gochan/gochan
1
0
Fork 0
mirror of https://github.com/Eggbertx/gochan.git synced 2025-09-13 09:26:23 -07:00
Code Releases Activity

Add password confirmation box

Browse source
This commit is contained in:
Eggbertx 2023-06-06 14:29:16 -07:00
parent 9b61dde7c8
commit d92ec3a647
2 changed files with 42 additions and 37 deletions
Download patch file Download diff file Expand all files Collapse all files

77
pkg/manage/actionsAdminPerm.go
View file

@ -19,6 +19,10 @@ import (
"github.com/rs/zerolog"
)
var (
ErrPasswordConfirm = errors.New("passwords do not match")
)
// manage actions that require admin-level permission go here
func registerAdminPages() {
@ -77,46 +81,45 @@ func registerAdminPages() {
return "", err
}
for _, staff := range allStaff {
username := request.FormValue("username")
password := request.FormValue("password")
rank := request.FormValue("rank")
rankI, _ := strconv.Atoi(rank)
if do == "add" {
if _, err = gcsql.NewStaff(username, password, rankI); err != nil {
errEv.
Str("newStaff", username).
Str("newPass", password).
Int("newRank", rankI).
Caller().Msg("Error creating new staff account")
return "", fmt.Errorf("Error creating new staff account %q by %q: %s",
username, staff.Username, err.Error())
}
} else if do == "del" && username != "" {
if err = gcsql.DeactivateStaff(username); err != nil {
errEv.Err(err).
Str("delStaff", username).
Caller().Msg("Error deleting staff account")
return "", fmt.Errorf("Error deleting staff account %q by %q: %s",
username, staff.Username, err.Error())
}
username := request.FormValue("username")
password := request.FormValue("password")
passwordConfirm := request.FormValue("passwordconfirm")
if password != passwordConfirm {
return "", ErrPasswordConfirm
}
rankStr := request.FormValue("rank")
rank, err := strconv.Atoi(rankStr)
if err != nil {
errEv.Err(err).Caller().
Str("rank", rankStr).Send()
return "", err
}
if do == "add" {
fmt.Println("do = 'add'")
if _, err = gcsql.NewStaff(username, password, rank); err != nil {
errEv.Caller().
Str("newStaff", username).
Str("newPass", password).
Int("newRank", rank).
Msg("Error creating new staff account")
return "", fmt.Errorf("Error creating new staff account %q by %q: %s",
username, staff.Username, err.Error())
}
allStaff, err = getAllStaffNopass(true)
if err != nil {
errEv.Err(err).Caller().Msg("Error getting updated staff list")
err = errors.New("Error getting updated staff list: " + err.Error())
return "", err
}
switch {
case staff.Rank == 3:
rank = "admin"
case staff.Rank == 2:
rank = "mod"
case staff.Rank == 1:
rank = "janitor"
} else if do == "del" && username != "" {
if err = gcsql.DeactivateStaff(username); err != nil {
errEv.Err(err).Caller().
Str("delStaff", username).
Msg("Error deleting staff account")
return "", fmt.Errorf("Error deleting staff account %q by %q: %s",
username, staff.Username, err.Error())
}
}
allStaff, err = getAllStaffNopass(true)
if err != nil {
errEv.Err(err).Caller().Msg("Error getting updated staff list")
err = errors.New("Error getting updated staff list: " + err.Error())
return "", err
}
staffBuffer := bytes.NewBufferString("")
if err = serverutil.MinifyTemplate(gctemplates.ManageStaff, map[string]interface{}{

2
templates/manage_staff.html
View file

@ -11,6 +11,7 @@
<td>{{$staff.RankTitle}}</td>
<td>{{formatTimestamp $staff.AddedOn}}</td>
<td>
<a href="{{webPath "/manage/staff"}}" title="Update your password">Update</a> |
<a {{if eq $staff.Username $.currentUsername -}}
href="{{webPath "/manage/staff"}}" title="Cannot self terminate" style="color: black;"
{{- else -}}
@ -26,6 +27,7 @@
<table>
<tr><td>Username:</td><td><input id="username" name="username" type="text"/></td></tr>
<tr><td>Password:</td><td><input id="password" name="password" type="password"/></td></tr>
<tr><td>Confirm password:</td><td><input id="passwordconfirm" name="passwordconfirm" type="password"/></td></tr>
<tr><td>Rank:</td><td><select id="rank" name="rank">
<option value="3">Admin</option>
<option value="2">Moderator</option>