use relation for collaborators (#146)

Author: lihebi

api/prisma/migrations/20221213213322_use_relation_for_collaborators/migration.sql

@@ -0,0 +1,29 @@
+/*
+  Warnings:
+
+  - You are about to drop the column `collaboratorIds` on the `Repo` table. All the data in the column will be lost.
+
+*/
+-- DropIndex
+DROP INDEX "Repo_name_userId_key";
+
+-- AlterTable
+ALTER TABLE "Repo" DROP COLUMN "collaboratorIds";
+
+-- CreateTable
+CREATE TABLE "_COLLABORATOR" (
+    "A" TEXT NOT NULL,
+    "B" TEXT NOT NULL
+);
+
+-- CreateIndex
+CREATE UNIQUE INDEX "_COLLABORATOR_AB_unique" ON "_COLLABORATOR"("A", "B");
+
+-- CreateIndex
+CREATE INDEX "_COLLABORATOR_B_index" ON "_COLLABORATOR"("B");
+
+-- AddForeignKey
+ALTER TABLE "_COLLABORATOR" ADD CONSTRAINT "_COLLABORATOR_A_fkey" FOREIGN KEY ("A") REFERENCES "Repo"("id") ON DELETE CASCADE ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "_COLLABORATOR" ADD CONSTRAINT "_COLLABORATOR_B_fkey" FOREIGN KEY ("B") REFERENCES "User"("id") ON DELETE CASCADE ON UPDATE CASCADE;

api/prisma/schema.prisma

@@ -44,21 +44,20 @@ model User {
     hashedPassword String?
     posts          Post[]
     profile        Profile?
-    Repo           Repo[]
+    Repo           Repo[]   @relation("OWNER")
+    sharedRepos    Repo[]   @relation("COLLABORATOR")
 }
 
 model Repo {
-    id              String   @id
-    name            String?
+    id            String   @id
+    name          String?
     // fullname String  @unique
-    owner           User     @relation(fields: [userId], references: [id])
-    userId          String
-    pods            Pod[]    @relation("BELONG")
-    podsId          String[]
-    public          Boolean  @default(false)
-    collaboratorIds String[]
-
-    @@unique([name, userId])
+    owner         User     @relation("OWNER", fields: [userId], references: [id])
+    userId        String
+    pods          Pod[]    @relation("BELONG")
+    podsId        String[]
+    public        Boolean  @default(false)
+    collaborators User[]   @relation("COLLABORATOR")
 }
 
 enum PodType {

api/src/resolver_repo.ts

@@ -8,34 +8,32 @@ const { PrismaClient } = Prisma;
 
 const prisma = new PrismaClient();
 
-// console.log("resolver_repo.ts", Prisma.RepoInclude);
-
-function checkWriteAccess({ repo, userId }) {
-  console.log(repo, userId);
-  if (repo.userId !== userId && repo.collaboratorIds.indexOf(userId) === -1) {
-    throw new Error("You do not have write access to this repo.");
+async function ensureRepoEditAccess({ repoId, userId }) {
+  let repo = await prisma.repo.findFirst({
+    where: {
+      id: repoId,
+      OR: [
+        { owner: { id: userId || "undefined" } },
+        { collaborators: { some: { id: userId || "undefined" } } },
+      ],
+    },
+  });
+  if (!repo) {
+    // this might be caused by creating a pod and update it too soon before it
+    // is created on server, which is a time sequence bug
+    throw new Error("Repo not exists.");
   }
 }
 
-async function ensurePodAccess({ id, userId, read = true }) {
+async function ensurePodEditAccess({ id, userId }) {
   let pod = await prisma.pod.findFirst({
-    where: { id },
-    // HEBI: select is used to select a subset of fields
-    // select: {
-    //   repo: {
-    //     select: {
-    //       owner: true,
-    //     },
-    //   },
-    // },
-    // HEBI: include is used to include additional fields
-    // Both include and select can go through relations, but they cannot be used
-    // at the same time.
-    include: {
+    where: {
+      id,
       repo: {
-        include: {
-          owner: true,
-        },
+        OR: [
+          { owner: { id: userId || "undefined" } },
+          { collaborators: { some: { id: userId || "undefined" } } },
+        ],
       },
     },
   });
@@ -44,16 +42,6 @@ async function ensurePodAccess({ id, userId, read = true }) {
     // is created on server, which is a time sequence bug
     throw new Error("Pod not exists.");
   }
-  // public repo can be accessed by everyone
-  // if the user is the owner or one of the collaborators, then it is ok
-  if (
-    pod.repo.owner.id !== userId &&
-    pod.repo.collaboratorIds.indexOf(userId) === -1
-  ) {
-    if (!read || !pod.repo.public) {
-      throw new Error("You do not have access to this pod.");
-    }
-  }
 }
 
 export async function repos() {
@@ -80,11 +68,10 @@ export async function myRepos(_, __, { userId }) {
 
 export async function myCollabRepos(_, __, { userId }) {
   if (!userId) throw Error("Unauthenticated");
-  // console.log("myCollabRepos", userId);
   const repos = await prisma.repo.findMany({
     where: {
-      collaboratorIds: {
-        has: userId,
+      collaborators: {
+        some: { id: userId },
       },
     },
   });
@@ -98,11 +85,12 @@ export async function repo(_, { id }, { userId }) {
       OR: [
         { id, public: true },
         { id, owner: { id: userId || "undefined" } },
-        { id, collaboratorIds: { has: userId || "undefined" } },
+        { id, collaborators: { some: { id: userId || "undefined" } } },
       ],
     },
     include: {
       owner: true,
+      collaborators: true,
       pods: {
         include: {
           children: true,
@@ -210,25 +198,28 @@ export async function addCollaborator(_, { repoId, email }, { userId }) {
       id: repoId,
       owner: { id: userId },
     },
+    include: {
+      collaborators: true,
+    },
   });
   if (!repo) throw new Error("Repo not found or you are not the owner.");
   // 2. find the user
-  const user = await prisma.user.findFirst({
+  const other = await prisma.user.findFirst({
     where: {
       email,
     },
   });
-  if (!user) throw new Error("User not found");
-  if (user.id === userId) throw new Error("You are already the owner.");
-  if (repo.collaboratorIds.indexOf(user.id) !== -1)
+  if (!other) throw new Error("User not found");
+  if (other.id === userId) throw new Error("You are already the owner.");
+  if (repo.collaborators.findIndex((user) => user.id === other.id) !== -1)
     throw new Error("The user is already a collaborator.");
   // 3. add the user to the repo
   const res = await prisma.repo.update({
     where: {
       id: repoId,
     },
     data: {
-      collaboratorIds: { push: user.id },
+      collaborators: { connect: { id: other.id } },
     },
   });
   return true;
@@ -237,20 +228,13 @@ export async function addCollaborator(_, { repoId, email }, { userId }) {
 export async function addPod(_, { repoId, parent, index, input }, { userId }) {
   // make sure the repo is writable by this user
   if (!userId) throw new Error("Not authenticated.");
-  // 1. find the repo
-  const repo = await prisma.repo.findFirst({
-    where: {
-      id: repoId,
-    },
-  });
-  if (!repo) throw new Error("Repo not found");
+  await ensureRepoEditAccess({ repoId, userId });
 
-  checkWriteAccess({ repo, userId });
   // update all other records
   await prisma.pod.updateMany({
     where: {
       repo: {
-        id: repo.id,
+        id: repoId,
       },
       index: {
         gte: index,
@@ -279,7 +263,7 @@ export async function addPod(_, { repoId, parent, index, input }, { userId }) {
       index,
       repo: {
         connect: {
-          id: repo.id,
+          id: repoId,
         },
       },
       parent:
@@ -298,7 +282,7 @@ export async function addPod(_, { repoId, parent, index, input }, { userId }) {
 
 export async function updatePod(_, { id, input }, { userId }) {
   if (!userId) throw new Error("Not authenticated.");
-  await ensurePodAccess({ id, userId, read: false });
+  await ensurePodEditAccess({ id, userId });
   const pod = await prisma.pod.update({
     where: {
       id,
@@ -318,13 +302,12 @@ export async function updatePod(_, { id, input }, { userId }) {
       },
     },
   });
-  console.log("Updated pod", pod);
   return true;
 }
 
 export async function deletePod(_, { id, toDelete }, { userId }) {
   if (!userId) throw new Error("Not authenticated.");
-  await ensurePodAccess({ id, userId, read: false });
+  await ensurePodEditAccess({ id, userId });
   // find all children of this ID
   // FIXME how to ensure atomic
   // 1. find the parent of this node

api/src/typedefs.ts

@@ -19,7 +19,7 @@ export const typeDefs = gql`
     name: String
     pods: [Pod]
     userId: ID!
-    collaboratorIds: [ID!]
+    collaborators: [User]
     public: Boolean
   }
 

ui/src/lib/fetch.tsx

@@ -17,7 +17,9 @@ export async function doRemoteLoadRepo({ id, client }) {
         id
         name
         userId
-        collaboratorIds
+        collaborators {
+          id
+        }
         pods {
           id
           type
@@ -68,11 +70,11 @@ export async function doRemoteLoadRepo({ id, client }) {
       name: res.data.repo.name,
       error: null,
       userId: res.data.repo.userId,
-      collaboratorIds: res.data.repo.collaboratorIds,
+      collaborators: res.data.repo.collaborators,
     };
   } catch (e) {
     console.log(e);
-    return { pods: [], name: "", error: e, userId: null, collaboratorIds: [] };
+    return { pods: [], name: "", error: e, userId: null, collaborators: [] };
   }
 }
 

ui/src/lib/store.tsx

@@ -723,8 +723,9 @@ const createRepoSlice: StateCreator<
     );
   },
   loadRepo: async (client, id) => {
-    const { pods, name, error, userId, collaboratorIds } =
-      await doRemoteLoadRepo({ id, client });
+    const { pods, name, error, userId, collaborators } = await doRemoteLoadRepo(
+      { id, client }
+    );
     set(
       produce((state) => {
         // TODO the children ordered by index
@@ -739,7 +740,10 @@ const createRepoSlice: StateCreator<
         // set the user role in this repo
         if (userId === state.user.id) {
           state.role = RoleType.OWNER;
-        } else if (state.user && collaboratorIds.indexOf(state.user.id) >= 0) {
+        } else if (
+          state.user &&
+          collaborators.findIndex(({ id }) => state.user.id === id) >= 0
+        ) {
           state.role = RoleType.COLLABORATOR;
         } else {
           state.role = RoleType.GUEST;