projects
/
vchess.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Fixes
[vchess.git]
/
server
/
routes
/
challenges.js
diff --git
a/server/routes/challenges.js
b/server/routes/challenges.js
index
c2e55c8
..
4bbce8e
100644
(file)
--- a/
server/routes/challenges.js
+++ b/
server/routes/challenges.js
@@
-4,8
+4,11
@@
let router = require("express").Router();
const access = require("../utils/access");
const ChallengeModel = require("../models/Challenge");
const UserModel = require("../models/User"); //for name check
const access = require("../utils/access");
const ChallengeModel = require("../models/Challenge");
const UserModel = require("../models/User"); //for name check
+const params = require("../config/parameters");
router.get("/challenges", (req,res) => {
router.get("/challenges", (req,res) => {
+ if (!req.query["uid"].match(/^[0-9]+$/))
+ res.json({errmsg: "Bad user ID"});
ChallengeModel.getByUser(req.query["uid"], (err,challenges) => {
res.json(err || {challenges:challenges});
});
ChallengeModel.getByUser(req.query["uid"], (err,challenges) => {
res.json(err || {challenges:challenges});
});
@@
-18,24
+21,27
@@
router.post("/challenges", access.logged, access.ajax, (req,res) => {
let challenge =
{
fen: req.body.chall.fen,
let challenge =
{
fen: req.body.chall.fen,
-
timeControl: req.body.chall.timeControl
,
+
cadence: req.body.chall.cadence
,
vid: req.body.chall.vid,
uid: req.userId,
to: req.body.chall.to, //string: user name (may be empty)
};
const insertChallenge = () => {
vid: req.body.chall.vid,
uid: req.userId,
to: req.body.chall.to, //string: user name (may be empty)
};
const insertChallenge = () => {
- ChallengeModel.create(challenge, (err) => {
- if (!!err)
- return res.json(err);
+ ChallengeModel.create(challenge, (err,ret) => {
+ return res.json(err || {cid:ret.cid});
});
};
if (!!req.body.chall.to)
{
UserModel.getOne("name", challenge.to, (err,user) => {
if (!!err || !user)
});
};
if (!!req.body.chall.to)
{
UserModel.getOne("name", challenge.to, (err,user) => {
if (!!err || !user)
- return res.json(err | {errmsg: "Typo in player name"});
+ return res.json(err |
|
{errmsg: "Typo in player name"});
challenge.to = user.id; //ready now to insert challenge
insertChallenge();
challenge.to = user.id; //ready now to insert challenge
insertChallenge();
+ if (user.notify)
+ UserModel.notify(
+ user,
+ "New challenge: " + params.siteURL + "/#/?disp=corr");
});
}
else
});
}
else
@@
-44,7
+50,9
@@
router.post("/challenges", access.logged, access.ajax, (req,res) => {
router.delete("/challenges", access.logged, access.ajax, (req,res) => {
const cid = req.query.id;
router.delete("/challenges", access.logged, access.ajax, (req,res) => {
const cid = req.query.id;
- ChallengeModel.remove(cid, req.userId, err => {
+ if (!cid.match(/^[0-9]+$/))
+ res.json({errmsg: "Bad challenge ID"});
+ ChallengeModel.safeRemove(cid, req.userId, err => {
res.json(err || {}); //TODO: just "return err" because is empty if no errors
});
});
res.json(err || {}); //TODO: just "return err" because is empty if no errors
});
});