From 447ac93649ec1417778fee08f5cd164a9bad7558 Mon Sep 17 00:00:00 2001
From: swve <bdswve@gmail.com>
Date: Wed, 22 Mar 2023 22:54:28 +0100
Subject: [PATCH] feat: forward org_id values for lectures

---
 .../course/[courseid]/edit/page.tsx           | 118 +++++++++---------
 .../[orgslug]/(withmenu)/courses/new/page.tsx |   3 +-
 front/services/courses/lectures.ts            |   6 +-
 src/routers/courses/lectures.py               |   2 +-
 src/services/courses/chapters.py              |   7 +-
 src/services/courses/lectures/lectures.py     |   6 +-
 6 files changed, 75 insertions(+), 67 deletions(-)

diff --git a/front/app/_orgs/[orgslug]/(withmenu)/course/[courseid]/edit/page.tsx b/front/app/_orgs/[orgslug]/(withmenu)/course/[courseid]/edit/page.tsx
index 55ec892d..ebf1fd6b 100644
--- a/front/app/_orgs/[orgslug]/(withmenu)/course/[courseid]/edit/page.tsx
+++ b/front/app/_orgs/[orgslug]/(withmenu)/course/[courseid]/edit/page.tsx
@@ -13,6 +13,7 @@ import { useRouter } from "next/navigation";
 import NewChapterModal from "@components/Modals/CourseEdit/NewChapter";
 import NewLectureModal from "@components/Modals/CourseEdit/NewLecture";
 import { createLecture, createFileLecture } from "@services/courses/lectures";
+import { getOrganizationContextInfo } from "@services/orgs";
 
 function CourseEdit(params: any) {
   const router = useRouter();
@@ -31,6 +32,8 @@ function CourseEdit(params: any) {
   const courseid = params.params.courseid;
   const orgslug = params.params.orgslug;
 
+  
+
   async function getCourseChapters() {
     const courseChapters = await getCourseChaptersMetadata(courseid);
     setData(courseChapters);
@@ -75,8 +78,9 @@ function CourseEdit(params: any) {
   // Submit new lecture
   const submitLecture = async (lecture: any) => {
     console.log("submitLecture", lecture);
+    let org = await getOrganizationContextInfo(orgslug);
     await updateChaptersMetadata(courseid, data);
-    await createLecture(lecture, lecture.chapterId);
+    await createLecture(lecture, lecture.chapterId, org.org_id);
     await getCourseChapters();
     setNewLectureModal(false);
   };
@@ -226,63 +230,63 @@ function CourseEdit(params: any) {
 
   return (
     <>
-    <Page>
-      <Title>
-        Edit Course {" "}
-        <button
-          onClick={() => {
-            setNewChapterModal(true);
-          }}
-        >
-          Add chapter +
-        </button>
-        <button
-          onClick={() => {
-            updateChapters();
-          }}
-        >
-          Save 
-        </button>
-      </Title>
-      {newChapterModal && <NewChapterModal closeModal={closeNewChapterModal} submitChapter={submitChapter}></NewChapterModal>}
-      {newLectureModal && (
-        <NewLectureModal
-          closeModal={closeNewLectureModal}
-          submitFileLecture={submitFileLecture}
-          submitLecture={submitLecture}
-          chapterId={newLectureModalData}
-        ></NewLectureModal>
-      )}
+      <Page>
+        <Title>
+          Edit Course {" "}
+          <button
+            onClick={() => {
+              setNewChapterModal(true);
+            }}
+          >
+            Add chapter +
+          </button>
+          <button
+            onClick={() => {
+              updateChapters();
+            }}
+          >
+            Save
+          </button>
+        </Title>
+        {newChapterModal && <NewChapterModal closeModal={closeNewChapterModal} submitChapter={submitChapter}></NewChapterModal>}
+        {newLectureModal && (
+          <NewLectureModal
+            closeModal={closeNewLectureModal}
+            submitFileLecture={submitFileLecture}
+            submitLecture={submitLecture}
+            chapterId={newLectureModalData}
+          ></NewLectureModal>
+        )}
 
-      <br />
-      {winReady && (
-        <ChapterlistWrapper>
-          <DragDropContext onDragEnd={onDragEnd}>
-            <Droppable key="chapters" droppableId="chapters" type="chapter">
-              {(provided) => (
-                <>
-                  <div key={"chapters"} {...provided.droppableProps} ref={provided.innerRef}>
-                    {getChapters().map((info: any, index: any) => (
-                      <>
-                        <Chapter
-                          orgslug={orgslug}
-                          courseid={courseid}
-                          openNewLectureModal={openNewLectureModal}
-                          deleteChapter={deleteChapterUI}
-                          key={index}
-                          info={info}
-                          index={index}
-                        ></Chapter>
-                      </>
-                    ))}
-                    {provided.placeholder}
-                  </div>
-                </>
-              )}
-            </Droppable>
-          </DragDropContext>
-        </ChapterlistWrapper>
-      )}
+        <br />
+        {winReady && (
+          <ChapterlistWrapper>
+            <DragDropContext onDragEnd={onDragEnd}>
+              <Droppable key="chapters" droppableId="chapters" type="chapter">
+                {(provided) => (
+                  <>
+                    <div key={"chapters"} {...provided.droppableProps} ref={provided.innerRef}>
+                      {getChapters().map((info: any, index: any) => (
+                        <>
+                          <Chapter
+                            orgslug={orgslug}
+                            courseid={courseid}
+                            openNewLectureModal={openNewLectureModal}
+                            deleteChapter={deleteChapterUI}
+                            key={index}
+                            info={info}
+                            index={index}
+                          ></Chapter>
+                        </>
+                      ))}
+                      {provided.placeholder}
+                    </div>
+                  </>
+                )}
+              </Droppable>
+            </DragDropContext>
+          </ChapterlistWrapper>
+        )}
       </Page>
     </>
   );
diff --git a/front/app/_orgs/[orgslug]/(withmenu)/courses/new/page.tsx b/front/app/_orgs/[orgslug]/(withmenu)/courses/new/page.tsx
index a9f755f9..8acc5a8a 100644
--- a/front/app/_orgs/[orgslug]/(withmenu)/courses/new/page.tsx
+++ b/front/app/_orgs/[orgslug]/(withmenu)/courses/new/page.tsx
@@ -6,6 +6,7 @@ import Layout from "@components/UI/Layout";
 import { Title } from "@components/UI/Elements/Styles/Title";
 import { createNewCourse } from "@services/courses/courses";
 import { getOrganizationContextInfo } from "@services/orgs";
+import { getUriWithOrg } from "@services/config";
 
 const NewCoursePage = (params: any) => {
   const router = useRouter();
@@ -40,7 +41,7 @@ const NewCoursePage = (params: any) => {
 
     // TODO : wow this is terrible - fix this
     if (status.org_id == orgId) {
-      router.push(`/org/${orgslug}/courses`);
+      router.push(getUriWithOrg(orgslug, `/courses`));
     } else {
       alert("Error creating course, please see console logs");
       console.log(status);
diff --git a/front/services/courses/lectures.ts b/front/services/courses/lectures.ts
index 2f961f09..4c20f9fd 100644
--- a/front/services/courses/lectures.ts
+++ b/front/services/courses/lectures.ts
@@ -1,13 +1,13 @@
 import { getAPIUrl } from "@services/config";
 import { RequestBody, RequestBodyForm } from "@services/utils/requests";
 
-export async function createLecture(data: any, chapter_id: any) {
+export async function createLecture(data: any, chapter_id: any, org_id: any) {
   data.content = {};
-
   // remove chapter_id from data
   delete data.chapterId;
+  
 
-  const result: any = await fetch(`${getAPIUrl()}lectures/?coursechapter_id=${chapter_id}`, RequestBody("POST", data))
+  const result: any = await fetch(`${getAPIUrl()}lectures/?coursechapter_id=${chapter_id}&org_id=${org_id}`, RequestBody("POST", data))
     .then((result) => result.json())
     .catch((error) => console.log("error", error));
 
diff --git a/src/routers/courses/lectures.py b/src/routers/courses/lectures.py
index 41e852c6..aed582de 100644
--- a/src/routers/courses/lectures.py
+++ b/src/routers/courses/lectures.py
@@ -15,7 +15,7 @@ async def api_create_lecture(request: Request, lecture_object: Lecture,  org_id:
 
 
 @router.get("/{lecture_id}")
-async def api_get_lecture(request: Request, lecture_id: str, org_id: str, current_user: PublicUser = Depends(get_current_user)):
+async def api_get_lecture(request: Request, lecture_id: str,  current_user: PublicUser = Depends(get_current_user)):
     """
     Get single lecture by lecture_id
     """
diff --git a/src/services/courses/chapters.py b/src/services/courses/chapters.py
index 21f31ea1..3841dbab 100644
--- a/src/services/courses/chapters.py
+++ b/src/services/courses/chapters.py
@@ -40,10 +40,13 @@ async def create_coursechapter(request: Request,coursechapter_object: CourseChap
     coursechapters = request.app.db["coursechapters"]
     courses = request.app.db["courses"]
 
+    # get course org_id and verify rights
+    course = await courses.find_one({"course_id": course_id})
+
     # generate coursechapter_id with uuid4
     coursechapter_id = str(f"coursechapter_{uuid4()}")
 
-    hasRoleRights = await verify_user_rights_with_roles(request, "create", current_user.user_id, coursechapter_id)
+    hasRoleRights = await verify_user_rights_with_roles(request, "create", current_user.user_id, coursechapter_id, course["org_id"])
 
     if not hasRoleRights:
         raise HTTPException(
@@ -229,7 +232,7 @@ async def verify_rights(request: Request,course_id: str, current_user: PublicUse
         raise HTTPException(
             status_code=status.HTTP_409_CONFLICT, detail=f"Course does not exist")
 
-    hasRoleRights = await verify_user_rights_with_roles(request, action, current_user.user_id, course_id)
+    hasRoleRights = await verify_user_rights_with_roles(request, action, current_user.user_id, course_id, course["org_id"])
     isAuthor = current_user.user_id in course["authors"]
 
     if not hasRoleRights and not isAuthor:
diff --git a/src/services/courses/lectures/lectures.py b/src/services/courses/lectures/lectures.py
index 5049695f..4ac492f1 100644
--- a/src/services/courses/lectures/lectures.py
+++ b/src/services/courses/lectures/lectures.py
@@ -44,7 +44,7 @@ async def create_lecture(request: Request, lecture_object: Lecture, org_id: str,
 
     # create lecture
     lecture = LectureInDB(**lecture_object.dict(), creationDate=str(
-        datetime.now()), coursechapter_id=coursechapter_id, updateDate=str(datetime.now()), lecture_id=lecture_id)
+        datetime.now()), coursechapter_id=coursechapter_id, updateDate=str(datetime.now()), lecture_id=lecture_id, org_id=org_id)
     await lectures.insert_one(lecture.dict())
 
     # update chapter
@@ -89,7 +89,7 @@ async def update_lecture(request: Request, lecture_object: Lecture, lecture_id:
         datetime_object = datetime.now()
 
         updated_course = LectureInDB(
-            lecture_id=lecture_id, coursechapter_id=lecture["coursechapter_id"], creationDate=creationDate, updateDate=str(datetime_object), **lecture_object.dict())
+            lecture_id=lecture_id, coursechapter_id=lecture["coursechapter_id"], creationDate=creationDate, updateDate=str(datetime_object), org_id=lecture["org_id"], **lecture_object.dict())
 
         await lectures.update_one({"lecture_id": lecture_id}, {
             "$set": updated_course.dict()})
@@ -133,7 +133,7 @@ async def get_lectures(request: Request, coursechapter_id: str,  current_user: P
     # TODO : TERRIBLE SECURITY ISSUE HERE, NEED TO FIX ASAP
     # TODO : TERRIBLE SECURITY ISSUE HERE, NEED TO FIX ASAP
     # TODO : TERRIBLE SECURITY ISSUE HERE, NEED TO FIX ASAP
-    
+
     lectures = lectures.find({"coursechapter_id": coursechapter_id})
 
     if not lectures: