feat(api): Allow admins to revoke chat priveleges from website

test/api/v3/integration/hall/PUT-hall_heores_heroId.test.js

@@ -52,7 +52,7 @@ describe('PUT /heroes/:heroId', () => {
     // test response
     expect(heroRes).to.have.all.keys([ // works as: object has all and only these keys
       '_id', 'balance', 'profile', 'purchased',
-      'contributor', 'auth', 'items',
+      'contributor', 'auth', 'items', 'flags',
     ]);
     expect(heroRes.auth.local).not.to.have.keys(['salt', 'hashed_password']);
     expect(heroRes.profile).to.have.all.keys(['name']);
@@ -72,6 +72,18 @@ describe('PUT /heroes/:heroId', () => {
     expect(hero.notifications[0].type).to.equal('NEW_CONTRIBUTOR_LEVEL');
   });
 
+  it('updates chatRevoked flag', async () => {
+    let hero = await generateUser();
+
+    await user.put(`/hall/heroes/${hero._id}`, {
+      flags: {chatRevoked: true},
+    });
+
+    await hero.sync();
+
+    expect(hero.flags.chatRevoked).to.eql(true);
+  });
+
   it('updates contributor level', async () => {
     let hero = await generateUser({
       contributor: {level: 5},
@@ -83,7 +95,7 @@ describe('PUT /heroes/:heroId', () => {
     // test response
     expect(heroRes).to.have.all.keys([ // works as: object has all and only these keys
       '_id', 'balance', 'profile', 'purchased',
-      'contributor', 'auth', 'items',
+      'contributor', 'auth', 'items', 'flags',
     ]);
     expect(heroRes.auth.local).not.to.have.keys(['salt', 'hashed_password']);
     expect(heroRes.profile).to.have.all.keys(['name']);
@@ -110,7 +122,7 @@ describe('PUT /heroes/:heroId', () => {
     // test response
     expect(heroRes).to.have.all.keys([ // works as: object has all and only these keys
       '_id', 'balance', 'profile', 'purchased',
-      'contributor', 'auth', 'items',
+      'contributor', 'auth', 'items', 'flags',
     ]);
     expect(heroRes.auth.local).not.to.have.keys(['salt', 'hashed_password']);
     expect(heroRes.profile).to.have.all.keys(['name']);
@@ -134,7 +146,7 @@ describe('PUT /heroes/:heroId', () => {
     // test response
     expect(heroRes).to.have.all.keys([ // works as: object has all and only these keys
       '_id', 'balance', 'profile', 'purchased',
-      'contributor', 'auth', 'items',
+      'contributor', 'auth', 'items', 'flags',
     ]);
     expect(heroRes.auth.local).not.to.have.keys(['salt', 'hashed_password']);
     expect(heroRes.profile).to.have.all.keys(['name']);

website/server/controllers/api-v3/hall.js

@@ -76,7 +76,7 @@ api.getHeroes = {
 // Note, while the following routes are called getHero / updateHero
 // they can be used by admins to get/update any user
 
-const heroAdminFields = 'contributor balance profile.name purchased items auth';
+const heroAdminFields = 'contributor balance profile.name purchased items auth flags.chatRevoked';
 
 /**
  * @api {get} /api/v3/hall/heroes/:heroId Get any user ("hero") given the UUID
@@ -170,6 +170,7 @@ api.updateHero = {
     }
 
     if (updateData.auth && _.isBoolean(updateData.auth.blocked)) hero.auth.blocked = updateData.auth.blocked;
+    if (updateData.flags && _.isBoolean(updateData.flags.chatRevoked)) hero.flags.chatRevoked = updateData.flags.chatRevoked;
 
     let savedHero = await hero.save();
     let heroJSON = savedHero.toJSON();

website/views/options/social/hall.jade

@@ -59,6 +59,11 @@ script(type='text/ng-template', id='partials/options.social.hall.heroes.html')
         accordion-group(heading='Auth')
           h4 Auth
           pre {{::toJson(hero.auth)}}
+          .form-group
+            .checkbox
+              label
+                input(type='checkbox', ng-model='hero.flags.chatRevoked')
+                | Chat Priveleges Revoked
           .form-group
             .checkbox
               label