peertube/server/models/user/user.ts

import { values } from 'lodash'
import * as Sequelize from 'sequelize'

import { getSort } from '../utils'
import { USER_ROLES } from '../../initializers'
import {
  cryptPassword,
  comparePassword,
  isUserPasswordValid,
  isUserUsernameValid,
  isUserDisplayNSFWValid
} from '../../helpers'

import { addMethodsToModel } from '../utils'
import {
  UserClass,
  UserInstance,
  UserAttributes,

  UserMethods
} from './user-interface'

let User: Sequelize.Model<UserInstance, UserAttributes>
let isPasswordMatch: UserMethods.IsPasswordMatch
let toFormatedJSON: UserMethods.ToFormatedJSON
let isAdmin: UserMethods.IsAdmin
let countTotal: UserMethods.CountTotal
let getByUsername: UserMethods.GetByUsername
let list: UserMethods.List
let listForApi: UserMethods.ListForApi
let loadById: UserMethods.LoadById
let loadByUsername: UserMethods.LoadByUsername
let loadByUsernameOrEmail: UserMethods.LoadByUsernameOrEmail

export default function (sequelize: Sequelize.Sequelize, DataTypes: Sequelize.DataTypes) {
  User = sequelize.define<UserInstance, UserAttributes>('User',
    {
      password: {
        type: DataTypes.STRING,
        allowNull: false,
        validate: {
          passwordValid: function (value) {
            const res = isUserPasswordValid(value)
            if (res === false) throw new Error('Password not valid.')
          }
        }
      },
      username: {
        type: DataTypes.STRING,
        allowNull: false,
        validate: {
          usernameValid: function (value) {
            const res = isUserUsernameValid(value)
            if (res === false) throw new Error('Username not valid.')
          }
        }
      },
      email: {
        type: DataTypes.STRING(400),
        allowNull: false,
        validate: {
          isEmail: true
        }
      },
      displayNSFW: {
        type: DataTypes.BOOLEAN,
        allowNull: false,
        defaultValue: false,
        validate: {
          nsfwValid: function (value) {
            const res = isUserDisplayNSFWValid(value)
            if (res === false) throw new Error('Display NSFW is not valid.')
          }
        }
      },
      role: {
        type: DataTypes.ENUM(values(USER_ROLES)),
        allowNull: false
      }
    },
    {
      indexes: [
        {
          fields: [ 'username' ],
          unique: true
        },
        {
          fields: [ 'email' ],
          unique: true
        }
      ],
      hooks: {
        beforeCreate: beforeCreateOrUpdate,
        beforeUpdate: beforeCreateOrUpdate
      }
    }
  )

  const classMethods = [
    associate,

    countTotal,
    getByUsername,
    list,
    listForApi,
    loadById,
    loadByUsername,
    loadByUsernameOrEmail
  ]
  const instanceMethods = [
    isPasswordMatch,
    toFormatedJSON,
    isAdmin
  ]
  addMethodsToModel(User, classMethods, instanceMethods)

  return User
}

function beforeCreateOrUpdate (user: UserInstance) {
  return new Promise(function (resolve, reject) {
    cryptPassword(user.password, function (err, hash) {
      if (err) return reject(err)

      user.password = hash

      return resolve()
    })
  })
}

// ------------------------------ METHODS ------------------------------

isPasswordMatch = function (this: UserInstance, password: string, callback: UserMethods.IsPasswordMatchCallback) {
  return comparePassword(password, this.password, callback)
}

toFormatedJSON = function (this: UserInstance) {
  return {
    id: this.id,
    username: this.username,
    email: this.email,
    displayNSFW: this.displayNSFW,
    role: this.role,
    createdAt: this.createdAt
  }
}

isAdmin = function (this: UserInstance) {
  return this.role === USER_ROLES.ADMIN
}

// ------------------------------ STATICS ------------------------------

function associate (models) {
  User.hasOne(models.Author, {
    foreignKey: 'userId',
    onDelete: 'cascade'
  })

  User.hasMany(models.OAuthToken, {
    foreignKey: 'userId',
    onDelete: 'cascade'
  })
}

countTotal = function (callback: UserMethods.CountTotalCallback) {
  return this.count().asCallback(callback)
}

getByUsername = function (username: string) {
  const query = {
    where: {
      username: username
    }
  }

  return User.findOne(query)
}

list = function (callback: UserMethods.ListCallback) {
  return User.find().asCallback(callback)
}

listForApi = function (start: number, count: number, sort: string, callback: UserMethods.ListForApiCallback) {
  const query = {
    offset: start,
    limit: count,
    order: [ getSort(sort) ]
  }

  return User.findAndCountAll(query).asCallback(function (err, result) {
    if (err) return callback(err)

    return callback(null, result.rows, result.count)
  })
}

loadById = function (id: number, callback: UserMethods.LoadByIdCallback) {
  return User.findById(id).asCallback(callback)
}

loadByUsername = function (username: string, callback: UserMethods.LoadByUsernameCallback) {
  const query = {
    where: {
      username: username
    }
  }

  return User.findOne(query).asCallback(callback)
}

loadByUsernameOrEmail = function (username: string, email: string, callback: UserMethods.LoadByUsernameOrEmailCallback) {
  const query = {
    where: {
      $or: [ { username }, { email } ]
    }
  }

  return User.findOne(query).asCallback(callback)
}
First typescript iteration 2017-05-15 20:22:03 +00:00			`import { values } from 'lodash'`
Type models 2017-05-22 18:58:25 +00:00			`import * as Sequelize from 'sequelize'`
First typescript iteration 2017-05-15 20:22:03 +00:00
Reorganize model files 2017-06-16 07:45:46 +00:00			`import { getSort } from '../utils'`
			`import { USER_ROLES } from '../../initializers'`
First typescript iteration 2017-05-15 20:22:03 +00:00			`import {`
			`cryptPassword,`
			`comparePassword,`
			`isUserPasswordValid,`
			`isUserUsernameValid,`
			`isUserDisplayNSFWValid`
Reorganize model files 2017-06-16 07:45:46 +00:00			`} from '../../helpers'`
Implement user API (create, update, remove, list) 2016-08-04 20:32:36 +00:00
Reorganize model files 2017-06-16 07:45:46 +00:00			`import { addMethodsToModel } from '../utils'`
Type models 2017-05-22 18:58:25 +00:00			`import {`
			`UserClass,`
			`UserInstance,`
			`UserAttributes,`

			`UserMethods`
			`} from './user-interface'`

			`let User: Sequelize.Model<UserInstance, UserAttributes>`
			`let isPasswordMatch: UserMethods.IsPasswordMatch`
			`let toFormatedJSON: UserMethods.ToFormatedJSON`
			`let isAdmin: UserMethods.IsAdmin`
			`let countTotal: UserMethods.CountTotal`
			`let getByUsername: UserMethods.GetByUsername`
			`let list: UserMethods.List`
			`let listForApi: UserMethods.ListForApi`
			`let loadById: UserMethods.LoadById`
			`let loadByUsername: UserMethods.LoadByUsername`
			`let loadByUsernameOrEmail: UserMethods.LoadByUsernameOrEmail`

Better models define typing 2017-06-11 15:35:32 +00:00			`export default function (sequelize: Sequelize.Sequelize, DataTypes: Sequelize.DataTypes) {`
			`User = sequelize.define<UserInstance, UserAttributes>('User',`
First version with PostgreSQL 2016-12-11 20:50:51 +00:00			`{`
			`password: {`
Server: add database field validations 2016-12-28 14:49:23 +00:00			`type: DataTypes.STRING,`
			`allowNull: false,`
			`validate: {`
			`passwordValid: function (value) {`
First typescript iteration 2017-05-15 20:22:03 +00:00			`const res = isUserPasswordValid(value)`
Server: add database field validations 2016-12-28 14:49:23 +00:00			`if (res === false) throw new Error('Password not valid.')`
			`}`
			`}`
First version with PostgreSQL 2016-12-11 20:50:51 +00:00			`},`
			`username: {`
Server: add database field validations 2016-12-28 14:49:23 +00:00			`type: DataTypes.STRING,`
			`allowNull: false,`
			`validate: {`
			`usernameValid: function (value) {`
First typescript iteration 2017-05-15 20:22:03 +00:00			`const res = isUserUsernameValid(value)`
Server: add database field validations 2016-12-28 14:49:23 +00:00			`if (res === false) throw new Error('Username not valid.')`
			`}`
			`}`
First version with PostgreSQL 2016-12-11 20:50:51 +00:00			`},`
Add email to users 2017-02-18 08:29:59 +00:00			`email: {`
Server: fix migration scripts 2017-02-18 10:56:28 +00:00			`type: DataTypes.STRING(400),`
Add email to users 2017-02-18 08:29:59 +00:00			`allowNull: false,`
			`validate: {`
			`isEmail: true`
			`}`
			`},`
Server: Add NSFW in user profile 2017-04-03 19:24:36 +00:00			`displayNSFW: {`
			`type: DataTypes.BOOLEAN,`
			`allowNull: false,`
			`defaultValue: false,`
			`validate: {`
			`nsfwValid: function (value) {`
First typescript iteration 2017-05-15 20:22:03 +00:00			`const res = isUserDisplayNSFWValid(value)`
Server: Add NSFW in user profile 2017-04-03 19:24:36 +00:00			`if (res === false) throw new Error('Display NSFW is not valid.')`
			`}`
			`}`
			`},`
First version with PostgreSQL 2016-12-11 20:50:51 +00:00			`role: {`
First typescript iteration 2017-05-15 20:22:03 +00:00			`type: DataTypes.ENUM(values(USER_ROLES)),`
Server: add database field validations 2016-12-28 14:49:23 +00:00			`allowNull: false`
First version with PostgreSQL 2016-12-11 20:50:51 +00:00			`}`
			`},`
			`{`
Server: Add postgresql indexes 2016-12-29 08:33:28 +00:00			`indexes: [`
			`{`
Server: add unique to unique indexes 2017-02-16 18:24:34 +00:00			`fields: [ 'username' ],`
			`unique: true`
Add email to users 2017-02-18 08:29:59 +00:00			`},`
			`{`
			`fields: [ 'email' ],`
			`unique: true`
Server: Add postgresql indexes 2016-12-29 08:33:28 +00:00			`}`
			`],`
First version with PostgreSQL 2016-12-11 20:50:51 +00:00			`hooks: {`
			`beforeCreate: beforeCreateOrUpdate,`
			`beforeUpdate: beforeCreateOrUpdate`
			`}`
			`}`
			`)`

Type models 2017-05-22 18:58:25 +00:00			`const classMethods = [`
			`associate,`

			`countTotal,`
			`getByUsername,`
			`list,`
			`listForApi,`
			`loadById,`
			`loadByUsername,`
			`loadByUsernameOrEmail`
			`]`
			`const instanceMethods = [`
			`isPasswordMatch,`
			`toFormatedJSON,`
			`isAdmin`
			`]`
			`addMethodsToModel(User, classMethods, instanceMethods)`

First version with PostgreSQL 2016-12-11 20:50:51 +00:00			`return User`
Implement user API (create, update, remove, list) 2016-08-04 20:32:36 +00:00			`}`
OAuth/User models refractoring -> use mongoose api 2016-07-01 14:03:53 +00:00
Type functions 2017-06-10 20:15:25 +00:00			`function beforeCreateOrUpdate (user: UserInstance) {`
Type models 2017-05-22 18:58:25 +00:00			`return new Promise(function (resolve, reject) {`
			`cryptPassword(user.password, function (err, hash) {`
			`if (err) return reject(err)`
Server: encrypt password in database 2016-08-25 15:57:37 +00:00
Type models 2017-05-22 18:58:25 +00:00			`user.password = hash`
Server: encrypt password in database 2016-08-25 15:57:37 +00:00
Type models 2017-05-22 18:58:25 +00:00			`return resolve()`
			`})`
Server: encrypt password in database 2016-08-25 15:57:37 +00:00			`})`
First version with PostgreSQL 2016-12-11 20:50:51 +00:00			`}`
OAuth/User models refractoring -> use mongoose api 2016-07-01 14:03:53 +00:00
Server: encrypt password in database 2016-08-25 15:57:37 +00:00			`// ------------------------------ METHODS ------------------------------`

Add this context to instance model functions 2017-06-16 07:54:59 +00:00			`isPasswordMatch = function (this: UserInstance, password: string, callback: UserMethods.IsPasswordMatchCallback) {`
First typescript iteration 2017-05-15 20:22:03 +00:00			`return comparePassword(password, this.password, callback)`
Server: encrypt password in database 2016-08-25 15:57:37 +00:00			`}`

Use shared models 2017-06-11 09:02:35 +00:00			`toFormatedJSON = function (this: UserInstance) {`
Server: encrypt password in database 2016-08-25 15:57:37 +00:00			`return {`
First version with PostgreSQL 2016-12-11 20:50:51 +00:00			`id: this.id,`
Server: encrypt password in database 2016-08-25 15:57:37 +00:00			`username: this.username,`
Add email to users 2017-02-18 08:29:59 +00:00			`email: this.email,`
Server: Add NSFW in user profile 2017-04-03 19:24:36 +00:00			`displayNSFW: this.displayNSFW,`
Server: show user created date for the api 2016-09-23 15:19:57 +00:00			`role: this.role,`
First version with PostgreSQL 2016-12-11 20:50:51 +00:00			`createdAt: this.createdAt`
Server: encrypt password in database 2016-08-25 15:57:37 +00:00			`}`
			`}`
Add ability for an administrator to remove any video (#61) * Add ability for an admin to remove every video on the pod. * Server: add BlacklistedVideos relation. * Server: Insert in BlacklistedVideos relation upon deletion of a video. * Server: Modify BlacklistedVideos schema to add Pod id information. * Server: Moving insertion of a blacklisted video from the `afterDestroy` hook into the process of deletion of a video. To avoid inserting a video when it is removed on its origin pod. When a video is removed on its origin pod, the `afterDestroy` hook is fire, but no request is made on the delete('/:videoId') interface. Hence, we insert into `BlacklistedVideos` only on request on delete('/:videoId') (if requirements for insertion are met). * Server: Add removeVideoFromBlacklist hook on deletion of a video. We are going to proceed in another way :). We will add a new route : /:videoId/blacklist to blacklist a video. We do not blacklist a video upon its deletion now (to distinguish a video blacklist from a regular video delete) When we blacklist a video, the video remains in the DB, so we don't have any concern about its update. It just doesn't appear in the video list. When we remove a video, we then have to remove it from the blacklist too. We could also remove a video from the blacklist to 'unremove' it and make it appear again in the video list (will be another feature). * Server: Add handler for new route post(/:videoId/blacklist) * Client: Add isBlacklistable method * Client: Update isRemovableBy method. * Client: Move 'Delete video' feature from the video-list to the video-watch module. * Server: Exclude blacklisted videos from the video list * Server: Use findAll() in BlacklistedVideos.list() method * Server: Fix addVideoToBlacklist function. * Client: Add blacklist feature. * Server: Use JavaScript Standard Style. * Server: In checkUserCanDeleteVideo, move the callback call inside the db callback function * Server: Modify BlacklistVideo relation * Server: Modifiy Videos methods. * Server: Add checkVideoIsBlacklistable method * Server: Rewrite addVideoToBlacklist method * Server: Fix checkVideoIsBlacklistable method * Server: Add return to addVideoToBlacklist method 2017-04-26 19:22:10 +00:00
Add this context to instance model functions 2017-06-16 07:54:59 +00:00			`isAdmin = function (this: UserInstance) {`
First typescript iteration 2017-05-15 20:22:03 +00:00			`return this.role === USER_ROLES.ADMIN`
Add ability for an administrator to remove any video (#61) * Add ability for an admin to remove every video on the pod. * Server: add BlacklistedVideos relation. * Server: Insert in BlacklistedVideos relation upon deletion of a video. * Server: Modify BlacklistedVideos schema to add Pod id information. * Server: Moving insertion of a blacklisted video from the `afterDestroy` hook into the process of deletion of a video. To avoid inserting a video when it is removed on its origin pod. When a video is removed on its origin pod, the `afterDestroy` hook is fire, but no request is made on the delete('/:videoId') interface. Hence, we insert into `BlacklistedVideos` only on request on delete('/:videoId') (if requirements for insertion are met). * Server: Add removeVideoFromBlacklist hook on deletion of a video. We are going to proceed in another way :). We will add a new route : /:videoId/blacklist to blacklist a video. We do not blacklist a video upon its deletion now (to distinguish a video blacklist from a regular video delete) When we blacklist a video, the video remains in the DB, so we don't have any concern about its update. It just doesn't appear in the video list. When we remove a video, we then have to remove it from the blacklist too. We could also remove a video from the blacklist to 'unremove' it and make it appear again in the video list (will be another feature). * Server: Add handler for new route post(/:videoId/blacklist) * Client: Add isBlacklistable method * Client: Update isRemovableBy method. * Client: Move 'Delete video' feature from the video-list to the video-watch module. * Server: Exclude blacklisted videos from the video list * Server: Use findAll() in BlacklistedVideos.list() method * Server: Fix addVideoToBlacklist function. * Client: Add blacklist feature. * Server: Use JavaScript Standard Style. * Server: In checkUserCanDeleteVideo, move the callback call inside the db callback function * Server: Modify BlacklistVideo relation * Server: Modifiy Videos methods. * Server: Add checkVideoIsBlacklistable method * Server: Rewrite addVideoToBlacklist method * Server: Fix checkVideoIsBlacklistable method * Server: Add return to addVideoToBlacklist method 2017-04-26 19:22:10 +00:00			`}`

Server: encrypt password in database 2016-08-25 15:57:37 +00:00			`// ------------------------------ STATICS ------------------------------`
OAuth/User models refractoring -> use mongoose api 2016-07-01 14:03:53 +00:00
First version with PostgreSQL 2016-12-11 20:50:51 +00:00			`function associate (models) {`
Type models 2017-05-22 18:58:25 +00:00			`User.hasOne(models.Author, {`
Server: add association between author and user 2016-12-29 09:33:36 +00:00			`foreignKey: 'userId',`
			`onDelete: 'cascade'`
			`})`

Type models 2017-05-22 18:58:25 +00:00			`User.hasMany(models.OAuthToken, {`
First version with PostgreSQL 2016-12-11 20:50:51 +00:00			`foreignKey: 'userId',`
			`onDelete: 'cascade'`
			`})`
			`}`

Type functions 2017-06-10 20:15:25 +00:00			`countTotal = function (callback: UserMethods.CountTotalCallback) {`
First version with PostgreSQL 2016-12-11 20:50:51 +00:00			`return this.count().asCallback(callback)`
Server: optimize function to see if there are users or not 2016-08-16 19:51:35 +00:00			`}`

Type functions 2017-06-10 20:15:25 +00:00			`getByUsername = function (username: string) {`
First version with PostgreSQL 2016-12-11 20:50:51 +00:00			`const query = {`
			`where: {`
			`username: username`
			`}`
			`}`

Type models 2017-05-22 18:58:25 +00:00			`return User.findOne(query)`
Implement user API (create, update, remove, list) 2016-08-04 20:32:36 +00:00			`}`

Type functions 2017-06-10 20:15:25 +00:00			`list = function (callback: UserMethods.ListCallback) {`
Type models 2017-05-22 18:58:25 +00:00			`return User.find().asCallback(callback)`
Add migration (for db, folders...) mechanism 2016-09-26 20:36:36 +00:00			`}`

Type functions 2017-06-10 20:15:25 +00:00			`listForApi = function (start: number, count: number, sort: string, callback: UserMethods.ListForApiCallback) {`
First version with PostgreSQL 2016-12-11 20:50:51 +00:00			`const query = {`
			`offset: start,`
			`limit: count,`
First typescript iteration 2017-05-15 20:22:03 +00:00			`order: [ getSort(sort) ]`
First version with PostgreSQL 2016-12-11 20:50:51 +00:00			`}`

Type models 2017-05-22 18:58:25 +00:00			`return User.findAndCountAll(query).asCallback(function (err, result) {`
First version with PostgreSQL 2016-12-11 20:50:51 +00:00			`if (err) return callback(err)`

			`return callback(null, result.rows, result.count)`
			`})`
OAuth/User models refractoring -> use mongoose api 2016-07-01 14:03:53 +00:00			`}`

Type functions 2017-06-10 20:15:25 +00:00			`loadById = function (id: number, callback: UserMethods.LoadByIdCallback) {`
Type models 2017-05-22 18:58:25 +00:00			`return User.findById(id).asCallback(callback)`
Server: delete user with the id and not the username 2016-08-09 19:44:45 +00:00			`}`

Type functions 2017-06-10 20:15:25 +00:00			`loadByUsername = function (username: string, callback: UserMethods.LoadByUsernameCallback) {`
First version with PostgreSQL 2016-12-11 20:50:51 +00:00			`const query = {`
			`where: {`
			`username: username`
			`}`
			`}`

Type models 2017-05-22 18:58:25 +00:00			`return User.findOne(query).asCallback(callback)`
Implement user API (create, update, remove, list) 2016-08-04 20:32:36 +00:00			`}`
Add email to users 2017-02-18 08:29:59 +00:00
Type functions 2017-06-10 20:15:25 +00:00			`loadByUsernameOrEmail = function (username: string, email: string, callback: UserMethods.LoadByUsernameOrEmailCallback) {`
Add email to users 2017-02-18 08:29:59 +00:00			`const query = {`
			`where: {`
			`$or: [ { username }, { email } ]`
			`}`
			`}`

Type models 2017-05-22 18:58:25 +00:00			`return User.findOne(query).asCallback(callback)`
Add email to users 2017-02-18 08:29:59 +00:00			`}`