| | 1 | let router = require("express").Router(); |
| | 2 | const access = require("../utils/access"); |
| | 3 | const params = require("../config/parameters"); |
| | 4 | const ProblemModel = require("../models/Problem"); |
| | 5 | const sanitizeHtml = require('sanitize-html'); |
| | 6 | |
| | 7 | router.post("/problems", access.logged, access.ajax, (req,res) => { |
| | 8 | if (ProblemModel.checkProblem(req.body.prob)) { |
| | 9 | const problem = { |
| | 10 | vid: req.body.prob.vid, |
| | 11 | fen: req.body.prob.fen, |
| | 12 | uid: req.userId, |
| | 13 | instruction: sanitizeHtml(req.body.prob.instruction), |
| | 14 | solution: sanitizeHtml(req.body.prob.solution), |
| | 15 | }; |
| | 16 | ProblemModel.create(problem, (err, ret) => { |
| | 17 | res.json(err || ret); |
| | 18 | }); |
| | 19 | } |
| | 20 | else |
| | 21 | res.json({}); |
| | 22 | }); |
| | 23 | |
| | 24 | router.get("/problems", access.ajax, (req,res) => { |
| | 25 | const probId = req.query["id"]; |
| | 26 | const cursor = req.query["cursor"]; |
| | 27 | if (!!probId && !!probId.match(/^[0-9]+$/)) { |
| | 28 | ProblemModel.getOne(probId, (err, problem) => { |
| | 29 | res.json(err || {problem: problem}); |
| | 30 | }); |
| | 31 | } else if (!!cursor && !!cursor.match(/^[0-9]+$/)) { |
| | 32 | const onlyMine = (req.query["mode"] == "mine"); |
| | 33 | const uid = parseInt(req.query["uid"]); |
| | 34 | ProblemModel.getNext(uid, onlyMine, cursor, (err, problems) => { |
| | 35 | res.json(err || { problems: problems }); |
| | 36 | }); |
| | 37 | } |
| | 38 | }); |
| | 39 | |
| | 40 | router.put("/problems", access.logged, access.ajax, (req,res) => { |
| | 41 | let obj = req.body.prob; |
| | 42 | if (ProblemModel.checkProblem(obj)) { |
| | 43 | obj.instruction = sanitizeHtml(obj.instruction); |
| | 44 | obj.solution = sanitizeHtml(obj.solution); |
| | 45 | ProblemModel.safeUpdate(obj, req.userId, params.devs); |
| | 46 | } |
| | 47 | res.json({}); |
| | 48 | }); |
| | 49 | |
| | 50 | router.delete("/problems", access.logged, access.ajax, (req,res) => { |
| | 51 | const pid = req.query.id; |
| | 52 | if (pid.toString().match(/^[0-9]+$/)) |
| | 53 | ProblemModel.safeRemove(pid, req.userId, params.devs); |
| | 54 | res.json({}); |
| | 55 | }); |
| | 56 | |
| | 57 | module.exports = router; |
projects / vchess.git / blame_incremental