From 42123fb41a136860c967b69a8542e6a96e869eea Mon Sep 17 00:00:00 2001
From: Felix Albrigtsen <felixalbrigtsen@gmail.com>
Date: Sun, 24 Apr 2022 13:48:10 +0200
Subject: [PATCH] Ignore isManager, implement deleteUser

---
 src/server/index.js | 19 +++++++++++++++++++
 src/server/tmdb.js  | 36 ++++++++++++++++++++++++++++++++++++
 2 files changed, 55 insertions(+)

diff --git a/src/server/index.js b/src/server/index.js
index b8ccb1f..1edd442 100644
--- a/src/server/index.js
+++ b/src/server/index.js
@@ -524,6 +524,25 @@ api.post("/users/changeManagerStatus", async (req, res) => {
     });
 });
 
+api.post("/deleteUser", async (req, res) => {
+  if (!(await isManager(req.session))) {
+    res.json({"status": "error", "data": "Not authorized"});
+    return
+  }
+  let emailAddress = req.body.emailAddress;
+
+  tmdb.getUserByEmail(emailAddress)
+    .then(user => {
+      tmdb.deleteUser(user.id)
+        .then(msg => res.json({"status": "OK", "data": msg}))
+        .catch(err => res.json({"status": "error", "data": err}));
+    })
+    .catch(err => {
+      console.log(err);
+      res.json({"status": "error", "data": "Could not update the specified user"});
+    });
+});
+
 
 api.get("/dumpsession", async (req, res) => {
   let out = {};
diff --git a/src/server/tmdb.js b/src/server/tmdb.js
index 93b71e5..3c5ad17 100644
--- a/src/server/tmdb.js
+++ b/src/server/tmdb.js
@@ -20,6 +20,8 @@ module.exports = {
   getUserByEmail: getUserByEmail,
   getUserByGoogleId: getUserByGoogleId,
   createUserBlank: createUserBlank,
+  changeManagerStatus: changeManagerStatus,
+  deleteUser, deleteUser,
   editUser: editUser,
 }
 
@@ -556,4 +558,38 @@ function editUser(email, user) {
   });
 }
 
+function changeManagerStatus(userId, isManager) {
+  return new Promise(function(resolve, reject) {
+    connection.query("UPDATE users SET isManager = ? WHERE id = ?", [escapeString(isManager), escapeString(userId)], (err, sets) => {
+      if (err) {
+        console.log(err);
+        reject(err);
+        return
+      } 
+      if (sets.affectedRows == 0) {
+        reject("No such user exists");
+        return
+      }
+      resolve("User updated");
+    });
+  });
+}
+
+function deleteUser(userId) {
+  return new Promise(function(resolve, reject) {
+    connection.query("DELETE FROM users WHERE id = ?", [escapeString(userId)], (err, sets) => {
+      if (err) {
+        console.log(err);
+        reject(err);
+        return;
+      }
+      if (sets.affectedRows == 0) {
+        reject("No such user exists");
+        return;
+      }
+      resolve("User deleted");
+    });
+  });
+}
+
 // #endregion
\ No newline at end of file