Merge branch 'bentiss-api-fixes' into edge

Dockerfile

@@ -136,6 +136,7 @@ ENV BUILD_DEPS="apt-utils bsdtar gnupg gosu wget curl bzip2 build-essential pyth
 COPY ${SRC_PATH} /home/wekan/app
 
 RUN \
+    set -o xtrace && \
     # Add non-root user wekan
     useradd --user-group --system --home-dir /home/wekan wekan && \
     \

models/boards.js

@@ -276,6 +276,10 @@ Boards.helpers({
     return Users.find({ _id: { $in: _.pluck(this.members, 'userId') } });
   },
 
+  getMember(id) {
+    return _.findWhere(this.members, { userId: id });
+  },
+
   getLabel(name, color) {
     return _.findWhere(this.labels, { name, color });
   },
@@ -823,9 +827,9 @@ if (Meteor.isServer) {
     }
   });
 
-  JsonRoutes.add('GET', '/api/boards/:id', function (req, res) {
+  JsonRoutes.add('GET', '/api/boards/:boardId', function (req, res) {
     try {
-      const id = req.params.id;
+      const id = req.params.boardId;
       Authentication.checkBoardAccess(req.userId, id);
 
       JsonRoutes.sendResult(res, {
@@ -841,6 +845,34 @@ if (Meteor.isServer) {
     }
   });
 
+  JsonRoutes.add('PUT', '/api/boards/:boardId/members', function (req, res) {
+    Authentication.checkUserId(req.userId);
+    try {
+      const boardId = req.params.boardId;
+      const board = Boards.findOne({ _id: boardId });
+      const userId = req.body.userId;
+      const user = Users.findOne({ _id: userId });
+
+      if (!board.getMember(userId)) {
+        user.addInvite(boardId);
+        board.addMember(userId);
+        JsonRoutes.sendResult(res, {
+          code: 200,
+          data: id,
+        });
+      } else {
+        JsonRoutes.sendResult(res, {
+          code: 200,
+        });
+      }
+    }
+    catch (error) {
+      JsonRoutes.sendResult(res, {
+        data: error,
+      });
+    }
+  });
+
   JsonRoutes.add('POST', '/api/boards', function (req, res) {
     try {
       Authentication.checkUserId(req.userId);
@@ -878,10 +910,10 @@ if (Meteor.isServer) {
     }
   });
 
-  JsonRoutes.add('DELETE', '/api/boards/:id', function (req, res) {
+  JsonRoutes.add('DELETE', '/api/boards/:boardId', function (req, res) {
     try {
       Authentication.checkUserId(req.userId);
-      const id = req.params.id;
+      const id = req.params.boardId;
       Boards.remove({ _id: id });
       JsonRoutes.sendResult(res, {
         code: 200,
@@ -898,9 +930,9 @@ if (Meteor.isServer) {
     }
   });
 
-  JsonRoutes.add('PUT', '/api/boards/:id/labels', function (req, res) {
+  JsonRoutes.add('PUT', '/api/boards/:boardId/labels', function (req, res) {
     Authentication.checkUserId(req.userId);
-    const id = req.params.id;
+    const id = req.params.boardId;
     try {
       if (req.body.hasOwnProperty('label')) {
         const board = Boards.findOne({ _id: id });

models/cards.js

@@ -1514,6 +1514,16 @@ if (Meteor.isServer) {
       Cards.direct.update({_id: paramCardId, listId: paramListId, boardId: paramBoardId, archived: false},
         {$set: {customFields: newcustomFields}});
     }
+    if (req.body.hasOwnProperty('members')) {
+      const newmembers = req.body.members;
+      Cards.direct.update({_id: paramCardId, listId: paramListId, boardId: paramBoardId, archived: false},
+        {$set: {members: newmembers}});
+    }
+    if (req.body.hasOwnProperty('swimlaneId')) {
+      const newParamSwimlaneId = req.body.swimlaneId;
+      Cards.direct.update({_id: paramCardId, listId: paramListId, boardId: paramBoardId, archived: false},
+        {$set: {swimlaneId: newParamSwimlaneId}});
+    }
     JsonRoutes.sendResult(res, {
       code: 200,
       data: {

models/customFields.js

@@ -87,7 +87,13 @@ if (Meteor.isServer) {
     const paramBoardId = req.params.boardId;
     JsonRoutes.sendResult(res, {
       code: 200,
-      data: CustomFields.find({ boardId: paramBoardId }),
+      data: CustomFields.find({ boardId: paramBoardId }).map(function (cf) {
+        return {
+          _id: cf._id,
+          name: cf.name,
+          type: cf.type,
+        };
+      }),
     });
   });
 

models/export.js

@@ -48,7 +48,7 @@ class Exporter {
 
   build() {
     const byBoard = { boardId: this._boardId };
-    const byBoardNoLinked = { boardId: this._boardId, linkedId: '' };
+    const byBoardNoLinked = { boardId: this._boardId, linkedId: {$in: ['', null] } };
     // we do not want to retrieve boardId in related elements
     const noBoardId = {
       fields: {

models/users.js

@@ -713,10 +713,10 @@ if (Meteor.isServer) {
     }
   });
 
-  JsonRoutes.add('GET', '/api/users/:id', function (req, res) {
+  JsonRoutes.add('GET', '/api/users/:userId', function (req, res) {
     try {
       Authentication.checkUserId(req.userId);
-      const id = req.params.id;
+      const id = req.params.userId;
       JsonRoutes.sendResult(res, {
         code: 200,
         data: Meteor.users.findOne({ _id: id }),
@@ -730,10 +730,10 @@ if (Meteor.isServer) {
     }
   });
 
-  JsonRoutes.add('PUT', '/api/users/:id', function (req, res) {
+  JsonRoutes.add('PUT', '/api/users/:userId', function (req, res) {
     try {
       Authentication.checkUserId(req.userId);
-      const id = req.params.id;
+      const id = req.params.userId;
       const action = req.body.action;
       let data = Meteor.users.findOne({ _id: id });
       if (data !== undefined) {
@@ -872,10 +872,10 @@ if (Meteor.isServer) {
     }
   });
 
-  JsonRoutes.add('DELETE', '/api/users/:id', function (req, res) {
+  JsonRoutes.add('DELETE', '/api/users/:userId', function (req, res) {
     try {
       Authentication.checkUserId(req.userId);
-      const id = req.params.id;
+      const id = req.params.userId;
       Meteor.users.remove({ _id: id });
       JsonRoutes.sendResult(res, {
         code: 200,