Fix project endpoint that need :entityId instead of :id (#350)

Author: tschaffter

server/api/project/index.js

@@ -65,7 +65,7 @@ router.get('/', auth.isAuthenticated(), controller.index);
  *       '404':
  *         description: Project not found
  */
-router.get('/:id', auth.hasPermissionForEntity([
+router.get('/:entityId', auth.hasPermissionForEntity([
     READ_ACCESS,
     WRITE_ACCESS,
     ADMIN_ACCESS
@@ -125,7 +125,7 @@ router.post('/', auth.isAuthenticated(), controller.create);
  *       '404':
  *         description: Project not found
  */
-router.patch('/:id', auth.hasPermissionForEntity([
+router.patch('/:entityId', auth.hasPermissionForEntity([
     ADMIN_ACCESS
 ]), controller.patch);
 
@@ -138,16 +138,16 @@ router.patch('/:id', auth.hasPermissionForEntity([
  *     summary: Returns the visibility of the project.
  *     description: Returns the visibility of the project.
  *     produces:
- *       - application/json
+ *       - text/plain
  *     responses:
  *       '200':
  *         description: The visibility of the project
  *         content:
- *           application/json:
+ *           text/plain:
  *             schema:
  *               $ref: '#/components/schemas/EntityVisibility'
  */
-router.get('/:id/visibility', controller.showVisibility);
+router.get('/:id/visibility', auth.isAuthenticated(), controller.showVisibility);
 
 /**
  * @swagger

server/api/project/project.controller.js

@@ -31,7 +31,7 @@ export function index(req, res) {
 
 // Gets a single Project from the DB
 export function show(req, res) {
-    return Project.findById(req.params.id)
+    return Project.findById(req.params.entityId)
         .exec()
         .then(handleEntityNotFound(res))
         .then(respondWithResult(res))
@@ -53,7 +53,7 @@ export function create(req, res) {
 export function patch(req, res) {
     const patches = req.body.filter(patch => !['_id', 'createdAt', 'createdBy'].map(x => `/${x}`).includes(patch.path));
 
-    return Project.findById(req.params.id)
+    return Project.findById(req.params.entityId)
         .exec()
         .then(handleEntityNotFound(res))
         .then(patchUpdates(patches))
@@ -62,13 +62,13 @@ export function patch(req, res) {
 }
 
 // Deletes a Project from the DB
-export function destroy(req, res) {
-    return Project.findById(req.params.id)
-        .exec()
-        .then(handleEntityNotFound(res))
-        .then(removeEntity(res))
-        .catch(handleError(res));
-}
+// export function destroy(req, res) {
+//     return Project.findById(req.params.id)
+//         .exec()
+//         .then(handleEntityNotFound(res))
+//         .then(removeEntity(res))
+//         .catch(handleError(res));
+// }
 
 // Returns whether a project is public or private
 export function showVisibility(req, res) {

server/auth/auth.service.js

@@ -86,6 +86,7 @@ export function isAuthorizedForEntity(allowedAccesses) {
     return compose().use((req, res, next) =>
         _hasAccessToEntity(req.user._id, allowedAccesses, req.params.entityId)
             .then(accessGranted => {
+                console.log('_hasAccessToEntity OUTPUT', accessGranted);
                 if (accessGranted) return next();
                 return null;
             })