feat: Read-only users (#1955)

* Introduce isViewer field * Update policies * Make users read-only feature * Remove not demoting current user validation * Update tests * Catch the unhandled promise rejection * Hide unnecessary ui elements for read-only user * Update app/scenes/Settings/People.js Co-authored-by: Tom Moor <tom.moor@gmail.com> * Remove redundant logic for admin only policies * Use can logic * Update snapshot * Remove lint error * Update snapshot * Minor fix * Update app/menus/UserMenu.js Co-authored-by: Tom Moor <tom.moor@gmail.com> * Update server/api/users.js Co-authored-by: Tom Moor <tom.moor@gmail.com> * Update app/components/DocumentListItem.js Co-authored-by: Tom Moor <tom.moor@gmail.com> * Update app/stores/UsersStore.js Co-authored-by: Tom Moor <tom.moor@gmail.com> * Use useCurrentTeam hook in functional component * Update translation * Update ternary * Remove punctuation * Move the functions to User model * Update share policy and shareMenu * Rename makeAdmin to promote * Create updateCounts function and Rank enum * Update tests * Remove enum * Use async await, remove enum and create computed accessor * Remove unused variable * Fix lint issues * Hide templates * Create shared/types and use rank type from it * Delete shared/utils/rank type file Co-authored-by: Tom Moor <tom.moor@gmail.com>
2021-04-12 08:09:17 +05:30
parent cdc7f61fa1
commit bc4fe05147
34 changed files with 508 additions and 189 deletions
--- a/server/api/snapshots/users.test.js.snap
+++ b/server/api/snapshots/users.test.js.snap
@@ -9,6 +9,7 @@ Object {
    "id": "46fde1d4-0050-428f-9f0b-0bf77f4bdf61",
    "isAdmin": false,
    "isSuspended": false,
+    "isViewer": false,
    "language": "en_US",
    "lastActiveAt": null,
    "name": "User 1",
@@ -19,7 +20,7 @@ Object {
      "abilities": Object {
        "activate": true,
        "delete": true,
-        "demote": false,
+        "demote": true,
        "promote": true,
        "read": true,
        "suspend": true,
@@ -59,6 +60,7 @@ Object {
    "id": "46fde1d4-0050-428f-9f0b-0bf77f4bdf61",
    "isAdmin": false,
    "isSuspended": false,
+    "isViewer": false,
    "language": "en_US",
    "lastActiveAt": null,
    "name": "User 1",
@@ -69,7 +71,73 @@ Object {
      "abilities": Object {
        "activate": true,
        "delete": true,
-        "demote": false,
+        "demote": true,
+        "promote": true,
+        "read": true,
+        "suspend": true,
+        "update": false,
+      },
+      "id": "46fde1d4-0050-428f-9f0b-0bf77f4bdf61",
+    },
+  ],
+  "status": 200,
+}
+`;
+
+exports[`#users.demote should demote an admin to viewer 1`] = `
+Object {
+  "data": Object {
+    "avatarUrl": "https://tiley.herokuapp.com/avatar/111d68d06e2d317b5a59c2c6c5bad808/U.png",
+    "createdAt": "2018-01-02T00:00:00.000Z",
+    "email": "user1@example.com",
+    "id": "46fde1d4-0050-428f-9f0b-0bf77f4bdf61",
+    "isAdmin": false,
+    "isSuspended": false,
+    "isViewer": true,
+    "language": "en_US",
+    "lastActiveAt": null,
+    "name": "User 1",
+  },
+  "ok": true,
+  "policies": Array [
+    Object {
+      "abilities": Object {
+        "activate": true,
+        "delete": true,
+        "demote": true,
+        "promote": true,
+        "read": true,
+        "suspend": true,
+        "update": false,
+      },
+      "id": "46fde1d4-0050-428f-9f0b-0bf77f4bdf61",
+    },
+  ],
+  "status": 200,
+}
+`;
+
+exports[`#users.demote should demote an admin to member 1`] = `
+Object {
+  "data": Object {
+    "avatarUrl": "https://tiley.herokuapp.com/avatar/111d68d06e2d317b5a59c2c6c5bad808/U.png",
+    "createdAt": "2018-01-02T00:00:00.000Z",
+    "email": "user1@example.com",
+    "id": "46fde1d4-0050-428f-9f0b-0bf77f4bdf61",
+    "isAdmin": false,
+    "isSuspended": false,
+    "isViewer": false,
+    "language": "en_US",
+    "lastActiveAt": null,
+    "name": "User 1",
+  },
+  "ok": true,
+  "policies": Array [
+    Object {
+      "abilities": Object {
+        "activate": true,
+        "delete": true,
+        "demote": true,
        "promote": true,
        "read": true,
        "suspend": true,
@@ -109,6 +177,7 @@ Object {
    "id": "46fde1d4-0050-428f-9f0b-0bf77f4bdf61",
    "isAdmin": true,
    "isSuspended": false,
+    "isViewer": false,
    "language": "en_US",
    "lastActiveAt": null,
    "name": "User 1",
@@ -168,6 +237,7 @@ Object {
    "id": "46fde1d4-0050-428f-9f0b-0bf77f4bdf61",
    "isAdmin": false,
    "isSuspended": true,
+    "isViewer": false,
    "language": "en_US",
    "lastActiveAt": null,
    "name": "User 1",
--- a/server/api/users.js
+++ b/server/api/users.js
@@ -116,8 +116,7 @@ router.post("users.promote", auth(), async (ctx) => {
  const user = await User.findByPk(userId);
  authorize(actor, "promote", user);

-  const team = await Team.findByPk(teamId);
-  await team.addAdmin(user);
+  await user.promote();

  await Event.create({
    name: "users.promote",
@@ -137,14 +136,18 @@ router.post("users.promote", auth(), async (ctx) => {
 router.post("users.demote", auth(), async (ctx) => {
  const userId = ctx.body.id;
  const teamId = ctx.state.user.teamId;
+  let { to } = ctx.body;
+
  const actor = ctx.state.user;
  ctx.assertPresent(userId, "id is required");

+  to = to === "Viewer" ? "Viewer" : "Member";
+
  const user = await User.findByPk(userId);
+
  authorize(actor, "demote", user);

-  const team = await Team.findByPk(teamId);
-  await team.removeAdmin(user);
+  await user.demote(teamId, to);

  await Event.create({
    name: "users.demote",
@@ -190,8 +193,7 @@ router.post("users.activate", auth(), async (ctx) => {
  const user = await User.findByPk(userId);
  authorize(actor, "activate", user);

-  const team = await Team.findByPk(teamId);
-  await team.activateUser(user, actor);
+  await user.activate();

  await Event.create({
    name: "users.activate",
--- a/server/api/users.test.js
+++ b/server/api/users.test.js
@@ -264,6 +264,40 @@ describe("#users.demote", () => {
    expect(body).toMatchSnapshot();
  });

+  it("should demote an admin to viewer", async () => {
+    const { admin, user } = await seed();
+    await user.update({ isAdmin: true }); // Make another admin
+
+    const res = await server.post("/api/users.demote", {
+      body: {
+        token: admin.getJwtToken(),
+        id: user.id,
+        to: "Viewer",
+      },
+    });
+    const body = await res.json();
+
+    expect(res.status).toEqual(200);
+    expect(body).toMatchSnapshot();
+  });
+
+  it("should demote an admin to member", async () => {
+    const { admin, user } = await seed();
+    await user.update({ isAdmin: true }); // Make another admin
+
+    const res = await server.post("/api/users.demote", {
+      body: {
+        token: admin.getJwtToken(),
+        id: user.id,
+        to: "Member",
+      },
+    });
+    const body = await res.json();
+
+    expect(res.status).toEqual(200);
+    expect(body).toMatchSnapshot();
+  });
+
  it("should not demote admins if only one available", async () => {
    const admin = await buildAdmin();