This repository has been archived on 2024-07-22. You can view files and clone it, but cannot push or open issues or pull requests.
Zaimki/server/routes/terms.js

110 lines
3.1 KiB
JavaScript
Raw Normal View History

2020-12-18 08:32:18 -08:00
import { Router } from 'express';
import SQL from 'sql-template-strings';
import {ulid} from "ulid";
import {isTroll, handleErrorAsync} from "../../src/helpers";
2020-12-18 08:32:18 -08:00
const approve = async (db, id) => {
const { base_id } = await db.get(SQL`SELECT base_id FROM terms WHERE id=${id}`);
if (base_id) {
await db.get(SQL`
UPDATE terms
SET deleted=1
WHERE id = ${base_id}
`);
}
await db.get(SQL`
UPDATE terms
SET approved = 1, base_id = NULL
WHERE id = ${id}
`);
}
const router = Router();
router.get('/terms', handleErrorAsync(async (req, res) => {
2020-12-18 08:32:18 -08:00
return res.json(await req.db.all(SQL`
SELECT i.*, u.username AS author FROM terms i
LEFT JOIN users u ON i.author_id = u.id
WHERE i.locale = ${req.config.locale}
2020-12-30 15:03:30 -08:00
AND i.approved >= ${req.isGranted('terms') ? 0 : 1}
2020-12-18 08:32:18 -08:00
AND i.deleted = 0
ORDER BY i.term
`));
}));
2020-12-18 08:32:18 -08:00
router.get('/terms/search/:term', handleErrorAsync(async (req, res) => {
2020-12-18 08:32:18 -08:00
const term = '%' + req.params.term + '%';
return res.json(await req.db.all(SQL`
SELECT i.*, u.username AS author FROM terms i
LEFT JOIN users u ON i.author_id = u.id
WHERE i.locale = ${req.config.locale}
2020-12-30 15:03:30 -08:00
AND i.approved >= ${req.isGranted('terms') ? 0 : 1}
2020-12-18 08:32:18 -08:00
AND i.deleted = 0
AND (i.term like ${term} OR i.original like ${term})
ORDER BY i.term
`));
}));
2020-12-18 08:32:18 -08:00
router.post('/terms/submit', handleErrorAsync(async (req, res) => {
2020-12-18 08:32:18 -08:00
if (!(req.user && req.user.admin) && isTroll(JSON.stringify(req.body))) {
return res.json('ok');
}
const id = ulid();
await req.db.get(SQL`
INSERT INTO terms (id, term, original, definition, approved, base_id, locale, author_id, category, flags, images)
2020-12-18 08:32:18 -08:00
VALUES (
${id},
${req.body.term.join('|')}, ${req.body.original.join('|')}, ${req.body.definition},
2020-12-21 10:33:41 -08:00
0, ${req.body.base}, ${req.config.locale}, ${req.user ? req.user.id : null},
${req.body.category}, ${JSON.stringify(req.body.flags)}, ${req.body.images}
2020-12-18 08:32:18 -08:00
)
`);
2020-12-30 15:03:30 -08:00
if (req.isGranted('terms')) {
2020-12-18 08:32:18 -08:00
await approve(req.db, id);
}
return res.json('ok');
}));
2020-12-18 08:32:18 -08:00
router.post('/terms/hide/:id', handleErrorAsync(async (req, res) => {
2020-12-30 15:03:30 -08:00
if (!req.isGranted('terms')) {
2020-12-18 08:32:18 -08:00
res.status(401).json({error: 'Unauthorised'});
}
await req.db.get(SQL`
UPDATE terms
SET approved = 0
WHERE id = ${req.params.id}
`);
return res.json('ok');
}));
2020-12-18 08:32:18 -08:00
router.post('/terms/approve/:id', handleErrorAsync(async (req, res) => {
2020-12-30 15:03:30 -08:00
if (!req.isGranted('terms')) {
2020-12-18 08:32:18 -08:00
res.status(401).json({error: 'Unauthorised'});
}
await approve(req.db, req.params.id);
return res.json('ok');
}));
2020-12-18 08:32:18 -08:00
router.post('/terms/remove/:id', handleErrorAsync(async (req, res) => {
2020-12-30 15:03:30 -08:00
if (!req.isGranted('terms')) {
2020-12-18 08:32:18 -08:00
res.status(401).json({error: 'Unauthorised'});
}
await req.db.get(SQL`
UPDATE terms
SET deleted=1
WHERE id = ${req.params.id}
`);
return res.json('ok');
}));
2020-12-18 08:32:18 -08:00
export default router;