diff --git a/src/routes/projectMembers/create.js b/src/routes/projectMembers/create.js index cb72ebc7..6b69fe4f 100644 --- a/src/routes/projectMembers/create.js +++ b/src/routes/projectMembers/create.js @@ -38,8 +38,8 @@ module.exports = [ targetRole = _.get(req, 'body.role'); if (PROJECT_MEMBER_ROLE.MANAGER === targetRole && - !util.hasRoles(req, [USER_ROLE.MANAGER])) { - const err = new Error(`Only manager is able to join as ${targetRole}`); + !util.hasRoles(req, [USER_ROLE.TOPCODER_ADMIN, USER_ROLE.CONNECT_ADMIN, USER_ROLE.MANAGER])) { + const err = new Error(`Only admin or manager is able to join as ${targetRole}`); err.status = 401; return next(err); } @@ -96,7 +96,7 @@ module.exports = [ err.status = 401; return next(err); } - } else if (util.hasRoles(req, [USER_ROLE.MANAGER, USER_ROLE.CONNECT_ADMIN])) { + } else if (util.hasRoles(req, [USER_ROLE.MANAGER, USER_ROLE.CONNECT_ADMIN, USER_ROLE.TOPCODER_ADMIN])) { targetRole = PROJECT_MEMBER_ROLE.MANAGER; } else if (util.hasRoles(req, [ USER_ROLE.TOPCODER_ACCOUNT_MANAGER, diff --git a/src/routes/projectMembers/create.spec.js b/src/routes/projectMembers/create.spec.js index 7e193990..75a0c234 100644 --- a/src/routes/projectMembers/create.spec.js +++ b/src/routes/projectMembers/create.spec.js @@ -9,7 +9,14 @@ import util from '../../util'; import server from '../../app'; import testUtil from '../../tests/util'; import busApi from '../../services/busApi'; -import { USER_ROLE, BUS_API_EVENT, RESOURCES, CONNECT_NOTIFICATION_EVENT, INVITE_STATUS } from '../../constants'; +import { + USER_ROLE, + BUS_API_EVENT, + RESOURCES, + CONNECT_NOTIFICATION_EVENT, + INVITE_STATUS, + PROJECT_MEMBER_ROLE, +} from '../../constants'; const should = chai.should(); @@ -201,6 +208,69 @@ describe('Project Members create', () => { }); }); + it('should return 201 and register admin as manager', (done) => { + const mockHttpClient = _.merge(testUtil.mockHttpClient, { + get: () => Promise.resolve({ + status: 200, + data: { + id: 'requesterId', + version: 'v3', + result: { + success: true, + status: 200, + content: [{ + roleName: USER_ROLE.TOPCODER_ADMIN, + }], + }, + }, + }), + }); + sandbox.stub(util, 'getHttpClient', () => mockHttpClient); + request(server) + .post(`/v5/projects/${project1.id}/members/`) + .set({ + Authorization: `Bearer ${testUtil.jwts.admin}`, + }) + .expect('Content-Type', /json/) + .expect(201) + .end((err, res) => { + if (err) { + done(err); + } else { + const resJson = res.body; + should.exist(resJson); + resJson.role.should.equal('manager'); + resJson.isPrimary.should.be.truthy; + resJson.projectId.should.equal(project1.id); + resJson.userId.should.equal(40051333); + server.services.pubsub.publish.calledWith('project.member.added').should.be.true; + done(); + } + }); + }); + + it('should return 401 if register admin as role other than manager (copilot) ', (done) => { + request(server) + .post(`/v5/projects/${project1.id}/members/`) + .set({ + Authorization: `Bearer ${testUtil.jwts.admin}`, + }) + .send({ role: PROJECT_MEMBER_ROLE.COPILOT }) + .expect('Content-Type', /json/) + .expect(401, done); + }); + + it('should return 401 if register admin as role other than manager (project manager) ', (done) => { + request(server) + .post(`/v5/projects/${project1.id}/members/`) + .set({ + Authorization: `Bearer ${testUtil.jwts.admin}`, + }) + .send({ role: PROJECT_MEMBER_ROLE.PROJECT_MANAGER }) + .expect('Content-Type', /json/) + .expect(401, done); + }); + describe('Bus api', () => { let createEventSpy;