overleaf/services/web/app/coffee/Features/UserMembership/UserMembershipRouter.coffee
Timothée Alby 210ebbeaf9 Merge pull request #1091 from sharelatex/ta-entity-authorization-refactor
UserMembershipAuthorization Refactor

GitOrigin-RevId: 055cebcd9298ed6dace081198f68491a000cf4a3
2018-11-26 13:42:58 +00:00

45 lines
2 KiB
CoffeeScript

UserMembershipAuthorization = require './UserMembershipAuthorization'
UserMembershipController = require './UserMembershipController'
SubscriptionGroupController = require '../Subscription/SubscriptionGroupController'
TeamInvitesController = require '../Subscription/TeamInvitesController'
module.exports =
apply: (webRouter) ->
# group members routes
webRouter.get '/manage/groups/:id/members',
UserMembershipAuthorization.requireGroupAccess,
UserMembershipController.index
webRouter.post '/manage/groups/:id/invites',
UserMembershipAuthorization.requireGroupAccess,
TeamInvitesController.createInvite
webRouter.delete '/manage/groups/:id/user/:user_id',
UserMembershipAuthorization.requireGroupAccess,
SubscriptionGroupController.removeUserFromGroup
webRouter.delete '/manage/groups/:id/invites/:email',
UserMembershipAuthorization.requireGroupAccess,
TeamInvitesController.revokeInvite
webRouter.get '/manage/groups/:id/members/export',
UserMembershipAuthorization.requireGroupAccess,
UserMembershipController.exportCsv
# group managers routes
webRouter.get "/manage/groups/:id/managers",
UserMembershipAuthorization.requireGroupManagersAccess,
UserMembershipController.index
webRouter.post "/manage/groups/:id/managers",
UserMembershipAuthorization.requireGroupManagersAccess,
UserMembershipController.add
webRouter.delete "/manage/groups/:id/managers/:userId",
UserMembershipAuthorization.requireGroupManagersAccess,
UserMembershipController.remove
# institution members routes
webRouter.get "/manage/institutions/:id/managers",
UserMembershipAuthorization.requireInstitutionAccess,
UserMembershipController.index
webRouter.post "/manage/institutions/:id/managers",
UserMembershipAuthorization.requireInstitutionAccess,
UserMembershipController.add
webRouter.delete "/manage/institutions/:id/managers/:userId",
UserMembershipAuthorization.requireInstitutionAccess,
UserMembershipController.remove