Merge branch 'develop' into feature/members-invites-permission-fixes

# Conflicts:
#	src/permissions/constants.js
#	src/routes/projects/get.js
#	src/routes/projects/get.spec.js
#	src/routes/projects/list.js
#	src/routes/projects/list.spec.js

Author: Maksym Mykhailenko

.eslintignore

@@ -1,7 +1,7 @@
 config/local.js
 config/mock.local.js
 config/m2m.local.js
-local/seed/
+scripts/import-from-api/
 node_modules
 dist
 .ebextensions

.eslintrc

@@ -10,15 +10,18 @@
   "rules": {
     "import/no-extraneous-dependencies": ["error", {"devDependencies": ["**/*.test.js", "**/*.spec.js", "src/tests/*.js"]}],
     "max-len": ["error", { "ignoreComments": true, "code": 120 }],
+    "valid-jsdoc": ["error", {
+      "requireReturn": true,
+      "requireReturnType": true,
+      "requireParamDescription": true,
+      "requireReturnDescription": true
+    }],
     "require-jsdoc": ["error", {
       "require": {
         "FunctionDeclaration": true,
         "MethodDefinition": true,
         "ClassDeclaration": true
       }
-    }],
-    "indent": 0,
-    "no-multi-spaces": 0,
-    "valid-jsdoc": 0
+    }]
   }
 }

README.md

@@ -2,5 +2,8 @@
   "pubsubQueueName": "dev.project.service",
   "pubsubExchangeName": "dev.projects",
   "attachmentsS3Bucket": "topcoder-dev-media",
-  "connectProjectsUrl": "https://connect.topcoder-dev.com/projects/"
+  "connectProjectsUrl": "https://connect.topcoder-dev.com/projects/",
+  "fileServiceEndpoint": "https://api.topcoder-dev.com/v3/files/",
+  "connectProjectsUrl": "https://connect.topcoder-dev.com/projects/",
+  "memberServiceEndpoint": "https://api.topcoder-dev.com/v3/members"
 }

config/development.json

@@ -73,4 +73,4 @@ payload: {
     "updatedBy": 1,
   },
 }
-```
+```

docs/guides/architercture/architecture.md

@@ -0,0 +1,76 @@
+# Permissions Guide
+
+What kind of permissions we have, how they work and how to use them.
+
+- [Overview](#overview)
+  - [Topcoder Roles](#topcoder-roles)
+  - [Project Role](#project-role)
+- [How to Use](#how-to-use)
+- [References](#references)
+
+## Overview
+
+Every user may have 2 kind of roles: **Topcoder Roles** and **Project Role**.
+
+### Topcoder Roles
+
+These roles are assigned to user accounts. User may have several **Topcoder Roles**. See [the list of all Topcoder Roles](https://github.com/topcoder-platform/tc-project-service/blob/develop/src/constants.js#L55-L69) which we use in Topcoder Project Service.
+
+<img src="./images/topcoder-roles.png" width="689">
+
+By default every user has one role `Topcoder User`, generally this means that such a user is either **customer** or **community member** (freelancer).
+
+### Project Role
+
+When user joins some project and become a member of the project, such a user has one **Project Role** inside that project. One user may have different **Project Role** in different projects. See [the list of all Project Roles](https://github.com/topcoder-platform/tc-project-service/blob/develop/src/constants.js#L23-L33) which we use in Topcoder Project Service.
+
+<img src="./images/project-roles.png" width="411">
+
+## How to Use
+
+Let's say you would like to add a new place in code where you want to check user roles/permissions. Please, follow the next guide:
+
+1. Check if we already have defined permission for your case in the [permissions list](https://htmlpreview.github.io/?https://github.com/topcoder-platform/tc-project-service/blob/develop/docs/permissions.html).
+
+2. If you cannot find the permission you need, add new permission to the file https://github.com/topcoder-platform/tc-project-service/blob/develop/src/permissions/constants.js.
+
+   - Follow the guides on how to add a new permission in the header of this file.
+
+3. After you add a new permission, regenerate [permissions list](https://htmlpreview.github.io/?https://github.com/topcoder-platform/tc-project-service/blob/develop/docs/permissions.html) by running `npm run generate:doc:permissions`.
+
+4. There are 2 places where you would usually check permissions:
+   1. Check if user can call some endpoint (https://github.com/topcoder-platform/tc-project-service/blob/develop/src/permissions/index.js):
+
+      ```js
+      Authorizer.setPolicy('projectMember.view', generalPermission(PERMISSION.READ_PROJECT_MEMBER));
+      ```
+
+      or
+
+      ```js
+      Authorizer.setPolicy('projectMember.edit', generalPermission([
+         PERMISSION.UPDATE_PROJECT_MEMBER_CUSTOMER,
+         PERMISSION.UPDATE_PROJECT_MEMBER_NON_CUSTOMER,
+      ]));
+      ```
+
+   2. Inside some endpoint code:
+
+      ```js
+      import util from '../util';
+      import { PERMISSION } from '../permissions/constants';
+
+      (req, res, next) => {
+         ...
+         if (hasPermissionByReq(permission, req)) {
+            ...
+         }
+         ...
+      }
+      ```
+
+## References
+
+- [Permissions list](https://htmlpreview.github.io/?https://github.com/topcoder-platform/tc-project-service/blob/develop/docs/permissions.html)
+
+- [Permissions list source](https://github.com/topcoder-platform/tc-project-service/blob/develop/src/permissions/constants.js)

docs/guides/permissions-guide/images/project-roles.png

@@ -939,6 +939,221 @@ <h2 class="anchor-container">
               </div>
             </div>
           </div>
+        <div class="row">
+          <div class="col pt-5 pb-2">
+            <h2 class="anchor-container">
+              <a href="#section-project-attachment" name="section-project-attachment" class="anchor"></a>Project Attachment
+            </h2>
+          </div>
+        </div>
+          <div class="row border-top">
+            <div class="col py-2">
+              <div class="permission-title anchor-container">
+                <a href="#CREATE_PROJECT_ATTACHMENT" name="CREATE_PROJECT_ATTACHMENT" class="anchor"></a>Create Project Attachment
+              </div>
+              <div class="permission-variable"><small><code>CREATE_PROJECT_ATTACHMENT</code></small></div>
+              <div class="text-black-50 small-text"></div>
+            </div>
+            <div class="col-9 py-2">
+              <div>
+                  <span class="badge badge-primary" title="Allowed">Any Project Member</span>
+              </div>
+
+              <div>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Connect Admin</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">administrator</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Connect Manager</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Connect Account Manager</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Connect Copilot Manager</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Business Development Representative</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Presales</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Account Executive</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Program Manager</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Solution Architect</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Project Manager</span>
+              </div>
+
+              <div>
+                  <span class="badge badge-dark" title="Allowed Topcoder Role">all:connect_project</span>
+                  <span class="badge badge-dark" title="Allowed Topcoder Role">all:projects</span>
+                  <span class="badge badge-dark" title="Allowed Topcoder Role">write:projects</span>
+              </div>
+            </div>
+          </div>
+          <div class="row border-top">
+            <div class="col py-2">
+              <div class="permission-title anchor-container">
+                <a href="#READ_PROJECT_ATTACHMENT_OWN_OR_ALLOWED" name="READ_PROJECT_ATTACHMENT_OWN_OR_ALLOWED" class="anchor"></a>Read Project Attachment (own or allowed)
+              </div>
+              <div class="permission-variable"><small><code>READ_PROJECT_ATTACHMENT_OWN_OR_ALLOWED</code></small></div>
+              <div class="text-black-50 small-text">Who can view own attachment or an attachment of another user when they are in the &quot;allowed&quot; list.</div>
+            </div>
+            <div class="col-9 py-2">
+              <div>
+                  <span class="badge badge-primary" title="Allowed">Any Project Member</span>
+              </div>
+
+              <div>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Connect Admin</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">administrator</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Connect Manager</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Connect Account Manager</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Connect Copilot Manager</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Business Development Representative</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Presales</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Account Executive</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Program Manager</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Solution Architect</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Project Manager</span>
+              </div>
+
+              <div>
+                  <span class="badge badge-dark" title="Allowed Topcoder Role">all:connect_project</span>
+                  <span class="badge badge-dark" title="Allowed Topcoder Role">all:projects</span>
+                  <span class="badge badge-dark" title="Allowed Topcoder Role">read:projects</span>
+              </div>
+            </div>
+          </div>
+          <div class="row border-top">
+            <div class="col py-2">
+              <div class="permission-title anchor-container">
+                <a href="#READ_PROJECT_ATTACHMENT_NOT_OWN_AND_NOT_ALLOWED" name="READ_PROJECT_ATTACHMENT_NOT_OWN_AND_NOT_ALLOWED" class="anchor"></a>Read Project Attachment (not own and not allowed)
+              </div>
+              <div class="permission-variable"><small><code>READ_PROJECT_ATTACHMENT_NOT_OWN_AND_NOT_ALLOWED</code></small></div>
+              <div class="text-black-50 small-text">Who can view attachment of another user when they are not in &quot;allowed&quot; users list.</div>
+            </div>
+            <div class="col-9 py-2">
+              <div>
+              </div>
+
+              <div>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Connect Admin</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">administrator</span>
+              </div>
+
+              <div>
+                  <span class="badge badge-dark" title="Allowed Topcoder Role">all:connect_project</span>
+                  <span class="badge badge-dark" title="Allowed Topcoder Role">all:projects</span>
+                  <span class="badge badge-dark" title="Allowed Topcoder Role">read:projects</span>
+              </div>
+            </div>
+          </div>
+          <div class="row border-top">
+            <div class="col py-2">
+              <div class="permission-title anchor-container">
+                <a href="#UPDATE_PROJECT_ATTACHMENT_OWN" name="UPDATE_PROJECT_ATTACHMENT_OWN" class="anchor"></a>Update Project Attachment (own)
+              </div>
+              <div class="permission-variable"><small><code>UPDATE_PROJECT_ATTACHMENT_OWN</code></small></div>
+              <div class="text-black-50 small-text">Who can edit attachment they created.</div>
+            </div>
+            <div class="col-9 py-2">
+              <div>
+                  <span class="badge badge-primary" title="Allowed">Any Project Member</span>
+              </div>
+
+              <div>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Connect Admin</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">administrator</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Connect Manager</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Connect Account Manager</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Connect Copilot Manager</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Business Development Representative</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Presales</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Account Executive</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Program Manager</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Solution Architect</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Project Manager</span>
+              </div>
+
+              <div>
+                  <span class="badge badge-dark" title="Allowed Topcoder Role">all:connect_project</span>
+                  <span class="badge badge-dark" title="Allowed Topcoder Role">all:projects</span>
+                  <span class="badge badge-dark" title="Allowed Topcoder Role">write:projects</span>
+              </div>
+            </div>
+          </div>
+          <div class="row border-top">
+            <div class="col py-2">
+              <div class="permission-title anchor-container">
+                <a href="#UPDATE_PROJECT_ATTACHMENT_NOT_OWN" name="UPDATE_PROJECT_ATTACHMENT_NOT_OWN" class="anchor"></a>Update Project Attachment (not own)
+              </div>
+              <div class="permission-variable"><small><code>UPDATE_PROJECT_ATTACHMENT_NOT_OWN</code></small></div>
+              <div class="text-black-50 small-text">Who can edit attachment created by another user.</div>
+            </div>
+            <div class="col-9 py-2">
+              <div>
+              </div>
+
+              <div>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Connect Admin</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">administrator</span>
+              </div>
+
+              <div>
+                  <span class="badge badge-dark" title="Allowed Topcoder Role">all:connect_project</span>
+                  <span class="badge badge-dark" title="Allowed Topcoder Role">all:projects</span>
+                  <span class="badge badge-dark" title="Allowed Topcoder Role">write:projects</span>
+              </div>
+            </div>
+          </div>
+          <div class="row border-top">
+            <div class="col py-2">
+              <div class="permission-title anchor-container">
+                <a href="#DELETE_PROJECT_ATTACHMENT_OWN" name="DELETE_PROJECT_ATTACHMENT_OWN" class="anchor"></a>Delete Project Attachment (own)
+              </div>
+              <div class="permission-variable"><small><code>DELETE_PROJECT_ATTACHMENT_OWN</code></small></div>
+              <div class="text-black-50 small-text">Who can delete attachment they created.</div>
+            </div>
+            <div class="col-9 py-2">
+              <div>
+                  <span class="badge badge-primary" title="Allowed">Any Project Member</span>
+              </div>
+
+              <div>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Connect Admin</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">administrator</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Connect Manager</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Connect Account Manager</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Connect Copilot Manager</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Business Development Representative</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Presales</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Account Executive</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Program Manager</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Solution Architect</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Project Manager</span>
+              </div>
+
+              <div>
+                  <span class="badge badge-dark" title="Allowed Topcoder Role">all:connect_project</span>
+                  <span class="badge badge-dark" title="Allowed Topcoder Role">all:projects</span>
+                  <span class="badge badge-dark" title="Allowed Topcoder Role">write:projects</span>
+              </div>
+            </div>
+          </div>
+          <div class="row border-top">
+            <div class="col py-2">
+              <div class="permission-title anchor-container">
+                <a href="#DELETE_PROJECT_ATTACHMENT_NOT_OWN" name="DELETE_PROJECT_ATTACHMENT_NOT_OWN" class="anchor"></a>Delete Project Attachment (not own)
+              </div>
+              <div class="permission-variable"><small><code>DELETE_PROJECT_ATTACHMENT_NOT_OWN</code></small></div>
+              <div class="text-black-50 small-text">Who can delete attachment created by another user.</div>
+            </div>
+            <div class="col-9 py-2">
+              <div>
+              </div>
+
+              <div>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">Connect Admin</span>
+                    <span class="badge badge-success" title="Allowed Topcoder Role">administrator</span>
+              </div>
+
+              <div>
+                  <span class="badge badge-dark" title="Allowed Topcoder Role">all:connect_project</span>
+                  <span class="badge badge-dark" title="Allowed Topcoder Role">all:projects</span>
+                  <span class="badge badge-dark" title="Allowed Topcoder Role">write:projects</span>
+              </div>
+            </div>
+          </div>
         <div class="row">
           <div class="col pt-5 pb-2">
             <h2 class="anchor-container">