[github/Chocobozzz/PeerTube.git] / server / controllers / api / users.ts

import * as express from 'express'

import { database as db, CONFIG } from '../../initializers'
import { logger, getFormattedObjects, retryTransactionWrapper } from '../../helpers'
import {
  authenticate,
  ensureUserHasRight,
  ensureUserRegistrationAllowed,
  usersAddValidator,
  usersRegisterValidator,
  usersUpdateValidator,
  usersUpdateMeValidator,
  usersRemoveValidator,
  usersVideoRatingValidator,
  usersGetValidator,
  paginationValidator,
  setPagination,
  usersSortValidator,
  setUsersSort,
  token,
  asyncMiddleware
} from '../../middlewares'
import {
  UserVideoRate as FormattedUserVideoRate,
  UserCreate,
  UserUpdate,
  UserUpdateMe,
  UserRole,
  UserRight
} from '../../../shared'
import { createUserAuthorAndChannel } from '../../lib'
import { UserInstance } from '../../models'

const usersRouter = express.Router()

usersRouter.get('/me',
  authenticate,
  asyncMiddleware(getUserInformation)
)

usersRouter.get('/me/videos/:videoId/rating',
  authenticate,
  usersVideoRatingValidator,
  asyncMiddleware(getUserVideoRating)
)

usersRouter.get('/',
  paginationValidator,
  usersSortValidator,
  setUsersSort,
  setPagination,
  asyncMiddleware(listUsers)
)

usersRouter.get('/:id',
  usersGetValidator,
  getUser
)

usersRouter.post('/',
  authenticate,
  ensureUserHasRight(UserRight.MANAGE_USERS),
  usersAddValidator,
  createUserRetryWrapper
)

usersRouter.post('/register',
  ensureUserRegistrationAllowed,
  usersRegisterValidator,
  asyncMiddleware(registerUser)
)

usersRouter.put('/me',
  authenticate,
  usersUpdateMeValidator,
  asyncMiddleware(updateMe)
)

usersRouter.put('/:id',
  authenticate,
  ensureUserHasRight(UserRight.MANAGE_USERS),
  usersUpdateValidator,
  asyncMiddleware(updateUser)
)

usersRouter.delete('/:id',
  authenticate,
  ensureUserHasRight(UserRight.MANAGE_USERS),
  usersRemoveValidator,
  asyncMiddleware(removeUser)
)

usersRouter.post('/token', token, success)
// TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route

// ---------------------------------------------------------------------------

export {
  usersRouter
}

// ---------------------------------------------------------------------------

async function createUserRetryWrapper (req: express.Request, res: express.Response, next: express.NextFunction) {
  const options = {
    arguments: [ req, res ],
    errorMessage: 'Cannot insert the user with many retries.'
  }

  await retryTransactionWrapper(createUser, options)

  // TODO : include Location of the new user -> 201
  return res.type('json').status(204).end()
}

async function createUser (req: express.Request, res: express.Response, next: express.NextFunction) {
  const body: UserCreate = req.body
  const user = db.User.build({
    username: body.username,
    password: body.password,
    email: body.email,
    displayNSFW: false,
    role: body.role,
    videoQuota: body.videoQuota
  })

  await createUserAuthorAndChannel(user)

  logger.info('User %s with its channel and author created.', body.username)
}

async function registerUser (req: express.Request, res: express.Response, next: express.NextFunction) {
  const body: UserCreate = req.body

  const user = db.User.build({
    username: body.username,
    password: body.password,
    email: body.email,
    displayNSFW: false,
    role: UserRole.USER,
    videoQuota: CONFIG.USER.VIDEO_QUOTA
  })

  await createUserAuthorAndChannel(user)
  return res.type('json').status(204).end()
}

async function getUserInformation (req: express.Request, res: express.Response, next: express.NextFunction) {
  const user = await db.User.loadByUsernameAndPopulateChannels(res.locals.oauth.token.user.username)

  return res.json(user.toFormattedJSON())
}

function getUser (req: express.Request, res: express.Response, next: express.NextFunction) {
  return res.json(res.locals.user.toFormattedJSON())
}

async function getUserVideoRating (req: express.Request, res: express.Response, next: express.NextFunction) {
  const videoId = +req.params.videoId
  const userId = +res.locals.oauth.token.User.id

  const ratingObj = await db.UserVideoRate.load(userId, videoId, null)
  const rating = ratingObj ? ratingObj.type : 'none'

  const json: FormattedUserVideoRate = {
    videoId,
    rating
  }
  res.json(json)
}

async function listUsers (req: express.Request, res: express.Response, next: express.NextFunction) {
  const resultList = await db.User.listForApi(req.query.start, req.query.count, req.query.sort)

  return res.json(getFormattedObjects(resultList.data, resultList.total))
}

async function removeUser (req: express.Request, res: express.Response, next: express.NextFunction) {
  const user = await db.User.loadById(req.params.id)

  await user.destroy()

  return res.sendStatus(204)
}

async function updateMe (req: express.Request, res: express.Response, next: express.NextFunction) {
  const body: UserUpdateMe = req.body

  // FIXME: user is not already a Sequelize instance?
  const user = res.locals.oauth.token.user

  if (body.password !== undefined) user.password = body.password
  if (body.email !== undefined) user.email = body.email
  if (body.displayNSFW !== undefined) user.displayNSFW = body.displayNSFW

  await user.save()

  return res.sendStatus(204)
}

async function updateUser (req: express.Request, res: express.Response, next: express.NextFunction) {
  const body: UserUpdate = req.body
  const user: UserInstance = res.locals.user

  if (body.email !== undefined) user.email = body.email
  if (body.videoQuota !== undefined) user.videoQuota = body.videoQuota
  if (body.role !== undefined) user.role = body.role

  await user.save()

  return res.sendStatus(204)
}

function success (req: express.Request, res: express.Response, next: express.NextFunction) {
  res.end()
}
Commit	Line	Data
4d4e5cd4	1	import * as express from 'express'
9457bf88	2
954605a8	3	import { database as db, CONFIG } from '../../initializers'
72c7248b	4	import { logger, getFormattedObjects, retryTransactionWrapper } from '../../helpers'
65fcc311 C	5	import {
65fcc311 C	6	authenticate,
954605a8	7	ensureUserHasRight,
291e8d3e	8	ensureUserRegistrationAllowed,
65fcc311	9	usersAddValidator,
77a5501f	10	usersRegisterValidator,
65fcc311	11	usersUpdateValidator,
8094a898	12	usersUpdateMeValidator,
65fcc311 C	13	usersRemoveValidator,
65fcc311 C	14	usersVideoRatingValidator,
8094a898	15	usersGetValidator,
65fcc311 C	16	paginationValidator,
	17	setPagination,
	18	usersSortValidator,
	19	setUsersSort,
eb080476 C	20	token,
eb080476 C	21	asyncMiddleware
65fcc311	22	} from '../../middlewares'
8094a898 C	23	import {
	24	UserVideoRate as FormattedUserVideoRate,
	25	UserCreate,
	26	UserUpdate,
954605a8 C	27	UserUpdateMe,
	28	UserRole,
	29	UserRight
8094a898	30	} from '../../../shared'
72c7248b	31	import { createUserAuthorAndChannel } from '../../lib'
77a5501f	32	import { UserInstance } from '../../models'
65fcc311 C	33
	34	const usersRouter = express.Router()
	35
	36	usersRouter.get('/me',
	37	authenticate,
eb080476	38	asyncMiddleware(getUserInformation)
d38b8281 C	39	)
d38b8281 C	40
65fcc311 C	41	usersRouter.get('/me/videos/:videoId/rating',
	42	authenticate,
	43	usersVideoRatingValidator,
eb080476	44	asyncMiddleware(getUserVideoRating)
d38b8281	45	)
9bd26629	46
65fcc311 C	47	usersRouter.get('/',
	48	paginationValidator,
	49	usersSortValidator,
	50	setUsersSort,
	51	setPagination,
eb080476	52	asyncMiddleware(listUsers)
5c39adb7 C	53	)
5c39adb7 C	54
8094a898 C	55	usersRouter.get('/:id',
	56	usersGetValidator,
	57	getUser
	58	)
	59
65fcc311 C	60	usersRouter.post('/',
65fcc311 C	61	authenticate,
954605a8	62	ensureUserHasRight(UserRight.MANAGE_USERS),
65fcc311	63	usersAddValidator,
72c7248b	64	createUserRetryWrapper
9bd26629 C	65	)
9bd26629 C	66
65fcc311	67	usersRouter.post('/register',
291e8d3e	68	ensureUserRegistrationAllowed,
77a5501f	69	usersRegisterValidator,
eb080476	70	asyncMiddleware(registerUser)
2c2e9092 C	71	)
2c2e9092 C	72
8094a898 C	73	usersRouter.put('/me',
	74	authenticate,
	75	usersUpdateMeValidator,
eb080476	76	asyncMiddleware(updateMe)
8094a898 C	77	)
8094a898 C	78
65fcc311 C	79	usersRouter.put('/:id',
65fcc311 C	80	authenticate,
954605a8	81	ensureUserHasRight(UserRight.MANAGE_USERS),
65fcc311	82	usersUpdateValidator,
eb080476	83	asyncMiddleware(updateUser)
9bd26629 C	84	)
9bd26629 C	85
65fcc311 C	86	usersRouter.delete('/:id',
65fcc311 C	87	authenticate,
954605a8	88	ensureUserHasRight(UserRight.MANAGE_USERS),
65fcc311	89	usersRemoveValidator,
eb080476	90	asyncMiddleware(removeUser)
9bd26629	91	)
6606150c	92
65fcc311	93	usersRouter.post('/token', token, success)
9bd26629	94	// TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route
9457bf88 C	95
	96	// ---------------------------------------------------------------------------
	97
65fcc311 C	98	export {
	99	usersRouter
	100	}
9457bf88 C	101
	102	// ---------------------------------------------------------------------------
	103
eb080476	104	async function createUserRetryWrapper (req: express.Request, res: express.Response, next: express.NextFunction) {
72c7248b C	105	const options = {
	106	arguments: [ req, res ],
	107	errorMessage: 'Cannot insert the user with many retries.'
	108	}
	109
eb080476 C	110	await retryTransactionWrapper(createUser, options)
	111
	112	// TODO : include Location of the new user -> 201
	113	return res.type('json').status(204).end()
72c7248b C	114	}
72c7248b C	115
eb080476	116	async function createUser (req: express.Request, res: express.Response, next: express.NextFunction) {
4771e000	117	const body: UserCreate = req.body
feb4bdfd	118	const user = db.User.build({
4771e000 C	119	username: body.username,
	120	password: body.password,
	121	email: body.email,
1d49e1e2	122	displayNSFW: false,
954605a8	123	role: body.role,
b0f9f39e	124	videoQuota: body.videoQuota
9bd26629 C	125	})
9bd26629 C	126
eb080476 C	127	await createUserAuthorAndChannel(user)
	128
	129	logger.info('User %s with its channel and author created.', body.username)
9bd26629 C	130	}
9bd26629 C	131
eb080476	132	async function registerUser (req: express.Request, res: express.Response, next: express.NextFunction) {
77a5501f C	133	const body: UserCreate = req.body
	134
	135	const user = db.User.build({
	136	username: body.username,
	137	password: body.password,
	138	email: body.email,
	139	displayNSFW: false,
954605a8	140	role: UserRole.USER,
77a5501f C	141	videoQuota: CONFIG.USER.VIDEO_QUOTA
	142	})
	143
eb080476 C	144	await createUserAuthorAndChannel(user)
eb080476 C	145	return res.type('json').status(204).end()
77a5501f C	146	}
77a5501f C	147
eb080476 C	148	async function getUserInformation (req: express.Request, res: express.Response, next: express.NextFunction) {
	149	const user = await db.User.loadByUsernameAndPopulateChannels(res.locals.oauth.token.user.username)
	150
	151	return res.json(user.toFormattedJSON())
99a64bfe C	152	}
99a64bfe C	153
8094a898 C	154	function getUser (req: express.Request, res: express.Response, next: express.NextFunction) {
	155	return res.json(res.locals.user.toFormattedJSON())
	156	}
	157
eb080476	158	async function getUserVideoRating (req: express.Request, res: express.Response, next: express.NextFunction) {
0a6658fd	159	const videoId = +req.params.videoId
69818c93	160	const userId = +res.locals.oauth.token.User.id
d38b8281	161
faab3a84 C	162	const ratingObj = await db.UserVideoRate.load(userId, videoId, null)
	163	const rating = ratingObj ? ratingObj.type : 'none'
	164
	165	const json: FormattedUserVideoRate = {
	166	videoId,
	167	rating
	168	}
	169	res.json(json)
d38b8281 C	170	}
d38b8281 C	171
eb080476 C	172	async function listUsers (req: express.Request, res: express.Response, next: express.NextFunction) {
	173	const resultList = await db.User.listForApi(req.query.start, req.query.count, req.query.sort)
	174
	175	return res.json(getFormattedObjects(resultList.data, resultList.total))
9bd26629 C	176	}
9bd26629 C	177
eb080476 C	178	async function removeUser (req: express.Request, res: express.Response, next: express.NextFunction) {
	179	const user = await db.User.loadById(req.params.id)
	180
	181	await user.destroy()
	182
	183	return res.sendStatus(204)
9bd26629 C	184	}
9bd26629 C	185
eb080476	186	async function updateMe (req: express.Request, res: express.Response, next: express.NextFunction) {
8094a898	187	const body: UserUpdateMe = req.body
4771e000	188
8094a898	189	// FIXME: user is not already a Sequelize instance?
eb080476	190	const user = res.locals.oauth.token.user
1d49e1e2	191
eb080476 C	192	if (body.password !== undefined) user.password = body.password
	193	if (body.email !== undefined) user.email = body.email
	194	if (body.displayNSFW !== undefined) user.displayNSFW = body.displayNSFW
	195
	196	await user.save()
	197
d412e80e	198	return res.sendStatus(204)
9bd26629 C	199	}
9bd26629 C	200
eb080476	201	async function updateUser (req: express.Request, res: express.Response, next: express.NextFunction) {
8094a898	202	const body: UserUpdate = req.body
77a5501f	203	const user: UserInstance = res.locals.user
8094a898 C	204
	205	if (body.email !== undefined) user.email = body.email
	206	if (body.videoQuota !== undefined) user.videoQuota = body.videoQuota
954605a8	207	if (body.role !== undefined) user.role = body.role
8094a898	208
eb080476 C	209	await user.save()
	210
	211	return res.sendStatus(204)
8094a898 C	212	}
8094a898 C	213
69818c93	214	function success (req: express.Request, res: express.Response, next: express.NextFunction) {
9457bf88 C	215	res.end()
9457bf88 C	216	}