diff --git a/handler/quiz/take.go b/handler/quiz/take.go index 06499ed4839bd8e9ce07d009b3122656d311fb9c..553c6ab6377efbf9ce218a5bd0e9fac1a2d9bc62 100644 --- a/handler/quiz/take.go +++ b/handler/quiz/take.go @@ -104,7 +104,7 @@ func (m QuizHandlerImpl) GetQuizSolution(w http.ResponseWriter, r *http.Request) return } - detail, err := m.GetSolutionQuiz(r.Context(), quizId, user.Email) + detail, err := m.GetSolutionQuiz(r.Context(), quizId, user) if err != nil { respErr, ok := err.(web.ResponseError) diff --git a/repository/quiz/impl.go b/repository/quiz/impl.go index 72ff3800d9dba38ab9285c9bcea6c5f22ed25118..3a6e013af162d89a545cbfb1897a166ecdef1dbe 100644 --- a/repository/quiz/impl.go +++ b/repository/quiz/impl.go @@ -95,5 +95,9 @@ func (q *QuizRepositoryImpl) GetLastTake(quizId uuid.UUID, userEmail string) (*q Where("quiz_id = ? AND email = ?", quizId, userEmail). Last(result).Error + if errors.Is(err, gorm.ErrRecordNotFound) { + return nil, nil + } + return result, err } diff --git a/service/quiz/impl.go b/service/quiz/impl.go index 3898cd448978c6604f71f68e7561077c9c396a00..1980c82519ccb4b7971dc573ae35b7067791a13f 100644 --- a/service/quiz/impl.go +++ b/service/quiz/impl.go @@ -7,7 +7,9 @@ import ( "github.com/google/uuid" "gitlab.informatika.org/ocw/ocw-backend/model/domain/quiz" + userDomain "gitlab.informatika.org/ocw/ocw-backend/model/domain/user" "gitlab.informatika.org/ocw/ocw-backend/model/web" + "gitlab.informatika.org/ocw/ocw-backend/model/web/auth/token" "gitlab.informatika.org/ocw/ocw-backend/provider/storage" quizRepo "gitlab.informatika.org/ocw/ocw-backend/repository/quiz" ) @@ -76,26 +78,30 @@ func (q QuizServiceImpl) DoTakeQuiz(ctx context.Context, quizId uuid.UUID, email return result, nil } -func (q QuizServiceImpl) GetSolutionQuiz(ctx context.Context, quizId uuid.UUID, email string) (*quiz.QuizDetail, error) { +func (q QuizServiceImpl) GetSolutionQuiz(ctx context.Context, quizId uuid.UUID, user token.UserClaim) (*quiz.QuizDetail, error) { result, err := q.getQuizDetail(ctx, quizId) if err != nil { return nil, err } - _, err = q.GetLastTake(quizId, email) + last, err := q.GetLastTake(quizId, user.Email) if err != nil { return nil, err } - taken, err := q.IsActiveTake(quizId, email) + if last == nil && user.Role == userDomain.Student { + return nil, web.NewResponseError("user is not allow to access this data", "ERR_NOT_ALLOWED") + } + + taken, err := q.IsActiveTake(quizId, user.Email) if err != nil { return nil, err } - if taken { + if taken && user.Role == userDomain.Student { return nil, web.NewResponseError("user is not allow to access this data", "ERR_NOT_ALLOWED") } diff --git a/service/quiz/type.go b/service/quiz/type.go index 7c97e4965500fb25f75c19a4117c536559fcf9a8..04b299c4c609c291cc84ef23b664ce1fdd2503d5 100644 --- a/service/quiz/type.go +++ b/service/quiz/type.go @@ -5,6 +5,7 @@ import ( "github.com/google/uuid" "gitlab.informatika.org/ocw/ocw-backend/model/domain/quiz" + "gitlab.informatika.org/ocw/ocw-backend/model/web/auth/token" ) type QuizService interface { @@ -13,5 +14,5 @@ type QuizService interface { DoTakeQuiz(ctx context.Context, quizId uuid.UUID, email string) (*quiz.QuizDetail, error) DoFinishQuiz(ctx context.Context, quizId uuid.UUID, email string, studentAnswer []quiz.Response) (*quiz.QuizTake, error) - GetSolutionQuiz(ctx context.Context, quizId uuid.UUID, email string) (*quiz.QuizDetail, error) + GetSolutionQuiz(ctx context.Context, quizId uuid.UUID, user token.UserClaim) (*quiz.QuizDetail, error) }