MAJOR BUG: REQ => RES.ERROR, delete user fetch
This commit is contained in:
parent
02aafb341c
commit
97a9444cc7
|
@ -1,7 +1,7 @@
|
||||||
const { UserModel } = require("../models");
|
const { UserModel } = require("../models");
|
||||||
|
|
||||||
module.exports = async (req, res, next) => {
|
module.exports = async (req, res, next) => {
|
||||||
req.error = (type, error) => res.status(type).render("error", { type, error });
|
res.error = (type, error) => res.status(type).render("error", { type, error });
|
||||||
req.user = await UserModel.get(req.session.userid);
|
req.user = await UserModel.get(req.session.userid);
|
||||||
next();
|
next();
|
||||||
}
|
}
|
|
@ -9,7 +9,7 @@ document.addEventListener("click", async e => {
|
||||||
}
|
}
|
||||||
|
|
||||||
} else if (e.target.id === "delete_message") {
|
} else if (e.target.id === "delete_message") {
|
||||||
const response = await request("/api/messages/" + e.target.value + "/delete");
|
const response = await request(`/api/messages/${e.target.value}/delete`);
|
||||||
if (response.result.deleted) {
|
if (response.result.deleted) {
|
||||||
alert("Message deleted");
|
alert("Message deleted");
|
||||||
location.reload();
|
location.reload();
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
const { UserModel, MessageModel, ThreadModel } = require("../../../models");
|
const { MessageModel, ThreadModel } = require("../../../models");
|
||||||
const { Router } = require("express")
|
const { Router } = require("express")
|
||||||
|
|
||||||
const app = Router();
|
const app = Router();
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
const { UserModel, MessageModel, ThreadModel } = require("../../../models");
|
const { UserModel } = require("../../../models");
|
||||||
const { Router } = require("express")
|
const { Router } = require("express")
|
||||||
|
|
||||||
const app = Router();
|
const app = Router();
|
||||||
|
@ -8,10 +8,26 @@ app.get("/:id", async (req, res) => {
|
||||||
const { id = null } = req.params;
|
const { id = null } = req.params;
|
||||||
if (!id) return res.error(400, "Missing id in query")
|
if (!id) return res.error(400, "Missing id in query")
|
||||||
const member = await UserModel.get(id);
|
const member = await UserModel.get(id);
|
||||||
if (!member || member.deleted) return res.error(404, "We have not got any user declared as this id.");
|
if (!member || (member.deleted && !req.user.admin)) return res.error(404, "We have not got any user declared as this id.");
|
||||||
|
|
||||||
res.complate(member);
|
res.complate(member);
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|
||||||
|
app.post("/:id/delete/", async (req, res) => {
|
||||||
|
const user = req.user;
|
||||||
|
if (!user.admin)
|
||||||
|
return res.error(403, "You have not got permission for this.");
|
||||||
|
|
||||||
|
const { id = null } = req.params;
|
||||||
|
const member = await UserModel.get(id);
|
||||||
|
|
||||||
|
if (!member || member.deleted) return res.error(404, "We have not got any user declared as this id.");
|
||||||
|
|
||||||
|
member.deleted = true;
|
||||||
|
await member.save();
|
||||||
|
|
||||||
|
res.complate(member);
|
||||||
|
});
|
||||||
|
|
||||||
module.exports = app;
|
module.exports = app;
|
|
@ -25,23 +25,4 @@ app.get("/:id", async (req, res) => {
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|
||||||
app.use(require("../middlewares/login"));
|
|
||||||
|
|
||||||
|
|
||||||
app.post("/:id/delete/", async (req, res) => {
|
|
||||||
const user = req.user;
|
|
||||||
if (!user?.admin)
|
|
||||||
return res.error( 403, "You have not got permission for this.");
|
|
||||||
|
|
||||||
const { id = null } = req.params;
|
|
||||||
const member = await UserModel.get(id);
|
|
||||||
|
|
||||||
if (!member || member.deleted) return res.error( 404, "We have not got any user declared as this id.");
|
|
||||||
|
|
||||||
member.deleted = true;
|
|
||||||
await member.save();
|
|
||||||
|
|
||||||
res.redirect("/admin");
|
|
||||||
});
|
|
||||||
|
|
||||||
module.exports = app;
|
module.exports = app;
|
|
@ -1,11 +1,11 @@
|
||||||
<!DOCTYPE html>
|
<!DOCTYPE html>
|
||||||
<html lang="en">
|
<html lang="en">
|
||||||
|
|
||||||
<%- include("extra/header", {title: member.name }) %>
|
<%- include("extra/header", { title: member.name }) %>
|
||||||
|
|
||||||
<body>
|
<body>
|
||||||
|
|
||||||
<%- include("extra/navbar", {user}) %>
|
<%- include("extra/navbar", { user }) %>
|
||||||
|
|
||||||
|
|
||||||
<ul>
|
<ul>
|
||||||
|
@ -40,19 +40,43 @@
|
||||||
</li>
|
</li>
|
||||||
</ul>
|
</ul>
|
||||||
|
|
||||||
<% if (user?.admin) {%>
|
<% if (user?.admin && !member.deleted) {%>
|
||||||
<form action="/admin/" method="POST">
|
<form action="/admin/" method="POST">
|
||||||
<input name="userid" type="hidden" value="<%= member.id %>"></input>
|
<input name="userid" type="hidden" value="<%= member.id %>"></input>
|
||||||
<button class="buyuk" type="submit">Give admin permissions!</button>
|
<button class="buyuk" type="submit">Give admin permissions!</button>
|
||||||
|
|
||||||
</form>
|
</form>
|
||||||
|
|
||||||
<form action="/users/<%= member.id %>/delete" method="POST">
|
<form id="delete">
|
||||||
<button class="buyuk" type="submit">Delete user!</button>
|
<button class="buyuk" type="submit">Delete user!</button>
|
||||||
</form>
|
</form>
|
||||||
<% }; %>
|
|
||||||
|
|
||||||
<%- include("extra/footer") %>
|
<script type="module">
|
||||||
|
|
||||||
|
import request from "../../js/request.js";
|
||||||
|
|
||||||
|
document.addEventListener("submit", async e => {
|
||||||
|
|
||||||
|
if (e.target.id !== "delete") return
|
||||||
|
e.preventDefault();
|
||||||
|
|
||||||
|
const response = await request("/api/users/<%= member.id %>/delete");
|
||||||
|
|
||||||
|
if (response.result.deleted) {
|
||||||
|
alert("User Deleted");
|
||||||
|
window.location.href = "/users";
|
||||||
|
}
|
||||||
|
|
||||||
|
});
|
||||||
|
|
||||||
|
|
||||||
|
</script>
|
||||||
|
<% }; %>
|
||||||
|
<% if (member.deleted) {%>
|
||||||
|
<h1>This user has been deleted!</h1>
|
||||||
|
<% }; %>
|
||||||
|
|
||||||
|
<%- include("extra/footer") %>
|
||||||
</body>
|
</body>
|
||||||
|
|
||||||
</html>
|
</html>
|
|
@ -12,11 +12,11 @@
|
||||||
<ul>
|
<ul>
|
||||||
<% users.forEach(user=>{ %>
|
<% users.forEach(user=>{ %>
|
||||||
<li>
|
<li>
|
||||||
<h1><a href=<%= user.getLink() %> > <%= user.name %></a>
|
<h1><a href=<%= user.getLink() %> > <%= user.name %> <%= user.deleted ? "(DELETED)" :"" %></a>
|
||||||
<img class="yuvarlak" src=<%=user.avatar %> alt=<%= user.name %>>
|
<img class="yuvarlak" src=<%=user.avatar %> alt=<%= user.name %>>
|
||||||
</h1>
|
</h1>
|
||||||
</li>
|
</li>
|
||||||
<% }); %>
|
<% }); %>
|
||||||
</ul>
|
</ul>
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue