added updateCommunity in schema and gql, change test to folders (comm… (#77)

Co-authored-by: Felipe Torres <felipe.torressepulveda@gmail.com>

Author: Benjvvp

src/authz/index.ts

@@ -23,6 +23,23 @@ export class IsSameUser extends PreExecutionRule {
   }
 }
 
+export class IsTicketOwner extends PreExecutionRule {
+  error = new UnauthorizedError("Not authorized");
+  public async execute(
+    { USER, DB }: GraphqlContext,
+    fieldArgs: { input: { id: string } },
+  ) {
+    if (!USER || !fieldArgs.input.id) {
+      return false;
+    }
+    const IsTicketOwner = await DB.query.userTicketsSchema.findFirst({
+      where: (utc, { eq, and }) =>
+        and(eq(utc.userId, USER.id), eq(utc.id, fieldArgs.input.id)),
+    });
+    return Boolean(IsTicketOwner);
+  }
+}
+
 export class IsSuperAdmin extends PreExecutionRule {
   public execute({ USER }: GraphqlContext, fieldArgs: { id?: string }) {
     if (!USER) {
@@ -31,3 +48,119 @@ export class IsSuperAdmin extends PreExecutionRule {
     return Boolean(USER.isSuperAdmin);
   }
 }
+
+export class CanCreateEvent extends PreExecutionRule {
+  public async execute(
+    { USER, DB }: GraphqlContext,
+    fieldArgs: { input: { communityId: string } },
+  ) {
+    if (!USER || !fieldArgs?.input?.communityId) {
+      return false;
+    }
+    const user = await DB.query.usersToCommunitiesSchema.findFirst({
+      where: (utc, { eq, and }) =>
+        and(eq(utc.userId, USER.id), eq(utc.role, "admin")),
+    });
+
+    return Boolean(user);
+  }
+}
+
+export class isCommunityCollaborator extends PreExecutionRule {
+  public async execute(
+    { USER, DB }: GraphqlContext,
+    fieldArgs: { input: { communityId: string } },
+  ) {
+    if (!USER || !fieldArgs?.input?.communityId) {
+      return false;
+    }
+    const user = await DB.query.communitySchema.findFirst({
+      with: {
+        usersToCommunities: {
+          where: (utc, { eq, and }) =>
+            and(eq(utc.userId, USER.id), eq(utc.role, "admin")),
+        },
+      },
+    });
+    return Boolean(user);
+  }
+}
+
+export class isCommunityAdmin extends PreExecutionRule {
+  public async execute(
+    { USER, DB }: GraphqlContext,
+    fieldArgs: { input: { communityId: string } },
+  ) {
+    if (!USER || !fieldArgs?.input?.communityId) {
+      return false;
+    }
+    const isCommunityAdmin = await DB.query.usersToCommunitiesSchema.findFirst({
+      where: (utc, { eq, and }) =>
+        and(
+          eq(utc.communityId, fieldArgs.input.communityId),
+          eq(utc.userId, USER.id),
+          eq(utc.role, "admin"),
+        ),
+    });
+
+    return Boolean(isCommunityAdmin);
+  }
+}
+
+export class isEventAdmin extends PreExecutionRule {
+  public async execute(
+    { USER, DB }: GraphqlContext,
+    fieldArgs: { input: { eventId: string } },
+  ) {
+    if (!USER || !fieldArgs?.input?.eventId) {
+      return false;
+    }
+    const isEventAdmin = await DB.query.eventsToUsersSchema.findFirst({
+      where: (utc, { eq, and }) =>
+        and(
+          eq(utc.eventId, fieldArgs.input.eventId),
+          eq(utc.userId, USER.id),
+          eq(utc.role, "admin"),
+        ),
+    });
+
+    return Boolean(isEventAdmin);
+  }
+}
+
+export class canApproveTicket extends PreExecutionRule {
+  public async execute(
+    { USER, DB }: GraphqlContext,
+    fieldArgs: { userTicketId: string },
+  ) {
+    if (!USER || !fieldArgs?.userTicketId) {
+      return false;
+    }
+
+    const userTicket = await DB.query.userTicketsSchema.findFirst({
+      where: (utc, { eq }) => eq(utc.id, fieldArgs.userTicketId),
+      with: {
+        ticketTemplate: true,
+      },
+    });
+
+    if (!userTicket) {
+      throw new GraphQLError("Ticket not found");
+    }
+
+    if (USER.isSuperAdmin) {
+      return true;
+    }
+
+    const isEventAdmin = await DB.query.eventsToUsersSchema.findFirst({
+      where: (utc, { eq, and }) =>
+        and(
+          eq(utc.eventId, userTicket?.ticketTemplate.eventId),
+          eq(utc.userId, USER.id),
+          eq(utc.role, "admin"),
+        ),
+    });
+
+    return Boolean(isEventAdmin);
+  }
+}

src/generated/schema.gql

@@ -23,12 +23,6 @@ type Community {
   users: [User!]!
 }
 
-input CommunityCreateInput {
-  description: String!
-  name: String!
-  slug: String!
-}
-
 """
 Representation of a workEmail
 """
@@ -54,6 +48,12 @@ enum CompanyStatus {
   inactive
 }
 
+input CreateCommunityInput {
+  description: String!
+  name: String!
+  slug: String!
+}
+
 input CreateCompanyInput {
   description: String
 
@@ -185,7 +185,7 @@ type Mutation {
   """
   Create an community
   """
-  createCommunity(input: CommunityCreateInput!): Community!
+  createCommunity(input: CreateCommunityInput!): Community!
 
   """
   Create a company
@@ -202,6 +202,11 @@ type Mutation {
   """
   createSalary(input: CreateSalaryInput!): Salary!
 
+  """
+  Edit an community
+  """
+  editCommunity(input: UpdateCommunityInput!): Community!
+
   """
   Edit a ticket
   """
@@ -414,6 +419,11 @@ enum TypeOfEmployment {
   partTime
 }
 
+input UpdateCommunityInput {
+  communityId: String!
+  status: CommnunityStatus
+}
+
 input UpdateCompanyInput {
   companyId: String!
   description: String

src/generated/types.ts

@@ -59,12 +59,6 @@ export type Community = {
   users: Array<User>;
 };
 
-export type CommunityCreateInput = {
-  description: Scalars["String"]["input"];
-  name: Scalars["String"]["input"];
-  slug: Scalars["String"]["input"];
-};
-
 /** Representation of a workEmail */
 export type Company = {
   __typename?: "Company";
@@ -86,6 +80,12 @@ export enum CompanyStatus {
   Inactive = "inactive",
 }
 
+export type CreateCommunityInput = {
+  description: Scalars["String"]["input"];
+  name: Scalars["String"]["input"];
+  slug: Scalars["String"]["input"];
+};
+
 export type CreateCompanyInput = {
   description?: InputMaybe<Scalars["String"]["input"]>;
   /** The email domain of the company (What we'll use to match the company to the user on account-creation) */
@@ -208,6 +208,8 @@ export type Mutation = {
   createEvent: Event;
   /** Create a salary */
   createSalary: Salary;
+  /** Edit an community */
+  editCommunity: Community;
   /** Edit a ticket */
   editTicket: Ticket;
   /** Redeem a ticket */
@@ -235,7 +237,7 @@ export type MutationCancelUserTicketArgs = {
 };
 
 export type MutationCreateCommunityArgs = {
-  input: CommunityCreateInput;
+  input: CreateCommunityInput;
 };
 
 export type MutationCreateCompanyArgs = {
@@ -250,6 +252,10 @@ export type MutationCreateSalaryArgs = {
   input: CreateSalaryInput;
 };
 
+export type MutationEditCommunityArgs = {
+  input: UpdateCommunityInput;
+};
+
 export type MutationEditTicketArgs = {
   input: TicketEditInput;
 };
@@ -464,6 +470,11 @@ export enum TypeOfEmployment {
   PartTime = "partTime",
 }
 
+export type UpdateCommunityInput = {
+  communityId: Scalars["String"]["input"];
+  status?: InputMaybe<CommnunityStatus>;
+};
+
 export type UpdateCompanyInput = {
   companyId: Scalars["String"]["input"];
   description?: InputMaybe<Scalars["String"]["input"]>;

src/schema/community.ts

@@ -8,9 +8,10 @@ import {
 import { SQL, eq, like } from "drizzle-orm";
 import { CommunityRef, EventRef, UserRef } from "~/schema/shared/refs";
 import { builder } from "~/builder";
-import { canCreateCommunity } from "~/validations";
+import { canCreateCommunity, canEditCommunity } from "~/validations";
 import { v4 } from "uuid";
 import { GraphQLError } from "graphql";
+import { CommnunityStatus as CommunityStatusEnum } from "~/generated/types";
 
 export const CommnunityStatus = builder.enumType("CommnunityStatus", {
   values: ["active", "inactive"] as const,
@@ -134,14 +135,25 @@ builder.queryFields((t) => ({
   }),
 }));
 
-const CommunityCreateInput = builder.inputType("CommunityCreateInput", {
+const CreateCommunityInput = builder.inputType("CreateCommunityInput", {
   fields: (t) => ({
     name: t.string({ required: true }),
     slug: t.string({ required: true }),
     description: t.string({ required: true }),
   }),
 });
-
+const UpdateCommunityInput = builder.inputType("UpdateCommunityInput", {
+  fields: (t) => ({
+    communityId: t.string({ required: true }),
+    status: t.field({
+      type: CommnunityStatus,
+      required: false,
+    }),
+    name: t.string({ required: false }),
+    slug: t.string({ required: false }),
+    description: t.string({ required: false }),
+  }),
+});
 builder.mutationFields((t) => ({
   createCommunity: t.field({
     description: "Create an community",
@@ -151,7 +163,7 @@ builder.mutationFields((t) => ({
       rules: ["IsAuthenticated"],
     },
     args: {
-      input: t.arg({ type: CommunityCreateInput, required: true }),
+      input: t.arg({ type: CreateCommunityInput, required: true }),
     },
     resolve: async (root, { input }, { USER, DB }) => {
       try {
@@ -188,4 +200,57 @@ builder.mutationFields((t) => ({
       }
     },
   }),
+  editCommunity: t.field({
+    description: "Edit an community",
+    type: CommunityRef,
+    nullable: false,
+    authz: {
+      rules: ["IsAuthenticated"],
+    },
+    args: {
+      input: t.arg({ type: UpdateCommunityInput, required: true }),
+    },
+    resolve: async (root, { input }, { USER, DB }) => {
+      try {
+        const { communityId, status, description, name, slug } = input;
+        if (!USER) {
+          throw new Error("User not found");
+        }
+        if (!(await canEditCommunity(USER, communityId, DB))) {
+          throw new Error("FORBIDDEN");
+        }
+        const dataToUpdate: Record<string, string | null | undefined> = {};
+
+        const foundCommunity = await DB.query.communitySchema.findFirst({
+          where: (c, { eq }) => eq(c.id, communityId),
+        });
+
+        if (!foundCommunity) {
+          throw new Error("Community not found");
+        }
+        if (status) {
+          dataToUpdate.status = status;
+        }
+        if (description) {
+          dataToUpdate.description = description;
+        }
+        if (name) {
+          dataToUpdate.name = name;
+        }
+        if (slug) {
+          dataToUpdate.slug = slug;
+        }
+        const community = await DB.update(communitySchema)
+          .set(dataToUpdate)
+          .where(eq(communitySchema.id, communityId))
+          .returning()
+          .get();
+        return selectCommunitySchema.parse(community);
+      } catch (e) {
+        throw new GraphQLError(
+          e instanceof Error ? e.message : "Unknown error",
+        );
+      }
+    },
+  }),
 }));

src/tests/community/community.test.ts

@@ -5,12 +5,12 @@ import {
   Communities,
   CommunitiesQuery,
   CommunitiesQueryVariables,
-} from "~/tests/community/getCommunities.generated";
+} from "~/tests/community/getCommunities/getCommunities.generated";
 import {
   Community,
   CommunityQuery,
   CommunityQueryVariables,
-} from "~/tests/community/getCommunity.generated";
+} from "~/tests/community/getCommunity/getCommunity.generated";
 import { CommnunityStatus } from "~/generated/types";
 
 afterEach(() => {