summaryrefslogblamecommitdiffstats
path: root/server/api/users.js
blob: dc8df467d86ad450622d289bc9a048e2cc8abb3b (plain) (tree)
1
2
3
4
5
6
7
                     
                          
                                                         


                                                   
                                                                          


















                                                                                       



                                 

                         
   


















                                                                               
 






                                               
                                         

  

                                                                               
 
                              
/* global __appdir */
var path = require('path')
var db = require(path.join(__appdir, 'lib', 'sequelize'))
var express = require('express')
const { decorateApp } = require('@awaitjs/express')
var router = decorateApp(express.Router())
var authentication = require(path.join(__appdir, 'lib', 'authentication'))

// ############################################################################
// ###########################  GET requests  #################################

/*
 * @return: Returns a list of all users in the database and their given roles.
 */
router.getAsync('', async (req, res) => {
  const users = await db.user.findAll({ include: ['roles'], order: [['name', 'ASC']] })
  res.status(200).send(users)
})

/*
 * @return: Returns information about a specific user.
 */
router.getAsync('/:id', async (req, res) => {
  const id = req.params.id === 'current' ? req.user.id : req.params.id
  const user = await db.user.findOne({ where: { id } })
  if (user) {
    // Remove the hased password.
    let u = user.dataValues
    delete u.password
    res.status(200).send(u)
  } else {
    res.status(404).end()
  }
})

// ############################################################################
// ##########################  POST requests  #################################

router.postAsync('/:id/roles', async (req, res) => {
  const id = req.params.id === 'current' ? req.user.id : req.params.id
  const user = await db.user.findOne({ where: { id } })
  if (user) {
    if (req.query.delete !== undefined && req.query.delete !== 'false') {
      await user.removeRoles(req.body.ids)
    } else {
      await user.addRoles(req.body.ids)
    }
    res.status(200).end()
  } else {
    res.status(404).end()
  }
})

// Post request for creating new user accounts.
router.post('/', (req, res) => {
  authentication.signup(req, res)
})

// Post request for changing the password.
router.post('/:id/password', (req, res) => {
  authentication.changePassword(req, res)
})

// ############################################################################
// ############################################################################

module.exports.router = router