6cebb8f0ebee43805e466f8d34e5d0b289a5a36d
[vchess.git] / server / routes / problems.js
1 let router = require("express").Router();
2 const access = require("../utils/access");
3 const ProblemModel = require("../models/Problem");
4 const sanitizeHtml = require('sanitize-html');
5
6 router.post("/problems", access.logged, access.ajax, (req,res) => {
7 if (ProblemModel.checkProblem(req.body.prob)) {
8 const problem = {
9 vid: req.body.prob.vid,
10 fen: req.body.prob.fen,
11 uid: req.userId,
12 instruction: sanitizeHtml(req.body.prob.instruction),
13 solution: sanitizeHtml(req.body.prob.solution),
14 };
15 ProblemModel.create(problem, (err, ret) => {
16 res.json(err || ret);
17 });
18 }
19 else
20 res.json({});
21 });
22
23 router.get("/problems", access.ajax, (req,res) => {
24 const probId = req.query["pid"];
25 if (probId && probId.match(/^[0-9]+$/)) {
26 ProblemModel.getOne(req.query["pid"], (err,problem) => {
27 res.json(err || {problem: problem});
28 });
29 } else {
30 ProblemModel.getAll((err,problems) => {
31 res.json(err || { problems: problems });
32 });
33 }
34 });
35
36 router.put("/problems", access.logged, access.ajax, (req,res) => {
37 let obj = req.body.prob;
38 if (ProblemModel.checkProblem(obj)) {
39 obj.instruction = sanitizeHtml(obj.instruction);
40 obj.solution = sanitizeHtml(obj.solution);
41 ProblemModel.safeUpdate(obj, req.userId);
42 }
43 res.json({});
44 });
45
46 router.delete("/problems", access.logged, access.ajax, (req,res) => {
47 const pid = req.query.id;
48 if (pid.toString().match(/^[0-9]+$/))
49 ProblemModel.safeRemove(pid, req.userId);
50 res.json({});
51 });
52
53 module.exports = router;