server/routes/problems.js

   1 let router = require("express").Router();
   2 const access = require("../utils/access");
   3 const ProblemModel = require("../models/Problem");
   4 const sanitizeHtml = require('sanitize-html');
   5
   6 router.post("/problems", access.logged, access.ajax, (req,res) => {
   7   if (ProblemModel.checkProblem(req.body.prob)) {
   8     const problem = {
   9       vid: req.body.prob.vid,
  10       fen: req.body.prob.fen,
  11       uid: req.userId,
  12       instruction: sanitizeHtml(req.body.prob.instruction),
  13       solution: sanitizeHtml(req.body.prob.solution),
  14     };
  15     ProblemModel.create(problem, (err, ret) => {
  16       res.json(err || ret);
  17     });
  18   }
  19   else
  20     res.json({});
  21 });
  22
  23 router.get("/problems", access.ajax, (req,res) => {
  24   const probId = req.query["pid"];
  25   if (probId && probId.match(/^[0-9]+$/)) {
  26     ProblemModel.getOne(req.query["pid"], (err,problem) => {
  27       res.json(err || {problem: problem});
  28     });
  29   } else {
  30     ProblemModel.getAll((err,problems) => {
  31       res.json(err || { problems: problems });
  32     });
  33   }
  34 });
  35
  36 router.put("/problems", access.logged, access.ajax, (req,res) => {
  37   let obj = req.body.prob;
  38   if (ProblemModel.checkProblem(obj)) {
  39     obj.instruction = sanitizeHtml(obj.instruction);
  40     obj.solution = sanitizeHtml(obj.solution);
  41     ProblemModel.safeUpdate(obj, req.userId);
  42   }
  43   res.json({});
  44 });
  45
  46 router.delete("/problems", access.logged, access.ajax, (req,res) => {
  47   const pid = req.query.id;
  48   if (pid.toString().match(/^[0-9]+$/))
  49     ProblemModel.safeRemove(pid, req.userId);
  50   res.json({});
  51 });
  52
  53 module.exports = router;