xTr1m/GameList
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Lock suggestions after reveal and move per-phase navigation

Browse Source
This commit is contained in:
Frank Tovar
2026-02-04 21:59:26 +01:00
parent e5e27af0af
commit ea0f8f2e27
8 changed files with 252 additions and 73 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
Endpoints/StateEndpoints.cs
View File

@@ -35,10 +35,11 @@ public static class StateEndpoints
return Results.Ok(new { player.Id, player.DisplayName, player.Username, player.IsAdmin, player.CurrentPhase });
});
app.MapPost("/api/me/phase/next", async (HttpContext ctx, AppDbContext db) =>
app.MapPost("/api/me/phase/next", async (HttpContext ctx, AppDbContext db, IConfiguration config) =>
{
var player = await EndpointHelpers.GetAuthenticatedPlayer(ctx, db);
if (player is null) return Results.Unauthorized();
var isAdmin = await EndpointHelpers.IsAdmin(ctx, db, config);
var next = NextPhase(player.CurrentPhase);
var appState = await db.AppState.FirstAsync();
@@ -48,15 +49,21 @@ public static class StateEndpoints
return Results.BadRequest(new { error = "Results are locked until the admin enables them." });
}
// Non-admins can only move forward
player.CurrentPhase = next;
await db.SaveChangesAsync();
return Results.Ok(new { player.CurrentPhase, appState.ResultsOpen });
});
app.MapPost("/api/me/phase/prev", async (HttpContext ctx, AppDbContext db) =>
app.MapPost("/api/me/phase/prev", async (HttpContext ctx, AppDbContext db, IConfiguration config) =>
{
var player = await EndpointHelpers.GetAuthenticatedPlayer(ctx, db);
if (player is null) return Results.Unauthorized();
var isAdmin = await EndpointHelpers.IsAdmin(ctx, db, config);
if (!isAdmin)
{
return Results.BadRequest(new { error = "Only admins can move backward." });
}
player.CurrentPhase = PrevPhase(player.CurrentPhase);
await db.SaveChangesAsync();

14
Endpoints/SuggestEndpoints.cs
View File

@@ -14,9 +14,6 @@ public static class SuggestEndpoints
{
var player = await EndpointHelpers.GetAuthenticatedPlayer(ctx, db);
if (player is null) return Results.Unauthorized();
var phase = await EndpointHelpers.GetPhase(db, player.Id);
if (phase != Phase.Suggest)
return EndpointHelpers.PhaseMismatch(Phase.Suggest, phase);
var mine = await db.Suggestions.AsNoTracking()
.Where(s => s.PlayerId == player.Id)
.Select(s => new
@@ -104,7 +101,7 @@ public static class SuggestEndpoints
var phase = await EndpointHelpers.GetPhase(db, player.Id);
if (!isAdmin && phase != Phase.Suggest)
return EndpointHelpers.PhaseMismatch(Phase.Suggest, phase);
return Results.BadRequest(new { error = "Suggestions are frozen; you can no longer delete them." });
var suggestion = isAdmin
? await db.Suggestions.FirstOrDefaultAsync(s => s.Id == id)
@@ -127,8 +124,7 @@ public static class SuggestEndpoints
if (player is null) return Results.Unauthorized();
var phase = await EndpointHelpers.GetPhase(db, player.Id);
if (phase != Phase.Suggest)
return EndpointHelpers.PhaseMismatch(Phase.Suggest, phase);
// Non-admins can edit optional fields after Suggest, but not the name
}
if (string.IsNullOrWhiteSpace(request.Name) || request.Name.Length > 100)
@@ -157,7 +153,11 @@ public static class SuggestEndpoints
return Results.Unauthorized();
}
suggestion.Name = request.Name.Trim();
var isSuggestPhase = isAdmin ? true : await EndpointHelpers.GetPhase(db, player?.Id ?? Guid.Empty) == Phase.Suggest;
if (isSuggestPhase || isAdmin)
{
suggestion.Name = request.Name.Trim();
}
suggestion.Genre = EndpointHelpers.TrimTo(request.Genre, 50);
suggestion.Description = EndpointHelpers.TrimTo(request.Description, 500);
suggestion.ScreenshotUrl = EndpointHelpers.TrimTo(request.ScreenshotUrl, 2048);