diff --git a/package.json b/package.json
index c44b109..b010a6e 100644
--- a/package.json
+++ b/package.json
@@ -16,6 +16,7 @@
"express-session": "^1.17.3",
"sequelize": "^6.35.1",
"serve-favicon": "^2.5.0",
- "sqlite3": "^5.1.6"
+ "sqlite3": "^5.1.6",
+ "vhost": "^3.0.2"
}
}
diff --git a/src/html/pages/api/contacts/delete.js b/src/html/pages/api/contacts/delete.js
new file mode 100644
index 0000000..bc37cc2
--- /dev/null
+++ b/src/html/pages/api/contacts/delete.js
@@ -0,0 +1,19 @@
+import { permissionBits } from "../../../../../utils/permissions.js";
+
+export default {
+ path: "/api/contacts/:phone",
+ requiresLogin: true,
+ permissions: permissionBits.ADMIN,
+ type: "delete",
+ async execute(request, response) {
+ const { phone } = request.params;
+ const contact = await global.database.contacts.findOne({
+ where: { phone: phone },
+ });
+ if (!contact) return response.status(404).send({ message: "Contact does not exist" });
+
+ await contact.destroy();
+
+ response.status(200).send({});
+ },
+};
diff --git a/src/html/pages/api/users/delete.js b/src/html/pages/api/users/delete.js
new file mode 100644
index 0000000..78406b9
--- /dev/null
+++ b/src/html/pages/api/users/delete.js
@@ -0,0 +1,19 @@
+import { permissionBits } from "../../../../../utils/permissions.js";
+
+export default {
+ path: "/api/users/:username",
+ requiresLogin: true,
+ permissions: permissionBits.ADMIN,
+ type: "delete",
+ async execute(request, response) {
+ const { username } = request.params;
+ const user = await global.database.users.findOne({
+ where: { username: username },
+ });
+ if (!user) return response.status(404).send({ message: "User does not exist" });
+
+ await user.destroy();
+
+ response.status(200).send({});
+ },
+};
diff --git a/src/html/pages/dashboard/users/list.js b/src/html/pages/dashboard/users/list.js
index d78e9e2..4cc4aed 100644
--- a/src/html/pages/dashboard/users/list.js
+++ b/src/html/pages/dashboard/users/list.js
@@ -36,7 +36,7 @@ function genUserTable(users) {
${user.username} |
${userPerms.join(", ")} |
-
+ |
`;
}
res += ``;
diff --git a/src/html/pages/dashboard/users/show.js b/src/html/pages/dashboard/users/show.js
index 57c6c8c..d8232f8 100644
--- a/src/html/pages/dashboard/users/show.js
+++ b/src/html/pages/dashboard/users/show.js
@@ -1,6 +1,9 @@
-import { permissionBits, checkPermissions } from '../../../../../utils/permissions.js';
-import { readFile } from 'fs/promises';
-import { navbar } from '../../../../../utils/navbar.js';
+import {
+ permissionBits,
+ checkPermissions,
+} from "../../../../../utils/permissions.js";
+import { readFile } from "fs/promises";
+import { navbar } from "../../../../../utils/navbar.js";
export default {
path: "/dashboard/users/:username",
@@ -9,22 +12,28 @@ export default {
type: "get",
async execute(request, response) {
const { username } = request.params;
- const user = await global.database.users.findOne({ where: { username: username } });
- if(!user) return response.redirect('/dashboard/users');
- const html = await readFile(`${process.env.WWW}/dashboard/users/info.html`);
- response.send(html.toString()
- .replace('', navbar(request.session))
- .replace('', getUserHTML(user))
+ const user = await global.database.users.findOne({
+ where: { username: username },
+ });
+ if (!user) return response.redirect("/dashboard/users");
+ const html = await readFile(
+ `${process.env.WWW}/dashboard/users/info.html`,
+ );
+ response.send(
+ html
+ .toString()
+ .replace("", navbar(request.session))
+ .replace("", getUserHTML(user)),
);
},
-}
+};
function getUserHTML(user) {
const userPermDict = checkPermissions(user.permissions);
let userPerms = [];
for (const [key, value] of Object.entries(userPermDict)) {
- if(value && key != "default") userPerms.push(key);
- };
+ if (value && key != "default") userPerms.push(key);
+ }
let res = `
@@ -35,7 +44,7 @@ function getUserHTML(user) {
${user.username} |
${userPerms.join(", ")} |
- |
+ |
`;
return res;
diff --git a/utils/handler.js b/utils/handler.js
index 93e0096..412418d 100644
--- a/utils/handler.js
+++ b/utils/handler.js
@@ -80,6 +80,25 @@ async function deployHandler(app) {
);
});
}
+
+ for(const endpoint of handler.delete) {
+ app.delete(endpoint.path, async (request, response) => {
+ console.log("DELETE: " + request.originalUrl);
+
+ if (endpoint.requiresLogin && !request.session.user) {
+ return response.redirect("/login");
+ }
+ if (endpoint.permissions) {
+ if((endpoint.permissions & request.session.user.permissions) == 0) {
+ return response.status(403).send("Vous n'avez pas la permission d'effectuer cette action !");
+ }
+ }
+ return await endpoint.execute(
+ request,
+ response,
+ );
+ });
+ }
}
function parseURL(URL) {
diff --git a/web.js b/web.js
index b00dd46..bb9a352 100644
--- a/web.js
+++ b/web.js
@@ -2,9 +2,11 @@ import express from "express";
import session from "express-session";
import { deployHandler } from "./utils/handler.js";
import favicon from "serve-favicon";
+import vhost from "vhost";
async function launchWeb() {
const app = express();
+ const routerApp = express();
app.use(express.json()); // Used to parse JSON bodies
app.use(express.urlencoded({ extended: false })); //Parse URL-encoded bodies
@@ -15,6 +17,7 @@ async function launchWeb() {
saveUninitialized: true,
}),
);
+ routerApp.use(vhost(`${process.env.SERVER_URL}`, app));
app.use("/assets", express.static(`${process.env.WWW}/assets`));
app.use(favicon(`${process.env.WWW}/assets/images/favicon.ico`));
@@ -22,8 +25,10 @@ async function launchWeb() {
await deployHandler(app);
const PORT = process.env.PORT || 3000;
- app.listen(PORT, () => {
- console.log(`App available at http://localhost:${PORT}`);
+ routerApp.listen(PORT, () => {
+ console.log(
+ `App available at http://${process.env.SERVER_URL}:${PORT}`,
+ );
});
}
diff --git a/www/dashboard/index.html b/www/dashboard/index.html
index 85663b0..b9bc098 100644
--- a/www/dashboard/index.html
+++ b/www/dashboard/index.html
@@ -1,3 +1,4 @@
+
diff --git a/www/dashboard/users/info.html b/www/dashboard/users/info.html
index 917bccc..04e9f6c 100644
--- a/www/dashboard/users/info.html
+++ b/www/dashboard/users/info.html
@@ -11,8 +11,21 @@
-
-
-Retour
+
+
+
+ Retour
diff --git a/www/dashboard/users/list.html b/www/dashboard/users/list.html
index c00d120..e92afac 100644
--- a/www/dashboard/users/list.html
+++ b/www/dashboard/users/list.html
@@ -11,8 +11,21 @@
-
-
-Retour
+
+
+
+ Retour