server/routes/problems.js

   1 let router = require("express").Router();
   2 const access = require("../utils/access");
   3 const ProblemModel = require("../models/Problem");
   4 const sanitizeHtml = require('sanitize-html');
   5
   6 router.post("/problems", access.logged, access.ajax, (req,res) => {
   7   if (ProblemModel.checkProblem(req.body.prob))
   8   {
   9     const problem =
  10     {
  11       vid: req.body.prob.vid,
  12       fen: req.body.prob.fen,
  13       uid: req.userId,
  14       instruction: sanitizeHtml(req.body.prob.instruction),
  15       solution: sanitizeHtml(req.body.prob.solution),
  16     };
  17     ProblemModel.create(problem, (err,ret) => {
  18       res.json(err || {id:ret.pid});
  19     });
  20   }
  21   else
  22     res.json({});
  23 });
  24
  25 router.get("/problems", (req,res) => {
  26   const probId = req.query["pid"];
  27   if (probId && probId.match(/^[0-9]+$/))
  28   {
  29     ProblemModel.getOne(req.query["pid"], (err,problem) => {
  30       res.json(err || {problem: problem});
  31     });
  32   }
  33   else
  34   {
  35     ProblemModel.getAll((err,problems) => {
  36       res.json(err || {problems:problems});
  37     });
  38   }
  39 });
  40
  41 router.put("/problems", access.logged, access.ajax, (req,res) => {
  42   let obj = req.body.prob;
  43   if (ProblemModel.checkProblem(obj))
  44   {
  45     obj.instruction = sanitizeHtml(obj.instruction);
  46     obj.solution = sanitizeHtml(obj.solution);
  47     ProblemModel.safeUpdate(obj, req.userId);
  48   }
  49   res.json({});
  50 });
  51
  52 router.delete("/problems", access.logged, access.ajax, (req,res) => {
  53   const pid = req.query.id;
  54   if (pid.toString().match(/^[0-9]+$/))
  55     ProblemModel.safeRemove(pid, req.userId);
  56   res.json({});
  57 });
  58
  59 module.exports = router;