X-Git-Url: https://git.auder.net/?a=blobdiff_plain;f=server%2Froutes%2Fnews.js;h=e78020ef086d3fc62abc185ec85dba493f492e8e;hb=5b958911a93d212aa6ca300a948ac48510cbb227;hp=51d8c824ff9a900431d9b27b79bc309ab3a8661a;hpb=68e19a449db7a12e0a168e99cd750d985c983ba1;p=vchess.git

diff --git a/server/routes/news.js b/server/routes/news.js
index 51d8c824..e78020ef 100644
--- a/server/routes/news.js
+++ b/server/routes/news.js
@@ -1,11 +1,11 @@
 let router = require("express").Router();
 const access = require("../utils/access");
+const params = require("../config/parameters");
 const NewsModel = require("../models/News");
 const sanitizeHtml = require('sanitize-html');
-const devs = [1]; //hard-coded list of developers IDs, allowed to post news
 
 router.post("/news", access.logged, access.ajax, (req,res) => {
-  if (devs.includes(req.userId)) {
+  if (params.devs.includes(req.userId)) {
     const content = sanitizeHtml(req.body.news.content);
     NewsModel.create(content, req.userId, (err, ret) => {
       res.json(err || ret);
@@ -24,14 +24,17 @@ router.get("/news", access.ajax, (req,res) => {
 
 router.get("/newsts", access.ajax, (req,res) => {
   // Special query for footer: just return timestamp of last news
-  NewsModel.getTimestamp((err,ts) => {
-    res.json(err || { timestamp: ts.added });
+  NewsModel.getTimestamp((err, ts) => {
+    res.json(err || { timestamp: !!ts ? ts.added : 0 });
   });
 });
 
 router.put("/news", access.logged, access.ajax, (req,res) => {
   let news = req.body.news;
-  if (devs.includes(req.userId) && news.id.toString().match(/^[0-9]+$/)) {
+  if (
+    params.devs.includes(req.userId) &&
+    news.id.toString().match(/^[0-9]+$/)
+  ) {
     news.content = sanitizeHtml(news.content);
     NewsModel.update(news);
     res.json({});
@@ -40,7 +43,10 @@ router.put("/news", access.logged, access.ajax, (req,res) => {
 
 router.delete("/news", access.logged, access.ajax, (req,res) => {
   const nid = req.query.id;
-  if (devs.includes(req.userId) && nid.toString().match(/^[0-9]+$/)) {
+  if (
+    params.devs.includes(req.userId) &&
+    nid.toString().match(/^[0-9]+$/)
+  ) {
     NewsModel.remove(nid);
     res.json({});
   }