This repository has been archived on 2024-07-22. You can view files and clone it, but cannot push or open issues or pull requests.
Zaimki/server/routes/sources.js

102 lines
2.8 KiB
JavaScript
Raw Normal View History

2020-10-31 13:33:59 -07:00
import { Router } from 'express';
2020-12-04 13:09:57 -08:00
import SQL from "sql-template-strings";
import {ulid} from "ulid";
2020-11-09 06:39:18 -08:00
2020-12-04 13:09:57 -08:00
const approve = async (db, id) => {
const { base_id } = await db.get(SQL`SELECT base_id FROM sources WHERE id=${id}`);
if (base_id) {
await db.get(SQL`
UPDATE sources
SET deleted=1
WHERE id = ${base_id}
`);
2020-10-31 13:33:59 -07:00
}
2020-12-04 13:09:57 -08:00
await db.get(SQL`
UPDATE sources
SET approved = 1, base_id = NULL
WHERE id = ${id}
`);
2020-11-10 14:41:56 -08:00
}
2020-10-31 13:33:59 -07:00
const router = Router();
2020-11-10 14:41:56 -08:00
router.get('/sources', async (req, res) => {
2020-12-04 13:09:57 -08:00
return res.json(await req.db.all(SQL`
SELECT s.*, u.username AS submitter FROM sources s
LEFT JOIN users u ON s.submitter_id = u.id
WHERE s.locale = ${req.config.locale}
AND s.deleted = 0
2020-12-30 15:03:30 -08:00
AND s.approved >= ${req.isGranted('sources') ? 0 : 1}
2020-12-04 13:09:57 -08:00
`));
2020-11-10 14:41:56 -08:00
});
2020-12-04 13:09:57 -08:00
router.get('/sources/:id', async (req, res) => {
return res.json(await req.db.all(SQL`
SELECT s.*, u.username AS submitter FROM sources s
LEFT JOIN users u ON s.submitter_id = u.id
WHERE s.locale = ${req.config.locale}
AND s.deleted = 0
2020-12-30 15:03:30 -08:00
AND s.approved >= ${req.isGranted('sources') ? 0 : 1}
2020-12-04 13:09:57 -08:00
AND s.id = ${req.params.id}
`));
2020-11-10 14:41:56 -08:00
});
router.post('/sources/submit', async (req, res) => {
2020-12-04 13:09:57 -08:00
const id = ulid();
await req.db.get(SQL`
INSERT INTO sources (id, locale, pronouns, type, author, title, extra, year, fragments, comment, link, submitter_id, base_id)
VALUES (
${id}, ${req.config.locale}, ${req.body.pronouns.join(';')},
${req.body.type}, ${req.body.author}, ${req.body.title}, ${req.body.extra}, ${req.body.year},
${req.body.fragments.join('@').replace(/\n/g, '|')}, ${req.body.comment}, ${req.body.link},
${req.user ? req.user.id : null}, ${req.body.base}
)
`);
2020-12-30 15:03:30 -08:00
if (req.isGranted('sources')) {
2020-12-04 13:09:57 -08:00
await approve(req.db, id);
}
return res.json('ok');
});
2020-10-31 13:33:59 -07:00
2020-12-04 13:09:57 -08:00
router.post('/sources/hide/:id', async (req, res) => {
2020-12-30 15:03:30 -08:00
if (!req.isGranted('sources')) {
2020-12-04 13:09:57 -08:00
res.status(401).json({error: 'Unauthorised'});
2020-10-31 13:33:59 -07:00
}
2020-12-04 13:09:57 -08:00
await req.db.get(SQL`
UPDATE sources
SET approved = 0
WHERE id = ${req.params.id}
`);
return res.json('ok');
});
router.post('/sources/approve/:id', async (req, res) => {
2020-12-30 15:03:30 -08:00
if (!req.isGranted('sources')) {
2020-12-04 13:09:57 -08:00
res.status(401).json({error: 'Unauthorised'});
}
await approve(req.db, req.params.id);
return res.json('ok');
});
router.post('/sources/remove/:id', async (req, res) => {
2020-12-30 15:03:30 -08:00
if (!req.isGranted('sources')) {
2020-12-04 13:09:57 -08:00
res.status(401).json({error: 'Unauthorised'});
}
await req.db.get(SQL`
UPDATE sources
SET deleted=1
WHERE id = ${req.params.id}
`);
return res.json('ok');
2020-10-31 13:33:59 -07:00
});
export default router;