sstent/expressmongotest
1
0
Fork 0
mirror of https://github.com/sstent/expressmongotest.git synced 2026-01-25 16:42:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

tweakign the isAdmin rules

Browse Source
This commit is contained in:
sstent
2013-01-18 10:00:25 -05:00
parent a147de86fb
commit ea579b5ab0
5 changed files with 8 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
test/routes/index.js
View File

@@ -4,10 +4,10 @@
*/
var loggedIn = require('./middleware/logged_in');
var isAdmin = require('./middleware/is_admin');
module.exports = function(app) {
app.get('/', loggedIn, function(req, res){
app.get('/', loggedIn, isAdmin, function(req, res){
res.render('index', { title: 'Express' });
});
};

2
test/routes/session.js
View File

@@ -18,7 +18,7 @@ module.exports = function(app) {
if (user) {
req.session.user = user;
console.log("req.session.user= " + JSON.stringify(req.session.user));
res.redirect('/users');
res.redirect('/users/' + req.session.user.username);
} else {
res.redirect('/session/new');
}

2
test/routes/users.js
View File

@@ -51,13 +51,13 @@ module.exports = function(app) {
res.render('users/profile', {
title: 'User profile',
user: req.user,
requested: req.params.name,
recentArticles: articles
});
});
});
app.post('/users', notLoggedIn, function(req, res, next) {
console.log("/nreq.body" + JSON.stringify(req.body));
User.create(req.body, function(err) {
if (err) {
if (err.code === 11000) {

3
test/views/articles/article.jade
View File

@@ -10,6 +10,3 @@ block content
span Author:
 
a(href="/users/" + encodeURIComponent(article.author.name))= article.author.name
p
a(href="/articles") Back to all articles

12
test/views/users/profile.jade
View File

@@ -2,8 +2,11 @@ extends ../layout
block content
h1= user.name
- if (session.user.)
- if (session.user.name === requested)
h1 Private View
p= session.user.name
p= requested
- else
h1 Public View
@@ -13,10 +16,3 @@ block content
li
a(href="/articles/" + encodeURIComponent(article._id))= article.title
- });
- if (session.user.is_admin = 'true')
form(action="/users/" + encodeURIComponent(user.username), method="POST")
input(name="_method", type="hidden", value="DELETE")
input(type="submit", value="Delete")
a(href="/users/") Back to Userlist