local-it/vikunja-api
0
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Add update route to toggle team member admin status

Browse source
This commit is contained in:
kolaente 2020-08-05 17:21:17 +02:00
parent dfb7730b63
commit 11722bf029
No known key found for this signature in database
GPG key ID: F40E70337AB24C9B
7 changed files with 193 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

36
pkg/models/team_members.go
View file

@ -96,3 +96,39 @@ func (tm *TeamMember) Delete() (err error) {
_, err = x.Where("team_id = ? AND user_id = ?", tm.TeamID, tm.UserID).Delete(&TeamMember{})
return
}
// Update toggles a team member's admin status
// @Summary Toggle a team member's admin status
// @Description If a user is team admin, this will make them member and vise-versa.
// @tags team
// @Produce json
// @Security JWTKeyAuth
// @Param id path int true "Team ID"
// @Param userID path int true "User ID"
// @Success 200 {object} models.Message "The member right was successfully changed."
// @Failure 500 {object} models.Message "Internal error"
// @Router /teams/{id}/members/{userID}/admin [post]
func (tm *TeamMember) Update() (err error) {
// Find the numeric user id
user, err := user2.GetUserByUsername(tm.Username)
if err != nil {
return
}
tm.UserID = user.ID
// Get the full member object and change the admin right
_, err = x.
Where("team_id = ? AND user_id = ?", tm.TeamID, tm.UserID).
Get(tm)
if err != nil {
return err
}
tm.Admin = !tm.Admin
// Do the update
_, err = x.
Where("team_id = ? AND user_id = ?", tm.TeamID, tm.UserID).
Cols("admin").
Update(tm)
return
}

5
pkg/models/team_members_rights.go
View file

@ -30,6 +30,11 @@ func (tm *TeamMember) CanDelete(a web.Auth) (bool, error) {
return tm.IsAdmin(a)
}
// CanUpdate checks if the user can modify a team member's right
func (tm *TeamMember) CanUpdate(a web.Auth) (bool, error) {
return tm.IsAdmin(a)
}
// IsAdmin checks if the user is team admin
func (tm *TeamMember) IsAdmin(a web.Auth) (bool, error) {
// Don't allow anything if we're dealing with a list share here

27
pkg/models/team_members_test.go
View file

@ -81,3 +81,30 @@ func TestTeamMember_Delete(t *testing.T) {
assert.NoError(t, err)
})
}
func TestTeamMember_Update(t *testing.T) {
t.Run("normal", func(t *testing.T) {
db.LoadAndAssertFixtures(t)
tm := &TeamMember{
TeamID: 1,
Username: "user1",
Admin: true,
}
err := tm.Update()
assert.NoError(t, err)
assert.False(t, tm.Admin)
})
// This should have the same result as the normal run as the update function
// should ignore what was passed.
t.Run("explicitly false in payload", func(t *testing.T) {
db.LoadAndAssertFixtures(t)
tm := &TeamMember{
TeamID: 1,
Username: "user1",
Admin: true,
}
err := tm.Update()
assert.NoError(t, err)
assert.False(t, tm.Admin)
})
}

1
pkg/routes/routes.go
View file

@ -478,6 +478,7 @@ func registerAPIRoutes(a *echo.Group) {
}
a.PUT("/teams/:team/members", teamMemberHandler.CreateWeb)
a.DELETE("/teams/:team/members/:user", teamMemberHandler.DeleteWeb)
a.POST("/teams/:team/members/:user/admin", teamMemberHandler.UpdateWeb)
// Migrations
m := a.Group("/migration")

47
pkg/swagger/docs.go
View file

@ -5311,6 +5311,53 @@ var doc = `{
}
}
},
"/teams/{id}/members/{userID}/admin": {
"post": {
"security": [
{
"JWTKeyAuth": []
}
],
"description": "If a user is team admin, this will make them member and vise-versa.",
"produces": [
"application/json"
],
"tags": [
"team"
],
"summary": "Toggle a team member's admin status",
"parameters": [
{
"type": "integer",
"description": "Team ID",
"name": "id",
"in": "path",
"required": true
},
{
"type": "integer",
"description": "User ID",
"name": "userID",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "The member right was successfully changed.",
"schema": {
"$ref": "#/definitions/models.Message"
}
},
"500": {
"description": "Internal error",
"schema": {
"$ref": "#/definitions/models.Message"
}
}
}
}
},
"/user": {
"get": {
"security": [

47
pkg/swagger/swagger.json
View file

@ -5294,6 +5294,53 @@
}
}
},
"/teams/{id}/members/{userID}/admin": {
"post": {
"security": [
{
"JWTKeyAuth": []
}
],
"description": "If a user is team admin, this will make them member and vise-versa.",
"produces": [
"application/json"
],
"tags": [
"team"
],
"summary": "Toggle a team member's admin status",
"parameters": [
{
"type": "integer",
"description": "Team ID",
"name": "id",
"in": "path",
"required": true
},
{
"type": "integer",
"description": "User ID",
"name": "userID",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "The member right was successfully changed.",
"schema": {
"$ref": "#/definitions/models.Message"
}
},
"500": {
"description": "Internal error",
"schema": {
"$ref": "#/definitions/models.Message"
}
}
}
}
},
"/user": {
"get": {
"security": [

30
pkg/swagger/swagger.yaml
View file

@ -4524,6 +4524,36 @@ paths:
summary: Remove a user from a team
tags:
- team
/teams/{id}/members/{userID}/admin:
post:
description: If a user is team admin, this will make them member and vise-versa.
parameters:
- description: Team ID
in: path
name: id
required: true
type: integer
- description: User ID
in: path
name: userID
required: true
type: integer
produces:
- application/json
responses:
"200":
description: The member right was successfully changed.
schema:
$ref: '#/definitions/models.Message'
"500":
description: Internal error
schema:
$ref: '#/definitions/models.Message'
security:
- JWTKeyAuth: []
summary: Toggle a team member's admin status
tags:
- team
/user:
get:
consumes: