server/controllers/api/users.ts

   1 import * as express from 'express'
   2
   3 import { database as db } from '../../initializers/database'
   4 import { USER_ROLES, CONFIG } from '../../initializers'
   5 import { logger, getFormattedObjects } from '../../helpers'
   6 import {
   7   authenticate,
   8   ensureIsAdmin,
   9   ensureUserRegistrationAllowed,
  10   usersAddValidator,
  11   usersUpdateValidator,
  12   usersRemoveValidator,
  13   usersVideoRatingValidator,
  14   paginationValidator,
  15   setPagination,
  16   usersSortValidator,
  17   setUsersSort,
  18   token
  19 } from '../../middlewares'
  20 import { UserVideoRate as FormattedUserVideoRate, UserCreate, UserUpdate } from '../../../shared'
  21
  22 const usersRouter = express.Router()
  23
  24 usersRouter.get('/me',
  25   authenticate,
  26   getUserInformation
  27 )
  28
  29 usersRouter.get('/me/videos/:videoId/rating',
  30   authenticate,
  31   usersVideoRatingValidator,
  32   getUserVideoRating
  33 )
  34
  35 usersRouter.get('/',
  36   paginationValidator,
  37   usersSortValidator,
  38   setUsersSort,
  39   setPagination,
  40   listUsers
  41 )
  42
  43 usersRouter.post('/',
  44   authenticate,
  45   ensureIsAdmin,
  46   usersAddValidator,
  47   createUser
  48 )
  49
  50 usersRouter.post('/register',
  51   ensureUserRegistrationAllowed,
  52   usersAddValidator,
  53   createUser
  54 )
  55
  56 usersRouter.put('/:id',
  57   authenticate,
  58   usersUpdateValidator,
  59   updateUser
  60 )
  61
  62 usersRouter.delete('/:id',
  63   authenticate,
  64   ensureIsAdmin,
  65   usersRemoveValidator,
  66   removeUser
  67 )
  68
  69 usersRouter.post('/token', token, success)
  70 // TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route
  71
  72 // ---------------------------------------------------------------------------
  73
  74 export {
  75   usersRouter
  76 }
  77
  78 // ---------------------------------------------------------------------------
  79
  80 function createUser (req: express.Request, res: express.Response, next: express.NextFunction) {
  81   const body: UserCreate = req.body
  82
  83   // On registration, we set the user video quota
  84   if (body.videoQuota === undefined) {
  85     body.videoQuota = CONFIG.USER.VIDEO_QUOTA
  86   }
  87
  88   const user = db.User.build({
  89     username: body.username,
  90     password: body.password,
  91     email: body.email,
  92     displayNSFW: false,
  93     role: USER_ROLES.USER,
  94     videoQuota: body.videoQuota
  95   })
  96
  97   user.save()
  98     .then(() => res.type('json').status(204).end())
  99     .catch(err => next(err))
 100 }
 101
 102 function getUserInformation (req: express.Request, res: express.Response, next: express.NextFunction) {
 103   db.User.loadByUsername(res.locals.oauth.token.user.username)
 104     .then(user => res.json(user.toFormattedJSON()))
 105     .catch(err => next(err))
 106 }
 107
 108 function getUserVideoRating (req: express.Request, res: express.Response, next: express.NextFunction) {
 109   const videoId = +req.params.videoId
 110   const userId = +res.locals.oauth.token.User.id
 111
 112   db.UserVideoRate.load(userId, videoId, null)
 113     .then(ratingObj => {
 114       const rating = ratingObj ? ratingObj.type : 'none'
 115       const json: FormattedUserVideoRate = {
 116         videoId,
 117         rating
 118       }
 119       res.json(json)
 120     })
 121     .catch(err => next(err))
 122 }
 123
 124 function listUsers (req: express.Request, res: express.Response, next: express.NextFunction) {
 125   db.User.listForApi(req.query.start, req.query.count, req.query.sort)
 126     .then(resultList => {
 127       res.json(getFormattedObjects(resultList.data, resultList.total))
 128     })
 129     .catch(err => next(err))
 130 }
 131
 132 function removeUser (req: express.Request, res: express.Response, next: express.NextFunction) {
 133   db.User.loadById(req.params.id)
 134     .then(user => user.destroy())
 135     .then(() => res.sendStatus(204))
 136     .catch(err => {
 137       logger.error('Errors when removed the user.', err)
 138       return next(err)
 139     })
 140 }
 141
 142 function updateUser (req: express.Request, res: express.Response, next: express.NextFunction) {
 143   const body: UserUpdate = req.body
 144
 145   db.User.loadByUsername(res.locals.oauth.token.user.username)
 146     .then(user => {
 147       if (body.password) user.password = body.password
 148       if (body.displayNSFW !== undefined) user.displayNSFW = body.displayNSFW
 149       if (body.videoQuota !== undefined) user.videoQuota = body.videoQuota
 150
 151       return user.save()
 152     })
 153     .then(() => res.sendStatus(204))
 154     .catch(err => next(err))
 155 }
 156
 157 function success (req: express.Request, res: express.Response, next: express.NextFunction) {
 158   res.end()
 159 }