77 lines
3.0 KiB
JavaScript
77 lines
3.0 KiB
JavaScript
const express = require('express');
|
|
const router = express.Router();
|
|
const authMiddleware = require('../middleware/authMiddleware');
|
|
const AdminUserController = require('../controller/admin/AdminUserController');
|
|
const UserDocumentController = require('../controller/documents/UserDocumentController');
|
|
const ServerStatusController = require('../controller/admin/ServerStatusController');
|
|
const PasswordResetController = require('../controller/password-reset/PasswordResetController');
|
|
|
|
// Helper middleware to check admin role
|
|
function requireAdmin(req, res, next) {
|
|
if (!req.user || req.user.role !== 'admin') {
|
|
return res.status(403).json({ success: false, message: 'Forbidden: Admins only.' });
|
|
}
|
|
next();
|
|
}
|
|
|
|
router.get('/admin/user-stats', authMiddleware, requireAdmin, AdminUserController.getUserStats);
|
|
router.get('/admin/user-list', authMiddleware, requireAdmin, AdminUserController.getUserList);
|
|
router.get('/admin/verification-pending-users', authMiddleware, requireAdmin, AdminUserController.getVerificationPendingUsers);
|
|
router.post('/admin/verify-user/:id', authMiddleware, requireAdmin, AdminUserController.verifyUser);
|
|
router.get('/admin/user/:id/documents', authMiddleware, requireAdmin, UserDocumentController.getAllDocumentsForUser);
|
|
router.get('/admin/server-status', authMiddleware, requireAdmin, ServerStatusController.getStatus);
|
|
|
|
// PUT /admin/users/:id/permissions - update user permissions
|
|
router.put(
|
|
'/admin/users/:id/permissions',
|
|
authMiddleware,
|
|
requireAdmin,
|
|
AdminUserController.updateUserPermissions
|
|
);
|
|
|
|
// Admin: send password reset link for a user
|
|
router.post(
|
|
'/admin/send-password-reset/:userId',
|
|
authMiddleware,
|
|
requireAdmin,
|
|
async (req, res) => {
|
|
// Find user by ID and get their email
|
|
const userId = req.params.userId;
|
|
const UnitOfWork = require('../repositories/UnitOfWork');
|
|
const PersonalUserRepository = require('../repositories/PersonalUserRepository');
|
|
const CompanyUserRepository = require('../repositories/CompanyUserRepository');
|
|
const uow = new UnitOfWork();
|
|
let user = null;
|
|
let email = null;
|
|
try {
|
|
await uow.start();
|
|
const personalRepo = new PersonalUserRepository(uow);
|
|
const companyRepo = new CompanyUserRepository(uow);
|
|
user = await personalRepo.findById(userId);
|
|
if (!user) user = await companyRepo.findById(userId);
|
|
if (!user) {
|
|
await uow.rollback();
|
|
return res.status(404).json({ success: false, message: 'User not found.' });
|
|
}
|
|
email = user.email;
|
|
await uow.commit();
|
|
} catch (err) {
|
|
await uow.rollback();
|
|
console.error('[ADMIN SEND PASSWORD RESET] Error:', err); // <-- log error details
|
|
return res.status(500).json({ success: false, message: 'Internal server error.' });
|
|
}
|
|
// Call the password reset controller
|
|
req.body = { email }; // Set email in body for controller
|
|
return PasswordResetController.requestPasswordReset(req, res);
|
|
}
|
|
);
|
|
|
|
router.delete(
|
|
'/admin/user/:id',
|
|
authMiddleware,
|
|
requireAdmin,
|
|
AdminUserController.deleteUser
|
|
);
|
|
|
|
module.exports = router;
|