Finished role management & began work on categories

3 years ago · 2732e393b2
parent c3e3b2f062
commit 2732e393b2
8 changed files with 182 additions and 69 deletions
--- a/src/app.rb
+++ b/src/app.rb
@ -54,14 +54,18 @@ def auth_denied(msg=AUTH_ERRORS[:denied], status=403, ret="/")
 	redirect ret
 end

-def no_go_away(ret="/")
+def no_go_away(ret=back)
 	auth_denied "No! GO AWAY!", 403, ret
 end

-def banned(ret="/")
+def banned(ret=back)
 	auth_denied "You are banned!", 403, ret
 end

+def error(ret=back)
+	auth_denied "Internal server error.", 500, ret
+end
+
 # Routes
 get "/style.css" do
 	sass :"stylesheets/style", style: :compressed
@ -155,6 +159,11 @@ get "/logout" do
 end

 post "/user/update" do
+	id = (get_current_user.admin? and params[:id]) ? params[:id].to_i : session[:userid]
+	p "##########################"
+	puts "id=#{id}"
+	p "##########################"
+
 	data = {
 		name: params["displayname"].chomp,
 		bio_text: params["bio"].chomp
@ -162,15 +171,15 @@ post "/user/update" do

 	if params[:image] then
 		imgdata = params[:image][:tempfile] 
-		save_image imgdata.read, "./public/avatars/#{session[:userid]}.png" # save the image
-		data[:avatar_url] = "/avatars/#{session[:userid]}.png" # update image path
+		save_image imgdata.read, "./public/avatars/#{id}.png" # save the image
+		data[:avatar_url] = "/avatars/#{id}.png" # update image path
 	end

-	success, msg = get_current_user.update_creds data # update the user creds
+	success, msg = User.find_by_id(id).update_creds data # update the user creds
 	if not success then flash[:error] = msg end	

 	flash[:success] = "Profile updated."
-	redirect "/settings"
+	redirect back
 end

 # Auction stuff
@ -230,7 +239,8 @@ get "/admin" do

 	data = {
 		roles: Role.get_all,
-		users: User.get_all
+		users: User.get_all,
+		categories: Category.get_all
 	}

 	serve :"admin/index", {flags: flags, data: data}
@ -240,6 +250,7 @@ end
 get "/admin/users/:id/ban" do
 	auth_denied unless get_current_user.admin?
 	id = params[:id].to_i
+
 	user = User.find_by_id id
 	user.banned = true

@ -251,6 +262,7 @@ end
 get "/admin/users/:id/unban" do
 	auth_denied unless get_current_user.admin?
 	id = params[:id].to_i
+
 	user = User.find_by_id id
 	user.banned = false

@ -267,12 +279,84 @@ get "/admin/users/:id/edit" do
 	serve :"admin/users/edit", {user: user}
 end

+post "/admin/users/rolegive" do
+	user = get_current_user
+	auth_denied unless user.permitted?(:roleman)
+
+	user_id = params[:user_id].to_i
+	role_id = params[:role_id].to_i
+
+	auth_denied "You are not permitted to give that role!", 403, back if role_id == ROLES[:banned][:id]
+	
+	if user.role_ids.include?(role_id) or user.admin? then
+		resp = User_Role_relation.give_role(user_id, role_id)
+
+		flash[:success] = "Gave role to user." if resp 
+		redirect back
+	else
+		auth_denied "You are not permitted to give that role!", 403, back
+	end
+end
+
+post "/admin/users/rolerevoke" do
+	user = get_current_user
+	auth_denied unless user.permitted?(:roleman)
+
+	user_id = params[:user_id].to_i
+	role_id = params[:role_id].to_i
+
+	auth_denied "You are not permitted to give that role!", 403, back if role_id == ROLES[:banned][:id]
+	if user.admin? then
+		resp = User_Role_relation.revoke_role(user_id, role_id)	
+		flash[:success] = "Revoked role from user." if resp 
+		redirect back
+	else
+		auth_denied "You are not permitted to give that role!", 403, back
+	end
+end
+
+
+post "/admin/users/setmoney" do
+	user = get_current_user
+	auth_denied unless user.permitted? :moneyman
+
+	id = params[:user_id].to_i
+	money = params[:money].to_f
+	target = User.find_by_id(id)
+
+	target.balance = money
+
+	flash[:success] = "Set users money to '#{money}'."
+
+	redirect back
+end
+
 # ADMIN ROLE MANAGEMENT
 def role_check(id)
 	no_go_away if ROLE_IDS.include? id
 	auth_denied unless get_current_user.permitted? :roleman
 end

+post "/admin/roles" do
+	user = get_current_user
+	auth_denied unless user.permitted? :roleman
+
+	name = params[:name]
+	color = params[:color]
+	flags = params[:flags]
+
+	flags = params[:flags].to_i
+	flags = verify_flags(flags, user.flags)
+
+	newid, resp = Role.create(name, color, flags)
+	if newid then
+		flash[:success] = "Successfully created role '#{name}'."
+	else
+		flash[:error] = resp 
+	end
+	redirect back
+end
+
 get "/admin/roles/:id/delete" do
 	id = params[:id].to_i
 	role_check id
@ -322,43 +406,18 @@ post "/admin/roles/:id/update" do
 	redirect "/admin/roles/#{id}/edit"
 end

-post "/admin/roles/give" do
-	user = get_current_user
-	auth_denied unless user.permitted?(:roleman)
-
-	user_id = params[:user_id].to_i
-	role_id = params[:role_id].to_i

-	# Deny giving the "banned role"
-	auth_denied "You are not permitted to give that role!", 403, "/admin" if role_id == ROLES[:banned][:id]
-	
-	if user.role_ids.include?(role_id) or user.admin? then
-		resp = User_Role_relation.give_role(user_id, role_id)
-
-		newrole = Role.find_by_id role_id
-		promoted_user = User.find_by_id user_id
-
-		flash[:success] = "Gave role '#{newrole.name}' to #{promoted_user.name}!" if resp 
-		redirect back
-	else
-		auth_denied "You are not permitted to give that role!", 403, "/admin"
-	end
-end
-
-post "/admin/roles" do
+# ADMIN CATEGORY MANAGEMENT
+post "/admin/categories" do
 	user = get_current_user
-	auth_denied unless user.permitted? :roleman
+	auth_denied unless user.permitted? :cateman

 	name = params[:name]
 	color = params[:color]
-	flags = params[:flags]

-	flags = params[:flags].to_i
-	flags = verify_flags(flags, user.flags)
-
-	newid, resp = Role.create(name, color, flags)
+	newid, resp = Category.create(name, color)
 	if newid then
-		flash[:success] = "Successfully created role '#{name}'."
+		flash[:success] = "Successfully created category '#{name}'."
 	else
 		flash[:error] = resp 
 	end
--- a/src/db_models.rb
+++ b/src/db_models.rb
@ -55,7 +55,13 @@ class User < EntityModel
 	def reputation=(val)
 		val = val.clamp MIN_REP, MAX_REP
 		@reputation = val
-		self.update({reputation: val}, "id = ?", @id)
+		User.update({reputation: val}, "id = ?", @id)
+	end
+
+	def balance=(val)
+		val = val >= 0 ? val : 0
+		@balance = val
+		User.update({balance: val}, "id = ?", @id)
 	end

 	def update_creds(data)
--- a/src/public/avatars/1.png
+++ b/src/public/avatars/1.png
--- a/src/public/avatars/2.png
+++ b/src/public/avatars/2.png
--- a/src/public/avatars/true.png
+++ b/src/public/avatars/true.png
--- a/src/views/admin/index.slim
+++ b/src/views/admin/index.slim
@ -20,9 +20,9 @@ div
      ul.list-container
        - data[:users].each do |user|
            li
-              | #{user.name}
+              | #{user.name} (id=#{user.id})
              a.inlbutton href="/admin/users/#{user.id}/edit"
-                | [EDIT]
+                | [MANAGE]
              - if session_user.admin?
                - if user.banned?
                  a.green.inlbutton href="/admin/users/#{user.id}/unban"
@ -31,32 +31,6 @@ div
                  a.red.inlbutton href="/admin/users/#{user.id}/ban"
                    | [BAN USER]

-    article.card.border
-      h2 Add User to Role 
-
-      .form-container
-        form action="/admin/roles/give" method="post"
-          label Select User
-          select name="user_id"
-            - User.get_all.each do |seluser|
-              option value="#{seluser.id}"
-                | #{seluser.name} (id=#{seluser.id})
-
-          label Select Role
-          select name="role_id"
-            - if session_user.admin?
-              - Role.get_all.each do |selrole|
-                - if selrole.id != ROLES[:banned][:id]
-                  option value="#{selrole.id}"
-                    | #{selrole.name} (id=#{selrole.id})
-            - else
-              - session_user.roles.each do |selrole|
-                - if selrole.id != ROLES[:banned][:id]
-                  option value="#{selrole.id}"
-                    | #{selrole.name} (id=#{selrole.id})
-
-          input type="submit" value="Add User"
-
  h2#roles Role Management
  .management-container
    article.card.border
@ -87,3 +61,30 @@ div
                  | [EDIT]
                a.inlbutton href="/admin/roles/#{role.id}/delete"
                  | [DELETE]
+
+  h2#categories Category Management
+  .management-container
+    article.card.border
+      h2 Create Category
+
+      .form-container
+        form action="/admin/categories" method="post"
+          label Category name
+          input type="text" name="name" pattern="#{NAME_REGEX_STR}" maxlength="#{MAX_NAME_LEN}" oninput="this.reportValidity()" title="#{REGISTER_ERRORS[:name_desc]}"
+
+          label Category color 
+          input type="color" name="color" value="#010ffa"
+
+          input type="submit" value="Create category"
+        
+
+    article.card.border
+      h2 Manage Categories 
+      ul.list-container
+        - data[:categories].each do |category|
+            li
+              | #{category.name}
+              a.inlbutton href="/admin/categories/#{category.id}/edit"
+                | [EDIT]
+              a.inlbutton href="/admin/categories/#{category.id}/delete"
+                | [DELETE]
--- a/src/views/admin/users/edit.slim
+++ b/src/views/admin/users/edit.slim
@ -16,6 +16,7 @@
    h2.tcenter = "User Settings"
    .form-container
      form action="/user/update" method="post" enctype="multipart/form-data"
+        input type="hidden" name="id" value="#{user.id}"
        img.avatar_big src="#{user.avatar_url}" alt="Your avatar"
        label Change avatar
        input type="file" name="image" accept="image"
@ -27,3 +28,49 @@
        textarea name="bio" cols="20" rows="5" title="Content length must be between #{MIN_BIO_LEN} and #{MAX_BIO_LEN} characters" pattern="#{BIO_REGEX_STR}" maxlength="#{MAX_BIO_LEN}" placeholder="Tell us about yourself!" value="#{user.bio_text}" = user.bio_text
        input type="submit" value="Update"

+    article.card.border
+      h2 Add Role 
+
+      .form-container
+        form action="/admin/users/rolegive" method="post"
+          label Select Role
+          input type="hidden" name="user_id" value="#{user.id}"
+          select name="role_id"
+            - if session_user.admin?
+              - Role.get_all.each do |selrole|
+                - if selrole.id != ROLES[:banned][:id]
+                  option value="#{selrole.id}"
+                    | #{selrole.name} (id=#{selrole.id})
+            - else
+              - session_user.roles.each do |selrole|
+                - if selrole.id != ROLES[:banned][:id]
+                  option value="#{selrole.id}"
+                    | #{selrole.name} (id=#{selrole.id})
+
+          input type="submit" value="Give role"
+
+    article.card.border
+      h2 Remove Role 
+
+      .form-container
+        form action="/admin/users/rolerevoke" method="post"
+          label Select Role
+          input type="hidden" name="user_id" value="#{user.id}"
+          select name="role_id"
+            - user.roles.each do |selrole|
+              - if selrole and selrole.id != ROLES[:banned][:id]
+                option value="#{selrole.id}"
+                  | #{selrole.name} (id=#{selrole.id})
+
+          input type="submit" value="Revoke role"
+
+    article.card.border
+      h2 Set money 
+
+      .form-container
+        form action="/admin/users/setmoney" method="post"
+          label Amount 
+          input type="hidden" name="user_id" value="#{user.id}"
+          input type="number" name="money" value="#{user.balance}" min="0"
+
+          input type="submit" value="Set money"
--- a/src/views/stylesheets/style.sass
+++ b/src/views/stylesheets/style.sass
@ -155,8 +155,10 @@ a.button:hover
  font-size: 1rem
  font-weight: bold
  animation: fade-in .9s ease-in alternate
+  border-radius: $border_radius
  background: $bg_clr
  transition: .1s opacity 
+  overflow: hidden

  div:not(:last-child)
    margin-bottom: 1rem
@ -164,14 +166,12 @@ a.button:hover
  &-error
    color: $fg_error
    padding: 8px
-    border: $border_size solid $red_clr
-    border-radius: $border_radius
+    border: $border_size solid $green_clr

  &-success
    color: $green_clr
    padding: 8px
    border: $border_size solid $green_clr
-    border-radius: $border_radius

 .flash:hover
  cursor: pointer