Merge branch 'dev' into feature/registration_and_profile_page_improvements

Author: RishiRajSahu

src/config/constants.js

@@ -643,13 +643,15 @@ export const ROLE_CONNECT_ADMIN = 'Connect Admin'
 export const ROLE_ADMINISTRATOR = 'administrator'
 export const ROLE_CONNECT_COPILOT_MANAGER = 'Connect Copilot Manager'
 
+// to be able to start the Connect App we should pass at least the dummy value for `FILE_PICKER_API_KEY`
+// but if we want to test file uploading we should provide the real value in `FILE_PICKER_API_KEY` env variable
+export const FILE_PICKER_API_KEY = process.env.FILE_PICKER_API_KEY || 'DUMMY'
 // FIXME .. remove defaults
-export const FILE_PICKER_API_KEY = process.env.FILE_PICKER_API_KEY || ''
 export const FILE_PICKER_SUBMISSION_CONTAINER_NAME = process.env.FILE_PICKER_SUBMISSION_CONTAINER_NAME || 'submission-staging-dev'
 export const FILE_PICKER_CNAME = process.env.FILE_PICKER_CNAME || 'fs.topcoder.com'
 export const FILE_PICKER_FROM_SOURCES = process.env.FILE_PICKER_FROM_SOURCES || ['local_file_system', 'googledrive', 'dropbox']
 export const PROJECT_ATTACHMENTS_FOLDER = process.env.PROJECT_ATTACHMENTS_FOLDER || 'PROJECT_ATTACHMENTS'
-export const FILE_PICKER_ACCEPT = process.env.FILE_PICKER_ACCEPT || ['.bmp', '.gif', '.jpg', '.tex', '.xls', '.xlsx', '.doc', '.docx', '.zip', '.txt', '.pdf', '.png', '.ppt', '.pptx', '.rtf']
+export const FILE_PICKER_ACCEPT = process.env.FILE_PICKER_ACCEPT || ['.bmp', '.gif', '.jpg', '.tex', '.xls', '.xlsx', '.doc', '.docx', '.zip', '.txt', '.pdf', '.png', '.ppt', '.pptx', '.rtf', '.csv']
 
 export const SEGMENT_KEY = process.env.CONNECT_SEGMENT_KEY
 /*

src/helpers/permissions.js

@@ -1,28 +1,116 @@
 import store from '../config/store'
 import _ from 'lodash'
 
-export const checkPermission = (permission, project, entity) => {
-  const {projectRoles, topcoderRoles, handler} = permission
-  const currentUser =  _.get(store.getState(), 'loadUser.user', {})
-  const roles = currentUser.roles || []
-
-  if(project && projectRoles){
-    const currentProjectMember = _.find(project.members, m => m.userId===currentUser.userId)
-    if (currentProjectMember){
-      const currentUserRole = currentProjectMember.role
-      if (projectRoles.includes(currentUserRole)){
-        return true
-      }
-    }
+/**
+ * Check if user has permission.
+ * (The main permission method which should be used).
+ *
+ * This method uses permission defined in `permission`
+ * and checks that the logged-in user from Redux Store matches it.
+ *
+ * `permission` may be defined in two ways:
+ *  - **Full** way with defined `allowRule` and optional `denyRule`, example:
+ *    ```js
+ *    {
+ *       allowRule: {
+ *          projectRoles: [],
+ *          topcoderRoles: []
+ *       },
+ *       denyRule: {
+ *          projectRoles: [],
+ *          topcoderRoles: []
+ *       }
+ *    }
+ *    ```
+ *    If user matches `denyRule` then the access would be dined even if matches `allowRule`.
+ *  - **Simplified** way may be used if we only want to define `allowRule`.
+ *    We can skip the `allowRule` property and define `allowRule` directly inside `permission` object, example:
+ *    ```js
+ *    {
+ *       projectRoles: [],
+ *       topcoderRoles: []
+ *    }
+ *    ```
+ *    This **simplified** permission is equal to a **full** permission:
+ *    ```js
+ *    {
+ *       allowRule: {
+ *         projectRoles: [],
+ *         topcoderRoles: []
+ *       }
+ *    }
+ *    ```
+ *
+ * If we define any rule with `projectRoles` list, we also should provide `project`
+ * with the list of project members in `project.members`.
+ *
+ * @param {Object}        permissionRule               permission rule
+ * @param {Array<String>} permissionRule.projectRoles  the list of project roles of the user
+ * @param {Array<String>} permissionRule.topcoderRoles the list of Topcoder roles of the user
+ * @param {Object}        [project]                    project object - required to check `topcoderRoles`
+ * @param {Array}         project.members              list of project members - required to check `topcoderRoles`
+ *
+ * @returns {Boolean}     true, if has permission
+ */
+export const checkPermission = (permission, project) => {
+  const user =  _.get(store.getState(), 'loadUser.user', {})
+
+  const allowRule = permission.allowRule ? permission.allowRule : permission
+  const denyRule = permission.denyRule ? permission.denyRule : null
+
+  const allow = matchPermissionRule(allowRule, user, project)
+  const deny = matchPermissionRule(denyRule, user, project)
+
+  return allow && !deny
+}
+
+/**
+ * Check if user match the permission rule.
+ * (Helper method, most likely wouldn't be used directly).
+ *
+ * This method uses permission rule defined in `permissionRule`
+ * and checks that the `user` matches it.
+ *
+ * If we define a rule with `projectRoles` list, we also should provide `projectMembers`
+ * - the list of project members.
+ *
+ * @param {Object}        permissionRule               permission rule
+ * @param {Array<String>} permissionRule.projectRoles  the list of project roles of the user
+ * @param {Array<String>} permissionRule.topcoderRoles the list of Topcoder roles of the user
+ * @param {Object}        user                         user for whom we check permissions
+ * @param {Object}        user.roles                   list of user roles
+ * @param {Object}        [project]                    project object - required to check `topcoderRoles`
+ * @param {Array}         project.members              list of project members - required to check `topcoderRoles`
+ *
+ * @returns {Boolean}     true, if has permission
+ */
+const matchPermissionRule = (permissionRule, user, project) => {
+  let hasProjectRole = false
+  let hasTopcoderRole = false
+
+  // if no rule defined, no access by default
+  if (!permissionRule) {
+    return false
   }
 
-  if(topcoderRoles && roles.some(role => topcoderRoles.indexOf(role) !== -1)) {
-    return true
+  // check Project Roles
+  if (permissionRule.projectRoles
+    && permissionRule.projectRoles.length > 0
+    && project
+    && project.members
+  ) {
+    const userId = !_.isNumber(user.userId) ? parseInt(user.userId, 10) : user.userId
+    const member = _.find(project.members, { userId })
+    hasProjectRole = member && _.includes(permissionRule.projectRoles, member.role)
   }
 
-  if(handler && handler(currentUser, entity, project)) {
-    return true
+  // check Topcoder Roles
+  if (permissionRule.topcoderRoles && permissionRule.topcoderRoles.length > 0) {
+    hasTopcoderRole = _.intersection(
+      _.get(user, 'roles', []).map(role => role.toLowerCase()),
+      permissionRule.topcoderRoles.map(role => role.toLowerCase())
+    ).length > 0
   }
 
-  return false
-}
+  return hasProjectRole || hasTopcoderRole
+}

src/helpers/wizardHelper.js

@@ -23,6 +23,7 @@ import _ from 'lodash'
 import update from 'react-addons-update'
 import { evaluate, getFieldNamesFromExpression, populatePreparedConditions } from 'expression-evaluator'
 import { flatten, unflatten } from 'flat'
+import { checkPermission } from './permissions'
 
 /**
  * @typedef {Object} NodeObject
@@ -392,6 +393,13 @@ export const initWizard = (template, project, productTemplates, incompleteWizard
       node
     }
 
+    // precalculate the result for `userPermissionCondition`
+    if (nodeObject.userPermissionCondition && !checkPermission(nodeObject.userPermissionCondition)) {
+      // we calculate this value once as user permissions cannot be changed
+      // and we would use this value to calculate value of `hiddenByCondition`
+      nodeObject.__wizard.hiddenByPermission = true
+    }
+
     // add all found variables from condition to the list of dependant fields of the template
     if (nodeObject.condition) {
       wizardTemplate.__wizard.dependantFields = _.uniq([
@@ -426,6 +434,11 @@ export const initWizard = (template, project, productTemplates, incompleteWizard
       prevWizardStep = getPrevStepToShow(wizardTemplate, lastWizardStep)
     }
 
+    // if the first step we found is hidden, then search for the next step which is not hidden
+    if (!isNodeVisible(wizardTemplate, currentWizardStep)) {
+      currentWizardStep = getStepToShowByDir(wizardTemplate, currentWizardStep, NODE_DIR.NEXT)
+    }
+    // use provided `lastWizardStep` or use the first non-hidden step
     currentWizardStep = lastWizardStep || currentWizardStep
   }
 
@@ -880,7 +893,9 @@ const getParentNode = (node) => {
       ...node,
       subSectionIndex: -1
     }
-  } else if (node.sectionIndex !== -1) {
+  // we shouldn't return parent node with all indexes as `-1`
+  // that's why if we reach this point and `node.sectionIndex === 0` we should also return `null`
+  } else if (node.sectionIndex !== -1 && node.sectionIndex !== 0) {
     return {
       ...node,
       sectionIndex: -1
@@ -1095,8 +1110,10 @@ const getNodeWhichMustBeUpdatedByCondition = (template, flatProjectData) => {
   }
 
   forEachNode(template, (nodeObject, node) => {
-    if (nodeObject.condition) {
-      const hiddenByCondition = !evaluate(nodeObject.condition, flatProjectData)
+    if (nodeObject.condition || nodeObject.userPermissionCondition) {
+      // take into account the result of `userPermissionCondition` which we keep in `hiddenByPermission`
+      const hiddenByCondition = nodeObject.__wizard.hiddenByPermission
+        || nodeObject.condition && !evaluate(nodeObject.condition, flatProjectData)
 
       // only update if the condition result has changed
       if (hiddenByCondition !== nodeObject.__wizard.hiddenByCondition) {
@@ -1194,4 +1211,24 @@ export const buildProjectUpdateQueryByQueryParamSelectCondition = (template, que
   })
 
   return updateQuery
+}
+
+/**
+ * Check if node is visible taking into account parent nodes.
+ * If any parent node or node itself is hidden, then the node is treated as hidden.
+ *
+ * @param {Object} template template
+ * @param {Node} node node
+ *
+ * @returns {Boolean} true if node is visible
+ */
+const isNodeVisible = (template, node) => {
+  let isVisible = !_.get(getNodeObject(template, node), '__wizard.hiddenByCondition')
+
+  let tempNode = node
+  while (isVisible && (tempNode = getParentNode(tempNode))) {
+    isVisible = isVisible && !_.get(getNodeObject(template, tempNode), '__wizard.hiddenByCondition')
+  }
+
+  return isVisible
 }

src/projects/actions/loadProjects.js

@@ -64,7 +64,8 @@ const getProjectsWithMembers = (dispatch, getState, criteria, pageNum) => {
           resolve(true)
         return dispatch(loadMembers(userIds))
           .then(() => resolve(true))
-          .catch(err => reject(err))
+          // if some errors happens during members loading this should not break project list loading so we catch error here
+          .catch(() => {})
       })
       .catch(err => reject(err))
   })

src/projects/detail/components/PortalSubSection.jsx

@@ -26,11 +26,22 @@ const PortalSubSection = ({
   removeAttachment,
   canManageAttachments,
   attachmentsStorePath,
+  isCreation,
 }) => (
   <div>
     {content.map(({ sectionIndex }) => {
-      if (sectionIndex && sectionIndex !== -1 && template && template.sections[sectionIndex]) {
+      if (sectionIndex !== -1 && template && template.sections[sectionIndex]) {
         const section = template.sections[sectionIndex]
+
+        if (
+          // hide if section is hidden by condition
+          _.get(section, '__wizard.hiddenByCondition') ||
+          // hide section in edit mode, if it should be hidden on edit
+          !isCreation && section.hiddenOnEdit
+        ) {
+          return null
+        }
+
         return (
           <SpecSection
             key={'portal-' + (section.id || `section-${sectionIndex}`)}

src/projects/detail/components/ProjectPlanEmpty/ProjectPlanEmpty.jsx

@@ -17,8 +17,7 @@ const ProjectPlanEmpty = ({ isManageUser }) => {
   ) : ( 
     <div styleName="container">
       <h2>Welcome to your project plan</h2>
-      <p>Thank you for submitting your project requirements. In the next 24h someone from our team will reach out to you to discuss the project details with you so we can build the detailed project plan. Until then stand back and relax, we're working hard on your information.</p>
-      <p>If you feel like you have more things to send over, or want to reach out to us, please drop us a line at support@topcoder.com. Thanks!</p>
+      <p>We are reviewing your request. Within the next 24 hours, Topcoder will contact you to discuss next steps, including finalizing your sale and preparing our crowd to meet your needs. Once delivery is mobilized, your project plan will be updated to reflect your detailed delivery plan and will serve as your resource for engaging in key milestones and monitoring progress.</p>
     </div>
   )
 }

src/projects/detail/components/SpecQuestions.jsx

@@ -401,7 +401,7 @@ class SpecQuestions extends React.Component {
           (isCreation || !question.hiddenOnEdit)
         ).map((q, index) => {
           return  (
-            _.includes(['checkbox-group', 'radio-group', 'add-ons', 'textinput', 'textbox', 'numberinput', 'skills', 'slide-radiogroup', 'slider-standard', 'select-dropdown'], q.type) && q.visibilityForRendering === STEP_VISIBILITY.READ_OPTIMIZED ? (
+            _.includes(['checkbox', 'checkbox-group', 'radio-group', 'add-ons', 'textinput', 'textbox', 'numberinput', 'skills', 'slide-radiogroup', 'slider-standard', 'select-dropdown'], q.type) && q.visibilityForRendering === STEP_VISIBILITY.READ_OPTIMIZED ? (
               <Accordion
                 key={q.fieldName || `accordion-${index}`}
                 title={q.summaryTitle || q.title}

src/projects/detail/components/SpecSection.jsx

@@ -369,7 +369,8 @@ const SpecSection = props => {
             dirtyProject,
             currentWizardStep,
             productTemplates,
-            productCategories
+            productCategories,
+            isCreation
           }}
         />
       )

src/projects/detail/containers/DashboardContainer.jsx

@@ -272,7 +272,7 @@ class DashboardContainer extends React.Component {
           ) : (
             <ProjectPlanEmpty isManageUser={isManageUser} />
           )}
-          {isProjectLive && checkPermission(PERMISSIONS.EDIT_PROJECT_PLAN, project, phases)  && !isLoadingPhases && (<div styleName="add-button-container">
+          {isProjectLive && checkPermission(PERMISSIONS.EDIT_PROJECT_PLAN, project)  && !isLoadingPhases && (<div styleName="add-button-container">
             <Link to={`/projects/${project.id}/add-phase`} className="tc-btn tc-btn-primary tc-btn-sm action-btn">Add New Phase</Link>
           </div>)}
         </TwoColsLayout.Content>