akf-forum/src/routes/users.js

50 lines
1.8 KiB
JavaScript
Raw Normal View History

2022-04-06 21:14:46 +03:00
const { Router } = require("express");
const app = Router();
const { UserModel, MessageModel, ThreadModel } = require("../models");
2022-03-21 23:53:22 +03:00
app.get("/", async (req, res) => {
const page = Number(req.query.page) || 0;
const query = req.user?.admin ? {} : { deleted: false };
let users = await UserModel.find(query).limit(10).skip(page * 10);
return res.reply("users", { users, page, pages: Math.ceil(await UserModel.count(query) / 10) });
2022-03-21 23:53:22 +03:00
});
2022-04-03 21:01:55 +03:00
2022-09-09 16:29:36 +03:00
app.get("/:id/avatar", async (req, res) => {
if (!req.user || (!req.user.admin && req.params.id !== req.user.id)) return res.error(403, "You have not got permission for this.");
const member = await UserModel.get(req.params.id);
if (member && (req.user?.admin || !member.deleted))
2022-09-09 16:29:36 +03:00
res.reply("avatar_upload", { member })
else
res.error(404, `We don't have any user with id ${req.params.id}.`);
2022-09-09 16:29:36 +03:00
})
2022-04-06 21:14:46 +03:00
app.get("/:id", async (req, res) => {
const user = req.user
2022-08-29 16:16:44 +03:00
const { id } = req.params;
2022-09-17 01:15:44 +03:00
const member = await UserModel.get(id, "+lastSeen +ips");
2022-03-21 23:53:22 +03:00
2022-04-03 21:01:55 +03:00
if (member && (user?.admin || !member.deleted)) {
2022-03-21 23:53:22 +03:00
2022-08-31 16:25:35 +03:00
const message = await MessageModel.count({ authorID: id });
const thread = await ThreadModel.count({ authorID: id });
res.reply("user", { member, counts: { message, thread }, discord: req.app.get("discord_auth") })
2022-03-21 23:53:22 +03:00
}
2022-08-29 19:31:59 +03:00
else res.error(404, `We don't have any user with id ${id}.`);
2022-03-21 23:53:22 +03:00
});
2022-04-03 21:01:55 +03:00
app.get("/:id/edit", async (req, res) => {
const user = req.user
const { id } = req.params;
const member = await UserModel.get(id);
if (!member) return res.error(404, `We don't have any user with id ${id}.`);
if (user?.admin || user.id === member.id)
return res.reply("edit_user", { member });
res.error(403, "You have not got permission for this.");
});
2022-03-21 23:53:22 +03:00
module.exports = app;