MirrorSave
/
budibase
mirror of https://github.com/Budibase/budibase.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
budibase/packages/server/src/api/controllers/user.js

112 lines
2.9 KiB
JavaScript
Raw Blame History

const CouchDB = require("../../db")
const clientDb = require("../../db/clientDb")
const bcrypt = require("../../utilities/bcrypt")
const { generateUserID, getUserParams } = require("../../db/utils")
const {
POWERUSER_LEVEL_ID,
ADMIN_LEVEL_ID,
} = require("../../utilities/accessLevels")
exports.fetch = async function(ctx) {
const database = new CouchDB(ctx.user.instanceId)
const data = await database.allDocs(
getUserParams(null, {
include_docs: true,
})
)
ctx.body = data.rows.map(row => row.doc)
}
exports.create = async function(ctx) {
const database = new CouchDB(ctx.user.instanceId)
const appId = (await database.get("_design/database")).metadata.applicationId
const { username, password, name, accessLevelId } = ctx.request.body
if (!username || !password) {
ctx.throw(400, "Username and Password Required.")
}
const accessLevel = await checkAccessLevel(database, accessLevelId)
if (!accessLevel) ctx.throw(400, "Invalid Access Level")
const user = {
_id: generateUserID(username),
username,
password: await bcrypt.hash(password),
name: name || username,
type: "user",
accessLevelId,
}
const response = await database.post(user)
const masterDb = new CouchDB("client_app_lookup")
const { clientId } = await masterDb.get(appId)
// the clientDB needs to store a map of users against the app
const db = new CouchDB(clientDb.name(clientId))
const app = await db.get(appId)
app.userInstanceMap = {
...app.userInstanceMap,
[username]: ctx.user.instanceId,
}
await db.put(app)
ctx.status = 200
ctx.message = "User created successfully."
ctx.userId = response._id
ctx.body = {
_rev: response.rev,
username,
name,
}
}
exports.update = async function(ctx) {
const db = new CouchDB(ctx.user.instanceId)
const user = ctx.request.body
const dbUser = db.get(ctx.request.body._id)
const newData = { ...dbUser, ...user }
const response = await db.put(newData)
user._rev = response.rev
ctx.status = 200
ctx.message = `User ${ctx.request.body.username} updated successfully.`
ctx.body = response
}
exports.destroy = async function(ctx) {
const database = new CouchDB(ctx.user.instanceId)
await database.destroy(generateUserID(ctx.params.username))
ctx.message = `User ${ctx.params.username} deleted.`
ctx.status = 200
}
exports.find = async function(ctx) {
const database = new CouchDB(ctx.user.instanceId)
const user = await database.get(generateUserID(ctx.params.username))
ctx.body = {
username: user.username,
name: user.name,
_rev: user._rev,
}
}
const checkAccessLevel = async (db, accessLevelId) => {
if (!accessLevelId) return
if (
accessLevelId === POWERUSER_LEVEL_ID ||
accessLevelId === ADMIN_LEVEL_ID
) {
return {
_id: accessLevelId,
name: accessLevelId,
permissions: [],
}
}
return await db.get(accessLevelId)
}
Reference in New Issue View Git Blame Copy Permalink