X-Git-Url: https://git.auder.net/?p=vchess.git;a=blobdiff_plain;f=server%2Froutes%2Fchallenges.js;h=1f626f203ffd6a4d2e204a81f224d26add839828;hp=146bbe2d182b4d5c9c6dcbeede300e301ba072c2;hb=eb2d61de8d569470fa329a484efe9bab420b2b82;hpb=2be5d6140901fc7bb2a33d672e52cfdc545a1912

diff --git a/server/routes/challenges.js b/server/routes/challenges.js
index 146bbe2d..1f626f20 100644
--- a/server/routes/challenges.js
+++ b/server/routes/challenges.js
@@ -1,51 +1,61 @@
-// AJAX methods to get, create, update or delete a challenge
-
 let router = require("express").Router();
 const access = require("../utils/access");
 const ChallengeModel = require("../models/Challenge");
 const UserModel = require("../models/User"); //for name check
+const params = require("../config/parameters");
 
-router.get("/challenges", (req,res) => {
-  ChallengeModel.getByUser(req.query["uid"], (err,challenges) => {
-    res.json(err || {challenges:challenges});
-  });
+router.post("/challenges", access.logged, access.ajax, (req,res) => {
+  if (ChallengeModel.checkChallenge(req.body.chall)) {
+    let challenge = {
+      fen: req.body.chall.fen,
+      cadence: req.body.chall.cadence,
+      options: req.body.chall.options,
+      randomness: req.body.chall.randomness,
+      vid: req.body.chall.vid,
+      uid: req.userId,
+      to: req.body.chall.to, //string: user name (may be empty)
+    };
+    const insertChallenge = () => {
+      ChallengeModel.create(challenge, (err, ret) => {
+        res.json(err || ret);
+      });
+    };
+    if (req.body.chall.to) {
+      UserModel.getOne(
+        "name", challenge.to, "id, name, email, notify",
+        (err, user) => {
+          if (err || !user) res.json(err || {errmsg: "Typo in player name"});
+          else {
+            challenge.to = user.id; //ready now to insert challenge
+            insertChallenge();
+            if (user.notify) {
+              UserModel.notify(
+                user,
+                "New challenge : " + params.siteURL + "/#/?disp=corr");
+            }
+          }
+        }
+      );
+    }
+    else insertChallenge();
+  }
 });
 
-router.post("/challenges", access.logged, access.ajax, (req,res) => {
-  const error = ChallengeModel.checkChallenge(req.body.chall);
-  if (!!error)
-    return res.json({errmsg:error});
-  let challenge =
-  {
-    fen: req.body.chall.fen,
-    timeControl: req.body.chall.timeControl,
-    vid: req.body.chall.vid,
-    uid: req.userId,
-    to: req.body.chall.to, //string: user name (may be empty)
-  };
-  const insertChallenge = () => {
-    ChallengeModel.create(challenge, (err,ret) => {
-      return res.json(err || {cid:ret.cid});
-    });
-  };
-  if (!!req.body.chall.to)
-  {
-    UserModel.getOne("name", challenge.to, (err,user) => {
-      if (!!err || !user)
-        return res.json(err | {errmsg: "Typo in player name"});
-      challenge.to = user.id; //ready now to insert challenge
-      insertChallenge();
+router.get("/challenges", access.ajax, (req,res) => {
+  const uid = req.query.uid;
+  if (uid.match(/^[0-9]+$/)) {
+    ChallengeModel.getByUser(uid, (err,challenges) => {
+      res.json(err || { challenges: challenges });
     });
   }
-  else
-    insertChallenge();
 });
 
 router.delete("/challenges", access.logged, access.ajax, (req,res) => {
   const cid = req.query.id;
-  ChallengeModel.safeRemove(cid, req.userId, err => {
-    res.json(err || {}); //TODO: just "return err" because is empty if no errors
-  });
+  if (cid.match(/^[0-9]+$/)) {
+    ChallengeModel.safeRemove(cid, req.userId);
+    res.json({});
+  }
 });
 
 module.exports = router;