nibbed out and hardcoded uid 1 as an admin... first registered user becomes an admin!!

12 years ago · fd350bbb4e
parent 9af39622ed
commit fd350bbb4e
2 changed files with 15 additions and 5 deletions
--- a/app.js
+++ b/app.js
@ -20,6 +20,7 @@ fs.readFile(path.join(__dirname, 'config.json'), function(err, data) {
 			}

 			var categories = require('./src/categories.js'),
+				RDB = require('./src/redis.js'),
 				templates = require('./public/src/templates.js'),
 				webserver = require('./src/webserver.js'),
 				websockets = require('./src/websockets.js'),
@ -60,6 +61,8 @@ fs.readFile(path.join(__dirname, 'config.json'), function(err, data) {
 								}
 							});

+							// Hardcoding uid 1 as an admin
+							RDB.sadd('administrators', 1);
 						} else {
 							console.log('Info: Good.');
 						}
@ -118,8 +121,8 @@ fs.readFile(path.join(__dirname, 'config.json'), function(err, data) {
 									if (err) throw err;
 									else {
 										process.stdout.write(
-											"\n\nConfiguration Saved OK\n\nPlease start NodeBB again and navigate to " +
-											base_url + (use_port ? ':' + port : '') + "/install to continue setup.\n\n"
+											"\n\nConfiguration Saved OK\n\nPlease start NodeBB again and register a new user at " +
+											base_url + (use_port ? ':' + port : '') + "/register. This user will automatically become an administrator.\n\n"
 										);
 										process.exit();
 									}
--- a/src/routes/admin.js
+++ b/src/routes/admin.js
@ -5,6 +5,13 @@ var user = require('./../user.js'),
 	categories = require('./../categories.js');

 (function(Admin) {
+	Admin.isAdmin = function(req, res, next) {
+		user.isAdministrator((req.user && req.user.uid) ? req.user.uid : 0, function(isAdmin) {
+			if (!isAdmin) res.redirect('/403');
+			else next();
+		});
+	}
+
 	Admin.create_routes = function(app) {

 		(function() {
@ -12,7 +19,7 @@ var user = require('./../user.js'),

 			for (var i=0, ii=routes.length; i<ii; i++) {
 				(function(route) {
-					app.get('/admin/' + route, function(req, res) {
+					app.get('/admin/' + route, Admin.isAdmin, function(req, res) {
 						res.send(templates['admin/header'] + app.create_route('admin/' + route) + templates['admin/footer']);
 					});
 				}(routes[i]));
@ -20,10 +27,10 @@ var user = require('./../user.js'),
 		}());

 		//todo consolidate.
-		app.get('/admin', function(req, res) {
+		app.get('/admin', Admin.isAdmin, function(req, res) {
 			res.send(templates['admin/header'] + app.create_route('admin/index') + templates['admin/footer']);
 		});
-		app.get('/admin/index', function(req, res) {
+		app.get('/admin/index', Admin.isAdmin, function(req, res) {
 			res.send(templates['admin/header'] + app.create_route('admin/index') + templates['admin/footer']);
 		});