From 67b90b4fbf089620ccb17aa6a39139fb0d196e2d Mon Sep 17 00:00:00 2001 From: Younes Date: Tue, 31 Oct 2023 17:46:56 +0100 Subject: [PATCH] fix annotation authorization --- apps/frontend/src/components/AppBarMenu.tsx | 7 +++-- .../annotation/ContextualEditor.tsx | 18 +++++++------ .../annotation/useAnnotationEditor.ts | 2 +- .../src/components/auth/JoinDialog.tsx | 8 +++++- .../src/components/auth/LoginDialog.tsx | 5 ++-- .../components/auth/StudentSignupDialog.tsx | 26 +++++++++++++------ docker-compose.yml | 1 + packages/trpc/src/routers/annotation.ts | 6 ++--- packages/trpc/src/routers/project.ts | 4 +-- packages/trpc/src/routers/user.ts | 6 ++--- 10 files changed, 53 insertions(+), 30 deletions(-) diff --git a/apps/frontend/src/components/AppBarMenu.tsx b/apps/frontend/src/components/AppBarMenu.tsx index 58c44a58..dfa337c1 100644 --- a/apps/frontend/src/components/AppBarMenu.tsx +++ b/apps/frontend/src/components/AppBarMenu.tsx @@ -16,7 +16,10 @@ const Offset = styled("div")(({ theme }) => theme.mixins.toolbar); export const AppBarMenu: React.FC = ({ children }) => { const { t } = useTranslation(); const navigate = useNavigate(); - const { data } = trpc.user.me.useQuery({}, { retry: false }); + const { data, isError } = trpc.user.me.useQuery( + {}, + { retry: false, keepPreviousData: false, cacheTime: 0 } + ); const location = useLocation(); @@ -96,7 +99,7 @@ export const AppBarMenu: React.FC = ({ children }) => { {t("menu.about")} - + diff --git a/apps/frontend/src/components/annotation/ContextualEditor.tsx b/apps/frontend/src/components/annotation/ContextualEditor.tsx index 6ebba7c5..ebf62d5f 100644 --- a/apps/frontend/src/components/annotation/ContextualEditor.tsx +++ b/apps/frontend/src/components/annotation/ContextualEditor.tsx @@ -1,12 +1,8 @@ import { useParentSize } from "@cutting/use-get-parent-size"; -import { Box, Paper, Typography } from "@mui/material"; +import { Box, Paper } from "@mui/material"; import { alpha } from "@mui/system"; -import React, { useMemo, useRef } from "react"; -import Draggable, { - DraggableData, - DraggableEvent, - DraggableEventHandler, -} from "react-draggable"; +import React, { useEffect, useMemo, useRef } from "react"; +import Draggable, { DraggableData, DraggableEvent } from "react-draggable"; import { useTranslation } from "react-i18next"; import { @@ -43,7 +39,6 @@ export const ContextualEditor: React.FC = () => { const handleDrag = (_: DraggableEvent, data: DraggableData) => { if (width && height) { const position = toRelativePosition(data.x, data.y, width, height); - setContextualEditorState(position); } }; @@ -59,6 +54,13 @@ export const ContextualEditor: React.FC = () => { } }, [editedAnnotation, width, height]); + useEffect(() => { + if (!contextualEditorState && width && height) { + const position = toRelativePosition(0, 0, width, height); + setContextualEditorState(position); + } + }, [contextualEditorState, width, height]); + return ( set(annotationEditorState, (previousState) => { - return { ...previousState, showHints: false, contextualEditorVisible: newValue as boolean } + return { ...previousState, showHints: false, contextualEditorVisible: newValue as boolean, contextualPosition: null } }) }); diff --git a/apps/frontend/src/components/auth/JoinDialog.tsx b/apps/frontend/src/components/auth/JoinDialog.tsx index 17bde5bd..adb7956a 100644 --- a/apps/frontend/src/components/auth/JoinDialog.tsx +++ b/apps/frontend/src/components/auth/JoinDialog.tsx @@ -53,12 +53,18 @@ export const JoinDialog: React.FC = () => { } } catch (e) { if (isTRPCClientError(e)) { - if (e.message == "PROJECT_OWNER_CANNOT_JOIN") + if (e.message == "PROJECT_OWNER_CANNOT_JOIN") { // `cause` is now typed as your router's `TRPCClientError` formik.setFieldError( "error", t("join.error.project-owner-cannot-join") ); + } else if (e.message == "CODE_NOT_FOUND") { + formik.setFieldError( + "shareCode", + t("join.error.project-not-found", "Code de partage est invalide") + ); + } } else { formik.setFieldError( "error", diff --git a/apps/frontend/src/components/auth/LoginDialog.tsx b/apps/frontend/src/components/auth/LoginDialog.tsx index 133ef929..2a9e2bdb 100644 --- a/apps/frontend/src/components/auth/LoginDialog.tsx +++ b/apps/frontend/src/components/auth/LoginDialog.tsx @@ -74,10 +74,11 @@ export const LoginDialog: React.FC = () => { formik.setStatus("submited"); } catch (e) { if (isTRPCClientError(e)) { + console.log(e.message); // `cause` is now typed as your router's `TRPCClientError` - if (e.message === "UserNotConfirmed") { + if (e.message === "USER_NOT_CONFIRMED") { handleConfirm(); - } else if (e.code === "UNAUTHORIZED") { + } else if (e.message === "USER_NOT_FOUND") { formik.setFieldError( "error", t( diff --git a/apps/frontend/src/components/auth/StudentSignupDialog.tsx b/apps/frontend/src/components/auth/StudentSignupDialog.tsx index 72561ea1..0633efa6 100644 --- a/apps/frontend/src/components/auth/StudentSignupDialog.tsx +++ b/apps/frontend/src/components/auth/StudentSignupDialog.tsx @@ -66,19 +66,29 @@ export const StudentSignupDialog: React.FC = () => { } catch (e) { if (isTRPCClientError(e)) { // `cause` is now typed as your router's `TRPCClientError` - if (e.message === "ACCOUNT_EXISTS") { + if (e.message == "PROJECT_OWNER_CANNOT_JOIN") { + // `cause` is now typed as your router's `TRPCClientError` formik.setFieldError( "error", - t( - "student-student-signup.error.username-exists", - "Email exists dejà" - ) + t("join.error.project-owner-cannot-join") + ); + } else if (e.message == "ACCOUNT_EXISTS") { + formik.setFieldError( + "username", + t("join.error.account", "Nom d'utilisateur existe déjà") + ); + } else if (e.message == "CODE_NOT_FOUND") { + formik.setFieldError( + "shareCode", + t("join.error.project-not-found", "Code de partage est invalide") ); } + } else { + formik.setFieldError( + "error", + t("join.error.project-not-found", "Code de partage est invalide") + ); } - - formik.setFieldError("error", e.message); - console.log(e); } }, }); diff --git a/docker-compose.yml b/docker-compose.yml index 010149a2..0876c230 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -18,6 +18,7 @@ services: volumes: - ./.data:/var/lib/postgresql/data - ./scripts/pg-init-scripts.sh:/docker-entrypoint-initdb.d/init.sh + - /etc/localtime:/etc/localtime:ro ports: - "5432:5432" restart: unless-stopped diff --git a/packages/trpc/src/routers/annotation.ts b/packages/trpc/src/routers/annotation.ts index ad7f8822..9ac7687a 100644 --- a/packages/trpc/src/routers/annotation.ts +++ b/packages/trpc/src/routers/annotation.ts @@ -79,7 +79,7 @@ export const annotationRouter = router({ }), ) .mutation(async ({ input, ctx }) => { - if (ctx.user && ctx.user.id && ctx.requirePermissions([UserRole.Teacher, UserRole.Admin])) { + if (ctx.user && ctx.user.id) { const annotation = await prisma.annotation.create({ data: { userId: ctx.user?.id, @@ -123,7 +123,7 @@ export const annotationRouter = router({ ); } - if (existingAnnotation.userId == ctx.user?.id) { + if (existingAnnotation.userId == ctx.user?.id || ctx.user.role == UserRole.Admin) { // Perform the update const updatedAnnotation = await prisma.annotation.update({ where: { id: input.annotationId }, @@ -170,7 +170,7 @@ export const annotationRouter = router({ ); } - if (existingAnnotation.userId == ctx.user?.id) { + if (existingAnnotation.userId == ctx.user?.id || ctx.user.role == UserRole.Admin) { const annotation = await prisma.annotation.delete({ where: { id: input.annotationId }, }); diff --git a/packages/trpc/src/routers/project.ts b/packages/trpc/src/routers/project.ts index 1167f70f..bcd90369 100644 --- a/packages/trpc/src/routers/project.ts +++ b/packages/trpc/src/routers/project.ts @@ -205,8 +205,8 @@ export const projectRouter = router({ ...project, editable: ctx.user && (ctx.user.id == project.userId || ctx.user.role == UserRole.Admin), deletable: ctx.user && (ctx.user.id == project.userId || ctx.user.role == UserRole.Admin), - annotable: ctx.user && (ctx.user.id == project.userId || ctx.user.role == UserRole.Admin || project.members.some(m => ctx.user && m.userId == ctx.user.id)), - commentable: ctx.user && (ctx.user.id == project.userId || ctx.user.role == UserRole.Admin || project.members.some(m => ctx.user && m.userId == ctx.user.id)) + annotable: ctx.user && (ctx.user.id == project.userId || ctx.user.role == UserRole.Admin || (project.members.some(m => ctx.user && m.userId == ctx.user.id) && project.collaborative)), + commentable: ctx.user && (ctx.user.id == project.userId || ctx.user.role == UserRole.Admin || (project.members.some(m => ctx.user && m.userId == ctx.user.id) && project.collaborative)), }; }), add: protectedProcedure diff --git a/packages/trpc/src/routers/user.ts b/packages/trpc/src/routers/user.ts index 557f6f61..e264a7df 100644 --- a/packages/trpc/src/routers/user.ts +++ b/packages/trpc/src/routers/user.ts @@ -54,15 +54,15 @@ export const userRouter = router({ }).catch(err => { console.log(err.name); - if (err?.name === 'AuthenticationError') { + if (err?.name === 'InvalidUserError') { throw new TRPCError({ code: 'UNAUTHORIZED', - message: 'Incorrect username or password.' + message: 'USER_NOT_FOUND' }) } else if (err?.name === "UserNotConfirmed") { throw new TRPCError({ code: 'UNAUTHORIZED', - message: 'UserNotConfirmed' + message: 'USER_NOT_CONFIRMED' }) }