111 lines
2.5 KiB
JavaScript
111 lines
2.5 KiB
JavaScript
const db = require("../db");
|
|
const { createUser, getAllUsers} = require("../services/admin.service");
|
|
const bcrypt = require("bcrypt");
|
|
|
|
async function listUsers(req, res) {
|
|
try {
|
|
const users = await getAllUsers(db);
|
|
res.render("admin_users", {
|
|
users,
|
|
currentUser: req.session.user
|
|
});
|
|
} catch (err) {
|
|
console.error(err);
|
|
res.send("Datenbankfehler");
|
|
}
|
|
}
|
|
|
|
function showCreateUser(req, res) {
|
|
res.render("admin_create_user", {
|
|
error: null,
|
|
user: req.session.user
|
|
});
|
|
}
|
|
|
|
async function postCreateUser(req, res) {
|
|
let { username, password, role } = req.body;
|
|
username = username.trim();
|
|
|
|
if (!username || !password || !role) {
|
|
return res.render("admin_create_user", {
|
|
error: "Alle Felder sind Pflichtfelder",
|
|
user: req.session.user
|
|
});
|
|
}
|
|
|
|
try {
|
|
await createUser(db, username, password, role);
|
|
|
|
req.session.flash = {
|
|
type: "success",
|
|
message: "Benutzer erfolgreich angelegt"
|
|
};
|
|
|
|
res.redirect("/admin/users");
|
|
} catch (error) {
|
|
res.render("admin_create_user", {
|
|
error,
|
|
user: req.session.user
|
|
});
|
|
}
|
|
}
|
|
|
|
async function changeUserRole(req, res) {
|
|
const userId = req.params.id;
|
|
const { role } = req.body;
|
|
|
|
if (!["arzt", "mitarbeiter"].includes(role)) {
|
|
req.session.flash = { type: "danger", message: "Ungültige Rolle" };
|
|
return res.redirect("/admin/users");
|
|
}
|
|
|
|
db.query(
|
|
"UPDATE users SET role = ? WHERE id = ?",
|
|
[role, userId],
|
|
err => {
|
|
if (err) {
|
|
console.error(err);
|
|
req.session.flash = { type: "danger", message: "Fehler beim Ändern der Rolle" };
|
|
} else {
|
|
req.session.flash = { type: "success", message: "Rolle erfolgreich geändert" };
|
|
}
|
|
res.redirect("/admin/users");
|
|
}
|
|
);
|
|
}
|
|
|
|
async function resetUserPassword(req, res) {
|
|
const userId = req.params.id;
|
|
const { password } = req.body;
|
|
|
|
if (!password || password.length < 4) {
|
|
req.session.flash = { type: "warning", message: "Passwort zu kurz" };
|
|
return res.redirect("/admin/users");
|
|
}
|
|
|
|
const hash = await bcrypt.hash(password, 10);
|
|
|
|
db.query(
|
|
"UPDATE users SET password = ? WHERE id = ?",
|
|
[hash, userId],
|
|
err => {
|
|
if (err) {
|
|
console.error(err);
|
|
req.session.flash = { type: "danger", message: "Fehler beim Zurücksetzen" };
|
|
} else {
|
|
req.session.flash = { type: "success", message: "Passwort zurückgesetzt" };
|
|
}
|
|
res.redirect("/admin/users");
|
|
}
|
|
);
|
|
}
|
|
|
|
|
|
module.exports = {
|
|
listUsers,
|
|
showCreateUser,
|
|
postCreateUser,
|
|
changeUserRole,
|
|
resetUserPassword
|
|
};
|