Updated admin and mod flag system
This commit is contained in:
@@ -1,20 +0,0 @@
|
||||
const { accounts } = require('../database/models');
|
||||
|
||||
//auth/account/privilege
|
||||
const route = async (req, res) => {
|
||||
const updated = await accounts.update({
|
||||
privilege: req.body.privilege
|
||||
}, {
|
||||
where: {
|
||||
username: req.body.username
|
||||
}
|
||||
});
|
||||
|
||||
if (updated < 1) {
|
||||
return res.status(403).send(`Unknown account`);
|
||||
}
|
||||
|
||||
return res.status(200).end();
|
||||
};
|
||||
|
||||
module.exports = route;
|
||||
@@ -20,16 +20,18 @@ module.exports = async () => {
|
||||
//check for an existing admin account
|
||||
const adminRecord = await accounts.findOne({
|
||||
where: {
|
||||
privilege: 'administrator'
|
||||
admin: true
|
||||
}
|
||||
});
|
||||
|
||||
if (adminRecord == null) {
|
||||
await accounts.create({
|
||||
privilege: 'administrator',
|
||||
email: `${process.env.ADMIN_DEFAULT_USERNAME}@${process.env.WEB_ADDRESS}`,
|
||||
username: `${process.env.ADMIN_DEFAULT_USERNAME}`,
|
||||
hash: await bcrypt.hash(`${process.env.ADMIN_DEFAULT_PASSWORD}`, await bcrypt.genSalt(11))
|
||||
hash: await bcrypt.hash(`${process.env.ADMIN_DEFAULT_PASSWORD}`, await bcrypt.genSalt(11)),
|
||||
type: 'normal',
|
||||
admin: true,
|
||||
mod: true
|
||||
});
|
||||
|
||||
console.warn(`Created default admin account (email: ${process.env.ADMIN_DEFAULT_USERNAME}@${process.env.WEB_ADDRESS}; password: ${process.env.ADMIN_DEFAULT_PASSWORD})`);
|
||||
|
||||
@@ -0,0 +1,25 @@
|
||||
const { accounts } = require('../database/models');
|
||||
const Sequelize = require('sequelize');
|
||||
const Op = Sequelize.Op;
|
||||
|
||||
//admin/admin
|
||||
const route = async (req, res) => {
|
||||
const updated = await accounts.update({
|
||||
admin: true,
|
||||
mod: true
|
||||
}, {
|
||||
where: {
|
||||
username: {
|
||||
[Op.eq]: req.body.username
|
||||
}
|
||||
}
|
||||
});
|
||||
|
||||
if (!updated[0]) {
|
||||
return res.status(500).send('Failed to set admin status');
|
||||
}
|
||||
|
||||
res.status(200).end();
|
||||
};
|
||||
|
||||
module.exports = route;
|
||||
@@ -0,0 +1,24 @@
|
||||
const { accounts } = require('../database/models');
|
||||
const Sequelize = require('sequelize');
|
||||
const Op = Sequelize.Op;
|
||||
|
||||
//admin/mod
|
||||
const route = async (req, res) => {
|
||||
const updated = await accounts.update({
|
||||
mod: true
|
||||
}, {
|
||||
where: {
|
||||
username: {
|
||||
[Op.eq]: req.body.username
|
||||
}
|
||||
}
|
||||
});
|
||||
|
||||
if (!updated[0]) {
|
||||
return res.status(500).send('Failed to set mod status');
|
||||
}
|
||||
|
||||
res.status(200).end();
|
||||
};
|
||||
|
||||
module.exports = route;
|
||||
@@ -6,9 +6,9 @@ const tokenAuth = require('../utilities/token-auth');
|
||||
|
||||
router.use(tokenAuth);
|
||||
router.use((req, res, next) => {
|
||||
//check the user's privilege
|
||||
if (req.user.privilege != 'administrator') {
|
||||
return res.status(401).send('Admins only');
|
||||
//check the user's admin status
|
||||
if (!req.user.admin) {
|
||||
return res.status(401).send('Admin only');
|
||||
}
|
||||
|
||||
next();
|
||||
@@ -17,6 +17,9 @@ router.use((req, res, next) => {
|
||||
require('./default-account')(); //generate the default accouunt
|
||||
|
||||
//basic route management
|
||||
router.patch('/privilege', require('./account-privilege'));
|
||||
router.post('/admin', require('./grant-admin'));
|
||||
router.delete('/admin', require('./remove-admin'));
|
||||
router.post('/mod', require('./grant-mod'));
|
||||
router.delete('/mod', require('./remove-mod'));
|
||||
|
||||
module.exports = router;
|
||||
@@ -0,0 +1,24 @@
|
||||
const { accounts } = require('../database/models');
|
||||
const Sequelize = require('sequelize');
|
||||
const Op = Sequelize.Op;
|
||||
|
||||
//admin/admin
|
||||
const route = async (req, res) => {
|
||||
const updated = await accounts.update({
|
||||
admin: false
|
||||
}, {
|
||||
where: {
|
||||
username: {
|
||||
[Op.eq]: req.body.username
|
||||
}
|
||||
}
|
||||
});
|
||||
|
||||
if (!updated[0]) {
|
||||
return res.status(500).send('Failed to set admin status');
|
||||
}
|
||||
|
||||
res.status(200).end();
|
||||
};
|
||||
|
||||
module.exports = route;
|
||||
@@ -0,0 +1,25 @@
|
||||
const { accounts } = require('../database/models');
|
||||
const Sequelize = require('sequelize');
|
||||
const Op = Sequelize.Op;
|
||||
|
||||
//admin/admin
|
||||
const route = async (req, res) => {
|
||||
const updated = await accounts.update({
|
||||
admin: false,
|
||||
mod: false
|
||||
}, {
|
||||
where: {
|
||||
username: {
|
||||
[Op.eq]: req.body.username
|
||||
}
|
||||
}
|
||||
});
|
||||
|
||||
if (!updated[0]) {
|
||||
return res.status(500).send('Failed to set mod status');
|
||||
}
|
||||
|
||||
res.status(200).end();
|
||||
};
|
||||
|
||||
module.exports = route;
|
||||
Reference in New Issue
Block a user