Merge pull request #112 from topcoder-platform/dev

Promoting changes to production for connect release 2.4.3

Author: vikasrohit

migrations/20180608_project_add_templateId_and_new_tables.sql

@@ -139,8 +139,8 @@ CREATE TABLE product_templates (
     details character varying(255) NOT NULL,
     aliases json NOT NULL,
     template json NOT NULL,
-    disabled: boolean DEFAULT false,
-    hidden: boolean DEFAULT false,
+    "hidden" boolean DEFAULT false,
+    "disabled" boolean DEFAULT false,
     "deletedAt" timestamp with time zone,
     "createdAt" timestamp with time zone,
     "updatedAt" timestamp with time zone,
@@ -206,8 +206,8 @@ CREATE TABLE project_templates (
     aliases json NOT NULL,
     scope json NOT NULL,
     phases json NOT NULL,
-    disabled: boolean DEFAULT false,
-    hidden: boolean DEFAULT false,
+    "disabled" boolean DEFAULT false,
+    "hidden" boolean DEFAULT false,
     "deletedAt" timestamp with time zone,
     "createdAt" timestamp with time zone,
     "updatedAt" timestamp with time zone,

migrations/20180704_project_types_extension.sql

@@ -0,0 +1,30 @@
+--
+-- UPDATE EXISTING TABLES:
+--   project_types
+--     icon column: added
+--     info column: added
+--     question column: added
+--     aliases column: added
+--
+
+--
+-- project_types
+--
+ALTER TABLE project_types ADD COLUMN "icon" character varying(255);
+UPDATE project_types set icon='product-cat-app' where icon is null;
+ALTER TABLE project_types ALTER COLUMN "icon" SET NOT NULL;
+
+ALTER TABLE project_types ADD COLUMN "info" character varying(255);
+UPDATE project_types set info="displayName" where info is null;
+ALTER TABLE project_types ALTER COLUMN "info" SET NOT NULL;
+
+ALTER TABLE project_types ADD COLUMN "question" character varying(255);
+UPDATE project_types set question='What do you want to develop?' where question is null;
+ALTER TABLE project_types ALTER COLUMN "question" SET NOT NULL;
+
+ALTER TABLE project_types ADD COLUMN "aliases" json;
+UPDATE project_types set aliases='{}' where aliases is null;
+ALTER TABLE project_types ALTER COLUMN "aliases" SET NOT NULL;
+
+ALTER TABLE project_types ADD COLUMN "hidden" boolean DEFAULT false;
+ALTER TABLE project_types ADD COLUMN "disabled" boolean DEFAULT false;

package-lock.json

@@ -53,6 +53,7 @@
     "jsonwebtoken": "^8.3.0",
     "lodash": "^4.16.4",
     "method-override": "^2.3.9",
+    "moment": "^2.22.2",
     "pg": "^4.5.5",
     "pg-native": "^1.10.1",
     "sequelize": "^3.23.0",

package.json

@@ -155,11 +155,11 @@ module.exports = function defineProject(sequelize, DataTypes) {
               .then(projects => ({ rows: projects, count }));
           });
       },
-      findProjectRange(models, startId, endId, fields) {
+      findProjectRange(models, startId, endId, fields, raw = true) {
         return this.findAll({
           where: { id: { $between: [startId, endId] } },
           attributes: _.get(fields, 'projects', null),
-          raw: true,
+          raw,
           include: [{
             model: models.ProjectPhase,
             as: 'phases',

src/models/project.js

@@ -4,6 +4,12 @@ module.exports = function definePhaseProduct(sequelize, DataTypes) {
   const ProjectType = sequelize.define('ProjectType', {
     key: { type: DataTypes.STRING(45), primaryKey: true },
     displayName: { type: DataTypes.STRING(255), allowNull: false },
+    icon: { type: DataTypes.STRING(255), allowNull: false },
+    question: { type: DataTypes.STRING(255), allowNull: false },
+    info: { type: DataTypes.STRING(255), allowNull: false },
+    aliases: { type: DataTypes.JSON, allowNull: false },
+    disabled: { type: DataTypes.BOOLEAN, defaultValue: false },
+    hidden: { type: DataTypes.BOOLEAN, defaultValue: false },
 
     deletedAt: { type: DataTypes.DATE, allowNull: true },
     createdAt: { type: DataTypes.DATE, defaultValue: DataTypes.NOW },

src/models/projectType.js

@@ -6,7 +6,7 @@ const projectEdit = require('./project.edit');
 const projectDelete = require('./project.delete');
 const projectMemberDelete = require('./projectMember.delete');
 const projectAdmin = require('./admin.ops');
-const connectManagerOrAdmin = require('./connectManagerOrAdmin.ops');
+// const connectManagerOrAdmin = require('./connectManagerOrAdmin.ops');
 const copilotAndAbove = require('./copilotAndAbove');
 
 module.exports = () => {
@@ -26,14 +26,14 @@ module.exports = () => {
   Authorizer.setPolicy('project.updateMember', projectEdit);
   Authorizer.setPolicy('project.admin', projectAdmin);
 
-  Authorizer.setPolicy('projectTemplate.create', connectManagerOrAdmin);
-  Authorizer.setPolicy('projectTemplate.edit', connectManagerOrAdmin);
-  Authorizer.setPolicy('projectTemplate.delete', connectManagerOrAdmin);
+  Authorizer.setPolicy('projectTemplate.create', projectAdmin);
+  Authorizer.setPolicy('projectTemplate.edit', projectAdmin);
+  Authorizer.setPolicy('projectTemplate.delete', projectAdmin);
   Authorizer.setPolicy('projectTemplate.view', true);
 
-  Authorizer.setPolicy('productTemplate.create', connectManagerOrAdmin);
-  Authorizer.setPolicy('productTemplate.edit', connectManagerOrAdmin);
-  Authorizer.setPolicy('productTemplate.delete', connectManagerOrAdmin);
+  Authorizer.setPolicy('productTemplate.create', projectAdmin);
+  Authorizer.setPolicy('productTemplate.edit', projectAdmin);
+  Authorizer.setPolicy('productTemplate.delete', projectAdmin);
   Authorizer.setPolicy('productTemplate.view', true);
 
   Authorizer.setPolicy('project.addProjectPhase', copilotAndAbove);

src/permissions/index.js

@@ -2,7 +2,7 @@
 import _ from 'lodash';
 import util from '../util';
 import models from '../models';
-import { USER_ROLE } from '../constants';
+import { USER_ROLE, PROJECT_STATUS, PROJECT_MEMBER_ROLE } from '../constants';
 
 /**
  * Super admin, Topcoder Managers are allowed to view any projects
@@ -37,8 +37,37 @@ module.exports = freq => new Promise((resolve, reject) => {
       })
       .then((hasAccess) => {
         if (!hasAccess) {
+          let errorMessage = 'You do not have permissions to perform this action';
+          // customize error message for copilots
+          if (util.hasRole(freq, USER_ROLE.COPILOT)) {
+            if (_.findIndex(freq.context.currentProjectMembers, m => m.role === PROJECT_MEMBER_ROLE.COPILOT) >= 0) {
+              errorMessage = 'Copilot: Project is already claimed by another copilot';
+              return Promise.resolve(errorMessage);
+            }
+            return models.Project
+                .find({
+                  where: { id: projectId },
+                  attributes: ['status'],
+                  raw: true,
+                })
+                .then((project) => {
+                  if (!project || [PROJECT_STATUS.DRAFT, PROJECT_STATUS.IN_REVIEW].indexOf(project.status) >= 0) {
+                    errorMessage = 'Copilot: Project is not yet available to copilots';
+                  } else {
+                    // project status is 'active' or higher so it's not available to copilots
+                    errorMessage = 'Copilot: Project has already started';
+                  }
+                  return Promise.resolve(errorMessage);
+                });
+          }
+            // user is not an admin nor is a registered project member
+          return Promise.resolve(errorMessage);
+        }
+        return Promise.resolve(null);
+      }).then((errorMessage) => {
+        if (errorMessage) {
           // user is not an admin nor is a registered project member
-          return reject(new Error('You do not have permissions to perform this action'));
+          return reject(new Error(errorMessage));
         }
         return resolve(true);
       });

src/permissions/project.view.js

@@ -50,13 +50,14 @@ module.exports = [
     });
 
     const eClient = util.getElasticSearchClient();
-    return models.Project.findProjectRange(models, projectIdStart, projectIdEnd, fields)
+    return models.Project.findProjectRange(models, projectIdStart, projectIdEnd, fields, false)
     .then((_projects) => {
       const projects = _projects.map((_project) => {
         const project = _project;
         if (!project) {
           return Promise.resolve(null);
         }
+        logger.debug('phases', project.phases);
         if (project.phases) {
           // removs the delete audit fields from the index data
           project.phases = project.phases.map(phase => _.omit(phase, ['deletedAt', 'deletedBy']));