Merge pull request #34 from CMU-313/unverify-message

Set up permissions for verify and unverify and UI for unverify
CMU-313 · Oct 10, 2024 · df3ac08 · df3ac08
2 parents 72ab338 + 27250fe
commit df3ac08
Show file tree

Hide file tree

Showing 6 changed files with 62 additions and 4 deletions.
diff --git a/UserGuide.md b/UserGuide.md
@@ -38,4 +38,12 @@ TODO (include file location of automated tests)
 ### How to use
 TODO
 ### Automated testing
-TODO (include file location of automated tests)
+TODO (include file location of automated tests)
+
+
+## Verify Message
+### How to use
+Our verify message component is found under the dropdown beside a post. Notice how there is a cross beside the post/comment. This indicates that the post/comment is not yet verified. If you are an administrator or moderator, you can click verify message to verify the post/comment. Refresh the page to notice that the cross has now been changed to a tick. 
+
+### Automated testing
+Automated tests for permissions and for backend APIs for verify/unverify message can be found in `tests/posts.js`.
diff --git a/dump.rdb b/dump.rdb
diff --git a/nodebb-theme-slackers/templates/partials/topic/post-menu-list.tpl b/nodebb-theme-slackers/templates/partials/topic/post-menu-list.tpl
@@ -40,7 +40,7 @@
 {{{ if posts.verify }}}
 <li>
 	<a class="dropdown-item rounded-1 d-flex align-items-center gap-2" component="post/unverify" role="menuitem" href="#">
-		<span class="menu-icon"><i class="fa fa-fw text-secondary fa-check"></i></span> Un-Verify Message
+		<span class="menu-icon"><i class="fa fa-fw text-secondary fa-check"></i></span> UnVerify Message
 	</a>
 </li>
 {{{ end }}}

diff --git a/nodebb-theme-slackers/templates/partials/topic/post.tpl b/nodebb-theme-slackers/templates/partials/topic/post.tpl
@@ -57,6 +57,9 @@
 				{{{ if posts.verify }}}
 					<span class="menu-icon"><i class="fa fa-fw text-secondary fa-check"></i></span>
 				{{{ end }}}
+				{{{ if !posts.verify }}}
+					<span class="menu-icon"><i class="fa fa-fw text-secondary fa-times"></i></span>
+				{{{ end }}}
 				<span class="bookmarked opacity-0 text-primary"><i class="fa fa-bookmark-o"></i></span>
 				<a href="{config.relative_path}/post/{./pid}" class="post-index text-muted d-none d-md-inline">#{increment(./index, "1")}</a>
 			</div>

diff --git a/src/api/posts.js b/src/api/posts.js
@@ -422,10 +422,29 @@ postsAPI.unbookmark = async function (caller, data) {
 };
 
 postsAPI.verify = async function (caller, data) {
+	const cid = await posts.getCidByPid(data.pid);
+
+	const [isAdmin, isModerator] = await Promise.all([
+		privileges.users.isAdministrator(caller.uid),
+		privileges.users.isModerator(caller.uid, cid),
+	]);
+
+	if (!(isAdmin || isModerator)) {
+		throw new Error('[[error:no-privileges]]');
+	}
 	return await apiHelpers.postCommand(caller, 'verify', 'verify', '', data);
 };
 
 postsAPI.unverify = async function (caller, data) {
+	const cid = await posts.getCidByPid(data.pid);
+	const [isAdmin, isModerator] = await Promise.all([
+		privileges.users.isAdministrator(caller.uid),
+		privileges.users.isModerator(caller.uid, cid),
+	]);
+
+	if (!(isAdmin || isModerator)) {
+		throw new Error('[[error:no-privileges]]');
+	}
 	return await apiHelpers.postCommand(caller, 'unverify', 'unverify', '', data);
 };
 

diff --git a/test/posts.js b/test/posts.js
@@ -283,20 +283,48 @@ describe('Post\'s', () => {
 
 	describe('verifying', async () => {
 		it('should mark post verified', async () => {
-			await apiPosts.verify({ uid: voterUid }, { pid: postData.pid, room_id: `topic_${postData.tid}` });
+			const uid = await user.create({ username: 'global student', password: '123456' });
+			await groups.join('Global Moderators', uid);
+			await apiPosts.verify({ uid: uid }, { pid: postData.pid, room_id: `topic_${postData.tid}` });
 			const isVerified = await posts.getPostField(postData.pid, 'verify');
 			assert.strictEqual(isVerified, 1);
 		});
 	});
 
+	describe('should not be able to verify message if it is not a mod or instructor', async () => {
+		it('should not mark post verified', async () => {
+			const uid = await user.create({ username: 'global student', password: '123456' });
+			try {
+				await apiPosts.verify({ uid: uid }, { pid: postData.pid, room_id: `topic_${postData.tid}` });
+			} catch (err) {
+				return assert.equal(err.message, '[[error:no-privileges]]');
+			}
+			assert(false);
+		});
+	});
+
 	describe('unverifying', async () => {
 		it('should mark post unverified', async () => {
-			await apiPosts.unverify({ uid: voterUid }, { pid: postData.pid, room_id: `topic_${postData.tid}` });
+			const uid = await user.create({ username: 'global student', password: '123456' });
+			await groups.join('Global Moderators', uid);
+			await apiPosts.unverify({ uid: uid }, { pid: postData.pid, room_id: `topic_${postData.tid}` });
 			const isVerified = await posts.getPostField(postData.pid, 'verify');
 			assert.strictEqual(isVerified, 0);
 		});
 	});
 
+	describe('should not be able to unverify message if it is not a mod or instructor', async () => {
+		it('should not mark post verified', async () => {
+			const uid = await user.create({ username: 'global student', password: '123456' });
+			try {
+				await apiPosts.unverify({ uid: uid }, { pid: postData.pid, room_id: `topic_${postData.tid}` });
+			} catch (err) {
+				return assert.equal(err.message, '[[error:no-privileges]]');
+			}
+			assert(false);
+		});
+	});
+
 	describe('answering', async () => {
 		it('should mark post answered', async () => {
 			const data = await apiPosts.answer({ uid: voterUid }, { pid: postData.pid, room_id: `topic_${postData.tid}` });