203 lines
6.6 KiB
JavaScript
203 lines
6.6 KiB
JavaScript
var express = require('express');
|
|
var router = express.Router();
|
|
|
|
var genders = require('../database/scores/genders');
|
|
var games = require('../database/scores/games');
|
|
var seasons = require('../database/scores/seasons');
|
|
var sports = require('../database/scores/sports');
|
|
var divisions = require('../database/scores/divisions');
|
|
var genders = require('../database/scores/genders');
|
|
var teams = require('../database/scores/teams');
|
|
var accounts = require('../database/accounts/accounts');
|
|
|
|
var checkLoginStatus = require('./checkLoginStatus');
|
|
|
|
|
|
router.get('/' ,checkLoginStatus.user, function(req, res, next) {
|
|
if(req.user[2]) res.render('manage', { title: 'Score Management', userLoggedIn: !!req.user });
|
|
else res.render('manage/manage-nonadmin', { title: "My Games", userLoggedIn: !!req.user });
|
|
});
|
|
|
|
router.get('/game', checkLoginStatus.user, function(req, res, next) {
|
|
let title = req.query.game ? 'Edit Game' : 'Submit Score'
|
|
|
|
res.render('manage/addgame', { title, userLoggedIn: !!req.user, message: req.flash('error') });
|
|
});
|
|
|
|
router.post('/game', checkLoginStatus.user, async function(req, res, next) {
|
|
try {
|
|
const seasonID = req.body['year'];
|
|
const sportID = req.body['sport'];
|
|
const gender = (req.body['gender'] == "female") ? genders.FEMALE : genders.MALE;
|
|
const divisionID = req.body['division'];
|
|
const date = req.body['date'];
|
|
const team1ID = req.body['team1'];
|
|
const team1Score = req.body['team1-score'];
|
|
const team2ID = req.body['team2'];
|
|
const team2Score = req.body['team2-score'];
|
|
const userID = req.user[0];
|
|
|
|
const id = req.body['game'];
|
|
const remove = req.body['remove'];
|
|
|
|
const loggedInUserID = req.user[0];
|
|
const loggedInUserIsAdmin = req.user[2];
|
|
|
|
const game = id ? await games.getFromID(id) : null;
|
|
|
|
if(!loggedInUserIsAdmin && game && loggedInUserID != game.submitterID) {
|
|
res.status(403).send("ACCESS DENIED");
|
|
}
|
|
else if(remove) {
|
|
await games.remove(id);
|
|
res.redirect("/manage");
|
|
}
|
|
else if(id) {
|
|
await games.edit(id, divisionID, seasonID, date, team1ID, team2ID, team1Score, team2Score);
|
|
res.redirect('/manage');
|
|
}
|
|
else {
|
|
await games.add(divisionID, seasonID, date, team1ID, team2ID, team1Score, team2Score, userID);
|
|
res.redirect('/');
|
|
}
|
|
} catch(err) {
|
|
console.error("ERROR: " + err.message);
|
|
req.flash("error", "An error has occurred.");
|
|
res.redirect('/manage/game');
|
|
}
|
|
});
|
|
|
|
router.get('/season', checkLoginStatus.admin, function(req, res, next) {
|
|
res.render('manage/addseason', { title: 'Add Season', currentYear : (new Date()).getFullYear(), userLoggedIn: !!req.user, message: req.flash('error') });
|
|
});
|
|
|
|
router.post('/season', checkLoginStatus.admin, async function(req, res, next) {
|
|
try {
|
|
const year = req.body['year'];
|
|
|
|
const seasonID = req.body['season'];
|
|
const remove = req.body['remove'];
|
|
|
|
if(remove) await seasons.remove(seasonID);
|
|
else await seasons.add(year);
|
|
|
|
res.redirect('/manage');
|
|
} catch(err) {
|
|
console.error("ERROR: " + err.message);
|
|
req.flash("error", "An error has occurred.");
|
|
res.redirect('/manage/season');
|
|
}
|
|
});
|
|
|
|
router.get('/sport', checkLoginStatus.admin, function(req, res, next) {
|
|
res.render('manage/addsport', { title: 'Add Sport', userLoggedIn: !!req.user });
|
|
});
|
|
|
|
router.post('/sport', checkLoginStatus.admin, function(req, res, next) {
|
|
const name = req.body['name'];
|
|
const id = req.body['sport'];
|
|
const remove = req.body['remove'];
|
|
|
|
if(remove) sports.remove(id).then(res.redirect('/manage'));
|
|
else if(id) sports.rename(id, name).then(res.redirect('/manage'));
|
|
else sports.add(name).then(res.redirect('/manage'));
|
|
});
|
|
|
|
router.get('/division', checkLoginStatus.admin, function(req, res, next) {
|
|
let title = req.query.division ? 'Edit Division' : 'Add Division'
|
|
|
|
res.render('manage/adddivision', { title, userLoggedIn: !!req.user });
|
|
});
|
|
|
|
router.post('/division', checkLoginStatus.admin, function(req, res, next) {
|
|
const name = req.body['name'];
|
|
const sport = req.body['sport'];
|
|
const genderName = req.body['gender'];
|
|
|
|
const id = req.body['division'];
|
|
const remove = req.body['remove'];
|
|
|
|
|
|
if(remove) divisions.remove(id).then(res.redirect('/manage'));
|
|
else if(id) divisions.rename(id, name).then(res.redirect('/manage'));
|
|
else {
|
|
if(genderName == "both") {
|
|
divisions.add(name, genders.FEMALE, sport)
|
|
.then(divisions.add(name, genders.MALE, sport)
|
|
.then(res.redirect("/manage")));
|
|
}
|
|
else {
|
|
const gender = (genderName == "female") ? genders.FEMALE : genders.MALE;
|
|
divisions.add(name, gender, sport)
|
|
.then(res.redirect("/manage"));
|
|
}
|
|
}
|
|
});
|
|
|
|
router.get('/team', checkLoginStatus.admin, function(req, res, next) {
|
|
let title = req.query.team ? 'Edit Team' : 'Add Team'
|
|
|
|
res.render('manage/addteam', { title, userLoggedIn: !!req.user });
|
|
});
|
|
|
|
router.post('/team', checkLoginStatus.admin, function(req, res, next) {
|
|
const name = req.body['name'];
|
|
const sport = req.body['sport'];
|
|
|
|
const id = req.body['team'];
|
|
const remove = req.body['remove'];
|
|
|
|
if(remove) teams.remove(id).then(res.redirect('/manage'));
|
|
else if(id) teams.rename(id, name).then(res.redirect('/manage'));
|
|
else teams.add(name, sport).then(res.redirect("/manage"));
|
|
});
|
|
|
|
router.get('/account', checkLoginStatus.user, (req, res, next) => {
|
|
const userIsAdmin = req.user[2];
|
|
const accountID = req.user[0];
|
|
|
|
if(userIsAdmin) {
|
|
let title = req.query.account ? 'Manage User' : 'Create User'
|
|
|
|
res.render('accounts/createuser', { title, userLoggedIn: !!req.user, message: req.flash('error') });
|
|
}
|
|
else {
|
|
let title = 'Manage Account';
|
|
|
|
res.render('accounts/createuser', { title, accountID, userLoggedIn: !!req.user, message: req.flash('error') });
|
|
}
|
|
});
|
|
|
|
router.post('/account', checkLoginStatus.user, async function(req, res, next) {
|
|
const email = req.body.email;
|
|
const password = req.body.password;
|
|
|
|
const accountID = req.body.account;
|
|
const remove = req.body.remove;
|
|
|
|
const loggedInAccountIsAdmin = req.user[2];
|
|
const loggedInAccountID = req.user[0];
|
|
|
|
if(!loggedInAccountIsAdmin && accountID != loggedInAccountID) {
|
|
res.status(403).send("ACCESS DENIED");
|
|
}
|
|
else {
|
|
try {
|
|
const isAdmin = loggedInAccountIsAdmin ? !!req.body.admin : false;
|
|
|
|
if(remove) await accounts.remove(accountID);
|
|
else if(accountID) await accounts.edit(accountID, email, password, isAdmin);
|
|
else await accounts.create(req.body.email, req.body.password, !!req.body.admin);
|
|
|
|
res.redirect('/manage');
|
|
}
|
|
catch (err) {
|
|
console.error("ERROR: " + err.message);
|
|
req.flash("error", "An error has occurred.");
|
|
res.redirect('/manage/account');
|
|
}
|
|
}
|
|
});
|
|
|
|
module.exports = router;
|