How to Create an Admin Account
Hi there, welcome back to the course. In this video I'm going to show you how we can implement user permissions.
Guide Tasks
  • Read Tutorial
  • Watch Guide Video
Video locked
This video is viewable to users with a Bottega Bootcamp license
APPLY NOWLEARN MORE

So basically we have this property on our user object called admin, and it's set to false by default. Now the only way to basically get this admin to true is by creating a new account and setting it to true on our request. Now you can manually do this by going into signup.js and what we can do is add an additional field and basically sign up the user with that set to true.

Okay so I'm going to go to the sign up in our auth.js actions. So what we can do is we could add a field, so right now we have fields. Here's what we'll do, say var newFields is equal to basically an empty object and then in this object what we want to do say admin is true and then we will say newFields is equal to and then another object and we'll just say ...fields, newFields.

auth.js

export function signUp(fields, success) {
    var newFields = {
        admin: true
    }
    newFields = {
        ...fields,
        newfields
    }
}

What this is going to do is take all of our fields in admin and add them together. So now what we can do is just say console.log(newFields);. Let's go ahead and pass newFields to this post request and before we perform this let's just make sure it's doing what we want.

So we'll comment out this request and what we'll do is we'll get an error because we're not doing anything in this action creator so it's going to warn us but want we to do is just see if our fields are correct so let's go to Chrome and let's go to our sign up feature so not a member register here.

And let's say full name is I don't know, John Cena. And then let's say unit number is I don't know, 935. And then let's give it a different e-mail because it won't work if we don't give it another e-mail. Okay so johncena@gmail and then I'm just gonna make the password, password. All right create account.

I'm going go to the Redux Devtools here now or we didn't submit it, so I'm going to go to inspect, the console and we get that error I was talking about. You'll see we have this object and basically it say's email, full name, new fields, password, and unit.

large

So what I want to do is go back to our code, we didn't get it quite on point. What we want is admin to be one of these. So what we need to do is say ...newFields.

auth.js

export function signUp(fields, success) {
    var newFields = {
        admin: true
    }
    newFields = {
        ...fields,
        ...newfields
    }
}

Okay, let's try it again, good thing we did that or else it wouldn't have worked. Okay let's go in here and say John Cena and then we'll say enter unit number, all right, and then we'll say e-mail is johncena@gmail.com and password is password. And then we will hit create account, now we get that error and then we get our object.

large

Okay, we get John Cena, we get password, and we get unit, and we get admin is it true. So this is only going to be when we're creating an admin account. So what I want to do is pass this newFields in here, let's get rid of the log, and then we'll create a new account with admin privileges.

So let's go to Chrome, let's go to sign up, and then let's enter in John Cena once again, or anyone else like Elon Musk or something, and then password will be password, let's go ahead and create the account. And you'll get this error for the newsletters for not getting the image, but it'll create the account and sign us in.

OK so let's go to the DevTools and you'll see now the admin is set to true, because it went on the server and it's set that to true on the object.

large

So what we want to do now is close this and let's comment all this newFields out because we don't want it and change this back to field. So now any other account that we create here is going to be set to false on that object. If you are creating an account feel free to have like a button on there that does that but you don't really want to do that because you don't want people to have the option of creating admin accounts.

And you kind of just want to do that manually or create a protected route now for this account. So we could create a page that only John Cena can access where he can create more admin accounts. But we're not going to do that because that's not what this application asks for, we're just going to do this.

So now we can login with johncena@gmail.com, I used the same password, all right it works. So now what we want to do basically is make a bunch of different rules where you can only see this add button if you're an admin. So then when we log back in with my normal account we won't see this button.

All right so let's do all of that and the next video you'll see it says welcome John Cena.

large

All right, so let's commit our code. So let's say git status and actually lets say git diff because we really haven't changed anything. Yeah it's just a comment, so I mean feel free to commit this if you want, I'll just include it in my next commit message because it's literally only these commented out lines.

So I'm not going to commit anything, but I'll see you in the next video.