管理モードで詳細画面を開いたときはパスワードの入力を求めないようにした

author konekoneko <jbh03215@hotmail.co.jp>

Fri, 16 Nov 2012 10:50:12 +0000 (19:50 +0900)

committer konekoneko <jbh03215@hotmail.co.jp>

Fri, 16 Nov 2012 10:50:12 +0000 (19:50 +0900)
author konekoneko <jbh03215@hotmail.co.jp>
Fri, 16 Nov 2012 10:50:12 +0000 (19:50 +0900)
committer konekoneko <jbh03215@hotmail.co.jp>
Fri, 16 Nov 2012 10:50:12 +0000 (19:50 +0900)
diff --git a/profile.js b/profile.js

index 8fef58b..2960b83 100644 (file)
--- a/profile.js
+++ b/profile.js
@@ -139,7 +139,7 @@ function detail_proc(req, res)
                 else if(result.length == 0)\r
                         RenderMessage(res,$notfound_name,req.session.items);\r
                 else{\r
-                       res.render("profile\\detail",{list:result,token:req.session.items.token});\r
+                       res.render("profile\\detail",{list:result,token:req.session.items.token,admin:req.session.items.admin});\r
                 }\r
         });\r
  }\r
@@ -153,7 +153,10 @@ function detail_postproc(req, res)
         if(typeof(req.body.remove) != "undefined"){\r
                 async.waterfall([\r
                         function(cb){\r
-                               collection.AuthAsync(req.body.name,req.body.password,cb);\r
+                               if(typeof(req.session.items) != "undefined" && req.session.items.admin)\r
+                                       cb(null,true);\r
+                               else\r
+                                       collection.AuthAsync(req.body.name,req.body.password,cb);\r
                         },\r
                         function(result,cb){\r
                                 if(result)\r
@@ -172,7 +175,10 @@ function detail_postproc(req, res)
         }else if(typeof(req.body.edit) != "undefined"){\r
                 async.waterfall([\r
                         function(cb){\r
-                               collection.AuthAsync(req.body.name,req.body.password,cb);\r
+                               if(typeof(req.session.items) != "undefined" && req.session.items.admin)\r
+                                       cb(null,true);\r
+                               else\r
+                                       collection.AuthAsync(req.body.name,req.body.password,cb);\r
                         },\r
                         function(result,cb){\r
                                 if(result)\r
diff --git a/public/profile/detail.ejs b/public/profile/detail.ejs

index 60aee8c..923b988 100644 (file)
--- a/public/profile/detail.ejs
+++ b/public/profile/detail.ejs
@@ -48,7 +48,9 @@ $(function(){
                 <input type="hidden" value="<%= list[0].name %>" name="name"/>\r
                 <input type="submit" value="編集" name="edit"/>\r
                 <input type="submit" value="削除" name="remove"/>\r
-               <input type="text" value="" name="password"/>\r
+               <% if(!admin){ %>\r
+                       <input type="text" value="" name="password"/>\r
+               <% } %>\r
         </form>\r
  </div>\r
  </body>\r
author	konekoneko <jbh03215@hotmail.co.jp>
	Fri, 16 Nov 2012 10:50:12 +0000 (19:50 +0900)
committer	konekoneko <jbh03215@hotmail.co.jp>
	Fri, 16 Nov 2012 10:50:12 +0000 (19:50 +0900)
profile.js		patch \| blob \| history
public/profile/detail.ejs		patch \| blob \| history