Merge branch 'control-join-requests' into dev

Author: gustavotoyota

apps/app-server/src/trpc/api/groups/privacy/index.ts

@@ -1,7 +1,9 @@
 import { trpc } from 'src/trpc/server';
 
 import { makePublicProcedure } from './make-public';
+import { setJoinRequestsAllowedProcedure } from './set-join-requests-allowed';
 
 export const privacyRouter = trpc.router({
   makePublic: makePublicProcedure(),
+  setJoinRequestsAllowed: setJoinRequestsAllowedProcedure(),
 });

apps/app-server/src/trpc/api/groups/privacy/set-join-requests-allowed.ts

@@ -0,0 +1,51 @@
+import { isNanoID } from '@stdlib/misc';
+import { checkRedlockSignalAborted } from '@stdlib/redlock';
+import { once } from 'lodash';
+import type { InferProcedureOpts } from 'src/trpc/helpers';
+import { authProcedure } from 'src/trpc/helpers';
+import { z } from 'zod';
+
+const baseProcedure = authProcedure.input(
+  z.object({
+    groupId: z.string().refine(isNanoID),
+
+    areJoinRequestsAllowed: z.boolean(),
+  }),
+);
+
+export const setJoinRequestsAllowedProcedure = once(() =>
+  baseProcedure.mutation(setJoinRequestsAllowed),
+);
+
+export async function setJoinRequestsAllowed({
+  ctx,
+  input,
+}: InferProcedureOpts<typeof baseProcedure>) {
+  return await ctx.usingLocks(
+    [[`user-lock:${ctx.userId}`], [`group-lock:${input.groupId}`]],
+    async (signals) => {
+      return await ctx.dataAbstraction.transaction(async (dtrx) => {
+        // Assert agent is subscribed
+
+        await ctx.assertUserSubscribed({ userId: ctx.userId });
+
+        // Check if user has sufficient permissions
+
+        await ctx.assertSufficientGroupPermissions({
+          userId: ctx.userId,
+          groupId: input.groupId,
+          permission: 'editGroupSettings',
+        });
+
+        await ctx.dataAbstraction.hmset(
+          'group',
+          input.groupId,
+          { 'are-join-requests-allowed': input.areJoinRequestsAllowed },
+          { dtrx },
+        );
+
+        checkRedlockSignalAborted(signals);
+      });
+    },
+  );
+}

apps/app-server/src/websocket/groups/change-user-role.ts

@@ -39,7 +39,9 @@ export function registerGroupsChangeUserRole(
       await ctx.usingLocks(
         [
           [`user-lock:${ctx.userId}`],
-          [`user-lock:${input.patientId}`],
+          ...(input.patientId !== ctx.userId
+            ? [[`user-lock:${input.patientId}`]]
+            : []),
           [`group-lock:${input.groupId}`],
         ],
         performCommunication,

apps/app-server/src/websocket/groups/join-requests/send.ts

@@ -55,7 +55,17 @@ export async function sendStep1({
 
     await ctx.assertUserSubscribed({ userId: ctx.userId });
 
-    const [groupJoinRequestRejected, groupMemberRole] = await Promise.all([
+    const [
+      groupAreJoinRequestsAllowed,
+      groupJoinRequestRejected,
+      groupMemberRole,
+    ] = await Promise.all([
+      ctx.dataAbstraction.hget(
+        'group',
+        input.groupId,
+        'are-join-requests-allowed',
+      ),
+
       ctx.dataAbstraction.hget(
         'group-join-request',
         `${input.groupId}:${ctx.userId}`,
@@ -69,6 +79,15 @@ export async function sendStep1({
       ),
     ]);
 
+    // Check if group allows join requests
+
+    if (!groupAreJoinRequestsAllowed) {
+      throw new TRPCError({
+        code: 'FORBIDDEN',
+        message: 'This group does not allow join requests.',
+      });
+    }
+
     // Check if user has been rejected from the group
 
     if (groupJoinRequestRejected) {

apps/app-server/src/websocket/groups/remove-user.ts

@@ -36,7 +36,9 @@ export function registerGroupsRemoveUser(fastify: ReturnType<typeof Fastify>) {
       await ctx.usingLocks(
         [
           [`user-lock:${ctx.userId}`],
-          [`user-lock:${input.patientId}`],
+          ...(input.patientId !== ctx.userId
+            ? [[`user-lock:${input.patientId}`]]
+            : []),
           [`group-lock:${input.groupId}`],
         ],
         performCommunication,

apps/client/src/layouts/PagesLayout/MainContent/DisplayPage/DisplayScreens/DisplayUnauthorizedScreen.vue

@@ -5,7 +5,8 @@
     v-if="
       uiStore().loggedIn &&
       !realtimeCtx.loading &&
-      !realtimeCtx.hget('group', page.react.groupId, 'is-personal')
+      !realtimeCtx.hget('group', page.react.groupId, 'is-personal') &&
+      realtimeCtx.hget('group', page.react.groupId, 'are-join-requests-allowed')
     "
   >
     <Gap style="height: 12px" />

apps/client/src/layouts/PagesLayout/MainToolbar/Notifications/Items/GroupRequestSent.vue

@@ -78,7 +78,7 @@ const canCancelRequest = computed(
 const canAcceptRequest = computed(() => {
   const rejected = realtimeCtx.hget(
     'group-join-request',
-    `${notificationContent.value.groupId}:${authStore().userId}`,
+    `${notificationContent.value.groupId}:${notificationContent.value.agentId}`,
     'rejected',
   );
 

apps/client/src/layouts/PagesLayout/RightSidebar/PageProperties/GroupSettingsDialog/GeneralTab/AllowJoinRequestsCheckbox.vue

@@ -0,0 +1,43 @@
+<template>
+  <Checkbox
+    @update:model-value="(value) => setJoinRequestsAllowed(value)"
+    :model-value="
+      internals.realtime.globalCtx.hget(
+        'group',
+        groupId,
+        'are-join-requests-allowed',
+      )
+    "
+    label="Allow join requests"
+  />
+</template>
+
+<script setup lang="ts">
+import { handleError } from 'src/code/utils/misc';
+
+const groupId = inject<string>('groupId')!;
+
+async function setJoinRequestsAllowed(value: boolean) {
+  try {
+    await trpcClient.groups.privacy.setJoinRequestsAllowed.mutate({
+      groupId,
+
+      areJoinRequestsAllowed: value,
+    });
+
+    if (value) {
+      $quasar().notify({
+        message: 'Join requests are now enabled in this group.',
+        type: 'positive',
+      });
+    } else {
+      $quasar().notify({
+        message: 'Join requests are now disabled in this group.',
+        type: 'positive',
+      });
+    }
+  } catch (error) {
+    handleError(error);
+  }
+}
+</script>

apps/client/src/layouts/PagesLayout/RightSidebar/PageProperties/GroupSettingsDialog/GeneralTab/GeneralTab.vue

@@ -97,16 +97,16 @@
         />
       </template>
 
-      <Gap style="height: 24px" />
+      <Gap style="height: 28px" />
 
       <q-separator />
 
       <Gap style="height: 20px" />
     </template>
 
-    <div>Group infos</div>
+    <b>Group infos</b>
 
-    <Gap style="height: 8px" />
+    <Gap style="height: 20px" />
 
     <TextField
       label="Group ID"
@@ -166,15 +166,15 @@
         ]?.permissions.editGroupSettings
       "
     >
-      <Gap style="height: 24px" />
+      <Gap style="height: 28px" />
 
       <q-separator />
 
       <Gap style="height: 20px" />
 
-      <div>Group security</div>
+      <b>Group security</b>
 
-      <Gap style="height: 10px" />
+      <Gap style="height: 20px" />
 
       <div style="max-width: 300px; display: flex; flex-direction: column">
         <template v-if="groupId !== internals.personalGroupId">
@@ -217,17 +217,21 @@
         ]?.permissions.editGroupSettings
       "
     >
-      <Gap style="height: 24px" />
+      <Gap style="height: 28px" />
 
       <q-separator />
 
       <Gap style="height: 20px" />
 
-      <div>Group privacy</div>
+      <b>Group privacy</b>
 
-      <Gap style="height: 10px" />
+      <Gap style="height: 20px" />
 
       <div style="max-width: 300px; display: flex; flex-direction: column">
+        <AllowJoinRequestsCheckbox />
+
+        <Gap style="height: 16px" />
+
         <MakePrivateBtn
           v-if="
             internals.realtime.globalCtx.hget('group', groupId, 'is-public')
@@ -249,15 +253,15 @@
         ]?.permissions.editGroupSettings
       "
     >
-      <Gap style="height: 24px" />
+      <Gap style="height: 28px" />
 
       <q-separator />
 
       <Gap style="height: 20px" />
 
-      <div>Danger zone</div>
+      <b>Danger zone</b>
 
-      <Gap style="height: 10px" />
+      <Gap style="height: 20px" />
 
       <div style="max-width: 300px; display: flex; flex-direction: column">
         <DeleteGroupBtn />
@@ -276,6 +280,7 @@ import type { RealtimeContext } from 'src/code/realtime/context';
 import { isCtrlDown } from 'src/code/utils/misc';
 import type { Ref } from 'vue';
 
+import AllowJoinRequestsCheckbox from './AllowJoinRequestsCheckbox.vue';
 import DeleteGroupBtn from './DeleteGroupBtn.vue';
 import MakePrivateBtn from './Privacy/MakePrivateBtn.vue';
 import MakePublicBtn from './Privacy/MakePublicBtn.vue';

apps/client/src/layouts/PagesLayout/RightSidebar/PageProperties/GroupSettingsDialog/MembersTab/MembersTab.vue

@@ -244,7 +244,9 @@ async function removeSelectedUsers() {
       });
     }
 
-    await rotateGroupKeys({ groupId });
+    if (canManageSelected.value) {
+      await rotateGroupKeys({ groupId });
+    }
 
     if (finalSelectedUserIds.value.includes(authStore().userId)) {
       await removeGroupUser({