diff --git a/harena-manager.postman_collection.json b/harena-manager.postman_collection.json index cc66771..b7603ca 100644 --- a/harena-manager.postman_collection.json +++ b/harena-manager.postman_collection.json @@ -1011,6 +1011,7 @@ { "key": "entity", "value": "user", + "description": "user/group/institution", "type": "text" }, { @@ -1028,6 +1029,7 @@ { "key": "clearance", "value": "1", + "description": "1: read/ 2: Comment/ 3: Share/ 4: Edit/ 5: Administration", "type": "text" }, { @@ -1884,6 +1886,50 @@ }, "response": [] }, + { + "name": "/admin/groups", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "var response = pm.response.json();", + "", + "// pm.environment.set(\"case-id\", response.token);", + "", + "pm.test(\"Status code is 200 or 201\", function () {", + " ", + " pm.expect(pm.response.code).to.be.oneOf([200,201]);", + " ", + "});" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "disableBodyPruning": true + }, + "request": { + "method": "GET", + "header": [], + "body": { + "mode": "formdata", + "formdata": [] + }, + "url": { + "raw": "{{api-base-url}}/admin/groups", + "host": [ + "{{api-base-url}}" + ], + "path": [ + "admin", + "groups" + ] + } + }, + "response": [] + }, { "name": "/admin/users", "event": [ @@ -2388,6 +2434,41 @@ }, "response": [] }, + { + "name": "/group (wip)", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "disableBodyPruning": true + }, + "request": { + "method": "GET", + "header": [], + "body": { + "mode": "formdata", + "formdata": [] + }, + "url": { + "raw": "{{api-base-url}}/group", + "host": [ + "{{api-base-url}}" + ], + "path": [ + "group" + ] + } + }, + "response": [] + }, { "name": "/group/users (wip)", "event": [ @@ -2412,7 +2493,7 @@ "formdata": [ { "key": "groupId", - "value": "8a419a89-4692-4b32-b485-82a2df44f31f", + "value": "09c35267-5f85-4f1f-bb57-7ecdf21877dd", "type": "text" } ] @@ -2504,7 +2585,7 @@ "formdata": [ { "key": "title", - "value": "group test delete", + "value": "test1", "type": "text" } ] diff --git a/src/adonisjs/app/Controllers/Http/GroupController.js b/src/adonisjs/app/Controllers/Http/GroupController.js index 5203a07..976993e 100644 --- a/src/adonisjs/app/Controllers/Http/GroupController.js +++ b/src/adonisjs/app/Controllers/Http/GroupController.js @@ -33,7 +33,6 @@ class GroupController { } } - async linkUser ({ request, auth, response }) { try { const { userId, groupId } = request.post() @@ -58,7 +57,6 @@ class GroupController { } } - async listCases ({ request, response, auth }) { try { const groupId = request.input('groupId') @@ -75,7 +73,9 @@ class GroupController { let countCases = await Database .from('cases') .leftJoin('permissions', 'cases.id', 'permissions.table_id') - .join('users_groups') + .leftJoin('users_groups', function() { + this.on('permissions.subject', '=', 'users_groups.group_id') + }) .join('users', 'cases.author_id','users.id') .join('institutions', 'users.institution_id', 'institutions.id') .where('permissions.entity', 'group') @@ -97,7 +97,9 @@ class GroupController { .distinct('cases.id') .from('cases') .leftJoin('permissions', 'cases.id', 'permissions.table_id') - .join('users_groups') + .leftJoin('users_groups', function() { + this.on('permissions.subject', '=', 'users_groups.group_id') + }) .join('users', 'cases.author_id','users.id') .join('institutions', 'users.institution_id', 'institutions.id') .where('permissions.entity', 'group') @@ -123,9 +125,10 @@ class GroupController { const groupId = request.input('groupId') if(await Group.find(groupId)){ const result = await Database - .select('user_id','group_id','groups.title as group_title') + .select('users.username','user_id','group_id','groups.title as group_title') .from('users_groups') .join('groups','users_groups.group_id','groups.id') + .join('users', 'users_groups.user_id', 'users.id') .where ('users_groups.group_id', groupId) return response.json(result) @@ -170,6 +173,24 @@ class GroupController { return response.status(e.status).json({ message: e.toString() }) } } + + async listGroups ({request, auth, response}){ + + try { + const groupId = request.input('groupId') + + const result = await Database + .select('group_id','groups.title as group_title') + .from('users_groups') + .join('groups','users_groups.group_id','groups.id') + .where ('users_groups.user_id', auth.user.id) + + return response.json(result) + } catch (e) { + console.log(e) + return response.status(e.status).json({ message: e.toString() }) + } + } } module.exports = GroupController diff --git a/src/adonisjs/app/Controllers/Http/v1/AdminController.js b/src/adonisjs/app/Controllers/Http/v1/AdminController.js index e353339..2d92c86 100644 --- a/src/adonisjs/app/Controllers/Http/v1/AdminController.js +++ b/src/adonisjs/app/Controllers/Http/v1/AdminController.js @@ -9,6 +9,8 @@ const Database = use('Database') const Role = use('Adonis/Acl/Role') const Permission = use('Adonis/Acl/Permission') const User = use('App/Models/v1/User') +const Group = use('App/Models/Group') + const uuidv4 = require('uuid/v4') @@ -135,6 +137,18 @@ class AdminController { return response.status(500).json({ message: e.message }) } } + + async listGroups ({request, auth, response}){ + + try { + const result = await Group.all() + + return response.json(result) + } catch (e) { + console.log(e) + return response.status(e.status).json({ message: e.toString() }) + } + } } module.exports = AdminController diff --git a/src/adonisjs/app/Controllers/Http/v1/CaseController.js b/src/adonisjs/app/Controllers/Http/v1/CaseController.js index ac375a5..41901b5 100644 --- a/src/adonisjs/app/Controllers/Http/v1/CaseController.js +++ b/src/adonisjs/app/Controllers/Http/v1/CaseController.js @@ -364,7 +364,7 @@ class CaseController { else _subject = await User.find(subject) }else if(entity =='group'){ - _subject = await Group.findBy('title', subject) + _subject = await Group.findBy('title', subject) || await Group.find(subject) } if(canShare && clearance < highestClearance && _subject){ diff --git a/src/adonisjs/app/Controllers/Http/v1/CategoryController.js b/src/adonisjs/app/Controllers/Http/v1/CategoryController.js index 239cad1..67e3c2d 100644 --- a/src/adonisjs/app/Controllers/Http/v1/CategoryController.js +++ b/src/adonisjs/app/Controllers/Http/v1/CategoryController.js @@ -109,7 +109,10 @@ class CategoryController { .join('case_properties', 'case_properties.case_id', 'cases.id') .join('properties', 'properties.id', 'case_properties.property_id') .leftJoin('permissions', 'cases.id', 'permissions.table_id') - .join('users_groups') + .leftJoin('users_groups', function() { + this.on('permissions.subject', '=', 'users_groups.group_id') + .andOn('users_groups.user_id', '=', Database.raw('?', [user.id])); + }) .join('users', 'cases.author_id','users.id') .join('institutions', 'users.institution_id', 'institutions.id') .where('cases.category_id', category.id) @@ -143,7 +146,6 @@ class CategoryController { .orWhere(function() { this .where('permissions.entity', 'group') - .whereRaw('permissions.subject = users_groups.group_id') .where('users_groups.user_id', user.id) }) }) @@ -177,7 +179,10 @@ class CategoryController { .join('case_properties', 'case_properties.case_id', 'cases.id') .join('properties', 'properties.id', 'case_properties.property_id') .leftJoin('permissions', 'cases.id', 'permissions.table_id') - .join('users_groups') + .leftJoin('users_groups', function() { + this.on('permissions.subject', '=', 'users_groups.group_id') + .andOn('users_groups.user_id', '=', Database.raw('?', [user.id])); + }) .join('users', 'cases.author_id','users.id') .join('institutions', 'users.institution_id', 'institutions.id') .where('cases.category_id', category.id) @@ -211,7 +216,6 @@ class CategoryController { .orWhere(function() { this .where('permissions.entity', 'group') - .whereRaw('permissions.subject = users_groups.group_id') .where('users_groups.user_id', user.id) }) }) @@ -232,7 +236,10 @@ class CategoryController { let countCases = await Database .from('cases') .leftJoin('permissions', 'cases.id', 'permissions.table_id') - .join('users_groups') + .leftJoin('users_groups', function() { + this.on('permissions.subject', '=', 'users_groups.group_id') + .andOn('users_groups.user_id', '=', Database.raw('?', [user.id])); + }) .join('users', 'cases.author_id','users.id') .join('institutions', 'users.institution_id', 'institutions.id') .where('cases.category_id', category.id) @@ -264,7 +271,6 @@ class CategoryController { .orWhere(function() { this .where('permissions.entity', 'group') - .whereRaw('permissions.subject = users_groups.group_id') .where('users_groups.user_id', user.id) }) }) @@ -292,7 +298,10 @@ class CategoryController { .distinct('cases.id') .from('cases') .leftJoin('permissions', 'cases.id', 'permissions.table_id') - .join('users_groups') + .leftJoin('users_groups', function() { + this.on('permissions.subject', '=', 'users_groups.group_id') + .andOn('users_groups.user_id', '=', Database.raw('?', [user.id])); + }) .join('users', 'cases.author_id','users.id') .join('institutions', 'users.institution_id', 'institutions.id') .where('cases.category_id', category.id) @@ -324,7 +333,6 @@ class CategoryController { .orWhere(function() { this .where('permissions.entity', 'group') - .whereRaw('permissions.subject = users_groups.group_id') .where('users_groups.user_id', user.id) }) }) diff --git a/src/adonisjs/app/Controllers/Http/v1/UserController.js b/src/adonisjs/app/Controllers/Http/v1/UserController.js index cf346cf..d9c5541 100644 --- a/src/adonisjs/app/Controllers/Http/v1/UserController.js +++ b/src/adonisjs/app/Controllers/Http/v1/UserController.js @@ -218,7 +218,10 @@ class UserController { .join('case_properties', 'case_properties.case_id', 'cases.id') .join('properties', 'properties.id', 'case_properties.property_id') .leftJoin('permissions', 'cases.id', 'permissions.table_id') - .join('users_groups') + .leftJoin('users_groups', function() { + this.on('permissions.subject', '=', 'users_groups.group_id') + .andOn('users_groups.user_id', '=', Database.raw('?', [user.id])); + }) .join('users', 'cases.author_id','users.id') .join('institutions', 'users.institution_id', 'institutions.id') .where('properties.title', propertyFilter) @@ -251,7 +254,6 @@ class UserController { .orWhere(function() { this .where('permissions.entity', 'group') - .whereRaw('permissions.subject = users_groups.group_id') .where('users_groups.user_id', user.id) }) }) @@ -289,7 +291,10 @@ class UserController { .join('case_properties', 'case_properties.case_id', 'cases.id') .join('properties', 'properties.id', 'case_properties.property_id') .leftJoin('permissions', 'cases.id', 'permissions.table_id') - .join('users_groups') + .leftJoin('users_groups', function() { + this.on('permissions.subject', '=', 'users_groups.group_id') + .andOn('users_groups.user_id', '=', Database.raw('?', [user.id])); + }) .join('users', 'cases.author_id','users.id') .join('institutions', 'users.institution_id', 'institutions.id') .where('properties.title', propertyFilter) @@ -322,7 +327,6 @@ class UserController { .orWhere(function() { this .where('permissions.entity', 'group') - .whereRaw('permissions.subject = users_groups.group_id') .where('users_groups.user_id', user.id) }) }) @@ -343,7 +347,10 @@ class UserController { let countCases = await Database .from('cases') .leftJoin('permissions', 'cases.id', 'permissions.table_id') - .join('users_groups') + .leftJoin('users_groups', function() { + this.on('permissions.subject', '=', 'users_groups.group_id') + .andOn('users_groups.user_id', '=', Database.raw('?', [user.id])); + }) .join('users', 'cases.author_id','users.id') .join('institutions', 'users.institution_id', 'institutions.id') .where('cases.published', '>=', publishedFilter) @@ -374,7 +381,6 @@ class UserController { .orWhere(function() { this .where('permissions.entity', 'group') - .whereRaw('permissions.subject = users_groups.group_id') .where('users_groups.user_id', user.id) }) }) @@ -406,7 +412,10 @@ class UserController { .distinct('cases.id') .from('cases') .leftJoin('permissions', 'cases.id', 'permissions.table_id') - .join('users_groups') + .leftJoin('users_groups', function() { + this.on('permissions.subject', '=', 'users_groups.group_id') + .andOn('users_groups.user_id', '=', Database.raw('?', [user.id])); + }) .join('users', 'cases.author_id','users.id') .join('institutions', 'users.institution_id', 'institutions.id') .where('cases.published', '>=', publishedFilter) @@ -437,7 +446,6 @@ class UserController { .orWhere(function() { this .where('permissions.entity', 'group') - .whereRaw('permissions.subject = users_groups.group_id') .where('users_groups.user_id', user.id) }) }) diff --git a/src/adonisjs/start/routes.js b/src/adonisjs/start/routes.js index f4bcf6e..3bd9599 100644 --- a/src/adonisjs/start/routes.js +++ b/src/adonisjs/start/routes.js @@ -172,6 +172,7 @@ Route.group(() => { Route.delete( 'user', 'GroupController.removeUser') Route.get( 'cases', 'GroupController.listCases') Route.get( 'users', 'GroupController.listUsers') + Route.get( '', 'GroupController.listGroups') // Route.get( 'list', 'v1/CategoryController.listCategories') // Route.put( ':id', 'v1/CategoryController.update') @@ -206,6 +207,8 @@ Route.group(() => { Route.put( 'user/:id', 'v1/AdminController.updateUser') + Route.get( 'groups', 'v1/AdminController.listGroups') + }).prefix('/api/v1/admin').middleware(['auth', 'is:admin'])