xTr1m/GameList
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use phase filters for suggestions; allow joker edge

Browse Source
This commit is contained in:
Frank Tovar
2026-02-05 17:17:38 +01:00
parent e3d4e2e687
commit b48723d48f
2 changed files with 5 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
Endpoints/SuggestEndpoints.cs
View File

@@ -116,10 +116,6 @@ public static class SuggestEndpoints
if (player is null) return Results.Unauthorized(); if (player is null) return Results.Unauthorized();
var isAdmin = await EndpointHelpers.IsAdmin(ctx, db); var isAdmin = await EndpointHelpers.IsAdmin(ctx, db);
var phase = await EndpointHelpers.GetPhase(db, player.Id);
if (!isAdmin && phase != Phase.Suggest)
return Results.BadRequest(new { error = "Suggestions are frozen; you can no longer delete them." });
var suggestion = isAdmin var suggestion = isAdmin
? await db.Suggestions.FirstOrDefaultAsync(s => s.Id == id) ? await db.Suggestions.FirstOrDefaultAsync(s => s.Id == id)
: await db.Suggestions.FirstOrDefaultAsync(s => s.Id == id && s.PlayerId == player.Id); : await db.Suggestions.FirstOrDefaultAsync(s => s.Id == id && s.PlayerId == player.Id);
@@ -144,13 +140,7 @@ public static class SuggestEndpoints
var player = await EndpointHelpers.GetAuthenticatedPlayer(ctx, db); var player = await EndpointHelpers.GetAuthenticatedPlayer(ctx, db);
var isAdmin = await EndpointHelpers.IsAdmin(ctx, db); var isAdmin = await EndpointHelpers.IsAdmin(ctx, db);
if (!isAdmin) if (!isAdmin && player is null) return Results.Unauthorized();
{
if (player is null) return Results.Unauthorized();
var phase = await EndpointHelpers.GetPhase(db, player.Id);
// Non-admins can edit optional fields after Suggest, but not the name
}
if (string.IsNullOrWhiteSpace(request.Name) || request.Name.Length > 100) if (string.IsNullOrWhiteSpace(request.Name) || request.Name.Length > 100)
{ {

6
Infrastructure/PhaseRequirementFilter.cs
View File

@@ -7,10 +7,12 @@ namespace GameList.Infrastructure;
public class PhaseRequirementFilter : IEndpointFilter public class PhaseRequirementFilter : IEndpointFilter
{ {
private readonly Phase _required; private readonly Phase _required;
private readonly bool _allowAdminOverride;
public PhaseRequirementFilter(Phase required) public PhaseRequirementFilter(Phase required, bool allowAdminOverride = false)
{ {
_required = required; _required = required;
_allowAdminOverride = allowAdminOverride;
} }
public async ValueTask<object?> InvokeAsync(EndpointFilterInvocationContext context, EndpointFilterDelegate next) public async ValueTask<object?> InvokeAsync(EndpointFilterInvocationContext context, EndpointFilterDelegate next)
@@ -21,7 +23,7 @@ public class PhaseRequirementFilter : IEndpointFilter
if (player is null) return Results.Unauthorized(); if (player is null) return Results.Unauthorized();
var phase = await EndpointHelpers.GetPhase(db, player.Id); var phase = await EndpointHelpers.GetPhase(db, player.Id);
if (phase != _required) if (phase != _required && !(_allowAdminOverride && player.IsAdmin))
{ {
return EndpointHelpers.PhaseMismatch(_required, phase); return EndpointHelpers.PhaseMismatch(_required, phase);
} }