From b05579f075213e0cd9c4104193b77b0a82dc4f1e Mon Sep 17 00:00:00 2001
From: Ludek Novy <13610612+ludeknovy@users.noreply.github.com>
Date: Thu, 7 Mar 2024 22:51:50 +0100
Subject: [PATCH] Bugfix: checking if user exist and filtering out admins
 during project creation (#304)

---
 .../project/create-project-controller.spec.ts |  3 +-
 .../project/create-project-controller.ts      | 30 +++++++++++--------
 2 files changed, 20 insertions(+), 13 deletions(-)

diff --git a/src/server/controllers/project/create-project-controller.spec.ts b/src/server/controllers/project/create-project-controller.spec.ts
index 0f0ac31e..b2994b31 100644
--- a/src/server/controllers/project/create-project-controller.spec.ts
+++ b/src/server/controllers/project/create-project-controller.spec.ts
@@ -70,7 +70,8 @@ describe("createProjectController", function () {
 
             (db.one as any).mockResolvedValueOnce({ exists: false });
             (db.one as any).mockResolvedValueOnce({ id: "123" })
-            const dbNoneMock = (db.none as any).mockImplementationOnce(() => jest.fn())
+            const dbNoneMock = (db.none as any).mockImplementationOnce(() => jest.fn());
+            (db.manyOrNone as any).mockResolvedValueOnce([{ id: 831, role: "operator" }])
 
             await createProjectController(request as unknown as IGetUserAuthInfoRequest,
                 response as unknown as Response, next)
diff --git a/src/server/controllers/project/create-project-controller.ts b/src/server/controllers/project/create-project-controller.ts
index 3bec4b1b..de33e9d0 100644
--- a/src/server/controllers/project/create-project-controller.ts
+++ b/src/server/controllers/project/create-project-controller.ts
@@ -26,18 +26,24 @@ export const createProjectController = async (req: IGetUserAuthInfoRequest, res:
             await db.query(addProjectMember(project.id, req.user.userId))
         }
         if (req.user.role === AllowedRoles.Admin && projectMembers?.length > 0) {
-            const columnSet = new pg.helpers.ColumnSet([
-                { name: "project_id", prop: "projectId" },
-                { name: "user_id", prop: "userId" }],
-                { table: new pg.helpers.TableName({ table: "user_project_access", schema: "jtl" }) })
-            const dataToBeInserted = projectMembers.map(user => ({
-                userId: user,
-                projectId: project.id,
-            }))
-            logger.info(`Granting access to following users ${projectMembers}`)
-            const query = pg.helpers.insert(dataToBeInserted, columnSet)
-            await db.none(query)
-
+            logger.info(`Checking users roles, ${projectMembers}`)
+            const usersWithRoles = await db.manyOrNone(
+                "SELECT users.role, users.id FROM jtl.users users WHERE users.id IN ($1:list)",
+                [projectMembers])
+            if (usersWithRoles && usersWithRoles.length > 0) {
+                const nonAdminUsers = usersWithRoles.filter(user => user.role !== AllowedRoles.Admin)
+                const columnSet = new pg.helpers.ColumnSet([
+                        { name: "project_id", prop: "projectId" },
+                        { name: "user_id", prop: "userId" }],
+                    { table: new pg.helpers.TableName({ table: "user_project_access", schema: "jtl" }) })
+                const dataToBeInserted = nonAdminUsers.map(user => ({
+                    userId: user.id,
+                    projectId: project.id,
+                }))
+                logger.info(`Granting access to following users ${nonAdminUsers.map(user => user.id)}`)
+                const query = pg.helpers.insert(dataToBeInserted, columnSet)
+                await db.none(query)
+            }
         }
     } else {
         return next(boom.conflict("Project already exists"))