peertube/server/controllers/api/v1/users.js

'use strict'

const each = require('async/each')
const express = require('express')
const mongoose = require('mongoose')
const waterfall = require('async/waterfall')

const constants = require('../../../initializers/constants')
const friends = require('../../../lib/friends')
const logger = require('../../../helpers/logger')
const middlewares = require('../../../middlewares')
const admin = middlewares.admin
const oAuth = middlewares.oauth
const validatorsUsers = middlewares.validators.users

const User = mongoose.model('User')
const Video = mongoose.model('Video')

const router = express.Router()

router.get('/', listUsers)
router.get('/me', oAuth.authenticate, getUserInformation)

router.post('/',
  oAuth.authenticate,
  admin.ensureIsAdmin,
  validatorsUsers.usersAdd,
  createUser
)

router.put('/:id',
  oAuth.authenticate,
  validatorsUsers.usersUpdate,
  updateUser
)

router.delete('/:id',
  oAuth.authenticate,
  admin.ensureIsAdmin,
  validatorsUsers.usersRemove,
  removeUser
)

router.post('/token', oAuth.token, success)
// TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route

// ---------------------------------------------------------------------------

module.exports = router

// ---------------------------------------------------------------------------

function createUser (req, res, next) {
  const user = new User({
    username: req.body.username,
    password: req.body.password,
    role: constants.USER_ROLES.USER
  })

  user.save(function (err, createdUser) {
    if (err) return next(err)

    return res.type('json').status(204).end()
  })
}

function getUserInformation (req, res, next) {
  User.loadByUsername(res.locals.oauth.token.user.username, function (err, user) {
    if (err) return next(err)

    return res.json(user.toFormatedJSON())
  })
}

function listUsers (req, res, next) {
  User.list(function (err, usersList) {
    if (err) return next(err)

    res.json(getFormatedUsers(usersList))
  })
}

function removeUser (req, res, next) {
  waterfall([
    function getUser (callback) {
      User.loadById(req.params.id, callback)
    },

    function getVideos (user, callback) {
      Video.listOwnedByAuthor(user.username, function (err, videos) {
        return callback(err, user, videos)
      })
    },

    function removeVideosFromDB (user, videos, callback) {
      each(videos, function (video, callbackEach) {
        video.remove(callbackEach)
      }, function (err) {
        return callback(err, user, videos)
      })
    },

    function sendInformationToFriends (user, videos, callback) {
      videos.forEach(function (video) {
        const params = {
          name: video.name,
          magnetUri: video.magnetUri
        }

        friends.removeVideoToFriends(params)
      })

      return callback(null, user)
    },

    function removeUserFromDB (user, callback) {
      user.remove(callback)
    }
  ], function andFinally (err) {
    if (err) {
      logger.error('Errors when removed the user.', { error: err })
      return next(err)
    }

    return res.sendStatus(204)
  })
}

function updateUser (req, res, next) {
  User.loadByUsername(res.locals.oauth.token.user.username, function (err, user) {
    if (err) return next(err)

    user.password = req.body.password
    user.save(function (err) {
      if (err) return next(err)

      return res.sendStatus(204)
    })
  })
}

function success (req, res, next) {
  res.end()
}

// ---------------------------------------------------------------------------

function getFormatedUsers (users) {
  const formatedUsers = []

  users.forEach(function (user) {
    formatedUsers.push(user.toFormatedJSON())
  })

  return {
    data: formatedUsers
  }
}
OAuth server: first draft 2016-03-21 10:56:33 +00:00			`'use strict'`

Implement user API (create, update, remove, list) 2016-08-04 20:32:36 +00:00			`const each = require('async/each')`
Add authentications for routes that need it and adapts the tests 2016-04-14 20:06:11 +00:00			`const express = require('express')`
Implement user API (create, update, remove, list) 2016-08-04 20:32:36 +00:00			`const mongoose = require('mongoose')`
			`const waterfall = require('async/waterfall')`
reqValidators --> validators 2016-07-01 14:16:40 +00:00
Implement user API (create, update, remove, list) 2016-08-04 20:32:36 +00:00			`const constants = require('../../../initializers/constants')`
			`const friends = require('../../../lib/friends')`
			`const logger = require('../../../helpers/logger')`
			`const middlewares = require('../../../middlewares')`
			`const admin = middlewares.admin`
			`const oAuth = middlewares.oauth`
			`const validatorsUsers = middlewares.validators.users`
OAuth server: first draft 2016-03-21 10:56:33 +00:00
Implement user API (create, update, remove, list) 2016-08-04 20:32:36 +00:00			`const User = mongoose.model('User')`
			`const Video = mongoose.model('Video')`
OAuth server: first draft 2016-03-21 10:56:33 +00:00
			`const router = express.Router()`

Implement user API (create, update, remove, list) 2016-08-04 20:32:36 +00:00			`router.get('/', listUsers)`
Server: allow user to get its informations (/users/me) 2016-08-05 15:19:08 +00:00			`router.get('/me', oAuth.authenticate, getUserInformation)`
Implement user API (create, update, remove, list) 2016-08-04 20:32:36 +00:00
			`router.post('/',`
			`oAuth.authenticate,`
			`admin.ensureIsAdmin,`
			`validatorsUsers.usersAdd,`
			`createUser`
			`)`

			`router.put('/:id',`
			`oAuth.authenticate,`
			`validatorsUsers.usersUpdate,`
			`updateUser`
			`)`

Server: delete user with the id and not the username 2016-08-09 19:44:45 +00:00			`router.delete('/:id',`
Implement user API (create, update, remove, list) 2016-08-04 20:32:36 +00:00			`oAuth.authenticate,`
			`admin.ensureIsAdmin,`
			`validatorsUsers.usersRemove,`
			`removeUser`
			`)`
Server: move clients in its own file 2016-08-05 14:09:39 +00:00
OAuth/User models refractoring -> use mongoose api 2016-07-01 14:03:53 +00:00			`router.post('/token', oAuth.token, success)`
Implement user API (create, update, remove, list) 2016-08-04 20:32:36 +00:00			`// TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route`
OAuth server: first draft 2016-03-21 10:56:33 +00:00
			`// ---------------------------------------------------------------------------`

			`module.exports = router`

			`// ---------------------------------------------------------------------------`

Implement user API (create, update, remove, list) 2016-08-04 20:32:36 +00:00			`function createUser (req, res, next) {`
			`const user = new User({`
			`username: req.body.username,`
			`password: req.body.password,`
			`role: constants.USER_ROLES.USER`
			`})`

			`user.save(function (err, createdUser) {`
			`if (err) return next(err)`

			`return res.type('json').status(204).end()`
			`})`
			`}`

Server: allow user to get its informations (/users/me) 2016-08-05 15:19:08 +00:00			`function getUserInformation (req, res, next) {`
			`User.loadByUsername(res.locals.oauth.token.user.username, function (err, user) {`
			`if (err) return next(err)`

			`return res.json(user.toFormatedJSON())`
			`})`
			`}`

Implement user API (create, update, remove, list) 2016-08-04 20:32:36 +00:00			`function listUsers (req, res, next) {`
			`User.list(function (err, usersList) {`
			`if (err) return next(err)`

			`res.json(getFormatedUsers(usersList))`
			`})`
			`}`

			`function removeUser (req, res, next) {`
			`waterfall([`
			`function getUser (callback) {`
Server: delete user with the id and not the username 2016-08-09 19:44:45 +00:00			`User.loadById(req.params.id, callback)`
Implement user API (create, update, remove, list) 2016-08-04 20:32:36 +00:00			`},`

			`function getVideos (user, callback) {`
			`Video.listOwnedByAuthor(user.username, function (err, videos) {`
			`return callback(err, user, videos)`
			`})`
			`},`

			`function removeVideosFromDB (user, videos, callback) {`
			`each(videos, function (video, callbackEach) {`
			`video.remove(callbackEach)`
			`}, function (err) {`
			`return callback(err, user, videos)`
			`})`
			`},`

			`function sendInformationToFriends (user, videos, callback) {`
			`videos.forEach(function (video) {`
			`const params = {`
			`name: video.name,`
			`magnetUri: video.magnetUri`
			`}`

			`friends.removeVideoToFriends(params)`
			`})`

			`return callback(null, user)`
			`},`

			`function removeUserFromDB (user, callback) {`
			`user.remove(callback)`
			`}`
			`], function andFinally (err) {`
			`if (err) {`
			`logger.error('Errors when removed the user.', { error: err })`
			`return next(err)`
			`}`

Server: fix status code when updating/removing a user 2016-08-05 16:08:55 +00:00			`return res.sendStatus(204)`
Implement user API (create, update, remove, list) 2016-08-04 20:32:36 +00:00			`})`
			`}`

			`function updateUser (req, res, next) {`
			`User.loadByUsername(res.locals.oauth.token.user.username, function (err, user) {`
			`if (err) return next(err)`

			`user.password = req.body.password`
			`user.save(function (err) {`
			`if (err) return next(err)`

Server: fix status code when updating/removing a user 2016-08-05 16:08:55 +00:00			`return res.sendStatus(204)`
Implement user API (create, update, remove, list) 2016-08-04 20:32:36 +00:00			`})`
			`})`
			`}`

OAuth server: first draft 2016-03-21 10:56:33 +00:00			`function success (req, res, next) {`
			`res.end()`
			`}`
Implement user API (create, update, remove, list) 2016-08-04 20:32:36 +00:00
			`// ---------------------------------------------------------------------------`

			`function getFormatedUsers (users) {`
			`const formatedUsers = []`

			`users.forEach(function (user) {`
			`formatedUsers.push(user.toFormatedJSON())`
			`})`

			`return {`
			`data: formatedUsers`
			`}`
			`}`