1 import * as express from 'express'
3 import { database as db } from '../../initializers/database'
4 import { USER_ROLES, CONFIG } from '../../initializers'
5 import { logger, getFormattedObjects } from '../../helpers'
9 ensureUserRegistrationAllowed,
12 usersUpdateMeValidator,
14 usersVideoRatingValidator,
21 } from '../../middlewares'
23 UserVideoRate as FormattedUserVideoRate,
27 } from '../../../shared'
29 const usersRouter = express.Router()
31 usersRouter.get('/me',
36 usersRouter.get('/me/videos/:videoId/rating',
38 usersVideoRatingValidator,
50 usersRouter.get('/:id',
62 usersRouter.post('/register',
63 ensureUserRegistrationAllowed,
68 usersRouter.put('/me',
70 usersUpdateMeValidator,
74 usersRouter.put('/:id',
81 usersRouter.delete('/:id',
88 usersRouter.post('/token', token, success)
89 // TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route
91 // ---------------------------------------------------------------------------
97 // ---------------------------------------------------------------------------
99 function createUser (req: express.Request, res: express.Response, next: express.NextFunction) {
100 const body: UserCreate = req.body
102 // On registration, we set the user video quota
103 if (body.videoQuota === undefined) {
104 body.videoQuota = CONFIG.USER.VIDEO_QUOTA
107 const user = db.User.build({
108 username: body.username,
109 password: body.password,
112 role: USER_ROLES.USER,
113 videoQuota: body.videoQuota
117 .then(() => res.type('json').status(204).end())
118 .catch(err => next(err))
121 function getUserInformation (req: express.Request, res: express.Response, next: express.NextFunction) {
122 db.User.loadByUsername(res.locals.oauth.token.user.username)
123 .then(user => res.json(user.toFormattedJSON()))
124 .catch(err => next(err))
127 function getUser (req: express.Request, res: express.Response, next: express.NextFunction) {
128 return res.json(res.locals.user.toFormattedJSON())
131 function getUserVideoRating (req: express.Request, res: express.Response, next: express.NextFunction) {
132 const videoId = +req.params.videoId
133 const userId = +res.locals.oauth.token.User.id
135 db.UserVideoRate.load(userId, videoId, null)
137 const rating = ratingObj ? ratingObj.type : 'none'
138 const json: FormattedUserVideoRate = {
144 .catch(err => next(err))
147 function listUsers (req: express.Request, res: express.Response, next: express.NextFunction) {
148 db.User.listForApi(req.query.start, req.query.count, req.query.sort)
149 .then(resultList => {
150 res.json(getFormattedObjects(resultList.data, resultList.total))
152 .catch(err => next(err))
155 function removeUser (req: express.Request, res: express.Response, next: express.NextFunction) {
156 db.User.loadById(req.params.id)
157 .then(user => user.destroy())
158 .then(() => res.sendStatus(204))
160 logger.error('Errors when removed the user.', err)
165 function updateMe (req: express.Request, res: express.Response, next: express.NextFunction) {
166 const body: UserUpdateMe = req.body
168 // FIXME: user is not already a Sequelize instance?
169 db.User.loadByUsername(res.locals.oauth.token.user.username)
171 if (body.password !== undefined) user.password = body.password
172 if (body.email !== undefined) user.email = body.email
173 if (body.displayNSFW !== undefined) user.displayNSFW = body.displayNSFW
177 .then(() => res.sendStatus(204))
178 .catch(err => next(err))
181 function updateUser (req: express.Request, res: express.Response, next: express.NextFunction) {
182 const body: UserUpdate = req.body
183 const user = res.locals.user
185 if (body.email !== undefined) user.email = body.email
186 if (body.videoQuota !== undefined) user.videoQuota = body.videoQuota
189 .then(() => res.sendStatus(204))
190 .catch(err => next(err))
193 function success (req: express.Request, res: express.Response, next: express.NextFunction) {