Merge branch 'dev' of github.com:cloudspokes/tc-api into dev

Author: skyhit

actions/challenges.js

@@ -1039,6 +1039,7 @@ var getChallenge = function (api, connection, dbConnectionMap, isStudio, next) {
         isRelated = false, // This variable represent if the caller is related with challenge.
         isRegistered = false,// This variable represent if the caller is already registered this challenge.
         isCopilotPosting = false,//This variable represent if the challenge is a copilot posting challenge.
+        isManager=false,//This variable represent if the caller is a manager.
         copilotDetailedRequirements,
         unified = connection.action === "getChallenge",
         execQuery = function (name) {
@@ -1068,8 +1069,12 @@ var getChallenge = function (api, connection, dbConnectionMap, isStudio, next) {
                 return;
             }
 
+            if (result[0].is_manager) {
+                isManager = true;
+            }
+
             // If the user has the access to the challenge or is a resource for the challenge then he is related with this challenge.
-            if (result[0].has_access || result[0].is_related || result[0].is_manager || helper.isAdmin(caller)) {
+            if (result[0].has_access || result[0].is_related || isManager || helper.isAdmin(caller)) {
                 isRelated = true;
             }
 
@@ -1170,6 +1175,13 @@ var getChallenge = function (api, connection, dbConnectionMap, isStudio, next) {
                 submissionsViewable: data.submissions_viewable
             };
 
+            if (!challenge.submissionsViewable && isStudio) {
+                // Admin and manager can view submissions anytime
+                if (helper.isAdmin(caller) || isManager) {
+                    challenge.submissionsViewable = true;
+                }
+            }
+
             if (unified) {
                 challenge.type = isStudio ? 'design' : 'develop';
             }
@@ -2371,8 +2383,8 @@ var getChallengeResults = function (api, connection, dbConnectionMap, isStudio,
                 //Submission Links
                 if (isStudio) {
                     if (challengeRestrictions.show_submissions) {
-                        resEl.submissionDownloadLink = api.config.tcConfig.designSubmissionLink + el.submission_id;
-                        resEl.previewDownloadLink = api.config.tcConfig.designSubmissionLink + el.submission_id + "&sbt=small";
+                        resEl.submissionDownloadLink = api.config.tcConfig.designSubmissionLink + el.submission_id + api.config.tcConfig.submissionDownloadLinkParams;
+                        resEl.previewDownloadLink = api.config.tcConfig.designSubmissionLink + el.submission_id + api.config.tcConfig.previewDownloadLinkParams;
                     }
                 } else {
                     resEl.submissionDownloadLink = api.config.tcConfig.submissionLink + el.upload_id;
@@ -2394,7 +2406,7 @@ var getChallengeResults = function (api, connection, dbConnectionMap, isStudio,
             if (isStudio) {
                 if (challengeRestrictions.show_submissions) {
                     result.finalFixes = _.map(res.finalFixes, function (ff) {
-                        return api.config.tcConfig.designSubmissionLink + ff.submission_id;
+                        return api.config.tcConfig.designSubmissionLink + ff.submission_id + api.config.tcConfig.submissionDownloadLinkParams;
                     });
                 }
             } else {
@@ -3956,7 +3968,7 @@ var getUserSubmissions = function (api, connection, next) {
                     submission.download = api.config.tcConfig.submissionLink + item.upload_id;
                     delete submission.ranking;
                 } else {
-                    submission.download = api.config.tcConfig.designSubmissionLink + item.submission_id;
+                    submission.download = api.config.tcConfig.designSubmissionLink + item.submission_id + api.config.tcConfig.submissionDownloadLinkParams;
                 }
                 return submission;
             });

actions/memberStatistics.js

@@ -1328,7 +1328,7 @@ var getRecentWinningDesignSubmissions = function (api, connection, dbConnectionM
                     submissionDate: element.submission_date,
                     viewable: element.viewable.toLowerCase() === "true",
                     challengeId: element.challenge_id,
-                    preview: api.config.tcConfig.designSubmissionLink + element.submission_id + "&sbt=small"
+                    preview: api.config.tcConfig.designSubmissionLink + element.submission_id + api.config.tcConfig.previewDownloadLinkParams
                 };
                 if (!winningSubmission.viewable) {
                     delete winningSubmission.preview;

actions/srmRoundComponentsAndTerms.js

@@ -59,7 +59,7 @@ function checkDefinedNonNegativeInteger(value, name, error, helper) {
  * @param callback the callback method
  */
 function checkComponents(api, dbConnectionMap, components, callback) {
-    var helper = api.helper, error = helper.checkArray(components, "components", false), existingComponentDivisionIds = [];
+    var helper = api.helper, error = helper.checkArray(components, "components", true), existingComponentDivisionIds = [];
     if (error) {
         callback(error);
         return;
@@ -202,7 +202,7 @@ var setRoundComponents = function (api, connection, dbConnectionMap, next) {
     var helper = api.helper,
         sqlParams = {},
         roundId = Number(connection.params.roundId),
-        components = connection.params.components;
+        components = connection.params.components || [];
 
     async.waterfall([
         function (cb) {
@@ -348,8 +348,8 @@ exports.setRoundComponents = {
     name: "setRoundComponents",
     description: "Set Round Components",
     inputs: {
-        required: ['roundId', 'components'],
-        optional: []
+        required: ['roundId'],
+        optional: ['components']
     },
     blockedConnectionTypes: [],
     outputExample: {},

apiary.apib

@@ -6144,24 +6144,24 @@ Request
                 "submissionDate": "2013-12-04T09:00:05.000Z",
                 "placement": 1,
                 "points": 360,
-                "submissionDownloadLink": "http://studio.topcoder.com/?module=DownloadSubmission&sbmid=123456",
-                "previewDownloadLink": "https://studio.topcoder.com/?module=DownloadSubmission&sbmid=123456&sbt=small"
+                "submissionDownloadLink": "https://api.topcoder.com/v2/design/download/123456?submissionType=original",
+                "previewDownloadLink": "https://api.topcoder.com/v2/design/download/123456?submissionType=preview&submissionImageTypeId=29"
             },
             {
                 "handle": "heffan",
                 "registrationDate": "2013-12-03T09:00:05.000Z",
                 "submissionDate": "2013-12-05T09:00:05.000Z",
                 "placement": 2,
                 "points": 140,
-                "submissionDownloadLink": "http://studio.topcoder.com/?module=DownloadSubmission&sbmid=123457",
-                "previewDownloadLink": "https://studio.topcoder.com/?module=DownloadSubmission&sbmid=123457&sbt=small"
+                "submissionDownloadLink": "https://api.topcoder.com/v2/design/download/123457?submissionType=original",
+                "previewDownloadLink": "https://api.topcoder.com/v2/design/download/123457?submissionType=preview&submissionImageTypeId=29"
             }
           ],
           "finalFixes":
           [
-            "submissionDownloadLink": "http://studio.topcoder.com/?module=DownloadSubmission&sbmid=123458",
-            "submissionDownloadLink": "http://studio.topcoder.com/?module=DownloadSubmission&sbmid=123459",
-            "submissionDownloadLink": "http://studio.topcoder.com/?module=DownloadSubmission&sbmid=123460"
+            "submissionDownloadLink": "https://api.topcoder.com/v2/design/download/123458?submissionType=original",
+            "submissionDownloadLink": "https://api.topcoder.com/v2/design/download/123459?submissionType=original",
+            "submissionDownloadLink": "https://api.topcoder.com/v2/design/download/123460?submissionType=original"
           ]
         }
 
@@ -6591,7 +6591,7 @@ Request
                     prize: 1300,
                     submissionDate: "2014-02-03T09:30:00.000Z",
                     viewable: true
-                    preview: "https://studio.topcoder.com/?module=DownloadSubmission&sbmid=169728&sbt=small"
+                    preview: "https://api.topcoder.com/v2/design/download/169728?submissionType=preview&submissionImageTypeId=29"
                 },
                 {
                     contestName: "TC Redesign Lorem Ipsum Dolor sit Amet 2",

config/tc-config.js

@@ -130,7 +130,12 @@ var config = {
 
     submissionLink: 'https://software.topcoder.com/review/actions/DownloadContestSubmission.do?method=downloadContestSubmission&uid=',
     finalFixLink: 'https://software.topcoder.com/review/actions/DownloadFinalFix.do?method=downloadFinalFix&uid=',
-    designSubmissionLink: 'http://studio.topcoder.com/?module=DownloadSubmission&sbmid=',
+    designSubmissionLink: 'https://api.topcoder.com/v2/design/download/',
+    // stores the parameters that need sent to the 'submission' request
+    submissionDownloadLinkParams: '?submissionType=original',
+    //stores the parameters that need to be included in the 'preview' request
+    //29 means small
+    previewDownloadLinkParams: "?submissionType=preview&submissionImageTypeId=29",
 
     //The name of the folder where to store the submission files.
     //Please make sure the directory already exists

deploy/development.bat

@@ -90,4 +90,6 @@ set WATERMARK_FILE_PATH=test/test_files/design_image_file_generator/studio_logo_
 
 set WKHTMLTOIMAGE_COMMAND_PATH=/home/ubuntu/tmp/wkhtmltox-0.12.1/static-build/posix-local/wkhtmltox-0.12.1/bin/wkhtmltoimage
 set WKHTMLTOIMAGE_IMAGE_WIDTH=1024
-set HIGHLIGHT_STYLE_LINK=http://cdnjs.cloudflare.com/ajax/libs/highlight.js/8.3/styles/%OVERRIDE_STYLE_NAME%.min.css
+set HIGHLIGHT_STYLE_LINK=http://cdnjs.cloudflare.com/ajax/libs/highlight.js/8.3/styles/%OVERRIDE_STYLE_NAME%.min.css
+
+set JWT_TOKEN_COOKIE_KEY="tcjwt_vm"

deploy/development.sh

@@ -96,3 +96,5 @@ export WATERMARK_FILE_PATH=test/test_files/design_image_file_generator/studio_lo
 export WKHTMLTOIMAGE_COMMAND_PATH=/home/ubuntu/tmp/wkhtmltox-0.12.1/static-build/posix-local/wkhtmltox-0.12.1/bin/wkhtmltoimage
 export WKHTMLTOIMAGE_IMAGE_WIDTH=1024
 export HIGHLIGHT_STYLE_LINK=http://cdnjs.cloudflare.com/ajax/libs/highlight.js/8.3/styles/%OVERRIDE_STYLE_NAME%.min.css
+
+export JWT_TOKEN_COOKIE_KEY="tcjwt_vm"

initializers/middleware.js

@@ -81,20 +81,27 @@ exports.middleware = function (api, next) {
             isCachedReturned,
             cacheKey,
             socialUserId,
-            socialProvider;
-        if (!_.isDefined(authHeader)) {
+            socialProvider,
+            cookieToken = api.utils.parseCookies(connection.rawConnection.req)[process.env.JWT_TOKEN_COOKIE_KEY];
+
+        if (_.isUndefined(authHeader) && _.isUndefined(cookieToken)) {
             connection.caller = {accessLevel: "anon"};
             next(connection, true);
             return;
         }
+
         async.waterfall([
             function (cb) {
-                var reg = /^bearer ([\s\S]+)$/i;
-                if (!reg.test(authHeader)) {
-                    cb(new IllegalArgumentError("Malformed Auth header"));
-                    return;
+                if (_.isUndefined(authHeader)) {
+                    cb(null, cookieToken);
+                } else {
+                    var reg = /^bearer ([\s\S]+)$/i;
+                    if (!reg.test(authHeader)) {
+                        cb(new IllegalArgumentError("Malformed Auth header"));
+                        return;
+                    }
+                    cb(null, reg.exec(authHeader)[1]);
                 }
-                cb(null, reg.exec(authHeader)[1]);
             }, function (token, cb) {
                 jwt.verify(token,
                     api.config.tcConfig.oauthClientSecret,
@@ -107,6 +114,11 @@ exports.middleware = function (api, next) {
                     return;
                 }
                 var split = decoded.sub.split("|");
+                if (split.length == 1) {
+                    // token.sub should contain "|"
+                    cb(new IllegalArgumentError('Malformed Auth header. token.sub is in bad format!'));
+                    return;
+                }
                 try {
                     socialUserId = (split[split.length-1] || "").trim();
                     socialProvider = (split[0] || "").trim();
@@ -212,7 +224,8 @@ exports.middleware = function (api, next) {
             //error messages returned by jwt.verify(...) method
             if (err.message.indexOf('Invalid token') !== -1 ||
                     String(err.message).startsWith("jwt audience invalid.") ||
-                    err.message === "invalid signature") {
+                    err.message === "invalid signature" ||
+                    err.message === "jwt malformed") {
                 errorMessage = "Malformed Auth header";
                 baseError = api.helper.apiCodes.badRequest;
             } else if (err.message === "jwt expired") {