]>
Commit | Line | Data |
---|---|---|
1 | import * as express from 'express' | |
2 | ||
3 | import { database as db } from '../../initializers/database' | |
4 | import { USER_ROLES, CONFIG } from '../../initializers' | |
5 | import { logger, getFormattedObjects } from '../../helpers' | |
6 | import { | |
7 | authenticate, | |
8 | ensureIsAdmin, | |
9 | ensureUserRegistrationAllowed, | |
10 | usersAddValidator, | |
11 | usersRegisterValidator, | |
12 | usersUpdateValidator, | |
13 | usersUpdateMeValidator, | |
14 | usersRemoveValidator, | |
15 | usersVideoRatingValidator, | |
16 | usersGetValidator, | |
17 | paginationValidator, | |
18 | setPagination, | |
19 | usersSortValidator, | |
20 | setUsersSort, | |
21 | token | |
22 | } from '../../middlewares' | |
23 | import { | |
24 | UserVideoRate as FormattedUserVideoRate, | |
25 | UserCreate, | |
26 | UserUpdate, | |
27 | UserUpdateMe | |
28 | } from '../../../shared' | |
29 | import { UserInstance } from '../../models' | |
30 | ||
31 | const usersRouter = express.Router() | |
32 | ||
33 | usersRouter.get('/me', | |
34 | authenticate, | |
35 | getUserInformation | |
36 | ) | |
37 | ||
38 | usersRouter.get('/me/videos/:videoId/rating', | |
39 | authenticate, | |
40 | usersVideoRatingValidator, | |
41 | getUserVideoRating | |
42 | ) | |
43 | ||
44 | usersRouter.get('/', | |
45 | paginationValidator, | |
46 | usersSortValidator, | |
47 | setUsersSort, | |
48 | setPagination, | |
49 | listUsers | |
50 | ) | |
51 | ||
52 | usersRouter.get('/:id', | |
53 | usersGetValidator, | |
54 | getUser | |
55 | ) | |
56 | ||
57 | usersRouter.post('/', | |
58 | authenticate, | |
59 | ensureIsAdmin, | |
60 | usersAddValidator, | |
61 | createUser | |
62 | ) | |
63 | ||
64 | usersRouter.post('/register', | |
65 | ensureUserRegistrationAllowed, | |
66 | usersRegisterValidator, | |
67 | registerUser | |
68 | ) | |
69 | ||
70 | usersRouter.put('/me', | |
71 | authenticate, | |
72 | usersUpdateMeValidator, | |
73 | updateMe | |
74 | ) | |
75 | ||
76 | usersRouter.put('/:id', | |
77 | authenticate, | |
78 | ensureIsAdmin, | |
79 | usersUpdateValidator, | |
80 | updateUser | |
81 | ) | |
82 | ||
83 | usersRouter.delete('/:id', | |
84 | authenticate, | |
85 | ensureIsAdmin, | |
86 | usersRemoveValidator, | |
87 | removeUser | |
88 | ) | |
89 | ||
90 | usersRouter.post('/token', token, success) | |
91 | // TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route | |
92 | ||
93 | // --------------------------------------------------------------------------- | |
94 | ||
95 | export { | |
96 | usersRouter | |
97 | } | |
98 | ||
99 | // --------------------------------------------------------------------------- | |
100 | ||
101 | function createUser (req: express.Request, res: express.Response, next: express.NextFunction) { | |
102 | const body: UserCreate = req.body | |
103 | ||
104 | const user = db.User.build({ | |
105 | username: body.username, | |
106 | password: body.password, | |
107 | email: body.email, | |
108 | displayNSFW: false, | |
109 | role: USER_ROLES.USER, | |
110 | videoQuota: body.videoQuota | |
111 | }) | |
112 | ||
113 | user.save() | |
114 | .then(() => res.type('json').status(204).end()) | |
115 | .catch(err => next(err)) | |
116 | } | |
117 | ||
118 | function registerUser (req: express.Request, res: express.Response, next: express.NextFunction) { | |
119 | const body: UserCreate = req.body | |
120 | ||
121 | const user = db.User.build({ | |
122 | username: body.username, | |
123 | password: body.password, | |
124 | email: body.email, | |
125 | displayNSFW: false, | |
126 | role: USER_ROLES.USER, | |
127 | videoQuota: CONFIG.USER.VIDEO_QUOTA | |
128 | }) | |
129 | ||
130 | user.save() | |
131 | .then(() => res.type('json').status(204).end()) | |
132 | .catch(err => next(err)) | |
133 | } | |
134 | ||
135 | function getUserInformation (req: express.Request, res: express.Response, next: express.NextFunction) { | |
136 | db.User.loadByUsername(res.locals.oauth.token.user.username) | |
137 | .then(user => res.json(user.toFormattedJSON())) | |
138 | .catch(err => next(err)) | |
139 | } | |
140 | ||
141 | function getUser (req: express.Request, res: express.Response, next: express.NextFunction) { | |
142 | return res.json(res.locals.user.toFormattedJSON()) | |
143 | } | |
144 | ||
145 | function getUserVideoRating (req: express.Request, res: express.Response, next: express.NextFunction) { | |
146 | const videoId = +req.params.videoId | |
147 | const userId = +res.locals.oauth.token.User.id | |
148 | ||
149 | db.UserVideoRate.load(userId, videoId, null) | |
150 | .then(ratingObj => { | |
151 | const rating = ratingObj ? ratingObj.type : 'none' | |
152 | const json: FormattedUserVideoRate = { | |
153 | videoId, | |
154 | rating | |
155 | } | |
156 | res.json(json) | |
157 | }) | |
158 | .catch(err => next(err)) | |
159 | } | |
160 | ||
161 | function listUsers (req: express.Request, res: express.Response, next: express.NextFunction) { | |
162 | db.User.listForApi(req.query.start, req.query.count, req.query.sort) | |
163 | .then(resultList => { | |
164 | res.json(getFormattedObjects(resultList.data, resultList.total)) | |
165 | }) | |
166 | .catch(err => next(err)) | |
167 | } | |
168 | ||
169 | function removeUser (req: express.Request, res: express.Response, next: express.NextFunction) { | |
170 | db.User.loadById(req.params.id) | |
171 | .then(user => user.destroy()) | |
172 | .then(() => res.sendStatus(204)) | |
173 | .catch(err => { | |
174 | logger.error('Errors when removed the user.', err) | |
175 | return next(err) | |
176 | }) | |
177 | } | |
178 | ||
179 | function updateMe (req: express.Request, res: express.Response, next: express.NextFunction) { | |
180 | const body: UserUpdateMe = req.body | |
181 | ||
182 | // FIXME: user is not already a Sequelize instance? | |
183 | db.User.loadByUsername(res.locals.oauth.token.user.username) | |
184 | .then(user => { | |
185 | if (body.password !== undefined) user.password = body.password | |
186 | if (body.email !== undefined) user.email = body.email | |
187 | if (body.displayNSFW !== undefined) user.displayNSFW = body.displayNSFW | |
188 | ||
189 | return user.save() | |
190 | }) | |
191 | .then(() => res.sendStatus(204)) | |
192 | .catch(err => next(err)) | |
193 | } | |
194 | ||
195 | function updateUser (req: express.Request, res: express.Response, next: express.NextFunction) { | |
196 | const body: UserUpdate = req.body | |
197 | const user: UserInstance = res.locals.user | |
198 | ||
199 | if (body.email !== undefined) user.email = body.email | |
200 | if (body.videoQuota !== undefined) user.videoQuota = body.videoQuota | |
201 | ||
202 | return user.save() | |
203 | .then(() => res.sendStatus(204)) | |
204 | .catch(err => next(err)) | |
205 | } | |
206 | ||
207 | function success (req: express.Request, res: express.Response, next: express.NextFunction) { | |
208 | res.end() | |
209 | } |