feat: admins can't edit/delete other admins

2022-10-16 14:12:44 -07:00 · 2022-10-16 14:12:44 -07:00 · 940b844857
commit 940b844857
parent 41b766216e
2 changed files with 10 additions and 6 deletions
--- a/src/components/pages/Users/index.tsx
+++ b/src/components/pages/Users/index.tsx
@ -109,13 +109,16 @@ export default function Users() {
              </Group>
              <Group position='right'>
                {user.administrator ? null : (
-                  <ActionIcon aria-label='delete' onClick={() => {setEditOpen(true); setSelectedUser(user);}}>
-                    <PencilIcon />
-                  </ActionIcon>
+                  <>
+                    <ActionIcon aria-label='edit' onClick={() => {setEditOpen(true); setSelectedUser(user);}}>
+                      <PencilIcon />
+                    </ActionIcon>
+                    <ActionIcon aria-label='delete' onClick={() => openDeleteModal(user)}>
+                      <DeleteIcon />
+                    </ActionIcon>
+                  </>
                )}
-                <ActionIcon aria-label='delete' onClick={() => openDeleteModal(user)}>
-                  <DeleteIcon />
-                </ActionIcon>
+                
              </Group>
            </Group>
          </Card>
--- a/src/pages/api/user/[id].ts
+++ b/src/pages/api/user/[id].ts
@ -27,6 +27,7 @@ async function handler(req: NextApiReq, res: NextApiRes) {
    const newTarget = await prisma.user.delete({
      where: { id: target.id },
    });
+    if (newTarget.administrator) return res.error('cannot delete administrator');

    delete newTarget.password;