Merge branch '19-opprettelse-av-admintilgang' into 'master'

Resolve "Opprettelse av administrator tilgang"

Closes #19

See merge request !25

client/src/app/authentication/auth.service.ts

@@ -28,7 +28,7 @@ export class AuthService {
       // Get user data from JWT token
       const token = localStorage.getItem('token');
       const user_data = JSON.parse(atob(token.split(".")[1])).data[0];
-
+      
       return new User(user_data);
     }
     return new User();

client/src/app/models/user.model.ts

@@ -7,6 +7,7 @@ export class User implements Deserializable, Serializable {
     private email: string;
     private password: string;
     private create_time: Date;
+    private isAdmin: number;
 
     constructor(input: any = null) {
         if (input) {
@@ -17,21 +18,24 @@ export class User implements Deserializable, Serializable {
             this.email = null;
             this.password = null;
             this.create_time = new Date();
+            this.isAdmin = 0;
         }
     }
 
     deserialize(input: Object): this {
         Object.assign(this, input);
+        console.log(this);
         return this;
     }
-
+    
     serialize(): Object {
         return {
             userId: this.userId,
             username: this.username,
             email: this.email,
             password: this.password,
-            create_time: this.create_time
+            create_time: this.create_time,
+            isAdmin: this.isAdmin,
         };
     }
 
@@ -75,4 +79,11 @@ export class User implements Deserializable, Serializable {
         this.create_time = create_time;
     }
 
+    get getIsAdmin() {
+        return this.isAdmin;
+    }
+
+    set setIsAdmin(isAdmin: number) {
+        isAdmin = this.isAdmin;
+    }
 }
\ No newline at end of file

client/src/app/posts/post-details/post-details.component.html

@@ -7,7 +7,12 @@
 <p>Publisert: {{post.getTimestamp}}</p>
 <p>Eier: {{post.getOwner}}</p>
 
+<p>a: {{isAdmin}}</p>
+<p>b: {{userId}}</p>
+
 <div *ngIf="userId == post.getOwner">
     <app-button text="Rediger annonse" (click)="editPost()"></app-button>
+</div>
+<div *ngIf="userId == post.getOwner || isAdmin == 1">
     <app-button text="Slett annonse" (click)="deletePost()"></app-button>
 </div>

client/src/app/posts/post-details/post-details.component.ts

@@ -3,6 +3,7 @@ import { Post } from 'src/app/models/post.model';
 import { PostService } from '../post.service';
 import { ActivatedRoute, Router } from '@angular/router'
 import { AuthService } from 'src/app/authentication/auth.service';
+import { User } from 'src/app/models/user.model';
 
 @Component({
   selector: 'app-post-details',
@@ -12,13 +13,18 @@ import { AuthService } from 'src/app/authentication/auth.service';
 export class PostDetailsComponent implements OnInit {
 
   post: Post = new Post();
+  user: User = new User();
+  isAdmin: number = 0;
   userId: number = 0;
 
   constructor(private postService: PostService, private activatedRoute: ActivatedRoute, private router: Router, private authService: AuthService) { }
 
   ngOnInit(): void {
-    // Gets ID from current user
-    this.userId = this.authService.getCurrentUser(false).getUserId;
+    // Gets current user information
+    this.user = this.authService.getCurrentUser(false);
+    // If user is logged in, assign userId and isAdmin
+    this.userId = this.user.getUserId; // 0
+    this.isAdmin = this.user.getIsAdmin; // 0
 
     // Gets id parameter from URL
     const id = this.activatedRoute.snapshot.params["id"];

client/src/app/users/user-profile/user-profile.component.spec.ts

@@ -22,7 +22,8 @@ describe('UserProfileComponent', () => {
       username: "tester",
       email: "test@test.com",
       password: "1234",
-      create_time: 513498
+      create_time: 513498,
+      isAdmin: 0
     }));
 
     // UserService mock setup
@@ -69,7 +70,8 @@ describe('UserProfileComponent', () => {
       username: "tester",
       email: "test@test.com",
       password: "1234",
-      create_time: 513498
+      create_time: 513498,
+      isAdmin: 0
     }));
   });
 

client/src/app/users/user-registration-form/user-registration-form.component.ts

@@ -60,6 +60,7 @@ export class UserRegistrationFormComponent implements OnInit {
         username: this.username,
         email: this.email,
         password: this.password,
+        isAdmin: 0,
       });
 
       // Adds user to database and redirects to the homepage afterwards

client/src/app/users/user.service.spec.ts

@@ -40,6 +40,7 @@ describe('UserService', () => {
             email: "blob@planet.us",
             password: "Hyttepine",
             create_time: 1613552549000,
+            isAdmin: 0
           }]
         });
       });
@@ -59,6 +60,7 @@ describe('UserService', () => {
             username: "zorg",
             email: "blob@planet.us",
             password: "Hyttepine",
+            isAdmin: 0
           }]
         });
       });

server/src/controllers/authController/index.ts

@@ -4,29 +4,31 @@ import express from 'express';
 import IUser from '../../models/user';
 import * as jwt from 'jsonwebtoken';
 import config from '../../config';
+import { isNamedExportBindings } from "typescript";
 
 const router = express.Router();
 
 // Post register user `/api/auth/register`
 router.route('/register').post(async (request: Request, response: Response) => {
-	const {username, email, password, create_time} = request.body;
+	const {username, email, password, isAdmin, create_time} = request.body;
 	try {
         // Check valid request data parameters
 		const user_data: IUser = {
 			"username": username,
 			"email": email,
             "password": password,
+			"isAdmin": isAdmin || 0,
 		};
 		if (Object.values(user_data).filter(p => p == undefined).length > 0) return response.status(500).send("Error");
         // Check for user duplicates
-        const duplicate_input = "SELECT userId, username, email, create_time FROM user WHERE username=? AND password=?;"
+        const duplicate_input = "SELECT userId, username, email, create_time, isAdmin FROM user WHERE username=? AND password=?;"
         const user = await query(duplicate_input,[user_data.username, user_data.password]);
         const retrievedUserObj = Object.values(JSON.parse(JSON.stringify(user.data)))[0];
 		if (retrievedUserObj) {
             return response.status(403).send("There exists an user with the same username or emails given!");
         }
         // If there is no duplicates, create new user
-		const input = (`INSERT INTO user(username, email, password) VALUES (?,?,?)`)
+		const input = (`INSERT INTO user(username, email, password, isAdmin) VALUES (?,?,?,?)`)
 		return response.status(200).json(
 			await query(input,Object.values(user_data))
 		);
@@ -39,7 +41,7 @@ router.route('/register').post(async (request: Request, response: Response) => {
 router.route('/login').post(async (request: Request, response: Response) => {
 	const {username, password} = request.body;
 	try {
-		const input = "SELECT userId, username, email, create_time FROM user WHERE username=? AND password=?;"
+		const input = "SELECT userId, username, email, isAdmin, create_time FROM user WHERE username=? AND password=?;"
 		const user = await query(input,[username, password]);
 		// Check if an user object is retrieved
 		const userObj = Object.values(JSON.parse(JSON.stringify(user.data)))[0];

server/src/controllers/postController/index.ts

@@ -3,6 +3,7 @@ import query from "../../services/db_query";
 import express from "express";
 import IPost from "../../models/post";
 import Category from "../../models/category";
+import authenticateToken from '../../middlewares/auth';
 
 const router = express.Router();
 const category = new Category();
@@ -76,7 +77,7 @@ router.route("/:id").get(async (request: Request, response: Response) => {
 
 /* ============================= UPDATE ============================= */
 // Edit post with id `/api/post/:id`
-router.route("/:id").put(async (request: Request, response: Response) => {
+router.route("/:id").put(authenticateToken, async (request: Request, response: Response) => {
   const postId: string = request.params.id as string;
   const {
     title,
@@ -108,7 +109,7 @@ router.route("/:id").put(async (request: Request, response: Response) => {
 
 /* ============================= DELETE ============================= */
 // Remove post with id `/api/post/:id`
-router.route("/:id").delete(async (request: Request, response: Response) => {
+router.route("/:id").delete(authenticateToken, async (request: Request, response: Response) => {
   const postId: string = request.params.id as string;
   try {
     response
@@ -119,4 +120,4 @@ router.route("/:id").delete(async (request: Request, response: Response) => {
   }
 });
 
-export default router;
+export default router;
\ No newline at end of file

server/src/controllers/userController/index.ts

@@ -6,17 +6,18 @@ import authenticateToken from '../../middlewares/auth';
 
 const router = express.Router();
 /* ============================= CREATE ============================= */
-// Get all users `/api/user/`
+// Create an user `/api/user/`
 router.route('/').post(async (request: Request, response: Response) => {
-	const {username, email, password, create_time} = request.body;
+	const {username, email, password, isAdmin, create_time} = request.body; // destructuring
 	try {
 		const user: IUser = {
 			"username": username,
 			"email": email,
             "password": password,
+			"isAdmin": isAdmin || 0,
 		};
 		if (Object.values(user).filter(p => p == undefined).length > 0) return response.status(500).send("Error");
-		const input = (`INSERT INTO user(username, email, password) VALUES (?,?,?)`)
+		const input = (`INSERT INTO user(username, email, password, isAdmin) VALUES (?,?,?,?)`);
 		return response.status(200).json(
 			await query(input,Object.values(user))
 		);
@@ -72,4 +73,3 @@ router.route('/:userId').delete(authenticateToken, async (request: Request, resp
 });
 
 export default router;
-

server/src/models/user.ts

@@ -5,6 +5,7 @@ interface IUser{
     email: string;
     password: string;
     create_time?: Date;
+    isAdmin: number;
 }
 
 export default IUser;