ThaMunsta/loot-hunt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

permission fix
All checks were successful
Build Images and Deploy / Update-PROD-Stack (push) Successful in 29s
Details

Browse Source
This commit is contained in:
Mike Johnston
2026-02-28 03:23:47 -05:00
parent d8fc014e6b
commit fce62725c3
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/routes/admin.js
View File

@@ -21,8 +21,8 @@ router.use(requireOrganizerOrAdmin);
// Admin/Organizer dashboard
router.get('/', (req, res) => {
const hunts = Hunts.getByCreator(req.session.userId);
const isAdmin = !!req.session.isAdmin;
const hunts = isAdmin ? Hunts.getAll() : Hunts.getByCreator(req.session.userId);
// Only admins see the full user list and password reset
const users = isAdmin ? Users.getAllUsers() : [];
@@ -178,7 +178,7 @@ router.post('/reset-password', requireAdmin, (req, res) => {
const user = Users.findByUsername(username);
if (!user) {
const hunts = Hunts.getByCreator(req.session.userId);
const hunts = Hunts.getAll();
const users = Users.getAllUsers();
req.session.flash = { type: 'danger', message: `User "${username}" not found.` };
return res.redirect('/admin');
@@ -188,7 +188,7 @@ router.post('/reset-password', requireAdmin, (req, res) => {
const baseUrl = process.env.BASE_URL || `http://localhost:${process.env.PORT || 3000}`;
const resetUrl = `${baseUrl}/auth/reset/${token}`;
const hunts = Hunts.getByCreator(req.session.userId);
const hunts = Hunts.getAll();
const users = Users.getAllUsers();
res.render('admin/dashboard', {
title: 'Admin Dashboard',