mirror of
https://github.com/HabitRPG/habitica.git
synced 2025-12-14 21:27:23 +01:00
ef07abfd28
# Conflicts: # test/api/unit/models/group.test.js # website/server/controllers/api-v3/user/spells.js # website/server/models/chat.js # website/server/models/group.js
514 lines
17 KiB
JavaScript
514 lines
17 KiB
JavaScript
import { authWithHeaders } from '../../../middlewares/auth';
|
|
import * as Tasks from '../../../models/task';
|
|
import { model as Group } from '../../../models/group';
|
|
import { model as User } from '../../../models/user';
|
|
import {
|
|
BadRequest,
|
|
NotFound,
|
|
NotAuthorized,
|
|
} from '../../../libs/errors';
|
|
import {
|
|
createTasks,
|
|
getTasks,
|
|
moveTask,
|
|
} from '../../../libs/taskManager';
|
|
import { handleSharedCompletion } from '../../../libs/groupTasks';
|
|
import apiError from '../../../libs/apiError';
|
|
|
|
let requiredGroupFields = '_id leader tasksOrder name';
|
|
// @TODO: abstract to task lib
|
|
let types = Tasks.tasksTypes.map(type => `${type}s`);
|
|
types.push('completedTodos', '_allCompletedTodos'); // _allCompletedTodos is currently in BETA and is likely to be removed in future
|
|
|
|
function canNotEditTasks (group, user, assignedUserId) {
|
|
let isNotGroupLeader = group.leader !== user._id;
|
|
let isManager = Boolean(group.managers[user._id]);
|
|
let userIsAssigningToSelf = Boolean(assignedUserId && user._id === assignedUserId);
|
|
return isNotGroupLeader && !isManager && !userIsAssigningToSelf;
|
|
}
|
|
|
|
let api = {};
|
|
|
|
/**
|
|
* @api {post} /api/v3/tasks/group/:groupId Create a new task belonging to a group
|
|
* @apiDescription Can be passed an object to create a single task or an array of objects to create multiple tasks.
|
|
* @apiName CreateGroupTasks
|
|
* @apiGroup Task
|
|
*
|
|
* @apiParam (Path) {UUID} groupId The id of the group the new task(s) will belong to
|
|
*
|
|
* @apiSuccess data An object if a single task was created, otherwise an array of tasks
|
|
*/
|
|
api.createGroupTasks = {
|
|
method: 'POST',
|
|
url: '/tasks/group/:groupId',
|
|
middlewares: [authWithHeaders()],
|
|
async handler (req, res) {
|
|
req.checkParams('groupId', apiError('groupIdRequired')).notEmpty().isUUID();
|
|
|
|
let reqValidationErrors = req.validationErrors();
|
|
if (reqValidationErrors) throw reqValidationErrors;
|
|
|
|
let user = res.locals.user;
|
|
|
|
let fields = requiredGroupFields.concat(' managers');
|
|
let group = await Group.getGroup({user, groupId: req.params.groupId, fields});
|
|
if (!group) throw new NotFound(res.t('groupNotFound'));
|
|
|
|
if (canNotEditTasks(group, user)) throw new NotAuthorized(res.t('onlyGroupLeaderCanEditTasks'));
|
|
|
|
let tasks = await createTasks(req, res, {user, group});
|
|
|
|
res.respond(201, tasks.length === 1 ? tasks[0] : tasks);
|
|
|
|
tasks.forEach((task) => {
|
|
res.analytics.track('task create', {
|
|
uuid: user._id,
|
|
hitType: 'event',
|
|
category: 'behavior',
|
|
taskType: task.type,
|
|
groupID: group._id,
|
|
});
|
|
});
|
|
},
|
|
};
|
|
|
|
/**
|
|
* @api {get} /api/v3/tasks/group/:groupId Get a group's tasks
|
|
* @apiName GetGroupTasks
|
|
* @apiGroup Task
|
|
*
|
|
* @apiParam (Path) {UUID} groupId The id of the group from which to retrieve the tasks
|
|
* @apiParam (Query) {string="habits","dailys","todos","rewards"} [type] Query parameter to return just a type of tasks
|
|
*
|
|
* @apiSuccess {Array} data An array of tasks
|
|
*/
|
|
api.getGroupTasks = {
|
|
method: 'GET',
|
|
url: '/tasks/group/:groupId',
|
|
middlewares: [authWithHeaders()],
|
|
async handler (req, res) {
|
|
req.checkParams('groupId', apiError('groupIdRequired')).notEmpty().isUUID();
|
|
req.checkQuery('type', res.t('invalidTasksType')).optional().isIn(types);
|
|
|
|
let validationErrors = req.validationErrors();
|
|
if (validationErrors) throw validationErrors;
|
|
|
|
let user = res.locals.user;
|
|
|
|
let group = await Group.getGroup({user, groupId: req.params.groupId, fields: requiredGroupFields});
|
|
if (!group) throw new NotFound(res.t('groupNotFound'));
|
|
|
|
let tasks = await getTasks(req, res, {user, group});
|
|
res.respond(200, tasks);
|
|
},
|
|
};
|
|
|
|
/**
|
|
* @api {post} /api/v3/group/:groupId/tasks/:taskId/move/to/:position Move a group task to a specified position
|
|
* @apiDescription Moves a group task to a specified position
|
|
* @apiVersion 3.0.0
|
|
* @apiName GroupMoveTask
|
|
* @apiGroup Task
|
|
*
|
|
* @apiParam (Path) {String} taskId The task _id
|
|
* @apiParam (Path) {Number} position Where to move the task (-1 means push to bottom). First position is 0
|
|
*
|
|
* @apiSuccess {Array} data The new tasks order (group.tasksOrder.{task.type}s)
|
|
*/
|
|
api.groupMoveTask = {
|
|
method: 'POST',
|
|
url: '/group-tasks/:taskId/move/to/:position',
|
|
middlewares: [authWithHeaders()],
|
|
async handler (req, res) {
|
|
req.checkParams('taskId', apiError('taskIdRequired')).notEmpty();
|
|
req.checkParams('position', res.t('positionRequired')).notEmpty().isNumeric();
|
|
|
|
let reqValidationErrors = req.validationErrors();
|
|
if (reqValidationErrors) throw reqValidationErrors;
|
|
|
|
let user = res.locals.user;
|
|
|
|
let taskId = req.params.taskId;
|
|
let task = await Tasks.Task.findOne({
|
|
_id: taskId,
|
|
}).exec();
|
|
|
|
let to = Number(req.params.position);
|
|
|
|
if (!task) {
|
|
throw new NotFound(res.t('taskNotFound'));
|
|
}
|
|
|
|
if (task.type === 'todo' && task.completed) throw new BadRequest(res.t('cantMoveCompletedTodo'));
|
|
|
|
let group = await Group.getGroup({user, groupId: task.group.id, fields: requiredGroupFields});
|
|
if (!group) throw new NotFound(res.t('groupNotFound'));
|
|
|
|
if (group.leader !== user._id) throw new NotAuthorized(res.t('onlyGroupLeaderCanEditTasks'));
|
|
|
|
let order = group.tasksOrder[`${task.type}s`];
|
|
|
|
moveTask(order, task._id, to);
|
|
|
|
await group.save();
|
|
res.respond(200, order);
|
|
},
|
|
};
|
|
|
|
/**
|
|
* @api {post} /api/v3/tasks/:taskId/assign/:assignedUserId Assign a group task to a user
|
|
* @apiDescription Assigns a user to a group task
|
|
* @apiName AssignTask
|
|
* @apiGroup Task
|
|
*
|
|
* @apiParam (Path) {UUID} taskId The id of the task that will be assigned
|
|
* @apiParam (Path) {UUID} assignedUserId The id of the user that will be assigned to the task
|
|
*
|
|
* @apiSuccess data An object if a single task was created, otherwise an array of tasks
|
|
*/
|
|
api.assignTask = {
|
|
method: 'POST',
|
|
url: '/tasks/:taskId/assign/:assignedUserId',
|
|
middlewares: [authWithHeaders()],
|
|
async handler (req, res) {
|
|
req.checkParams('taskId', apiError('taskIdRequired')).notEmpty().isUUID();
|
|
req.checkParams('assignedUserId', res.t('userIdRequired')).notEmpty().isUUID();
|
|
|
|
let reqValidationErrors = req.validationErrors();
|
|
if (reqValidationErrors) throw reqValidationErrors;
|
|
|
|
let user = res.locals.user;
|
|
let assignedUserId = req.params.assignedUserId;
|
|
let assignedUser = await User.findById(assignedUserId).exec();
|
|
|
|
let taskId = req.params.taskId;
|
|
let task = await Tasks.Task.findByIdOrAlias(taskId, user._id);
|
|
|
|
if (!task) {
|
|
throw new NotFound(res.t('taskNotFound'));
|
|
}
|
|
|
|
if (!task.group.id) {
|
|
throw new NotAuthorized(res.t('onlyGroupTasksCanBeAssigned'));
|
|
}
|
|
|
|
let groupFields = `${requiredGroupFields} chat managers`;
|
|
let group = await Group.getGroup({user, groupId: task.group.id, fields: groupFields});
|
|
if (!group) throw new NotFound(res.t('groupNotFound'));
|
|
|
|
if (canNotEditTasks(group, user, assignedUserId)) throw new NotAuthorized(res.t('onlyGroupLeaderCanEditTasks'));
|
|
|
|
let promises = [];
|
|
|
|
// User is claiming the task
|
|
if (user._id === assignedUserId) {
|
|
let message = res.t('userIsClamingTask', {username: user.profile.name, task: task.text});
|
|
const newMessage = group.sendChat({
|
|
message,
|
|
info: {
|
|
type: 'claim_task',
|
|
user: user.profile.name,
|
|
task: task.text,
|
|
},
|
|
});
|
|
promises.push(newMessage.save());
|
|
}
|
|
|
|
promises.push(group.syncTask(task, assignedUser));
|
|
promises.push(group.save());
|
|
await Promise.all(promises);
|
|
|
|
res.respond(200, task);
|
|
},
|
|
};
|
|
|
|
/**
|
|
* @api {post} /api/v3/tasks/:taskId/unassign/:assignedUserId Unassign a user from a task
|
|
* @apiDescription Unassigns a user to from a group task
|
|
* @apiName UnassignTask
|
|
* @apiGroup Task
|
|
*
|
|
* @apiParam (Path) {UUID} taskId The id of the task that will be assigned
|
|
* @apiParam (Path) {UUID} assignedUserId The id of the user that will be unassigned from the task
|
|
*
|
|
* @apiSuccess data An object if a single task was created, otherwise an array of tasks
|
|
*/
|
|
api.unassignTask = {
|
|
method: 'POST',
|
|
url: '/tasks/:taskId/unassign/:assignedUserId',
|
|
middlewares: [authWithHeaders()],
|
|
async handler (req, res) {
|
|
req.checkParams('taskId', apiError('taskIdRequired')).notEmpty().isUUID();
|
|
req.checkParams('assignedUserId', res.t('userIdRequired')).notEmpty().isUUID();
|
|
|
|
let reqValidationErrors = req.validationErrors();
|
|
if (reqValidationErrors) throw reqValidationErrors;
|
|
|
|
let user = res.locals.user;
|
|
let assignedUserId = req.params.assignedUserId;
|
|
let assignedUser = await User.findById(assignedUserId).exec();
|
|
|
|
let taskId = req.params.taskId;
|
|
let task = await Tasks.Task.findByIdOrAlias(taskId, user._id);
|
|
|
|
if (!task) {
|
|
throw new NotFound(res.t('taskNotFound'));
|
|
}
|
|
|
|
if (!task.group.id) {
|
|
throw new NotAuthorized(res.t('onlyGroupTasksCanBeAssigned'));
|
|
}
|
|
|
|
let fields = requiredGroupFields.concat(' managers');
|
|
let group = await Group.getGroup({user, groupId: task.group.id, fields});
|
|
if (!group) throw new NotFound(res.t('groupNotFound'));
|
|
|
|
if (canNotEditTasks(group, user, assignedUserId)) throw new NotAuthorized(res.t('onlyGroupLeaderCanEditTasks'));
|
|
|
|
await group.unlinkTask(task, assignedUser);
|
|
|
|
res.respond(200, task);
|
|
},
|
|
};
|
|
|
|
/**
|
|
* @api {post} /api/v3/tasks/:taskId/approve/:userId Approve a user's task
|
|
* @apiDescription Approves a user assigned to a group task
|
|
* @apiVersion 3.0.0
|
|
* @apiName ApproveTask
|
|
* @apiGroup Task
|
|
*
|
|
* @apiParam (Path) {UUID} taskId The id of the task that is the original group task
|
|
* @apiParam (Path) {UUID} userId The id of the user that will be approved
|
|
*
|
|
* @apiSuccess task The approved task
|
|
*/
|
|
api.approveTask = {
|
|
method: 'POST',
|
|
url: '/tasks/:taskId/approve/:userId',
|
|
middlewares: [authWithHeaders()],
|
|
async handler (req, res) {
|
|
req.checkParams('taskId', apiError('taskIdRequired')).notEmpty().isUUID();
|
|
req.checkParams('userId', res.t('userIdRequired')).notEmpty().isUUID();
|
|
|
|
let reqValidationErrors = req.validationErrors();
|
|
if (reqValidationErrors) throw reqValidationErrors;
|
|
|
|
let user = res.locals.user;
|
|
let assignedUserId = req.params.userId;
|
|
let assignedUser = await User.findById(assignedUserId).exec();
|
|
|
|
let taskId = req.params.taskId;
|
|
let task = await Tasks.Task.findOne({
|
|
'group.taskId': taskId,
|
|
userId: assignedUserId,
|
|
}).exec();
|
|
|
|
if (!task) {
|
|
throw new NotFound(res.t('taskNotFound'));
|
|
}
|
|
|
|
let fields = requiredGroupFields.concat(' managers');
|
|
let group = await Group.getGroup({user, groupId: task.group.id, fields});
|
|
if (!group) throw new NotFound(res.t('groupNotFound'));
|
|
|
|
if (canNotEditTasks(group, user)) throw new NotAuthorized(res.t('onlyGroupLeaderCanEditTasks'));
|
|
if (task.group.approval.approved === true) throw new NotAuthorized(res.t('canOnlyApproveTaskOnce'));
|
|
|
|
task.group.approval.dateApproved = new Date();
|
|
task.group.approval.approvingUser = user._id;
|
|
task.group.approval.approved = true;
|
|
|
|
// Get Managers
|
|
const managerIds = Object.keys(group.managers);
|
|
managerIds.push(group.leader);
|
|
const managers = await User.find({_id: managerIds}, 'notifications').exec(); // Use this method so we can get access to notifications
|
|
|
|
// Get task direction
|
|
const firstManagerNotifications = managers[0].notifications;
|
|
const firstNotificationIndex = firstManagerNotifications.findIndex((notification) => {
|
|
return notification && notification.data && notification.data.taskId === task._id && notification.type === 'GROUP_TASK_APPROVAL';
|
|
});
|
|
let direction = 'up';
|
|
if (firstManagerNotifications[firstNotificationIndex]) {
|
|
direction = firstManagerNotifications[firstNotificationIndex].direction;
|
|
}
|
|
|
|
// Remove old notifications
|
|
let approvalPromises = [];
|
|
managers.forEach((manager) => {
|
|
let notificationIndex = manager.notifications.findIndex(function findNotification (notification) {
|
|
return notification && notification.data && notification.data.taskId === task._id && notification.type === 'GROUP_TASK_APPROVAL';
|
|
});
|
|
|
|
if (notificationIndex !== -1) {
|
|
manager.notifications.splice(notificationIndex, 1);
|
|
approvalPromises.push(manager.save());
|
|
}
|
|
});
|
|
|
|
// Add new notifications to user
|
|
assignedUser.addNotification('GROUP_TASK_APPROVED', {
|
|
message: res.t('yourTaskHasBeenApproved', {taskText: task.text}),
|
|
groupId: group._id,
|
|
});
|
|
|
|
assignedUser.addNotification('SCORED_TASK', {
|
|
message: res.t('yourTaskHasBeenApproved', {taskText: task.text}),
|
|
scoreTask: task,
|
|
direction,
|
|
});
|
|
|
|
await handleSharedCompletion(task);
|
|
|
|
approvalPromises.push(task.save());
|
|
approvalPromises.push(assignedUser.save());
|
|
await Promise.all(approvalPromises);
|
|
|
|
res.respond(200, task);
|
|
},
|
|
};
|
|
|
|
/**
|
|
* @api {post} /api/v3/tasks/:taskId/needs-work/:userId Group task needs more work
|
|
* @apiDescription Mark an assigned group task as needeing more work before it can be approved
|
|
* @apiVersion 3.0.0
|
|
* @apiName TaskNeedsWork
|
|
* @apiGroup Task
|
|
*
|
|
* @apiParam (Path) {UUID} taskId The id of the task that is the original group task
|
|
* @apiParam (Path) {UUID} userId The id of the assigned user
|
|
*
|
|
* @apiSuccess task The task that needs more work
|
|
*/
|
|
api.taskNeedsWork = {
|
|
method: 'POST',
|
|
url: '/tasks/:taskId/needs-work/:userId',
|
|
middlewares: [authWithHeaders()],
|
|
async handler (req, res) {
|
|
req.checkParams('taskId', apiError('taskIdRequired')).notEmpty().isUUID();
|
|
req.checkParams('userId', res.t('userIdRequired')).notEmpty().isUUID();
|
|
|
|
let reqValidationErrors = req.validationErrors();
|
|
if (reqValidationErrors) throw reqValidationErrors;
|
|
|
|
let user = res.locals.user;
|
|
|
|
let assignedUserId = req.params.userId;
|
|
let taskId = req.params.taskId;
|
|
|
|
const [assignedUser, task] = await Promise.all([
|
|
User.findById(assignedUserId).exec(),
|
|
await Tasks.Task.findOne({
|
|
'group.taskId': taskId,
|
|
userId: assignedUserId,
|
|
}).exec(),
|
|
]);
|
|
|
|
if (!task) {
|
|
throw new NotFound(res.t('taskNotFound'));
|
|
}
|
|
|
|
let fields = requiredGroupFields.concat(' managers');
|
|
let group = await Group.getGroup({user, groupId: task.group.id, fields});
|
|
if (!group) throw new NotFound(res.t('groupNotFound'));
|
|
|
|
if (canNotEditTasks(group, user)) throw new NotAuthorized(res.t('onlyGroupLeaderCanEditTasks'));
|
|
if (task.group.approval.approved === true) throw new NotAuthorized(res.t('canOnlyApproveTaskOnce'));
|
|
if (!task.group.approval.requested) {
|
|
throw new NotAuthorized(res.t('taskApprovalWasNotRequested'));
|
|
}
|
|
|
|
// Get Managers
|
|
const managerIds = Object.keys(group.managers);
|
|
managerIds.push(group.leader);
|
|
const managers = await User.find({_id: managerIds}, 'notifications').exec(); // Use this method so we can get access to notifications
|
|
|
|
const promises = [];
|
|
|
|
// Remove old notifications
|
|
managers.forEach((manager) => {
|
|
let notificationIndex = manager.notifications.findIndex(function findNotification (notification) {
|
|
return notification && notification.data && notification.data.taskId === task._id && notification.type === 'GROUP_TASK_APPROVAL';
|
|
});
|
|
|
|
if (notificationIndex !== -1) {
|
|
manager.notifications.splice(notificationIndex, 1);
|
|
promises.push(manager.save());
|
|
}
|
|
});
|
|
|
|
task.group.approval.requested = false;
|
|
task.group.approval.requestedDate = undefined;
|
|
|
|
const taskText = task.text;
|
|
const managerName = user.profile.name;
|
|
|
|
const message = res.t('taskNeedsWork', {taskText, managerName}, assignedUser.preferences.language);
|
|
|
|
assignedUser.addNotification('GROUP_TASK_NEEDS_WORK', {
|
|
message,
|
|
task: {
|
|
id: task._id,
|
|
text: taskText,
|
|
},
|
|
group: {
|
|
id: group._id,
|
|
name: group.name,
|
|
},
|
|
manager: {
|
|
id: user._id,
|
|
name: managerName,
|
|
},
|
|
});
|
|
|
|
await Promise.all([...promises, assignedUser.save(), task.save()]);
|
|
|
|
res.respond(200, task);
|
|
},
|
|
};
|
|
|
|
/**
|
|
* @api {get} /api/v3/approvals/group/:groupId Get a group's approvals
|
|
* @apiVersion 3.0.0
|
|
* @apiName GetGroupApprovals
|
|
* @apiGroup Task
|
|
*
|
|
* @apiParam (Path) {UUID} groupId The id of the group from which to retrieve the approvals
|
|
*
|
|
* @apiSuccess {Array} data An array of tasks
|
|
*/
|
|
api.getGroupApprovals = {
|
|
method: 'GET',
|
|
url: '/approvals/group/:groupId',
|
|
middlewares: [authWithHeaders()],
|
|
async handler (req, res) {
|
|
req.checkParams('groupId', apiError('groupIdRequired')).notEmpty().isUUID();
|
|
|
|
let validationErrors = req.validationErrors();
|
|
if (validationErrors) throw validationErrors;
|
|
|
|
let user = res.locals.user;
|
|
let groupId = req.params.groupId;
|
|
|
|
let fields = requiredGroupFields.concat(' managers');
|
|
let group = await Group.getGroup({user, groupId, fields});
|
|
if (!group) throw new NotFound(res.t('groupNotFound'));
|
|
|
|
if (canNotEditTasks(group, user)) throw new NotAuthorized(res.t('onlyGroupLeaderCanEditTasks'));
|
|
|
|
let approvals = await Tasks.Task.find({
|
|
'group.id': groupId,
|
|
'group.approval.approved': false,
|
|
'group.approval.requested': true,
|
|
}, 'userId group text')
|
|
.populate('userId', 'profile')
|
|
.exec();
|
|
|
|
res.respond(200, approvals);
|
|
},
|
|
};
|
|
|
|
module.exports = api;
|