diff --git a/dal/db_query/queries.sql b/dal/db_query/queries.sql index 5e95203..4a581e6 100644 --- a/dal/db_query/queries.sql +++ b/dal/db_query/queries.sql @@ -1084,3 +1084,10 @@ UPDATE tgAccounts SET Deleted = true WHERE id = $1; -- name: SearchIDByAppIDanAppHash :one SELECT * FROM tgAccounts WHERE ApiID = $1 and ApiHash=$2 and Deleted = false; + +-- name: CheckQuestionOwner :one +SELECT qz.accountid FROM question q + JOIN quiz qz ON q.quiz_id = qz.id WHERE q.id = $1 AND qz.accountid = $2; + +-- name: CheckQuizOwner :one +SELECT accountid FROM quiz WHERE id = $1 AND accountid = $2; \ No newline at end of file diff --git a/dal/sqlcgen/queries.sql.go b/dal/sqlcgen/queries.sql.go index 8e9435c..c747912 100644 --- a/dal/sqlcgen/queries.sql.go +++ b/dal/sqlcgen/queries.sql.go @@ -3973,3 +3973,36 @@ func (q *Queries) WorkerTimeoutProcess(ctx context.Context) error { _, err := q.db.ExecContext(ctx, workerTimeoutProcess) return err } + +const checkQuestionOwner = `-- name: CheckQuestionOwner :one +SELECT qz.accountid FROM question q + JOIN quiz qz ON q.quiz_id = qz.id WHERE q.id = $1 AND qz.accountid = $2 +` + +type CheckQuestionOwnerParams struct { + ID int64 `db:"id" json:"id"` + Accountid string `db:"accountid" json:"accountid"` +} + +func (q *Queries) CheckQuestionOwner(ctx context.Context, arg CheckQuestionOwnerParams) (string, error) { + row := q.db.QueryRowContext(ctx, checkQuestionOwner, arg.ID, arg.Accountid) + var accountid string + err := row.Scan(&accountid) + return accountid, err +} + +const checkQuizOwner = `-- name: CheckQuizOwner :one +SELECT accountid FROM quiz WHERE id = $1 AND accountid = $2 +` + +type CheckQuizOwnerParams struct { + ID int64 `db:"id" json:"id"` + Accountid string `db:"accountid" json:"accountid"` +} + +func (q *Queries) CheckQuizOwner(ctx context.Context, arg CheckQuizOwnerParams) (string, error) { + row := q.db.QueryRowContext(ctx, checkQuizOwner, arg.ID, arg.Accountid) + var accountid string + err := row.Scan(&accountid) + return accountid, err +} \ No newline at end of file diff --git a/repository/question/question.go b/repository/question/question.go index 6c5bcaf..25cec6e 100644 --- a/repository/question/question.go +++ b/repository/question/question.go @@ -5,9 +5,9 @@ import ( "database/sql" "errors" "fmt" - "github.com/lib/pq" "gitea.pena/SQuiz/common/dal/sqlcgen" "gitea.pena/SQuiz/common/model" + "github.com/lib/pq" "sort" "strings" "sync" @@ -488,3 +488,17 @@ func (r *QuestionRepository) GetQuestionListByIDs(ctx context.Context, ids []int return questions, nil } + +func (r *QuestionRepository) CheckQuestionOwner(ctx context.Context, accountID string, questionID uint64) (bool, error) { + id, err := r.queries.CheckQuestionOwner(ctx, sqlcgen.CheckQuestionOwnerParams{ + ID: int64(questionID), + Accountid: accountID, + }) + if err != nil { + if errors.Is(err, sql.ErrNoRows) { + return false, nil + } + return false, err + } + return accountID == id, nil +} diff --git a/repository/quiz/quiz.go b/repository/quiz/quiz.go index 44cf9a4..a95daa1 100644 --- a/repository/quiz/quiz.go +++ b/repository/quiz/quiz.go @@ -6,10 +6,10 @@ import ( "encoding/json" "errors" "fmt" - "github.com/google/uuid" - "github.com/lib/pq" "gitea.pena/SQuiz/common/dal/sqlcgen" "gitea.pena/SQuiz/common/model" + "github.com/google/uuid" + "github.com/lib/pq" "strings" "sync" @@ -651,3 +651,18 @@ func (r *QuizRepository) TemplateCopy(ctx context.Context, accountID, qID string return quizID, nil } + +func (r *QuizRepository) CheckQuizOwner(ctx context.Context, accountID string, quizID uint64) (bool, error) { + id, err := r.queries.CheckQuizOwner(ctx, sqlcgen.CheckQuizOwnerParams{ + Accountid: accountID, + ID: int64(quizID), + }) + if err != nil { + if errors.Is(err, sql.ErrNoRows) { + return false, nil + } + return false, err + } + + return id == accountID, nil +}