mirror of
https://github.com/codeninjasllc/codecombat.git
synced 2024-11-23 15:48:11 -05:00
Add course level session creation permission checking to level_handler
This commit is contained in:
Scott Erickson
parent
ee138660da
commit
ff69bb8c89
2 changed files with 90 additions and 0 deletions
|
|
@ -8,6 +8,9 @@ mongoose = require 'mongoose'
|
||||||
async = require 'async'
|
async = require 'async'
|
||||||
utils = require '../lib/utils'
|
utils = require '../lib/utils'
|
||||||
log = require 'winston'
|
log = require 'winston'
|
||||||
|
Campaign = require '../campaigns/Campaign'
|
||||||
|
Course = require '../courses/Course'
|
||||||
|
CourseInstance = require '../courses/CourseInstance'
|
||||||
|
|
||||||
LevelHandler = class LevelHandler extends Handler
|
LevelHandler = class LevelHandler extends Handler
|
||||||
modelClass: Level
|
modelClass: Level
|
||||||
|
|
@ -105,11 +108,26 @@ LevelHandler = class LevelHandler extends Handler
|
||||||
Session.findOne(sessionQuery).exec (err, doc) =>
|
Session.findOne(sessionQuery).exec (err, doc) =>
|
||||||
return @sendDatabaseError(res, err) if err
|
return @sendDatabaseError(res, err) if err
|
||||||
return @sendSuccess(res, doc) if doc?
|
return @sendSuccess(res, doc) if doc?
|
||||||
|
if level.get('type') is 'course'
|
||||||
|
return @makeOrRejectCourseLevelSession(req, res, level, sessionQuery)
|
||||||
requiresSubscription = level.get('requiresSubscription') or (req.user.get('chinaVersion') and level.get('campaign') and not (level.slug in ['dungeons-of-kithgard', 'gems-in-the-deep', 'shadow-guard', 'forgetful-gemsmith', 'signs-and-portents', 'true-names']))
|
requiresSubscription = level.get('requiresSubscription') or (req.user.get('chinaVersion') and level.get('campaign') and not (level.slug in ['dungeons-of-kithgard', 'gems-in-the-deep', 'shadow-guard', 'forgetful-gemsmith', 'signs-and-portents', 'true-names']))
|
||||||
canPlayAnyway = req.user.isPremium() or level.get 'adventurer'
|
canPlayAnyway = req.user.isPremium() or level.get 'adventurer'
|
||||||
return @sendPaymentRequiredError(res, err) if requiresSubscription and not canPlayAnyway
|
return @sendPaymentRequiredError(res, err) if requiresSubscription and not canPlayAnyway
|
||||||
@createAndSaveNewSession sessionQuery, req, res
|
@createAndSaveNewSession sessionQuery, req, res
|
||||||
|
|
||||||
|
makeOrRejectCourseLevelSession: (req, res, level, sessionQuery) ->
|
||||||
|
CourseInstance.find {members: req.user.get('_id')}, (err, courseInstances) =>
|
||||||
|
courseIDs = (ci.get('courseID') for ci in courseInstances)
|
||||||
|
Course.find { _id: { $in: courseIDs }}, (err, courses) =>
|
||||||
|
campaignIDs = (c.get('campaignID') for c in courses)
|
||||||
|
Campaign.find { _id: { $in: campaignIDs }}, (err, campaigns) =>
|
||||||
|
levelOriginals = (_.keys(c.get('levels')) for c in campaigns)
|
||||||
|
levelOriginals = _.flatten(levelOriginals)
|
||||||
|
if level.get('original').toString() in levelOriginals
|
||||||
|
@createAndSaveNewSession(sessionQuery, req, res)
|
||||||
|
else
|
||||||
|
return @sendPaymentRequiredError(res, 'You must be in a course which includes this level to play it')
|
||||||
|
|
||||||
createAndSaveNewSession: (sessionQuery, req, res) =>
|
createAndSaveNewSession: (sessionQuery, req, res) =>
|
||||||
initVals = sessionQuery
|
initVals = sessionQuery
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -29,3 +29,75 @@ describe 'Level', ->
|
||||||
body = JSON.parse(body)
|
body = JSON.parse(body)
|
||||||
expect(body.type).toBeDefined()
|
expect(body.type).toBeDefined()
|
||||||
done()
|
done()
|
||||||
|
|
||||||
|
|
||||||
|
describe 'GET /db/level/<id>/session', ->
|
||||||
|
|
||||||
|
describe 'when level is a course level', ->
|
||||||
|
|
||||||
|
levelID = null
|
||||||
|
|
||||||
|
it 'sets up a course instance', (done) ->
|
||||||
|
|
||||||
|
clearModels [Campaign, Course, CourseInstance, Level, User], (err) ->
|
||||||
|
|
||||||
|
loginAdmin (admin) ->
|
||||||
|
|
||||||
|
url = getURL('/db/level')
|
||||||
|
body =
|
||||||
|
name: 'Course Level'
|
||||||
|
type: 'course'
|
||||||
|
permissions: simplePermissions
|
||||||
|
|
||||||
|
request.post {uri: url, json: body }, (err, res, level) ->
|
||||||
|
levelID = level._id
|
||||||
|
|
||||||
|
url = getURL('/db/campaign')
|
||||||
|
body =
|
||||||
|
name: 'Course Campaign'
|
||||||
|
levels: {}
|
||||||
|
body.levels[level.original] = { 'original': level.original }
|
||||||
|
|
||||||
|
request.post { uri: url, json: body }, (err, res, campaign) ->
|
||||||
|
|
||||||
|
course = new Course({
|
||||||
|
name: 'Test Course'
|
||||||
|
campaignID: ObjectId(campaign._id)
|
||||||
|
})
|
||||||
|
|
||||||
|
course.save (err) ->
|
||||||
|
|
||||||
|
expect(err).toBeNull()
|
||||||
|
|
||||||
|
loginJoe (joe) ->
|
||||||
|
|
||||||
|
courseInstance = new CourseInstance({
|
||||||
|
name: 'Course Instance'
|
||||||
|
members: [
|
||||||
|
joe.get('_id')
|
||||||
|
]
|
||||||
|
courseID: ObjectId(course.id)
|
||||||
|
})
|
||||||
|
|
||||||
|
courseInstance.save (err) ->
|
||||||
|
|
||||||
|
expect(err).toBeNull()
|
||||||
|
done()
|
||||||
|
|
||||||
|
it 'creates a new session if the user is in a course with that level', (done) ->
|
||||||
|
loginJoe (joe) ->
|
||||||
|
|
||||||
|
url = getURL("/db/level/#{levelID}/session")
|
||||||
|
|
||||||
|
request.get { uri: url }, (err, res, body) ->
|
||||||
|
expect(res.statusCode).toBe(200)
|
||||||
|
done()
|
||||||
|
|
||||||
|
it 'does not create a new session if the user is not in a course with that level', (done) ->
|
||||||
|
loginSam (sam) ->
|
||||||
|
|
||||||
|
url = getURL("/db/level/#{levelID}/session")
|
||||||
|
|
||||||
|
request.get { uri: url }, (err, res, body) ->
|
||||||
|
expect(res.statusCode).toBe(402)
|
||||||
|
done()
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue