[github/Chocobozzz/PeerTube.git] / server / controllers / api / users.js

'use strict'

const express = require('express')
const waterfall = require('async/waterfall')

const constants = require('../../initializers/constants')
const db = require('../../initializers/database')
const logger = require('../../helpers/logger')
const utils = require('../../helpers/utils')
const middlewares = require('../../middlewares')
const admin = middlewares.admin
const oAuth = middlewares.oauth
const pagination = middlewares.pagination
const sort = middlewares.sort
const validatorsPagination = middlewares.validators.pagination
const validatorsSort = middlewares.validators.sort
const validatorsUsers = middlewares.validators.users

const router = express.Router()

router.get('/me',
  oAuth.authenticate,
  getUserInformation
)

router.get('/me/videos/:videoId/rating',
  oAuth.authenticate,
  validatorsUsers.usersVideoRating,
  getUserVideoRating
)

router.get('/',
  validatorsPagination.pagination,
  validatorsSort.usersSort,
  sort.setUsersSort,
  pagination.setPagination,
  listUsers
)

router.post('/',
  oAuth.authenticate,
  admin.ensureIsAdmin,
  validatorsUsers.usersAdd,
  createUser
)

router.post('/register',
  ensureRegistrationEnabled,
  validatorsUsers.usersAdd,
  createUser
)

router.put('/:id',
  oAuth.authenticate,
  validatorsUsers.usersUpdate,
  updateUser
)

router.delete('/:id',
  oAuth.authenticate,
  admin.ensureIsAdmin,
  validatorsUsers.usersRemove,
  removeUser
)

router.post('/token', oAuth.token, success)
// TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route

// ---------------------------------------------------------------------------

module.exports = router

// ---------------------------------------------------------------------------

function ensureRegistrationEnabled (req, res, next) {
  const registrationEnabled = constants.CONFIG.SIGNUP.ENABLED

  if (registrationEnabled === true) {
    return next()
  }

  return res.status(400).send('User registration is not enabled.')
}

function createUser (req, res, next) {
  const user = db.User.build({
    username: req.body.username,
    password: req.body.password,
    email: req.body.email,
    displayNSFW: false,
    role: constants.USER_ROLES.USER
  })

  user.save().asCallback(function (err, createdUser) {
    if (err) return next(err)

    return res.type('json').status(204).end()
  })
}

function getUserInformation (req, res, next) {
  db.User.loadByUsername(res.locals.oauth.token.user.username, function (err, user) {
    if (err) return next(err)

    return res.json(user.toFormatedJSON())
  })
}

function getUserVideoRating (req, res, next) {
  const videoId = req.params.videoId
  const userId = res.locals.oauth.token.User.id

  db.UserVideoRate.load(userId, videoId, function (err, ratingObj) {
    if (err) return next(err)

    const rating = ratingObj ? ratingObj.type : 'none'

    res.json({
      videoId,
      rating
    })
  })
}

function listUsers (req, res, next) {
  db.User.listForApi(req.query.start, req.query.count, req.query.sort, function (err, usersList, usersTotal) {
    if (err) return next(err)

    res.json(utils.getFormatedObjects(usersList, usersTotal))
  })
}

function removeUser (req, res, next) {
  waterfall([
    function loadUser (callback) {
      db.User.loadById(req.params.id, callback)
    },

    function deleteUser (user, callback) {
      user.destroy().asCallback(callback)
    }
  ], function andFinally (err) {
    if (err) {
      logger.error('Errors when removed the user.', { error: err })
      return next(err)
    }

    return res.sendStatus(204)
  })
}

function updateUser (req, res, next) {
  db.User.loadByUsername(res.locals.oauth.token.user.username, function (err, user) {
    if (err) return next(err)

    if (req.body.password) user.password = req.body.password
    if (req.body.displayNSFW !== undefined) user.displayNSFW = req.body.displayNSFW

    user.save().asCallback(function (err) {
      if (err) return next(err)

      return res.sendStatus(204)
    })
  })
}

function success (req, res, next) {
  res.end()
}
Commit	Line	Data
9457bf88 C	1	'use strict'
9457bf88 C	2
0c1cbbfe	3	const express = require('express')
9bd26629	4	const waterfall = require('async/waterfall')
fc51fde0	5
f253b1c1	6	const constants = require('../../initializers/constants')
feb4bdfd	7	const db = require('../../initializers/database')
f253b1c1	8	const logger = require('../../helpers/logger')
55fa55a9	9	const utils = require('../../helpers/utils')
f253b1c1	10	const middlewares = require('../../middlewares')
9bd26629 C	11	const admin = middlewares.admin
9bd26629 C	12	const oAuth = middlewares.oauth
5c39adb7 C	13	const pagination = middlewares.pagination
	14	const sort = middlewares.sort
	15	const validatorsPagination = middlewares.validators.pagination
	16	const validatorsSort = middlewares.validators.sort
9bd26629	17	const validatorsUsers = middlewares.validators.users
9457bf88	18
9457bf88 C	19	const router = express.Router()
9457bf88 C	20
d38b8281 C	21	router.get('/me',
	22	oAuth.authenticate,
	23	getUserInformation
	24	)
	25
	26	router.get('/me/videos/:videoId/rating',
	27	oAuth.authenticate,
	28	validatorsUsers.usersVideoRating,
	29	getUserVideoRating
	30	)
9bd26629	31
5c39adb7 C	32	router.get('/',
	33	validatorsPagination.pagination,
	34	validatorsSort.usersSort,
	35	sort.setUsersSort,
	36	pagination.setPagination,
	37	listUsers
	38	)
	39
9bd26629 C	40	router.post('/',
	41	oAuth.authenticate,
	42	admin.ensureIsAdmin,
	43	validatorsUsers.usersAdd,
	44	createUser
	45	)
	46
2c2e9092 C	47	router.post('/register',
	48	ensureRegistrationEnabled,
	49	validatorsUsers.usersAdd,
	50	createUser
	51	)
	52
9bd26629 C	53	router.put('/:id',
	54	oAuth.authenticate,
	55	validatorsUsers.usersUpdate,
	56	updateUser
	57	)
	58
68a3b9f2	59	router.delete('/:id',
9bd26629 C	60	oAuth.authenticate,
	61	admin.ensureIsAdmin,
	62	validatorsUsers.usersRemove,
	63	removeUser
	64	)
6606150c	65
69b0a27c	66	router.post('/token', oAuth.token, success)
9bd26629	67	// TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route
9457bf88 C	68
	69	// ---------------------------------------------------------------------------
	70
	71	module.exports = router
	72
	73	// ---------------------------------------------------------------------------
	74
2c2e9092 C	75	function ensureRegistrationEnabled (req, res, next) {
	76	const registrationEnabled = constants.CONFIG.SIGNUP.ENABLED
	77
	78	if (registrationEnabled === true) {
	79	return next()
	80	}
	81
	82	return res.status(400).send('User registration is not enabled.')
	83	}
	84
9bd26629	85	function createUser (req, res, next) {
feb4bdfd	86	const user = db.User.build({
9bd26629 C	87	username: req.body.username,
9bd26629 C	88	password: req.body.password,
ad4a8a1c	89	email: req.body.email,
1d49e1e2	90	displayNSFW: false,
9bd26629 C	91	role: constants.USER_ROLES.USER
	92	})
	93
feb4bdfd	94	user.save().asCallback(function (err, createdUser) {
9bd26629 C	95	if (err) return next(err)
	96
	97	return res.type('json').status(204).end()
	98	})
	99	}
	100
99a64bfe	101	function getUserInformation (req, res, next) {
feb4bdfd	102	db.User.loadByUsername(res.locals.oauth.token.user.username, function (err, user) {
99a64bfe C	103	if (err) return next(err)
	104
	105	return res.json(user.toFormatedJSON())
	106	})
	107	}
	108
d38b8281 C	109	function getUserVideoRating (req, res, next) {
	110	const videoId = req.params.videoId
	111	const userId = res.locals.oauth.token.User.id
	112
	113	db.UserVideoRate.load(userId, videoId, function (err, ratingObj) {
	114	if (err) return next(err)
	115
	116	const rating = ratingObj ? ratingObj.type : 'none'
	117
	118	res.json({
	119	videoId,
	120	rating
	121	})
	122	})
	123	}
	124
9bd26629	125	function listUsers (req, res, next) {
feb4bdfd	126	db.User.listForApi(req.query.start, req.query.count, req.query.sort, function (err, usersList, usersTotal) {
9bd26629 C	127	if (err) return next(err)
9bd26629 C	128
55fa55a9	129	res.json(utils.getFormatedObjects(usersList, usersTotal))
9bd26629 C	130	})
	131	}
	132
	133	function removeUser (req, res, next) {
	134	waterfall([
98ac898a	135	function loadUser (callback) {
feb4bdfd	136	db.User.loadById(req.params.id, callback)
9bd26629 C	137	},
9bd26629 C	138
98ac898a	139	function deleteUser (user, callback) {
feb4bdfd	140	user.destroy().asCallback(callback)
9bd26629 C	141	}
	142	], function andFinally (err) {
	143	if (err) {
	144	logger.error('Errors when removed the user.', { error: err })
	145	return next(err)
	146	}
	147
10431358	148	return res.sendStatus(204)
9bd26629 C	149	})
	150	}
	151
	152	function updateUser (req, res, next) {
feb4bdfd	153	db.User.loadByUsername(res.locals.oauth.token.user.username, function (err, user) {
9bd26629 C	154	if (err) return next(err)
9bd26629 C	155
1d49e1e2 C	156	if (req.body.password) user.password = req.body.password
	157	if (req.body.displayNSFW !== undefined) user.displayNSFW = req.body.displayNSFW
	158
feb4bdfd	159	user.save().asCallback(function (err) {
9bd26629 C	160	if (err) return next(err)
9bd26629 C	161
10431358	162	return res.sendStatus(204)
9bd26629 C	163	})
	164	})
	165	}
	166
9457bf88 C	167	function success (req, res, next) {
	168	res.end()
	169	}