Merge branch 'develop' of https://gitlab.coko.foundation/xpub/xpub-faraday into develop

3c6d5ae5 · Bogdan Cochior · 35dc350c · 2676bb4c · 3c6d5ae5 · 3c6d5ae5
Commit 3c6d5ae5 authored 6 years ago by Bogdan Cochior
--- a/packages/component-invite/src/helpers/authsome.js
+++ b/packages/component-invite/src/helpers/authsome.js
+const config = require('config')
+const Authsome = require('authsome')
+
+const mode = require(config.get('authsome.mode'))
+
+const authsome = new Authsome({ ...config.authsome, mode }, {})
+
+module.exports = authsome
--- a/packages/component-invite/src/routes/collectionsInvitations/post.js
+++ b/packages/component-invite/src/routes/collectionsInvitations/post.js
@@ -40,6 +40,7 @@ module.exports = models => async (req, res) => {
      error: notFoundError.message,
    })
  }
+
  const baseUrl = `${req.protocol}://${req.get('host')}`
  const params = {
    baseUrl,

--- a/packages/xpub-faraday/config/authsome-helpers.js
+++ b/packages/xpub-faraday/config/authsome-helpers.js
@@ -19,7 +19,7 @@ module.exports = {
      coll.visibleStatus = statuses[coll.status].private
    }
  },
-  filterRefusedReviewers: (coll, user) => {
+  filterRefusedInvitations: (coll, user) => {
    const matchingInv = coll.invitations.find(inv => inv.userId === user.id)
    if (matchingInv === undefined) return null
    if (matchingInv.hasAnswer === true && !matchingInv.isAccepted) return null

--- a/packages/xpub-faraday/config/authsome.js
+++ b/packages/xpub-faraday/config/authsome.js
@@ -35,8 +35,12 @@ async function teamPermissions(user, operation, object, context) {
            }
            helpers.setPublicStatuses(coll, matchingCollPerm)
            helpers.parseReviewerAuthors(coll, matchingCollPerm)
-            if (['reviewer'].includes(matchingCollPerm.permission)) {
-              return helpers.filterRefusedReviewers(coll, user)
+            if (
+              ['reviewer', 'handlingEditor'].includes(
+                matchingCollPerm.permission,
+              )
+            ) {
+              return helpers.filterRefusedInvitations(coll, user)
            }
            return coll
          })
@@ -97,11 +101,11 @@ function unauthenticatedUser(operation, object) {

 async function authenticatedUser(user, operation, object, context) {
  // Allow the authenticated user to POST a collection (but not with a 'filtered' property)
-  // if (operation === 'POST' && object.path === '/collections') {
-  //   return {
-  //     filter: collection => omit(collection, 'filtered'),
-  //   }
-  // }
+  if (operation === 'POST' && object.path === '/collections') {
+    return {
+      filter: collection => omit(collection, 'filtered'),
+    }
+  }

  // Allow the authenticated user to GET collections they own
  if (operation === 'GET' && object === '/collections/') {

--- a/packages/xpub-faraday/config/default.js
+++ b/packages/xpub-faraday/config/default.js
@@ -21,9 +21,14 @@ const getDbConfig = () => {

 module.exports = {
  authsome: {
-    mode: path.resolve(__dirname, 'authsome.js'),
+    mode: path.resolve(__dirname, 'authsome-mode.js'),
    teams: {
-      // TODO
+      handlingEditor: {
+        name: 'Handling Editors',
+      },
+      reviewer: {
+        name: 'Reviewer',
+      },
    },
  },
  validations: path.resolve(__dirname, 'validations.js'),