Merge branch 'feat/120698-read-only-user' into feat/120698-120954-rom-user-client

apps/app/src/server/models/user.js

@@ -7,7 +7,6 @@ import loggerFactory from '~/utils/logger';
 
 const crypto = require('crypto');
 
-const debug = require('debug')('growi:models:user');
 const mongoose = require('mongoose');
 const mongoosePaginate = require('mongoose-paginate-v2');
 const uniqueValidator = require('mongoose-unique-validator');
@@ -68,7 +67,7 @@ module.exports = function(crowi) {
     },
     lastLoginAt: { type: Date },
     admin: { type: Boolean, default: 0, index: true },
-    readOnly: { type: Boolean, default: 0, index: true },
+    readOnly: { type: Boolean, default: 0 },
     isInvitationEmailSended: { type: Boolean, default: false },
   }, {
     timestamps: true,
@@ -266,25 +265,25 @@ module.exports = function(crowi) {
   };
 
   userSchema.methods.removeFromAdmin = async function() {
-    debug('Remove from admin', this);
+    logger.debug('Remove from admin', this);
     this.admin = 0;
     return this.save();
   };
 
   userSchema.methods.makeAdmin = async function() {
-    debug('Admin', this);
+    logger.debug('Admin', this);
     this.admin = 1;
     return this.save();
   };
 
   userSchema.methods.giveReadOnly = async function() {
-    debug('Give read only flag', this);
+    logger.debug('Give read only flag', this);
     this.readOnly = 1;
     return this.save();
   };
 
   userSchema.methods.removeReadOnly = async function() {
-    debug('Remove read only flag', this);
+    logger.debug('Remove read only flag', this);
     this.readOnly = 0;
     return this.save();
   };
@@ -295,14 +294,14 @@ module.exports = function(crowi) {
   };
 
   userSchema.methods.statusActivate = async function() {
-    debug('Activate User', this);
+    logger.debug('Activate User', this);
     this.status = STATUS_ACTIVE;
     const userData = await this.save();
     return userEvent.emit('activated', userData);
   };
 
   userSchema.methods.statusSuspend = async function() {
-    debug('Suspend User', this);
+    logger.debug('Suspend User', this);
     this.status = STATUS_SUSPENDED;
     if (this.email === undefined || this.email === null) { // migrate old data
       this.email = '-';
@@ -317,7 +316,7 @@ module.exports = function(crowi) {
   };
 
   userSchema.methods.statusDelete = async function() {
-    debug('Delete User', this);
+    logger.debug('Delete User', this);
 
     const now = new Date();
     const deletedLabel = `deleted_at_${now.getTime()}`;

apps/app/src/server/routes/apiv3/users.js

@@ -547,11 +547,11 @@ module.exports = (crowi) => {
    * @swagger
    *
    *  paths:
-   *    /users/{id}/giveReadOnly:
+   *    /users/{id}/give-read-only:
    *      put:
    *        tags: [Users]
    *        operationId: ReadOnlyUser
-   *        summary: /users/{id}/ReadOnly
+   *        summary: /users/{id}/give-read-only
    *        description: Give user read only flag
    *        parameters:
    *          - name: id
@@ -571,11 +571,16 @@ module.exports = (crowi) => {
    *                      type: object
    *                      description: data of read only user
    */
-  router.put('/:id/giveReadOnly', loginRequiredStrictly, adminRequired, addActivity, async(req, res) => {
+  router.put('/:id/give-read-only', loginRequiredStrictly, adminRequired, addActivity, async(req, res) => {
     const { id } = req.params;
 
     try {
       const userData = await User.findById(id);
+
+      if (userData == null) {
+        return res.apiv3Err(new ErrorV3('User not found'), 404);
+      }
+
       await userData.giveReadOnly();
 
       const serializedUserData = serializeUserSecurely(userData);
@@ -595,11 +600,11 @@ module.exports = (crowi) => {
    * @swagger
    *
    *  paths:
-   *    /users/{id}/removeReadOnly:
+   *    /users/{id}/remove-read-only:
    *      put:
    *        tags: [Users]
    *        operationId: removeReadOnlyUser
-   *        summary: /users/{id}/removeReadOnly
+   *        summary: /users/{id}/remove-read-only
    *        description: Remove user read only flag
    *        parameters:
    *          - name: id
@@ -619,11 +624,16 @@ module.exports = (crowi) => {
    *                      type: object
    *                      description: data of removed read only user
    */
-  router.put('/:id/removeReadOnly', loginRequiredStrictly, adminRequired, certifyUserOperationOtherThenYourOwn, addActivity, async(req, res) => {
+  router.put('/:id/remove-read-only', loginRequiredStrictly, adminRequired, addActivity, async(req, res) => {
     const { id } = req.params;
 
     try {
       const userData = await User.findById(id);
+
+      if (userData == null) {
+        return res.apiv3Err(new ErrorV3('User not found'), 404);
+      }
+
       await userData.removeReadOnly();
 
       const serializedUserData = serializeUserSecurely(userData);