This repository has been archived on 2024-04-05. You can view files and clone it, but cannot push or open issues/pull-requests.
score-tracker/routes/manage.js

195 lines
6.2 KiB
JavaScript

var express = require('express');
var router = express.Router();
var genders = require('../database/scores/genders');
var games = require('../database/scores/games');
var seasons = require('../database/scores/seasons');
var sports = require('../database/scores/sports');
var divisions = require('../database/scores/divisions');
var genders = require('../database/scores/genders');
var teams = require('../database/scores/teams');
var accounts = require('../database/accounts/accounts');
function userLoggedIn(req, res, next) {
if (req.user) {
next();
}
else {
res.redirect('/auth/login');
}
}
function adminLoggedIn(req, res, next) {
if (req.user && req.user[2]) {
next();
}
else {
req.flash('error', 'An admin account is required to access this page.');
res.redirect('/auth/login');
}
}
router.get('/' ,userLoggedIn, function(req, res, next) {
if(req.user[2]) res.render('manage', { title: 'Score Management', userLoggedIn: !!req.user });
else res.render('manage/manage-nonadmin', { title: "My Games", userLoggedIn: !!req.user });
});
router.get('/game', userLoggedIn, function(req, res, next) {
let title = req.query.game ? 'Edit Game' : 'Submit Score'
res.render('manage/addgame', { title, userLoggedIn: !!req.user });
});
router.post('/game', userLoggedIn, function(req, res, next) {
const seasonID = req.body['year'];
const sportID = req.body['sport'];
const gender = (req.body['gender'] == "female") ? genders.FEMALE : genders.MALE;
const divisionID = req.body['division'];
const date = req.body['date'];
const team1ID = req.body['team1'];
const team1Score = req.body['team1-score'];
const team2ID = req.body['team2'];
const team2Score = req.body['team2-score'];
const userID = req.user[0];
const id = req.body['game'];
const remove = req.body['remove'];
const loggedInUserID = req.user[0];
const loggedInUserIsAdmin = req.user[2];
games.getFromID(id)
.then(game => {
if(!loggedInUserIsAdmin && loggedInUserID != game.submitterID) {
res.status(403).send("ACCESS DENIED");
}
else if(remove) games.remove(id)
.then(res.redirect("/manage"));
else if(id) games.edit(id, divisionID, seasonID, date, team1ID, team2ID, team1Score, team2Score)
.then(res.redirect('/manage'));
else games.add(divisionID, seasonID, date, team1ID, team2ID, team1Score, team2Score, userID)
.then(res.redirect("/manage"));
});
});
router.get('/season', adminLoggedIn, function(req, res, next) {
res.render('manage/addseason', { title: 'Add Season', currentYear : (new Date()).getFullYear(), userLoggedIn: !!req.user });
});
router.post('/season', adminLoggedIn, function(req, res, next) {
const year = req.body['year'];
const seasonID = req.body['season'];
const remove = req.body['remove'];
if(remove) seasons.remove(seasonID).then(res.redirect('/manage'));
else seasons.add(year).then(res.redirect("/manage"));
});
router.get('/sport', adminLoggedIn, function(req, res, next) {
res.render('manage/addsport', { title: 'Add Sport', userLoggedIn: !!req.user });
});
router.post('/sport', adminLoggedIn, function(req, res, next) {
const name = req.body['name'];
const id = req.body['sport'];
const remove = req.body['remove'];
if(remove) sports.remove(id).then(res.redirect('/manage'));
else if(id) sports.rename(id, name).then(res.redirect('/manage'));
else sports.add(name).then(res.redirect('/manage'));
});
router.get('/division', adminLoggedIn, function(req, res, next) {
let title = req.query.division ? 'Edit Division' : 'Add Division'
res.render('manage/adddivision', { title, userLoggedIn: !!req.user });
});
router.post('/division', adminLoggedIn, function(req, res, next) {
const name = req.body['name'];
const sport = req.body['sport'];
const genderName = req.body['gender'];
const id = req.body['division'];
const remove = req.body['remove'];
if(remove) divisions.remove(id).then(res.redirect('/manage'));
else if(id) divisions.rename(id, name).then(res.redirect('/manage'));
else {
if(genderName == "both") {
divisions.add(name, genders.FEMALE, sport)
.then(divisions.add(name, genders.MALE, sport)
.then(res.redirect("/manage")));
}
else {
const gender = (genderName == "female") ? genders.FEMALE : genders.MALE;
divisions.add(name, gender, sport)
.then(res.redirect("/manage"));
}
}
});
router.get('/team', adminLoggedIn, function(req, res, next) {
let title = req.query.team ? 'Edit Team' : 'Add Team'
res.render('manage/addteam', { title, userLoggedIn: !!req.user });
});
router.post('/team', adminLoggedIn, function(req, res, next) {
const name = req.body['name'];
const sport = req.body['sport'];
const id = req.body['team'];
const remove = req.body['remove'];
if(remove) teams.remove(id).then(res.redirect('/manage'));
else if(id) teams.rename(id, name).then(res.redirect('/manage'));
else teams.add(name, sport).then(res.redirect("/manage"));
});
router.get('/account', userLoggedIn, (req, res, next) => {
const userIsAdmin = req.user[2];
const accountID = req.user[0];
if(userIsAdmin) {
let title = req.query.account ? 'Manage User' : 'Create User'
res.render('accounts/createuser', { title, userLoggedIn: !!req.user });
}
else {
let title = 'Manage Account';
res.render('accounts/createuser', { title, accountID, userLoggedIn: !!req.user });
}
});
router.post('/account', userLoggedIn, (req, res, next) => {
const email = req.body.email;
const password = req.body.password;
const accountID = req.body.account;
const remove = req.body.remove;
const loggedInAccountIsAdmin = req.user[2];
const loggedInAccountID = req.user[0];
console.log(accountID);
console.log(loggedInAccountID);
if(!loggedInAccountIsAdmin && accountID != loggedInAccountID) {
res.status(403).send("ACCESS DENIED");
}
else {
const isAdmin = loggedInAccountIsAdmin ? !!req.body.admin : false;
if(remove) accounts.remove(accountID).then(res.redirect('/manage'));
if(accountID) accounts.edit(accountID, email, password, isAdmin).then(res.redirect('/manage'));
else accounts.create(req.body.email, req.body.password, !!req.body.admin).then(res.redirect('/manage'));
}
});
module.exports = router;