2018-10-24 09:50:34 -04:00
|
|
|
UserMembershipAuthorization = require './UserMembershipAuthorization'
|
2018-09-25 09:10:06 -04:00
|
|
|
UserMembershipController = require './UserMembershipController'
|
2018-10-25 11:10:02 -04:00
|
|
|
SubscriptionGroupController = require '../Subscription/SubscriptionGroupController'
|
|
|
|
TeamInvitesController = require '../Subscription/TeamInvitesController'
|
2019-03-04 07:02:28 -05:00
|
|
|
AuthorizationMiddleware = require('../Authorization/AuthorizationMiddleware')
|
|
|
|
RateLimiterMiddleware = require('../Security/RateLimiterMiddleware')
|
2018-09-25 09:10:06 -04:00
|
|
|
|
|
|
|
module.exports =
|
|
|
|
apply: (webRouter) ->
|
2018-11-30 08:03:35 -05:00
|
|
|
# group members routes
|
2018-10-11 13:56:14 -04:00
|
|
|
webRouter.get '/manage/groups/:id/members',
|
2019-01-11 09:17:27 -05:00
|
|
|
UserMembershipAuthorization.requireGroupManagementAccess,
|
2018-10-24 09:50:34 -04:00
|
|
|
UserMembershipController.index
|
2018-10-25 11:10:02 -04:00
|
|
|
webRouter.post '/manage/groups/:id/invites',
|
2019-01-11 09:17:27 -05:00
|
|
|
UserMembershipAuthorization.requireGroupManagementAccess,
|
2019-03-04 07:02:28 -05:00
|
|
|
RateLimiterMiddleware.rateLimit({
|
2019-01-18 05:10:09 -05:00
|
|
|
endpointName: "create-team-invite"
|
|
|
|
maxRequests: 100
|
|
|
|
timeInterval: 60
|
|
|
|
}),
|
2018-10-25 11:10:02 -04:00
|
|
|
TeamInvitesController.createInvite
|
|
|
|
webRouter.delete '/manage/groups/:id/user/:user_id',
|
2019-01-11 09:17:27 -05:00
|
|
|
UserMembershipAuthorization.requireGroupManagementAccess,
|
2018-10-25 11:10:02 -04:00
|
|
|
SubscriptionGroupController.removeUserFromGroup
|
|
|
|
webRouter.delete '/manage/groups/:id/invites/:email',
|
2019-01-11 09:17:27 -05:00
|
|
|
UserMembershipAuthorization.requireGroupManagementAccess,
|
2018-10-25 11:10:02 -04:00
|
|
|
TeamInvitesController.revokeInvite
|
|
|
|
webRouter.get '/manage/groups/:id/members/export',
|
2019-01-11 09:17:27 -05:00
|
|
|
UserMembershipAuthorization.requireGroupManagementAccess,
|
2019-03-04 07:02:28 -05:00
|
|
|
RateLimiterMiddleware.rateLimit({
|
2019-01-18 05:10:09 -05:00
|
|
|
endpointName: "export-team-csv"
|
|
|
|
maxRequests: 30
|
|
|
|
timeInterval: 60
|
|
|
|
}),
|
2018-10-25 11:10:02 -04:00
|
|
|
UserMembershipController.exportCsv
|
2018-09-25 09:10:06 -04:00
|
|
|
|
2018-11-30 08:03:35 -05:00
|
|
|
# group managers routes
|
|
|
|
webRouter.get "/manage/groups/:id/managers",
|
2019-01-11 09:17:27 -05:00
|
|
|
UserMembershipAuthorization.requireGroupManagersManagementAccess,
|
2018-11-30 08:03:35 -05:00
|
|
|
UserMembershipController.index
|
|
|
|
webRouter.post "/manage/groups/:id/managers",
|
2019-01-11 09:17:27 -05:00
|
|
|
UserMembershipAuthorization.requireGroupManagersManagementAccess,
|
2018-11-30 08:03:35 -05:00
|
|
|
UserMembershipController.add
|
|
|
|
webRouter.delete "/manage/groups/:id/managers/:userId",
|
2019-01-11 09:17:27 -05:00
|
|
|
UserMembershipAuthorization.requireGroupManagersManagementAccess,
|
2018-11-30 08:03:35 -05:00
|
|
|
UserMembershipController.remove
|
2018-09-25 09:10:06 -04:00
|
|
|
|
2018-11-30 08:03:35 -05:00
|
|
|
# institution members routes
|
|
|
|
webRouter.get "/manage/institutions/:id/managers",
|
2019-01-11 09:17:27 -05:00
|
|
|
UserMembershipAuthorization.requireInstitutionManagementAccess,
|
2018-11-30 08:03:35 -05:00
|
|
|
UserMembershipController.index
|
|
|
|
webRouter.post "/manage/institutions/:id/managers",
|
2019-01-11 09:17:27 -05:00
|
|
|
UserMembershipAuthorization.requireInstitutionManagementAccess,
|
2018-11-30 08:03:35 -05:00
|
|
|
UserMembershipController.add
|
|
|
|
webRouter.delete "/manage/institutions/:id/managers/:userId",
|
2019-01-11 09:17:27 -05:00
|
|
|
UserMembershipAuthorization.requireInstitutionManagementAccess,
|
2018-11-30 08:03:35 -05:00
|
|
|
UserMembershipController.remove
|
2018-11-28 10:51:24 -05:00
|
|
|
|
2018-11-30 08:03:35 -05:00
|
|
|
# publisher members routes
|
|
|
|
webRouter.get "/manage/publishers/:id/managers",
|
2019-01-11 09:17:27 -05:00
|
|
|
UserMembershipAuthorization.requirePublisherManagementAccess,
|
2018-11-30 08:03:35 -05:00
|
|
|
UserMembershipController.index
|
|
|
|
webRouter.post "/manage/publishers/:id/managers",
|
2019-01-11 09:17:27 -05:00
|
|
|
UserMembershipAuthorization.requirePublisherManagementAccess,
|
2018-11-30 08:03:35 -05:00
|
|
|
UserMembershipController.add
|
|
|
|
webRouter.delete "/manage/publishers/:id/managers/:userId",
|
2019-01-11 09:17:27 -05:00
|
|
|
UserMembershipAuthorization.requirePublisherManagementAccess,
|
2018-11-30 08:03:35 -05:00
|
|
|
UserMembershipController.remove
|
2018-12-06 05:52:54 -05:00
|
|
|
|
|
|
|
# create new entitites
|
|
|
|
webRouter.get "/entities/:name/create/:id",
|
2019-03-01 06:45:00 -05:00
|
|
|
UserMembershipAuthorization.requirePublisherManagementAccess,
|
2018-12-06 05:52:54 -05:00
|
|
|
UserMembershipController.new
|
|
|
|
webRouter.post "/entities/:name/create/:id",
|
2019-03-01 06:45:00 -05:00
|
|
|
UserMembershipAuthorization.requirePublisherManagementAccess,
|
2018-12-06 05:52:54 -05:00
|
|
|
UserMembershipController.create
|