diff --git a/packages/component-invite/src/controllers/assignCollectionRole.js b/packages/component-invite/src/controllers/assignCollectionRole.js
index be8f7f8d644dbd47a791cdcec7e65f633bdf6bd6..50c1e31f9d3b8686b753012e226a4f974662e5fd 100644
--- a/packages/component-invite/src/controllers/assignCollectionRole.js
+++ b/packages/component-invite/src/controllers/assignCollectionRole.js
@@ -27,6 +27,10 @@ module.exports = async (
}
if (reqUser.handlingEditor === true) {
+ if (reqUser.email === email) {
+ logger.error(`${reqUser.email} tried to invite his own email`)
+ return res.status(400).json({ error: 'Cannot invite yourself' })
+ }
if (reqUser.teams === undefined) {
return res.status(403).json({
error: `Handling Editor ${reqUser.email} is not part of any teams`,
@@ -48,6 +52,11 @@ module.exports = async (
}
}
+ if (reqUser.editorInChief === true && email === reqUser.email) {
+ logger.error(`${reqUser.email} tried to invite his own email`)
+ return res.status(400).json({ error: 'Cannot invite yourself' })
+ }
+
let collection
try {
collection = await models.Collection.find(collectionId)
@@ -69,9 +78,12 @@ module.exports = async (
)
// get updated user from DB
user = await models.User.findByEmail(email)
- if (role === 'coAuthor') {
+ if (role === 'author') {
+ if (collection.owners[0].id === user.id) {
+ return res.status(200).json(user)
+ }
try {
- await mailService.setupAssignEmail(user.email, 'assign-coauthor', url)
+ await mailService.setupAssignEmail(user.email, 'assign-author', url)
return res.status(200).json(user)
} catch (e) {
diff --git a/packages/component-invite/src/routes/getCollectionUsers.js b/packages/component-invite/src/routes/getCollectionUsers.js
index 94570732b4731e170f6e9d6a076258631d1e2de7..a08cdba076c3130d940a6344cad85c2a17588967 100644
--- a/packages/component-invite/src/routes/getCollectionUsers.js
+++ b/packages/component-invite/src/routes/getCollectionUsers.js
@@ -16,12 +16,6 @@ module.exports = models => async (req, res) => {
return
}
- const reqUser = await models.User.find(req.user)
- if (!reqUser.editorInChief) {
- res.status(400).json({ error: 'The request user must be Editor in Chief' })
- return
- }
-
const { collectionId } = req.params
try {
await models.Collection.find(collectionId)
diff --git a/packages/component-invite/src/routes/postInvite.js b/packages/component-invite/src/routes/postInvite.js
index b3b61a0db11910508d48a2052530bf60fb6d192a..4c301272ee64c421530d2098fcdfbe22a79ae9b0 100644
--- a/packages/component-invite/src/routes/postInvite.js
+++ b/packages/component-invite/src/routes/postInvite.js
@@ -22,11 +22,7 @@ module.exports = models => async (req, res) => {
return
}
const reqUser = await models.User.find(req.user)
- if (email === reqUser.email) {
- res.status(400).json({ error: 'Cannot invite yourself' })
- logger.error(`${reqUser.email} tried to invite his own email`)
- return
- }
+
const collectionId = get(req, 'params.collectionId')
const url = `${req.protocol}://${req.get('host')}`
if (collectionId)
@@ -41,6 +37,11 @@ module.exports = models => async (req, res) => {
req.body,
)
+ if (email === reqUser.email) {
+ res.status(400).json({ error: 'Cannot invite yourself' })
+ logger.error(`${reqUser.email} tried to invite his own email`)
+ return
+ }
if (reqUser.admin)
return require('../controllers/inviteGlobalRole')(
req.body,
diff --git a/packages/component-mail-service/src/templates/assign-coauthor.html b/packages/component-mail-service/src/templates/assign-author.html
similarity index 100%
rename from packages/component-mail-service/src/templates/assign-coauthor.html
rename to packages/component-mail-service/src/templates/assign-author.html
diff --git a/packages/component-mail-service/src/templates/assign-coauthor.txt b/packages/component-mail-service/src/templates/assign-author.txt
similarity index 100%
rename from packages/component-mail-service/src/templates/assign-coauthor.txt
rename to packages/component-mail-service/src/templates/assign-author.txt
diff --git a/packages/component-mail-service/src/templates/invite-coauthor.html b/packages/component-mail-service/src/templates/invite-author.html
similarity index 100%
rename from packages/component-mail-service/src/templates/invite-coauthor.html
rename to packages/component-mail-service/src/templates/invite-author.html
diff --git a/packages/component-mail-service/src/templates/invite-coauthor.txt b/packages/component-mail-service/src/templates/invite-author.txt
similarity index 100%
rename from packages/component-mail-service/src/templates/invite-coauthor.txt
rename to packages/component-mail-service/src/templates/invite-author.txt
diff --git a/packages/xpub-faraday/config/authsome.js b/packages/xpub-faraday/config/authsome.js
index 2adf7a0792e6d70a0e26f8a97b8f7feb7df758f1..abd7c34913f8c9afb37bdd96fc98f98e040ad010 100644
--- a/packages/xpub-faraday/config/authsome.js
+++ b/packages/xpub-faraday/config/authsome.js
@@ -3,8 +3,8 @@ const pickBy = require('lodash/pickBy')
const omit = require('lodash/omit')
async function teamPermissions(user, operation, object, context) {
- const permissions = ['handlingEditor', 'coAuthor']
- const teams = Promise.all(
+ const permissions = ['handlingEditor', 'author']
+ const teams = await Promise.all(
user.teams
.map(async teamId => {
const team = await context.models.Team.find(teamId)
diff --git a/packages/xpub-faraday/config/default.js b/packages/xpub-faraday/config/default.js
index f279c3df72cfd495e162414d0527b0a842df446a..9671e5bef74fdb508ed65eec3fcb22edc1a1feb7 100644
--- a/packages/xpub-faraday/config/default.js
+++ b/packages/xpub-faraday/config/default.js
@@ -63,12 +63,11 @@ module.exports = {
},
roles: {
global: ['admin', 'editorInChief', 'author', 'handlingEditor'],
- collection: ['handlingEditor', 'reviewer', 'coAuthor'],
+ collection: ['handlingEditor', 'reviewer', 'author'],
inviteRights: {
- admin: ['admin', 'editorInChief', 'author', 'handlingEditor', 'coAuthor'],
+ admin: ['admin', 'editorInChief', 'author', 'handlingEditor', 'author'],
editorInChief: ['handlingEditor'],
handlingEditor: ['reviewer'],
- author: ['coAuthor'],
},
},
mailer: {