CodeDevMLH/TTurnier
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix regex in route

Browse Source
This commit is contained in:
MLH
2025-04-08 21:30:34 +02:00
parent a0050736ca
commit 409b51e78e
1 changed files with 14 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
src/routes/tournamentRoutes.js
View File

@ -6,27 +6,35 @@ const { authenticateToken, authorizeRole } = require('../middleware/authMiddlewa
const router = express.Router();
// Middleware to validate ID format
const validateIdFormat = (req, res, next) => {
const idParam = req.params.id;
if (!/^[0-9a-fA-F\-]+$/.test(idParam)) {
return res.status(400).json({ message: 'Invalid ID format' });
}
next();
};
// --- Publicly Accessible GET Routes ---
// GET /api/tournaments - Get all tournaments
router.get('/', tournamentController.getAllTournaments);
// GET /api/tournaments/:id - Get a specific tournament
// Needs to be before routes with more specific parameters like /export or /:id/players
router.get('/:id([0-9a-fA-F\\-]+)', tournamentController.getTournamentById); // Regex to ensure it's a UUID-like ID
router.get('/:id', validateIdFormat, tournamentController.getTournamentById);
// GET /api/tournaments/:id/players - Get players for a specific tournament
router.get('/:tournamentId/players', tournamentController.getTournamentPlayers);
// --- Admin only routes (require authentication and 'admin' role) ---
// POST /api/tournaments - Create a new tournament
router.post('/', authenticateToken, authorizeRole('admin'), tournamentController.createTournament);
// PUT /api/tournaments/:id - Update a tournament
router.put('/:id([0-9a-fA-F\\-]+)', authenticateToken, authorizeRole('admin'), tournamentController.updateTournament);
router.put('/:id', validateIdFormat, authenticateToken, authorizeRole('admin'), tournamentController.updateTournament);
// DELETE /api/tournaments/:id - Delete a tournament
router.delete('/:id([0-9a-fA-F\\-]+)', authenticateToken, authorizeRole('admin'), tournamentController.deleteTournament);
router.delete('/:id', validateIdFormat, authenticateToken, authorizeRole('admin'), tournamentController.deleteTournament);
// --- NEW: Routes for managing tournament players (Admin only) ---
@ -36,7 +44,6 @@ router.post('/:tournamentId/players', authenticateToken, authorizeRole('admin'),
// DELETE /api/tournaments/:tournamentId/players/:playerId - Remove a player from a tournament
router.delete('/:tournamentId/players/:playerId', authenticateToken, authorizeRole('admin'), tournamentController.removePlayerFromTournament);
// --- Placeholder routes for future implementation (Admin only) ---
// POST /api/tournaments/import - Import tournaments from CSV
@ -47,7 +54,6 @@ router.post('/import', authenticateToken, authorizeRole('admin'), tournamentCont
router.get('/export', authenticateToken, authorizeRole('admin'), tournamentController.exportTournaments);
// POST /api/tournaments/:id/logo - Add/Update logo for a tournament
router.post('/:id([0-9a-fA-F\\-]+)/logo', authenticateToken, authorizeRole('admin'), tournamentController.addLogo);
router.post('/:id/logo', validateIdFormat, authenticateToken, authorizeRole('admin'), tournamentController.addLogo);
module.exports = router;
module.exports = router;