From 06075bb482582213482d555eeb12c7ba996c5c7a Mon Sep 17 00:00:00 2001
From: Sam Der <sder@uci.edu>
Date: Fri, 26 Jan 2024 15:23:10 -0800
Subject: [PATCH] fix: non-hacker confirm button disable conditions (#373)

* fix: non-hacker confirm button disable conditions

* fix: disable confirm button if status is reviewed

* update: allow check-in leads to confirm non-hackers
---
 apps/api/src/admin/participant_manager.py             |  2 +-
 .../participants/components/ParticipantAction.tsx     | 11 +++++++----
 2 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/apps/api/src/admin/participant_manager.py b/apps/api/src/admin/participant_manager.py
index 2362fb9b..f2e6078b 100644
--- a/apps/api/src/admin/participant_manager.py
+++ b/apps/api/src/admin/participant_manager.py
@@ -109,7 +109,7 @@ async def confirm_attendance_non_hacker(uid: str, director: User) -> None:
     if not record or record["role"] not in NON_HACKER_ROLES:
         raise ValueError
 
-    update_status = await mongodb_handler.raw_update_one(
+    update_status = await mongodb_handler.update_one(
         Collection.USERS,
         {"_id": uid},
         {"status": Status.ATTENDING},
diff --git a/apps/site/src/app/admin/participants/components/ParticipantAction.tsx b/apps/site/src/app/admin/participants/components/ParticipantAction.tsx
index 6afafa85..a7e06b89 100644
--- a/apps/site/src/app/admin/participants/components/ParticipantAction.tsx
+++ b/apps/site/src/app/admin/participants/components/ParticipantAction.tsx
@@ -4,7 +4,7 @@ import Button from "@cloudscape-design/components/button";
 
 import UserContext from "@/lib/admin/UserContext";
 import { isCheckinLead, isNonHacker } from "@/lib/admin/authorization";
-import { Status } from "@/lib/admin/useApplicant";
+import { ReviewStatus, Status } from "@/lib/admin/useApplicant";
 import { Participant } from "@/lib/admin/useParticipants";
 import ParticipantActionPopover from "./ParticipantActionPopover";
 
@@ -61,10 +61,13 @@ function ParticipantAction({
 		</Button>
 	);
 
-	if (nonHacker && isWaiverSigned) {
-		if (role !== "director") {
+	if (nonHacker) {
+		const content = !isCheckinLead
+			? "Only check-in leads can confirm non-hackers."
+			: "Must sign waiver first.";
+		if (!isCheckinLead || participant.status === ReviewStatus.reviewed) {
 			return (
-				<ParticipantActionPopover content="Only directors are allowed to confirm non-hackers.">
+				<ParticipantActionPopover content={content}>
 					{confirmButton}
 				</ParticipantActionPopover>
 			);