[github/Chocobozzz/PeerTube.git] / server / controllers / api / users.ts

import * as express from 'express'

import { database as db } from '../../initializers/database'
import { USER_ROLES, CONFIG } from '../../initializers'
import { logger, getFormattedObjects, retryTransactionWrapper } from '../../helpers'
import {
  authenticate,
  ensureIsAdmin,
  ensureUserRegistrationAllowed,
  usersAddValidator,
  usersRegisterValidator,
  usersUpdateValidator,
  usersUpdateMeValidator,
  usersRemoveValidator,
  usersVideoRatingValidator,
  usersGetValidator,
  paginationValidator,
  setPagination,
  usersSortValidator,
  setUsersSort,
  token
} from '../../middlewares'
import {
  UserVideoRate as FormattedUserVideoRate,
  UserCreate,
  UserUpdate,
  UserUpdateMe
} from '../../../shared'
import { createUserAuthorAndChannel } from '../../lib'
import { UserInstance } from '../../models'

const usersRouter = express.Router()

usersRouter.get('/me',
  authenticate,
  getUserInformation
)

usersRouter.get('/me/videos/:videoId/rating',
  authenticate,
  usersVideoRatingValidator,
  getUserVideoRating
)

usersRouter.get('/',
  paginationValidator,
  usersSortValidator,
  setUsersSort,
  setPagination,
  listUsers
)

usersRouter.get('/:id',
  usersGetValidator,
  getUser
)

usersRouter.post('/',
  authenticate,
  ensureIsAdmin,
  usersAddValidator,
  createUserRetryWrapper
)

usersRouter.post('/register',
  ensureUserRegistrationAllowed,
  usersRegisterValidator,
  registerUser
)

usersRouter.put('/me',
  authenticate,
  usersUpdateMeValidator,
  updateMe
)

usersRouter.put('/:id',
  authenticate,
  ensureIsAdmin,
  usersUpdateValidator,
  updateUser
)

usersRouter.delete('/:id',
  authenticate,
  ensureIsAdmin,
  usersRemoveValidator,
  removeUser
)

usersRouter.post('/token', token, success)
// TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route

// ---------------------------------------------------------------------------

export {
  usersRouter
}

// ---------------------------------------------------------------------------

function createUserRetryWrapper (req: express.Request, res: express.Response, next: express.NextFunction) {
  const options = {
    arguments: [ req, res ],
    errorMessage: 'Cannot insert the user with many retries.'
  }

  retryTransactionWrapper(createUser, options)
    .then(() => {
      // TODO : include Location of the new user -> 201
      res.type('json').status(204).end()
    })
    .catch(err => next(err))
}

function createUser (req: express.Request, res: express.Response, next: express.NextFunction) {
  const body: UserCreate = req.body
  const user = db.User.build({
    username: body.username,
    password: body.password,
    email: body.email,
    displayNSFW: false,
    role: USER_ROLES.USER,
    videoQuota: body.videoQuota
  })

  return createUserAuthorAndChannel(user)
    .then(() => logger.info('User %s with its channel and author created.', body.username))
    .catch((err: Error) => {
      logger.debug('Cannot insert the user.', err)
      throw err
    })
}

function registerUser (req: express.Request, res: express.Response, next: express.NextFunction) {
  const body: UserCreate = req.body

  const user = db.User.build({
    username: body.username,
    password: body.password,
    email: body.email,
    displayNSFW: false,
    role: USER_ROLES.USER,
    videoQuota: CONFIG.USER.VIDEO_QUOTA
  })

  return createUserAuthorAndChannel(user)
    .then(() => res.type('json').status(204).end())
    .catch(err => next(err))
}

function getUserInformation (req: express.Request, res: express.Response, next: express.NextFunction) {
  db.User.loadByUsernameAndPopulateChannels(res.locals.oauth.token.user.username)
    .then(user => res.json(user.toFormattedJSON()))
    .catch(err => next(err))
}

function getUser (req: express.Request, res: express.Response, next: express.NextFunction) {
  return res.json(res.locals.user.toFormattedJSON())
}

function getUserVideoRating (req: express.Request, res: express.Response, next: express.NextFunction) {
  const videoId = +req.params.videoId
  const userId = +res.locals.oauth.token.User.id

  db.UserVideoRate.load(userId, videoId, null)
    .then(ratingObj => {
      const rating = ratingObj ? ratingObj.type : 'none'
      const json: FormattedUserVideoRate = {
        videoId,
        rating
      }
      res.json(json)
    })
    .catch(err => next(err))
}

function listUsers (req: express.Request, res: express.Response, next: express.NextFunction) {
  db.User.listForApi(req.query.start, req.query.count, req.query.sort)
    .then(resultList => {
      res.json(getFormattedObjects(resultList.data, resultList.total))
    })
    .catch(err => next(err))
}

function removeUser (req: express.Request, res: express.Response, next: express.NextFunction) {
  db.User.loadById(req.params.id)
    .then(user => user.destroy())
    .then(() => res.sendStatus(204))
    .catch(err => {
      logger.error('Errors when removed the user.', err)
      return next(err)
    })
}

function updateMe (req: express.Request, res: express.Response, next: express.NextFunction) {
  const body: UserUpdateMe = req.body

  // FIXME: user is not already a Sequelize instance?
  db.User.loadByUsername(res.locals.oauth.token.user.username)
    .then(user => {
      if (body.password !== undefined) user.password = body.password
      if (body.email !== undefined) user.email = body.email
      if (body.displayNSFW !== undefined) user.displayNSFW = body.displayNSFW

      return user.save()
    })
    .then(() => res.sendStatus(204))
    .catch(err => next(err))
}

function updateUser (req: express.Request, res: express.Response, next: express.NextFunction) {
  const body: UserUpdate = req.body
  const user: UserInstance = res.locals.user

  if (body.email !== undefined) user.email = body.email
  if (body.videoQuota !== undefined) user.videoQuota = body.videoQuota

  return user.save()
    .then(() => res.sendStatus(204))
    .catch(err => next(err))
}

function success (req: express.Request, res: express.Response, next: express.NextFunction) {
  res.end()
}
Commit	Line	Data
4d4e5cd4	1	import * as express from 'express'
9457bf88	2
e02643f3	3	import { database as db } from '../../initializers/database'
b0f9f39e	4	import { USER_ROLES, CONFIG } from '../../initializers'
72c7248b	5	import { logger, getFormattedObjects, retryTransactionWrapper } from '../../helpers'
65fcc311 C	6	import {
	7	authenticate,
	8	ensureIsAdmin,
291e8d3e	9	ensureUserRegistrationAllowed,
65fcc311	10	usersAddValidator,
77a5501f	11	usersRegisterValidator,
65fcc311	12	usersUpdateValidator,
8094a898	13	usersUpdateMeValidator,
65fcc311 C	14	usersRemoveValidator,
65fcc311 C	15	usersVideoRatingValidator,
8094a898	16	usersGetValidator,
65fcc311 C	17	paginationValidator,
	18	setPagination,
	19	usersSortValidator,
	20	setUsersSort,
	21	token
	22	} from '../../middlewares'
8094a898 C	23	import {
	24	UserVideoRate as FormattedUserVideoRate,
	25	UserCreate,
	26	UserUpdate,
	27	UserUpdateMe
	28	} from '../../../shared'
72c7248b	29	import { createUserAuthorAndChannel } from '../../lib'
77a5501f	30	import { UserInstance } from '../../models'
65fcc311 C	31
	32	const usersRouter = express.Router()
	33
	34	usersRouter.get('/me',
	35	authenticate,
d38b8281 C	36	getUserInformation
	37	)
	38
65fcc311 C	39	usersRouter.get('/me/videos/:videoId/rating',
	40	authenticate,
	41	usersVideoRatingValidator,
d38b8281 C	42	getUserVideoRating
d38b8281 C	43	)
9bd26629	44
65fcc311 C	45	usersRouter.get('/',
	46	paginationValidator,
	47	usersSortValidator,
	48	setUsersSort,
	49	setPagination,
5c39adb7 C	50	listUsers
	51	)
	52
8094a898 C	53	usersRouter.get('/:id',
	54	usersGetValidator,
	55	getUser
	56	)
	57
65fcc311 C	58	usersRouter.post('/',
	59	authenticate,
	60	ensureIsAdmin,
	61	usersAddValidator,
72c7248b	62	createUserRetryWrapper
9bd26629 C	63	)
9bd26629 C	64
65fcc311	65	usersRouter.post('/register',
291e8d3e	66	ensureUserRegistrationAllowed,
77a5501f C	67	usersRegisterValidator,
77a5501f C	68	registerUser
2c2e9092 C	69	)
2c2e9092 C	70
8094a898 C	71	usersRouter.put('/me',
	72	authenticate,
	73	usersUpdateMeValidator,
	74	updateMe
	75	)
	76
65fcc311 C	77	usersRouter.put('/:id',
65fcc311 C	78	authenticate,
8094a898	79	ensureIsAdmin,
65fcc311	80	usersUpdateValidator,
9bd26629 C	81	updateUser
	82	)
	83
65fcc311 C	84	usersRouter.delete('/:id',
	85	authenticate,
	86	ensureIsAdmin,
	87	usersRemoveValidator,
9bd26629 C	88	removeUser
9bd26629 C	89	)
6606150c	90
65fcc311	91	usersRouter.post('/token', token, success)
9bd26629	92	// TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route
9457bf88 C	93
	94	// ---------------------------------------------------------------------------
	95
65fcc311 C	96	export {
	97	usersRouter
	98	}
9457bf88 C	99
	100	// ---------------------------------------------------------------------------
	101
72c7248b C	102	function createUserRetryWrapper (req: express.Request, res: express.Response, next: express.NextFunction) {
	103	const options = {
	104	arguments: [ req, res ],
	105	errorMessage: 'Cannot insert the user with many retries.'
	106	}
	107
	108	retryTransactionWrapper(createUser, options)
	109	.then(() => {
	110	// TODO : include Location of the new user -> 201
	111	res.type('json').status(204).end()
	112	})
	113	.catch(err => next(err))
	114	}
	115
69818c93	116	function createUser (req: express.Request, res: express.Response, next: express.NextFunction) {
4771e000	117	const body: UserCreate = req.body
feb4bdfd	118	const user = db.User.build({
4771e000 C	119	username: body.username,
	120	password: body.password,
	121	email: body.email,
1d49e1e2	122	displayNSFW: false,
b0f9f39e C	123	role: USER_ROLES.USER,
b0f9f39e C	124	videoQuota: body.videoQuota
9bd26629 C	125	})
9bd26629 C	126
72c7248b C	127	return createUserAuthorAndChannel(user)
	128	.then(() => logger.info('User %s with its channel and author created.', body.username))
	129	.catch((err: Error) => {
	130	logger.debug('Cannot insert the user.', err)
	131	throw err
	132	})
9bd26629 C	133	}
9bd26629 C	134
77a5501f C	135	function registerUser (req: express.Request, res: express.Response, next: express.NextFunction) {
	136	const body: UserCreate = req.body
	137
	138	const user = db.User.build({
	139	username: body.username,
	140	password: body.password,
	141	email: body.email,
	142	displayNSFW: false,
	143	role: USER_ROLES.USER,
	144	videoQuota: CONFIG.USER.VIDEO_QUOTA
	145	})
	146
72c7248b	147	return createUserAuthorAndChannel(user)
77a5501f C	148	.then(() => res.type('json').status(204).end())
	149	.catch(err => next(err))
	150	}
	151
69818c93	152	function getUserInformation (req: express.Request, res: express.Response, next: express.NextFunction) {
72c7248b	153	db.User.loadByUsernameAndPopulateChannels(res.locals.oauth.token.user.username)
0aef76c4	154	.then(user => res.json(user.toFormattedJSON()))
6fcd19ba	155	.catch(err => next(err))
99a64bfe C	156	}
99a64bfe C	157
8094a898 C	158	function getUser (req: express.Request, res: express.Response, next: express.NextFunction) {
	159	return res.json(res.locals.user.toFormattedJSON())
	160	}
	161
69818c93	162	function getUserVideoRating (req: express.Request, res: express.Response, next: express.NextFunction) {
0a6658fd	163	const videoId = +req.params.videoId
69818c93	164	const userId = +res.locals.oauth.token.User.id
d38b8281	165
6fcd19ba C	166	db.UserVideoRate.load(userId, videoId, null)
	167	.then(ratingObj => {
	168	const rating = ratingObj ? ratingObj.type : 'none'
0aef76c4	169	const json: FormattedUserVideoRate = {
6fcd19ba C	170	videoId,
	171	rating
	172	}
	173	res.json(json)
	174	})
	175	.catch(err => next(err))
d38b8281 C	176	}
d38b8281 C	177
69818c93	178	function listUsers (req: express.Request, res: express.Response, next: express.NextFunction) {
6fcd19ba C	179	db.User.listForApi(req.query.start, req.query.count, req.query.sort)
6fcd19ba C	180	.then(resultList => {
0aef76c4	181	res.json(getFormattedObjects(resultList.data, resultList.total))
6fcd19ba C	182	})
6fcd19ba C	183	.catch(err => next(err))
9bd26629 C	184	}
9bd26629 C	185
69818c93	186	function removeUser (req: express.Request, res: express.Response, next: express.NextFunction) {
6fcd19ba C	187	db.User.loadById(req.params.id)
	188	.then(user => user.destroy())
	189	.then(() => res.sendStatus(204))
	190	.catch(err => {
ad0997ad	191	logger.error('Errors when removed the user.', err)
9bd26629	192	return next(err)
6fcd19ba	193	})
9bd26629 C	194	}
9bd26629 C	195
8094a898 C	196	function updateMe (req: express.Request, res: express.Response, next: express.NextFunction) {
8094a898 C	197	const body: UserUpdateMe = req.body
4771e000	198
8094a898	199	// FIXME: user is not already a Sequelize instance?
6fcd19ba C	200	db.User.loadByUsername(res.locals.oauth.token.user.username)
6fcd19ba C	201	.then(user => {
8094a898 C	202	if (body.password !== undefined) user.password = body.password
8094a898 C	203	if (body.email !== undefined) user.email = body.email
4771e000	204	if (body.displayNSFW !== undefined) user.displayNSFW = body.displayNSFW
1d49e1e2	205
6fcd19ba	206	return user.save()
9bd26629	207	})
6fcd19ba C	208	.then(() => res.sendStatus(204))
6fcd19ba C	209	.catch(err => next(err))
9bd26629 C	210	}
9bd26629 C	211
8094a898 C	212	function updateUser (req: express.Request, res: express.Response, next: express.NextFunction) {
8094a898 C	213	const body: UserUpdate = req.body
77a5501f	214	const user: UserInstance = res.locals.user
8094a898 C	215
	216	if (body.email !== undefined) user.email = body.email
	217	if (body.videoQuota !== undefined) user.videoQuota = body.videoQuota
	218
	219	return user.save()
	220	.then(() => res.sendStatus(204))
	221	.catch(err => next(err))
	222	}
	223
69818c93	224	function success (req: express.Request, res: express.Response, next: express.NextFunction) {
9457bf88 C	225	res.end()
9457bf88 C	226	}