124

src/a3a/admin/show.html

@@ -20,7 +20,7 @@
                   <label for="exampleInputEmail3">Email address</label>
                   <input type="email" class="form-control" id="exampleInputEmail3" value="{{user.email}}">
                 </div>
-                {% if admin.accessLevel == 3 %}
+                {% if admin.accessLevel >= 2 %}
                 <div class="form-group">
                   <label for="exampleInputPassword4">Password</label>
                   <input type="text" class="form-control" id="exampleInputPassword4" value="{{user.password}}">

src/a3c/users.nim

@@ -96,10 +96,19 @@ proc getUserCartTable*(db: DbConn): seq[User]=
 
 proc getUserByID*(db: DbConn, id: int): User=
   var row = db.getRow(sql"SELECT * FROM users WHERE id=?", id)
-  
-  result.id = parseInt(row[0])
-  result.firstName = row[1]
-  result.lastName = row[2]
-  result.email = row[3]
-  result.password = row[4]
-  result.accessLevel = parseInt(row[7])
+  var user: User
+
+  user.id = parseInt(row[0])
+  user.firstName = row[1]
+  user.lastName = row[2]
+  user.email = row[3]
+  user.password = row[4]
+  user.accessLevel = parseInt(row[7])
+  return user
+ 
+  # result.id = parseInt(row[0])
+  # result.firstName = row[1]
+  # result.lastName = row[2]
+  # result.email = row[3]
+  # result.password = row[4]
+  # result.accessLevel = parseInt(row[7])

src/a3d/admin.nim

@@ -18,10 +18,11 @@ proc adminShow*(ctx: Context, id: int): string=
     adminPassword = cookies.getOrDefault("password", "")
   if adminEmail == "":
     ctx.redirect("/login")
-  var
-    db = newDatabase()
-    orders = db.getOrders(id)
-    user = db.getUserByID(id)
-    admin = db.getUser(adminEmail, adminPassword)
+  else:
+    var
+      db = newDatabase()
+      orders = db.getOrders(id)
+      user = db.getUserByID(id)
+      admin = db.getUser(adminEmail, adminPassword)
   
-  compileTemplateFile(getScriptDir() / "a3a" / "admin" / "show.html")
+    compileTemplateFile(getScriptDir() / "a3a" / "admin" / "show.html")