2021-04-19 22:34:07 +12:00
|
|
|
const Router = require("@koa/router")
|
|
|
|
const controller = require("../../controllers/admin/users")
|
|
|
|
const joiValidator = require("../../../middleware/joi-validator")
|
2021-05-20 02:09:57 +12:00
|
|
|
const adminOnly = require("../../../middleware/adminOnly")
|
2021-04-19 22:34:07 +12:00
|
|
|
const Joi = require("joi")
|
|
|
|
|
|
|
|
const router = Router()
|
|
|
|
|
2021-05-20 00:17:50 +12:00
|
|
|
function buildUserSaveValidation(isSelf = false) {
|
|
|
|
let schema = {
|
2021-05-20 00:30:55 +12:00
|
|
|
email: Joi.string().allow(null, ""),
|
2021-04-19 22:34:07 +12:00
|
|
|
password: Joi.string().allow(null, ""),
|
2021-05-21 22:10:02 +12:00
|
|
|
forceResetPassword: Joi.boolean().optional(),
|
2021-05-20 00:30:55 +12:00
|
|
|
firstName: Joi.string().allow(null, ""),
|
|
|
|
lastName: Joi.string().allow(null, ""),
|
2021-04-19 22:34:07 +12:00
|
|
|
builder: Joi.object({
|
|
|
|
global: Joi.boolean().optional(),
|
|
|
|
apps: Joi.array().optional(),
|
2021-05-20 02:09:57 +12:00
|
|
|
})
|
2021-04-19 22:34:07 +12:00
|
|
|
.unknown(true)
|
2021-05-20 02:09:57 +12:00
|
|
|
.optional(),
|
|
|
|
// maps appId -> roleId for the user
|
|
|
|
roles: Joi.object().pattern(/.*/, Joi.string()).required().unknown(true),
|
2021-05-20 00:17:50 +12:00
|
|
|
}
|
|
|
|
if (!isSelf) {
|
|
|
|
schema = {
|
|
|
|
...schema,
|
|
|
|
_id: Joi.string(),
|
|
|
|
_rev: Joi.string(),
|
|
|
|
}
|
|
|
|
}
|
2021-05-20 02:09:57 +12:00
|
|
|
return joiValidator.body(Joi.object(schema).required().unknown(true))
|
2021-05-06 02:10:28 +12:00
|
|
|
}
|
|
|
|
|
|
|
|
function buildInviteValidation() {
|
|
|
|
// prettier-ignore
|
|
|
|
return joiValidator.body(Joi.object({
|
|
|
|
email: Joi.string().required(),
|
|
|
|
}).required())
|
|
|
|
}
|
|
|
|
|
|
|
|
function buildInviteAcceptValidation() {
|
|
|
|
// prettier-ignore
|
|
|
|
return joiValidator.body(Joi.object({
|
|
|
|
inviteCode: Joi.string().required(),
|
|
|
|
password: Joi.string().required(),
|
|
|
|
}).required().unknown(true))
|
2021-04-19 22:34:07 +12:00
|
|
|
}
|
|
|
|
|
|
|
|
router
|
2021-05-20 02:09:57 +12:00
|
|
|
.post(
|
|
|
|
"/api/admin/users",
|
|
|
|
adminOnly,
|
|
|
|
buildUserSaveValidation(),
|
|
|
|
controller.save
|
|
|
|
)
|
2021-05-22 03:43:01 +12:00
|
|
|
.get("/api/admin/users", adminOnly, controller.fetch)
|
2021-05-20 02:09:57 +12:00
|
|
|
.delete("/api/admin/users/:id", adminOnly, controller.destroy)
|
2021-05-15 03:31:07 +12:00
|
|
|
.get("/api/admin/roles/:appId")
|
2021-05-20 02:09:57 +12:00
|
|
|
.post(
|
|
|
|
"/api/admin/users/invite",
|
|
|
|
adminOnly,
|
|
|
|
buildInviteValidation(),
|
|
|
|
controller.invite
|
|
|
|
)
|
2021-05-22 03:43:01 +12:00
|
|
|
// non-admin endpoints
|
|
|
|
.post(
|
|
|
|
"/api/admin/users/self",
|
|
|
|
buildUserSaveValidation(true),
|
|
|
|
controller.updateSelf
|
|
|
|
)
|
2021-05-06 02:19:44 +12:00
|
|
|
.post(
|
|
|
|
"/api/admin/users/invite/accept",
|
|
|
|
buildInviteAcceptValidation(),
|
|
|
|
controller.inviteAccept
|
|
|
|
)
|
2021-05-22 03:43:01 +12:00
|
|
|
.post("/api/admin/users/init", controller.adminUser)
|
|
|
|
.get("/api/admin/users/self", controller.getSelf)
|
2021-05-22 04:12:25 +12:00
|
|
|
// admin endpoint but needs to come at end (blocks other endpoints otherwise)
|
|
|
|
.get("/api/admin/users/:id", adminOnly, controller.find)
|
2021-04-19 22:34:07 +12:00
|
|
|
|
|
|
|
module.exports = router
|