strapi/packages/strapi-admin/services/user.js

'use strict';

const _ = require('lodash');
const { createUser } = require('../domain/user');

/**
 * Remove private user fields
 * @param {Object} user - user to sanitize
 */
const sanitizeUser = user => {
  return _.omit(user, ['password', 'resetPasswordToken']);
};

/**
 * Create and save a user in database
 * @param attributes A partial user object
 * @returns {Promise<user>}
 */
const create = async attributes => {
  const user = createUser({
    registrationToken: strapi.admin.services.token.createToken(),
    ...attributes,
  });

  return strapi.query('user', 'admin').create(user);
};

/**
 * Update a user in database
 * @param params query params to find the user to update
 * @param attributes A partial user object
 * @returns {Promise<user>}
 */
const update = async (params, attributes) => {
  return strapi.query('user', 'admin').update(params, attributes);
};

/**
 * Check if a user with specific attributes exists in the database
 * @param attributes A partial user object
 * @returns {Promise<boolean>}
 */
const exists = async attributes => {
  return (await strapi.query('user', 'admin').count(attributes)) > 0;
};

/**
 * Returns a user registration info
 * @param {string} registrationToken - a user registration token
 * @returns {Promise<registrationInfo>} - Returns user email, firstname and lastname
 */
const findRegistrationInfo = async registrationToken => {
  const user = await strapi.query('user', 'admin').findOne({ registrationToken });

  if (!user) {
    return undefined;
  }

  return _.pick(user, ['email', 'firstname', 'lastname']);
};

/**
 * Registers a user based on a registrationToken and some informations to update
 * @param {Object} params
 * @param {Object} params.registrationInfo registration token
 * @param {Object} params.userInfo user info
 */
const register = async ({ registrationToken, userInfo }) => {
  const matchingUser = await strapi.query('user', 'admin').findOne({registrationToken});

  if (!matchingUser) {
    throw strapi.errors.badRequest('Invalid registration info');
  }

  const hashedPassword = await strapi.admin.services.auth.hashPassword(userInfo.password);

  return strapi.admin.services.user.update(
    {id: matchingUser.id},
    {
      password: hashedPassword,
      firstname: userInfo.firstname,
      lastname: userInfo.lastname,
      registrationToken: null,
      isActive: true,
    }
  );
}

/** Find many users (paginated)
 * @param query
 * @returns {Promise<user>}
 */
const findPage = async query => {
  return strapi.query('user', 'admin').findPage(query);
};

module.exports = {
  create,
  update,
  exists,
  findRegistrationInfo,
  register,
  sanitizeUser,
  findPage,
};
Add tests Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-13 11:46:52 +02:00			`'use strict';`

Add registration info route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-18 16:07:37 +02:00			`const _ = require('lodash');`
Cleanup strapi-admin services & domain Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-05-14 10:37:32 +02:00			`const { createUser } = require('../domain/user');`

Add registration info route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-18 16:07:37 +02:00			`/**`
			`* Remove private user fields`
			`* @param {Object} user - user to sanitize`
			`*/`
			`const sanitizeUser = user => {`
			`return _.omit(user, ['password', 'resetPasswordToken']);`
			`};`

Cleanup strapi-admin services & domain Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-05-14 10:37:32 +02:00			`/**`
			`* Create and save a user in database`
			`* @param attributes A partial user object`
			`* @returns {Promise<user>}`
			`*/`
Uniformize code with rbac/login Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-05-14 11:06:16 +02:00			`const create = async attributes => {`
Add e2e tests, fix validation for mongoose, update services Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-05-14 18:54:52 +02:00			`const user = createUser({`
			`registrationToken: strapi.admin.services.token.createToken(),`
			`...attributes,`
			`});`

Cleanup strapi-admin services & domain Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-05-14 10:37:32 +02:00			`return strapi.query('user', 'admin').create(user);`
Uniformize code with rbac/login Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-05-14 11:06:16 +02:00			`};`
Add tests Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-13 11:46:52 +02:00
Add register route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-18 17:16:49 +02:00			`/**`
			`* Update a user in database`
			`* @param params query params to find the user to update`
			`* @param attributes A partial user object`
			`* @returns {Promise<user>}`
			`*/`
			`const update = async (params, attributes) => {`
			`return strapi.query('user', 'admin').update(params, attributes);`
			`};`

Cleanup strapi-admin services & domain Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-05-14 10:37:32 +02:00			`/**`
			`* Check if a user with specific attributes exists in the database`
			`* @param attributes A partial user object`
			`* @returns {Promise<boolean>}`
			`*/`
Uniformize code with rbac/login Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-05-14 11:06:16 +02:00			`const exists = async attributes => {`
Cleanup strapi-admin services & domain Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-05-14 10:37:32 +02:00			`return (await strapi.query('user', 'admin').count(attributes)) > 0;`
Uniformize code with rbac/login Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-05-14 11:06:16 +02:00			`};`
Add tests Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-13 11:46:52 +02:00
Add registration info route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-18 16:07:37 +02:00			`/**`
			`* Returns a user registration info`
			`* @param {string} registrationToken - a user registration token`
			`* @returns {Promise<registrationInfo>} - Returns user email, firstname and lastname`
			`*/`
			`const findRegistrationInfo = async registrationToken => {`
			`const user = await strapi.query('user', 'admin').findOne({ registrationToken });`

			`if (!user) {`
			`return undefined;`
			`}`

			`return _.pick(user, ['email', 'firstname', 'lastname']);`
			`};`

Add register route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-18 17:16:49 +02:00			`/**`
			`* Registers a user based on a registrationToken and some informations to update`
			`* @param {Object} params`
			`* @param {Object} params.registrationInfo registration token`
			`* @param {Object} params.userInfo user info`
			`*/`
			`const register = async ({ registrationToken, userInfo }) => {`
Add GET /admin/users route and new pagination system Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-05-19 10:55:52 +02:00			`const matchingUser = await strapi.query('user', 'admin').findOne({registrationToken});`
Add register route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-18 17:16:49 +02:00
			`if (!matchingUser) {`
			`throw strapi.errors.badRequest('Invalid registration info');`
			`}`

			`const hashedPassword = await strapi.admin.services.auth.hashPassword(userInfo.password);`

			`return strapi.admin.services.user.update(`
Add GET /admin/users route and new pagination system Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-05-19 10:55:52 +02:00			`{id: matchingUser.id},`
Add register route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-18 17:16:49 +02:00			`{`
			`password: hashedPassword,`
			`firstname: userInfo.firstname,`
			`lastname: userInfo.lastname,`
			`registrationToken: null,`
			`isActive: true,`
			`}`
			`);`
Add GET /admin/users route and new pagination system Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-05-19 10:55:52 +02:00			`}`

			`/** Find many users (paginated)`
			`* @param query`
			`* @returns {Promise<user>}`
			`*/`
			`const findPage = async query => {`
			`return strapi.query('user', 'admin').findPage(query);`
Add register route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-18 17:16:49 +02:00			`};`

Cleanup strapi-admin services & domain Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-05-14 10:37:32 +02:00			`module.exports = {`
			`create,`
Add register route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-18 17:16:49 +02:00			`update,`
Cleanup strapi-admin services & domain Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-05-14 10:37:32 +02:00			`exists,`
Add registration info route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-18 16:07:37 +02:00			`findRegistrationInfo,`
Add register route Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-18 17:16:49 +02:00			`register,`
Add GET /admin/users route and new pagination system Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu> 2020-05-19 10:55:52 +02:00			`sanitizeUser,`
			`findPage,`
Add tests Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-13 11:46:52 +02:00			`};`