From 02d5f5dc2c9845a9ef45615aa388a9cba3dea816 Mon Sep 17 00:00:00 2001
From: Thomas Kranitsas <thomas.kranitsas@topcoder.com>
Date: Thu, 7 Apr 2022 16:51:31 +0300
Subject: [PATCH 1/9] add try catch

---
 app-routes.js | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/app-routes.js b/app-routes.js
index e9fe030..ae5b73d 100644
--- a/app-routes.js
+++ b/app-routes.js
@@ -50,12 +50,16 @@ module.exports = (app) => {
             if (req.authUser.isMachine) {
               next()
             } else {
-              req.authUser.userId = String(req.authUser.userId)
-              const user = await helper.getMemberById(req.authUser.userId)
-              if (!user || _.intersection([user.homeCountryCode, user.competitionCountryCode], def.forbiddenCountries).length > 0) {
+              try {
+                req.authUser.userId = String(req.authUser.userId)
+                const user = await helper.getMemberById(req.authUser.userId)
+                if (!user || _.intersection([user.homeCountryCode, user.competitionCountryCode], def.forbiddenCountries).length > 0) {
+                  throw new errors.ForbiddenError('Access denied')
+                }
+                next()
+              } catch (e) {
                 throw new errors.ForbiddenError('Access denied')
               }
-              next()
             }
           })
         }

From 5d9d7ec70f68a6a827d16907ff693d7aa22ae815 Mon Sep 17 00:00:00 2001
From: Thomas Kranitsas <thomas.kranitsas@topcoder.com>
Date: Thu, 7 Apr 2022 17:15:20 +0300
Subject: [PATCH 2/9] add logging

---
 app-routes.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/app-routes.js b/app-routes.js
index ae5b73d..bcc144a 100644
--- a/app-routes.js
+++ b/app-routes.js
@@ -58,7 +58,8 @@ module.exports = (app) => {
                 }
                 next()
               } catch (e) {
-                throw new errors.ForbiddenError('Access denied')
+                  throw new errors.ForbiddenError('failed to check')
+                  // next()
               }
             }
           })

From 29f214cf54e02ad028ded66c0cf631dde9444b70 Mon Sep 17 00:00:00 2001
From: Thomas Kranitsas <thomas.kranitsas@topcoder.com>
Date: Thu, 7 Apr 2022 17:18:23 +0300
Subject: [PATCH 3/9] fix lint

---
 app-routes.js | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/app-routes.js b/app-routes.js
index bcc144a..7217bb5 100644
--- a/app-routes.js
+++ b/app-routes.js
@@ -58,8 +58,7 @@ module.exports = (app) => {
                 }
                 next()
               } catch (e) {
-                  throw new errors.ForbiddenError('failed to check')
-                  // next()
+                throw new errors.ForbiddenError('failed to check')
               }
             }
           })

From e49d4cc2a14ef9a753aef3206cb6d6eed53616e3 Mon Sep 17 00:00:00 2001
From: Thomas Kranitsas <thomas.kranitsas@topcoder.com>
Date: Thu, 7 Apr 2022 17:23:28 +0300
Subject: [PATCH 4/9] fix issue with fetching member data

---
 src/common/helper.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/common/helper.js b/src/common/helper.js
index 0bdcee1..5f17d51 100644
--- a/src/common/helper.js
+++ b/src/common/helper.js
@@ -162,7 +162,8 @@ async function getMemberInfoById (id) {
  * @returns {Promise<void>}
  */
 async function getMemberById (id) {
-  const res = await getRequest(`${config.MEMBER_API_URL}?userId=${id}`)
+  const res = await getRequest(`${config.MEMBER_API_URL}`, { userId: id })
+  console.log(res.data)
   return _.get(res, 'data[0]')
 }
 

From 31cb42a8ef658e328ddb983f7e038a5bb35cd511 Mon Sep 17 00:00:00 2001
From: Thomas Kranitsas <thomas.kranitsas@topcoder.com>
Date: Thu, 7 Apr 2022 17:30:10 +0300
Subject: [PATCH 5/9] fix issue with fetching member data

---
 src/common/helper.js | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/common/helper.js b/src/common/helper.js
index 5f17d51..d576c5f 100644
--- a/src/common/helper.js
+++ b/src/common/helper.js
@@ -163,8 +163,7 @@ async function getMemberInfoById (id) {
  */
 async function getMemberById (id) {
   const res = await getRequest(`${config.MEMBER_API_URL}`, { userId: id })
-  console.log(res.data)
-  return _.get(res, 'data[0]')
+  return _.get(res, 'body[0]')
 }
 
 /**

From 4efe0f520cd2943e51d2c762ea03157d9cd0c7d4 Mon Sep 17 00:00:00 2001
From: Thomas Kranitsas <thomas.kranitsas@topcoder.com>
Date: Thu, 7 Apr 2022 17:38:07 +0300
Subject: [PATCH 6/9] fix issue with fetching member data

---
 app-routes.js | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/app-routes.js b/app-routes.js
index 7217bb5..6d36eda 100644
--- a/app-routes.js
+++ b/app-routes.js
@@ -51,8 +51,7 @@ module.exports = (app) => {
               next()
             } else {
               try {
-                req.authUser.userId = String(req.authUser.userId)
-                const user = await helper.getMemberById(req.authUser.userId)
+                const user = await helper.getMemberById(_.toInteger(req.authUser.userId))
                 if (!user || _.intersection([user.homeCountryCode, user.competitionCountryCode], def.forbiddenCountries).length > 0) {
                   throw new errors.ForbiddenError('Access denied')
                 }

From 8c3ddc890a7f37aeda2637c68df4e24937d69c75 Mon Sep 17 00:00:00 2001
From: Thomas Kranitsas <thomas.kranitsas@topcoder.com>
Date: Thu, 7 Apr 2022 17:48:39 +0300
Subject: [PATCH 7/9] clean up

---
 app-routes.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app-routes.js b/app-routes.js
index 6d36eda..c32f0d2 100644
--- a/app-routes.js
+++ b/app-routes.js
@@ -57,7 +57,7 @@ module.exports = (app) => {
                 }
                 next()
               } catch (e) {
-                throw new errors.ForbiddenError('failed to check')
+                next()
               }
             }
           })

From e4826768cd549cf712f3f2277b9ff75c0bac5525 Mon Sep 17 00:00:00 2001
From: Thomas Kranitsas <thomas.kranitsas@topcoder.com>
Date: Thu, 7 Apr 2022 17:49:28 +0300
Subject: [PATCH 8/9] wrap call to fetch member in try catch

---
 src/common/helper.js | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/common/helper.js b/src/common/helper.js
index d576c5f..58df8c8 100644
--- a/src/common/helper.js
+++ b/src/common/helper.js
@@ -162,8 +162,13 @@ async function getMemberInfoById (id) {
  * @returns {Promise<void>}
  */
 async function getMemberById (id) {
-  const res = await getRequest(`${config.MEMBER_API_URL}`, { userId: id })
-  return _.get(res, 'body[0]')
+  try {
+    const res = await getRequest(`${config.MEMBER_API_URL}`, { userId: id })
+    return _.get(res, 'body[0]')
+  } catch (e) {
+    logger.debug(e.message)
+    logger.debug(e)
+  }
 }
 
 /**

From 9b627eab89d8a1f969042e40ba4dc88d0a38980b Mon Sep 17 00:00:00 2001
From: Thomas Kranitsas <thomas.kranitsas@topcoder.com>
Date: Tue, 12 Apr 2022 12:15:21 +0300
Subject: [PATCH 9/9] clean up country restrictions to read from jwt

---
 app-routes.js     | 21 ++++++++-------------
 config/default.js | 22 +---------------------
 src/routes.js     |  6 ++----
 3 files changed, 11 insertions(+), 38 deletions(-)

diff --git a/app-routes.js b/app-routes.js
index c32f0d2..e7bd9c7 100644
--- a/app-routes.js
+++ b/app-routes.js
@@ -45,20 +45,15 @@ module.exports = (app) => {
           }
         })
 
-        if (def.forbiddenCountries) {
-          actions.push(async (req, res, next) => {
-            if (req.authUser.isMachine) {
-              next()
+        if (def.blockByIp) {
+          actions.push((req, res, next) => {
+            req.authUser.blockIP = _.find(req.authUser, (value, key) => {
+              return (key.indexOf('blockIP') !== -1)
+            })
+            if (req.authUser.blockIP) {
+              throw new errors.ForbiddenError('Access denied')
             } else {
-              try {
-                const user = await helper.getMemberById(_.toInteger(req.authUser.userId))
-                if (!user || _.intersection([user.homeCountryCode, user.competitionCountryCode], def.forbiddenCountries).length > 0) {
-                  throw new errors.ForbiddenError('Access denied')
-                }
-                next()
-              } catch (e) {
-                next()
-              }
+              next()
             }
           })
         }
diff --git a/config/default.js b/config/default.js
index feaff5e..503eedf 100644
--- a/config/default.js
+++ b/config/default.js
@@ -68,25 +68,5 @@ module.exports = {
   RESOURCE_ROLE_CREATE_TOPIC: process.env.RESOURCE_ROLE_CREATE_TOPIC || 'challenge.action.resource.role.create',
   RESOURCE_ROLE_UPDATE_TOPIC: process.env.RESOURCE_ROLE_UPDATE_TOPIC || 'challenge.action.resource.role.update',
 
-  AUTOMATED_TESTING_NAME_PREFIX: process.env.AUTOMATED_TESTING_NAME_PREFIX || 'POSTMANE2E-',
-
-  FORBIDDEN_COUNTRIES: [
-    'Iran',
-    'North Korea',
-    'Cuba',
-    'Sudan',
-    'Syria',
-    'Belarus',
-    'Russia',
-    'Russian Federation'
-  ],
-  FORBIDDEN_COUNTRIES_ALPHA_3: [
-    'IRN',
-    'PRK',
-    'CUB',
-    'SDN', 'SSD', // (south sudan)
-    'SYR',
-    'BLR',
-    'RUS'
-  ]
+  AUTOMATED_TESTING_NAME_PREFIX: process.env.AUTOMATED_TESTING_NAME_PREFIX || 'POSTMANE2E-'
 }
diff --git a/src/routes.js b/src/routes.js
index 1f6047b..405ec92 100644
--- a/src/routes.js
+++ b/src/routes.js
@@ -4,9 +4,7 @@
 
 const constants = require('../app-constants')
 const {
-  SCOPES: { READ, CREATE, DELETE, UPDATE, ALL },
-  FORBIDDEN_COUNTRIES,
-  FORBIDDEN_COUNTRIES_ALPHA_3
+  SCOPES: { READ, CREATE, DELETE, UPDATE, ALL }
 } = require('config')
 
 module.exports = {
@@ -25,7 +23,7 @@ module.exports = {
       auth: 'jwt',
       access: [constants.UserRoles.Admin, constants.UserRoles.Copilot, constants.UserRoles.Manager, constants.UserRoles.User],
       scopes: [CREATE, ALL],
-      forbiddenCountries: [...FORBIDDEN_COUNTRIES, ...FORBIDDEN_COUNTRIES_ALPHA_3]
+      blockByIp: true
     },
     delete: {
       controller: 'ResourceController',