From 190038eaa1e39819f7fdb4221dbe7ff88745b085 Mon Sep 17 00:00:00 2001 From: elweyn Date: Wed, 26 Jan 2022 15:54:19 +0100 Subject: [PATCH 1/3] fix updatePendingCreation method logic, now it checks if the updated datas are allowed so that no user can get more than 1000 GDD per month. --- backend/src/graphql/resolver/AdminResolver.ts | 38 ++++++++++++------- 1 file changed, 24 insertions(+), 14 deletions(-) diff --git a/backend/src/graphql/resolver/AdminResolver.ts b/backend/src/graphql/resolver/AdminResolver.ts index 8a7e034a5..d658fce2e 100644 --- a/backend/src/graphql/resolver/AdminResolver.ts +++ b/backend/src/graphql/resolver/AdminResolver.ts @@ -113,25 +113,35 @@ export class AdminResolver { const user = await userRepository.findByEmail(email) const loginPendingTasksAdminRepository = getCustomRepository(LoginPendingTasksAdminRepository) - const updatedCreation = await loginPendingTasksAdminRepository.findOneOrFail({ id }) + const pendingCreationToUpdate = await loginPendingTasksAdminRepository.findOneOrFail({ id }) - if (updatedCreation.userId !== user.id) + if (pendingCreationToUpdate.userId !== user.id) { throw new Error('user of the pending creation and send user does not correspond') + } - updatedCreation.amount = BigInt(amount * 10000) - updatedCreation.memo = memo - updatedCreation.date = new Date(creationDate) - updatedCreation.moderator = moderator + const creationDateObj = new Date(creationDate) + const creations = await getUserCreations(user.id) - await loginPendingTasksAdminRepository.save(updatedCreation) - const result = new UpdatePendingCreation() - result.amount = parseInt(amount.toString()) - result.memo = updatedCreation.memo - result.date = updatedCreation.date - result.moderator = updatedCreation.moderator - result.creation = await getUserCreations(user.id) + if (isCreationValid(creations, amount, creationDateObj)) { + // TODO Check if open creation (of creationDate) + amount * 10000 <= 1000 - return result + pendingCreationToUpdate.amount = BigInt(amount * 10000) + pendingCreationToUpdate.memo = memo + pendingCreationToUpdate.date = new Date(creationDate) + pendingCreationToUpdate.moderator = moderator + + await loginPendingTasksAdminRepository.save(pendingCreationToUpdate) + const result = new UpdatePendingCreation() + result.amount = parseInt(amount.toString()) + result.memo = pendingCreationToUpdate.memo + result.date = pendingCreationToUpdate.date + result.moderator = pendingCreationToUpdate.moderator + result.creation = await getUserCreations(user.id) + + return result + } else { + throw new Error('Creation is not valid') + } } @Authorized([RIGHTS.SEARCH_PENDING_CREATION]) From afbc52c2aa79de2151e08058eae477b5a66ce915 Mon Sep 17 00:00:00 2001 From: elweyn Date: Wed, 26 Jan 2022 20:10:11 +0100 Subject: [PATCH 2/3] Implemented a method to add back the summ to the creations array. --- backend/src/graphql/resolver/AdminResolver.ts | 26 ++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) diff --git a/backend/src/graphql/resolver/AdminResolver.ts b/backend/src/graphql/resolver/AdminResolver.ts index d658fce2e..4e936a351 100644 --- a/backend/src/graphql/resolver/AdminResolver.ts +++ b/backend/src/graphql/resolver/AdminResolver.ts @@ -23,6 +23,7 @@ import { UserTransactionRepository } from '../../typeorm/repository/UserTransact import { BalanceRepository } from '../../typeorm/repository/Balance' import { calculateDecay } from '../../util/decay' import { LoginUserRepository } from '../../typeorm/repository/LoginUser' +import { LoginPendingTasksAdmin } from '@entity/LoginPendingTasksAdmin' @Resolver() export class AdminResolver { @@ -120,7 +121,8 @@ export class AdminResolver { } const creationDateObj = new Date(creationDate) - const creations = await getUserCreations(user.id) + let creations = await getUserCreations(user.id) + creations = updateCreations(creations, pendingCreationToUpdate) if (isCreationValid(creations, amount, creationDateObj)) { // TODO Check if open creation (of creationDate) + amount * 10000 <= 1000 @@ -332,6 +334,28 @@ async function getUserCreations(id: number): Promise { ] } +function updateCreations(creations: number[], pendingCreation: LoginPendingTasksAdmin): number[] { + const dateMonth = moment().format('YYYY-MM') + const dateLastMonth = moment().subtract(1, 'month').format('YYYY-MM') + const dateBeforeLastMonth = moment().subtract(2, 'month').format('YYYY-MM') + const creationDateMonth = moment(pendingCreation.date).format('YYYY-MM') + + switch (creationDateMonth) { + case dateMonth: + creations[2] += parseInt(pendingCreation.amount.toString()) + break + case dateLastMonth: + creations[1] += parseInt(pendingCreation.amount.toString()) + break + case dateBeforeLastMonth: + creations[0] += parseInt(pendingCreation.amount.toString()) + break + default: + throw new Error('UpdatedCreationDate is not in the last three months') + } + return creations +} + function isCreationValid(creations: number[], amount: number, creationDate: Date) { const dateMonth = moment().format('YYYY-MM') const dateLastMonth = moment().subtract(1, 'month').format('YYYY-MM') From 6c81673a4b36153578e43eb0256071565040594c Mon Sep 17 00:00:00 2001 From: elweyn Date: Thu, 27 Jan 2022 11:04:32 +0100 Subject: [PATCH 3/3] Update creations of a user only if the old pending creation has the same month as the updated month. Throw exception before end of file. --- backend/src/graphql/resolver/AdminResolver.ts | 37 +++++++++---------- 1 file changed, 18 insertions(+), 19 deletions(-) diff --git a/backend/src/graphql/resolver/AdminResolver.ts b/backend/src/graphql/resolver/AdminResolver.ts index 4e936a351..9ca558a9c 100644 --- a/backend/src/graphql/resolver/AdminResolver.ts +++ b/backend/src/graphql/resolver/AdminResolver.ts @@ -122,28 +122,27 @@ export class AdminResolver { const creationDateObj = new Date(creationDate) let creations = await getUserCreations(user.id) - creations = updateCreations(creations, pendingCreationToUpdate) + if (pendingCreationToUpdate.date.getMonth() === creationDateObj.getMonth()) { + creations = updateCreations(creations, pendingCreationToUpdate) + } - if (isCreationValid(creations, amount, creationDateObj)) { - // TODO Check if open creation (of creationDate) + amount * 10000 <= 1000 - - pendingCreationToUpdate.amount = BigInt(amount * 10000) - pendingCreationToUpdate.memo = memo - pendingCreationToUpdate.date = new Date(creationDate) - pendingCreationToUpdate.moderator = moderator - - await loginPendingTasksAdminRepository.save(pendingCreationToUpdate) - const result = new UpdatePendingCreation() - result.amount = parseInt(amount.toString()) - result.memo = pendingCreationToUpdate.memo - result.date = pendingCreationToUpdate.date - result.moderator = pendingCreationToUpdate.moderator - result.creation = await getUserCreations(user.id) - - return result - } else { + if (!isCreationValid(creations, amount, creationDateObj)) { throw new Error('Creation is not valid') } + pendingCreationToUpdate.amount = BigInt(amount * 10000) + pendingCreationToUpdate.memo = memo + pendingCreationToUpdate.date = new Date(creationDate) + pendingCreationToUpdate.moderator = moderator + + await loginPendingTasksAdminRepository.save(pendingCreationToUpdate) + const result = new UpdatePendingCreation() + result.amount = parseInt(amount.toString()) + result.memo = pendingCreationToUpdate.memo + result.date = pendingCreationToUpdate.date + result.moderator = pendingCreationToUpdate.moderator + result.creation = await getUserCreations(user.id) + + return result } @Authorized([RIGHTS.SEARCH_PENDING_CREATION])