Add past ctfs role

This role is between guest and member and allows a member to access
past ctfs. Access is denied for upcoming CTFs or active CTFs.

Author: JJ-8

api/migrations/20210701075424-past-ctf-role.js

@@ -0,0 +1,53 @@
+'use strict';
+
+var dbm;
+var type;
+var seed;
+var fs = require('fs');
+var path = require('path');
+var Promise;
+
+/**
+  * We receive the dbmigrate dependency from dbmigrate initially.
+  * This enables us to not have to rely on NODE_PATH.
+  */
+exports.setup = function(options, seedLink) {
+  dbm = options.dbmigrate;
+  type = dbm.dataType;
+  seed = seedLink;
+  Promise = options.Promise;
+};
+
+exports.up = function(db) {
+  var filePath = path.join(__dirname, 'sqls', '20210701075424-past-ctf-role-up.sql');
+  return new Promise( function( resolve, reject ) {
+    fs.readFile(filePath, {encoding: 'utf-8'}, function(err,data){
+      if (err) return reject(err);
+      console.log('received data: ' + data);
+
+      resolve(data);
+    });
+  })
+  .then(function(data) {
+    return db.runSql(data);
+  });
+};
+
+exports.down = function(db) {
+  var filePath = path.join(__dirname, 'sqls', '20210701075424-past-ctf-role-down.sql');
+  return new Promise( function( resolve, reject ) {
+    fs.readFile(filePath, {encoding: 'utf-8'}, function(err,data){
+      if (err) return reject(err);
+      console.log('received data: ' + data);
+
+      resolve(data);
+    });
+  })
+  .then(function(data) {
+    return db.runSql(data);
+  });
+};
+
+exports._meta = {
+  "version": 1
+};

api/migrations/20210701081957-past-ctf-functions.js

@@ -0,0 +1,53 @@
+'use strict';
+
+var dbm;
+var type;
+var seed;
+var fs = require('fs');
+var path = require('path');
+var Promise;
+
+/**
+  * We receive the dbmigrate dependency from dbmigrate initially.
+  * This enables us to not have to rely on NODE_PATH.
+  */
+exports.setup = function(options, seedLink) {
+  dbm = options.dbmigrate;
+  type = dbm.dataType;
+  seed = seedLink;
+  Promise = options.Promise;
+};
+
+exports.up = function(db) {
+  var filePath = path.join(__dirname, 'sqls', '20210701081957-past-ctf-functions-up.sql');
+  return new Promise( function( resolve, reject ) {
+    fs.readFile(filePath, {encoding: 'utf-8'}, function(err,data){
+      if (err) return reject(err);
+      console.log('received data: ' + data);
+
+      resolve(data);
+    });
+  })
+  .then(function(data) {
+    return db.runSql(data);
+  });
+};
+
+exports.down = function(db) {
+  var filePath = path.join(__dirname, 'sqls', '20210701081957-past-ctf-functions-down.sql');
+  return new Promise( function( resolve, reject ) {
+    fs.readFile(filePath, {encoding: 'utf-8'}, function(err,data){
+      if (err) return reject(err);
+      console.log('received data: ' + data);
+
+      resolve(data);
+    });
+  })
+  .then(function(data) {
+    return db.runSql(data);
+  });
+};
+
+exports._meta = {
+  "version": 1
+};

api/migrations/sqls/20210701075424-past-ctf-role-down.sql

@@ -0,0 +1,11 @@
+GRANT user_guest TO user_member;
+
+REVOKE user_guest FROM user_past_ctfs;
+
+REVOKE user_past_ctfs FROM user_member;
+
+UPDATE ctfnote_private.user SET role = 'user_guest'::ctfnote.role WHERE role = 'user_past_ctfs'::ctfnote.role;
+
+UPDATE ctfnote_private.invitation_link SET role = 'user_guest'::ctfnote.role WHERE role = 'user_past_ctfs'::ctfnote.role;
+
+DROP ROLE user_past_ctfs;

api/migrations/sqls/20210701075424-past-ctf-role-up.sql

@@ -0,0 +1,9 @@
+CREATE ROLE user_past_ctfs;
+
+REVOKE user_guest FROM user_member;
+
+GRANT user_guest TO user_past_ctfs;
+
+GRANT user_past_ctfs TO user_member;
+
+ALTER TYPE ctfnote.role ADD VALUE IF NOT EXISTS 'user_past_ctfs';

api/migrations/sqls/20210701081957-past-ctf-functions-down.sql

@@ -0,0 +1,20 @@
+CREATE OR REPLACE FUNCTION ctfnote_private.can_play_ctf (ctf_id int)
+  RETURNS boolean
+  AS $$
+  SELECT
+    ctfnote_private.is_member ()
+    OR (
+      SELECT
+        TRUE
+      FROM
+        ctfnote.invitation
+      WHERE
+        invitation.ctf_id = can_play_ctf.ctf_id
+        AND invitation.profile_id = ctfnote_private.current_id ())
+$$
+LANGUAGE sql
+STABLE;
+
+GRANT EXECUTE ON FUNCTION ctfnote_private.can_play_ctf TO user_guest;
+
+DROP FUNCTION ctfnote_private.is_past_ctfs ();

api/migrations/sqls/20210701081957-past-ctf-functions-up.sql

@@ -0,0 +1,37 @@
+--Check if current user is allowed to access past ctfs
+CREATE FUNCTION ctfnote_private.is_past_ctfs ()
+  RETURNS boolean
+  AS $$
+  SELECT
+    ctfnote_private.current_role () = 'user_past_ctfs'::ctfnote.role
+    OR ctfnote_private.is_member ();
+
+$$
+LANGUAGE sql
+STABLE;
+
+GRANT EXECUTE ON FUNCTION ctfnote_private.is_past_ctfs () TO user_anonymous;
+
+CREATE OR REPLACE FUNCTION ctfnote_private.can_play_ctf (ctf_id int)
+  RETURNS boolean
+  AS $$
+  SELECT
+    ctfnote_private.is_member ()
+    OR (
+      SELECT
+        TRUE
+      FROM
+        ctfnote.invitation
+      WHERE
+        invitation.ctf_id = can_play_ctf.ctf_id
+        AND invitation.profile_id = ctfnote_private.current_id ())
+    OR (
+        ctfnote_private.is_past_ctfs () 
+        AND 
+        (SELECT TRUE FROM ctfnote.ctf WHERE end_time < NOW() AND ctf.id = can_play_ctf.ctf_id)
+    )
+$$
+LANGUAGE sql
+STABLE;
+
+GRANT EXECUTE ON FUNCTION ctfnote_private.can_play_ctf TO user_guest;

front/src/boot/CTFNote.js

@@ -5,6 +5,7 @@ class CTFNote {
   constructor() {
     this.roles = {
       USER_GUEST: 1,
+      USER_PAST_CTFS: 5,
       USER_MEMBER: 2,
       USER_MANAGER: 3,
       USER_ADMIN: 4
@@ -80,6 +81,9 @@ class CTFNote {
   get isGuest() {
     return this.me.roleId >= this.roles.USER_GUEST;
   }
+  get isPastCtfs() {
+    return this.me.roleId >= this.roles.USER_PAST_CTFS;
+  }
   get isMember() {
     return this.me.roleId >= this.roles.USER_MEMBER;
   }