Rules for groups & response

src/be/jeffcheasey88/peeratcode/model/Group.java

@@ -125,14 +125,15 @@ public class Group implements Comparable<Group> {
 
 	@Override
 	public boolean equals(Object obj) {
-		if (this == obj)
-			return true;
-		if (obj == null)
-			return false;
-		if (getClass() != obj.getClass())
-			return false;
+		if(obj == this) return true;
+		if(obj == null) return false;
+		if(!(obj instanceof Group)) return false;
 		Group other = (Group) obj;
-		return Objects.equals(name, other.name);
+		return this.name.equals(other.name) && integerEquals(this.linkToChapter, other.linkToChapter) && integerEquals(this.linkToPuzzle, other.linkToPuzzle);
 	}
 
+	private boolean integerEquals(Integer a, Integer b){
+		if(a == null) return b == null;
+		return a.equals(b);
+	}
 }

src/be/jeffcheasey88/peeratcode/repository/DatabaseQuery.java

@@ -17,6 +17,7 @@ public enum DatabaseQuery {
 
 	// GROUPS
 	ALL_GROUPS("SELECT * FROM groups"),
+	GET_GROUP_FOR_PLAYER("SELECT g.* FROM groups g JOIN containsGroups cg ON cg.fk_group = c.id_group WHERE cg.fk_player = ? AND g.fk_chapter = ? AND g.fk_puzzle = ?"),
 	GET_GROUP_ID_BY_DATA("SELECT id_group FROM groups WHERE name = ? AND (fk_chapter = ? OR fk_puzzle = ?)"),
 	INSERT_GROUP("INSERT INTO groups (name, fk_chapter, fk_puzzle) VALUES (?,?,?)"),
 	INSERT_PLAYER_IN_GROUP("INSERT INTO containsGroups (fk_player, fk_group) VALUES (?,?)"),

src/be/jeffcheasey88/peeratcode/repository/DatabaseRepository.java

@@ -508,6 +508,20 @@ public class DatabaseRepository {
 		return false;
 	}
 	
+	public Group getPlayerGroup(int user, Integer chapter, Integer puzzle){
+		try {
+			ensureConnection();
+			PreparedStatement stmt = DatabaseQuery.GET_GROUP_FOR_PLAYER.prepare(this.con);
+			stmt.setInt(1, user);
+			stmt.setObject(2, chapter);
+			stmt.setObject(3, puzzle);
+			
+			ResultSet result = stmt.executeQuery();
+			if(result.next()) return makeGroup(result);
+		}catch(Exception e){}
+		return null;
+	}
+	
 	private int getGroupId(Group group) throws Exception{
 		ensureConnection();
 		PreparedStatement stmt = DatabaseQuery.GET_GROUP_ID_BY_DATA.prepare(this.con);

src/be/jeffcheasey88/peeratcode/routes/PuzzleResponse.java

@@ -45,6 +45,10 @@ public class PuzzleResponse implements Response {
 		//saveSourceCode(received, databaseRepo.getPlayer(user.getId()));
 
 		JSONObject responseJSON = new JSONObject();
+		if(this.databaseRepo.getScore(user.getId(), 0) >= received.getPuzzleId()){
+			HttpUtil.responseHeaders(writer, 403, "Access-Control-Allow-Origin: *");
+			return;
+		}
 		Puzzle currentPuzzle = databaseRepo.getPuzzle(received.getPuzzleId());
 		Completion completion = databaseRepo.insertOrUpdatePuzzleResponse(received.getPuzzleId(), user.getId(),
 				received.getFileName(), received.getSourceCode(), received.getResponse(), currentPuzzle);

src/be/jeffcheasey88/peeratcode/routes/groups/GroupCreate.java

@@ -25,7 +25,15 @@ public class GroupCreate implements Response {
 
 	@Route(path = "^\\/groupCreate$", type = POST, needLogin = true)
 	public void exec(Matcher matcher, User user, HttpReader reader, HttpWriter writer) throws Exception{
-		if (this.repo.insertGroup(new Group((JSONObject) HttpUtil.readJson(reader)), user)) {
+		Group group = new Group((JSONObject) HttpUtil.readJson(reader));
+		
+		Group userGroup = this.repo.getPlayerGroup(user.getId(), group.getLinkToChapter(), group.getLinkToPuzzle());
+		if(group.equals(userGroup)){
+			HttpUtil.responseHeaders(writer, 403, "Access-Control-Allow-Origin: *");
+			return;
+		}
+		
+		if (this.repo.insertGroup(group, user)) {
 			HttpUtil.responseHeaders(writer, 200, "Access-Control-Allow-Origin: *");
 		} else {
 			HttpUtil.responseHeaders(writer, 403, "Access-Control-Allow-Origin: *");

src/be/jeffcheasey88/peeratcode/routes/groups/GroupJoin.java

@@ -25,7 +25,15 @@ public class GroupJoin implements Response{
 
 	@Route(path = "^\\/groupJoin$", type = POST, needLogin = true)
 	public void exec(Matcher matcher, User user, HttpReader reader, HttpWriter writer) throws Exception{
-		if (this.repo.insertUserInGroup(new Group((JSONObject) HttpUtil.readJson(reader)), user)) {
+		Group group = new Group((JSONObject) HttpUtil.readJson(reader));
+		
+		Group userGroup = this.repo.getPlayerGroup(user.getId(), group.getLinkToChapter(), group.getLinkToPuzzle());
+		if(group.equals(userGroup)){
+			HttpUtil.responseHeaders(writer, 403, "Access-Control-Allow-Origin: *");
+			return;
+		}
+		
+		if (this.repo.insertUserInGroup(group, user)) {
 			HttpUtil.responseHeaders(writer, 200, "Access-Control-Allow-Origin: *");
 		} else {
 			HttpUtil.responseHeaders(writer, 403, "Access-Control-Allow-Origin: *");

src/be/jeffcheasey88/peeratcode/routes/groups/GroupQuit.java

@@ -25,7 +25,15 @@ public class GroupQuit implements Response{
 
 	@Route(path = "^\\/groupQuit$", type = POST, needLogin = true)
 	public void exec(Matcher matcher, User user, HttpReader reader, HttpWriter writer) throws Exception{
-		if (this.repo.leaveGroup(new Group((JSONObject) HttpUtil.readJson(reader)), user)) {
+		Group group = new Group((JSONObject) HttpUtil.readJson(reader));
+		
+		Group userGroup = this.repo.getPlayerGroup(user.getId(), group.getLinkToChapter(), group.getLinkToPuzzle());
+		if(!group.equals(userGroup)){
+			HttpUtil.responseHeaders(writer, 403, "Access-Control-Allow-Origin: *");
+			return;
+		}
+		
+		if (this.repo.leaveGroup(group, user)) {
 			HttpUtil.responseHeaders(writer, 200, "Access-Control-Allow-Origin: *");
 		} else {
 			HttpUtil.responseHeaders(writer, 403, "Access-Control-Allow-Origin: *");