Commit | Line | Data |
---|---|---|
8d7e2786 BA |
1 | // AJAX methods to get, create, update or delete a problem |
2 | ||
298c42e6 | 3 | let router = require("express").Router(); |
8d7e2786 BA |
4 | const access = require("../utils/access"); |
5 | const ProblemModel = require("../models/Problem"); | |
298c42e6 BA |
6 | const sanitizeHtml = require('sanitize-html'); |
7 | const MaxNbProblems = 20; | |
8 | ||
936dc463 BA |
9 | // Get one problem |
10 | router.get("/problems/:vname([a-zA-Z0-9]+)/:pnum([0-9]+)", access.ajax, (req,res) => { | |
11 | const vname = req.params["vname"]; | |
12 | const pnum = req.params["pnum"]; | |
13 | ProblemModel.getOne(vname, pnum, (err,problem) => { | |
14 | if (!!err) | |
15 | return res.json(err); | |
16 | return res.json({problem: problem}); | |
17 | }); | |
18 | }); | |
19 | ||
8d7e2786 BA |
20 | // Fetch N previous or next problems |
21 | router.get("/problems/:vname([a-zA-Z0-9]+)", access.ajax, (req,res) => { | |
22 | const vname = req.params["vname"]; | |
298c42e6 BA |
23 | const directionStr = (req.query.direction == "forward" ? ">" : "<"); |
24 | const lastDt = req.query.last_dt; | |
936dc463 | 25 | const type = req.query.type; |
298c42e6 BA |
26 | if (!lastDt.match(/[0-9]+/)) |
27 | return res.json({errmsg: "Bad timestamp"}); | |
936dc463 BA |
28 | if (!["others","mine"].includes(type)) |
29 | return res.json({errmsg: "Bad type"}); | |
30 | ProblemModel.fetchN(vname, req.userId, type, directionStr, lastDt, MaxNbProblems, | |
31 | (err,problems) => { | |
32 | if (!!err) | |
33 | return res.json(err); | |
34 | return res.json({problems: problems}); | |
35 | } | |
36 | ); | |
298c42e6 BA |
37 | }); |
38 | ||
8d7e2786 BA |
39 | function sanitizeUserInput(fen, instructions, solution) |
40 | { | |
298c42e6 | 41 | if (!fen.match(/^[a-zA-Z0-9, /-]*$/)) |
8d7e2786 BA |
42 | return "Bad characters in FEN string"; |
43 | instructions = sanitizeHtml(instructions); | |
44 | solution = sanitizeHtml(solution); | |
298c42e6 | 45 | if (instructions.length == 0) |
8d7e2786 | 46 | return "Empty instructions"; |
298c42e6 | 47 | if (solution.length == 0) |
8d7e2786 BA |
48 | return "Empty solution"; |
49 | return { | |
50 | fen: fen, | |
51 | instructions: instructions, | |
52 | solution: solution | |
53 | }; | |
54 | } | |
55 | ||
56 | // Upload a problem (sanitize inputs) | |
57 | router.post("/problems/:vname([a-zA-Z0-9]+)", access.logged, access.ajax, (req,res) => { | |
58 | const vname = req.params["vname"]; | |
59 | const s = sanitizeUserInput(req.body["fen"], req.body["instructions"], req.body["solution"]); | |
60 | if (typeof s === "string") | |
61 | return res.json({errmsg: s}); | |
62 | ProblemModel.create(vname, s.fen, s.instructions, s.solution); | |
63 | res.json({}); | |
298c42e6 BA |
64 | }); |
65 | ||
8d7e2786 BA |
66 | // Update a problem (also sanitize inputs) |
67 | router.put("/problems/:id([0-9]+)", access.logged, access.ajax, (req,res) => { | |
68 | const pid = req.params["id"]; //problem ID | |
69 | const s = sanitizeUserInput(req.body["fen"], req.body["instructions"], req.body["solution"]); | |
70 | if (typeof s === "string") | |
71 | return res.json({errmsg: s}); | |
c018b304 | 72 | ProblemModel.update(pid, req.userId, fen, instructions, solution); |
8d7e2786 BA |
73 | res.json({}); |
74 | }); | |
75 | ||
76 | // Delete a problem | |
77 | router.delete("/problems/:id([0-9]+)", access.logged, access.ajax, (req,res) => { | |
78 | const pid = req.params["id"]; //problem ID | |
c018b304 | 79 | ProblemModel.delete(pid, req.userId); |
8d7e2786 BA |
80 | res.json({}); |
81 | }); | |
298c42e6 BA |
82 | |
83 | module.exports = router; |