Ignore isManager, implement deleteUser

2022-04-24 13:48:10 +02:00 · 2022-04-24 13:48:10 +02:00 · 42123fb41a
parent a042a59276
commit 42123fb41a
2 changed files with 55 additions and 0 deletions
--- a/src/server/index.js
+++ b/src/server/index.js
@ -524,6 +524,25 @@ api.post("/users/changeManagerStatus", async (req, res) => {
    });
 });

+api.post("/deleteUser", async (req, res) => {
+  if (!(await isManager(req.session))) {
+    res.json({"status": "error", "data": "Not authorized"});
+    return
+  }
+  let emailAddress = req.body.emailAddress;
+
+  tmdb.getUserByEmail(emailAddress)
+    .then(user => {
+      tmdb.deleteUser(user.id)
+        .then(msg => res.json({"status": "OK", "data": msg}))
+        .catch(err => res.json({"status": "error", "data": err}));
+    })
+    .catch(err => {
+      console.log(err);
+      res.json({"status": "error", "data": "Could not update the specified user"});
+    });
+});
+

 api.get("/dumpsession", async (req, res) => {
  let out = {};
--- a/src/server/tmdb.js
+++ b/src/server/tmdb.js
@ -20,6 +20,8 @@ module.exports = {
  getUserByEmail: getUserByEmail,
  getUserByGoogleId: getUserByGoogleId,
  createUserBlank: createUserBlank,
+  changeManagerStatus: changeManagerStatus,
+  deleteUser, deleteUser,
  editUser: editUser,
 }

@ -556,4 +558,38 @@ function editUser(email, user) {
  });
 }

+function changeManagerStatus(userId, isManager) {
+  return new Promise(function(resolve, reject) {
+    connection.query("UPDATE users SET isManager = ? WHERE id = ?", [escapeString(isManager), escapeString(userId)], (err, sets) => {
+      if (err) {
+        console.log(err);
+        reject(err);
+        return
+      } 
+      if (sets.affectedRows == 0) {
+        reject("No such user exists");
+        return
+      }
+      resolve("User updated");
+    });
+  });
+}
+
+function deleteUser(userId) {
+  return new Promise(function(resolve, reject) {
+    connection.query("DELETE FROM users WHERE id = ?", [escapeString(userId)], (err, sets) => {
+      if (err) {
+        console.log(err);
+        reject(err);
+        return;
+      }
+      if (sets.affectedRows == 0) {
+        reject("No such user exists");
+        return;
+      }
+      resolve("User deleted");
+    });
+  });
+}
+
 // #endregion