overleaf/services/web/app/coffee/Features/Subscription/TeamInvitesHandler.coffee

121 lines
4.5 KiB
CoffeeScript
Raw Normal View History

logger = require("logger-sharelatex")
crypto = require("crypto")
2018-06-01 06:23:25 -04:00
async = require("async")
settings = require("settings-sharelatex")
2018-05-31 06:54:50 -04:00
ObjectId = require("mongojs").ObjectId
TeamInvite = require("../../models/TeamInvite").TeamInvite
Subscription = require("../../models/Subscription").Subscription
UserLocator = require("../User/UserLocator")
SubscriptionLocator = require("./SubscriptionLocator")
2018-05-31 06:54:50 -04:00
SubscriptionUpdater = require("./SubscriptionUpdater")
LimitationsManager = require("./LimitationsManager")
EmailHandler = require("../Email/EmailHandler")
module.exports = TeamInvitesHandler =
getInvite: (token, callback) ->
Subscription.findOne 'teamInvites.token': token, (err, subscription) ->
2018-06-01 06:23:25 -04:00
return callback(err) if err?
return callback(teamNotFound: true) unless subscription?
2018-05-31 06:54:50 -04:00
invite = subscription.teamInvites.find (i) -> i.token == token
return callback(null, invite, subscription)
2018-05-31 06:54:50 -04:00
createManagerInvite: (teamManagerId, email, callback) ->
2018-06-01 06:23:25 -04:00
logger.log {teamManagerId, email}, "Creating manager team invite"
UserLocator.findById teamManagerId, (error, teamManager) ->
return callback(error) if error?
SubscriptionLocator.getUsersSubscription teamManagerId, (error, subscription) ->
return callback(error) if error?
2018-05-31 06:54:50 -04:00
if teamManager.first_name and teamManager.last_name
inviterName = "#{teamManager.first_name} #{teamManager.last_name} (#{teamManager.email})"
else
inviterName = teamManager.email
2018-05-31 06:54:50 -04:00
2018-06-01 06:23:25 -04:00
createInvite(subscription, email, inviterName, callback)
2018-05-31 06:54:50 -04:00
createDomainInvite: (user, licence, callback) ->
2018-06-01 06:23:25 -04:00
logger.log {licence, email: user.email}, "Creating domain team invite"
SubscriptionLocator.getSubscription licence.subscription_id, (error, subscription) ->
return callback(error) if error?
2018-06-01 06:23:25 -04:00
createInvite(subscription, user.email, licence.name, callback)
2018-05-31 06:54:50 -04:00
acceptInvite: (token, userId, callback) ->
2018-06-01 06:23:25 -04:00
logger.log {userId}, "Accepting invite"
TeamInvitesHandler.getInvite token, (err, invite, subscription) ->
2018-05-31 06:54:50 -04:00
return callback(err) if err?
return callback(inviteNoLongerValid: true) unless invite?
2018-05-31 06:54:50 -04:00
SubscriptionUpdater.addUserToGroup subscription.admin_id, userId, (err) ->
2018-05-31 06:54:50 -04:00
return callback(err) if err?
2018-06-01 06:23:25 -04:00
removeInviteFromTeam(subscription.id, invite.email, callback)
2018-05-31 06:54:50 -04:00
revokeInvite: (teamManagerId, email, callback) ->
2018-06-01 06:23:25 -04:00
logger.log {teamManagerId, email}, "Revoking invite"
2018-05-31 06:54:50 -04:00
SubscriptionLocator.getUsersSubscription teamManagerId, (err, teamSubscription) ->
return callback(err) if err?
2018-06-01 06:23:25 -04:00
removeInviteFromTeam(teamSubscription.id, email, callback)
2018-05-30 08:06:27 -04:00
2018-06-01 06:23:25 -04:00
createInvite = (subscription, email, inviterName, callback) ->
logger.log {subscriptionId: subscription.id, email, inviterName}, "Creating invite"
checkIfInviteIsPossible subscription, email, (error, possible, reason) ->
2018-06-01 10:37:09 -04:00
return callback(error) if error?
return callback(reason) unless possible
2018-05-31 06:54:50 -04:00
token = crypto.randomBytes(32).toString("hex")
2018-05-31 06:54:50 -04:00
2018-06-01 10:37:09 -04:00
# TODO: use standard way to canonalise email addresses
invite = {
2018-06-01 10:37:09 -04:00
email: email.trim().toLowerCase(),
token: token,
inviterName: inviterName,
sentAt: new Date(),
}
2018-05-31 06:54:50 -04:00
subscription.teamInvites.push(invite)
2018-05-31 06:54:50 -04:00
subscription.save (error) ->
return callback(error) if error?
2018-05-30 08:06:27 -04:00
opts =
to: email.trim().toLowerCase()
inviterName: inviterName
acceptInviteUrl: "#{settings.siteUrl}/subscription/invites/#{token}/"
EmailHandler.sendEmail "verifyEmailToJoinTeam", opts, (error) ->
return callback(error, invite)
2018-05-30 08:06:27 -04:00
2018-06-01 06:23:25 -04:00
removeInviteFromTeam = (subscriptionId, email, callback) ->
searchConditions = { _id: new ObjectId(subscriptionId.toString()) }
updateOp = { $pull: { teamInvites: { email: email.trim().toLowerCase() } } }
Subscription.update(searchConditions, updateOp, callback)
checkIfInviteIsPossible = (subscription, email, callback = (error, possible, reason) -> ) ->
if LimitationsManager.teamHasReachedMemberLimit(subscription)
logger.log {subscriptionId: subscription.id}, "team has reached member limit"
return callback(null, false, limitReached: true)
existingInvite = subscription.teamInvites.find (invite) -> invite.email == email
if existingInvite
logger.log {subscriptionId: subscription.id, email}, "user already invited"
return callback(null, false, alreadyInvited: true)
async.map subscription.member_ids, UserLocator.findById, (error, members) ->
return callback(error) if error?
existingMember = members.find (member) -> member.email == email
2018-05-30 08:06:27 -04:00
2018-06-01 06:23:25 -04:00
if existingMember
logger.log {subscriptionId: subscription.id, email}, "user already in team"
return callback(null, false, alreadyInTeam: true)
else
return callback(null, true)