From cd47dcffab05a91036ab4547bc2a99c58c890ff0 Mon Sep 17 00:00:00 2001 From: Miodec Date: Tue, 1 Feb 2022 18:30:46 +0100 Subject: [PATCH] using asynchandlerwrapper removed try catches added conffiguration check instead of commenting code out --- backend/api/controllers/new-quotes.js | 87 +++++++--------- backend/api/controllers/quote-ratings.js | 126 +++++++++++------------ backend/api/routes/quotes.js | 12 +-- 3 files changed, 101 insertions(+), 124 deletions(-) diff --git a/backend/api/controllers/new-quotes.js b/backend/api/controllers/new-quotes.js index 1c518ee32..da9568967 100644 --- a/backend/api/controllers/new-quotes.js +++ b/backend/api/controllers/new-quotes.js @@ -2,72 +2,57 @@ const NewQuotesDAO = require("../../dao/new-quotes"); const MonkeyError = require("../../handlers/error"); const UserDAO = require("../../dao/user"); const Logger = require("../../handlers/logger.js"); -// const Captcha = require("../../handlers/captcha"); +const Captcha = require("../../handlers/captcha"); class NewQuotesController { - static async getQuotes(req, res, next) { - try { - const { uid } = req.decodedToken; - const userInfo = await UserDAO.getUser(uid); - if (!userInfo.quoteMod) { - throw new MonkeyError(403, "You don't have permission to do this"); - } - let data = await NewQuotesDAO.get(); - return res.status(200).json(data); - } catch (e) { - return next(e); + static async getQuotes(req, res) { + const { uid } = req.decodedToken; + const userInfo = await UserDAO.getUser(uid); + if (!userInfo.quoteMod) { + throw new MonkeyError(403, "You don't have permission to do this"); } + let data = await NewQuotesDAO.get(); + return res.status(200).json(data); } - static async addQuote(req, res, next) { - try { + static async addQuote(req, res) { + if (req.context.configuration.quoteSubmit.enabled === false) throw new MonkeyError( 500, "Quote submission is disabled temporarily. The queue is quite long and we need some time to catch up." ); - // let { uid } = req.decodedToken; - // let { text, source, language, captcha } = req.body; - // if (!text || !source || !language) { - // throw new MonkeyError(400, "Please fill all the fields"); - // } - // if (!(await Captcha.verify(captcha))) { - // throw new MonkeyError(400, "Captcha check failed"); - // } - // let data = await NewQuotesDAO.add(text, source, language, uid); - // return res.status(200).json(data); - } catch (e) { - return next(e); + let { uid } = req.decodedToken; + let { text, source, language, captcha } = req.body; + if (!text || !source || !language) { + throw new MonkeyError(400, "Please fill all the fields"); } + if (!(await Captcha.verify(captcha))) { + throw new MonkeyError(400, "Captcha check failed"); + } + let data = await NewQuotesDAO.add(text, source, language, uid); + return res.status(200).json(data); } - static async approve(req, res, next) { - try { - let { uid } = req.decodedToken; - let { quoteId, editText, editSource } = req.body; - const userInfo = await UserDAO.getUser(uid); - if (!userInfo.quoteMod) { - throw new MonkeyError(403, "You don't have permission to do this"); - } - if (editText === "" || editSource === "") { - throw new MonkeyError(400, "Please fill all the fields"); - } - let data = await NewQuotesDAO.approve(quoteId, editText, editSource); - Logger.log("system_quote_approved", data, uid); - return res.status(200).json(data); - } catch (e) { - return next(e); + static async approve(req, res) { + let { uid } = req.decodedToken; + let { quoteId, editText, editSource } = req.body; + const userInfo = await UserDAO.getUser(uid); + if (!userInfo.quoteMod) { + throw new MonkeyError(403, "You don't have permission to do this"); } + if (editText === "" || editSource === "") { + throw new MonkeyError(400, "Please fill all the fields"); + } + let data = await NewQuotesDAO.approve(quoteId, editText, editSource); + Logger.log("system_quote_approved", data, uid); + return res.status(200).json(data); } - static async refuse(req, res, next) { - try { - let { uid } = req.decodedToken; - let { quoteId } = req.body; - await NewQuotesDAO.refuse(quoteId, uid); - return res.sendStatus(200); - } catch (e) { - return next(e); - } + static async refuse(req, res) { + let { uid } = req.decodedToken; + let { quoteId } = req.body; + await NewQuotesDAO.refuse(quoteId, uid); + return res.sendStatus(200); } } diff --git a/backend/api/controllers/quote-ratings.js b/backend/api/controllers/quote-ratings.js index bd1bf9e40..ad40fb51d 100644 --- a/backend/api/controllers/quote-ratings.js +++ b/backend/api/controllers/quote-ratings.js @@ -3,75 +3,67 @@ const UserDAO = require("../../dao/user"); const MonkeyError = require("../../handlers/error"); class QuoteRatingsController { - static async getRating(req, res, next) { - try { - const { quoteId, language } = req.query; - let data = await QuoteRatingsDAO.get(parseInt(quoteId), language); - return res.status(200).json(data); - } catch (e) { - return next(e); - } + static async getRating(req, res) { + const { quoteId, language } = req.query; + let data = await QuoteRatingsDAO.get(parseInt(quoteId), language); + return res.status(200).json(data); } - static async submitRating(req, res, next) { - try { - let { uid } = req.decodedToken; - let { quoteId, rating, language } = req.body; - quoteId = parseInt(quoteId); - rating = parseInt(rating); - if (isNaN(quoteId) || isNaN(rating)) { - throw new MonkeyError( - 400, - "Bad request. Quote id or rating is not a number." - ); - } - if (typeof language !== "string") { - throw new MonkeyError(400, "Bad request. Language is not a string."); - } - - if (rating < 1 || rating > 5) { - throw new MonkeyError( - 400, - "Bad request. Rating must be between 1 and 5." - ); - } - - rating = Math.round(rating); - - //check if user already submitted a rating - let user = await UserDAO.getUser(uid); - - if (!user) { - throw new MonkeyError(401, "User not found."); - } - let quoteRatings = user.quoteRatings; - - if (quoteRatings === undefined) quoteRatings = {}; - if (quoteRatings[language] === undefined) quoteRatings[language] = {}; - if (quoteRatings[language][quoteId] == undefined) - quoteRatings[language][quoteId] = undefined; - - let quoteRating = quoteRatings[language][quoteId]; - - let newRating; - let update; - if (quoteRating) { - //user already voted for this - newRating = rating - quoteRating; - update = true; - } else { - //user has not voted for this - newRating = rating; - update = false; - } - - await QuoteRatingsDAO.submit(quoteId, language, newRating, update); - quoteRatings[language][quoteId] = rating; - await UserDAO.updateQuoteRatings(uid, quoteRatings); - - return res.sendStatus(200); - } catch (e) { - return next(e); + static async submitRating(req, res) { + let { uid } = req.decodedToken; + let { quoteId, rating, language } = req.body; + quoteId = parseInt(quoteId); + rating = parseInt(rating); + if (isNaN(quoteId) || isNaN(rating)) { + throw new MonkeyError( + 400, + "Bad request. Quote id or rating is not a number." + ); } + if (typeof language !== "string") { + throw new MonkeyError(400, "Bad request. Language is not a string."); + } + + if (rating < 1 || rating > 5) { + throw new MonkeyError( + 400, + "Bad request. Rating must be between 1 and 5." + ); + } + + rating = Math.round(rating); + + //check if user already submitted a rating + let user = await UserDAO.getUser(uid); + + if (!user) { + throw new MonkeyError(401, "User not found."); + } + let quoteRatings = user.quoteRatings; + + if (quoteRatings === undefined) quoteRatings = {}; + if (quoteRatings[language] === undefined) quoteRatings[language] = {}; + if (quoteRatings[language][quoteId] == undefined) + quoteRatings[language][quoteId] = undefined; + + let quoteRating = quoteRatings[language][quoteId]; + + let newRating; + let update; + if (quoteRating) { + //user already voted for this + newRating = rating - quoteRating; + update = true; + } else { + //user has not voted for this + newRating = rating; + update = false; + } + + await QuoteRatingsDAO.submit(quoteId, language, newRating, update); + quoteRatings[language][quoteId] = rating; + await UserDAO.updateQuoteRatings(uid, quoteRatings); + + return res.sendStatus(200); } } diff --git a/backend/api/routes/quotes.js b/backend/api/routes/quotes.js index 9180f7168..2aa28e794 100644 --- a/backend/api/routes/quotes.js +++ b/backend/api/routes/quotes.js @@ -17,42 +17,42 @@ quotesRouter.get( "/", RateLimit.newQuotesGet, authenticateRequest, - NewQuotesController.getQuotes + asyncHandlerWrapper(NewQuotesController.getQuotes) ); quotesRouter.post( "/", RateLimit.newQuotesAdd, authenticateRequest, - NewQuotesController.addQuote + asyncHandlerWrapper(NewQuotesController.addQuote) ); quotesRouter.post( "/approve", RateLimit.newQuotesAction, authenticateRequest, - NewQuotesController.approve + asyncHandlerWrapper(NewQuotesController.approve) ); quotesRouter.post( "/reject", RateLimit.newQuotesAction, authenticateRequest, - NewQuotesController.refuse + asyncHandlerWrapper(NewQuotesController.refuse) ); quotesRouter.get( "/rating", RateLimit.quoteRatingsGet, authenticateRequest, - QuoteRatingsController.getRating + asyncHandlerWrapper(QuoteRatingsController.getRating) ); quotesRouter.post( "/rating", RateLimit.quoteRatingsSubmit, authenticateRequest, - QuoteRatingsController.submitRating + asyncHandlerWrapper(QuoteRatingsController.submitRating) ); quotesRouter.post(