Merge pull request #447 from gets0ul/connect-app_issue_3423

Fix for connect-app issue 3423

Author: maxceem

src/routes/projectMembers/create.js

@@ -38,8 +38,8 @@ module.exports = [
       targetRole = _.get(req, 'body.role');
 
       if (PROJECT_MEMBER_ROLE.MANAGER === targetRole &&
-        !util.hasRoles(req, [USER_ROLE.MANAGER])) {
-        const err = new Error(`Only manager is able to join as ${targetRole}`);
+        !util.hasRoles(req, [USER_ROLE.TOPCODER_ADMIN, USER_ROLE.CONNECT_ADMIN, USER_ROLE.MANAGER])) {
+        const err = new Error(`Only admin or manager is able to join as ${targetRole}`);
         err.status = 401;
         return next(err);
       }
@@ -96,7 +96,7 @@ module.exports = [
         err.status = 401;
         return next(err);
       }
-    } else if (util.hasRoles(req, [USER_ROLE.MANAGER, USER_ROLE.CONNECT_ADMIN])) {
+    } else if (util.hasRoles(req, [USER_ROLE.MANAGER, USER_ROLE.CONNECT_ADMIN, USER_ROLE.TOPCODER_ADMIN])) {
       targetRole = PROJECT_MEMBER_ROLE.MANAGER;
     } else if (util.hasRoles(req, [
       USER_ROLE.TOPCODER_ACCOUNT_MANAGER,

src/routes/projectMembers/create.spec.js

@@ -9,7 +9,14 @@ import util from '../../util';
 import server from '../../app';
 import testUtil from '../../tests/util';
 import busApi from '../../services/busApi';
-import { USER_ROLE, BUS_API_EVENT, RESOURCES, CONNECT_NOTIFICATION_EVENT, INVITE_STATUS } from '../../constants';
+import {
+  USER_ROLE,
+  BUS_API_EVENT,
+  RESOURCES,
+  CONNECT_NOTIFICATION_EVENT,
+  INVITE_STATUS,
+  PROJECT_MEMBER_ROLE,
+} from '../../constants';
 
 const should = chai.should();
 
@@ -201,6 +208,69 @@ describe('Project Members create', () => {
         });
     });
 
+    it('should return 201 and register admin as manager', (done) => {
+      const mockHttpClient = _.merge(testUtil.mockHttpClient, {
+        get: () => Promise.resolve({
+          status: 200,
+          data: {
+            id: 'requesterId',
+            version: 'v3',
+            result: {
+              success: true,
+              status: 200,
+              content: [{
+                roleName: USER_ROLE.TOPCODER_ADMIN,
+              }],
+            },
+          },
+        }),
+      });
+      sandbox.stub(util, 'getHttpClient', () => mockHttpClient);
+      request(server)
+        .post(`/v5/projects/${project1.id}/members/`)
+        .set({
+          Authorization: `Bearer ${testUtil.jwts.admin}`,
+        })
+        .expect('Content-Type', /json/)
+        .expect(201)
+        .end((err, res) => {
+          if (err) {
+            done(err);
+          } else {
+            const resJson = res.body;
+            should.exist(resJson);
+            resJson.role.should.equal('manager');
+            resJson.isPrimary.should.be.truthy;
+            resJson.projectId.should.equal(project1.id);
+            resJson.userId.should.equal(40051333);
+            server.services.pubsub.publish.calledWith('project.member.added').should.be.true;
+            done();
+          }
+        });
+    });
+
+    it('should return 401 if register admin as role other than manager (copilot) ', (done) => {
+      request(server)
+        .post(`/v5/projects/${project1.id}/members/`)
+        .set({
+          Authorization: `Bearer ${testUtil.jwts.admin}`,
+        })
+        .send({ role: PROJECT_MEMBER_ROLE.COPILOT })
+        .expect('Content-Type', /json/)
+        .expect(401, done);
+    });
+
+    it('should return 401 if register admin as role other than manager (project manager) ', (done) => {
+      request(server)
+        .post(`/v5/projects/${project1.id}/members/`)
+        .set({
+          Authorization: `Bearer ${testUtil.jwts.admin}`,
+        })
+        .send({ role: PROJECT_MEMBER_ROLE.PROJECT_MANAGER })
+        .expect('Content-Type', /json/)
+        .expect(401, done);
+    });
+
     describe('Bus api', () => {
       let createEventSpy;