72 lines
2.3 KiB
JavaScript
72 lines
2.3 KiB
JavaScript
const path = require('path');
|
|
const fs = require('fs');
|
|
const express = require('express');
|
|
const { requireAdmin } = require('../middleware/auth');
|
|
const users = require('../services/users');
|
|
|
|
const mediaDir = process.env.MEDIA_DIR || path.join(__dirname, '..', '..', 'media');
|
|
|
|
function unlinkQuiet(absPath) {
|
|
fs.unlink(absPath, () => {});
|
|
}
|
|
|
|
module.exports = function usersAdminRoutes(csrfProtection) {
|
|
const router = express.Router();
|
|
router.use(requireAdmin);
|
|
|
|
router.get('/', (req, res) => {
|
|
res.render('mymusic/users', { title: 'Users', userList: users.listAllUsers() });
|
|
});
|
|
|
|
router.post('/:id/disable', csrfProtection, (req, res, next) => {
|
|
try {
|
|
const id = Number(req.params.id);
|
|
if (id === req.session.user.id) {
|
|
req.flash('error', 'You cannot disable your own account.');
|
|
return res.redirect('/mymusic/users');
|
|
}
|
|
users.setDisabled(id, true);
|
|
req.flash('success', 'Account disabled.');
|
|
res.redirect('/mymusic/users');
|
|
} catch (err) { next(err); }
|
|
});
|
|
|
|
router.post('/:id/enable', csrfProtection, (req, res, next) => {
|
|
try {
|
|
users.setDisabled(Number(req.params.id), false);
|
|
req.flash('success', 'Account enabled.');
|
|
res.redirect('/mymusic/users');
|
|
} catch (err) { next(err); }
|
|
});
|
|
|
|
router.post('/:id/verify', csrfProtection, (req, res, next) => {
|
|
try {
|
|
users.markVerifiedAdmin(Number(req.params.id));
|
|
req.flash('success', 'Email marked as verified.');
|
|
res.redirect('/mymusic/users');
|
|
} catch (err) { next(err); }
|
|
});
|
|
|
|
router.post('/:id/delete', csrfProtection, (req, res, next) => {
|
|
try {
|
|
const id = Number(req.params.id);
|
|
if (id === req.session.user.id) {
|
|
req.flash('error', 'You cannot delete your own account.');
|
|
return res.redirect('/mymusic/users');
|
|
}
|
|
const { songs, playlists } = users.deleteUserWithContent(id);
|
|
for (const s of songs) {
|
|
if (s.audio_path) unlinkQuiet(path.join(mediaDir, s.audio_path));
|
|
if (s.cover_path) unlinkQuiet(path.join(mediaDir, s.cover_path));
|
|
}
|
|
for (const p of playlists) {
|
|
if (p.cover_path) unlinkQuiet(path.join(mediaDir, p.cover_path));
|
|
}
|
|
req.flash('success', 'User and all their content deleted.');
|
|
res.redirect('/mymusic/users');
|
|
} catch (err) { next(err); }
|
|
});
|
|
|
|
return router;
|
|
};
|