2019-08-09 17:11:24 +03:00
|
|
|
const Promise = require('bluebird');
|
2020-05-28 21:30:23 +03:00
|
|
|
const {i18n} = require('../../lib/common');
|
|
|
|
const logging = require('../../../shared/logging');
|
2020-05-22 21:22:20 +03:00
|
|
|
const errors = require('@tryghost/errors');
|
2020-08-11 16:01:16 +03:00
|
|
|
const security = require('@tryghost/security');
|
2019-08-09 17:11:24 +03:00
|
|
|
const mailService = require('../../services/mail');
|
2020-05-28 13:57:02 +03:00
|
|
|
const urlUtils = require('../../../shared/url-utils');
|
2019-08-09 17:11:24 +03:00
|
|
|
const settingsCache = require('../../services/settings/cache');
|
|
|
|
const models = require('../../models');
|
|
|
|
const api = require('./index');
|
|
|
|
const ALLOWED_INCLUDES = [];
|
|
|
|
const UNSAFE_ATTRS = ['role_id'];
|
|
|
|
|
|
|
|
module.exports = {
|
|
|
|
docName: 'invites',
|
|
|
|
|
|
|
|
browse: {
|
|
|
|
options: [
|
|
|
|
'include',
|
|
|
|
'page',
|
|
|
|
'limit',
|
|
|
|
'fields',
|
|
|
|
'filter',
|
|
|
|
'order',
|
|
|
|
'debug'
|
|
|
|
],
|
|
|
|
validation: {
|
|
|
|
options: {
|
|
|
|
include: ALLOWED_INCLUDES
|
|
|
|
}
|
|
|
|
},
|
|
|
|
permissions: true,
|
|
|
|
query(frame) {
|
|
|
|
return models.Invite.findPage(frame.options);
|
|
|
|
}
|
|
|
|
},
|
|
|
|
|
|
|
|
read: {
|
|
|
|
options: [
|
|
|
|
'include'
|
|
|
|
],
|
|
|
|
data: [
|
|
|
|
'id',
|
|
|
|
'email'
|
|
|
|
],
|
|
|
|
validation: {
|
|
|
|
options: {
|
|
|
|
include: ALLOWED_INCLUDES
|
|
|
|
}
|
|
|
|
},
|
|
|
|
permissions: true,
|
|
|
|
query(frame) {
|
|
|
|
return models.Invite.findOne(frame.data, frame.options)
|
|
|
|
.then((model) => {
|
|
|
|
if (!model) {
|
2020-05-22 21:22:20 +03:00
|
|
|
return Promise.reject(new errors.NotFoundError({
|
|
|
|
message: i18n.t('errors.api.invites.inviteNotFound')
|
2019-08-09 17:11:24 +03:00
|
|
|
}));
|
|
|
|
}
|
|
|
|
|
|
|
|
return model;
|
|
|
|
});
|
|
|
|
}
|
|
|
|
},
|
|
|
|
|
|
|
|
destroy: {
|
|
|
|
statusCode: 204,
|
|
|
|
options: [
|
|
|
|
'include',
|
|
|
|
'id'
|
|
|
|
],
|
|
|
|
validation: {
|
|
|
|
options: {
|
|
|
|
include: ALLOWED_INCLUDES
|
|
|
|
}
|
|
|
|
},
|
|
|
|
permissions: true,
|
|
|
|
query(frame) {
|
|
|
|
frame.options.require = true;
|
|
|
|
|
|
|
|
return models.Invite.destroy(frame.options)
|
2020-04-13 13:21:47 +03:00
|
|
|
.then(() => null)
|
|
|
|
.catch(models.Invite.NotFoundError, () => {
|
2020-05-22 21:22:20 +03:00
|
|
|
return Promise.reject(new errors.NotFoundError({
|
|
|
|
message: i18n.t('errors.api.invites.inviteNotFound')
|
2020-04-13 13:21:47 +03:00
|
|
|
}));
|
|
|
|
});
|
2019-08-09 17:11:24 +03:00
|
|
|
}
|
|
|
|
},
|
|
|
|
|
|
|
|
add: {
|
|
|
|
statusCode: 201,
|
|
|
|
options: [
|
|
|
|
'include',
|
|
|
|
'email'
|
|
|
|
],
|
|
|
|
validation: {
|
|
|
|
options: {
|
|
|
|
include: ALLOWED_INCLUDES
|
|
|
|
},
|
|
|
|
data: {
|
|
|
|
role_id: {
|
|
|
|
required: true
|
|
|
|
},
|
|
|
|
email: {
|
|
|
|
required: true
|
|
|
|
}
|
|
|
|
}
|
|
|
|
},
|
|
|
|
permissions: {
|
|
|
|
unsafeAttrs: UNSAFE_ATTRS
|
|
|
|
},
|
|
|
|
query(frame) {
|
|
|
|
let invite;
|
|
|
|
let emailData;
|
|
|
|
|
|
|
|
// CASE: ensure we destroy the invite before
|
|
|
|
return models.Invite.findOne({email: frame.data.invites[0].email}, frame.options)
|
2020-10-20 02:02:56 +03:00
|
|
|
.then((existingInvite) => {
|
|
|
|
if (!existingInvite) {
|
2019-08-09 17:11:24 +03:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2020-10-20 02:02:56 +03:00
|
|
|
return existingInvite.destroy(frame.options);
|
2019-08-09 17:11:24 +03:00
|
|
|
})
|
|
|
|
.then(() => {
|
|
|
|
return models.Invite.add(frame.data.invites[0], frame.options);
|
|
|
|
})
|
2020-10-20 02:02:56 +03:00
|
|
|
.then((createdInvite) => {
|
|
|
|
invite = createdInvite;
|
2019-08-09 17:11:24 +03:00
|
|
|
|
|
|
|
const adminUrl = urlUtils.urlFor('admin', true);
|
|
|
|
|
|
|
|
emailData = {
|
|
|
|
blogName: settingsCache.get('title'),
|
|
|
|
invitedByName: frame.user.get('name'),
|
|
|
|
invitedByEmail: frame.user.get('email'),
|
|
|
|
resetLink: urlUtils.urlJoin(adminUrl, 'signup', security.url.encodeBase64(invite.get('token')), '/')
|
|
|
|
};
|
|
|
|
|
|
|
|
return mailService.utils.generateContent({data: emailData, template: 'invite-user'});
|
|
|
|
})
|
|
|
|
.then((emailContent) => {
|
|
|
|
const payload = {
|
|
|
|
mail: [{
|
|
|
|
message: {
|
|
|
|
to: invite.get('email'),
|
2020-05-22 21:22:20 +03:00
|
|
|
subject: i18n.t('common.api.users.mail.invitedByName', {
|
2019-08-09 17:11:24 +03:00
|
|
|
invitedByName: emailData.invitedByName,
|
|
|
|
blogName: emailData.blogName
|
|
|
|
}),
|
|
|
|
html: emailContent.html,
|
|
|
|
text: emailContent.text
|
|
|
|
},
|
|
|
|
options: {}
|
|
|
|
}]
|
|
|
|
};
|
|
|
|
|
|
|
|
return api.mail.send(payload, {context: {internal: true}});
|
|
|
|
})
|
|
|
|
.then(() => {
|
|
|
|
return models.Invite.edit({
|
|
|
|
status: 'sent'
|
|
|
|
}, Object.assign({id: invite.id}, frame.options));
|
|
|
|
})
|
2020-10-20 02:02:56 +03:00
|
|
|
.then((editedInvite) => {
|
|
|
|
return editedInvite;
|
2019-08-09 17:11:24 +03:00
|
|
|
})
|
|
|
|
.catch((err) => {
|
|
|
|
if (err && err.errorType === 'EmailError') {
|
2020-05-22 21:22:20 +03:00
|
|
|
const errorMessage = i18n.t('errors.api.invites.errorSendingEmail.error', {
|
2019-08-09 17:11:24 +03:00
|
|
|
message: err.message
|
|
|
|
});
|
2020-05-22 21:22:20 +03:00
|
|
|
const helpText = i18n.t('errors.api.invites.errorSendingEmail.help');
|
2019-08-09 17:11:24 +03:00
|
|
|
err.message = `${errorMessage} ${helpText}`;
|
2020-05-22 21:22:20 +03:00
|
|
|
logging.warn(err.message);
|
2019-08-09 17:11:24 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
return Promise.reject(err);
|
|
|
|
});
|
|
|
|
}
|
|
|
|
}
|
|
|
|
};
|