Merge pull request #45 from muttaqin1/bugFix/ban-user

[#45 ] issue - Bug fix/ban user
ISIL-ESTE · Jun 23, 2023 · dca09e4 · dca09e4
2 parents a97eeea + 154d7ee
commit dca09e4
Show file tree

Hide file tree

Showing 3 changed files with 23 additions and 5 deletions.
diff --git a/backend-app/controllers/authController.js b/backend-app/controllers/authController.js
@@ -36,6 +36,13 @@ exports.login = async (req, res, next) => {
     const user = await User.findOne({
       email,
     }).select('+password');
+    // Check if the account is banned
+    if (user && user?.accessRestricted)
+      throw new AppError(
+        403,
+        'fail',
+        'Your account has been banned. Please contact the admin for more information.'
+      );
 
     if (!user || !(await user.correctPassword(password, user.password))) {
       return next(
@@ -138,6 +145,15 @@ exports.protect = async (req, res, next) => {
       );
     }
 
+    // Check if the account is banned
+    if (user?.accessRestricted)
+      return next(
+        new AppError(
+          403,
+          'fail',
+          'Your account has been banned. Please contact the admin for more information.'
+        )
+      );
     req.user = user;
     next();
   } catch (err) {

diff --git a/backend-app/server.js b/backend-app/server.js
@@ -35,7 +35,7 @@ const expServer = app.listen(PORT, async () => {
 });
 
 // create the admin user if not exists
-require('./utils/createAdminUser');
+require('./utils/authorization/createAdminUser');
 
 process.on('unhandledRejection', (err) => {
   Logger.error('UNHANDLED REJECTION!!!  shutting down ...');

diff --git a/backend-app/utils/createAdminUser.js → ...pp/utils/authorization/createAdminUser.js b/backend-app/utils/createAdminUser.js → ...pp/utils/authorization/createAdminUser.js
@@ -1,7 +1,8 @@
 // create admin user if not exists
 
-const User = require('../models/userModel');
-const { ADMIN_EMAIL, ADMIN_PASSWORD } = require('../config/appConfig');
+const User = require('../../models/userModel');
+const { ADMIN_EMAIL, ADMIN_PASSWORD } = require('../../config/appConfig');
+const { SUPER_ADMIN } = require('../../constants/defaultRoles');
 
 const createAdminUser = async () => {
   try {
@@ -11,7 +12,9 @@ const createAdminUser = async () => {
         name: 'Admin',
         email: ADMIN_EMAIL,
         password: ADMIN_PASSWORD,
-        roles: ['SUPER_ADMIN'],
+        roles: [SUPER_ADMIN.type],
+        authorities: SUPER_ADMIN.authorities,
+        restrictions: SUPER_ADMIN.restrictions,
       });
       Logger.info('Admin user created successfully');
     }
@@ -21,4 +24,3 @@ const createAdminUser = async () => {
 };
 
 createAdminUser();
-