2020-02-07 17:27:45 +01:00
|
|
|
// Vikunja is a to-do list application to facilitate your life.
|
2021-02-02 20:19:13 +01:00
|
|
|
// Copyright 2018-2021 Vikunja and contributors. All rights reserved.
|
2018-11-26 21:17:33 +01:00
|
|
|
//
|
2019-12-04 20:39:56 +01:00
|
|
|
// This program is free software: you can redistribute it and/or modify
|
2020-12-23 16:41:52 +01:00
|
|
|
// it under the terms of the GNU Affero General Public Licensee as published by
|
2019-12-04 20:39:56 +01:00
|
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
|
|
// (at your option) any later version.
|
2018-11-26 21:17:33 +01:00
|
|
|
//
|
2019-12-04 20:39:56 +01:00
|
|
|
// This program is distributed in the hope that it will be useful,
|
|
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
2020-12-23 16:41:52 +01:00
|
|
|
// GNU Affero General Public Licensee for more details.
|
2018-11-26 21:17:33 +01:00
|
|
|
//
|
2020-12-23 16:41:52 +01:00
|
|
|
// You should have received a copy of the GNU Affero General Public Licensee
|
2019-12-04 20:39:56 +01:00
|
|
|
// along with this program. If not, see <https://www.gnu.org/licenses/>.
|
2018-11-26 21:17:33 +01:00
|
|
|
|
2018-07-14 18:29:24 +02:00
|
|
|
package models
|
|
|
|
|
2020-01-26 18:08:06 +01:00
|
|
|
import (
|
2021-02-02 23:48:37 +01:00
|
|
|
"code.vikunja.io/api/pkg/events"
|
2020-01-26 18:08:06 +01:00
|
|
|
user2 "code.vikunja.io/api/pkg/user"
|
|
|
|
"code.vikunja.io/web"
|
2020-12-23 16:32:28 +01:00
|
|
|
"xorm.io/xorm"
|
2020-01-26 18:08:06 +01:00
|
|
|
)
|
2018-12-01 00:26:56 +01:00
|
|
|
|
2018-07-14 18:29:24 +02:00
|
|
|
// Create implements the create method to assign a user to a team
|
2018-11-12 16:46:35 +01:00
|
|
|
// @Summary Add a user to a team
|
|
|
|
// @Description Add a user to a team.
|
|
|
|
// @tags team
|
|
|
|
// @Accept json
|
|
|
|
// @Produce json
|
2019-01-03 23:22:06 +01:00
|
|
|
// @Security JWTKeyAuth
|
2018-11-12 16:46:35 +01:00
|
|
|
// @Param id path int true "Team ID"
|
|
|
|
// @Param team body models.TeamMember true "The user to be added to a team."
|
2021-05-26 21:56:31 +02:00
|
|
|
// @Success 201 {object} models.TeamMember "The newly created member object"
|
2020-06-28 16:25:46 +02:00
|
|
|
// @Failure 400 {object} web.HTTPError "Invalid member object provided."
|
|
|
|
// @Failure 403 {object} web.HTTPError "The user does not have access to the team"
|
2018-11-12 16:46:35 +01:00
|
|
|
// @Failure 500 {object} models.Message "Internal error"
|
|
|
|
// @Router /teams/{id}/members [put]
|
2020-12-23 16:32:28 +01:00
|
|
|
func (tm *TeamMember) Create(s *xorm.Session, a web.Auth) (err error) {
|
2018-12-01 00:26:56 +01:00
|
|
|
|
2018-07-26 09:53:32 +02:00
|
|
|
// Check if the team extst
|
2021-02-02 23:48:37 +01:00
|
|
|
team, err := GetTeamByID(s, tm.TeamID)
|
2018-07-26 09:53:32 +02:00
|
|
|
if err != nil {
|
2021-02-02 23:48:37 +01:00
|
|
|
return err
|
2018-07-26 09:53:32 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
// Check if the user exists
|
2021-02-17 20:48:06 +01:00
|
|
|
member, err := user2.GetUserByUsername(s, tm.Username)
|
2018-07-26 09:53:32 +02:00
|
|
|
if err != nil {
|
|
|
|
return
|
|
|
|
}
|
2021-02-17 20:48:06 +01:00
|
|
|
tm.UserID = member.ID
|
2018-07-26 09:53:32 +02:00
|
|
|
|
2018-07-26 10:06:41 +02:00
|
|
|
// Check if that user is already part of the team
|
2020-12-23 16:32:28 +01:00
|
|
|
exists, err := s.
|
|
|
|
Where("team_id = ? AND user_id = ?", tm.TeamID, tm.UserID).
|
2018-07-26 10:06:41 +02:00
|
|
|
Get(&TeamMember{})
|
2019-02-18 20:32:41 +01:00
|
|
|
if err != nil {
|
|
|
|
return
|
|
|
|
}
|
2018-07-26 10:06:41 +02:00
|
|
|
if exists {
|
|
|
|
return ErrUserIsMemberOfTeam{tm.TeamID, tm.UserID}
|
|
|
|
}
|
|
|
|
|
2018-07-26 09:53:32 +02:00
|
|
|
// Insert the user
|
2020-12-23 16:32:28 +01:00
|
|
|
_, err = s.Insert(tm)
|
2021-02-02 23:48:37 +01:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2021-02-17 20:48:06 +01:00
|
|
|
doer, _ := user2.GetFromAuth(a)
|
2021-02-02 23:48:37 +01:00
|
|
|
return events.Dispatch(&TeamMemberAddedEvent{
|
|
|
|
Team: team,
|
2021-02-17 20:48:06 +01:00
|
|
|
Member: member,
|
|
|
|
Doer: doer,
|
2021-02-02 23:48:37 +01:00
|
|
|
})
|
2018-07-14 18:29:24 +02:00
|
|
|
}
|
2019-07-16 16:15:40 +02:00
|
|
|
|
|
|
|
// Delete deletes a user from a team
|
|
|
|
// @Summary Remove a user from a team
|
|
|
|
// @Description Remove a user from a team. This will also revoke any access this user might have via that team.
|
|
|
|
// @tags team
|
|
|
|
// @Produce json
|
|
|
|
// @Security JWTKeyAuth
|
|
|
|
// @Param id path int true "Team ID"
|
|
|
|
// @Param userID path int true "User ID"
|
|
|
|
// @Success 200 {object} models.Message "The user was successfully removed from the team."
|
|
|
|
// @Failure 500 {object} models.Message "Internal error"
|
|
|
|
// @Router /teams/{id}/members/{userID} [delete]
|
2021-02-02 23:48:37 +01:00
|
|
|
func (tm *TeamMember) Delete(s *xorm.Session, a web.Auth) (err error) {
|
2019-07-16 16:15:40 +02:00
|
|
|
|
2020-12-23 16:32:28 +01:00
|
|
|
total, err := s.Where("team_id = ?", tm.TeamID).Count(&TeamMember{})
|
2019-07-16 16:15:40 +02:00
|
|
|
if err != nil {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
if total == 1 {
|
|
|
|
return ErrCannotDeleteLastTeamMember{tm.TeamID, tm.UserID}
|
|
|
|
}
|
|
|
|
|
|
|
|
// Find the numeric user id
|
2020-12-23 16:32:28 +01:00
|
|
|
user, err := user2.GetUserByUsername(s, tm.Username)
|
2019-07-16 16:15:40 +02:00
|
|
|
if err != nil {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
tm.UserID = user.ID
|
|
|
|
|
2020-12-23 16:32:28 +01:00
|
|
|
_, err = s.Where("team_id = ? AND user_id = ?", tm.TeamID, tm.UserID).Delete(&TeamMember{})
|
2019-07-16 16:15:40 +02:00
|
|
|
return
|
|
|
|
}
|
2020-08-05 17:21:17 +02:00
|
|
|
|
|
|
|
// Update toggles a team member's admin status
|
|
|
|
// @Summary Toggle a team member's admin status
|
|
|
|
// @Description If a user is team admin, this will make them member and vise-versa.
|
|
|
|
// @tags team
|
|
|
|
// @Produce json
|
|
|
|
// @Security JWTKeyAuth
|
|
|
|
// @Param id path int true "Team ID"
|
|
|
|
// @Param userID path int true "User ID"
|
|
|
|
// @Success 200 {object} models.Message "The member right was successfully changed."
|
|
|
|
// @Failure 500 {object} models.Message "Internal error"
|
|
|
|
// @Router /teams/{id}/members/{userID}/admin [post]
|
2021-02-02 23:48:37 +01:00
|
|
|
func (tm *TeamMember) Update(s *xorm.Session, a web.Auth) (err error) {
|
2020-08-05 17:21:17 +02:00
|
|
|
// Find the numeric user id
|
2020-12-23 16:32:28 +01:00
|
|
|
user, err := user2.GetUserByUsername(s, tm.Username)
|
2020-08-05 17:21:17 +02:00
|
|
|
if err != nil {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
tm.UserID = user.ID
|
|
|
|
|
|
|
|
// Get the full member object and change the admin right
|
2020-08-05 17:28:11 +02:00
|
|
|
ttm := &TeamMember{}
|
2020-12-23 16:32:28 +01:00
|
|
|
_, err = s.
|
2020-08-05 17:21:17 +02:00
|
|
|
Where("team_id = ? AND user_id = ?", tm.TeamID, tm.UserID).
|
2020-08-05 17:28:11 +02:00
|
|
|
Get(ttm)
|
2020-08-05 17:21:17 +02:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2020-08-05 17:28:11 +02:00
|
|
|
ttm.Admin = !ttm.Admin
|
2020-08-05 17:21:17 +02:00
|
|
|
|
|
|
|
// Do the update
|
2020-12-23 16:32:28 +01:00
|
|
|
_, err = s.
|
2020-08-05 17:21:17 +02:00
|
|
|
Where("team_id = ? AND user_id = ?", tm.TeamID, tm.UserID).
|
|
|
|
Cols("admin").
|
2020-08-05 17:28:11 +02:00
|
|
|
Update(ttm)
|
|
|
|
tm.Admin = ttm.Admin // Since we're returning the updated rights object
|
2020-08-05 17:21:17 +02:00
|
|
|
return
|
|
|
|
}
|