Merge branch 'master' into beta-new

Author: dr3

functions/index.js

@@ -14,6 +14,7 @@ const path = require('path');
 const functions = require('firebase-functions/v1');
 const express = require('express');
 const user = require('./utilities/user');
+const privacyRouter = require('./utilities/privacy/router');
 const { countries } = require('./utilities/countries')
 const isProfileComplete = require('./utilities/profileComplete');
 const { getCleanAnswers, getPgPoints } = require('./utilities/pgPoints')
@@ -129,7 +130,12 @@ app.use((req, res, next) => {
 
 app.get('/', (req, res) => res.render('home'));
 app.get('/parallelograms', (req, res) => {
-  const latest = res.locals?.pages[res.locals?.user?.level]?.[0];
+  // If ?latest is set, redirect to latest PG for their level
+  // Graduated users are treated as year11 for this purpose
+  // This avoids a bug where `showWelcomeMsg` gets stuck on true
+  // because they retain the `latest` query param
+  const levelWithoutGraduated = (res.locals.user?.level === 'graduated') ? 'year11' : res.locals.user?.level;
+  const latest = res.locals?.pages[levelWithoutGraduated]?.[0];
 
   if(latest && req.query.latest) {
     return res.redirect(`/${latest.url}`)
@@ -152,6 +158,8 @@ app.get('/api/user', async (req, res) => {
   })
 });
 
+app.use('/api/privacy', privacyRouter)
+
 app.get('/api/get-user', async (req, res) => {
   const token = req.headers['parallel-token'];
 
@@ -193,7 +201,7 @@ app.get('/api/find-user', async (req, res) => {
 
   if(!found) return res.status(401).send({ error: 'no user data found' });
 
-  res.status(200).send(getTypeSafeUser({...found, email: authUser.email, privacy: user.getPrivacyState(authUser.email) }))
+  res.status(200).send(getTypeSafeUser({...found, email: authUser.email, privacy: user.getPrivacyState(authUser.email, found) }))
 });
 
 app.get('/api/user-answers', async (req, res) => {

functions/utilities/privacy/debugRouter.js

@@ -0,0 +1,152 @@
+const express = require("express");
+const router = express.Router();
+const firebase = require("firebase-admin");
+const {
+  firstSeenKey,
+  userNeedsGuardianTouchKey,
+  guardianPrivacyAuthTokenKey,
+  acceptedKey,
+  acceptedByKey,
+  isUnderThirteen,
+  getPrivacyState,
+  generateGuardianPrivacyAuthToken
+} = require("./utils");
+
+// /api/privacy/student/ultra-secret/view
+// /api/privacy/student/ultra-secret/reset/under13/new
+// /api/privacy/student/ultra-secret/reset/under13/8daysago
+// /api/privacy/student/ultra-secret/reset/over13/new
+// /api/privacy/student/ultra-secret/reset/over13/8daysago
+
+const userDB = firebase.firestore().collection("users");
+
+const studentMiddleware = (req, res, next) => {
+  if (!res?.locals?.user) {
+    return res.status(200).send({ error: "not logged in" });
+  }
+  next();
+};
+
+const getViewData = (req) => {
+  const allKeys = [
+    firstSeenKey,
+    userNeedsGuardianTouchKey,
+    guardianPrivacyAuthTokenKey,
+    acceptedKey,
+    acceptedByKey,
+    "birthMonth",
+    "birthYear",
+  ];
+
+  const data = {};
+
+  allKeys.forEach((key) => {
+    data[key] = req.user[key] || null;
+  });
+
+  data.privacyState = req.user.privacy || null;
+  data.isUnderThirteen = isUnderThirteen(req.user);
+
+  return data;
+};
+
+const getResponseBody = (req, updateBody) => {
+    return {
+      data: {
+        ...getViewData(req),
+        ...updateBody,
+        privacyState: getPrivacyState(req.user.email, { ...req.user, ...updateBody }),
+        isUnderThirteen: isUnderThirteen({ ...req.user, ...updateBody }),
+      },
+    }
+}
+
+router.get(
+  "/reset/under13/new",
+  studentMiddleware,
+  async (req, res) => {
+    const updateBody = {
+      [firstSeenKey]: null,
+      [userNeedsGuardianTouchKey]: null,
+      [guardianPrivacyAuthTokenKey]: null,
+      [acceptedKey]: null,
+      [acceptedByKey]: null,
+      birthMonth: '1',
+      birthYear: '2025',
+    };
+
+    await userDB.doc(req.user.uid).update(updateBody);
+
+    return res.status(200).send(getResponseBody(req, updateBody));
+  },
+);
+
+router.get(
+  "/reset/over13/new",
+  studentMiddleware,
+  async (req, res) => {
+    const updateBody = {
+      [firstSeenKey]: null,
+      [userNeedsGuardianTouchKey]: null,
+      [guardianPrivacyAuthTokenKey]: null,
+      [acceptedKey]: null,
+      [acceptedByKey]: null,
+      birthMonth: '1',
+      birthYear: '1990',
+    };
+
+    await userDB.doc(req.user.uid).update(updateBody);
+
+    return res.status(200).send(getResponseBody(req, updateBody));
+  },
+);
+
+router.get(
+  "/reset/under13/8daysago",
+  studentMiddleware,
+  async (req, res) => {
+    const updateBody = {
+      [firstSeenKey]: Date.now() - (8 * 24 * 60 * 60 * 1000),
+      [userNeedsGuardianTouchKey]: Date.now() - (8 * 24 * 60 * 60 * 1000),
+      [guardianPrivacyAuthTokenKey]: generateGuardianPrivacyAuthToken(),
+      [acceptedKey]: null,
+      [acceptedByKey]: null,
+      birthMonth: '1',
+      birthYear: '2025',
+    };
+
+    await userDB.doc(req.user.uid).update(updateBody);
+
+    return res.status(200).send(getResponseBody(req, updateBody));
+  },
+);
+
+router.get(
+  "/reset/over13/8daysago",
+  studentMiddleware,
+  async (req, res) => {
+    const updateBody = {
+      [firstSeenKey]: Date.now() - (8 * 24 * 60 * 60 * 1000),
+      [userNeedsGuardianTouchKey]: null,
+      [guardianPrivacyAuthTokenKey]: null,
+      [acceptedKey]: null,
+      [acceptedByKey]: null,
+      birthMonth: '1',
+      birthYear: '1990',
+    };
+
+    await userDB.doc(req.user.uid).update(updateBody);
+
+    return res.status(200).send(getResponseBody(req, updateBody));
+  },
+);
+
+router.get(
+  "/view",
+  studentMiddleware,
+  async (req, res) => {
+    return res.status(200).send({ data: getViewData(req) });
+  },
+);
+
+module.exports = router;