fix(gsuite): add TODOs for everything that has to be done

Also fixed linter and installed superagent. Superagent will have to be removed to use request
AEGEE · Nov 25, 2020 · 49299e2 · 49299e2
1 parent 8703b4b
commit 49299e2
Show file tree

Hide file tree

Showing 8 changed files with 132 additions and 37 deletions.
diff --git a/lib/constants.js b/lib/constants.js
@@ -76,5 +76,6 @@ module.exports = {
         MAIL_CHANGE: 'MyAEGEE: Email change',
         PASSWORD_RESET: 'MyAEGEE: password reset request',
         NEW_JOIN_REQUEST: 'MyAEGEE: new join request for your body'
-    }
+    },
+    GSUITE_DOMAIN: 'aegee.eu'
 };
diff --git a/lib/cron.js b/lib/cron.js
@@ -25,6 +25,7 @@ const JobCallbacks = {
             }, 'Deleting not confirmed user');
 
             await confirmation.destroy();
+            // TODO: check that GSuite account is also deleted
             await user.destroy();
 
             logger.info('Deleted.');

diff --git a/middlewares/bodies.js b/middlewares/bodies.js
@@ -52,6 +52,9 @@ exports.createBody = async (req, res) => {
         return errors.makeForbiddenError(res, 'Permission global:create:body is required, but not present.');
     }
 
+    // TODO: if antenna, contact antenna or contact, then create GSuite account
+    // TODO: else create GSuite group. use the new abbreviation field for this (if possible), otherwise use the name
+
     // TODO: filter out fields that are changed in the other way
     const body = await Body.create(req.body);
     return res.json({
@@ -65,6 +68,8 @@ exports.updateBody = async (req, res) => {
         return errors.makeForbiddenError(res, 'Permission update:body is required, but not present.');
     }
 
+    // TODO: if antenna, contact antenna or contact, then update GSuite account if needed
+
     await req.currentBody.update(req.body, { fields: req.permissions.getPermissionFilters('update:body') });
     return res.json({
         success: true,
@@ -89,6 +94,7 @@ exports.setBodyStatus = async (req, res) => {
         await BodyMembership.destroy({ where: { body_id: req.currentBody.id }, transaction: t });
         await Circle.destroy({ where: { body_id: req.currentBody.id }, transaction: t });
         await Payment.destroy({ where: { body_id: req.currentBody.id }, transaction: t });
+        // TODO: suspend GSuite account (if attached)
     });
 
     return res.json({
@@ -122,6 +128,7 @@ exports.createMember = async (req, res) => {
         body_id: req.currentBody.id
     });
 
+    // TODO: create active GSuite account
     return res.json({
         success: true,
         data: membership

diff --git a/middlewares/campaigns.js b/middlewares/campaigns.js
@@ -1,3 +1,5 @@
+const superagent = require('superagent');
+const crypto = require('crypto');
 const {
     User,
     MailConfirmation,
@@ -8,8 +10,6 @@ const errors = require('../lib/errors');
 const helpers = require('../lib/helpers');
 const constants = require('../lib/constants');
 const { sequelize } = require('../lib/sequelize');
-const superagent = require('superagent');
-const crypto = require('crypto');
 const mailer = require('../lib/mailer');
 
 exports.registerUser = async (req, res) => {
@@ -35,19 +35,19 @@ exports.registerUser = async (req, res) => {
             transaction: t
         });
 
-        // TODO: add duplicate name checking; translit gsuite_email in case of umlauts
-        const gsuite_email = req.body.first_name+'.'+req.body.last_name+'@aegee.eu'
+        // TODO: add uniqueness check; transliterate gsuiteEmail in case of umlauts or other special characters
+        const gsuiteEmail = req.body.first_name + '.' + req.body.last_name + '@' + constants.GSUITE_DOMAIN;
         const payload = {
-            'primaryEmail': gsuite_email.toLowerCase().replace(' ',''),
-            'name': {
-              'givenName':  req.body.first_name,
-              'familyName': req.body.last_name
+            primaryEmail: gsuiteEmail.toLowerCase().replace(' ', ''),
+            name: {
+                givenName: req.body.first_name,
+                familyName: req.body.last_name
             },
-            'secondaryEmail': req.body.email,
-            'password': crypto.createHash('sha1').update(JSON.stringify(req.body.password)).digest('hex'),
-            'userPK': req.body.username,
-            'antenna': 'Undefined-yet'
-        }
+            secondaryEmail: req.body.email,
+            password: crypto.createHash('sha1').update(JSON.stringify(req.body.password)).digest('hex'),
+            userPK: req.body.username,
+            antenna: 'Undefined-yet'
+        };
 
         // Adding a person to a body if campaign has the autojoin body.
         if (campaign.autojoin_body_id) {

diff --git a/middlewares/circle-memberships.js b/middlewares/circle-memberships.js
@@ -57,6 +57,8 @@ exports.createMembership = async (req, res) => {
         user_id: user.id
     });
 
+    // TODO: check if user got the permission for an active GSuite account, if true activate user
+
     return res.json({
         success: true,
         data: circleMembership
@@ -93,6 +95,8 @@ exports.deleteMembership = async (req, res) => {
 
     await req.currentCircleMembership.destroy();
 
+    // TODO: check if user still has the permission for an active GSuite account, otherwise suspend GSuite account
+
     return res.json({
         success: true,
         message: 'Membership is deleted.'
@@ -110,6 +114,8 @@ exports.deleteOwnMembership = async (req, res) => {
 
     await circleMembership.destroy();
 
+    // TODO: check if user still has the permission for an active GSuite account, otherwise suspend GSuite account
+
     return res.json({
         success: true,
         message: 'Membership is deleted.'

diff --git a/middlewares/login.js b/middlewares/login.js
@@ -13,7 +13,8 @@ module.exports.login = async (req, res) => {
         where: {
             [Sequelize.Op.or]: {
                 email: { [Sequelize.Op.iLike]: username },
-                username: { [Sequelize.Op.iLike]: username }
+                username: { [Sequelize.Op.iLike]: username },
+                gsuite_id: { [Sequelize.Op.iLike]: username }
             }
         }
     });

diff --git a/middlewares/members.js b/middlewares/members.js
@@ -1,11 +1,11 @@
 const moment = require('moment');
 
+const superagent = require('superagent');
 const { User, Body, MailChange } = require('../models');
 const constants = require('../lib/constants');
 const helpers = require('../lib/helpers');
 const errors = require('../lib/errors');
 const mailer = require('../lib/mailer');
-const superagent = require('superagent');
 const { sequelize, Sequelize } = require('../lib/sequelize');
 
 exports.listAllUsers = async (req, res) => {
@@ -65,14 +65,15 @@ exports.updateUser = async (req, res) => {
 
     await req.currentUser.update(req.body, { fields: constants.FIELDS_TO_UPDATE.USER.UPDATE });
 
-    if(req.body.first_name || req.body.last_name){
-      const payload = {
-        'name': {
-          'givenName': req.body.first_name || req.currentUser.first_name,
-          'familyName':  req.body.last_name || req.currentUser.last_name
-        }
-      }
-      await superagent.put('gsuite-wrapper:8084/accounts/'+req.currentUser.gsuite_id, payload );
+    // TODO: update first/late name to GSuite account (if there is an account attached)
+    if (req.body.first_name || req.body.last_name) {
+        const payload = {
+            name: {
+                givenName: req.body.first_name || req.currentUser.first_name,
+                familyName: req.body.last_name || req.currentUser.last_name
+            }
+        };
+        await superagent.put('gsuite-wrapper:8084/accounts/' + req.currentUser.gsuite_id, payload);
     }
 
     return res.json({
@@ -85,7 +86,8 @@ exports.deleteUser = async (req, res) => {
     if (!req.permissions.hasPermission('delete:member')) {
         return errors.makeForbiddenError(res, 'Permission delete:member is required, but not present.');
     }
-    await superagent.delete('gsuite-wrapper:8084/accounts/'+req.currentUser.gsuite_id);
+    // TODO: if user gets deleted the gsuite account also gets deleted (if there was an account attached)
+    await superagent.delete('gsuite-wrapper:8084/accounts/' + req.currentUser.gsuite_id);
     await req.currentUser.destroy();
     return res.json({
         success: true,
@@ -105,7 +107,8 @@ exports.setUserPassword = async (req, res) => {
     }
 
     await userWithPassword.update({ password: req.body.password });
-    //await superagent.post('gsuite-wrapper:8084/accounts?SETPASS')
+    // TODO: password should be sent to gsuite-wrapper
+    // await superagent.post('gsuite-wrapper:8084/accounts?SETPASS')
 
     // TODO: add a mail that the password was changed.
 
@@ -122,8 +125,6 @@ exports.setUserActive = async (req, res) => {
 
     await req.currentUser.update({ active: req.body.active });
 
-    await superagent.put('gsuite-wrapper:8084/accounts/'+req.currentUser.gsuite_id, { 'suspended': req.body.active} );
-
     return res.json({
         success: true,
         data: req.currentUser
@@ -137,8 +138,6 @@ exports.confirmUser = async (req, res) => {
 
     await req.currentUser.update({ mail_confirmed_at: new Date() });
 
-    await superagent.put('gsuite-wrapper:8084/accounts/'+req.currentUser.gsuite_id, { 'suspended': false } );
-
     return res.json({
         success: true,
         data: req.currentUser
@@ -160,13 +159,15 @@ exports.setPrimaryBody = async (req, res) => {
             return errors.makeForbiddenError(res, 'User is not a member of this body.');
         }
 
+        // TODO: set GSuite department to primary body
         await req.currentUser.update({ primary_body_id: body.id });
-        //await superagent.post('gsuite-wrapper:8084/accounts?DEPARTMENT')
-        //await superagent.post('gsuite-wrapper:8084/groups?DEPARTMENT')
+        // await superagent.post('gsuite-wrapper:8084/accounts?DEPARTMENT')
+        // await superagent.post('gsuite-wrapper:8084/groups?DEPARTMENT')
     } else {
+        // TODO: set GSuite department to primary body
         await req.currentUser.update({ primary_body_id: null });
-        //await superagent.post('gsuite-wrapper:8084/accounts?DEPARTMENT')
-        //await superagent.post('gsuite-wrapper:8084/groups?DEPARTMENT')
+        // await superagent.post('gsuite-wrapper:8084/accounts?DEPARTMENT')
+        // await superagent.post('gsuite-wrapper:8084/groups?DEPARTMENT')
     }
 
     return res.json({
@@ -229,10 +230,11 @@ exports.confirmEmailChange = async (req, res) => {
         return errors.makeNotFoundError(res, 'Token is expired.');
     }
 
+    // TODO: change GSuite secondary email
     await sequelize.transaction(async (t) => {
         await mailChange.user.update({ email: mailChange.new_email }, { transaction: t });
         await mailChange.destroy({ transaction: t });
-        await superagent.put('gsuite-wrapper:8084/accounts/'+req.currentUser.gsuite_id, { 'secondaryEmail': mailChange.new_email} );
+        await superagent.put('gsuite-wrapper:8084/accounts/' + req.currentUser.gsuite_id, { secondaryEmail: mailChange.new_email });
     });
 
     return res.json({

diff --git a/package-lock.json b/package-lock.json