collab
This commit is contained in:
@@ -17,6 +17,8 @@ export type AuditAction =
|
||||
| 'list.created_from_template'
|
||||
| 'list.updated'
|
||||
| 'list.deleted'
|
||||
| 'list.shared'
|
||||
| 'list.unshared'
|
||||
| 'list.item_created'
|
||||
| 'list.item_updated'
|
||||
| 'list.item_checked'
|
||||
|
||||
@@ -55,6 +55,15 @@ export class AuthController {
|
||||
return this.authService.getPublicUser(request.user!.sub);
|
||||
}
|
||||
|
||||
@Get('users/search')
|
||||
@UseGuards(JwtAuthGuard)
|
||||
searchUsers(
|
||||
@Req() request: AuthenticatedRequest,
|
||||
@Query('q') query?: string,
|
||||
) {
|
||||
return this.authService.searchUsers(request.user!.sub, query);
|
||||
}
|
||||
|
||||
@Patch('me/onboarding')
|
||||
@UseGuards(JwtAuthGuard)
|
||||
updateOnboarding(
|
||||
|
||||
@@ -9,7 +9,7 @@ import { EventEmitter2 } from '@nestjs/event-emitter';
|
||||
import { JwtService } from '@nestjs/jwt';
|
||||
import { InjectRepository } from '@nestjs/typeorm';
|
||||
import { randomBytes, randomUUID, scryptSync, timingSafeEqual } from 'crypto';
|
||||
import { Repository } from 'typeorm';
|
||||
import { Like, Repository } from 'typeorm';
|
||||
import { AuditLogService } from '../audit/audit-log.service';
|
||||
import { LoginDto } from './dto/login.dto';
|
||||
import { RegisterDto } from './dto/register.dto';
|
||||
@@ -20,6 +20,7 @@ import {
|
||||
AuthTokens,
|
||||
JwtTokenPayload,
|
||||
PublicUser,
|
||||
PublicUserSearchResult,
|
||||
} from './auth.types';
|
||||
import { AppEvents } from '../events/app-events';
|
||||
import { RefreshTokenEntity } from './refresh-token.entity';
|
||||
@@ -293,6 +294,41 @@ export class AuthService {
|
||||
return this.toPublicUser(user);
|
||||
}
|
||||
|
||||
async searchUsers(
|
||||
actorUserId: string,
|
||||
query?: string,
|
||||
): Promise<PublicUserSearchResult[]> {
|
||||
const normalizedQuery = query?.trim();
|
||||
|
||||
if (!normalizedQuery || normalizedQuery.length < 2) {
|
||||
return [];
|
||||
}
|
||||
|
||||
const pattern = `%${normalizedQuery}%`;
|
||||
const users = await this.usersRepository.find({
|
||||
where: [
|
||||
{ verified: true, email: Like(pattern) },
|
||||
{ verified: true, name: Like(pattern) },
|
||||
],
|
||||
order: { email: 'ASC' },
|
||||
take: 10,
|
||||
});
|
||||
|
||||
return users
|
||||
.filter((user) => user.id !== actorUserId)
|
||||
.filter(
|
||||
(user, index, allUsers) =>
|
||||
allUsers.findIndex((existingUser) => existingUser.id === user.id) ===
|
||||
index,
|
||||
)
|
||||
.slice(0, 10)
|
||||
.map((user) => ({
|
||||
id: user.id,
|
||||
email: user.email,
|
||||
name: user.name ?? undefined,
|
||||
}));
|
||||
}
|
||||
|
||||
async updateOnboardingCompleted(
|
||||
userId: string,
|
||||
completed: boolean,
|
||||
|
||||
@@ -37,3 +37,9 @@ export interface PublicUser {
|
||||
verified: boolean;
|
||||
onboardingCompleted: boolean;
|
||||
}
|
||||
|
||||
export interface PublicUserSearchResult {
|
||||
id: string;
|
||||
email: string;
|
||||
name?: string;
|
||||
}
|
||||
|
||||
@@ -9,6 +9,7 @@ import {
|
||||
} from 'typeorm';
|
||||
import { ListTemplateEntity } from '../list-templates/list-template.entity';
|
||||
import { UserListEntity } from '../lists/user-list.entity';
|
||||
import { UserListShareEntity } from '../lists/user-list-share.entity';
|
||||
import { RefreshTokenEntity } from './refresh-token.entity';
|
||||
|
||||
@Entity('users')
|
||||
@@ -59,4 +60,7 @@ export class UserEntity {
|
||||
|
||||
@OneToMany(() => UserListEntity, (list) => list.owner)
|
||||
lists?: UserListEntity[];
|
||||
|
||||
@OneToMany(() => UserListShareEntity, (share) => share.user)
|
||||
sharedLists?: UserListShareEntity[];
|
||||
}
|
||||
|
||||
@@ -38,14 +38,27 @@ export interface UserListItem {
|
||||
updatedAt: string;
|
||||
}
|
||||
|
||||
export type UserListAccessRole = 'owner' | 'collaborator';
|
||||
|
||||
export interface UserListCollaborator {
|
||||
id: string;
|
||||
name?: string;
|
||||
email: string;
|
||||
role: 'collaborator';
|
||||
}
|
||||
|
||||
export interface UserList {
|
||||
id: string;
|
||||
ownerId: string;
|
||||
ownerName?: string;
|
||||
ownerEmail?: string;
|
||||
accessRole: UserListAccessRole;
|
||||
sourceTemplateId?: string;
|
||||
name: string;
|
||||
description?: string;
|
||||
kind: ListTemplateKind;
|
||||
items: UserListItem[];
|
||||
collaborators: UserListCollaborator[];
|
||||
createdAt: string;
|
||||
updatedAt: string;
|
||||
}
|
||||
|
||||
3
listify-api/src/lists/dto/share-list.dto.ts
Normal file
3
listify-api/src/lists/dto/share-list.dto.ts
Normal file
@@ -0,0 +1,3 @@
|
||||
export class ShareListDto {
|
||||
userId?: string;
|
||||
}
|
||||
@@ -16,6 +16,7 @@ import { JwtAuthGuard } from '../auth/jwt-auth.guard';
|
||||
import { AuthService } from '../auth/auth.service';
|
||||
import { CreateListDto } from './dto/create-list.dto';
|
||||
import { AddListItemDto, UpdateListItemDto } from './dto/list-item.dto';
|
||||
import { ShareListDto } from './dto/share-list.dto';
|
||||
import { UpdateListDto } from './dto/update-list.dto';
|
||||
import { ListRealtimeService } from './list-realtime.service';
|
||||
import { ListsService } from './lists.service';
|
||||
@@ -78,6 +79,32 @@ export class ListsController {
|
||||
return this.listsService.deleteList(this.requireUserId(request), listId);
|
||||
}
|
||||
|
||||
@Post(':listId/shares')
|
||||
shareList(
|
||||
@Req() request: AuthenticatedRequest,
|
||||
@Param('listId') listId: string,
|
||||
@Body() shareDto: ShareListDto,
|
||||
) {
|
||||
return this.listsService.shareList(
|
||||
this.requireUserId(request),
|
||||
listId,
|
||||
shareDto,
|
||||
);
|
||||
}
|
||||
|
||||
@Delete(':listId/shares/:userId')
|
||||
removeShare(
|
||||
@Req() request: AuthenticatedRequest,
|
||||
@Param('listId') listId: string,
|
||||
@Param('userId') userId: string,
|
||||
) {
|
||||
return this.listsService.removeShare(
|
||||
this.requireUserId(request),
|
||||
listId,
|
||||
userId,
|
||||
);
|
||||
}
|
||||
|
||||
@Post(':listId/items')
|
||||
addItem(
|
||||
@Req() request: AuthenticatedRequest,
|
||||
|
||||
@@ -2,17 +2,24 @@ import { Module } from '@nestjs/common';
|
||||
import { TypeOrmModule } from '@nestjs/typeorm';
|
||||
import { AuditModule } from '../audit/audit.module';
|
||||
import { AuthModule } from '../auth/auth.module';
|
||||
import { UserEntity } from '../auth/user.entity';
|
||||
import { ListsController } from './lists.controller';
|
||||
import { ListRealtimeService } from './list-realtime.service';
|
||||
import { ListsService } from './lists.service';
|
||||
import { UserListEntity } from './user-list.entity';
|
||||
import { UserListItemEntity } from './user-list-item.entity';
|
||||
import { UserListShareEntity } from './user-list-share.entity';
|
||||
|
||||
@Module({
|
||||
imports: [
|
||||
AuditModule,
|
||||
AuthModule,
|
||||
TypeOrmModule.forFeature([UserListEntity, UserListItemEntity]),
|
||||
TypeOrmModule.forFeature([
|
||||
UserEntity,
|
||||
UserListEntity,
|
||||
UserListItemEntity,
|
||||
UserListShareEntity,
|
||||
]),
|
||||
],
|
||||
controllers: [ListsController],
|
||||
providers: [ListRealtimeService, ListsService],
|
||||
|
||||
@@ -1,18 +1,24 @@
|
||||
import { ForbiddenException, NotFoundException } from '@nestjs/common';
|
||||
import { UserEntity } from '../auth/user.entity';
|
||||
import { ListTemplate } from '../list-templates/list-template.types';
|
||||
import { InMemoryRepository } from '../testing/in-memory-repository';
|
||||
import { ListRealtimeService } from './list-realtime.service';
|
||||
import { ListsService } from './lists.service';
|
||||
import { UserListEntity } from './user-list.entity';
|
||||
import { UserListItemEntity } from './user-list-item.entity';
|
||||
import { UserListShareEntity } from './user-list-share.entity';
|
||||
|
||||
describe('ListsService', () => {
|
||||
let service: ListsService;
|
||||
let usersRepository: InMemoryRepository<UserEntity>;
|
||||
|
||||
beforeEach(() => {
|
||||
usersRepository = new InMemoryRepository<UserEntity>();
|
||||
service = new ListsService(
|
||||
new InMemoryRepository<UserListEntity>() as never,
|
||||
new InMemoryRepository<UserListItemEntity>() as never,
|
||||
new InMemoryRepository<UserListShareEntity>() as never,
|
||||
usersRepository as never,
|
||||
);
|
||||
});
|
||||
|
||||
@@ -57,6 +63,8 @@ describe('ListsService', () => {
|
||||
service = new ListsService(
|
||||
new InMemoryRepository<UserListEntity>() as never,
|
||||
new InMemoryRepository<UserListItemEntity>() as never,
|
||||
new InMemoryRepository<UserListShareEntity>() as never,
|
||||
usersRepository as never,
|
||||
undefined,
|
||||
realtimeService as never,
|
||||
);
|
||||
@@ -100,6 +108,41 @@ describe('ListsService', () => {
|
||||
);
|
||||
});
|
||||
|
||||
it('allows owners to share lists with collaborators', async () => {
|
||||
await usersRepository.save({
|
||||
id: 'user-2',
|
||||
email: 'collaborator@example.com',
|
||||
passwordHash: 'hash',
|
||||
verified: true,
|
||||
onboardingCompleted: false,
|
||||
createdAt: new Date(),
|
||||
updatedAt: new Date(),
|
||||
});
|
||||
const list = await service.createList('user-1', {
|
||||
name: 'Geteilte Liste',
|
||||
});
|
||||
|
||||
const sharedList = await service.shareList('user-1', list.id, {
|
||||
userId: 'user-2',
|
||||
});
|
||||
const collaboratorList = await service.getList('user-2', list.id);
|
||||
const updatedByCollaborator = await service.addItem('user-2', list.id, {
|
||||
title: 'Gemeinsamer Eintrag',
|
||||
});
|
||||
|
||||
expect(sharedList.collaborators).toEqual([
|
||||
expect.objectContaining({
|
||||
id: 'user-2',
|
||||
email: 'collaborator@example.com',
|
||||
}),
|
||||
]);
|
||||
expect(collaboratorList.accessRole).toBe('collaborator');
|
||||
expect(updatedByCollaborator.items).toHaveLength(1);
|
||||
await expect(service.deleteList('user-2', list.id)).rejects.toThrow(
|
||||
ForbiddenException,
|
||||
);
|
||||
});
|
||||
|
||||
it('adds, updates, checks and deletes list items', async () => {
|
||||
const list = await service.createList('user-1', {
|
||||
name: 'Einkauf',
|
||||
|
||||
@@ -13,15 +13,19 @@ import {
|
||||
ListTemplate,
|
||||
ListTemplateKind,
|
||||
UserList,
|
||||
UserListAccessRole,
|
||||
UserListItem,
|
||||
} from '../list-templates/list-template.types';
|
||||
import { UserEntity } from '../auth/user.entity';
|
||||
import { CreateListFromTemplateDto } from '../list-templates/dto/create-list-from-template.dto';
|
||||
import { AddListItemDto, UpdateListItemDto } from './dto/list-item.dto';
|
||||
import { CreateListDto } from './dto/create-list.dto';
|
||||
import { ListRealtimeService } from './list-realtime.service';
|
||||
import { ShareListDto } from './dto/share-list.dto';
|
||||
import { UpdateListDto } from './dto/update-list.dto';
|
||||
import { UserListEntity } from './user-list.entity';
|
||||
import { UserListItemEntity } from './user-list-item.entity';
|
||||
import { UserListShareEntity } from './user-list-share.entity';
|
||||
|
||||
@Injectable()
|
||||
export class ListsService {
|
||||
@@ -30,6 +34,10 @@ export class ListsService {
|
||||
private readonly listsRepository: Repository<UserListEntity>,
|
||||
@InjectRepository(UserListItemEntity)
|
||||
private readonly listItemsRepository: Repository<UserListItemEntity>,
|
||||
@InjectRepository(UserListShareEntity)
|
||||
private readonly listSharesRepository: Repository<UserListShareEntity>,
|
||||
@InjectRepository(UserEntity)
|
||||
private readonly usersRepository: Repository<UserEntity>,
|
||||
@Optional()
|
||||
private readonly auditLogService?: AuditLogService,
|
||||
@Optional()
|
||||
@@ -59,8 +67,8 @@ export class ListsService {
|
||||
},
|
||||
});
|
||||
|
||||
const userList = this.toUserList(savedList);
|
||||
this.listRealtimeService?.publishSnapshot(ownerId, userList);
|
||||
const userList = await this.getList(ownerId, savedList.id);
|
||||
await this.publishListSnapshot(savedList.id);
|
||||
|
||||
return userList;
|
||||
}
|
||||
@@ -114,24 +122,51 @@ export class ListsService {
|
||||
},
|
||||
});
|
||||
|
||||
const userList = this.toUserList(savedList);
|
||||
this.listRealtimeService?.publishSnapshot(ownerId, userList);
|
||||
const userList = await this.getList(ownerId, savedList.id);
|
||||
await this.publishListSnapshot(savedList.id);
|
||||
|
||||
return userList;
|
||||
}
|
||||
|
||||
async listLists(ownerId: string): Promise<UserList[]> {
|
||||
const lists = await this.listsRepository.find({
|
||||
const ownedLists = await this.listsRepository.find({
|
||||
where: { ownerId },
|
||||
relations: { items: true },
|
||||
relations: { items: true, owner: true, shares: { user: true } },
|
||||
order: { name: 'ASC', items: { position: 'ASC' } },
|
||||
});
|
||||
const sharedListShares = await this.listSharesRepository.find({
|
||||
where: { userId: ownerId },
|
||||
relations: { list: { items: true, owner: true, shares: { user: true } } },
|
||||
});
|
||||
const listsById = new Map<string, UserListEntity>();
|
||||
|
||||
return lists.map((list) => this.toUserList(list));
|
||||
for (const list of ownedLists) {
|
||||
await this.hydrateListAccessRelations(list);
|
||||
listsById.set(list.id, list);
|
||||
}
|
||||
|
||||
for (const share of sharedListShares) {
|
||||
const sharedList =
|
||||
share.list ??
|
||||
(await this.listsRepository.findOne({
|
||||
where: { id: share.listId },
|
||||
relations: { items: true, owner: true, shares: { user: true } },
|
||||
order: { items: { position: 'ASC' } },
|
||||
}));
|
||||
|
||||
if (sharedList) {
|
||||
await this.hydrateListAccessRelations(sharedList);
|
||||
listsById.set(sharedList.id, sharedList);
|
||||
}
|
||||
}
|
||||
|
||||
return [...listsById.values()]
|
||||
.sort((left, right) => left.name.localeCompare(right.name))
|
||||
.map((list) => this.toUserList(list, ownerId));
|
||||
}
|
||||
|
||||
async getList(ownerId: string, listId: string): Promise<UserList> {
|
||||
return this.toUserList(await this.findOwnedList(ownerId, listId));
|
||||
return this.toUserList(await this.findAccessibleList(ownerId, listId), ownerId);
|
||||
}
|
||||
|
||||
async updateList(
|
||||
@@ -139,7 +174,7 @@ export class ListsService {
|
||||
listId: string,
|
||||
updateDto: UpdateListDto,
|
||||
): Promise<UserList> {
|
||||
const list = await this.findOwnedList(ownerId, listId);
|
||||
const list = await this.findAccessibleList(ownerId, listId);
|
||||
|
||||
if (updateDto.name !== undefined) {
|
||||
list.name = this.requireName(updateDto.name);
|
||||
@@ -169,14 +204,15 @@ export class ListsService {
|
||||
},
|
||||
});
|
||||
|
||||
const userList = this.toUserList(savedList);
|
||||
this.listRealtimeService?.publishSnapshot(ownerId, userList);
|
||||
const userList = await this.getList(ownerId, savedList.id);
|
||||
await this.publishListSnapshot(savedList.id);
|
||||
|
||||
return userList;
|
||||
}
|
||||
|
||||
async deleteList(ownerId: string, listId: string): Promise<{ message: string }> {
|
||||
const list = await this.findOwnedList(ownerId, listId);
|
||||
const accessorIds = this.listAccessorIds(list);
|
||||
const metadata = {
|
||||
name: list.name,
|
||||
kind: list.kind,
|
||||
@@ -192,17 +228,100 @@ export class ListsService {
|
||||
metadata,
|
||||
});
|
||||
|
||||
this.listRealtimeService?.publishDeleted(ownerId, listId);
|
||||
accessorIds.forEach((accessorId) =>
|
||||
this.listRealtimeService?.publishDeleted(accessorId, listId),
|
||||
);
|
||||
|
||||
return { message: 'List deleted.' };
|
||||
}
|
||||
|
||||
async shareList(
|
||||
ownerId: string,
|
||||
listId: string,
|
||||
shareDto: ShareListDto,
|
||||
): Promise<UserList> {
|
||||
const list = await this.findOwnedList(ownerId, listId);
|
||||
const targetUserId = this.requireShareUserId(shareDto.userId);
|
||||
|
||||
if (targetUserId === ownerId) {
|
||||
throw new BadRequestException('List owner cannot be added as collaborator.');
|
||||
}
|
||||
|
||||
const targetUser = await this.usersRepository.findOne({
|
||||
where: { id: targetUserId },
|
||||
});
|
||||
|
||||
if (!targetUser || !targetUser.verified) {
|
||||
throw new NotFoundException('User was not found.');
|
||||
}
|
||||
|
||||
const existingShare = await this.listSharesRepository.findOne({
|
||||
where: { listId, userId: targetUserId },
|
||||
});
|
||||
|
||||
if (!existingShare) {
|
||||
await this.listSharesRepository.save(
|
||||
this.listSharesRepository.create({
|
||||
id: randomUUID(),
|
||||
listId,
|
||||
userId: targetUserId,
|
||||
role: 'collaborator',
|
||||
}),
|
||||
);
|
||||
}
|
||||
|
||||
await this.auditLogService?.record({
|
||||
actorUserId: ownerId,
|
||||
action: 'list.shared',
|
||||
entityType: 'list',
|
||||
entityId: list.id,
|
||||
metadata: {
|
||||
sharedWithUserId: targetUserId,
|
||||
sharedWithEmail: targetUser.email,
|
||||
},
|
||||
});
|
||||
|
||||
await this.publishListSnapshot(listId);
|
||||
|
||||
return this.getList(ownerId, listId);
|
||||
}
|
||||
|
||||
async removeShare(
|
||||
ownerId: string,
|
||||
listId: string,
|
||||
collaboratorUserId: string,
|
||||
): Promise<UserList> {
|
||||
const list = await this.findOwnedList(ownerId, listId);
|
||||
const existingShare = await this.listSharesRepository.findOne({
|
||||
where: { listId, userId: collaboratorUserId },
|
||||
});
|
||||
|
||||
if (!existingShare) {
|
||||
throw new NotFoundException('List share was not found.');
|
||||
}
|
||||
|
||||
await this.listSharesRepository.remove(existingShare);
|
||||
|
||||
await this.auditLogService?.record({
|
||||
actorUserId: ownerId,
|
||||
action: 'list.unshared',
|
||||
entityType: 'list',
|
||||
entityId: list.id,
|
||||
metadata: { removedUserId: collaboratorUserId },
|
||||
});
|
||||
|
||||
this.listRealtimeService?.publishDeleted(collaboratorUserId, listId);
|
||||
await this.publishListSnapshot(listId);
|
||||
|
||||
return this.getList(ownerId, listId);
|
||||
}
|
||||
|
||||
async addItem(
|
||||
ownerId: string,
|
||||
listId: string,
|
||||
addDto: AddListItemDto,
|
||||
): Promise<UserList> {
|
||||
const list = await this.findOwnedList(ownerId, listId);
|
||||
const list = await this.findAccessibleList(ownerId, listId);
|
||||
const item = this.createListItem(addDto, list.items.length);
|
||||
|
||||
item.listId = list.id;
|
||||
@@ -224,7 +343,7 @@ export class ListsService {
|
||||
});
|
||||
|
||||
const updatedList = await this.getList(ownerId, listId);
|
||||
this.listRealtimeService?.publishSnapshot(ownerId, updatedList);
|
||||
await this.publishListSnapshot(listId);
|
||||
|
||||
return updatedList;
|
||||
}
|
||||
@@ -236,7 +355,7 @@ export class ListsService {
|
||||
updateDto: UpdateListItemDto,
|
||||
actorName?: string,
|
||||
): Promise<UserList> {
|
||||
const list = await this.findOwnedList(ownerId, listId);
|
||||
const list = await this.findAccessibleList(ownerId, listId);
|
||||
const item = this.findListItem(list, itemId);
|
||||
const wasChecked = item.checked;
|
||||
|
||||
@@ -297,7 +416,7 @@ export class ListsService {
|
||||
});
|
||||
|
||||
const updatedList = await this.getList(ownerId, listId);
|
||||
this.listRealtimeService?.publishSnapshot(ownerId, updatedList);
|
||||
await this.publishListSnapshot(listId);
|
||||
|
||||
return updatedList;
|
||||
}
|
||||
@@ -307,7 +426,7 @@ export class ListsService {
|
||||
listId: string,
|
||||
itemId: string,
|
||||
): Promise<UserList> {
|
||||
const list = await this.findOwnedList(ownerId, listId);
|
||||
const list = await this.findAccessibleList(ownerId, listId);
|
||||
const itemIndex = list.items.findIndex((item) => item.id === itemId);
|
||||
|
||||
if (itemIndex === -1) {
|
||||
@@ -336,18 +455,18 @@ export class ListsService {
|
||||
});
|
||||
|
||||
const updatedList = await this.getList(ownerId, listId);
|
||||
this.listRealtimeService?.publishSnapshot(ownerId, updatedList);
|
||||
await this.publishListSnapshot(listId);
|
||||
|
||||
return updatedList;
|
||||
}
|
||||
|
||||
private async findOwnedList(
|
||||
private async findAccessibleList(
|
||||
ownerId: string,
|
||||
listId: string,
|
||||
): Promise<UserListEntity> {
|
||||
const list = await this.listsRepository.findOne({
|
||||
where: { id: listId },
|
||||
relations: { items: true },
|
||||
relations: { items: true, owner: true, shares: { user: true } },
|
||||
order: { items: { position: 'ASC' } },
|
||||
});
|
||||
|
||||
@@ -355,11 +474,27 @@ export class ListsService {
|
||||
throw new NotFoundException('List was not found.');
|
||||
}
|
||||
|
||||
if (list.ownerId !== ownerId) {
|
||||
await this.hydrateListAccessRelations(list);
|
||||
|
||||
if (!this.canAccessList(list, ownerId)) {
|
||||
throw new ForbiddenException('List belongs to another user.');
|
||||
}
|
||||
|
||||
list.items = list.items ?? [];
|
||||
list.shares = list.shares ?? [];
|
||||
return list;
|
||||
}
|
||||
|
||||
private async findOwnedList(
|
||||
ownerId: string,
|
||||
listId: string,
|
||||
): Promise<UserListEntity> {
|
||||
const list = await this.findAccessibleList(ownerId, listId);
|
||||
|
||||
if (list.ownerId !== ownerId) {
|
||||
throw new ForbiddenException('Only the list owner can perform this action.');
|
||||
}
|
||||
|
||||
return list;
|
||||
}
|
||||
|
||||
@@ -465,10 +600,87 @@ export class ListsService {
|
||||
return value;
|
||||
}
|
||||
|
||||
private toUserList(list: UserListEntity): UserList {
|
||||
private requireShareUserId(userId?: string): string {
|
||||
const normalizedUserId = userId?.trim();
|
||||
|
||||
if (!normalizedUserId) {
|
||||
throw new BadRequestException('User id is required.');
|
||||
}
|
||||
|
||||
return normalizedUserId;
|
||||
}
|
||||
|
||||
private canAccessList(list: UserListEntity, userId: string): boolean {
|
||||
return (
|
||||
list.ownerId === userId ||
|
||||
Boolean(list.shares?.some((share) => share.userId === userId))
|
||||
);
|
||||
}
|
||||
|
||||
private accessRoleFor(
|
||||
list: UserListEntity,
|
||||
viewerId?: string,
|
||||
): UserListAccessRole {
|
||||
return list.ownerId === viewerId ? 'owner' : 'collaborator';
|
||||
}
|
||||
|
||||
private listAccessorIds(list: UserListEntity): string[] {
|
||||
return [
|
||||
list.ownerId,
|
||||
...(list.shares ?? []).map((share) => share.userId),
|
||||
].filter((userId, index, userIds) => userIds.indexOf(userId) === index);
|
||||
}
|
||||
|
||||
private async hydrateListAccessRelations(list: UserListEntity): Promise<void> {
|
||||
list.owner ??= (await this.usersRepository.findOne({
|
||||
where: { id: list.ownerId },
|
||||
})) ?? undefined;
|
||||
|
||||
const storedShares = await this.listSharesRepository.find({
|
||||
where: { listId: list.id },
|
||||
relations: { user: true },
|
||||
});
|
||||
list.shares = storedShares;
|
||||
|
||||
for (const share of list.shares) {
|
||||
share.user ??= (await this.usersRepository.findOne({
|
||||
where: { id: share.userId },
|
||||
})) ?? undefined;
|
||||
}
|
||||
}
|
||||
|
||||
private async publishListSnapshot(listId: string): Promise<void> {
|
||||
if (!this.listRealtimeService) {
|
||||
return;
|
||||
}
|
||||
|
||||
const list = await this.listsRepository.findOne({
|
||||
where: { id: listId },
|
||||
relations: { items: true, owner: true, shares: { user: true } },
|
||||
order: { items: { position: 'ASC' } },
|
||||
});
|
||||
|
||||
if (!list) {
|
||||
return;
|
||||
}
|
||||
|
||||
await this.hydrateListAccessRelations(list);
|
||||
|
||||
this.listAccessorIds(list).forEach((accessorId) => {
|
||||
this.listRealtimeService?.publishSnapshot(
|
||||
accessorId,
|
||||
this.toUserList(list, accessorId),
|
||||
);
|
||||
});
|
||||
}
|
||||
|
||||
private toUserList(list: UserListEntity, viewerId?: string): UserList {
|
||||
return {
|
||||
id: list.id,
|
||||
ownerId: list.ownerId,
|
||||
ownerName: list.owner?.name ?? undefined,
|
||||
ownerEmail: list.owner?.email ?? undefined,
|
||||
accessRole: this.accessRoleFor(list, viewerId),
|
||||
sourceTemplateId: list.sourceTemplateId ?? undefined,
|
||||
name: list.name,
|
||||
description: list.description ?? undefined,
|
||||
@@ -476,6 +688,14 @@ export class ListsService {
|
||||
items: (list.items ?? [])
|
||||
.sort((left, right) => left.position - right.position)
|
||||
.map((item) => this.toUserListItem(item)),
|
||||
collaborators: (list.shares ?? [])
|
||||
.filter((share) => Boolean(share.user))
|
||||
.map((share) => ({
|
||||
id: share.userId,
|
||||
name: share.user?.name ?? undefined,
|
||||
email: share.user!.email,
|
||||
role: 'collaborator',
|
||||
})),
|
||||
createdAt: this.toIsoString(list.createdAt),
|
||||
updatedAt: this.toIsoString(list.updatedAt),
|
||||
};
|
||||
|
||||
50
listify-api/src/lists/user-list-share.entity.ts
Normal file
50
listify-api/src/lists/user-list-share.entity.ts
Normal file
@@ -0,0 +1,50 @@
|
||||
import {
|
||||
Column,
|
||||
CreateDateColumn,
|
||||
Entity,
|
||||
Index,
|
||||
JoinColumn,
|
||||
ManyToOne,
|
||||
PrimaryColumn,
|
||||
} from 'typeorm';
|
||||
import { UserEntity } from '../auth/user.entity';
|
||||
import { UserListEntity } from './user-list.entity';
|
||||
|
||||
export type UserListShareRole = 'collaborator';
|
||||
|
||||
@Entity('user_list_shares')
|
||||
@Index(['listId', 'userId'], { unique: true })
|
||||
export class UserListShareEntity {
|
||||
@PrimaryColumn({ type: 'varchar', length: 36 })
|
||||
id!: string;
|
||||
|
||||
@Index()
|
||||
@Column({ type: 'varchar', length: 36 })
|
||||
listId!: string;
|
||||
|
||||
@Index()
|
||||
@Column({ type: 'varchar', length: 36 })
|
||||
userId!: string;
|
||||
|
||||
@Column({ type: 'varchar', length: 32, default: 'collaborator' })
|
||||
role!: UserListShareRole;
|
||||
|
||||
@CreateDateColumn({
|
||||
type: 'datetime',
|
||||
precision: 3,
|
||||
default: () => 'CURRENT_TIMESTAMP(3)',
|
||||
})
|
||||
createdAt!: Date;
|
||||
|
||||
@ManyToOne(() => UserListEntity, (list) => list.shares, {
|
||||
onDelete: 'CASCADE',
|
||||
})
|
||||
@JoinColumn({ name: 'listId' })
|
||||
list?: UserListEntity;
|
||||
|
||||
@ManyToOne(() => UserEntity, (user) => user.sharedLists, {
|
||||
onDelete: 'CASCADE',
|
||||
})
|
||||
@JoinColumn({ name: 'userId' })
|
||||
user?: UserEntity;
|
||||
}
|
||||
@@ -10,6 +10,7 @@ import {
|
||||
UpdateDateColumn,
|
||||
} from 'typeorm';
|
||||
import { UserEntity } from '../auth/user.entity';
|
||||
import { UserListShareEntity } from './user-list-share.entity';
|
||||
import { UserListItemEntity } from './user-list-item.entity';
|
||||
import type { ListTemplateKind } from '../list-templates/list-template.types';
|
||||
|
||||
@@ -59,4 +60,7 @@ export class UserListEntity {
|
||||
cascade: ['insert', 'update'],
|
||||
})
|
||||
items!: UserListItemEntity[];
|
||||
|
||||
@OneToMany(() => UserListShareEntity, (share) => share.list)
|
||||
shares?: UserListShareEntity[];
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user