else if(result.length == 0)\r
RenderMessage(res,$notfound_name,req.session.items);\r
else{\r
- res.render("profile\\detail",{list:result,token:req.session.items.token});\r
+ res.render("profile\\detail",{list:result,token:req.session.items.token,admin:req.session.items.admin});\r
}\r
});\r
}\r
if(typeof(req.body.remove) != "undefined"){\r
async.waterfall([\r
function(cb){\r
- collection.AuthAsync(req.body.name,req.body.password,cb);\r
+ if(typeof(req.session.items) != "undefined" && req.session.items.admin)\r
+ cb(null,true);\r
+ else\r
+ collection.AuthAsync(req.body.name,req.body.password,cb);\r
},\r
function(result,cb){\r
if(result)\r
}else if(typeof(req.body.edit) != "undefined"){\r
async.waterfall([\r
function(cb){\r
- collection.AuthAsync(req.body.name,req.body.password,cb);\r
+ if(typeof(req.session.items) != "undefined" && req.session.items.admin)\r
+ cb(null,true);\r
+ else\r
+ collection.AuthAsync(req.body.name,req.body.password,cb);\r
},\r
function(result,cb){\r
if(result)\r
<input type="hidden" value="<%= list[0].name %>" name="name"/>\r
<input type="submit" value="編集" name="edit"/>\r
<input type="submit" value="削除" name="remove"/>\r
- <input type="text" value="" name="password"/>\r
+ <% if(!admin){ %>\r
+ <input type="text" value="" name="password"/>\r
+ <% } %>\r
</form>\r
</div>\r
</body>\r