feat(component-invite): invite yourself as author

b7743313 · Sebastian · cc34ab08 · b7743313 · b7743313 · b7743313
Commit b7743313 authored 6 years ago by Sebastian
--- a/packages/component-invite/src/controllers/assignCollectionRole.js
+++ b/packages/component-invite/src/controllers/assignCollectionRole.js
@@ -27,6 +27,10 @@ module.exports = async (
  }

  if (reqUser.handlingEditor === true) {
+    if (reqUser.email === email) {
+      logger.error(`${reqUser.email} tried to invite his own email`)
+      return res.status(400).json({ error: 'Cannot invite yourself' })
+    }
    if (reqUser.teams === undefined) {
      return res.status(403).json({
        error: `Handling Editor ${reqUser.email} is not part of any teams`,
@@ -48,6 +52,11 @@ module.exports = async (
    }
  }

+  if (reqUser.editorInChief === true && email === reqUser.email) {
+    logger.error(`${reqUser.email} tried to invite his own email`)
+    return res.status(400).json({ error: 'Cannot invite yourself' })
+  }
+
  let collection
  try {
    collection = await models.Collection.find(collectionId)
@@ -69,9 +78,12 @@ module.exports = async (
    )
    // get updated user from DB
    user = await models.User.findByEmail(email)
-    if (role === 'coAuthor') {
+    if (role === 'author') {
+      if (collection.owners[0].id === user.id) {
+        return res.status(200).json(user)
+      }
      try {
-        await mailService.setupAssignEmail(user.email, 'assign-coauthor', url)
+        await mailService.setupAssignEmail(user.email, 'assign-author', url)

        return res.status(200).json(user)
      } catch (e) {

--- a/packages/component-invite/src/routes/getCollectionUsers.js
+++ b/packages/component-invite/src/routes/getCollectionUsers.js
@@ -16,12 +16,6 @@ module.exports = models => async (req, res) => {
    return
  }

-  const reqUser = await models.User.find(req.user)
-  if (!reqUser.editorInChief) {
-    res.status(400).json({ error: 'The request user must be Editor in Chief' })
-    return
-  }
-
  const { collectionId } = req.params
  try {
    await models.Collection.find(collectionId)

--- a/packages/component-invite/src/routes/postInvite.js
+++ b/packages/component-invite/src/routes/postInvite.js
@@ -22,11 +22,7 @@ module.exports = models => async (req, res) => {
    return
  }
  const reqUser = await models.User.find(req.user)
-  if (email === reqUser.email) {
-    res.status(400).json({ error: 'Cannot invite yourself' })
-    logger.error(`${reqUser.email} tried to invite his own email`)
-    return
-  }
+
  const collectionId = get(req, 'params.collectionId')
  const url = `${req.protocol}://${req.get('host')}`
  if (collectionId)
@@ -41,6 +37,11 @@ module.exports = models => async (req, res) => {
      req.body,
    )

+  if (email === reqUser.email) {
+    res.status(400).json({ error: 'Cannot invite yourself' })
+    logger.error(`${reqUser.email} tried to invite his own email`)
+    return
+  }
  if (reqUser.admin)
    return require('../controllers/inviteGlobalRole')(
      req.body,

--- a/packages/component-mail-service/src/templates/assign-coauthor.html
+++ b/packages/component-mail-service/src/templates/assign-coauthor.html
--- a/packages/component-mail-service/src/templates/assign-coauthor.txt
+++ b/packages/component-mail-service/src/templates/assign-coauthor.txt
--- a/packages/component-mail-service/src/templates/invite-coauthor.html
+++ b/packages/component-mail-service/src/templates/invite-coauthor.html
--- a/packages/component-mail-service/src/templates/invite-coauthor.txt
+++ b/packages/component-mail-service/src/templates/invite-coauthor.txt
--- a/packages/xpub-faraday/config/authsome.js
+++ b/packages/xpub-faraday/config/authsome.js
@@ -3,8 +3,8 @@ const pickBy = require('lodash/pickBy')
 const omit = require('lodash/omit')

 async function teamPermissions(user, operation, object, context) {
-  const permissions = ['handlingEditor', 'coAuthor']
-  const teams = Promise.all(
+  const permissions = ['handlingEditor', 'author']
+  const teams = await Promise.all(
    user.teams
      .map(async teamId => {
        const team = await context.models.Team.find(teamId)

--- a/packages/xpub-faraday/config/default.js
+++ b/packages/xpub-faraday/config/default.js
@@ -63,12 +63,11 @@ module.exports = {
  },
  roles: {
    global: ['admin', 'editorInChief', 'author', 'handlingEditor'],
-    collection: ['handlingEditor', 'reviewer', 'coAuthor'],
+    collection: ['handlingEditor', 'reviewer', 'author'],
    inviteRights: {
-      admin: ['admin', 'editorInChief', 'author', 'handlingEditor', 'coAuthor'],
+      admin: ['admin', 'editorInChief', 'author', 'handlingEditor', 'author'],
      editorInChief: ['handlingEditor'],
      handlingEditor: ['reviewer'],
-      author: ['coAuthor'],
    },
  },
  mailer: {