2020-05-07 11:53:34 +02:00
|
|
|
const CouchDB = require("../../db")
|
2020-05-18 07:40:29 +02:00
|
|
|
const clientDb = require("../../db/clientDb")
|
2020-05-07 11:53:34 +02:00
|
|
|
const bcrypt = require("../../utilities/bcrypt")
|
2020-05-14 16:12:30 +02:00
|
|
|
const getUserId = userName => `user_${userName}`
|
2020-05-21 15:31:23 +02:00
|
|
|
const {
|
|
|
|
|
POWERUSER_LEVEL_ID,
|
|
|
|
|
ADMIN_LEVEL_ID,
|
|
|
|
|
} = require("../../utilities/accessLevels")
|
2020-04-07 18:25:09 +02:00
|
|
|
|
2020-04-09 17:53:48 +02:00
|
|
|
exports.fetch = async function(ctx) {
|
2020-06-18 17:59:31 +02:00
|
|
|
const database = new CouchDB(ctx.user.instanceId)
|
2020-05-07 11:53:34 +02:00
|
|
|
const data = await database.query("database/by_type", {
|
2020-04-09 17:53:48 +02:00
|
|
|
include_docs: true,
|
2020-05-07 11:53:34 +02:00
|
|
|
key: ["user"],
|
|
|
|
|
})
|
2020-04-08 17:57:27 +02:00
|
|
|
|
2020-05-07 11:53:34 +02:00
|
|
|
ctx.body = data.rows.map(row => row.doc)
|
|
|
|
|
}
|
2020-04-07 18:25:09 +02:00
|
|
|
|
2020-04-09 17:53:48 +02:00
|
|
|
exports.create = async function(ctx) {
|
2020-06-18 17:59:31 +02:00
|
|
|
const database = new CouchDB(ctx.user.instanceId)
|
2020-05-14 16:12:30 +02:00
|
|
|
const appId = (await database.get("_design/database")).metadata.applicationId
|
2020-05-21 15:31:23 +02:00
|
|
|
const { username, password, name, accessLevelId } = ctx.request.body
|
|
|
|
|
|
|
|
|
|
if (!username || !password) {
|
|
|
|
|
ctx.throw(400, "Username and Password Required.")
|
|
|
|
|
}
|
2020-04-23 15:37:08 +02:00
|
|
|
|
2020-05-21 15:31:23 +02:00
|
|
|
const accessLevel = await checkAccessLevel(database, accessLevelId)
|
2020-04-23 15:37:08 +02:00
|
|
|
|
2020-05-21 15:31:23 +02:00
|
|
|
if (!accessLevel) ctx.throw(400, "Invalid Access Level")
|
|
|
|
|
|
|
|
|
|
const user = {
|
2020-05-14 16:12:30 +02:00
|
|
|
_id: getUserId(username),
|
2020-04-23 15:37:08 +02:00
|
|
|
username,
|
|
|
|
|
password: await bcrypt.hash(password),
|
2020-05-14 16:12:30 +02:00
|
|
|
name: name || username,
|
2020-05-07 11:53:34 +02:00
|
|
|
type: "user",
|
2020-05-21 15:31:23 +02:00
|
|
|
accessLevelId,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const response = await database.post(user)
|
2020-04-23 15:37:08 +02:00
|
|
|
|
2020-06-24 00:26:54 +02:00
|
|
|
const masterDb = new CouchDB("client_app_lookup")
|
2020-06-10 22:39:30 +02:00
|
|
|
const { clientId } = await masterDb.get(appId)
|
|
|
|
|
|
2020-05-04 19:07:03 +02:00
|
|
|
// the clientDB needs to store a map of users against the app
|
2020-06-10 22:39:30 +02:00
|
|
|
const db = new CouchDB(clientDb.name(clientId))
|
2020-05-18 07:40:29 +02:00
|
|
|
const app = await db.get(appId)
|
2020-05-04 19:07:03 +02:00
|
|
|
|
|
|
|
|
app.userInstanceMap = {
|
|
|
|
|
...app.userInstanceMap,
|
2020-06-18 17:59:31 +02:00
|
|
|
[username]: ctx.user.instanceId,
|
2020-05-04 19:07:03 +02:00
|
|
|
}
|
2020-05-18 07:40:29 +02:00
|
|
|
await db.put(app)
|
2020-05-04 19:07:03 +02:00
|
|
|
|
2020-05-14 16:12:30 +02:00
|
|
|
ctx.status = 200
|
|
|
|
|
ctx.message = "User created successfully."
|
2020-04-10 17:37:59 +02:00
|
|
|
ctx.body = {
|
2020-05-14 16:12:30 +02:00
|
|
|
_rev: response.rev,
|
|
|
|
|
username,
|
|
|
|
|
name,
|
2020-04-10 17:37:59 +02:00
|
|
|
}
|
2020-05-07 11:53:34 +02:00
|
|
|
}
|
2020-04-09 17:53:48 +02:00
|
|
|
|
2020-05-27 13:51:19 +02:00
|
|
|
exports.update = async function() {}
|
2020-05-21 15:31:23 +02:00
|
|
|
|
2020-04-09 17:53:48 +02:00
|
|
|
exports.destroy = async function(ctx) {
|
2020-06-18 17:59:31 +02:00
|
|
|
const database = new CouchDB(ctx.user.instanceId)
|
2020-05-14 16:12:30 +02:00
|
|
|
await database.destroy(getUserId(ctx.params.username))
|
|
|
|
|
ctx.message = `User ${ctx.params.username} deleted.`
|
|
|
|
|
ctx.status = 200
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
exports.find = async function(ctx) {
|
2020-06-18 17:59:31 +02:00
|
|
|
const database = new CouchDB(ctx.user.instanceId)
|
2020-05-14 16:12:30 +02:00
|
|
|
const user = await database.get(getUserId(ctx.params.username))
|
2020-04-10 17:37:59 +02:00
|
|
|
ctx.body = {
|
2020-05-14 16:12:30 +02:00
|
|
|
username: user.username,
|
|
|
|
|
name: user.name,
|
|
|
|
|
_rev: user._rev,
|
2020-04-10 17:37:59 +02:00
|
|
|
}
|
2020-05-07 11:53:34 +02:00
|
|
|
}
|
2020-05-21 15:31:23 +02:00
|
|
|
|
|
|
|
|
const checkAccessLevel = async (db, accessLevelId) => {
|
|
|
|
|
if (!accessLevelId) return
|
|
|
|
|
if (
|
|
|
|
|
accessLevelId === POWERUSER_LEVEL_ID ||
|
|
|
|
|
accessLevelId === ADMIN_LEVEL_ID
|
|
|
|
|
) {
|
|
|
|
|
return {
|
|
|
|
|
_id: accessLevelId,
|
|
|
|
|
name: accessLevelId,
|
|
|
|
|
permissions: [],
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return await db.get(accessLevelId)
|
|
|
|
|
}
|
