mirror of
https://github.com/Akif9748/akf-forum.git
synced 2024-11-26 05:10:41 +03:00
making admin is complated with user
This commit is contained in:
parent
2bc5d2eda4
commit
97da2b80af
9 changed files with 55 additions and 72 deletions
|
@ -19,10 +19,6 @@ And, you can learn about API in `util/APIDOCS.md`.
|
||||||
* [Akif9748](https://github.com/Akif9748) - Project mainteiner, main developer
|
* [Akif9748](https://github.com/Akif9748) - Project mainteiner, main developer
|
||||||
* [Camroku](https://github.com/Camroku) - Made stylesheets
|
* [Camroku](https://github.com/Camroku) - Made stylesheets
|
||||||
|
|
||||||
## To do (Backend, bug fixes)
|
|
||||||
- We will use "alert" for errors with fetch api. this added for messages and reactions...
|
|
||||||
- the forum will only use api path... this added for messages and reactions...
|
|
||||||
|
|
||||||
## Roadmap
|
## Roadmap
|
||||||
### User
|
### User
|
||||||
| To do | Is done? | Priority |
|
| To do | Is done? | Priority |
|
||||||
|
@ -71,7 +67,7 @@ And, you can learn about API in `util/APIDOCS.md`.
|
||||||
| Multi-theme support | 🔴 | LOW |
|
| Multi-theme support | 🔴 | LOW |
|
||||||
| Search | 🔴 | MEDIUM |
|
| Search | 🔴 | MEDIUM |
|
||||||
| Better view | 🟢 | MEDIUM |
|
| Better view | 🟢 | MEDIUM |
|
||||||
| Sending message etc. will use fetch API | 🟡 | HIGH |
|
| Sending message etc. will use fetch API | 🟢 | HIGH |
|
||||||
|
|
||||||
## Screenshot
|
## Screenshot
|
||||||
![akf-forum](https://user-images.githubusercontent.com/70021050/160255959-ef216cba-1348-4d4b-9347-fe67e21348e7.png)
|
![akf-forum](https://user-images.githubusercontent.com/70021050/160255959-ef216cba-1348-4d4b-9347-fe67e21348e7.png)
|
||||||
|
|
|
@ -14,5 +14,4 @@ app.get("/", async (req, res) => {
|
||||||
|
|
||||||
})
|
})
|
||||||
|
|
||||||
|
|
||||||
module.exports = app;
|
module.exports = app;
|
|
@ -1,40 +1,17 @@
|
||||||
const { UserModel } = require("../models")
|
|
||||||
|
|
||||||
const { Router } = require("express")
|
const { Router } = require("express")
|
||||||
|
|
||||||
const app = Router();
|
const app = Router();
|
||||||
|
|
||||||
app.use((rq,rs,n)=>{
|
|
||||||
if (!rq.session.userid) return rs.redirect('/login');
|
|
||||||
n();
|
|
||||||
});
|
|
||||||
|
|
||||||
app.get("/", async (req, res) => {
|
app.get("/", async (req, res) => {
|
||||||
|
if (!req.session.userid) return res.redirect('/login');
|
||||||
|
|
||||||
const user = req.user;
|
const user = req.user;
|
||||||
|
|
||||||
if (!user.admin) return res.error( 403, "You have not got permissions for view to this page.");
|
if (!user?.admin) return res.error( 403, "You have not got permissions for view to this page.");
|
||||||
|
|
||||||
res.render("admin", { user, user2: false })
|
res.render("admin", { user, user2: false })
|
||||||
});
|
});
|
||||||
|
|
||||||
app.post("/", async (req, res) => {
|
|
||||||
|
|
||||||
const user = req.user;
|
|
||||||
|
|
||||||
if (!user.admin) return res.error(403, "You have not got permissions for view to this page.");
|
|
||||||
const user2 = await UserModel.get(req.body.userid);
|
|
||||||
|
|
||||||
if (!user2)
|
|
||||||
return res.error( 404, "We have not got this user in all of the forum. Vesselam.");
|
|
||||||
|
|
||||||
else {
|
|
||||||
user2.admin = true;
|
|
||||||
await user2.save()
|
|
||||||
}
|
|
||||||
|
|
||||||
res.render("admin", { user, user2 })
|
|
||||||
|
|
||||||
|
|
||||||
});
|
|
||||||
|
|
||||||
module.exports = app;
|
module.exports = app;
|
||||||
|
|
|
@ -1,31 +1,9 @@
|
||||||
const { Router } = require("express")
|
const { Router } = require("express")
|
||||||
const app = Router();
|
const app = Router();
|
||||||
const bcrypt = require("bcrypt");
|
const bcrypt = require("bcrypt");
|
||||||
|
|
||||||
const { request, response } = require("express");
|
const { request, response } = require("express");
|
||||||
const { SecretModel, UserModel } = require("../../models")
|
const { SecretModel, UserModel } = require("../../models")
|
||||||
|
|
||||||
/**
|
|
||||||
* AUTH TYPE:
|
|
||||||
|
|
||||||
headers:
|
|
||||||
{
|
|
||||||
username: "Username for client",
|
|
||||||
password: "Password of selected username for client"
|
|
||||||
}
|
|
||||||
|
|
||||||
*/
|
|
||||||
|
|
||||||
/**
|
|
||||||
* REQUEST TYPE:
|
|
||||||
* GET /api/action/id
|
|
||||||
*
|
|
||||||
* @example message action:
|
|
||||||
* GET /api/message/0
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Auth checker
|
* Auth checker
|
||||||
* @param {request} req
|
* @param {request} req
|
||||||
|
|
|
@ -29,5 +29,22 @@ app.post("/:id/delete/", async (req, res) => {
|
||||||
|
|
||||||
res.complate(member);
|
res.complate(member);
|
||||||
});
|
});
|
||||||
|
app.post("/:id/admin/", async (req, res) => {
|
||||||
|
|
||||||
|
const user = req.user;
|
||||||
|
|
||||||
|
if (!user.admin) return res.error(403, "You have not got permissions for view to this page.");
|
||||||
|
const user2 = await UserModel.get(req.params.id);
|
||||||
|
|
||||||
|
if (!user2)
|
||||||
|
return res.error(404, "This user is not available.");
|
||||||
|
|
||||||
|
else {
|
||||||
|
user2.admin = true;
|
||||||
|
await user2.save()
|
||||||
|
}
|
||||||
|
|
||||||
|
res.complate(user2);
|
||||||
|
|
||||||
|
});
|
||||||
module.exports = app;
|
module.exports = app;
|
|
@ -19,9 +19,12 @@ You need this headers for send request to API:
|
||||||
### Request types:
|
### Request types:
|
||||||
- GET `/api/users/:id` for fetch user.
|
- GET `/api/users/:id` for fetch user.
|
||||||
- POST `/api/users/:id/delete` for delete user.
|
- POST `/api/users/:id/delete` for delete user.
|
||||||
- POST `/api/threads` for create thread.
|
- POST `/api/users/:id/admin` for give admin permissions for a user.
|
||||||
|
|
||||||
- GET `/api/threads/:id` for fetch thread.
|
- GET `/api/threads/:id` for fetch thread.
|
||||||
|
- POST `/api/threads` for create thread.
|
||||||
- POST `/api/threads/:id/delete` for delete thread.
|
- POST `/api/threads/:id/delete` for delete thread.
|
||||||
|
|
||||||
- GET `/api/messages/:id` for fetch message.
|
- GET `/api/messages/:id` for fetch message.
|
||||||
- POST `/api/messages` for create message.
|
- POST `/api/messages` for create message.
|
||||||
- POST `/api/messages/:id/delete` for delete message.
|
- POST `/api/messages/:id/delete` for delete message.
|
||||||
|
|
|
@ -7,9 +7,8 @@ const { UserModel } = require("../models");
|
||||||
(async () => {
|
(async () => {
|
||||||
|
|
||||||
const member= await UserModel.get(0);
|
const member= await UserModel.get(0);
|
||||||
console.log(member);
|
|
||||||
member.admin = true;
|
member.admin = true;
|
||||||
member.save();
|
console.log(await member.save());
|
||||||
})();
|
})();
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -9,20 +9,32 @@
|
||||||
|
|
||||||
<h1>Welcome to the admin panel of the forum, <%= user.name %>!</h1>
|
<h1>Welcome to the admin panel of the forum, <%= user.name %>!</h1>
|
||||||
|
|
||||||
<form action="/admin/" method="POST">
|
<form>
|
||||||
<h2>Write an ID to give someone admin permissions:</h2>
|
<h2>Write an ID to give someone admin permissions:</h2>
|
||||||
<input name="userid"></input>
|
<input name="userid"></input>
|
||||||
<hr>
|
<hr>
|
||||||
<button class="buyuk" type="submit">Give admin permissions!</button>
|
<button class="buyuk" type="submit">Give admin permissions!</button>
|
||||||
</form>
|
</form>
|
||||||
|
|
||||||
<script>
|
<script type="module">
|
||||||
if (<%= user2.admin %>)
|
|
||||||
alert("Making admin of '<%= user2.name %>' is success");
|
import request from "../../js/request.js";
|
||||||
|
|
||||||
|
document.addEventListener("submit", async e => {
|
||||||
|
e.preventDefault();
|
||||||
|
|
||||||
|
const response = await request("/api/users/" + e.target[0].value + "/admin");
|
||||||
|
|
||||||
|
if (response.result.admin)
|
||||||
|
alert("Making admin of "+response.result.name+" is success!");
|
||||||
|
|
||||||
|
});
|
||||||
|
|
||||||
|
|
||||||
</script>
|
</script>
|
||||||
|
|
||||||
<%- include("extra/footer") %>
|
<%- include("extra/footer") %>
|
||||||
|
|
||||||
</body>
|
</body>
|
||||||
|
|
||||||
</html>
|
</html>
|
|
@ -41,10 +41,8 @@
|
||||||
</ul>
|
</ul>
|
||||||
|
|
||||||
<% if (user?.admin && !member.deleted) {%>
|
<% if (user?.admin && !member.deleted) {%>
|
||||||
<form action="/admin/" method="POST">
|
<form id="admin">
|
||||||
<input name="userid" type="hidden" value="<%= member.id %>"></input>
|
|
||||||
<button class="buyuk" type="submit">Give admin permissions!</button>
|
<button class="buyuk" type="submit">Give admin permissions!</button>
|
||||||
|
|
||||||
</form>
|
</form>
|
||||||
|
|
||||||
<form id="delete">
|
<form id="delete">
|
||||||
|
@ -56,17 +54,21 @@
|
||||||
import request from "../../js/request.js";
|
import request from "../../js/request.js";
|
||||||
|
|
||||||
document.addEventListener("submit", async e => {
|
document.addEventListener("submit", async e => {
|
||||||
|
|
||||||
if (e.target.id !== "delete") return
|
|
||||||
e.preventDefault();
|
e.preventDefault();
|
||||||
|
|
||||||
|
if (e.target.id == "admin") {
|
||||||
|
|
||||||
|
const response = await request("/api/users/<%= member.id %>/admin");
|
||||||
|
|
||||||
|
if (response.result.admin)
|
||||||
|
return alert("Making admin of "+response.result.name+" is success!");
|
||||||
|
}
|
||||||
|
|
||||||
const response = await request("/api/users/<%= member.id %>/delete");
|
const response = await request("/api/users/<%= member.id %>/delete");
|
||||||
|
|
||||||
if (response.result.deleted) {
|
if (response.result.deleted)
|
||||||
alert("User Deleted");
|
alert("User Deleted");
|
||||||
window.location.href = "/users";
|
|
||||||
}
|
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue