diff --git a/index.js b/index.js
index 899108e..0bbc8da 100644
--- a/index.js
+++ b/index.js
@@ -312,6 +312,10 @@ app.use((err, req, res, next) => {
statusCode = err.status;
errorMessage = err.message;
}
+ const page = {
+ title: "Error"
+ };
+ res.locals.page = page;
// Log the error stack trace
console.error(err.stack);
diff --git a/middleware/project.js b/middleware/project.js
index 3a88e76..51ca9b1 100644
--- a/middleware/project.js
+++ b/middleware/project.js
@@ -54,13 +54,16 @@ const checkProjectAccess = async (req, res, next) => {
try {
const projectId = req.params.id;
const userId = req.session.passport.user.id;
+ const userEmail = req.session.passport.user.email;
// Find the project by ID
const project = await Project.findById(projectId);
// Check if the project exists
if (!project) {
- return res.status(404).json({ message: "Project not found" });
+ const error = new Error("Project not found");
+ error.status = 404;
+ throw error;
}
// Check if the user is the owner of the project
@@ -69,16 +72,17 @@ const checkProjectAccess = async (req, res, next) => {
}
// Check if the project is shared with the user
- const sharedWithUser = project.sharedWith.find(user => user.equals(userId));
+ const sharedWithUser = project.sharedWith.find(user => user.user === userEmail);
if (sharedWithUser) {
return next(); // Project is shared with the user, allow access
}
// If neither the owner nor shared with the user, deny access
- return res.status(403).json({ message: "Unauthorized access" });
+ const error = new Error("Unauthorized access");
+ error.status = 403;
+ throw error;
} catch (error) {
- console.error(error);
- res.status(500).json({ message: "Internal server error" });
+ return next(error);
}
}
@@ -93,7 +97,9 @@ const checkProjectOwner = async(req, res, next) => {
// Check if the project exists
if (!project) {
- return res.status(404).json({ message: "Project not found" });
+ const error = new Error("Project not found");
+ error.status = 404;
+ throw error;
}
// Check if the user is the owner of the project
@@ -102,10 +108,11 @@ const checkProjectOwner = async(req, res, next) => {
}
// If the user is not the owner, deny access
- return res.status(403).json({ message: "Unauthorized access" });
+ const error = new Error("Unauthorized access");
+ error.status = 403;
+ throw error;
} catch (error) {
- console.error(error);
- res.status(500).json({ message: "Internal server error" });
+ return next(error);
}
}
diff --git a/package.json b/package.json
index fa0c28e..0c7e4d4 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
{
"name": "care.theodi.org",
- "version": "2.5.0",
+ "version": "2.5.1",
"description": "The ODI Care tool (AI enabled)",
"main": "index.js",
"scripts": {
diff --git a/views/pages/projects.ejs b/views/pages/projects.ejs
index 196c472..f12f279 100644
--- a/views/pages/projects.ejs
+++ b/views/pages/projects.ejs
@@ -306,7 +306,7 @@ function renderSharedProjects(data) {
width: '12%',
render: function(data, type, row) {
if (data == "done") {
- return "Complete";
+ return 'Complete
';
}
if (data == "inProgress") {
return "In Progress";
@@ -347,6 +347,10 @@ function renderSharedProjects(data) {
var id = $(this).data('id');
window.location.href = '/project/' + id + "/projectDetails";
});
+ $('#sharedProjectsTable').on('click', '.viewOutput', function () {
+ var id = $(this).data('id');
+ window.location.href = '/project/' + id + "/";
+ });
}
// Function to open share overlay
function openShareOverlay() {