Allow games to be submitted without login
parent
7a25037cb4
commit
c882c4f402
|
@ -5,7 +5,7 @@ const database = require('./../database');
|
||||||
|
|
||||||
|
|
||||||
class Game {
|
class Game {
|
||||||
constructor(id, date, team1ID, team2ID, team1Score, team2Score, divisionID, seasonID, submitterID) {
|
constructor(id, date, team1ID, team2ID, team1Score, team2Score, divisionID, seasonID, submitterID, submitterName) {
|
||||||
this.id = id;
|
this.id = id;
|
||||||
this.date = date;
|
this.date = date;
|
||||||
this.team1ID = team1ID;
|
this.team1ID = team1ID;
|
||||||
|
@ -15,17 +15,26 @@ class Game {
|
||||||
this.divisionID = divisionID;
|
this.divisionID = divisionID;
|
||||||
this.seasonID = seasonID;
|
this.seasonID = seasonID;
|
||||||
this.submitterID = submitterID;
|
this.submitterID = submitterID;
|
||||||
|
this.submitterName = submitterName;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
async function add(divisionID, seasonID, date, team1ID, team2ID, team1Score, team2Score, userID) {
|
async function add(divisionID, seasonID, date, team1ID, team2ID, team1Score, team2Score, submitterID, submitterName = undefined) {
|
||||||
|
let id;
|
||||||
|
if(submitterName) {
|
||||||
|
const query = `INSERT INTO scores.games(division_id, season_id, game_date, team1_id, team2_id, team1_score, team2_score, submitter_name)
|
||||||
|
VALUES($1, $2, $3, $4, $5, $6, $7, $8)
|
||||||
|
RETURNING game_id;`;
|
||||||
|
id = (await database.executeQuery(query, [divisionID, seasonID, date, team1ID, team2ID, team1Score, team2Score, submitterName]))[0][0];
|
||||||
|
} else {
|
||||||
const query = `INSERT INTO scores.games(division_id, season_id, game_date, team1_id, team2_id, team1_score, team2_score, submitter_id)
|
const query = `INSERT INTO scores.games(division_id, season_id, game_date, team1_id, team2_id, team1_score, team2_score, submitter_id)
|
||||||
VALUES($1, $2, $3, $4, $5, $6, $7, $8)
|
VALUES($1, $2, $3, $4, $5, $6, $7, $8)
|
||||||
RETURNING game_id;`;
|
RETURNING game_id;`;
|
||||||
|
id = (await database.executeQuery(query, [divisionID, seasonID, date, team1ID, team2ID, team1Score, team2Score, submitterID]))[0][0];
|
||||||
|
}
|
||||||
|
|
||||||
const id = (await database.executeQuery(query, [divisionID, seasonID, date, team1ID, team2ID, team1Score, team2Score, userID]))[0][0];
|
|
||||||
return new Game(id, date, team1ID, team2ID, team1Score, team2Score);
|
return new Game(id, date, team1ID, team2ID, team1Score, team2Score);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -29,7 +29,7 @@ router.get('/game', function(req, res, next) {
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
res.redirect('/auth/login');
|
res.redirect('/auth/login');
|
||||||
};
|
}
|
||||||
} else {
|
} else {
|
||||||
next();
|
next();
|
||||||
}
|
}
|
||||||
|
@ -40,7 +40,19 @@ router.get('/game', function(req, res, next) {
|
||||||
res.render('manage/addgame', { title, userLoggedIn: !!req.user, message: req.flash('error') });
|
res.render('manage/addgame', { title, userLoggedIn: !!req.user, message: req.flash('error') });
|
||||||
});
|
});
|
||||||
|
|
||||||
router.post('/game', checkLoginStatus.user, async function(req, res, next) {
|
router.post('/game', function(req, res, next) {
|
||||||
|
if(!(process.env.PUBLIC_SUBMIT_PAGE && process.env.PUBLIC_SUBMIT_PAGE.toLowerCase() == 'true')) {
|
||||||
|
if (req.user) {
|
||||||
|
next();
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
res.redirect('/auth/login');
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
next();
|
||||||
|
}
|
||||||
|
},
|
||||||
|
async function(req, res, next) {
|
||||||
const id = req.body['game'];
|
const id = req.body['game'];
|
||||||
const remove = req.body['remove'];
|
const remove = req.body['remove'];
|
||||||
|
|
||||||
|
@ -54,14 +66,20 @@ router.post('/game', checkLoginStatus.user, async function(req, res, next) {
|
||||||
const team1Score = req.body['team1-score'];
|
const team1Score = req.body['team1-score'];
|
||||||
const team2ID = req.body['team2'];
|
const team2ID = req.body['team2'];
|
||||||
const team2Score = req.body['team2-score'];
|
const team2Score = req.body['team2-score'];
|
||||||
const userID = req.user[0];
|
const submitterName = req.body['name'];
|
||||||
|
|
||||||
const loggedInUserID = req.user[0];
|
let submitterID;
|
||||||
const loggedInUserIsAdmin = req.user[2];
|
let loggedInUserID;
|
||||||
|
let loggedInUserIsAdmin;
|
||||||
|
if(req.user) {
|
||||||
|
submitterID = req.user[0];
|
||||||
|
loggedInUserID = req.user[0];
|
||||||
|
loggedInUserIsAdmin = req.user[2];
|
||||||
|
}
|
||||||
|
|
||||||
const game = id ? await games.getFromID(id) : null;
|
const game = id ? await games.getFromID(id) : null;
|
||||||
|
|
||||||
if(!loggedInUserIsAdmin && game && loggedInUserID != game.submitterID) {
|
if((!loggedInUserIsAdmin && game && loggedInUserID != game.submitterID) || (!req.user && game)) {
|
||||||
res.status(403).send("ACCESS DENIED");
|
res.status(403).send("ACCESS DENIED");
|
||||||
}
|
}
|
||||||
else if(remove) {
|
else if(remove) {
|
||||||
|
@ -73,7 +91,7 @@ router.post('/game', checkLoginStatus.user, async function(req, res, next) {
|
||||||
res.redirect('/manage#games');
|
res.redirect('/manage#games');
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
await games.add(divisionID, seasonID, date, team1ID, team2ID, team1Score, team2Score, userID);
|
await games.add(divisionID, seasonID, date, team1ID, team2ID, team1Score, team2Score, submitterID, submitterName);
|
||||||
res.redirect('/');
|
res.redirect('/');
|
||||||
}
|
}
|
||||||
} catch(err) {
|
} catch(err) {
|
||||||
|
|
Reference in New Issue