mirror of
https://github.com/kremalicious/umami.git
synced 2024-12-24 18:26:20 +01:00
Fix update user.
This commit is contained in:
parent
5fc96cf5e1
commit
ef324fdf73
@ -16,7 +16,9 @@ import useMessages from 'hooks/useMessages';
|
|||||||
export default function UserEditForm({ userId, data, onSave }) {
|
export default function UserEditForm({ userId, data, onSave }) {
|
||||||
const { formatMessage, labels, messages } = useMessages();
|
const { formatMessage, labels, messages } = useMessages();
|
||||||
const { post, useMutation } = useApi();
|
const { post, useMutation } = useApi();
|
||||||
const { mutate, error } = useMutation(({ username }) => post(`/users/${userId}`, { username }));
|
const { mutate, error } = useMutation(({ username, password, role }) =>
|
||||||
|
post(`/users/${userId}`, { username, password, role }),
|
||||||
|
);
|
||||||
|
|
||||||
const handleSubmit = async data => {
|
const handleSubmit = async data => {
|
||||||
mutate(data, {
|
mutate(data, {
|
||||||
|
@ -43,6 +43,7 @@ export interface User {
|
|||||||
id: string;
|
id: string;
|
||||||
username: string;
|
username: string;
|
||||||
password?: string;
|
password?: string;
|
||||||
|
role: string;
|
||||||
createdAt?: Date;
|
createdAt?: Date;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -45,7 +45,10 @@ export default async (
|
|||||||
|
|
||||||
const token = createSecureToken({ userId: user.id }, secret());
|
const token = createSecureToken({ userId: user.id }, secret());
|
||||||
|
|
||||||
return ok(res, { token, user });
|
return ok(res, {
|
||||||
|
token,
|
||||||
|
user: { id: user.id, username: user.username, createdAt: user.createdAt },
|
||||||
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
return unauthorized(res, 'message.incorrect-username-password');
|
return unauthorized(res, 'message.incorrect-username-password');
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
import { NextApiRequestQueryBody, User } from 'lib/types';
|
import { NextApiRequestQueryBody, Roles, User } from 'lib/types';
|
||||||
import { canDeleteUser, canUpdateUser, canViewUser } from 'lib/auth';
|
import { canDeleteUser, canUpdateUser, canViewUser } from 'lib/auth';
|
||||||
import { useAuth } from 'lib/middleware';
|
import { useAuth } from 'lib/middleware';
|
||||||
import { NextApiResponse } from 'next';
|
import { NextApiResponse } from 'next';
|
||||||
@ -12,6 +12,7 @@ export interface UserRequestQuery {
|
|||||||
export interface UserRequestBody {
|
export interface UserRequestBody {
|
||||||
username: string;
|
username: string;
|
||||||
password: string;
|
password: string;
|
||||||
|
role: Roles;
|
||||||
}
|
}
|
||||||
|
|
||||||
export default async (
|
export default async (
|
||||||
@ -40,17 +41,20 @@ export default async (
|
|||||||
return unauthorized(res);
|
return unauthorized(res);
|
||||||
}
|
}
|
||||||
|
|
||||||
const { username, password } = req.body;
|
const { username, password, role } = req.body;
|
||||||
|
|
||||||
const user = await getUser({ id });
|
const user = await getUser({ id });
|
||||||
|
|
||||||
const data: any = {};
|
const data: any = {};
|
||||||
|
|
||||||
// Only admin can change these fields
|
if (password) {
|
||||||
if (password && isAdmin) {
|
|
||||||
data.password = hashPassword(password);
|
data.password = hashPassword(password);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (role && isAdmin) {
|
||||||
|
data.role = role;
|
||||||
|
}
|
||||||
|
|
||||||
// Only admin can change these fields
|
// Only admin can change these fields
|
||||||
if (username && isAdmin) {
|
if (username && isAdmin) {
|
||||||
data.username = username;
|
data.username = username;
|
||||||
|
@ -17,6 +17,7 @@ export async function getUser(
|
|||||||
username: true,
|
username: true,
|
||||||
password: includePassword,
|
password: includePassword,
|
||||||
role: true,
|
role: true,
|
||||||
|
createdAt: true,
|
||||||
},
|
},
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user