feat: Version 2

Closes #627, closes #1047
2025-07-24 07:39:44 +02:00 · 2025-05-10 02:09:06 +02:00 · 2025-05-10 02:09:06 +02:00 · 2ee1166747
commit 2ee1166747
parent ad7fb51cfa
1557 changed files with 76832 additions and 47042 deletions
--- a/server/api/controllers/comments/create.js
+++ b/server/api/controllers/comments/create.js
@ -0,0 +1,79 @@
+/*!
+ * Copyright (c) 2024 PLANKA Software GmbH
+ * Licensed under the Fair Use License: https://github.com/plankanban/planka/blob/master/LICENSE.md
+ */
+
+const { idInput } = require('../../../utils/inputs');
+
+const Errors = {
+  NOT_ENOUGH_RIGHTS: {
+    notEnoughRights: 'Not enough rights',
+  },
+  CARD_NOT_FOUND: {
+    cardNotFound: 'Card not found',
+  },
+};
+
+module.exports = {
+  inputs: {
+    cardId: {
+      ...idInput,
+      required: true,
+    },
+    text: {
+      type: 'string',
+      maxLength: 1048576,
+      required: true,
+    },
+  },
+
+  exits: {
+    notEnoughRights: {
+      responseType: 'forbidden',
+    },
+    cardNotFound: {
+      responseType: 'notFound',
+    },
+  },
+
+  async fn(inputs) {
+    const { currentUser } = this.req;
+
+    const { card, list, board, project } = await sails.helpers.cards
+      .getPathToProjectById(inputs.cardId)
+      .intercept('pathNotFound', () => Errors.CARD_NOT_FOUND);
+
+    const boardMembership = await BoardMembership.qm.getOneByBoardIdAndUserId(
+      board.id,
+      currentUser.id,
+    );
+
+    if (!boardMembership) {
+      throw Errors.CARD_NOT_FOUND; // Forbidden
+    }
+
+    if (boardMembership.role !== BoardMembership.Roles.EDITOR) {
+      if (!boardMembership.canComment) {
+        throw Errors.NOT_ENOUGH_RIGHTS;
+      }
+    }
+
+    const values = _.pick(inputs, ['text']);
+
+    const comment = await sails.helpers.comments.createOne.with({
+      project,
+      board,
+      list,
+      values: {
+        ...values,
+        card,
+        user: currentUser,
+      },
+      request: this.req,
+    });
+
+    return {
+      item: comment,
+    };
+  },
+};
--- a/server/api/controllers/comments/delete.js
+++ b/server/api/controllers/comments/delete.js
@ -0,0 +1,85 @@
+/*!
+ * Copyright (c) 2024 PLANKA Software GmbH
+ * Licensed under the Fair Use License: https://github.com/plankanban/planka/blob/master/LICENSE.md
+ */
+
+const { idInput } = require('../../../utils/inputs');
+
+const Errors = {
+  NOT_ENOUGH_RIGHTS: {
+    notEnoughRights: 'Not enough rights',
+  },
+  COMMENT_NOT_FOUND: {
+    commentNotFound: 'Comment not found',
+  },
+};
+
+module.exports = {
+  inputs: {
+    id: {
+      ...idInput,
+      required: true,
+    },
+  },
+
+  exits: {
+    notEnoughRights: {
+      responseType: 'forbidden',
+    },
+    commentNotFound: {
+      responseType: 'notFound',
+    },
+  },
+
+  async fn(inputs) {
+    const { currentUser } = this.req;
+
+    const pathToProject = await sails.helpers.comments
+      .getPathToProjectById(inputs.id)
+      .intercept('pathNotFound', () => Errors.COMMENT_NOT_FOUND);
+
+    let { comment } = pathToProject;
+    const { card, list, board, project } = pathToProject;
+
+    const isProjectManager = await sails.helpers.users.isProjectManager(currentUser.id, project.id);
+
+    if (!isProjectManager) {
+      const boardMembership = await BoardMembership.qm.getOneByBoardIdAndUserId(
+        board.id,
+        currentUser.id,
+      );
+
+      if (!boardMembership) {
+        throw Errors.COMMENT_NOT_FOUND; // Forbidden
+      }
+
+      if (boardMembership.role !== BoardMembership.Roles.EDITOR) {
+        if (comment.userId !== currentUser.id) {
+          throw Errors.NOT_ENOUGH_RIGHTS;
+        }
+
+        if (!boardMembership.canComment) {
+          throw Errors.NOT_ENOUGH_RIGHTS;
+        }
+      }
+    }
+
+    comment = await sails.helpers.comments.deleteOne.with({
+      project,
+      board,
+      list,
+      card,
+      record: comment,
+      actorUser: currentUser,
+      request: this.req,
+    });
+
+    if (!comment) {
+      throw Errors.COMMENT_NOT_FOUND;
+    }
+
+    return {
+      item: comment,
+    };
+  },
+};
--- a/server/api/controllers/comments/index.js
+++ b/server/api/controllers/comments/index.js
@ -0,0 +1,68 @@
+/*!
+ * Copyright (c) 2024 PLANKA Software GmbH
+ * Licensed under the Fair Use License: https://github.com/plankanban/planka/blob/master/LICENSE.md
+ */
+
+const { idInput } = require('../../../utils/inputs');
+
+const Errors = {
+  CARD_NOT_FOUND: {
+    cardNotFound: 'Card not found',
+  },
+};
+
+module.exports = {
+  inputs: {
+    cardId: {
+      ...idInput,
+      required: true,
+    },
+    beforeId: idInput,
+  },
+
+  exits: {
+    cardNotFound: {
+      responseType: 'notFound',
+    },
+  },
+
+  async fn(inputs) {
+    const { currentUser } = this.req;
+
+    const { card, project } = await sails.helpers.cards
+      .getPathToProjectById(inputs.cardId)
+      .intercept('pathNotFound', () => Errors.CARD_NOT_FOUND);
+
+    if (currentUser.role !== User.Roles.ADMIN || project.ownerProjectManagerId) {
+      const isProjectManager = await sails.helpers.users.isProjectManager(
+        currentUser.id,
+        project.id,
+      );
+
+      if (!isProjectManager) {
+        const boardMembership = await BoardMembership.qm.getOneByBoardIdAndUserId(
+          card.boardId,
+          currentUser.id,
+        );
+
+        if (!boardMembership) {
+          throw Errors.CARD_NOT_FOUND; // Forbidden
+        }
+      }
+    }
+
+    const comments = await Comment.qm.getByCardId(card.id, {
+      beforeId: inputs.beforeId,
+    });
+
+    const userIds = sails.helpers.utils.mapRecords(comments, 'userId', true, true);
+    const users = await User.qm.getByIds(userIds);
+
+    return {
+      items: comments,
+      included: {
+        users: sails.helpers.users.presentMany(users, currentUser),
+      },
+    };
+  },
+};
--- a/server/api/controllers/comments/update.js
+++ b/server/api/controllers/comments/update.js
@ -0,0 +1,89 @@
+/*!
+ * Copyright (c) 2024 PLANKA Software GmbH
+ * Licensed under the Fair Use License: https://github.com/plankanban/planka/blob/master/LICENSE.md
+ */
+
+const { idInput } = require('../../../utils/inputs');
+
+const Errors = {
+  NOT_ENOUGH_RIGHTS: {
+    notEnoughRights: 'Not enough rights',
+  },
+  COMMENT_NOT_FOUND: {
+    commentNotFound: 'Comment not found',
+  },
+};
+
+module.exports = {
+  inputs: {
+    id: {
+      ...idInput,
+      required: true,
+    },
+    text: {
+      type: 'string',
+      isNotEmptyString: true,
+      maxLength: 1048576,
+    },
+  },
+
+  exits: {
+    notEnoughRights: {
+      responseType: 'forbidden',
+    },
+    commentNotFound: {
+      responseType: 'notFound',
+    },
+  },
+
+  async fn(inputs) {
+    const { currentUser } = this.req;
+
+    const pathToProject = await sails.helpers.comments
+      .getPathToProjectById(inputs.id)
+      .intercept('pathNotFound', () => Errors.COMMENT_NOT_FOUND);
+
+    let { comment } = pathToProject;
+    const { card, list, board, project } = pathToProject;
+
+    if (comment.userId !== currentUser.id) {
+      throw Errors.COMMENT_NOT_FOUND; // Forbidden
+    }
+
+    const boardMembership = await BoardMembership.qm.getOneByBoardIdAndUserId(
+      board.id,
+      currentUser.id,
+    );
+
+    if (!boardMembership) {
+      throw Errors.COMMENT_NOT_FOUND; // Forbidden
+    }
+
+    if (boardMembership.role !== BoardMembership.Roles.EDITOR) {
+      if (!boardMembership.canComment) {
+        throw Errors.NOT_ENOUGH_RIGHTS;
+      }
+    }
+
+    const values = _.pick(inputs, ['text']);
+
+    comment = await sails.helpers.comments.updateOne.with({
+      values,
+      project,
+      board,
+      list,
+      card,
+      record: comment,
+      actorUser: currentUser,
+      request: this.req,
+    });
+
+    if (!comment) {
+      throw Errors.COMMENT_NOT_FOUND;
+    }
+
+    return {
+      item: comment,
+    };
+  },
+};