Developers, developer permissions, admins assign developers, multiple developers, users variable, assignedTo commission variable, update commission schema, add userId to commission list view, minor changes, bug fixes

Author: faisalnjs

README.md

@@ -87,7 +87,8 @@ commtrackr.init({ // Initialize CommTracker with configurations
         value: 'Cancelled'
       }
     ],
-    disableFieldEditing: ['amount', 'currency'] // Array of field IDs that admins cannot edit
+    disableFieldEditing: ['amount', 'currency'], // Array of field IDs that admins cannot edit
+    users: 'users' // req.session object variable for all users array
   },
   fields: [
     {
@@ -120,7 +121,7 @@ commtrackr.init({ // Initialize CommTracker with configurations
       // data contains the updated commission object
       // The constant data.id contains the unique commission ID
       // Action metadata can be accessed via data.updatedAt, data.updatedBy, and data.sendEmail
-      // Updated metadata can be accessed via data.user, data.amount, data.currency, data.date, data.status, and data.locked
+      // Updated metadata can be accessed via data.user, data.amount, data.currency, data.date, data.status, data.locked, and data.assignedTo
       // Updated fields can be accessed via data.fields
     },
     sync: (req) => {
@@ -166,7 +167,7 @@ Session Example: `'John Doe'`
 
 ### role
 
-`role` should contain the role of the user: 'admin', `dev`, or 'user'. This is used to control access to certain features and functionalities within CommTrackr.
+`role` should contain the role of the user: `'admin'`, `'dev'`, or `'user'`. This is used to control access to certain features and functionalities within CommTrackr.
 
 Type: `String`
 
@@ -190,7 +191,7 @@ Default:
 
 ### access
 
-`access` can be used as an alternative to `role` for access control. It should contain numeric access levels. Use the `access` configuration to define which levels correspond to 'user', 'dev', and 'admin'.
+`access` can be used as an alternative to `role` for access control. It should contain numeric access levels. Use the `access` configuration to define which levels correspond to `'user'`, `'dev'`, and `'admin'`.
 
 Type: `Array`
 
@@ -234,7 +235,8 @@ Session Example:
         label: 'Link Label', // Link label
         url: 'http://example.com' // Link URL
       }
-    ]
+    ],
+    assignedTo: ['dev1UserId', 'dev2UserId'] // Array of userIds of the developers assigned to this commission
   }
 ]
 ```
@@ -262,3 +264,11 @@ Default:
 ```javascript
 []
 ```
+
+### users
+
+`users` should contain an array of all users and developers in the system. Each user object should have at least `userId` and defined matching `role` or `access.var` properties. `userName` property is recommended, but not required. This is used for assigning commissions to owners and developers.
+
+Type: `Array`
+
+Default: `'users'`

frontend/pages/admin.ejs

@@ -6,14 +6,15 @@
 	<a class="button" href="<%= tenant.domain %><%= tenant.path %>/create">New Commission</a>
 	<div id="sync" class="button"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 23 23" fill="none">
 			<path d="M18.5949 5.16663C16.8618 3.32009 14.3989 2.16663 11.6666 2.16663C6.41992 2.16663 2.16663 6.41992 2.16663 11.6666C2.16663 16.9133 6.41992 21.1666 11.6666 21.1666C14.3989 21.1666 16.8618 20.0132 18.5949 18.1666M17.3236 7.98035L20.9804 7.98035L20.9804 4.3235" stroke-width="3" stroke-linecap="round" stroke-linejoin="round" />
-		</svg> Sync Existing</div>
+		</svg> Sync</div>
 	<a class="button" href="<%= tenant.domain %>">Back to <%= tenant.name %></a>
 </div>
 <div class="commissions">
 	<% session[vars.commissions].forEach(commission => { %>
 	<div class="commission">
 		<h2><%= commission.id %></h2>
 		<p><%= commission.status %></p>
+		<p><%= commission.user %></p>
 		<a class="button" href="<%= tenant.domain %><%= tenant.path %>/<%= commission.id %>">View</a>
 	</div>
 	<% }) %>

frontend/pages/commission.ejs

@@ -1,7 +1,7 @@
 <%- include('head.ejs') %>
 <img src="<%= tenant.logo %>" alt="<%= tenant.name %>">
 <h1><%= title %></h1>
-<% if (commission.locked) { %><p>This commission is locked from editing.</p><% } %>
+<% if (commission.locked) { %><p>This commission is locked from <%= (role !== 'user') ? 'user' : '' %> editing.</p><% } %>
 <table>
 	<tr>
 		<th>Status</th>
@@ -23,6 +23,10 @@
 		<td><%= new Date(commission.date).toLocaleString() %></td>
 	</tr>
 	<% } %>
+	<tr>
+		<th>Assigned To</th>
+		<td><%= (commission.assignedTo || []).map(assignedTo => vars.users.find(user => user[vars.userId] === assignedTo) ? (vars.users.find(user => user[vars.userId] === assignedTo)[vars.userName] || vars.users.find(user => user[vars.userId] === assignedTo)[vars.userId]) : null).filter(assignedTo => assignedTo).join(', ') || '-' %></td>
+	</tr>
 </table>
 <table>
 	<% for (const field of fields) { %>

frontend/pages/dev.ejs

@@ -6,14 +6,15 @@
 	<a class="button" href="<%= tenant.domain %><%= tenant.path %>/create">New Commission</a>
 	<div id="sync" class="button"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 23 23" fill="none">
 			<path d="M18.5949 5.16663C16.8618 3.32009 14.3989 2.16663 11.6666 2.16663C6.41992 2.16663 2.16663 6.41992 2.16663 11.6666C2.16663 16.9133 6.41992 21.1666 11.6666 21.1666C14.3989 21.1666 16.8618 20.0132 18.5949 18.1666M17.3236 7.98035L20.9804 7.98035L20.9804 4.3235" stroke-width="3" stroke-linecap="round" stroke-linejoin="round" />
-		</svg> Sync Existing</div>
+		</svg> Sync</div>
 	<a class="button" href="<%= tenant.domain %>">Back to <%= tenant.name %></a>
 </div>
 <div class="commissions">
-	<% session[vars.commissions].forEach(commission => { %>
+	<% session[vars.commissions].filter(commission => (commission.assignedTo || []).includes(session[vars.userId])).forEach(commission => { %>
 	<div class="commission">
 		<h2><%= commission.id %></h2>
 		<p><%= commission.status %></p>
+		<p><%= commission.user %></p>
 		<a class="button" href="<%= tenant.domain %><%= tenant.path %>/<%= commission.id %>">View</a>
 	</div>
 	<% }) %>

frontend/pages/edit.ejs

@@ -1,6 +1,7 @@
 <%- include('head.ejs') %>
 <img src="<%= tenant.logo %>" alt="<%= tenant.name %>">
 <h1><%= title %></h1>
+<% if (role === 'admin') { %>
 <% if (!vars.disableFieldEditing.includes('status')) { %>
 <div class="inputField active" id="status">
 	<h3>Status*</h3>
@@ -16,7 +17,16 @@
 <div class="inputField active" id="owner">
 	<h3>Owner*</h3>
 	<p>Required: Commission owner.</p>
+	<% if ((vars.users || []).filter(user => getUserRole(user) === 'user').length) { %>
+	<select id="ownerSelect">
+		<option value="">None</option>
+		<% vars.users.filter(user => getUserRole(user) === 'user').forEach(user => { %>
+		<option value="<%= user[vars.userId] %>" <%= (commission.user === user[vars.userId]) ? 'selected' : '' %>><%= user[vars.userName] ? `${user[vars.userName]} (${user[vars.userId]})` : user[vars.userId] %></option>
+		<% }) %>
+	</select>
+	<% } else { %>
 	<input id="ownerInput" type="text" placeholder="<%= commission.user %>" value="<%= commission.user %>">
+	<% } %>
 </div>
 <% } %>
 <% if (!vars.disableFieldEditing.includes('amount')) { %>
@@ -48,6 +58,24 @@
 	<div class="checkbox" change="lockedInput">|||</div>
 </div>
 <% } %>
+<% if (!vars.disableFieldEditing.includes('assignedTo')) { %>
+<div class="inputField active" id="assignedTo">
+	<h3>Assigned To</h3>
+	<p>Optional: The developer to assign this commission to.</p>
+	<% if ((vars.users || []).filter(user => getUserRole(user) !== 'user').length) { %>
+	<select id="assignedToSelect" multiple>
+		<option value="">None</option>
+		<% vars.users.filter(user => getUserRole(user) !== 'user').forEach(user => { %>
+		<option value="<%= user[vars.userId] %>" <%= ((commission.assignedTo || []).includes(user[vars.userId])) ? 'selected' : '' %>><%= user[vars.userName] ? `${user[vars.userName]} (${user[vars.userId]})` : user[vars.userId] %></option>
+		<% }) %>
+	</select>
+	<% } else { %>
+	<p>No developers found.</p>
+	<% } %>
+</div>
+<% } %>
+<% } %>
+<% if (role !== 'dev') { %>
 <% fields.forEach(field => { %>
 <div class="inputField active <%= field.required ? 'required' : '' %>" id="<%= field.id %>">
 	<h3><%= field.label %><%= field.required ? '*' : '' %></h3>
@@ -86,12 +114,15 @@
 	<% } %>
 </div>
 <% }) %>
+<% } %>
+<% if (role !== 'user') { %>
 <div class="inputField active" id="sendEmail">
 	<h3>Send Email</h3>
 	<p>Optional: Send an email to the user regarding this update.</p>
 	<input id="sendEmailInput" type="checkbox" class="hidden">
 	<div class="checkbox" change="sendEmailInput">|||</div>
 </div>
+<% } %>
 <div class="buttons">
 	<% if (!commission.locked || (role !== 'user')) { %><div id="save" class="button">Save</div><% } %>
 	<a id="error" class="button active hidden" href="<%= tenant.domain %><%= tenant.path %>/<%= commission.id %>/edit">Restart</a>

frontend/pages/user.ejs

@@ -12,7 +12,7 @@
 	<a class="button" href="<%= tenant.domain %><%= tenant.path %>/create">New Commission</a>
 	<div id="sync" class="button"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 23 23" fill="none">
 			<path d="M18.5949 5.16663C16.8618 3.32009 14.3989 2.16663 11.6666 2.16663C6.41992 2.16663 2.16663 6.41992 2.16663 11.6666C2.16663 16.9133 6.41992 21.1666 11.6666 21.1666C14.3989 21.1666 16.8618 20.0132 18.5949 18.1666M17.3236 7.98035L20.9804 7.98035L20.9804 4.3235" stroke-width="3" stroke-linecap="round" stroke-linejoin="round" />
-		</svg> Sync Existing</div>
+		</svg> Sync</div>
 	<a class="button" href="<%= tenant.domain %>">Back to <%= tenant.name %></a>
 </div>
 <div class="commissions">

frontend/public/scripts.js

@@ -240,7 +240,7 @@ document.querySelectorAll('.inputField').forEach(field => {
     });
     field.querySelectorAll('select').forEach(select => {
         select.addEventListener('change', function () {
-            setTimeout(() => saveChange(window.location.href.replace(appPath, ''), field.id, select.selectedOptions[0].value), 100);
+            setTimeout(() => saveChange(window.location.href.replace(appPath, ''), field.id, select.multiple ? Array.from(select.selectedOptions).map(selectedOption => selectedOption.value): select.selectedOptions[0].value), 100);
         });
     });
 });

index.js

@@ -54,7 +54,8 @@ function init({
     access: {},
     commissions: 'commissions',
     possibleStatuses: [],
-    disableFieldEditing: []
+    disableFieldEditing: [],
+    users: 'users'
   },
   fields: newFields = [],
   handlers: {
@@ -89,6 +90,7 @@ function init({
     commissions: 'commissions',
     possibleStatuses: [],
     disableFieldEditing: [],
+    users: 'users',
     ...newVars
   };
   fields = newFields.filter(field => field.id !== 'user');
@@ -151,7 +153,8 @@ function verifyAgainstSchema(type, data) {
               label: link.label ? String(link.label) : '',
               url: link.url ? String(link.url) : ''
             };
-          }) : []
+          }) : [],
+          assignedTo: Array.isArray(commission.assignedTo) ? commission.assignedTo.map(assigned => String(assigned)) : []
         };
       }).filter(commission => commission !== null);
   };
@@ -245,7 +248,8 @@ app.get('/:id', async (req, res) => {
   if (tenant.auth && tenant.auth.enabled && vars.userId && !req.session[vars.userId]) return res.render('auth', { tenant, title: 'Authenticate' });
   req.session[vars.commissions] = verifyAgainstSchema('commission', req.session[vars.commissions] || []);
   if (getUserRole(req.session) === 'user') req.session[vars.commissions] = req.session[vars.commissions].filter(commission => commission.user === req.session[vars.userId]);
-  const commission = (req.session[vars.commissions] || []).find(commission => (String(commission.id) === String(req.params.id)) && (getUserRole(req.session) === 'admin' ? true : (commission.user === req.session[vars.userId])));
+  if (getUserRole(req.session) === 'dev') req.session[vars.commissions] = req.session[vars.commissions].filter(commission => (commission.assignedTo || []).includes(req.session[vars.userId]));
+  const commission = (req.session[vars.commissions] || []).find(commission => String(commission.id) === String(req.params.id));
   if (!commission) return res.status(404).render('error', { tenant, title: 'Not Found', message: 'The requested commission was not found.' });
   return res.render('commission', { tenant, title: `Commission ${commission.id}`, session: req.session, vars, fields, role: getUserRole(req.session), commission });
 });
@@ -257,10 +261,11 @@ app.get('/:id/edit', async (req, res) => {
   if (tenant.auth && tenant.auth.enabled && vars.userId && !req.session[vars.userId]) return res.render('auth', { tenant, title: 'Authenticate' });
   req.session[vars.commissions] = verifyAgainstSchema('commission', req.session[vars.commissions] || []);
   if (getUserRole(req.session) === 'user') req.session[vars.commissions] = req.session[vars.commissions].filter(commission => commission.user === req.session[vars.userId]);
-  const commission = (req.session[vars.commissions] || []).find(commission => (String(commission.id) === String(req.params.id)) && (getUserRole(req.session) === 'admin' ? true : (commission.user === req.session[vars.userId])));
+  if (getUserRole(req.session) === 'dev') req.session[vars.commissions] = req.session[vars.commissions].filter(commission => (commission.assignedTo || []).includes(req.session[vars.userId]));
+  const commission = (req.session[vars.commissions] || []).find(commission => String(commission.id) === String(req.params.id));
   if (!commission) return res.status(404).render('error', { tenant, title: 'Not Found', message: 'The requested commission was not found.' });
   if (commission.locked && (getUserRole(req.session) === 'user')) return res.status(403).render('error', { tenant, title: 'Forbidden', message: 'You do not have permission to edit this commission.' });
-  return res.render('edit', { tenant, title: `Edit Commission ${commission.id}`, session: req.session, vars, fields, commission, role: getUserRole(req.session) });
+  return res.render('edit', { tenant, title: `Edit Commission ${commission.id}`, session: req.session, vars, fields, commission, role: getUserRole(req.session), getUserRole });
 });
 
 app.post('/:id/edit', async (req, res) => {
@@ -270,7 +275,8 @@ app.post('/:id/edit', async (req, res) => {
   if (!tenant.slug || !tenant.name || !tenant.domain) return res.status(500).json({ status: 'error', message: 'Service is not properly configured. Please contact the administrator.' });
   req.session[vars.commissions] = verifyAgainstSchema('commission', req.session[vars.commissions] || []);
   if (getUserRole(req.session) === 'user') req.session[vars.commissions] = req.session[vars.commissions].filter(commission => commission.user === req.session[vars.userId]);
-  const commissionIndex = (req.session[vars.commissions] || []).findIndex(commission => (String(commission.id) === String(req.params.id)) && (getUserRole(req.session) === 'admin' ? true : (commission.user === req.session[vars.userId])));
+  if (getUserRole(req.session) === 'dev') req.session[vars.commissions] = req.session[vars.commissions].filter(commission => (commission.assignedTo || []).includes(req.session[vars.userId]));
+  const commissionIndex = (req.session[vars.commissions] || []).findIndex(commission => String(commission.id) === String(req.params.id));
   if (commissionIndex === -1) return res.status(404).json({ status: 'error', message: 'The requested commission was not found.' });
   const commission = req.session[vars.commissions][commissionIndex];
   if (commission.locked && (getUserRole(req.session) === 'user')) return res.status(403).json({ status: 'error', message: 'You do not have permission to edit this commission.' });
@@ -291,7 +297,8 @@ app.post('/:id/edit', async (req, res) => {
   update.date = req.body.date ? new Date(req.body.date) : commission.date;
   update.status = req.body.status ? String(req.body.status) : commission.status;
   update.locked = (getUserRole(req.session) === 'admin') ? ((req.body.locked === true) || (req.body.locked === 'true') || (req.body.locked === 'on')) : commission.locked;
-  update.sendEmail = (req.body.sendEmail === true) || (req.body.sendEmail === 'true') || (req.body.sendEmail === 'on');
+  update.assignedTo = (getUserRole(req.session) === 'admin') ? (Array.isArray(req.body.assignedTo) ? req.body.assignedTo.filter(id => String(id).trim() !== '') : (req.body.assignedTo ? [String(req.body.assignedTo).trim()] : [])) : commission.assignedTo;
+  update.sendEmail = (getUserRole(req.session) !== 'user') ? ((req.body.sendEmail === true) || (req.body.sendEmail === 'true') || (req.body.sendEmail === 'on')) : true;
   vars.disableFieldEditing.forEach(fieldId => {
     if (fieldId in data) delete data[fieldId];
   });