From f42e850ad0778c147bead82a91d3805c81b66150 Mon Sep 17 00:00:00 2001 From: Jannik Schönartz Date: Mon, 25 Feb 2019 06:52:15 +0000 Subject: [webapp/user] Add user management module for creating / deleting user accounts --- server/api/users.js | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) (limited to 'server/api/users.js') diff --git a/server/api/users.js b/server/api/users.js index 1a724ac..dc77932 100644 --- a/server/api/users.js +++ b/server/api/users.js @@ -14,6 +14,12 @@ var authentication = require(path.join(__appdir, 'lib', 'authentication')) */ router.getAsync('', async (req, res) => { const users = await db.user.findAll({ include: ['roles'], order: [['name', 'ASC']] }) + + // Remove passwords + await users.forEach(x => { + x = x.dataValues + delete x.password + }) res.status(200).send(users) }) @@ -52,8 +58,19 @@ router.postAsync('/:id/roles', async (req, res) => { }) // Post request for creating new user accounts. -router.post('/', (req, res) => { - authentication.signup(req, res) +router.postAsync(['/', '/:id'], async (req, res) => { + if (req.query.delete !== undefined && req.query.delete !== 'false') { + const count = await db.user.destroy({ where: { id: req.body.ids } }) + res.status(200).send({ count }) + } else { + if (req.params.id === undefined) return authentication.signup(req, res) + else { + let user + user = await db.user.findOne({ where: { id: req.params.id } }) + if (user) await user.update(req.body) + res.status(200).end() + } + } }) // Post request for changing the password. @@ -81,6 +98,7 @@ router.post('/:id', (req, res) => { }) }) +// Function for deleting a single user router.delete('/:id/', (req, res) => { // Check if the user has the permission for chaning those userdata. Else return. if (req.params.id !== 'current') { -- cgit v1.2.3-55-g7522