1
00:00:00,140 --> 00:00:02,870
So now we want to start with the users, right?

2
00:00:02,900 --> 00:00:05,210
We want to be able to manage users as an admin.

3
00:00:05,210 --> 00:00:10,040
So we need to first create some of the back end routes and controller functions.

4
00:00:10,040 --> 00:00:15,770
So let's go to the user controller, which right now we have of course, we have our authentication,

5
00:00:15,770 --> 00:00:20,240
our register, our logout, our get and update user profile.

6
00:00:20,240 --> 00:00:26,180
Now we basically just want to get users, get user by ID, delete and update user.

7
00:00:26,180 --> 00:00:29,210
So get users is going to be very, very simple.

8
00:00:29,210 --> 00:00:35,870
Let's just get rid of this and let's say const users and let's set that to await and then we're going

9
00:00:35,870 --> 00:00:43,880
to from our user model, we're going to call find and we just want to find with an empty object because

10
00:00:43,880 --> 00:00:45,110
we want all users.

11
00:00:45,110 --> 00:00:49,850
And then we're going to raise, although I don't want to send I want to do status.

12
00:00:50,680 --> 00:00:55,390
200 and then Jason and then send the users.

13
00:00:55,970 --> 00:00:57,370
Okay, so simple as that.

14
00:00:57,370 --> 00:01:00,490
And then get user by ID.

15
00:01:00,760 --> 00:01:02,950
So let's.

16
00:01:03,660 --> 00:01:07,860
Set user to await user dot find by ID.

17
00:01:08,160 --> 00:01:10,620
We're going to pass in the ID from the URL.

18
00:01:10,620 --> 00:01:16,500
We don't want the password, so we're going to add select minus password and then check for the user.

19
00:01:16,650 --> 00:01:19,590
If there's a user, we'll send it else.

20
00:01:20,730 --> 00:01:22,800
Then we'll send a 404.

21
00:01:23,040 --> 00:01:24,630
So pretty simple.

22
00:01:24,630 --> 00:01:26,190
And then let's see.

23
00:01:26,220 --> 00:01:32,100
To delete a user, we're going to get rid of that.

24
00:01:34,280 --> 00:01:37,460
And let's do const user.

25
00:01:37,460 --> 00:01:42,710
So first we want to get it and then we're going to check for the user.

26
00:01:43,850 --> 00:01:47,210
If there's a user, then we're going to call.

27
00:01:47,210 --> 00:01:47,960
Let's see.

28
00:01:48,260 --> 00:01:54,110
One thing I don't I want to do is make sure that we can't delete a user if it's an admin.

29
00:01:54,110 --> 00:02:01,880
So I'm going to put another if statement in here and we're going to say if the user dot is admin.

30
00:02:03,270 --> 00:02:06,870
So if that's true, then we don't want to delete the user.

31
00:02:06,870 --> 00:02:09,479
We'll say res dot status.

32
00:02:10,940 --> 00:02:15,520
400, which is a client error and then we're going to throw a new error.

33
00:02:15,530 --> 00:02:17,870
Cannot delete admin user.

34
00:02:18,620 --> 00:02:19,010
Okay.

35
00:02:19,010 --> 00:02:27,230
Now under that if statement, we're then going to await user dot and we're going to use delete one.

36
00:02:28,730 --> 00:02:36,770
And we'll pass in here an object with the ID that matches the ID of the user that we fetch.

37
00:02:36,770 --> 00:02:38,900
So user underscore ID.

38
00:02:39,980 --> 00:02:43,490
Okay, After we do that, then we're going to just set a 201.

39
00:02:43,490 --> 00:02:45,440
User deleted successfully.

40
00:02:46,310 --> 00:02:49,130
And then let's just add an else on to this.

41
00:02:49,130 --> 00:02:54,230
So if there is no user, then we want a 404 and the user is not found.

42
00:02:55,370 --> 00:02:58,670
And then the last thing I want to do is the update.

43
00:02:59,660 --> 00:03:01,700
So for that, we're going to.

44
00:03:02,280 --> 00:03:07,050
Get the user just like we did above and then check for the user.

45
00:03:07,050 --> 00:03:15,900
And if there is one, then we're going to set, let's say, user dot name equal to the request dot body

46
00:03:15,930 --> 00:03:16,740
dot name.

47
00:03:16,740 --> 00:03:22,310
Or if if there is no name in the body, use the user name that's already there.

48
00:03:22,320 --> 00:03:23,700
Same with the email.

49
00:03:23,790 --> 00:03:27,570
And let's do same with the is admin.

50
00:03:27,570 --> 00:03:28,530
Although.

51
00:03:29,360 --> 00:03:32,930
We're going to make sure that this is a Boolean, so we're going to wrap it in.

52
00:03:33,620 --> 00:03:34,580
Boolean.

53
00:03:36,440 --> 00:03:36,920
Okay.

54
00:03:36,920 --> 00:03:39,290
And then let's say updated user.

55
00:03:39,290 --> 00:03:45,530
So we're going to actually save the user here, put the result into this variable, then we're going

56
00:03:45,530 --> 00:03:46,640
to respond.

57
00:03:46,640 --> 00:03:48,770
So res dot status.

58
00:03:49,870 --> 00:03:51,940
200 dot.

59
00:03:51,970 --> 00:03:53,170
Jason.

60
00:03:54,210 --> 00:03:56,250
And we're going to pass in here.

61
00:03:57,040 --> 00:04:05,290
Let's do the ID of the updated user, the name, the email and the is admin of the updated user.

62
00:04:05,620 --> 00:04:06,100
Okay.

63
00:04:06,130 --> 00:04:09,790
Else then we're going to send a 404.

64
00:04:10,940 --> 00:04:11,780
And that's it.

65
00:04:13,010 --> 00:04:17,329
So if you want to test it through Postman, you can do that.

66
00:04:17,329 --> 00:04:20,959
Just make sure you authenticate first and you include your cookie.

67
00:04:20,959 --> 00:04:26,420
But we're just going to jump right into the front end and get working on that in the next video.