✨ [no_ci] Allow users to get only authorized bets

9 months ago · 30334c63cb
parent 6b657de563
commit 30334c63cb
5 changed files with 59 additions and 40 deletions
--- a/Sources/src/main/kotlin/allin/data/BetDataSource.kt
+++ b/Sources/src/main/kotlin/allin/data/BetDataSource.kt
@ -1,10 +1,11 @@
 package allin.data

+import allin.dto.UserDTO
 import allin.model.*
 import java.time.ZonedDateTime

 interface BetDataSource {
-    fun getAllBets(filters: List<BetFilter>): List<Bet>
+    fun getAllBets(filters: List<BetFilter>, userDTO: UserDTO): List<Bet>
    fun getBetById(id: String): Bet?
    fun getBetDetailById(id: String, username: String): BetDetail?
    fun getBetsNotFinished(): List<Bet>
@ -20,4 +21,5 @@ interface BetDataSource {
    fun getMostPopularBet(): Bet?
    fun updatePopularityScore(betId: String)
    fun addPrivateBet(bet: Bet)
+    fun isInvited(betid: String, userId: String): Boolean
 }
--- a/Sources/src/main/kotlin/allin/data/mock/MockBetDataSource.kt
+++ b/Sources/src/main/kotlin/allin/data/mock/MockBetDataSource.kt
@ -1,6 +1,7 @@
 package allin.data.mock

 import allin.data.BetDataSource
+import allin.dto.UserDTO
 import allin.model.*
 import allin.model.BetStatus.*
 import java.time.ZonedDateTime
@ -15,7 +16,7 @@ class MockBetDataSource(private val mockData: MockDataSource.MockData) : BetData
    private val betInfos get() = mockData.betInfos
    private val answerInfos get() = mockData.answerInfos

-    override fun getAllBets(filters: List<BetFilter>): List<Bet> {
+    override fun getAllBets(filters: List<BetFilter>, userDTO: UserDTO): List<Bet> {
        return when {
            filters.isEmpty() -> bets

@ -237,4 +238,8 @@ class MockBetDataSource(private val mockData: MockDataSource.MockData) : BetData
        TODO()
    }

+    override fun isInvited(betid: String, userId: String): Boolean {
+        TODO("Not yet implemented")
+    }
+
 }
--- a/Sources/src/main/kotlin/allin/data/postgres/PostgresBetDataSource.kt
+++ b/Sources/src/main/kotlin/allin/data/postgres/PostgresBetDataSource.kt
@ -2,6 +2,7 @@ package allin.data.postgres

 import allin.data.BetDataSource
 import allin.data.postgres.entities.*
+import allin.dto.UserDTO
 import allin.model.*
 import org.ktorm.database.Database
 import org.ktorm.dsl.*
@ -13,9 +14,10 @@ import kotlin.math.roundToInt

 class PostgresBetDataSource(private val database: Database) : BetDataSource {

-    override fun getAllBets(filters: List<BetFilter>): List<Bet> {
+    override fun getAllBets(filters: List<BetFilter>, userDTO: UserDTO): List<Bet> {
        return when {
-            filters.isEmpty() -> database.bets.filter { it.isPrivate eq false  }.map { it.toBet(database) }
+            filters.isEmpty() -> database.bets.map { it.toBet(database) }
+                .filter { (!it.isPrivate) or (isInvited(it.id, userDTO.id)) or (it.createdBy == userDTO.id) }

            filters.size == 1 -> {
                val filter = filters.first()
@ -28,6 +30,7 @@ class PostgresBetDataSource(private val database: Database) : BetDataSource {
                        it.status inList listOf(BetStatus.IN_PROGRESS, BetStatus.WAITING, BetStatus.CLOSING)
                    }
                }.map { it.toBet(database) }
+                    .filter { (!it.isPrivate) or (isInvited(it.id, userDTO.id)) or (it.createdBy == userDTO.id) }
            }

            else -> {
@ -44,11 +47,11 @@ class PostgresBetDataSource(private val database: Database) : BetDataSource {

                    (public or invitation) and (finished or inProgress)
                }.map { it.toBet(database) }
+                    .filter { (!it.isPrivate) or (isInvited(it.id, userDTO.id)) or (it.createdBy == userDTO.id) }
            }
        }
    }

-
    override fun getBetById(id: String): Bet? =
        database.bets.find { it.id eq id }?.toBet(database)

@ -263,4 +266,8 @@ class PostgresBetDataSource(private val database: Database) : BetDataSource {
            })
        }
    }
+
+    override fun isInvited(betid: String, userId: String): Boolean {
+        return database.privatebets.filter { (it.betid eq betid) and (it.userId eq userId) }.isNotEmpty()
+    }
 }
--- a/Sources/src/main/kotlin/allin/data/postgres/entities/BetEntity.kt
+++ b/Sources/src/main/kotlin/allin/data/postgres/entities/BetEntity.kt
@ -41,7 +41,7 @@ interface BetEntity : Entity<BetEntity> {
            } else {
                database.responses.filter { it.betId eq id }.map { it.response }
            },
-            createdBy = createdBy,
+            createdBy = database.users.first { it.id eq createdBy }.username,
            popularityscore = popularityscore,
            totalStakes = betInfo?.totalStakes ?: 0,
            totalParticipants = betInfo?.totalParticipants ?: 0
--- a/Sources/src/main/kotlin/allin/routing/betRouter.kt
+++ b/Sources/src/main/kotlin/allin/routing/betRouter.kt
@ -56,7 +56,7 @@ fun Application.betRouter() {
                        logManager.log("Routing", "${ApiMessage.BET_ALREADY_EXIST} /bets/add")
                        call.respond(HttpStatusCode.Conflict, ApiMessage.BET_ALREADY_EXIST)
                    } ?: run {
-                        val betWithId = bet.copy(id = id, createdBy = user.first?.username.toString())
+                        val betWithId = bet.copy(id = id, createdBy = user.first?.id.toString())

                        if (bet.isPrivate && bet.userInvited?.isNotEmpty() == true) {
                            betDataSource.addPrivateBet(betWithId)
@ -93,7 +93,7 @@ fun Application.betRouter() {
                        val filters =
                            filtersRequest?.filters ?: emptyList() // Use provided filters or empty list if null
                        logManager.log("Routing", "ACCEPTED /bets/gets\t${filters}")
-                        call.respond(HttpStatusCode.Accepted, betDataSource.getAllBets(filters))
+                        call.respond(HttpStatusCode.Accepted, betDataSource.getAllBets(filters, user))
                    }
                }
            }
@ -152,8 +152,7 @@ fun Application.betRouter() {
            betDataSource.getBetById(id)?.let { bet ->
                logManager.log("Routing", "ACCEPTED /bets/get/{id}\t ${bet}")
                call.respond(HttpStatusCode.Accepted, bet)
-            } ?:
-            logManager.log("Routing","${ApiMessage.BET_NOT_FOUND} /bets/get/{id}")
+            } ?: logManager.log("Routing", "${ApiMessage.BET_NOT_FOUND} /bets/get/{id}")
            call.respond(HttpStatusCode.NotFound, ApiMessage.BET_NOT_FOUND)
        }

@ -282,7 +281,10 @@ fun Application.betRouter() {
                logManager.log("Routing", "GET /bets/history")
                hasToken { principal ->
                    verifyUserFromToken(userDataSource, principal) { user, _ ->
-                        logManager.log("Routing","ACCEPTED /bets/toConfirm\t${betDataSource.getHistory(user.username)}")
+                        logManager.log(
+                            "Routing",
+                            "ACCEPTED /bets/toConfirm\t${betDataSource.getHistory(user.username)}"
+                        )
                        call.respond(HttpStatusCode.Accepted, betDataSource.getHistory(user.username))
                    }
                }
@ -307,7 +309,10 @@ fun Application.betRouter() {
                logManager.log("Routing", "GET /bets/current")
                hasToken { principal ->
                    verifyUserFromToken(userDataSource, principal) { user, _ ->
-                        logManager.log("Routing","ACCEPTED /bets/toConfirm\t${betDataSource.getCurrent(user.username)}")
+                        logManager.log(
+                            "Routing",
+                            "ACCEPTED /bets/toConfirm\t${betDataSource.getCurrent(user.username)}"
+                        )
                        call.respond(HttpStatusCode.Accepted, betDataSource.getCurrent(user.username))
                    }
                }