Actions for promoting/demoting admins

This commit is contained in:
swagg boi 2023-04-21 23:21:12 -04:00
parent 10cd3cffb1
commit 9a68e9ec83
10 changed files with 138 additions and 17 deletions

View file

@ -215,6 +215,14 @@ sub startup($self) {
$mod_admin->any([qw{GET POST}], '/unlock') $mod_admin->any([qw{GET POST}], '/unlock')
->to('moderator#unlock_acct') ->to('moderator#unlock_acct')
->name('unlock_acct'); ->name('unlock_acct');
$mod_admin->any([qw{GET POST}], '/promote')
->to('moderator#promote')
->name('promote_mod');
$mod_admin->any([qw{GET POST}], '/demote')
->to('moderator#demote')
->name('demote_admin');
} }
1; 1;

View file

@ -277,4 +277,48 @@ sub unlock_acct($self) {
return $self->render; return $self->render;
} }
sub promote($self) {
my $v;
$v = $self->validation if $self->req->method eq 'POST';
if ($v && $v->has_data) {
$v->required('email');
if ($v->has_error) {
$self->stash(status => 404)
}
else {
my $email = $self->param('email');
$self->moderator->promote($email);
$self->stash(info => "Account $email has been promoted to admin 🧑‍🎓");
}
}
return $self->render;
}
sub demote($self) {
my $v;
$v = $self->validation if $self->req->method eq 'POST';
if ($v && $v->has_data) {
$v->required('email');
if ($v->has_error) {
$self->stash(status => 404)
}
else {
my $email = $self->param('email');
$self->moderator->demote($email);
$self->stash(info => "Account $email has been demoted to mod 🧒");
}
}
return $self->render;
}
1; 1;

View file

@ -208,4 +208,20 @@ sub unlock_acct($self, $email) {
END_SQL END_SQL
} }
sub promote($self, $email) {
$self->pg->db->query(<<~'END_SQL', $email)
UPDATE moderators
SET admin_status = TRUE
WHERE email_addr = ?;
END_SQL
}
sub demote($self, $email) {
$self->pg->db->query(<<~'END_SQL', $email)
UPDATE moderators
SET admin_status = FALSE
WHERE email_addr = ?;
END_SQL
}
1; 1;

View file

@ -61,6 +61,22 @@ subtest Login => sub {
->element_exists('form input[name="email"]' ) ->element_exists('form input[name="email"]' )
}; };
subtest Promote => sub {
$t->get_ok('/moderator/admin/promote')
->status_is(200)
->text_like(h2 => qr/Promote Moderator/)
->element_exists('a[href*="/moderator/admin/promote"]')
->element_exists('form input[name="email"]' )
};
subtest Demote => sub {
$t->get_ok('/moderator/admin/demote')
->status_is(200)
->text_like(h2 => qr/Demote Admin/)
->element_exists('a[href*="/moderator/admin/demote"]')
->element_exists('form input[name="email"]' )
};
# Admin session ends # Admin session ends
$t->get_ok('/logout') $t->get_ok('/logout')
->status_is(302) ->status_is(302)
@ -72,14 +88,18 @@ subtest Login => sub {
->element_exists_not('a[href*="/moderator/admin/create"]' ) ->element_exists_not('a[href*="/moderator/admin/create"]' )
->element_exists_not('a[href*="/moderator/admin/reset"]' ) ->element_exists_not('a[href*="/moderator/admin/reset"]' )
->element_exists_not('a[href*="/moderator/admin/lock"]' ) ->element_exists_not('a[href*="/moderator/admin/lock"]' )
->element_exists_not('a[href*="/moderator/admin/unlock"]'); ->element_exists_not('a[href*="/moderator/admin/unlock"]' )
->element_exists_not('a[href*="/moderator/admin/promote"]')
->element_exists_not('a[href*="/moderator/admin/demote"]' );
$t->get_ok('/remark/single/1') $t->get_ok('/remark/single/1')
->status_is(200) ->status_is(200)
->element_exists_not('a[href*="/moderator/admin/create"]' ) ->element_exists_not('a[href*="/moderator/admin/create"]' )
->element_exists_not('a[href*="/moderator/admin/reset"]' ) ->element_exists_not('a[href*="/moderator/admin/reset"]' )
->element_exists_not('a[href*="/moderator/admin/lock"]' ) ->element_exists_not('a[href*="/moderator/admin/lock"]' )
->element_exists_not('a[href*="/moderator/admin/unlock"]'); ->element_exists_not('a[href*="/moderator/admin/unlock"]' )
->element_exists_not('a[href*="/moderator/admin/promote"]')
->element_exists_not('a[href*="/moderator/admin/demote"]' );
$t->get_ok('/moderator/admin/create') $t->get_ok('/moderator/admin/create')
->status_is(302) ->status_is(302)
@ -96,6 +116,14 @@ subtest Login => sub {
$t->get_ok('/moderator/admin/unlock') $t->get_ok('/moderator/admin/unlock')
->status_is(302) ->status_is(302)
->header_like(Location => qr/login/); ->header_like(Location => qr/login/);
$t->get_ok('/moderator/admin/promote')
->status_is(302)
->header_like(Location => qr/login/);
$t->get_ok('/moderator/admin/demote')
->status_is(302)
->header_like(Location => qr/login/);
}; };
}; };

View file

@ -30,6 +30,8 @@
<%= link_to Reset => 'admin_reset' %> <%= link_to Reset => 'admin_reset' %>
<%= link_to Lock => 'lock_acct' %> <%= link_to Lock => 'lock_acct' %>
<%= link_to Unlock => 'unlock_acct' %> <%= link_to Unlock => 'unlock_acct' %>
<%= link_to Promote => 'promote_mod' %>
<%= link_to Demote => 'demote_admin' %>
<% } =%> <% } =%>
</div> </div>
</nav> </nav>

View file

@ -12,4 +12,3 @@
</div> </div>
<%= submit_button 'Reset' %> <%= submit_button 'Reset' %>
</form> </form>

View file

@ -0,0 +1,10 @@
% layout 'default';
% title 'Demote Admin';
<h2><%= title %></h2>
<form method="post">
<div class="email field">
<%= label_for email => 'Email' %>
<%= email_field 'email' %>
</div>
<%= submit_button 'Demote' %>
</form>

View file

@ -2,7 +2,9 @@
% title 'Lock Account'; % title 'Lock Account';
<h2><%= title %></h2> <h2><%= title %></h2>
<form method="post"> <form method="post">
<div class="email field">
<%= label_for email => 'Email' %> <%= label_for email => 'Email' %>
<%= email_field 'email' %> <%= email_field 'email' %>
</div>
<%= submit_button 'Lock' %> <%= submit_button 'Lock' %>
</form> </form>

View file

@ -0,0 +1,10 @@
% layout 'default';
% title 'Promote Moderator';
<h2><%= title %></h2>
<form method="post">
<div class="email field">
<%= label_for email => 'Email' %>
<%= email_field 'email' %>
</div>
<%= submit_button 'Promote' %>
</form>

View file

@ -2,7 +2,9 @@
% title 'Unlock Account'; % title 'Unlock Account';
<h2><%= title %></h2> <h2><%= title %></h2>
<form method="post"> <form method="post">
<div class="email field">
<%= label_for email => 'Email' %> <%= label_for email => 'Email' %>
<%= email_field 'email' %> <%= email_field 'email' %>
</div>
<%= submit_button 'Unlock' %> <%= submit_button 'Unlock' %>
</form> </form>