budibase/packages/server/src/api/routes/user.js

const Router = require("@koa/router")
const controller = require("../controllers/user")
const authorized = require("../../middleware/authorized")
const {
  PermissionLevels,
  PermissionTypes,
} = require("../../utilities/security/permissions")
const usage = require("../../middleware/usageQuota")

const router = Router()

router
  .get(
    "/api/users",
    authorized(PermissionTypes.USER, PermissionLevels.READ),
    controller.fetch
  )
  .get(
    "/api/users/:email",
    authorized(PermissionTypes.USER, PermissionLevels.READ),
    controller.find
  )
  .put(
    "/api/users",
    authorized(PermissionTypes.USER, PermissionLevels.WRITE),
    controller.update
  )
  .post(
    "/api/users",
    authorized(PermissionTypes.USER, PermissionLevels.WRITE),
    usage,
    controller.create
  )
  .delete(
    "/api/users/:email",
    authorized(PermissionTypes.USER, PermissionLevels.WRITE),
    usage,
    controller.destroy
  )

module.exports = router
formatting + fixing builder tests 2020-05-07 11:53:34 +02:00			`const Router = require("@koa/router")`
			`const controller = require("../controllers/user")`
auth, first version, needing tested 2020-05-21 15:31:23 +02:00			`const authorized = require("../../middleware/authorized")`
WIP - this is working towards the permissions system but stopping here for the night, this is currently not functional. 2020-11-11 18:34:15 +01:00			`const {`
			`PermissionLevels,`
			`PermissionTypes,`
			`} = require("../../utilities/security/permissions")`
Fixing up middleware to handle uploads, views, records, automation runs and users. 2020-10-07 18:56:47 +02:00			`const usage = require("../../middleware/usageQuota")`
access levels, actions and triggers removed. Restructuring and refactoring 2020-04-29 21:29:42 +02:00
formatting + fixing builder tests 2020-05-07 11:53:34 +02:00			`const router = Router()`
access levels, actions and triggers removed. Restructuring and refactoring 2020-04-29 21:29:42 +02:00
apps being served correctly 2020-05-04 18:13:57 +02:00			`router`
WIP - this is working towards the permissions system but stopping here for the night, this is currently not functional. 2020-11-11 18:34:15 +01:00			`.get(`
			`"/api/users",`
			`authorized(PermissionTypes.USER, PermissionLevels.READ),`
			`controller.fetch`
			`)`
			`.get(`
email as default user identifier 2020-12-04 13:22:45 +01:00			`"/api/users/:email",`
WIP - this is working towards the permissions system but stopping here for the night, this is currently not functional. 2020-11-11 18:34:15 +01:00			`authorized(PermissionTypes.USER, PermissionLevels.READ),`
			`controller.find`
			`)`
			`.put(`
Upping user test cases to cover all of controller. 2021-03-09 18:09:18 +01:00			`"/api/users",`
WIP - this is working towards the permissions system but stopping here for the night, this is currently not functional. 2020-11-11 18:34:15 +01:00			`authorized(PermissionTypes.USER, PermissionLevels.WRITE),`
			`controller.update`
			`)`
			`.post(`
			`"/api/users",`
			`authorized(PermissionTypes.USER, PermissionLevels.WRITE),`
			`usage,`
			`controller.create`
			`)`
auth, first version, needing tested 2020-05-21 15:31:23 +02:00			`.delete(`
email as default user identifier 2020-12-04 13:22:45 +01:00			`"/api/users/:email",`
WIP - this is working towards the permissions system but stopping here for the night, this is currently not functional. 2020-11-11 18:34:15 +01:00			`authorized(PermissionTypes.USER, PermissionLevels.WRITE),`
Fixing up middleware to handle uploads, views, records, automation runs and users. 2020-10-07 18:56:47 +02:00			`usage,`
auth, first version, needing tested 2020-05-21 15:31:23 +02:00			`controller.destroy`
			`)`
access levels, actions and triggers removed. Restructuring and refactoring 2020-04-29 21:29:42 +02:00
formatting + fixing builder tests 2020-05-07 11:53:34 +02:00			`module.exports = router`