fix: prevent score creation for staff and testing accounts

codam-coding-college · Nov 25, 2024 · c884009 · c884009
1 parent 604ad50
commit c884009
Show file tree

Hide file tree

Showing 3 changed files with 29 additions and 5 deletions.
diff --git a/.env.example b/.env.example
@@ -5,6 +5,7 @@ INTRA_API_UID=enter_your_uid_here
 INTRA_API_SECRET=enter_your_secret_here
 INTRA_CAMPUS_ID=14
 INTRA_CURSUS_ID=21
+INTRA_TEST_ACCOUNTS=karthur,ctest,moretestinglogins
 
 POSTGRES_USER=enter_a_postgres_user_here
 POSTGRES_PASSWORD=enter_a_postgres_password_here

diff --git a/src/env.ts b/src/env.ts
@@ -7,6 +7,7 @@ export const INTRA_API_UID = process.env.INTRA_API_UID!;
 export const INTRA_API_SECRET = process.env.INTRA_API_SECRET!;
 export const CAMPUS_ID: number = parseInt(process.env.INTRA_CAMPUS_ID!);
 export const CURSUS_ID: number = parseInt(process.env.INTRA_CURSUS_ID!);
+export const INTRA_TEST_ACCOUNTS: string[] = (process.env.INTRA_TEST_ACCOUNTS || '').split(',');
 
 // Not defined in .env but in regular shell environment variables
 export const DEV_DAYS_LIMIT: number = process.env.DEV_DAYS_LIMIT ? parseInt(process.env.DEV_DAYS_LIMIT) : 365;
diff --git a/src/handlers/points.ts b/src/handlers/points.ts
@@ -1,4 +1,5 @@
 import { CodamCoalitionFixedType, CodamCoalitionScore, PrismaClient } from '@prisma/client';
+import { INTRA_TEST_ACCOUNTS } from '../env';
 
 const INCLUDE_IN_SCORE_RETURN_DATA = {
 	user: {
@@ -14,17 +15,38 @@ const INCLUDE_IN_SCORE_RETURN_DATA = {
 };
 
 export const createScore = async function(prisma: PrismaClient, type: CodamCoalitionFixedType | null, typeIntraId: number | null, userId: number, points: number, reason: string, scoreDate: Date = new Date()): Promise<CodamCoalitionScore | null> {
-	// Get the user's coalition
-	const coalitionUser = await prisma.intraCoalitionUser.findFirst({
+	// Retrieve user details
+	const user = await prisma.intraUser.findFirst({
 		where: {
-			user_id: userId,
+			id: userId,
 		},
+		select: {
+			login: true,
+			kind: true,
+			coalition_users: {
+				select: {
+					coalition_id: true,
+				},
+			},
+		}
 	});
-
-	if (!coalitionUser) {
+	if (!user) { // Check if user exists
+		console.error(`User ${userId} does not exist in our database, skipping score creation...`);
+		return null;
+	}
+	if (user.kind === "admin") { // Check if user is a staff member
+		console.warn(`User ${user.login} is an admin (staff member), skipping score creation...`);
+		return null;
+	}
+	if (INTRA_TEST_ACCOUNTS.includes(user.login)) { // Check if user is a testing account used by campus staff
+		console.warn(`User ${user.login} is a test account, skipping score creation...`);
+		return null;
+	}
+	if (!user.coalition_users || user.coalition_users.length === 0) { // Check if user has a coalition
 		console.warn(`User ${userId} does not have a coalition, skipping score creation...`);
 		return null;
 	}
+	const coalitionUser = user.coalition_users[0];
 
 	console.log(`Creating score for user ${userId} in coalition ${coalitionUser.coalition_id} with ${points} points for reason "${reason}" (connected to Intra object ${typeIntraId} for fixed type ${(type ? type.type : "null")})...`);
 	return await prisma.codamCoalitionScore.create({