Delete team members
|
||||
_, err = x.Where("team_id = ?", t.ID).Delete(&TeamMember{})
|
||||
_, err = s.Where("team_id = ?", t.ID).Delete(&TeamMember{})
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
||||
// Delete team <-> namespace relations
|
||||
_, err = x.Where("team_id = ?", t.ID).Delete(&TeamNamespace{})
|
||||
_, err = s.Where("team_id = ?", t.ID).Delete(&TeamNamespace{})
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
||||
// Delete team <-> lists relations
|
||||
_, err = x.Where("team_id = ?", t.ID).Delete(&TeamList{})
|
||||
_, err = s.Where("team_id = ?", t.ID).Delete(&TeamList{})
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
|
@ -329,14 +327,14 @@ func (t *Team) Delete() (err error) {
|
|||
// @Failure 400 {object} web.HTTPError "Invalid team object provided."
|
||||
// @Failure 500 {object} models.Message "Internal error"
|
||||
// @Router /teams/{id} [post]
|
||||
func (t *Team) Update() (err error) {
|
||||
func (t *Team) Update(s *xorm.Session) (err error) {
|
||||
// Check if we have a name
|
||||
if t.Name == "" {
|
||||
return ErrTeamNameCannotBeEmpty{}
|
||||
}
|
||||
|
||||
// Check if the team exists
|
||||
_, err = GetTeamByID(t.ID)
|
||||
_, err = GetTeamByID(s, t.ID)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
|
@ -347,7 +345,7 @@ func (t *Team) Update() (err error) {
|
|||
}
|
||||
|
||||
// Get the newly updated team
|
||||
team, err := GetTeamByID(t.ID)
|
||||
team, err := GetTeamByID(s, t.ID)
|
||||
if team != nil {
|
||||
*t = *team
|
||||
}
|
||||
|
|
|
|||
|
|
@ -18,10 +18,11 @@ package models
|
|||
|
||||
import (
|
||||
"code.vikunja.io/web"
|
||||
"xorm.io/xorm"
|
||||
)
|
||||
|
||||
// CanCreate checks if the user can create a new team
|
||||
func (t *Team) CanCreate(a web.Auth) (bool, error) {
|
||||
func (t *Team) CanCreate(s *xorm.Session, a web.Auth) (bool, error) {
|
||||
if _, is := a.(*LinkSharing); is {
|
||||
return false, nil
|
||||
}
|
||||
|
|
@ -31,39 +32,40 @@ func (t *Team) CanCreate(a web.Auth) (bool, error) {
|
|||
}
|
||||
|
||||
// CanUpdate checks if the user can update a team
|
||||
func (t *Team) CanUpdate(a web.Auth) (bool, error) {
|
||||
return t.IsAdmin(a)
|
||||
func (t *Team) CanUpdate(s *xorm.Session, a web.Auth) (bool, error) {
|
||||
return t.IsAdmin(s, a)
|
||||
}
|
||||
|
||||
// CanDelete checks if a user can delete a team
|
||||
func (t *Team) CanDelete(a web.Auth) (bool, error) {
|
||||
return t.IsAdmin(a)
|
||||
func (t *Team) CanDelete(s *xorm.Session, a web.Auth) (bool, error) {
|
||||
return t.IsAdmin(s, a)
|
||||
}
|
||||
|
||||
// IsAdmin returns true when the user is admin of a team
|
||||
func (t *Team) IsAdmin(a web.Auth) (bool, error) {
|
||||
func (t *Team) IsAdmin(s *xorm.Session, a web.Auth) (bool, error) {
|
||||
// Don't do anything if we're deadling with a link share auth here
|
||||
if _, is := a.(*LinkSharing); is {
|
||||
return false, nil
|
||||
}
|
||||
|
||||
// Check if the team exists to be able to return a proper error message if not
|
||||
_, err := GetTeamByID(t.ID)
|
||||
_, err := GetTeamByID(s, t.ID)
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
|
||||
return x.Where("team_id = ?", t.ID).
|
||||
return s.Where("team_id = ?", t.ID).
|
||||
And("user_id = ?", a.GetID()).
|
||||
And("admin = ?", true).
|
||||
Get(&TeamMember{})
|
||||
}
|
||||
|
||||
// CanRead returns true if the user has read access to the team
|
||||
func (t *Team) CanRead(a web.Auth) (bool, int, error) {
|
||||
func (t *Team) CanRead(s *xorm.Session, a web.Auth) (bool, int, error) {
|
||||
// Check if the user is in the team
|
||||
tm := &TeamMember{}
|
||||
can, err := x.Where("team_id = ?", t.ID).
|
||||
can, err := s.
|
||||
Where("team_id = ?", t.ID).
|
||||
And("user_id = ?", a.GetID()).
|
||||
Get(tm)
|
||||
|
||||
|
|
|
|||
|
|
@ -82,6 +82,8 @@ func TestTeam_CanDoSomething(t *testing.T) {
|
|||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
db.LoadAndAssertFixtures(t)
|
||||
s := x.NewSession()
|
||||
defer s.Close()
|
||||
|
||||
tm := &Team{
|
||||
ID: tt.fields.ID,
|
||||
|
|
@ -96,19 +98,19 @@ func TestTeam_CanDoSomething(t *testing.T) {
|
|||
Rights: tt.fields.Rights,
|
||||
}
|
||||
|
||||
if got, _ := tm.CanCreate(tt.args.a); got != tt.want["CanCreate"] { // CanCreate is currently always true
|
||||
if got, _ := tm.CanCreate(s, tt.args.a); got != tt.want["CanCreate"] { // CanCreate is currently always true
|
||||
t.Errorf("Team.CanCreate() = %v, want %v", got, tt.want["CanCreate"])
|
||||
}
|
||||
if got, _ := tm.CanDelete(tt.args.a); got != tt.want["CanDelete"] {
|
||||
if got, _ := tm.CanDelete(s, tt.args.a); got != tt.want["CanDelete"] {
|
||||
t.Errorf("Team.CanDelete() = %v, want %v", got, tt.want["CanDelete"])
|
||||
}
|
||||
if got, _ := tm.CanUpdate(tt.args.a); got != tt.want["CanUpdate"] {
|
||||
if got, _ := tm.CanUpdate(s, tt.args.a); got != tt.want["CanUpdate"] {
|
||||
t.Errorf("Team.CanUpdate() = %v, want %v", got, tt.want["CanUpdate"])
|
||||
}
|
||||
if got, _, _ := tm.CanRead(tt.args.a); got != tt.want["CanRead"] {
|
||||
if got, _, _ := tm.CanRead(s, tt.args.a); got != tt.want["CanRead"] {
|
||||
t.Errorf("Team.CanRead() = %v, want %v", got, tt.want["CanRead"])
|
||||
}
|
||||
if got, _ := tm.IsAdmin(tt.args.a); got != tt.want["IsAdmin"] {
|
||||
if got, _ := tm.IsAdmin(s, tt.args.a); got != tt.want["IsAdmin"] {
|
||||
t.Errorf("Team.IsAdmin() = %v, want %v", got, tt.want["IsAdmin"])
|
||||
}
|
||||
})
|
||||
|
|
|
|||
|
|
@ -32,11 +32,16 @@ func TestTeam_Create(t *testing.T) {
|
|||
}
|
||||
t.Run("normal", func(t *testing.T) {
|
||||
db.LoadAndAssertFixtures(t)
|
||||
s := x.NewSession()
|
||||
defer s.Close()
|
||||
|
||||
team := &Team{
|
||||
Name: "Testteam293",
|
||||
Description: "Lorem Ispum",
|
||||
}
|
||||
err := team.Create(doer)
|
||||
err := team.Create(s, doer)
|
||||
assert.NoError(t, err)
|
||||
err = s.Commit()
|
||||
assert.NoError(t, err)
|
||||
db.AssertExists(t, "teams", map[string]interface{}{
|
||||
"id": team.ID,
|
||||
|
|
@ -46,8 +51,11 @@ func TestTeam_Create(t *testing.T) {
|
|||
})
|
||||
t.Run("empty name", func(t *testing.T) {
|
||||
db.LoadAndAssertFixtures(t)
|
||||
s := x.NewSession()
|
||||
defer s.Close()
|
||||
|
||||
team := &Team{}
|
||||
err := team.Create(doer)
|
||||
err := team.Create(s, doer)
|
||||
assert.Error(t, err)
|
||||
assert.True(t, IsErrTeamNameCannotBeEmpty(err))
|
||||
})
|
||||
|
|
@ -56,8 +64,11 @@ func TestTeam_Create(t *testing.T) {
|
|||
func TestTeam_ReadOne(t *testing.T) {
|
||||
t.Run("normal", func(t *testing.T) {
|
||||
db.LoadAndAssertFixtures(t)
|
||||
s := x.NewSession()
|
||||
defer s.Close()
|
||||
|
||||
team := &Team{ID: 1}
|
||||
err := team.ReadOne()
|
||||
err := team.ReadOne(s)
|
||||
assert.NoError(t, err)
|
||||
assert.Equal(t, "testteam1", team.Name)
|
||||
assert.Equal(t, "Lorem Ipsum", team.Description)
|
||||
|
|
@ -66,15 +77,21 @@ func TestTeam_ReadOne(t *testing.T) {
|
|||
})
|
||||
t.Run("invalid id", func(t *testing.T) {
|
||||
db.LoadAndAssertFixtures(t)
|
||||
s := x.NewSession()
|
||||
defer s.Close()
|
||||
|
||||
team := &Team{ID: -1}
|
||||
err := team.ReadOne()
|
||||
err := team.ReadOne(s)
|
||||
assert.Error(t, err)
|
||||
assert.True(t, IsErrTeamDoesNotExist(err))
|
||||
})
|
||||
t.Run("nonexisting", func(t *testing.T) {
|
||||
db.LoadAndAssertFixtures(t)
|
||||
s := x.NewSession()
|
||||
defer s.Close()
|
||||
|
||||
team := &Team{ID: 99999}
|
||||
err := team.ReadOne()
|
||||
err := team.ReadOne(s)
|
||||
assert.Error(t, err)
|
||||
assert.True(t, IsErrTeamDoesNotExist(err))
|
||||
})
|
||||
|
|
@ -83,23 +100,31 @@ func TestTeam_ReadOne(t *testing.T) {
|
|||
func TestTeam_ReadAll(t *testing.T) {
|
||||
doer := &user.User{ID: 1}
|
||||
t.Run("normal", func(t *testing.T) {
|
||||
s := x.NewSession()
|
||||
defer s.Close()
|
||||
|
||||
team := &Team{}
|
||||
ts, _, _, err := team.ReadAll(doer, "", 1, 50)
|
||||
teams, _, _, err := team.ReadAll(s, doer, "", 1, 50)
|
||||
assert.NoError(t, err)
|
||||
assert.Equal(t, reflect.TypeOf(ts).Kind(), reflect.Slice)
|
||||
s := reflect.ValueOf(ts)
|
||||
assert.Equal(t, 8, s.Len())
|
||||
assert.Equal(t, reflect.TypeOf(teams).Kind(), reflect.Slice)
|
||||
ts := reflect.ValueOf(teams)
|
||||
assert.Equal(t, 8, ts.Len())
|
||||
})
|
||||
}
|
||||
|
||||
func TestTeam_Update(t *testing.T) {
|
||||
t.Run("normal", func(t *testing.T) {
|
||||
db.LoadAndAssertFixtures(t)
|
||||
s := x.NewSession()
|
||||
defer s.Close()
|
||||
|
||||
team := &Team{
|
||||
ID: 1,
|
||||
Name: "SomethingNew",
|
||||
}
|
||||
err := team.Update()
|
||||
err := team.Update(s)
|
||||
assert.NoError(t, err)
|
||||
err = s.Commit()
|
||||
assert.NoError(t, err)
|
||||
db.AssertExists(t, "teams", map[string]interface{}{
|
||||
"id": team.ID,
|
||||
|
|
@ -108,21 +133,27 @@ func TestTeam_Update(t *testing.T) {
|
|||
})
|
||||
t.Run("empty name", func(t *testing.T) {
|
||||
db.LoadAndAssertFixtures(t)
|
||||
s := x.NewSession()
|
||||
defer s.Close()
|
||||
|
||||
team := &Team{
|
||||
ID: 1,
|
||||
Name: "",
|
||||
}
|
||||
err := team.Update()
|
||||
err := team.Update(s)
|
||||
assert.Error(t, err)
|
||||
assert.True(t, IsErrTeamNameCannotBeEmpty(err))
|
||||
})
|
||||
t.Run("nonexisting", func(t *testing.T) {
|
||||
db.LoadAndAssertFixtures(t)
|
||||
s := x.NewSession()
|
||||
defer s.Close()
|
||||
|
||||
team := &Team{
|
||||
ID: 9999,
|
||||
Name: "SomethingNew",
|
||||
}
|
||||
err := team.Update()
|
||||
err := team.Update(s)
|
||||
assert.Error(t, err)
|
||||
assert.True(t, IsErrTeamDoesNotExist(err))
|
||||
})
|
||||
|
|
@ -131,10 +162,15 @@ func TestTeam_Update(t *testing.T) {
|
|||
func TestTeam_Delete(t *testing.T) {
|
||||
t.Run("normal", func(t *testing.T) {
|
||||
db.LoadAndAssertFixtures(t)
|
||||
s := x.NewSession()
|
||||
defer s.Close()
|
||||
|
||||
team := &Team{
|
||||
ID: 1,
|
||||
}
|
||||
err := team.Delete()
|
||||
err := team.Delete(s)
|
||||
assert.NoError(t, err)
|
||||
err = s.Commit()
|
||||
assert.NoError(t, err)
|
||||
db.AssertMissing(t, "teams", map[string]interface{}{
|
||||
"id": 1,
|
||||
|
|
|
|||
Loading…
Reference in New Issue