I have made a blog in which there are users who can make a post. And i have it so that is a person has made a post only they can delete or edit it but i want to have an account witch will be they ADMIN account and with that account the can delete and edit every blog post they want. I have made a function called
checkBlogOwnership
and i add it to the routes that i want to have this feature (usually :/blogs/:id)
function checkBlogOwnership(req, res, next) {
if(req.isAuthenticated()){
Blog.findById(req.params.id, function(err, foundBlog){
if(err){
res.redirect("back");
} else {
// does user own the campground?
if(foundBlog.author.id.equals(req.user._id)) {
next();
} else {
res.redirect("back");
}
}
});
} else {
res.redirect("back");
}
};
what i want is something in this line :
if(foundBlog.author.id.equals(req.user._id)) {
that will add a specific user id (in this case: 590da36125f46404d8316a7c) and i will be able to change anything i want
via fanis theologiths
No comments:
Post a Comment