Flag Web Arena Super User Role

Author: fireice.topcoder

initializers/middleware.js

@@ -114,13 +114,13 @@ exports.middleware = function (api, next) {
                     return;
                 }
                 var split = decoded.sub.split("|");
-                if (split.length == 1) {
+                if (split.length === 1) {
                     // token.sub should contain "|"
                     cb(new IllegalArgumentError('Malformed Auth header. token.sub is in bad format!'));
                     return;
                 }
                 try {
-                    socialUserId = (split[split.length-1] || "").trim();
+                    socialUserId = (split[split.length - 1] || "").trim();
                     socialProvider = (split[0] || "").trim();
                 } catch (ignored) {
                     cb(new IllegalArgumentError('Malformed Auth header. Could not parse token.sub!'));
@@ -180,6 +180,9 @@ exports.middleware = function (api, next) {
                                 },
                                 isAdmin: function (cbk) {
                                     api.dataAccess.executeQuery("check_is_admin", {user_id: userId}, connectionMap, cbk);
+                                },
+                                isWebArenaSuper: function (cbk) {
+                                    api.dataAccess.executeQuery("check_is_web_arena_super", { user_id: userId }, connectionMap, cbk);
                                 }
                             }, cbx);
                         }, function (results, cbx) {
@@ -198,6 +201,7 @@ exports.middleware = function (api, next) {
                             } else {
                                 userInfo.accessLevel = "member";
                             }
+                            userInfo.isWebArenaSuper = results.isWebArenaSuper[0].count === 1;
                             cbx(null, userInfo);
                         }
                     ], cb);

queries/check_is_web_arena_super

@@ -0,0 +1,4 @@
+SELECT COUNT(*) AS count
+FROM informixoltp:group_user
+WHERE user_id = @user_id@
+AND group_id = 60

queries/check_is_web_arena_super.json

@@ -0,0 +1,5 @@
+{
+  "name"    : "check_is_web_arena_super",
+  "db"      : "common_oltp",
+  "sqlfile" : "check_is_web_arena_super"
+}

test/sqls/oauth/common_oltp__clean

@@ -1,4 +1,4 @@
 DELETE user_social_login where user_id in (400000, 400001);
 DELETE user_role_xref where user_role_id in (400000);
 DELETE security_user where login_id in (400001);
-DELETE user where user_id in (400000, 400001);
+DELETE user where user_id in (400000, 400001);

test/sqls/oauth/common_oltp__insert_test_data

@@ -17,4 +17,4 @@ INSERT INTO user_social_login(social_user_id, user_id, social_login_provider_id,
 INSERT INTO user_social_login(social_user_id, user_id, social_login_provider_id, social_user_name) VALUES ('git123456', 400001,4, 'user2');
 
 INSERT INTO user_social_login(social_user_id, user_id, social_login_provider_id, social_user_name) VALUES ('sf1234', 400000, 5, 'user1');
-INSERT INTO user_social_login(social_user_id, user_id, social_login_provider_id, social_user_name) VALUES ('sf123456', 400001,5, 'user2');
+INSERT INTO user_social_login(social_user_id, user_id, social_login_provider_id, social_user_name) VALUES ('sf123456', 400001,5, 'user2');

test/test.oauth.js

@@ -1,10 +1,12 @@
 /*
  * Copyright (C) 2014 TopCoder Inc., All Rights Reserved.
  *
- * @version 1.1
+ * @version 1.2
  * @author Sky_
  * changes in 1.1:
  * - add tests for Create Token api
+ * changes in 1.2:
+ * - Update tests to support isWebArenaSuper field.
  */
 "use strict";
 /*global describe, it, before, beforeEach, after, afterEach */
@@ -43,9 +45,10 @@ describe('Test Oauth', function () {
         adminSubSalesforce = "salesforce-oauth|sf123456",
         userSubAD = "ad|400000",
         adminSubAD = "ad|400001",
-        notFoundSub = "google-oauth|458965118758";
-    var jwtToken = "";
-    var jwtTokenCookieKey = process.env.JWT_TOKEN_COOKIE_KEY;
+        webArenaSuper = "ad|124861",
+        notFoundSub = "google-oauth|458965118758",
+        jwtToken = "",
+        jwtTokenCookieKey = process.env.JWT_TOKEN_COOKIE_KEY;
 
 
     /**
@@ -217,121 +220,129 @@ describe('Test Oauth', function () {
      */
     it('should be authorized as member (google)', function (done) {
         var oauth = generateAuthHeader({ sub: userSubGoogle });
-        assertResponse({accessLevel: "member", userId: 400000, handle: "normal_user"}, oauth, done);
+        assertResponse({accessLevel: "member", userId: 400000, handle: "normal_user", isWebArenaSuper: false }, oauth, done);
     });
 
     /**
      * /test/oauth/ with header
      */
     it('should be authorized as member (facebook)', function (done) {
         var oauth = generateAuthHeader({ sub: userSubFacebook });
-        assertResponse({accessLevel: "member", userId: 400000, handle: "normal_user"}, oauth, done);
+        assertResponse({accessLevel: "member", userId: 400000, handle: "normal_user", isWebArenaSuper: false }, oauth, done);
     });
 
     /**
      * /test/oauth/ with header
      */
     it('should be authorized as member (twitter)', function (done) {
         var oauth = generateAuthHeader({ sub: userSubTwitter });
-        assertResponse({accessLevel: "member", userId: 400000, handle: "normal_user"}, oauth, done);
+        assertResponse({accessLevel: "member", userId: 400000, handle: "normal_user", isWebArenaSuper: false }, oauth, done);
     });
 
     /**
      * /test/oauth/ with header
      */
     it('should be authorized as member (github)', function (done) {
         var oauth = generateAuthHeader({ sub: userSubGithub });
-        assertResponse({accessLevel: "member", userId: 400000, handle: "normal_user"}, oauth, done);
+        assertResponse({accessLevel: "member", userId: 400000, handle: "normal_user", isWebArenaSuper: false }, oauth, done);
     });
 
     /**
      * /test/oauth/ with header
      */
     it('should be authorized as member (salesforce)', function (done) {
         var oauth = generateAuthHeader({ sub: userSubSalesforce });
-        assertResponse({accessLevel: "member", userId: 400000, handle: "normal_user"}, oauth, done);
+        assertResponse({accessLevel: "member", userId: 400000, handle: "normal_user", isWebArenaSuper: false }, oauth, done);
     });
 
     /**
      * /test/oauth/ with header
      */
     it('should be authorized as member (ad)', function (done) {
         var oauth = generateAuthHeader({ sub: userSubAD});
-        assertResponse({accessLevel: "member", userId: 400000, handle: "normal_user"}, oauth, done);
+        assertResponse({accessLevel: "member", userId: 400000, handle: "normal_user", isWebArenaSuper: false }, oauth, done);
     });
 
     /**
      * /test/oauth/ with header
      */
     it('should be authorized as admin (google)', function (done) {
         var oauth = generateAuthHeader({ sub: adminSubGoogle});
-        assertResponse({accessLevel: "admin", userId: 400001, handle: "admin_user"}, oauth, done);
+        assertResponse({accessLevel: "admin", userId: 400001, handle: "admin_user", isWebArenaSuper: false }, oauth, done);
     });
 
     /**
      * /test/oauth/ with header
      */
     it('should be authorized as admin (facebook)', function (done) {
         var oauth = generateAuthHeader({ sub: adminSubFacebook});
-        assertResponse({accessLevel: "admin", userId: 400001, handle: "admin_user"}, oauth, done);
+        assertResponse({accessLevel: "admin", userId: 400001, handle: "admin_user", isWebArenaSuper: false }, oauth, done);
     });
 
     /**
      * /test/oauth/ with header
      */
     it('should be authorized as admin (twitter)', function (done) {
         var oauth = generateAuthHeader({ sub: adminSubTwitter});
-        assertResponse({accessLevel: "admin", userId: 400001, handle: "admin_user"}, oauth, done);
+        assertResponse({accessLevel: "admin", userId: 400001, handle: "admin_user", isWebArenaSuper: false }, oauth, done);
     });
 
     /**
      * /test/oauth/ with header
      */
     it('should be authorized as admin (github)', function (done) {
         var oauth = generateAuthHeader({ sub: adminSubGithub});
-        assertResponse({accessLevel: "admin", userId: 400001, handle: "admin_user"}, oauth, done);
+        assertResponse({accessLevel: "admin", userId: 400001, handle: "admin_user", isWebArenaSuper: false }, oauth, done);
     });
 
     /**
      * /test/oauth/ with header
      */
     it('should be authorized as admin (salesforce)', function (done) {
         var oauth = generateAuthHeader({ sub: adminSubSalesforce});
-        assertResponse({accessLevel: "admin", userId: 400001, handle: "admin_user"}, oauth, done);
+        assertResponse({accessLevel: "admin", userId: 400001, handle: "admin_user", isWebArenaSuper: false }, oauth, done);
     });
 
     /**
      * /test/oauth/ with header
      */
     it('should be authorized as admin (ad)', function (done) {
         var oauth = generateAuthHeader({ sub: adminSubAD});
-        assertResponse({accessLevel: "admin", userId: 400001, handle: "admin_user"}, oauth, done);
+        assertResponse({accessLevel: "admin", userId: 400001, handle: "admin_user", isWebArenaSuper: false }, oauth, done);
+    });
+
+    /**
+     * /test/oauth/ with web arena super user.
+     */
+    it('should be authorized as member and web arena super', function (done) {
+        var oauth = generateAuthHeader({ sub: webArenaSuper});
+        assertResponse({accessLevel: "member", userId: 124861, handle: "ksmith", isWebArenaSuper: true }, oauth, done);
     });
 
     /**
      * /test/oauth/ with header and cookie
      */
     it('should be authorized as admin (ad) with both header and cookie', function (done) {
-        var authHeader = generateAuthHeader({ sub: adminSubAD});
-        var authCookie = generateAuthCookie({ sub: adminSubAD});
-        assertResponseWithCookie({accessLevel: "admin", userId: 400001, handle: "admin_user"}, authHeader, authCookie, done);
+        var authHeader = generateAuthHeader({ sub: adminSubAD}),
+            authCookie = generateAuthCookie({ sub: adminSubAD});
+        assertResponseWithCookie({accessLevel: "admin", userId: 400001, handle: "admin_user", isWebArenaSuper: false }, authHeader, authCookie, done);
     });
 
     /**
      * /test/oauth/ with header and cookie
      */
     it('should be authorized as admin (ad) with header but invalid cookie', function (done) {
-        var authHeader = generateAuthHeader({ sub: adminSubAD});
-        var authCookie = jwtTokenCookieKey + "=asd";
-        assertResponseWithCookie({accessLevel: "admin", userId: 400001, handle: "admin_user"}, authHeader, authCookie, done);
+        var authHeader = generateAuthHeader({ sub: adminSubAD}),
+            authCookie = jwtTokenCookieKey + "=asd";
+        assertResponseWithCookie({accessLevel: "admin", userId: 400001, handle: "admin_user", isWebArenaSuper: false }, authHeader, authCookie, done);
     });
 
     /**
      * /test/oauth/ without header but with cookie
      */
     it('should be authorized as admin (ad) without header but with cookie', function (done) {
         var authCookie = generateAuthCookie({ sub: adminSubAD});
-        assertResponseWithCookie({accessLevel: "admin", userId: 400001, handle: "admin_user"}, null, authCookie, done);
+        assertResponseWithCookie({accessLevel: "admin", userId: 400001, handle: "admin_user", isWebArenaSuper: false }, null, authCookie, done);
     });
 
     /**
@@ -370,8 +381,8 @@ describe('Test Oauth', function () {
      * /test/oauth/ with invalid header but valid cookie
      */
     it('should return error if header is invalid but cookie is valid', function (done) {
-        var authHeader = generateAuthHeader({ sub: userSubGoogle});
-        var authCookie = generateAuthCookie({ sub: userSubGoogle});
+        var authHeader = generateAuthHeader({ sub: userSubGoogle}),
+            authCookie = generateAuthCookie({ sub: userSubGoogle});
         assertErrorResponseWithCookie(400, authHeader + "asd", authCookie, "Malformed Auth header", done);
     });
 
@@ -460,7 +471,7 @@ describe('Test Oauth', function () {
      */
     it('should be authorized as member (salesforce) - cache version', function (done) {
         var oauth = generateAuthHeader({ sub: userSubSalesforce }),
-            response = {accessLevel: "member", userId: 400000, handle: "normal_user"},
+            response = {accessLevel: "member", userId: 400000, handle: "normal_user", isWebArenaSuper: false},
             fun = assertResponse.bind(this, response, oauth);
         async.waterfall([
             fun,
@@ -506,7 +517,7 @@ describe('Test Oauth', function () {
                 .end(done);
         });
     });
-    
+
     describe("Refresh Token api", function () {
 
         /**