diff --git a/middlewares/user.js b/middlewares/user.js
index 40a0e5c..f2ce110 100644
--- a/middlewares/user.js
+++ b/middlewares/user.js
@@ -1,7 +1,7 @@
const { UserModel } = require("../models");
module.exports = async (req, res, next) => {
- req.error = (type, error) => res.status(type).render("error", { type, error });
+ res.error = (type, error) => res.status(type).render("error", { type, error });
req.user = await UserModel.get(req.session.userid);
next();
}
\ No newline at end of file
diff --git a/public/js/thread.js b/public/js/thread.js
index 86208f7..81198b5 100644
--- a/public/js/thread.js
+++ b/public/js/thread.js
@@ -9,7 +9,7 @@ document.addEventListener("click", async e => {
}
} else if (e.target.id === "delete_message") {
- const response = await request("/api/messages/" + e.target.value + "/delete");
+ const response = await request(`/api/messages/${e.target.value}/delete`);
if (response.result.deleted) {
alert("Message deleted");
location.reload();
diff --git a/routes/api/routes/threads.js b/routes/api/routes/threads.js
index a13dede..aabd562 100644
--- a/routes/api/routes/threads.js
+++ b/routes/api/routes/threads.js
@@ -1,4 +1,4 @@
-const { UserModel, MessageModel, ThreadModel } = require("../../../models");
+const { MessageModel, ThreadModel } = require("../../../models");
const { Router } = require("express")
const app = Router();
diff --git a/routes/api/routes/users.js b/routes/api/routes/users.js
index 2e28bf8..c64291a 100644
--- a/routes/api/routes/users.js
+++ b/routes/api/routes/users.js
@@ -1,4 +1,4 @@
-const { UserModel, MessageModel, ThreadModel } = require("../../../models");
+const { UserModel } = require("../../../models");
const { Router } = require("express")
const app = Router();
@@ -8,10 +8,26 @@ app.get("/:id", async (req, res) => {
const { id = null } = req.params;
if (!id) return res.error(400, "Missing id in query")
const member = await UserModel.get(id);
- if (!member || member.deleted) return res.error(404, "We have not got any user declared as this id.");
+ if (!member || (member.deleted && !req.user.admin)) return res.error(404, "We have not got any user declared as this id.");
res.complate(member);
});
+app.post("/:id/delete/", async (req, res) => {
+ const user = req.user;
+ if (!user.admin)
+ return res.error(403, "You have not got permission for this.");
+
+ const { id = null } = req.params;
+ const member = await UserModel.get(id);
+
+ if (!member || member.deleted) return res.error(404, "We have not got any user declared as this id.");
+
+ member.deleted = true;
+ await member.save();
+
+ res.complate(member);
+});
+
module.exports = app;
\ No newline at end of file
diff --git a/routes/users.js b/routes/users.js
index 83f8ac6..a62f381 100644
--- a/routes/users.js
+++ b/routes/users.js
@@ -25,23 +25,4 @@ app.get("/:id", async (req, res) => {
});
-app.use(require("../middlewares/login"));
-
-
-app.post("/:id/delete/", async (req, res) => {
- const user = req.user;
- if (!user?.admin)
- return res.error( 403, "You have not got permission for this.");
-
- const { id = null } = req.params;
- const member = await UserModel.get(id);
-
- if (!member || member.deleted) return res.error( 404, "We have not got any user declared as this id.");
-
- member.deleted = true;
- await member.save();
-
- res.redirect("/admin");
-});
-
module.exports = app;
\ No newline at end of file
diff --git a/views/user.ejs b/views/user.ejs
index 844584a..9fff418 100644
--- a/views/user.ejs
+++ b/views/user.ejs
@@ -1,11 +1,11 @@
-<%- include("extra/header", {title: member.name }) %>
+<%- include("extra/header", { title: member.name }) %>
- <%- include("extra/navbar", {user}) %>
+ <%- include("extra/navbar", { user }) %>
- <% if (user?.admin) {%>
+ <% if (user?.admin && !member.deleted) {%>
-
- <% }; %>
- <%- include("extra/footer") %>
+
+ <% }; %>
+ <% if (member.deleted) {%>
+ This user has been deleted!
+ <% }; %>
+
+ <%- include("extra/footer") %>
-
+