2020-05-07 11:53:34 +02:00
|
|
|
const CouchDB = require("../../db")
|
2020-05-18 07:40:29 +02:00
|
|
|
const clientDb = require("../../db/clientDb")
|
2020-05-07 11:53:34 +02:00
|
|
|
const bcrypt = require("../../utilities/bcrypt")
|
2020-10-02 13:37:46 +02:00
|
|
|
const { generateUserID, getUserParams } = require("../../db/utils")
|
2020-05-21 15:31:23 +02:00
|
|
|
const {
|
|
|
|
|
POWERUSER_LEVEL_ID,
|
|
|
|
|
ADMIN_LEVEL_ID,
|
|
|
|
|
} = require("../../utilities/accessLevels")
|
2020-04-07 18:25:09 +02:00
|
|
|
|
2020-06-29 15:56:41 +02:00
|
|
|
exports.fetch = async function(ctx) {
|
2020-06-18 17:59:31 +02:00
|
|
|
const database = new CouchDB(ctx.user.instanceId)
|
2020-10-02 13:37:46 +02:00
|
|
|
const data = await database.allDocs(
|
|
|
|
|
getUserParams(null, {
|
|
|
|
|
include_docs: true,
|
|
|
|
|
})
|
|
|
|
|
)
|
2020-05-07 11:53:34 +02:00
|
|
|
ctx.body = data.rows.map(row => row.doc)
|
|
|
|
|
}
|
2020-04-07 18:25:09 +02:00
|
|
|
|
2020-06-29 15:56:41 +02:00
|
|
|
exports.create = async function(ctx) {
|
2020-06-18 17:59:31 +02:00
|
|
|
const database = new CouchDB(ctx.user.instanceId)
|
2020-05-14 16:12:30 +02:00
|
|
|
const appId = (await database.get("_design/database")).metadata.applicationId
|
2020-05-21 15:31:23 +02:00
|
|
|
const { username, password, name, accessLevelId } = ctx.request.body
|
|
|
|
|
|
|
|
|
|
if (!username || !password) {
|
|
|
|
|
ctx.throw(400, "Username and Password Required.")
|
|
|
|
|
}
|
2020-04-23 15:37:08 +02:00
|
|
|
|
2020-05-21 15:31:23 +02:00
|
|
|
const accessLevel = await checkAccessLevel(database, accessLevelId)
|
2020-04-23 15:37:08 +02:00
|
|
|
|
2020-05-21 15:31:23 +02:00
|
|
|
if (!accessLevel) ctx.throw(400, "Invalid Access Level")
|
|
|
|
|
|
|
|
|
|
const user = {
|
2020-10-02 13:37:46 +02:00
|
|
|
_id: generateUserID(username),
|
2020-04-23 15:37:08 +02:00
|
|
|
username,
|
|
|
|
|
password: await bcrypt.hash(password),
|
2020-05-14 16:12:30 +02:00
|
|
|
name: name || username,
|
2020-05-07 11:53:34 +02:00
|
|
|
type: "user",
|
2020-05-21 15:31:23 +02:00
|
|
|
accessLevelId,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const response = await database.post(user)
|
2020-04-23 15:37:08 +02:00
|
|
|
|
2020-06-24 00:26:54 +02:00
|
|
|
const masterDb = new CouchDB("client_app_lookup")
|
2020-06-10 22:39:30 +02:00
|
|
|
const { clientId } = await masterDb.get(appId)
|
|
|
|
|
|
2020-05-04 19:07:03 +02:00
|
|
|
// the clientDB needs to store a map of users against the app
|
2020-06-10 22:39:30 +02:00
|
|
|
const db = new CouchDB(clientDb.name(clientId))
|
2020-05-18 07:40:29 +02:00
|
|
|
const app = await db.get(appId)
|
2020-05-04 19:07:03 +02:00
|
|
|
|
|
|
|
|
app.userInstanceMap = {
|
|
|
|
|
...app.userInstanceMap,
|
2020-06-18 17:59:31 +02:00
|
|
|
[username]: ctx.user.instanceId,
|
2020-05-04 19:07:03 +02:00
|
|
|
}
|
2020-05-18 07:40:29 +02:00
|
|
|
await db.put(app)
|
2020-05-04 19:07:03 +02:00
|
|
|
|
2020-05-14 16:12:30 +02:00
|
|
|
ctx.status = 200
|
|
|
|
|
ctx.message = "User created successfully."
|
2020-09-21 16:05:24 +02:00
|
|
|
ctx.userId = response._id
|
2020-04-10 17:37:59 +02:00
|
|
|
ctx.body = {
|
2020-05-14 16:12:30 +02:00
|
|
|
_rev: response.rev,
|
|
|
|
|
username,
|
|
|
|
|
name,
|
2020-04-10 17:37:59 +02:00
|
|
|
}
|
2020-05-07 11:53:34 +02:00
|
|
|
}
|
2020-04-09 17:53:48 +02:00
|
|
|
|
2020-06-29 15:56:41 +02:00
|
|
|
exports.update = async function(ctx) {
|
2020-06-26 11:05:09 +02:00
|
|
|
const db = new CouchDB(ctx.user.instanceId)
|
|
|
|
|
const user = ctx.request.body
|
2020-06-29 15:55:12 +02:00
|
|
|
const dbUser = db.get(ctx.request.body._id)
|
|
|
|
|
const newData = { ...dbUser, ...user }
|
2020-05-21 15:31:23 +02:00
|
|
|
|
2020-06-29 15:55:12 +02:00
|
|
|
const response = await db.put(newData)
|
2020-06-26 11:05:09 +02:00
|
|
|
user._rev = response.rev
|
|
|
|
|
|
|
|
|
|
ctx.status = 200
|
2020-06-29 13:14:15 +02:00
|
|
|
ctx.message = `User ${ctx.request.body.username} updated successfully.`
|
|
|
|
|
ctx.body = response
|
2020-06-26 11:05:09 +02:00
|
|
|
}
|
|
|
|
|
|
2020-06-29 15:56:41 +02:00
|
|
|
exports.destroy = async function(ctx) {
|
2020-06-18 17:59:31 +02:00
|
|
|
const database = new CouchDB(ctx.user.instanceId)
|
2020-10-02 13:37:46 +02:00
|
|
|
await database.destroy(generateUserID(ctx.params.username))
|
2020-05-14 16:12:30 +02:00
|
|
|
ctx.message = `User ${ctx.params.username} deleted.`
|
|
|
|
|
ctx.status = 200
|
|
|
|
|
}
|
|
|
|
|
|
2020-06-29 15:56:41 +02:00
|
|
|
exports.find = async function(ctx) {
|
2020-06-18 17:59:31 +02:00
|
|
|
const database = new CouchDB(ctx.user.instanceId)
|
2020-10-02 13:37:46 +02:00
|
|
|
const user = await database.get(generateUserID(ctx.params.username))
|
2020-04-10 17:37:59 +02:00
|
|
|
ctx.body = {
|
2020-05-14 16:12:30 +02:00
|
|
|
username: user.username,
|
|
|
|
|
name: user.name,
|
|
|
|
|
_rev: user._rev,
|
2020-04-10 17:37:59 +02:00
|
|
|
}
|
2020-05-07 11:53:34 +02:00
|
|
|
}
|
2020-05-21 15:31:23 +02:00
|
|
|
|
|
|
|
|
const checkAccessLevel = async (db, accessLevelId) => {
|
|
|
|
|
if (!accessLevelId) return
|
|
|
|
|
if (
|
|
|
|
|
accessLevelId === POWERUSER_LEVEL_ID ||
|
|
|
|
|
accessLevelId === ADMIN_LEVEL_ID
|
|
|
|
|
) {
|
|
|
|
|
return {
|
|
|
|
|
_id: accessLevelId,
|
|
|
|
|
name: accessLevelId,
|
|
|
|
|
permissions: [],
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return await db.get(accessLevelId)
|
|
|
|
|
}
|
