Skip to content

[HOTFIX] [PROD] Post release 2.1.1 #495

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 5 commits into from
Mar 3, 2020
Merged

[HOTFIX] [PROD] Post release 2.1.1 #495

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
8080019
#488 Project List endpoint returns member email for some projects
yoution Feb 28, 2020
275d8da
Merge pull request #490 from yoution/issue-488
maxceem Mar 2, 2020
da40ec6
fix: unit tests stability
maxceem Mar 2, 2020
4331abc
feat: return products if requested even if phases are not listed in f…
maxceem Mar 2, 2020
b3a128a
fix: return emails for members
maxceem Mar 2, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 25 additions & 2 deletions src/routes/projects/get.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,9 +22,18 @@ const ES_PROJECT_TYPE = config.get('elasticsearchConfig.docType');
// var permissions = require('tc-core-library-js').middleware.permissions
const permissions = tcMiddleware.permissions;
const PROJECT_ATTRIBUTES = _.without(_.keys(models.Project.rawAttributes), 'utm', 'deletedAt');
const PROJECT_MEMBER_ATTRIBUTES = _.without(_.keys(models.ProjectMember.rawAttributes), 'deletedAt');
const PROJECT_MEMBER_ATTRIBUTES = _.concat(_.without(_.keys(models.ProjectMember.rawAttributes), 'deletedAt'),
['firstName', 'lastName', 'handle', 'email']);
const PROJECT_MEMBER_INVITE_ATTRIBUTES = _.without(_.keys(models.ProjectMemberInvite.rawAttributes), 'deletedAt');
const PROJECT_ATTACHMENT_ATTRIBUTES = _.without(_.keys(models.ProjectAttachment.rawAttributes), 'deletedAt');
const PROJECT_PHASE_ATTRIBUTES = _.without(
_.keys(models.ProjectPhase.rawAttributes),
'deletedAt',
);
const PROJECT_PHASE_PRODUCTS_ATTRIBUTES = _.without(
_.keys(models.PhaseProduct.rawAttributes),
'deletedAt',
);

/**
* Parse the ES search criteria and prepare search request body
Expand Down Expand Up @@ -52,13 +61,21 @@ const parseElasticSearchCriteria = (projectId, fields) => {
sourceInclude = sourceInclude.concat(_.map(memberFields, single => `invites.${single}`));
}

if (_.get(fields, 'project_phases', null)) {
const phaseFields = _.get(fields, 'project_phases');
sourceInclude = sourceInclude.concat(_.map(phaseFields, single => `phases.${single}`));
}
if (_.get(fields, 'project_phases_products', null)) {
const phaseFields = _.get(fields, 'project_phases_products');
sourceInclude = sourceInclude.concat(_.map(phaseFields, single => `phases.products.${single}`));
}
if (_.get(fields, 'attachments', null)) {
const attachmentFields = _.get(fields, 'attachments');
sourceInclude = sourceInclude.concat(_.map(attachmentFields, single => `attachments.${single}`));
}

if (sourceInclude) {
searchCriteria._sourceInclude = sourceInclude; // eslint-disable-line no-underscore-dangle
searchCriteria._sourceIncludes = sourceInclude; // eslint-disable-line no-underscore-dangle
}


Expand Down Expand Up @@ -87,9 +104,14 @@ const retrieveProjectFromES = (projectId, req) => {
projects: PROJECT_ATTRIBUTES,
project_members: PROJECT_MEMBER_ATTRIBUTES,
project_member_invites: PROJECT_MEMBER_INVITE_ATTRIBUTES,
project_phases: PROJECT_PHASE_ATTRIBUTES,
project_phases_products: PROJECT_PHASE_PRODUCTS_ATTRIBUTES,
attachments: PROJECT_ATTACHMENT_ATTRIBUTES,
});

// if user is not admin, ignore email field for project_members
fields = util.ignoreEmailField(req, fields);

const searchCriteria = parseElasticSearchCriteria(projectId, fields) || {};
return new Promise((accept, reject) => {
const es = util.getElasticSearchClient();
Expand All @@ -108,6 +130,7 @@ const retrieveProjectFromDB = (projectId, req) => {
projects: PROJECT_ATTRIBUTES,
project_members: PROJECT_MEMBER_ATTRIBUTES,
});

return models.Project
.findOne({
where: { id: projectId },
Expand Down
272 changes: 270 additions & 2 deletions src/routes/projects/get.spec.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
import chai from 'chai';
import sinon from 'sinon';
import request from 'supertest';

import _ from 'lodash';
import config from 'config';
import models from '../../models';
import util from '../../util';
Expand All @@ -23,7 +23,8 @@ const data = [
billingAccountId: 1,
name: 'test1',
description: 'es_project',
status: 'active',
cancelReason: 'price/cost',
status: 'draft',
details: {
utm: {
code: 'code1',
Expand All @@ -42,6 +43,7 @@ const data = [
firstName: 'es_member_1_firstName',
lastName: 'Lastname',
handle: 'test_tourist_handle',
email: 'test@test.com',
isPrimary: true,
createdBy: 1,
updatedBy: 1,
Expand All @@ -56,6 +58,30 @@ const data = [
updatedBy: 1,
},
],
invites: [
{
id: 1,
userId: 40051335,
email: 'test@topcoder.com',
status: 'pending',
},
],
phases: [

{
id: 45,
name: 'test phases',
spentBudget: 0,
products: [
{

phaseId: 45,
id: 3,
name: 'tet product',
},
],
},
],
attachments: [
{
id: 1,
Expand All @@ -80,6 +106,7 @@ describe('GET Project', () => {
.then(() => testUtil.clearES())
.then(() => {
const p1 = models.Project.create({
id: 5,
type: 'generic',
billingAccountId: 1,
name: 'test1',
Expand All @@ -98,6 +125,10 @@ describe('GET Project', () => {
projectId: project1.id,
role: 'customer',
isPrimary: true,
firstName: 'Firstname',
lastName: 'Lastname',
handle: 'test_tourist_handle',
email: 'test@test.com',
createdBy: 1,
updatedBy: 1,
});
Expand Down Expand Up @@ -343,5 +374,242 @@ describe('GET Project', () => {
});
});
});

describe('URL Query fields', () => {
it('should not return "email" for project members when "fields" query param is not defined (to non-admin users)', (done) => {
request(server)
.get(`/v5/projects/${project1.id}?fields=members.handle`)
.set({
Authorization: `Bearer ${testUtil.jwts.member}`,
})
.expect('Content-Type', /json/)
.expect(200)
.end((err, res) => {
if (err) {
done(err);
} else {
const resJson = res.body;
should.exist(resJson);
resJson.members[0].should.have.property('handle');
resJson.members[0].should.not.have.property('email');
done();
}
});
});

it('should not return "email" for project members even if it\'s defined in "fields" query param (to non-admin users)', (done) => {
request(server)
.get(`/v5/projects/${project1.id}?fields=members.email,members.handle`)
.set({
Authorization: `Bearer ${testUtil.jwts.member}`,
})
.expect('Content-Type', /json/)
.expect(200)
.end((err, res) => {
if (err) {
done(err);
} else {
const resJson = res.body;
should.exist(resJson);
resJson.members[0].should.have.property('handle');
resJson.members[0].should.not.have.property('email');
done();
}
});
});


it('should not return "cancelReason" if it is not listed in "fields" query param ', (done) => {
request(server)
.get(`/v5/projects/${project1.id}?fields=description`)
.set({
Authorization: `Bearer ${testUtil.jwts.member}`,
})
.expect('Content-Type', /json/)
.expect(200)
.end((err, res) => {
if (err) {
done(err);
} else {
const resJson = res.body;
should.exist(resJson);
resJson.should.have.property('description');
resJson.description.should.be.eq('es_project');
resJson.should.not.have.property('cancelReason');
done();
}
});
});

it('should not return "email" for project members when "fields" query param is not defined (to admin users)', (done) => {
request(server)
.get(`/v5/projects/${project1.id}?fields=description,members.id`)
.set({
Authorization: `Bearer ${testUtil.jwts.admin}`,
})
.expect('Content-Type', /json/)
.expect(200)
.end((err, res) => {
if (err) {
done(err);
} else {
const resJson = res.body;
should.exist(resJson);
resJson.members.should.have.lengthOf(2);
resJson.members[0].should.not.have.property('email');
done();
}
});
});

it('should return "email" for project members if it\'s defined in "fields" query param (to admin users', (done) => {
request(server)
.get(`/v5/projects/${project1.id}?fields=description,members.id,members.email`)
.set({
Authorization: `Bearer ${testUtil.jwts.admin}`,
})
.expect('Content-Type', /json/)
.expect(200)
.end((err, res) => {
if (err) {
done(err);
} else {
const resJson = res.body;
should.exist(resJson);
resJson.members.should.have.lengthOf(2);
resJson.members[0].should.have.property('email');
resJson.members[0].email.should.be.eq('test@test.com');
done();
}
});
});


it('should only return "id" field, when it\'s defined in "fields" query param', (done) => {
request(server)
.get(`/v5/projects/${project1.id}?fields=id`)
.set({
Authorization: `Bearer ${testUtil.jwts.admin}`,
})
.expect('Content-Type', /json/)
.expect(200)
.end((err, res) => {
if (err) {
done(err);
} else {
const resJson = res.body;
should.exist(resJson);
resJson.should.have.property('id');
_.keys(resJson).length.should.be.eq(1);
done();
}
});
});

it('should only return "invites.userId" field, when it\'s defined in "fields" query param', (done) => {
request(server)
.get(`/v5/projects/${project1.id}?fields=invites.userId`)
.set({
Authorization: `Bearer ${testUtil.jwts.admin}`,
})
.expect('Content-Type', /json/)
.expect(200)
.end((err, res) => {
if (err) {
done(err);
} else {
const resJson = res.body;
should.exist(resJson);
resJson.invites[0].should.have.property('userId');
_.keys(resJson.invites[0]).length.should.be.eq(1);
done();
}
});
});

it('should only return "members.role" field, when it\'s defined in "fields" query param', (done) => {
request(server)
.get(`/v5/projects/${project1.id}?fields=members.role`)
.set({
Authorization: `Bearer ${testUtil.jwts.admin}`,
})
.expect('Content-Type', /json/)
.expect(200)
.end((err, res) => {
if (err) {
done(err);
} else {
const resJson = res.body;
should.exist(resJson);
resJson.members[0].should.have.property('role');
_.keys(resJson.members[0]).length.should.be.eq(1);
done();
}
});
});

it('should only return "attachments.title" field, when it\'s defined in "fields" query param', (done) => {
request(server)
.get(`/v5/projects/${project1.id}?fields=attachments.title`)
.set({
Authorization: `Bearer ${testUtil.jwts.admin}`,
})
.expect('Content-Type', /json/)
.expect(200)
.end((err, res) => {
if (err) {
done(err);
} else {
const resJson = res.body;
should.exist(resJson);
resJson.attachments[0].should.have.property('title');
_.keys(resJson.attachments[0]).length.should.be.eq(1);
done();
}
});
});

it('should only return "phases.name" field, when it\'s defined in "fields" query param', (done) => {
request(server)
.get(`/v5/projects/${project1.id}?fields=phases.name`)
.set({
Authorization: `Bearer ${testUtil.jwts.admin}`,
})
.expect('Content-Type', /json/)
.expect(200)
.end((err, res) => {
if (err) {
done(err);
} else {
const resJson = res.body;
should.exist(resJson);
resJson.phases[0].should.have.property('name');
_.keys(resJson.phases[0]).length.should.be.eq(1);
done();
}
});
});

it('should only return "phases.products.name" field, when it\'s defined in "fields" query param and "phases" is also defined', (done) => {
request(server)
.get(`/v5/projects/${project1.id}?fields=phases.products.name,phases.name`)
.set({
Authorization: `Bearer ${testUtil.jwts.admin}`,
})
.expect('Content-Type', /json/)
.expect(200)
.end((err, res) => {
if (err) {
done(err);
} else {
const resJson = res.body;
should.exist(resJson);
resJson.phases[0].products[0].should.have.property('name');
_.keys(resJson.phases[0].products[0]).length.should.be.eq(1);
done();
}
});
});
});
});
});
Loading