Fixed user permissions

This commit is contained in:
Ceferino Patino 2022-08-18 17:35:12 -04:00
commit d07f866ef6
11 changed files with 53 additions and 101 deletions

View file

@ -6,6 +6,6 @@
"Level 5": 125,
"Level 6": 1000,
"Level 7": 2000,
"Level 8" : 3000,
"Level 9" : 10000
"Level 8": 3000,
"Level 9": 10000
}

View file

@ -21,7 +21,7 @@ async function CreateAnswer(req, res) {
if (question.status === 'closed') return res.status(403).send(config.errorForbidden);
if (question.status === 'protected' && getUserLevel(user.points) < 5) {
if (question.status === 'protected' && getUserLevel(user.points) < 6) {
return res.status(403).send(config.errorForbidden);
}

View file

@ -17,7 +17,7 @@ async function EditAnswerCommentVote(req, res) {
return res.status(403).send(config.errorForbidden);
}
if (operation === 'downvote' && userLevel < 4) {
if (operation === 'downvote' && userLevel < 5) {
return res.status(403).send(config.errorForbidden);
}

View file

@ -18,7 +18,7 @@ async function EditAnswerVote(req, res) {
return res.status(403).send(config.errorForbidden);
}
if (operation === 'downvote' && userLevel < 4) {
if (operation === 'downvote' && userLevel < 5) {
return res.status(403).send(config.errorForbidden);
}
@ -73,14 +73,10 @@ async function EditAnswerVote(req, res) {
amount: 1,
});
await createRequest(
'patch',
`/users/${cachedAnswer.creator}/points`,
{
operation: 'decrement',
amount: 15,
}
);
await createRequest('patch', `/users/${cachedAnswer.creator}/points`, {
operation: 'decrement',
amount: 15,
});
return res.send({ vote: 'downvoted' });
}
@ -117,14 +113,10 @@ async function EditAnswerVote(req, res) {
docModel: 'Answer',
});
await createRequest(
'patch',
`/users/${cachedAnswer.creator}/points`,
{
operation: 'increment',
amount: 15,
}
);
await createRequest('patch', `/users/${cachedAnswer.creator}/points`, {
operation: 'increment',
amount: 15,
});
return res.send({ vote: 'upvoted' });
}
@ -149,14 +141,10 @@ async function EditAnswerVote(req, res) {
docModel: 'Answer',
});
await createRequest(
'patch',
`/users/${cachedAnswer.creator}/points`,
{
operation: 'increment',
amount: 10,
}
);
await createRequest('patch', `/users/${cachedAnswer.creator}/points`, {
operation: 'increment',
amount: 10,
});
return res.send({ vote: 'upvoted' });
} else if (operation === 'downvote') {
@ -179,14 +167,10 @@ async function EditAnswerVote(req, res) {
amount: 1,
});
await createRequest(
'patch',
`/users/${cachedAnswer.creator}/points`,
{
operation: 'decrement',
amount: 5,
}
);
await createRequest('patch', `/users/${cachedAnswer.creator}/points`, {
operation: 'decrement',
amount: 5,
});
return res.send({ vote: 'downvoted' });
}

View file

@ -15,7 +15,7 @@ async function EditAnswerVote(req, res) {
return res.status(403).send(config.errorForbidden);
}
if (operation === 'downvote' && userLevel < 4) {
if (operation === 'downvote' && userLevel < 5) {
return res.status(403).send(config.errorForbidden);
}

View file

@ -8,9 +8,9 @@ async function EditQuestionStatusClosed(req, res) {
const { user } = req;
const { question_id } = req.params;
const { etext, etitle } = req.body;
let eObj = [etext, etitle]
let eObj = [etext, etitle];
// Verify user has required level
if (getUserLevel(user.points) < 7) {
if (getUserLevel(user.points) < 9) {
return res.status(403).send(config.errorForbidden);
}
@ -49,13 +49,11 @@ async function EditQuestionStatusClosed(req, res) {
const question = await Question.findByIdAndUpdate(question_id, {
edit: [],
eObj,
});
const { success } = await createRequest('patch', `/questions/${question_id}`, {
etext,
eObj
eObj,
});
return success

View file

@ -9,7 +9,7 @@ async function EditQuestionStatusClosed(req, res) {
const { question_id } = req.params;
// Verify user has required level
if (getUserLevel(user.points) < 7) {
if (getUserLevel(user.points) < 9) {
return res.status(403).send(config.errorForbidden);
}
@ -45,11 +45,9 @@ async function EditQuestionStatusClosed(req, res) {
status: 'closed',
});
const { success } = await createRequest(
'patch',
`/questions/${question_id}`,
{ status: 'closed' }
);
const { success } = await createRequest('patch', `/questions/${question_id}`, {
status: 'closed',
});
await Question.findByIdAndUpdate(question_id, { status: 'closed' });
return success

View file

@ -9,7 +9,7 @@ async function EditQuestionStatusProtected(req, res) {
const { question_id } = req.params;
// Verify user has required level
if (getUserLevel(user.points) < 6) {
if (getUserLevel(user.points) < 8) {
return res.status(403).send(config.errorForbidden);
}

View file

@ -9,7 +9,7 @@ async function EditQuestionStatusReopened(req, res) {
const { question_id } = req.params;
// Verify user has permissions
if (getUserLevel(user.points) < 7) {
if (getUserLevel(user.points) < 9) {
return res.status(403).send(config.errorForbidden);
}

View file

@ -21,7 +21,7 @@ async function EditQuestionVote(req, res) {
return res.status(403).send(config.errorForbidden);
}
if (operation === 'downvote' && userLevel < 4) {
if (operation === 'downvote' && userLevel < 5) {
return res.status(403).send(config.errorForbidden);
}
@ -75,10 +75,7 @@ async function EditQuestionVote(req, res) {
operation: 'decrement',
amount: 6,
});
await User.findOneAndUpdate(
{ username: question.creator },
{ $inc: { points: -6 } }
);
await User.findOneAndUpdate({ username: question.creator }, { $inc: { points: -6 } });
// Decrement the user's points
await createRequest('patch', `/users/${user.username}/points`, {
@ -90,19 +87,12 @@ async function EditQuestionVote(req, res) {
return res.send({ vote: 'downvoted' });
} else {
// Decrement the question creator's points
const { success } = await createRequest(
'patch',
`/users/${question.creator}/points`,
{
operation: 'decrement',
amount: 5,
}
);
const { success } = await createRequest('patch', `/users/${question.creator}/points`, {
operation: 'decrement',
amount: 5,
});
await User.findOneAndUpdate(
{ username: question.creator },
{ $inc: { points: -5 } }
);
await User.findOneAndUpdate({ username: question.creator }, { $inc: { points: -5 } });
if (!success) return res.status(500).send(config.errorGeneric);
@ -139,10 +129,7 @@ async function EditQuestionVote(req, res) {
operation: 'increment',
amount: 6,
});
await User.findOneAndUpdate(
{ username: question.creator },
{ $inc: { points: 6 } }
);
await User.findOneAndUpdate({ username: question.creator }, { $inc: { points: 6 } });
return res.send({ vote: 'upvoted' });
} else {
@ -151,10 +138,7 @@ async function EditQuestionVote(req, res) {
operation: 'increment',
amount: 1,
});
await User.findOneAndUpdate(
{ username: question.creator },
{ $inc: { points: 1 } }
);
await User.findOneAndUpdate({ username: question.creator }, { $inc: { points: 1 } });
// Increment the user's points
await createRequest('patch', `/users/${user.username}/points`, {
@ -188,10 +172,7 @@ async function EditQuestionVote(req, res) {
operation: 'increment',
amount: 5,
});
await User.findOneAndUpdate(
{ username: question.creator },
{ $inc: { points: 5 } }
);
await User.findOneAndUpdate({ username: question.creator }, { $inc: { points: 5 } });
return res.send({ vote: 'upvoted' });
} else if (operation === 'downvote') {
@ -218,10 +199,7 @@ async function EditQuestionVote(req, res) {
operation: 'decrement',
amount: 1,
});
await User.findOneAndUpdate(
{ username: question.creator },
{ $inc: { points: -1 } }
);
await User.findOneAndUpdate({ username: question.creator }, { $inc: { points: -1 } });
// Decrement the user's points
await createRequest('patch', `/users/${user.username}/points`, {

View file

@ -1,20 +1,14 @@
function getUserLevel(points) {
if (points > 10000)
return 7;
else if (points > 3000)
return 6;
else if (points > 1000)
return 5;
else if (points > 125)
return 4;
else if (points > 50)
return 3;
else if (points > 15)
return 2;
else if (points > 0)
return 1;
else
return 0;
if (points > 10000) return 9;
else if (points > 3000) return 8;
else if (points > 2000) return 7;
else if (points > 1000) return 6;
else if (points > 125) return 5;
else if (points > 75) return 4;
else if (points > 50) return 3;
else if (points > 15) return 2;
else if (points > 0) return 1;
else return 0;
}
module.exports = getUserLevel;