krikkert/habitica
1
0
Fork 0
mirror of https://github.com/HabitRPG/habitica.git synced 2025-12-19 15:48:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

allow challenges to be edited, deleted, closed by admin users (moderators and staff) through the web UI (not by API calls)

Browse Source
This commit is contained in:
Alys
2015-08-16 16:50:15 +10:00
parent 8e667b1019
commit 53f861f3c0
2 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
website/src/controllers/challenges.js
View File

@@ -225,7 +225,7 @@ api.update = function(req, res, next){
}, },
function(_before, cb) { function(_before, cb) {
if (!_before) return cb('Challenge ' + cid + ' not found'); if (!_before) return cb('Challenge ' + cid + ' not found');
if (_before.leader != user._id) return cb("You don't have permissions to edit this challenge"); if (_before.leader != user._id && !user.contributor.admin) return cb("You don't have permissions to edit this challenge");
// Update the challenge, since syncing will need the updated challenge. But store `before` we're going to do some // Update the challenge, since syncing will need the updated challenge. But store `before` we're going to do some
// before-save / after-save comparison to determine if we need to sync to users // before-save / after-save comparison to determine if we need to sync to users
before = _before; before = _before;
@@ -307,7 +307,7 @@ api['delete'] = function(req, res, next){
}, },
function(chal, cb){ function(chal, cb){
if (!chal) return cb('Challenge ' + cid + ' not found'); if (!chal) return cb('Challenge ' + cid + ' not found');
if (chal.leader != user._id) return cb("You don't have permissions to edit this challenge"); if (chal.leader != user._id && !user.contributor.admin) return cb("You don't have permissions to delete this challenge");
if (chal.group != 'habitrpg') user.balance += chal.prize/4; // Refund gems to user if a non-tavern challenge if (chal.group != 'habitrpg') user.balance += chal.prize/4; // Refund gems to user if a non-tavern challenge
user.save(cb); user.save(cb);
}, },
@@ -336,7 +336,7 @@ api.selectWinner = function(req, res, next) {
function(_chal, cb){ function(_chal, cb){
chal = _chal; chal = _chal;
if (!chal) return cb('Challenge ' + cid + ' not found'); if (!chal) return cb('Challenge ' + cid + ' not found');
if (chal.leader != user._id) return cb("You don't have permissions to edit this challenge"); if (chal.leader != user._id && !user.contributor.admin) return cb("You don't have permissions to close this challenge");
User.findById(req.query.uid, cb) User.findById(req.query.uid, cb)
}, },
function(winner, cb){ function(winner, cb){

2
website/views/options/social/challenges.jade
View File

@@ -30,7 +30,7 @@ script(type='text/ng-template', id='partials/options.social.challenges.detail.me
script(type='text/ng-template', id='partials/options.social.challenges.detail.html') script(type='text/ng-template', id='partials/options.social.challenges.detail.html')
// Edit button // Edit button
div(bindonce='challenge', ng-if='challenge.leader._id==user._id') div(bindonce='challenge', ng-if='challenge.leader._id==user._id || user.contributor.admin')
div(ng-hide='challenge._locked==false') div(ng-hide='challenge._locked==false')
button.btn.btn-sm.btn-default(ng-click='edit(challenge)')=env.t('edit') button.btn.btn-sm.btn-default(ng-click='edit(challenge)')=env.t('edit')
button.btn.btn-sm.btn-success(ng-click='clone(challenge)')=env.t('clone') button.btn.btn-sm.btn-success(ng-click='clone(challenge)')=env.t('clone')