From 006ef7431503be58fe5a4b652bdc278862b8b232 Mon Sep 17 00:00:00 2001
From: Thom McGrath <thommcgrath@users.noreply.github.com>
Date: Sun, 3 Nov 2024 16:07:33 +0000
Subject: [PATCH] Sending a pusher notification when accepting an invite

---
 Website/api/v4/classes/ProjectInvite.php | 19 ++-----------------
 Website/www/account/invite.php           |  5 ++++-
 2 files changed, 6 insertions(+), 18 deletions(-)

diff --git a/Website/api/v4/classes/ProjectInvite.php b/Website/api/v4/classes/ProjectInvite.php
index a5defc7f9..a093c2bfc 100644
--- a/Website/api/v4/classes/ProjectInvite.php
+++ b/Website/api/v4/classes/ProjectInvite.php
@@ -103,21 +103,6 @@ public function IsExpired(): bool {
 		return $this->expirationDate < time();
 	}
 
-	protected static function UserIsAdmin(User $user, string $projectId): bool {
-		if (BeaconCommon::IsUUID($projectId) === false) {
-			return false;
-		}
-
-		$database = BeaconCommon::Database();
-		$rows = $database->Query('SELECT role FROM public.project_members WHERE user_id = $1 AND project_id = $2;', $user->UserId(), $projectId);
-		if ($rows->RecordCount() !== 1) {
-			return false;
-		}
-		$role = $rows->Field('role');
-
-		return $role === ProjectMember::kRoleOwner || $role === ProjectMember::kRoleAdmin;
-	}
-
 	public static function GetNewObjectPermissionsForUser(User $user, ?array $newObjectProperties): int {
 		if (is_null($newObjectProperties) || isset($newObjectProperties['projectId']) === false) {
 			return DatabaseObject::kPermissionNone;
@@ -135,7 +120,7 @@ public static function GetNewObjectPermissionsForUser(User $user, ?array $newObj
 			return DatabaseObject::kPermissionNone;
 		}
 
-		if ($desiredPermissions < $member->Permissions()) {
+		if ($member->IsAdmin() && $desiredPermissions < $member->Permissions()) {
 			return DatabaseObject::kPermissionAll;
 		} else {
 			return DatabaseObject::kPermissionNone;
@@ -152,7 +137,7 @@ public function GetPermissionsForUser(User $user): int {
 		} catch (Exception $err) {
 			return DatabaseObject::kPermissionNone;
 		}
-		if ($rolePermissions < $member->Permissions()) {
+		if ($member->IsAdmin() && $rolePermissions < $member->Permissions()) {
 			return DatabaseObject::kPermissionAll;
 		} else {
 			return DatabaseObject::kPermissionNone;
diff --git a/Website/www/account/invite.php b/Website/www/account/invite.php
index 51bf920ec..a70ad7314 100644
--- a/Website/www/account/invite.php
+++ b/Website/www/account/invite.php
@@ -64,6 +64,8 @@ function RedeemCode(string $code, bool $confirmed): void {
 		return;
 	}
 
+	$project = Project::Fetch($invite->ProjectId());
+
 	if ($confirmed) {
 		$database = BeaconCommon::Database();
 		$database->BeginTransaction();
@@ -85,10 +87,11 @@ function RedeemCode(string $code, bool $confirmed): void {
 		}
 		$database->Commit();
 
+		BeaconPusher::SharedInstance()->TriggerEvent($project->PusherChannelName(), 'members-updated', $member);
+
 		echo '<p class="text-center"><span class="text-blue">Project invite accepted!</span><br>You are now a member of the project.</p>';
 	} else {
 		// Show confirmation
-		$project = Project::Fetch($invite->ProjectId());
 		echo '<form action="/account/invite" method="post"><input type="hidden" name="process" value="invite-final"><input type="hidden" name="code" value="' . htmlentities($code) . '">';
 		echo '<p>This invite code will add you to the project &quot;' . htmlentities($project->Title()) . '&quot;</p>';
 		echo '<div class="double-group"><div>&nbsp;</div><div><div class="button-group"><div><a href="/account/invite" class="button">Cancel</a></div><div><input type="submit" value="Accept Invite"></div></div></div>';