Admins

- added is_admin column to users - added ability for admins to delete posts that are not their own
5 years ago · f7dae45ab9
parent 21641cbc20
commit f7dae45ab9
5 changed files with 17 additions and 2 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -14,6 +14,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - worker initialization error handling
 - bearer token authentification for testing purposes
 - Added `deletable' field on post
+- Admin field that for admin users
+- ability for admins to delete posts

 ### Removed

--- a/src/graphql/resolvers.ts
+++ b/src/graphql/resolvers.ts
@ -245,7 +245,8 @@ export function resolver(req: any, res: any): any {
                        as: "rAuthor",
                        model: models.User,
                }]});
-                if (post.rAuthor.id === req.session.userId) {
+                const isAdmin = (await models.User.findOne({where: {id: req.session.userId}})).isAdmin;
+                if (post.rAuthor.id === req.session.userId || isAdmin) {
                    return await dataaccess.deletePost(post.id);
                } else {
                    res.status(status.FORBIDDEN);
--- a/src/graphql/schema.graphql
+++ b/src/graphql/schema.graphql
@ -256,6 +256,9 @@ type Profile implements UserData {

    "the custom settings for the frontend"
    settings: String!
+
+    "if the user is an admin"
+    isAdmin: Boolean
 }

 "represents a single user post"
--- a/src/lib/models/Post.ts
+++ b/src/lib/models/Post.ts
@ -102,6 +102,11 @@ export class Post extends Model<Post> {
     * @param userId
     */
    public async deletable({userId}: {userId: number}): Promise<boolean> {
-        return Number(userId) === Number(this.authorId);
+
+        const isAuthor =  Number(userId) === Number(this.authorId);
+        if (!isAuthor) {
+            return (await User.findOne({where: {id: userId}})).isAdmin;
+        }
+        return isAuthor;
    }
 }
--- a/src/lib/models/User.ts
+++ b/src/lib/models/User.ts
@ -61,6 +61,10 @@ export class User extends Model<User> {
    @Column({defaultValue: () => Date.now() + 7200000})
    public authExpire: Date;

+    @NotNull
+    @Column({defaultValue: false, allowNull: false})
+    public isAdmin: boolean;
+
    @BelongsToMany(() => User, () => Friendship, "userId")
    public rFriends: User[];