wikijs-fork/controllers/admin.js

'use strict'

var express = require('express')
var router = express.Router()
const Promise = require('bluebird')
const validator = require('validator')
const _ = require('lodash')

/**
 * Admin
 */
router.get('/', (req, res) => {
  res.redirect('/admin/profile')
})

router.get('/profile', (req, res) => {
  if (res.locals.isGuest) {
    return res.render('error-forbidden')
  }

  res.render('pages/admin/profile', { adminTab: 'profile' })
})

router.post('/profile', (req, res) => {
  if (res.locals.isGuest) {
    return res.render('error-forbidden')
  }

  return db.User.findById(req.user.id).then((usr) => {
    usr.name = _.trim(req.body.name)
    if (usr.provider === 'local' && req.body.password !== '********') {
      let nPwd = _.trim(req.body.password)
      if (nPwd.length < 6) {
        return Promise.reject(new Error('New Password too short!'))
      } else {
        return db.User.hashPassword(nPwd).then((pwd) => {
          usr.password = pwd
          return usr.save()
        })
      }
    } else {
      return usr.save()
    }
  }).then(() => {
    return res.json({ msg: 'OK' })
  }).catch((err) => {
    res.status(400).json({ msg: err.message })
  })
})

router.get('/stats', (req, res) => {
  if (res.locals.isGuest) {
    return res.render('error-forbidden')
  }

  Promise.all([
    db.Entry.count(),
    db.UplFile.count(),
    db.User.count()
  ]).spread((totalEntries, totalUploads, totalUsers) => {
    return res.render('pages/admin/stats', {
      totalEntries, totalUploads, totalUsers, adminTab: 'stats'
    }) || true
  }).catch((err) => {
    throw err
  })
})

router.get('/users', (req, res) => {
  if (!res.locals.rights.manage) {
    return res.render('error-forbidden')
  }

  db.User.find({})
    .select('-password -rights')
    .sort('name email')
    .exec().then((usrs) => {
      res.render('pages/admin/users', { adminTab: 'users', usrs })
    })
})

router.get('/users/:id', (req, res) => {
  if (!res.locals.rights.manage) {
    return res.render('error-forbidden')
  }

  if (!validator.isMongoId(req.params.id)) {
    return res.render('error-forbidden')
  }

  db.User.findById(req.params.id)
    .select('-password -providerId')
    .exec().then((usr) => {
      let usrOpts = {
        canChangeEmail: (usr.email !== 'guest' && usr.provider === 'local' && usr.email !== req.app.locals.appconfig.admin),
        canChangeName: (usr.email !== 'guest'),
        canChangePassword: (usr.email !== 'guest' && usr.provider === 'local'),
        canChangeRole: (usr.email !== 'guest' && !(usr.provider === 'local' && usr.email === req.app.locals.appconfig.admin)),
        canBeDeleted: (usr.email !== 'guest' && !(usr.provider === 'local' && usr.email === req.app.locals.appconfig.admin))
      }

      res.render('pages/admin/users-edit', { adminTab: 'users', usr, usrOpts })
    })
})

router.post('/users/:id', (req, res) => {
  if (!res.locals.rights.manage) {
    return res.status(401).json({ msg: 'Unauthorized' })
  }

  if (!validator.isMongoId(req.params.id)) {
    return res.status(400).json({ msg: 'Invalid User ID' })
  }

  return db.User.findById(req.params.id).then((usr) => {
    usr.name = _.trim(req.body.name)
    usr.rights = JSON.parse(req.body.rights)
    if (usr.provider === 'local' && req.body.password !== '********') {
      let nPwd = _.trim(req.body.password)
      if (nPwd.length < 6) {
        return Promise.reject(new Error('New Password too short!'))
      } else {
        return db.User.hashPassword(nPwd).then((pwd) => {
          usr.password = pwd
          return usr.save()
        })
      }
    } else {
      return usr.save()
    }
  }).then(() => {
    return res.json({ msg: 'OK' })
  }).catch((err) => {
    res.status(400).json({ msg: err.message })
  })
})

router.get('/settings', (req, res) => {
  if (!res.locals.rights.manage) {
    return res.render('error-forbidden')
  }

  res.render('pages/admin/settings', { adminTab: 'settings' })
})

module.exports = router
Standard JS code conversion + fixes 2017-02-09 01:52:37 +00:00			`'use strict'`
Base server logic 2016-08-17 03:56:08 +00:00
Standard JS code conversion + fixes 2017-02-09 01:52:37 +00:00			`var express = require('express')`
			`var router = express.Router()`
			`const Promise = require('bluebird')`
			`const validator = require('validator')`
			`const _ = require('lodash')`
Base server logic 2016-08-17 03:56:08 +00:00
			`/**`
			`* Admin`
			`*/`
			`router.get('/', (req, res) => {`
Standard JS code conversion + fixes 2017-02-09 01:52:37 +00:00			`res.redirect('/admin/profile')`
			`})`
Account page 2016-11-02 03:02:11 +00:00
			`router.get('/profile', (req, res) => {`
Standard JS code conversion + fixes 2017-02-09 01:52:37 +00:00			`if (res.locals.isGuest) {`
			`return res.render('error-forbidden')`
			`}`
Added access check for write and manage actions 2017-01-03 04:32:16 +00:00
Standard JS code conversion + fixes 2017-02-09 01:52:37 +00:00			`res.render('pages/admin/profile', { adminTab: 'profile' })`
			`})`
Integration to Requarks Core 2016-11-21 01:09:50 +00:00
Added own profile save + dependencies update 2017-01-31 00:43:37 +00:00			`router.post('/profile', (req, res) => {`
Standard JS code conversion + fixes 2017-02-09 01:52:37 +00:00			`if (res.locals.isGuest) {`
			`return res.render('error-forbidden')`
			`}`

			`return db.User.findById(req.user.id).then((usr) => {`
			`usr.name = _.trim(req.body.name)`
			`if (usr.provider === 'local' && req.body.password !== '********') {`
			`let nPwd = _.trim(req.body.password)`
			`if (nPwd.length < 6) {`
			`return Promise.reject(new Error('New Password too short!'))`
			`} else {`
			`return db.User.hashPassword(nPwd).then((pwd) => {`
			`usr.password = pwd`
			`return usr.save()`
			`})`
			`}`
			`} else {`
			`return usr.save()`
			`}`
			`}).then(() => {`
			`return res.json({ msg: 'OK' })`
			`}).catch((err) => {`
			`res.status(400).json({ msg: err.message })`
			`})`
			`})`
Added own profile save + dependencies update 2017-01-31 00:43:37 +00:00
Integration to Requarks Core 2016-11-21 01:09:50 +00:00			`router.get('/stats', (req, res) => {`
Standard JS code conversion + fixes 2017-02-09 01:52:37 +00:00			`if (res.locals.isGuest) {`
			`return res.render('error-forbidden')`
			`}`

			`Promise.all([`
			`db.Entry.count(),`
			`db.UplFile.count(),`
			`db.User.count()`
			`]).spread((totalEntries, totalUploads, totalUsers) => {`
			`return res.render('pages/admin/stats', {`
			`totalEntries, totalUploads, totalUsers, adminTab: 'stats'`
			`}) \|\| true`
			`}).catch((err) => {`
			`throw err`
			`})`
			`})`
Integration to Requarks Core 2016-11-21 01:09:50 +00:00
			`router.get('/users', (req, res) => {`
Standard JS code conversion + fixes 2017-02-09 01:52:37 +00:00			`if (!res.locals.rights.manage) {`
			`return res.render('error-forbidden')`
			`}`

			`db.User.find({})`
			`.select('-password -rights')`
			`.sort('name email')`
			`.exec().then((usrs) => {`
			`res.render('pages/admin/users', { adminTab: 'users', usrs })`
			`})`
			`})`
Users list + Edit user interface 2017-01-04 05:07:15 +00:00
			`router.get('/users/:id', (req, res) => {`
Standard JS code conversion + fixes 2017-02-09 01:52:37 +00:00			`if (!res.locals.rights.manage) {`
			`return res.render('error-forbidden')`
			`}`

			`if (!validator.isMongoId(req.params.id)) {`
			`return res.render('error-forbidden')`
			`}`

			`db.User.findById(req.params.id)`
			`.select('-password -providerId')`
			`.exec().then((usr) => {`
			`let usrOpts = {`
			`canChangeEmail: (usr.email !== 'guest' && usr.provider === 'local' && usr.email !== req.app.locals.appconfig.admin),`
			`canChangeName: (usr.email !== 'guest'),`
			`canChangePassword: (usr.email !== 'guest' && usr.provider === 'local'),`
			`canChangeRole: (usr.email !== 'guest' && !(usr.provider === 'local' && usr.email === req.app.locals.appconfig.admin)),`
			`canBeDeleted: (usr.email !== 'guest' && !(usr.provider === 'local' && usr.email === req.app.locals.appconfig.admin))`
			`}`

			`res.render('pages/admin/users-edit', { adminTab: 'users', usr, usrOpts })`
			`})`
			`})`
Integration to Requarks Core 2016-11-21 01:09:50 +00:00
Added rights management + user edit 2017-01-28 00:12:25 +00:00			`router.post('/users/:id', (req, res) => {`
Standard JS code conversion + fixes 2017-02-09 01:52:37 +00:00			`if (!res.locals.rights.manage) {`
			`return res.status(401).json({ msg: 'Unauthorized' })`
			`}`

			`if (!validator.isMongoId(req.params.id)) {`
			`return res.status(400).json({ msg: 'Invalid User ID' })`
			`}`

			`return db.User.findById(req.params.id).then((usr) => {`
			`usr.name = _.trim(req.body.name)`
			`usr.rights = JSON.parse(req.body.rights)`
			`if (usr.provider === 'local' && req.body.password !== '********') {`
			`let nPwd = _.trim(req.body.password)`
			`if (nPwd.length < 6) {`
			`return Promise.reject(new Error('New Password too short!'))`
			`} else {`
			`return db.User.hashPassword(nPwd).then((pwd) => {`
			`usr.password = pwd`
			`return usr.save()`
			`})`
			`}`
			`} else {`
			`return usr.save()`
			`}`
			`}).then(() => {`
			`return res.json({ msg: 'OK' })`
			`}).catch((err) => {`
			`res.status(400).json({ msg: err.message })`
			`})`
			`})`
Added rights management + user edit 2017-01-28 00:12:25 +00:00
Integration to Requarks Core 2016-11-21 01:09:50 +00:00			`router.get('/settings', (req, res) => {`
Standard JS code conversion + fixes 2017-02-09 01:52:37 +00:00			`if (!res.locals.rights.manage) {`
			`return res.render('error-forbidden')`
			`}`
Added access check for write and manage actions 2017-01-03 04:32:16 +00:00
Standard JS code conversion + fixes 2017-02-09 01:52:37 +00:00			`res.render('pages/admin/settings', { adminTab: 'settings' })`
			`})`
Base server logic 2016-08-17 03:56:08 +00:00
Standard JS code conversion + fixes 2017-02-09 01:52:37 +00:00			`module.exports = router`