basic group apis
This commit is contained in:
parent
aa467e7d63
commit
34a12831a6
|
@ -12,6 +12,7 @@
|
|||
"passport-google-auth": "^1.0.2",
|
||||
"passport-google-oauth": "^2.0.0",
|
||||
"passport-jwt": "^4.0.0",
|
||||
"passport-local": "^1.0.0"
|
||||
"passport-local": "^1.0.0",
|
||||
"uuid": "^8.3.2"
|
||||
}
|
||||
}
|
||||
|
|
|
@ -7,3 +7,10 @@ exports.Cookies = {
|
|||
CurrentApp: "budibase:currentapp",
|
||||
Auth: "budibase:auth",
|
||||
}
|
||||
|
||||
exports.GlobalRoles = {
|
||||
OWNER: "owner",
|
||||
ADMIN: "admin",
|
||||
BUILDER: "builder",
|
||||
GROUP_MANAGER: "group_manager",
|
||||
}
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
const { newid } = require("../hashing")
|
||||
|
||||
exports.StaticDatabases = {
|
||||
USER: {
|
||||
name: "user-db",
|
||||
|
@ -7,6 +9,7 @@ exports.StaticDatabases = {
|
|||
const DocumentTypes = {
|
||||
USER: "us",
|
||||
APP: "app",
|
||||
GROUP: "group",
|
||||
}
|
||||
|
||||
exports.DocumentTypes = DocumentTypes
|
||||
|
@ -29,6 +32,14 @@ exports.getEmailFromUserID = userId => {
|
|||
return userId.split(`${DocumentTypes.USER}${SEPARATOR}`)[1]
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates a new group ID.
|
||||
* @returns {string} The new group ID which the group doc can be stored under.
|
||||
*/
|
||||
exports.generateGroupID = () => {
|
||||
return `${DocumentTypes.GROUP}${SEPARATOR}${newid()}`
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets parameters for retrieving users, this is a utility function for the getDocParams function.
|
||||
*/
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
const bcrypt = require("bcryptjs")
|
||||
const env = require("./environment")
|
||||
const { v4 } = require("uuid")
|
||||
|
||||
const SALT_ROUNDS = env.SALT_ROUNDS || 10
|
||||
|
||||
|
@ -11,3 +12,7 @@ exports.hash = async data => {
|
|||
exports.compare = async (data, encrypted) => {
|
||||
return bcrypt.compare(data, encrypted)
|
||||
}
|
||||
|
||||
exports.newid = function() {
|
||||
return v4().replace(/-/g, "")
|
||||
}
|
||||
|
|
|
@ -17,6 +17,8 @@ const {
|
|||
const {
|
||||
generateUserID,
|
||||
getUserParams,
|
||||
generateGroupID,
|
||||
getGroupParams,
|
||||
getEmailFromUserID,
|
||||
} = require("./db/utils")
|
||||
|
||||
|
|
|
@ -584,6 +584,11 @@ uuid@^3.3.2:
|
|||
resolved "https://registry.yarnpkg.com/uuid/-/uuid-3.4.0.tgz#b23e4358afa8a202fe7a100af1f5f883f02007ee"
|
||||
integrity sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==
|
||||
|
||||
uuid@^8.3.2:
|
||||
version "8.3.2"
|
||||
resolved "https://registry.yarnpkg.com/uuid/-/uuid-8.3.2.tgz#80d5b5ced271bb9af6c445f21a1a04c606cefbe2"
|
||||
integrity sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==
|
||||
|
||||
verror@1.10.0:
|
||||
version "1.10.0"
|
||||
resolved "https://registry.yarnpkg.com/verror/-/verror-1.10.0.tgz#3a105ca17053af55d6e270c1f8288682e18da400"
|
||||
|
|
|
@ -0,0 +1,26 @@
|
|||
const CouchDB = require("../../../db")
|
||||
const {
|
||||
hash,
|
||||
generateUserID,
|
||||
getUserParams,
|
||||
StaticDatabases,
|
||||
} = require("@budibase/auth")
|
||||
const { UserStatus } = require("../../../constants")
|
||||
|
||||
const USER_DB = StaticDatabases.USER.name
|
||||
|
||||
exports.save = async function(ctx, next) {
|
||||
const db = new CouchDB(USER_DB)
|
||||
}
|
||||
|
||||
exports.fetch = async function(ctx, next) {
|
||||
const db = new CouchDB(USER_DB)
|
||||
}
|
||||
|
||||
exports.find = async function(ctx, next) {
|
||||
const db = new CouchDB(USER_DB)
|
||||
}
|
||||
|
||||
exports.destroy = async function(ctx, next) {
|
||||
const db = new CouchDB(USER_DB)
|
||||
}
|
|
@ -1,90 +1,11 @@
|
|||
const CouchDB = require("../../../db")
|
||||
const {
|
||||
hash,
|
||||
generateUserID,
|
||||
getUserParams,
|
||||
StaticDatabases,
|
||||
} = require("@budibase/auth")
|
||||
const { UserStatus } = require("../../../constants")
|
||||
const users = require("./users")
|
||||
const groups = require("./groups")
|
||||
|
||||
const USER_DB = StaticDatabases.USER.name
|
||||
|
||||
exports.userSave = async ctx => {
|
||||
const db = new CouchDB(USER_DB)
|
||||
const { email, password, _id } = ctx.request.body
|
||||
const hashedPassword = password ? await hash(password) : null
|
||||
let user = {
|
||||
...ctx.request.body,
|
||||
_id: generateUserID(email),
|
||||
password: hashedPassword,
|
||||
}
|
||||
let dbUser
|
||||
// in-case user existed already
|
||||
if (_id) {
|
||||
dbUser = await db.get(_id)
|
||||
}
|
||||
// add the active status to a user if its not provided
|
||||
if (user.status == null) {
|
||||
user.status = UserStatus.ACTIVE
|
||||
}
|
||||
try {
|
||||
const response = await db.post({
|
||||
password: hashedPassword || dbUser.password,
|
||||
...user,
|
||||
})
|
||||
ctx.body = {
|
||||
_id: response.id,
|
||||
_rev: response.rev,
|
||||
email,
|
||||
}
|
||||
} catch (err) {
|
||||
if (err.status === 409) {
|
||||
ctx.throw(400, "User exists already")
|
||||
} else {
|
||||
ctx.throw(err.status, err)
|
||||
}
|
||||
}
|
||||
exports.initialise = async function(ctx) {
|
||||
// create the ALL users group
|
||||
}
|
||||
|
||||
exports.userDelete = async ctx => {
|
||||
const db = new CouchDB(USER_DB)
|
||||
const dbUser = await db.get(generateUserID(ctx.params.email))
|
||||
await db.remove(dbUser._id, dbUser._rev)
|
||||
ctx.body = {
|
||||
message: `User ${ctx.params.email} deleted.`,
|
||||
}
|
||||
}
|
||||
|
||||
// called internally by app server user fetch
|
||||
exports.userFetch = async ctx => {
|
||||
const db = new CouchDB(USER_DB)
|
||||
const response = await db.allDocs(
|
||||
getUserParams(null, {
|
||||
include_docs: true,
|
||||
})
|
||||
)
|
||||
const users = response.rows.map(row => row.doc)
|
||||
// user hashed password shouldn't ever be returned
|
||||
for (let user of users) {
|
||||
if (user) {
|
||||
delete user.password
|
||||
}
|
||||
}
|
||||
ctx.body = users
|
||||
}
|
||||
|
||||
// called internally by app server user find
|
||||
exports.userFind = async ctx => {
|
||||
const db = new CouchDB(USER_DB)
|
||||
let user
|
||||
try {
|
||||
user = await db.get(generateUserID(ctx.params.email))
|
||||
} catch (err) {
|
||||
// no user found, just return nothing
|
||||
user = {}
|
||||
}
|
||||
if (user) {
|
||||
delete user.password
|
||||
}
|
||||
ctx.body = user
|
||||
module.exports = {
|
||||
users,
|
||||
groups,
|
||||
}
|
||||
|
|
|
@ -0,0 +1,90 @@
|
|||
const CouchDB = require("../../../db")
|
||||
const {
|
||||
hash,
|
||||
generateUserID,
|
||||
getUserParams,
|
||||
StaticDatabases,
|
||||
} = require("@budibase/auth")
|
||||
const { UserStatus } = require("../../../constants")
|
||||
|
||||
const USER_DB = StaticDatabases.USER.name
|
||||
|
||||
exports.userSave = async ctx => {
|
||||
const db = new CouchDB(USER_DB)
|
||||
const { email, password, _id } = ctx.request.body
|
||||
const hashedPassword = password ? await hash(password) : null
|
||||
let user = {
|
||||
...ctx.request.body,
|
||||
_id: generateUserID(email),
|
||||
password: hashedPassword,
|
||||
}
|
||||
let dbUser
|
||||
// in-case user existed already
|
||||
if (_id) {
|
||||
dbUser = await db.get(_id)
|
||||
}
|
||||
// add the active status to a user if its not provided
|
||||
if (user.status == null) {
|
||||
user.status = UserStatus.ACTIVE
|
||||
}
|
||||
try {
|
||||
const response = await db.post({
|
||||
password: hashedPassword || dbUser.password,
|
||||
...user,
|
||||
})
|
||||
ctx.body = {
|
||||
_id: response.id,
|
||||
_rev: response.rev,
|
||||
email,
|
||||
}
|
||||
} catch (err) {
|
||||
if (err.status === 409) {
|
||||
ctx.throw(400, "User exists already")
|
||||
} else {
|
||||
ctx.throw(err.status, err)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
exports.userDelete = async ctx => {
|
||||
const db = new CouchDB(USER_DB)
|
||||
const dbUser = await db.get(generateUserID(ctx.params.email))
|
||||
await db.remove(dbUser._id, dbUser._rev)
|
||||
ctx.body = {
|
||||
message: `User ${ctx.params.email} deleted.`,
|
||||
}
|
||||
}
|
||||
|
||||
// called internally by app server user fetch
|
||||
exports.userFetch = async ctx => {
|
||||
const db = new CouchDB(USER_DB)
|
||||
const response = await db.allDocs(
|
||||
getUserParams(null, {
|
||||
include_docs: true,
|
||||
})
|
||||
)
|
||||
const users = response.rows.map(row => row.doc)
|
||||
// user hashed password shouldn't ever be returned
|
||||
for (let user of users) {
|
||||
if (user) {
|
||||
delete user.password
|
||||
}
|
||||
}
|
||||
ctx.body = users
|
||||
}
|
||||
|
||||
// called internally by app server user find
|
||||
exports.userFind = async ctx => {
|
||||
const db = new CouchDB(USER_DB)
|
||||
let user
|
||||
try {
|
||||
user = await db.get(generateUserID(ctx.params.email))
|
||||
} catch (err) {
|
||||
// no user found, just return nothing
|
||||
user = {}
|
||||
}
|
||||
if (user) {
|
||||
delete user.password
|
||||
}
|
||||
ctx.body = user
|
||||
}
|
|
@ -0,0 +1,39 @@
|
|||
const Router = require("@koa/router")
|
||||
const controller = require("../../controllers/admin/groups")
|
||||
const joiValidator = require("../../../middleware/joi-validator")
|
||||
const { authenticated } = require("@budibase/auth")
|
||||
const Joi = require("joi")
|
||||
|
||||
const router = Router()
|
||||
|
||||
function buildGroupSaveValidation() {
|
||||
// prettier-ignore
|
||||
return joiValidator.body(Joi.object({
|
||||
// _id: Joi.string(),
|
||||
// _rev: Joi.string(),
|
||||
// email: Joi.string(),
|
||||
// password: Joi.string().allow(null, ""),
|
||||
// builder: Joi.object({
|
||||
// global: Joi.boolean().optional(),
|
||||
// apps: Joi.array().optional(),
|
||||
// }).unknown(true).optional(),
|
||||
// // maps appId -> roleId for the user
|
||||
// roles: Joi.object()
|
||||
// .pattern(/.*/, Joi.string())
|
||||
// .required()
|
||||
// .unknown(true)
|
||||
}).required().unknown(true).optional())
|
||||
}
|
||||
|
||||
router
|
||||
.post(
|
||||
"/api/admin/groups",
|
||||
buildGroupSaveValidation(),
|
||||
authenticated,
|
||||
controller.save
|
||||
)
|
||||
.delete("/api/admin/groups/:id", authenticated, controller.destroy)
|
||||
.get("/api/admin/groups", authenticated, controller.fetch)
|
||||
.get("/api/admin/group/:id", authenticated, controller.find)
|
||||
|
||||
module.exports = router
|
|
@ -1,39 +1,7 @@
|
|||
const Router = require("@koa/router")
|
||||
const controller = require("../../controllers/admin")
|
||||
const joiValidator = require("../../../middleware/joi-validator")
|
||||
const { authenticated } = require("@budibase/auth")
|
||||
const Joi = require("joi")
|
||||
const groups = require("./groups")
|
||||
const users = require("./users")
|
||||
|
||||
const router = Router()
|
||||
|
||||
function buildUserSaveValidation() {
|
||||
// prettier-ignore
|
||||
return joiValidator.body(Joi.object({
|
||||
_id: Joi.string(),
|
||||
_rev: Joi.string(),
|
||||
email: Joi.string(),
|
||||
password: Joi.string().allow(null, ""),
|
||||
builder: Joi.object({
|
||||
global: Joi.boolean().optional(),
|
||||
apps: Joi.array().optional(),
|
||||
}).unknown(true).optional(),
|
||||
// maps appId -> roleId for the user
|
||||
roles: Joi.object()
|
||||
.pattern(/.*/, Joi.string())
|
||||
.required()
|
||||
.unknown(true)
|
||||
}).required().unknown(true).optional())
|
||||
module.exports = {
|
||||
groups,
|
||||
users,
|
||||
}
|
||||
|
||||
router
|
||||
.post(
|
||||
"/api/admin/users",
|
||||
buildUserSaveValidation(),
|
||||
authenticated,
|
||||
controller.userSave
|
||||
)
|
||||
.delete("/api/admin/users/:email", authenticated, controller.userDelete)
|
||||
.get("/api/admin/users", authenticated, controller.userFetch)
|
||||
.get("/api/admin/users/:email", authenticated, controller.userFind)
|
||||
|
||||
module.exports = router
|
||||
|
|
|
@ -0,0 +1,39 @@
|
|||
const Router = require("@koa/router")
|
||||
const controller = require("../../controllers/admin/users")
|
||||
const joiValidator = require("../../../middleware/joi-validator")
|
||||
const { authenticated } = require("@budibase/auth")
|
||||
const Joi = require("joi")
|
||||
|
||||
const router = Router()
|
||||
|
||||
function buildUserSaveValidation() {
|
||||
// prettier-ignore
|
||||
return joiValidator.body(Joi.object({
|
||||
_id: Joi.string(),
|
||||
_rev: Joi.string(),
|
||||
email: Joi.string(),
|
||||
password: Joi.string().allow(null, ""),
|
||||
builder: Joi.object({
|
||||
global: Joi.boolean().optional(),
|
||||
apps: Joi.array().optional(),
|
||||
}).unknown(true).optional(),
|
||||
// maps appId -> roleId for the user
|
||||
roles: Joi.object()
|
||||
.pattern(/.*/, Joi.string())
|
||||
.required()
|
||||
.unknown(true)
|
||||
}).required().unknown(true).optional())
|
||||
}
|
||||
|
||||
router
|
||||
.post(
|
||||
"/api/admin/users",
|
||||
buildUserSaveValidation(),
|
||||
authenticated,
|
||||
controller.userSave
|
||||
)
|
||||
.delete("/api/admin/users/:email", authenticated, controller.userDelete)
|
||||
.get("/api/admin/users", authenticated, controller.userFetch)
|
||||
.get("/api/admin/users/:email", authenticated, controller.userFind)
|
||||
|
||||
module.exports = router
|
|
@ -1,5 +1,5 @@
|
|||
const adminRoutes = require("./admin")
|
||||
const { userRoutes, groupRoutes } = require("./admin")
|
||||
const authRoutes = require("./auth")
|
||||
const appRoutes = require("./app")
|
||||
|
||||
exports.routes = [adminRoutes, authRoutes, appRoutes]
|
||||
exports.routes = [userRoutes, groupRoutes, authRoutes, appRoutes]
|
||||
|
|
|
@ -2,3 +2,7 @@ exports.UserStatus = {
|
|||
ACTIVE: "active",
|
||||
INACTIVE: "inactive",
|
||||
}
|
||||
|
||||
exports.Groups = {
|
||||
ALL_USERS: "all_users",
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue