mirror of
https://github.com/HabitRPG/habitica.git
synced 2025-12-17 06:37:23 +01:00
Allow leaving a challenge without having access to the challenge (e.g. after leaving a party or guild)
This commit is contained in:
Céline O'Neil
@@ -32,18 +32,20 @@ describe('POST /challenges/:challengeId/leave', () => {
|
|||||||
let group;
|
let group;
|
||||||
let challenge;
|
let challenge;
|
||||||
let notInChallengeUser;
|
let notInChallengeUser;
|
||||||
|
let notInGroupLeavingUser;
|
||||||
let leavingUser;
|
let leavingUser;
|
||||||
let taskText;
|
let taskText;
|
||||||
|
|
||||||
beforeEach(async () => {
|
beforeEach(async () => {
|
||||||
let populatedGroup = await createAndPopulateGroup({
|
let populatedGroup = await createAndPopulateGroup({
|
||||||
members: 2,
|
members: 3,
|
||||||
});
|
});
|
||||||
|
|
||||||
groupLeader = populatedGroup.groupLeader;
|
groupLeader = populatedGroup.groupLeader;
|
||||||
group = populatedGroup.group;
|
group = populatedGroup.group;
|
||||||
leavingUser = populatedGroup.members[0];
|
leavingUser = populatedGroup.members[0];
|
||||||
notInChallengeUser = populatedGroup.members[1];
|
notInChallengeUser = populatedGroup.members[1];
|
||||||
|
notInGroupLeavingUser = populatedGroup.members[2];
|
||||||
|
|
||||||
challenge = await generateChallenge(groupLeader, group);
|
challenge = await generateChallenge(groupLeader, group);
|
||||||
|
|
||||||
@@ -55,17 +57,16 @@ describe('POST /challenges/:challengeId/leave', () => {
|
|||||||
|
|
||||||
await leavingUser.post(`/challenges/${challenge._id}/join`);
|
await leavingUser.post(`/challenges/${challenge._id}/join`);
|
||||||
|
|
||||||
|
await notInGroupLeavingUser.post(`/challenges/${challenge._id}/join`);
|
||||||
|
await notInGroupLeavingUser.post(`/groups/${group._id}/leave`, {
|
||||||
|
keepChallenges: 'remain-in-challenges',
|
||||||
|
});
|
||||||
|
|
||||||
await challenge.sync();
|
await challenge.sync();
|
||||||
});
|
});
|
||||||
|
|
||||||
it('returns an error when user doesn\'t have permissions to view the challenge', async () => {
|
it('lets user leave when not a member of the challenge group', async () => {
|
||||||
let unauthorizedUser = await generateUser();
|
await expect(notInGroupLeavingUser.post(`/challenges/${challenge._id}/leave`)).to.eventually.be.ok;
|
||||||
|
|
||||||
await expect(unauthorizedUser.post(`/challenges/${challenge._id}/leave`)).to.eventually.be.rejected.and.eql({
|
|
||||||
code: 404,
|
|
||||||
error: 'NotFound',
|
|
||||||
message: t('challengeNotFound'),
|
|
||||||
});
|
|
||||||
});
|
});
|
||||||
|
|
||||||
it('returns an error when user isn\'t a member of the challenge', async () => {
|
it('returns an error when user isn\'t a member of the challenge', async () => {
|
||||||
|
|||||||
@@ -190,9 +190,6 @@ api.leaveChallenge = {
|
|||||||
let challenge = await Challenge.findOne({ _id: req.params.challengeId }).exec();
|
let challenge = await Challenge.findOne({ _id: req.params.challengeId }).exec();
|
||||||
if (!challenge) throw new NotFound(res.t('challengeNotFound'));
|
if (!challenge) throw new NotFound(res.t('challengeNotFound'));
|
||||||
|
|
||||||
let group = await Group.getGroup({user, groupId: challenge.group, fields: '_id type privacy'});
|
|
||||||
if (!group || !challenge.canView(user, group)) throw new NotFound(res.t('challengeNotFound'));
|
|
||||||
|
|
||||||
if (!challenge.isMember(user)) throw new NotAuthorized(res.t('challengeMemberNotFound'));
|
if (!challenge.isMember(user)) throw new NotAuthorized(res.t('challengeMemberNotFound'));
|
||||||
|
|
||||||
// Unlink challenge's tasks from user's tasks and save the challenge
|
// Unlink challenge's tasks from user's tasks and save the challenge
|
||||||
|
|||||||
Reference in New Issue
Block a user