diff --git a/api/v1/routes/users/assignPossition.js b/api/v1/routes/users/assignPossition.js new file mode 100644 index 0000000..71092df --- /dev/null +++ b/api/v1/routes/users/assignPossition.js @@ -0,0 +1,20 @@ +module.exports = (app, utils) => { + app.get('/api/v1/users/assignPossition', async function (req, res) { + const packet = req.query; + if (!await utils.UserManager.loginWithToken(packet.user, packet.token)) { + utils.error(res, 400, "Reauthenticate"); + return; + } + if (!await utils.UserManager.isAdmin(packet.user)) { + utils.error(res, 403, "FeatureDisabledForThisAccount"); + return; + } + + await utils.UserManager.setAdmin(packet.target, utils.Cast.toBoolean(packet.admin)); + await utils.UserManager.setApprover(packet.target, utils.Cast.toBoolean(packet.approver)); + + res.status(200); + res.header("Content-Type", 'application/json'); + res.json({ "success": 'AppliedStatus' }); + }); +} \ No newline at end of file diff --git a/api/v1/routes/users/isBanned.js b/api/v1/routes/users/isBanned.js new file mode 100644 index 0000000..f2cd059 --- /dev/null +++ b/api/v1/routes/users/isBanned.js @@ -0,0 +1,12 @@ +module.exports = (app, utils) => { + app.get('/api/v1/users/isBanned', async function (req, res) { + if (typeof req.query.username != "string") { + utils.error(res, 400, "InvalidRequest"); + return; + } + + res.status(200); + res.header("Content-Type", 'application/json'); + res.json({ "banned": await utils.UserManager.isBanned(req.query.username) }); + }); +} \ No newline at end of file