[github/Chocobozzz/PeerTube.git] / server / controllers / api / users.ts

import * as express from 'express'

import { database as db } from '../../initializers/database'
import { USER_ROLES, CONFIG } from '../../initializers'
import { logger, getFormattedObjects } from '../../helpers'
import {
  authenticate,
  ensureIsAdmin,
  ensureUserRegistrationAllowed,
  usersAddValidator,
  usersRegisterValidator,
  usersUpdateValidator,
  usersUpdateMeValidator,
  usersRemoveValidator,
  usersVideoRatingValidator,
  usersGetValidator,
  paginationValidator,
  setPagination,
  usersSortValidator,
  setUsersSort,
  token
} from '../../middlewares'
import {
  UserVideoRate as FormattedUserVideoRate,
  UserCreate,
  UserUpdate,
  UserUpdateMe
} from '../../../shared'
import { UserInstance } from '../../models'

const usersRouter = express.Router()

usersRouter.get('/me',
  authenticate,
  getUserInformation
)

usersRouter.get('/me/videos/:videoId/rating',
  authenticate,
  usersVideoRatingValidator,
  getUserVideoRating
)

usersRouter.get('/',
  paginationValidator,
  usersSortValidator,
  setUsersSort,
  setPagination,
  listUsers
)

usersRouter.get('/:id',
  usersGetValidator,
  getUser
)

usersRouter.post('/',
  authenticate,
  ensureIsAdmin,
  usersAddValidator,
  createUser
)

usersRouter.post('/register',
  ensureUserRegistrationAllowed,
  usersRegisterValidator,
  registerUser
)

usersRouter.put('/me',
  authenticate,
  usersUpdateMeValidator,
  updateMe
)

usersRouter.put('/:id',
  authenticate,
  ensureIsAdmin,
  usersUpdateValidator,
  updateUser
)

usersRouter.delete('/:id',
  authenticate,
  ensureIsAdmin,
  usersRemoveValidator,
  removeUser
)

usersRouter.post('/token', token, success)
// TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route

// ---------------------------------------------------------------------------

export {
  usersRouter
}

// ---------------------------------------------------------------------------

function createUser (req: express.Request, res: express.Response, next: express.NextFunction) {
  const body: UserCreate = req.body

  const user = db.User.build({
    username: body.username,
    password: body.password,
    email: body.email,
    displayNSFW: false,
    role: USER_ROLES.USER,
    videoQuota: body.videoQuota
  })

  user.save()
    .then(() => res.type('json').status(204).end())
    .catch(err => next(err))
}

function registerUser (req: express.Request, res: express.Response, next: express.NextFunction) {
  const body: UserCreate = req.body

  const user = db.User.build({
    username: body.username,
    password: body.password,
    email: body.email,
    displayNSFW: false,
    role: USER_ROLES.USER,
    videoQuota: CONFIG.USER.VIDEO_QUOTA
  })

  user.save()
    .then(() => res.type('json').status(204).end())
    .catch(err => next(err))
}

function getUserInformation (req: express.Request, res: express.Response, next: express.NextFunction) {
  db.User.loadByUsername(res.locals.oauth.token.user.username)
    .then(user => res.json(user.toFormattedJSON()))
    .catch(err => next(err))
}

function getUser (req: express.Request, res: express.Response, next: express.NextFunction) {
  return res.json(res.locals.user.toFormattedJSON())
}

function getUserVideoRating (req: express.Request, res: express.Response, next: express.NextFunction) {
  const videoId = +req.params.videoId
  const userId = +res.locals.oauth.token.User.id

  db.UserVideoRate.load(userId, videoId, null)
    .then(ratingObj => {
      const rating = ratingObj ? ratingObj.type : 'none'
      const json: FormattedUserVideoRate = {
        videoId,
        rating
      }
      res.json(json)
    })
    .catch(err => next(err))
}

function listUsers (req: express.Request, res: express.Response, next: express.NextFunction) {
  db.User.listForApi(req.query.start, req.query.count, req.query.sort)
    .then(resultList => {
      res.json(getFormattedObjects(resultList.data, resultList.total))
    })
    .catch(err => next(err))
}

function removeUser (req: express.Request, res: express.Response, next: express.NextFunction) {
  db.User.loadById(req.params.id)
    .then(user => user.destroy())
    .then(() => res.sendStatus(204))
    .catch(err => {
      logger.error('Errors when removed the user.', err)
      return next(err)
    })
}

function updateMe (req: express.Request, res: express.Response, next: express.NextFunction) {
  const body: UserUpdateMe = req.body

  // FIXME: user is not already a Sequelize instance?
  db.User.loadByUsername(res.locals.oauth.token.user.username)
    .then(user => {
      if (body.password !== undefined) user.password = body.password
      if (body.email !== undefined) user.email = body.email
      if (body.displayNSFW !== undefined) user.displayNSFW = body.displayNSFW

      return user.save()
    })
    .then(() => res.sendStatus(204))
    .catch(err => next(err))
}

function updateUser (req: express.Request, res: express.Response, next: express.NextFunction) {
  const body: UserUpdate = req.body
  const user: UserInstance = res.locals.user

  if (body.email !== undefined) user.email = body.email
  if (body.videoQuota !== undefined) user.videoQuota = body.videoQuota

  return user.save()
    .then(() => res.sendStatus(204))
    .catch(err => next(err))
}

function success (req: express.Request, res: express.Response, next: express.NextFunction) {
  res.end()
}
Commit	Line	Data
	1	import * as express from 'express'
	2
	3	import { database as db } from '../../initializers/database'
	4	import { USER_ROLES, CONFIG } from '../../initializers'
	5	import { logger, getFormattedObjects } from '../../helpers'
	6	import {
	7	authenticate,
	8	ensureIsAdmin,
	9	ensureUserRegistrationAllowed,
	10	usersAddValidator,
	11	usersRegisterValidator,
	12	usersUpdateValidator,
	13	usersUpdateMeValidator,
	14	usersRemoveValidator,
	15	usersVideoRatingValidator,
	16	usersGetValidator,
	17	paginationValidator,
	18	setPagination,
	19	usersSortValidator,
	20	setUsersSort,
	21	token
	22	} from '../../middlewares'
	23	import {
	24	UserVideoRate as FormattedUserVideoRate,
	25	UserCreate,
	26	UserUpdate,
	27	UserUpdateMe
	28	} from '../../../shared'
	29	import { UserInstance } from '../../models'
	30
	31	const usersRouter = express.Router()
	32
	33	usersRouter.get('/me',
	34	authenticate,
	35	getUserInformation
	36	)
	37
	38	usersRouter.get('/me/videos/:videoId/rating',
	39	authenticate,
	40	usersVideoRatingValidator,
	41	getUserVideoRating
	42	)
	43
	44	usersRouter.get('/',
	45	paginationValidator,
	46	usersSortValidator,
	47	setUsersSort,
	48	setPagination,
	49	listUsers
	50	)
	51
	52	usersRouter.get('/:id',
	53	usersGetValidator,
	54	getUser
	55	)
	56
	57	usersRouter.post('/',
	58	authenticate,
	59	ensureIsAdmin,
	60	usersAddValidator,
	61	createUser
	62	)
	63
	64	usersRouter.post('/register',
	65	ensureUserRegistrationAllowed,
	66	usersRegisterValidator,
	67	registerUser
	68	)
	69
	70	usersRouter.put('/me',
	71	authenticate,
	72	usersUpdateMeValidator,
	73	updateMe
	74	)
	75
	76	usersRouter.put('/:id',
	77	authenticate,
	78	ensureIsAdmin,
	79	usersUpdateValidator,
	80	updateUser
	81	)
	82
	83	usersRouter.delete('/:id',
	84	authenticate,
	85	ensureIsAdmin,
	86	usersRemoveValidator,
	87	removeUser
	88	)
	89
	90	usersRouter.post('/token', token, success)
	91	// TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route
	92
	93	// ---------------------------------------------------------------------------
	94
	95	export {
	96	usersRouter
	97	}
	98
	99	// ---------------------------------------------------------------------------
	100
	101	function createUser (req: express.Request, res: express.Response, next: express.NextFunction) {
	102	const body: UserCreate = req.body
	103
	104	const user = db.User.build({
	105	username: body.username,
	106	password: body.password,
	107	email: body.email,
	108	displayNSFW: false,
	109	role: USER_ROLES.USER,
	110	videoQuota: body.videoQuota
	111	})
	112
	113	user.save()
	114	.then(() => res.type('json').status(204).end())
	115	.catch(err => next(err))
	116	}
	117
	118	function registerUser (req: express.Request, res: express.Response, next: express.NextFunction) {
	119	const body: UserCreate = req.body
	120
	121	const user = db.User.build({
	122	username: body.username,
	123	password: body.password,
	124	email: body.email,
	125	displayNSFW: false,
	126	role: USER_ROLES.USER,
	127	videoQuota: CONFIG.USER.VIDEO_QUOTA
	128	})
	129
	130	user.save()
	131	.then(() => res.type('json').status(204).end())
	132	.catch(err => next(err))
	133	}
	134
	135	function getUserInformation (req: express.Request, res: express.Response, next: express.NextFunction) {
	136	db.User.loadByUsername(res.locals.oauth.token.user.username)
	137	.then(user => res.json(user.toFormattedJSON()))
	138	.catch(err => next(err))
	139	}
	140
	141	function getUser (req: express.Request, res: express.Response, next: express.NextFunction) {
	142	return res.json(res.locals.user.toFormattedJSON())
	143	}
	144
	145	function getUserVideoRating (req: express.Request, res: express.Response, next: express.NextFunction) {
	146	const videoId = +req.params.videoId
	147	const userId = +res.locals.oauth.token.User.id
	148
	149	db.UserVideoRate.load(userId, videoId, null)
	150	.then(ratingObj => {
	151	const rating = ratingObj ? ratingObj.type : 'none'
	152	const json: FormattedUserVideoRate = {
	153	videoId,
	154	rating
	155	}
	156	res.json(json)
	157	})
	158	.catch(err => next(err))
	159	}
	160
	161	function listUsers (req: express.Request, res: express.Response, next: express.NextFunction) {
	162	db.User.listForApi(req.query.start, req.query.count, req.query.sort)
	163	.then(resultList => {
	164	res.json(getFormattedObjects(resultList.data, resultList.total))
	165	})
	166	.catch(err => next(err))
	167	}
	168
	169	function removeUser (req: express.Request, res: express.Response, next: express.NextFunction) {
	170	db.User.loadById(req.params.id)
	171	.then(user => user.destroy())
	172	.then(() => res.sendStatus(204))
	173	.catch(err => {
	174	logger.error('Errors when removed the user.', err)
	175	return next(err)
	176	})
	177	}
	178
	179	function updateMe (req: express.Request, res: express.Response, next: express.NextFunction) {
	180	const body: UserUpdateMe = req.body
	181
	182	// FIXME: user is not already a Sequelize instance?
	183	db.User.loadByUsername(res.locals.oauth.token.user.username)
	184	.then(user => {
	185	if (body.password !== undefined) user.password = body.password
	186	if (body.email !== undefined) user.email = body.email
	187	if (body.displayNSFW !== undefined) user.displayNSFW = body.displayNSFW
	188
	189	return user.save()
	190	})
	191	.then(() => res.sendStatus(204))
	192	.catch(err => next(err))
	193	}
	194
	195	function updateUser (req: express.Request, res: express.Response, next: express.NextFunction) {
	196	const body: UserUpdate = req.body
	197	const user: UserInstance = res.locals.user
	198
	199	if (body.email !== undefined) user.email = body.email
	200	if (body.videoQuota !== undefined) user.videoQuota = body.videoQuota
	201
	202	return user.save()
	203	.then(() => res.sendStatus(204))
	204	.catch(err => next(err))
	205	}
	206
	207	function success (req: express.Request, res: express.Response, next: express.NextFunction) {
	208	res.end()
	209	}