diff --git a/src/controllers/GroupsController.ts b/src/controllers/GroupsController.ts index 2e11bb1..de7e273 100644 --- a/src/controllers/GroupsController.ts +++ b/src/controllers/GroupsController.ts @@ -411,7 +411,6 @@ export class GroupsController { h.error(401, "You are the last administrator of this group!"); - // TODO : validate this check // Only administrator can delete members that are more than member (moderators & administrators) if(membership.level < GroupMembershipLevels.MEMBER && currUserMembership.level != GroupMembershipLevels.ADMINISTRATOR) h.error(401, "Only an administrator can delete this membership!"); @@ -424,6 +423,41 @@ export class GroupsController { h.success("Membership of the user has been successfully deleted!"); } + /** + * Update a user membership + * + * @param h Request handler + */ + public static async UpdateMembership(h: RequestHandler) { + + // Get information about the target + const groupID = await h.postGroupIDWithAccess("groupID", GroupsAccessLevel.ADMIN_ACCESS); + const userID = await h.postUserId("userID"); + + if(userID == h.getUserId()) + h.error(400, "You can not update your own membership!"); + + // Get current user membership + const level = await GroupsHelper.GetMembershipLevel(groupID, userID); + + // Check if user is at least a member of the group + if(level > GroupMembershipLevels.MEMBER) + h.error(401, "This user is not a member of the group!"); + + // Get the new membership of the user + const membershipKey = findKey(GROUPS_MEMBERSHIP_LEVELS, h.postString("level", 3)); + if(membershipKey == null) + h.error(400, "New user membership level not recognized!"); + const newLevel = Number(membershipKey); + + if(newLevel > GroupMembershipLevels.MEMBER) + h.error(401, "You can not assign this visibility level to a group member!"); + + await GroupsHelper.UpdateMembershipLevel(groupID, userID, newLevel); + + h.success("User membership has been successfully updated!"); + } + /** * Turn a GroupInfo object into a valid API object * diff --git a/src/controllers/Routes.ts b/src/controllers/Routes.ts index 16cca0f..1dbcfb7 100644 --- a/src/controllers/Routes.ts +++ b/src/controllers/Routes.ts @@ -116,4 +116,6 @@ export const Routes : Route[] = [ {path: "/groups/cancel_request", cb: (h) => GroupsController.CancelRequest(h)}, {path: "/groups/delete_member", cb: (h) => GroupsController.DeleteMember(h)}, + + {path: "/groups/update_membership_level", cb: (h) => GroupsController.UpdateMembership(h)}, ] \ No newline at end of file