From 6414e64ca53429f2aff596aba982c8b9bfbc92f6 Mon Sep 17 00:00:00 2001 From: WubzyGD Date: Sat, 8 Jul 2023 02:27:35 -0400 Subject: [PATCH] start string listing --- api/ani/v1/routes/series/edits.js | 36 +++++++++++++++++-------------- api/util/editstring.js | 6 +++--- api/util/list.js | 1 + 3 files changed, 24 insertions(+), 19 deletions(-) diff --git a/api/ani/v1/routes/series/edits.js b/api/ani/v1/routes/series/edits.js index 649cc33..8f27201 100644 --- a/api/ani/v1/routes/series/edits.js +++ b/api/ani/v1/routes/series/edits.js @@ -1,5 +1,6 @@ module.exports = (app, router) => { const Anime = app.db.models.ani.series; + //TODO solution for all endpoints to resolve by numerical ID const editCheck = (series, req, res) => { if (!series) {res.status(400).send("A series with that ID doesn't exist!"); return 0;} @@ -19,7 +20,7 @@ module.exports = (app, router) => { series.markModified('meta.edits'); }; - const edits = app.util.editString('/:id', pushEdit, editCheck, router, Anime); + const edits = app.util.editString('/:id', pushEdit, editCheck, router, Anime, 'series-approve'); router.route('/:id/synopsis') //completed i think? .patch(app.auth.token, app.auth.perms('series-submit'), async (req, res, next) => { @@ -46,38 +47,41 @@ module.exports = (app, router) => { return res.send({synopsis: series.synopsis.synopsis, by: series.synopsis.by}); }); - [ + [ //?SINGLE STRING FIELDS ['name', x => x.match(/^[\w\-!?.:; ]+$/gm) && x.length < 150], ['romaji', x => x.length < 150], ['kanji', x => x.length < 150], - ['official-site', x => x.length] + ['official-site', x => x.length < 150] ].forEach(field => edits.stringWrap(...field)); - const editStringList = async (name, match) => { + const editStringList = async (name, bodyName, match) => { + const camelName = app.util.bodyCase(name); router.use(`/:id/${name}`, app.auth.tokenPass, app.auth.permsPass('series-approve'), async (req, res, next) => { - if (!req.params.id) {return res.status(400).send("Missing ID!");} + if (!req.params.id) {return await res.status(400).send("Missing ID!");} const series = await Anime.findOne({id: req.params.id.toLowerCase()}); if (!editCheck(series, req, res)) {return;} req.series = series; - req.listData = req.user.permissions; + req.listData = series[camelName]; next(); - }, app.util.list(router, `/:id/${name}`, true, name, async (req, res, permissions, permission) => { - if (permission && (!permission.match(/^[\w-]+$/gm) || permission.length > 15)) {res.status(400).send("The permission you provided is invalid."); return 0;} - if (permission) {permissions[permissions.length - 1] = permission.toLowerCase();} - req.user.permissions = permissions; - req.user.markModified('permissions'); - await req.user.save(); + }, app.util.list(router, `/:id/${name}`, true, bodyName, async (req, res, list, item) => { + if (item && !match(item)) {res.status(400).send(`The ${camelName} you provided is invalid.`); return 0;} + if (item) {list[list.length - 1] = item;} + req.series[camelName] = list; + req.series.markModified(camelName); + await req.series.save(); }, (req, res, next) => { if (!req.authenticatedUser) {return res.status(401).send("You must be authenticated before you do that!");} - if (req.unauthorized) {return res.status(401).send("You are not authorized to edit users!");} + if (req.unauthorized) {return res.status(401).send("You are not authorized to edit that!");} return next(); })); }; - [ - ['tags', x => x.match()] - ] + [ //?STRING LIST FIELDS + ['tags', 'tag', x => x.match(/^[a-z-]+$/) && x.length < 25], //TODO set list length limits + ['genres', 'genre', x => x.match(/^[a-zA-Z- ]+$/) && x.length < 25], + ['stream-at', 'location', x => x.match(/^[\w- ]+$/) && x.length < 40] //TODO doc cheeky field + ].forEach(x => editStringList(...x)); diff --git a/api/util/editstring.js b/api/util/editstring.js index 9cdf534..53bf6d1 100644 --- a/api/util/editstring.js +++ b/api/util/editstring.js @@ -1,6 +1,6 @@ module.exports = { masterInit: (app) => { - return (routePrefix, pushEdit, editCheck, router, model) => { + return (routePrefix, pushEdit, editCheck, router, model, permission) => { return { string: async function (req, res, name, match) { if (!req.params.id) {return;} @@ -18,9 +18,9 @@ module.exports = { } catch {return res.status(500).send(`There was an error trying to update your ${camelName}. Please try again.`);} }, - stringWrap: function (name, match) { + stringWrap: function (name, match, forcePermission) { const route = router.route(`${routePrefix}/${name}`); - route.patch(app.auth.token, app.auth.permsPass('series-approve'), async (req, res) => { + route.patch(app.auth.token, app.auth.permsPass(forcePermission || permission), async (req, res) => { await this.string(req, res, name, match).catch(() => res.status(500).send(`There was an error trying to update your ${name}. Please try again.`)); }); return route diff --git a/api/util/list.js b/api/util/list.js index 15cb193..07c12d1 100644 --- a/api/util/list.js +++ b/api/util/list.js @@ -12,6 +12,7 @@ module.exports = (parentRouter, path, modifiable, bodyName, save, authHandler) = const camelBodyName = require('./bodycase')(bodyName); const add = async (req, res) => { if (!req.body[bodyName]) {return await res.status(400).send(`Missing body param "${camelBodyName}".`);} + if (typeof req.body[bodyName] !== 'string') {return await res.status(400).send('You did not provide a string!');} req.listData.push(req.body[camelBodyName]); return await save(req, res, req.listData, req.body[camelBodyName]) || await res.json(req.listData); }