diff --git a/README.md b/README.md
index e45fdfb..7e08b5d 100644
--- a/README.md
+++ b/README.md
@@ -19,10 +19,6 @@ And, you can learn about API in `util/APIDOCS.md`.
* [Akif9748](https://github.com/Akif9748) - Project mainteiner, main developer
* [Camroku](https://github.com/Camroku) - Made stylesheets
-## To do (Backend, bug fixes)
-- We will use "alert" for errors with fetch api. this added for messages and reactions...
-- the forum will only use api path... this added for messages and reactions...
-
## Roadmap
### User
| To do | Is done? | Priority |
@@ -71,7 +67,7 @@ And, you can learn about API in `util/APIDOCS.md`.
| Multi-theme support | 🔴 | LOW |
| Search | 🔴 | MEDIUM |
| Better view | 🟢 | MEDIUM |
-| Sending message etc. will use fetch API | 🟡 | HIGH |
+| Sending message etc. will use fetch API | 🟢 | HIGH |
## Screenshot
diff --git a/routes/.js b/routes/.js
index 0b77495..16af02e 100644
--- a/routes/.js
+++ b/routes/.js
@@ -14,5 +14,4 @@ app.get("/", async (req, res) => {
})
-
module.exports = app;
\ No newline at end of file
diff --git a/routes/admin.js b/routes/admin.js
index 67228b6..f0bda0e 100644
--- a/routes/admin.js
+++ b/routes/admin.js
@@ -1,40 +1,17 @@
-const { UserModel } = require("../models")
-
const { Router } = require("express")
const app = Router();
-app.use((rq,rs,n)=>{
- if (!rq.session.userid) return rs.redirect('/login');
- n();
-});
-
app.get("/", async (req, res) => {
+ if (!req.session.userid) return res.redirect('/login');
+
const user = req.user;
- if (!user.admin) return res.error( 403, "You have not got permissions for view to this page.");
+ if (!user?.admin) return res.error( 403, "You have not got permissions for view to this page.");
res.render("admin", { user, user2: false })
});
-app.post("/", async (req, res) => {
- const user = req.user;
-
- if (!user.admin) return res.error(403, "You have not got permissions for view to this page.");
- const user2 = await UserModel.get(req.body.userid);
-
- if (!user2)
- return res.error( 404, "We have not got this user in all of the forum. Vesselam.");
-
- else {
- user2.admin = true;
- await user2.save()
- }
-
- res.render("admin", { user, user2 })
-
-
-});
module.exports = app;
diff --git a/routes/api/index.js b/routes/api/index.js
index 19fe9be..dc46bef 100644
--- a/routes/api/index.js
+++ b/routes/api/index.js
@@ -1,31 +1,9 @@
const { Router } = require("express")
const app = Router();
const bcrypt = require("bcrypt");
-
const { request, response } = require("express");
const { SecretModel, UserModel } = require("../../models")
-/**
- * AUTH TYPE:
-
- headers:
- {
- username: "Username for client",
- password: "Password of selected username for client"
- }
-
-*/
-
-/**
- * REQUEST TYPE:
- * GET /api/action/id
- *
- * @example message action:
- * GET /api/message/0
- *
- */
-
-
/**
* Auth checker
* @param {request} req
diff --git a/routes/api/routes/users.js b/routes/api/routes/users.js
index c64291a..a5fe064 100644
--- a/routes/api/routes/users.js
+++ b/routes/api/routes/users.js
@@ -29,5 +29,22 @@ app.post("/:id/delete/", async (req, res) => {
res.complate(member);
});
+app.post("/:id/admin/", async (req, res) => {
+ const user = req.user;
+
+ if (!user.admin) return res.error(403, "You have not got permissions for view to this page.");
+ const user2 = await UserModel.get(req.params.id);
+
+ if (!user2)
+ return res.error(404, "This user is not available.");
+
+ else {
+ user2.admin = true;
+ await user2.save()
+ }
+
+ res.complate(user2);
+
+});
module.exports = app;
\ No newline at end of file
diff --git a/util/APIDOCS.md b/util/APIDOCS.md
index a46f4c7..5b4f338 100644
--- a/util/APIDOCS.md
+++ b/util/APIDOCS.md
@@ -19,9 +19,12 @@ You need this headers for send request to API:
### Request types:
- GET `/api/users/:id` for fetch user.
- POST `/api/users/:id/delete` for delete user.
-- POST `/api/threads` for create thread.
+- POST `/api/users/:id/admin` for give admin permissions for a user.
+
- GET `/api/threads/:id` for fetch thread.
+- POST `/api/threads` for create thread.
- POST `/api/threads/:id/delete` for delete thread.
+
- GET `/api/messages/:id` for fetch message.
- POST `/api/messages` for create message.
- POST `/api/messages/:id/delete` for delete message.
diff --git a/util/admin.js b/util/admin.js
index 44f6bf9..aea3873 100644
--- a/util/admin.js
+++ b/util/admin.js
@@ -7,9 +7,8 @@ const { UserModel } = require("../models");
(async () => {
const member= await UserModel.get(0);
- console.log(member);
member.admin = true;
- member.save();
+ console.log(await member.save());
})();
diff --git a/views/admin.ejs b/views/admin.ejs
index edc4195..be0bdf0 100644
--- a/views/admin.ejs
+++ b/views/admin.ejs
@@ -9,20 +9,32 @@
<h1>Welcome to the admin panel of the forum, <%= user.name %>!</h1>
- <form action="/admin/" method="POST">
+ <form>
<h2>Write an ID to give someone admin permissions:</h2>
<input name="userid"></input>
<hr>
<button class="buyuk" type="submit">Give admin permissions!</button>
</form>
- <script>
- if (<%= user2.admin %>)
- alert("Making admin of '<%= user2.name %>' is success");
+ <script type="module">
+
+ import request from "../../js/request.js";
+
+ document.addEventListener("submit", async e => {
+ e.preventDefault();
+
+ const response = await request("/api/users/" + e.target[0].value + "/admin");
+
+ if (response.result.admin)
+ alert("Making admin of "+response.result.name+" is success!");
+
+ });
+
+
</script>
- <%- include("extra/footer") %>
+ <%- include("extra/footer") %>
</body>
-</html>
+</html>
\ No newline at end of file
diff --git a/views/user.ejs b/views/user.ejs
index 9fff418..5afcc5f 100644
--- a/views/user.ejs
+++ b/views/user.ejs
@@ -41,10 +41,8 @@
</ul>
<% if (user?.admin && !member.deleted) {%>
- <form action="/admin/" method="POST">
- <input name="userid" type="hidden" value="<%= member.id %>"></input>
+ <form id="admin">
<button class="buyuk" type="submit">Give admin permissions!</button>
-
</form>
<form id="delete">
@@ -56,17 +54,21 @@
import request from "../../js/request.js";
document.addEventListener("submit", async e => {
-
- if (e.target.id !== "delete") return
e.preventDefault();
+
+ if (e.target.id == "admin") {
+
+ const response = await request("/api/users/<%= member.id %>/admin");
+
+ if (response.result.admin)
+ return alert("Making admin of "+response.result.name+" is success!");
+ }
const response = await request("/api/users/<%= member.id %>/delete");
- if (response.result.deleted) {
+ if (response.result.deleted)
alert("User Deleted");
- window.location.href = "/users";
- }
-
+
});