mirror of
https://github.com/Akif9748/akf-forum.git
synced 2024-11-29 14:10:41 +03:00
making admin is complated with user
This commit is contained in:
parent
2bc5d2eda4
commit
97da2b80af
9 changed files with 55 additions and 72 deletions
|
@ -19,10 +19,6 @@ And, you can learn about API in `util/APIDOCS.md`.
|
|||
* [Akif9748](https://github.com/Akif9748) - Project mainteiner, main developer
|
||||
* [Camroku](https://github.com/Camroku) - Made stylesheets
|
||||
|
||||
## To do (Backend, bug fixes)
|
||||
- We will use "alert" for errors with fetch api. this added for messages and reactions...
|
||||
- the forum will only use api path... this added for messages and reactions...
|
||||
|
||||
## Roadmap
|
||||
### User
|
||||
| To do | Is done? | Priority |
|
||||
|
@ -71,7 +67,7 @@ And, you can learn about API in `util/APIDOCS.md`.
|
|||
| Multi-theme support | 🔴 | LOW |
|
||||
| Search | 🔴 | MEDIUM |
|
||||
| Better view | 🟢 | MEDIUM |
|
||||
| Sending message etc. will use fetch API | 🟡 | HIGH |
|
||||
| Sending message etc. will use fetch API | 🟢 | HIGH |
|
||||
|
||||
## Screenshot
|
||||
![akf-forum](https://user-images.githubusercontent.com/70021050/160255959-ef216cba-1348-4d4b-9347-fe67e21348e7.png)
|
||||
|
|
|
@ -14,5 +14,4 @@ app.get("/", async (req, res) => {
|
|||
|
||||
})
|
||||
|
||||
|
||||
module.exports = app;
|
|
@ -1,40 +1,17 @@
|
|||
const { UserModel } = require("../models")
|
||||
|
||||
const { Router } = require("express")
|
||||
|
||||
const app = Router();
|
||||
|
||||
app.use((rq,rs,n)=>{
|
||||
if (!rq.session.userid) return rs.redirect('/login');
|
||||
n();
|
||||
});
|
||||
|
||||
app.get("/", async (req, res) => {
|
||||
if (!req.session.userid) return res.redirect('/login');
|
||||
|
||||
const user = req.user;
|
||||
|
||||
if (!user.admin) return res.error( 403, "You have not got permissions for view to this page.");
|
||||
if (!user?.admin) return res.error( 403, "You have not got permissions for view to this page.");
|
||||
|
||||
res.render("admin", { user, user2: false })
|
||||
});
|
||||
|
||||
app.post("/", async (req, res) => {
|
||||
|
||||
const user = req.user;
|
||||
|
||||
if (!user.admin) return res.error(403, "You have not got permissions for view to this page.");
|
||||
const user2 = await UserModel.get(req.body.userid);
|
||||
|
||||
if (!user2)
|
||||
return res.error( 404, "We have not got this user in all of the forum. Vesselam.");
|
||||
|
||||
else {
|
||||
user2.admin = true;
|
||||
await user2.save()
|
||||
}
|
||||
|
||||
res.render("admin", { user, user2 })
|
||||
|
||||
|
||||
});
|
||||
|
||||
module.exports = app;
|
||||
|
|
|
@ -1,31 +1,9 @@
|
|||
const { Router } = require("express")
|
||||
const app = Router();
|
||||
const bcrypt = require("bcrypt");
|
||||
|
||||
const { request, response } = require("express");
|
||||
const { SecretModel, UserModel } = require("../../models")
|
||||
|
||||
/**
|
||||
* AUTH TYPE:
|
||||
|
||||
headers:
|
||||
{
|
||||
username: "Username for client",
|
||||
password: "Password of selected username for client"
|
||||
}
|
||||
|
||||
*/
|
||||
|
||||
/**
|
||||
* REQUEST TYPE:
|
||||
* GET /api/action/id
|
||||
*
|
||||
* @example message action:
|
||||
* GET /api/message/0
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
/**
|
||||
* Auth checker
|
||||
* @param {request} req
|
||||
|
|
|
@ -29,5 +29,22 @@ app.post("/:id/delete/", async (req, res) => {
|
|||
|
||||
res.complate(member);
|
||||
});
|
||||
app.post("/:id/admin/", async (req, res) => {
|
||||
|
||||
const user = req.user;
|
||||
|
||||
if (!user.admin) return res.error(403, "You have not got permissions for view to this page.");
|
||||
const user2 = await UserModel.get(req.params.id);
|
||||
|
||||
if (!user2)
|
||||
return res.error(404, "This user is not available.");
|
||||
|
||||
else {
|
||||
user2.admin = true;
|
||||
await user2.save()
|
||||
}
|
||||
|
||||
res.complate(user2);
|
||||
|
||||
});
|
||||
module.exports = app;
|
|
@ -19,9 +19,12 @@ You need this headers for send request to API:
|
|||
### Request types:
|
||||
- GET `/api/users/:id` for fetch user.
|
||||
- POST `/api/users/:id/delete` for delete user.
|
||||
- POST `/api/threads` for create thread.
|
||||
- POST `/api/users/:id/admin` for give admin permissions for a user.
|
||||
|
||||
- GET `/api/threads/:id` for fetch thread.
|
||||
- POST `/api/threads` for create thread.
|
||||
- POST `/api/threads/:id/delete` for delete thread.
|
||||
|
||||
- GET `/api/messages/:id` for fetch message.
|
||||
- POST `/api/messages` for create message.
|
||||
- POST `/api/messages/:id/delete` for delete message.
|
||||
|
|
|
@ -7,9 +7,8 @@ const { UserModel } = require("../models");
|
|||
(async () => {
|
||||
|
||||
const member= await UserModel.get(0);
|
||||
console.log(member);
|
||||
member.admin = true;
|
||||
member.save();
|
||||
console.log(await member.save());
|
||||
})();
|
||||
|
||||
|
||||
|
|
|
@ -9,19 +9,31 @@
|
|||
|
||||
<h1>Welcome to the admin panel of the forum, <%= user.name %>!</h1>
|
||||
|
||||
<form action="/admin/" method="POST">
|
||||
<form>
|
||||
<h2>Write an ID to give someone admin permissions:</h2>
|
||||
<input name="userid"></input>
|
||||
<hr>
|
||||
<button class="buyuk" type="submit">Give admin permissions!</button>
|
||||
</form>
|
||||
|
||||
<script>
|
||||
if (<%= user2.admin %>)
|
||||
alert("Making admin of '<%= user2.name %>' is success");
|
||||
<script type="module">
|
||||
|
||||
import request from "../../js/request.js";
|
||||
|
||||
document.addEventListener("submit", async e => {
|
||||
e.preventDefault();
|
||||
|
||||
const response = await request("/api/users/" + e.target[0].value + "/admin");
|
||||
|
||||
if (response.result.admin)
|
||||
alert("Making admin of "+response.result.name+" is success!");
|
||||
|
||||
});
|
||||
|
||||
|
||||
</script>
|
||||
|
||||
<%- include("extra/footer") %>
|
||||
<%- include("extra/footer") %>
|
||||
|
||||
</body>
|
||||
|
||||
|
|
|
@ -41,10 +41,8 @@
|
|||
</ul>
|
||||
|
||||
<% if (user?.admin && !member.deleted) {%>
|
||||
<form action="/admin/" method="POST">
|
||||
<input name="userid" type="hidden" value="<%= member.id %>"></input>
|
||||
<form id="admin">
|
||||
<button class="buyuk" type="submit">Give admin permissions!</button>
|
||||
|
||||
</form>
|
||||
|
||||
<form id="delete">
|
||||
|
@ -56,16 +54,20 @@
|
|||
import request from "../../js/request.js";
|
||||
|
||||
document.addEventListener("submit", async e => {
|
||||
|
||||
if (e.target.id !== "delete") return
|
||||
e.preventDefault();
|
||||
|
||||
if (e.target.id == "admin") {
|
||||
|
||||
const response = await request("/api/users/<%= member.id %>/admin");
|
||||
|
||||
if (response.result.admin)
|
||||
return alert("Making admin of "+response.result.name+" is success!");
|
||||
}
|
||||
|
||||
const response = await request("/api/users/<%= member.id %>/delete");
|
||||
|
||||
if (response.result.deleted) {
|
||||
if (response.result.deleted)
|
||||
alert("User Deleted");
|
||||
window.location.href = "/users";
|
||||
}
|
||||
|
||||
});
|
||||
|
||||
|
|
Loading…
Reference in a new issue