add organization_admin_model

backend/apis/nodejs/src/models/organization_admin_model.js

@@ -0,0 +1,83 @@
+/*
+    This code is part of Blink
+    licensed under GPLv3
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 
+    IMPLIED,  INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 
+    THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 
+    FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+    IN THE SOFTWARE.
+*/
+
+const { removeOrganizationAdmin } = require('../routes/organization_admin_routes');
+const knex = require('../utils/knex_config');
+
+/**
+ * Checks whether the specified person is an administrator 
+ * of the specified administrator
+ * @param {*} personId 
+ * @param {*} organizationId 
+ * @returns true if administrator, false otherwise
+ */
+async function isPersonAdmin(personId, organizationId){
+    const isPersonAdmin = await knex('OrganizationAdministrator')
+        .where('id_person', personId)
+        .where('id_organization', organizationId)
+        .select('*')
+        .first();
+    return isPersonAdmin;
+}
+
+/**
+ * Add the specified Person as the Organization administrator
+ * @param {*} personId 
+ * @param {*} organizationId 
+ */
+async function addOrganizationAdministrator(personId, organizationId){
+    await knex('OrganizationAdministrator')
+        .insert({
+            id_person: personId,
+            id_organization: organizationId
+        });
+}
+
+/**
+ * Remove Person from the Organization's administrators.
+ * If no more Administrators are left, the Organization is removed.
+ * @param {*} personId 
+ * @param {*} organizationId 
+ */
+async function removeOrganizationAdmin(personId, organizationId){
+    const transaction = await knex.transaction();
+  
+    // We lock the table to ensure that we won't have concurrency issues
+    // while checking remainingAdministrators.
+    // TODO: Understand whether a lock on the table is really necessary
+    await transaction.raw('LOCK TABLE "OrganizationAdministrator" IN SHARE MODE');
+    
+    await transaction('OrganizationAdministrator')
+      .where('id_person', personId)
+      .where('id_organization', organizationId)
+      .del();
+
+    // TODO: If the user instead deletes their entire profile, the organization will not be deleted. Fix. (database schema)
+    const remainingAdministrators = await transaction('OrganizationAdministrator')
+      .where({ id_organization: organizationId });
+
+    if (remainingAdministrators.length === 0) {
+      // If no more users, delete the organization
+      await transaction('Organization')
+          .where('id', organizationId)
+          .del();
+    }
+
+    await transaction.commit();
+}
+
+module.exports = {
+    isPersonAdmin,
+    addOrganizationAdministrator,
+    removeOrganizationAdmin
+  };

backend/apis/nodejs/src/routes/organization_admin_routes.js

@@ -12,6 +12,7 @@
 */
 
 const knex = require('../utils/knex_config');
+const organization_admin_model = require('../models/organization_admin_model');
 
 /**
  * POST Method
@@ -29,28 +30,19 @@ async function addOrganizationAdmin(req, res){
     }
   
     try {
-      const isPersonAdmin = await knex('OrganizationAdministrator')
+      const isPersonAdmin = await organization_admin_model.isPersonAdmin(req.jwt.person_id, req.body.organization_id);
-        .where('id_person', req.jwt.person_id)
+      // TOC/TOU
-        .where('id_organization', req.body.organization_id)
-        .select('*')
-        .first();
-  
       if(!isPersonAdmin){
         return res.status(401).json({error : "Forbidden"});
       }
-  
+      await organization_admin_model.addOrganizationAdministrator(req.body.person_id, req.body.organization_id);
-      await knex('OrganizationAdministrator')
-        .insert({
-          id_person: req.body.person_id,
-          id_organization: req.body.organization_id
-        });
       return res.status(200).json({success : true});
     }
     catch (error) {
       console.error('Error while adding organization admin: ' + error);
       res.status(500).json({error : "Internal server error"});
     }
-  }
+}
   
   /**
    * DELETE Request
@@ -69,39 +61,16 @@ async function addOrganizationAdmin(req, res){
       }
   
       try{
-        const transaction = await knex.transaction();
+        await organization_admin_model.removeOrganizationAdmin(req.jwt.person_id, req.body.organization_id);
-  
-        // We lock the table to ensure that we won't have concurrency issues
-        // while checking remainingAdministrators.
-        // TODO: Understand whether a lock on the table is necessary
-        await transaction.raw('LOCK TABLE "OrganizationAdministrator" IN SHARE MODE');
-        
-        await transaction('OrganizationAdministrator')
-          .where('id_person', req.jwt.person_id)
-          .where('id_organization', req.body.organization_id)
-          .del();
-  
-        // TODO: If the user instead deletes their entire profile, the organization will not be deleted. Fix. (database schema)
-        const remainingAdministrators = await transaction('OrganizationAdministrator')
-          .where({ id_organization: req.body.organization_id });
-  
-        if (remainingAdministrators.length === 0) {
-          // If no more users, delete the organization
-          await transaction('Organization')
-              .where('id', req.body.organization_id)
-              .del();
-        }
-  
-        await transaction.commit();
         return res.status(200).json({success : true});
       }
       catch (error){
         console.error(error);
         return res.status(500).json({ error: "Internal server error"});
       }
-  }
+}
 
-  module.exports = {
+module.exports = {
-    addOrganizationAdmin,
+  addOrganizationAdmin,
-    removeOrganizationAdmin
+  removeOrganizationAdmin
 };