Add user deletion and subdomain handling

2023-12-12 13:43:47 +01:00 · 2023-12-12 13:43:47 +01:00 · 7caff58cdf
commit 7caff58cdf
parent 3c9d92a497
10 changed files with 122 additions and 23 deletions
--- a/package.json
+++ b/package.json
@ -16,6 +16,7 @@
    "express-session": "^1.17.3",
    "sequelize": "^6.35.1",
    "serve-favicon": "^2.5.0",
-    "sqlite3": "^5.1.6"
+    "sqlite3": "^5.1.6",
    "vhost": "^3.0.2"
  }
 }
--- a/src/html/pages/api/contacts/delete.js
+++ b/src/html/pages/api/contacts/delete.js
@ -0,0 +1,19 @@
 import { permissionBits } from "../../../../../utils/permissions.js";
 export default {
    path: "/api/contacts/:phone",
    requiresLogin: true,
    permissions: permissionBits.ADMIN,
    type: "delete",
    async execute(request, response) {
        const { phone } = request.params;
        const contact = await global.database.contacts.findOne({
            where: { phone: phone },
        });
        if (!contact) return response.status(404).send({ message: "Contact does not exist" });
        await contact.destroy();
        response.status(200).send({});
    },
 };
--- a/src/html/pages/api/users/delete.js
+++ b/src/html/pages/api/users/delete.js
@ -0,0 +1,19 @@
 import { permissionBits } from "../../../../../utils/permissions.js";
 export default {
    path: "/api/users/:username",
    requiresLogin: true,
    permissions: permissionBits.ADMIN,
    type: "delete",
    async execute(request, response) {
        const { username } = request.params;
        const user = await global.database.users.findOne({
            where: { username: username },
        });
        if (!user) return response.status(404).send({ message: "User does not exist" });
        await user.destroy();
        response.status(200).send({});
    },
 };
--- a/src/html/pages/dashboard/users/list.js
+++ b/src/html/pages/dashboard/users/list.js
@ -36,7 +36,7 @@ function genUserTable(users) {
        <tr>
          <td><a href='./${user.username}'>${user.username}</a></td>
          <td>${userPerms.join(", ")}</td>
-          <!--<td><button>Supprimer</button></td>-->
+          <td><button onclick="deleteUser('${user.username}');">Supprimer</button></td>
        </tr>`;
    }
    res += `</table>`;
--- a/src/html/pages/dashboard/users/show.js
+++ b/src/html/pages/dashboard/users/show.js
@ -1,6 +1,9 @@
-import { permissionBits, checkPermissions } from '../../../../../utils/permissions.js';
+import {
-import { readFile } from 'fs/promises';
+    permissionBits,
-import { navbar } from '../../../../../utils/navbar.js';
+    checkPermissions,
 } from "../../../../../utils/permissions.js";
 import { readFile } from "fs/promises";
 import { navbar } from "../../../../../utils/navbar.js";
 export default {
    path: "/dashboard/users/:username",
@ -9,22 +12,28 @@ export default {
    type: "get",
    async execute(request, response) {
        const { username } = request.params;
-        const user = await global.database.users.findOne({ where: { username: username } });
+        const user = await global.database.users.findOne({
-        if(!user) return response.redirect('/dashboard/users');
+            where: { username: username },
-        const html = await readFile(`${process.env.WWW}/dashboard/users/info.html`);
+        });
-        response.send(html.toString()
+        if (!user) return response.redirect("/dashboard/users");
-            .replace('<NAVBAR>', navbar(request.session))
+        const html = await readFile(
-            .replace('<USERINFO>', getUserHTML(user))
+            `${process.env.WWW}/dashboard/users/info.html`,
        );
        response.send(
            html
                .toString()
                .replace("<NAVBAR>", navbar(request.session))
                .replace("<USERINFO>", getUserHTML(user)),
        );
    },
-}
+};
 function getUserHTML(user) {
    const userPermDict = checkPermissions(user.permissions);
    let userPerms = [];
    for (const [key, value] of Object.entries(userPermDict)) {
        if (value && key != "default") userPerms.push(key);
-    };
+    }
    let res = `
      <table>
        <tr>
@ -35,7 +44,7 @@ function getUserHTML(user) {
        <tr>
          <td>${user.username}</td>
          <td>${userPerms.join(", ")}</td>
-          <td><button>Supprimer</button></td>
+          <td><button onclick="deleteUser('${user.username}');">Supprimer</button></td>
        </tr>
      </table>`;
    return res;
--- a/utils/handler.js
+++ b/utils/handler.js
@ -80,6 +80,25 @@ async function deployHandler(app) {
            );
        });
    }
    for(const endpoint of handler.delete) {
        app.delete(endpoint.path, async (request, response) => {
            console.log("DELETE: " + request.originalUrl);
            if (endpoint.requiresLogin && !request.session.user) {
                return response.redirect("/login");
            }
            if (endpoint.permissions) {
                if((endpoint.permissions & request.session.user.permissions) == 0) {
                    return response.status(403).send("Vous n'avez pas la permission d'effectuer cette action !");
                }
            }
            return await endpoint.execute(
                request,
                response,
            );
        });
    }
 }
 function parseURL(URL) {
--- a/web.js
+++ b/web.js
@ -2,9 +2,11 @@ import express from "express";
 import session from "express-session";
 import { deployHandler } from "./utils/handler.js";
 import favicon from "serve-favicon";
 import vhost from "vhost";
 async function launchWeb() {
    const app = express();
    const routerApp = express();
    app.use(express.json()); // Used to parse JSON bodies
    app.use(express.urlencoded({ extended: false })); //Parse URL-encoded bodies
@ -15,6 +17,7 @@ async function launchWeb() {
            saveUninitialized: true,
        }),
    );
    routerApp.use(vhost(`${process.env.SERVER_URL}`, app));
    app.use("/assets", express.static(`${process.env.WWW}/assets`));
    app.use(favicon(`${process.env.WWW}/assets/images/favicon.ico`));
@ -22,8 +25,10 @@ async function launchWeb() {
    await deployHandler(app);
    const PORT = process.env.PORT || 3000;
-    app.listen(PORT, () => {
+    routerApp.listen(PORT, () => {
-        console.log(`App available at http://localhost:${PORT}`);
+        console.log(
            `App available at http://${process.env.SERVER_URL}:${PORT}`,
        );
    });
 }
--- a/www/dashboard/index.html
+++ b/www/dashboard/index.html
@ -1,3 +1,4 @@
 <!DOCTYPE html>
 <html>
 <head>
    <meta charset="UTF-8">
--- a/www/dashboard/users/info.html
+++ b/www/dashboard/users/info.html
@ -11,6 +11,19 @@
  </style>
 </head>
 <body>
  <script>
    function deleteUser(username) {
        fetch(`/api/users/${username}`, {
            method: "DELETE",
        })
        .then(async (response) => {
            const res = await response.json();
            console.log(res);
            if(!response.ok) return alert(res.message);
            location.reload();
        });
    }
  </script>
  <NAVBAR>
  <USERINFO>
  <a href='./'><p>Retour</p></a>
--- a/www/dashboard/users/list.html
+++ b/www/dashboard/users/list.html
@ -11,6 +11,19 @@
  </style>
 </head>
 <body>
  <script>
    function deleteUser(username) {
        fetch(`/api/users/${username}`, {
            method: "DELETE",
        })
        .then(async (response) => {
            const res = await response.json();
            console.log(res);
            if(!response.ok) return alert(res.message);
            location.reload();
        });
    }
  </script>
  <NAVBAR>
  <USERTABLE>
  <a href='./'><p>Retour</p></a>