From e004ba58e95afb1ac1c22827b2b83b7264e200a6 Mon Sep 17 00:00:00 2001
From: xfarrow <xfarrow@doesnotexist.org>
Date: Tue, 17 Oct 2023 21:54:37 +0200
Subject: [PATCH] updt

---
 backend/apis/nodejs/.env              |  2 +-
 backend/apis/nodejs/api.js            |  4 +++-
 backend/apis/nodejs/api_controller.js | 34 ++++++++++++++++++++++++---
 3 files changed, 35 insertions(+), 5 deletions(-)

diff --git a/backend/apis/nodejs/.env b/backend/apis/nodejs/.env
index 7ef04df..e3d0c4d 100644
--- a/backend/apis/nodejs/.env
+++ b/backend/apis/nodejs/.env
@@ -11,4 +11,4 @@ POSTGRES_PASSWORD = postgres
 POSTGRES_PORT = 5432
 
 # Application settings
-ALLOW_USER_REGISTRATION = false
\ No newline at end of file
+ALLOW_USER_REGISTRATION = true
\ No newline at end of file
diff --git a/backend/apis/nodejs/api.js b/backend/apis/nodejs/api.js
index 42e1fba..d58def0 100644
--- a/backend/apis/nodejs/api.js
+++ b/backend/apis/nodejs/api.js
@@ -25,7 +25,9 @@ app.post('/blinkapi/organization', api_controller.verifyToken, api_controller.cr
 app.delete('/blinkapi/organization/:id', api_controller.verifyToken, api_controller.deleteOrganization); // Delete organization
 app.post('/blinkapi/organization/post', api_controller.verifyToken, api_controller.createOrganizationPost); // Create a organization's post
 app.delete('/blinkapi/organization/post/:id', api_controller.verifyToken, api_controller.deleteOrganizationPost); // Delete a organization's post
-app.post('/blinkapi/organization/admin', api_controller.verifyToken, api_controller.makeAdmin); // Make someone a organization's administrator
+app.post('/blinkapi/organization/admin', api_controller.verifyToken, api_controller.addOrganizationAdmin); // Add Organization Administrator
+app.delete('/blinkapi/organization/admin/:id', api_controller.verifyToken, api_controller.removeOrganizationAdmin); // Remove Organization Administrator
+
 // Start the server
 app.listen(process.env.API_SERVER_PORT, () => {
   console.log(`Blink API server is running on port ${process.env.API_SERVER_PORT}`);
diff --git a/backend/apis/nodejs/api_controller.js b/backend/apis/nodejs/api_controller.js
index ff2d6f8..edc132d 100644
--- a/backend/apis/nodejs/api_controller.js
+++ b/backend/apis/nodejs/api_controller.js
@@ -250,8 +250,35 @@ async function deleteOrganizationPost(req, res){
   }
 }
 
-// POST [NOT COMPLETE]
-async function makeAdmin(req, res){
+// POST
+async function addOrganizationAdmin(req, res){
+  // Check whether I am admin and if I'm not trying to make myself admin, if I already am
+  if(await isPersonOrganizationAdmin(req.jwt.person_id, req.body.organization_id) 
+    && req.jwt.person_id != req.body.person_id){
+      // Check whether user exists
+      const userToInsert = await knex('Person')
+        .select('*')
+        .where({ id: req.body.person_id, enabled: true })
+        .first();
+      if(userToInsert){
+        await knex('OrganizationAdministrator')
+          .insert({
+            id_person: req.jwt.person_id,
+            id_organization: req.body.organization_id
+          });
+        return res.status(200).json({success : true});
+      }
+    else {
+      return res.status(401).json({ error : "Forbidden"});
+    }
+  }
+  else {
+    return res.status(401).json({ error : "Forbidden"});
+  }
+}
+
+// DELETE
+async function removeOrganizationAdmin(req, res){
 
 }
 
@@ -342,5 +369,6 @@ module.exports = {
     deleteOrganization,
     createOrganizationPost,
     deleteOrganizationPost,
-    makeAdmin
+    addOrganizationAdmin,
+    removeOrganizationAdmin
 };
\ No newline at end of file