diff --git a/admin/admin.go b/admin/admin.go
index d59608a..f4d3fe0 100644
--- a/admin/admin.go
+++ b/admin/admin.go
@@ -50,7 +50,7 @@ func AddUser() common.Handler {
StatusCode: http.StatusInternalServerError,
}
}
- statement, err := db.Prepare("INSERT INTO users(username,hash,realname,email) VALUES (?,?,?,?)")
+ statement, err := db.Prepare("INSERT INTO users(username,hash,realname,email,permissions) VALUES (?,?,?,?,?)")
if err != nil {
return &common.HTTPError{
Message: fmt.Sprintf("error preparing sqlite3 statement: %v", err),
@@ -70,10 +70,11 @@ func AddUser() common.Handler {
password := strings.Join(r.Form["password"], "")
realname := strings.Join(r.Form["realname"], "")
email := strings.Join(r.Form["email"], "")
+ permissions := strings.Join(r.Form["permissions"], "")
hash, err := bcrypt.GenerateFromPassword([]byte(password), 4)
- _, err = statement.Exec(username, hash, realname, email)
+ _, err = statement.Exec(username, hash, realname, email, permissions)
if err != nil {
return &common.HTTPError{
Message: fmt.Sprintf("error executing sqlite3 statement: %v", err),
@@ -112,9 +113,10 @@ func EditUser() common.Handler {
newpassword := strings.Join(r.Form["newpw1"], "")
realname := strings.Join(r.Form["realname"], "")
email := strings.Join(r.Form["email"], "")
+ permissions := strings.Join(r.Form["permissions"], "")
pwhash, err := bcrypt.GenerateFromPassword([]byte(password), 4)
- statement, err := db.Prepare("UPDATE users SET username=?, hash=?, realname=?, email=? WHERE id=?")
+ statement, err := db.Prepare("UPDATE users SET username=?, hash=?, realname=?, email=?, permissions=? WHERE id=?")
if err != nil {
return &common.HTTPError{
Message: fmt.Sprintf("error preparing sqlite3 statement: %v", err),
@@ -162,7 +164,7 @@ func EditUser() common.Handler {
pwhash, err = bcrypt.GenerateFromPassword([]byte(newpassword), 4)
}
- _, err = statement.Exec(username, pwhash, realname, email, id)
+ _, err = statement.Exec(username, pwhash, realname, email, id, permissions)
if err != nil {
return &common.HTTPError{
Message: fmt.Sprintf("error executing sqlite3 statement: %v", err),
diff --git a/assets/config/users.db b/assets/config/users.db
index cf14ec3..7b05088 100644
Binary files a/assets/config/users.db and b/assets/config/users.db differ
diff --git a/assets/web/static/app.js b/assets/web/static/app.js
index 1e933ee..b4013ff 100644
--- a/assets/web/static/app.js
+++ b/assets/web/static/app.js
@@ -91,6 +91,12 @@ const usernew = {
+
+
diff --git a/router/router.go b/router/router.go
index 9c31b9a..8a0fdeb 100644
--- a/router/router.go
+++ b/router/router.go
@@ -97,22 +97,22 @@ func Init() *mux.Router {
admin.DeleteUser(),
)).Methods("GET")
r.Handle("/admin/edit", Handle(
- auth.RequireAuthorization(0),
+ auth.RequireAuthorization(1),
admin.EditEpisode(),
)).Methods("POST")
r.Handle("/admin/delete", Handle(
- auth.RequireAuthorization(0),
+ auth.RequireAuthorization(1),
admin.RemoveEpisode(),
)).Methods("GET")
r.Handle("/admin/css", Handle(
- auth.RequireAuthorization(2),
+ auth.RequireAuthorization(1),
admin.CustomCss(),
)).Methods("GET", "POST")
r.Handle("/admin/adduser", Handle(
- auth.RequireAuthorization(1),
+ auth.RequireAuthorization(2),
admin.AddUser(),
)).Methods("POST")