mirror of
https://github.com/gmemstr/pogo.git
synced 2024-09-19 17:21:10 +01:00
Added values for editing/adding permision to users via web interface
This commit is contained in:
parent
4351bb7e4e
commit
c831bbf1e4
|
@ -50,7 +50,7 @@ func AddUser() common.Handler {
|
|||
StatusCode: http.StatusInternalServerError,
|
||||
}
|
||||
}
|
||||
statement, err := db.Prepare("INSERT INTO users(username,hash,realname,email) VALUES (?,?,?,?)")
|
||||
statement, err := db.Prepare("INSERT INTO users(username,hash,realname,email,permissions) VALUES (?,?,?,?,?)")
|
||||
if err != nil {
|
||||
return &common.HTTPError{
|
||||
Message: fmt.Sprintf("error preparing sqlite3 statement: %v", err),
|
||||
|
@ -70,10 +70,11 @@ func AddUser() common.Handler {
|
|||
password := strings.Join(r.Form["password"], "")
|
||||
realname := strings.Join(r.Form["realname"], "")
|
||||
email := strings.Join(r.Form["email"], "")
|
||||
permissions := strings.Join(r.Form["permissions"], "")
|
||||
|
||||
hash, err := bcrypt.GenerateFromPassword([]byte(password), 4)
|
||||
|
||||
_, err = statement.Exec(username, hash, realname, email)
|
||||
_, err = statement.Exec(username, hash, realname, email, permissions)
|
||||
if err != nil {
|
||||
return &common.HTTPError{
|
||||
Message: fmt.Sprintf("error executing sqlite3 statement: %v", err),
|
||||
|
@ -112,9 +113,10 @@ func EditUser() common.Handler {
|
|||
newpassword := strings.Join(r.Form["newpw1"], "")
|
||||
realname := strings.Join(r.Form["realname"], "")
|
||||
email := strings.Join(r.Form["email"], "")
|
||||
permissions := strings.Join(r.Form["permissions"], "")
|
||||
pwhash, err := bcrypt.GenerateFromPassword([]byte(password), 4)
|
||||
|
||||
statement, err := db.Prepare("UPDATE users SET username=?, hash=?, realname=?, email=? WHERE id=?")
|
||||
statement, err := db.Prepare("UPDATE users SET username=?, hash=?, realname=?, email=?, permissions=? WHERE id=?")
|
||||
if err != nil {
|
||||
return &common.HTTPError{
|
||||
Message: fmt.Sprintf("error preparing sqlite3 statement: %v", err),
|
||||
|
@ -162,7 +164,7 @@ func EditUser() common.Handler {
|
|||
pwhash, err = bcrypt.GenerateFromPassword([]byte(newpassword), 4)
|
||||
}
|
||||
|
||||
_, err = statement.Exec(username, pwhash, realname, email, id)
|
||||
_, err = statement.Exec(username, pwhash, realname, email, id, permissions)
|
||||
if err != nil {
|
||||
return &common.HTTPError{
|
||||
Message: fmt.Sprintf("error executing sqlite3 statement: %v", err),
|
||||
|
|
Binary file not shown.
|
@ -91,6 +91,12 @@ const usernew = {
|
|||
|
||||
<label for="password">New Password</label>
|
||||
<input type="password" id="password" name="password">
|
||||
<label for="permissions">Permission Level</label>
|
||||
<select name="permissions">
|
||||
<option value="0">Publishing only</option>
|
||||
<option value="1">Publishing and Episode Management</option>
|
||||
<option value="2">Publishing, Episode and User management</option>
|
||||
</select>
|
||||
<br /><br />
|
||||
<input type="submit" class="button" value="Save"></form>
|
||||
</div>
|
||||
|
|
|
@ -97,22 +97,22 @@ func Init() *mux.Router {
|
|||
admin.DeleteUser(),
|
||||
)).Methods("GET")
|
||||
r.Handle("/admin/edit", Handle(
|
||||
auth.RequireAuthorization(0),
|
||||
auth.RequireAuthorization(1),
|
||||
admin.EditEpisode(),
|
||||
)).Methods("POST")
|
||||
|
||||
r.Handle("/admin/delete", Handle(
|
||||
auth.RequireAuthorization(0),
|
||||
auth.RequireAuthorization(1),
|
||||
admin.RemoveEpisode(),
|
||||
)).Methods("GET")
|
||||
|
||||
r.Handle("/admin/css", Handle(
|
||||
auth.RequireAuthorization(2),
|
||||
auth.RequireAuthorization(1),
|
||||
admin.CustomCss(),
|
||||
)).Methods("GET", "POST")
|
||||
|
||||
r.Handle("/admin/adduser", Handle(
|
||||
auth.RequireAuthorization(1),
|
||||
auth.RequireAuthorization(2),
|
||||
admin.AddUser(),
|
||||
)).Methods("POST")
|
||||
|
||||
|
|
Loading…
Reference in a new issue