ascribe/onion
1
0
Fork 0
mirror of https://github.com/ascribe/onion.git synced 2024-12-22 17:33:14 +01:00
Code Issues Releases Wiki Activity

Avoid unauthorized attempts at fetching ratings if user isn't an admin, judge, or jury

Browse Source
This commit is contained in:
Brett Sun 2015-12-10 13:01:48 +01:00
parent dcca228669
commit 34153c2322
1 changed files with 33 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
js/components/whitelabel/prize/simple_prize/components/ascribe_detail/prize_piece_container.js
View File

@ -112,7 +112,7 @@ let PieceContainer = React.createClass({
render() { render() {
if(this.state.piece && this.state.piece.id) { if(this.state.piece && this.state.piece.id) {
/* /*
This really needs a refactor! This really needs a refactor!
- Tim - Tim
@ -122,7 +122,7 @@ let PieceContainer = React.createClass({
let artistName = ((this.state.currentUser.is_jury && !this.state.currentUser.is_judge) || let artistName = ((this.state.currentUser.is_jury && !this.state.currentUser.is_judge) ||
(this.state.currentUser.is_judge && !this.state.piece.selected )) ? (this.state.currentUser.is_judge && !this.state.piece.selected )) ?
null : this.state.piece.artist_name; null : this.state.piece.artist_name;
// Only show the artist email if you are a judge and the piece is shortlisted // Only show the artist email if you are a judge and the piece is shortlisted
let artistEmail = (this.state.currentUser.is_judge && this.state.piece.selected ) ? let artistEmail = (this.state.currentUser.is_judge && this.state.piece.selected ) ?
<DetailProperty label={getLangText('REGISTREE')} value={ this.state.piece.user_registered } /> : null; <DetailProperty label={getLangText('REGISTREE')} value={ this.state.piece.user_registered } /> : null;
@ -146,7 +146,7 @@ let PieceContainer = React.createClass({
<NavigationHeader <NavigationHeader
piece={this.state.piece} piece={this.state.piece}
currentUser={this.state.currentUser}/> currentUser={this.state.currentUser}/>
<h1 className="ascribe-detail-title">{this.state.piece.title}</h1> <h1 className="ascribe-detail-title">{this.state.piece.title}</h1>
<DetailProperty label={getLangText('BY')} value={artistName} /> <DetailProperty label={getLangText('BY')} value={artistName} />
<DetailProperty label={getLangText('DATE')} value={Moment(this.state.piece.date_created, 'YYYY-MM-DD').year()} /> <DetailProperty label={getLangText('DATE')} value={Moment(this.state.piece.date_created, 'YYYY-MM-DD').year()} />
@ -176,8 +176,8 @@ let PieceContainer = React.createClass({
let NavigationHeader = React.createClass({ let NavigationHeader = React.createClass({
propTypes: { propTypes: {
piece: React.PropTypes.object, piece: React.PropTypes.object.isRequired,
currentUser: React.PropTypes.object currentUser: React.PropTypes.object.isRequired
}, },
render() { render() {
@ -213,9 +213,9 @@ let NavigationHeader = React.createClass({
let PrizePieceRatings = React.createClass({ let PrizePieceRatings = React.createClass({
propTypes: { propTypes: {
loadPiece: React.PropTypes.func, loadPiece: React.PropTypes.func.isRequired,
piece: React.PropTypes.object, piece: React.PropTypes.object.isRequired,
currentUser: React.PropTypes.object currentUser: React.PropTypes.object.isRequired
}, },
getInitialState() { getInitialState() {
@ -227,9 +227,15 @@ let PrizePieceRatings = React.createClass({
componentDidMount() { componentDidMount() {
PrizeRatingStore.listen(this.onChange); PrizeRatingStore.listen(this.onChange);
PrizeRatingActions.fetchOne(this.props.piece.id);
PrizeRatingActions.fetchAverage(this.props.piece.id);
PieceListStore.listen(this.onChange); PieceListStore.listen(this.onChange);
this.fetchRatingsIfAuthorized();
},
componentWillReceiveProps(nextProps) {
if (nextProps.currentUser.email !== this.props.currentUser.email) {
this.fetchRatingsIfAuthorized();
}
}, },
componentWillUnmount() { componentWillUnmount() {
@ -258,6 +264,21 @@ let PrizePieceRatings = React.createClass({
} }
}, },
fetchRatingsIfAuthorized() {
const {
currentUser: {
is_admin: isAdmin,
is_judge: isJudge,
is_jury: isJury
},
piece: { id: pieceId } } = this.props;
if (isAdmin || isJudge || isJury) {
PrizeRatingActions.fetchOne(pieceId);
PrizeRatingActions.fetchAverage(pieceId);
}
},
onRatingClick(event, args) { onRatingClick(event, args) {
event.preventDefault(); event.preventDefault();
PrizeRatingActions.createRating(this.props.piece.id, args.rating).then( PrizeRatingActions.createRating(this.props.piece.id, args.rating).then(
@ -425,12 +446,11 @@ let PrizePieceRatings = React.createClass({
let PrizePieceDetails = React.createClass({ let PrizePieceDetails = React.createClass({
propTypes: { propTypes: {
piece: React.PropTypes.object piece: React.PropTypes.object.isRequired
}, },
render() { render() {
if (this.props.piece if (this.props.piece.prize
&& this.props.piece.prize
&& this.props.piece.prize.name && this.props.piece.prize.name
&& Object.keys(this.props.piece.extra_data).length !== 0){ && Object.keys(this.props.piece.extra_data).length !== 0){
return ( return (