query for validation of invite code

backend/src/db/factories.js

@@ -235,9 +235,7 @@ Factory.define('inviteCode')
       neode.create('InviteCode', buildObject),
       options.generatedBy,
     ])
-    await Promise.all([
+    await Promise.all([inviteCode.relateTo(generatedBy, 'generated')])
-      inviteCode.relateTo(generatedBy, 'generated'),
-    ])
     return inviteCode
   })
 

backend/src/middleware/permissionsMiddleware.js

@@ -107,6 +107,7 @@ export default shield(
       Donations: isAuthenticated,
       userData: isAuthenticated,
       MyInviteCodes: isAuthenticated,
+      isValidInviteCode: allow,
     },
     Mutation: {
       '*': deny,

backend/src/schema/resolvers/inviteCodes.js

@@ -34,6 +34,31 @@ export default {
         session.close()
       }
     },
+    isValidInviteCode: async (_parent, args, context, _resolveInfo) => {
+      const { code } = args
+      if (!code) return false
+      const session = context.driver.session()
+      const readTxResultPromise = session.readTransaction(async (txc) => {
+        const result = await txc.run(
+          `MATCH (ic:InviteCode { code: $code })
+           RETURN
+           CASE
+           WHEN ic.expiresAt IS NULL THEN true
+           WHEN datetime(ic.expiresAt) >=  datetime() THEN true
+           ELSE false END AS result`,
+          {
+            code,
+          },
+        )
+        return result.records.map((record) => record.get('result'))
+      })
+      try {
+        const txResult = await readTxResultPromise
+        return !!txResult[0]
+      } finally {
+        session.close()
+      }
+    },
   },
   Mutation: {
     GenerateInviteCode: async (_parent, args, context, _resolveInfo) => {

backend/src/schema/resolvers/inviteCodes.spec.js

@@ -30,6 +30,12 @@ const myInviteCodesQuery = gql`
   }
 `
 
+const isValidInviteCodeQuery = gql`
+  query($code: ID) {
+    isValidInviteCode(code: $code)
+  }
+`
+
 beforeAll(async () => {
   await cleanDatabase()
   const { server } = createServer({
@@ -141,7 +147,36 @@ describe('inviteCodes', () => {
       expect(inviteCodes).toHaveLength(2)
     })
 
-    // const expiringInviteCode = inviteCodes.filter((ic) => ic.expiresAt !== null)
+    it('does not returns the created invite codes of other users when queried', async () => {
-    // const unExpiringInviteCode = inviteCodes.filter((ic) => ic.expiresAt === null)
+      await Factory.build('inviteCode')
+      const response = await query({ query: myInviteCodesQuery })
+      inviteCodes = response.data.MyInviteCodes
+      expect(inviteCodes).toHaveLength(2)
+    })
+
+    it('validates an invite code without expiresAt', async () => {
+      const unExpiringInviteCode = inviteCodes.filter((ic) => ic.expiresAt === null)[0].code
+      expect(
+        query({ query: isValidInviteCodeQuery, variables: { code: unExpiringInviteCode } }),
+      ).resolves.toBeTruthy()
+    })
+
+    it('validates an invite code with expiresAt in the future', async () => {
+      const expiringInviteCode = inviteCodes.filter((ic) => ic.expiresAt !== null)[0].code
+      expect(
+        query({ query: isValidInviteCodeQuery, variables: { code: expiringInviteCode } }),
+      ).resolves.toBeTruthy()
+    })
+
+    it.skip('does not validate an invite code which expired in the past', async () => {
+      const lastWeek = new Date()
+      lastWeek.setDate(lastWeek.getDate() - 7)
+      const code = await Factory.build('inviteCode', {
+        expiresAt: lastWeek.toISOString(),
+      })
+      expect(
+        query({ query: isValidInviteCodeQuery, variables: { code: code.code } }),
+      ).resolves.toBeFalsy()
+    })
   })
 })

backend/src/schema/types/type/InviteCode.gql

@@ -13,4 +13,5 @@ type Mutation {
 
 type Query {
   MyInviteCodes: [InviteCode]
+  isValidInviteCode(code: ID): Boolean
 }