diff --git a/src/modules/api/api.ts b/src/modules/api/api.ts index 30cbe28..62fac4c 100644 --- a/src/modules/api/api.ts +++ b/src/modules/api/api.ts @@ -704,44 +704,6 @@ function GetApp(): ModuleType { logger.Log('New feedback file', logger.GetColor('bluebg')) }) - app.post('/rmPost', (req: Request, res) => { - logger.LogReq(req) - const user: User = req.session.user - const news: any = utils.ReadJSON(newsFile) - const { newsKey } = req.body - - if (news[newsKey].user === user.id) { - delete news[newsKey] - } else { - res.json({ status: 'fail', msg: 'u cant delete other users posts!' }) - return - } - - utils.WriteFile(JSON.stringify(news, null, 2), newsFile) - res.json({ status: 'ok', news: news }) - }) - - app.post('/addPost', (req: Request, res) => { - logger.LogReq(req) - const user: User = req.session.user - const news: any = utils.ReadJSON(newsFile) - const admins: any = utils.FileExists(adminUsersFile) - ? utils.ReadJSON(adminUsersFile) - : [] - const { title, content } = req.body - - news[uuidv4()] = { - date: utils.GetDateString(), - user: user.id, - title: title, - content: content, - admin: admins.includes(user.id), - } - - utils.WriteFile(JSON.stringify(news, null, 2), newsFile) - res.json({ status: 'ok', news: news }) - }) - app.post('/postfeedback', function(req: Request, res: any) { logger.LogReq(req) if (req.body.fromLogin) { @@ -1350,28 +1312,6 @@ function GetApp(): ModuleType { res.json({ msg: 'done' }) }) - function addComment(obj, path, comment) { - if (path.length === 0) { - obj.push(comment) - } else { - const i = path.pop() - if (!obj[i].subComments) { - obj[i].subComments = [] - } - addComment(obj[i].subComments, path, comment) - } - } - - function deleteComment(obj, path) { - if (path.length === 1) { - // TODO: check if its actually deleteable by user (deleting other users comments) - obj.splice(path[0], 1) - } else { - const i = path.pop() - deleteComment(obj[i].subComments, path) - } - } - function addReaction(obj, path, { reaction, isDelete, uid }) { if (path.length === 1) { const index = path[0] @@ -1458,6 +1398,37 @@ function GetApp(): ModuleType { res.json({ status: 'ok', news: news }) }) + function addComment(obj, path, comment) { + if (path.length === 0) { + obj.push(comment) + } else { + const i = path.pop() + if (!obj[i].subComments) { + obj[i].subComments = [] + } + addComment(obj[i].subComments, path, comment) + } + } + + function deleteComment( + obj: any, + path: Array, + userid: number + ): boolean { + if (path.length === 1) { + if (obj[path[0]].user === userid) { + obj.splice(path[0], 1) + return true + } else { + return false + } + } else { + const i = path.pop() + deleteComment(obj[i].subComments, path, userid) + return true + } + } + app.post('/comment', (req: Request, res) => { logger.LogReq(req) @@ -1486,10 +1457,19 @@ function GetApp(): ModuleType { addComment(news[newsKey].comments, path, comment) } else if (type === 'delete') { if (news[newsKey].comments) { - deleteComment(news[newsKey].comments, path) + const success = deleteComment(news[newsKey].comments, path, user.id) + if (!success) { + res.json({ + status: 'fail', + msg: 'you cant delete other users comments', + news: news, + }) + return + } } } else { - res.json({ status: 'fail', msg: 'no such type' }) + res.json({ status: 'fail', msg: 'no such type', news: news }) + return } utils.WriteFile(JSON.stringify(news, null, 2), newsFile) res.json({ status: 'ok', news: news }) @@ -1553,6 +1533,48 @@ function GetApp(): ModuleType { res.json({ msg: 'done' }) }) + app.post('/rmPost', (req: Request, res) => { + logger.LogReq(req) + const user: User = req.session.user + const news: any = utils.ReadJSON(newsFile) + const { newsKey } = req.body + + if (news[newsKey].user === user.id) { + delete news[newsKey] + } else { + res.json({ + status: 'fail', + msg: 'u cant delete other users posts!', + news: news, + }) + return + } + + utils.WriteFile(JSON.stringify(news, null, 2), newsFile) + res.json({ status: 'ok', news: news }) + }) + + app.post('/addPost', (req: Request, res) => { + logger.LogReq(req) + const user: User = req.session.user + const news: any = utils.ReadJSON(newsFile) + const admins: any = utils.FileExists(adminUsersFile) + ? utils.ReadJSON(adminUsersFile) + : [] + const { title, content } = req.body + + news[uuidv4()] = { + date: utils.GetDateString(), + user: user.id, + title: title, + content: content, + admin: admins.includes(user.id), + } + + utils.WriteFile(JSON.stringify(news, null, 2), newsFile) + res.json({ status: 'ok', news: news }) + }) + app.get('/possibleAnswers', (req: Request, res: any) => { logger.LogReq(req) const files = utils.ReadDir(savedQuestionsDir)