forked from kaverti/website
1049 lines
37 KiB
JavaScript
1049 lines
37 KiB
JavaScript
/*
|
|
@swagger
|
|
components:
|
|
schemas:
|
|
Book:
|
|
type: object
|
|
required:
|
|
- title
|
|
- author
|
|
- finished
|
|
properties:
|
|
id:
|
|
type: integer
|
|
description: The auto-generated id of the book.
|
|
title:
|
|
type: string
|
|
description: The title of your book.
|
|
author:
|
|
type: string
|
|
description: Who wrote the book?
|
|
finished:
|
|
type: boolean
|
|
description: Have you finished reading it?
|
|
createdAt:
|
|
type: string
|
|
format: date
|
|
description: The date of the record creation.
|
|
example:
|
|
title: The Pragmatic Programmer
|
|
author: Andy Hunt / Dave Thomas
|
|
finished: true
|
|
*/
|
|
let bcrypt = require('bcryptjs')
|
|
let multer = require('multer')
|
|
let express = require('express')
|
|
let router = express.Router()
|
|
const auth = require('../lib/auth')
|
|
var Recaptcha = require('express-recaptcha').RecaptchaV3;
|
|
var recaptcha = new Recaptcha('6LdlbrwZAAAAAKvtcVQhVl_QaNOqmQ4PgyW3SKHy', '6LdlbrwZAAAAAMAWPVDrL8eNPxrws6AMDtLf1bgd');
|
|
var reCAPTCHASecret = "6LdlbrwZAAAAAKvtcVQhVl_QaNOqmQ4PgyW3SKHy";
|
|
const Errors = require('../lib/errors.js')
|
|
var format = require('date-format');
|
|
let {
|
|
User, Post, teamPicture, TeamMemberRole, TeamInvite, userWall, StaffApplications, AdminToken, PassKey, Thread, Category, Sequelize, Ip, Ban, sequelize, Team, TeamMembers, TeamRoles
|
|
} = require('../models')
|
|
let pagination = require('../lib/pagination.js')
|
|
const sgMail = require('@sendgrid/mail');
|
|
const MailGen = require('mailgen')
|
|
const crypto = require("crypto")
|
|
const cryptoRandomString = require("crypto-random-string")
|
|
let Promise = require('bluebird');
|
|
const rateLimit = require("express-rate-limit");
|
|
let upload = multer({
|
|
storage: multer.memoryStorage(),
|
|
limits:{
|
|
fileSize: 1024 * 1024
|
|
}
|
|
})
|
|
|
|
const emailLimiter = rateLimit({
|
|
windowMs: 60000,
|
|
max: 1, // limit each IP to 100 requests per windowMs
|
|
message: "{\"errors\":[{\"name\":\"rateLimit\",\"message\":\"You may only make 1 request to this endpoint per minute.\",\"status\":429}]}"
|
|
});
|
|
|
|
router.post('/:username/picture', auth, upload.single('picture'), async (req, res, next) => {
|
|
try {
|
|
let team = await Team.findOne({
|
|
where: {username: req.params.username}
|
|
});
|
|
let isAuthMem = await TeamMembers.findOne({
|
|
where: {UserId: req.userData.UserId, TeamId: team.id}
|
|
});
|
|
if(!isAuthMem) {
|
|
throw Errors.notInTeam
|
|
}
|
|
let isAuthRole = await TeamMemberRole.findOne({
|
|
where: {UserId: req.userData.UserId, TeamId: team.id}
|
|
})
|
|
let isAuth1 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.RoleId, administrator: true}
|
|
})
|
|
let isAuth2 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role2Id, administrator: true}
|
|
})
|
|
let isAuth3 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role3Id, administrator: true}
|
|
})
|
|
let isAuth4 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role4Id, administrator: true}
|
|
})
|
|
let isAuth5 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role5Id, administrator: true}
|
|
})
|
|
let isAuth6 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role6Id, administrator: true}
|
|
})
|
|
let isAuth7 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role7Id, administrator: true}
|
|
})
|
|
let isAuth8 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role8Id, administrator: true}
|
|
})
|
|
let isAuth9 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role9Id, administrator: true}
|
|
})
|
|
let isAuth10 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role10Id, administrator: true}
|
|
})
|
|
const allowArray = [
|
|
isAuth1,
|
|
isAuth2,
|
|
isAuth3,
|
|
isAuth4,
|
|
isAuth5,
|
|
isAuth6,
|
|
isAuth7,
|
|
isAuth8,
|
|
isAuth9,
|
|
isAuth10
|
|
]
|
|
let otherThanNull = allowArray.some(function (el) {
|
|
return el !== null;
|
|
});
|
|
if(otherThanNull) {
|
|
let user = await Team.findOne({
|
|
where: {
|
|
username: req.params.username
|
|
}
|
|
})
|
|
let picture = await teamPicture.findOne({
|
|
where: {TeamId: user.id}
|
|
})
|
|
|
|
let pictureObj = {
|
|
file: req.file.buffer,
|
|
mimetype: req.file.mimetype,
|
|
TeamId: user.id
|
|
}
|
|
|
|
//No picture set yet
|
|
if (!picture) {
|
|
await teamPicture.create(pictureObj)
|
|
} else {
|
|
await picture.update(pictureObj)
|
|
}
|
|
|
|
//Add random query to end to force browser to reload background images
|
|
await user.update({
|
|
picture: '/api/v1/teams/view/' + req.params.username + '/picture?rand=' + Date.now()
|
|
})
|
|
|
|
res.json(user.toJSON())
|
|
} else {
|
|
throw Errors.requestNotAuthorized
|
|
}
|
|
} catch (e) { next(e) }
|
|
})
|
|
|
|
router.put('/modify/:username', auth, async(req, res, next) => {
|
|
try {
|
|
let team = await Team.findOne({
|
|
where: {username: req.params.username}
|
|
});
|
|
let isAuthMem = await TeamMembers.findOne({
|
|
where: {UserId: req.userData.UserId, TeamId: team.id}
|
|
});
|
|
if(!isAuthMem) {
|
|
throw Errors.notInTeam
|
|
}
|
|
let isAuthRole = await TeamMemberRole.findOne({
|
|
where: {UserId: req.userData.UserId, TeamId: team.id}
|
|
})
|
|
let isAuth1 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.RoleId, administrator: true}
|
|
})
|
|
let isAuth2 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role2Id, administrator: true}
|
|
})
|
|
let isAuth3 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role3Id, administrator: true}
|
|
})
|
|
let isAuth4 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role4Id, administrator: true}
|
|
})
|
|
let isAuth5 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role5Id, administrator: true}
|
|
})
|
|
let isAuth6 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role6Id, administrator: true}
|
|
})
|
|
let isAuth7 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role7Id, administrator: true}
|
|
})
|
|
let isAuth8 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role8Id, administrator: true}
|
|
})
|
|
let isAuth9 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role9Id, administrator: true}
|
|
})
|
|
let isAuth10 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role10Id, administrator: true}
|
|
})
|
|
const allowArray = [
|
|
isAuth1,
|
|
isAuth2,
|
|
isAuth3,
|
|
isAuth4,
|
|
isAuth5,
|
|
isAuth6,
|
|
isAuth7,
|
|
isAuth8,
|
|
isAuth9,
|
|
isAuth10
|
|
]
|
|
let otherThanNull = allowArray.some(function (el) {
|
|
return el !== null;
|
|
});
|
|
if(!req.userData.username) {
|
|
throw Errors.requestNotAuthorized
|
|
}
|
|
await Ban.ReadOnlyMode(req.userData.UserId)
|
|
let user1 = await Team.findOne({ where: {
|
|
username: req.params.username
|
|
}})
|
|
let user2 = await User.findOne({ where: {
|
|
username: req.userData.username
|
|
}})
|
|
console.log(user1.OwnerId, user2.id)
|
|
if(otherThanNull) {
|
|
if(req.autosan.body.description !== undefined, req.autosan.body.name !== undefined) {
|
|
await Team.update({description: req.autosan.body.description, name: req.autosan.body.name}, {
|
|
where: {
|
|
username: req.params.username
|
|
}
|
|
})
|
|
res.status(200)
|
|
res.json({success: true})
|
|
} else if(req.autosan.body.userWallOptOut !== undefined) {
|
|
await Team.update({teamWallOptOut: req.autosan.body.userWallOptOut}, {
|
|
where: {
|
|
username: req.params.username
|
|
}
|
|
})
|
|
res.status(200)
|
|
res.json({success: true})
|
|
} else {
|
|
throw Errors.requestNotAuthorized
|
|
}
|
|
} else {
|
|
throw Errors.requestNotAuthorized
|
|
}
|
|
} catch (e) { next(e) }
|
|
})
|
|
|
|
router.post('/roles/create/:username', auth, async(req, res, next) => {
|
|
try {
|
|
let team = await Team.findOne({
|
|
where: {username: req.params.username}
|
|
});
|
|
let isAuthMem = await TeamMembers.findOne({
|
|
where: {UserId: req.userData.UserId, TeamId: team.id}
|
|
});
|
|
if(!isAuthMem) {
|
|
throw Errors.notInTeam
|
|
}
|
|
let isAuthRole = await TeamMemberRole.findOne({
|
|
where: {UserId: req.userData.UserId, TeamId: team.id}
|
|
})
|
|
let isAuth1 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.RoleId, administrator: true}
|
|
})
|
|
let isAuth2 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role2Id, administrator: true}
|
|
})
|
|
let isAuth3 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role3Id, administrator: true}
|
|
})
|
|
let isAuth4 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role4Id, administrator: true}
|
|
})
|
|
let isAuth5 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role5Id, administrator: true}
|
|
})
|
|
let isAuth6 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role6Id, administrator: true}
|
|
})
|
|
let isAuth7 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role7Id, administrator: true}
|
|
})
|
|
let isAuth8 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role8Id, administrator: true}
|
|
})
|
|
let isAuth9 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role9Id, administrator: true}
|
|
})
|
|
let isAuth10 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role10Id, administrator: true}
|
|
})
|
|
const allowArray = [
|
|
isAuth1,
|
|
isAuth2,
|
|
isAuth3,
|
|
isAuth4,
|
|
isAuth5,
|
|
isAuth6,
|
|
isAuth7,
|
|
isAuth8,
|
|
isAuth9,
|
|
isAuth10
|
|
]
|
|
let otherThanNull = allowArray.some(function (el) {
|
|
return el !== null;
|
|
});
|
|
if(team && otherThanNull) {
|
|
let queryObj3 = {
|
|
where: {userId: req.userData.UserId, teamId: team.id},
|
|
}
|
|
if(team.banned) {
|
|
res.status(200)
|
|
res.json({success: false})
|
|
}
|
|
let teamJoinTest = await TeamMembers.findOne(queryObj3)
|
|
if (teamJoinTest) {
|
|
let makeRole = {
|
|
name: req.body.name,
|
|
administrator: req.body.administrator,
|
|
inviteUsers: req.body.inviteUsers,
|
|
changeTeamMeta: req.body.changeTeamMeta,
|
|
forumAdministrator: req.body.forumAdministrator,
|
|
moderateForumThreads: req.body.moderateForumThreads,
|
|
changeTeamPrivacy: req.body.changeTeamPrivacy,
|
|
submitTeamItems: req.body.submitTeamItems,
|
|
priority: req.body.priority,
|
|
teamId: team.id
|
|
}
|
|
let teamCreate = await TeamRoles.create(makeRole)
|
|
res.status(200)
|
|
res.json(teamCreate.toJSON())
|
|
} else if (!teamJoinTest) {
|
|
res.status(400)
|
|
res.json({success: false})
|
|
}
|
|
} else {
|
|
throw Errors.teamDoesNotExist
|
|
}
|
|
} catch (e) { next(e) }
|
|
})
|
|
|
|
router.put('/roles/modify/:username/:id', auth, async(req, res, next) => {
|
|
try {
|
|
let team = await Team.findOne({
|
|
where: {username: req.params.username}
|
|
});
|
|
let isAuthMem = await TeamMembers.findOne({
|
|
where: {UserId: req.userData.UserId, TeamId: team.id}
|
|
});
|
|
if(!isAuthMem) {
|
|
throw Errors.notInTeam
|
|
}
|
|
let isAuthRole = await TeamMemberRole.findOne({
|
|
where: {UserId: req.userData.UserId, TeamId: team.id}
|
|
})
|
|
let isAuth1 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.RoleId, administrator: true}
|
|
})
|
|
let isAuth2 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role2Id, administrator: true}
|
|
})
|
|
let isAuth3 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role3Id, administrator: true}
|
|
})
|
|
let isAuth4 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role4Id, administrator: true}
|
|
})
|
|
let isAuth5 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role5Id, administrator: true}
|
|
})
|
|
let isAuth6 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role6Id, administrator: true}
|
|
})
|
|
let isAuth7 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role7Id, administrator: true}
|
|
})
|
|
let isAuth8 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role8Id, administrator: true}
|
|
})
|
|
let isAuth9 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role9Id, administrator: true}
|
|
})
|
|
let isAuth10 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role10Id, administrator: true}
|
|
})
|
|
const allowArray = [
|
|
isAuth1,
|
|
isAuth2,
|
|
isAuth3,
|
|
isAuth4,
|
|
isAuth5,
|
|
isAuth6,
|
|
isAuth7,
|
|
isAuth8,
|
|
isAuth9,
|
|
isAuth10
|
|
]
|
|
let otherThanNull = allowArray.some(function (el) {
|
|
return el !== null;
|
|
});
|
|
if(team && otherThanNull) {
|
|
let queryObj3 = {
|
|
where: {userId: req.userData.UserId, teamId: team.id},
|
|
}
|
|
if(team.banned) {
|
|
res.status(200)
|
|
res.json({success: false})
|
|
}
|
|
let teamJoinTest = await TeamMembers.findOne(queryObj3)
|
|
if (teamJoinTest) {
|
|
if(req.body.name) {
|
|
let find = await TeamRoles.findOne({
|
|
where: {
|
|
id: req.params.id,
|
|
teamId: team.id
|
|
}
|
|
})
|
|
if(find.name === 'Members') {
|
|
await TeamRoles.update({
|
|
priority: req.body.priority,
|
|
administrator: req.body.administrator,
|
|
inviteUsers: req.body.inviteUsers,
|
|
changeTeamMeta: req.body.changeTeamMeta,
|
|
forumAdministrator: req.body.forumAdministrator,
|
|
moderateForumThreads: req.body.moderateForumThreads,
|
|
changeTeamPrivacy: req.body.changeTeamPrivacy,
|
|
submitTeamItems: req.body.submitTeamItems,
|
|
}, {
|
|
where: {
|
|
id: req.params.id,
|
|
teamId: team.id
|
|
}
|
|
})
|
|
res.status(200)
|
|
res.json({success: true})
|
|
}
|
|
if(find.name === 'Administrators') {
|
|
await TeamRoles.update({
|
|
priority: req.body.priority,
|
|
administrator: req.body.administrator,
|
|
inviteUsers: req.body.inviteUsers,
|
|
changeTeamMeta: req.body.changeTeamMeta,
|
|
forumAdministrator: req.body.forumAdministrator,
|
|
moderateForumThreads: req.body.moderateForumThreads,
|
|
changeTeamPrivacy: req.body.changeTeamPrivacy,
|
|
submitTeamItems: req.body.submitTeamItems,
|
|
}, {
|
|
where: {
|
|
id: req.params.id,
|
|
teamId: team.id
|
|
}
|
|
})
|
|
res.status(200)
|
|
res.json({success: true})
|
|
}
|
|
|
|
if(find && find.name !== 'Administrators' && find.name !== 'Members') {
|
|
await TeamRoles.update({
|
|
priority: req.body.priority,
|
|
name: req.body.name,
|
|
administrator: req.body.administrator,
|
|
inviteUsers: req.body.inviteUsers,
|
|
changeTeamMeta: req.body.changeTeamMeta,
|
|
forumAdministrator: req.body.forumAdministrator,
|
|
moderateForumThreads: req.body.moderateForumThreads,
|
|
changeTeamPrivacy: req.body.changeTeamPrivacy,
|
|
submitTeamItems: req.body.submitTeamItems,
|
|
}, {
|
|
where: {
|
|
id: req.params.id,
|
|
teamId: team.id
|
|
}
|
|
})
|
|
res.status(200)
|
|
res.json({success: true})
|
|
} else {
|
|
res.status(400)
|
|
res.json({success: false})
|
|
}
|
|
} else if(req.body.priority && !req.body.name) {
|
|
let find = await TeamRoles.findOne({
|
|
where: {
|
|
id: req.params.id,
|
|
teamId: team.id
|
|
}
|
|
})
|
|
if(find) {
|
|
await TeamRoles.update({priority: req.body.priority}, {
|
|
where: {
|
|
id: req.params.id,
|
|
teamId: team.id
|
|
}
|
|
})
|
|
res.status(200)
|
|
res.json({success: true})
|
|
} else {
|
|
res.status(400)
|
|
res.json({success: false})
|
|
}
|
|
} else {
|
|
res.status(400)
|
|
res.json({success: false})
|
|
}
|
|
} else if (!teamJoinTest) {
|
|
res.status(400)
|
|
res.json({success: false})
|
|
}
|
|
} else {
|
|
throw Errors.teamDoesNotExist
|
|
}
|
|
} catch (e) { next(e) }
|
|
})
|
|
|
|
router.put('/roles/modify/:username', auth, async(req, res, next) => {
|
|
try {
|
|
let team = await Team.findOne({
|
|
where: {username: req.params.username}
|
|
});
|
|
let isAuthMem = await TeamMembers.findOne({
|
|
where: {UserId: req.userData.UserId, TeamId: team.id}
|
|
});
|
|
if(!isAuthMem) {
|
|
throw Errors.notInTeam
|
|
}
|
|
let isAuthRole = await TeamMemberRole.findOne({
|
|
where: {UserId: req.userData.UserId, TeamId: team.id}
|
|
})
|
|
let isAuth1 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.RoleId, administrator: true}
|
|
})
|
|
let isAuth2 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role2Id, administrator: true}
|
|
})
|
|
let isAuth3 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role3Id, administrator: true}
|
|
})
|
|
let isAuth4 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role4Id, administrator: true}
|
|
})
|
|
let isAuth5 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role5Id, administrator: true}
|
|
})
|
|
let isAuth6 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role6Id, administrator: true}
|
|
})
|
|
let isAuth7 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role7Id, administrator: true}
|
|
})
|
|
let isAuth8 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role8Id, administrator: true}
|
|
})
|
|
let isAuth9 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role9Id, administrator: true}
|
|
})
|
|
let isAuth10 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role10Id, administrator: true}
|
|
})
|
|
const allowArray = [
|
|
isAuth1,
|
|
isAuth2,
|
|
isAuth3,
|
|
isAuth4,
|
|
isAuth5,
|
|
isAuth6,
|
|
isAuth7,
|
|
isAuth8,
|
|
isAuth9,
|
|
isAuth10
|
|
]
|
|
let otherThanNull = allowArray.some(function (el) {
|
|
return el !== null;
|
|
});
|
|
if(team && otherThanNull) {
|
|
let queryObj3 = {
|
|
where: {userId: req.userData.UserId, teamId: team.id},
|
|
}
|
|
if(team.banned) {
|
|
res.status(200)
|
|
res.json({success: false})
|
|
}
|
|
let teamJoinTest = await TeamMembers.findOne(queryObj3)
|
|
if (teamJoinTest) {
|
|
let updateRoles = await TeamRoles.bulkCreate(req.body.roles, { updateOnDuplicate: ["id"] })
|
|
res.status(200)
|
|
res.json(updateRoles)
|
|
}
|
|
} else {
|
|
throw Errors.teamDoesNotExist
|
|
}
|
|
} catch (e) { next(e) }
|
|
})
|
|
|
|
router.put('/members/modify/:username/:id', auth, async(req, res, next) => {
|
|
try {
|
|
let team = await Team.findOne({
|
|
where: {username: req.params.username}
|
|
});
|
|
let userFind = await User.findOne({
|
|
where: {username: req.params.id}
|
|
})
|
|
let user = await TeamMemberRole.findOne({
|
|
where: {UserId: userFind.id}
|
|
});
|
|
let isAuthMem = await TeamMembers.findOne({
|
|
where: {UserId: req.userData.UserId, TeamId: team.id}
|
|
});
|
|
if(!isAuthMem) {
|
|
throw Errors.notInTeam
|
|
}
|
|
let isAuthRole = await TeamMemberRole.findOne({
|
|
where: {UserId: req.userData.UserId, TeamId: team.id}
|
|
})
|
|
let isAuth1 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.RoleId, administrator: true}
|
|
})
|
|
let isAuth2 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role2Id, administrator: true}
|
|
})
|
|
let isAuth3 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role3Id, administrator: true}
|
|
})
|
|
let isAuth4 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role4Id, administrator: true}
|
|
})
|
|
let isAuth5 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role5Id, administrator: true}
|
|
})
|
|
let isAuth6 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role6Id, administrator: true}
|
|
})
|
|
let isAuth7 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role7Id, administrator: true}
|
|
})
|
|
let isAuth8 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role8Id, administrator: true}
|
|
})
|
|
let isAuth9 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role9Id, administrator: true}
|
|
})
|
|
let isAuth10 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role10Id, administrator: true}
|
|
})
|
|
let isAuth11 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.RoleId, changeTeamRoles: true}
|
|
})
|
|
let isAuth12 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role2Id, changeTeamRoles: true}
|
|
})
|
|
let isAuth13 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role3Id, changeTeamRoles: true}
|
|
})
|
|
let isAuth14 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role4Id, changeTeamRoles: true}
|
|
})
|
|
let isAuth15 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role5Id, changeTeamRoles: true}
|
|
})
|
|
let isAuth16 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role6Id, changeTeamRoles: true}
|
|
})
|
|
let isAuth17 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role7Id, changeTeamRoles: true}
|
|
})
|
|
let isAuth18 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role8Id, changeTeamRoles: true}
|
|
})
|
|
let isAuth19 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role9Id, changeTeamRoles: true}
|
|
})
|
|
let isAuth20 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role10Id, changeTeamRoles: true}
|
|
})
|
|
const allowArray = [
|
|
isAuth1,
|
|
isAuth2,
|
|
isAuth3,
|
|
isAuth4,
|
|
isAuth5,
|
|
isAuth6,
|
|
isAuth7,
|
|
isAuth8,
|
|
isAuth9,
|
|
isAuth10,
|
|
isAuth11,
|
|
isAuth12,
|
|
isAuth13,
|
|
isAuth14,
|
|
isAuth15,
|
|
isAuth16,
|
|
isAuth17,
|
|
isAuth18,
|
|
isAuth19,
|
|
isAuth20
|
|
]
|
|
let otherThanNull = allowArray.some(function (el) {
|
|
return el !== null;
|
|
});
|
|
if(team && otherThanNull) {
|
|
let queryObj3 = {
|
|
where: {userId: req.userData.UserId, teamId: team.id},
|
|
}
|
|
if(team.banned) {
|
|
res.status(200)
|
|
res.json({success: false})
|
|
}
|
|
let teamJoinTest = await TeamMembers.findOne(queryObj3)
|
|
if (teamJoinTest) {
|
|
let isAuth1 = await TeamRoles.findOne({
|
|
where: {id: req.body.Role1Id, TeamId: team.id}
|
|
})
|
|
let isAuth2 = await TeamRoles.findOne({
|
|
where: {id: req.body.Role2Id, TeamId: team.id}
|
|
})
|
|
let isAuth3 = await TeamRoles.findOne({
|
|
where: {id: req.body.Role3Id, TeamId: team.id}
|
|
})
|
|
let isAuth4 = await TeamRoles.findOne({
|
|
where: {id: req.body.Role4Id, TeamId: team.id}
|
|
})
|
|
let isAuth5 = await TeamRoles.findOne({
|
|
where: {id: req.body.Role5Id, TeamId: team.id}
|
|
})
|
|
let isAuth6 = await TeamRoles.findOne({
|
|
where: {id: req.body.Role6Id, TeamId: team.id}
|
|
})
|
|
let isAuth7 = await TeamRoles.findOne({
|
|
where: {id: req.body.Role7Id, TeamId: team.id}
|
|
})
|
|
let isAuth8 = await TeamRoles.findOne({
|
|
where: {id: req.body.Role8Id, TeamId: team.id}
|
|
})
|
|
let isAuth9 = await TeamRoles.findOne({
|
|
where: {id: req.body.Role9Id, TeamId: team.id}
|
|
})
|
|
let isAuth10 = await TeamRoles.findOne({
|
|
where: {id: req.body.Role10Id, TeamId: team.id}
|
|
})
|
|
user.update({RoleId: isAuth1.id, Role2Id: isAuth2.id, Role3Id: isAuth3.id, Role4Id: isAuth4.id, Role5Id: isAuth5.id, Role6Id: isAuth6.id, Role7Id: isAuth7.id, Role8Id: isAuth8.id, Role9Id: isAuth9.id, Role10Id: isAuth10.id })
|
|
} else if (!teamJoinTest) {
|
|
res.status(400)
|
|
res.json({success: false})
|
|
}
|
|
} else {
|
|
throw Errors.teamDoesNotExist
|
|
}
|
|
} catch (e) { next(e) }
|
|
})
|
|
|
|
router.put('/:username/invites/create', auth, async(req, res, next) => {
|
|
try {
|
|
let team = await Team.findOne({
|
|
where: {username: req.params.username}
|
|
});
|
|
let isAuthMem = await TeamMembers.findOne({
|
|
where: {UserId: req.userData.UserId, TeamId: team.id}
|
|
});
|
|
if(!isAuthMem) {
|
|
throw Errors.notInTeam
|
|
}
|
|
let isAuthRole = await TeamMemberRole.findOne({
|
|
where: {UserId: req.userData.UserId, TeamId: team.id}
|
|
})
|
|
let isAuth1 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.RoleId, inviteUsers: true}
|
|
})
|
|
let isAuth2 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role2Id, inviteUsers: true}
|
|
})
|
|
let isAuth3 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role3Id, inviteUsers: true}
|
|
})
|
|
let isAuth4 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role4Id, inviteUsers: true}
|
|
})
|
|
let isAuth5 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role5Id, inviteUsers: true}
|
|
})
|
|
let isAuth6 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role6Id, inviteUsers: true}
|
|
})
|
|
let isAuth7 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role7Id, inviteUsers: true}
|
|
})
|
|
let isAuth8 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role8Id, inviteUsers: true}
|
|
})
|
|
let isAuth9 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role9Id, inviteUsers: true}
|
|
})
|
|
let isAuth10 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role10Id, inviteUsers: true}
|
|
})
|
|
const allowArray = [
|
|
isAuth1,
|
|
isAuth2,
|
|
isAuth3,
|
|
isAuth4,
|
|
isAuth5,
|
|
isAuth6,
|
|
isAuth7,
|
|
isAuth8,
|
|
isAuth9,
|
|
isAuth10
|
|
]
|
|
let otherThanNull = allowArray.some(function (el) {
|
|
return el !== null;
|
|
});
|
|
if(team && otherThanNull) {
|
|
let isAuthMem = await TeamMembers.findOne({
|
|
where: {UserId: req.userData.UserId, TeamId: team.id}
|
|
});
|
|
if(!isAuthMem) {
|
|
throw Errors.notInTeam
|
|
}
|
|
let isAuthRole = await TeamMemberRole.findOne({
|
|
where: {UserId: req.userData.UserId, TeamId: team.id}
|
|
})
|
|
let isAuth1 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.RoleId, administrator: true}
|
|
})
|
|
let isAuth2 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role2Id, administrator: true}
|
|
})
|
|
let isAuth3 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role3Id, administrator: true}
|
|
})
|
|
let isAuth4 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role4Id, administrator: true}
|
|
})
|
|
let isAuth5 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role5Id, administrator: true}
|
|
})
|
|
let isAuth6 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role6Id, administrator: true}
|
|
})
|
|
let isAuth7 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role7Id, administrator: true}
|
|
})
|
|
let isAuth8 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role8Id, administrator: true}
|
|
})
|
|
let isAuth9 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role9Id, administrator: true}
|
|
})
|
|
let isAuth10 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role10Id, administrator: true}
|
|
})
|
|
const allowArray = [
|
|
isAuth1,
|
|
isAuth2,
|
|
isAuth3,
|
|
isAuth4,
|
|
isAuth5,
|
|
isAuth6,
|
|
isAuth7,
|
|
isAuth8,
|
|
isAuth9,
|
|
isAuth10
|
|
]
|
|
let otherThanNullAdmin = allowArray.some(function (el) {
|
|
return el !== null;
|
|
});
|
|
if(otherThanNullAdmin) {
|
|
let create = await TeamInvite.create({
|
|
maxUses: req.body.maxUses,
|
|
RoleId: req.body.RoleId,
|
|
TeamId: team.id,
|
|
UserId: req.userData.UserId,
|
|
code: cryptoRandomString({length:8, type: "alphanumeric"})
|
|
})
|
|
let createJSON = create.toJSON()
|
|
res.status(200)
|
|
res.json(createJSON)
|
|
} else {
|
|
let create = await TeamInvite.create({
|
|
maxUses: req.body.maxUses,
|
|
TeamId: team.id,
|
|
UserId: req.userData.UserId,
|
|
code: cryptoRandomString({length:8, type: "alphanumeric"})
|
|
})
|
|
let createJSON = create.toJSON()
|
|
res.status(200)
|
|
res.json(createJSON)
|
|
}
|
|
} else {
|
|
throw Errors.inviteDenied
|
|
}
|
|
} catch (e) { next(e) }
|
|
})
|
|
|
|
router.get('/:username/invites/list', auth, async(req, res, next) => {
|
|
try {
|
|
let team = await Team.findOne({
|
|
where: {username: req.params.username}
|
|
});
|
|
let isAuthMem = await TeamMembers.findOne({
|
|
where: {UserId: req.userData.UserId, TeamId: team.id}
|
|
});
|
|
if(!isAuthMem) {
|
|
throw Errors.notInTeam
|
|
}
|
|
let isAuthRole = await TeamMemberRole.findOne({
|
|
where: {UserId: req.userData.UserId, TeamId: team.id}
|
|
})
|
|
let isAuth1 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.RoleId, administrator: true}
|
|
})
|
|
let isAuth2 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role2Id, administrator: true}
|
|
})
|
|
let isAuth3 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role3Id, administrator: true}
|
|
})
|
|
let isAuth4 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role4Id, administrator: true}
|
|
})
|
|
let isAuth5 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role5Id, administrator: true}
|
|
})
|
|
let isAuth6 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role6Id, administrator: true}
|
|
})
|
|
let isAuth7 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role7Id, administrator: true}
|
|
})
|
|
let isAuth8 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role8Id, administrator: true}
|
|
})
|
|
let isAuth9 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role9Id, administrator: true}
|
|
})
|
|
let isAuth10 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role10Id, administrator: true}
|
|
})
|
|
const allowArray = [
|
|
isAuth1,
|
|
isAuth2,
|
|
isAuth3,
|
|
isAuth4,
|
|
isAuth5,
|
|
isAuth6,
|
|
isAuth7,
|
|
isAuth8,
|
|
isAuth9,
|
|
isAuth10
|
|
]
|
|
let otherThanNull = allowArray.some(function (el) {
|
|
return el !== null;
|
|
});
|
|
if(team && otherThanNull) {
|
|
let roles = await TeamInvite.findAll({
|
|
where: {
|
|
TeamId: team.id
|
|
},
|
|
include: { model: User, attributes: ['username', 'createdAt', 'id', 'color', 'picture', 'locked', 'admin', 'booster', 'executive', 'bot'] },
|
|
})
|
|
res.status(200)
|
|
res.json(roles)
|
|
} else {
|
|
throw Errors.teamDoesNotExist
|
|
}
|
|
} catch (e) { next(e) }
|
|
})
|
|
|
|
router.delete('/:username/invites/delete/:code', auth, async(req, res, next) => {
|
|
try {
|
|
let team = await Team.findOne({
|
|
where: {username: req.params.username}
|
|
});
|
|
let isAuthMem = await TeamMembers.findOne({
|
|
where: {UserId: req.userData.UserId, TeamId: team.id}
|
|
});
|
|
if(!isAuthMem) {
|
|
throw Errors.notInTeam
|
|
}
|
|
let isAuthRole = await TeamMemberRole.findOne({
|
|
where: {UserId: req.userData.UserId, TeamId: team.id}
|
|
})
|
|
let isAuth1 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.RoleId, administrator: true}
|
|
})
|
|
let isAuth2 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role2Id, administrator: true}
|
|
})
|
|
let isAuth3 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role3Id, administrator: true}
|
|
})
|
|
let isAuth4 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role4Id, administrator: true}
|
|
})
|
|
let isAuth5 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role5Id, administrator: true}
|
|
})
|
|
let isAuth6 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role6Id, administrator: true}
|
|
})
|
|
let isAuth7 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role7Id, administrator: true}
|
|
})
|
|
let isAuth8 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role8Id, administrator: true}
|
|
})
|
|
let isAuth9 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role9Id, administrator: true}
|
|
})
|
|
let isAuth10 = await TeamRoles.findOne({
|
|
where: {id: isAuthRole.Role10Id, administrator: true}
|
|
})
|
|
const allowArray = [
|
|
isAuth1,
|
|
isAuth2,
|
|
isAuth3,
|
|
isAuth4,
|
|
isAuth5,
|
|
isAuth6,
|
|
isAuth7,
|
|
isAuth8,
|
|
isAuth9,
|
|
isAuth10
|
|
]
|
|
let otherThanNull = allowArray.some(function (el) {
|
|
return el !== null;
|
|
});
|
|
if(team && otherThanNull) {
|
|
let code = await TeamInvite.findOne({
|
|
where: {code: req.params.code, TeamId: team.id}
|
|
});
|
|
if(code) {
|
|
await code.killInvite(req.params.code)
|
|
res.status(200)
|
|
res.json({success: true})
|
|
} else {
|
|
throw Errors.inviteInvalid
|
|
}
|
|
} else {
|
|
throw Errors.teamDoesNotExist
|
|
}
|
|
} catch (e) { next(e) }
|
|
})
|
|
|
|
module.exports = router; |