user can be added to responsibilities

Author: MatiasSinisalo

src/client/components/Courses/Course/index.tsx

@@ -1,9 +1,9 @@
 import { Edit, OpenInNew } from '@mui/icons-material'
-import { Alert, Box, Button, Checkbox, Container, FormControlLabel, Input, Modal, Paper, Skeleton, Tab, Tooltip, Typography } from '@mui/material'
+import { Alert, Box, Button, Checkbox, Container, FormControlLabel, Input, Modal, Paper, Skeleton, Tab, TextField, Tooltip, Typography } from '@mui/material'
 import { enqueueSnackbar } from 'notistack'
 import { useState } from 'react'
 import { useTranslation } from 'react-i18next'
-import { Link, Route, Routes, useParams } from 'react-router-dom'
+import { Form, Link, Route, Routes, useParams } from 'react-router-dom'
 
 import { PUBLIC_URL } from '../../../../config'
 import useCourse from '../../../hooks/useCourse'
@@ -21,6 +21,7 @@ import Stats from './Stats'
 import { RouterTabs } from '../../common/RouterTabs'
 import Discussion from './Discussions'
 import { ApiErrorView } from '../../common/ApiErrorView'
+import apiClient from '../../../util/apiClient'
 
 const Course = () => {
   const [showTeachers, setShowTeachers] = useState(false)
@@ -97,7 +98,11 @@ const Course = () => {
     boxSizing: 'borderBox',
     height: '40px',
   }
-
+  const handleAddResponsible = async (e) => {
+    e.preventDefault()
+    const username = e.target.username.value
+    apiClient.post(`/courses/${course.id}/responsibilities/assign`, {username: username})
+  }
   return (
     <Container sx={{ mt: '4rem', mb: '10rem' }} maxWidth="xl">
       <Alert severity={getInfoSeverity()}>
@@ -182,13 +187,22 @@ const Course = () => {
                 {showTeachers ? t('admin:hideTeachers') : t('admin:showTeachers')}
               </Button>
               {showTeachers && (
+              <Box>
+                <Form onSubmit={handleAddResponsible}>
+                  <TextField name="username" placeholder={"käyttäjänimi: "}></TextField>
+                  <Button type={"submit"}>
+                    Lisää
+                   </Button>
+
+                  </Form>
                 <ul>
                   {course.responsibilities.map((responsibility) => (
                     <li key={responsibility.id}>
                       {responsibility.user.last_name} {responsibility.user.first_names}
                     </li>
                   ))}
                 </ul>
+              </Box>
               )}
             </>
           )}

src/server/routes/course.ts

@@ -164,14 +164,9 @@ courseRouter.get('/:id/enrolments', async (req: express.Request, res: express.Re
 
 //checks if user is a admin or is responsible for the course, returns forbidden error if not
 const enforceUserHasFullAccess = async (user, chatInstance) => {
- const hasFullAccess =
-    user.isAdmin ||
-    chatInstance.responsibilities
-      ?.map((r) => r.userId)
-      .filter(Boolean)
-      .includes(user.id)
-
-  if (!hasFullAccess) {
+ const isResponsibleForCourse = userAssignedAsResponsible(user.id, chatInstance)
+ const hasFullAccess = user.isAdmin || isResponsibleForCourse
+ if (!hasFullAccess) {
     throw ApplicationError.Forbidden('Unauthorized')
   }
   return hasFullAccess
@@ -315,9 +310,9 @@ courseRouter.put('/:id', async (req, res) => {
 })
 
  const userAssignedAsResponsible =  (userId, chatInstance) => {
-   
+  console.log("looking for: " + userId)
   const isResponsible:boolean = chatInstance.responsibilities
-      ?.map((r) => r.userId)
+      ?.map((r) => {console.log(r); return r.user?.id})
       .filter(Boolean)
       .includes(userId)
   return isResponsible
@@ -334,28 +329,48 @@ courseRouter.put('/:id', async (req, res) => {
     return user
  }
 
-courseRouter.put('/:id/responsibilities/assign', async (req, res) => {
+
+const getUserByUsername = async (username: string) => {
+  
+ const user = await User.findOne({
+   where: {
+     username: username
+   },
+   raw: true
+ })
+ return user
+}
+courseRouter.post('/:id/responsibilities/assign', async (req, res) => {
  const chatInstanceId = req.params.id
  const body = req.body as {
-    assignedUserId: string
+   username : string
  }
- const assignedUserId:string = body.assignedUserId
+ const assignedUserUsername:string = body.username
 
  const chatInstanceIdClean = cleanIdStringSchema.safeParse(chatInstanceId)
  if(!chatInstanceIdClean.success){
    res.status(400).send('Malformed chat instance id')
+   return
  }
- const assignedUserIdClean = cleanIdStringSchema.safeParse(assignedUserId)
- if(!assignedUserIdClean.success){
+ //username also must be of similar format as the id only letters and numbers
+ const assignedUserUsernameClean = cleanIdStringSchema.safeParse(assignedUserUsername)
+ if(!assignedUserUsernameClean.success){
    res.status(400).send('Malformed assigned user id')
+   return
  }
 
  const request = req as unknown as RequestWithUser
- const {user} = request
+const {user} = request
  const chatInstance = await getChatInstance(chatInstanceId)
  const hasPermission = await enforceUserHasFullAccess(user, chatInstanceId)
 
- const userToAssign = await getUser(assignedUserId) 
+ const userToAssign = await getUserByUsername(assignedUserUsername)
+ if(!userToAssign){
+   res.status(400).send('User not found with username')
+   return
+ }
+
+ const assignedUserId = userToAssign.id
  const userAssignedAlready = await userAssignedAsResponsible(assignedUserId, chatInstance)
  if(userAssignedAlready){
    res.status(400).send('User is already responsible for the course')
@@ -372,8 +387,6 @@ courseRouter.put('/:id/responsibilities/assign', async (req, res) => {
     res.json(createdResponsibility)
     return
   }
-
-  
    res.status(500).send('Unknown error occurred')
 })