| | 1 | import * as express from 'express' |
| | 2 | |
| | 3 | import { database as db, CONFIG } from '../../initializers' |
| | 4 | import { logger, getFormattedObjects, retryTransactionWrapper } from '../../helpers' |
| | 5 | import { |
| | 6 | authenticate, |
| | 7 | ensureUserHasRight, |
| | 8 | ensureUserRegistrationAllowed, |
| | 9 | usersAddValidator, |
| | 10 | usersRegisterValidator, |
| | 11 | usersUpdateValidator, |
| | 12 | usersUpdateMeValidator, |
| | 13 | usersRemoveValidator, |
| | 14 | usersVideoRatingValidator, |
| | 15 | usersGetValidator, |
| | 16 | paginationValidator, |
| | 17 | setPagination, |
| | 18 | usersSortValidator, |
| | 19 | setUsersSort, |
| | 20 | token, |
| | 21 | asyncMiddleware |
| | 22 | } from '../../middlewares' |
| | 23 | import { |
| | 24 | UserVideoRate as FormattedUserVideoRate, |
| | 25 | UserCreate, |
| | 26 | UserUpdate, |
| | 27 | UserUpdateMe, |
| | 28 | UserRole, |
| | 29 | UserRight |
| | 30 | } from '../../../shared' |
| | 31 | import { createUserAuthorAndChannel } from '../../lib' |
| | 32 | import { UserInstance } from '../../models' |
| | 33 | import { videosSortValidator } from '../../middlewares/validators/sort' |
| | 34 | import { setVideosSort } from '../../middlewares/sort' |
| | 35 | |
| | 36 | const usersRouter = express.Router() |
| | 37 | |
| | 38 | usersRouter.get('/me', |
| | 39 | authenticate, |
| | 40 | asyncMiddleware(getUserInformation) |
| | 41 | ) |
| | 42 | |
| | 43 | usersRouter.get('/me/videos', |
| | 44 | authenticate, |
| | 45 | paginationValidator, |
| | 46 | videosSortValidator, |
| | 47 | setVideosSort, |
| | 48 | setPagination, |
| | 49 | asyncMiddleware(getUserVideos) |
| | 50 | ) |
| | 51 | |
| | 52 | usersRouter.get('/me/videos/:videoId/rating', |
| | 53 | authenticate, |
| | 54 | usersVideoRatingValidator, |
| | 55 | asyncMiddleware(getUserVideoRating) |
| | 56 | ) |
| | 57 | |
| | 58 | usersRouter.get('/', |
| | 59 | paginationValidator, |
| | 60 | usersSortValidator, |
| | 61 | setUsersSort, |
| | 62 | setPagination, |
| | 63 | asyncMiddleware(listUsers) |
| | 64 | ) |
| | 65 | |
| | 66 | usersRouter.get('/:id', |
| | 67 | usersGetValidator, |
| | 68 | getUser |
| | 69 | ) |
| | 70 | |
| | 71 | usersRouter.post('/', |
| | 72 | authenticate, |
| | 73 | ensureUserHasRight(UserRight.MANAGE_USERS), |
| | 74 | usersAddValidator, |
| | 75 | createUserRetryWrapper |
| | 76 | ) |
| | 77 | |
| | 78 | usersRouter.post('/register', |
| | 79 | ensureUserRegistrationAllowed, |
| | 80 | usersRegisterValidator, |
| | 81 | asyncMiddleware(registerUser) |
| | 82 | ) |
| | 83 | |
| | 84 | usersRouter.put('/me', |
| | 85 | authenticate, |
| | 86 | usersUpdateMeValidator, |
| | 87 | asyncMiddleware(updateMe) |
| | 88 | ) |
| | 89 | |
| | 90 | usersRouter.put('/:id', |
| | 91 | authenticate, |
| | 92 | ensureUserHasRight(UserRight.MANAGE_USERS), |
| | 93 | usersUpdateValidator, |
| | 94 | asyncMiddleware(updateUser) |
| | 95 | ) |
| | 96 | |
| | 97 | usersRouter.delete('/:id', |
| | 98 | authenticate, |
| | 99 | ensureUserHasRight(UserRight.MANAGE_USERS), |
| | 100 | usersRemoveValidator, |
| | 101 | asyncMiddleware(removeUser) |
| | 102 | ) |
| | 103 | |
| | 104 | usersRouter.post('/token', token, success) |
| | 105 | // TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route |
| | 106 | |
| | 107 | // --------------------------------------------------------------------------- |
| | 108 | |
| | 109 | export { |
| | 110 | usersRouter |
| | 111 | } |
| | 112 | |
| | 113 | // --------------------------------------------------------------------------- |
| | 114 | |
| | 115 | async function getUserVideos (req: express.Request, res: express.Response, next: express.NextFunction) { |
| | 116 | const user = res.locals.oauth.token.User |
| | 117 | const resultList = await db.Video.listUserVideosForApi(user.id ,req.query.start, req.query.count, req.query.sort) |
| | 118 | |
| | 119 | return res.json(getFormattedObjects(resultList.data, resultList.total)) |
| | 120 | } |
| | 121 | |
| | 122 | async function createUserRetryWrapper (req: express.Request, res: express.Response, next: express.NextFunction) { |
| | 123 | const options = { |
| | 124 | arguments: [ req, res ], |
| | 125 | errorMessage: 'Cannot insert the user with many retries.' |
| | 126 | } |
| | 127 | |
| | 128 | await retryTransactionWrapper(createUser, options) |
| | 129 | |
| | 130 | // TODO : include Location of the new user -> 201 |
| | 131 | return res.type('json').status(204).end() |
| | 132 | } |
| | 133 | |
| | 134 | async function createUser (req: express.Request, res: express.Response, next: express.NextFunction) { |
| | 135 | const body: UserCreate = req.body |
| | 136 | const user = db.User.build({ |
| | 137 | username: body.username, |
| | 138 | password: body.password, |
| | 139 | email: body.email, |
| | 140 | displayNSFW: false, |
| | 141 | role: body.role, |
| | 142 | videoQuota: body.videoQuota |
| | 143 | }) |
| | 144 | |
| | 145 | await createUserAuthorAndChannel(user) |
| | 146 | |
| | 147 | logger.info('User %s with its channel and author created.', body.username) |
| | 148 | } |
| | 149 | |
| | 150 | async function registerUser (req: express.Request, res: express.Response, next: express.NextFunction) { |
| | 151 | const body: UserCreate = req.body |
| | 152 | |
| | 153 | const user = db.User.build({ |
| | 154 | username: body.username, |
| | 155 | password: body.password, |
| | 156 | email: body.email, |
| | 157 | displayNSFW: false, |
| | 158 | role: UserRole.USER, |
| | 159 | videoQuota: CONFIG.USER.VIDEO_QUOTA |
| | 160 | }) |
| | 161 | |
| | 162 | await createUserAuthorAndChannel(user) |
| | 163 | return res.type('json').status(204).end() |
| | 164 | } |
| | 165 | |
| | 166 | async function getUserInformation (req: express.Request, res: express.Response, next: express.NextFunction) { |
| | 167 | // We did not load channels in res.locals.user |
| | 168 | const user = await db.User.loadByUsernameAndPopulateChannels(res.locals.oauth.token.user.username) |
| | 169 | |
| | 170 | return res.json(user.toFormattedJSON()) |
| | 171 | } |
| | 172 | |
| | 173 | function getUser (req: express.Request, res: express.Response, next: express.NextFunction) { |
| | 174 | return res.json(res.locals.user.toFormattedJSON()) |
| | 175 | } |
| | 176 | |
| | 177 | async function getUserVideoRating (req: express.Request, res: express.Response, next: express.NextFunction) { |
| | 178 | const videoId = +req.params.videoId |
| | 179 | const userId = +res.locals.oauth.token.User.id |
| | 180 | |
| | 181 | const ratingObj = await db.UserVideoRate.load(userId, videoId, null) |
| | 182 | const rating = ratingObj ? ratingObj.type : 'none' |
| | 183 | |
| | 184 | const json: FormattedUserVideoRate = { |
| | 185 | videoId, |
| | 186 | rating |
| | 187 | } |
| | 188 | res.json(json) |
| | 189 | } |
| | 190 | |
| | 191 | async function listUsers (req: express.Request, res: express.Response, next: express.NextFunction) { |
| | 192 | const resultList = await db.User.listForApi(req.query.start, req.query.count, req.query.sort) |
| | 193 | |
| | 194 | return res.json(getFormattedObjects(resultList.data, resultList.total)) |
| | 195 | } |
| | 196 | |
| | 197 | async function removeUser (req: express.Request, res: express.Response, next: express.NextFunction) { |
| | 198 | const user = await db.User.loadById(req.params.id) |
| | 199 | |
| | 200 | await user.destroy() |
| | 201 | |
| | 202 | return res.sendStatus(204) |
| | 203 | } |
| | 204 | |
| | 205 | async function updateMe (req: express.Request, res: express.Response, next: express.NextFunction) { |
| | 206 | const body: UserUpdateMe = req.body |
| | 207 | |
| | 208 | // FIXME: user is not already a Sequelize instance? |
| | 209 | const user = res.locals.oauth.token.user |
| | 210 | |
| | 211 | if (body.password !== undefined) user.password = body.password |
| | 212 | if (body.email !== undefined) user.email = body.email |
| | 213 | if (body.displayNSFW !== undefined) user.displayNSFW = body.displayNSFW |
| | 214 | |
| | 215 | await user.save() |
| | 216 | |
| | 217 | return res.sendStatus(204) |
| | 218 | } |
| | 219 | |
| | 220 | async function updateUser (req: express.Request, res: express.Response, next: express.NextFunction) { |
| | 221 | const body: UserUpdate = req.body |
| | 222 | const user: UserInstance = res.locals.user |
| | 223 | |
| | 224 | if (body.email !== undefined) user.email = body.email |
| | 225 | if (body.videoQuota !== undefined) user.videoQuota = body.videoQuota |
| | 226 | if (body.role !== undefined) user.role = body.role |
| | 227 | |
| | 228 | await user.save() |
| | 229 | |
| | 230 | return res.sendStatus(204) |
| | 231 | } |
| | 232 | |
| | 233 | function success (req: express.Request, res: express.Response, next: express.NextFunction) { |
| | 234 | res.end() |
| | 235 | } |
projects / github / Chocobozzz / PeerTube.git / blame_incremental