server/api/controllers/project-managers/create.js

/*!
 * Copyright (c) 2024 PLANKA Software GmbH
 * Licensed under the Fair Use License: https://github.com/plankanban/planka/blob/master/LICENSE.md
 */

/**
 * @swagger
 * /projects/{projectId}/managers:
 *   post:
 *     summary: Create project manager
 *     description: Creates a project manager within a project. Requires admin privileges for shared projects or existing project manager permissions. The user must be an admin or project owner.
 *     tags:
 *       - Project Managers
 *     operationId: createProjectManager
 *     parameters:
 *       - name: projectId
 *         in: path
 *         required: true
 *         description: ID of the project to create the project manager in
 *         schema:
 *           type: string
 *           example: "1357158568008091264"
 *     requestBody:
 *       required: true
 *       content:
 *         application/json:
 *           schema:
 *             type: object
 *             required:
 *               - userId
 *             properties:
 *               userId:
 *                 type: string
 *                 description: ID of the user who is assigned as project manager
 *                 example: "1357158568008091265"
 *     responses:
 *       200:
 *         description: Project manager created successfully
 *         content:
 *           application/json:
 *             schema:
 *               type: object
 *               required:
 *                 - item
 *               properties:
 *                 item:
 *                   $ref: '#/components/schemas/ProjectManager'
 *       400:
 *         $ref: '#/components/responses/ValidationError'
 *       401:
 *         $ref: '#/components/responses/Unauthorized'
 *       403:
 *         $ref: '#/components/responses/Forbidden'
 *       404:
 *         $ref: '#/components/responses/NotFound'
 *       409:
 *         $ref: '#/components/responses/Conflict'
 *       422:
 *         $ref: '#/components/responses/UnprocessableEntity'
 */

const { idInput } = require('../../../utils/inputs');

const Errors = {
  NOT_ENOUGH_RIGHTS: {
    notEnoughRights: 'Not enough rights',
  },
  PROJECT_NOT_FOUND: {
    projectNotFound: 'Project not found',
  },
  USER_NOT_FOUND: {
    userNotFound: 'User not found',
  },
  USER_ALREADY_PROJECT_MANAGER: {
    userAlreadyProjectManager: 'User already project manager',
  },
  USER_MUST_BE_ADMIN_OR_PROJECT_OWNER: {
    userMustBeAdminOrProjectOwner: 'User must be admin or project owner',
  },
};

module.exports = {
  inputs: {
    projectId: {
      ...idInput,
      required: true,
    },
    userId: {
      ...idInput,
      required: true,
    },
  },

  exits: {
    notEnoughRights: {
      responseType: 'forbidden',
    },
    projectNotFound: {
      responseType: 'notFound',
    },
    userNotFound: {
      responseType: 'notFound',
    },
    userAlreadyProjectManager: {
      responseType: 'conflict',
    },
    userMustBeAdminOrProjectOwner: {
      responseType: 'unprocessableEntity',
    },
  },

  async fn(inputs) {
    const { currentUser } = this.req;

    const project = await Project.qm.getOneById(inputs.projectId);

    if (!project) {
      throw Errors.PROJECT_NOT_FOUND;
    }

    if (currentUser.role !== User.Roles.ADMIN) {
      const isProjectManager = await sails.helpers.users.isProjectManager(
        currentUser.id,
        project.id,
      );

      if (!isProjectManager) {
        throw Errors.PROJECT_NOT_FOUND; // Forbidden
      }
    }

    if (project.ownerProjectManagerId) {
      throw Errors.NOT_ENOUGH_RIGHTS;
    }

    const user = await User.qm.getOneById(inputs.userId, {
      withDeactivated: false,
    });

    if (!user) {
      throw Errors.USER_NOT_FOUND;
    }

    const projectManager = await sails.helpers.projectManagers.createOne
      .with({
        values: {
          project,
          user,
        },
        actorUser: currentUser,
        request: this.req,
      })
      .intercept('userAlreadyProjectManager', () => Errors.USER_ALREADY_PROJECT_MANAGER)
      .intercept(
        'userInValuesMustBeAdminOrProjectOwner',
        () => Errors.USER_MUST_BE_ADMIN_OR_PROJECT_OWNER,
      );

    return {
      item: projectManager,
    };
  },
};
feat: Version 2 Closes #627, closes #1047 2025-05-10 02:09:06 +02:00			`/*!`
			`* Copyright (c) 2024 PLANKA Software GmbH`
			`* Licensed under the Fair Use License: https://github.com/plankanban/planka/blob/master/LICENSE.md`
			`*/`

docs: Add full Swagger JSDoc coverage 2025-09-08 16:20:27 +02:00			`/**`
			`* @swagger`
docs: Add base path for API endpoints to Swagger 2025-09-08 18:25:26 +02:00			`* /projects/{projectId}/managers:`
docs: Add full Swagger JSDoc coverage 2025-09-08 16:20:27 +02:00			`* post:`
docs: Improve Swagger JSDoc 2025-09-12 12:17:01 +02:00			`* summary: Create project manager`
			`* description: Creates a project manager within a project. Requires admin privileges for shared projects or existing project manager permissions. The user must be an admin or project owner.`
docs: Add full Swagger JSDoc coverage 2025-09-08 16:20:27 +02:00			`* tags:`
			`* - Project Managers`
docs: Improve Swagger JSDoc 2025-09-12 12:17:01 +02:00			`* operationId: createProjectManager`
docs: Add full Swagger JSDoc coverage 2025-09-08 16:20:27 +02:00			`* parameters:`
			`* - name: projectId`
			`* in: path`
			`* required: true`
docs: Improve Swagger JSDoc 2025-09-12 12:17:01 +02:00			`* description: ID of the project to create the project manager in`
docs: Add full Swagger JSDoc coverage 2025-09-08 16:20:27 +02:00			`* schema:`
			`* type: string`
docs: Quote example ids in Swagger 2025-09-08 19:14:31 +02:00			`* example: "1357158568008091264"`
docs: Add full Swagger JSDoc coverage 2025-09-08 16:20:27 +02:00			`* requestBody:`
			`* required: true`
			`* content:`
			`* application/json:`
			`* schema:`
			`* type: object`
			`* required:`
			`* - userId`
			`* properties:`
			`* userId:`
			`* type: string`
			`* description: ID of the user who is assigned as project manager`
docs: Quote example ids in Swagger 2025-09-08 19:14:31 +02:00			`* example: "1357158568008091265"`
docs: Add full Swagger JSDoc coverage 2025-09-08 16:20:27 +02:00			`* responses:`
			`* 200:`
docs: Improve Swagger JSDoc 2025-09-12 12:17:01 +02:00			`* description: Project manager created successfully`
docs: Add full Swagger JSDoc coverage 2025-09-08 16:20:27 +02:00			`* content:`
			`* application/json:`
			`* schema:`
			`* type: object`
			`* required:`
			`* - item`
			`* properties:`
			`* item:`
			`* $ref: '#/components/schemas/ProjectManager'`
			`* 400:`
			`* $ref: '#/components/responses/ValidationError'`
			`* 401:`
			`* $ref: '#/components/responses/Unauthorized'`
			`* 403:`
			`* $ref: '#/components/responses/Forbidden'`
			`* 404:`
			`* $ref: '#/components/responses/NotFound'`
			`* 409:`
			`* $ref: '#/components/responses/Conflict'`
			`* 422:`
			`* $ref: '#/components/responses/UnprocessableEntity'`
			`*/`

feat: Version 2 Closes #627, closes #1047 2025-05-10 02:09:06 +02:00			`const { idInput } = require('../../../utils/inputs');`

Initial commit 2019-08-31 04:07:25 +05:00			`const Errors = {`
feat: Version 2 Closes #627, closes #1047 2025-05-10 02:09:06 +02:00			`NOT_ENOUGH_RIGHTS: {`
			`notEnoughRights: 'Not enough rights',`
			`},`
Initial commit 2019-08-31 04:07:25 +05:00			`PROJECT_NOT_FOUND: {`
Add username to user 2020-04-03 00:35:25 +05:00			`projectNotFound: 'Project not found',`
Initial commit 2019-08-31 04:07:25 +05:00			`},`
			`USER_NOT_FOUND: {`
Add username to user 2020-04-03 00:35:25 +05:00			`userNotFound: 'User not found',`
Initial commit 2019-08-31 04:07:25 +05:00			`},`
Project managers, board members, auto-update after reconnection, refactoring 2021-06-24 01:05:22 +05:00			`USER_ALREADY_PROJECT_MANAGER: {`
			`userAlreadyProjectManager: 'User already project manager',`
Code formatting with prettier, change eslint config for the server 2019-11-05 18:01:42 +05:00			`},`
feat: Version 2 Closes #627, closes #1047 2025-05-10 02:09:06 +02:00			`USER_MUST_BE_ADMIN_OR_PROJECT_OWNER: {`
			`userMustBeAdminOrProjectOwner: 'User must be admin or project owner',`
			`},`
Initial commit 2019-08-31 04:07:25 +05:00			`};`

			`module.exports = {`
			`inputs: {`
			`projectId: {`
feat: Version 2 Closes #627, closes #1047 2025-05-10 02:09:06 +02:00			`...idInput,`
Code formatting with prettier, change eslint config for the server 2019-11-05 18:01:42 +05:00			`required: true,`
Initial commit 2019-08-31 04:07:25 +05:00			`},`
			`userId: {`
feat: Version 2 Closes #627, closes #1047 2025-05-10 02:09:06 +02:00			`...idInput,`
Code formatting with prettier, change eslint config for the server 2019-11-05 18:01:42 +05:00			`required: true,`
			`},`
Initial commit 2019-08-31 04:07:25 +05:00			`},`

			`exits: {`
feat: Version 2 Closes #627, closes #1047 2025-05-10 02:09:06 +02:00			`notEnoughRights: {`
			`responseType: 'forbidden',`
			`},`
Add username to user 2020-04-03 00:35:25 +05:00			`projectNotFound: {`
Code formatting with prettier, change eslint config for the server 2019-11-05 18:01:42 +05:00			`responseType: 'notFound',`
Initial commit 2019-08-31 04:07:25 +05:00			`},`
Add username to user 2020-04-03 00:35:25 +05:00			`userNotFound: {`
			`responseType: 'notFound',`
			`},`
Project managers, board members, auto-update after reconnection, refactoring 2021-06-24 01:05:22 +05:00			`userAlreadyProjectManager: {`
Code formatting with prettier, change eslint config for the server 2019-11-05 18:01:42 +05:00			`responseType: 'conflict',`
			`},`
feat: Version 2 Closes #627, closes #1047 2025-05-10 02:09:06 +02:00			`userMustBeAdminOrProjectOwner: {`
			`responseType: 'unprocessableEntity',`
			`},`
Initial commit 2019-08-31 04:07:25 +05:00			`},`

Project managers, board members, auto-update after reconnection, refactoring 2021-06-24 01:05:22 +05:00			`async fn(inputs) {`
			`const { currentUser } = this.req;`

feat: Version 2 Closes #627, closes #1047 2025-05-10 02:09:06 +02:00			`const project = await Project.qm.getOneById(inputs.projectId);`
Initial commit 2019-08-31 04:07:25 +05:00
			`if (!project) {`
			`throw Errors.PROJECT_NOT_FOUND;`
			`}`

feat: Version 2 Closes #627, closes #1047 2025-05-10 02:09:06 +02:00			`if (currentUser.role !== User.Roles.ADMIN) {`
			`const isProjectManager = await sails.helpers.users.isProjectManager(`
			`currentUser.id,`
			`project.id,`
			`);`

			`if (!isProjectManager) {`
			`throw Errors.PROJECT_NOT_FOUND; // Forbidden`
			`}`
			`}`
Project managers, board members, auto-update after reconnection, refactoring 2021-06-24 01:05:22 +05:00
feat: Version 2 Closes #627, closes #1047 2025-05-10 02:09:06 +02:00			`if (project.ownerProjectManagerId) {`
			`throw Errors.NOT_ENOUGH_RIGHTS;`
Project managers, board members, auto-update after reconnection, refactoring 2021-06-24 01:05:22 +05:00			`}`

feat: Version 2 Closes #627, closes #1047 2025-05-10 02:09:06 +02:00			`const user = await User.qm.getOneById(inputs.userId, {`
			`withDeactivated: false,`
			`});`
Initial commit 2019-08-31 04:07:25 +05:00
			`if (!user) {`
feat: Version 2 Closes #627, closes #1047 2025-05-10 02:09:06 +02:00			`throw Errors.USER_NOT_FOUND;`
Initial commit 2019-08-31 04:07:25 +05:00			`}`

ref: Remove board types, refactoring 2022-12-26 21:10:50 +01:00			`const projectManager = await sails.helpers.projectManagers.createOne`
			`.with({`
			`values: {`
			`project,`
			`user,`
			`},`
feat: Webhooks configuration, all events support, refactoring 2024-06-12 00:51:36 +02:00			`actorUser: currentUser,`
ref: Remove board types, refactoring 2022-12-26 21:10:50 +01:00			`request: this.req,`
			`})`
feat: Version 2 Closes #627, closes #1047 2025-05-10 02:09:06 +02:00			`.intercept('userAlreadyProjectManager', () => Errors.USER_ALREADY_PROJECT_MANAGER)`
			`.intercept(`
			`'userInValuesMustBeAdminOrProjectOwner',`
			`() => Errors.USER_MUST_BE_ADMIN_OR_PROJECT_OWNER,`
			`);`
Initial commit 2019-08-31 04:07:25 +05:00
Project managers, board members, auto-update after reconnection, refactoring 2021-06-24 01:05:22 +05:00			`return {`
			`item: projectManager,`
			`};`
Code formatting with prettier, change eslint config for the server 2019-11-05 18:01:42 +05:00			`},`
Initial commit 2019-08-31 04:07:25 +05:00			`};`