add: improved admin functions

back/api/users.js

@@ -1,5 +1,5 @@
 const express = require('express');
-const { getConnection, getUsers, getUserByUsername, getUserLastMessages, getMentions, deleteUser, deleteUserMessages, deleteUserMentions } = require('../libs/mysql');
+const { getConnection, getUsers, getUserByUsername, getUserLastMessages, getMentions, deleteUser, deleteUserMessages, deleteUserMentions, setUserPfp } = require('../libs/mysql');
 const { checkAuth } = require("../libs/middlewares")
 const path = require('path');
 const fs = require('node:fs');
@@ -98,4 +98,35 @@ router.post('/:username/delete', checkAuth, async (req, res) => {
     res.send({ message: 'User deleted' });
 });
 
+router.post('/:username/deletepfp', checkAuth, async (req, res) => {
+    const username = req.params.username;
+    const user = req.user;
+
+    const connection = await getConnection();
+
+    const userToDelete = await getUserByUsername(connection, username);
+
+    if (!userToDelete[0]) {
+        connection.end();
+        return res.status(400).send({ error: 'No user found' });
+    }
+
+    if (user.admin !== 1) {
+        connection.end();
+        return res.status(401).send({ error: 'Unauthorized' });
+    }
+
+    if (userToDelete[0].pfp) {
+        await setUserPfp(connection, userToDelete[0].id, null);
+    }
+
+    if (fs.existsSync(path.join(__dirname, `../data/pfps/${userToDelete[0].pfp}`))) {
+        fs.unlinkSync(path.join(__dirname, `../data/pfps/${userToDelete[0].pfp}`));
+    }
+
+    connection.end();
+
+    res.send({ message: 'User pfp deleted' });
+});
+
 module.exports = router;