2017-04-07 01:29:05 +02:00
|
|
|
"use strict";
|
|
|
|
var config = require('config');
|
2018-04-12 18:40:58 +02:00
|
|
|
const db = require('../../models/db');
|
|
|
|
const Sequelize = require('sequelize');
|
|
|
|
const Op = Sequelize.Op;
|
|
|
|
const uuidv4 = require('uuid/v4');
|
2017-04-07 01:29:05 +02:00
|
|
|
|
|
|
|
var redis = require('../../helpers/redis');
|
|
|
|
var mailer = require('../../helpers/mailer');
|
|
|
|
|
|
|
|
var async = require('async');
|
|
|
|
var fs = require('fs');
|
|
|
|
var _ = require("underscore");
|
|
|
|
var request = require('request');
|
|
|
|
var url = require("url");
|
|
|
|
var path = require("path");
|
|
|
|
var glob = require('glob');
|
2018-04-12 18:40:58 +02:00
|
|
|
var crypto = require('crypto');
|
2017-04-07 01:29:05 +02:00
|
|
|
|
|
|
|
var express = require('express');
|
|
|
|
var router = express.Router({mergeParams: true});
|
|
|
|
|
|
|
|
router.get('/', function(req, res, next) {
|
2018-04-12 18:40:58 +02:00
|
|
|
db.Membership
|
|
|
|
.findAll({where: {
|
|
|
|
space_id: req.space._id
|
|
|
|
}, include: ['user']})
|
|
|
|
.then(memberships => {
|
2017-04-07 01:29:05 +02:00
|
|
|
res.status(200).json(memberships);
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
router.post('/', function(req, res, next) {
|
|
|
|
if (req.spaceRole == "admin") {
|
|
|
|
var attrs = req.body;
|
2018-04-12 18:40:58 +02:00
|
|
|
attrs.space_id = req.space._id;
|
|
|
|
attrs.state = "pending";
|
|
|
|
attrs._id = uuidv4();
|
|
|
|
var membership = attrs;
|
|
|
|
|
2017-04-07 01:29:05 +02:00
|
|
|
var msg = attrs.personal_message;
|
|
|
|
|
|
|
|
if (membership.email_invited != req.user.email) {
|
2018-04-12 18:40:58 +02:00
|
|
|
db.User.findOne({where:{
|
2017-04-07 01:29:05 +02:00
|
|
|
"email": membership.email_invited
|
2018-04-12 18:40:58 +02:00
|
|
|
}}).then(function(user) {
|
2017-04-07 01:29:05 +02:00
|
|
|
|
|
|
|
if (user) {
|
2018-04-12 18:40:58 +02:00
|
|
|
membership.user_id = user._id;
|
2017-04-07 01:29:05 +02:00
|
|
|
membership.state = "active";
|
|
|
|
} else {
|
|
|
|
membership.code = crypto.randomBytes(64).toString('hex').substring(0, 12);
|
|
|
|
}
|
|
|
|
|
2018-04-12 18:40:58 +02:00
|
|
|
db.Membership.create(membership).then(function() {
|
|
|
|
var accept_link = config.endpoint + "/accept/" + membership._id + "?code=" + membership.code;
|
|
|
|
|
|
|
|
if (user) {
|
|
|
|
accept_link = config.endpoint + "/" + req.space.space_type + "s/" + req.space._id;
|
2017-04-07 01:29:05 +02:00
|
|
|
}
|
2018-04-12 18:40:58 +02:00
|
|
|
|
|
|
|
var openText = req.i18n.__("space_invite_membership_action");
|
|
|
|
if (user) {
|
|
|
|
req.i18n.__("open");
|
|
|
|
}
|
|
|
|
|
|
|
|
const name = req.user.nickname || req.user.email
|
|
|
|
const subject = (req.space.space_type == "space") ? req.i18n.__("space_invite_membership_subject", name, req.space.name) : req.i18n.__("folder_invite_membership_subject", req.user.nickname, req.space.name)
|
|
|
|
const body = (req.space.space_type == "space") ? req.i18n.__("space_invite_membership_body", name, req.space.name) : req.i18n.__("folder_invite_membership_body", req.user.nickname, req.space.name)
|
|
|
|
|
|
|
|
mailer.sendMail(
|
|
|
|
membership.email_invited, subject, body, {
|
|
|
|
messsage: msg,
|
|
|
|
action: {
|
|
|
|
link: accept_link,
|
|
|
|
name: openText
|
|
|
|
}
|
|
|
|
});
|
|
|
|
|
|
|
|
res.status(201).json(membership);
|
2017-04-07 01:29:05 +02:00
|
|
|
});
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
|
|
} else {
|
|
|
|
res.status(400).json({
|
2020-04-07 20:37:41 +02:00
|
|
|
"error": "This email is already included in the Space memberships."
|
2017-04-07 01:29:05 +02:00
|
|
|
});
|
|
|
|
}
|
|
|
|
|
|
|
|
} else {
|
|
|
|
res.status(403).json({
|
|
|
|
"error": "not_permitted"
|
|
|
|
});
|
|
|
|
}
|
|
|
|
});
|
|
|
|
|
|
|
|
router.put('/:membership_id', function(req, res, next) {
|
|
|
|
if (req.user) {
|
|
|
|
if (req.spaceRole == "admin") {
|
2018-04-12 18:40:58 +02:00
|
|
|
db.Membership.findOne({ where: {
|
2017-04-07 01:29:05 +02:00
|
|
|
_id: req.params.membership_id
|
2018-04-12 18:40:58 +02:00
|
|
|
}}).then(function(mem) {
|
|
|
|
if (mem) {
|
|
|
|
var attrs = req.body;
|
|
|
|
mem.role = attrs.role;
|
|
|
|
mem.save(function() {
|
|
|
|
res.status(201).json(mem);
|
|
|
|
});
|
2017-04-07 01:29:05 +02:00
|
|
|
}
|
|
|
|
});
|
|
|
|
} else {
|
|
|
|
res.sendStatus(403);
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
res.sendStatus(403);
|
|
|
|
}
|
|
|
|
});
|
|
|
|
|
|
|
|
router.delete('/:membership_id', function(req, res, next) {
|
|
|
|
if (req.user) {
|
2018-04-12 18:40:58 +02:00
|
|
|
db.Membership.findOne({ where: {
|
2017-04-07 01:29:05 +02:00
|
|
|
_id: req.params.membership_id
|
2018-04-12 18:40:58 +02:00
|
|
|
}}).then(function(mem) {
|
|
|
|
mem.destroy().then(function() {
|
|
|
|
res.sendStatus(204);
|
|
|
|
});
|
2017-04-07 01:29:05 +02:00
|
|
|
});
|
|
|
|
} else {
|
|
|
|
res.sendStatus(403);
|
|
|
|
}
|
|
|
|
});
|
|
|
|
|
|
|
|
module.exports = router;
|