From 04900540490581cf932d89f30ffd98bba21d97a6 Mon Sep 17 00:00:00 2001 From: Pax <37164780+Pax-0@users.noreply.github.com> Date: Sat, 16 Nov 2024 01:57:36 +0400 Subject: [PATCH] WIP add auth check to update n delete sub commands --- discord/commands/Partner.ts | 91 +++++++++++++++++++++++++++++++++++-- 1 file changed, 86 insertions(+), 5 deletions(-) diff --git a/discord/commands/Partner.ts b/discord/commands/Partner.ts index 0f43f8e..ecdda3a 100644 --- a/discord/commands/Partner.ts +++ b/discord/commands/Partner.ts @@ -1,11 +1,12 @@ import { MemberModel } from "../../database/Member"; -import { +import Partner, { PartnerModel, PartnerCommissionType, PartnerRoleType, PartnerDepartment, PartnerTitle, } from "../../database/Partner"; + import DiscordInteractionCommand from "../../util/DiscordInteractionCommand"; import { ChatInputCommandInteraction, @@ -28,7 +29,7 @@ const partnerTitles: PartnerTitle[] = [ "Technician", ]; -export default class Partner extends DiscordInteractionCommand { +export default class PartnerCommand extends DiscordInteractionCommand { constructor() { super("partner", "Manipulates partner information."); this.builder @@ -72,6 +73,9 @@ export default class Partner extends DiscordInteractionCommand { .setChoices(this.formatOptionsForDiscordFromEnum(PartnerDepartment)) .setRequired(true) ) + .addUserOption((option) => + option.setName("direct-report").setDescription("their direct report.") + ) ); this.builder.addSubcommand((c) => c @@ -105,6 +109,9 @@ export default class Partner extends DiscordInteractionCommand { .setDescription("the partner you want to update.") .setRequired(true) ) + .addUserOption((option) => + option.setName("direct-report").setDescription("their direct report.") + ) .addStringOption((option) => option.setName("email").setDescription("their email address.")) .addStringOption((option) => option @@ -159,6 +166,7 @@ export default class Partner extends DiscordInteractionCommand { async handleAddSubcommand(interaction: ChatInputCommandInteraction) { const partnerOption = interaction.options.getUser("partner", true); + const directReport = interaction.options.getUser("direct-report", false); const partnerOptionEmailAddress = interaction.options.getString("email", true); const partnerOptionRoleType = interaction.options.getString("role-type", true); const partnerOptionCommisioComissionType = interaction.options.getString( @@ -182,6 +190,20 @@ export default class Partner extends DiscordInteractionCommand { ephemeral: false, }); */ + + let directReportPartnerDocumentFromDb; + + if (directReport) { + directReportPartnerDocumentFromDb = await PartnerModel.findOne({ + discordID: directReport.id, + }).exec(); + + if (!directReportPartnerDocumentFromDb) + return interaction.reply({ + content: `the specified directReport ${directReport.username} does not have an entry in partner database, please add them first them before assigning subordinates`, + ephemeral: false, + }); + } let newPartner = new PartnerModel({ discordID: partnerOption.id, emailAddress: partnerOptionEmailAddress, @@ -189,6 +211,10 @@ export default class Partner extends DiscordInteractionCommand { commissionType: partnerOptionCommisioComissionType, department: partnerOptionDepartment, title: partnerOptionTitle, + directReport: + directReport && directReportPartnerDocumentFromDb + ? directReportPartnerDocumentFromDb._id + : null, }); await newPartner.save(); @@ -200,12 +226,21 @@ export default class Partner extends DiscordInteractionCommand { async handleGetSubcommand(interaction: ChatInputCommandInteraction) { const partnerOption = interaction.options.getUser("partner", true); - const partner = await PartnerModel.findOne({ discordID: partnerOption.id }).exec(); + let partner = await PartnerModel.findOne({ discordID: partnerOption.id }).exec(); if (!partner) return interaction.reply({ content: "The specified partner does not an entry in the database.", ephemeral: false, }); + if (partner.directReport) await partner.populate("directReport"); + if (partner.directReport && partner.directReport instanceof Partner) { + console.log(partner.directReport); + + return interaction.reply({ + content: `Raw entry \`\`\`\n${JSON.stringify(partner, null, 2)}\n\`\`\`\n\nDirect report: \`\`\`\n${JSON.stringify(partner.directReport, null, 2)}\n\`\`\``, + ephemeral: false, + }); + } return interaction.reply({ content: `Raw entry \`\`\`\n${JSON.stringify(partner, null, 2)}\n\`\`\``, @@ -215,12 +250,24 @@ export default class Partner extends DiscordInteractionCommand { async handleDeleteSubcommand(interaction: ChatInputCommandInteraction) { const partnerOption = interaction.options.getUser("partner", true); - const partner = await PartnerModel.findOne({ discordID: partnerOption.id }).exec(); + const partner = await PartnerModel.findOne({ discordID: partnerOption.id }) + .populate("directReport") + .exec(); if (!partner) return interaction.reply({ content: "The specified user does not have an entry.", ephemeral: false, }); + if ( + partner.directReport && + partner.directReport instanceof Partner && + interaction.user.id !== partner.directReport.discordID + ) + return interaction.reply({ + content: + "You're not authorized to delete this partner's information, only their direct report can.", + ephemeral: false, + }); await PartnerModel.findByIdAndDelete(partner.id); return interaction.reply({ @@ -231,12 +278,14 @@ export default class Partner extends DiscordInteractionCommand { async handleUpdateSubcommand(interaction: ChatInputCommandInteraction) { const partnerOption = interaction.options.getUser("partner", true); + const directReport = interaction.options.getUser("direct-report"); const partnerOptionEmailAddress = interaction.options.getString("email"); const partnerOptionRoleType = interaction.options.getString("role-type"); const partnerOptionCommisioComissionType = interaction.options.getString("commission-type"); const partnerOptionDepartment = interaction.options.getString("department"); const partnerOptionTitle = interaction.options.getString("title"); if ( + !directReport && !partnerOptionEmailAddress && !partnerOptionEmailAddress && !partnerOptionRoleType && @@ -250,12 +299,40 @@ export default class Partner extends DiscordInteractionCommand { }); } - const partner = await PartnerModel.findOne({ discordID: partnerOption.id }).exec(); + let partner = await PartnerModel.findOne({ discordID: partnerOption.id }).exec(); if (!partner) return interaction.reply({ content: "The specified partner does not have an entry.", ephemeral: false, }); + + if (partner.directReport) partner = await partner.populate("directReport"); + + console.log(partner.directReport); + if ( + partner.directReport instanceof PartnerModel && + interaction.user.id !== partner.directReport.discordID + ) + return interaction.reply({ + content: + "You're not authorized to update this partner's information, only their direct report can.", + ephemeral: false, + }); + + let directReportPartnerDocumentFromDb; + + if (directReport) { + directReportPartnerDocumentFromDb = await PartnerModel.findOne({ + discordID: directReport.id, + }).exec(); + + if (!directReportPartnerDocumentFromDb) + return interaction.reply({ + content: `the specified directReport ${directReport.username} does not have an entry in partner database, please add them first them before assigning subordinates`, + ephemeral: false, + }); + } + let updateObj = { discordID: partnerOption.id, emailAddress: partnerOptionEmailAddress, @@ -263,6 +340,10 @@ export default class Partner extends DiscordInteractionCommand { commissionType: partnerOptionCommisioComissionType, department: partnerOptionDepartment, title: partnerOptionTitle, + directReport: + directReport && directReportPartnerDocumentFromDb + ? directReportPartnerDocumentFromDb.id + : null, }; try {