tdpeuter/2025SELab2-project-Dwengo
tdpeuter/2025SELab2-project-Dwengo
1
Fork 0
Code Issues Releases 4 Packages 2 Wiki Activity

feat: question + answer checks

Browse source
This commit is contained in:
Gabriellvl 2025-04-18 23:28:55 +02:00
parent f671341bad
commit 78b65f148e
4 changed files with 67 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

48
backend/src/middleware/auth/checks/question-checks.ts Normal file
View file

@ -0,0 +1,48 @@
import {authorize} from "./auth-checks";
import {AuthenticationInfo} from "../authentication-info";
import {AuthenticatedRequest} from "../authenticated-request";
import {requireFields} from "../../../controllers/error-helper";
import {getLearningObjectId, getQuestionId} from "../../../controllers/questions";
import {fetchQuestion} from "../../../services/questions";
import {FALLBACK_SEQ_NUM} from "../../../config";
import {fetchAnswer} from "../../../services/answers";
export const onlyAllowAuthor = authorize(
(auth: AuthenticationInfo, req: AuthenticatedRequest) => req.body.author === auth.username
);
export const onlyAllowAuthorRequest = authorize(
(auth: AuthenticationInfo, req: AuthenticatedRequest) => {
const hruid = req.params.hruid;
const version = req.params.version;
const language = req.query.lang as string;
const seq = req.params.seq;
requireFields({ hruid });
const learningObjectId = getLearningObjectId(hruid, version, language);
const questionId = getQuestionId(learningObjectId, seq);
const question = await fetchQuestion(questionId);
return question.author.username == auth.username;
}
);
export const onlyAllowAuthorRequestAnswer = authorize(
(auth: AuthenticationInfo, req: AuthenticatedRequest) => {
const hruid = req.params.hruid;
const version = req.params.version;
const language = req.query.lang as string;
const seq = req.params.seq;
const seqAnswer = req.params.seqAnswer;
requireFields({ hruid });
const learningObjectId = getLearningObjectId(hruid, version, language);
const questionId = getQuestionId(learningObjectId, seq);
const sequenceNumber = Number(seqAnswer) || FALLBACK_SEQ_NUM;
const answer = await fetchAnswer(questionId, sequenceNumber);
return answer.author.username == auth.username;
}
);