diff --git a/manager2/src/app/admin/projects/projects.service.ts b/manager2/src/app/admin/projects/projects.service.ts index f3ed6d414..8b1e203f1 100644 --- a/manager2/src/app/admin/projects/projects.service.ts +++ b/manager2/src/app/admin/projects/projects.service.ts @@ -232,7 +232,7 @@ export class ProjectsService { ); } - add_manager(projectId: string, request: any): Observable { + add_manager(projectId: string, UserId: string): Observable { //let user = this.authService.profile; let params = new HttpParams(); @@ -243,13 +243,12 @@ export class ProjectsService { params: params }; return this.http.post( - environment.apiUrl + '/project/' + projectId + '/add/manager', - request, + environment.apiUrl + '/project/' + projectId + '/add/manager/' + UserId, httpOptions ); } - remove_manager(projectId: string, request: any): Observable { + remove_manager(projectId: string, UserId: string): Observable { //let user = this.authService.profile; let params = new HttpParams(); @@ -260,8 +259,7 @@ export class ProjectsService { params: params }; return this.http.post( - environment.apiUrl + '/project/' + projectId + '/remove/manager', - request, + environment.apiUrl + '/project/' + projectId + '/remove/manager/' + UserId, httpOptions ); } diff --git a/manager2/src/app/project/project.component.ts b/manager2/src/app/project/project.component.ts index 7810db1c5..6d083744f 100644 --- a/manager2/src/app/project/project.component.ts +++ b/manager2/src/app/project/project.component.ts @@ -246,7 +246,7 @@ export class ProjectComponent implements OnInit { return; } } - this.projectsService.add_manager(project.id, { 'user': user_id }).subscribe( + this.projectsService.add_manager(project.id, user_id).subscribe( resp => { this.owner_request_msg = resp['message'] this.show_project_users(project).catch(err => this.request_err_msg = err.error.message); @@ -266,7 +266,7 @@ export class ProjectComponent implements OnInit { this.owner_request_err_msg = 'The project owner is always a manager'; return; } - this.projectsService.remove_manager(project.id, { 'user': user_id }).subscribe( + this.projectsService.remove_manager(project.id, user_id).subscribe( resp => { this.owner_request_msg = resp['message'] this.show_project_users(project).catch(err => this.request_err_msg = err.error.message); diff --git a/routes/projects.js b/routes/projects.js index cbb6b142f..a91f685a3 100644 --- a/routes/projects.js +++ b/routes/projects.js @@ -429,7 +429,7 @@ router.post('/project/:id/request/user', async function(req, res) { }); -router.post('/project/:id/add/manager', async function(req, res) { +router.post('/project/:id/add/manager/:uid', async function(req, res) { if(!req.locals.logInfo.is_logged) { res.status(401).send({message: 'Not authorized'}); return; @@ -452,17 +452,17 @@ router.post('/project/:id/add/manager', async function(req, res) { res.status(401).send({message: 'User ' + user.uid + ' is not the owner of project ' + project.id}); return; } - const new_manager = await dbsrv.mongo_users().findOne({'uid': req.body.user}); + const new_manager = await dbsrv.mongo_users().findOne({'uid': req.params.uid}); if(!new_manager) { - res.status(404).send({message: 'User ' + req.body.user + ' not found'}); + res.status(404).send({message: 'User ' + req.params.uid + ' not found'}); return; } if(!(new_manager.projects && new_manager.projects.indexOf(project.id) >= 0)) { - res.status(403).send({message: 'User ' + req.body.user + ' is not in project ' + project.id}); + res.status(403).send({message: 'User ' + req.params.uid + ' is not in project ' + project.id}); return; } if(project.managers.includes(new_manager.uid)) { - res.status(403).send({message: 'User ' + req.body.user + ' is already a manager of project ' + project.id}); + res.status(403).send({message: 'User ' + req.params.uid + ' is already a manager of project ' + project.id}); return; } @@ -483,7 +483,7 @@ router.post('/project/:id/add/manager', async function(req, res) { }); -router.post('/project/:id/remove/manager', async function(req, res) { +router.post('/project/:id/remove/manager/:uid', async function(req, res) { if(!req.locals.logInfo.is_logged) { res.status(401).send({message: 'Not authorized'}); return; @@ -506,17 +506,17 @@ router.post('/project/:id/remove/manager', async function(req, res) { res.status(401).send({message: 'User ' + user.uid + ' is not the owner of project ' + project.id}); return; } - const ex_manager = await dbsrv.mongo_users().findOne({'uid': req.body.user}); + const ex_manager = await dbsrv.mongo_users().findOne({'uid': req.params.uid}); if(!ex_manager) { - res.status(404).send({message: 'User ' + req.body.user + ' not found'}); + res.status(404).send({message: 'User ' + req.params.uid + ' not found'}); return; } if(!(ex_manager.projects && ex_manager.projects.indexOf(project.id) >= 0)) { - res.status(403).send({message: 'User ' + req.body.user + ' is not in project ' + project.id}); + res.status(403).send({message: 'User ' + req.params.uid + ' is not in project ' + project.id}); return; } if(!project.managers.includes(ex_manager.uid)) { - res.status(403).send({message: 'User ' + req.body.user + ' is not a manager of project ' + project.id}); + res.status(403).send({message: 'User ' + req.params.uid + ' is not a manager of project ' + project.id}); return; }