From 91abb6eed653769a15654ac4781509b0c5cf01c7 Mon Sep 17 00:00:00 2001 From: Shane Kilkelly Date: Fri, 6 Oct 2017 15:57:22 +0100 Subject: [PATCH] If project is not tokenBased, don't count members of token arrays --- .../Collaborators/CollaboratorsHandler.coffee | 12 ++++++++---- .../Features/Project/ProjectTokenGenerator.coffee | 1 - .../Collaborators/CollaboratorsHandlerTests.coffee | 3 ++- 3 files changed, 10 insertions(+), 6 deletions(-) diff --git a/services/web/app/coffee/Features/Collaborators/CollaboratorsHandler.coffee b/services/web/app/coffee/Features/Collaborators/CollaboratorsHandler.coffee index 969f263a02..8c1981f6fd 100644 --- a/services/web/app/coffee/Features/Collaborators/CollaboratorsHandler.coffee +++ b/services/web/app/coffee/Features/Collaborators/CollaboratorsHandler.coffee @@ -6,6 +6,7 @@ ContactManager = require "../Contacts/ContactManager" CollaboratorsEmailHandler = require "./CollaboratorsEmailHandler" async = require "async" PrivilegeLevels = require "../Authorization/PrivilegeLevels" +PublicAccessLevels = require "../Authorization/PublicAccessLevels" Errors = require "../Errors/Errors" EmailHelper = require "../Helpers/EmailHelper" ProjectEditorHandler = require "../Project/ProjectEditorHandler" @@ -24,6 +25,7 @@ module.exports = CollaboratorsHandler = readOnly_refs: 1, tokenAccessReadOnly_refs: 1, tokenAccessReadAndWrite_refs: 1 + publicAccesLevel: 1 Project.findOne { _id: project_id }, projection, (error, project) -> return callback(error) if error? return callback new Errors.NotFoundError("no project found with id #{project_id}") if !project? @@ -32,13 +34,15 @@ module.exports = CollaboratorsHandler = # read-and-write for member_id in project.collaberator_refs or [] members.push { id: member_id.toString(), privilegeLevel: PrivilegeLevels.READ_AND_WRITE, source: Sources.INVITE } - for member_id in project.tokenAccessReadAndWrite_refs or [] - members.push { id: member_id.toString(), privilegeLevel: PrivilegeLevels.READ_AND_WRITE, source: Sources.TOKEN } + if project.publicAccesLevel == PublicAccessLevels.TOKEN_BASED + for member_id in project.tokenAccessReadAndWrite_refs or [] + members.push { id: member_id.toString(), privilegeLevel: PrivilegeLevels.READ_AND_WRITE, source: Sources.TOKEN } # read-only for member_id in project.readOnly_refs or [] members.push { id: member_id.toString(), privilegeLevel: PrivilegeLevels.READ_ONLY, source: Sources.INVITE } - for member_id in project.tokenAccessReadOnly_refs or [] - members.push { id: member_id.toString(), privilegeLevel: PrivilegeLevels.READ_ONLY, source: Sources.TOKEN } + if project.publicAccesLevel == PublicAccessLevels.TOKEN_BASED + for member_id in project.tokenAccessReadOnly_refs or [] + members.push { id: member_id.toString(), privilegeLevel: PrivilegeLevels.READ_ONLY, source: Sources.TOKEN } return callback null, members getMemberIds: (project_id, callback = (error, member_ids) ->) -> diff --git a/services/web/app/coffee/Features/Project/ProjectTokenGenerator.coffee b/services/web/app/coffee/Features/Project/ProjectTokenGenerator.coffee index 7457929d32..4e635c3284 100644 --- a/services/web/app/coffee/Features/Project/ProjectTokenGenerator.coffee +++ b/services/web/app/coffee/Features/Project/ProjectTokenGenerator.coffee @@ -1,6 +1,5 @@ module.exports = ProjectTokenGenerator = - readOnlyToken: () -> length = 12 tokenAlpha = 'bcdfghjkmnpqrstvwxyz' diff --git a/services/web/test/UnitTests/coffee/Collaborators/CollaboratorsHandlerTests.coffee b/services/web/test/UnitTests/coffee/Collaborators/CollaboratorsHandlerTests.coffee index d9506bfddd..9bb8958fab 100644 --- a/services/web/test/UnitTests/coffee/Collaborators/CollaboratorsHandlerTests.coffee +++ b/services/web/test/UnitTests/coffee/Collaborators/CollaboratorsHandlerTests.coffee @@ -32,7 +32,8 @@ describe "CollaboratorsHandler", -> @Project.findOne = sinon.stub() @Project.findOne.withArgs( {_id: @project_id}, - {owner_ref: 1, collaberator_refs: 1, readOnly_refs: 1, tokenAccessReadOnly_refs: 1, tokenAccessReadAndWrite_refs: 1} + {owner_ref: 1, collaberator_refs: 1, readOnly_refs: 1, + tokenAccessReadOnly_refs: 1, tokenAccessReadAndWrite_refs: 1, publicAccesLevel: 1} ).yields(null, @project = { owner_ref: [ "owner-ref" ] readOnly_refs: [ "read-only-ref-1", "read-only-ref-2" ]