Fix
[vchess.git] / server / routes / problems.js
1 let router = require("express").Router();
2 const access = require("../utils/access");
3 const params = require("../config/parameters");
4 const ProblemModel = require("../models/Problem");
5 const sanitizeHtml = require('sanitize-html');
6
7 router.post("/problems", access.logged, access.ajax, (req,res) => {
8 if (ProblemModel.checkProblem(req.body.prob)) {
9 const problem = {
10 vid: req.body.prob.vid,
11 fen: req.body.prob.fen,
12 uid: req.userId,
13 instruction: sanitizeHtml(req.body.prob.instruction),
14 solution: sanitizeHtml(req.body.prob.solution),
15 };
16 ProblemModel.create(problem, (err, ret) => {
17 res.json(err || ret);
18 });
19 }
20 else
21 res.json({});
22 });
23
24 router.get("/problems", access.ajax, (req,res) => {
25 const probId = req.query["id"];
26 const cursor = req.query["cursor"];
27 if (!!probId && !!probId.match(/^[0-9]+$/)) {
28 ProblemModel.getOne(probId, (err, problem) => {
29 res.json(err || {problem: problem});
30 });
31 } else if (!!cursor && !!cursor.match(/^[0-9]+$/)) {
32 const onlyMine = (req.query["mode"] == "mine");
33 const uid = parseInt(req.query["uid"]);
34 ProblemModel.getNext(uid, onlyMine, cursor, (err, problems) => {
35 res.json(err || { problems: problems });
36 });
37 }
38 });
39
40 router.put("/problems", access.logged, access.ajax, (req,res) => {
41 let obj = req.body.prob;
42 if (ProblemModel.checkProblem(obj)) {
43 obj.instruction = sanitizeHtml(obj.instruction);
44 obj.solution = sanitizeHtml(obj.solution);
45 ProblemModel.safeUpdate(obj, req.userId, params.devs);
46 }
47 res.json({});
48 });
49
50 router.delete("/problems", access.logged, access.ajax, (req,res) => {
51 const pid = req.query.id;
52 if (pid.toString().match(/^[0-9]+$/))
53 ProblemModel.safeRemove(pid, req.userId, params.devs);
54 res.json({});
55 });
56
57 module.exports = router;