feat: add possibility to disable tickets generation

seed.sql

@@ -17,7 +17,8 @@ INSERT INTO `items` (`id`, `name`, `category`, `attribute`, `price`, `reducedPri
 INSERT INTO `settings` (`id`, `value`) VALUES
 ('login', 0),
 ('shop', 0),
-('trombi', 0);
+('trombi', 0),
+('tickets', 0);
 
 INSERT INTO `tournaments` (`id`, `name`, `maxPlayers`, `playersPerTeam`, `coachesPerTeam`, `cashprize`, `position`) VALUES
 ('lol', 'League of Legends', 160, 5, 2, 0, 1),

seed.test.sql

@@ -17,7 +17,8 @@ INSERT INTO `items` (`id`, `name`, `category`, `attribute`, `price`, `reducedPri
 INSERT INTO `settings` (`id`, `value`) VALUES
 ('login', 0),
 ('shop', 0),
-('trombi', 0);
+('trombi', 0),
+('tickets', 0);
 
 INSERT INTO `commission` (`id`, `name`, `nameOnBadge`, `position`, `color`, `masterCommissionId`) VALUES
 ('animation', 'Animation', 'Anim', 1, '#123456', NULL),

src/controllers/admin/settings/updateSetting.ts

@@ -4,7 +4,7 @@ import { hasPermission } from '../../../middlewares/authentication';
 import { validateBody } from '../../../middlewares/validation';
 import { notFound, success } from '../../../utils/responses';
 import { Error, Permission } from '../../../types';
-import { setTrombiAllowed, setLoginAllowed, setShopAllowed } from '../../../operations/settings';
+import { setTrombiAllowed, setLoginAllowed, setShopAllowed, setTicketsAllowed } from '../../../operations/settings';
 
 export default [
   // Middlewares
@@ -32,6 +32,10 @@ export default [
           result = await setTrombiAllowed(request.body.value);
           break;
         }
+        case 'tickets': {
+          result = await setTicketsAllowed(request.body.value);
+          break;
+        }
         default: {
           return notFound(response, Error.NotFound);
         }

src/controllers/tickets/getTicket.ts

@@ -8,6 +8,7 @@ import { Error, ItemCategory, TransactionState, UserType } from '../../types';
 import { generateTicket } from '../../utils/ticket';
 import { forbidden, notFound } from '../../utils/responses';
 import { getRequestInfo } from '../../utils/users';
+import { fetchSetting } from '../../operations/settings';
 
 export default [
   // Middlewares
@@ -16,6 +17,11 @@ export default [
   // Controller
   async (request: Request, response: Response, next: NextFunction) => {
     try {
+      const ticketsAllowed = (await fetchSetting('tickets')).value;
+      if (!ticketsAllowed) {
+        return forbidden(response, Error.TicketsNotAllowed);
+      }
+
       const { cartItemId } = request.params;
       const { user } = getRequestInfo(response);
       const team = user.teamId && (await fetchTeam(user.teamId));

src/operations/settings.ts

@@ -4,7 +4,7 @@ import { Setting } from '../types';
 
 export const fetchSettings = (): PrismaPromise<Setting[]> => database.setting.findMany();
 
-export const fetchSetting = (id: 'login' | 'shop' | 'trombi'): PrismaPromise<Setting> =>
+export const fetchSetting = (id: 'login' | 'shop' | 'trombi' | 'tickets'): PrismaPromise<Setting> =>
   database.setting.findUnique({ where: { id } });
 
 const setSettingAllowed = (id: string, allowed: boolean): PrismaPromise<Setting> =>
@@ -20,3 +20,4 @@ const setSettingAllowed = (id: string, allowed: boolean): PrismaPromise<Setting>
 export const setLoginAllowed = (allowed: boolean): PrismaPromise<Setting> => setSettingAllowed('login', allowed);
 export const setShopAllowed = (allowed: boolean): PrismaPromise<Setting> => setSettingAllowed('shop', allowed);
 export const setTrombiAllowed = (allowed: boolean): PrismaPromise<Setting> => setSettingAllowed('trombi', allowed);
+export const setTicketsAllowed = (allowed: boolean): PrismaPromise<Setting> => setSettingAllowed('tickets', allowed);

src/types.ts

@@ -313,6 +313,7 @@ export const enum Error {
   UserAlreadyScanned = "L'utilisateur a déjà scanné son billet",
   NotPaid = "Le billet n'a pas été payé",
   LoginNotAllowed = 'Tu ne peux pas te connecter actuellement',
+  TicketsNotAllowed = 'Tu ne peux pas voir ton billet actuellement',
   NotAdmin = "Tu n'es pas administrateur",
   ShopNotAllowed = 'La billetterie est fermée',
   TrombiNotAllowed = "Le trombinoscope n'est pas encore disponible",

tests/admin/settings/updateSetting.test.ts

@@ -5,7 +5,7 @@ import { sandbox } from '../../setup';
 import * as settingsOperations from '../../../src/operations/settings';
 import database from '../../../src/services/database';
 import { Error, Permission, User, UserType } from '../../../src/types';
-import { setLoginAllowed, setShopAllowed, setTrombiAllowed } from '../../../src/operations/settings';
+import { setLoginAllowed, setShopAllowed, setTrombiAllowed, setTicketsAllowed } from '../../../src/operations/settings';
 import { createFakeUser } from '../../utils';
 import { generateToken } from '../../../src/utils/users';
 
@@ -19,6 +19,7 @@ describe('PATCH /admin/settings', () => {
     await setLoginAllowed(true);
     await setShopAllowed(true);
     await setTrombiAllowed(true);
+    await setTicketsAllowed(true);
     await database.orga.deleteMany();
     await database.user.deleteMany();
   });
@@ -27,6 +28,7 @@ describe('PATCH /admin/settings', () => {
     await setLoginAllowed(true);
     await setShopAllowed(false);
     await setTrombiAllowed(false);
+    await setTicketsAllowed(false);
     admin = await createFakeUser({ permissions: [Permission.admin] });
     orga = await createFakeUser({ permissions: [Permission.orga] });
     nonAdminUser = await createFakeUser({ type: UserType.player });
@@ -99,6 +101,12 @@ describe('PATCH /admin/settings', () => {
       .set('Authorization', `Bearer ${adminToken}`)
       .expect(200, { id: 'trombi', value: false });
 
+    await request(app)
+      .patch('/admin/settings/tickets')
+      .send({ value: false })
+      .set('Authorization', `Bearer ${adminToken}`)
+      .expect(200, { id: 'tickets', value: false });
+
     const login = await settingsOperations.fetchSetting('login');
 
     expect(login.id).to.be.equal('login');
@@ -113,5 +121,10 @@ describe('PATCH /admin/settings', () => {
 
     expect(trombi.id).to.be.equal('trombi');
     expect(trombi.value).to.be.equal(false);
+
+    const tickets = await settingsOperations.fetchSetting('tickets');
+
+    expect(tickets.id).to.be.equal('tickets');
+    expect(tickets.value).to.be.equal(false);
   });
 });

tests/root/settings.test.ts

@@ -9,16 +9,18 @@ describe('GET /settings', () => {
     await settingsOperations.setLoginAllowed(false);
     await settingsOperations.setShopAllowed(false);
     await settingsOperations.setTrombiAllowed(false);
+    await settingsOperations.setTicketsAllowed(false);
 
-    await request(app).get('/settings').expect(200, { shop: false, login: false, trombi: false });
+    await request(app).get('/settings').expect(200, { shop: false, login: false, trombi: false, tickets: false });
   });
 
   it('should return the updated value', async () => {
     await settingsOperations.setLoginAllowed(true);
     await settingsOperations.setShopAllowed(true);
     await settingsOperations.setTrombiAllowed(true);
+    await settingsOperations.setTicketsAllowed(true);
 
-    await request(app).get('/settings').expect(200, { shop: true, login: true, trombi: true });
+    await request(app).get('/settings').expect(200, { shop: true, login: true, trombi: true, tickets: true });
   });
 
   it('should return an internal server error', async () => {

tests/setup.ts

@@ -9,7 +9,7 @@ import chai, { expect } from 'chai';
 import chaiString from 'chai-string';
 import sinon from 'sinon';
 import database from '../src/services/database';
-import { setLoginAllowed, setShopAllowed, setTrombiAllowed } from '../src/operations/settings';
+import { setLoginAllowed, setShopAllowed, setTicketsAllowed, setTrombiAllowed } from '../src/operations/settings';
 import { transporter } from '../src/services/email';
 import { disableFakeDiscordApi, enableFakeDiscordApi } from './discord';
 import { disableFakeUploadApi, enableFakeUploadApi } from './upload';
@@ -33,6 +33,7 @@ before(async () => {
   await setLoginAllowed(true);
   await setShopAllowed(true);
   await setTrombiAllowed(true);
+  await setTicketsAllowed(true);
 
   enableFakeDiscordApi();
   enableFakeUploadApi();
@@ -55,6 +56,7 @@ after(async () => {
   // Reset the database at it was
   await setLoginAllowed(false);
   await setShopAllowed(false);
+  await setTicketsAllowed(false);
 
   // Check that there is all tests where cleaning all their data. It is to prevent data concurrency
   // We check only tables that have dynamic data. (not seeded staticly)

tests/tickets/getTicket.test.ts

@@ -11,8 +11,9 @@ import { generateToken } from '../../src/utils/users';
 import { createCart, fetchCarts, updateCart } from '../../src/operations/carts';
 import { fetchAllItems } from '../../src/operations/item';
 import { fetchUser } from '../../src/operations/user';
+import { setTicketsAllowed } from '../../src/operations/settings';
 
-describe('POST /users/:userId/carts', () => {
+describe('GET /tickets', () => {
   let user: User;
   let token: string;
   let team: Team;
@@ -58,6 +59,17 @@ describe('POST /users/:userId/carts', () => {
     await database.user.deleteMany();
   });
 
+  it('should fail because tickets are not allowed', async () => {
+    await setTicketsAllowed(false);
+
+    await request(app)
+      .get(`/tickets/${ticket.id}`)
+      .set('Authorization', `Bearer ${token}`)
+      .expect(403, { error: Error.TicketsNotAllowed });
+
+    await setTicketsAllowed(true);
+  });
+
   it("should fail because cart item doesn't belong to the user", async () => {
     const otherUser = await createFakeUser({ type: UserType.player });
     const otherToken = generateToken(otherUser);