Merge branch 'develop' into connect-performance-testing

Author: codejamtc

docs/permissions.html

@@ -259,6 +259,37 @@ <h2 class="anchor-container">
               </div>
             </div>
           </div>
+          <div class="row border-top">
+            <div class="col py-2">
+              <div class="permission-title anchor-container">
+                <a href="#UPDATE_PROJECT_STATUS" name="UPDATE_PROJECT_STATUS" class="anchor"></a>Update Project Status
+              </div>
+              <div class="permission-variable"><small><code>UPDATE_PROJECT_STATUS</code></small></div>
+              <div class="text-black-50 small-text"></div>
+            </div>
+            <div class="col-9 py-2">
+              <div>
+                    <span class="badge badge-primary" title="Allowed Project Role">manager</span>
+                    <span class="badge badge-primary" title="Allowed Project Role">account_manager</span>
+                    <span class="badge badge-primary" title="Allowed Project Role">program_manager</span>
+                    <span class="badge badge-primary" title="Allowed Project Role">account_executive</span>
+                    <span class="badge badge-primary" title="Allowed Project Role">solution_architect</span>
+                    <span class="badge badge-primary" title="Allowed Project Role">project_manager</span>
+                    <span class="badge badge-primary" title="Allowed Project Role">copilot</span>
+              </div>
+
+              <div>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Connect Admin</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">administrator</span>
+              </div>
+
+              <div>
+                  <span class="badge badge-dark" title="Allowed Topcoder Role">all:connect_project</span>
+                  <span class="badge badge-dark" title="Allowed Topcoder Role">all:projects</span>
+                  <span class="badge badge-dark" title="Allowed Topcoder Role">write:projects</span>
+              </div>
+            </div>
+          </div>
           <div class="row border-top">
             <div class="col py-2">
               <div class="permission-title anchor-container">

src/events/projects/index.js

@@ -187,7 +187,8 @@ async function projectCreatedKafkaHandler(app, topic, payload) {
     await Promise.all(topicPromises);
     app.logger.debug('Topics for phases are successfully created.');
   }
-  if (project.type === 'talent-as-a-service') {
+  // TODO: temporary disable this feature, until we release TaaS APP
+  if (false === true && project.type === 'talent-as-a-service') {
     const specialists = _.get(project, 'details.taasDefinition.specialists');
     if (!specialists || !specialists.length) {
       app.logger.debug(`no specialists found in the project ${project.id}`);

src/permissions/constants.js

@@ -195,6 +195,19 @@ export const PERMISSION = { // eslint-disable-line import/prefer-default-export
     scopes: SCOPES_PROJECTS_WRITE,
   },
 
+  UPDATE_PROJECT_STATUS: {
+    meta: {
+      title: 'Update Project Status',
+      group: 'Project',
+    },
+    topcoderRoles: TOPCODER_ROLES_ADMINS,
+    projectRoles: [
+      ...PROJECT_ROLES_MANAGEMENT,
+      PROJECT_MEMBER_ROLE.COPILOT,
+    ],
+    scopes: SCOPES_PROJECTS_WRITE,
+  },
+
   MANAGE_PROJECT_DIRECT_PROJECT_ID: {
     meta: {
       title: 'Manage Project property "directProjectId"',

src/routes/milestones/commonHelper.js

@@ -23,11 +23,6 @@ async function createMilestone(authUser, timeline, data, transaction) {
   // eslint-disable-next-line
   const userId = authUser.userId;
   const entity = Object.assign({}, data, { createdBy: userId, updatedBy: userId, timelineId: timeline.id });
-  if (entity.startDate < timeline.startDate) {
-    const apiErr = new Error('Milestone startDate must not be before the timeline startDate');
-    apiErr.status = 400;
-    throw apiErr;
-  }
   // Circumvent postgresql duplicate key error, see https://stackoverflow.com/questions/50834623/sequelizejs-error-duplicate-key-value-violates-unique-constraint-message-pkey
   await models.sequelize.query('SELECT setval(\'milestones_id_seq\', (SELECT MAX(id) FROM "milestones"))',
     { raw: true, transaction });
@@ -55,7 +50,7 @@ async function deleteMilestone(authUser, timelineId, id, transaction, item) {
   }
   await milestone.update({ deletedBy: authUser.userId }, { transaction });
   await milestone.destroy({ transaction });
-  return { id };
+  return { id, timelineId };
 }
 
 /**
@@ -123,7 +118,6 @@ async function updateMilestone(authUser, timelineId, data, transaction, item) {
   const isUpdatedActualStartDate = milestone.actualStartDate && entityToUpdate.actualStartDate
     && !moment(milestone.actualStartDate).isSame(entityToUpdate.actualStartDate);
 
-
   if (
     (isUpdatedCompletionDate || isUpdatedActualStartDate)
     && !util.hasPermission({ topcoderRoles: ADMIN_ROLES }, authUser)

src/routes/milestones/create.spec.js

@@ -344,21 +344,6 @@ describe('CREATE milestone', () => {
         .expect(400, done);
     });
 
-    it('should return 400 if startDate is before the timeline startDate', (done) => {
-      const invalidBody = _.assign({}, body, {
-        startDate: '2018-05-01T00:00:00.000Z',
-      });
-
-      request(server)
-        .post('/v5/timelines/1/milestones')
-        .set({
-          Authorization: `Bearer ${testUtil.jwts.admin}`,
-        })
-        .send(invalidBody)
-        .expect('Content-Type', /json/)
-        .expect(400, done);
-    });
-
     it('should return 400 if invalid timelineId param', (done) => {
       request(server)
         .post('/v5/timelines/0/milestones')

src/routes/projects/update.js

@@ -7,7 +7,6 @@ import {
 import models from '../../models';
 import {
   PROJECT_STATUS,
-  PROJECT_MEMBER_ROLE,
   EVENT,
   RESOURCES,
   REGEX,
@@ -224,23 +223,14 @@ module.exports = [
           });
           return Promise.reject(err);
         }
-        // Only project manager (user with manager role assigned) or topcoder
-        // admin should be allowed to transition project status to 'active'.
-        const members = req.context.currentProjectMembers;
-        const validRoles = [
-          PROJECT_MEMBER_ROLE.MANAGER,
-          PROJECT_MEMBER_ROLE.PROGRAM_MANAGER,
-          PROJECT_MEMBER_ROLE.PROJECT_MANAGER,
-          PROJECT_MEMBER_ROLE.SOLUTION_ARCHITECT,
-        ].map(x => x.toLowerCase());
-        const matchRole = role => _.indexOf(validRoles, role.toLowerCase()) >= 0;
-        if (updatedProps.status === PROJECT_STATUS.ACTIVE &&
-          !util.hasAdminRole(req) &&
-          _.isUndefined(_.find(members,
-            m => m.userId === req.authUser.userId && matchRole(m.role)))
+
+        // check if user has permissions to update project status
+        if (
+          updatedProps.status &&
+          updatedProps.status !== project.status &&
+          !util.hasPermissionByReq(PERMISSION.UPDATE_PROJECT_STATUS, req)
         ) {
-          const err = new Error('Only assigned topcoder-managers or topcoder admins should be allowed ' +
-            'to launch a project');
+          const err = new Error('You are not allowed to update project status.');
           err.status = 403;
           return Promise.reject(err);
         }

src/routes/projects/update.spec.js

@@ -148,28 +148,6 @@ describe('Project', () => {
         });
     });
 
-    it('should return 403 if invalid user will update a project', (done) => {
-      request(server)
-        .patch(`/v5/projects/${project1.id}`)
-        .set({
-          Authorization: `Bearer ${testUtil.jwts.copilot}`,
-        })
-        .send({
-          status: 'active',
-        })
-        .expect('Content-Type', /json/)
-        .expect(403)
-        .end((err, res) => {
-          if (err) {
-            done(err);
-          } else {
-            res.body.message.should.equal('Only assigned topcoder-managers or topcoder admins' +
-              ' should be allowed to launch a project');
-            done();
-          }
-        });
-    });
-
     it('should return 200 if topcoder manager user will update a project', (done) => {
       request(server)
         .patch(`/v5/projects/${project1.id}`)
@@ -495,43 +473,6 @@ describe('Project', () => {
         });
     });
 
-    it('should return 403, copilot is not allowed to transition project out of cancel status', (done) => {
-      models.Project.update({
-        status: PROJECT_STATUS.CANCELLED,
-      }, {
-        where: {
-          id: project1.id,
-        },
-      })
-        .then(() => {
-          const mbody = {
-            name: 'updatedProject name',
-            status: PROJECT_STATUS.ACTIVE,
-
-          };
-          request(server)
-            .patch(`/v5/projects/${project1.id}`)
-            .set({
-              Authorization: `Bearer ${testUtil.jwts.copilot}`,
-            })
-            .send(mbody)
-            .expect('Content-Type', /json/)
-            .expect(403)
-            .end((err, res) => {
-              if (err) {
-                done(err);
-              } else {
-                res
-                  .body
-                  .message
-                  .should
-                  .equal('Only assigned topcoder-managers or topcoder admins should be allowed to launch a project');
-                done();
-              }
-            });
-        });
-    });
-
     it('should return 200 and project history should not be updated', (done) => {
       request(server)
         .patch(`/v5/projects/${project1.id}`)