diff options
Diffstat (limited to 'server/controllers/api/users/index.ts')
| -rw-r--r-- | server/controllers/api/users/index.ts | 21 |
1 files changed, 12 insertions, 9 deletions
diff --git a/server/controllers/api/users/index.ts b/server/controllers/api/users/index.ts index 9e6a019f6..e3533a7f6 100644 --- a/server/controllers/api/users/index.ts +++ b/server/controllers/api/users/index.ts | |||
| @@ -41,6 +41,7 @@ import { myBlocklistRouter } from './my-blocklist' | |||
| 41 | import { myVideosHistoryRouter } from './my-history' | 41 | import { myVideosHistoryRouter } from './my-history' |
| 42 | import { myNotificationsRouter } from './my-notifications' | 42 | import { myNotificationsRouter } from './my-notifications' |
| 43 | import { Notifier } from '../../../lib/notifier' | 43 | import { Notifier } from '../../../lib/notifier' |
| 44 | import { mySubscriptionsRouter } from './my-subscriptions' | ||
| 44 | 45 | ||
| 45 | const auditLogger = auditLoggerFactory('users') | 46 | const auditLogger = auditLoggerFactory('users') |
| 46 | 47 | ||
| @@ -58,6 +59,7 @@ const askSendEmailLimiter = new RateLimit({ | |||
| 58 | 59 | ||
| 59 | const usersRouter = express.Router() | 60 | const usersRouter = express.Router() |
| 60 | usersRouter.use('/', myNotificationsRouter) | 61 | usersRouter.use('/', myNotificationsRouter) |
| 62 | usersRouter.use('/', mySubscriptionsRouter) | ||
| 61 | usersRouter.use('/', myBlocklistRouter) | 63 | usersRouter.use('/', myBlocklistRouter) |
| 62 | usersRouter.use('/', myVideosHistoryRouter) | 64 | usersRouter.use('/', myVideosHistoryRouter) |
| 63 | usersRouter.use('/', meRouter) | 65 | usersRouter.use('/', meRouter) |
| @@ -227,7 +229,7 @@ async function unblockUser (req: express.Request, res: express.Response, next: e | |||
| 227 | return res.status(204).end() | 229 | return res.status(204).end() |
| 228 | } | 230 | } |
| 229 | 231 | ||
| 230 | async function blockUser (req: express.Request, res: express.Response, next: express.NextFunction) { | 232 | async function blockUser (req: express.Request, res: express.Response) { |
| 231 | const user: UserModel = res.locals.user | 233 | const user: UserModel = res.locals.user |
| 232 | const reason = req.body.reason | 234 | const reason = req.body.reason |
| 233 | 235 | ||
| @@ -236,23 +238,23 @@ async function blockUser (req: express.Request, res: express.Response, next: exp | |||
| 236 | return res.status(204).end() | 238 | return res.status(204).end() |
| 237 | } | 239 | } |
| 238 | 240 | ||
| 239 | function getUser (req: express.Request, res: express.Response, next: express.NextFunction) { | 241 | function getUser (req: express.Request, res: express.Response) { |
| 240 | return res.json((res.locals.user as UserModel).toFormattedJSON()) | 242 | return res.json((res.locals.user as UserModel).toFormattedJSON()) |
| 241 | } | 243 | } |
| 242 | 244 | ||
| 243 | async function autocompleteUsers (req: express.Request, res: express.Response, next: express.NextFunction) { | 245 | async function autocompleteUsers (req: express.Request, res: express.Response) { |
| 244 | const resultList = await UserModel.autoComplete(req.query.search as string) | 246 | const resultList = await UserModel.autoComplete(req.query.search as string) |
| 245 | 247 | ||
| 246 | return res.json(resultList) | 248 | return res.json(resultList) |
| 247 | } | 249 | } |
| 248 | 250 | ||
| 249 | async function listUsers (req: express.Request, res: express.Response, next: express.NextFunction) { | 251 | async function listUsers (req: express.Request, res: express.Response) { |
| 250 | const resultList = await UserModel.listForApi(req.query.start, req.query.count, req.query.sort, req.query.search) | 252 | const resultList = await UserModel.listForApi(req.query.start, req.query.count, req.query.sort, req.query.search) |
| 251 | 253 | ||
| 252 | return res.json(getFormattedObjects(resultList.data, resultList.total)) | 254 | return res.json(getFormattedObjects(resultList.data, resultList.total)) |
| 253 | } | 255 | } |
| 254 | 256 | ||
| 255 | async function removeUser (req: express.Request, res: express.Response, next: express.NextFunction) { | 257 | async function removeUser (req: express.Request, res: express.Response) { |
| 256 | const user: UserModel = res.locals.user | 258 | const user: UserModel = res.locals.user |
| 257 | 259 | ||
| 258 | await user.destroy() | 260 | await user.destroy() |
| @@ -262,12 +264,13 @@ async function removeUser (req: express.Request, res: express.Response, next: ex | |||
| 262 | return res.sendStatus(204) | 264 | return res.sendStatus(204) |
| 263 | } | 265 | } |
| 264 | 266 | ||
| 265 | async function updateUser (req: express.Request, res: express.Response, next: express.NextFunction) { | 267 | async function updateUser (req: express.Request, res: express.Response) { |
| 266 | const body: UserUpdate = req.body | 268 | const body: UserUpdate = req.body |
| 267 | const userToUpdate = res.locals.user as UserModel | 269 | const userToUpdate = res.locals.user as UserModel |
| 268 | const oldUserAuditView = new UserAuditView(userToUpdate.toFormattedJSON()) | 270 | const oldUserAuditView = new UserAuditView(userToUpdate.toFormattedJSON()) |
| 269 | const roleChanged = body.role !== undefined && body.role !== userToUpdate.role | 271 | const roleChanged = body.role !== undefined && body.role !== userToUpdate.role |
| 270 | 272 | ||
| 273 | if (body.password !== undefined) userToUpdate.password = body.password | ||
| 271 | if (body.email !== undefined) userToUpdate.email = body.email | 274 | if (body.email !== undefined) userToUpdate.email = body.email |
| 272 | if (body.emailVerified !== undefined) userToUpdate.emailVerified = body.emailVerified | 275 | if (body.emailVerified !== undefined) userToUpdate.emailVerified = body.emailVerified |
| 273 | if (body.videoQuota !== undefined) userToUpdate.videoQuota = body.videoQuota | 276 | if (body.videoQuota !== undefined) userToUpdate.videoQuota = body.videoQuota |
| @@ -277,11 +280,11 @@ async function updateUser (req: express.Request, res: express.Response, next: ex | |||
| 277 | const user = await userToUpdate.save() | 280 | const user = await userToUpdate.save() |
| 278 | 281 | ||
| 279 | // Destroy user token to refresh rights | 282 | // Destroy user token to refresh rights |
| 280 | if (roleChanged) await deleteUserToken(userToUpdate.id) | 283 | if (roleChanged || body.password !== undefined) await deleteUserToken(userToUpdate.id) |
| 281 | 284 | ||
| 282 | auditLogger.update(getAuditIdFromRes(res), new UserAuditView(user.toFormattedJSON()), oldUserAuditView) | 285 | auditLogger.update(getAuditIdFromRes(res), new UserAuditView(user.toFormattedJSON()), oldUserAuditView) |
| 283 | 286 | ||
| 284 | // Don't need to send this update to followers, these attributes are not propagated | 287 | // Don't need to send this update to followers, these attributes are not federated |
| 285 | 288 | ||
| 286 | return res.sendStatus(204) | 289 | return res.sendStatus(204) |
| 287 | } | 290 | } |
| @@ -291,7 +294,7 @@ async function askResetUserPassword (req: express.Request, res: express.Response | |||
| 291 | 294 | ||
| 292 | const verificationString = await Redis.Instance.setResetPasswordVerificationString(user.id) | 295 | const verificationString = await Redis.Instance.setResetPasswordVerificationString(user.id) |
| 293 | const url = CONFIG.WEBSERVER.URL + '/reset-password?userId=' + user.id + '&verificationString=' + verificationString | 296 | const url = CONFIG.WEBSERVER.URL + '/reset-password?userId=' + user.id + '&verificationString=' + verificationString |
| 294 | await Emailer.Instance.addForgetPasswordEmailJob(user.email, url) | 297 | await Emailer.Instance.addPasswordResetEmailJob(user.email, url) |
| 295 | 298 | ||
| 296 | return res.status(204).end() | 299 | return res.status(204).end() |
| 297 | } | 300 | } |