From 947c325242c940307d6cbc5466167506bbf92f98 Mon Sep 17 00:00:00 2001
From: Nikhil Trehan <trehan.nikhil@gmail.com>
Date: Tue, 8 Oct 2024 00:48:22 -0400
Subject: [PATCH] Added an API that fetches all the admins

---
 backend/controllers/user.controller.js | 17 +++++++++++++++++
 backend/routers/users.router.js        |  2 ++
 2 files changed, 19 insertions(+)

diff --git a/backend/controllers/user.controller.js b/backend/controllers/user.controller.js
index e9764765d..a6cbbdacc 100644
--- a/backend/controllers/user.controller.js
+++ b/backend/controllers/user.controller.js
@@ -26,6 +26,23 @@ UserController.user_list = async function (req, res) {
   }
 };
 
+// Get list of Users with accessLevel 'admin' or 'superadmin' with GET
+UserController.admin_list = async function (req, res) {
+  const { headers } = req;
+  
+  if (headers['x-customrequired-header'] !== expectedHeader) {
+    return res.sendStatus(403);
+  }
+
+  try {
+    const admins = await User.find({ accessLevel: { $in: ["admin", "superadmin"] } });
+    return res.status(200).send(admins);
+  } catch (err) {
+    return res.sendStatus(400);
+  }
+};
+
+
 // Get User by id with GET
 UserController.user_by_id = async function (req, res) {
   const { headers } = req;
diff --git a/backend/routers/users.router.js b/backend/routers/users.router.js
index db4efb231..a611cfac1 100644
--- a/backend/routers/users.router.js
+++ b/backend/routers/users.router.js
@@ -6,6 +6,8 @@ const { UserController } = require('../controllers');
 // The base is /api/users
 router.get('/', UserController.user_list);
 
+router.get('/admins', UserController.admin_list);
+
 router.post('/', UserController.create);
 
 router.get('/:UserId', UserController.user_by_id);