From 5a23518c9b43a415acc1634ca8c79a8a44b74a2d Mon Sep 17 00:00:00 2001
From: Priyadarshini <priyadarshini.roy03@gmail.com>
Date: Thu, 1 Jun 2023 13:49:24 +0530
Subject: [PATCH] project and form limitations

---
 controllers/form.controller.js    |  5 +++++
 controllers/project.controller.js | 19 +++++++++++++++++++
 2 files changed, 24 insertions(+)

diff --git a/controllers/form.controller.js b/controllers/form.controller.js
index 63f0c3f..ea1f318 100644
--- a/controllers/form.controller.js
+++ b/controllers/form.controller.js
@@ -85,6 +85,11 @@ export async function createForm(req, res) {
   //Mongoose object id cannot be equated directly so i converted them into string and checked that.
   if (String(req.user._id) !== String(project.owner))
     return response_400(res, 'Only the owner can create new form');
+  //If the project has 5 forms already then we cannot create a new form.
+  if (project.forms.length == 5) {
+    return response_400(res, 'Number of forms in this project has already reached max limit of 5.');
+  }
+
   try {
     let newForm = await Form.create({
       name: req.body.name,
diff --git a/controllers/project.controller.js b/controllers/project.controller.js
index 2afc9fd..7b4d34f 100644
--- a/controllers/project.controller.js
+++ b/controllers/project.controller.js
@@ -16,6 +16,10 @@ export async function createProject(req, res) {
   if (!verifycaptcha(req.body.recaptcha_token))
     return response_400(res, 'Captcha not verified');
   if (!req.body.name) return response_400(res, 'Project name is required');
+  const user = await User.findById(req.user._id);
+  if (user.projects.length >= 5) {
+    return response_400(res, 'Maximum number of 5 projects reached for this user.');
+  }
   const newProject = Project({
     name: req.body.name,
     owner: req.user._id,
@@ -30,6 +34,15 @@ export async function createProject(req, res) {
   newProject.allowRecaptcha = req.body?.hasRecaptcha;
 
   console.log(newProject);
+  //number of origins of project greater than 3 not allowed
+  if (newProject.allowedOrigins.length > 3) {
+    return response_400(res, 'Number of allowed origins cannot be greater than 3');
+  }
+  //number of collaborators of the project greater than 5 not allowed
+  if (req.body.collaborators.length > 5) {
+    return response_400(res, 'Number of collaborators cannot be greater than 5');
+  }
+
   try {
     await newProject.save();
     req.user.projects.push(newProject._id);
@@ -106,9 +119,15 @@ export async function updateProject(req, res) {
       updatedProject.reCaptchaSecret = req.body.reCaptchaSecret;
     }
     if (req.body.allowedOrigins) {
+      if (req.body.allowedOrigins.length > 3) {
+        return response_400(res, 'Number of allowed origins cannot be greater than 3');
+      }
       updatedProject.allowedOrigins = req.body.allowedOrigins;
     }
     if (req.body.collaborators) {
+      if (req.body.collaborators.length > 5) {
+        return response_400(res, 'Number of collaborators cannot be greater than 5');
+      }
       inviteCollaborators(
         req.body.collaborators,
         projectId,