MAJOR BUG: REQ => RES.ERROR, delete user fetch
This commit is contained in:
parent
02aafb341c
commit
97a9444cc7
|
|
@ -1,7 +1,7 @@
|
|||
const { UserModel } = require("../models");
|
||||
|
||||
module.exports = async (req, res, next) => {
|
||||
req.error = (type, error) => res.status(type).render("error", { type, error });
|
||||
res.error = (type, error) => res.status(type).render("error", { type, error });
|
||||
req.user = await UserModel.get(req.session.userid);
|
||||
next();
|
||||
}
|
||||
|
|
@ -9,7 +9,7 @@ document.addEventListener("click", async e => {
|
|||
}
|
||||
|
||||
} else if (e.target.id === "delete_message") {
|
||||
const response = await request("/api/messages/" + e.target.value + "/delete");
|
||||
const response = await request(`/api/messages/${e.target.value}/delete`);
|
||||
if (response.result.deleted) {
|
||||
alert("Message deleted");
|
||||
location.reload();
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
const { UserModel, MessageModel, ThreadModel } = require("../../../models");
|
||||
const { MessageModel, ThreadModel } = require("../../../models");
|
||||
const { Router } = require("express")
|
||||
|
||||
const app = Router();
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
const { UserModel, MessageModel, ThreadModel } = require("../../../models");
|
||||
const { UserModel } = require("../../../models");
|
||||
const { Router } = require("express")
|
||||
|
||||
const app = Router();
|
||||
|
|
@ -8,10 +8,26 @@ app.get("/:id", async (req, res) => {
|
|||
const { id = null } = req.params;
|
||||
if (!id) return res.error(400, "Missing id in query")
|
||||
const member = await UserModel.get(id);
|
||||
if (!member || member.deleted) return res.error(404, "We have not got any user declared as this id.");
|
||||
if (!member || (member.deleted && !req.user.admin)) return res.error(404, "We have not got any user declared as this id.");
|
||||
|
||||
res.complate(member);
|
||||
|
||||
});
|
||||
|
||||
app.post("/:id/delete/", async (req, res) => {
|
||||
const user = req.user;
|
||||
if (!user.admin)
|
||||
return res.error(403, "You have not got permission for this.");
|
||||
|
||||
const { id = null } = req.params;
|
||||
const member = await UserModel.get(id);
|
||||
|
||||
if (!member || member.deleted) return res.error(404, "We have not got any user declared as this id.");
|
||||
|
||||
member.deleted = true;
|
||||
await member.save();
|
||||
|
||||
res.complate(member);
|
||||
});
|
||||
|
||||
module.exports = app;
|
||||
|
|
@ -25,23 +25,4 @@ app.get("/:id", async (req, res) => {
|
|||
|
||||
});
|
||||
|
||||
app.use(require("../middlewares/login"));
|
||||
|
||||
|
||||
app.post("/:id/delete/", async (req, res) => {
|
||||
const user = req.user;
|
||||
if (!user?.admin)
|
||||
return res.error( 403, "You have not got permission for this.");
|
||||
|
||||
const { id = null } = req.params;
|
||||
const member = await UserModel.get(id);
|
||||
|
||||
if (!member || member.deleted) return res.error( 404, "We have not got any user declared as this id.");
|
||||
|
||||
member.deleted = true;
|
||||
await member.save();
|
||||
|
||||
res.redirect("/admin");
|
||||
});
|
||||
|
||||
module.exports = app;
|
||||
|
|
@ -1,11 +1,11 @@
|
|||
<!DOCTYPE html>
|
||||
<html lang="en">
|
||||
|
||||
<%- include("extra/header", {title: member.name }) %>
|
||||
<%- include("extra/header", { title: member.name }) %>
|
||||
|
||||
<body>
|
||||
|
||||
<%- include("extra/navbar", {user}) %>
|
||||
<%- include("extra/navbar", { user }) %>
|
||||
|
||||
|
||||
<ul>
|
||||
|
|
@ -40,19 +40,43 @@
|
|||
</li>
|
||||
</ul>
|
||||
|
||||
<% if (user?.admin) {%>
|
||||
<% if (user?.admin && !member.deleted) {%>
|
||||
<form action="/admin/" method="POST">
|
||||
<input name="userid" type="hidden" value="<%= member.id %>"></input>
|
||||
<button class="buyuk" type="submit">Give admin permissions!</button>
|
||||
|
||||
</form>
|
||||
|
||||
<form action="/users/<%= member.id %>/delete" method="POST">
|
||||
<form id="delete">
|
||||
<button class="buyuk" type="submit">Delete user!</button>
|
||||
</form>
|
||||
<% }; %>
|
||||
|
||||
<%- include("extra/footer") %>
|
||||
<script type="module">
|
||||
|
||||
import request from "../../js/request.js";
|
||||
|
||||
document.addEventListener("submit", async e => {
|
||||
|
||||
if (e.target.id !== "delete") return
|
||||
e.preventDefault();
|
||||
|
||||
const response = await request("/api/users/<%= member.id %>/delete");
|
||||
|
||||
if (response.result.deleted) {
|
||||
alert("User Deleted");
|
||||
window.location.href = "/users";
|
||||
}
|
||||
|
||||
});
|
||||
|
||||
|
||||
</script>
|
||||
<% }; %>
|
||||
<% if (member.deleted) {%>
|
||||
<h1>This user has been deleted!</h1>
|
||||
<% }; %>
|
||||
|
||||
<%- include("extra/footer") %>
|
||||
</body>
|
||||
|
||||
</html>
|
||||
</html>
|
||||
|
|
@ -12,11 +12,11 @@
|
|||
<ul>
|
||||
<% users.forEach(user=>{ %>
|
||||
<li>
|
||||
<h1><a href=<%= user.getLink() %> > <%= user.name %></a>
|
||||
<h1><a href=<%= user.getLink() %> > <%= user.name %> <%= user.deleted ? "(DELETED)" :"" %></a>
|
||||
<img class="yuvarlak" src=<%=user.avatar %> alt=<%= user.name %>>
|
||||
</h1>
|
||||
</li>
|
||||
<% }); %>
|
||||
<% }); %>
|
||||
</ul>
|
||||
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue