mirror of
https://github.com/sasjs/server.git
synced 2026-01-08 23:10:05 +00:00
chore: Merge branch 'main' into issue-184
This commit is contained in:
Saad Jutt
@@ -14,7 +14,7 @@ import Group, { GroupPayload } from '../model/Group'
|
||||
import User from '../model/User'
|
||||
import { UserResponse } from './user'
|
||||
|
||||
interface GroupResponse {
|
||||
export interface GroupResponse {
|
||||
groupId: number
|
||||
name: string
|
||||
description: string
|
||||
@@ -210,6 +210,9 @@ const updateUsersListInGroup = async (
|
||||
|
||||
if (!updatedGroup) throw new Error('Unable to update group')
|
||||
|
||||
if (action === 'addUser') user.addGroup(group._id)
|
||||
else user.removeGroup(group._id)
|
||||
|
||||
return {
|
||||
groupId: updatedGroup.groupId,
|
||||
name: updatedGroup.name,
|
||||
|
||||
@@ -97,6 +97,8 @@ ${autoExecContent}`
|
||||
session.path,
|
||||
'-AUTOEXEC',
|
||||
autoExecPath,
|
||||
'-ENCODING',
|
||||
'UTF-8',
|
||||
process.platform === 'win32' ? '-nosplash' : ''
|
||||
])
|
||||
.then(() => {
|
||||
|
||||
@@ -18,6 +18,7 @@ import { desktopUser } from '../middlewares'
|
||||
|
||||
import User, { UserPayload } from '../model/User'
|
||||
import { getUserAutoExec, updateUserAutoExec, ModeType } from '../utils'
|
||||
import { GroupResponse } from './group'
|
||||
|
||||
export interface UserResponse {
|
||||
id: number
|
||||
@@ -32,6 +33,7 @@ interface UserDetailsResponse {
|
||||
isActive: boolean
|
||||
isAdmin: boolean
|
||||
autoExec?: string
|
||||
groups?: GroupResponse[]
|
||||
}
|
||||
|
||||
@Security('bearerAuth')
|
||||
@@ -77,6 +79,26 @@ export class UserController {
|
||||
return createUser(body)
|
||||
}
|
||||
|
||||
/**
|
||||
* Only Admin or user itself will get user autoExec code.
|
||||
* @summary Get user properties - such as group memberships, userName, displayName.
|
||||
* @param username The User's username
|
||||
* @example username "johnSnow01"
|
||||
*/
|
||||
@Get('by/username/{username}')
|
||||
public async getUserByUsername(
|
||||
@Request() req: express.Request,
|
||||
@Path() username: string
|
||||
): Promise<UserDetailsResponse> {
|
||||
const { MODE } = process.env
|
||||
|
||||
if (MODE === ModeType.Desktop) return getDesktopAutoExec()
|
||||
|
||||
const { user } = req
|
||||
const getAutoExec = user!.isAdmin || user!.username == username
|
||||
return getUser({ username }, getAutoExec)
|
||||
}
|
||||
|
||||
/**
|
||||
* Only Admin or user itself will get user autoExec code.
|
||||
* @summary Get user properties - such as group memberships, userName, displayName.
|
||||
@@ -94,7 +116,32 @@ export class UserController {
|
||||
|
||||
const { user } = req
|
||||
const getAutoExec = user!.isAdmin || user!.userId == userId
|
||||
return getUser(userId, getAutoExec)
|
||||
return getUser({ id: userId }, getAutoExec)
|
||||
}
|
||||
|
||||
/**
|
||||
* @summary Update user properties - such as displayName. Can be performed either by admins, or the user in question.
|
||||
* @param username The User's username
|
||||
* @example username "johnSnow01"
|
||||
*/
|
||||
@Example<UserDetailsResponse>({
|
||||
id: 1234,
|
||||
displayName: 'John Snow',
|
||||
username: 'johnSnow01',
|
||||
isAdmin: false,
|
||||
isActive: true
|
||||
})
|
||||
@Patch('by/username/{username}')
|
||||
public async updateUserByUsername(
|
||||
@Path() username: string,
|
||||
@Body() body: UserPayload
|
||||
): Promise<UserDetailsResponse> {
|
||||
const { MODE } = process.env
|
||||
|
||||
if (MODE === ModeType.Desktop)
|
||||
return updateDesktopAutoExec(body.autoExec ?? '')
|
||||
|
||||
return updateUser({ username }, body)
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -119,7 +166,21 @@ export class UserController {
|
||||
if (MODE === ModeType.Desktop)
|
||||
return updateDesktopAutoExec(body.autoExec ?? '')
|
||||
|
||||
return updateUser(userId, body)
|
||||
return updateUser({ id: userId }, body)
|
||||
}
|
||||
|
||||
/**
|
||||
* @summary Delete a user. Can be performed either by admins, or the user in question.
|
||||
* @param username The User's username
|
||||
* @example username "johnSnow01"
|
||||
*/
|
||||
@Delete('by/username/{username}')
|
||||
public async deleteUserByUsername(
|
||||
@Path() username: string,
|
||||
@Body() body: { password?: string },
|
||||
@Query() @Hidden() isAdmin: boolean = false
|
||||
) {
|
||||
return deleteUser({ username }, isAdmin, body)
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -133,7 +194,7 @@ export class UserController {
|
||||
@Body() body: { password?: string },
|
||||
@Query() @Hidden() isAdmin: boolean = false
|
||||
) {
|
||||
return deleteUser(userId, isAdmin, body)
|
||||
return deleteUser({ id: userId }, isAdmin, body)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -174,11 +235,22 @@ const createUser = async (data: UserPayload): Promise<UserDetailsResponse> => {
|
||||
}
|
||||
}
|
||||
|
||||
interface GetUserBy {
|
||||
id?: number
|
||||
username?: string
|
||||
}
|
||||
|
||||
const getUser = async (
|
||||
id: number,
|
||||
findBy: GetUserBy,
|
||||
getAutoExec: boolean
|
||||
): Promise<UserDetailsResponse> => {
|
||||
const user = await User.findOne({ id })
|
||||
const user = (await User.findOne(
|
||||
findBy,
|
||||
`id displayName username isActive isAdmin autoExec -_id`
|
||||
).populate(
|
||||
'groups',
|
||||
'groupId name description -_id'
|
||||
)) as unknown as UserDetailsResponse
|
||||
|
||||
if (!user) throw new Error('User is not found.')
|
||||
|
||||
@@ -188,7 +260,8 @@ const getUser = async (
|
||||
username: user.username,
|
||||
isActive: user.isActive,
|
||||
isAdmin: user.isAdmin,
|
||||
autoExec: getAutoExec ? user.autoExec ?? '' : undefined
|
||||
autoExec: getAutoExec ? user.autoExec ?? '' : undefined,
|
||||
groups: user.groups
|
||||
}
|
||||
}
|
||||
|
||||
@@ -201,7 +274,7 @@ const getDesktopAutoExec = async () => {
|
||||
}
|
||||
|
||||
const updateUser = async (
|
||||
id: number,
|
||||
findBy: GetUserBy,
|
||||
data: Partial<UserPayload>
|
||||
): Promise<UserDetailsResponse> => {
|
||||
const { displayName, username, password, isAdmin, isActive, autoExec } = data
|
||||
@@ -211,8 +284,13 @@ const updateUser = async (
|
||||
if (username) {
|
||||
// Checking if user is already in the database
|
||||
const usernameExist = await User.findOne({ username })
|
||||
if (usernameExist && usernameExist.id != id)
|
||||
throw new Error('Username already exists.')
|
||||
if (usernameExist) {
|
||||
if (
|
||||
(findBy.id && usernameExist.id != findBy.id) ||
|
||||
(findBy.username && usernameExist.username != findBy.username)
|
||||
)
|
||||
throw new Error('Username already exists.')
|
||||
}
|
||||
params.username = username
|
||||
}
|
||||
|
||||
@@ -221,9 +299,10 @@ const updateUser = async (
|
||||
params.password = User.hashPassword(password)
|
||||
}
|
||||
|
||||
const updatedUser = await User.findOneAndUpdate({ id }, params, { new: true })
|
||||
const updatedUser = await User.findOneAndUpdate(findBy, params, { new: true })
|
||||
|
||||
if (!updatedUser) throw new Error(`Unable to find user with id: ${id}`)
|
||||
if (!updatedUser)
|
||||
throw new Error(`Unable to find user with ${findBy.id || findBy.username}`)
|
||||
|
||||
return {
|
||||
id: updatedUser.id,
|
||||
@@ -245,11 +324,11 @@ const updateDesktopAutoExec = async (autoExec: string) => {
|
||||
}
|
||||
|
||||
const deleteUser = async (
|
||||
id: number,
|
||||
findBy: GetUserBy,
|
||||
isAdmin: boolean,
|
||||
{ password }: { password?: string }
|
||||
) => {
|
||||
const user = await User.findOne({ id })
|
||||
const user = await User.findOne(findBy)
|
||||
if (!user) throw new Error('User is not found.')
|
||||
|
||||
if (!isAdmin) {
|
||||
@@ -257,5 +336,5 @@ const deleteUser = async (
|
||||
if (!validPass) throw new Error('Invalid password.')
|
||||
}
|
||||
|
||||
await User.deleteOne({ id })
|
||||
await User.deleteOne(findBy)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user