WIP add auth check to update n delete sub commands

Pax 2024-11-16 01:57:36 +04:00
parent f0db3c1cc2
commit 0490054049
1 changed files with 86 additions and 5 deletions

View File

@ -1,11 +1,12 @@
import { MemberModel } from "../../database/Member";
import {
import Partner, {
PartnerModel,
PartnerCommissionType,
PartnerRoleType,
PartnerDepartment,
PartnerTitle,
} from "../../database/Partner";
import DiscordInteractionCommand from "../../util/DiscordInteractionCommand";
import {
ChatInputCommandInteraction,
@ -28,7 +29,7 @@ const partnerTitles: PartnerTitle[] = [
"Technician",
];
export default class Partner extends DiscordInteractionCommand {
export default class PartnerCommand extends DiscordInteractionCommand {
constructor() {
super("partner", "Manipulates partner information.");
this.builder
@ -72,6 +73,9 @@ export default class Partner extends DiscordInteractionCommand {
.setChoices(this.formatOptionsForDiscordFromEnum(PartnerDepartment))
.setRequired(true)
)
.addUserOption((option) =>
option.setName("direct-report").setDescription("their direct report.")
)
);
this.builder.addSubcommand((c) =>
c
@ -105,6 +109,9 @@ export default class Partner extends DiscordInteractionCommand {
.setDescription("the partner you want to update.")
.setRequired(true)
)
.addUserOption((option) =>
option.setName("direct-report").setDescription("their direct report.")
)
.addStringOption((option) => option.setName("email").setDescription("their email address."))
.addStringOption((option) =>
option
@ -159,6 +166,7 @@ export default class Partner extends DiscordInteractionCommand {
async handleAddSubcommand(interaction: ChatInputCommandInteraction) {
const partnerOption = interaction.options.getUser("partner", true);
const directReport = interaction.options.getUser("direct-report", false);
const partnerOptionEmailAddress = interaction.options.getString("email", true);
const partnerOptionRoleType = interaction.options.getString("role-type", true);
const partnerOptionCommisioComissionType = interaction.options.getString(
@ -182,6 +190,20 @@ export default class Partner extends DiscordInteractionCommand {
ephemeral: false,
});
*/
let directReportPartnerDocumentFromDb;
if (directReport) {
directReportPartnerDocumentFromDb = await PartnerModel.findOne({
discordID: directReport.id,
}).exec();
if (!directReportPartnerDocumentFromDb)
return interaction.reply({
content: `the specified directReport ${directReport.username} does not have an entry in partner database, please add them first them before assigning subordinates`,
ephemeral: false,
});
}
let newPartner = new PartnerModel({
discordID: partnerOption.id,
emailAddress: partnerOptionEmailAddress,
@ -189,6 +211,10 @@ export default class Partner extends DiscordInteractionCommand {
commissionType: partnerOptionCommisioComissionType,
department: partnerOptionDepartment,
title: partnerOptionTitle,
directReport:
directReport && directReportPartnerDocumentFromDb
? directReportPartnerDocumentFromDb._id
: null,
});
await newPartner.save();
@ -200,12 +226,21 @@ export default class Partner extends DiscordInteractionCommand {
async handleGetSubcommand(interaction: ChatInputCommandInteraction) {
const partnerOption = interaction.options.getUser("partner", true);
const partner = await PartnerModel.findOne({ discordID: partnerOption.id }).exec();
let partner = await PartnerModel.findOne({ discordID: partnerOption.id }).exec();
if (!partner)
return interaction.reply({
content: "The specified partner does not an entry in the database.",
ephemeral: false,
});
if (partner.directReport) await partner.populate("directReport");
if (partner.directReport && partner.directReport instanceof Partner) {
console.log(partner.directReport);
return interaction.reply({
content: `Raw entry \`\`\`\n${JSON.stringify(partner, null, 2)}\n\`\`\`\n\nDirect report: \`\`\`\n${JSON.stringify(partner.directReport, null, 2)}\n\`\`\``,
ephemeral: false,
});
}
return interaction.reply({
content: `Raw entry \`\`\`\n${JSON.stringify(partner, null, 2)}\n\`\`\``,
@ -215,12 +250,24 @@ export default class Partner extends DiscordInteractionCommand {
async handleDeleteSubcommand(interaction: ChatInputCommandInteraction) {
const partnerOption = interaction.options.getUser("partner", true);
const partner = await PartnerModel.findOne({ discordID: partnerOption.id }).exec();
const partner = await PartnerModel.findOne({ discordID: partnerOption.id })
.populate("directReport")
.exec();
if (!partner)
return interaction.reply({
content: "The specified user does not have an entry.",
ephemeral: false,
});
if (
partner.directReport &&
partner.directReport instanceof Partner &&
interaction.user.id !== partner.directReport.discordID
)
return interaction.reply({
content:
"You're not authorized to delete this partner's information, only their direct report can.",
ephemeral: false,
});
await PartnerModel.findByIdAndDelete(partner.id);
return interaction.reply({
@ -231,12 +278,14 @@ export default class Partner extends DiscordInteractionCommand {
async handleUpdateSubcommand(interaction: ChatInputCommandInteraction) {
const partnerOption = interaction.options.getUser("partner", true);
const directReport = interaction.options.getUser("direct-report");
const partnerOptionEmailAddress = interaction.options.getString("email");
const partnerOptionRoleType = interaction.options.getString("role-type");
const partnerOptionCommisioComissionType = interaction.options.getString("commission-type");
const partnerOptionDepartment = interaction.options.getString("department");
const partnerOptionTitle = interaction.options.getString("title");
if (
!directReport &&
!partnerOptionEmailAddress &&
!partnerOptionEmailAddress &&
!partnerOptionRoleType &&
@ -250,12 +299,40 @@ export default class Partner extends DiscordInteractionCommand {
});
}
const partner = await PartnerModel.findOne({ discordID: partnerOption.id }).exec();
let partner = await PartnerModel.findOne({ discordID: partnerOption.id }).exec();
if (!partner)
return interaction.reply({
content: "The specified partner does not have an entry.",
ephemeral: false,
});
if (partner.directReport) partner = await partner.populate("directReport");
console.log(partner.directReport);
if (
partner.directReport instanceof PartnerModel &&
interaction.user.id !== partner.directReport.discordID
)
return interaction.reply({
content:
"You're not authorized to update this partner's information, only their direct report can.",
ephemeral: false,
});
let directReportPartnerDocumentFromDb;
if (directReport) {
directReportPartnerDocumentFromDb = await PartnerModel.findOne({
discordID: directReport.id,
}).exec();
if (!directReportPartnerDocumentFromDb)
return interaction.reply({
content: `the specified directReport ${directReport.username} does not have an entry in partner database, please add them first them before assigning subordinates`,
ephemeral: false,
});
}
let updateObj = {
discordID: partnerOption.id,
emailAddress: partnerOptionEmailAddress,
@ -263,6 +340,10 @@ export default class Partner extends DiscordInteractionCommand {
commissionType: partnerOptionCommisioComissionType,
department: partnerOptionDepartment,
title: partnerOptionTitle,
directReport:
directReport && directReportPartnerDocumentFromDb
? directReportPartnerDocumentFromDb.id
: null,
};
try {