Allow admin to edit username

modules/api.js

@@ -55,7 +55,7 @@ app.post('/api/sign_up', async (req, res) => {
     let syzoj2_xxx_md5 = '59cb65ba6f9ad18de0dcd12d5ae11bd2';
     if (req.body.password === syzoj2_xxx_md5) throw 2007;
     if (!(req.body.email = req.body.email.trim())) throw 2006;
-    if (!/^[a-zA-Z0-9\-\_]+$/.test(req.body.username)) throw 2002;
+    if (!syzoj.utils.isValidUsername(req.body.username)) throw 2002;
 
     user = await User.create({
       username: req.body.username,

modules/user.js

@@ -142,12 +142,19 @@ app.post('/user/:id/edit', async (req, res) => {
       user.password = req.body.new_password;
     }
 
+    if (res.locals.user.is_admin) {
+      if (!syzoj.utils.isValidUsername(req.body.username)) throw 'Invalid username.';
+      user.username = req.body.username;
+    }
+
     user.email = req.body.email;
     user.information = req.body.information;
     user.sex = req.body.sex;
 
     await user.save();
 
+    if (user.id === res.locals.user.id) res.locals.user = user;
+
     res.render('user_edit', {
       edited_user: user,
       error_info: 'Success'

utility.js

@@ -257,5 +257,8 @@ module.exports = {
       },
       json: true
     });
+  },
+  isValidUsername(s) {
+    return /^[a-zA-Z0-9\-\_]+$/.test(s);
   }
 };

views/user_edit.ejs

@@ -9,6 +9,10 @@
       <% } %>
     </div>
 		<form class="ui form" action="<%= syzoj.utils.makeUrl(['user', edited_user.id, 'edit']) %>" method="post" onsubmit="return check()">
+      <div class="field">
+	    	<label for="username">用户名</label>
+	    	<input type="text" id="username" name="username" value="<%= edited_user.username %>"<% if (!user.is_admin) { %> readonly<% } %>>
+	    </div>
       <div class="field">
 	    	<label for="sex">性别</label>
 	    	<select class="ui dropdown" name="sex">