import config from "config"; import Controller from "../Controller"; import {REQUIRE_ADMIN_MIDDLEWARE, REQUIRE_AUTH_MIDDLEWARE} from "../auth/AuthComponent"; import User from "../auth/models/User"; import {Request, Response} from "express"; import {NotFoundHttpError} from "../HttpError"; import Mail from "../Mail"; import {ACCOUNT_REVIEW_NOTICE_MAIL_TEMPLATE} from "../Mails"; export default class BackendController extends Controller { getRoutesPrefix(): string { return '/backend'; } routes(): void { this.get('/', this.getIndex, 'backend', REQUIRE_AUTH_MIDDLEWARE, REQUIRE_ADMIN_MIDDLEWARE); if (User.isApprovalMode()) { this.get('/accounts-approval', this.getAccountApproval, 'accounts-approval', REQUIRE_AUTH_MIDDLEWARE, REQUIRE_ADMIN_MIDDLEWARE); this.post('/accounts-approval/approve/:id', this.postApproveAccount, 'approve-account', REQUIRE_AUTH_MIDDLEWARE, REQUIRE_ADMIN_MIDDLEWARE); this.post('/accounts-approval/reject/:id', this.postRejectAccount, 'reject-account', REQUIRE_AUTH_MIDDLEWARE, REQUIRE_ADMIN_MIDDLEWARE); } } public async getIndex(req: Request, res: Response): Promise { res.render('backend/index', { approval_mode: User.isApprovalMode(), accounts_to_approve: User.isApprovalMode() ? await User.select().count() : 0, }); } public async getAccountApproval(req: Request, res: Response): Promise { const accounts = await User.select().where('approved', 0).with('mainEmail').get(); res.render('backend/accounts_approval', { accounts: User.isApprovalMode() ? accounts : 0, }); } public async postApproveAccount(req: Request, res: Response): Promise { const account = await User.select().where('id', req.params.id).with('mainEmail').first(); if (!account) throw new NotFoundHttpError('User', req.url); const email = await account.mainEmail.get(); account.approved = true; await account.save(); await new Mail(ACCOUNT_REVIEW_NOTICE_MAIL_TEMPLATE, { approved: true, link: config.get('base_url') + Controller.route('auth'), }).send(email!.email!); req.flash('success', `Account successfully approved.`); res.redirectBack(Controller.route('accounts-approval')); } public async postRejectAccount(req: Request, res: Response): Promise { const account = await User.select().where('id', req.params.id).with('mainEmail').first(); if (!account) throw new NotFoundHttpError('User', req.url); const email = await account.mainEmail.get(); await account.delete(); await new Mail(ACCOUNT_REVIEW_NOTICE_MAIL_TEMPLATE, { approved: false, }).send(email!.email!); req.flash('success', `Account successfully deleted.`); res.redirectBack(Controller.route('accounts-approval')); } }