[github/Chocobozzz/PeerTube.git] / server / controllers / api / users.ts

import * as express from 'express'
import { waterfall } from 'async'

import { database as db } from '../../initializers/database'
import { CONFIG, USER_ROLES } from '../../initializers'
import { logger, getFormatedObjects } from '../../helpers'
import {
  authenticate,
  ensureIsAdmin,
  usersAddValidator,
  usersUpdateValidator,
  usersRemoveValidator,
  usersVideoRatingValidator,
  paginationValidator,
  setPagination,
  usersSortValidator,
  setUsersSort,
  token
} from '../../middlewares'

const usersRouter = express.Router()

usersRouter.get('/me',
  authenticate,
  getUserInformation
)

usersRouter.get('/me/videos/:videoId/rating',
  authenticate,
  usersVideoRatingValidator,
  getUserVideoRating
)

usersRouter.get('/',
  paginationValidator,
  usersSortValidator,
  setUsersSort,
  setPagination,
  listUsers
)

usersRouter.post('/',
  authenticate,
  ensureIsAdmin,
  usersAddValidator,
  createUser
)

usersRouter.post('/register',
  ensureRegistrationEnabled,
  usersAddValidator,
  createUser
)

usersRouter.put('/:id',
  authenticate,
  usersUpdateValidator,
  updateUser
)

usersRouter.delete('/:id',
  authenticate,
  ensureIsAdmin,
  usersRemoveValidator,
  removeUser
)

usersRouter.post('/token', token, success)
// TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route

// ---------------------------------------------------------------------------

export {
  usersRouter
}

// ---------------------------------------------------------------------------

function ensureRegistrationEnabled (req: express.Request, res: express.Response, next: express.NextFunction) {
  const registrationEnabled = CONFIG.SIGNUP.ENABLED

  if (registrationEnabled === true) {
    return next()
  }

  return res.status(400).send('User registration is not enabled.')
}

function createUser (req: express.Request, res: express.Response, next: express.NextFunction) {
  const user = db.User.build({
    username: req.body.username,
    password: req.body.password,
    email: req.body.email,
    displayNSFW: false,
    role: USER_ROLES.USER
  })

  user.save().asCallback(function (err) {
    if (err) return next(err)

    return res.type('json').status(204).end()
  })
}

function getUserInformation (req: express.Request, res: express.Response, next: express.NextFunction) {
  db.User.loadByUsername(res.locals.oauth.token.user.username, function (err, user) {
    if (err) return next(err)

    return res.json(user.toFormatedJSON())
  })
}

function getUserVideoRating (req: express.Request, res: express.Response, next: express.NextFunction) {
  const videoId = '' + req.params.videoId
  const userId = +res.locals.oauth.token.User.id

  db.UserVideoRate.load(userId, videoId, null, function (err, ratingObj) {
    if (err) return next(err)

    const rating = ratingObj ? ratingObj.type : 'none'

    res.json({
      videoId,
      rating
    })
  })
}

function listUsers (req: express.Request, res: express.Response, next: express.NextFunction) {
  db.User.listForApi(req.query.start, req.query.count, req.query.sort, function (err, usersList, usersTotal) {
    if (err) return next(err)

    res.json(getFormatedObjects(usersList, usersTotal))
  })
}

function removeUser (req: express.Request, res: express.Response, next: express.NextFunction) {
  waterfall([
    function loadUser (callback) {
      db.User.loadById(req.params.id, callback)
    },

    function deleteUser (user, callback) {
      user.destroy().asCallback(callback)
    }
  ], function andFinally (err) {
    if (err) {
      logger.error('Errors when removed the user.', { error: err })
      return next(err)
    }

    return res.sendStatus(204)
  })
}

function updateUser (req: express.Request, res: express.Response, next: express.NextFunction) {
  db.User.loadByUsername(res.locals.oauth.token.user.username, function (err, user) {
    if (err) return next(err)

    if (req.body.password) user.password = req.body.password
    if (req.body.displayNSFW !== undefined) user.displayNSFW = req.body.displayNSFW

    user.save().asCallback(function (err) {
      if (err) return next(err)

      return res.sendStatus(204)
    })
  })
}

function success (req: express.Request, res: express.Response, next: express.NextFunction) {
  res.end()
}
Commit	Line	Data
	1	import * as express from 'express'
	2	import { waterfall } from 'async'
	3
	4	import { database as db } from '../../initializers/database'
	5	import { CONFIG, USER_ROLES } from '../../initializers'
	6	import { logger, getFormatedObjects } from '../../helpers'
	7	import {
	8	authenticate,
	9	ensureIsAdmin,
	10	usersAddValidator,
	11	usersUpdateValidator,
	12	usersRemoveValidator,
	13	usersVideoRatingValidator,
	14	paginationValidator,
	15	setPagination,
	16	usersSortValidator,
	17	setUsersSort,
	18	token
	19	} from '../../middlewares'
	20
	21	const usersRouter = express.Router()
	22
	23	usersRouter.get('/me',
	24	authenticate,
	25	getUserInformation
	26	)
	27
	28	usersRouter.get('/me/videos/:videoId/rating',
	29	authenticate,
	30	usersVideoRatingValidator,
	31	getUserVideoRating
	32	)
	33
	34	usersRouter.get('/',
	35	paginationValidator,
	36	usersSortValidator,
	37	setUsersSort,
	38	setPagination,
	39	listUsers
	40	)
	41
	42	usersRouter.post('/',
	43	authenticate,
	44	ensureIsAdmin,
	45	usersAddValidator,
	46	createUser
	47	)
	48
	49	usersRouter.post('/register',
	50	ensureRegistrationEnabled,
	51	usersAddValidator,
	52	createUser
	53	)
	54
	55	usersRouter.put('/:id',
	56	authenticate,
	57	usersUpdateValidator,
	58	updateUser
	59	)
	60
	61	usersRouter.delete('/:id',
	62	authenticate,
	63	ensureIsAdmin,
	64	usersRemoveValidator,
	65	removeUser
	66	)
	67
	68	usersRouter.post('/token', token, success)
	69	// TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route
	70
	71	// ---------------------------------------------------------------------------
	72
	73	export {
	74	usersRouter
	75	}
	76
	77	// ---------------------------------------------------------------------------
	78
	79	function ensureRegistrationEnabled (req: express.Request, res: express.Response, next: express.NextFunction) {
	80	const registrationEnabled = CONFIG.SIGNUP.ENABLED
	81
	82	if (registrationEnabled === true) {
	83	return next()
	84	}
	85
	86	return res.status(400).send('User registration is not enabled.')
	87	}
	88
	89	function createUser (req: express.Request, res: express.Response, next: express.NextFunction) {
	90	const user = db.User.build({
	91	username: req.body.username,
	92	password: req.body.password,
	93	email: req.body.email,
	94	displayNSFW: false,
	95	role: USER_ROLES.USER
	96	})
	97
	98	user.save().asCallback(function (err) {
	99	if (err) return next(err)
	100
	101	return res.type('json').status(204).end()
	102	})
	103	}
	104
	105	function getUserInformation (req: express.Request, res: express.Response, next: express.NextFunction) {
	106	db.User.loadByUsername(res.locals.oauth.token.user.username, function (err, user) {
	107	if (err) return next(err)
	108
	109	return res.json(user.toFormatedJSON())
	110	})
	111	}
	112
	113	function getUserVideoRating (req: express.Request, res: express.Response, next: express.NextFunction) {
	114	const videoId = '' + req.params.videoId
	115	const userId = +res.locals.oauth.token.User.id
	116
	117	db.UserVideoRate.load(userId, videoId, null, function (err, ratingObj) {
	118	if (err) return next(err)
	119
	120	const rating = ratingObj ? ratingObj.type : 'none'
	121
	122	res.json({
	123	videoId,
	124	rating
	125	})
	126	})
	127	}
	128
	129	function listUsers (req: express.Request, res: express.Response, next: express.NextFunction) {
	130	db.User.listForApi(req.query.start, req.query.count, req.query.sort, function (err, usersList, usersTotal) {
	131	if (err) return next(err)
	132
	133	res.json(getFormatedObjects(usersList, usersTotal))
	134	})
	135	}
	136
	137	function removeUser (req: express.Request, res: express.Response, next: express.NextFunction) {
	138	waterfall([
	139	function loadUser (callback) {
	140	db.User.loadById(req.params.id, callback)
	141	},
	142
	143	function deleteUser (user, callback) {
	144	user.destroy().asCallback(callback)
	145	}
	146	], function andFinally (err) {
	147	if (err) {
	148	logger.error('Errors when removed the user.', { error: err })
	149	return next(err)
	150	}
	151
	152	return res.sendStatus(204)
	153	})
	154	}
	155
	156	function updateUser (req: express.Request, res: express.Response, next: express.NextFunction) {
	157	db.User.loadByUsername(res.locals.oauth.token.user.username, function (err, user) {
	158	if (err) return next(err)
	159
	160	if (req.body.password) user.password = req.body.password
	161	if (req.body.displayNSFW !== undefined) user.displayNSFW = req.body.displayNSFW
	162
	163	user.save().asCallback(function (err) {
	164	if (err) return next(err)
	165
	166	return res.sendStatus(204)
	167	})
	168	})
	169	}
	170
	171	function success (req: express.Request, res: express.Response, next: express.NextFunction) {
	172	res.end()
	173	}