feat(Deny Requests): Requests to join communitites can be denied/reje…

…cted.

client/src/components/pages/Manage/GroupManage.js

@@ -10,7 +10,7 @@ import GroupManageUsers from './GroupManageUsers';
 import ModalConfirm from '../../Modal/ModalConfirm';
 import Picker from '../../Picker/Picker';
 import {roles} from '../../../settings';
-import { addPost, deletePost, addUser, deleteUser, approveUser } from '../../../utils/fetchFunctions';
+import { addPost, deletePost, addUser, deleteUser, approveUser, denyUser } from '../../../utils/fetchFunctions';
 import { postValidation, userValidation } from '../../../utils/validationFunctions';
 
 /**
@@ -364,7 +364,7 @@ class GroupManage extends Component {
         this.setState({
           deletingUser: '',
           users: newUsers
-        })
+        });
       }/*else error deleting user*/
     }).catch(err => {
       throw new Error('Error deleting user: ', err);
@@ -376,15 +376,14 @@ class GroupManage extends Component {
     const {group} = this.state;
     this.setState({approvingUser: newUser});
     if (type === 'approve') this.approveUserFetch(group, newUser);
-    //else if (type === 'reject') this.rejectUserFetch(group, newUser);
+    else if (type === 'deny') this.denyUserFetch(group, newUser);
   }
 
   approveUserFetch = (group, newUser) => {
     approveUser({group, newUser, user: this.user}, this.csrf)
     .then(res => {
       if (!res.data.invalidCSRF) {
         if (res.data) {
-console.log('approveUser:', res.data)
           const {users, pending} = this.state;
           const newPending = pending.filter(u => u.user !== newUser)
           this.setState({
@@ -406,6 +405,29 @@ console.log('approveUser:', res.data)
     });
   }
 
+  denyUserFetch = (group, newUser) => {
+    denyUser({group, newUser, user: this.user}, this.csrf)
+    .then(res => {
+      if (!res.data.invalidCSRF) {
+        if (res.data) {
+          const {pending} = this.state;
+          const newPending = pending.filter(u => u.user !== newUser)
+
+          this.setState({
+            pending: newPending,
+            approvingUser: '',
+          });
+        }else {
+          this.setState({
+            approvingUser: '',
+          });
+        }
+      }
+    }).catch(err => {
+      throw new Error('Error adding user: ', err);
+    });
+  }
+
   render() {
     const {
       newPost,

client/src/components/pages/Manage/GroupManagePending.js

@@ -40,7 +40,7 @@ const GroupManagePending = ({pending, handleApproval, approvingUser}) => (
                       }
                       <a href={`/approve/${u.user}/`} onClick={e => handleApproval(e, u.user, 'approve')}><Icon name='plus' color='blue' /></a>
                       {' / '}
-                      <a href={`/reject/${u.user}/`} onClick={e => handleApproval(e, u.user, 'reject')}><Icon name='delete' color='blue' /></a>
+                      <a href={`/deny/${u.user}/`} onClick={e => handleApproval(e, u.user, 'deny')}><Icon name='delete' color='blue' /></a>
 
                     </Table.Cell>
                   </Table.Row>

client/src/utils/fetchFunctions.js

@@ -114,7 +114,11 @@ export const requestToJoinGroup = (params, csrf) => {
 }
 
 export const approveUser = (params, csrf) => {
-  return postData('/manage/groups/approve', params, csrf);
+  return postData('/manage/users/approve', params, csrf);
+}
+
+export const denyUser = (params, csrf) => {
+  return postData('/manage/users/deny', params, csrf);
 }
 
 /**

server/routes/api/groups.js

@@ -235,7 +235,7 @@ const getGroupPosts = async (db, group) => {
  */
 const getGroupUsers = async (db, group) => {
   return new Promise((resolve, reject) => {
-    db.collection('kgroups_access').find({group: group, access: {$ne: 100}}).sort( { user: 1 } ).toArray().then(result => {
+    db.collection('kgroups_access').find({group: group, access: {$lt: 100}}).sort( { user: 1 } ).toArray().then(result => {
       if (result) resolve(result);
       else reject();
     })

server/routes/manage/groups.js

@@ -170,7 +170,7 @@ router.post('/delete', async (req, res, next) => {
   if (!csrfValid) res.json({invalidCSRF: true});
   else {
     //Delete group from DB
-    const groupDeleted = await verifyAccess(db, next, group, user, 'group', 'del') && await deleteGroup(db, group, user);
+    const groupDeleted = await verifyAccess(db, next, group, user, 'group', 'del') && await deleteGroup(db, next, group, user);
     res.json(groupDeleted || false);
   }
 })
@@ -291,74 +291,4 @@ const requestJoinGroup = (db, next, group, user) => {
   }
 }
 
-
-
-router.post('/approve', async (req, res, next) => {
-  const db = req.app.locals.db;
-  let { group, newUser, user } = req.body;
-
-  const csrfValid = await csrfValidateRequest(req, res, user);
-
-  //Respond to frontend with failed CSRF validation, else continue
-  if (!csrfValid) res.json({invalidCSRF: true});
-  else {
-    //Add join request to DB
-    const approved = approvalJoinGroup(db, next, group, newUser, user);
-    res.json({newUser: approved});
-  }
-})
-
-
-const approvalJoinGroup = (db, next, group, newUser, approver) => {
-  try {
-    const created = new Date();
-    const approved = {
-      group,
-      user: newUser,
-      access: 3,
-      added_on: created,
-      added_by: approver
-    }
-
-    //Create new access entry for user and group
-    db.collection('kgroups_access').updateOne(
-      { group: group, user: newUser },
-      {
-        $set: {
-          access: 3,
-          added_on: created,
-          added_by: approver
-        }
-      },
-      { upsert: true }
-    )
-
-    //Increment request count in user collection
-    db.collection('users').updateOne(
-      { name: newUser },
-      {
-        $inc:
-        {
-          'pendingJoinRequests.curating': -1
-        }
-      }
-    )
-
-    //Increment join request count for group
-    db.collection('kgroups').updateOne(
-      { name: group },
-      {
-        $inc:
-        {
-          joinRequests: -1
-        }
-      }
-    )
-
-    return approved;
-  }catch (err) {
-    next(err);
-  }
-}
-
 export default router;

server/routes/manage/posts.js

@@ -14,7 +14,7 @@ const router = new Router();
  *  CSRF validation is done. If valid, proceed with database query.
  *  Databse inserted object will be returned to the frontend.
  */
-router.post('/add', async (req, res) => {
+router.post('/add', async (req, res, next) => {
 
   //TODO?:do i need to verfiy access? no one can spoof a POST, right?
   const db = req.app.locals.db;
@@ -25,13 +25,13 @@ router.post('/add', async (req, res) => {
   if (!csrfValid) res.json({invalidCSRF: true});
   else {
     //Check if post exists
-    const exists = await postExists(db, author, permlink, group);
+    const exists = await postExists(db, next, author, permlink, group);
     if (exists) {
        res.json({exists: true});
     }else {
 
       //Insert new post into DB
-      const postAdd = await verifyAccess(db, group, user, 'post', 'add') && await addPost(db, user, group, category, author, permlink, title);
+      const postAdd = await verifyAccess(db, next, group, user, 'post', 'add') && await addPost(db, next, user, group, category, author, permlink, title);
       res.json({post: postAdd});
     }
   }
@@ -45,14 +45,14 @@ router.post('/add', async (req, res) => {
  *  @param {string} group Group to verify if posts exists in
  *  @returns {boolean} Determines if post exists or not
  */
-const postExists = async (db, author, permlink, group) => {
+const postExists = async (db, next, author, permlink, group) => {
   const exists = db.collection('kposts').find({st_author: author, st_permlink: permlink, group: group}, {projection: {_id: 1 }}).limit(1).toArray().then(data => {
     if (data.length) {
       return true;
     }
     return false;
   }).catch(err => {
-		throw new Error('Error verifying existing post from DB: ', err);
+		next(err);
 	});
   return await exists;
 }
@@ -72,7 +72,7 @@ const postExists = async (db, author, permlink, group) => {
  *  @param {string} title Title of Steem post
  *  @returns {object} Send inserted object back to frontend for use
  */
-const addPost = (db, user, group, category, author, permlink, title) => {
+const addPost = (db, next, user, group, category, author, permlink, title) => {
   console.log('1')
   try {
     const created = new Date();
@@ -107,7 +107,7 @@ const addPost = (db, user, group, category, author, permlink, title) => {
     )
     return post;
   }catch (err) {
-    throw new Error('Error adding post to DB: ', err);
+    next(err);
   }
 }
 
@@ -120,7 +120,7 @@ const addPost = (db, user, group, category, author, permlink, title) => {
  *  CSRF validation is done. If valid, proceed with database query.
  *  Databse delete will be true or false, return response to frontend.
  */
-router.post('/delete', async (req, res) => {
+router.post('/delete', async (req, res, next) => {
   const db = req.app.locals.db;
   let { author, post, group, user } = req.body;
   const csrfValid = await csrfValidateRequest(req, res, user);
@@ -129,7 +129,7 @@ router.post('/delete', async (req, res) => {
   if (!csrfValid) res.json({invalidCSRF: true});
   else {
     //Delete post from DB
-    const postDeleted = await verifyAccess(db, group, user, 'post', 'del') && await deletePost(db, author, post, group);
+    const postDeleted = await verifyAccess(db, next, group, user, 'post', 'del') && await deletePost(db, next, author, post, group);
     if (postDeleted) {
       res.json(true);
     }else {
@@ -146,7 +146,7 @@ router.post('/delete', async (req, res) => {
  *  @param {string} group Group name to remove from
  *  @returns {boolean} Determines if deleting a post was a success
  */
-const deletePost = (db, author, post, group) => {
+const deletePost = (db, next, author, post, group) => {
   try {
     //Delete post from kgroups collection
     db.collection('kposts').deleteOne(
@@ -165,7 +165,7 @@ const deletePost = (db, author, post, group) => {
     )
     return true;
   }catch (err) {
-    throw new Error('Error deleting post from DB: ', err);
+    next(err);
   }
 }