Merge pull request #611 from topcoder-platform/dev

ThomasKranitsas · web-flow · commit 36e4872f21c6 · 2023-04-03T13:50:09.000+03:00
prod release
diff --git a/src/services/ChallengeService.js b/src/services/ChallengeService.js
@@ -67,74 +67,6 @@ async function ensureAccessibleForChallenge(user, challenge) {
   }
 }
 
-/**
- * Filter challenges by groups access
- * @param {Object} currentUser the user who perform operation
- * @param {Array} challenges the challenges to filter
- * @returns {Array} the challenges that can be accessed by current user
- */
-async function filterChallengesByGroupsAccess(currentUser, challenges) {
-  const res = [];
-  let userGroups;
-  const needToCheckForGroupAccess = !currentUser
-    ? true
-    : !currentUser.isMachine && !hasAdminRole(currentUser);
-  const subGroupsMap = {};
-  for (const challenge of challenges) {
-    challenge.groups = _.filter(
-      challenge.groups,
-      (g) => !_.includes(["null", "undefined"], _.toString(g).toLowerCase())
-    );
-    let expandedGroups = [];
-    if (
-      !challenge.groups ||
-      _.get(challenge, "groups.length", 0) === 0 ||
-      !needToCheckForGroupAccess
-    ) {
-      res.push(challenge);
-    } else if (currentUser) {
-      // get user groups if not yet
-      if (_.isNil(userGroups)) {
-        userGroups = await helper.getUserGroups(currentUser.userId);
-      }
-      // Expand challenge groups by subGroups
-      // results are being saved on a hashmap for efficiency
-      for (const group of challenge.groups) {
-        let subGroups;
-        if (subGroupsMap[group]) {
-          subGroups = subGroupsMap[group];
-        } else {
-          subGroups = await helper.expandWithSubGroups(group);
-          subGroupsMap[group] = subGroups;
-        }
-        expandedGroups = [..._.concat(expandedGroups, subGroups)];
-      }
-      // check if there is matched group
-      // logger.debug('Groups', challenge.groups, userGroups)
-      if (_.find(expandedGroups, (group) => !!_.find(userGroups, (ug) => ug.id === group))) {
-        res.push(challenge);
-      }
-    }
-  }
-  return res;
-}
-
-/**
- * Ensure the user can access the challenge by groups access
- * @param {Object} currentUser the user who perform operation
- * @param {Object} challenge the challenge to check
- */
-async function ensureAccessibleByGroupsAccess(currentUser, challenge) {
-  const filtered = await filterChallengesByGroupsAccess(currentUser, [challenge]);
-  if (filtered.length === 0) {
-    throw new errors.ForbiddenError(`ensureAccessibleByGroupsAccess :: You don't have access to this group!
-      Current User: ${JSON.stringify(currentUser)}
-      Challenge: ${JSON.stringify(challenge)}
-      Filtered: ${JSON.stringify(filtered)}
-    `);
-  }
-}
-
 /**
  * Search challenges by legacyId
  * @param {Object} currentUser the user who perform operation
@@ -2281,22 +2213,25 @@ function sanitizeData(data, challenge) {
  * @returns {Object} the deleted challenge
  */
 async function deleteChallenge(currentUser, challengeId) {
-  const challenge = await challengeDomain.lookup(getLookupCriteria("id", challengeId));
-  if (challenge.status !== constants.challengeStatuses.New) {
-    throw new errors.BadRequestError(
-      `Challenge with status other than "${constants.challengeStatuses.New}" cannot be removed`
-    );
+  const { items } = await challengeDomain.scan({
+    criteria: getScanCriteria({ id: challengeId, status: constants.challengeStatuses.New }),
+  });
+  const challenge = _.first(items);
+  if (!challenge) {
+    throw new errors.NotFoundError(`Challenge with id: ${challengeId} doesn't exist or is not in New status`);
   }
-  // check groups authorization
-  await ensureAccessibleByGroupsAccess(currentUser, challenge);
-  // check if user are allowed to delete the challenge
-  await ensureAccessibleForChallenge(currentUser, challenge);
+  // ensure user can modify challenge
+  await helper.ensureUserCanModifyChallenge(currentUser, challenge);
   // delete DB record
-  await challengeDomain.delete(getLookupCriteria("id", challengeId));
+  const { items: deletedItems } = await challengeDomain.delete(getLookupCriteria("id", challengeId));
+  if (!_.find(deletedItems, { id: challengeId })) {
+    throw new errors.Internal(`There was an error deleting the challenge with id: ${challengeId}`);
+  }
   // delete ES document
   await esClient.delete({
     index: config.get("ES.ES_INDEX"),
     refresh: config.get("ES.ES_REFRESH"),
+    type: config.get("ES.OPENSEARCH") == "false" ? config.get("ES.ES_TYPE") : undefined,
     id: challengeId,
   });
   await helper.postBusEvent(constants.Topics.ChallengeDeleted, {
