[github/Chocobozzz/PeerTube.git] / server / controllers / api / users.js

'use strict'

const express = require('express')
const waterfall = require('async/waterfall')

const constants = require('../../initializers/constants')
const db = require('../../initializers/database')
const logger = require('../../helpers/logger')
const utils = require('../../helpers/utils')
const middlewares = require('../../middlewares')
const admin = middlewares.admin
const oAuth = middlewares.oauth
const pagination = middlewares.pagination
const sort = middlewares.sort
const validatorsPagination = middlewares.validators.pagination
const validatorsSort = middlewares.validators.sort
const validatorsUsers = middlewares.validators.users

const router = express.Router()

router.get('/me',
  oAuth.authenticate,
  getUserInformation
)

router.get('/me/videos/:videoId/rating',
  oAuth.authenticate,
  validatorsUsers.usersVideoRating,
  getUserVideoRating
)

router.get('/',
  validatorsPagination.pagination,
  validatorsSort.usersSort,
  sort.setUsersSort,
  pagination.setPagination,
  listUsers
)

router.post('/',
  oAuth.authenticate,
  admin.ensureIsAdmin,
  validatorsUsers.usersAdd,
  createUser
)

router.post('/register',
  ensureRegistrationEnabled,
  validatorsUsers.usersAdd,
  createUser
)

router.put('/:id',
  oAuth.authenticate,
  validatorsUsers.usersUpdate,
  updateUser
)

router.delete('/:id',
  oAuth.authenticate,
  admin.ensureIsAdmin,
  validatorsUsers.usersRemove,
  removeUser
)

router.post('/token', oAuth.token, success)
// TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route

// ---------------------------------------------------------------------------

module.exports = router

// ---------------------------------------------------------------------------

function ensureRegistrationEnabled (req, res, next) {
  const registrationEnabled = constants.CONFIG.SIGNUP.ENABLED

  if (registrationEnabled === true) {
    return next()
  }

  return res.status(400).send('User registration is not enabled.')
}

function createUser (req, res, next) {
  const user = db.User.build({
    username: req.body.username,
    password: req.body.password,
    email: req.body.email,
    displayNSFW: false,
    role: constants.USER_ROLES.USER
  })

  user.save().asCallback(function (err, createdUser) {
    if (err) return next(err)

    return res.type('json').status(204).end()
  })
}

function getUserInformation (req, res, next) {
  db.User.loadByUsername(res.locals.oauth.token.user.username, function (err, user) {
    if (err) return next(err)

    return res.json(user.toFormatedJSON())
  })
}

function getUserVideoRating (req, res, next) {
  const videoId = req.params.videoId
  const userId = res.locals.oauth.token.User.id

  db.UserVideoRate.load(userId, videoId, function (err, ratingObj) {
    if (err) return next(err)

    const rating = ratingObj ? ratingObj.type : 'none'

    res.json({
      videoId,
      rating
    })
  })
}

function listUsers (req, res, next) {
  db.User.listForApi(req.query.start, req.query.count, req.query.sort, function (err, usersList, usersTotal) {
    if (err) return next(err)

    res.json(utils.getFormatedObjects(usersList, usersTotal))
  })
}

function removeUser (req, res, next) {
  waterfall([
    function loadUser (callback) {
      db.User.loadById(req.params.id, callback)
    },

    function deleteUser (user, callback) {
      user.destroy().asCallback(callback)
    }
  ], function andFinally (err) {
    if (err) {
      logger.error('Errors when removed the user.', { error: err })
      return next(err)
    }

    return res.sendStatus(204)
  })
}

function updateUser (req, res, next) {
  db.User.loadByUsername(res.locals.oauth.token.user.username, function (err, user) {
    if (err) return next(err)

    if (req.body.password) user.password = req.body.password
    if (req.body.displayNSFW !== undefined) user.displayNSFW = req.body.displayNSFW

    user.save().asCallback(function (err) {
      if (err) return next(err)

      return res.sendStatus(204)
    })
  })
}

function success (req, res, next) {
  res.end()
}
Commit	Line	Data
	1	'use strict'
	2
	3	const express = require('express')
	4	const waterfall = require('async/waterfall')
	5
	6	const constants = require('../../initializers/constants')
	7	const db = require('../../initializers/database')
	8	const logger = require('../../helpers/logger')
	9	const utils = require('../../helpers/utils')
	10	const middlewares = require('../../middlewares')
	11	const admin = middlewares.admin
	12	const oAuth = middlewares.oauth
	13	const pagination = middlewares.pagination
	14	const sort = middlewares.sort
	15	const validatorsPagination = middlewares.validators.pagination
	16	const validatorsSort = middlewares.validators.sort
	17	const validatorsUsers = middlewares.validators.users
	18
	19	const router = express.Router()
	20
	21	router.get('/me',
	22	oAuth.authenticate,
	23	getUserInformation
	24	)
	25
	26	router.get('/me/videos/:videoId/rating',
	27	oAuth.authenticate,
	28	validatorsUsers.usersVideoRating,
	29	getUserVideoRating
	30	)
	31
	32	router.get('/',
	33	validatorsPagination.pagination,
	34	validatorsSort.usersSort,
	35	sort.setUsersSort,
	36	pagination.setPagination,
	37	listUsers
	38	)
	39
	40	router.post('/',
	41	oAuth.authenticate,
	42	admin.ensureIsAdmin,
	43	validatorsUsers.usersAdd,
	44	createUser
	45	)
	46
	47	router.post('/register',
	48	ensureRegistrationEnabled,
	49	validatorsUsers.usersAdd,
	50	createUser
	51	)
	52
	53	router.put('/:id',
	54	oAuth.authenticate,
	55	validatorsUsers.usersUpdate,
	56	updateUser
	57	)
	58
	59	router.delete('/:id',
	60	oAuth.authenticate,
	61	admin.ensureIsAdmin,
	62	validatorsUsers.usersRemove,
	63	removeUser
	64	)
	65
	66	router.post('/token', oAuth.token, success)
	67	// TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route
	68
	69	// ---------------------------------------------------------------------------
	70
	71	module.exports = router
	72
	73	// ---------------------------------------------------------------------------
	74
	75	function ensureRegistrationEnabled (req, res, next) {
	76	const registrationEnabled = constants.CONFIG.SIGNUP.ENABLED
	77
	78	if (registrationEnabled === true) {
	79	return next()
	80	}
	81
	82	return res.status(400).send('User registration is not enabled.')
	83	}
	84
	85	function createUser (req, res, next) {
	86	const user = db.User.build({
	87	username: req.body.username,
	88	password: req.body.password,
	89	email: req.body.email,
	90	displayNSFW: false,
	91	role: constants.USER_ROLES.USER
	92	})
	93
	94	user.save().asCallback(function (err, createdUser) {
	95	if (err) return next(err)
	96
	97	return res.type('json').status(204).end()
	98	})
	99	}
	100
	101	function getUserInformation (req, res, next) {
	102	db.User.loadByUsername(res.locals.oauth.token.user.username, function (err, user) {
	103	if (err) return next(err)
	104
	105	return res.json(user.toFormatedJSON())
	106	})
	107	}
	108
	109	function getUserVideoRating (req, res, next) {
	110	const videoId = req.params.videoId
	111	const userId = res.locals.oauth.token.User.id
	112
	113	db.UserVideoRate.load(userId, videoId, function (err, ratingObj) {
	114	if (err) return next(err)
	115
	116	const rating = ratingObj ? ratingObj.type : 'none'
	117
	118	res.json({
	119	videoId,
	120	rating
	121	})
	122	})
	123	}
	124
	125	function listUsers (req, res, next) {
	126	db.User.listForApi(req.query.start, req.query.count, req.query.sort, function (err, usersList, usersTotal) {
	127	if (err) return next(err)
	128
	129	res.json(utils.getFormatedObjects(usersList, usersTotal))
	130	})
	131	}
	132
	133	function removeUser (req, res, next) {
	134	waterfall([
	135	function loadUser (callback) {
	136	db.User.loadById(req.params.id, callback)
	137	},
	138
	139	function deleteUser (user, callback) {
	140	user.destroy().asCallback(callback)
	141	}
	142	], function andFinally (err) {
	143	if (err) {
	144	logger.error('Errors when removed the user.', { error: err })
	145	return next(err)
	146	}
	147
	148	return res.sendStatus(204)
	149	})
	150	}
	151
	152	function updateUser (req, res, next) {
	153	db.User.loadByUsername(res.locals.oauth.token.user.username, function (err, user) {
	154	if (err) return next(err)
	155
	156	if (req.body.password) user.password = req.body.password
	157	if (req.body.displayNSFW !== undefined) user.displayNSFW = req.body.displayNSFW
	158
	159	user.save().asCallback(function (err) {
	160	if (err) return next(err)
	161
	162	return res.sendStatus(204)
	163	})
	164	})
	165	}
	166
	167	function success (req, res, next) {
	168	res.end()
	169	}