From d07f866ef66720e2c4718379e953d0f657399b7a Mon Sep 17 00:00:00 2001 From: C4 Patino Date: Thu, 18 Aug 2022 17:35:12 -0400 Subject: [PATCH] Fixed user permissions --- client/src/services/levels.json | 4 +- server/routes/question/CreateAnswer.js | 2 +- .../routes/question/EditAnswerCommentVote.js | 2 +- server/routes/question/EditAnswerVote.js | 50 +++++++------------ server/routes/question/EditCommentVote.js | 2 +- server/routes/question/EditQuestionBody.js | 8 ++- .../question/EditQuestionStatusClosed.js | 10 ++-- .../question/EditQuestionStatusProtected.js | 2 +- .../question/EditQuestionStatusReopened.js | 2 +- server/routes/question/EditQuestionVote.js | 44 ++++------------ server/utils/getUserLevel.js | 26 ++++------ 11 files changed, 52 insertions(+), 100 deletions(-) diff --git a/client/src/services/levels.json b/client/src/services/levels.json index 009c7d5..f6cb681 100644 --- a/client/src/services/levels.json +++ b/client/src/services/levels.json @@ -6,6 +6,6 @@ "Level 5": 125, "Level 6": 1000, "Level 7": 2000, - "Level 8" : 3000, - "Level 9" : 10000 + "Level 8": 3000, + "Level 9": 10000 } diff --git a/server/routes/question/CreateAnswer.js b/server/routes/question/CreateAnswer.js index 6ab37c0..0c44c4b 100644 --- a/server/routes/question/CreateAnswer.js +++ b/server/routes/question/CreateAnswer.js @@ -21,7 +21,7 @@ async function CreateAnswer(req, res) { if (question.status === 'closed') return res.status(403).send(config.errorForbidden); - if (question.status === 'protected' && getUserLevel(user.points) < 5) { + if (question.status === 'protected' && getUserLevel(user.points) < 6) { return res.status(403).send(config.errorForbidden); } diff --git a/server/routes/question/EditAnswerCommentVote.js b/server/routes/question/EditAnswerCommentVote.js index 49dc66c..21fa1c6 100644 --- a/server/routes/question/EditAnswerCommentVote.js +++ b/server/routes/question/EditAnswerCommentVote.js @@ -17,7 +17,7 @@ async function EditAnswerCommentVote(req, res) { return res.status(403).send(config.errorForbidden); } - if (operation === 'downvote' && userLevel < 4) { + if (operation === 'downvote' && userLevel < 5) { return res.status(403).send(config.errorForbidden); } diff --git a/server/routes/question/EditAnswerVote.js b/server/routes/question/EditAnswerVote.js index a0f9d79..11179b5 100644 --- a/server/routes/question/EditAnswerVote.js +++ b/server/routes/question/EditAnswerVote.js @@ -18,7 +18,7 @@ async function EditAnswerVote(req, res) { return res.status(403).send(config.errorForbidden); } - if (operation === 'downvote' && userLevel < 4) { + if (operation === 'downvote' && userLevel < 5) { return res.status(403).send(config.errorForbidden); } @@ -73,14 +73,10 @@ async function EditAnswerVote(req, res) { amount: 1, }); - await createRequest( - 'patch', - `/users/${cachedAnswer.creator}/points`, - { - operation: 'decrement', - amount: 15, - } - ); + await createRequest('patch', `/users/${cachedAnswer.creator}/points`, { + operation: 'decrement', + amount: 15, + }); return res.send({ vote: 'downvoted' }); } @@ -117,14 +113,10 @@ async function EditAnswerVote(req, res) { docModel: 'Answer', }); - await createRequest( - 'patch', - `/users/${cachedAnswer.creator}/points`, - { - operation: 'increment', - amount: 15, - } - ); + await createRequest('patch', `/users/${cachedAnswer.creator}/points`, { + operation: 'increment', + amount: 15, + }); return res.send({ vote: 'upvoted' }); } @@ -149,14 +141,10 @@ async function EditAnswerVote(req, res) { docModel: 'Answer', }); - await createRequest( - 'patch', - `/users/${cachedAnswer.creator}/points`, - { - operation: 'increment', - amount: 10, - } - ); + await createRequest('patch', `/users/${cachedAnswer.creator}/points`, { + operation: 'increment', + amount: 10, + }); return res.send({ vote: 'upvoted' }); } else if (operation === 'downvote') { @@ -179,14 +167,10 @@ async function EditAnswerVote(req, res) { amount: 1, }); - await createRequest( - 'patch', - `/users/${cachedAnswer.creator}/points`, - { - operation: 'decrement', - amount: 5, - } - ); + await createRequest('patch', `/users/${cachedAnswer.creator}/points`, { + operation: 'decrement', + amount: 5, + }); return res.send({ vote: 'downvoted' }); } diff --git a/server/routes/question/EditCommentVote.js b/server/routes/question/EditCommentVote.js index ce597e9..cd410de 100644 --- a/server/routes/question/EditCommentVote.js +++ b/server/routes/question/EditCommentVote.js @@ -15,7 +15,7 @@ async function EditAnswerVote(req, res) { return res.status(403).send(config.errorForbidden); } - if (operation === 'downvote' && userLevel < 4) { + if (operation === 'downvote' && userLevel < 5) { return res.status(403).send(config.errorForbidden); } diff --git a/server/routes/question/EditQuestionBody.js b/server/routes/question/EditQuestionBody.js index 785df46..66bf34c 100644 --- a/server/routes/question/EditQuestionBody.js +++ b/server/routes/question/EditQuestionBody.js @@ -8,9 +8,9 @@ async function EditQuestionStatusClosed(req, res) { const { user } = req; const { question_id } = req.params; const { etext, etitle } = req.body; - let eObj = [etext, etitle] + let eObj = [etext, etitle]; // Verify user has required level - if (getUserLevel(user.points) < 7) { + if (getUserLevel(user.points) < 9) { return res.status(403).send(config.errorForbidden); } @@ -49,13 +49,11 @@ async function EditQuestionStatusClosed(req, res) { const question = await Question.findByIdAndUpdate(question_id, { edit: [], eObj, - }); const { success } = await createRequest('patch', `/questions/${question_id}`, { etext, - eObj - + eObj, }); return success diff --git a/server/routes/question/EditQuestionStatusClosed.js b/server/routes/question/EditQuestionStatusClosed.js index d068d40..52deaff 100644 --- a/server/routes/question/EditQuestionStatusClosed.js +++ b/server/routes/question/EditQuestionStatusClosed.js @@ -9,7 +9,7 @@ async function EditQuestionStatusClosed(req, res) { const { question_id } = req.params; // Verify user has required level - if (getUserLevel(user.points) < 7) { + if (getUserLevel(user.points) < 9) { return res.status(403).send(config.errorForbidden); } @@ -45,11 +45,9 @@ async function EditQuestionStatusClosed(req, res) { status: 'closed', }); - const { success } = await createRequest( - 'patch', - `/questions/${question_id}`, - { status: 'closed' } - ); + const { success } = await createRequest('patch', `/questions/${question_id}`, { + status: 'closed', + }); await Question.findByIdAndUpdate(question_id, { status: 'closed' }); return success diff --git a/server/routes/question/EditQuestionStatusProtected.js b/server/routes/question/EditQuestionStatusProtected.js index 867e581..f7589b2 100644 --- a/server/routes/question/EditQuestionStatusProtected.js +++ b/server/routes/question/EditQuestionStatusProtected.js @@ -9,7 +9,7 @@ async function EditQuestionStatusProtected(req, res) { const { question_id } = req.params; // Verify user has required level - if (getUserLevel(user.points) < 6) { + if (getUserLevel(user.points) < 8) { return res.status(403).send(config.errorForbidden); } diff --git a/server/routes/question/EditQuestionStatusReopened.js b/server/routes/question/EditQuestionStatusReopened.js index 4fdab9f..0d54e9d 100644 --- a/server/routes/question/EditQuestionStatusReopened.js +++ b/server/routes/question/EditQuestionStatusReopened.js @@ -9,7 +9,7 @@ async function EditQuestionStatusReopened(req, res) { const { question_id } = req.params; // Verify user has permissions - if (getUserLevel(user.points) < 7) { + if (getUserLevel(user.points) < 9) { return res.status(403).send(config.errorForbidden); } diff --git a/server/routes/question/EditQuestionVote.js b/server/routes/question/EditQuestionVote.js index a50e5fe..2410484 100644 --- a/server/routes/question/EditQuestionVote.js +++ b/server/routes/question/EditQuestionVote.js @@ -21,7 +21,7 @@ async function EditQuestionVote(req, res) { return res.status(403).send(config.errorForbidden); } - if (operation === 'downvote' && userLevel < 4) { + if (operation === 'downvote' && userLevel < 5) { return res.status(403).send(config.errorForbidden); } @@ -75,10 +75,7 @@ async function EditQuestionVote(req, res) { operation: 'decrement', amount: 6, }); - await User.findOneAndUpdate( - { username: question.creator }, - { $inc: { points: -6 } } - ); + await User.findOneAndUpdate({ username: question.creator }, { $inc: { points: -6 } }); // Decrement the user's points await createRequest('patch', `/users/${user.username}/points`, { @@ -90,19 +87,12 @@ async function EditQuestionVote(req, res) { return res.send({ vote: 'downvoted' }); } else { // Decrement the question creator's points - const { success } = await createRequest( - 'patch', - `/users/${question.creator}/points`, - { - operation: 'decrement', - amount: 5, - } - ); + const { success } = await createRequest('patch', `/users/${question.creator}/points`, { + operation: 'decrement', + amount: 5, + }); - await User.findOneAndUpdate( - { username: question.creator }, - { $inc: { points: -5 } } - ); + await User.findOneAndUpdate({ username: question.creator }, { $inc: { points: -5 } }); if (!success) return res.status(500).send(config.errorGeneric); @@ -139,10 +129,7 @@ async function EditQuestionVote(req, res) { operation: 'increment', amount: 6, }); - await User.findOneAndUpdate( - { username: question.creator }, - { $inc: { points: 6 } } - ); + await User.findOneAndUpdate({ username: question.creator }, { $inc: { points: 6 } }); return res.send({ vote: 'upvoted' }); } else { @@ -151,10 +138,7 @@ async function EditQuestionVote(req, res) { operation: 'increment', amount: 1, }); - await User.findOneAndUpdate( - { username: question.creator }, - { $inc: { points: 1 } } - ); + await User.findOneAndUpdate({ username: question.creator }, { $inc: { points: 1 } }); // Increment the user's points await createRequest('patch', `/users/${user.username}/points`, { @@ -188,10 +172,7 @@ async function EditQuestionVote(req, res) { operation: 'increment', amount: 5, }); - await User.findOneAndUpdate( - { username: question.creator }, - { $inc: { points: 5 } } - ); + await User.findOneAndUpdate({ username: question.creator }, { $inc: { points: 5 } }); return res.send({ vote: 'upvoted' }); } else if (operation === 'downvote') { @@ -218,10 +199,7 @@ async function EditQuestionVote(req, res) { operation: 'decrement', amount: 1, }); - await User.findOneAndUpdate( - { username: question.creator }, - { $inc: { points: -1 } } - ); + await User.findOneAndUpdate({ username: question.creator }, { $inc: { points: -1 } }); // Decrement the user's points await createRequest('patch', `/users/${user.username}/points`, { diff --git a/server/utils/getUserLevel.js b/server/utils/getUserLevel.js index dbbb9b2..08fce3d 100644 --- a/server/utils/getUserLevel.js +++ b/server/utils/getUserLevel.js @@ -1,20 +1,14 @@ function getUserLevel(points) { - if (points > 10000) - return 7; - else if (points > 3000) - return 6; - else if (points > 1000) - return 5; - else if (points > 125) - return 4; - else if (points > 50) - return 3; - else if (points > 15) - return 2; - else if (points > 0) - return 1; - else - return 0; + if (points > 10000) return 9; + else if (points > 3000) return 8; + else if (points > 2000) return 7; + else if (points > 1000) return 6; + else if (points > 125) return 5; + else if (points > 75) return 4; + else if (points > 50) return 3; + else if (points > 15) return 2; + else if (points > 0) return 1; + else return 0; } module.exports = getUserLevel;