Admin module

modules/admin/client/admin.client.module.js

@@ -0,0 +1,4 @@
+'use strict';
+
+// Use Applicaion configuration module to register a new module
+ApplicationConfiguration.registerModule('admin');

modules/admin/client/config/admin.client.config.js

@@ -0,0 +1,20 @@
+'use strict';
+
+// Configuring the Articles module
+angular.module('admin').run(['Menus',
+	function(Menus) {
+		// Add the articles dropdown item
+		Menus.addMenuItem('topbar', {
+			title: 'Admin',
+			state: 'admin',
+			type: 'dropdown',
+			roles: ['admin']
+		});
+
+		// Add the dropdown list item
+		Menus.addSubMenuItem('topbar', 'admin', {
+			title: 'Manage Users',
+			state: 'admin.users'
+		});
+	}
+]);

modules/admin/client/config/admin.client.routes.js

@@ -0,0 +1,26 @@
+'use strict';
+
+// Setting up route
+angular.module('admin').config(['$stateProvider',
+	function($stateProvider) {
+		// Articles state routing
+		$stateProvider.
+		state('admin', {
+			abstract: true,
+			url: '/admin',
+			template: '<ui-view/>'
+		}).
+		state('admin.users', {
+			url: '/users',
+			templateUrl: 'modules/admin/views/list-users.client.view.html'
+		}).
+		state('admin.user', {
+			url: '/users/:userId',
+			templateUrl: 'modules/admin/views/view-user.client.view.html'
+		}).
+		state('admin.edit-user', {
+			url: '/users/:userId/edit',
+			templateUrl: 'modules/admin/views/edit-user.client.view.html'
+		});
+	}
+]);

modules/admin/client/controllers/admin.client.controller.js

@@ -0,0 +1,64 @@
+'use strict';
+
+angular.module('admin').controller('AdminController', ['$scope', '$stateParams', '$state', '$filter', 'Authentication', 'Admin',
+	function($scope, $stateParams, $state, $filter, Authentication, Admin) {
+		$scope.authentication = Authentication;
+
+		$scope.remove = function(user) {
+			if(confirm('Are you sure you want to delete this user?')) {
+				if (user) {
+					user.$remove();
+
+					$scope.users.splice($scope.users.indexOf(user),1);
+
+				} else {
+					$scope.user.$remove(function() {
+						$state.go('admin.users');
+					});
+				}
+			}
+		};
+
+		$scope.update = function() {
+			var user = $scope.user;
+
+			user.$update(function() {
+				$state.go('admin.user', { userId: user._id });
+			}, function(errorResponse) {
+				$scope.error = errorResponse.data.message;
+			});
+		};
+
+		$scope.find = function() {
+			 Admin.query(function (data) {
+				 $scope.users = data;
+				$scope.buildPager();
+			});
+		};
+
+		$scope.findOne = function() {
+			$scope.user = Admin.get({
+				userId: $stateParams.userId
+			});
+		};
+
+		$scope.buildPager = function () {
+			$scope.pagedItems = [];
+			$scope.itemsPerPage = 15;
+			$scope.currentPage = 1;
+			$scope.figureOutItemsToDisplay();
+		};
+
+		$scope.figureOutItemsToDisplay = function () {
+			$scope.filteredItems = $filter('filter')($scope.users, { $: $scope.search});
+			$scope.filterLength = $scope.filteredItems.length;
+			var begin = (($scope.currentPage - 1) * $scope.itemsPerPage);
+			var end = begin + $scope.itemsPerPage;
+			$scope.pagedItems = $scope.filteredItems.slice(begin, end);
+		};
+
+		$scope.pageChanged = function() {
+			$scope.figureOutItemsToDisplay();
+		};
+	}
+]);

modules/admin/client/services/admin.client.service.js

@@ -0,0 +1,14 @@
+'use strict';
+
+//Articles service used for communicating with the articles REST endpoints
+angular.module('admin').factory('Admin', ['$resource',
+	function($resource) {
+		return $resource('api/users/:userId', {
+			userId: '@_id'
+		}, {
+			update: {
+				method: 'PUT'
+			}
+		});
+	}
+]);

modules/admin/client/views/edit-user.client.view.html

@@ -0,0 +1,35 @@
+<section data-ng-controller="AdminController" data-ng-init="findOne()">
+	<div class="page-header">
+		<h1>User <span data-ng-bind="user.username"</span</h1>
+	</div>
+	<div class="col-md-12">
+		<form name="userForm" class="form-horizontal" data-ng-submit="update()" novalidate>
+			<fieldset>
+				<div class="form-group">
+					<label class="control-label" for="firstName">First Name</label>
+					<div class="controls">
+						<input name="firstName" type="text" data-ng-model="user.firstName" id="firstName" class="form-control" placeholder="First Name" required>
+					</div>
+				</div>
+				<div class="form-group">
+					<label class="control-label" for="lastName">Last Name</label>
+					<div class="controls">
+						<input type="text" name="lastName" data-ng-model="user.lastName" id="lastName" class="form-control" placeholder="Last Name" />
+					</div>
+				</div>
+				<div class="form-group">
+					<label class="control-label" for="roles">Roles</label>
+					<div class="controls">
+						<input class="form-control" type="text" name="roles" data-ng-model="user.roles" id="roles" ng-list />
+					</div>
+				</div>
+				<div class="form-group">
+					<input type="submit" value="Update" class="btn btn-default">
+				</div>
+				<div data-ng-show="error" class="text-danger">
+					<strong data-ng-bind="error"></strong>
+				</div>
+			</fieldset>
+		</form>
+	</div>
+</section>

modules/admin/client/views/list-users.client.view.html

@@ -0,0 +1,27 @@
+<section data-ng-controller="AdminController" data-ng-init="find()">
+	<div class="page-header">
+		<div class="row">
+			<div class="col-md-4">
+				<h1>Users</h1>
+			</div>
+			<div class="col-md-4" style="margin-top: 2em">
+				<input class="form-control col-md-4" type="text" data-ng-model="search" placeholder="Search" ng-change="figureOutItemsToDisplay()" />
+			</div>
+		</div>
+
+	</div>
+	<div class="list-group">
+		<a data-ng-repeat="user in pagedItems"  data-ui-sref="admin.user({userId: user._id})" class="list-group-item">
+			<h4 class="list-group-item-heading" data-ng-bind="user.username"></h4>
+			<p class="list-group-item-text" data-ng-bind="article.content"></p>
+		</a>
+	</div>
+
+	<pagination boundary-links="true"
+				max-size="8"
+				items-per-page="itemsPerPage"
+				total-items="filterLength"
+				ng-model="currentPage"
+				ng-change="pageChanged()"></pagination>
+
+</section>

modules/admin/client/views/view-user.client.view.html

@@ -0,0 +1,52 @@
+<section data-ng-controller="AdminController" data-ng-init="findOne()">
+	<div class="page-header">
+		<div class="row">
+			<div class="col-md-6">
+				<h1 data-ng-bind="user.username"></h1>
+			</div>
+			<div class="col-md-4">
+				<a class="btn btn-primary" data-ui-sref="admin.edit-user({userId: user._id})">
+					<i class="glyphicon glyphicon-edit"></i>
+				</a>
+				<a class="btn btn-primary" data-ng-click="remove();" ng-if="user._id !== authentication.user._id">
+					<i class="glyphicon glyphicon-trash"></i>
+				</a>
+			</div>
+		</div>
+	</div>
+
+
+	<div class="row">
+		<div class="col-md-8">
+			<div class="row">
+				<div class="col-md-3"><strong>First Name</strong></div>
+				<div class="col-md-6" data-ng-bind="user.firstName"></div>
+			</div>
+			<hr/>
+			<div class="row">
+				<div class="col-md-3"><strong>Last Name</strong></div>
+				<div class="col-md-6" data-ng-bind="user.lastName"></div>
+			</div>
+			<hr/>
+			<div class="row">
+				<div class="col-md-3"><strong>Email</strong></div>
+				<div class="col-md-6" data-ng-bind="user.email"></div>
+			</div>
+			<hr/>
+			<div class="row">
+				<div class="col-md-3"><strong>Provider</strong></div>
+				<div class="col-md-6" data-ng-bind="user.provider"></div>
+			</div>
+			<hr/>
+			<div class="row">
+				<div class="col-md-3"><strong>Created</strong></div>
+				<div class="col-md-6" data-ng-bind="user.created"></div>
+			</div>
+			<hr/>
+			<div class="row">
+				<div class="col-md-3"><strong>Roles</strong></div>
+				<div class="col-md-6" data-ng-bind="user.roles"></div>
+			</div>
+		</div>
+	</div>
+</section>

modules/admin/server/controllers/admin.server.controller.js

@@ -0,0 +1,13 @@
+'use strict';
+
+/**
+ * Module dependencies.
+ */
+var _ = require('lodash');
+
+/**
+ * Extend user's controller
+ */
+module.exports = _.extend(
+	require('./admin/admin.users.server.controller')
+);

modules/admin/server/controllers/admin/admin.users.server.controller.js

@@ -0,0 +1,84 @@
+'use strict';
+
+/**
+ * Module dependencies.
+ */
+var path = require('path'),
+	mongoose = require('mongoose'),
+	//Article = mongoose.model('Article'),
+	User = mongoose.model('User'),
+	_ = require('lodash'),
+	errorHandler = require(path.resolve('./modules/core/server/controllers/errors.server.controller'));
+
+/**
+ * Show the current user
+ */
+exports.read = function(req, res) {
+	res.json(req.model);
+};
+
+/**
+ * Update a User
+ */
+exports.update = function(req, res) {
+	var user = req.model;
+
+	//For security purposes only merge these parameters
+	user.firstName = req.body.firstName;
+	user.lastName = req.body.lastName;
+	user.roles = req.body.roles;
+
+	user.save(function(err) {
+		if (err) {
+			return res.status(400).send({
+				message: errorHandler.getErrorMessage(err)
+			});
+		} else {
+			res.json(user);
+		}
+	});
+};
+
+/**
+ * Delete a user
+ */
+exports.delete = function(req, res) {
+	var user = req.model;
+
+	user.remove(function(err) {
+		if (err) {
+			return res.status(400).send({
+				message: errorHandler.getErrorMessage(err)
+			});
+		} else {
+			res.json(user);
+		}
+	});
+};
+
+/**
+ * List of Users
+ */
+exports.list = function(req, res) {
+	User.find({}, '-salt -password').sort('-created').populate('user', 'displayName').exec(function(err, users) {
+		if (err) {
+			return res.status(400).send({
+				message: errorHandler.getErrorMessage(err)
+			});
+		} else {
+			res.json(users);
+		}
+	});
+};
+
+/**
+ * User middleware
+ */
+exports.userByID = function(req, res, next, id) {
+	User.findById(id, '-salt -password').exec(function(err, user) {
+		if (err) return next(err);
+		if (!user) return next(new Error('Failed to load user ' + id));
+		req.model = user;
+		next();
+	});
+};

modules/admin/server/policies/admin.server.policy.js

@@ -0,0 +1,49 @@
+'use strict';
+
+/**
+ * Module dependencies.
+ */
+var acl = require('acl');
+
+// Using the memory backend
+acl = new acl(new acl.memoryBackend());
+
+/**
+ * Invoke Articles Permissions
+ */
+exports.invokeRolesPolicies = function() {
+	acl.allow([{
+		roles: ['admin'],
+		allows: [{
+			resources: '/api/users',
+			permissions: '*'
+		}, {
+			resources: '/api/users/:userId',
+			permissions: '*'
+		}]
+	}]);
+};
+
+/**
+ * Check If Admin Policy Allows
+ */
+exports.isAllowed = function(req, res, next) {
+	var roles = (req.user) ? req.user.roles : ['guest'];
+
+	// Check for user roles
+	acl.areAnyRolesAllowed(roles, req.route.path, req.method.toLowerCase(), function(err, isAllowed) {
+		if (err) {
+			// An authorization error occurred.
+			return res.status(500).send('Unexpected authorization error');
+		} else {
+			if (isAllowed) {
+				// Access granted! Invoke next middleware
+				return next();
+			} else {
+				return res.status(403).json({
+					message: 'User is not authorized'
+				});
+			}
+		}
+	});
+};