Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(events): accepting an event must use a special route #286

Merged
merged 3 commits into from
Jul 10, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 4 additions & 2 deletions OPENAPI_DOC.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3019,7 +3019,7 @@ paths:
content:
application/json:
schema:
$ref: '#/components/schemas/PlaceCalendar__Event'
$ref: '#/components/schemas/Bool'
400:
description: Bad Request
content:
Expand Down Expand Up @@ -3103,7 +3103,7 @@ paths:
content:
application/json:
schema:
$ref: '#/components/schemas/PlaceCalendar__Event'
$ref: '#/components/schemas/Bool'
400:
description: Bad Request
content:
Expand Down Expand Up @@ -8119,6 +8119,8 @@ components:
- all_day
- attachments
nullable: true
Bool:
type: boolean
PlaceOS__Model__ModelWithAutoKey:
type: object
PlaceOS__Model__EventMetadata:
Expand Down
2 changes: 1 addition & 1 deletion shard.lock
Original file line number Diff line number Diff line change
Expand Up @@ -171,7 +171,7 @@ shards:

placeos-models:
git: https://github.com/placeos/models.git
version: 9.13.2
version: 9.14.0

pool:
git: https://github.com/ysbaddaden/pool.git
Expand Down
23 changes: 10 additions & 13 deletions spec/controllers/events_spec.cr
Original file line number Diff line number Diff line change
Expand Up @@ -465,9 +465,6 @@ describe Events do
it "#approve marks room as accepted" do
EventsHelper.stub_create_endpoints

WebMock.stub(:patch, "https://graph.microsoft.com/v1.0/users/room1%40example.com/calendar/events/")
.to_return(GuestsHelper.mock_event_query_json)

WebMock.stub(:get, "https://graph.microsoft.com/v1.0/users/room1%40example.com/calendar/events/AAMkADE3YmQxMGQ2LTRmZDgtNDljYy1hNDg1LWM0NzFmMGI0ZTQ3YgBGAAAAAADFYQb3DJ_xSJHh14kbXHWhBwB08dwEuoS_QYSBDzuv558sAAAAAAENAAB08dwEuoS_QYSBDzuv558sAACGVOwUAAA%3D")
.to_return(body: File.read("./spec/fixtures/events/o365/create.json"))

Expand All @@ -490,10 +487,11 @@ describe Events do
EventsHelper.stub_permissions_check(system_id)

# approve
resp = client.post("#{EVENTS_BASE}/#{created_event["id"]}/approve?system_id=#{system_id}", headers: headers).body
accepted_event = JSON.parse(resp)
room_attendee = accepted_event["attendees"].as_a.find { |a| a["email"] == "rmaudpswissalps@booking.demo.acaengine.com" }
room_attendee.not_nil!["response_status"].as_s.should eq("accepted")
WebMock.stub(:post, "https://graph.microsoft.com/v1.0/users/room1%40example.com/calendar/events/AAMkADE3YmQxMGQ2LTRmZDgtNDljYy1hNDg1LWM0NzFmMGI0ZTQ3YgBGAAAAAADFYQb3DJ_xSJHh14kbXHWhBwB08dwEuoS_QYSBDzuv558sAAAAAAENAAB08dwEuoS_QYSBDzuv558sAACGVOwUAAA%3D/accept")
.to_return({sucess: true}.to_json)

resp = client.post("#{EVENTS_BASE}/#{created_event["id"]}/approve?system_id=#{system_id}", headers: headers)
resp.success?.should eq true
end

it "#reject marks room as declined" do
Expand All @@ -508,8 +506,6 @@ describe Events do
WebMock.stub(:get, "https://graph.microsoft.com/v1.0/users/dev%40acaprojects.com/calendars")
.to_return(body: File.read("./spec/fixtures/calendars/o365/show.json"))

WebMock.stub(:patch, "https://graph.microsoft.com/v1.0/users/room1%40example.com/calendar/events/AAMkADE3YmQxMGQ2LTRmZDgtNDljYy1hNDg1LWM0NzFmMGI0ZTQ3YgBGAAAAAADFYQb3DJ_xSJHh14kbXHWhBwB08dwEuoS_QYSBDzuv558sAAAAAAENAAB08dwEuoS_QYSBDzuv558sAACGVOwUAAA%3D").to_return(body: File.read("./spec/fixtures/events/o365/update_with_declined.json"))

# Create event
req_body = EventsHelper.create_event_input
evt_resp = client.post(EVENTS_BASE, headers: headers, body: req_body)
Expand All @@ -519,12 +515,13 @@ describe Events do
.to_return(EventsHelper.event_query_response(created_event_id))

# reject
WebMock.stub(:post, "https://graph.microsoft.com/v1.0/users/room1%40example.com/calendar/events/AAMkADE3YmQxMGQ2LTRmZDgtNDljYy1hNDg1LWM0NzFmMGI0ZTQ3YgBGAAAAAADFYQb3DJ_xSJHh14kbXHWhBwB08dwEuoS_QYSBDzuv558sAAAAAAENAAB08dwEuoS_QYSBDzuv558sAACGVOwUAAA%3D/decline")
.to_return(body: {success: true}.to_json)

system_id = "sys-rJQQlR4Cn7"
EventsHelper.stub_permissions_check(system_id)
resp = client.post("#{EVENTS_BASE}/#{created_event["id"]}/reject?system_id=#{system_id}", headers: headers).body
declined_event = JSON.parse(resp)
room_attendee = declined_event["attendees"].as_a.find { |a| a["email"] == "rmaudpswissalps@booking.demo.acaengine.com" }
room_attendee.not_nil!["response_status"].as_s.should eq("declined")
resp = client.post("#{EVENTS_BASE}/#{created_event["id"]}/reject?system_id=#{system_id}", headers: headers)
resp.success?.should eq true
end

describe "#guest_list" do
Expand Down
44 changes: 8 additions & 36 deletions src/controllers/events.cr
Original file line number Diff line number Diff line change
Expand Up @@ -930,8 +930,12 @@ class Events < Application
event_id : String,
@[AC::Param::Info(description: "the event space associated with this event", example: "sys-1234")]
system_id : String
) : PlaceCalendar::Event
update_status(event_id, system_id, "accepted")
) : Bool
# Check this system has an associated resource
system = get_placeos_client.systems.fetch(system_id)
cal_id = system.email
raise AC::Route::Param::ValueError.new("system '#{system.name}' (#{system_id}) does not have a resource email address specified", "system_id") unless cal_id
client.accept_event(user.email, id: event_id, calendar_id: cal_id)
end

# rejects / declines the meeting on behalf of the event space
Expand All @@ -941,44 +945,12 @@ class Events < Application
event_id : String,
@[AC::Param::Info(description: "the event space associated with this event", example: "sys-1234")]
system_id : String
) : PlaceCalendar::Event
update_status(event_id, system_id, "declined")
end

private def update_status(event_id : String, system_id : String, status : String)
) : Bool
# Check this system has an associated resource
system = get_placeos_client.systems.fetch(system_id)
cal_id = system.email
raise AC::Route::Param::ValueError.new("system '#{system.name}' (#{system_id}) does not have a resource email address specified", "system_id") unless cal_id

# Check the event was in the calendar
event = client.get_event(user.email, id: event_id, calendar_id: cal_id)
raise Error::NotFound.new("event #{event_id} not found on system calendar #{cal_id}") unless event

# User details
user_email = user.email.downcase
host = event.host.try(&.downcase) || user_email

# check permisions
existing_attendees = event.attendees.try(&.map { |a| a.email.downcase }) || [] of String
unless user_email == host || user_email.in?(existing_attendees)
raise Error::Forbidden.new("user #{user_email} not involved in meeting and no role is permitted to make this change") if !(system && !check_access(user.roles, [system.id] + system.zones).none?)
end

# Existing attendees without system
attendees = event.attendees.uniq.reject { |attendee| attendee.email.downcase == cal_id.downcase }
# Adding back system with correct status
attendees << PlaceCalendar::Event::Attendee.new(name: cal_id, email: cal_id, response_status: status)

event.not_nil!.attendees = attendees

# Update the event (user must be a resource approver)
updated_event = client.update_event(user_id: user.email, event: event, calendar_id: cal_id)

# Return the full event details
metadata = get_event_metadata(event, system_id)

StaffApi::Event.augment(updated_event.not_nil!, system.email, system, metadata)
client.decline_event(user.email, id: event_id, calendar_id: cal_id)
end

# Event Guest management
Expand Down