| 1 | let router = require("express").Router(); |
| 2 | const access = require("../utils/access"); |
| 3 | const ProblemModel = require("../models/Problem"); |
| 4 | const sanitizeHtml = require('sanitize-html'); |
| 5 | |
| 6 | router.post("/problems", access.logged, access.ajax, (req,res) => { |
| 7 | if (ProblemModel.checkProblem(req.body.prob)) |
| 8 | { |
| 9 | const problem = |
| 10 | { |
| 11 | vid: req.body.prob.vid, |
| 12 | fen: req.body.prob.fen, |
| 13 | uid: req.userId, |
| 14 | instruction: sanitizeHtml(req.body.prob.instruction), |
| 15 | solution: sanitizeHtml(req.body.prob.solution), |
| 16 | }; |
| 17 | ProblemModel.create(problem, (err,ret) => { |
| 18 | res.json(err || {id:ret.pid}); |
| 19 | }); |
| 20 | } |
| 21 | else |
| 22 | res.json({}); |
| 23 | }); |
| 24 | |
| 25 | router.get("/problems", access.ajax, (req,res) => { |
| 26 | const probId = req.query["pid"]; |
| 27 | if (probId && probId.match(/^[0-9]+$/)) |
| 28 | { |
| 29 | ProblemModel.getOne(req.query["pid"], (err,problem) => { |
| 30 | res.json(err || {problem: problem}); |
| 31 | }); |
| 32 | } |
| 33 | else |
| 34 | { |
| 35 | ProblemModel.getAll((err,problems) => { |
| 36 | res.json(err || {problems:problems}); |
| 37 | }); |
| 38 | } |
| 39 | }); |
| 40 | |
| 41 | router.put("/problems", access.logged, access.ajax, (req,res) => { |
| 42 | let obj = req.body.prob; |
| 43 | if (ProblemModel.checkProblem(obj)) |
| 44 | { |
| 45 | obj.instruction = sanitizeHtml(obj.instruction); |
| 46 | obj.solution = sanitizeHtml(obj.solution); |
| 47 | ProblemModel.safeUpdate(obj, req.userId); |
| 48 | } |
| 49 | res.json({}); |
| 50 | }); |
| 51 | |
| 52 | router.delete("/problems", access.logged, access.ajax, (req,res) => { |
| 53 | const pid = req.query.id; |
| 54 | if (pid.toString().match(/^[0-9]+$/)) |
| 55 | ProblemModel.safeRemove(pid, req.userId); |
| 56 | res.json({}); |
| 57 | }); |
| 58 | |
| 59 | module.exports = router; |