awards: team awards safe endpoint
All awards data (results) must only be fetched from the AwardsModule
, where they will be safe-checked based on the JudgingPhases
for the competition. This way, we ensure no awards is leaked between ratification meeting the final day show.
To understand
Previously, we used to query teams data like this (simplified):
function findTeam(teamID: TeamID): Promise<Team> {
return await this.repository.findOneOrFail({
where: { id: teamID },
relations: { awards: true }, // <-- This loads all awards for a team without any restriction
}
}
Now, backend modules must not query awards indirecly when returning the data publicly (results page, teams page, certificate, etc). For the Frontend, awards data will not be returned alongside any other DTO. To fetch awards, FE must fetch a dedicated request to BE (either GET /competitions/{competitionUUID}/awards/results
, or the one in this MR GET teams/{teamID]/awards
)
GET teams/{teamID]/awards
export class TeamAwardSimpleDTO {
decision: AwardDecision
group?: AwardGroup
// From Award
awardTitle: string
awardIcon?: string
awardType: AwardType
awardSubType?: AwardSubType
}