Merge branch 'master' into fixShareNesting

lib/actions/addOwnedBy.js

@@ -4,10 +4,20 @@ const config = require('../config')
 const getOwnedBy = require('../query/ownedBy')
 const retrieveUris = require('../retrieveUris')
 const getUrisFromReq = require('../getUrisFromReq')
+const db = require('../db')
 
-module.exports = function (req, res) {
+module.exports = async function (req, res) {
   const userUri = req.body.user
 
+  var userId = ''
+  if (req.body.user.lastIndexOf('/') >= 0) {
+    userId = req.body.user.substring(req.body.user.lastIndexOf('/') + 1)
+  }
+
+  const user = await db.model.User.findOne({
+    where: db.sequelize.or({ email: userId }, { username: userId })
+  })
+
   const { graphUri, uri } = getUrisFromReq(req, res)
 
   const sharedAdditionQuery = loadTemplate('./sparql/AddToSharedCollection.sparql', {
@@ -23,6 +33,12 @@ module.exports = function (req, res) {
       })
     }
 
+    if (!user) {
+      return new Promise(function (resolve, reject) {
+        reject(new Error('user ' + userId + ' not recognized'))
+      })
+    }
+
     return sparql.updateQuery(sharedAdditionQuery, userUri).then(() => {
       return retrieveUris(uri, graphUri)
     }).then((uris) => {

lib/actions/removeOwnedBy.js

@@ -6,20 +6,19 @@ const loadTemplate = require('../loadTemplate')
 const getOwnedBy = require('../query/ownedBy')
 
 module.exports = function (req, res) {
-  const { graphUri, uri, share } = getUrisFromReq(req, res)
+  const { graphUri, uri, url } = getUrisFromReq(req, res)
 
   return getOwnedBy(uri, graphUri).then((ownedBy) => {
     if (ownedBy.indexOf(config.get('databasePrefix') + 'user/' + req.user.username) === -1) {
-      res.status(401).send('not authorized to remove an owner')
+      return res.status(401).send('Not authorized to remove an owner')
     }
 
-    return retrieveUris(uri, graphUri).then(uris => {
+    return retrieveUris(uri, graphUri).then((uris) => {
       let chunks = []
       let offset = config.get('resolveBatch')
 
       for (let i = 0; i < uris.length; i += offset) {
         let end = i + offset < uris.length ? i + offset : uris.length
-
         chunks.push(uris.slice(i, end))
       }
 
@@ -30,22 +29,33 @@ module.exports = function (req, res) {
 
       console.log(sharedRemovalQuery)
 
-      return sparql.updateQuery(sharedRemovalQuery, req.body.userUri).then(result => {
-        return Promise.all(chunks.map(chunk => {
-          let uris = chunk.map(uri => {
-            return '<' + uri + '> sbh:ownedBy <' + req.body.userUri + '>'
-          }).join(' . \n')
-
-          const updateQuery = loadTemplate('./sparql/RemoveOwnedBy.sparql', {
-            uris: uris
-          })
-          console.log(updateQuery)
-
-          return sparql.updateQuery(updateQuery, graphUri).then(() => {
-            res.redirect(share)
-          })
-        }))
-      })
+      return sparql.updateQuery(sharedRemovalQuery, req.body.userUri)
+        .then(() => {
+          return Promise.all(
+            chunks.map((chunk) => {
+              let uris = chunk
+                .map((uri) => `<${uri}> sbh:ownedBy <${req.body.userUri}>`)
+                .join(' . \n')
+
+              const updateQuery = loadTemplate('./sparql/RemoveOwnedBy.sparql', { uris })
+              console.log(updateQuery)
+
+              return sparql.updateQuery(updateQuery, graphUri)
+            })
+          )
+        })
+        .then(() => {
+          // Redirect only once after all promises resolve
+          if (!req.accepts('text/html')) {
+            res.status(200).send('Success')
+          } else {
+            res.redirect(url)
+          }
+        })
+        .catch((err) => {
+          console.error('Error:', err)
+          res.status(500).send(`Error removing ownership: ${err.message}`)
+        })
     })
   })
 }

lib/views/addOwner.js

@@ -14,9 +14,7 @@ module.exports = function (req, res) {
 
 function view (req, res) {
   const {
-    graphUri,
-    uri,
-    designId
+    uri
   } = getUrisFromReq(req, res)
 
   db.model.User.findAll().then(users => {
@@ -33,14 +31,22 @@ function view (req, res) {
 
 function post (req, res) {
   addOwnedBy(req, res).then(() => {
-    res.redirect(req.originalUrl.replace('/addOwner', ''))
+    if (!req.accepts('text/html')) {
+      res.status(200).send('Success')
+    } else {
+      res.redirect(req.originalUrl.replace('/addOwner', ''))
+    }
   }, function (err) {
-    const locals = {
-      config: config.get(),
-      section: 'errors',
-      user: req.user,
-      errors: [ err ]
+    if (!req.accepts('text/html')) {
+      res.status(400).send(err.message)
+    } else {
+      const locals = {
+        config: config.get(),
+        section: 'errors',
+        user: req.user,
+        errors: [ err ]
+      }
+      res.send(pug.renderFile('templates/views/errors/errors.jade', locals))
     }
-    res.send(pug.renderFile('templates/views/errors/errors.jade', locals))
   })
 }

sparql/RemoveFromSharedCollection.sparql

@@ -2,7 +2,7 @@ PREFIX dcterms: <http://purl.org/dc/terms/>
 PREFIX sbh: <http://wiki.synbiohub.org/wiki/Terms/synbiohub#>
 
 DELETE DATA {
-    <$uri> sbh:ownedBy <$userUri> .
+    <$userUri> sbh:canView <$uri> .
 } 
 
 

templates/layouts/identified.jade

@@ -225,7 +225,7 @@ block content
                                                             span.fa.fa-search
                                                         if(meta.canEdit && annotation.removeOwner)
                                                             form.form-inline(style="display: inline" method='POST', action=annotation.removeOwner)
-                                                                input(type='hidden' name='userUri' value=config.databasePrefix + 'user/' + annotation.value)
+                                                                input(type='hidden' name='userUri' value=config.databasePrefix + annotation.value)
                                                                 button.fakelink(type='submit')
                                                                     |  
                                                                     span.fa.fa-trash