diff --git a/services/web/app/coffee/Features/Project/ProjectController.coffee b/services/web/app/coffee/Features/Project/ProjectController.coffee index 10e32d1746..201b9830af 100644 --- a/services/web/app/coffee/Features/Project/ProjectController.coffee +++ b/services/web/app/coffee/Features/Project/ProjectController.coffee @@ -154,20 +154,17 @@ module.exports = ProjectController = projectEntitiesJson: (req, res, next) -> user_id = AuthenticationController.getLoggedInUserId(req) project_id = req.params.Project_id - AuthorizationManager.canUserReadProject user_id, project_id, null, (err, canRead) -> + ProjectGetter.getProject project_id, (err, project) -> return next(err) if err? - return res.sendStatus(403) if !canRead - ProjectGetter.getProject project_id, (err, project) -> + ProjectEntityHandler.getAllEntitiesFromProject project, (err, docs, files) -> return next(err) if err? - ProjectEntityHandler.getAllEntitiesFromProject project, (err, docs, files) -> - return next(err) if err? - entities = docs.concat(files) - .sort (a, b) -> a.path > b.path # Sort by path ascending - .map (e) -> { - path: e.path, - type: if e.doc? then 'doc' else 'file' - } - res.json({project_id: project_id, entities: entities}) + entities = docs.concat(files) + .sort (a, b) -> a.path > b.path # Sort by path ascending + .map (e) -> { + path: e.path, + type: if e.doc? then 'doc' else 'file' + } + res.json({project_id: project_id, entities: entities}) projectListPage: (req, res, next)-> timer = new metrics.Timer("project-list") diff --git a/services/web/test/unit/coffee/Project/ProjectControllerTests.coffee b/services/web/test/unit/coffee/Project/ProjectControllerTests.coffee index 6483319bab..32e1c4953a 100644 --- a/services/web/test/unit/coffee/Project/ProjectControllerTests.coffee +++ b/services/web/test/unit/coffee/Project/ProjectControllerTests.coffee @@ -562,38 +562,20 @@ describe "ProjectController", -> @ProjectGetter.getProject = sinon.stub().callsArgWith(1, null, @project) @ProjectEntityHandler.getAllEntitiesFromProject = sinon.stub().callsArgWith(1, null, @docs, @files) - describe 'when the user can access the project', -> - beforeEach () -> - @AuthorizationManager.canUserReadProject = sinon.stub().callsArgWith(3, null, true) - - it 'should produce a list of entities', (done) -> - @res.json = (data) => - expect(data).to.deep.equal { - project_id: 'abcd', - entities: [ - {path: '/main.tex', type: 'doc'}, - {path: '/things/a.txt', type: 'file'}, - {path: '/things/b.txt', type: 'doc'} - ] - } - expect(@ProjectGetter.getProject.callCount).to.equal 1 - expect(@ProjectEntityHandler.getAllEntitiesFromProject.callCount).to.equal 1 - done() - @ProjectController.projectEntitiesJson @req, @res, @next - - describe 'when the user cannot access the project', -> - beforeEach () -> - @AuthorizationManager.canUserReadProject = sinon.stub().callsArgWith(3, null, false) - - it 'should send a 403 response', (done) -> - @res.json = sinon.stub() - @res.sendStatus = (code) => - expect(code).to.equal 403 - expect(@ProjectGetter.getProject.callCount).to.equal 0 - expect(@ProjectEntityHandler.getAllEntitiesFromProject.callCount).to.equal 0 - expect(@res.json.callCount).to.equal 0 - done() - @ProjectController.projectEntitiesJson @req, @res, @next + it 'should produce a list of entities', (done) -> + @res.json = (data) => + expect(data).to.deep.equal { + project_id: 'abcd', + entities: [ + {path: '/main.tex', type: 'doc'}, + {path: '/things/a.txt', type: 'file'}, + {path: '/things/b.txt', type: 'doc'} + ] + } + expect(@ProjectGetter.getProject.callCount).to.equal 1 + expect(@ProjectEntityHandler.getAllEntitiesFromProject.callCount).to.equal 1 + done() + @ProjectController.projectEntitiesJson @req, @res, @next describe '_isInPercentageRollout', -> before ->