Add user update for admins

[github/Chocobozzz/PeerTube.git] / server / controllers / api / users.ts

diff --git a/server/controllers/api/users.ts b/server/controllers/api/users.ts
index 6e0bb474a4677df3a63cbcb077e5b0c1ef2376e9..6922661ae5ff578d5bf1dff686c996e50149e75c 100644 (file)
--- a/server/controllers/api/users.ts
+++ b/server/controllers/api/users.ts
@@ -1,23 +1,30 @@
 import * as express from 'express'
 
 import { database as db } from '../../initializers/database'
-import { USER_ROLES } from '../../initializers'
-import { logger, getFormatedObjects } from '../../helpers'
+import { USER_ROLES, CONFIG } from '../../initializers'
+import { logger, getFormattedObjects } from '../../helpers'
 import {
   authenticate,
   ensureIsAdmin,
-  ensureUserRegistrationEnabled,
+  ensureUserRegistrationAllowed,
   usersAddValidator,
   usersUpdateValidator,
+  usersUpdateMeValidator,
   usersRemoveValidator,
   usersVideoRatingValidator,
+  usersGetValidator,
   paginationValidator,
   setPagination,
   usersSortValidator,
   setUsersSort,
   token
 } from '../../middlewares'
-import { UserVideoRate as FormatedUserVideoRate } from '../../../shared'
+import {
+  UserVideoRate as FormattedUserVideoRate,
+  UserCreate,
+  UserUpdate,
+  UserUpdateMe
+} from '../../../shared'
 
 const usersRouter = express.Router()
 
@@ -40,6 +47,11 @@ usersRouter.get('/',
   listUsers
 )
 
+usersRouter.get('/:id',
+  usersGetValidator,
+  getUser
+)
+
 usersRouter.post('/',
   authenticate,
   ensureIsAdmin,
@@ -48,13 +60,20 @@ usersRouter.post('/',
 )
 
 usersRouter.post('/register',
-  ensureUserRegistrationEnabled,
+  ensureUserRegistrationAllowed,
   usersAddValidator,
   createUser
 )
 
+usersRouter.put('/me',
+  authenticate,
+  usersUpdateMeValidator,
+  updateMe
+)
+
 usersRouter.put('/:id',
   authenticate,
+  ensureIsAdmin,
   usersUpdateValidator,
   updateUser
 )
@@ -78,12 +97,20 @@ export {
 // ---------------------------------------------------------------------------
 
 function createUser (req: express.Request, res: express.Response, next: express.NextFunction) {
+  const body: UserCreate = req.body
+
+  // On registration, we set the user video quota
+  if (body.videoQuota === undefined) {
+    body.videoQuota = CONFIG.USER.VIDEO_QUOTA
+  }
+
   const user = db.User.build({
-    username: req.body.username,
-    password: req.body.password,
-    email: req.body.email,
+    username: body.username,
+    password: body.password,
+    email: body.email,
     displayNSFW: false,
-    role: USER_ROLES.USER
+    role: USER_ROLES.USER,
+    videoQuota: body.videoQuota
   })
 
   user.save()
@@ -93,18 +120,22 @@ function createUser (req: express.Request, res: express.Response, next: express.
 
 function getUserInformation (req: express.Request, res: express.Response, next: express.NextFunction) {
   db.User.loadByUsername(res.locals.oauth.token.user.username)
-    .then(user => res.json(user.toFormatedJSON()))
+    .then(user => res.json(user.toFormattedJSON()))
     .catch(err => next(err))
 }
 
+function getUser (req: express.Request, res: express.Response, next: express.NextFunction) {
+  return res.json(res.locals.user.toFormattedJSON())
+}
+
 function getUserVideoRating (req: express.Request, res: express.Response, next: express.NextFunction) {
-  const videoId = '' + req.params.videoId
+  const videoId = +req.params.videoId
   const userId = +res.locals.oauth.token.User.id
 
   db.UserVideoRate.load(userId, videoId, null)
     .then(ratingObj => {
       const rating = ratingObj ? ratingObj.type : 'none'
-      const json: FormatedUserVideoRate = {
+      const json: FormattedUserVideoRate = {
         videoId,
         rating
       }
@@ -116,7 +147,7 @@ function getUserVideoRating (req: express.Request, res: express.Response, next:
 function listUsers (req: express.Request, res: express.Response, next: express.NextFunction) {
   db.User.listForApi(req.query.start, req.query.count, req.query.sort)
     .then(resultList => {
-      res.json(getFormatedObjects(resultList.data, resultList.total))
+      res.json(getFormattedObjects(resultList.data, resultList.total))
     })
     .catch(err => next(err))
 }
@@ -126,16 +157,20 @@ function removeUser (req: express.Request, res: express.Response, next: express.
     .then(user => user.destroy())
     .then(() => res.sendStatus(204))
     .catch(err => {
-      logger.error('Errors when removed the user.', { error: err })
+      logger.error('Errors when removed the user.', err)
       return next(err)
     })
 }
 
-function updateUser (req: express.Request, res: express.Response, next: express.NextFunction) {
+function updateMe (req: express.Request, res: express.Response, next: express.NextFunction) {
+  const body: UserUpdateMe = req.body
+
+  // FIXME: user is not already a Sequelize instance?
   db.User.loadByUsername(res.locals.oauth.token.user.username)
     .then(user => {
-      if (req.body.password) user.password = req.body.password
-      if (req.body.displayNSFW !== undefined) user.displayNSFW = req.body.displayNSFW
+      if (body.password !== undefined) user.password = body.password
+      if (body.email !== undefined) user.email = body.email
+      if (body.displayNSFW !== undefined) user.displayNSFW = body.displayNSFW
 
       return user.save()
     })
@@ -143,6 +178,18 @@ function updateUser (req: express.Request, res: express.Response, next: express.
     .catch(err => next(err))
 }
 
+function updateUser (req: express.Request, res: express.Response, next: express.NextFunction) {
+  const body: UserUpdate = req.body
+  const user = res.locals.user
+
+  if (body.email !== undefined) user.email = body.email
+  if (body.videoQuota !== undefined) user.videoQuota = body.videoQuota
+
+  return user.save()
+    .then(() => res.sendStatus(204))
+    .catch(err => next(err))
+}
+
 function success (req: express.Request, res: express.Response, next: express.NextFunction) {
   res.end()
 }