Fix pronlems edit by admins

[vchess.git] / server / models / Problem.js

diff --git a/server/models/Problem.js b/server/models/Problem.js
index 136fb64..9978d76 100644 (file)
--- a/server/models/Problem.js
+++ b/server/models/Problem.js
@@ -11,10 +11,8 @@ const db = require("../utils/database");
  *   solution: text
  */
 
-const ProblemModel =
-{
-  checkProblem: function(p)
-  {
+const ProblemModel = {
+  checkProblem: function(p) {
     return (
       p.id.toString().match(/^[0-9]+$/) &&
       p.vid.toString().match(/^[0-9]+$/) &&
@@ -22,8 +20,7 @@ const ProblemModel =
     );
   },
 
-  create: function(p, cb)
-  {
+  create: function(p, cb) {
     db.serialize(function() {
       const query =
         "INSERT INTO Problems " +
@@ -31,39 +28,45 @@ const ProblemModel =
           "VALUES " +
         "(" + Date.now() + "," + p.uid + "," + p.vid + ",'" + p.fen  + "',?,?)";
       db.run(query, [p.instruction,p.solution], function(err) {
-        cb(err, {pid: this.lastID});
+        cb(err, { id: this.lastID });
       });
     });
   },
 
-  getAll: function(cb)
-  {
+  getNext: function(uid, onlyMine, cursor, cb) {
+    let condition = "";
+    if (onlyMine) condition = "AND uid = " + uid + " ";
+    else if (!!uid) condition = "AND uid <> " + uid + " ";
     db.serialize(function() {
       const query =
         "SELECT * " +
-        "FROM Problems";
-      db.all(query, (err,problems) => {
+        "FROM Problems " +
+        "WHERE added < " + cursor + " " +
+        condition +
+        "ORDER BY added DESC " +
+        "LIMIT 20"; //TODO: 20 is arbitrary
+      db.all(query, (err, problems) => {
         cb(err, problems);
       });
     });
   },
 
-  getOne: function(id, cb)
-  {
+  getOne: function(id, cb) {
     db.serialize(function() {
       const query =
         "SELECT * " +
         "FROM Problems " +
         "WHERE id = " + id;
-      db.get(query, (err,problem) => {
+      db.get(query, (err, problem) => {
         cb(err, problem);
       });
     });
   },
 
-  safeUpdate: function(prob, uid)
-  {
+  safeUpdate: function(prob, uid, devs) {
     db.serialize(function() {
+      let whereClause = "WHERE id = " + prob.id;
+      if (!devs.includes(uid)) whereClause += " AND uid = " + uid;
       const query =
         "UPDATE Problems " +
         "SET " +
@@ -71,17 +74,18 @@ const ProblemModel =
           "fen = '" + prob.fen + "'," +
           "instruction = ?," +
           "solution = ? " +
-        "WHERE id = " + prob.id + " AND uid = " + uid;
-      db.run(query, [prob.instruction,prob.solution]);
+        whereClause;
+      db.run(query, [prob.instruction, prob.solution]);
     });
   },
 
-  safeRemove: function(id, uid)
-  {
+  safeRemove: function(id, uid, devs) {
     db.serialize(function() {
+      let whereClause = "WHERE id = " + prob.id;
+      if (!devs.includes(uid)) whereClause += " AND uid = " + uid;
       const query =
         "DELETE FROM Problems " +
-        "WHERE id = " + id + " AND uid = " + uid;
+        whereClause;
       db.run(query);
     });
   },