bug fixes

HackIllinois · Oct 22, 2023 · cd6d084 · cd6d084
1 parent 11a4139
commit cd6d084
Showing 1 changed file with 13 additions and 5 deletions.
diff --git a/src/services/profile/profile-router.ts b/src/services/profile/profile-router.ts
@@ -57,13 +57,20 @@ profileRouter.get("/leaderboard/", async (req: Request, res: Response) => {
 
     // Returns NaN if invalid input is passed in
     if (limitString) {
-        const limit = parseInt(limitString);
+        let limit = parseInt(limitString);
 
         // Check for limit validity
         if (!limit || !isValidLimit) {
             return res.status(Constants.BAD_REQUEST).send({ error: "InvalidLimit" });
         }
 
+        // if the limit is above the leaderboard query limit, set it to the query limit
+        limit = Math.min(limit, Constants.LEADERBOARD_QUERY_LIMIT);
+
+        leaderboardQuery = leaderboardQuery.limit(limit);
+    } else {
+        const limit = Constants.LEADERBOARD_QUERY_LIMIT;
+
         leaderboardQuery = leaderboardQuery.limit(limit);
     }
     // Perform the actual query, filter, and return the results
@@ -162,10 +169,6 @@ profileRouter.get("/id/:USERID", strongJwtVerification, async (req: Request, res
     const userId: string | undefined = req.params.USERID;
     const payload: JwtPayload = res.locals.payload as JwtPayload;
 
-    if (!userId) {
-        return res.redirect("/user/");
-    }
-
     // Trying to perform elevated operation (getting someone else's profile without elevated perms)
     if (userId != payload.id && !hasElevatedPerms(payload)) {
         return res.status(Constants.FORBIDDEN).send({ error: "Forbidden" });
@@ -180,6 +183,11 @@ profileRouter.get("/id/:USERID", strongJwtVerification, async (req: Request, res
     return res.status(Constants.SUCCESS).send(user);
 });
 
+profileRouter.get("/id", (_: Request, res: Response) => {
+    // Redirect to the root URL
+    return res.redirect("/user");
+});
+
 /**
  * @api {post} /profile POST /profile
  * @apiGroup Profile