Skip to content
Permalink
Browse files

Current to Part 12

  • Loading branch information...
bmajewski committed Mar 6, 2015
1 parent 5942747 commit 7d3bc57ffc8ec09c4e28b739da9ba3d20da37a2c
@@ -1,6 +1,7 @@
var bodyParser = require('body-parser');
var jwt = require('jsonwebtoken');
var User = require('../models/user');
var _ = require('underscore');

var superSecret = 'TheAmazingKreskin';

@@ -23,7 +24,8 @@ module.exports = function (app, express) {
var token = jwt.sign({
name: user.name,
email: user.email,
_id: user._id
_id: user._id,
permissions: user.permissions
}, superSecret, {
expiresInMinutes: 1440
});
@@ -116,10 +118,14 @@ module.exports = function (app, express) {
});
})
.delete(function (req, res) {
User.remove({_id: req.params.user_id}, function (err, user) {
if (err) res.send(err);
res.json({});
})
if (_.contains(req.decoded.permissions, 'admin')){
User.remove({_id: req.params.user_id}, function (err, user) {
if (err) res.send(err);
res.json({});
})
} else {
return res.status(403).send({success: false, message: 'User is not authorized to delete users'});
}
});

return userRouter;
@@ -26,7 +26,8 @@
"datatables": "~1.10.5",
"datatables-bootstrap3-plugin": "~0.3.0",
"backbone.bootstrap-modal": "~0.9.0",
"backbone.stickit": "~0.8.0"
"backbone.stickit": "~0.8.0",
"toastr": "~2.1.0"
},
"resolutions": {
"jquery": ">= 1.9.1"
@@ -14,6 +14,7 @@
"express": "^4.11.2",
"jsonwebtoken": "^3.2.2",
"mongoose": "^3.8.23",
"morgan": "^1.5.1"
"morgan": "^1.5.1",
"underscore": "^1.8.2"
}
}
@@ -4,6 +4,7 @@ define(function (require) {

var globals = require('globals');
var mediator = require('mediator');
var Permissions = require('permissions');

function _authenticated(response) {
window.localStorage.setItem(globals.auth.TOKEN_KEY, response.token);
@@ -30,6 +31,7 @@ define(function (require) {
var User = require('users/model');
var _user;
var _applicationInfo;
var _permissions;

function _initialize() {
var d = $.Deferred();
@@ -53,6 +55,7 @@ define(function (require) {
_user = new User({_id: window.localStorage.getItem(globals.auth.USER_KEY)});
_user.fetch().success(function () {
mediator.trigger('page:updateUserInfo');
_permissions = new Permissions(_user.get('permissions'));
d.resolve();
});
} else {
@@ -69,11 +72,15 @@ define(function (require) {
return _user || new User();
}

function _getPermissions() {
return _permissions;
}
return {
isAuthenticated: _isAuthenticated,
initialize: _initialize,
initializeUser: _initializeUser,
getApplicationInfo: _getApplicationInfo,
getUser: _getUser
getUser: _getUser,
getPermissions: _getPermissions
}
});
@@ -3,6 +3,7 @@ define(function (require) {
var globals = require('globals');
var Router = require('router');
var mediator = require('mediator');
var toastr = require('toastr');

_.extend(Backbone.View.prototype, {
// Handle cleanup of view.
@@ -39,6 +40,29 @@ define(function (require) {
statusCode: {
401: function (context) {
mediator.trigger('router:navigate', {route: 'login', options: {trigger: true}});
},

403: function(context){
console.log('message', context.responseJSON.message);
toastr.options = {
"closeButton": false,
"debug": false,
"newestOnTop": false,
"progressBar": false,
"positionClass": "toast-top-center",
"preventDuplicates": false,
"onclick": null,
"showDuration": "300",
"hideDuration": "1000",
"timeOut": "5000",
"extendedTimeOut": "1000",
"showEasing": "swing",
"hideEasing": "linear",
"showMethod": "fadeIn",
"hideMethod": "fadeOut"
};

toastr["error"](context.responseJSON.message);
}
},
beforeSend: function (xhr) {
@@ -0,0 +1,13 @@
define(function (require) {

'use strict';

var _ = require('underscore');

return function(permissions){
this.isAdmin = function(){
return _.contains(permissions, 'admin');
};
}

});
@@ -17,7 +17,7 @@
<td>
<div class="pull-right">
<button data-id="{{_id}}" class="btn btn-danger btn-sm js-deleteUser">Delete</button>
<button data-id="{{_id}}" class="btn btn-success btn-sm js-editUser">Edit</button>
{{#if ../admin}}<button data-id="{{_id}}" class="btn btn-success btn-sm js-editUser">Edit</button>{{/if}}
</div>
</td>
</tr>
@@ -4,6 +4,7 @@ define(function (require) {
var Backbone = require('backbone');
var mediator = require('mediator');
var template = require('hbs!users/list');
var app = require('app');

var SingleView = require('users/singleView');
require('bootstrap-modal');
@@ -24,7 +25,7 @@ define(function (require) {
},

render: function () {
this.$el.html(template({users: this.collection.toJSON()}));
this.$el.html(template({users: this.collection.toJSON(), admin: app.getPermissions().isAdmin() }));
this.$('table').DataTable({
"aoColumns": [
null,
@@ -46,8 +47,8 @@ define(function (require) {
deleteUser: function(e){
var self = this;
var id = $(e.currentTarget).attr('data-id');
var user = this.collection.get(id)
user.destroy().done(function(){
var user = this.collection.get(id);
user.destroy({wait: true}).done(function(){
self.collection.remove(user);
self.render();
});
@@ -8,6 +8,7 @@
<link rel="stylesheet" href="components/font-awesome/css/font-awesome.css">
<link rel="stylesheet" href="components/datatables-bootstrap3-plugin/media/css/datatables-bootstrap3.css">
<link rel="stylesheet" href="assets/css/style.css">
<link rel="stylesheet" href="components/toastr/toastr.css">

<script src="components/requirejs/require.js" data-main="require-main.js"></script>
</head>
@@ -12,7 +12,8 @@ requirejs.config({
"datatables-bootstrap3": "../components/datatables-bootstrap3-plugin/media/js/datatables-bootstrap3",
"bootstrap-modal": "../components/bootstrap/js/modal",
"backbone.bootstrap-modal": "../components/backbone.bootstrap-modal/src/backbone.bootstrap-modal",
"stickit" : "../components/backbone.stickit/backbone.stickit"
"stickit" : "../components/backbone.stickit/backbone.stickit",
"toastr" : "../components/toastr/toastr"
}
});

0 comments on commit 7d3bc57

Please sign in to comment.
You can’t perform that action at this time.