diff options
Diffstat (limited to 'server/controllers/api')
-rw-r--r-- | server/controllers/api/users.ts | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/server/controllers/api/users.ts b/server/controllers/api/users.ts index 3d2586c3a..8f429d0b5 100644 --- a/server/controllers/api/users.ts +++ b/server/controllers/api/users.ts | |||
@@ -32,6 +32,7 @@ import { | |||
32 | import { | 32 | import { |
33 | deleteMeValidator, | 33 | deleteMeValidator, |
34 | usersAskResetPasswordValidator, | 34 | usersAskResetPasswordValidator, |
35 | usersBlockingValidator, | ||
35 | usersResetPasswordValidator, | 36 | usersResetPasswordValidator, |
36 | videoImportsSortValidator, | 37 | videoImportsSortValidator, |
37 | videosSortValidator | 38 | videosSortValidator |
@@ -108,6 +109,19 @@ usersRouter.get('/', | |||
108 | asyncMiddleware(listUsers) | 109 | asyncMiddleware(listUsers) |
109 | ) | 110 | ) |
110 | 111 | ||
112 | usersRouter.post('/:id/block', | ||
113 | authenticate, | ||
114 | ensureUserHasRight(UserRight.MANAGE_USERS), | ||
115 | asyncMiddleware(usersBlockingValidator), | ||
116 | asyncMiddleware(blockUser) | ||
117 | ) | ||
118 | usersRouter.post('/:id/unblock', | ||
119 | authenticate, | ||
120 | ensureUserHasRight(UserRight.MANAGE_USERS), | ||
121 | asyncMiddleware(usersBlockingValidator), | ||
122 | asyncMiddleware(unblockUser) | ||
123 | ) | ||
124 | |||
111 | usersRouter.get('/:id', | 125 | usersRouter.get('/:id', |
112 | authenticate, | 126 | authenticate, |
113 | ensureUserHasRight(UserRight.MANAGE_USERS), | 127 | ensureUserHasRight(UserRight.MANAGE_USERS), |
@@ -278,6 +292,22 @@ async function getUserVideoQuotaUsed (req: express.Request, res: express.Respons | |||
278 | return res.json(data) | 292 | return res.json(data) |
279 | } | 293 | } |
280 | 294 | ||
295 | async function unblockUser (req: express.Request, res: express.Response, next: express.NextFunction) { | ||
296 | const user: UserModel = res.locals.user | ||
297 | |||
298 | await changeUserBlock(res, user, false) | ||
299 | |||
300 | return res.status(204).end() | ||
301 | } | ||
302 | |||
303 | async function blockUser (req: express.Request, res: express.Response, next: express.NextFunction) { | ||
304 | const user: UserModel = res.locals.user | ||
305 | |||
306 | await changeUserBlock(res, user, true) | ||
307 | |||
308 | return res.status(204).end() | ||
309 | } | ||
310 | |||
281 | function getUser (req: express.Request, res: express.Response, next: express.NextFunction) { | 311 | function getUser (req: express.Request, res: express.Response, next: express.NextFunction) { |
282 | return res.json((res.locals.user as UserModel).toFormattedJSON()) | 312 | return res.json((res.locals.user as UserModel).toFormattedJSON()) |
283 | } | 313 | } |
@@ -423,3 +453,21 @@ async function resetUserPassword (req: express.Request, res: express.Response, n | |||
423 | function success (req: express.Request, res: express.Response, next: express.NextFunction) { | 453 | function success (req: express.Request, res: express.Response, next: express.NextFunction) { |
424 | res.end() | 454 | res.end() |
425 | } | 455 | } |
456 | |||
457 | async function changeUserBlock (res: express.Response, user: UserModel, block: boolean) { | ||
458 | const oldUserAuditView = new UserAuditView(user.toFormattedJSON()) | ||
459 | |||
460 | user.blocked = block | ||
461 | |||
462 | await sequelizeTypescript.transaction(async t => { | ||
463 | await OAuthTokenModel.deleteUserToken(user.id, t) | ||
464 | |||
465 | await user.save({ transaction: t }) | ||
466 | }) | ||
467 | |||
468 | auditLogger.update( | ||
469 | res.locals.oauth.token.User.Account.Actor.getIdentifier(), | ||
470 | new UserAuditView(user.toFormattedJSON()), | ||
471 | oldUserAuditView | ||
472 | ) | ||
473 | } | ||