aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorChristian Fehmer <[email protected]>2024-08-29 16:29:12 +0300
committerChristian Fehmer <[email protected]>2024-08-29 16:29:31 +0300
commitaeaea6dcdcc70c72930eda544c77c9c7350714a2 (patch)
tree05ec7ff331549c001676ab17fd452efbd69daff1
parentcdedef3a11e8616f235862a3515f9ab0ccc36dae (diff)
downloadmonkeytype-feature/use-tsrest-for-quotes.tar.gz
monkeytype-feature/use-tsrest-for-quotes.zip
-rw-r--r--backend/__tests__/api/controllers/quotes.spec.ts8
-rw-r--r--backend/scripts/openapi.ts3
-rw-r--r--backend/src/api/controllers/quote.ts10
-rw-r--r--backend/src/api/routes/quotes.ts2
4 files changed, 6 insertions, 17 deletions
diff --git a/backend/__tests__/api/controllers/quotes.spec.ts b/backend/__tests__/api/controllers/quotes.spec.ts
index f875e361c..3a6a5fe8a 100644
--- a/backend/__tests__/api/controllers/quotes.spec.ts
+++ b/backend/__tests__/api/controllers/quotes.spec.ts
@@ -102,9 +102,7 @@ describe("QuotesController", () => {
.expect(403);
//THEN
- expect(body.message).toEqual(
- "You are not allowed to view submitted quotes"
- );
+ expect(body.message).toEqual("You don't have permission to do this.");
expect(getQuotesMock).not.toHaveBeenCalled();
});
@@ -119,9 +117,7 @@ describe("QuotesController", () => {
.expect(403);
//THEN
- expect(body.message).toEqual(
- "You are not allowed to view submitted quotes"
- );
+ expect(body.message).toEqual("You don't have permission to do this.");
expect(getQuotesMock).not.toHaveBeenCalled();
});
diff --git a/backend/scripts/openapi.ts b/backend/scripts/openapi.ts
index 5e8c78a26..19fc8c045 100644
--- a/backend/scripts/openapi.ts
+++ b/backend/scripts/openapi.ts
@@ -86,7 +86,6 @@ export function getOpenApi(): OpenAPIObject {
description: "All-time and daily leaderboards of the fastest typers.",
"x-displayName": "Leaderboards",
},
-
{
name: "psas",
description: "Public service announcements.",
@@ -95,7 +94,7 @@ export function getOpenApi(): OpenAPIObject {
},
{
name: "quotes",
- description: "Quote submissions for new quotes and quote ratings.",
+ description: "Quote ratings and new quote submissions",
"x-displayName": "Quotes",
"x-public": "yes",
},
diff --git a/backend/src/api/controllers/quote.ts b/backend/src/api/controllers/quote.ts
index 3e397bff8..04195b62f 100644
--- a/backend/src/api/controllers/quote.ts
+++ b/backend/src/api/controllers/quote.ts
@@ -35,14 +35,8 @@ export async function getQuotes(
const { uid } = req.ctx.decodedToken;
const quoteMod = (await getPartialUser(uid, "get quotes", ["quoteMod"]))
.quoteMod;
- let quoteModString: string;
- if (quoteMod === true) {
- quoteModString = "all";
- } else if (quoteMod !== false && quoteMod !== undefined && quoteMod !== "") {
- quoteModString = quoteMod;
- } else {
- throw new MonkeyError(403, "You are not allowed to view submitted quotes");
- }
+ const quoteModString = quoteMod === true ? "all" : (quoteMod as string);
+
const data = await NewQuotesDAL.get(quoteModString);
return new MonkeyResponse2(
"Quote submissions retrieved",
diff --git a/backend/src/api/routes/quotes.ts b/backend/src/api/routes/quotes.ts
index 83e13f22e..afc5dca5d 100644
--- a/backend/src/api/routes/quotes.ts
+++ b/backend/src/api/routes/quotes.ts
@@ -18,7 +18,7 @@ const checkIfUserIsQuoteMod = checkUserPermissions(["quoteMod"], {
const s = initServer();
export default s.router(quotesContract, {
get: {
- middleware: [RateLimit.newQuotesGet],
+ middleware: [checkIfUserIsQuoteMod, RateLimit.newQuotesGet],
handler: async (r) => callController(QuoteController.getQuotes)(r),
},
isSubmissionEnabled: {