Project Update Roles (#291)

* Project Update Roles

* Custom Role API

* Update Change

* changing variable name

* upda;te comment

* Use the static value from Group.defaultRoles

* Revert "Merge branch 'development' into project-roles-fix"

This reverts commit 4412996, reversing
changes made to 2f3d09a.

* Roles update

---------

Co-authored-by: Bryan Haberberger <bryan.j.haberberger@slu.edu>

Author: mepripri

classes/Group/Group.js

@@ -40,6 +40,13 @@ export default class Group {
         return Object.fromEntries(roles.map(role => [role, allRoles[role]]))
     }
 
+    async getCustomRoles() {
+        if (Object.keys(this.data.members).length === 0) {
+            await this.#loadFromDB()
+        }
+        return this.data.customRoles
+    }
+
     getPermissions(role) {
         return Object.assign(Group.defaultRoles, this.data.customRoles)[role] ?? "x_x_x"
     }
@@ -180,14 +187,14 @@ export default class Group {
         return true
     }
 
-    async setCustomRoles(roles) {
+    async updateCustomRoles(roles) {
         if (!Object.keys(this.data.members).length) {
             await this.#loadFromDB()
         }
         if (!this.isValidRolesMap(roles))
             throw new Error("Invalid roles. Must be a JSON Object with keys as roles and values as arrays of permissions or space-delimited strings.")
         this.data.customRoles = roles
-        this.update()
+        await this.update()
     }
 
     async addCustomRoles(roleMap) {
@@ -197,34 +204,16 @@ export default class Group {
         if (!this.isValidRolesMap(roleMap))
             throw new Error("Invalid roles. Must be a JSON Object with keys as roles and values as arrays of permissions or space-delimited strings.")
         this.data.customRoles = { ...this.data.customRoles, ...roleMap }
-        this.update()
+        await this.update()
     }
 
-    async removeCustomRoles(roleMap) {
+    async removeCustomRoles(roleName) {
         if (!Object.keys(this.data.members).length) {
             await this.#loadFromDB()
         }
 
-        if (!Array.isArray(roleMap)) {
-
-            if (this.isValidRolesMap(roleMap)) {
-                for (const role in roleMap) {
-                    delete this.data.customRoles[role]
-                }
-                return this.update()
-            }
-            if (typeof roleMap !== "string") {
-                throw {
-                    status: 400,
-                    message: "Invalid roles. Must be an array of strings or a JSON Object with keys as roles and values as arrays of permissions or space-delimited strings."
-                }
-            }
-            roleMap = roleMap.toUpperCase().split(" ")
-
-        }
-
-        roleMap.map(role => delete this.data.customRoles[role])
-        return this.update()
+        delete this.data.customRoles[roleName]
+        await this.update()
     }
 
     async save() {

classes/Line/Line.js

@@ -124,9 +124,6 @@ export default class Line {
             const currentValue = textualBody.value ?? textualBody.chars ?? textualBody['cnt:asChars'] ?? textualBody
             if (currentValue === text) return this
             Object.assign(textualBody, { type: 'TextualBody', value: text, format: options.format ?? "text/plain", language: options.language })
-            // Apply options directly to the Annotation
-            if (options.creator) this.creator = options.creator
-            if (options.generator) this.generator = options.generator
             // discard Annotation-level options if only one body entry is modified.
             return this.update()
         }
@@ -145,7 +142,7 @@ export default class Line {
         throw new Error('Unexpected body format. Cannot update text.')
     }
 
-    async updateBounds({x, y, w, h}, options = {}) {
+    async updateBounds({x, y, w, h}) {
         if (!x || !y || !w || !h) {
             throw new Error('Bounds ({x,y,w,h}) must be provided')
         }
@@ -155,10 +152,6 @@ export default class Line {
             return this
         }
         this.target = newTarget
-        // Apply options directly to the Annotation.
-        if (options.creator) this.creator = options.creator
-        if (options.generator) this.generator = options.generator
-        // discarding unknown options
         return this.update()
     }
 

classes/Page/Page.js

@@ -1,5 +1,5 @@
 import dbDriver from "../../database/driver.js"
-import { handleVersionConflict, fetchUserAgent, upgradeReferences } from "../../utilities/shared.js"
+import { handleVersionConflict, fetchUserAgent } from "../../utilities/shared.js"
 import ProjectFactory from "../Project/ProjectFactory.js"
 
 const databaseTiny = new dbDriver("tiny")
@@ -30,7 +30,6 @@ export default class Page {
         Object.assign(this, { id, label, target, partOf: partOf ?? layerId, items, creator, prev, next })
         if (this.id.startsWith(process.env.RERUMIDPREFIX)) {
             this.#tinyAction = 'update'
-            upgradeReferences(this, ['partOf'])
         }
         return this
     }

line/index.js

@@ -160,7 +160,7 @@ router.patch('/:lineId/text', auth0Middleware(), async (req, res) => {
       return
     }
     const line = new Line(oldLine)
-    const updatedLine = await line.updateText(req.body, { creator: user._id })
+    const updatedLine = await line.updateText(req.body)
     const lineIndex = page.items.findIndex(l => l.id.split('/').pop() === req.params.lineId?.split('/').pop())
     page.items[lineIndex] = updatedLine
     await withOptimisticLocking(
@@ -211,7 +211,7 @@ router.patch('/:lineId/bounds', auth0Middleware(), async (req, res) => {
       return
     }
     const line = new Line(oldLine)
-    const updatedLine = await line.updateBounds(req.body, { creator: user._id })
+    const updatedLine = await line.updateBounds(req.body)
     const lineIndex = page.items.findIndex(l => l.id.split('/').pop() === req.params.lineId?.split('/').pop())
     page.items[lineIndex] = updatedLine
     await withOptimisticLocking(

project/customRolesRouter.js

@@ -8,6 +8,31 @@ import { ACTIONS, ENTITIES, SCOPES } from "./groups/permissions_parameters.js"
 
 const router = express.Router({ mergeParams: true })
 
+// Get custom roles from a Project's Group
+router.get('/:projectId/customRoles', auth0Middleware(), async (req, res) => {
+  const { projectId } = req.params
+  const user = req.user
+  if (!user) return respondWithError(res, 401, "Unauthenticated request")
+  try {
+    const project = new Project(projectId)
+    if (!project) {
+      return respondWithError(res, 404, "Project not found")
+    }
+    if (!(await project.checkUserAccess(user._id, ACTIONS.READ, SCOPES.ALL, ENTITIES.GROUP))) {
+      return respondWithError(res, 403, "You do not have permission to access this group.")
+    }
+    if (!project.data.group) {
+      return respondWithError(res, 404, "Group not found for this project")
+    }
+    const group = new Group(project.data.group)
+    const customRoles = await group.getCustomRoles()
+    res.status(200).json(customRoles)
+  } catch (error) {
+    console.error(error)
+    respondWithError(res, error.status ?? 500, error.message ?? "Internal Server Error")
+  }
+})
+
 // Add custom roles
 router.post('/:projectId/addCustomRoles', auth0Middleware(), async (req, res) => {
   const { projectId } = req.params
@@ -18,8 +43,7 @@ router.post('/:projectId/addCustomRoles', auth0Middleware(), async (req, res) =>
     return respondWithError(res, 400, "Custom roles must be provided as a JSON Object with keys as roles and values as arrays of permissions or space-delimited strings.")
   }
   try {
-    customRoles = scrubDefaultRoles(customRoles)
-    if (!customRoles) return respondWithError(res, 400, `No custom roles provided.`)
+    if (!scrubDefaultRoles(customRoles)) return respondWithError(res, 400, `No custom roles provided.`)
     const project = new Project(projectId)
     if (!(await project.checkUserAccess(user._id, ACTIONS.CREATE, SCOPES.ALL, ENTITIES.ROLE))) {
       return respondWithError(res, 403, "You do not have permission to add custom roles.")
@@ -32,32 +56,31 @@ router.post('/:projectId/addCustomRoles', auth0Middleware(), async (req, res) =>
   }
 })
 
-// Set custom roles
-router.put('/:projectId/setCustomRoles', auth0Middleware(), async (req, res) => {
+// Update custom roles
+router.put('/:projectId/updateCustomRoles', auth0Middleware(), async (req, res) => {
   const { projectId } = req.params
-  let newCustomRoles = req.body.roles ?? req.body
+  let roles = req.body.roles ?? req.body
   const user = req.user
   if (!user) return respondWithError(res, 401, "Unauthenticated request")
-  if (!Object.keys(newCustomRoles).length) {
+  if (!Object.keys(roles).length) {
     return respondWithError(res, 400, "Custom roles must be provided as a JSON Object with keys as roles and values as arrays of permissions or space-delimited strings.")
   }
   try {
-    newCustomRoles = scrubDefaultRoles(newCustomRoles)
-    if (!newCustomRoles) return respondWithError(res, 400, `No custom roles provided.`)
+    if (!scrubDefaultRoles(roles)) return respondWithError(res, 400, `No custom roles provided.`)
     const project = new Project(projectId)
     if (!(await project.checkUserAccess(user._id, ACTIONS.UPDATE, SCOPES.ALL, ENTITIES.ROLE))) {
       return respondWithError(res, 403, "You do not have permission to set custom roles.")
     }
     const group = new Group(project.data.group)
-    await group.setCustomRoles(newCustomRoles)
+    await group.updateCustomRoles(roles)
     res.status(200).json({ message: 'Custom roles set successfully.' })
   } catch (error) {
     respondWithError(res, error.status ?? 500, error.message ?? 'Error setting custom roles.')
   }
 })
 
 // Remove custom roles
-router.post('/:projectId/removeCustomRoles', auth0Middleware(), async (req, res) => {
+router.delete('/:projectId/removeCustomRoles', auth0Middleware(), async (req, res) => {
   const { projectId } = req.params
   let rolesToRemove = req.body.roles ?? req.body
   const user = req.user
@@ -72,16 +95,12 @@ router.post('/:projectId/removeCustomRoles', auth0Middleware(), async (req, res)
     return respondWithError(res, 400, "Roles to remove must be provided as an array of strings or a JSON Object with keys as roles and values as arrays of permissions or space-delimited strings.")
   }
   try {
-    rolesToRemove = scrubDefaultRoles(rolesToRemove)
-    if (!rolesToRemove) {
-      return respondWithError(res, 400, `No custom roles provided.`)
-    }
     const project = new Project(projectId)
     if (!(await project.checkUserAccess(user._id, ACTIONS.DELETE, SCOPES.ALL, ENTITIES.ROLE))) {
       return respondWithError(res, 403, "You do not have permission to remove custom roles.")
     }
     const group = new Group(project.data.group)
-    await (await group.removeCustomRoles(rolesToRemove)).update()
+    await group.removeCustomRoles(rolesToRemove)
     res.status(200).json({ message: 'Custom roles removed successfully.' })
   } catch (error) {
     respondWithError(res, error.status ?? 500, error.message ?? 'Error removing custom roles.')

project/index.js

@@ -12,7 +12,6 @@ import metadataRouter from "./metadataRouter.js"
 import projectToolsRouter from "./projectToolsRouter.js"
 import memberUpgradeRouter from "./memberUpgradeRouter.js"
 import memberDeclineInviteRouter from "./memberDeclineInviteRouter.js"
-import memberLeaveRouter from "./memberLeaveRouter.js"
 import projectCopyRouter from "./projectCopyRouter.js"
 
 const router = express.Router({ mergeParams: true })
@@ -21,7 +20,6 @@ router.use(cors(common_cors))
 // Use split routers
 router.use(memberUpgradeRouter) // Contains unauthenticated route!
 router.use(memberDeclineInviteRouter) // Contains unauthenticated route!
-router.use(memberLeaveRouter)
 router.use(projectCreateRouter)
 router.use(import28Router)
 router.use(projectReadRouter)

project/memberLeaveRouter.js

@@ -1,7 +1,12 @@
-import Group from "../classes/Group/Group.js"
+const internalRoles = {
+  OWNER: ["*_*_*"],
+  LEADER: ["UPDATE_*_PROJECT", "READ_*_PROJECT", "*_*_MEMBER", "*_*_ROLE", "*_*_PERMISSION", "*_*_LAYER", "*_*_PAGE"],
+  CONTRIBUTOR: ["READ_*_*", "UPDATE_TEXT_*", "UPDATE_ORDER_*", "UPDATE_SELECTOR_*", "CREATE_SELECTOR_*", "DELETE_*_LINE", "UPDATE_DESCRIPTION_LAYER", "CREATE_*_LAYER"],
+  VIEWER: ["READ_*_PROJECT", "READ_*_MEMBER", "READ_*_LAYER", "READ_*_PAGE", "READ_*_LINE"]
+}
 
 export default function scrubDefaultRoles(roleName) {
-  const defaultRoles = Object.keys(Group.defaultRoles)
+  const defaultRoles = Object.keys(internalRoles)
   if (Array.isArray(roleName)) {
     roleName = roleName.filter(roleString => {
       if (typeof roleString !== "string") throw new Error("Expecting a RolesMap and not an Array.")

utilities/isDefaultRole.js

@@ -368,23 +368,3 @@ export const fetchUserAgent = async (userId) => {
       throw new Error(`Error fetching user agent: ${error.message}`)
    }
 }
-
-/**
- * Upgrade references in an object to use the RERUMIDPREFIX for specified keys.
- * For each key, if the value is a string containing a "/", the prefix is replaced with process.env.RERUMIDPREFIX and the last segment.
- * For the key 'pages', if it is an array, each page object with an 'id' will have its id upgraded similarly.
- *
- * @param {object} obj - The object whose references should be upgraded.
- * @param {string[]} [keys=["partOf", "next", "prev", "target", "pages"]] - The keys to upgrade. Must be valid JS object keys.
- * @returns {object} The upgraded object.
- */
-export function upgradeReferences(obj, keys = []) {
-   if (!obj || typeof obj !== 'object') return obj
-   keys.filter(key => typeof key === 'string' && /^[a-zA-Z_$][\w$]*$/.test(key)).forEach(key => {
-      if (!obj[key]) return
-      const hexString = obj[key].split('/').pop()
-      if (!hexString) return
-      obj[key] = `${process.env.RERUMIDPREFIX}${hexString}`
-   })
-   return obj
-}

utilities/shared.js

@@ -29,9 +29,9 @@ async function validateURL(url) {
       }
     }
 
-    return {valid: true}
-  } catch (_error) {
-    return {valid: false, message: "URL is not reachable", status: 500}
+    return { valid: true }
+  } catch {
+    return { valid: false, message: "URL is not reachable", status: 500 }
   }
 }