server/routes/problems.js

   1 let router = require("express").Router();
   2 const access = require("../utils/access");
   3 const ProblemModel = require("../models/Problem");
   4 const sanitizeHtml = require('sanitize-html');
   5
   6 router.post("/problems", access.logged, access.ajax, (req,res) => {
   7   if (ProblemModel.checkProblem(req.body.prob)) {
   8     const problem = {
   9       vid: req.body.prob.vid,
  10       fen: req.body.prob.fen,
  11       uid: req.userId,
  12       instruction: sanitizeHtml(req.body.prob.instruction),
  13       solution: sanitizeHtml(req.body.prob.solution),
  14     };
  15     ProblemModel.create(problem, (err, ret) => {
  16       res.json(err || ret);
  17     });
  18   }
  19   else
  20     res.json({});
  21 });
  22
  23 router.get("/problems", access.ajax, (req,res) => {
  24   const probId = req.query["id"];
  25   const cursor = req.query["cursor"];
  26   if (!!probId && !!probId.match(/^[0-9]+$/)) {
  27     ProblemModel.getOne(probId, (err, problem) => {
  28       res.json(err || {problem: problem});
  29     });
  30   } else if (!!cursor && !!cursor.match(/^[0-9]+$/)) {
  31     const onlyMine = (req.query["mode"] == "mine");
  32     const uid = parseInt(req.query["uid"]);
  33     ProblemModel.getNext(uid, onlyMine, cursor, (err, problems) => {
  34       res.json(err || { problems: problems });
  35     });
  36   }
  37 });
  38
  39 router.put("/problems", access.logged, access.ajax, (req,res) => {
  40   let obj = req.body.prob;
  41   if (ProblemModel.checkProblem(obj)) {
  42     obj.instruction = sanitizeHtml(obj.instruction);
  43     obj.solution = sanitizeHtml(obj.solution);
  44     ProblemModel.safeUpdate(obj, req.userId);
  45   }
  46   res.json({});
  47 });
  48
  49 router.delete("/problems", access.logged, access.ajax, (req,res) => {
  50   const pid = req.query.id;
  51   if (pid.toString().match(/^[0-9]+$/))
  52     ProblemModel.safeRemove(pid, req.userId);
  53   res.json({});
  54 });
  55
  56 module.exports = router;