2020-05-07 21:53:34 +12:00
|
|
|
const CouchDB = require("../../db")
|
2020-05-18 17:40:29 +12:00
|
|
|
const clientDb = require("../../db/clientDb")
|
2020-05-07 21:53:34 +12:00
|
|
|
const bcrypt = require("../../utilities/bcrypt")
|
2020-05-15 02:12:30 +12:00
|
|
|
const getUserId = userName => `user_${userName}`
|
2020-05-22 01:31:23 +12:00
|
|
|
const {
|
|
|
|
|
POWERUSER_LEVEL_ID,
|
|
|
|
|
ADMIN_LEVEL_ID,
|
|
|
|
|
} = require("../../utilities/accessLevels")
|
2020-04-08 04:25:09 +12:00
|
|
|
|
2020-04-10 03:53:48 +12:00
|
|
|
exports.fetch = async function(ctx) {
|
2020-06-19 03:59:31 +12:00
|
|
|
const database = new CouchDB(ctx.user.instanceId)
|
2020-05-07 21:53:34 +12:00
|
|
|
const data = await database.query("database/by_type", {
|
2020-04-10 03:53:48 +12:00
|
|
|
include_docs: true,
|
2020-05-07 21:53:34 +12:00
|
|
|
key: ["user"],
|
|
|
|
|
})
|
2020-04-09 03:57:27 +12:00
|
|
|
|
2020-05-07 21:53:34 +12:00
|
|
|
ctx.body = data.rows.map(row => row.doc)
|
|
|
|
|
}
|
2020-04-08 04:25:09 +12:00
|
|
|
|
2020-04-10 03:53:48 +12:00
|
|
|
exports.create = async function(ctx) {
|
2020-06-19 03:59:31 +12:00
|
|
|
const database = new CouchDB(ctx.user.instanceId)
|
2020-05-15 02:12:30 +12:00
|
|
|
const appId = (await database.get("_design/database")).metadata.applicationId
|
2020-05-22 01:31:23 +12:00
|
|
|
const { username, password, name, accessLevelId } = ctx.request.body
|
|
|
|
|
|
|
|
|
|
if (!username || !password) {
|
|
|
|
|
ctx.throw(400, "Username and Password Required.")
|
|
|
|
|
}
|
2020-04-24 01:37:08 +12:00
|
|
|
|
2020-05-22 01:31:23 +12:00
|
|
|
const accessLevel = await checkAccessLevel(database, accessLevelId)
|
2020-04-24 01:37:08 +12:00
|
|
|
|
2020-05-22 01:31:23 +12:00
|
|
|
if (!accessLevel) ctx.throw(400, "Invalid Access Level")
|
|
|
|
|
|
|
|
|
|
const user = {
|
2020-05-15 02:12:30 +12:00
|
|
|
_id: getUserId(username),
|
2020-04-24 01:37:08 +12:00
|
|
|
username,
|
|
|
|
|
password: await bcrypt.hash(password),
|
2020-05-15 02:12:30 +12:00
|
|
|
name: name || username,
|
2020-05-07 21:53:34 +12:00
|
|
|
type: "user",
|
2020-05-22 01:31:23 +12:00
|
|
|
accessLevelId,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const response = await database.post(user)
|
2020-04-24 01:37:08 +12:00
|
|
|
|
2020-06-24 10:26:54 +12:00
|
|
|
const masterDb = new CouchDB("client_app_lookup")
|
2020-06-11 08:39:30 +12:00
|
|
|
const { clientId } = await masterDb.get(appId)
|
|
|
|
|
|
2020-05-05 05:07:03 +12:00
|
|
|
// the clientDB needs to store a map of users against the app
|
2020-06-11 08:39:30 +12:00
|
|
|
const db = new CouchDB(clientDb.name(clientId))
|
2020-05-18 17:40:29 +12:00
|
|
|
const app = await db.get(appId)
|
2020-05-05 05:07:03 +12:00
|
|
|
|
|
|
|
|
app.userInstanceMap = {
|
|
|
|
|
...app.userInstanceMap,
|
2020-06-19 03:59:31 +12:00
|
|
|
[username]: ctx.user.instanceId,
|
2020-05-05 05:07:03 +12:00
|
|
|
}
|
2020-05-18 17:40:29 +12:00
|
|
|
await db.put(app)
|
2020-05-05 05:07:03 +12:00
|
|
|
|
2020-05-15 02:12:30 +12:00
|
|
|
ctx.status = 200
|
|
|
|
|
ctx.message = "User created successfully."
|
2020-04-11 03:37:59 +12:00
|
|
|
ctx.body = {
|
2020-05-15 02:12:30 +12:00
|
|
|
_rev: response.rev,
|
|
|
|
|
username,
|
|
|
|
|
name,
|
2020-04-11 03:37:59 +12:00
|
|
|
}
|
2020-05-07 21:53:34 +12:00
|
|
|
}
|
2020-04-10 03:53:48 +12:00
|
|
|
|
2020-05-27 23:51:19 +12:00
|
|
|
exports.update = async function() {}
|
2020-05-22 01:31:23 +12:00
|
|
|
|
2020-04-10 03:53:48 +12:00
|
|
|
exports.destroy = async function(ctx) {
|
2020-06-19 03:59:31 +12:00
|
|
|
const database = new CouchDB(ctx.user.instanceId)
|
2020-05-15 02:12:30 +12:00
|
|
|
await database.destroy(getUserId(ctx.params.username))
|
|
|
|
|
ctx.message = `User ${ctx.params.username} deleted.`
|
|
|
|
|
ctx.status = 200
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
exports.find = async function(ctx) {
|
2020-06-19 03:59:31 +12:00
|
|
|
const database = new CouchDB(ctx.user.instanceId)
|
2020-05-15 02:12:30 +12:00
|
|
|
const user = await database.get(getUserId(ctx.params.username))
|
2020-04-11 03:37:59 +12:00
|
|
|
ctx.body = {
|
2020-05-15 02:12:30 +12:00
|
|
|
username: user.username,
|
|
|
|
|
name: user.name,
|
|
|
|
|
_rev: user._rev,
|
2020-04-11 03:37:59 +12:00
|
|
|
}
|
2020-05-07 21:53:34 +12:00
|
|
|
}
|
2020-05-22 01:31:23 +12:00
|
|
|
|
|
|
|
|
const checkAccessLevel = async (db, accessLevelId) => {
|
|
|
|
|
if (!accessLevelId) return
|
|
|
|
|
if (
|
|
|
|
|
accessLevelId === POWERUSER_LEVEL_ID ||
|
|
|
|
|
accessLevelId === ADMIN_LEVEL_ID
|
|
|
|
|
) {
|
|
|
|
|
return {
|
|
|
|
|
_id: accessLevelId,
|
|
|
|
|
name: accessLevelId,
|
|
|
|
|
permissions: [],
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return await db.get(accessLevelId)
|
|
|
|
|
}
|
