summaryrefslogtreecommitdiffstats
path: root/server/api/users.js
diff options
context:
space:
mode:
authorJannik Schönartz2019-02-24 03:16:04 +0100
committerJannik Schönartz2019-02-24 03:16:04 +0100
commitceb166a81c74ca41b7d9099fb5a067c5cfc1827d (patch)
tree8283f2110a0d74ea37c5856ae3fc683cf52b9fdf /server/api/users.js
parent[webapp/groups] rework old tables to new data table (diff)
downloadbas-ceb166a81c74ca41b7d9099fb5a067c5cfc1827d.tar.gz
bas-ceb166a81c74ca41b7d9099fb5a067c5cfc1827d.tar.xz
bas-ceb166a81c74ca41b7d9099fb5a067c5cfc1827d.zip
[account] Add editable user info, change statuscodes, delete account
[server] Add method for updating user info Add method for deleteing user Switch from statuscode 500 to 401 Fixed stauts null exception Validate Email now allows empty email [webapp/AccountPage] Add button to delete the user account (including a dialog) Some order fixes with the info fields User info is now editable
Diffstat (limited to 'server/api/users.js')
-rw-r--r--server/api/users.js33
1 files changed, 33 insertions, 0 deletions
diff --git a/server/api/users.js b/server/api/users.js
index dc8df46..1a724ac 100644
--- a/server/api/users.js
+++ b/server/api/users.js
@@ -61,6 +61,39 @@ router.post('/:id/password', (req, res) => {
authentication.changePassword(req, res)
})
+// Post request for chaning the user info. (name, email)
+router.post('/:id', (req, res) => {
+ if (req.params.id !== 'current') {
+ // Check if the user has the permission for chaning those userdata. Else return.
+ return res.status(500).end()
+ }
+ const id = req.params.id === 'current' ? req.user.id : req.params.id
+
+ let email = req.body.email
+ if (!authentication.validateEmail(req.body.email)) return res.status(500).send({ status: 'EMAIL_INVALID', error_message: 'The provided email is invalid.' })
+ db.user.findOne({ where: { id } }).then(user => {
+ user.update({
+ name: req.body.name,
+ email
+ }).then(() => {
+ res.send(200)
+ })
+ })
+})
+
+router.delete('/:id/', (req, res) => {
+ // Check if the user has the permission for chaning those userdata. Else return.
+ if (req.params.id !== 'current') {
+ return res.status(500).end()
+ }
+ const id = req.params.id === 'current' ? req.user.id : req.params.id
+
+ // Every user can delete his own account.
+ db.user.destroy({ where: { id } }).then(() => {
+ res.status(200).end()
+ })
+})
+
// ############################################################################
// ############################################################################