Akif9748/akf-forum
Akif9748
/
akf-forum
mirror of https://github.com/Akif9748/akf-forum.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

MAJOR BUG: REQ => RES.ERROR, delete user fetch

This commit is contained in:
Akif9748 2022-08-11 03:03:26 +03:00
parent 02aafb341c
commit 97a9444cc7
7 changed files with 54 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
middlewares/user.js
View File

@ -1,7 +1,7 @@
const { UserModel } = require("../models"); const { UserModel } = require("../models");
module.exports = async (req, res, next) => { module.exports = async (req, res, next) => {
req.error = (type, error) => res.status(type).render("error", { type, error }); res.error = (type, error) => res.status(type).render("error", { type, error });
req.user = await UserModel.get(req.session.userid); req.user = await UserModel.get(req.session.userid);
next(); next();
} }

2
public/js/thread.js
View File

@ -9,7 +9,7 @@ document.addEventListener("click", async e => {
} }
} else if (e.target.id === "delete_message") { } else if (e.target.id === "delete_message") {
const response = await request("/api/messages/" + e.target.value + "/delete"); const response = await request(`/api/messages/${e.target.value}/delete`);
if (response.result.deleted) { if (response.result.deleted) {
alert("Message deleted"); alert("Message deleted");
location.reload(); location.reload();

2
routes/api/routes/threads.js
View File

@ -1,4 +1,4 @@
const { UserModel, MessageModel, ThreadModel } = require("../../../models"); const { MessageModel, ThreadModel } = require("../../../models");
const { Router } = require("express") const { Router } = require("express")
const app = Router(); const app = Router();

20
routes/api/routes/users.js
View File

@ -1,4 +1,4 @@
const { UserModel, MessageModel, ThreadModel } = require("../../../models"); const { UserModel } = require("../../../models");
const { Router } = require("express") const { Router } = require("express")
const app = Router(); const app = Router();
@ -8,10 +8,26 @@ app.get("/:id", async (req, res) => {
const { id = null } = req.params; const { id = null } = req.params;
if (!id) return res.error(400, "Missing id in query") if (!id) return res.error(400, "Missing id in query")
const member = await UserModel.get(id); const member = await UserModel.get(id);
if (!member || member.deleted) return res.error(404, "We have not got any user declared as this id."); if (!member || (member.deleted && !req.user.admin)) return res.error(404, "We have not got any user declared as this id.");
res.complate(member); res.complate(member);
}); });
app.post("/:id/delete/", async (req, res) => {
const user = req.user;
if (!user.admin)
return res.error(403, "You have not got permission for this.");
const { id = null } = req.params;
const member = await UserModel.get(id);
if (!member || member.deleted) return res.error(404, "We have not got any user declared as this id.");
member.deleted = true;
await member.save();
res.complate(member);
});
module.exports = app; module.exports = app;

19
routes/users.js
View File

@ -25,23 +25,4 @@ app.get("/:id", async (req, res) => {
}); });
app.use(require("../middlewares/login"));
app.post("/:id/delete/", async (req, res) => {
const user = req.user;
if (!user?.admin)
return res.error( 403, "You have not got permission for this.");
const { id = null } = req.params;
const member = await UserModel.get(id);
if (!member || member.deleted) return res.error( 404, "We have not got any user declared as this id.");
member.deleted = true;
await member.save();
res.redirect("/admin");
});
module.exports = app; module.exports = app;

38
views/user.ejs
View File

@ -1,11 +1,11 @@
<!DOCTYPE html> <!DOCTYPE html>
<html lang="en"> <html lang="en">
<%- include("extra/header", {title: member.name }) %> <%- include("extra/header", { title: member.name }) %>
<body> <body>
<%- include("extra/navbar", {user}) %> <%- include("extra/navbar", { user }) %>
<ul> <ul>
@ -40,19 +40,43 @@
</li> </li>
</ul> </ul>
<% if (user?.admin) {%> <% if (user?.admin && !member.deleted) {%>
<form action="/admin/" method="POST"> <form action="/admin/" method="POST">
<input name="userid" type="hidden" value="<%= member.id %>"></input> <input name="userid" type="hidden" value="<%= member.id %>"></input>
<button class="buyuk" type="submit">Give admin permissions!</button> <button class="buyuk" type="submit">Give admin permissions!</button>
</form> </form>
<form action="/users/<%= member.id %>/delete" method="POST"> <form id="delete">
<button class="buyuk" type="submit">Delete user!</button> <button class="buyuk" type="submit">Delete user!</button>
</form> </form>
<% }; %>
<%- include("extra/footer") %> <script type="module">
import request from "../../js/request.js";
document.addEventListener("submit", async e => {
if (e.target.id !== "delete") return
e.preventDefault();
const response = await request("/api/users/<%= member.id %>/delete");
if (response.result.deleted) {
alert("User Deleted");
window.location.href = "/users";
}
});
</script>
<% }; %>
<% if (member.deleted) {%>
<h1>This user has been deleted!</h1>
<% }; %>
<%- include("extra/footer") %>
</body> </body>
</html> </html>

4
views/users.ejs
View File

@ -12,11 +12,11 @@
<ul> <ul>
<% users.forEach(user=>{ %> <% users.forEach(user=>{ %>
<li> <li>
<h1><a href=<%= user.getLink() %> > <%= user.name %></a> <h1><a href=<%= user.getLink() %> > <%= user.name %> <%= user.deleted ? "(DELETED)" :"" %></a>
<img class="yuvarlak" src=<%=user.avatar %> alt=<%= user.name %>> <img class="yuvarlak" src=<%=user.avatar %> alt=<%= user.name %>>
</h1> </h1>
</li> </li>
<% }); %> <% }); %>
</ul> </ul>