overleaf/services/web/app/coffee/Features/UserMembership/UserMembershipRouter.coffee

UserMembershipAuthorization = require './UserMembershipAuthorization'
UserMembershipController = require './UserMembershipController'
SubscriptionGroupController = require '../Subscription/SubscriptionGroupController'
TeamInvitesController = require '../Subscription/TeamInvitesController'
AuthorizationMiddlewear = require('../Authorization/AuthorizationMiddlewear')

module.exports =
	apply: (webRouter) ->
		# group members routes
		webRouter.get '/manage/groups/:id/members',
			UserMembershipAuthorization.requireGroupAccess,
			UserMembershipController.index
		webRouter.post '/manage/groups/:id/invites',
			UserMembershipAuthorization.requireGroupAccess,
			TeamInvitesController.createInvite
		webRouter.delete '/manage/groups/:id/user/:user_id',
			UserMembershipAuthorization.requireGroupAccess,
			SubscriptionGroupController.removeUserFromGroup
		webRouter.delete '/manage/groups/:id/invites/:email',
			UserMembershipAuthorization.requireGroupAccess,
			TeamInvitesController.revokeInvite
		webRouter.get '/manage/groups/:id/members/export',
			UserMembershipAuthorization.requireGroupAccess,
			UserMembershipController.exportCsv

		# group managers routes
		webRouter.get "/manage/groups/:id/managers",
			UserMembershipAuthorization.requireGroupManagersAccess,
			UserMembershipController.index
		webRouter.post "/manage/groups/:id/managers",
			UserMembershipAuthorization.requireGroupManagersAccess,
			UserMembershipController.add
		webRouter.delete "/manage/groups/:id/managers/:userId",
			UserMembershipAuthorization.requireGroupManagersAccess,
			UserMembershipController.remove

		# institution members routes
		webRouter.get "/manage/institutions/:id/managers",
			UserMembershipAuthorization.requireInstitutionAccess,
			UserMembershipController.index
		webRouter.post "/manage/institutions/:id/managers",
			UserMembershipAuthorization.requireInstitutionAccess,
			UserMembershipController.add
		webRouter.delete "/manage/institutions/:id/managers/:userId",
			UserMembershipAuthorization.requireInstitutionAccess,
			UserMembershipController.remove

		# publisher members routes
		webRouter.get "/manage/publishers/:id/managers",
			UserMembershipAuthorization.requirePublisherAccess,
			UserMembershipController.index
		webRouter.post "/manage/publishers/:id/managers",
			UserMembershipAuthorization.requirePublisherAccess,
			UserMembershipController.add
		webRouter.delete "/manage/publishers/:id/managers/:userId",
			UserMembershipAuthorization.requirePublisherAccess,
			UserMembershipController.remove

		# create new entitites
		webRouter.get "/entities/:name/create/:id",
			AuthorizationMiddlewear.ensureUserIsSiteAdmin,
			UserMembershipController.new
		webRouter.post "/entities/:name/create/:id",
			AuthorizationMiddlewear.ensureUserIsSiteAdmin,
			UserMembershipController.create
Merge pull request #1042 from sharelatex/ta-user-membership-access User Membership Access Refactor GitOrigin-RevId: 23e8d342bc4829450625146213ff92cb042550dd 2018-10-24 09:50:34 -04:00			`UserMembershipAuthorization = require './UserMembershipAuthorization'`
add UserMembership logic 2018-09-25 09:10:06 -04:00			`UserMembershipController = require './UserMembershipController'`
Merge pull request #1065 from sharelatex/ta-manage-group-members Manage Group Members GitOrigin-RevId: f0b120630ded1874dfc0352055633afff0015da9 2018-10-25 11:10:02 -04:00			`SubscriptionGroupController = require '../Subscription/SubscriptionGroupController'`
			`TeamInvitesController = require '../Subscription/TeamInvitesController'`
Merge pull request #1192 from sharelatex/ta-publisher-create Add Interface to Create Publishers GitOrigin-RevId: 50af2d1c05821d20b1ec33e8f68a05d824e55c46 2018-12-06 05:52:54 -05:00			`AuthorizationMiddlewear = require('../Authorization/AuthorizationMiddlewear')`
add UserMembership logic 2018-09-25 09:10:06 -04:00
			`module.exports =`
			`apply: (webRouter) ->`
Merge branch 'master' into dcl-i1207 GitOrigin-RevId: c947041ca99860d4afb62ecfd28ba6fe1c717bfc 2018-11-30 08:03:35 -05:00			`# group members routes`
refactor to use config file 2018-10-11 13:56:14 -04:00			`webRouter.get '/manage/groups/:id/members',`
Merge branch 'master' into dcl-i1207 GitOrigin-RevId: c947041ca99860d4afb62ecfd28ba6fe1c717bfc 2018-11-30 08:03:35 -05:00			`UserMembershipAuthorization.requireGroupAccess,`
Merge pull request #1042 from sharelatex/ta-user-membership-access User Membership Access Refactor GitOrigin-RevId: 23e8d342bc4829450625146213ff92cb042550dd 2018-10-24 09:50:34 -04:00			`UserMembershipController.index`
Merge pull request #1065 from sharelatex/ta-manage-group-members Manage Group Members GitOrigin-RevId: f0b120630ded1874dfc0352055633afff0015da9 2018-10-25 11:10:02 -04:00			`webRouter.post '/manage/groups/:id/invites',`
Merge branch 'master' into dcl-i1207 GitOrigin-RevId: c947041ca99860d4afb62ecfd28ba6fe1c717bfc 2018-11-30 08:03:35 -05:00			`UserMembershipAuthorization.requireGroupAccess,`
Merge pull request #1065 from sharelatex/ta-manage-group-members Manage Group Members GitOrigin-RevId: f0b120630ded1874dfc0352055633afff0015da9 2018-10-25 11:10:02 -04:00			`TeamInvitesController.createInvite`
			`webRouter.delete '/manage/groups/:id/user/:user_id',`
Merge branch 'master' into dcl-i1207 GitOrigin-RevId: c947041ca99860d4afb62ecfd28ba6fe1c717bfc 2018-11-30 08:03:35 -05:00			`UserMembershipAuthorization.requireGroupAccess,`
Merge pull request #1065 from sharelatex/ta-manage-group-members Manage Group Members GitOrigin-RevId: f0b120630ded1874dfc0352055633afff0015da9 2018-10-25 11:10:02 -04:00			`SubscriptionGroupController.removeUserFromGroup`
			`webRouter.delete '/manage/groups/:id/invites/:email',`
Merge branch 'master' into dcl-i1207 GitOrigin-RevId: c947041ca99860d4afb62ecfd28ba6fe1c717bfc 2018-11-30 08:03:35 -05:00			`UserMembershipAuthorization.requireGroupAccess,`
Merge pull request #1065 from sharelatex/ta-manage-group-members Manage Group Members GitOrigin-RevId: f0b120630ded1874dfc0352055633afff0015da9 2018-10-25 11:10:02 -04:00			`TeamInvitesController.revokeInvite`
			`webRouter.get '/manage/groups/:id/members/export',`
Merge branch 'master' into dcl-i1207 GitOrigin-RevId: c947041ca99860d4afb62ecfd28ba6fe1c717bfc 2018-11-30 08:03:35 -05:00			`UserMembershipAuthorization.requireGroupAccess,`
Merge pull request #1065 from sharelatex/ta-manage-group-members Manage Group Members GitOrigin-RevId: f0b120630ded1874dfc0352055633afff0015da9 2018-10-25 11:10:02 -04:00			`UserMembershipController.exportCsv`
add UserMembership logic 2018-09-25 09:10:06 -04:00
Merge branch 'master' into dcl-i1207 GitOrigin-RevId: c947041ca99860d4afb62ecfd28ba6fe1c717bfc 2018-11-30 08:03:35 -05:00			`# group managers routes`
			`webRouter.get "/manage/groups/:id/managers",`
			`UserMembershipAuthorization.requireGroupManagersAccess,`
			`UserMembershipController.index`
			`webRouter.post "/manage/groups/:id/managers",`
			`UserMembershipAuthorization.requireGroupManagersAccess,`
			`UserMembershipController.add`
			`webRouter.delete "/manage/groups/:id/managers/:userId",`
			`UserMembershipAuthorization.requireGroupManagersAccess,`
			`UserMembershipController.remove`
add UserMembership logic 2018-09-25 09:10:06 -04:00
Merge branch 'master' into dcl-i1207 GitOrigin-RevId: c947041ca99860d4afb62ecfd28ba6fe1c717bfc 2018-11-30 08:03:35 -05:00			`# institution members routes`
			`webRouter.get "/manage/institutions/:id/managers",`
			`UserMembershipAuthorization.requireInstitutionAccess,`
			`UserMembershipController.index`
			`webRouter.post "/manage/institutions/:id/managers",`
			`UserMembershipAuthorization.requireInstitutionAccess,`
			`UserMembershipController.add`
			`webRouter.delete "/manage/institutions/:id/managers/:userId",`
			`UserMembershipAuthorization.requireInstitutionAccess,`
			`UserMembershipController.remove`
Allow open from template button when lacking source GitOrigin-RevId: 8fd49bff6cc0f66d041bb70f9345b2744978be3a 2018-11-28 10:51:24 -05:00
Merge branch 'master' into dcl-i1207 GitOrigin-RevId: c947041ca99860d4afb62ecfd28ba6fe1c717bfc 2018-11-30 08:03:35 -05:00			`# publisher members routes`
			`webRouter.get "/manage/publishers/:id/managers",`
			`UserMembershipAuthorization.requirePublisherAccess,`
			`UserMembershipController.index`
			`webRouter.post "/manage/publishers/:id/managers",`
			`UserMembershipAuthorization.requirePublisherAccess,`
			`UserMembershipController.add`
			`webRouter.delete "/manage/publishers/:id/managers/:userId",`
			`UserMembershipAuthorization.requirePublisherAccess,`
			`UserMembershipController.remove`
Merge pull request #1192 from sharelatex/ta-publisher-create Add Interface to Create Publishers GitOrigin-RevId: 50af2d1c05821d20b1ec33e8f68a05d824e55c46 2018-12-06 05:52:54 -05:00
			`# create new entitites`
			`webRouter.get "/entities/:name/create/:id",`
			`AuthorizationMiddlewear.ensureUserIsSiteAdmin,`
			`UserMembershipController.new`
			`webRouter.post "/entities/:name/create/:id",`
			`AuthorizationMiddlewear.ensureUserIsSiteAdmin,`
			`UserMembershipController.create`