server/routes/problems.js

   1 let router = require("express").Router();
   2 const access = require("../utils/access");
   3 const ProblemModel = require("../models/Problem");
   4 const sanitizeHtml = require('sanitize-html');
   5
   6 router.post("/problems", access.logged, access.ajax, (req,res) => {
   7   if (ProblemModel.checkProblem(req.body.prob)) {
   8     const problem = {
   9       vid: req.body.prob.vid,
  10       fen: req.body.prob.fen,
  11       uid: req.userId,
  12       instruction: sanitizeHtml(req.body.prob.instruction),
  13       solution: sanitizeHtml(req.body.prob.solution),
  14     };
  15     ProblemModel.create(problem, (err, ret) => {
  16       res.json(err || ret);
  17     });
  18   }
  19   else
  20     res.json({});
  21 });
  22
  23 router.get("/problems", access.ajax, (req,res) => {
  24   const probId = req.query["pid"];
  25   const cursor = req.query["cursor"];
  26   if (!!probId && !!probId.match(/^[0-9]+$/)) {
  27     ProblemModel.getOne(req.query["pid"], (err, problem) => {
  28       res.json(err || {problem: problem});
  29     });
  30   } else if (!!cursor && !!cursor.match(/^[0-9]+$/)) {
  31     ProblemModel.getNext(cursor, (err, problems) => {
  32       res.json(err || { problems: problems });
  33     });
  34   }
  35 });
  36
  37 router.put("/problems", access.logged, access.ajax, (req,res) => {
  38   let obj = req.body.prob;
  39   if (ProblemModel.checkProblem(obj)) {
  40     obj.instruction = sanitizeHtml(obj.instruction);
  41     obj.solution = sanitizeHtml(obj.solution);
  42     ProblemModel.safeUpdate(obj, req.userId);
  43   }
  44   res.json({});
  45 });
  46
  47 router.delete("/problems", access.logged, access.ajax, (req,res) => {
  48   const pid = req.query.id;
  49   if (pid.toString().match(/^[0-9]+$/))
  50     ProblemModel.safeRemove(pid, req.userId);
  51   res.json({});
  52 });
  53
  54 module.exports = router;