updt

2023-10-17 21:54:37 +02:00 · 2023-10-17 21:54:37 +02:00 · e004ba58e9
parent 0fe0f2abb4
commit e004ba58e9
3 changed files with 35 additions and 5 deletions
--- a/backend/apis/nodejs/.env
+++ b/backend/apis/nodejs/.env
@ -11,4 +11,4 @@ POSTGRES_PASSWORD = postgres
 POSTGRES_PORT = 5432

 # Application settings
-ALLOW_USER_REGISTRATION = false
+ALLOW_USER_REGISTRATION = true
--- a/backend/apis/nodejs/api.js
+++ b/backend/apis/nodejs/api.js
@ -25,7 +25,9 @@ app.post('/blinkapi/organization', api_controller.verifyToken, api_controller.cr
 app.delete('/blinkapi/organization/:id', api_controller.verifyToken, api_controller.deleteOrganization); // Delete organization
 app.post('/blinkapi/organization/post', api_controller.verifyToken, api_controller.createOrganizationPost); // Create a organization's post
 app.delete('/blinkapi/organization/post/:id', api_controller.verifyToken, api_controller.deleteOrganizationPost); // Delete a organization's post
-app.post('/blinkapi/organization/admin', api_controller.verifyToken, api_controller.makeAdmin); // Make someone a organization's administrator
+app.post('/blinkapi/organization/admin', api_controller.verifyToken, api_controller.addOrganizationAdmin); // Add Organization Administrator
+app.delete('/blinkapi/organization/admin/:id', api_controller.verifyToken, api_controller.removeOrganizationAdmin); // Remove Organization Administrator
+
 // Start the server
 app.listen(process.env.API_SERVER_PORT, () => {
  console.log(`Blink API server is running on port ${process.env.API_SERVER_PORT}`);
--- a/backend/apis/nodejs/api_controller.js
+++ b/backend/apis/nodejs/api_controller.js
@ -250,8 +250,35 @@ async function deleteOrganizationPost(req, res){
  }
 }

-// POST [NOT COMPLETE]
-async function makeAdmin(req, res){
+// POST
+async function addOrganizationAdmin(req, res){
+  // Check whether I am admin and if I'm not trying to make myself admin, if I already am
+  if(await isPersonOrganizationAdmin(req.jwt.person_id, req.body.organization_id) 
+    && req.jwt.person_id != req.body.person_id){
+      // Check whether user exists
+      const userToInsert = await knex('Person')
+        .select('*')
+        .where({ id: req.body.person_id, enabled: true })
+        .first();
+      if(userToInsert){
+        await knex('OrganizationAdministrator')
+          .insert({
+            id_person: req.jwt.person_id,
+            id_organization: req.body.organization_id
+          });
+        return res.status(200).json({success : true});
+      }
+    else {
+      return res.status(401).json({ error : "Forbidden"});
+    }
+  }
+  else {
+    return res.status(401).json({ error : "Forbidden"});
+  }
+}
+
+// DELETE
+async function removeOrganizationAdmin(req, res){

 }

@ -342,5 +369,6 @@ module.exports = {
    deleteOrganization,
    createOrganizationPost,
    deleteOrganizationPost,
-    makeAdmin
+    addOrganizationAdmin,
+    removeOrganizationAdmin
 };