Add ability to create user from admin panel

database/accounts/accounts.js

@@ -3,6 +3,14 @@ const passport = require('passport');
 const localStrategy = require('passport-local').Strategy;
 const bcrypt = require('bcrypt');
 
+class User {
+    constructor(id, email, isAdmin) {
+        this.id = id;
+        this.email = email;
+        this.isAdmin = isAdmin;
+    }
+}
+
 
 passport.use(new localStrategy({
         usernameField: 'email',
@@ -54,5 +62,19 @@ async function createUser(email, password, isAdmin) {
     await database.executeQuery(query, [email, hash, isAdmin]);
 }
 
+async function retrieveAll() {
+    const query = `SELECT user_id, email, admin
+            FROM accounts.users
+            ORDER BY email;`
+    const table = await database.executeQuery(query);
+
+    const accountsList = [];
+    table.forEach((row) => {
+        accountsList.push(new User(row[0], row[1], row[2]));
+    });
+    return accountsList;
+}
+
 exports.createUser = createUser;
+exports.retrieveAll = retrieveAll;
 exports.passport = passport;

public/scripts/data.js

@@ -70,3 +70,9 @@ export async function getGame(gameID) {
     const game = await response.json();
     return game;
 }
+
+export async function getAccounts() {
+    const response = await fetch(`/data/accounts`);
+    const accounts = await response.json();
+    return accounts;
+}

public/scripts/manage.js

@@ -294,6 +294,49 @@ CATEGORIES.push(new Category(
     }
 ));
 
+CATEGORIES.push(new Category(
+    "accounts",
+    async function getAccounts() {
+        return await Data.getAccounts();
+    },
+    async function listAccountHeaders() {
+        const headerRow = document.createElement('tr');
+
+        const emailHeader = document.createElement('th');
+        emailHeader.textContent = "Email";
+        headerRow.appendChild(emailHeader);
+
+        const spacerHeader = document.createElement('th');
+        spacerHeader.classList.add('spacer-column');
+        headerRow.appendChild(spacerHeader);
+        
+        const adminHeader = document.createElement('th');
+        adminHeader.textContent = "Admin?";
+        headerRow.appendChild(adminHeader);
+
+        itemsListTable.appendChild(headerRow);
+    },
+    function listAccount(account, row) {      
+        const emailCell = document.createElement('td');
+        emailCell.textContent = account.email;
+        row.appendChild(emailCell);
+
+        const spacerCell = document.createElement('td');
+        row.appendChild(spacerCell);
+
+        const adminCell = document.createElement('td');
+        adminCell.textContent = account.isAdmin;
+        row.appendChild(adminCell);
+    },
+    async function addAccount() {
+        window.location.href = "/manage/account";
+    },
+    async function editAccount(id) {
+        window.location.href = `/manage/account?account=${id}`;
+    }
+));
+
+
 
 
 async function listItems(category) {

public/stylesheets/form.css

@@ -36,3 +36,12 @@ form {
   #delete-button {
       visibility: hidden;
   }
+
+  .form-section-checkbox {
+      flex-direction: row;
+      align-items: center;
+  }
+
+  #admin {
+      width: auto;
+  }

routes/admin.js

@@ -5,8 +5,20 @@ const app = require('../app');
 const accounts = require('./../database/accounts/accounts');
 
 
-router.get('/createuser', (req, res, next) => {
+function adminLoggedIn(req, res, next) {
-    res.render('accounts/createuser', { title: 'Create user' });
+    if (req.user && req.user[2]) {
+      next();
+    }
+    else {
+      req.flash('error', 'An admin account is required to access this page.');
+      res.redirect('/auth/login');
+    }
+  }
+
+router.get('/', adminLoggedIn, (req, res, next) => {
+    res.render
 });
 
+
+
 module.exports = router;

routes/auth.js

@@ -4,6 +4,17 @@ const passport = require('passport');
 const accounts = require('./../database/accounts/accounts');
 const app = require('../app');
 
+
+function adminLoggedIn(req, res, next) {
+    if (req.user && req.user[2]) {
+      next();
+    }
+    else {
+      req.flash('error', 'An admin account is required to access this page.');
+      res.redirect('/auth/login');
+    }
+  }
+
 router.get('/login', (req, res, next) => {
     res.render('accounts/login', { title : "Login", message: req.flash('error') });
 });
@@ -23,9 +34,9 @@ router.post('/login',
             console.log(req.user);
 });
 
-router.post('/register', (req, res, next) => {
+router.post('/register', adminLoggedIn, (req, res, next) => {
-    accounts.createUser(req.body.email, req.body.password)
+    accounts.createUser(req.body.email, req.body.password, !!req.body.admin)
-        .then(res.redirect('/'));
+        .then(res.redirect('/manage'));
 });
 
 module.exports = router;

routes/data.js

@@ -6,7 +6,17 @@ var genders = require('../database/scores/genders');
 var divisions = require('../database/scores/divisions');
 var teams = require('../database/scores/teams');
 var games = require('../database/scores/games');
+var accounts = require('../database/accounts/accounts');
 
+function adminLoggedIn(req, res, next) {
+    if (req.user && req.user[2]) {
+      next();
+    }
+    else {
+      req.flash('error', 'An admin account is required to access this page.');
+      res.redirect('/auth/login');
+    }
+  }
 
 router.get('/sports', function(req, res, next) {
     sports.retrieveAll()
@@ -61,4 +71,9 @@ router.get('/game', function(req, res, next) {
         .then(data => res.json(data));
 })
 
+router.get('/accounts', adminLoggedIn, function(req, res, next) {
+    accounts.retrieveAll()
+        .then(data => res.json(data));
+})
+
 module.exports = router;

routes/manage.js

@@ -22,7 +22,8 @@ function adminLoggedIn(req, res, next) {
     next();
   }
   else {
-    res.send('UNAUTHORIZED');
+    req.flash('error', 'An admin account is required to access this page.');
+    res.redirect('/auth/login');
   }
 }
 
@@ -136,4 +137,8 @@ router.post('/team', adminLoggedIn, function(req, res, next) {
   else teams.add(name, sport).then(res.redirect("/manage"));
 });
 
+router.get('/account', adminLoggedIn, (req, res, next) => {
+  res.render('accounts/createuser', { title: 'Create user' });
+});
+
 module.exports = router;

views/accounts/createuser.pug

@@ -16,5 +16,9 @@ block content
         label Password 
         span(class='form-section-input')
           input(type="password", name="password")
+      span(class='form-section')
+        span(class='form-section-checkbox')
+          input#admin(type="checkbox", name="admin")
+          label(for="admin") Grant admin privileges
       span(class='form-section')
         button#submit-button(type="submit") Submit

views/manage.pug

@@ -17,6 +17,7 @@ block content
                     option(value="divisions") Divisions 
                     option(value="teams") Teams 
                     option(value="games") Games
+                    option(value="accounts") Accounts
     div 
         h2#table-header
         table#items-list