2021-04-19 22:34:07 +12:00
|
|
|
const Router = require("@koa/router")
|
2021-08-05 20:59:08 +12:00
|
|
|
const controller = require("../../controllers/global/users")
|
2022-07-22 22:50:51 +12:00
|
|
|
const { joiValidator } = require("@budibase/backend-core/auth")
|
|
|
|
const { adminOnly } = require("@budibase/backend-core/auth")
|
2021-04-19 22:34:07 +12:00
|
|
|
const Joi = require("joi")
|
2021-10-05 01:40:50 +13:00
|
|
|
const cloudRestricted = require("../../../middleware/cloudRestricted")
|
2022-04-08 12:28:22 +12:00
|
|
|
const { users } = require("../validation")
|
2022-02-15 07:11:35 +13:00
|
|
|
const selfController = require("../../controllers/global/self")
|
2022-08-05 06:03:50 +12:00
|
|
|
const { builderOrAdmin } = require("@budibase/backend-core/auth")
|
2021-04-19 22:34:07 +12:00
|
|
|
|
2022-09-23 01:59:28 +12:00
|
|
|
const router = new Router()
|
2021-04-19 22:34:07 +12:00
|
|
|
|
2021-05-25 01:54:47 +12:00
|
|
|
function buildAdminInitValidation() {
|
2021-05-25 01:56:23 +12:00
|
|
|
return joiValidator.body(
|
|
|
|
Joi.object({
|
|
|
|
email: Joi.string().required(),
|
2021-09-22 05:20:26 +12:00
|
|
|
password: Joi.string(),
|
2021-08-05 20:59:08 +12:00
|
|
|
tenantId: Joi.string().required(),
|
2021-05-25 01:56:23 +12:00
|
|
|
})
|
|
|
|
.required()
|
|
|
|
.unknown(false)
|
|
|
|
)
|
2021-05-25 01:54:47 +12:00
|
|
|
}
|
|
|
|
|
2021-05-06 02:10:28 +12:00
|
|
|
function buildInviteValidation() {
|
|
|
|
// prettier-ignore
|
|
|
|
return joiValidator.body(Joi.object({
|
|
|
|
email: Joi.string().required(),
|
2021-05-25 05:45:43 +12:00
|
|
|
userInfo: Joi.object().optional(),
|
2021-05-06 02:10:28 +12:00
|
|
|
}).required())
|
|
|
|
}
|
|
|
|
|
2022-07-05 20:21:59 +12:00
|
|
|
function buildInviteMultipleValidation() {
|
|
|
|
// prettier-ignore
|
2022-08-04 02:16:26 +12:00
|
|
|
return joiValidator.body(Joi.array().required().items(
|
|
|
|
Joi.object({
|
|
|
|
email: Joi.string(),
|
|
|
|
userInfo: Joi.object().optional(),
|
|
|
|
})
|
|
|
|
))
|
2022-07-05 20:21:59 +12:00
|
|
|
}
|
|
|
|
|
2021-05-06 02:10:28 +12:00
|
|
|
function buildInviteAcceptValidation() {
|
|
|
|
// prettier-ignore
|
|
|
|
return joiValidator.body(Joi.object({
|
|
|
|
inviteCode: Joi.string().required(),
|
|
|
|
password: Joi.string().required(),
|
|
|
|
}).required().unknown(true))
|
2021-04-19 22:34:07 +12:00
|
|
|
}
|
|
|
|
|
|
|
|
router
|
2021-05-20 02:09:57 +12:00
|
|
|
.post(
|
2021-08-05 20:59:08 +12:00
|
|
|
"/api/global/users",
|
2021-05-20 02:09:57 +12:00
|
|
|
adminOnly,
|
2022-04-08 12:28:22 +12:00
|
|
|
users.buildUserSaveValidation(),
|
2021-05-20 02:09:57 +12:00
|
|
|
controller.save
|
|
|
|
)
|
2022-07-12 02:29:39 +12:00
|
|
|
.post(
|
2022-09-22 05:05:45 +12:00
|
|
|
"/api/global/users/bulk",
|
2022-07-12 02:29:39 +12:00
|
|
|
adminOnly,
|
2022-09-22 05:05:45 +12:00
|
|
|
users.buildUserBulkUserValidation(),
|
|
|
|
controller.bulkUpdate
|
2022-07-12 02:29:39 +12:00
|
|
|
)
|
|
|
|
|
2022-06-02 02:20:56 +12:00
|
|
|
.get("/api/global/users", builderOrAdmin, controller.fetch)
|
2022-07-01 03:01:14 +12:00
|
|
|
.post("/api/global/users/search", builderOrAdmin, controller.search)
|
2021-08-05 20:59:08 +12:00
|
|
|
.delete("/api/global/users/:id", adminOnly, controller.destroy)
|
2022-08-04 01:37:41 +12:00
|
|
|
.get("/api/global/users/count/:appId", builderOrAdmin, controller.countByApp)
|
2021-08-05 20:59:08 +12:00
|
|
|
.get("/api/global/roles/:appId")
|
2021-05-20 02:09:57 +12:00
|
|
|
.post(
|
2021-08-05 20:59:08 +12:00
|
|
|
"/api/global/users/invite",
|
2021-05-20 02:09:57 +12:00
|
|
|
adminOnly,
|
|
|
|
buildInviteValidation(),
|
|
|
|
controller.invite
|
|
|
|
)
|
2022-07-05 20:21:59 +12:00
|
|
|
.post(
|
2022-08-04 06:20:33 +12:00
|
|
|
"/api/global/users/multi/invite",
|
2022-07-05 20:21:59 +12:00
|
|
|
adminOnly,
|
|
|
|
buildInviteMultipleValidation(),
|
|
|
|
controller.inviteMultiple
|
|
|
|
)
|
|
|
|
|
2021-08-05 20:59:08 +12:00
|
|
|
// non-global endpoints
|
2021-05-06 02:19:44 +12:00
|
|
|
.post(
|
2021-08-05 20:59:08 +12:00
|
|
|
"/api/global/users/invite/accept",
|
2021-05-06 02:19:44 +12:00
|
|
|
buildInviteAcceptValidation(),
|
|
|
|
controller.inviteAccept
|
|
|
|
)
|
2021-05-25 01:56:23 +12:00
|
|
|
.post(
|
2021-08-05 20:59:08 +12:00
|
|
|
"/api/global/users/init",
|
2021-10-05 01:40:50 +13:00
|
|
|
cloudRestricted,
|
2021-05-25 01:56:23 +12:00
|
|
|
buildAdminInitValidation(),
|
|
|
|
controller.adminUser
|
|
|
|
)
|
2021-09-18 00:41:22 +12:00
|
|
|
.get("/api/global/users/tenant/:id", controller.tenantUserLookup)
|
2021-08-05 20:59:08 +12:00
|
|
|
// global endpoint but needs to come at end (blocks other endpoints otherwise)
|
2022-07-13 22:49:23 +12:00
|
|
|
.get("/api/global/users/:id", builderOrAdmin, controller.find)
|
2022-02-15 07:11:35 +13:00
|
|
|
// DEPRECATED - use new versions with self API
|
|
|
|
.get("/api/global/users/self", selfController.getSelf)
|
|
|
|
.post(
|
|
|
|
"/api/global/users/self",
|
2022-04-08 12:28:22 +12:00
|
|
|
users.buildUserSaveValidation(true),
|
2022-02-15 07:11:35 +13:00
|
|
|
selfController.updateSelf
|
|
|
|
)
|
2021-04-19 22:34:07 +12:00
|
|
|
|
|
|
|
module.exports = router
|