admins can make others admins

src/routes/admin.js

@@ -42,7 +42,8 @@ var user = require('./../user.js'),
 						res.send(JSON.stringify({search_display: 'block', users: []}))
 					} else {
 						user.getUserList(function(data){
-							res.send(JSON.stringify({search_display: 'none', users:data}));
+
+							res.send(JSON.stringify({search_display: 'none', users:data, yourid:req.user.uid}));
 						});
 					}
 					
@@ -92,6 +93,42 @@ var user = require('./../user.js'),
 
 		app.get('/api/admin/:method/:tab?*', api_method);
 		app.get('/api/admin/:method*', api_method);
+
+
+		app.post('/admin/makeadmin', function(req, res){
+
+			if(!req.user)
+				return res.redirect('/403');
+			
+			user.isAdministrator(req.user.uid, function(isAdmin) {
+				if(isAdmin) {
+					user.makeAdministrator(req.body.uid, function(data) {
+						res.send(data);	
+					});
+				}
+				else
+					res.redirect('/403');
+			});
+		});
+
+		app.post('/admin/removeadmin', function(req, res){
+
+			if(!req.user)
+				return res.redirect('/403');
+			
+			user.isAdministrator(req.user.uid, function(isAdmin) {
+				if(isAdmin) {
+					user.removeAdministrator(req.body.uid, function(data) {
+						res.send(data);	
+					});
+				}
+				else
+					res.redirect('/403');
+			});
+			
+			
+		});
+
 	};
 
 

src/routes/user.js

@@ -17,7 +17,7 @@ var user = require('./../user.js'),
 		app.get('/uid/:uid', function(req, res) {
 		
 			if(!req.params.uid)
-				return res.redirect('/403');
+				return res.redirect('/404');
 			
 			user.getUserData(req.params.uid, function(data){
 				if(data)
@@ -42,7 +42,7 @@ var user = require('./../user.js'),
 
 			user.get_uid_by_username(req.params.username, function(uid) {
 				if(!uid) {
-					res.redirect('/403');
+					res.redirect('/404');
 					return;
 				}
 				
@@ -51,7 +51,7 @@ var user = require('./../user.js'),
 						res.send(build_header() + app.create_route('users/'+data.username, 'account')  + templates['footer']);
 					}
 					else {
-						res.redirect('/403');
+						res.redirect('/404');
 					}			
 				});
 			});		
@@ -67,7 +67,7 @@ var user = require('./../user.js'),
 				if(req.params.username && username === req.params.username)
 					res.send(build_header() + app.create_route('users/'+req.params.username+'/edit','accountedit') + templates['footer']);
 				else
-					return res.redirect('/403');
+					return res.redirect('/404');
 			});	
 		});
 

src/user.js

@@ -127,13 +127,9 @@ var utils = require('./../public/src/utils.js'),
 			}
 
 			for(var i=0,ii=userkeys.length; i<ii; ++i) {
-				RDB.hgetall(userkeys[i], function(err, userdata) {
-					
-					if(userdata && userdata.password)
-						delete userdata.password;
-					
-					data.push(userdata);
-					
+				var uid = userkeys[i].substr(5);
+				User.getUserData(uid, function(userData) {
+					data.push(userData);
 					if(data.length == userkeys.length)
 						callback(data);
 				});
@@ -299,7 +295,8 @@ var utils = require('./../public/src/utils.js'),
 					'uploadedpicture': '',
 					'reputation': 0,
 					'postcount': 0,
-					'lastposttime': 0
+					'lastposttime': 0,
+					'administrator': 0
 				});
 				
 				RDB.set('username:' + username + ':uid', uid);
@@ -602,6 +599,26 @@ var utils = require('./../public/src/utils.js'),
 		});
 	}
 
+	User.makeAdministrator = function(uid, callback) {
+		RDB.sadd('administrators', uid, function(err, data){
+			if(err === null) {
+				User.setUserField(uid, 'administrator', 1);
+			}
+			if(callback)
+				callback(err === null);
+		});
+	}
+
+	User.removeAdministrator = function(uid, callback) {
+		RDB.srem('administrators', uid, function(err, data){
+			if(err === null) {
+				User.setUserField(uid, 'administrator', 0);
+			}
+			if(callback)
+				callback(err === null);
+		});
+	}	
+
 	User.reset = {
 		validate: function(socket, code, callback) {
 			if (typeof callback !== 'function') callback = undefined;