diff options
Diffstat (limited to 'server/controllers/api/users.ts')
-rw-r--r-- | server/controllers/api/users.ts | 173 |
1 files changed, 173 insertions, 0 deletions
diff --git a/server/controllers/api/users.ts b/server/controllers/api/users.ts new file mode 100644 index 000000000..981a4706a --- /dev/null +++ b/server/controllers/api/users.ts | |||
@@ -0,0 +1,173 @@ | |||
1 | import express = require('express') | ||
2 | import { waterfall } from 'async' | ||
3 | |||
4 | const db = require('../../initializers/database') | ||
5 | import { CONFIG, USER_ROLES } from '../../initializers' | ||
6 | import { logger, getFormatedObjects } from '../../helpers' | ||
7 | import { | ||
8 | authenticate, | ||
9 | ensureIsAdmin, | ||
10 | usersAddValidator, | ||
11 | usersUpdateValidator, | ||
12 | usersRemoveValidator, | ||
13 | usersVideoRatingValidator, | ||
14 | paginationValidator, | ||
15 | setPagination, | ||
16 | usersSortValidator, | ||
17 | setUsersSort, | ||
18 | token | ||
19 | } from '../../middlewares' | ||
20 | |||
21 | const usersRouter = express.Router() | ||
22 | |||
23 | usersRouter.get('/me', | ||
24 | authenticate, | ||
25 | getUserInformation | ||
26 | ) | ||
27 | |||
28 | usersRouter.get('/me/videos/:videoId/rating', | ||
29 | authenticate, | ||
30 | usersVideoRatingValidator, | ||
31 | getUserVideoRating | ||
32 | ) | ||
33 | |||
34 | usersRouter.get('/', | ||
35 | paginationValidator, | ||
36 | usersSortValidator, | ||
37 | setUsersSort, | ||
38 | setPagination, | ||
39 | listUsers | ||
40 | ) | ||
41 | |||
42 | usersRouter.post('/', | ||
43 | authenticate, | ||
44 | ensureIsAdmin, | ||
45 | usersAddValidator, | ||
46 | createUser | ||
47 | ) | ||
48 | |||
49 | usersRouter.post('/register', | ||
50 | ensureRegistrationEnabled, | ||
51 | usersAddValidator, | ||
52 | createUser | ||
53 | ) | ||
54 | |||
55 | usersRouter.put('/:id', | ||
56 | authenticate, | ||
57 | usersUpdateValidator, | ||
58 | updateUser | ||
59 | ) | ||
60 | |||
61 | usersRouter.delete('/:id', | ||
62 | authenticate, | ||
63 | ensureIsAdmin, | ||
64 | usersRemoveValidator, | ||
65 | removeUser | ||
66 | ) | ||
67 | |||
68 | usersRouter.post('/token', token, success) | ||
69 | // TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route | ||
70 | |||
71 | // --------------------------------------------------------------------------- | ||
72 | |||
73 | export { | ||
74 | usersRouter | ||
75 | } | ||
76 | |||
77 | // --------------------------------------------------------------------------- | ||
78 | |||
79 | function ensureRegistrationEnabled (req, res, next) { | ||
80 | const registrationEnabled = CONFIG.SIGNUP.ENABLED | ||
81 | |||
82 | if (registrationEnabled === true) { | ||
83 | return next() | ||
84 | } | ||
85 | |||
86 | return res.status(400).send('User registration is not enabled.') | ||
87 | } | ||
88 | |||
89 | function createUser (req, res, next) { | ||
90 | const user = db.User.build({ | ||
91 | username: req.body.username, | ||
92 | password: req.body.password, | ||
93 | email: req.body.email, | ||
94 | displayNSFW: false, | ||
95 | role: USER_ROLES.USER | ||
96 | }) | ||
97 | |||
98 | user.save().asCallback(function (err, createdUser) { | ||
99 | if (err) return next(err) | ||
100 | |||
101 | return res.type('json').status(204).end() | ||
102 | }) | ||
103 | } | ||
104 | |||
105 | function getUserInformation (req, res, next) { | ||
106 | db.User.loadByUsername(res.locals.oauth.token.user.username, function (err, user) { | ||
107 | if (err) return next(err) | ||
108 | |||
109 | return res.json(user.toFormatedJSON()) | ||
110 | }) | ||
111 | } | ||
112 | |||
113 | function getUserVideoRating (req, res, next) { | ||
114 | const videoId = req.params.videoId | ||
115 | const userId = res.locals.oauth.token.User.id | ||
116 | |||
117 | db.UserVideoRate.load(userId, videoId, function (err, ratingObj) { | ||
118 | if (err) return next(err) | ||
119 | |||
120 | const rating = ratingObj ? ratingObj.type : 'none' | ||
121 | |||
122 | res.json({ | ||
123 | videoId, | ||
124 | rating | ||
125 | }) | ||
126 | }) | ||
127 | } | ||
128 | |||
129 | function listUsers (req, res, next) { | ||
130 | db.User.listForApi(req.query.start, req.query.count, req.query.sort, function (err, usersList, usersTotal) { | ||
131 | if (err) return next(err) | ||
132 | |||
133 | res.json(getFormatedObjects(usersList, usersTotal)) | ||
134 | }) | ||
135 | } | ||
136 | |||
137 | function removeUser (req, res, next) { | ||
138 | waterfall([ | ||
139 | function loadUser (callback) { | ||
140 | db.User.loadById(req.params.id, callback) | ||
141 | }, | ||
142 | |||
143 | function deleteUser (user, callback) { | ||
144 | user.destroy().asCallback(callback) | ||
145 | } | ||
146 | ], function andFinally (err) { | ||
147 | if (err) { | ||
148 | logger.error('Errors when removed the user.', { error: err }) | ||
149 | return next(err) | ||
150 | } | ||
151 | |||
152 | return res.sendStatus(204) | ||
153 | }) | ||
154 | } | ||
155 | |||
156 | function updateUser (req, res, next) { | ||
157 | db.User.loadByUsername(res.locals.oauth.token.user.username, function (err, user) { | ||
158 | if (err) return next(err) | ||
159 | |||
160 | if (req.body.password) user.password = req.body.password | ||
161 | if (req.body.displayNSFW !== undefined) user.displayNSFW = req.body.displayNSFW | ||
162 | |||
163 | user.save().asCallback(function (err) { | ||
164 | if (err) return next(err) | ||
165 | |||
166 | return res.sendStatus(204) | ||
167 | }) | ||
168 | }) | ||
169 | } | ||
170 | |||
171 | function success (req, res, next) { | ||
172 | res.end() | ||
173 | } | ||