Merge pull request #370 from Worklenz/development

Development

Author: chamikaJ

worklenz-backend/src/controllers/project-templates/pt-tasks-controller.ts

@@ -39,7 +39,7 @@ export default class PtTasksController extends PtTasksControllerBase {
         const searchField = options.search ? "cptt.name" : "sort_order";
         const { searchQuery, sortField } = PtTasksController.toPaginationOptions(options, searchField);
 
-        const sortFields = sortField.replace(/ascend/g, "ASC").replace(/descend/g, "DESC") || "sort_order";
+        const sortFields = (sortField as string).replace(/ascend/g, "ASC").replace(/descend/g, "DESC") || "sort_order";
 
         const isSubTasks = !!options.parent_task;
 
@@ -230,13 +230,13 @@ export default class PtTasksController extends PtTasksControllerBase {
 
     @HandleExceptions()
     public static async bulkDelete(req: IWorkLenzRequest, res: IWorkLenzResponse): Promise<IWorkLenzResponse> {
-      const deletedTasks = req.body.tasks.map((t: any) => t.id);
+        const deletedTasks = req.body.tasks.map((t: any) => t.id);
 
-      const result: any = {deleted_tasks: deletedTasks};
+        const result: any = { deleted_tasks: deletedTasks };
 
-      const q = `SELECT bulk_delete_pt_tasks($1) AS task;`;
-      await db.query(q, [JSON.stringify(req.body)]);
-      return res.status(200).send(new ServerResponse(true, result));
+        const q = `SELECT bulk_delete_pt_tasks($1) AS task;`;
+        await db.query(q, [JSON.stringify(req.body)]);
+        return res.status(200).send(new ServerResponse(true, result));
     }
 
 }

worklenz-backend/src/controllers/project-workload/workload-gannt-controller.ts

@@ -220,10 +220,10 @@ export default class WorkloadGanntController extends WLTasksControllerBase {
     if (logsRange.max_date)
       logsRange.max_date = momentTime.tz(logsRange.max_date, `${timeZone}`).format("YYYY-MM-DD");
 
-    if (moment(logsRange.min_date ).isBefore(dateRange.start_date))
+    if (moment(logsRange.min_date).isBefore(dateRange.start_date))
       dateRange.start_date = logsRange.min_date;
 
-    if (moment(logsRange.max_date ).isAfter(dateRange.endDate))
+    if (moment(logsRange.max_date).isAfter(dateRange.endDate))
       dateRange.end_date = logsRange.max_date;
 
     return dateRange;
@@ -331,7 +331,7 @@ export default class WorkloadGanntController extends WLTasksControllerBase {
 
     for (const member of result.rows) {
       member.color_code = getColor(member.name);
-      
+
       // Set default working settings if organization data is not available
       member.org_working_hours = member.org_working_hours || 8;
       member.org_working_days = member.org_working_days || {
@@ -492,7 +492,7 @@ export default class WorkloadGanntController extends WLTasksControllerBase {
 
   private static getFilterByDatesWhereClosure(dateChecker?: string): string {
     if (!dateChecker) return "";
-    
+
     switch (dateChecker) {
       case this.TASKS_START_DATE_NULL_FILTER:
         return "start_date IS NULL";
@@ -540,7 +540,7 @@ export default class WorkloadGanntController extends WLTasksControllerBase {
     const queryParams: any[] = [];
     let paramOffset = 1;
 
-    const sortFields = sortField.replace(/ascend/g, "ASC").replace(/descend/g, "DESC") || "sort_order";
+    const sortFields = (sortField as string).replace(/ascend/g, "ASC").replace(/descend/g, "DESC") || "sort_order";
     // Filter tasks by its members
     const membersResult = WorkloadGanntController.getFilterByMembersWhereClosure(options.members as string, paramOffset);
     if (membersResult.params.length > 0) {

worklenz-backend/src/controllers/reporting/overview/reporting-overview-controller.ts

@@ -90,7 +90,7 @@ export default class ReportingOverviewController extends ReportingOverviewBase {
 
     const teamFilterClause = `p.team_id = $1`;
 
-    const result = await ReportingControllerBase.getProjectsByTeam(teamId, size, offset, searchQuery, sortField, sortOrder, "", "", "", archivedClause, teamFilterClause, "");
+    const result = await ReportingControllerBase.getProjectsByTeam(teamId, size, offset, searchQuery, sortField as string, sortOrder, "", "", "", archivedClause, teamFilterClause, "");
 
 
     for (const project of result.projects) {

worklenz-backend/src/controllers/reporting/overview/reporting-overview-export-controller.ts

@@ -24,7 +24,7 @@ export default class ReportingOverviewExportController extends ReportingOverview
 
     const teamFilterClause = `p.team_id = $1`;
 
-    const result = await ReportingControllerBase.getProjectsByTeam(teamId, size, offset, searchQuery, sortField, sortOrder, "", "", "", archivedClause, teamFilterClause, "");
+    const result = await ReportingControllerBase.getProjectsByTeam(teamId, size, offset, searchQuery, sortField as string, sortOrder, "", "", "", archivedClause, teamFilterClause, "");
 
     for (const project of result.projects) {
       project.team_color = getColor(project.team_name) + TASK_PRIORITY_COLOR_ALPHA;
@@ -416,7 +416,7 @@ export default class ReportingOverviewExportController extends ReportingOverview
     const teamMemberName = (req.query.team_member_name as string)?.trim() || null;
     const teamName = (req.query.team_name as string)?.trim() || "";
 
-    const { duration, date_range, only_single_member, archived} = req.query;
+    const { duration, date_range, only_single_member, archived } = req.query;
 
     const includeArchived = req.query.archived === "true";
 
@@ -506,7 +506,7 @@ export default class ReportingOverviewExportController extends ReportingOverview
 
     const includeArchived = req.query.archived === "true";
 
-    const results = await ReportingExportModel.getMemberTasks(teamMemberId as string, projectId,  "false", "", [], includeArchived, req.user?.id as string);
+    const results = await ReportingExportModel.getMemberTasks(teamMemberId as string, projectId, "false", "", [], includeArchived, req.user?.id as string);
 
     // excel file
     const exportDate = moment().format("MMM-DD-YYYY");

worklenz-backend/src/controllers/reporting/projects/reporting-projects-controller.ts

@@ -80,7 +80,7 @@ export default class ReportingProjectsController extends ReportingProjectsBase {
     const projectFilterClause = await this.buildProjectFilterForTeamLead(req);
     const teamFilterClause = `in_organization(p.team_id, $1) ${projectFilterClause} ${teamsClause}`;
 
-    const result = await ReportingControllerBase.getProjectsByTeam(teamId as string, size, offset, searchQuery, sortField, sortOrder, statusesClause, healthsClause, categoriesClause, archivedClause, teamFilterClause, projectManagersClause, filterParams);
+    const result = await ReportingControllerBase.getProjectsByTeam(teamId as string, size, offset, searchQuery, sortField as string, sortOrder, statusesClause, healthsClause, categoriesClause, archivedClause, teamFilterClause, projectManagersClause, filterParams);
 
     for (const project of result.projects) {
       project.team_color = getColor(project.team_name) + TASK_PRIORITY_COLOR_ALPHA;

worklenz-backend/src/controllers/reporting/reporting-controller-base.ts

@@ -111,7 +111,7 @@ export default abstract class ReportingControllerBase extends WorklenzController
 
   protected static buildBillableQuery(selectedStatuses: { billable: boolean; nonBillable: boolean }): string {
     const { billable, nonBillable } = selectedStatuses;
-  
+
     if (billable && nonBillable) {
       // Both are enabled, no need to filter
       return "";
@@ -121,7 +121,7 @@ export default abstract class ReportingControllerBase extends WorklenzController
     } else if (nonBillable) {
       // Only non-billable is enabled
       return " AND tasks.billable IS FALSE";
-    } 
+    }
 
     return "";
   }
@@ -166,6 +166,67 @@ export default abstract class ReportingControllerBase extends WorklenzController
   }
 
 
+  /**
+   * Build project filter clause for Team Leads
+   * Team Leads can only see projects they are assigned to as project managers
+   */
+  public static async buildProjectFilterForTeamLead(req: IWorkLenzRequest): Promise<string> {
+    // Check if user is a Team Lead (not Admin or Owner)
+    const userId = req.user?.id;
+    const teamId = req.user?.team_id;
+
+    if (!userId || !teamId) return "";
+
+    // Check user's role
+    const roleQuery = `
+      SELECT r.key 
+      FROM roles r
+      JOIN team_members tm ON tm.role_id = r.id
+      WHERE tm.user_id = $1 AND tm.team_id = $2
+    `;
+    const roleResult = await db.query(roleQuery, [userId, teamId]);
+
+    if (roleResult.rows.length === 0) return "";
+
+    const roleKey = roleResult.rows[0].key;
+
+    // Only apply filter for Team Leads
+    if (roleKey === 'TEAM_LEAD') {
+      // Team Leads can only see projects they manage
+      return `AND p.id IN (
+        SELECT pm.project_id 
+        FROM project_members pm 
+        WHERE pm.team_member_id IN (
+          SELECT id FROM team_members WHERE user_id = '${userId}'
+        ) 
+        AND pm.project_access_level_id = (
+          SELECT id FROM project_access_levels WHERE key = 'PROJECT_MANAGER'
+        )
+      )`;
+    }
+
+    // Admins and Owners can see all projects
+    return "";
+  }
+
+  /**
+   * Get project IDs that a Team Lead is assigned to
+   */
+  public static async getTeamLeadProjects(userId: string, teamId: string): Promise<string[]> {
+    const q = `
+      SELECT DISTINCT pm.project_id 
+      FROM project_members pm
+      JOIN team_members tm ON pm.team_member_id = tm.id
+      WHERE tm.user_id = $1 
+        AND tm.team_id = $2
+        AND pm.project_access_level_id = (
+          SELECT id FROM project_access_levels WHERE key = 'PROJECT_MANAGER'
+        )
+    `;
+    const result = await db.query(q, [userId, teamId]);
+    return result.rows.map(row => row.project_id);
+  }
+
   public static async getProjectsByTeam(
     teamId: string,
     size: string | number | null,
@@ -178,7 +239,8 @@ export default abstract class ReportingControllerBase extends WorklenzController
     categoryClause: string,
     archivedClause = "",
     teamFilterClause: string,
-    projectManagersClause: string) {
+    projectManagersClause: string,
+    filterParams: any[] = []) {
 
     const q = `SELECT COUNT(*) AS total,
              (SELECT COALESCE(ARRAY_TO_JSON(ARRAY_AGG(ROW_TO_JSON(t))), '[]'::JSON)
@@ -315,7 +377,9 @@ export default abstract class ReportingControllerBase extends WorklenzController
                LEFT JOIN project_categories pc ON pc.id = p.category_id
                LEFT JOIN sys_project_statuses ps ON p.status_id = ps.id
       WHERE ${teamFilterClause} ${searchQuery} ${healthClause} ${statusClause} ${categoryClause} ${projectManagersClause} ${archivedClause};`;
-    const result = await db.query(q, [teamId, size, offset]);
+    // Combine all parameters: teamId, size, offset, then filter params
+    const queryParams = [teamId, size, offset, ...filterParams];
+    const result = await db.query(q, queryParams);
     const [data] = result.rows;
 
     for (const project of data.projects) {