server for refapp and refbot and other stuff
0

Configure Feed

Select the types of activity you want to include in your feed.

fix: store player eventId as ObjectId in PUT /players/:discordId/events/:eventId (fixes event player counts)

alpine (Jul 16, 2026, 2:56 AM +0200) 53f5b627 63843a94

+35 -1
+5 -1
src/routes/players.ts
··· 1 1 import { Router } from 'express'; 2 + import { Types } from 'mongoose'; 2 3 import { Player } from '../models/index.js'; 3 4 import { requireAuth } from '../middleware/auth.js'; 4 5 import { param } from '../middleware/params.js'; ··· 101 102 try { 102 103 const discordId = param(req, 'discordId'); 103 104 const eventId = param(req, 'eventId'); 105 + if (!Types.ObjectId.isValid(eventId)) { 106 + throw new HttpError(400, 'invalid_event_id', 'eventId must be a valid ObjectId'); 107 + } 104 108 105 109 const doc = await Player.findOneAndUpdate( 106 110 { discordId }, 107 - { $addToSet: { events: eventId } }, 111 + { $addToSet: { events: new Types.ObjectId(eventId) } }, 108 112 { upsert: true, new: true }, 109 113 ); 110 114
+30
src/routes/routes.test.ts
··· 408 408 assert.equal(res.body.total, 0); 409 409 }); 410 410 411 + test('PUT /v1/players/:discordId/events/:eventId stores an ObjectId and counts on the event', async () => { 412 + const evt = await request(app) 413 + .post('/v1/events') 414 + .set('Authorization', auth(adminApiKey)) 415 + .send({ name: 'Counted Event For Players' }); 416 + const eventId = evt.body._id; 417 + 418 + const res = await request(app) 419 + .put(`/v1/players/999000111/events/${eventId}`) 420 + .set('Authorization', auth(refereeApiKey)); 421 + assert.equal(res.status, 200); 422 + assert.ok(Array.isArray(res.body.events)); 423 + assert.equal(res.body.events[0], eventId); 424 + 425 + // The event's player count must reflect the player (proves it was stored as a 426 + // real ObjectId that matches the event _id, not a mismatched string). 427 + const list = await request(app) 428 + .get('/v1/events') 429 + .set('Authorization', auth(readApiKey)); 430 + const stored = list.body.find((e: { _id: string }) => e._id === eventId); 431 + assert.equal(stored.playerCount, 1); 432 + }); 433 + 434 + test('PUT /v1/players/:discordId/events/:eventId rejects invalid eventId', async () => { 435 + const res = await request(app) 436 + .put('/v1/players/999000222/events/not-an-objectid') 437 + .set('Authorization', auth(refereeApiKey)); 438 + assert.equal(res.status, 400); 439 + }); 440 + 411 441 // ---------- Check-in / Approval ---------- 412 442 413 443 test('POST /v1/matches/:id/check-in marks a player as checked in', async () => {