Merge branch 'postgresql'

[github/Chocobozzz/PeerTube.git] / server / middlewares / validators / users.js

diff --git a/server/middlewares/validators/users.js b/server/middlewares/validators/users.js
index e540ab0d1f742af95b9022180bacb8a32b2e243f..0629550bcff872df9538fbc0eac4ed58cccc19a0 100644 (file)
--- a/server/middlewares/validators/users.js
+++ b/server/middlewares/validators/users.js
@@ -1,36 +1,42 @@
 'use strict'
 
-const mongoose = require('mongoose')
-
 const checkErrors = require('./utils').checkErrors
+const db = require('../../initializers/database')
 const logger = require('../../helpers/logger')
 
-const User = mongoose.model('User')
-
 const validatorsUsers = {
-  usersAdd: usersAdd,
-  usersRemove: usersRemove,
-  usersUpdate: usersUpdate
+  usersAdd,
+  usersRemove,
+  usersUpdate
 }
 
 function usersAdd (req, res, next) {
   req.checkBody('username', 'Should have a valid username').isUserUsernameValid()
   req.checkBody('password', 'Should have a valid password').isUserPasswordValid()
 
-  // TODO: check we don't have already the same username
-
   logger.debug('Checking usersAdd parameters', { parameters: req.body })
 
-  checkErrors(req, res, next)
+  checkErrors(req, res, function () {
+    db.User.loadByUsername(req.body.username, function (err, user) {
+      if (err) {
+        logger.error('Error in usersAdd request validator.', { error: err })
+        return res.sendStatus(500)
+      }
+
+      if (user) return res.status(409).send('User already exists.')
+
+      next()
+    })
+  })
 }
 
 function usersRemove (req, res, next) {
-  req.checkParams('id', 'Should have a valid id').notEmpty().isMongoId()
+  req.checkParams('id', 'Should have a valid id').notEmpty().isInt()
 
   logger.debug('Checking usersRemove parameters', { parameters: req.params })
 
   checkErrors(req, res, function () {
-    User.loadById(req.params.id, function (err, user) {
+    db.User.loadById(req.params.id, function (err, user) {
       if (err) {
         logger.error('Error in usersRemove request validator.', { error: err })
         return res.sendStatus(500)
@@ -38,13 +44,15 @@ function usersRemove (req, res, next) {
 
       if (!user) return res.status(404).send('User not found')
 
+      if (user.username === 'root') return res.status(400).send('Cannot remove the root user')
+
       next()
     })
   })
 }
 
 function usersUpdate (req, res, next) {
-  req.checkParams('id', 'Should have a valid id').notEmpty().isMongoId()
+  req.checkParams('id', 'Should have a valid id').notEmpty().isInt()
   // Add old password verification
   req.checkBody('password', 'Should have a valid password').isUserPasswordValid()