From 820b861ef835c43ac9d58d14b6b829a097721d19 Mon Sep 17 00:00:00 2001 From: Pierre HUBERT Date: Fri, 27 Dec 2019 18:49:40 +0100 Subject: [PATCH] Start delete group method --- src/controllers/GroupsController.ts | 14 ++++++++++++++ src/controllers/Routes.ts | 2 ++ src/entities/RequestHandler.ts | 13 +++++++++++++ src/helpers/AccountHelper.ts | 20 ++++++++++++++++++++ 4 files changed, 49 insertions(+) diff --git a/src/controllers/GroupsController.ts b/src/controllers/GroupsController.ts index c19b236..9f0bdaf 100644 --- a/src/controllers/GroupsController.ts +++ b/src/controllers/GroupsController.ts @@ -552,6 +552,20 @@ export class GroupsController { h.success("Follow status has been successfully updated!"); } + /** + * Delete a group + * + * @param h Request handler + */ + public static async DeleteGroup(h: RequestHandler) { + const groupID = await h.postGroupIDWithAccess("groupID", GroupsAccessLevel.ADMIN_ACCESS); + + await h.needUserPostPassword("password"); + + // TODO : implement method + h.error(500, "Method not implemented yet!"); + } + /** * Turn a GroupInfo object into a valid API object * diff --git a/src/controllers/Routes.ts b/src/controllers/Routes.ts index e028adc..47c8dec 100644 --- a/src/controllers/Routes.ts +++ b/src/controllers/Routes.ts @@ -128,4 +128,6 @@ export const Routes : Route[] = [ {path: "/groups/remove_membership", cb: (h) => GroupsController.RemoveMembership(h)}, {path: "/groups/set_following", cb: (h) => GroupsController.SetFollowing(h)}, + + {path: "/groups/delete", cb: (h) => GroupsController.DeleteGroup(h)}, ] \ No newline at end of file diff --git a/src/entities/RequestHandler.ts b/src/entities/RequestHandler.ts index ab7269c..7ccd357 100644 --- a/src/entities/RequestHandler.ts +++ b/src/entities/RequestHandler.ts @@ -374,6 +374,19 @@ export class RequestHandler { this.error(412, "Please check your login tokens!"); } + /** + * Check the user password included in the request + * + * @param postField The name of the post field + * containing user password + */ + public async needUserPostPassword(postField: string) { + const password = this.postString(postField, 3); + + if(!await AccountHelper.CheckUserPassword(this.getUserId(), password)) + this.error(401, "Invalid password!"); + } + /** * Get information about API client */ diff --git a/src/helpers/AccountHelper.ts b/src/helpers/AccountHelper.ts index 0c8945a..32054d6 100644 --- a/src/helpers/AccountHelper.ts +++ b/src/helpers/AccountHelper.ts @@ -121,6 +121,26 @@ export class AccountHelper { }); } + + /** + * Check out whether the password of a user is valid + * or not + * + * @param userID Target user ID + * @param password Target password + */ + public static async CheckUserPassword(userID: number, password: string) : Promise { + const crypt_pass = this.CryptPassword(password); + + return await DatabaseHelper.Count({ + table: USER_TABLE, + where: { + ID: userID, + password: crypt_pass + } + }) > 0; + } + /** * Crypt a password *