2016-03-31 15:57:34 -06:00
|
|
|
var router = require('express').Router(),
|
|
|
|
mw = require('../middleware.js'),
|
|
|
|
mail = require('../mail.js'),
|
|
|
|
User = require('../models/user.js'),
|
|
|
|
Request = require('../models/request.js');
|
|
|
|
|
|
|
|
router.route('/requests')
|
|
|
|
.all([mw.ensureAuth, mw.ensureAdmin], function(req,res,next){
|
|
|
|
next();
|
|
|
|
}).get(function(req,res){
|
|
|
|
User.findById(req.session.passport.user, function(err, user){
|
|
|
|
if (err){ req.flash('error', err.message); }
|
|
|
|
Request.find({}, function(err, requests){
|
|
|
|
if (err) { req.flash('error', err.message); }
|
|
|
|
res.render('admin/requests.html', {
|
|
|
|
user: user,
|
|
|
|
noFooter: '1',
|
|
|
|
requests: requests,
|
|
|
|
success:req.flash('success')[0],
|
|
|
|
error:req.flash('error')[0]
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|
|
|
|
}).post(function(req,res){
|
2016-05-05 23:32:31 -06:00
|
|
|
if (req.body.invite) {
|
|
|
|
Request.findById(req.body.invite, function(err,request){
|
|
|
|
if (err){ req.flash('error', err.message); }
|
|
|
|
mail.sendInvite(request, function (err, raw) {
|
2016-03-31 15:57:34 -06:00
|
|
|
if (err) { req.flash('error', err.message); }
|
2016-05-05 23:32:31 -06:00
|
|
|
request.granted = Date.now();
|
|
|
|
request.save(function(err) {
|
|
|
|
if (err) { req.flash('error', err.message); }
|
|
|
|
});
|
|
|
|
req.flash('success', 'Invitation sent to <i>'+request.name+'</i>.');
|
|
|
|
res.redirect('/admin/requests');
|
2016-03-31 15:57:34 -06:00
|
|
|
});
|
2016-05-05 23:32:31 -06:00
|
|
|
});
|
|
|
|
} else if (req.body.delete) {
|
|
|
|
Request.findOneAndRemove({'_id':req.body.delete}, function(err,request){
|
|
|
|
if (err){ req.flash('error', err.message); }
|
|
|
|
else { req.flash('success', 'Request deleted.'); }
|
2016-03-31 15:57:34 -06:00
|
|
|
res.redirect('/admin/requests');
|
|
|
|
});
|
2016-05-05 23:32:31 -06:00
|
|
|
} else { console.log('ERROR! POST without action sent. '); next(); }
|
2016-03-31 15:57:34 -06:00
|
|
|
});
|
|
|
|
|
2016-05-05 23:32:31 -06:00
|
|
|
router.route('/users')
|
|
|
|
.all([mw.ensureAuth, mw.ensureAdmin], function(req,res,next) {
|
|
|
|
next();
|
|
|
|
}).get(function(req,res){
|
|
|
|
User.findById(req.session.passport.user, function(err, user){
|
|
|
|
if (err){ req.flash('error', err.message); }
|
|
|
|
User.find({}, function(err, users){
|
|
|
|
if (err) { req.flash('error', err.message); }
|
|
|
|
res.render('admin/users.html', {
|
|
|
|
user: user,
|
|
|
|
users: users,
|
|
|
|
noFooter: '1',
|
|
|
|
success:req.flash('success')[0],
|
|
|
|
error:req.flash('error')[0]
|
|
|
|
});
|
2016-03-31 15:57:34 -06:00
|
|
|
});
|
|
|
|
});
|
2016-05-05 23:32:31 -06:00
|
|
|
}).post(function(req,res){
|
|
|
|
if (req.body.delete) {
|
|
|
|
User.findOneAndRemove({'_id':req.body.delete}, function(err,user){
|
|
|
|
if (err){ req.flash('error', err.message); }
|
|
|
|
else { req.flash('success', '<i>'+user.name+'</i> deleted.'); }
|
|
|
|
res.redirect('/admin/users');
|
|
|
|
});
|
|
|
|
} else { console.log('ERROR! POST without action sent. '); next(); }
|
2016-03-31 15:57:34 -06:00
|
|
|
});
|
|
|
|
|
|
|
|
module.exports = router;
|