From 9bd2662976a75d3b03364cdbe6419e57c80f99a6 Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Thu, 4 Aug 2016 22:32:36 +0200 Subject: Implement user API (create, update, remove, list) --- server/controllers/api/v1/pods.js | 14 +++- server/controllers/api/v1/users.js | 132 ++++++++++++++++++++++++++++++++++++- 2 files changed, 141 insertions(+), 5 deletions(-) (limited to 'server/controllers/api/v1') diff --git a/server/controllers/api/v1/pods.js b/server/controllers/api/v1/pods.js index 2bc761fef..f61f2a483 100644 --- a/server/controllers/api/v1/pods.js +++ b/server/controllers/api/v1/pods.js @@ -8,6 +8,7 @@ const waterfall = require('async/waterfall') const logger = require('../../../helpers/logger') const friends = require('../../../lib/friends') const middlewares = require('../../../middlewares') +const admin = middlewares.admin const oAuth = middlewares.oauth const validators = middlewares.validators.pods const signatureValidator = middlewares.validators.remote.signature @@ -18,8 +19,17 @@ const Video = mongoose.model('Video') router.get('/', listPodsUrl) router.post('/', validators.podsAdd, addPods) -router.get('/makefriends', oAuth.authenticate, validators.makeFriends, makeFriends) -router.get('/quitfriends', oAuth.authenticate, quitFriends) +router.get('/makefriends', + oAuth.authenticate, + admin.ensureIsAdmin, + validators.makeFriends, + makeFriends +) +router.get('/quitfriends', + oAuth.authenticate, + admin.ensureIsAdmin, + quitFriends +) // Post because this is a secured request router.post('/remove', signatureValidator, removePods) diff --git a/server/controllers/api/v1/users.js b/server/controllers/api/v1/users.js index fbbe6e472..e084974ce 100644 --- a/server/controllers/api/v1/users.js +++ b/server/controllers/api/v1/users.js @@ -1,18 +1,49 @@ 'use strict' +const each = require('async/each') const config = require('config') -const mongoose = require('mongoose') const express = require('express') +const mongoose = require('mongoose') +const waterfall = require('async/waterfall') -const oAuth = require('../../../middlewares').oauth +const constants = require('../../../initializers/constants') +const friends = require('../../../lib/friends') +const logger = require('../../../helpers/logger') +const middlewares = require('../../../middlewares') +const admin = middlewares.admin +const oAuth = middlewares.oauth +const validatorsUsers = middlewares.validators.users const Client = mongoose.model('OAuthClient') +const User = mongoose.model('User') +const Video = mongoose.model('Video') const router = express.Router() +router.get('/', listUsers) + +router.post('/', + oAuth.authenticate, + admin.ensureIsAdmin, + validatorsUsers.usersAdd, + createUser +) + +router.put('/:id', + oAuth.authenticate, + validatorsUsers.usersUpdate, + updateUser +) + +router.delete('/:username', + oAuth.authenticate, + admin.ensureIsAdmin, + validatorsUsers.usersRemove, + removeUser +) router.get('/client', getAngularClient) router.post('/token', oAuth.token, success) -// TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged,, implement revoke token route +// TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route // --------------------------------------------------------------------------- @@ -20,6 +51,20 @@ module.exports = router // --------------------------------------------------------------------------- +function createUser (req, res, next) { + const user = new User({ + username: req.body.username, + password: req.body.password, + role: constants.USER_ROLES.USER + }) + + user.save(function (err, createdUser) { + if (err) return next(err) + + return res.type('json').status(204).end() + }) +} + function getAngularClient (req, res, next) { const serverHost = config.get('webserver.host') const serverPort = config.get('webserver.port') @@ -44,6 +89,87 @@ function getAngularClient (req, res, next) { }) } +function listUsers (req, res, next) { + User.list(function (err, usersList) { + if (err) return next(err) + + res.json(getFormatedUsers(usersList)) + }) +} + +function removeUser (req, res, next) { + waterfall([ + function getUser (callback) { + User.loadByUsername(req.params.username, callback) + }, + + function getVideos (user, callback) { + Video.listOwnedByAuthor(user.username, function (err, videos) { + return callback(err, user, videos) + }) + }, + + function removeVideosFromDB (user, videos, callback) { + each(videos, function (video, callbackEach) { + video.remove(callbackEach) + }, function (err) { + return callback(err, user, videos) + }) + }, + + function sendInformationToFriends (user, videos, callback) { + videos.forEach(function (video) { + const params = { + name: video.name, + magnetUri: video.magnetUri + } + + friends.removeVideoToFriends(params) + }) + + return callback(null, user) + }, + + function removeUserFromDB (user, callback) { + user.remove(callback) + } + ], function andFinally (err) { + if (err) { + logger.error('Errors when removed the user.', { error: err }) + return next(err) + } + + return res.type('json').status(204).end() + }) +} + +function updateUser (req, res, next) { + User.loadByUsername(res.locals.oauth.token.user.username, function (err, user) { + if (err) return next(err) + + user.password = req.body.password + user.save(function (err) { + if (err) return next(err) + + return res.json('json').status(204).end() + }) + }) +} + function success (req, res, next) { res.end() } + +// --------------------------------------------------------------------------- + +function getFormatedUsers (users) { + const formatedUsers = [] + + users.forEach(function (user) { + formatedUsers.push(user.toFormatedJSON()) + }) + + return { + data: formatedUsers + } +} -- cgit v1.2.3