Merge branch 'dev' into refactor/domain-challenge

rakibansary · rakibansary · commit 56654eeb6ff5 · 2023-03-20T04:07:48.000+06:00
diff --git a/src/common/helper.js b/src/common/helper.js
@@ -915,6 +915,33 @@ async function listChallengesByMember(memberId) {
   return allIds;
 }
 
+/**
+ * Lists resources that given member has in the given challenge.
+ * @param {Number} memberId the member id
+ * @param {String} id the challenge id
+ * @returns {Promise<Array>} an array of resources.
+ */
+async function listResourcesByMemberAndChallenge(memberId, challengeId) {
+  const token = await getM2MToken();
+  let response = {};
+  try {
+    response = await axios.get(config.RESOURCES_API_URL, {
+      headers: { Authorization: `Bearer ${token}` },
+      params: {
+        memberId,
+        challengeId,
+      },
+    });
+  } catch (e) {
+    logger.debug(
+      `Failed to get resources on challenge ${challengeId} that memberId ${memberId} has`,
+      e
+    );
+  }
+  const result = response.data || [];
+  return result;
+}
+
 /**
  * Check if ES refresh method is valid.
  *
@@ -1041,20 +1068,17 @@ async function ensureAccessibleByGroupsAccess(currentUser, challenge) {
  * @param {Object} challenge the challenge to check
  */
 async function _ensureAccessibleForTaskChallenge(currentUser, challenge) {
-  let challengeResourceIds;
+  let memberResources;
   // Check if challenge is task and apply security rules
   if (_.get(challenge, "task.isTask", false) && _.get(challenge, "task.isAssigned", false)) {
     if (currentUser) {
       if (!currentUser.isMachine) {
-        const challengeResources = await getChallengeResources(challenge.id);
-        challengeResourceIds = _.map(challengeResources, (r) => _.toString(r.memberId));
+        memberResources = await listResourcesByMemberAndChallenge(currentUser.userId, challenge.id);
       }
     }
     const canAccesChallenge = _.isUndefined(currentUser)
       ? false
-      : currentUser.isMachine ||
-        hasAdminRole(currentUser) ||
-        _.includes(challengeResourceIds || [], _.toString(currentUser.userId));
+      : currentUser.isMachine || hasAdminRole(currentUser) || !_.isEmpty(memberResources);
     if (!canAccesChallenge) {
       throw new errors.ForbiddenError(`You don't have access to view this challenge`);
     }
@@ -1295,6 +1319,7 @@ module.exports = {
   getESClient,
   calculateChallengeEndDate,
   listChallengesByMember,
+  listResourcesByMemberAndChallenge,
   validateESRefreshMethod,
   getProjectDefaultTerms,
   validateChallengeTerms,
diff --git a/src/services/ChallengeService.js b/src/services/ChallengeService.js
@@ -202,6 +202,52 @@ async function ensureAcessibilityToModifiedGroups(currentUser, data, challenge)
   }
 }
 
+/**
+ * Search challenges by legacyId
+ * @param {Object} currentUser the user who perform operation
+ * @param {Number} legacyId the legacyId
+ * @param {Number} page the page
+ * @param {Number} perPage the perPage
+ * @returns {Array} the search result
+ */
+async function searchByLegacyId(currentUser, legacyId, page, perPage) {
+  const esQuery = {
+    index: config.get("ES.ES_INDEX"),
+    type: config.get("ES.ES_TYPE"),
+    size: perPage,
+    from: (page - 1) * perPage,
+    body: {
+      query: {
+        term: {
+          legacyId,
+        },
+      },
+    },
+  };
+
+  logger.debug(`es Query ${JSON.stringify(esQuery)}`);
+  let docs;
+  try {
+    docs = await esClient.search(esQuery);
+  } catch (e) {
+    logger.error(`Query Error from ES ${JSON.stringify(e)}`);
+    docs = {
+      hits: {
+        hits: [],
+      },
+    };
+  }
+  const ids = _.map(docs.hits.hits, (item) => item._source.id);
+  const result = [];
+  for (const id of ids) {
+    try {
+      const challenge = await getChallenge(currentUser, id);
+      result.push(challenge);
+    } catch (e) {}
+  }
+  return result;
+}
+
 /**
  * Search challenges
  * @param {Object} currentUser the user who perform operation
@@ -213,6 +259,10 @@ async function searchChallenges(currentUser, criteria) {
 
   const page = criteria.page || 1;
   const perPage = criteria.perPage || 20;
+  if (!_.isUndefined(criteria.legacyId)) {
+    const result = await searchByLegacyId(currentUser, criteria.legacyId, page, perPage);
+    return { total: result.length, page, perPage, result };
+  }
   const boolQuery = [];
   let sortByScore = false;
   const matchPhraseKeys = [
@@ -1387,13 +1437,22 @@ async function getChallenge(currentUser, id, checkIfExists) {
   // delete challenge.typeId
 
   // Remove privateDescription for unregistered users
-  let memberChallengeIds;
   if (currentUser) {
-    if (!currentUser.isMachine && !hasAdminRole(currentUser)) {
+    if (!currentUser.isMachine && !helper.hasAdminRole(currentUser)) {
       _.unset(challenge, "billing");
-      memberChallengeIds = await helper.listChallengesByMember(currentUser.userId);
-      if (!_.includes(memberChallengeIds, challenge.id)) {
+      if (_.isEmpty(challenge.privateDescription)) {
         _.unset(challenge, "privateDescription");
+      } else if (
+        !_.get(challenge, "task.isTask", false) ||
+        !_.get(challenge, "task.isAssigned", false)
+      ) {
+        const memberResources = await helper.listResourcesByMemberAndChallenge(
+          currentUser.userId,
+          challenge.id
+        );
+        if (_.isEmpty(memberResources)) {
+          _.unset(challenge, "privateDescription");
+        }
       }
     }
   } else {
