summaryrefslogtreecommitdiffstats
path: root/server/api/users.js
diff options
context:
space:
mode:
authorJannik Schönartz2019-02-25 07:52:15 +0100
committerJannik Schönartz2019-02-25 07:52:15 +0100
commitf42e850ad0778c147bead82a91d3805c81b66150 (patch)
tree2b5189a7f8a96ca4a15777a06a71581cd1b93ce3 /server/api/users.js
parent[webapp/datatable] small design fixes (diff)
downloadbas-f42e850ad0778c147bead82a91d3805c81b66150.tar.gz
bas-f42e850ad0778c147bead82a91d3805c81b66150.tar.xz
bas-f42e850ad0778c147bead82a91d3805c81b66150.zip
[webapp/user] Add user management module for creating / deleting user accounts
Diffstat (limited to 'server/api/users.js')
-rw-r--r--server/api/users.js22
1 files changed, 20 insertions, 2 deletions
diff --git a/server/api/users.js b/server/api/users.js
index 1a724ac..dc77932 100644
--- a/server/api/users.js
+++ b/server/api/users.js
@@ -14,6 +14,12 @@ var authentication = require(path.join(__appdir, 'lib', 'authentication'))
*/
router.getAsync('', async (req, res) => {
const users = await db.user.findAll({ include: ['roles'], order: [['name', 'ASC']] })
+
+ // Remove passwords
+ await users.forEach(x => {
+ x = x.dataValues
+ delete x.password
+ })
res.status(200).send(users)
})
@@ -52,8 +58,19 @@ router.postAsync('/:id/roles', async (req, res) => {
})
// Post request for creating new user accounts.
-router.post('/', (req, res) => {
- authentication.signup(req, res)
+router.postAsync(['/', '/:id'], async (req, res) => {
+ if (req.query.delete !== undefined && req.query.delete !== 'false') {
+ const count = await db.user.destroy({ where: { id: req.body.ids } })
+ res.status(200).send({ count })
+ } else {
+ if (req.params.id === undefined) return authentication.signup(req, res)
+ else {
+ let user
+ user = await db.user.findOne({ where: { id: req.params.id } })
+ if (user) await user.update(req.body)
+ res.status(200).end()
+ }
+ }
})
// Post request for changing the password.
@@ -81,6 +98,7 @@ router.post('/:id', (req, res) => {
})
})
+// Function for deleting a single user
router.delete('/:id/', (req, res) => {
// Check if the user has the permission for chaning those userdata. Else return.
if (req.params.id !== 'current') {