summaryrefslogtreecommitdiffstats
path: root/server/api/users.js
blob: 35da1db7c01298ba03a27a3c6ebd72cfc8488338 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
/* global __appdir */
var path = require('path')
var db = require(path.join(__appdir, 'lib', 'sequelize'))
var jwt = require('jsonwebtoken')

// GET requests
module.exports.get = {

  getUserInfo: function (req, res) {
    var decodedToken = jwt.decode(req.token, { complete: true })
    var userId = decodedToken.payload.user.id

    db.user.findOne({ where: { id: userId } }).then(userDb => {
      var user = { }
      user.id = userDb.id
      user.username = userDb.username
      user.email = userDb.email
      user.name = userDb.name
      res.status(200).send(user)
    })
  },

  /*
   * @return: Returns a list of all users in the database and their given roles.
   */
  getUserList: function (req, res) {
    db.user.findAll({
      attributes: ['id', 'username', 'name'],
      include: ['roles']
    }).then(function (users) {
      res.status(200).send(users)
    })
  }
}

// POST requests
module.exports.post = {

  /*
   * roleIds: <ROLE_IDS>
   * userIds: <USER_IDS>
   *
   * Adds the given roles to the given users in the database.
   */
  grantRoles: function (req, res) {
    const roleIds = req.body.roleIds
    const userIds = req.body.userIds

    db.user.findAll({ where: { id: userIds } }).then(users => {
      users.forEach(user => {
        user.addRoles(roleIds)
      })
      res.status(200).send('success')
    })
  },

  /*
   * roleIds: <ROLE_IDS>
   * userIds: <USER_IDS>
   *
   * Removes the given roles from the given users in the database.
   */
  revokeRoles: function (req, res) {
    const roleIds = req.body.roleIds
    const userIds = req.body.userIds

    db.user.findAll({ where: { id: userIds } }).then(users => {
      users.forEach(user => {
        user.removeRoles(roleIds)
      })
      res.status(200).send('success')
    })
  }
}