Skip to content

prod release #611

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 7 commits into from
Apr 3, 2023
Merged

prod release #611

Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
ae25fe1
add type in esClient.delete
ThomasKranitsas Mar 30, 2023
e9b50a7
update ci configs
ThomasKranitsas Mar 30, 2023
c5cd021
check if challenge exists before trying to delete
ThomasKranitsas Mar 30, 2023
39428ec
refactor delete
ThomasKranitsas Mar 30, 2023
1312233
clean up access checks
ThomasKranitsas Mar 30, 2023
e70f513
change error message in delete challenge
ThomasKranitsas Apr 3, 2023
6f2442e
Merge pull request #610 from topcoder-platform/fix/PLAT-2584
ThomasKranitsas Apr 3, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
91 changes: 13 additions & 78 deletions src/services/ChallengeService.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,74 +67,6 @@ async function ensureAccessibleForChallenge(user, challenge) {
}
}

/**
* Filter challenges by groups access
* @param {Object} currentUser the user who perform operation
* @param {Array} challenges the challenges to filter
* @returns {Array} the challenges that can be accessed by current user
*/
async function filterChallengesByGroupsAccess(currentUser, challenges) {
const res = [];
let userGroups;
const needToCheckForGroupAccess = !currentUser
? true
: !currentUser.isMachine && !hasAdminRole(currentUser);
const subGroupsMap = {};
for (const challenge of challenges) {
challenge.groups = _.filter(
challenge.groups,
(g) => !_.includes(["null", "undefined"], _.toString(g).toLowerCase())
);
let expandedGroups = [];
if (
!challenge.groups ||
_.get(challenge, "groups.length", 0) === 0 ||
!needToCheckForGroupAccess
) {
res.push(challenge);
} else if (currentUser) {
// get user groups if not yet
if (_.isNil(userGroups)) {
userGroups = await helper.getUserGroups(currentUser.userId);
}
// Expand challenge groups by subGroups
// results are being saved on a hashmap for efficiency
for (const group of challenge.groups) {
let subGroups;
if (subGroupsMap[group]) {
subGroups = subGroupsMap[group];
} else {
subGroups = await helper.expandWithSubGroups(group);
subGroupsMap[group] = subGroups;
}
expandedGroups = [..._.concat(expandedGroups, subGroups)];
}
// check if there is matched group
// logger.debug('Groups', challenge.groups, userGroups)
if (_.find(expandedGroups, (group) => !!_.find(userGroups, (ug) => ug.id === group))) {
res.push(challenge);
}
}
}
return res;
}

/**
* Ensure the user can access the challenge by groups access
* @param {Object} currentUser the user who perform operation
* @param {Object} challenge the challenge to check
*/
async function ensureAccessibleByGroupsAccess(currentUser, challenge) {
const filtered = await filterChallengesByGroupsAccess(currentUser, [challenge]);
if (filtered.length === 0) {
throw new errors.ForbiddenError(`ensureAccessibleByGroupsAccess :: You don't have access to this group!
Current User: ${JSON.stringify(currentUser)}
Challenge: ${JSON.stringify(challenge)}
Filtered: ${JSON.stringify(filtered)}
`);
}
}

/**
* Search challenges by legacyId
* @param {Object} currentUser the user who perform operation
Expand Down Expand Up @@ -2281,22 +2213,25 @@ function sanitizeData(data, challenge) {
* @returns {Object} the deleted challenge
*/
async function deleteChallenge(currentUser, challengeId) {
const challenge = await challengeDomain.lookup(getLookupCriteria("id", challengeId));
if (challenge.status !== constants.challengeStatuses.New) {
throw new errors.BadRequestError(
`Challenge with status other than "${constants.challengeStatuses.New}" cannot be removed`
);
const { items } = await challengeDomain.scan({
criteria: getScanCriteria({ id: challengeId, status: constants.challengeStatuses.New }),
});
const challenge = _.first(items);
if (!challenge) {
throw new errors.NotFoundError(`Challenge with id: ${challengeId} doesn't exist or is not in New status`);
}
// check groups authorization
await ensureAccessibleByGroupsAccess(currentUser, challenge);
// check if user are allowed to delete the challenge
await ensureAccessibleForChallenge(currentUser, challenge);
// ensure user can modify challenge
await helper.ensureUserCanModifyChallenge(currentUser, challenge);
// delete DB record
await challengeDomain.delete(getLookupCriteria("id", challengeId));
const { items: deletedItems } = await challengeDomain.delete(getLookupCriteria("id", challengeId));
if (!_.find(deletedItems, { id: challengeId })) {
throw new errors.Internal(`There was an error deleting the challenge with id: ${challengeId}`);
}
// delete ES document
await esClient.delete({
index: config.get("ES.ES_INDEX"),
refresh: config.get("ES.ES_REFRESH"),
type: config.get("ES.OPENSEARCH") == "false" ? config.get("ES.ES_TYPE") : undefined,
id: challengeId,
});
await helper.postBusEvent(constants.Topics.ChallengeDeleted, {
Expand Down