Fix user approval backend

This commit is contained in:
Alice Gaudon 2020-07-28 15:03:18 +02:00
parent fb1a09baf8
commit bdb7e55b00
2 changed files with 22 additions and 14 deletions

View File

@ -7,6 +7,7 @@ import {BadRequestError, NotFoundHttpError} from "../HttpError";
import Mail from "../Mail"; import Mail from "../Mail";
import {ACCOUNT_REVIEW_NOTICE_MAIL_TEMPLATE} from "../Mails"; import {ACCOUNT_REVIEW_NOTICE_MAIL_TEMPLATE} from "../Mails";
import UserEmail from "../auth/models/UserEmail"; import UserEmail from "../auth/models/UserEmail";
import UserApprovedComponent from "../auth/models/UserApprovedComponent";
export default class BackendController extends Controller { export default class BackendController extends Controller {
private static readonly menu: BackendMenuElement[] = []; private static readonly menu: BackendMenuElement[] = [];
@ -55,22 +56,27 @@ export default class BackendController extends Controller {
} }
protected async getAccountApproval(req: Request, res: Response): Promise<void> { protected async getAccountApproval(req: Request, res: Response): Promise<void> {
const accounts = await User.select().where('approved', 0).with('mainEmail').get(); const accounts = await User.select()
.where('approved', 0)
.with('mainEmail')
.get();
res.render('backend/accounts_approval', { res.render('backend/accounts_approval', {
accounts: User.isApprovalMode() ? accounts : 0, accounts: accounts,
}); });
} }
protected async postApproveAccount(req: Request, res: Response): Promise<void> { protected async postApproveAccount(req: Request, res: Response): Promise<void> {
const {account, email} = await this.accountRequest(req); const {account, email} = await this.accountRequest(req);
account.approved = true; account.as(UserApprovedComponent).approved = true;
await account.save(); await account.save();
if (email) {
await new Mail(ACCOUNT_REVIEW_NOTICE_MAIL_TEMPLATE, { await new Mail(ACCOUNT_REVIEW_NOTICE_MAIL_TEMPLATE, {
approved: true, approved: true,
link: config.get<string>('base_url') + Controller.route('auth'), link: config.get<string>('base_url') + Controller.route('auth'),
}).send(email!.email!); }).send(email.email!);
}
req.flash('success', `Account successfully approved.`); req.flash('success', `Account successfully approved.`);
res.redirectBack(Controller.route('accounts-approval')); res.redirectBack(Controller.route('accounts-approval'));
@ -81,9 +87,11 @@ export default class BackendController extends Controller {
await account.delete(); await account.delete();
if (email) {
await new Mail(ACCOUNT_REVIEW_NOTICE_MAIL_TEMPLATE, { await new Mail(ACCOUNT_REVIEW_NOTICE_MAIL_TEMPLATE, {
approved: false, approved: false,
}).send(email!.email!); }).send(email.email!);
}
req.flash('success', `Account successfully deleted.`); req.flash('success', `Account successfully deleted.`);
res.redirectBack(Controller.route('accounts-approval')); res.redirectBack(Controller.route('accounts-approval'));
@ -91,7 +99,7 @@ export default class BackendController extends Controller {
protected async accountRequest(req: Request): Promise<{ protected async accountRequest(req: Request): Promise<{
account: User, account: User,
email: UserEmail, email: UserEmail | null,
}> { }> {
if (!req.body.user_id) throw new BadRequestError('Missing user_id field', 'Check your form', req.url); if (!req.body.user_id) throw new BadRequestError('Missing user_id field', 'Check your form', req.url);
const account = await User.select().where('id', req.body.user_id).with('mainEmail').first(); const account = await User.select().where('id', req.body.user_id).with('mainEmail').first();
@ -100,7 +108,7 @@ export default class BackendController extends Controller {
return { return {
account: account, account: account,
email: email!, email: email,
}; };
} }
} }

View File

@ -21,7 +21,7 @@
<tr> <tr>
<td>{{ user.id }}</td> <td>{{ user.id }}</td>
<td>{{ user.name }}</td> <td>{{ user.name }}</td>
<td>{{ user.mainEmail.getOrFail().email }}</td> <td>{{ user.mainEmail.getOrFail().email | default('No email') }}</td>
<td>{{ user.created_at.toISOString() }}</td> <td>{{ user.created_at.toISOString() }}</td>
<td> <td>
<div class="max-content"> <div class="max-content">
@ -32,7 +32,7 @@
</form> </form>
<form action="{{ route('reject-account') }}" method="POST" <form action="{{ route('reject-account') }}" method="POST"
data-confirm="This will irrevocably delete the {{ user.mainEmail.getOrFail().email }} account."> data-confirm="This will irrevocably delete the {{ user.mainEmail.getOrFail().email | default(user.name | default(user.id)) }} account.">
<input type="hidden" name="user_id" value="{{ user.id }}"> <input type="hidden" name="user_id" value="{{ user.id }}">
<button class="danger"><i data-feather="check"></i> Reject</button> <button class="danger"><i data-feather="check"></i> Reject</button>
{{ macros.csrf(getCSRFToken) }} {{ macros.csrf(getCSRFToken) }}