Software: Apache. PHP/8.1.30 uname -a: Linux server1.tuhinhossain.com 5.15.0-151-generic #161-Ubuntu SMP Tue Jul 22 14:25:40 UTC uid=1002(picotech) gid=1003(picotech) groups=1003(picotech),0(root) Safe-mode: OFF (not secure) /home/picotech/domains/rentals.picotech.app/public_html/server/routes/ drwxr-xr-x | |
| Viewing file: Select action/file-type: import express from 'express';
import { User } from '../models/index.js';
import { auth, authorize } from '../middleware/auth.js';
import upload from '../middleware/upload.js';
import fs from 'fs';
import path from 'path';
import { fileURLToPath } from 'url';
const router = express.Router();
const __filename = fileURLToPath(import.meta.url);
const __dirname = path.dirname(__filename);
// Get all users
router.get('/', auth, authorize(['user_management']), async (req, res) => {
try {
const users = await User.findAll({
attributes: { exclude: ['password'] },
order: [['created_at', 'DESC']]
});
res.json(users);
} catch (error) {
console.error('Get users error:', error);
res.status(500).json({ message: 'Server error' });
}
});
// Create user
router.post('/', auth, authorize(['user_management']), async (req, res) => {
try {
const { name, email, password, role, permissions, department, phone } = req.body;
const existingUser = await User.findOne({ where: { email } });
if (existingUser) {
return res.status(400).json({ message: 'User already exists' });
}
const user = await User.create({
name,
email,
password: password || '123456',
role,
permissions,
department,
phone
});
const userResponse = user.toJSON();
delete userResponse.password;
res.status(201).json(userResponse);
} catch (error) {
console.error('Create user error:', error);
res.status(500).json({ message: 'Server error' });
}
});
const uploadFields = upload.fields([
{ name: 'avatar', maxCount: 1 },
]);
// Update user
router.put('/:id',uploadFields, auth, authorize(['user_management']), async (req, res) => {
try {
const { id } = req.params;
const updates = req.body;
const user = await User.findByPk(id);
if (!user) {
return res.status(404).json({ message: 'User not found' });
}
if (req.files && req.files.avatar && req.files.avatar.length > 0) {
const file = req.files.avatar[0];
// Delete old avatar
if (user.avatar) {
const oldPath = path.join(__dirname, '../../uploads', user.avatar.replace('/uploads/', ''));
if (fs.existsSync(oldPath)) {
fs.unlinkSync(oldPath);
}
}
updates.avatar = `/uploads/documents/${file.filename}`;
}
await user.update(updates);
const userResponse = user.toJSON();
delete userResponse.password;
res.json(userResponse);
} catch (error) {
console.error('Update user error:', error);
res.status(500).json({ message: 'Server error' });
}
});
// Delete user
router.delete('/:id', auth, authorize(['user_management']), async (req, res) => {
try {
const { id } = req.params;
if (id === req.user.id) {
return res.status(400).json({ message: 'Cannot delete your own account' });
}
const user = await User.findByPk(id);
if (!user) {
return res.status(404).json({ message: 'User not found' });
}
await user.destroy();
res.json({ message: 'User deleted successfully' });
} catch (error) {
console.error('Delete user error:', error);
res.status(500).json({ message: 'Server error' });
}
});
// Toggle user status
router.patch('/:id/toggle-status', auth, authorize(['user_management']), async (req, res) => {
try {
const { id } = req.params;
const user = await User.findByPk(id);
if (!user) {
return res.status(404).json({ message: 'User not found' });
}
await user.update({ is_active: !user.is_active });
const userResponse = user.toJSON();
delete userResponse.password;
res.json(userResponse);
} catch (error) {
console.error('Toggle user status error:', error);
res.status(500).json({ message: 'Server error' });
}
});
export default router; |
:: Command execute :: | |
--[ c99shell v. 2.5 [PHP 8 Update] [24.05.2025] | Generation time: 0.004 ]-- |