WIP add auth check to update n delete sub commands

Pax 2024-11-16 01:57:36 +04:00
parent f0db3c1cc2
commit 0490054049
1 changed files with 86 additions and 5 deletions

View File

@ -1,11 +1,12 @@
import { MemberModel } from "../../database/Member"; import { MemberModel } from "../../database/Member";
import { import Partner, {
PartnerModel, PartnerModel,
PartnerCommissionType, PartnerCommissionType,
PartnerRoleType, PartnerRoleType,
PartnerDepartment, PartnerDepartment,
PartnerTitle, PartnerTitle,
} from "../../database/Partner"; } from "../../database/Partner";
import DiscordInteractionCommand from "../../util/DiscordInteractionCommand"; import DiscordInteractionCommand from "../../util/DiscordInteractionCommand";
import { import {
ChatInputCommandInteraction, ChatInputCommandInteraction,
@ -28,7 +29,7 @@ const partnerTitles: PartnerTitle[] = [
"Technician", "Technician",
]; ];
export default class Partner extends DiscordInteractionCommand { export default class PartnerCommand extends DiscordInteractionCommand {
constructor() { constructor() {
super("partner", "Manipulates partner information."); super("partner", "Manipulates partner information.");
this.builder this.builder
@ -72,6 +73,9 @@ export default class Partner extends DiscordInteractionCommand {
.setChoices(this.formatOptionsForDiscordFromEnum(PartnerDepartment)) .setChoices(this.formatOptionsForDiscordFromEnum(PartnerDepartment))
.setRequired(true) .setRequired(true)
) )
.addUserOption((option) =>
option.setName("direct-report").setDescription("their direct report.")
)
); );
this.builder.addSubcommand((c) => this.builder.addSubcommand((c) =>
c c
@ -105,6 +109,9 @@ export default class Partner extends DiscordInteractionCommand {
.setDescription("the partner you want to update.") .setDescription("the partner you want to update.")
.setRequired(true) .setRequired(true)
) )
.addUserOption((option) =>
option.setName("direct-report").setDescription("their direct report.")
)
.addStringOption((option) => option.setName("email").setDescription("their email address.")) .addStringOption((option) => option.setName("email").setDescription("their email address."))
.addStringOption((option) => .addStringOption((option) =>
option option
@ -159,6 +166,7 @@ export default class Partner extends DiscordInteractionCommand {
async handleAddSubcommand(interaction: ChatInputCommandInteraction) { async handleAddSubcommand(interaction: ChatInputCommandInteraction) {
const partnerOption = interaction.options.getUser("partner", true); const partnerOption = interaction.options.getUser("partner", true);
const directReport = interaction.options.getUser("direct-report", false);
const partnerOptionEmailAddress = interaction.options.getString("email", true); const partnerOptionEmailAddress = interaction.options.getString("email", true);
const partnerOptionRoleType = interaction.options.getString("role-type", true); const partnerOptionRoleType = interaction.options.getString("role-type", true);
const partnerOptionCommisioComissionType = interaction.options.getString( const partnerOptionCommisioComissionType = interaction.options.getString(
@ -182,6 +190,20 @@ export default class Partner extends DiscordInteractionCommand {
ephemeral: false, ephemeral: false,
}); });
*/ */
let directReportPartnerDocumentFromDb;
if (directReport) {
directReportPartnerDocumentFromDb = await PartnerModel.findOne({
discordID: directReport.id,
}).exec();
if (!directReportPartnerDocumentFromDb)
return interaction.reply({
content: `the specified directReport ${directReport.username} does not have an entry in partner database, please add them first them before assigning subordinates`,
ephemeral: false,
});
}
let newPartner = new PartnerModel({ let newPartner = new PartnerModel({
discordID: partnerOption.id, discordID: partnerOption.id,
emailAddress: partnerOptionEmailAddress, emailAddress: partnerOptionEmailAddress,
@ -189,6 +211,10 @@ export default class Partner extends DiscordInteractionCommand {
commissionType: partnerOptionCommisioComissionType, commissionType: partnerOptionCommisioComissionType,
department: partnerOptionDepartment, department: partnerOptionDepartment,
title: partnerOptionTitle, title: partnerOptionTitle,
directReport:
directReport && directReportPartnerDocumentFromDb
? directReportPartnerDocumentFromDb._id
: null,
}); });
await newPartner.save(); await newPartner.save();
@ -200,12 +226,21 @@ export default class Partner extends DiscordInteractionCommand {
async handleGetSubcommand(interaction: ChatInputCommandInteraction) { async handleGetSubcommand(interaction: ChatInputCommandInteraction) {
const partnerOption = interaction.options.getUser("partner", true); const partnerOption = interaction.options.getUser("partner", true);
const partner = await PartnerModel.findOne({ discordID: partnerOption.id }).exec(); let partner = await PartnerModel.findOne({ discordID: partnerOption.id }).exec();
if (!partner) if (!partner)
return interaction.reply({ return interaction.reply({
content: "The specified partner does not an entry in the database.", content: "The specified partner does not an entry in the database.",
ephemeral: false, ephemeral: false,
}); });
if (partner.directReport) await partner.populate("directReport");
if (partner.directReport && partner.directReport instanceof Partner) {
console.log(partner.directReport);
return interaction.reply({
content: `Raw entry \`\`\`\n${JSON.stringify(partner, null, 2)}\n\`\`\`\n\nDirect report: \`\`\`\n${JSON.stringify(partner.directReport, null, 2)}\n\`\`\``,
ephemeral: false,
});
}
return interaction.reply({ return interaction.reply({
content: `Raw entry \`\`\`\n${JSON.stringify(partner, null, 2)}\n\`\`\``, content: `Raw entry \`\`\`\n${JSON.stringify(partner, null, 2)}\n\`\`\``,
@ -215,12 +250,24 @@ export default class Partner extends DiscordInteractionCommand {
async handleDeleteSubcommand(interaction: ChatInputCommandInteraction) { async handleDeleteSubcommand(interaction: ChatInputCommandInteraction) {
const partnerOption = interaction.options.getUser("partner", true); const partnerOption = interaction.options.getUser("partner", true);
const partner = await PartnerModel.findOne({ discordID: partnerOption.id }).exec(); const partner = await PartnerModel.findOne({ discordID: partnerOption.id })
.populate("directReport")
.exec();
if (!partner) if (!partner)
return interaction.reply({ return interaction.reply({
content: "The specified user does not have an entry.", content: "The specified user does not have an entry.",
ephemeral: false, ephemeral: false,
}); });
if (
partner.directReport &&
partner.directReport instanceof Partner &&
interaction.user.id !== partner.directReport.discordID
)
return interaction.reply({
content:
"You're not authorized to delete this partner's information, only their direct report can.",
ephemeral: false,
});
await PartnerModel.findByIdAndDelete(partner.id); await PartnerModel.findByIdAndDelete(partner.id);
return interaction.reply({ return interaction.reply({
@ -231,12 +278,14 @@ export default class Partner extends DiscordInteractionCommand {
async handleUpdateSubcommand(interaction: ChatInputCommandInteraction) { async handleUpdateSubcommand(interaction: ChatInputCommandInteraction) {
const partnerOption = interaction.options.getUser("partner", true); const partnerOption = interaction.options.getUser("partner", true);
const directReport = interaction.options.getUser("direct-report");
const partnerOptionEmailAddress = interaction.options.getString("email"); const partnerOptionEmailAddress = interaction.options.getString("email");
const partnerOptionRoleType = interaction.options.getString("role-type"); const partnerOptionRoleType = interaction.options.getString("role-type");
const partnerOptionCommisioComissionType = interaction.options.getString("commission-type"); const partnerOptionCommisioComissionType = interaction.options.getString("commission-type");
const partnerOptionDepartment = interaction.options.getString("department"); const partnerOptionDepartment = interaction.options.getString("department");
const partnerOptionTitle = interaction.options.getString("title"); const partnerOptionTitle = interaction.options.getString("title");
if ( if (
!directReport &&
!partnerOptionEmailAddress && !partnerOptionEmailAddress &&
!partnerOptionEmailAddress && !partnerOptionEmailAddress &&
!partnerOptionRoleType && !partnerOptionRoleType &&
@ -250,12 +299,40 @@ export default class Partner extends DiscordInteractionCommand {
}); });
} }
const partner = await PartnerModel.findOne({ discordID: partnerOption.id }).exec(); let partner = await PartnerModel.findOne({ discordID: partnerOption.id }).exec();
if (!partner) if (!partner)
return interaction.reply({ return interaction.reply({
content: "The specified partner does not have an entry.", content: "The specified partner does not have an entry.",
ephemeral: false, ephemeral: false,
}); });
if (partner.directReport) partner = await partner.populate("directReport");
console.log(partner.directReport);
if (
partner.directReport instanceof PartnerModel &&
interaction.user.id !== partner.directReport.discordID
)
return interaction.reply({
content:
"You're not authorized to update this partner's information, only their direct report can.",
ephemeral: false,
});
let directReportPartnerDocumentFromDb;
if (directReport) {
directReportPartnerDocumentFromDb = await PartnerModel.findOne({
discordID: directReport.id,
}).exec();
if (!directReportPartnerDocumentFromDb)
return interaction.reply({
content: `the specified directReport ${directReport.username} does not have an entry in partner database, please add them first them before assigning subordinates`,
ephemeral: false,
});
}
let updateObj = { let updateObj = {
discordID: partnerOption.id, discordID: partnerOption.id,
emailAddress: partnerOptionEmailAddress, emailAddress: partnerOptionEmailAddress,
@ -263,6 +340,10 @@ export default class Partner extends DiscordInteractionCommand {
commissionType: partnerOptionCommisioComissionType, commissionType: partnerOptionCommisioComissionType,
department: partnerOptionDepartment, department: partnerOptionDepartment,
title: partnerOptionTitle, title: partnerOptionTitle,
directReport:
directReport && directReportPartnerDocumentFromDb
? directReportPartnerDocumentFromDb.id
: null,
}; };
try { try {