feat: ability to edit/delete users with master administrator

2022-10-22 14:50:53 -07:00 · 2022-10-22 14:50:53 -07:00 · 615cbddc89
commit 615cbddc89
parent 4ef82bdff4
8 changed files with 35 additions and 8 deletions
--- a/prisma/migrations/20221022213536_super_admin/migration.sql
+++ b/prisma/migrations/20221022213536_super_admin/migration.sql
@ -0,0 +1,2 @@
+-- AlterTable
+ALTER TABLE "User" ADD COLUMN     "superAdmin" BOOLEAN NOT NULL DEFAULT false;
--- a/prisma/schema.prisma
+++ b/prisma/schema.prisma
@ -17,6 +17,7 @@ model User {
  avatar           String?
  token            String
  administrator    Boolean   @default(false)
+  superAdmin       Boolean   @default(false)
  systemTheme      String    @default("system")
  embedTitle       String?
  embedColor       String    @default("#2f3136")
--- a/src/components/pages/Users/EditUserModal.tsx
+++ b/src/components/pages/Users/EditUserModal.tsx
@ -7,14 +7,15 @@ import useFetch from 'hooks/useFetch';
 export function EditUserModal({ open, setOpen, updateUsers, user }) {
  let form;

-  if (user)
+  if (user) {
    form = useForm({
      initialValues: {
-        username: user?.username,
+        username: user.username,
        password: '',
-        administrator: user?.administrator,
+        administrator: user.administrator,
      },
    });
+  }

  const onSubmit = async (values) => {
    const cleanUsername = values.username.trim();
--- a/src/components/pages/Users/index.tsx
+++ b/src/components/pages/Users/index.tsx
@ -12,7 +12,7 @@ import { CreateUserModal } from './CreateUserModal';
 import { EditUserModal } from './EditUserModal';

 export default function Users() {
-  const user = useRecoilValue(userSelector);
+  const self = useRecoilValue(userSelector);
  const router = useRouter();
  const modals = useModals();

@ -95,7 +95,7 @@ export default function Users() {
      <SimpleGrid cols={3} spacing='lg' breakpoints={[{ maxWidth: 'sm', cols: 1, spacing: 'sm' }]}>
        {users.length
          ? users
-              .filter((x) => x.username !== user.username)
+              .filter((x) => x.username !== self.username)
              .map((user) => (
                <Card key={user.id} sx={{ maxWidth: '100%' }}>
                  <Group position='apart'>
@ -114,7 +114,7 @@ export default function Users() {
                      </Stack>
                    </Group>
                    <Group position='right'>
-                      {user.administrator ? null : (
+                      {user.administrator && !self.superAdmin ? null : (
                        <>
                          <ActionIcon
                            aria-label='edit'
--- a/src/lib/recoil/user.ts
+++ b/src/lib/recoil/user.ts
@ -10,6 +10,7 @@ export interface User {
  domains: string[];
  avatar?: string;
  administrator: boolean;
+  superAdmin: boolean;
 }

 export const userState = atom({
--- a/src/pages/api/user/[id].ts
+++ b/src/pages/api/user/[id].ts
@ -27,13 +27,13 @@ async function handler(req: NextApiReq, res: NextApiRes) {
    const newTarget = await prisma.user.delete({
      where: { id: target.id },
    });
-    if (newTarget.administrator) return res.error('cannot delete administrator');
+    if (newTarget.administrator && !user.superAdmin) return res.error('cannot delete administrator');

    delete newTarget.password;

    return res.json(newTarget);
  } else if (req.method === 'PATCH') {
-    if (target.administrator) return res.forbid('cannot modify administrator');
+    if (target.administrator && !user.superAdmin) return res.forbid('cannot modify administrator');

    if (req.body.password) {
      const hashed = await hashPassword(req.body.password);
--- a/src/pages/api/users.ts
+++ b/src/pages/api/users.ts
@ -68,6 +68,7 @@ async function handler(req: NextApiReq, res: NextApiRes) {
        username: true,
        id: true,
        administrator: true,
+        superAdmin: true,
        token: true,
        embedColor: true,
        embedTitle: true,
--- a/src/server/index.ts
+++ b/src/server/index.ts
@ -39,6 +39,26 @@ async function start() {

  const prisma = new PrismaClient();

+  const admin = await prisma.user.findFirst({
+    where: {
+      id: 1,
+      OR: {
+        username: 'administrator',
+      },
+    },
+  });
+
+  if (admin) {
+    await prisma.user.update({
+      where: {
+        id: admin.id,
+      },
+      data: {
+        superAdmin: true,
+      },
+    });
+  }
+
  if (config.datasource.type === 'local') {
    await mkdir(config.datasource.local.directory, { recursive: true });
  }
@ -99,6 +119,7 @@ async function start() {
    await nextServer.prepare();
  } catch (e) {
    console.log(e);
+    process.exit(1);
  }

  const http = createServer((req, res) => {