peertube/server/controllers/api/users.ts

import * as express from 'express'

import { database as db } from '../../initializers/database'
import { USER_ROLES, CONFIG } from '../../initializers'
import { logger, getFormattedObjects, retryTransactionWrapper } from '../../helpers'
import {
  authenticate,
  ensureIsAdmin,
  ensureUserRegistrationAllowed,
  usersAddValidator,
  usersRegisterValidator,
  usersUpdateValidator,
  usersUpdateMeValidator,
  usersRemoveValidator,
  usersVideoRatingValidator,
  usersGetValidator,
  paginationValidator,
  setPagination,
  usersSortValidator,
  setUsersSort,
  token,
  asyncMiddleware
} from '../../middlewares'
import {
  UserVideoRate as FormattedUserVideoRate,
  UserCreate,
  UserUpdate,
  UserUpdateMe
} from '../../../shared'
import { createUserAuthorAndChannel } from '../../lib'
import { UserInstance } from '../../models'

const usersRouter = express.Router()

usersRouter.get('/me',
  authenticate,
  asyncMiddleware(getUserInformation)
)

usersRouter.get('/me/videos/:videoId/rating',
  authenticate,
  usersVideoRatingValidator,
  asyncMiddleware(getUserVideoRating)
)

usersRouter.get('/',
  paginationValidator,
  usersSortValidator,
  setUsersSort,
  setPagination,
  asyncMiddleware(listUsers)
)

usersRouter.get('/:id',
  usersGetValidator,
  getUser
)

usersRouter.post('/',
  authenticate,
  ensureIsAdmin,
  usersAddValidator,
  createUserRetryWrapper
)

usersRouter.post('/register',
  ensureUserRegistrationAllowed,
  usersRegisterValidator,
  asyncMiddleware(registerUser)
)

usersRouter.put('/me',
  authenticate,
  usersUpdateMeValidator,
  asyncMiddleware(updateMe)
)

usersRouter.put('/:id',
  authenticate,
  ensureIsAdmin,
  usersUpdateValidator,
  asyncMiddleware(updateUser)
)

usersRouter.delete('/:id',
  authenticate,
  ensureIsAdmin,
  usersRemoveValidator,
  asyncMiddleware(removeUser)
)

usersRouter.post('/token', token, success)
// TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route

// ---------------------------------------------------------------------------

export {
  usersRouter
}

// ---------------------------------------------------------------------------

async function createUserRetryWrapper (req: express.Request, res: express.Response, next: express.NextFunction) {
  const options = {
    arguments: [ req, res ],
    errorMessage: 'Cannot insert the user with many retries.'
  }

  await retryTransactionWrapper(createUser, options)

  // TODO : include Location of the new user -> 201
  return res.type('json').status(204).end()
}

async function createUser (req: express.Request, res: express.Response, next: express.NextFunction) {
  const body: UserCreate = req.body
  const user = db.User.build({
    username: body.username,
    password: body.password,
    email: body.email,
    displayNSFW: false,
    role: USER_ROLES.USER,
    videoQuota: body.videoQuota
  })

  await createUserAuthorAndChannel(user)

  logger.info('User %s with its channel and author created.', body.username)
}

async function registerUser (req: express.Request, res: express.Response, next: express.NextFunction) {
  const body: UserCreate = req.body

  const user = db.User.build({
    username: body.username,
    password: body.password,
    email: body.email,
    displayNSFW: false,
    role: USER_ROLES.USER,
    videoQuota: CONFIG.USER.VIDEO_QUOTA
  })

  await createUserAuthorAndChannel(user)
  return res.type('json').status(204).end()
}

async function getUserInformation (req: express.Request, res: express.Response, next: express.NextFunction) {
  const user = await db.User.loadByUsernameAndPopulateChannels(res.locals.oauth.token.user.username)

  return res.json(user.toFormattedJSON())
}

function getUser (req: express.Request, res: express.Response, next: express.NextFunction) {
  return res.json(res.locals.user.toFormattedJSON())
}

async function getUserVideoRating (req: express.Request, res: express.Response, next: express.NextFunction) {
  const videoId = +req.params.videoId
  const userId = +res.locals.oauth.token.User.id

  const ratingObj = await db.UserVideoRate.load(userId, videoId, null)
  const rating = ratingObj ? ratingObj.type : 'none'

  const json: FormattedUserVideoRate = {
    videoId,
    rating
  }
  res.json(json)
}

async function listUsers (req: express.Request, res: express.Response, next: express.NextFunction) {
  const resultList = await db.User.listForApi(req.query.start, req.query.count, req.query.sort)

  return res.json(getFormattedObjects(resultList.data, resultList.total))
}

async function removeUser (req: express.Request, res: express.Response, next: express.NextFunction) {
  const user = await db.User.loadById(req.params.id)

  await user.destroy()

  return res.sendStatus(204)
}

async function updateMe (req: express.Request, res: express.Response, next: express.NextFunction) {
  const body: UserUpdateMe = req.body

  // FIXME: user is not already a Sequelize instance?
  const user = res.locals.oauth.token.user

  if (body.password !== undefined) user.password = body.password
  if (body.email !== undefined) user.email = body.email
  if (body.displayNSFW !== undefined) user.displayNSFW = body.displayNSFW

  await user.save()

  return res.sendStatus(204)
}

async function updateUser (req: express.Request, res: express.Response, next: express.NextFunction) {
  const body: UserUpdate = req.body
  const user: UserInstance = res.locals.user

  if (body.email !== undefined) user.email = body.email
  if (body.videoQuota !== undefined) user.videoQuota = body.videoQuota

  await user.save()

  return res.sendStatus(204)
}

function success (req: express.Request, res: express.Response, next: express.NextFunction) {
  res.end()
}
require -> import 2017-06-05 19:53:49 +00:00			`import * as express from 'express'`
OAuth server: first draft 2016-03-21 10:56:33 +00:00
Type models 2017-05-22 18:58:25 +00:00			`import { database as db } from '../../initializers/database'`
Begin user quota 2017-09-04 18:07:54 +00:00			`import { USER_ROLES, CONFIG } from '../../initializers'`
Add video channels 2017-10-24 17:41:09 +00:00			`import { logger, getFormattedObjects, retryTransactionWrapper } from '../../helpers'`
First typescript iteration 2017-05-15 20:22:03 +00:00			`import {`
			`authenticate,`
			`ensureIsAdmin,`
Add ability to limit user registrations 2017-07-25 18:17:28 +00:00			`ensureUserRegistrationAllowed,`
First typescript iteration 2017-05-15 20:22:03 +00:00			`usersAddValidator,`
Fix tests and user quota 2017-09-06 14:35:40 +00:00			`usersRegisterValidator,`
First typescript iteration 2017-05-15 20:22:03 +00:00			`usersUpdateValidator,`
Add user update for admins 2017-09-05 19:29:39 +00:00			`usersUpdateMeValidator,`
First typescript iteration 2017-05-15 20:22:03 +00:00			`usersRemoveValidator,`
			`usersVideoRatingValidator,`
Add user update for admins 2017-09-05 19:29:39 +00:00			`usersGetValidator,`
First typescript iteration 2017-05-15 20:22:03 +00:00			`paginationValidator,`
			`setPagination,`
			`usersSortValidator,`
			`setUsersSort,`
Use async/await in controllers 2017-10-25 09:55:06 +00:00			`token,`
			`asyncMiddleware`
First typescript iteration 2017-05-15 20:22:03 +00:00			`} from '../../middlewares'`
Add user update for admins 2017-09-05 19:29:39 +00:00			`import {`
			`UserVideoRate as FormattedUserVideoRate,`
			`UserCreate,`
			`UserUpdate,`
			`UserUpdateMe`
			`} from '../../../shared'`
Add video channels 2017-10-24 17:41:09 +00:00			`import { createUserAuthorAndChannel } from '../../lib'`
Fix tests and user quota 2017-09-06 14:35:40 +00:00			`import { UserInstance } from '../../models'`
First typescript iteration 2017-05-15 20:22:03 +00:00
			`const usersRouter = express.Router()`

			`usersRouter.get('/me',`
			`authenticate,`
Use async/await in controllers 2017-10-25 09:55:06 +00:00			`asyncMiddleware(getUserInformation)`
Add like/dislike system for videos 2017-03-08 20:35:43 +00:00			`)`

First typescript iteration 2017-05-15 20:22:03 +00:00			`usersRouter.get('/me/videos/:videoId/rating',`
			`authenticate,`
			`usersVideoRatingValidator,`
Use async/await in controllers 2017-10-25 09:55:06 +00:00			`asyncMiddleware(getUserVideoRating)`
Add like/dislike system for videos 2017-03-08 20:35:43 +00:00			`)`
Implement user API (create, update, remove, list) 2016-08-04 20:32:36 +00:00
First typescript iteration 2017-05-15 20:22:03 +00:00			`usersRouter.get('/',`
			`paginationValidator,`
			`usersSortValidator,`
			`setUsersSort,`
			`setPagination,`
Use async/await in controllers 2017-10-25 09:55:06 +00:00			`asyncMiddleware(listUsers)`
Server: add user list sort/pagination 2016-08-16 20:31:45 +00:00			`)`

Add user update for admins 2017-09-05 19:29:39 +00:00			`usersRouter.get('/:id',`
			`usersGetValidator,`
			`getUser`
			`)`

First typescript iteration 2017-05-15 20:22:03 +00:00			`usersRouter.post('/',`
			`authenticate,`
			`ensureIsAdmin,`
			`usersAddValidator,`
Add video channels 2017-10-24 17:41:09 +00:00			`createUserRetryWrapper`
Implement user API (create, update, remove, list) 2016-08-04 20:32:36 +00:00			`)`

First typescript iteration 2017-05-15 20:22:03 +00:00			`usersRouter.post('/register',`
Add ability to limit user registrations 2017-07-25 18:17:28 +00:00			`ensureUserRegistrationAllowed,`
Fix tests and user quota 2017-09-06 14:35:40 +00:00			`usersRegisterValidator,`
Use async/await in controllers 2017-10-25 09:55:06 +00:00			`asyncMiddleware(registerUser)`
Server: add ability to register new user 2017-04-09 10:08:36 +00:00			`)`

Add user update for admins 2017-09-05 19:29:39 +00:00			`usersRouter.put('/me',`
			`authenticate,`
			`usersUpdateMeValidator,`
Use async/await in controllers 2017-10-25 09:55:06 +00:00			`asyncMiddleware(updateMe)`
Add user update for admins 2017-09-05 19:29:39 +00:00			`)`

First typescript iteration 2017-05-15 20:22:03 +00:00			`usersRouter.put('/:id',`
			`authenticate,`
Add user update for admins 2017-09-05 19:29:39 +00:00			`ensureIsAdmin,`
First typescript iteration 2017-05-15 20:22:03 +00:00			`usersUpdateValidator,`
Use async/await in controllers 2017-10-25 09:55:06 +00:00			`asyncMiddleware(updateUser)`
Implement user API (create, update, remove, list) 2016-08-04 20:32:36 +00:00			`)`

First typescript iteration 2017-05-15 20:22:03 +00:00			`usersRouter.delete('/:id',`
			`authenticate,`
			`ensureIsAdmin,`
			`usersRemoveValidator,`
Use async/await in controllers 2017-10-25 09:55:06 +00:00			`asyncMiddleware(removeUser)`
Implement user API (create, update, remove, list) 2016-08-04 20:32:36 +00:00			`)`
Server: move clients in its own file 2016-08-05 14:09:39 +00:00
First typescript iteration 2017-05-15 20:22:03 +00:00			`usersRouter.post('/token', token, success)`
Implement user API (create, update, remove, list) 2016-08-04 20:32:36 +00:00			`// TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route`
OAuth server: first draft 2016-03-21 10:56:33 +00:00
			`// ---------------------------------------------------------------------------`

First typescript iteration 2017-05-15 20:22:03 +00:00			`export {`
			`usersRouter`
			`}`
OAuth server: first draft 2016-03-21 10:56:33 +00:00
			`// ---------------------------------------------------------------------------`

Use async/await in controllers 2017-10-25 09:55:06 +00:00			`async function createUserRetryWrapper (req: express.Request, res: express.Response, next: express.NextFunction) {`
Add video channels 2017-10-24 17:41:09 +00:00			`const options = {`
			`arguments: [ req, res ],`
			`errorMessage: 'Cannot insert the user with many retries.'`
			`}`

Use async/await in controllers 2017-10-25 09:55:06 +00:00			`await retryTransactionWrapper(createUser, options)`

			`// TODO : include Location of the new user -> 201`
			`return res.type('json').status(204).end()`
Add video channels 2017-10-24 17:41:09 +00:00			`}`

Use async/await in controllers 2017-10-25 09:55:06 +00:00			`async function createUser (req: express.Request, res: express.Response, next: express.NextFunction) {`
Better typescript typing for a better world 2017-07-10 17:43:21 +00:00			`const body: UserCreate = req.body`
First version with PostgreSQL 2016-12-11 20:50:51 +00:00			`const user = db.User.build({`
Better typescript typing for a better world 2017-07-10 17:43:21 +00:00			`username: body.username,`
			`password: body.password,`
			`email: body.email,`
Server: Add NSFW in user profile 2017-04-03 19:24:36 +00:00			`displayNSFW: false,`
Begin user quota 2017-09-04 18:07:54 +00:00			`role: USER_ROLES.USER,`
			`videoQuota: body.videoQuota`
Implement user API (create, update, remove, list) 2016-08-04 20:32:36 +00:00			`})`

Use async/await in controllers 2017-10-25 09:55:06 +00:00			`await createUserAuthorAndChannel(user)`

			`logger.info('User %s with its channel and author created.', body.username)`
Implement user API (create, update, remove, list) 2016-08-04 20:32:36 +00:00			`}`

Use async/await in controllers 2017-10-25 09:55:06 +00:00			`async function registerUser (req: express.Request, res: express.Response, next: express.NextFunction) {`
Fix tests and user quota 2017-09-06 14:35:40 +00:00			`const body: UserCreate = req.body`

			`const user = db.User.build({`
			`username: body.username,`
			`password: body.password,`
			`email: body.email,`
			`displayNSFW: false,`
			`role: USER_ROLES.USER,`
			`videoQuota: CONFIG.USER.VIDEO_QUOTA`
			`})`

Use async/await in controllers 2017-10-25 09:55:06 +00:00			`await createUserAuthorAndChannel(user)`
			`return res.type('json').status(204).end()`
Fix tests and user quota 2017-09-06 14:35:40 +00:00			`}`

Use async/await in controllers 2017-10-25 09:55:06 +00:00			`async function getUserInformation (req: express.Request, res: express.Response, next: express.NextFunction) {`
			`const user = await db.User.loadByUsernameAndPopulateChannels(res.locals.oauth.token.user.username)`

			`return res.json(user.toFormattedJSON())`
Server: allow user to get its informations (/users/me) 2016-08-05 15:19:08 +00:00			`}`

Add user update for admins 2017-09-05 19:29:39 +00:00			`function getUser (req: express.Request, res: express.Response, next: express.NextFunction) {`
			`return res.json(res.locals.user.toFormattedJSON())`
			`}`

Use async/await in controllers 2017-10-25 09:55:06 +00:00			`async function getUserVideoRating (req: express.Request, res: express.Response, next: express.NextFunction) {`
Use global uuid instead of remoteId for videos 2017-07-11 14:01:56 +00:00			`const videoId = +req.params.videoId`
Type functions 2017-06-10 20:15:25 +00:00			`const userId = +res.locals.oauth.token.User.id`
Add like/dislike system for videos 2017-03-08 20:35:43 +00:00
Add migration script for channels 2017-10-26 06:51:11 +00:00			`const ratingObj = await db.UserVideoRate.load(userId, videoId, null)`
			`const rating = ratingObj ? ratingObj.type : 'none'`

			`const json: FormattedUserVideoRate = {`
			`videoId,`
			`rating`
			`}`
			`res.json(json)`
Add like/dislike system for videos 2017-03-08 20:35:43 +00:00			`}`

Use async/await in controllers 2017-10-25 09:55:06 +00:00			`async function listUsers (req: express.Request, res: express.Response, next: express.NextFunction) {`
			`const resultList = await db.User.listForApi(req.query.start, req.query.count, req.query.sort)`

			`return res.json(getFormattedObjects(resultList.data, resultList.total))`
Implement user API (create, update, remove, list) 2016-08-04 20:32:36 +00:00			`}`

Use async/await in controllers 2017-10-25 09:55:06 +00:00			`async function removeUser (req: express.Request, res: express.Response, next: express.NextFunction) {`
			`const user = await db.User.loadById(req.params.id)`

			`await user.destroy()`

			`return res.sendStatus(204)`
Implement user API (create, update, remove, list) 2016-08-04 20:32:36 +00:00			`}`

Use async/await in controllers 2017-10-25 09:55:06 +00:00			`async function updateMe (req: express.Request, res: express.Response, next: express.NextFunction) {`
Add user update for admins 2017-09-05 19:29:39 +00:00			`const body: UserUpdateMe = req.body`
Better typescript typing for a better world 2017-07-10 17:43:21 +00:00
Add user update for admins 2017-09-05 19:29:39 +00:00			`// FIXME: user is not already a Sequelize instance?`
Use async/await in controllers 2017-10-25 09:55:06 +00:00			`const user = res.locals.oauth.token.user`
Server: Add NSFW in user profile 2017-04-03 19:24:36 +00:00
Use async/await in controllers 2017-10-25 09:55:06 +00:00			`if (body.password !== undefined) user.password = body.password`
			`if (body.email !== undefined) user.email = body.email`
			`if (body.displayNSFW !== undefined) user.displayNSFW = body.displayNSFW`

			`await user.save()`

Fix lint 2017-10-25 14:52:01 +00:00			`return res.sendStatus(204)`
Implement user API (create, update, remove, list) 2016-08-04 20:32:36 +00:00			`}`

Use async/await in controllers 2017-10-25 09:55:06 +00:00			`async function updateUser (req: express.Request, res: express.Response, next: express.NextFunction) {`
Add user update for admins 2017-09-05 19:29:39 +00:00			`const body: UserUpdate = req.body`
Fix tests and user quota 2017-09-06 14:35:40 +00:00			`const user: UserInstance = res.locals.user`
Add user update for admins 2017-09-05 19:29:39 +00:00
			`if (body.email !== undefined) user.email = body.email`
			`if (body.videoQuota !== undefined) user.videoQuota = body.videoQuota`

Use async/await in controllers 2017-10-25 09:55:06 +00:00			`await user.save()`

			`return res.sendStatus(204)`
Add user update for admins 2017-09-05 19:29:39 +00:00			`}`

Type functions 2017-06-10 20:15:25 +00:00			`function success (req: express.Request, res: express.Response, next: express.NextFunction) {`
OAuth server: first draft 2016-03-21 10:56:33 +00:00			`res.end()`
			`}`