t1meshift
/
expressCart
mirror of https://github.com/t1meshift/expressCart.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Fix issue with ability to create admin user by setting referrer

master
Mark Moffat 2018-05-30 18:35:17 +09:30
parent c674f86576
commit baccaae9b0
1 changed files with 48 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
routes/user.js
View File

@ -146,8 +146,12 @@ router.post('/admin/user/insert', common.restrict, (req, res) => {
// set the account to admin if using the setup form. Eg: First user account
let urlParts = url.parse(req.header('Referer'));
// Check number of users
db.users.count({}, (err, userCount) => {
let isAdmin = false;
if(urlParts.path === '/admin/setup'){
// if no users, setup user as admin
if(userCount === 0){
isAdmin = true;
}
@ -199,5 +203,6 @@ router.post('/admin/user/insert', common.restrict, (req, res) => {
});
});
});
});
module.exports = router;