krikkert/habitica
1
0
Fork 0
mirror of https://github.com/HabitRPG/habitica.git synced 2025-12-18 07:07:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update the API to prevent the user from leaving a group if they are the only member and have a quest active. (#10091)

Browse Source 
* Update the API to prevent the user from leaving a group if they are the only member and have a quest active.

fixes #10068

* fixing api doc
This commit is contained in:
Travis
2018-03-17 14:26:07 -07:00
committed by Matteo Pagliazzi
parent 3ad0ffcaec
commit 45eb19e992
4 changed files with 44 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
test/api/v3/integration/groups/POST-groups_groupId_join.test.js
View File

@@ -262,6 +262,30 @@ describe('POST /group/:groupId/join', () => {
await expect(checkExistence('groups', oldParty._id)).to.eventually.equal(false); await expect(checkExistence('groups', oldParty._id)).to.eventually.equal(false);
}); });
it('does not allow user to leave a party if a quest was active and they were the only member', async () => {
let userToInvite = await generateUser();
let oldParty = await userToInvite.post('/groups', { // add user to a party
name: 'Another Test Party',
type: 'party',
});
await userToInvite.update({
[`items.quests.${PET_QUEST}`]: 1,
});
await userToInvite.post(`/groups/${oldParty._id}/quests/invite/${PET_QUEST}`);
await expect(checkExistence('groups', oldParty._id)).to.eventually.equal(true);
await user.post(`/groups/${party._id}/invite`, {
uuids: [userToInvite._id],
});
await expect(userToInvite.post(`/groups/${party._id}/join`)).to.eventually.be.rejected.and.eql({
code: 401,
error: 'NotAuthorized',
message: t('messageCannotLeaveWhileQuesting'),
});
});
it('invites joining member to active quest', async () => { it('invites joining member to active quest', async () => {
await user.update({ await user.update({
[`items.quests.${PET_QUEST}`]: 1, [`items.quests.${PET_QUEST}`]: 1,

8
website/client/store/actions/guilds.js
View File

@@ -55,7 +55,13 @@ export async function join (store, payload) {
const user = store.state.user.data; const user = store.state.user.data;
const invitations = user.invitations; const invitations = user.invitations;
let response = await axios.post(`/api/v3/groups/${groupId}/join`); let response;
try {
response = await axios.post(`/api/v3/groups/${groupId}/join`);
} catch (err) {
alert(err.response.data.message);
return;
}
if (type === 'guild') { if (type === 'guild') {
const invitationI = invitations.guilds.findIndex(i => i.id === groupId); const invitationI = invitations.guilds.findIndex(i => i.id === groupId);

1
website/common/locales/en/messages.json
View File

@@ -60,6 +60,7 @@
"messageGroupChatAdminClearFlagCount": "Only an admin can clear the flag count!", "messageGroupChatAdminClearFlagCount": "Only an admin can clear the flag count!",
"messageCannotFlagSystemMessages": "You cannot flag a system message. If you need to report a violation of the Community Guidelines related to this message, please email a screenshot and explanation to Lemoness at <%= communityManagerEmail %>.", "messageCannotFlagSystemMessages": "You cannot flag a system message. If you need to report a violation of the Community Guidelines related to this message, please email a screenshot and explanation to Lemoness at <%= communityManagerEmail %>.",
"messageGroupChatSpam": "Whoops, looks like you're posting too many messages! Please wait a minute and try again. The Tavern chat only holds 200 messages at a time, so Habitica encourages posting longer, more thoughtful messages and consolidating replies. Can't wait to hear what you have to say. :)", "messageGroupChatSpam": "Whoops, looks like you're posting too many messages! Please wait a minute and try again. The Tavern chat only holds 200 messages at a time, so Habitica encourages posting longer, more thoughtful messages and consolidating replies. Can't wait to hear what you have to say. :)",
"messageCannotLeaveWhileQuesting": "You cannot accept this party invitation while you are in a quest. If you'd like to join this party, you must first abort your quest, which you can do from your party screen. You will be given back the quest scroll.",
"messageUserOperationProtected": "path `<%= operation %>` was not saved, as it's a protected path.", "messageUserOperationProtected": "path `<%= operation %>` was not saved, as it's a protected path.",
"messageUserOperationNotFound": "<%= operation %> operation not found", "messageUserOperationNotFound": "<%= operation %> operation not found",

19
website/server/controllers/api-v3/groups.js
View File

@@ -518,6 +518,18 @@ api.joinGroup = {
if (inviterParty) { if (inviterParty) {
inviter = inviterParty.inviter; inviter = inviterParty.inviter;
// If user was in a different party (when partying solo you can be invited to a new party)
// make them leave that party before doing anything
if (user.party._id) {
let userPreviousParty = await Group.getGroup({user, groupId: user.party._id});
if (userPreviousParty.memberCount === 1 && user.party.quest.key) {
throw new NotAuthorized(res.t('messageCannotLeaveWhileQuesting'));
}
if (userPreviousParty) await userPreviousParty.leave(user);
}
// Clear all invitations of new user // Clear all invitations of new user
user.invitations.parties = []; user.invitations.parties = [];
user.invitations.party = {}; user.invitations.party = {};
@@ -530,13 +542,6 @@ api.joinGroup = {
group.markModified('quest.members'); group.markModified('quest.members');
} }
// If user was in a different party (when partying solo you can be invited to a new party)
// make them leave that party before doing anything
if (user.party._id) {
let userPreviousParty = await Group.getGroup({user, groupId: user.party._id});
if (userPreviousParty) await userPreviousParty.leave(user);
}
user.party._id = group._id; // Set group as user's party user.party._id = group._id; // Set group as user's party
isUserInvited = true; isUserInvited = true;