v0.9.88 major change sqlite to postgres
This commit is contained in:
@@ -1,302 +1,313 @@
|
||||
const express = require('express');
|
||||
const router = express.Router();
|
||||
const { getDb } = require('../models/db');
|
||||
const router = express.Router();
|
||||
const { query, queryOne, queryResult, exec } = require('../models/db');
|
||||
const { authMiddleware, adminMiddleware, teamManagerMiddleware } = require('../middleware/auth');
|
||||
|
||||
module.exports = function(io) {
|
||||
|
||||
// ── Helpers ───────────────────────────────────────────────────────────────────
|
||||
|
||||
function postSysMsg(db, groupId, actorId, content) {
|
||||
const r = db.prepare(`INSERT INTO messages (group_id, user_id, content, type) VALUES (?, ?, ?, 'system')`).run(groupId, actorId, content);
|
||||
const msg = db.prepare(`
|
||||
SELECT m.*, u.name as user_name, u.display_name as user_display_name,
|
||||
u.avatar as user_avatar, u.role as user_role, u.status as user_status,
|
||||
u.hide_admin_tag as user_hide_admin_tag, u.about_me as user_about_me, u.allow_dm as user_allow_dm
|
||||
FROM messages m JOIN users u ON m.user_id = u.id WHERE m.id = ?
|
||||
`).get(r.lastInsertRowid);
|
||||
async function postSysMsg(schema, groupId, actorId, content) {
|
||||
const r = await queryResult(schema,
|
||||
"INSERT INTO messages (group_id,user_id,content,type) VALUES ($1,$2,$3,'system') RETURNING id",
|
||||
[groupId, actorId, content]
|
||||
);
|
||||
const msg = await queryOne(schema, `
|
||||
SELECT m.*, u.name AS user_name, u.display_name AS user_display_name,
|
||||
u.avatar AS user_avatar, u.role AS user_role, u.status AS user_status,
|
||||
u.hide_admin_tag AS user_hide_admin_tag, u.about_me AS user_about_me, u.allow_dm AS user_allow_dm
|
||||
FROM messages m JOIN users u ON m.user_id=u.id WHERE m.id=$1
|
||||
`, [r.rows[0].id]);
|
||||
if (msg) { msg.reactions = []; io.to(`group:${groupId}`).emit('message:new', msg); }
|
||||
}
|
||||
|
||||
// Add user silently — no system message (used during initial creation)
|
||||
function addUserSilent(db, dmGroupId, userId) {
|
||||
db.prepare("INSERT OR IGNORE INTO group_members (group_id, user_id, joined_at) VALUES (?, ?, datetime('now'))").run(dmGroupId, userId);
|
||||
async function addUserSilent(schema, dmGroupId, userId) {
|
||||
await exec(schema, 'INSERT INTO group_members (group_id,user_id) VALUES ($1,$2) ON CONFLICT DO NOTHING', [dmGroupId, userId]);
|
||||
io.in(`user:${userId}`).socketsJoin(`group:${dmGroupId}`);
|
||||
const dmGroup = db.prepare('SELECT * FROM groups WHERE id = ?').get(dmGroupId);
|
||||
const dmGroup = await queryOne(schema, 'SELECT * FROM groups WHERE id=$1', [dmGroupId]);
|
||||
if (dmGroup) io.to(`user:${userId}`).emit('group:new', { group: dmGroup });
|
||||
}
|
||||
|
||||
// Add user with system message (used when editing existing group)
|
||||
function addUser(db, dmGroupId, userId, actorId) {
|
||||
addUserSilent(db, dmGroupId, userId);
|
||||
const u = db.prepare('SELECT name, display_name FROM users WHERE id = ?').get(userId);
|
||||
postSysMsg(db, dmGroupId, actorId, `${u?.display_name || u?.name || 'A user'} has joined the conversation.`);
|
||||
async function addUser(schema, dmGroupId, userId, actorId) {
|
||||
await addUserSilent(schema, dmGroupId, userId);
|
||||
const u = await queryOne(schema, 'SELECT name,display_name FROM users WHERE id=$1', [userId]);
|
||||
await postSysMsg(schema, dmGroupId, actorId, `${u?.display_name||u?.name||'A user'} has joined the conversation.`);
|
||||
}
|
||||
|
||||
// Remove user with system message
|
||||
function removeUser(db, dmGroupId, userId, actorId) {
|
||||
db.prepare('DELETE FROM group_members WHERE group_id = ? AND user_id = ?').run(dmGroupId, userId);
|
||||
async function removeUser(schema, dmGroupId, userId, actorId) {
|
||||
await exec(schema, 'DELETE FROM group_members WHERE group_id=$1 AND user_id=$2', [dmGroupId, userId]);
|
||||
io.in(`user:${userId}`).socketsLeave(`group:${dmGroupId}`);
|
||||
io.to(`user:${userId}`).emit('group:deleted', { groupId: dmGroupId });
|
||||
const u = db.prepare('SELECT name, display_name FROM users WHERE id = ?').get(userId);
|
||||
postSysMsg(db, dmGroupId, actorId, `${u?.display_name || u?.name || 'A user'} has been removed from the conversation.`);
|
||||
const u = await queryOne(schema, 'SELECT name,display_name FROM users WHERE id=$1', [userId]);
|
||||
await postSysMsg(schema, dmGroupId, actorId, `${u?.display_name||u?.name||'A user'} has been removed from the conversation.`);
|
||||
}
|
||||
|
||||
function getUserIdsForGroup(db, userGroupId) {
|
||||
return db.prepare('SELECT user_id FROM user_group_members WHERE user_group_id = ?').all(userGroupId).map(r => r.user_id);
|
||||
async function getUserIdsForGroup(schema, userGroupId) {
|
||||
const rows = await query(schema, 'SELECT user_id FROM user_group_members WHERE user_group_id=$1', [userGroupId]);
|
||||
return rows.map(r => r.user_id);
|
||||
}
|
||||
|
||||
// ── Current user's group memberships (no admin required) ────────────────────────
|
||||
router.get('/me', authMiddleware, (req, res) => {
|
||||
const db = getDb();
|
||||
const groupIds = db.prepare('SELECT user_group_id FROM user_group_members WHERE user_id = ?').all(req.user.id).map(r => r.user_group_id);
|
||||
res.json({ groupIds });
|
||||
});
|
||||
|
||||
// ── MULTI-GROUP DMs — must come before /:id ───────────────────────────────────
|
||||
|
||||
router.get('/multigroup', authMiddleware, teamManagerMiddleware, (req, res) => {
|
||||
const db = getDb();
|
||||
const dms = db.prepare(`
|
||||
SELECT mgd.*,
|
||||
(SELECT COUNT(*) FROM multi_group_dm_members WHERE multi_group_dm_id = mgd.id) as group_count
|
||||
FROM multi_group_dms mgd ORDER BY mgd.name ASC
|
||||
`).all();
|
||||
for (const dm of dms) {
|
||||
dm.memberGroupIds = db.prepare('SELECT user_group_id FROM multi_group_dm_members WHERE multi_group_dm_id = ?').all(dm.id).map(r => r.user_group_id);
|
||||
}
|
||||
res.json({ dms });
|
||||
});
|
||||
|
||||
router.post('/multigroup', authMiddleware, teamManagerMiddleware, (req, res) => {
|
||||
const { name, userGroupIds = [] } = req.body;
|
||||
if (!name?.trim()) return res.status(400).json({ error: 'Name required' });
|
||||
if (userGroupIds.length < 2) return res.status(400).json({ error: 'At least two user groups required' });
|
||||
const db = getDb();
|
||||
if (db.prepare('SELECT id FROM multi_group_dms WHERE LOWER(name) = LOWER(?)').get(name.trim())) {
|
||||
return res.status(400).json({ error: 'Name already in use' });
|
||||
}
|
||||
// Check for duplicate user group set
|
||||
const newGroupIds = [...new Set(userGroupIds.map(Number).filter(Boolean))].sort();
|
||||
const allDms = db.prepare('SELECT id, name FROM multi_group_dms').all();
|
||||
for (const existing of allDms) {
|
||||
const existingIds = db.prepare('SELECT user_group_id FROM multi_group_dm_members WHERE multi_group_dm_id = ?').all(existing.id).map(r => r.user_group_id).sort();
|
||||
if (existingIds.length === newGroupIds.length && existingIds.every((id, i) => id === newGroupIds[i])) {
|
||||
return res.status(400).json({ error: `DM not created — "${existing.name}" already exists with the same member groups.` });
|
||||
// GET /me — current user's user-group memberships
|
||||
router.get('/me', authMiddleware, async (req, res) => {
|
||||
try {
|
||||
const rows = await query(req.schema, 'SELECT user_group_id FROM user_group_members WHERE user_id=$1', [req.user.id]);
|
||||
const groupIds = rows.map(r => r.user_group_id);
|
||||
if (groupIds.length === 0) return res.json({ userGroups: [] });
|
||||
const placeholders = groupIds.map((_,i) => `$${i+1}`).join(',');
|
||||
const userGroups = await query(req.schema, `SELECT * FROM user_groups WHERE id IN (${placeholders}) ORDER BY name ASC`, groupIds);
|
||||
// Also resolve multi-group DMs this user can see
|
||||
const mgDms = await query(req.schema, `
|
||||
SELECT mgd.*, (SELECT COUNT(*) FROM multi_group_dm_members WHERE multi_group_dm_id=mgd.id) AS group_count
|
||||
FROM multi_group_dms mgd
|
||||
JOIN multi_group_dm_members mgdm ON mgdm.multi_group_dm_id=mgd.id
|
||||
WHERE mgdm.user_group_id IN (${placeholders})
|
||||
GROUP BY mgd.id ORDER BY mgd.name ASC
|
||||
`, groupIds);
|
||||
for (const dm of mgDms) {
|
||||
dm.memberGroupIds = (await query(req.schema, 'SELECT user_group_id FROM multi_group_dm_members WHERE multi_group_dm_id=$1', [dm.id])).map(r => r.user_group_id);
|
||||
}
|
||||
}
|
||||
const admin = db.prepare('SELECT id FROM users WHERE is_default_admin = 1').get();
|
||||
const dmResult = db.prepare(`INSERT INTO groups (name, type, owner_id, is_managed) VALUES (?, 'private', ?, 1)`).run(name.trim(), admin?.id || req.user.id);
|
||||
const dmGroupId = dmResult.lastInsertRowid;
|
||||
const mgResult = db.prepare(`INSERT INTO multi_group_dms (name, dm_group_id) VALUES (?, ?)`).run(name.trim(), dmGroupId);
|
||||
const mgId = mgResult.lastInsertRowid;
|
||||
|
||||
const validGroupIds = userGroupIds.map(Number).filter(Boolean);
|
||||
const addedUsers = new Set();
|
||||
for (const ugId of validGroupIds) {
|
||||
db.prepare('INSERT OR IGNORE INTO multi_group_dm_members (multi_group_dm_id, user_group_id) VALUES (?, ?)').run(mgId, ugId);
|
||||
for (const uid of getUserIdsForGroup(db, ugId)) {
|
||||
if (!addedUsers.has(uid)) { addedUsers.add(uid); addUserSilent(db, dmGroupId, uid); }
|
||||
}
|
||||
}
|
||||
|
||||
const dm = db.prepare('SELECT * FROM multi_group_dms WHERE id = ?').get(mgId);
|
||||
dm.memberGroupIds = validGroupIds;
|
||||
dm.group_count = validGroupIds.length;
|
||||
res.json({ dm });
|
||||
res.json({ userGroups, multiGroupDms: mgDms });
|
||||
} catch (e) { res.status(500).json({ error: e.message }); }
|
||||
});
|
||||
|
||||
router.patch('/multigroup/:id', authMiddleware, teamManagerMiddleware, (req, res) => {
|
||||
const db = getDb();
|
||||
const mg = db.prepare('SELECT * FROM multi_group_dms WHERE id = ?').get(req.params.id);
|
||||
if (!mg) return res.status(404).json({ error: 'Not found' });
|
||||
// GET /multigroup
|
||||
router.get('/multigroup', authMiddleware, teamManagerMiddleware, async (req, res) => {
|
||||
try {
|
||||
const dms = await query(req.schema, `
|
||||
SELECT mgd.*, (SELECT COUNT(*) FROM multi_group_dm_members WHERE multi_group_dm_id=mgd.id) AS group_count
|
||||
FROM multi_group_dms mgd ORDER BY mgd.name ASC
|
||||
`);
|
||||
for (const dm of dms) {
|
||||
dm.memberGroupIds = (await query(req.schema, 'SELECT user_group_id FROM multi_group_dm_members WHERE multi_group_dm_id=$1', [dm.id])).map(r => r.user_group_id);
|
||||
}
|
||||
res.json({ dms });
|
||||
} catch (e) { res.status(500).json({ error: e.message }); }
|
||||
});
|
||||
|
||||
// POST /multigroup
|
||||
router.post('/multigroup', authMiddleware, teamManagerMiddleware, async (req, res) => {
|
||||
const { name, userGroupIds } = req.body;
|
||||
|
||||
if (name && name.trim() !== mg.name) {
|
||||
if (db.prepare('SELECT id FROM multi_group_dms WHERE LOWER(name) = LOWER(?) AND id != ?').get(name.trim(), mg.id)) {
|
||||
return res.status(400).json({ error: 'Name already in use' });
|
||||
if (!name?.trim()) return res.status(400).json({ error: 'Name required' });
|
||||
if (!Array.isArray(userGroupIds) || userGroupIds.length < 2) return res.status(400).json({ error: 'At least 2 groups required' });
|
||||
try {
|
||||
// Check for existing DM with same groups
|
||||
const existing = await queryOne(req.schema, 'SELECT * FROM multi_group_dms WHERE LOWER(name)=LOWER($1)', [name.trim()]);
|
||||
if (existing) {
|
||||
const existingIds = (await query(req.schema, 'SELECT user_group_id FROM multi_group_dm_members WHERE multi_group_dm_id=$1', [existing.id])).map(r => r.user_group_id).sort();
|
||||
const newIds = [...userGroupIds].map(Number).sort();
|
||||
if (JSON.stringify(existingIds) === JSON.stringify(newIds)) return res.status(400).json({ error: 'A DM with these groups already exists' });
|
||||
}
|
||||
db.prepare("UPDATE multi_group_dms SET name = ?, updated_at = datetime('now') WHERE id = ?").run(name.trim(), mg.id);
|
||||
if (mg.dm_group_id) db.prepare("UPDATE groups SET name = ?, updated_at = datetime('now') WHERE id = ?").run(name.trim(), mg.dm_group_id);
|
||||
}
|
||||
// Create the chat group
|
||||
const gr = await queryResult(req.schema,
|
||||
"INSERT INTO groups (name,type,is_readonly,is_managed,is_multi_group) VALUES ($1,'private',FALSE,TRUE,TRUE) RETURNING id",
|
||||
[name.trim()]
|
||||
);
|
||||
const dmGroupId = gr.rows[0].id;
|
||||
// Create multi_group_dms record
|
||||
const mgr = await queryResult(req.schema,
|
||||
'INSERT INTO multi_group_dms (name,dm_group_id) VALUES ($1,$2) RETURNING id',
|
||||
[name.trim(), dmGroupId]
|
||||
);
|
||||
const mgId = mgr.rows[0].id;
|
||||
// Add each user group and their members
|
||||
const addedUsers = new Set();
|
||||
for (const ugId of userGroupIds) {
|
||||
await exec(req.schema, 'INSERT INTO multi_group_dm_members (multi_group_dm_id,user_group_id) VALUES ($1,$2) ON CONFLICT DO NOTHING', [mgId, ugId]);
|
||||
const uids = await getUserIdsForGroup(req.schema, ugId);
|
||||
for (const uid of uids) {
|
||||
if (!addedUsers.has(uid)) {
|
||||
addedUsers.add(uid);
|
||||
await addUserSilent(req.schema, dmGroupId, uid);
|
||||
}
|
||||
}
|
||||
}
|
||||
const dmGroup = await queryOne(req.schema, 'SELECT * FROM groups WHERE id=$1', [dmGroupId]);
|
||||
res.json({ dm: { id: mgId, name: name.trim(), dm_group_id: dmGroupId, group_count: userGroupIds.length }, group: dmGroup });
|
||||
} catch (e) { res.status(500).json({ error: e.message }); }
|
||||
});
|
||||
|
||||
if (Array.isArray(userGroupIds) && mg.dm_group_id) {
|
||||
const newGroupIds = new Set(userGroupIds.map(Number).filter(Boolean));
|
||||
const currentGroupIds = new Set(db.prepare('SELECT user_group_id FROM multi_group_dm_members WHERE multi_group_dm_id = ?').all(mg.id).map(r => r.user_group_id));
|
||||
|
||||
for (const ugId of newGroupIds) {
|
||||
// PATCH /multigroup/:id
|
||||
router.patch('/multigroup/:id', authMiddleware, teamManagerMiddleware, async (req, res) => {
|
||||
const { userGroupIds } = req.body;
|
||||
try {
|
||||
const mg = await queryOne(req.schema, 'SELECT * FROM multi_group_dms WHERE id=$1', [req.params.id]);
|
||||
if (!mg) return res.status(404).json({ error: 'Not found' });
|
||||
if (!Array.isArray(userGroupIds)) return res.status(400).json({ error: 'userGroupIds required' });
|
||||
const currentGroupIds = new Set((await query(req.schema, 'SELECT user_group_id FROM multi_group_dm_members WHERE multi_group_dm_id=$1', [mg.id])).map(r => r.user_group_id));
|
||||
const newGroupSet = new Set(userGroupIds.map(Number));
|
||||
for (const ugId of newGroupSet) {
|
||||
if (!currentGroupIds.has(ugId)) {
|
||||
db.prepare("INSERT OR IGNORE INTO multi_group_dm_members (multi_group_dm_id, user_group_id) VALUES (?, ?)").run(mg.id, ugId);
|
||||
// Add users silently — no per-user notifications in multi-group DMs
|
||||
for (const uid of getUserIdsForGroup(db, ugId)) addUserSilent(db, mg.dm_group_id, uid);
|
||||
const ug = db.prepare('SELECT name FROM user_groups WHERE id = ?').get(ugId);
|
||||
if (ug) postSysMsg(db, mg.dm_group_id, req.user.id, `Group "${ug.name}" has been added to this conversation.`);
|
||||
await exec(req.schema, 'INSERT INTO multi_group_dm_members (multi_group_dm_id,user_group_id) VALUES ($1,$2) ON CONFLICT DO NOTHING', [mg.id, ugId]);
|
||||
const uids = await getUserIdsForGroup(req.schema, ugId);
|
||||
for (const uid of uids) await addUserSilent(req.schema, mg.dm_group_id, uid);
|
||||
await postSysMsg(req.schema, mg.dm_group_id, req.user.id, `A new group has joined this conversation.`);
|
||||
}
|
||||
}
|
||||
for (const ugId of currentGroupIds) {
|
||||
if (!newGroupIds.has(ugId)) {
|
||||
db.prepare('DELETE FROM multi_group_dm_members WHERE multi_group_dm_id = ? AND user_group_id = ?').run(mg.id, ugId);
|
||||
// Remove users silently — no per-user notifications in multi-group DMs
|
||||
for (const uid of getUserIdsForGroup(db, ugId)) {
|
||||
const stillIn = db.prepare('SELECT 1 FROM multi_group_dm_members mgdm JOIN user_group_members ugm ON ugm.user_group_id = mgdm.user_group_id WHERE mgdm.multi_group_dm_id = ? AND ugm.user_id = ?').get(mg.id, uid);
|
||||
if (!newGroupSet.has(ugId)) {
|
||||
await exec(req.schema, 'DELETE FROM multi_group_dm_members WHERE multi_group_dm_id=$1 AND user_group_id=$2', [mg.id, ugId]);
|
||||
const uids = await getUserIdsForGroup(req.schema, ugId);
|
||||
for (const uid of uids) {
|
||||
const stillIn = await queryOne(req.schema, `
|
||||
SELECT 1 FROM multi_group_dm_members mgdm JOIN user_group_members ugm ON ugm.user_group_id=mgdm.user_group_id
|
||||
WHERE mgdm.multi_group_dm_id=$1 AND ugm.user_id=$2
|
||||
`, [mg.id, uid]);
|
||||
if (!stillIn) {
|
||||
db.prepare('DELETE FROM group_members WHERE group_id = ? AND user_id = ?').run(mg.dm_group_id, uid);
|
||||
await exec(req.schema, 'DELETE FROM group_members WHERE group_id=$1 AND user_id=$2', [mg.dm_group_id, uid]);
|
||||
io.in(`user:${uid}`).socketsLeave(`group:${mg.dm_group_id}`);
|
||||
io.to(`user:${uid}`).emit('group:deleted', { groupId: mg.dm_group_id });
|
||||
}
|
||||
}
|
||||
const ug = db.prepare('SELECT name FROM user_groups WHERE id = ?').get(ugId);
|
||||
if (ug) postSysMsg(db, mg.dm_group_id, req.user.id, `Group "${ug.name}" has been removed from this conversation.`);
|
||||
await postSysMsg(req.schema, mg.dm_group_id, req.user.id, `A group has been removed from this conversation.`);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
const updated = db.prepare('SELECT * FROM multi_group_dms WHERE id = ?').get(req.params.id);
|
||||
updated.memberGroupIds = db.prepare('SELECT user_group_id FROM multi_group_dm_members WHERE multi_group_dm_id = ?').all(mg.id).map(r => r.user_group_id);
|
||||
updated.group_count = updated.memberGroupIds.length;
|
||||
res.json({ dm: updated });
|
||||
res.json({ success: true });
|
||||
} catch (e) { res.status(500).json({ error: e.message }); }
|
||||
});
|
||||
|
||||
router.delete('/multigroup/:id', authMiddleware, teamManagerMiddleware, (req, res) => {
|
||||
const db = getDb();
|
||||
const mg = db.prepare('SELECT * FROM multi_group_dms WHERE id = ?').get(req.params.id);
|
||||
if (!mg) return res.status(404).json({ error: 'Not found' });
|
||||
if (mg.dm_group_id) {
|
||||
const members = db.prepare('SELECT user_id FROM group_members WHERE group_id = ?').all(mg.dm_group_id).map(r => r.user_id);
|
||||
db.prepare('DELETE FROM groups WHERE id = ?').run(mg.dm_group_id);
|
||||
for (const uid of members) io.to(`user:${uid}`).emit('group:deleted', { groupId: mg.dm_group_id });
|
||||
}
|
||||
db.prepare('DELETE FROM multi_group_dms WHERE id = ?').run(mg.id);
|
||||
res.json({ success: true });
|
||||
// DELETE /multigroup/:id
|
||||
router.delete('/multigroup/:id', authMiddleware, teamManagerMiddleware, async (req, res) => {
|
||||
try {
|
||||
const mg = await queryOne(req.schema, 'SELECT * FROM multi_group_dms WHERE id=$1', [req.params.id]);
|
||||
if (!mg) return res.status(404).json({ error: 'Not found' });
|
||||
if (mg.dm_group_id) {
|
||||
const members = (await query(req.schema, 'SELECT user_id FROM group_members WHERE group_id=$1', [mg.dm_group_id])).map(r => r.user_id);
|
||||
await exec(req.schema, 'DELETE FROM groups WHERE id=$1', [mg.dm_group_id]);
|
||||
for (const uid of members) io.to(`user:${uid}`).emit('group:deleted', { groupId: mg.dm_group_id });
|
||||
}
|
||||
await exec(req.schema, 'DELETE FROM multi_group_dms WHERE id=$1', [mg.id]);
|
||||
res.json({ success: true });
|
||||
} catch (e) { res.status(500).json({ error: e.message }); }
|
||||
});
|
||||
|
||||
// ── USER GROUPS ───────────────────────────────────────────────────────────────
|
||||
|
||||
router.get('/', authMiddleware, teamManagerMiddleware, (req, res) => {
|
||||
const db = getDb();
|
||||
const groups = db.prepare(`
|
||||
SELECT ug.*,
|
||||
(SELECT COUNT(*) FROM user_group_members WHERE user_group_id = ug.id) as member_count
|
||||
FROM user_groups ug ORDER BY ug.name ASC
|
||||
`).all();
|
||||
res.json({ groups });
|
||||
// GET / — list all user groups
|
||||
router.get('/', authMiddleware, teamManagerMiddleware, async (req, res) => {
|
||||
try {
|
||||
const groups = await query(req.schema, `
|
||||
SELECT ug.*, (SELECT COUNT(*) FROM user_group_members WHERE user_group_id=ug.id) AS member_count
|
||||
FROM user_groups ug ORDER BY ug.name ASC
|
||||
`);
|
||||
res.json({ groups });
|
||||
} catch (e) { res.status(500).json({ error: e.message }); }
|
||||
});
|
||||
|
||||
router.get('/:id', authMiddleware, teamManagerMiddleware, (req, res) => {
|
||||
const db = getDb();
|
||||
const group = db.prepare('SELECT * FROM user_groups WHERE id = ?').get(req.params.id);
|
||||
if (!group) return res.status(404).json({ error: 'Not found' });
|
||||
const members = db.prepare(`
|
||||
SELECT u.id, u.name, u.display_name, u.avatar, u.role, u.status
|
||||
FROM user_group_members ugm JOIN users u ON u.id = ugm.user_id
|
||||
WHERE ugm.user_group_id = ? ORDER BY u.name ASC
|
||||
`).all(req.params.id);
|
||||
res.json({ group, members });
|
||||
// GET /:id
|
||||
router.get('/:id', authMiddleware, teamManagerMiddleware, async (req, res) => {
|
||||
try {
|
||||
const group = await queryOne(req.schema, 'SELECT * FROM user_groups WHERE id=$1', [req.params.id]);
|
||||
if (!group) return res.status(404).json({ error: 'Not found' });
|
||||
const members = await query(req.schema, `
|
||||
SELECT u.id,u.name,u.display_name,u.avatar,u.role,u.status
|
||||
FROM user_group_members ugm JOIN users u ON u.id=ugm.user_id
|
||||
WHERE ugm.user_group_id=$1 ORDER BY u.name ASC
|
||||
`, [req.params.id]);
|
||||
res.json({ group, members });
|
||||
} catch (e) { res.status(500).json({ error: e.message }); }
|
||||
});
|
||||
|
||||
router.post('/', authMiddleware, teamManagerMiddleware, (req, res) => {
|
||||
// POST / — create user group
|
||||
router.post('/', authMiddleware, teamManagerMiddleware, async (req, res) => {
|
||||
const { name, memberIds = [] } = req.body;
|
||||
if (!name?.trim()) return res.status(400).json({ error: 'Name required' });
|
||||
const db = getDb();
|
||||
if (db.prepare('SELECT id FROM user_groups WHERE LOWER(name) = LOWER(?)').get(name.trim())) {
|
||||
return res.status(400).json({ error: 'A group with that name already exists' });
|
||||
}
|
||||
// Check for duplicate member set
|
||||
const newIds = [...new Set((Array.isArray(memberIds) ? memberIds : []).map(Number).filter(Boolean))].sort();
|
||||
if (newIds.length > 0) {
|
||||
const allGroups = db.prepare('SELECT id, name FROM user_groups').all();
|
||||
for (const existing of allGroups) {
|
||||
const existingIds = db.prepare('SELECT user_id FROM user_group_members WHERE user_group_id = ?').all(existing.id).map(r => r.user_id).sort();
|
||||
if (existingIds.length === newIds.length && existingIds.every((id, i) => id === newIds[i])) {
|
||||
return res.status(400).json({ error: `Group not created — "${existing.name}" already exists with the same members.` });
|
||||
}
|
||||
try {
|
||||
const existing = await queryOne(req.schema, 'SELECT id FROM user_groups WHERE LOWER(name)=LOWER($1)', [name.trim()]);
|
||||
if (existing) return res.status(400).json({ error: 'Name already in use' });
|
||||
// Create the managed DM group
|
||||
const gr = await queryResult(req.schema,
|
||||
"INSERT INTO groups (name,type,is_readonly,is_managed) VALUES ($1,'private',FALSE,TRUE) RETURNING id",
|
||||
[name.trim()]
|
||||
);
|
||||
const dmGroupId = gr.rows[0].id;
|
||||
const ugr = await queryResult(req.schema,
|
||||
'INSERT INTO user_groups (name,dm_group_id) VALUES ($1,$2) RETURNING id',
|
||||
[name.trim(), dmGroupId]
|
||||
);
|
||||
const ugId = ugr.rows[0].id;
|
||||
for (const uid of memberIds) {
|
||||
await exec(req.schema, 'INSERT INTO user_group_members (user_group_id,user_id) VALUES ($1,$2) ON CONFLICT DO NOTHING', [ugId, uid]);
|
||||
await addUserSilent(req.schema, dmGroupId, uid);
|
||||
}
|
||||
}
|
||||
const admin = db.prepare('SELECT id FROM users WHERE is_default_admin = 1').get();
|
||||
const dmResult = db.prepare(`INSERT INTO groups (name, type, owner_id, is_readonly, is_direct, is_managed) VALUES (?, 'private', ?, 0, 0, 1)`).run(name.trim(), admin?.id || req.user.id);
|
||||
const dmGroupId = dmResult.lastInsertRowid;
|
||||
const ugResult = db.prepare(`INSERT INTO user_groups (name, dm_group_id) VALUES (?, ?)`).run(name.trim(), dmGroupId);
|
||||
const ugId = ugResult.lastInsertRowid;
|
||||
|
||||
for (const uid of (Array.isArray(memberIds) ? memberIds.map(Number).filter(Boolean) : [])) {
|
||||
db.prepare("INSERT OR IGNORE INTO user_group_members (user_group_id, user_id) VALUES (?, ?)").run(ugId, uid);
|
||||
addUserSilent(db, dmGroupId, uid);
|
||||
}
|
||||
const group = db.prepare('SELECT * FROM user_groups WHERE id = ?').get(ugId);
|
||||
res.json({ group });
|
||||
const ug = await queryOne(req.schema, 'SELECT * FROM user_groups WHERE id=$1', [ugId]);
|
||||
res.json({ userGroup: ug });
|
||||
} catch (e) { res.status(500).json({ error: e.message }); }
|
||||
});
|
||||
|
||||
router.patch('/:id', authMiddleware, teamManagerMiddleware, (req, res) => {
|
||||
const db = getDb();
|
||||
const ug = db.prepare('SELECT * FROM user_groups WHERE id = ?').get(req.params.id);
|
||||
if (!ug) return res.status(404).json({ error: 'Not found' });
|
||||
// PATCH /:id
|
||||
router.patch('/:id', authMiddleware, teamManagerMiddleware, async (req, res) => {
|
||||
const { name, memberIds } = req.body;
|
||||
try {
|
||||
const ug = await queryOne(req.schema, 'SELECT * FROM user_groups WHERE id=$1', [req.params.id]);
|
||||
if (!ug) return res.status(404).json({ error: 'Not found' });
|
||||
|
||||
if (name && name.trim() !== ug.name) {
|
||||
if (db.prepare('SELECT id FROM user_groups WHERE LOWER(name) = LOWER(?) AND id != ?').get(name.trim(), ug.id)) {
|
||||
return res.status(400).json({ error: 'Name already in use' });
|
||||
}
|
||||
db.prepare("UPDATE user_groups SET name = ?, updated_at = datetime('now') WHERE id = ?").run(name.trim(), ug.id);
|
||||
if (ug.dm_group_id) db.prepare("UPDATE groups SET name = ?, updated_at = datetime('now') WHERE id = ?").run(name.trim(), ug.dm_group_id);
|
||||
}
|
||||
|
||||
if (Array.isArray(memberIds) && ug.dm_group_id) {
|
||||
const newIds = new Set(memberIds.map(Number).filter(Boolean));
|
||||
const currentSet = new Set(db.prepare('SELECT user_id FROM user_group_members WHERE user_group_id = ?').all(ug.id).map(r => r.user_id));
|
||||
|
||||
const addedUids = [];
|
||||
const removedUids = [];
|
||||
|
||||
for (const uid of newIds) {
|
||||
if (!currentSet.has(uid)) {
|
||||
db.prepare("INSERT OR IGNORE INTO user_group_members (user_group_id, user_id) VALUES (?, ?)").run(ug.id, uid);
|
||||
// Add to UG DM with individual notification
|
||||
addUser(db, ug.dm_group_id, uid, req.user.id);
|
||||
addedUids.push(uid);
|
||||
}
|
||||
}
|
||||
for (const uid of currentSet) {
|
||||
if (!newIds.has(uid)) {
|
||||
db.prepare('DELETE FROM user_group_members WHERE user_group_id = ? AND user_id = ?').run(ug.id, uid);
|
||||
// For managed DMs, membership is controlled solely by the user group — always remove
|
||||
removeUser(db, ug.dm_group_id, uid, req.user.id);
|
||||
removedUids.push(uid);
|
||||
}
|
||||
if (name && name.trim() !== ug.name) {
|
||||
const conflict = await queryOne(req.schema, 'SELECT id FROM user_groups WHERE LOWER(name)=LOWER($1) AND id!=$2', [name.trim(), ug.id]);
|
||||
if (conflict) return res.status(400).json({ error: 'Name already in use' });
|
||||
await exec(req.schema, 'UPDATE user_groups SET name=$1, updated_at=NOW() WHERE id=$2', [name.trim(), ug.id]);
|
||||
if (ug.dm_group_id) await exec(req.schema, 'UPDATE groups SET name=$1, updated_at=NOW() WHERE id=$2', [name.trim(), ug.dm_group_id]);
|
||||
}
|
||||
|
||||
// For multi-group DMs: add/remove users silently, post group-level notification once
|
||||
const mgDms = db.prepare('SELECT mgd.id, mgd.dm_group_id FROM multi_group_dm_members mgdm JOIN multi_group_dms mgd ON mgd.id = mgdm.multi_group_dm_id WHERE mgdm.user_group_id = ?').all(ug.id);
|
||||
for (const mg of mgDms) {
|
||||
if (!mg.dm_group_id) continue;
|
||||
for (const uid of addedUids) addUserSilent(db, mg.dm_group_id, uid);
|
||||
for (const uid of removedUids) {
|
||||
const stillInMg = db.prepare('SELECT 1 FROM multi_group_dm_members mgdm JOIN user_group_members ugm ON ugm.user_group_id = mgdm.user_group_id WHERE mgdm.multi_group_dm_id = ? AND ugm.user_id = ?').get(mg.id, uid);
|
||||
if (!stillInMg) {
|
||||
db.prepare('DELETE FROM group_members WHERE group_id = ? AND user_id = ?').run(mg.dm_group_id, uid);
|
||||
io.in(`user:${uid}`).socketsLeave(`group:${mg.dm_group_id}`);
|
||||
io.to(`user:${uid}`).emit('group:deleted', { groupId: mg.dm_group_id });
|
||||
if (Array.isArray(memberIds) && ug.dm_group_id) {
|
||||
const newIds = new Set(memberIds.map(Number).filter(Boolean));
|
||||
const currentSet = new Set((await query(req.schema, 'SELECT user_id FROM user_group_members WHERE user_group_id=$1', [ug.id])).map(r => r.user_id));
|
||||
const addedUids = [], removedUids = [];
|
||||
|
||||
for (const uid of newIds) {
|
||||
if (!currentSet.has(uid)) {
|
||||
await exec(req.schema, 'INSERT INTO user_group_members (user_group_id,user_id) VALUES ($1,$2) ON CONFLICT DO NOTHING', [ug.id, uid]);
|
||||
await addUser(req.schema, ug.dm_group_id, uid, req.user.id);
|
||||
addedUids.push(uid);
|
||||
}
|
||||
}
|
||||
for (const uid of currentSet) {
|
||||
if (!newIds.has(uid)) {
|
||||
await exec(req.schema, 'DELETE FROM user_group_members WHERE user_group_id=$1 AND user_id=$2', [ug.id, uid]);
|
||||
await removeUser(req.schema, ug.dm_group_id, uid, req.user.id);
|
||||
removedUids.push(uid);
|
||||
}
|
||||
}
|
||||
if (addedUids.length > 0) postSysMsg(db, mg.dm_group_id, req.user.id, `Members were added to group "${ug.name}" and have joined this conversation.`);
|
||||
if (removedUids.length > 0) postSysMsg(db, mg.dm_group_id, req.user.id, `Members were removed from group "${ug.name}" and have left this conversation.`);
|
||||
}
|
||||
}
|
||||
|
||||
const updated = db.prepare('SELECT * FROM user_groups WHERE id = ?').get(req.params.id);
|
||||
res.json({ group: updated });
|
||||
// Propagate to multi-group DMs
|
||||
const mgDms = await query(req.schema, `
|
||||
SELECT mgd.id, mgd.dm_group_id FROM multi_group_dm_members mgdm
|
||||
JOIN multi_group_dms mgd ON mgd.id=mgdm.multi_group_dm_id WHERE mgdm.user_group_id=$1
|
||||
`, [ug.id]);
|
||||
for (const mg of mgDms) {
|
||||
if (!mg.dm_group_id) continue;
|
||||
for (const uid of addedUids) await addUserSilent(req.schema, mg.dm_group_id, uid);
|
||||
for (const uid of removedUids) {
|
||||
const stillIn = await queryOne(req.schema, `
|
||||
SELECT 1 FROM multi_group_dm_members mgdm JOIN user_group_members ugm ON ugm.user_group_id=mgdm.user_group_id
|
||||
WHERE mgdm.multi_group_dm_id=$1 AND ugm.user_id=$2
|
||||
`, [mg.id, uid]);
|
||||
if (!stillIn) {
|
||||
await exec(req.schema, 'DELETE FROM group_members WHERE group_id=$1 AND user_id=$2', [mg.dm_group_id, uid]);
|
||||
io.in(`user:${uid}`).socketsLeave(`group:${mg.dm_group_id}`);
|
||||
io.to(`user:${uid}`).emit('group:deleted', { groupId: mg.dm_group_id });
|
||||
}
|
||||
}
|
||||
if (addedUids.length > 0) await postSysMsg(req.schema, mg.dm_group_id, req.user.id, `Members were added to group "${ug.name}" and have joined this conversation.`);
|
||||
if (removedUids.length > 0) await postSysMsg(req.schema, mg.dm_group_id, req.user.id, `Members were removed from group "${ug.name}" and have left this conversation.`);
|
||||
}
|
||||
}
|
||||
|
||||
const updated = await queryOne(req.schema, 'SELECT * FROM user_groups WHERE id=$1', [req.params.id]);
|
||||
res.json({ group: updated });
|
||||
} catch (e) { res.status(500).json({ error: e.message }); }
|
||||
});
|
||||
|
||||
router.delete('/:id', authMiddleware, teamManagerMiddleware, (req, res) => {
|
||||
const db = getDb();
|
||||
const ug = db.prepare('SELECT * FROM user_groups WHERE id = ?').get(req.params.id);
|
||||
if (!ug) return res.status(404).json({ error: 'Not found' });
|
||||
if (ug.dm_group_id) {
|
||||
const members = db.prepare('SELECT user_id FROM group_members WHERE group_id = ?').all(ug.dm_group_id).map(r => r.user_id);
|
||||
db.prepare('DELETE FROM groups WHERE id = ?').run(ug.dm_group_id);
|
||||
for (const uid of members) io.to(`user:${uid}`).emit('group:deleted', { groupId: ug.dm_group_id });
|
||||
}
|
||||
db.prepare('DELETE FROM user_groups WHERE id = ?').run(ug.id);
|
||||
res.json({ success: true });
|
||||
// DELETE /:id
|
||||
router.delete('/:id', authMiddleware, teamManagerMiddleware, async (req, res) => {
|
||||
try {
|
||||
const ug = await queryOne(req.schema, 'SELECT * FROM user_groups WHERE id=$1', [req.params.id]);
|
||||
if (!ug) return res.status(404).json({ error: 'Not found' });
|
||||
if (ug.dm_group_id) {
|
||||
const members = (await query(req.schema, 'SELECT user_id FROM group_members WHERE group_id=$1', [ug.dm_group_id])).map(r => r.user_id);
|
||||
await exec(req.schema, 'DELETE FROM groups WHERE id=$1', [ug.dm_group_id]);
|
||||
for (const uid of members) { io.in(`user:${uid}`).socketsLeave(`group:${ug.dm_group_id}`); io.to(`user:${uid}`).emit('group:deleted', { groupId: ug.dm_group_id }); }
|
||||
}
|
||||
await exec(req.schema, 'DELETE FROM user_groups WHERE id=$1', [ug.id]);
|
||||
res.json({ success: true });
|
||||
} catch (e) { res.status(500).json({ error: e.message }); }
|
||||
});
|
||||
|
||||
return router;
|
||||
|
||||
Reference in New Issue
Block a user