adjusted GET /user/following (#196)

* adjusted get /user/following/ * formatting adjustments * removed unnecessary tests
HackIllinois · Feb 15, 2024 · a21a0fd · a21a0fd
1 parent 63184cb
commit a21a0fd
Show file tree

Hide file tree

Showing 2 changed files with 27 additions and 50 deletions.
diff --git a/src/services/user/user-router.test.ts b/src/services/user/user-router.test.ts
@@ -230,21 +230,21 @@ describe("GET /user/following/", () => {
         });
     });
 
-    it("gives an not found error for a non-existent user", async () => {
-        await Models.AttendeeFollowing.deleteOne({
-            userId: TESTER_ATTENDEE_FOLLOWING.userId,
-        });
+    // it("gives an not found error for a non-existent user", async () => {
+    //     await Models.AttendeeFollowing.deleteOne({
+    //         userId: TESTER_ATTENDEE_FOLLOWING.userId,
+    //     });
 
-        await Models.UserInfo.deleteOne({
-            userId: TESTER_ATTENDEE_FOLLOWING.userId,
-        });
+    //     await Models.UserInfo.deleteOne({
+    //         userId: TESTER_ATTENDEE_FOLLOWING.userId,
+    //     });
 
-        const response = await getAsStaff(`/user/following/`)
-            .send({ userId: TESTER_ATTENDEE_FOLLOWING.userId })
-            .expect(StatusCode.ClientErrorNotFound);
+    //     const response = await getAsStaff(`/user/following/`)
+    //         .send({ userId: TESTER_ATTENDEE_FOLLOWING.userId })
+    //         .expect(StatusCode.ClientErrorNotFound);
 
-        expect(JSON.parse(response.text)).toHaveProperty("error", "UserNotFound");
-    });
+    //     expect(JSON.parse(response.text)).toHaveProperty("error", "UserNotFound");
+    // });
 
     it("works for a staff user", async () => {
         const response = await getAsStaff(`/user/following/`)
@@ -257,18 +257,18 @@ describe("GET /user/following/", () => {
         });
     });
 
-    it("gives an forbidden for a indirection operation without staff perms", async () => {
-        const response = await getAsAttendee(`/user/following/`)
-            .send({ userId: OTHER_USER.userId })
-            .expect(StatusCode.ClientErrorForbidden);
-        expect(JSON.parse(response.text)).toHaveProperty("error", "Forbidden");
-    });
+    // it("gives an forbidden for a indirection operation without staff perms", async () => {
+    //     const response = await getAsAttendee(`/user/following/`)
+    //         .send({ userId: OTHER_USER.userId })
+    //         .expect(StatusCode.ClientErrorForbidden);
+    //     expect(JSON.parse(response.text)).toHaveProperty("error", "Forbidden");
+    // });
 
-    it("throws an error for no userId passed in", async () => {
-        const response = await getAsAttendee(`/user/following/`).expect(StatusCode.ClientErrorBadRequest);
+    // it("throws an error for no userId passed in", async () => {
+    //     const response = await getAsAttendee(`/user/following/`).expect(StatusCode.ClientErrorBadRequest);
 
-        expect(JSON.parse(response.text)).toHaveProperty("error", "BadRequest");
-    });
+    //     expect(JSON.parse(response.text)).toHaveProperty("error", "BadRequest");
+    // });
 });
 
 describe("PUT /user/follow/", () => {

diff --git a/src/services/user/user-router.ts b/src/services/user/user-router.ts
@@ -124,14 +124,9 @@ userRouter.get("/", strongJwtVerification, async (_: Request, res: Response, nex
 /**
  * @api {get} /user/following/ GET /user/following/
  * @apiGroup User
- * @apiDescription Get events that a specific user is following.
+ * @apiDescription Get events that the given user is following
  *
- * @apiHeader {String} Authorization User's JWT Token with staff permissions.
- * @apiBody {String} userId The unique identifier of the user.
- * @apiParamExample {json} Request-Example:
- *     {
- *       "userId": "provider00001"
- *     }
+ * @apiHeader {String} Authorization User's JWT Token
  * @apiSuccess (200: Success) {String} userId ID of the user
  * @apiSuccess (200: Success) {String[]} following Events that the user is following AFTER the operation is performed.
  * @apiSuccessExample {json} Example Success:
@@ -140,30 +135,12 @@ userRouter.get("/", strongJwtVerification, async (_: Request, res: Response, nex
  		"following": ["event1", "event2", "event3"]
  * 	}
  * @apiUse strongVerifyErrors
- * @apiError (400: Bad Request) {String} BadRequest No userId passed in.
- * @apiError (404: Not Found) {String} UserNotFound User with the given ID not found.
- * @apiError (403: Forbidden) {String} Forbidden User does not have staff permissions.
 */
-userRouter.get("/following/", strongJwtVerification, async (req: Request, res: Response, next: NextFunction) => {
+userRouter.get("/following/", strongJwtVerification, async (_: Request, res: Response) => {
     const payload: JwtPayload = res.locals.payload as JwtPayload;
-    const userId: string | undefined = req.body.userId;
-
-    if (!userId) {
-        return next(new RouterError(StatusCode.ClientErrorBadRequest, "BadRequest"));
-    }
-
-    // Reject request if target user isn't the current user and we're not staff
-    if (payload.id != userId && !hasStaffPerms(payload)) {
-        return next(new RouterError(StatusCode.ClientErrorForbidden, "Forbidden"));
-    }
-
-    const userExists: boolean = (await Models.UserInfo.findOne({ userId: userId })) ?? false;
-    if (!userExists) {
-        return next(new RouterError(StatusCode.ClientErrorNotFound, "UserNotFound"));
-    }
 
-    const following: AttendeeFollowing | null = await Models.AttendeeFollowing.findOne({ userId: userId });
-    return res.status(StatusCode.SuccessOK).send({ userId: userId, events: following?.following || [] });
+    const following: AttendeeFollowing | null = await Models.AttendeeFollowing.findOne({ userId: payload.id });
+    return res.status(StatusCode.SuccessOK).send({ userId: payload.id, events: following?.following });
 });
 
 /**