This repository has been archived on 2024-04-05. You can view files and clone it, but cannot push or open issues/pull-requests.
score-tracker/routes/manage.js

225 lines
7.4 KiB
JavaScript

var express = require('express');
var router = express.Router();
var genders = require('../database/scores/genders');
var games = require('../database/scores/games');
var seasons = require('../database/scores/seasons');
var sports = require('../database/scores/sports');
var divisions = require('../database/scores/divisions');
var genders = require('../database/scores/genders');
var teams = require('../database/scores/teams');
var accounts = require('../database/accounts/accounts');
var checkLoginStatus = require('./checkLoginStatus');
router.get('/' ,checkLoginStatus.user, function(req, res, next) {
if(req.user[2]) res.render('manage', { title: 'Management Panel', userLoggedIn: !!req.user });
else res.render('manage/manage-nonadmin', { title: "My Games", userLoggedIn: !!req.user });
});
router.get('/game', checkLoginStatus.user, function(req, res, next) {
let title = req.query.game ? 'Edit Game' : 'Submit Score'
res.render('manage/addgame', { title, userLoggedIn: !!req.user, message: req.flash('error') });
});
router.post('/game', checkLoginStatus.user, async function(req, res, next) {
const id = req.body['game'];
const remove = req.body['remove'];
try {
const seasonID = req.body['year'];
const sportID = req.body['sport'];
const gender = (req.body['gender'] == "female") ? genders.FEMALE : genders.MALE;
const divisionID = req.body['division'];
const date = req.body['date'];
const team1ID = req.body['team1'];
const team1Score = req.body['team1-score'];
const team2ID = req.body['team2'];
const team2Score = req.body['team2-score'];
const userID = req.user[0];
const loggedInUserID = req.user[0];
const loggedInUserIsAdmin = req.user[2];
const game = id ? await games.getFromID(id) : null;
if(!loggedInUserIsAdmin && game && loggedInUserID != game.submitterID) {
res.status(403).send("ACCESS DENIED");
}
else if(remove) {
await games.remove(id);
res.redirect("/manage");
}
else if(id) {
await games.edit(id, divisionID, seasonID, date, team1ID, team2ID, team1Score, team2Score);
res.redirect('/manage');
}
else {
await games.add(divisionID, seasonID, date, team1ID, team2ID, team1Score, team2Score, userID);
res.redirect('/');
}
} catch(err) {
console.error("ERROR: " + err.message);
req.flash("error", "An error has occurred.");
res.redirect('/manage/game' + (id ? `?game=${id}` : ''));
}
});
router.get('/season', checkLoginStatus.admin, function(req, res, next) {
res.render('manage/addseason', { title: 'Add Season', currentYear : (new Date()).getFullYear(), userLoggedIn: !!req.user, message: req.flash('error') });
});
router.post('/season', checkLoginStatus.admin, async function(req, res, next) {
const seasonID = req.body['season'];
const remove = req.body['remove'];
try {
const year = req.body['year'];
if(remove) await seasons.remove(seasonID);
else await seasons.add(year);
res.redirect('/manage');
} catch(err) {
console.error("ERROR: " + err.message);
req.flash("error", "An error has occurred.");
res.redirect('/manage/season' + (seasonID ? `?season=${seasonID}` : ''));
}
});
router.get('/sport', checkLoginStatus.admin, function(req, res, next) {
let title = req.query.sport ? 'Edit Sport' : 'Add Sport';
res.render('manage/addsport', { title, userLoggedIn: !!req.user, message: req.flash('error') });
});
router.post('/sport', checkLoginStatus.admin, async function(req, res, next) {
const id = req.body['sport'];
const remove = req.body['remove'];
try {
const name = req.body['name'];
if(remove) await sports.remove(id);
else if(id) await sports.rename(id, name);
else await sports.add(name);
res.redirect('/manage');
} catch(err) {
console.error("ERROR: " + err.message);
req.flash("error", "An error has occurred.");
res.redirect('/manage/sport' + (id ? `?sport=${id}` : ''));
}
});
router.get('/division', checkLoginStatus.admin, function(req, res, next) {
let title = req.query.division ? 'Edit Division' : 'Add Division'
res.render('manage/adddivision', { title, userLoggedIn: !!req.user, message: req.flash('error') });
});
router.post('/division', checkLoginStatus.admin, async function(req, res, next) {
const id = req.body['division'];
const remove = req.body['remove'];
try {
const name = req.body['name'];
const sport = req.body['sport'];
const genderName = req.body['gender'];
if(remove) await divisions.remove(id);
else if(id) await divisions.rename(id, name);
else {
if(genderName == 'both') {
await divisions.add(name, genders.FEMALE, sport);
await divisions.add(name, genders.MALE, sport);
} else {
const gender = (genderName == "female") ? genders.FEMALE : genders.MALE;
await divisions.add(name, gender, sport);
}
}
res.redirect('/manage');
} catch(err) {
console.error("ERROR: " + err.message);
req.flash("error", "An error has occurred.");
res.redirect('/manage/division' + (id ? `?division=${id}` : ''));
}
});
router.get('/team', checkLoginStatus.admin, function(req, res, next) {
let title = req.query.team ? 'Edit Team' : 'Add Team'
res.render('manage/addteam', { title, userLoggedIn: !!req.user, message: req.flash('error') });
});
router.post('/team', checkLoginStatus.admin, async function(req, res, next) {
const id = req.body['team'];
const remove = req.body['remove'];
try {
const name = req.body['name'];
const sport = req.body['sport'];
if(remove) teams.remove(id).then(res.redirect('/manage'));
else if(id) teams.rename(id, name).then(res.redirect('/manage'));
else teams.add(name, sport).then(res.redirect("/manage"));
} catch(err) {
console.error("ERROR: " + err.message);
req.flash("error", "An error has occurred.");
res.redirect('/manage/team' + (id ? `?team=${id}` : ''));
}
});
router.get('/account', checkLoginStatus.user, (req, res, next) => {
const userIsAdmin = req.user[2];
const accountID = req.user[0];
if(userIsAdmin) {
let title = req.query.account ? 'Manage User' : 'Create User'
res.render('accounts/createuser', { title, userLoggedIn: !!req.user, message: req.flash('error') });
}
else {
let title = 'Manage Account';
res.render('accounts/createuser', { title, accountID, userLoggedIn: !!req.user, message: req.flash('error') });
}
});
router.post('/account', checkLoginStatus.user, async function(req, res, next) {
const email = req.body.email;
const password = req.body.password;
const accountID = req.body.account;
const remove = req.body.remove;
const loggedInAccountIsAdmin = req.user[2];
const loggedInAccountID = req.user[0];
if(!loggedInAccountIsAdmin && accountID != loggedInAccountID) {
res.status(403).send("ACCESS DENIED");
}
else {
try {
const isAdmin = loggedInAccountIsAdmin ? !!req.body.admin : false;
if(remove) await accounts.remove(accountID);
else if(accountID) await accounts.edit(accountID, email, password, isAdmin);
else await accounts.create(req.body.email, req.body.password, !!req.body.admin);
res.redirect('/manage');
}
catch (err) {
console.error("ERROR: " + err.message);
req.flash("error", "An error has occurred.");
let URL = '/manage/account';
if(loggedInAccountIsAdmin && accountID) URL += `?account=${accountID}`;
res.redirect(URL);
}
}
});
module.exports = router;