topcoder-platform · ThomasKranitsas · Jul 15, 2019 · Jul 15, 2019 · Jul 15, 2019
diff --git a/README.md b/README.md
@@ -38,8 +38,9 @@ The following parameters can be set in config files or in env variables:
 - ES.ES_TYPE: Elasticsearch index type
 - ES.ES_REFRESH: Elasticsearch refresh method. Default to string `true`(i.e. refresh immediately)
 - FILE_UPLOAD_SIZE_LIMIT: the file upload size limit in bytes
-- CHALLENGES_API_URL: TC challenges API base URL
+- RESOURCES_API_URL: TC resources API base URL
 - GROUPS_API_URL: TC groups API base URL
+- PROJECTS_API_URL: TC projects API base URL
 - COPILOT_RESOURCE_ROLE_IDS: copilot resource role ids allowed to upload attachment
 - HEALTH_CHECK_TIMEOUT: health check timeout in milliseconds
 - SCOPES: the configurable M2M token scopes, refer `config/default.js` for more details
@@ -76,6 +77,7 @@ It starts Elasticsearch, DynamoDB and S3 compatible server.
 
 ## Mock api
 For postman verification, please use the mock api under mock-api folder. It provides mock endpoint to fetch challenge resources and groups.
+You need to ensure DynamoDB configuration in `mock-api/config/default.js` is consistent with `config/default.js`
 Go to `mock-api` folder and run command `npm run start` to start the mock-api listening on port 4000
 
 ## Create Tables
@@ -90,6 +92,7 @@ Go to `mock-api` folder and run command `npm run start` to start the mock-api li
 4. Initialize/Clear database in default environment: `npm run init-db`
 5. View table data in default environment: `npm run view-data <ModelName>`, ModelName can be `Challenge`, `ChallengeType`, `ChallengeSetting`, `AuditLog`, `Phase`, `TimelineTemplate`or `Attachment`
 6. Create Elasticsearch index: `npm run init-db`, or to re-create index: `npm run init-db force`
+7. Synchronize ES data and DynamoDB data: `npm run sync-es`
 
 ### Notes
 - The seed data are located in `src/scripts/seed`
@@ -115,6 +118,7 @@ Go to `mock-api` folder and run command `npm run start` to start the mock-api li
 - Create DynamoDB tables.
 - Initialize ES index.
 - Various config parameters should be properly set.
+
 Seeding db data is not needed.
 
 ### Running unit tests

diff --git a/Verification.md b/Verification.md
@@ -1,8 +1,10 @@
 # TopCoder Challenge API Verification
 
 ## Postman tests
+- clear the environment, run command `npm run init-db` and `npm run init-es force`
 - import Postman collection and environment in the docs folder to Postman
 - run tests from up to down in order
+- You need to run command `npm run sync-es` before you run `Challenges/get challenge` and `Challenges/search challenge` test case.
 
 ## DynamoDB Verification
 Run command `npm run view-data <ModelName>` to view table data, ModelName can be `Challenge`, `ChallengeType`, `ChallengeSetting`, `AuditLog`, `Phase`, `TimelineTemplate`or `Attachment`

diff --git a/app-routes.js b/app-routes.js
@@ -59,6 +59,8 @@ module.exports = (app) => {
               if (def.access && !helper.checkIfExists(def.access, req.authUser.roles)) {
                 next(new errors.ForbiddenError('You are not allowed to perform this action!'))
               } else {
+                // user token is used in create/update challenge to ensure user can create/update challenge under specific project
+                req.userToken = req.headers.authorization.split(' ')[1]
                 next()
               }
             } else {

diff --git a/app.js b/app.js
@@ -58,7 +58,7 @@ require('./app-routes')(app)
 app.use((err, req, res, next) => {
   logger.logFullError(err, req.signature || `${req.method} ${req.url}`)
   const errorResponse = {}
-  const status = err.isJoi ? HttpStatus.BAD_REQUEST : (err.httpStatus || HttpStatus.INTERNAL_SERVER_ERROR)
+  const status = err.isJoi ? HttpStatus.BAD_REQUEST : (err.httpStatus || _.get(err, 'response.status') || HttpStatus.INTERNAL_SERVER_ERROR)
 
   if (_.isArray(err.details)) {
     if (err.isJoi) {
@@ -73,6 +73,11 @@ app.use((err, req, res, next) => {
       })
     }
   }
+  if (_.get(err, 'response.status')) {
+    // extra error message from axios http response(v4 and v5 tc api)
+    errorResponse.message = _.get(err, 'response.data.result.content.message') || _.get(err, 'response.data.message')
+  }
+
   if (_.isUndefined(errorResponse.message)) {
     if (err.message && status !== HttpStatus.INTERNAL_SERVER_ERROR) {
       errorResponse.message = err.message

diff --git a/config/default.js b/config/default.js
@@ -42,8 +42,9 @@ module.exports = {
   // in bytes
   FILE_UPLOAD_SIZE_LIMIT: process.env.FILE_UPLOAD_SIZE_LIMIT
     ? Number(process.env.FILE_UPLOAD_SIZE_LIMIT) : 50 * 1024 * 1024, // 50M
-  CHALLENGES_API_URL: process.env.CHALLENGES_API_URL || 'http://localhost:4000/v5/challenges',
+  RESOURCES_API_URL: process.env.RESOURCES_API_URL || 'http://localhost:4000/v5/resources',
   GROUPS_API_URL: process.env.GROUPS_API_URL || 'http://localhost:4000/v5/groups',
+  PROJECTS_API_URL: process.env.PROJECTS_API_URL || 'http://localhost:4000/v4/projects',
   // copilot resource role ids allowed to upload attachment
   COPILOT_RESOURCE_ROLE_IDS: process.env.COPILOT_RESOURCE_ROLE_IDS
     ? process.env.COPILOT_RESOURCE_ROLE_IDS.split(',') : ['10ba038e-48da-487b-96e8-8d3b99b6d18b'],

diff --git a/docs/swagger.yaml b/docs/swagger.yaml
@@ -156,6 +156,11 @@ paths:
           description: Filter by 'updatedBy' field, case-insensitive, partial matches are allowed.
           required: false
           type: string
+        - name: memberId
+          in: query
+          description: Filter by member, only return challenges this member can access to
+          required: false
+          type: string
       responses:
         '200':
           description: OK