From 9bd2662976a75d3b03364cdbe6419e57c80f99a6 Mon Sep 17 00:00:00 2001
From: Chocobozzz <florian.bigard@gmail.com>
Date: Thu, 4 Aug 2016 22:32:36 +0200
Subject: Implement user API (create, update, remove, list)
---
server/controllers/api/v1/pods.js | 14 +++-
server/controllers/api/v1/users.js | 132 ++++++++++++++++++++++++++++++++++++-
2 files changed, 141 insertions(+), 5 deletions(-)
(limited to 'server/controllers/api/v1')
diff --git a/server/controllers/api/v1/pods.js b/server/controllers/api/v1/pods.js
index 2bc761fef..f61f2a483 100644
--- a/server/controllers/api/v1/pods.js
+++ b/server/controllers/api/v1/pods.js
@@ -8,6 +8,7 @@ const waterfall = require('async/waterfall')
const logger = require('../../../helpers/logger')
const friends = require('../../../lib/friends')
const middlewares = require('../../../middlewares')
+const admin = middlewares.admin
const oAuth = middlewares.oauth
const validators = middlewares.validators.pods
const signatureValidator = middlewares.validators.remote.signature
@@ -18,8 +19,17 @@ const Video = mongoose.model('Video')
router.get('/', listPodsUrl)
router.post('/', validators.podsAdd, addPods)
-router.get('/makefriends', oAuth.authenticate, validators.makeFriends, makeFriends)
-router.get('/quitfriends', oAuth.authenticate, quitFriends)
+router.get('/makefriends',
+ oAuth.authenticate,
+ admin.ensureIsAdmin,
+ validators.makeFriends,
+ makeFriends
+)
+router.get('/quitfriends',
+ oAuth.authenticate,
+ admin.ensureIsAdmin,
+ quitFriends
+)
// Post because this is a secured request
router.post('/remove', signatureValidator, removePods)
diff --git a/server/controllers/api/v1/users.js b/server/controllers/api/v1/users.js
index fbbe6e472..e084974ce 100644
--- a/server/controllers/api/v1/users.js
+++ b/server/controllers/api/v1/users.js
@@ -1,18 +1,49 @@
'use strict'
+const each = require('async/each')
const config = require('config')
-const mongoose = require('mongoose')
const express = require('express')
+const mongoose = require('mongoose')
+const waterfall = require('async/waterfall')
-const oAuth = require('../../../middlewares').oauth
+const constants = require('../../../initializers/constants')
+const friends = require('../../../lib/friends')
+const logger = require('../../../helpers/logger')
+const middlewares = require('../../../middlewares')
+const admin = middlewares.admin
+const oAuth = middlewares.oauth
+const validatorsUsers = middlewares.validators.users
const Client = mongoose.model('OAuthClient')
+const User = mongoose.model('User')
+const Video = mongoose.model('Video')
const router = express.Router()
+router.get('/', listUsers)
+
+router.post('/',
+ oAuth.authenticate,
+ admin.ensureIsAdmin,
+ validatorsUsers.usersAdd,
+ createUser
+)
+
+router.put('/:id',
+ oAuth.authenticate,
+ validatorsUsers.usersUpdate,
+ updateUser
+)
+
+router.delete('/:username',
+ oAuth.authenticate,
+ admin.ensureIsAdmin,
+ validatorsUsers.usersRemove,
+ removeUser
+)
router.get('/client', getAngularClient)
router.post('/token', oAuth.token, success)
-// TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged,, implement revoke token route
+// TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route
// ---------------------------------------------------------------------------
@@ -20,6 +51,20 @@ module.exports = router
// ---------------------------------------------------------------------------
+function createUser (req, res, next) {
+ const user = new User({
+ username: req.body.username,
+ password: req.body.password,
+ role: constants.USER_ROLES.USER
+ })
+
+ user.save(function (err, createdUser) {
+ if (err) return next(err)
+
+ return res.type('json').status(204).end()
+ })
+}
+
function getAngularClient (req, res, next) {
const serverHost = config.get('webserver.host')
const serverPort = config.get('webserver.port')
@@ -44,6 +89,87 @@ function getAngularClient (req, res, next) {
})
}
+function listUsers (req, res, next) {
+ User.list(function (err, usersList) {
+ if (err) return next(err)
+
+ res.json(getFormatedUsers(usersList))
+ })
+}
+
+function removeUser (req, res, next) {
+ waterfall([
+ function getUser (callback) {
+ User.loadByUsername(req.params.username, callback)
+ },
+
+ function getVideos (user, callback) {
+ Video.listOwnedByAuthor(user.username, function (err, videos) {
+ return callback(err, user, videos)
+ })
+ },
+
+ function removeVideosFromDB (user, videos, callback) {
+ each(videos, function (video, callbackEach) {
+ video.remove(callbackEach)
+ }, function (err) {
+ return callback(err, user, videos)
+ })
+ },
+
+ function sendInformationToFriends (user, videos, callback) {
+ videos.forEach(function (video) {
+ const params = {
+ name: video.name,
+ magnetUri: video.magnetUri
+ }
+
+ friends.removeVideoToFriends(params)
+ })
+
+ return callback(null, user)
+ },
+
+ function removeUserFromDB (user, callback) {
+ user.remove(callback)
+ }
+ ], function andFinally (err) {
+ if (err) {
+ logger.error('Errors when removed the user.', { error: err })
+ return next(err)
+ }
+
+ return res.type('json').status(204).end()
+ })
+}
+
+function updateUser (req, res, next) {
+ User.loadByUsername(res.locals.oauth.token.user.username, function (err, user) {
+ if (err) return next(err)
+
+ user.password = req.body.password
+ user.save(function (err) {
+ if (err) return next(err)
+
+ return res.json('json').status(204).end()
+ })
+ })
+}
+
function success (req, res, next) {
res.end()
}
+
+// ---------------------------------------------------------------------------
+
+function getFormatedUsers (users) {
+ const formatedUsers = []
+
+ users.forEach(function (user) {
+ formatedUsers.push(user.toFormatedJSON())
+ })
+
+ return {
+ data: formatedUsers
+ }
+}
--
cgit v1.2.3