Merge branch 'dev' of github.com:cloudspokes/tc-api into dev

Author: skyhit

actions/srmProblems.js

@@ -11,7 +11,9 @@
  * - listRoundProblems will include round id
  * - listRoundProblemComponents will include round id
  *
- * @version 1.1
+ * Changes in 1.2 (TC API - List SRM Problems API Update)
+ * - Update listSRMProblems api to allow web arena super user access it.
+ * @version 1.2
  * @author TCSASSEMBLER
  */
 /*jslint node: true, nomen: true, plusplus: true */
@@ -21,6 +23,7 @@ var _ = require('underscore');
 var moment = require('moment');
 var IllegalArgumentError = require('../errors/IllegalArgumentError');
 var NotFoundError = require('../errors/NotFoundError');
+var UnauthorizedError = require('../errors/UnauthorizedError');
 var ForbiddenError = require('../errors/ForbiddenError');
 
 /**
@@ -206,6 +209,12 @@ var listRoundProblemComponents = function (api, connection, dbConnectionMap, nex
     });
 };
 
+/**
+ * The filter for list SRM problem api when caller is the web arena super user.
+ * @type {string}
+ */
+var SRM_PROBLEM_WEB_ARENA_SUPER_FILTER = " AND p.status_id = 90";
+
 /**
  * Get SRM problems.
  *
@@ -216,14 +225,36 @@ var listRoundProblemComponents = function (api, connection, dbConnectionMap, nex
  */
 var listSRMProblems = function (api, connection, dbConnectionMap, next) {
     var helper = api.helper,
+        caller = connection.caller,
         result = [],
         sqlParams = {};
 
     async.waterfall([
         function (cb) {
-            cb(helper.checkAdmin(connection, 'Authorized information needed.', 'Admin access only.'));
+            if (!helper.isAdmin(caller) && !caller.isWebArenaSuper) {
+                if (!helper.isMember(caller)) {
+                    cb(new UnauthorizedError("Authorized information needed."));
+                } else {
+                    cb(new ForbiddenError("Admin or web Arena super user only."));
+                }
+            } else {
+                cb();
+            }
+            //cb(helper.checkAdmin(connection, 'Authorized information needed.', 'Admin access only.'));
         }, function (cb) {
-            api.dataAccess.executeQuery("get_srm_problems", sqlParams, dbConnectionMap, cb);
+            if (caller.isWebArenaSuper) {
+                async.waterfall([
+                    function (cbx) {
+                        helper.readQuery("get_srm_problems", cbx);
+                    },
+                    function (sql, cbx) {
+                        sql = helper.editSql(sql, SRM_PROBLEM_WEB_ARENA_SUPER_FILTER, null);
+                        api.dataAccess.executeSqlQuery(sql, sqlParams, "informixoltp", dbConnectionMap, cbx);
+                    }
+                ], cb);
+            } else {
+                api.dataAccess.executeQuery("get_srm_problems", sqlParams, dbConnectionMap, cb);
+            }
         }, function (results, cb) {
             _.each(results, function (item) {
                 result.push(parseProblem(item));

actions/srmRoundManagement.js

@@ -6,15 +6,18 @@
  *
  * Changes in version 1.1 (Module Assembly - Web Arena - Match Configurations):
  * - Updated ListSRMContestRounds to send UTC time in milliseconds for registration and coding start time
+ * Changes in version 1.2 (First2Finish - TC API - Modify SRM Round API Update):
+ * - updated modifySRMContestRound to support web arena super role
  *
- * @version 1.1
+ * @version 1.2
  * @author TCSASSEMBLER
  */
 /*jslint node: true, nomen: true */
 "use strict";
 var async = require('async');
 var _ = require('underscore');
 var NotFoundError = require('../errors/NotFoundError');
+var ForbiddenError = require('../errors/ForbiddenError');
 
 /**
  * Max value for integer
@@ -430,7 +433,7 @@ exports.createSRMContestRound = {
                 params.id = MAX_INT;
                 var error =
                         checkContestRound(helper, params) ||
-                        helper.checkAdmin(connection, "You need to be authorized first.", "You are forbidden for this API.");
+                        helper.checkAdminOrWebArenaSuper(connection, "You need to be authorized first.", "You are forbidden for this API.");
                 cb(error);
             },
             function (cb) {
@@ -440,6 +443,9 @@ exports.createSRMContestRound = {
                     },
                     function (roundId, cbx) {
                         params.id = roundId;
+                        if (connection.caller.isWebArenaSuper) {
+                            params.type.id = 24;
+                        }
                         api.dataAccess.executeQuery('insert_srm_contest_round',
                             {
                                 contest_id: params.contest_id,
@@ -451,7 +457,8 @@ exports.createSRMContestRound = {
                                 name: params.name,
                                 status: params.status,
                                 short_name: params.short_name,
-                                auto_end: params.auto_end
+                                auto_end: params.auto_end,
+                                creator_id: connection.caller.userId
                             },
                             dbConnectionMap, cbx);
                     }
@@ -613,13 +620,20 @@ exports.modifySRMContestRound = {
             helper.handleNoConnection(api, connection, next);
             return;
         }
+        if (_.isUndefined(params.auto_end)) {
+            params.auto_end = false;
+        }
         async.series([
             function (cb) {
                 console.log("oldRoundId = " + oldRoundId);
                 var error =
-                    helper.checkIdParameter(oldRoundId, 'oldRoundId') ||
-                    checkContestRound(helper, params) ||
-                    helper.checkAdmin(connection, "You need to be authorized first.", "You are forbidden for this API.");
+                        helper.checkIdParameter(oldRoundId, 'oldRoundId') ||
+                        checkContestRound(helper, params) ||
+                        helper.checkAdminOrWebArenaSuper(
+                            connection,
+                            "You need to be authorized first.",
+                            "You are forbidden for this API."
+                        );
                 cb(error);
             },
             // check if modifying round existed.
@@ -630,10 +644,12 @@ exports.modifySRMContestRound = {
                     }, dbConnectionMap),
                     function (result, cbx) {
                         if (result.length === 0) {
-                            cbx(new NotFoundError('modifying round is not existed.'));
-                        } else {
-                            cbx(null);
+                            return cbx(new NotFoundError('modifying round is not existed.'));
+                        }
+                        if (connection.caller.isWebArenaSuper && result[0].creator_id !== connection.caller.userId) {
+                            return cbx(new ForbiddenError('Round was not created by you.'));
                         }
+                        return cbx();
                     }], cb);
             },
             function (cb) {

apiary.apib

@@ -8513,6 +8513,16 @@ Request
             "description":"The request is understood, but it has been refused or access is not allowed."
         }
 
++ Response 403 (application/json)
+
+        {
+            "name":"Forbidden",
+            "value":"403",
+            "description": "The request is understood, but it has been refused or access is not allowed."
+            "details": "Round was not created by you."
+        }
+
+
 + Response 404 (application/json)
 
         {

queries/get_round_onlyid

@@ -1 +1 @@
-select round_id from round where round_id=@round_id@;
+select round_id, creator_id from round where round_id=@round_id@;

queries/get_srm_problems

@@ -9,3 +9,4 @@ t.problem_type_desc AS problem_type_desc
  FROM problem p 
  LEFT OUTER JOIN problem_status_lu s ON p.status_id = s.problem_status_id 
  LEFT OUTER JOIN problem_type_lu t ON p.problem_type_id = t.problem_type_id
+WHERE 1=1

queries/insert_srm_contest_round

@@ -1,2 +1,2 @@
-INSERT INTO round (round_id, contest_id, round_type_id, registration_limit, invitational, region_id, name, status, short_name, auto_end)
-       VALUES (@round_id@, @contest_id@, @round_type_id@, @registration_limit@, @invitational@, @region_id@, '@name@', '@status@', '@short_name@', @auto_end@)
+INSERT INTO round (round_id, contest_id, round_type_id, registration_limit, invitational, region_id, name, status, short_name, auto_end, creator_id)
+       VALUES (@round_id@, @contest_id@, @round_type_id@, @registration_limit@, @invitational@, @region_id@, '@name@', '@status@', '@short_name@', @auto_end@, @creator_id@)

test/sqls/srmProblems/informixoltp__clean

@@ -1 +1,2 @@
-DELETE FROM round_component WHERE round_id = 13672 and division_id = 1;
+DELETE FROM round_component WHERE round_id = 13672 and division_id = 1;
+DELETE FROM problem WHERE problem_id = 2001;

test/sqls/srmProblems/informixoltp__insert_test_data

@@ -1,2 +1,3 @@
 
-INSERT INTO 'informix'.round_component(round_id, component_id, submit_order, division_id, difficulty_id, points, open_order) VALUES(13672, 2020, 0, 1, 1, 500, 0);
+INSERT INTO 'informix'.round_component(round_id, component_id, submit_order, division_id, difficulty_id, points, open_order) VALUES(13672, 2020, 0, 1, 1, 500, 0);
+INSERT INTO 'informix'.problem(problem_id, name, status_id, proposed_division_id, problem_type_id) VALUES(2001, "Used Problem", 90, 1, 1);

test/sqls/srmRoundManagement/informixoltp__insert_rounds

@@ -55,8 +55,8 @@ INSERT INTO contest (contest_id, name, status, group_id) VALUES (30007, "Contest
 INSERT INTO contest (contest_id, name, status, group_id) VALUES (30008, "Contest 8", "A", -1);
 INSERT INTO contest (contest_id, name, status, group_id) VALUES (30009, "Contest 9", "A", -1);
 
-INSERT INTO round (round_id, contest_id, name, status, round_type_id, short_name, region_id, registration_limit, invitational)
-       VALUES (40055, 30006, "Round 7", "A", 11, 'short name 7', 1, 0, 5);
+INSERT INTO round (round_id, contest_id, name, status, round_type_id, short_name, region_id, registration_limit, invitational, creator_id)
+       VALUES (40055, 30006, "Round 7", "A", 11, 'short name 7', 1, 0, 5, 124861);
 INSERT INTO SURVEY(survey_id, name, start_date, end_date, status_id, text)
        VALUES (40055, 'survey2', '2013-10-09 01:50:00', '2013-10-09 02:50:00', 1, 'text 2');
 INSERT INTO round_room_assignment (round_id, coders_per_room, algorithm, by_division, final, by_region, p)
@@ -82,8 +82,8 @@ INSERT INTO round_segment (round_id, segment_id, start_time, end_time, status)
 INSERT INTO room (room_id, round_id, name, division_id, room_type_id) VALUES (499154, 40055, "Admin Room", -1, 1);
 
 
-INSERT INTO round (round_id, contest_id, name, status, round_type_id, short_name, region_id, registration_limit, invitational)
-       VALUES (40060, 30009, "Round 8", "A", 11, 'short name 8', 1, 0, 5);
+INSERT INTO round (round_id, contest_id, name, status, round_type_id, short_name, region_id, registration_limit, invitational, creator_id)
+       VALUES (40060, 30009, "Round 8", "A", 11, 'short name 8', 1, 0, 5, 132456);
 INSERT INTO SURVEY(survey_id, name, start_date, end_date, status_id, text)
        VALUES (40060, 'survey3', '2013-10-09 01:50:00', '2013-10-09 02:50:00', 1, 'text 3');
 INSERT INTO round_room_assignment (round_id, coders_per_room, algorithm, by_division, final, by_region, p)
@@ -128,8 +128,8 @@ INSERT INTO round (round_id, contest_id, name, status, round_type_id, short_name
 INSERT INTO round (round_id, contest_id, name, status, round_type_id, short_name, region_id, registration_limit, invitational)
        VALUES (41005, 30010, "Round 5", "A", 10, 'short name 5', 1, 512, 4);
 
-INSERT INTO round (round_id, contest_id, name, status, round_type_id, short_name, region_id, registration_limit, invitational)
-       VALUES (41006, 30011, "Round 6", "A", 11, 'short name 6', 1, 0, 5);
+INSERT INTO round (round_id, contest_id, name, status, round_type_id, short_name, region_id, registration_limit, invitational, creator_id)
+       VALUES (41006, 30011, "Round 6", "A", 11, 'short name 6', 1, 0, 5, 124861);
 INSERT INTO SURVEY(survey_id, name, start_date, end_date, status_id, text)
        VALUES (41006, 'survey1', '2013-10-09 01:50:00', '2013-10-09 02:50:00', 1, 'text 1');
 INSERT INTO round_room_assignment (round_id, coders_per_room, algorithm, by_division, final, by_region, p)

test/test.srmProblems.js

@@ -29,7 +29,9 @@ var API_ENDPOINT = process.env.API_ENDPOINT || 'http://localhost:8080',
     USER = {
         heffan       : "ad|132456",
         "super"      : "ad|132457",
-        user         : "ad|132458"
+        user         : "ad|132458",
+        ksmith       : "ad|124861",
+        twight       : "ad|124766"
     };
 
 
@@ -146,14 +148,22 @@ describe('SRM Round Problem APIs', function () {
         });
 
         it("Admin access only.", function (done) {
-            assertError("/v2/data/srm/problems", 'user', 403, "Admin access only.", done);
+            assertError("/v2/data/srm/problems", 'user', 403, "Admin or web Arena super user only.", done);
+        });
+
+        it("Admin or web arena only.", function (done) {
+            assertError("/v2/data/srm/problems", 'twight', 403, "Admin or web Arena super user only.", done);
         });
 
         it("Valid request.", function (done) {
             validateResult("/v2/data/srm/problems", 'heffan',
                 "./test_files/srm_problems/list_srm_problems.json", done);
         });
 
+        it("Valid request with web arena super user.", function (done) {
+            validateResult("/v2/data/srm/problems", "ksmith", "./test_files/srm_problems/list_used_srm_problems.json", done);
+        });
+
     });
 
     describe('List SRM Round Problems API', function () {
@@ -278,4 +288,4 @@ describe('SRM Round Problem APIs', function () {
                 "./test_files/srm_problems/list_round_problem_components_global.json", done);
         });
     });
-});
+});