Revise server code + a few fixes in trnalsations and ComputerGame
[vchess.git] / server / routes / news.js
CommitLineData
604b951e
BA
1let router = require("express").Router();
2const access = require("../utils/access");
3const NewsModel = require("../models/News");
4const sanitizeHtml = require('sanitize-html');
866842c3 5const devs = [1]; //hard-coded list of developers IDs, allowed to post news
604b951e 6
866842c3
BA
7router.post("/news", access.logged, access.ajax, (req,res) => {
8 if (devs.includes(req.userId))
9 {
10 const content = sanitizeHtml(req.body.news.content);
11 NewsModel.create(content, req.userId, (err,ret) => {
12 res.json(err || {id:ret.nid});
13 });
14 }
604b951e
BA
15});
16
866842c3
BA
17router.get("/news", access.ajax, (req,res) => {
18 const cursor = req.query["cursor"];
19 if (cursor.match(/^[0-9]+$/))
20 {
21 NewsModel.getNext(cursor, (err,newsList) => {
22 res.json(err || {newsList:newsList});
23 });
24 }
604b951e
BA
25});
26
27router.put("/news", access.logged, access.ajax, (req,res) => {
604b951e 28 let news = req.body.news;
866842c3
BA
29 if (devs.includes(req.userId) && news.id.toString().match(/^[0-9]+$/))
30 {
31 news.content = sanitizeHtml(news.content);
32 NewsModel.update(news);
33 res.json({});
34 }
604b951e
BA
35});
36
37router.delete("/news", access.logged, access.ajax, (req,res) => {
604b951e 38 const nid = req.query.id;
866842c3
BA
39 if (devs.includes(req.userId) && nid.toString().match(/^[0-9]+$/))
40 {
41 NewsModel.remove(nid);
42 res.json({});
43 }
604b951e
BA
44});
45
46module.exports = router;