routes/courses.js

   1 let router = require("express").Router();
   2 const access = require("../utils/access.js");
   3 const validator = require("../public/javascripts/utils/validation");
   4 const sanitizeHtml = require('sanitize-html');
   5 const ObjectId = require("bson-objectid");
   6 const CourseModel = require("../models/course");
   7
   8 router.post('/courses', access.ajax, access.logged, (req,res) => {
   9     let code = req.body["code"];
  10     let description = sanitizeHtml(req.body["description"]);
  11     let error = validator({code:code}, "Course");
  12     if (error.length > 0)
  13         return res.json({errmsg:error});
  14     CourseModel.insert(req.user._id, code, description, (err,course) => {
  15         access.checkRequest(res, err, course, "Course addition failed", () => {
  16             res.json(course);
  17         });
  18     });
  19 });
  20
  21 router.put("/courses/password", access.ajax, access.logged, (req,res) => {
  22     let cid = req.body["cid"];
  23     let pwd = req.body["pwd"];
  24     let error = validator({password:pwd, _id:cid}, "Course");
  25     if (error.length > 0)
  26         return res.json({errmsg:error});
  27     CourseModel.setPassword(req.user._id, ObjectId(cid), pwd, (err,ret) => {
  28         access.checkRequest(res, err, ret, "password update failed", () => {
  29             res.json({});
  30         });
  31     });
  32 });
  33
  34 router.put('/courses/student-list', access.ajax, access.logged, (req,res) => {
  35     let cid = req.body["cid"];
  36     let students = JSON.parse(req.body["students"]);
  37     let error = validator({_id:cid, students: students}, "Course");
  38     if (error.length > 0)
  39         return res.json({errmsg:error});
  40     access.getUser(req, res, (err,user) => {
  41         if (!!err)
  42             return res.json(err);
  43         CourseModel.importStudents(req.user._id, ObjectId(cid), students, (err,ret) => {
  44             access.checkRequest(res, err, ret, "Students addition failed", () => {
  45                 res.json({});
  46             });
  47         });
  48     });
  49 });
  50
  51 router.get('/courses/student', access.ajax, (req,res) => {
  52     let cid = req.query["cid"];
  53     let number = req.query["number"];
  54     let error = validator({ _id: cid, students: [{number:number}] }, "Course");
  55     if (error.length > 0)
  56         return res.json({errmsg:error});
  57     CourseModel.getStudent(ObjectId(cid), number, (err,ret) => {
  58         access.checkRequest(res, err, ret, "Failed retrieving student", () => {
  59             res.json({student: ret.students[0]});
  60         });
  61     });
  62 });
  63
  64 router.delete('/courses', access.ajax, access.logged, (req,res) => {
  65     let cid = req.query["cid"];
  66     let error = validator({_id:cid}, "Course");
  67     if (error.length > 0)
  68         return res.json({errmsg:error});
  69     CourseModel.remove(req.user._id, ObjectId(cid), (err,ret) => {
  70         access.checkRequest(res, err, ret, "Course removal failed", () => {
  71             res.json({});
  72         });
  73     });
  74 });
  75
  76 module.exports = router;