[github/Chocobozzz/PeerTube.git] / server / controllers / api / users.ts

import * as express from 'express'
import { UserCreate, UserRight, UserRole, UserUpdate, UserUpdateMe, UserVideoRate as FormattedUserVideoRate } from '../../../shared'
import { getFormattedObjects, logger, retryTransactionWrapper } from '../../helpers'
import { CONFIG, database as db } from '../../initializers'
import { createUserAccountAndChannel } from '../../lib'
import {
  asyncMiddleware,
  authenticate,
  ensureUserHasRight,
  ensureUserRegistrationAllowed,
  paginationValidator,
  setPagination,
  setUsersSort,
  token,
  usersAddValidator,
  usersGetValidator,
  usersRegisterValidator,
  usersRemoveValidator,
  usersSortValidator,
  usersUpdateMeValidator,
  usersUpdateValidator,
  usersVideoRatingValidator
} from '../../middlewares'
import { setVideosSort } from '../../middlewares/sort'
import { videosSortValidator } from '../../middlewares/validators/sort'
import { UserInstance } from '../../models'

const usersRouter = express.Router()

usersRouter.get('/me',
  authenticate,
  asyncMiddleware(getUserInformation)
)

usersRouter.get('/me/videos',
  authenticate,
  paginationValidator,
  videosSortValidator,
  setVideosSort,
  setPagination,
  asyncMiddleware(getUserVideos)
)

usersRouter.get('/me/videos/:videoId/rating',
  authenticate,
  asyncMiddleware(usersVideoRatingValidator),
  asyncMiddleware(getUserVideoRating)
)

usersRouter.get('/',
  authenticate,
  ensureUserHasRight(UserRight.MANAGE_USERS),
  paginationValidator,
  usersSortValidator,
  setUsersSort,
  setPagination,
  asyncMiddleware(listUsers)
)

usersRouter.get('/:id',
  asyncMiddleware(usersGetValidator),
  getUser
)

usersRouter.post('/',
  authenticate,
  ensureUserHasRight(UserRight.MANAGE_USERS),
  asyncMiddleware(usersAddValidator),
  asyncMiddleware(createUserRetryWrapper)
)

usersRouter.post('/register',
  asyncMiddleware(ensureUserRegistrationAllowed),
  asyncMiddleware(usersRegisterValidator),
  asyncMiddleware(registerUserRetryWrapper)
)

usersRouter.put('/me',
  authenticate,
  usersUpdateMeValidator,
  asyncMiddleware(updateMe)
)

usersRouter.put('/:id',
  authenticate,
  ensureUserHasRight(UserRight.MANAGE_USERS),
  asyncMiddleware(usersUpdateValidator),
  asyncMiddleware(updateUser)
)

usersRouter.delete('/:id',
  authenticate,
  ensureUserHasRight(UserRight.MANAGE_USERS),
  asyncMiddleware(usersRemoveValidator),
  asyncMiddleware(removeUser)
)

usersRouter.post('/token', token, success)
// TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route

// ---------------------------------------------------------------------------

export {
  usersRouter
}

// ---------------------------------------------------------------------------

async function getUserVideos (req: express.Request, res: express.Response, next: express.NextFunction) {
  const user = res.locals.oauth.token.User
  const resultList = await db.Video.listUserVideosForApi(user.id ,req.query.start, req.query.count, req.query.sort)

  return res.json(getFormattedObjects(resultList.data, resultList.total))
}

async function createUserRetryWrapper (req: express.Request, res: express.Response, next: express.NextFunction) {
  const options = {
    arguments: [ req ],
    errorMessage: 'Cannot insert the user with many retries.'
  }

  await retryTransactionWrapper(createUser, options)

  // TODO : include Location of the new user -> 201
  return res.type('json').status(204).end()
}

async function createUser (req: express.Request) {
  const body: UserCreate = req.body
  const user = db.User.build({
    username: body.username,
    password: body.password,
    email: body.email,
    displayNSFW: false,
    role: body.role,
    videoQuota: body.videoQuota
  })

  await createUserAccountAndChannel(user)

  logger.info('User %s with its channel and account created.', body.username)
}

async function registerUserRetryWrapper (req: express.Request, res: express.Response, next: express.NextFunction) {
  const options = {
    arguments: [ req ],
    errorMessage: 'Cannot insert the user with many retries.'
  }

  await retryTransactionWrapper(registerUser, options)

  return res.type('json').status(204).end()
}

async function registerUser (req: express.Request) {
  const body: UserCreate = req.body

  const user = db.User.build({
    username: body.username,
    password: body.password,
    email: body.email,
    displayNSFW: false,
    role: UserRole.USER,
    videoQuota: CONFIG.USER.VIDEO_QUOTA
  })

  await createUserAccountAndChannel(user)

  logger.info('User %s with its channel and account registered.', body.username)
}

async function getUserInformation (req: express.Request, res: express.Response, next: express.NextFunction) {
  // We did not load channels in res.locals.user
  const user = await db.User.loadByUsernameAndPopulateChannels(res.locals.oauth.token.user.username)

  return res.json(user.toFormattedJSON())
}

function getUser (req: express.Request, res: express.Response, next: express.NextFunction) {
  return res.json(res.locals.user.toFormattedJSON())
}

async function getUserVideoRating (req: express.Request, res: express.Response, next: express.NextFunction) {
  const videoId = +req.params.videoId
  const accountId = +res.locals.oauth.token.User.Account.id

  const ratingObj = await db.AccountVideoRate.load(accountId, videoId, null)
  const rating = ratingObj ? ratingObj.type : 'none'

  const json: FormattedUserVideoRate = {
    videoId,
    rating
  }
  res.json(json)
}

async function listUsers (req: express.Request, res: express.Response, next: express.NextFunction) {
  const resultList = await db.User.listForApi(req.query.start, req.query.count, req.query.sort)

  return res.json(getFormattedObjects(resultList.data, resultList.total))
}

async function removeUser (req: express.Request, res: express.Response, next: express.NextFunction) {
  const user = await db.User.loadById(req.params.id)

  await user.destroy()

  return res.sendStatus(204)
}

async function updateMe (req: express.Request, res: express.Response, next: express.NextFunction) {
  const body: UserUpdateMe = req.body

  // FIXME: user is not already a Sequelize instance?
  const user = res.locals.oauth.token.user

  if (body.password !== undefined) user.password = body.password
  if (body.email !== undefined) user.email = body.email
  if (body.displayNSFW !== undefined) user.displayNSFW = body.displayNSFW

  await user.save()

  return res.sendStatus(204)
}

async function updateUser (req: express.Request, res: express.Response, next: express.NextFunction) {
  const body: UserUpdate = req.body
  const user: UserInstance = res.locals.user

  if (body.email !== undefined) user.email = body.email
  if (body.videoQuota !== undefined) user.videoQuota = body.videoQuota
  if (body.role !== undefined) user.role = body.role

  await user.save()

  return res.sendStatus(204)
}

function success (req: express.Request, res: express.Response, next: express.NextFunction) {
  res.end()
}
Commit	Line	Data
4d4e5cd4	1	import * as express from 'express'
571389d4 C	2	import { UserCreate, UserRight, UserRole, UserUpdate, UserUpdateMe, UserVideoRate as FormattedUserVideoRate } from '../../../shared'
	3	import { getFormattedObjects, logger, retryTransactionWrapper } from '../../helpers'
	4	import { CONFIG, database as db } from '../../initializers'
	5	import { createUserAccountAndChannel } from '../../lib'
65fcc311	6	import {
571389d4	7	asyncMiddleware,
65fcc311	8	authenticate,
954605a8	9	ensureUserHasRight,
291e8d3e	10	ensureUserRegistrationAllowed,
65fcc311 C	11	paginationValidator,
65fcc311 C	12	setPagination,
65fcc311	13	setUsersSort,
eb080476	14	token,
571389d4 C	15	usersAddValidator,
	16	usersGetValidator,
	17	usersRegisterValidator,
	18	usersRemoveValidator,
	19	usersSortValidator,
	20	usersUpdateMeValidator,
	21	usersUpdateValidator,
	22	usersVideoRatingValidator
65fcc311	23	} from '../../middlewares'
fd45e8f4	24	import { setVideosSort } from '../../middlewares/sort'
571389d4 C	25	import { videosSortValidator } from '../../middlewares/validators/sort'
571389d4 C	26	import { UserInstance } from '../../models'
65fcc311 C	27
	28	const usersRouter = express.Router()
	29
	30	usersRouter.get('/me',
	31	authenticate,
eb080476	32	asyncMiddleware(getUserInformation)
d38b8281 C	33	)
d38b8281 C	34
fd45e8f4 C	35	usersRouter.get('/me/videos',
	36	authenticate,
	37	paginationValidator,
	38	videosSortValidator,
	39	setVideosSort,
	40	setPagination,
	41	asyncMiddleware(getUserVideos)
	42	)
	43
65fcc311 C	44	usersRouter.get('/me/videos/:videoId/rating',
65fcc311 C	45	authenticate,
a2431b7d	46	asyncMiddleware(usersVideoRatingValidator),
eb080476	47	asyncMiddleware(getUserVideoRating)
d38b8281	48	)
9bd26629	49
65fcc311	50	usersRouter.get('/',
86d13ec2 C	51	authenticate,
86d13ec2 C	52	ensureUserHasRight(UserRight.MANAGE_USERS),
65fcc311 C	53	paginationValidator,
	54	usersSortValidator,
	55	setUsersSort,
	56	setPagination,
eb080476	57	asyncMiddleware(listUsers)
5c39adb7 C	58	)
5c39adb7 C	59
8094a898	60	usersRouter.get('/:id',
a2431b7d	61	asyncMiddleware(usersGetValidator),
8094a898 C	62	getUser
	63	)
	64
65fcc311 C	65	usersRouter.post('/',
65fcc311 C	66	authenticate,
954605a8	67	ensureUserHasRight(UserRight.MANAGE_USERS),
a2431b7d C	68	asyncMiddleware(usersAddValidator),
a2431b7d C	69	asyncMiddleware(createUserRetryWrapper)
9bd26629 C	70	)
9bd26629 C	71
65fcc311	72	usersRouter.post('/register',
a2431b7d C	73	asyncMiddleware(ensureUserRegistrationAllowed),
a2431b7d C	74	asyncMiddleware(usersRegisterValidator),
47e0652b	75	asyncMiddleware(registerUserRetryWrapper)
2c2e9092 C	76	)
2c2e9092 C	77
8094a898 C	78	usersRouter.put('/me',
	79	authenticate,
	80	usersUpdateMeValidator,
eb080476	81	asyncMiddleware(updateMe)
8094a898 C	82	)
8094a898 C	83
65fcc311 C	84	usersRouter.put('/:id',
65fcc311 C	85	authenticate,
954605a8	86	ensureUserHasRight(UserRight.MANAGE_USERS),
a2431b7d	87	asyncMiddleware(usersUpdateValidator),
eb080476	88	asyncMiddleware(updateUser)
9bd26629 C	89	)
9bd26629 C	90
65fcc311 C	91	usersRouter.delete('/:id',
65fcc311 C	92	authenticate,
954605a8	93	ensureUserHasRight(UserRight.MANAGE_USERS),
a2431b7d	94	asyncMiddleware(usersRemoveValidator),
eb080476	95	asyncMiddleware(removeUser)
9bd26629	96	)
6606150c	97
65fcc311	98	usersRouter.post('/token', token, success)
9bd26629	99	// TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route
9457bf88 C	100
	101	// ---------------------------------------------------------------------------
	102
65fcc311 C	103	export {
	104	usersRouter
	105	}
9457bf88 C	106
	107	// ---------------------------------------------------------------------------
	108
fd45e8f4 C	109	async function getUserVideos (req: express.Request, res: express.Response, next: express.NextFunction) {
	110	const user = res.locals.oauth.token.User
	111	const resultList = await db.Video.listUserVideosForApi(user.id ,req.query.start, req.query.count, req.query.sort)
	112
	113	return res.json(getFormattedObjects(resultList.data, resultList.total))
	114	}
	115
eb080476	116	async function createUserRetryWrapper (req: express.Request, res: express.Response, next: express.NextFunction) {
72c7248b	117	const options = {
47e0652b	118	arguments: [ req ],
72c7248b C	119	errorMessage: 'Cannot insert the user with many retries.'
	120	}
	121
eb080476 C	122	await retryTransactionWrapper(createUser, options)
	123
	124	// TODO : include Location of the new user -> 201
	125	return res.type('json').status(204).end()
72c7248b C	126	}
72c7248b C	127
47e0652b	128	async function createUser (req: express.Request) {
4771e000	129	const body: UserCreate = req.body
feb4bdfd	130	const user = db.User.build({
4771e000 C	131	username: body.username,
	132	password: body.password,
	133	email: body.email,
1d49e1e2	134	displayNSFW: false,
954605a8	135	role: body.role,
b0f9f39e	136	videoQuota: body.videoQuota
9bd26629 C	137	})
9bd26629 C	138
38fa2065	139	await createUserAccountAndChannel(user)
eb080476	140
38fa2065	141	logger.info('User %s with its channel and account created.', body.username)
9bd26629 C	142	}
9bd26629 C	143
47e0652b C	144	async function registerUserRetryWrapper (req: express.Request, res: express.Response, next: express.NextFunction) {
	145	const options = {
	146	arguments: [ req ],
	147	errorMessage: 'Cannot insert the user with many retries.'
	148	}
	149
	150	await retryTransactionWrapper(registerUser, options)
	151
	152	return res.type('json').status(204).end()
	153	}
	154
	155	async function registerUser (req: express.Request) {
77a5501f C	156	const body: UserCreate = req.body
	157
	158	const user = db.User.build({
	159	username: body.username,
	160	password: body.password,
	161	email: body.email,
	162	displayNSFW: false,
954605a8	163	role: UserRole.USER,
77a5501f C	164	videoQuota: CONFIG.USER.VIDEO_QUOTA
	165	})
	166
38fa2065	167	await createUserAccountAndChannel(user)
47e0652b C	168
47e0652b C	169	logger.info('User %s with its channel and account registered.', body.username)
77a5501f C	170	}
77a5501f C	171
eb080476	172	async function getUserInformation (req: express.Request, res: express.Response, next: express.NextFunction) {
fd45e8f4	173	// We did not load channels in res.locals.user
eb080476 C	174	const user = await db.User.loadByUsernameAndPopulateChannels(res.locals.oauth.token.user.username)
	175
	176	return res.json(user.toFormattedJSON())
99a64bfe C	177	}
99a64bfe C	178
8094a898	179	function getUser (req: express.Request, res: express.Response, next: express.NextFunction) {
11474c3c	180	return res.json(res.locals.user.toFormattedJSON())
8094a898 C	181	}
8094a898 C	182
eb080476	183	async function getUserVideoRating (req: express.Request, res: express.Response, next: express.NextFunction) {
0a6658fd	184	const videoId = +req.params.videoId
571389d4	185	const accountId = +res.locals.oauth.token.User.Account.id
d38b8281	186
571389d4	187	const ratingObj = await db.AccountVideoRate.load(accountId, videoId, null)
faab3a84 C	188	const rating = ratingObj ? ratingObj.type : 'none'
	189
	190	const json: FormattedUserVideoRate = {
	191	videoId,
	192	rating
	193	}
	194	res.json(json)
d38b8281 C	195	}
d38b8281 C	196
eb080476 C	197	async function listUsers (req: express.Request, res: express.Response, next: express.NextFunction) {
	198	const resultList = await db.User.listForApi(req.query.start, req.query.count, req.query.sort)
	199
	200	return res.json(getFormattedObjects(resultList.data, resultList.total))
9bd26629 C	201	}
9bd26629 C	202
eb080476 C	203	async function removeUser (req: express.Request, res: express.Response, next: express.NextFunction) {
	204	const user = await db.User.loadById(req.params.id)
	205
	206	await user.destroy()
	207
	208	return res.sendStatus(204)
9bd26629 C	209	}
9bd26629 C	210
eb080476	211	async function updateMe (req: express.Request, res: express.Response, next: express.NextFunction) {
8094a898	212	const body: UserUpdateMe = req.body
4771e000	213
8094a898	214	// FIXME: user is not already a Sequelize instance?
eb080476	215	const user = res.locals.oauth.token.user
1d49e1e2	216
eb080476 C	217	if (body.password !== undefined) user.password = body.password
	218	if (body.email !== undefined) user.email = body.email
	219	if (body.displayNSFW !== undefined) user.displayNSFW = body.displayNSFW
	220
	221	await user.save()
	222
d412e80e	223	return res.sendStatus(204)
9bd26629 C	224	}
9bd26629 C	225
eb080476	226	async function updateUser (req: express.Request, res: express.Response, next: express.NextFunction) {
8094a898	227	const body: UserUpdate = req.body
77a5501f	228	const user: UserInstance = res.locals.user
8094a898 C	229
	230	if (body.email !== undefined) user.email = body.email
	231	if (body.videoQuota !== undefined) user.videoQuota = body.videoQuota
954605a8	232	if (body.role !== undefined) user.role = body.role
8094a898	233
eb080476 C	234	await user.save()
	235
	236	return res.sendStatus(204)
8094a898 C	237	}
8094a898 C	238
69818c93	239	function success (req: express.Request, res: express.Response, next: express.NextFunction) {
9457bf88 C	240	res.end()
9457bf88 C	241	}