Merge pull request #3371 from apinf/feature/add-authorized-user-by-username

Add Authorized users to API by using username

Author: matleppa

apinf_packages/apis/client/authorized_user/form/autoform.js

@@ -0,0 +1,41 @@
+/* Copyright 2017 Apinf Oy
+This file is covered by the EUPL license.
+You may obtain a copy of the licence at
+https://joinup.ec.europa.eu/community/eupl/og_page/european-union-public-licence-eupl-v11 */
+
+// Meteor contributed packages imports
+import { AutoForm } from 'meteor/aldeed:autoform';
+import { TAPi18n } from 'meteor/tap:i18n';
+import { sAlert } from 'meteor/juliancwirko:s-alert';
+
+AutoForm.hooks({
+  authorizedUserForm: {
+    onSuccess () {
+      // Get success message translation
+      const message = TAPi18n.__('authorizedUserForm_success_message');
+
+      // Alert user of success
+      sAlert.success(message);
+    },
+    onError (formType, error) {
+      // Get error type string from error object
+      const errorType = error.error;
+
+      if (errorType === 'user-not-registered') {
+        // Get error message translation
+        const message = TAPi18n.__('authorizedUserForm_errorText_userNotRegistered');
+
+        // Display error
+        sAlert.error(message, { timeout: 'none' });
+      }
+
+      if (errorType === 'user-already-exist') {
+        // Get error message translation
+        const message = TAPi18n.__('authorizedUserForm_errorText_alreadyAuthorized');
+
+        // Display error
+        sAlert.error(message, { timeout: 'none' });
+      }
+    },
+  },
+});

apinf_packages/apis_authorization/client/form/form.html renamed to apinf_packages/apis/client/authorized_user/form/form.html

@@ -10,10 +10,16 @@ <h4>
   {{# autoForm
     schema=emailSchema
     id="authorizedUserForm"
-    class="form-inline" }}
+    class="form-inline"
+    type="method"
+    meteormethod="addAuthorizedUser"
+  }}
     <fieldset>
-      {{> afQuickField name='email' }}
-      {{> afQuickField name='apiId' value=apiId type="hidden" }}
+      <p>
+        {{_ "apiUserAuthorizationForm_helpText_usernameEmail" }}
+      </p>
+      {{> afQuickField name='user' }}
+      {{> afQuickField name='apiId' value=api._id type="hidden" }}
     </fieldset>
 
     <button type="submit" class="btn btn-primary">

apinf_packages/apis_authorization/client/form/form.js renamed to apinf_packages/apis/client/authorized_user/form/form.js

@@ -10,20 +10,7 @@ import { Template } from 'meteor/templating';
 import emailSchema from './schema';
 
 Template.apiUserAuthorizationForm.helpers({
-  apiId () {
-    // Get API ID
-    const apiId = Template.instance().data.api._id;
-
-    return apiId;
-  },
   emailSchema () {
     return emailSchema;
   },
 });
-
-Template.apiUserAuthorizationForm.events({
-  'submit #authorizedUserForm': function (event) {
-    // Prevent form from reloading page
-    event.preventDefault();
-  },
-});

apinf_packages/apis_authorization/client/form/schema.js renamed to apinf_packages/apis/client/authorized_user/form/schema.js

@@ -11,9 +11,8 @@ const emailSchema = new SimpleSchema({
     type: String,
     regEx: SimpleSchema.RegEx.Id,
   },
-  email: {
+  user: {
     type: String,
-    regEx: SimpleSchema.RegEx.Email,
   },
 });
 

apinf_packages/apis_authorization/client/list/list.html renamed to apinf_packages/apis/client/authorized_user/list/list.html

@@ -10,7 +10,7 @@ import { Template } from 'meteor/templating';
 import { Modal } from 'meteor/peppelg:bootstrap-3-modal';
 
 // Collection imports
-import Apis from '/apinf_packages/apis/collection';
+import Apis from '/apinf_packages/apis/collection/index';
 
 Template.apiRemoveAuthorizedUser.events({
   'click #confirm-remove': function (event, templateInstance) {

apinf_packages/apis_authorization/client/list/list.js renamed to apinf_packages/apis/client/authorized_user/list/list.js

@@ -10,34 +10,37 @@ import { check } from 'meteor/check';
 // Meteor contributed packages imports
 import { Accounts } from 'meteor/accounts-base';
 import { Roles } from 'meteor/alanning:roles';
-import { ValidEmail } from 'meteor/froatsnook:valid-email';
 
 // Collection imports
 import Apis from '/apinf_packages/apis/collection';
 import Settings from '/apinf_packages/settings/collection';
 
 Meteor.methods({
-  addAuthorizedUserByEmail (apiId, email) {
-    // Make sure apiId is a string
-    check(apiId, String);
-
-    // Make sure email is a valid email
-    check(email, ValidEmail);
+  addAuthorizedUser (formData) {
+    check(formData, Object);
 
     // Get user with matching email
-    const user = Accounts.findUserByEmail(email);
+    const userByEmail = Accounts.findUserByEmail(formData.user);
+    const userByUsername = Accounts.findUserByUsername(formData.user);
 
-    // Get API document
-    const api = Apis.findOne(apiId);
+    // "User" field can be e-mail value or username value
+    const user = userByEmail || userByUsername;
 
-    // Check if user is already authorized
-    const userAlreadyAuthorized = api.authorizedUserIds.includes(user._id);
+    // No matching in both direction
+    if (!user) {
+      throw new Meteor.Error('user-not-registered');
+    }
+
+    // Get API document
+    const api = Apis.findOne(formData.apiId);
 
     // Check if the user is already authorized
-    if (!userAlreadyAuthorized) {
-      // Add user ID to API authorized user IDs field
-      Apis.update(apiId, { $push: { authorizedUserIds: user._id } });
+    if (api.authorizedUserIds.includes(user._id)) {
+      throw new Meteor.Error('user-already-exist');
     }
+
+    // Add user ID to API authorized user IDs field
+    Apis.update(formData.apiId, { $push: { authorizedUserIds: user._id } });
   },
   currentUserCanViewApi (slug) {
     // Make sure apiId is a string