]>
Commit | Line | Data |
---|---|---|
1 | 'use strict' | |
2 | ||
3 | const express = require('express') | |
4 | const waterfall = require('async/waterfall') | |
5 | ||
6 | const constants = require('../../initializers/constants') | |
7 | const db = require('../../initializers/database') | |
8 | const logger = require('../../helpers/logger') | |
9 | const utils = require('../../helpers/utils') | |
10 | const middlewares = require('../../middlewares') | |
11 | const admin = middlewares.admin | |
12 | const oAuth = middlewares.oauth | |
13 | const pagination = middlewares.pagination | |
14 | const sort = middlewares.sort | |
15 | const validatorsPagination = middlewares.validators.pagination | |
16 | const validatorsSort = middlewares.validators.sort | |
17 | const validatorsUsers = middlewares.validators.users | |
18 | ||
19 | const router = express.Router() | |
20 | ||
21 | router.get('/me', oAuth.authenticate, getUserInformation) | |
22 | ||
23 | router.get('/', | |
24 | validatorsPagination.pagination, | |
25 | validatorsSort.usersSort, | |
26 | sort.setUsersSort, | |
27 | pagination.setPagination, | |
28 | listUsers | |
29 | ) | |
30 | ||
31 | router.post('/', | |
32 | oAuth.authenticate, | |
33 | admin.ensureIsAdmin, | |
34 | validatorsUsers.usersAdd, | |
35 | createUser | |
36 | ) | |
37 | ||
38 | router.put('/:id', | |
39 | oAuth.authenticate, | |
40 | validatorsUsers.usersUpdate, | |
41 | updateUser | |
42 | ) | |
43 | ||
44 | router.delete('/:id', | |
45 | oAuth.authenticate, | |
46 | admin.ensureIsAdmin, | |
47 | validatorsUsers.usersRemove, | |
48 | removeUser | |
49 | ) | |
50 | ||
51 | router.post('/token', oAuth.token, success) | |
52 | // TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route | |
53 | ||
54 | // --------------------------------------------------------------------------- | |
55 | ||
56 | module.exports = router | |
57 | ||
58 | // --------------------------------------------------------------------------- | |
59 | ||
60 | function createUser (req, res, next) { | |
61 | const user = db.User.build({ | |
62 | username: req.body.username, | |
63 | password: req.body.password, | |
64 | role: constants.USER_ROLES.USER | |
65 | }) | |
66 | ||
67 | user.save().asCallback(function (err, createdUser) { | |
68 | if (err) return next(err) | |
69 | ||
70 | return res.type('json').status(204).end() | |
71 | }) | |
72 | } | |
73 | ||
74 | function getUserInformation (req, res, next) { | |
75 | db.User.loadByUsername(res.locals.oauth.token.user.username, function (err, user) { | |
76 | if (err) return next(err) | |
77 | ||
78 | return res.json(user.toFormatedJSON()) | |
79 | }) | |
80 | } | |
81 | ||
82 | function listUsers (req, res, next) { | |
83 | db.User.listForApi(req.query.start, req.query.count, req.query.sort, function (err, usersList, usersTotal) { | |
84 | if (err) return next(err) | |
85 | ||
86 | res.json(utils.getFormatedObjects(usersList, usersTotal)) | |
87 | }) | |
88 | } | |
89 | ||
90 | function removeUser (req, res, next) { | |
91 | waterfall([ | |
92 | function loadUser (callback) { | |
93 | db.User.loadById(req.params.id, callback) | |
94 | }, | |
95 | ||
96 | function deleteUser (user, callback) { | |
97 | user.destroy().asCallback(callback) | |
98 | } | |
99 | ], function andFinally (err) { | |
100 | if (err) { | |
101 | logger.error('Errors when removed the user.', { error: err }) | |
102 | return next(err) | |
103 | } | |
104 | ||
105 | return res.sendStatus(204) | |
106 | }) | |
107 | } | |
108 | ||
109 | function updateUser (req, res, next) { | |
110 | db.User.loadByUsername(res.locals.oauth.token.user.username, function (err, user) { | |
111 | if (err) return next(err) | |
112 | ||
113 | user.password = req.body.password | |
114 | user.save().asCallback(function (err) { | |
115 | if (err) return next(err) | |
116 | ||
117 | return res.sendStatus(204) | |
118 | }) | |
119 | }) | |
120 | } | |
121 | ||
122 | function success (req, res, next) { | |
123 | res.end() | |
124 | } |