From 8a6256cb0110135fe06e1bba133dbb202e986b28 Mon Sep 17 00:00:00 2001
From: Giannis Kopanas <jkopanas@gmail.com>
Date: Thu, 17 May 2018 13:59:57 +0300
Subject: [PATCH] add authorize to manuscripts

---
 app/app.js         |   1 +
 config/authsome.js | 103 ++++++++++++++++++++++++++++++++++++++++++++-
 config/default.js  |   4 +-
 3 files changed, 104 insertions(+), 4 deletions(-)

diff --git a/app/app.js b/app/app.js
index 6e38a8b593..c9d3ccbd6a 100644
--- a/app/app.js
+++ b/app/app.js
@@ -1,3 +1,4 @@
+import 'regenerator-runtime/runtime'
 import React from 'react'
 import ReactDOM from 'react-dom'
 import { AppContainer } from 'react-hot-loader'
diff --git a/config/authsome.js b/config/authsome.js
index aa3fdaedd6..aac18d5941 100644
--- a/config/authsome.js
+++ b/config/authsome.js
@@ -131,6 +131,15 @@ class XpubCollabraMode {
     return this.isTeamMember('managingEditor')
   }
 
+  /**
+   * Checks if user is a reviewer editor (member of a team of type reviewer editor) for an object
+   *
+   * @returns {boolean}
+   */
+  isAssignedReviewerEditor(object) {
+    return this.isTeamMember('reviewer', object)
+  }
+
   /**
    * Checks if userId is present, indicating an authenticated user
    *
@@ -252,7 +261,9 @@ class XpubCollabraMode {
             const condition =
               this.isAuthor(collection) ||
               (await this.isAssignedHandlingEditor(collection)) || // eslint-disable-line
-              (await this.isAssignedSeniorEditor(collection)) // eslint-disable-line
+              (await this.isAssignedSeniorEditor(collection)) || // eslint-disable-line
+              (await this.isAssignedReviewerEditor(collection)) // eslint-disable-line
+
             return condition ? collection : undefined // eslint-disable-line
           }, this),
         )
@@ -341,6 +352,88 @@ class XpubCollabraMode {
   async canReadTeam() {
     return true
   }
+
+  /**
+   * Checks if a user can list a team
+   *
+   * @returns {boolean}
+   */
+  // eslint-disable-next-line
+  async canListTeam() {
+    return true
+  }
+
+  /**
+   * Checks if a user can lists team
+   *
+   * @returns {boolean}
+   */
+  // eslint-disable-next-line
+  async canListTeams() {
+    return true
+  }
+
+  /**
+   * Checks if a user can update a fragment
+   *
+   * @returns {boolean}
+   */
+  async canUpdateFragment() {
+    this.user = await this.context.models.User.find(this.userId)
+    const permission =
+      this.isAuthor(this.object) ||
+      (await this.isAssignedHandlingEditor(this.object)) ||
+      (await this.isAssignedSeniorEditor(this.object))
+    return permission
+  }
+
+  /**
+   * Checks if a user can update collection
+   *
+   * @returns {boolean}
+   */
+  async canUpdateCollection() {
+    this.user = await this.context.models.User.find(this.userId)
+    const collection = this.object
+    if (collection) {
+      const permission =
+        this.isAuthor(collection) ||
+        (await this.isAssignedHandlingEditor(collection)) ||
+        (await this.isAssignedSeniorEditor(collection))
+      return permission
+    }
+    return false
+  }
+
+  /**
+   * Checks if editor can invite Reviewers
+   *
+   * @returns {boolean}
+   */
+  async canInviteReviewer() {
+    this.user = await this.context.models.User.find(this.userId)
+
+    const { collection } = this.object
+    const permission =
+      (await this.isAssignedHandlingEditor(collection)) ||
+      (await this.isAssignedSeniorEditor(collection))
+
+    return permission
+  }
+
+  async canViewManuscripts() {
+    this.user = await this.context.models.User.find(this.userId)
+
+    const result = await Promise.all(
+      this.object.map(async collection => {
+        const permission =
+          (await this.isAssignedHandlingEditor(collection)) ||
+          (await this.isAssignedSeniorEditor(collection))
+        return permission
+      }, this),
+    )
+    return result.includes(true)
+  }
 }
 
 module.exports = {
@@ -448,6 +541,10 @@ module.exports = {
       return mode.canUpdateTeam()
     }
 
+    if (object && object.path === '/make-invitation') {
+      return mode.canInviteReviewer()
+    }
+
     return false
   },
   DELETE: (userId, operation, object, context) => {
@@ -480,6 +577,10 @@ module.exports = {
     const mode = new XpubCollabraMode(userId, operation, object, context)
     return mode.canListCollections()
   },
+  'can view my manuscripts section': (userId, operation, object, context) => {
+    const mode = new XpubCollabraMode(userId, operation, object, context)
+    return mode.canViewManuscripts()
+  },
   create: (userId, operation, object, context) => {
     const mode = new XpubCollabraMode(userId, operation, object, context)
 
diff --git a/config/default.js b/config/default.js
index 85b46b3b97..3b166ea608 100644
--- a/config/default.js
+++ b/config/default.js
@@ -29,9 +29,7 @@ module.exports = {
     path: `${__dirname}/mailer`,
   },
   'pubsweet-server': {
-    db: {
-      port: 5432,
-    },
+    db: {},
     port: 3000,
     logger,
     uploads: 'uploads',
-- 
GitLab