1 // AJAX methods to get, create, update or delete a challenge
3 let router
= require("express").Router();
4 const access
= require("../utils/access");
5 const ChallengeModel
= require("../models/Challenge");
6 const UserModel
= require("../models/User"); //for name check
8 router
.post("/challenges", access
.logged
, access
.ajax
, (req
,res
) => {
9 const error
= ChallengeModel
.checkChallenge(req
.body
.chall
);
10 // TODO: treat "to" field separately (search users by name)
11 // --> replace "to" by an array of uid (in chall), then call:
12 ChallengeModel
.create(req
.body
.chall
, (err
,lastId
) => {
13 res
.json(err
|| {cid: lastId
["rowid"]});
18 //router.get("/challenges", access.logged, access.ajax, (req,res) => {
19 // if (req.query["uid"] != req.user._id)
20 // return res.json({errmsg: "Not your challenges"});
21 // let uid = ObjectID(req.query["uid"]);
22 // ChallengeModel.getByPlayer(uid, (err, challengeArray) => {
23 // res.json(err || {challenges: challengeArray});
27 //function createChallenge(vid, from, to, res)
29 // ChallengeModel.create(vid, from, to, (err, chall) => {
31 // // A challenge can be sent using only name, thus 'to' is returned
38 //// from[, to][,nameTo]
39 //router.post("/challenges", access.logged, access.ajax, (req,res) => {
40 // if (req.body.from != req.user._id)
41 // return res.json({errmsg: "Identity usurpation"});
42 // let from = ObjectID(req.body.from);
43 // let to = !!req.body.to ? ObjectID(req.body.to) : undefined;
44 // let nameTo = !!req.body.nameTo ? req.body.nameTo : undefined;
45 // let vid = ObjectID(req.body.vid);
46 // if (!to && !!nameTo)
48 // UserModel.getByName(nameTo, (err,user) => {
49 // access.checkRequest(res, err, user, "Opponent not found", () => {
50 // createChallenge(vid, from, user._id, res);
55 // createChallenge(vid, from, to, res);
57 // createChallenge(vid, from, undefined, res); //automatch
60 //router.delete("/challenges", access.logged, access.ajax, (req,res) => {
61 // let cid = ObjectID(req.query.cid);
62 // ChallengeModel.getById(cid, (err,chall) => {
63 // access.checkRequest(res, err, chall, "Challenge not found", () => {
64 // if (!chall.from.equals(req.user._id) && !!chall.to && !chall.to.equals(req.user._id))
65 // return res.json({errmsg: "Not your challenge"});
66 // ChallengeModel.remove(cid, err => {
67 // res.json(err || {});
73 module
.exports
= router
;