codecombat/server/courses/course_instance_handler.coffee

async = require 'async'
Handler = require '../commons/Handler'
Campaign = require '../campaigns/Campaign'
Course = require './Course'
CourseInstance = require './CourseInstance'
LevelSession = require '../levels/sessions/LevelSession'
LevelSessionHandler = require '../levels/sessions/level_session_handler'
Prepaid = require '../prepaids/Prepaid'
PrepaidHandler = require '../prepaids/prepaid_handler'
User = require '../users/User'
UserHandler = require '../users/user_handler'
utils = require '../../app/core/utils'
sendwithus = require '../sendwithus'

CourseInstanceHandler = class CourseInstanceHandler extends Handler
  modelClass: CourseInstance
  jsonSchema: require '../../app/schemas/models/course_instance.schema'
  allowedMethods: ['GET', 'POST', 'PUT', 'DELETE']

  logError: (user, msg) ->
    console.warn "Course instance error: #{user.get('slug')} (#{user._id}): '#{msg}'"

  hasAccess: (req) ->
    req.method in @allowedMethods or req.user?.isAdmin()

  hasAccessToDocument: (req, document, method=null) ->
    return true if document?.get('ownerID')?.equals(req.user?.get('_id'))
    return true if req.method is 'GET' and _.find document?.get('members'), (a) -> a.equals(req.user?.get('_id'))
    req.user?.isAdmin()

  getByRelationship: (req, res, args...) ->
    relationship = args[1]
    return @createAPI(req, res) if relationship is 'create'
    return @getLevelSessionsAPI(req, res, args[0]) if args[1] is 'level_sessions'
    return @getMembersAPI(req, res, args[0]) if args[1] is 'members'
    return @inviteStudents(req, res, args[0]) if relationship is 'invite_students'
    return @redeemPrepaidCodeAPI(req, res) if args[1] is 'redeem_prepaid'
    super arguments...

  createAPI: (req, res) ->
    return @sendUnauthorizedError(res) if not req.user? or req.user?.isAnonymous()

    # Required Input
    seats = req.body.seats
    unless seats > 0
      @logError(req.user, 'Course create API missing required seats count')
      return @sendBadInputError(res, 'Missing required seats count')
    # Optional - unspecified means create instances for all courses
    courseID = req.body.courseID
    # Optional
    name = req.body.name
    # Optional - as long as course(s) are all free
    stripeToken = req.body.stripe?.token

    query = if courseID? then {_id: courseID} else {}
    Course.find query, (err, courses) =>
      if err
        @logError(user, "Find courses error: #{JSON.stringify(err)}")
        return done(err)

      PrepaidHandler.purchasePrepaidCourse req.user, courses, seats, new Date().getTime(), stripeToken, (err, prepaid) =>
        if err
          @logError(req.user, err)
          return @sendBadInputError(res, err) if err is 'Missing required Stripe token'
          return @sendDatabaseError(res, err)

        courseInstances = []
        makeCreateInstanceFn = (course, name, prepaid) =>
          (done) =>
            @createInstance req, course, name, prepaid, (err, newInstance)=>
              courseInstances.push newInstance unless err
              done(err)
        tasks = (makeCreateInstanceFn(course, name, prepaid) for course in courses)
        async.parallel tasks, (err, results) =>
          return @sendDatabaseError(res, err) if err
          @sendCreated(res, courseInstances)

  createInstance: (req, course, name, prepaid, done) =>
    courseInstance = new CourseInstance
      courseID: course.get('_id')
      members: [req.user.get('_id')]
      name: name
      ownerID: req.user.get('_id')
      prepaidID: prepaid.get('_id')
    courseInstance.save (err, newInstance) =>
      done(err, newInstance)

  getLevelSessionsAPI: (req, res, courseInstanceID) ->
    CourseInstance.findById courseInstanceID, (err, courseInstance) =>
      return @sendDatabaseError(res, err) if err
      return @sendNotFoundError(res) unless courseInstance
      Course.findById courseInstance.get('courseID'), (err, course) =>
        return @sendDatabaseError(res, err) if err
        return @sendNotFoundError(res) unless course
        Campaign.findById course.get('campaignID'), (err, campaign) =>
          return @sendDatabaseError(res, err) if err
          return @sendNotFoundError(res) unless campaign
          levelIDs = (levelID for levelID of campaign.get('levels'))
          memberIDs = _.map courseInstance.get('members') ? [], (memberID) -> memberID.toHexString?() or memberID
          query = {$and: [{creator: {$in: memberIDs}}, {'level.original': {$in: levelIDs}}]}
          LevelSession.find query, (err, documents) =>
            return @sendDatabaseError(res, err) if err?
            cleandocs = (LevelSessionHandler.formatEntity(req, doc) for doc in documents)
            @sendSuccess(res, cleandocs)

  getMembersAPI: (req, res, courseInstanceID) ->
    CourseInstance.findById courseInstanceID, (err, courseInstance) =>
      return @sendDatabaseError(res, err) if err
      return @sendNotFoundError(res) unless courseInstance
      memberIDs = courseInstance.get('members') ? []
      User.find {_id: {$in: memberIDs}}, (err, users) =>
        return @sendDatabaseError(res, err) if err
        cleandocs = (UserHandler.formatEntity(req, doc) for doc in users)
        @sendSuccess(res, cleandocs)

  inviteStudents: (req, res, courseInstanceID) ->
    if not req.body.emails
      return @sendBadInputError(res, 'Emails not included')
    CourseInstance.findById courseInstanceID, (err, courseInstance) =>
      return @sendDatabaseError(res, err) if err
      return @sendNotFoundError(res) unless courseInstance
      return @sendForbiddenError(res) unless @hasAccessToDocument(req, courseInstance)

      Prepaid.findById courseInstance.get('prepaidID'), (err, prepaid) =>
        return @sendDatabaseError(res, err) if err
        return @sendNotFoundError(res) unless prepaid
        return @sendForbiddenError(res) unless prepaid.get('maxRedeemers') > prepaid.get('redeemers').length
        for email in req.body.emails
          context =
            email_id: sendwithus.templates.course_invite_email
            recipient:
              address: email
            email_data:
              class_name: courseInstance.get('name')
              join_link: "https://codecombat.com/courses?_ppc=" + prepaid.get('code')
          sendwithus.api.send context, _.noop
        return @sendSuccess(res, {})

  redeemPrepaidCodeAPI: (req, res) ->
    return @sendUnauthorizedError(res) if not req.user? or req.user?.isAnonymous()
    return @sendBadInputError(res) unless req.body?.prepaidCode

    prepaidCode = req.body?.prepaidCode
    Prepaid.find code: prepaidCode, (err, prepaids) =>
      return @sendDatabaseError(res, err) if err
      return @sendNotFoundError(res) if prepaids.length < 1
      return @sendDatabaseError(res, "Multiple prepaid codes found for #{prepaidCode}") if prepaids.length > 1
      prepaid = prepaids[0]

      CourseInstance.find prepaidID: prepaid.get('_id'), (err, courseInstances) =>
        return @sendDatabaseError(res, err) if err
        return @sendForbiddenError(res) if prepaid.get('redeemers')?.length >= prepaid.get('maxRedeemers')

        if _.find((prepaid.get('redeemers') ? []), (a) -> a.userID.equals(req.user.id))
          return @sendSuccess(res, courseInstances)

        # Add to prepaid redeemers
        query =
          _id: prepaid.get('_id')
          'redeemers.userID': { $ne: req.user.get('_id') }
          $where: "this.redeemers.length < #{prepaid.get('maxRedeemers')}"
        update = { $push: { redeemers : { date: new Date(), userID: req.user.get('_id') } }}
        Prepaid.update query, update, (err, nMatched) =>
          return @sendDatabaseError(res, err) if err
          if nMatched is 0
            @logError(req.user, "Course instance update prepaid lost race on maxRedeemers")
            return @sendForbiddenError(res)

          # Add to each course instance
          makeAddMemberToCourseInstanceFn = (courseInstance) =>
            (done) => courseInstance.update({$addToSet: { members: req.user.get('_id')}}, done)
          tasks = (makeAddMemberToCourseInstanceFn(courseInstance) for courseInstance in courseInstances)
          async.parallel tasks, (err, results) =>
            return @sendDatabaseError(res, err) if err
            @sendSuccess(res, courseInstances)

module.exports = new CourseInstanceHandler()
Course enroll page Will add a prepaid purchase once the prepaid-v2 branch is merged into master. 2015-09-03 14:04:40 -04:00			`async = require 'async'`
Initial courses object model 2015-08-29 10:15:35 -04:00			`Handler = require '../commons/Handler'`
:bug:Restrict course level progress to course levels 2015-10-07 19:58:59 -04:00			`Campaign = require '../campaigns/Campaign'`
Course enroll page Will add a prepaid purchase once the prepaid-v2 branch is merged into master. 2015-09-03 14:04:40 -04:00			`Course = require './Course'`
Initial courses object model 2015-08-29 10:15:35 -04:00			`CourseInstance = require './CourseInstance'`
Update course details page 2015-09-13 01:01:59 -04:00			`LevelSession = require '../levels/sessions/LevelSession'`
			`LevelSessionHandler = require '../levels/sessions/level_session_handler'`
Course enroll page Will add a prepaid purchase once the prepaid-v2 branch is merged into master. 2015-09-03 14:04:40 -04:00			`Prepaid = require '../prepaids/Prepaid'`
Purchase prepaid on course instance creation Updating purchase prepaid API to support courses. Refactoring the prepaid server code. Completes #54270567235517 2015-10-01 18:23:20 -04:00			`PrepaidHandler = require '../prepaids/prepaid_handler'`
Update course details page 2015-09-13 01:01:59 -04:00			`User = require '../users/User'`
			`UserHandler = require '../users/user_handler'`
Purchase prepaid on course instance creation Updating purchase prepaid API to support courses. Refactoring the prepaid server code. Completes #54270567235517 2015-10-01 18:23:20 -04:00			`utils = require '../../app/core/utils'`
Add class invite system 2015-10-05 19:00:47 -04:00			`sendwithus = require '../sendwithus'`
Initial courses object model 2015-08-29 10:15:35 -04:00
			`CourseInstanceHandler = class CourseInstanceHandler extends Handler`
			`modelClass: CourseInstance`
			`jsonSchema: require '../../app/schemas/models/course_instance.schema'`
			`allowedMethods: ['GET', 'POST', 'PUT', 'DELETE']`

Course enroll page Will add a prepaid purchase once the prepaid-v2 branch is merged into master. 2015-09-03 14:04:40 -04:00			`logError: (user, msg) ->`
Purchase prepaid on course instance creation Updating purchase prepaid API to support courses. Refactoring the prepaid server code. Completes #54270567235517 2015-10-01 18:23:20 -04:00			`console.warn "Course instance error: #{user.get('slug')} (#{user._id}): '#{msg}'"`
Course enroll page Will add a prepaid purchase once the prepaid-v2 branch is merged into master. 2015-09-03 14:04:40 -04:00
Initial courses object model 2015-08-29 10:15:35 -04:00			`hasAccess: (req) ->`
Update course details page 2015-09-13 01:01:59 -04:00			`req.method in @allowedMethods or req.user?.isAdmin()`
Initial courses object model 2015-08-29 10:15:35 -04:00
Course enroll page Will add a prepaid purchase once the prepaid-v2 branch is merged into master. 2015-09-03 14:04:40 -04:00			`hasAccessToDocument: (req, document, method=null) ->`
Update course details page 2015-09-13 01:01:59 -04:00			`return true if document?.get('ownerID')?.equals(req.user?.get('_id'))`
			`return true if req.method is 'GET' and _.find document?.get('members'), (a) -> a.equals(req.user?.get('_id'))`
Course enroll page Will add a prepaid purchase once the prepaid-v2 branch is merged into master. 2015-09-03 14:04:40 -04:00			`req.user?.isAdmin()`

			`getByRelationship: (req, res, args...) ->`
			`relationship = args[1]`
			`return @createAPI(req, res) if relationship is 'create'`
Update course details page 2015-09-13 01:01:59 -04:00			`return @getLevelSessionsAPI(req, res, args[0]) if args[1] is 'level_sessions'`
			`return @getMembersAPI(req, res, args[0]) if args[1] is 'members'`
Add class invite system 2015-10-05 19:00:47 -04:00			`return @inviteStudents(req, res, args[0]) if relationship is 'invite_students'`
Redeem course prepaid code on /courses page Completes #54270566052118 2015-10-06 14:20:53 -04:00			`return @redeemPrepaidCodeAPI(req, res) if args[1] is 'redeem_prepaid'`
Course enroll page Will add a prepaid purchase once the prepaid-v2 branch is merged into master. 2015-09-03 14:04:40 -04:00			`super arguments...`

			`createAPI: (req, res) ->`
Purchase prepaid on course instance creation Updating purchase prepaid API to support courses. Refactoring the prepaid server code. Completes #54270567235517 2015-10-01 18:23:20 -04:00			`return @sendUnauthorizedError(res) if not req.user? or req.user?.isAnonymous()`
Course enroll page Will add a prepaid purchase once the prepaid-v2 branch is merged into master. 2015-09-03 14:04:40 -04:00
			`# Required Input`
			`seats = req.body.seats`
			`unless seats > 0`
			`@logError(req.user, 'Course create API missing required seats count')`
			`return @sendBadInputError(res, 'Missing required seats count')`
			`# Optional - unspecified means create instances for all courses`
			`courseID = req.body.courseID`
			`# Optional`
			`name = req.body.name`
			`# Optional - as long as course(s) are all free`
Purchase prepaid on course instance creation Updating purchase prepaid API to support courses. Refactoring the prepaid server code. Completes #54270567235517 2015-10-01 18:23:20 -04:00			`stripeToken = req.body.stripe?.token`
Course enroll page Will add a prepaid purchase once the prepaid-v2 branch is merged into master. 2015-09-03 14:04:40 -04:00
Purchase prepaid on course instance creation Updating purchase prepaid API to support courses. Refactoring the prepaid server code. Completes #54270567235517 2015-10-01 18:23:20 -04:00			`query = if courseID? then {_id: courseID} else {}`
			`Course.find query, (err, courses) =>`
Course enroll page Will add a prepaid purchase once the prepaid-v2 branch is merged into master. 2015-09-03 14:04:40 -04:00			`if err`
Purchase prepaid on course instance creation Updating purchase prepaid API to support courses. Refactoring the prepaid server code. Completes #54270567235517 2015-10-01 18:23:20 -04:00			`@logError(user, "Find courses error: #{JSON.stringify(err)}")`
			`return done(err)`
Course enroll page Will add a prepaid purchase once the prepaid-v2 branch is merged into master. 2015-09-03 14:04:40 -04:00
Purchase prepaid on course instance creation Updating purchase prepaid API to support courses. Refactoring the prepaid server code. Completes #54270567235517 2015-10-01 18:23:20 -04:00			`PrepaidHandler.purchasePrepaidCourse req.user, courses, seats, new Date().getTime(), stripeToken, (err, prepaid) =>`
			`if err`
			`@logError(req.user, err)`
			`return @sendBadInputError(res, err) if err is 'Missing required Stripe token'`
			`return @sendDatabaseError(res, err)`
Course enroll page Will add a prepaid purchase once the prepaid-v2 branch is merged into master. 2015-09-03 14:04:40 -04:00
Purchase prepaid on course instance creation Updating purchase prepaid API to support courses. Refactoring the prepaid server code. Completes #54270567235517 2015-10-01 18:23:20 -04:00			`courseInstances = []`
			`makeCreateInstanceFn = (course, name, prepaid) =>`
			`(done) =>`
			`@createInstance req, course, name, prepaid, (err, newInstance)=>`
			`courseInstances.push newInstance unless err`
			`done(err)`
			`tasks = (makeCreateInstanceFn(course, name, prepaid) for course in courses)`
			`async.parallel tasks, (err, results) =>`
Course enroll page Will add a prepaid purchase once the prepaid-v2 branch is merged into master. 2015-09-03 14:04:40 -04:00			`return @sendDatabaseError(res, err) if err`
Purchase prepaid on course instance creation Updating purchase prepaid API to support courses. Refactoring the prepaid server code. Completes #54270567235517 2015-10-01 18:23:20 -04:00			`@sendCreated(res, courseInstances)`
Course enroll page Will add a prepaid purchase once the prepaid-v2 branch is merged into master. 2015-09-03 14:04:40 -04:00
			`createInstance: (req, course, name, prepaid, done) =>`
			`courseInstance = new CourseInstance`
			`courseID: course.get('_id')`
			`members: [req.user.get('_id')]`
			`name: name`
			`ownerID: req.user.get('_id')`
			`prepaidID: prepaid.get('_id')`
			`courseInstance.save (err, newInstance) =>`
			`done(err, newInstance)`

Update course details page 2015-09-13 01:01:59 -04:00			`getLevelSessionsAPI: (req, res, courseInstanceID) ->`
			`CourseInstance.findById courseInstanceID, (err, courseInstance) =>`
			`return @sendDatabaseError(res, err) if err`
			`return @sendNotFoundError(res) unless courseInstance`
:bug:Restrict course level progress to course levels 2015-10-07 19:58:59 -04:00			`Course.findById courseInstance.get('courseID'), (err, course) =>`
			`return @sendDatabaseError(res, err) if err`
			`return @sendNotFoundError(res) unless course`
			`Campaign.findById course.get('campaignID'), (err, campaign) =>`
			`return @sendDatabaseError(res, err) if err`
			`return @sendNotFoundError(res) unless campaign`
			`levelIDs = (levelID for levelID of campaign.get('levels'))`
			`memberIDs = _.map courseInstance.get('members') ? [], (memberID) -> memberID.toHexString?() or memberID`
			`query = {$and: [{creator: {$in: memberIDs}}, {'level.original': {$in: levelIDs}}]}`
			`LevelSession.find query, (err, documents) =>`
			`return @sendDatabaseError(res, err) if err?`
			`cleandocs = (LevelSessionHandler.formatEntity(req, doc) for doc in documents)`
			`@sendSuccess(res, cleandocs)`
Update course details page 2015-09-13 01:01:59 -04:00
			`getMembersAPI: (req, res, courseInstanceID) ->`
			`CourseInstance.findById courseInstanceID, (err, courseInstance) =>`
			`return @sendDatabaseError(res, err) if err`
			`return @sendNotFoundError(res) unless courseInstance`
			`memberIDs = courseInstance.get('members') ? []`
			`User.find {_id: {$in: memberIDs}}, (err, users) =>`
			`return @sendDatabaseError(res, err) if err`
			`cleandocs = (UserHandler.formatEntity(req, doc) for doc in users)`
			`@sendSuccess(res, cleandocs)`
Course enroll page Will add a prepaid purchase once the prepaid-v2 branch is merged into master. 2015-09-03 14:04:40 -04:00
Add class invite system 2015-10-05 19:00:47 -04:00			`inviteStudents: (req, res, courseInstanceID) ->`
			`if not req.body.emails`
			`return @sendBadInputError(res, 'Emails not included')`
			`CourseInstance.findById courseInstanceID, (err, courseInstance) =>`
			`return @sendDatabaseError(res, err) if err`
			`return @sendNotFoundError(res) unless courseInstance`
			`return @sendForbiddenError(res) unless @hasAccessToDocument(req, courseInstance)`

			`Prepaid.findById courseInstance.get('prepaidID'), (err, prepaid) =>`
			`return @sendDatabaseError(res, err) if err`
			`return @sendNotFoundError(res) unless prepaid`
			`return @sendForbiddenError(res) unless prepaid.get('maxRedeemers') > prepaid.get('redeemers').length`
			`for email in req.body.emails`
			`context =`
			`email_id: sendwithus.templates.course_invite_email`
			`recipient:`
			`address: email`
			`email_data:`
			`class_name: courseInstance.get('name')`
Add /courses prepaid code query var Update invite students link to go to /courses 2015-10-06 15:30:14 -04:00			`join_link: "https://codecombat.com/courses?_ppc=" + prepaid.get('code')`
Add class invite system 2015-10-05 19:00:47 -04:00			`sendwithus.api.send context, _.noop`
			`return @sendSuccess(res, {})`

Redeem course prepaid code on /courses page Completes #54270566052118 2015-10-06 14:20:53 -04:00			`redeemPrepaidCodeAPI: (req, res) ->`
			`return @sendUnauthorizedError(res) if not req.user? or req.user?.isAnonymous()`
			`return @sendBadInputError(res) unless req.body?.prepaidCode`

			`prepaidCode = req.body?.prepaidCode`
			`Prepaid.find code: prepaidCode, (err, prepaids) =>`
			`return @sendDatabaseError(res, err) if err`
			`return @sendNotFoundError(res) if prepaids.length < 1`
			`return @sendDatabaseError(res, "Multiple prepaid codes found for #{prepaidCode}") if prepaids.length > 1`
			`prepaid = prepaids[0]`

			`CourseInstance.find prepaidID: prepaid.get('_id'), (err, courseInstances) =>`
			`return @sendDatabaseError(res, err) if err`
			`return @sendForbiddenError(res) if prepaid.get('redeemers')?.length >= prepaid.get('maxRedeemers')`

Course instance redeem API returns 200 for double redeem If a user has already redeemed course prepaid code, return 200 and the related course instances. Simplifies client-side experience. 2015-10-07 18:14:26 -04:00			`if _.find((prepaid.get('redeemers') ? []), (a) -> a.userID.equals(req.user.id))`
			`return @sendSuccess(res, courseInstances)`

Redeem course prepaid code on /courses page Completes #54270566052118 2015-10-06 14:20:53 -04:00			`# Add to prepaid redeemers`
			`query =`
			`_id: prepaid.get('_id')`
			`'redeemers.userID': { $ne: req.user.get('_id') }`
			`$where: "this.redeemers.length < #{prepaid.get('maxRedeemers')}"`
			`update = { $push: { redeemers : { date: new Date(), userID: req.user.get('_id') } }}`
			`Prepaid.update query, update, (err, nMatched) =>`
			`return @sendDatabaseError(res, err) if err`
			`if nMatched is 0`
			`@logError(req.user, "Course instance update prepaid lost race on maxRedeemers")`
			`return @sendForbiddenError(res)`

			`# Add to each course instance`
			`makeAddMemberToCourseInstanceFn = (courseInstance) =>`
			`(done) => courseInstance.update({$addToSet: { members: req.user.get('_id')}}, done)`
			`tasks = (makeAddMemberToCourseInstanceFn(courseInstance) for courseInstance in courseInstances)`
			`async.parallel tasks, (err, results) =>`
			`return @sendDatabaseError(res, err) if err`
Add /courses prepaid code query var Update invite students link to go to /courses 2015-10-06 15:30:14 -04:00			`@sendSuccess(res, courseInstances)`
Add class invite system 2015-10-05 19:00:47 -04:00
Initial courses object model 2015-08-29 10:15:35 -04:00			`module.exports = new CourseInstanceHandler()`