From aeaea6dcdcc70c72930eda544c77c9c7350714a2 Mon Sep 17 00:00:00 2001 From: Christian Fehmer Date: Thu, 29 Aug 2024 16:29:12 +0300 Subject: review comments --- backend/__tests__/api/controllers/quotes.spec.ts | 8 ++------ backend/scripts/openapi.ts | 3 +-- backend/src/api/controllers/quote.ts | 10 ++-------- backend/src/api/routes/quotes.ts | 2 +- 4 files changed, 6 insertions(+), 17 deletions(-) diff --git a/backend/__tests__/api/controllers/quotes.spec.ts b/backend/__tests__/api/controllers/quotes.spec.ts index f875e361c..3a6a5fe8a 100644 --- a/backend/__tests__/api/controllers/quotes.spec.ts +++ b/backend/__tests__/api/controllers/quotes.spec.ts @@ -102,9 +102,7 @@ describe("QuotesController", () => { .expect(403); //THEN - expect(body.message).toEqual( - "You are not allowed to view submitted quotes" - ); + expect(body.message).toEqual("You don't have permission to do this."); expect(getQuotesMock).not.toHaveBeenCalled(); }); @@ -119,9 +117,7 @@ describe("QuotesController", () => { .expect(403); //THEN - expect(body.message).toEqual( - "You are not allowed to view submitted quotes" - ); + expect(body.message).toEqual("You don't have permission to do this."); expect(getQuotesMock).not.toHaveBeenCalled(); }); diff --git a/backend/scripts/openapi.ts b/backend/scripts/openapi.ts index 5e8c78a26..19fc8c045 100644 --- a/backend/scripts/openapi.ts +++ b/backend/scripts/openapi.ts @@ -86,7 +86,6 @@ export function getOpenApi(): OpenAPIObject { description: "All-time and daily leaderboards of the fastest typers.", "x-displayName": "Leaderboards", }, - { name: "psas", description: "Public service announcements.", @@ -95,7 +94,7 @@ export function getOpenApi(): OpenAPIObject { }, { name: "quotes", - description: "Quote submissions for new quotes and quote ratings.", + description: "Quote ratings and new quote submissions", "x-displayName": "Quotes", "x-public": "yes", }, diff --git a/backend/src/api/controllers/quote.ts b/backend/src/api/controllers/quote.ts index 3e397bff8..04195b62f 100644 --- a/backend/src/api/controllers/quote.ts +++ b/backend/src/api/controllers/quote.ts @@ -35,14 +35,8 @@ export async function getQuotes( const { uid } = req.ctx.decodedToken; const quoteMod = (await getPartialUser(uid, "get quotes", ["quoteMod"])) .quoteMod; - let quoteModString: string; - if (quoteMod === true) { - quoteModString = "all"; - } else if (quoteMod !== false && quoteMod !== undefined && quoteMod !== "") { - quoteModString = quoteMod; - } else { - throw new MonkeyError(403, "You are not allowed to view submitted quotes"); - } + const quoteModString = quoteMod === true ? "all" : (quoteMod as string); + const data = await NewQuotesDAL.get(quoteModString); return new MonkeyResponse2( "Quote submissions retrieved", diff --git a/backend/src/api/routes/quotes.ts b/backend/src/api/routes/quotes.ts index 83e13f22e..afc5dca5d 100644 --- a/backend/src/api/routes/quotes.ts +++ b/backend/src/api/routes/quotes.ts @@ -18,7 +18,7 @@ const checkIfUserIsQuoteMod = checkUserPermissions(["quoteMod"], { const s = initServer(); export default s.router(quotesContract, { get: { - middleware: [RateLimit.newQuotesGet], + middleware: [checkIfUserIsQuoteMod, RateLimit.newQuotesGet], handler: async (r) => callController(QuoteController.getQuotes)(r), }, isSubmissionEnabled: { -- cgit v1.2.3