fix: login (#148)

* fix: login * fix: login * fix: seed * fix: login/pdf * fix: add more fixes
ungdev · Oct 5, 2023 · a1c41b6 · a1c41b6
1 parent a8e1841
commit a1c41b6
Show file tree

Hide file tree

Showing 9 changed files with 18 additions and 16 deletions.
diff --git a/seed.sql b/seed.sql
@@ -21,8 +21,8 @@ INSERT INTO `settings` (`id`, `value`) VALUES
 
 INSERT INTO `tournaments` (`id`, `name`, `maxPlayers`, `playersPerTeam`, `cashprize`) VALUES
 ('lol', 'League of Legends', 160, 5, 0),
-('ssbu', 'SSBU', 64, 1, 0),
-('csgo', 'Counter-Strike : Global Offensive', 80, 5, 0),
+('ssbu', 'Super Smash Bros. Ultimate', 64, 1, 0),
+('cs2', 'Counter-Strike 2', 80, 5, 0),
 ('rl', 'Rocket League', 60, 3, 0),
 ('osu', 'Osu!', 64, 1, 0),
 ('tft', 'Teamfight Tactics', 32, 1, 0),

diff --git a/src/middlewares/settings.ts b/src/middlewares/settings.ts
@@ -12,7 +12,8 @@ export const isLoginAllowed = async (request: Request, response: Response, next:
   if (
     login ||
     (user && user.permissions && user.permissions.length > 0) ||
-    request.originalUrl === '/admin/auth/login'
+    request.originalUrl === '/admin/auth/login' ||
+    request.route.path === '/admin/auth/login'
   ) {
     return next();
   }

diff --git a/src/types.ts b/src/types.ts
@@ -271,6 +271,7 @@ export const enum Error {
   IsOrga = "L'utilisateur est un organisateur",
   TeamNotPaid = "Tous les membres de l'équipe n'ont pas payé",
   LoginNotAllowed = 'Tu ne peux pas te connecter actuellement',
+  NotAdmin = "Tu n'es pas administrateur",
   ShopNotAllowed = 'La billetterie est fermée',
   EmailNotConfirmed = "Le compte n'est pas confirmé",
   NoPermission = "Tu n'as pas la permission d'accéder à cette ressource",

diff --git a/src/utils/login.ts b/src/utils/login.ts
@@ -46,7 +46,7 @@ export async function loginAccount(request: Request, response: Response, next: N
 
     // If admin check that the user has any permissions
     if (admin && (!user.permissions || user.permissions.length === 0)) {
-      return forbidden(response, ResponseError.LoginNotAllowed);
+      return forbidden(response, ResponseError.NotAdmin);
     }
 
     const token = generateToken(user);

diff --git a/tests/admin/auth/login.test.ts b/tests/admin/auth/login.test.ts
@@ -31,7 +31,7 @@ describe('POST /admin/auth/login', () => {
         login: user.email,
         password,
       })
-      .expect(403, { error: Error.LoginNotAllowed });
+      .expect(403, { error: Error.NotAdmin });
     await database.user.update({
       where: {
         id: user.id,

diff --git a/tests/admin/emails/send.test.ts b/tests/admin/emails/send.test.ts
@@ -15,9 +15,9 @@ describe('POST /admin/emails', () => {
 
   before(async () => {
     admin = await createFakeUser({ type: UserType.orga, permissions: [Permission.admin] });
-    await createFakeTeam({ members: 4, tournament: 'csgo' });
+    await createFakeTeam({ members: 4, tournament: 'cs2' });
     await createFakeTeam({ members: 2, tournament: 'lol' });
-    [nonAdminUser] = (await createFakeTeam({ members: 5, tournament: 'csgo', locked: true })).players;
+    [nonAdminUser] = (await createFakeTeam({ members: 5, tournament: 'cs2', locked: true })).players;
     adminToken = generateToken(admin);
   });
 
@@ -163,7 +163,7 @@ describe('POST /admin/emails', () => {
       request(app)
         .post(`/admin/emails`)
         .send({
-          tournamentId: 'csgo',
+          tournamentId: 'cs2',
           ...validMailBody,
         })
         .set('Authorization', `Bearer ${adminToken}`)
@@ -173,7 +173,7 @@ describe('POST /admin/emails', () => {
       request(app)
         .post(`/admin/emails`)
         .send({
-          tournamentId: 'csgo',
+          tournamentId: 'cs2',
           locked: true,
           ...validMailBody,
         })
@@ -184,7 +184,7 @@ describe('POST /admin/emails', () => {
       request(app)
         .post(`/admin/emails`)
         .send({
-          tournamentId: 'csgo',
+          tournamentId: 'cs2',
           locked: false,
           ...validMailBody,
         })

diff --git a/tests/discord/syncRoles.test.ts b/tests/discord/syncRoles.test.ts
@@ -18,7 +18,7 @@ describe('POST /discord/sync-roles', () => {
       locked: true,
       paid: true,
       members: 5,
-      tournament: 'csgo',
+      tournament: 'cs2',
     });
     // We will test with one missing user (he may have left the server)
     for (const user of [...team.players.slice(1), ...team.coaches]) registerMember(user.discordId);
@@ -27,13 +27,13 @@ describe('POST /discord/sync-roles', () => {
     const team2 = await createFakeTeam({
       locked: false,
       members: 2,
-      tournament: 'csgo',
+      tournament: 'cs2',
     });
     registerMember(team2.players[0].discordId);
 
     await database.tournament.update({
       where: {
-        id: 'csgo',
+        id: 'cs2',
       },
       data: {
         discordRoleId: registerRole(),

diff --git a/tests/teams/createTeam.test.ts b/tests/teams/createTeam.test.ts
@@ -151,12 +151,12 @@ describe('POST /teams', () => {
 
     const { body } = await request(app)
       .post('/teams')
-      .send({ ...teamBody, tournamentId: 'csgo' })
+      .send({ ...teamBody, tournamentId: 'cs2' })
       .set('Authorization', `Bearer ${newToken}`)
       .expect(201);
 
     expect(body.name).to.be.equal(teamBody.name);
-    expect(body.tournamentId).to.be.equal('csgo');
+    expect(body.tournamentId).to.be.equal('cs2');
     expect(body.captainId).to.be.equal(newUser.id);
     const remoteUser = await userOperations.fetchUser(body.captainId);
     expect(remoteUser.type).to.be.equal(teamBody.userType);

diff --git a/tests/utils/pdf.test.ts b/tests/utils/pdf.test.ts
@@ -17,7 +17,7 @@ describe('Tests the PDF utils', () => {
   });
 
   let placeId = 0;
-  for (const tournamentId of ['lol', 'ssbu', 'csgo', 'rl', 'osu', 'tft', 'open', 'pokemon']) {
+  for (const tournamentId of ['lol', 'ssbu', 'cs2', 'rl', 'osu', 'tft', 'open', 'pokemon']) {
     it(`should generate a PDF ticket for ${tournamentId}`, async () => {
       // Create a fake user and add it in a random team
       const team = await createFakeTeam({ tournament: tournamentId as string });