Allow games to be submitted without login

main
sudoer777 2021-12-07 10:42:36 -07:00
parent 7a25037cb4
commit c882c4f402
2 changed files with 41 additions and 14 deletions

View File

@ -5,7 +5,7 @@ const database = require('./../database');
class Game {
constructor(id, date, team1ID, team2ID, team1Score, team2Score, divisionID, seasonID, submitterID) {
constructor(id, date, team1ID, team2ID, team1Score, team2Score, divisionID, seasonID, submitterID, submitterName) {
this.id = id;
this.date = date;
this.team1ID = team1ID;
@ -15,17 +15,26 @@ class Game {
this.divisionID = divisionID;
this.seasonID = seasonID;
this.submitterID = submitterID;
this.submitterName = submitterName;
}
}
async function add(divisionID, seasonID, date, team1ID, team2ID, team1Score, team2Score, userID) {
async function add(divisionID, seasonID, date, team1ID, team2ID, team1Score, team2Score, submitterID, submitterName = undefined) {
let id;
if(submitterName) {
const query = `INSERT INTO scores.games(division_id, season_id, game_date, team1_id, team2_id, team1_score, team2_score, submitter_name)
VALUES($1, $2, $3, $4, $5, $6, $7, $8)
RETURNING game_id;`;
id = (await database.executeQuery(query, [divisionID, seasonID, date, team1ID, team2ID, team1Score, team2Score, submitterName]))[0][0];
} else {
const query = `INSERT INTO scores.games(division_id, season_id, game_date, team1_id, team2_id, team1_score, team2_score, submitter_id)
VALUES($1, $2, $3, $4, $5, $6, $7, $8)
RETURNING game_id;`;
id = (await database.executeQuery(query, [divisionID, seasonID, date, team1ID, team2ID, team1Score, team2Score, submitterID]))[0][0];
}
const id = (await database.executeQuery(query, [divisionID, seasonID, date, team1ID, team2ID, team1Score, team2Score, userID]))[0][0];
return new Game(id, date, team1ID, team2ID, team1Score, team2Score);
}

View File

@ -29,7 +29,7 @@ router.get('/game', function(req, res, next) {
}
else {
res.redirect('/auth/login');
};
}
} else {
next();
}
@ -40,7 +40,19 @@ router.get('/game', function(req, res, next) {
res.render('manage/addgame', { title, userLoggedIn: !!req.user, message: req.flash('error') });
});
router.post('/game', checkLoginStatus.user, async function(req, res, next) {
router.post('/game', function(req, res, next) {
if(!(process.env.PUBLIC_SUBMIT_PAGE && process.env.PUBLIC_SUBMIT_PAGE.toLowerCase() == 'true')) {
if (req.user) {
next();
}
else {
res.redirect('/auth/login');
}
} else {
next();
}
},
async function(req, res, next) {
const id = req.body['game'];
const remove = req.body['remove'];
@ -54,14 +66,20 @@ router.post('/game', checkLoginStatus.user, async function(req, res, next) {
const team1Score = req.body['team1-score'];
const team2ID = req.body['team2'];
const team2Score = req.body['team2-score'];
const userID = req.user[0];
const submitterName = req.body['name'];
const loggedInUserID = req.user[0];
const loggedInUserIsAdmin = req.user[2];
let submitterID;
let loggedInUserID;
let loggedInUserIsAdmin;
if(req.user) {
submitterID = req.user[0];
loggedInUserID = req.user[0];
loggedInUserIsAdmin = req.user[2];
}
const game = id ? await games.getFromID(id) : null;
if(!loggedInUserIsAdmin && game && loggedInUserID != game.submitterID) {
if((!loggedInUserIsAdmin && game && loggedInUserID != game.submitterID) || (!req.user && game)) {
res.status(403).send("ACCESS DENIED");
}
else if(remove) {
@ -73,7 +91,7 @@ router.post('/game', checkLoginStatus.user, async function(req, res, next) {
res.redirect('/manage#games');
}
else {
await games.add(divisionID, seasonID, date, team1ID, team2ID, team1Score, team2Score, userID);
await games.add(divisionID, seasonID, date, team1ID, team2ID, team1Score, team2Score, submitterID, submitterName);
res.redirect('/');
}
} catch(err) {