Added quest cancel route and initial tests

website/src/controllers/api-v3/quests.js

@@ -3,6 +3,9 @@ import cron from '../../middlewares/api-v3/cron';
 import {
   model as Group,
 } from '../../models/group';
+import {
+  model as User,
+} from '../../models/user';
 import {
   NotFound,
   NotAuthorized,
@@ -65,4 +68,50 @@ api.inviteToQuest = {
   },
 };
 
+/**
+ * @api {post} /groups/:groupId/quests/cancel Cancels a quest
+ * @apiVersion 3.0.0
+ * @apiName CancelQuest
+ * @apiGroup Group
+ *
+ * @apiParam {string} groupId The group _id (or 'party')
+ *
+ * @apiSuccess {Object} Group Object
+ */
+api.cancelQuest = {
+  method: 'POST',
+  url: '/groups/:groupId/quests/cancel',
+  middlewares: [authWithHeaders(), cron],
+  async handler (req, res) {
+    // Cancel a quest BEFORE it has begun (i.e., in the invitation stage)
+    // Quest scroll has not yet left quest owner's inventory so no need to return it.
+    // Do not wipe quest progress for members because they'll want it to be applied to the next quest that's started.
+    let user = res.locals.user;
+    let groupId = req.params.groupId;
+
+    req.checkParams('groupId', res.t('groupIdRequired')).notEmpty();
+
+    let validationErrors = req.validationErrors();
+    if (validationErrors) throw validationErrors;
+
+    let group = await Group.getGroup({user, groupId, fields: 'type quest'});
+    if (!group) throw new NotFound(res.t('groupNotFound'));
+
+    if (group.quest.active) throw new NotAuthorized(res.t('cantCancelActiveQuest'));
+
+    group.quest = {key: null, progress: {}, leader: null, members: {}};
+    group.markModified('quest');
+    await group.save();
+
+    await User.update(
+      {'party._id': groupId},
+      {$set: {'party.quest.RSVPNeeded': false, 'party.quest.key': null}},
+      {multi: true}
+    );
+
+    res.respond(200, group);
+  },
+};
+
+
 export default api;