2017-11-14 11:11:22 +01:00
|
|
|
'use strict';
|
|
|
|
|
|
|
|
/**
|
|
|
|
* User.js controller
|
|
|
|
*
|
|
|
|
* @description: A set of functions called "actions" for managing `User`.
|
|
|
|
*/
|
|
|
|
|
2017-12-04 15:35:45 +01:00
|
|
|
const _ = require('lodash');
|
2021-04-29 13:51:12 +02:00
|
|
|
const { sanitizeEntity } = require('@strapi/utils');
|
2021-07-08 18:15:32 +02:00
|
|
|
const { getService } = require('../utils');
|
2019-09-12 10:50:52 +02:00
|
|
|
|
|
|
|
const sanitizeUser = user =>
|
|
|
|
sanitizeEntity(user, {
|
2021-08-06 18:09:49 +02:00
|
|
|
model: strapi.getModel('plugin::users-permissions.user'),
|
2019-09-12 10:50:52 +02:00
|
|
|
});
|
2017-12-04 15:35:45 +01:00
|
|
|
|
2021-11-04 15:18:09 +01:00
|
|
|
const formatError = error => [
|
|
|
|
{ messages: [{ id: error.id, message: error.message, field: error.field }] },
|
|
|
|
];
|
2020-07-06 16:25:25 +02:00
|
|
|
|
2021-11-04 15:18:09 +01:00
|
|
|
module.exports = {
|
|
|
|
/**
|
|
|
|
* Create a/an user record.
|
|
|
|
* @return {Object}
|
|
|
|
*/
|
|
|
|
async create(ctx) {
|
|
|
|
const advanced = await strapi
|
|
|
|
.store({ type: 'plugin', name: 'users-permissions', key: 'advanced' })
|
|
|
|
.get();
|
2020-07-06 16:25:25 +02:00
|
|
|
|
2021-11-04 15:18:09 +01:00
|
|
|
const { email, username, password, role } = ctx.request.body;
|
2020-07-06 16:25:25 +02:00
|
|
|
|
2021-11-04 15:18:09 +01:00
|
|
|
if (!email) return ctx.badRequest('missing.email');
|
|
|
|
if (!username) return ctx.badRequest('missing.username');
|
|
|
|
if (!password) return ctx.badRequest('missing.password');
|
2020-07-06 16:25:25 +02:00
|
|
|
|
2021-11-04 15:18:09 +01:00
|
|
|
const userWithSameUsername = await strapi
|
|
|
|
.query('plugin::users-permissions.user')
|
|
|
|
.findOne({ where: { username } });
|
2017-11-14 11:11:22 +01:00
|
|
|
|
2021-11-04 15:18:09 +01:00
|
|
|
if (userWithSameUsername) {
|
|
|
|
return ctx.badRequest(
|
|
|
|
null,
|
|
|
|
formatError({
|
|
|
|
id: 'Auth.form.error.username.taken',
|
|
|
|
message: 'Username already taken.',
|
|
|
|
field: ['username'],
|
|
|
|
})
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (advanced.unique_email) {
|
|
|
|
const userWithSameEmail = await strapi
|
|
|
|
.query('plugin::users-permissions.user')
|
|
|
|
.findOne({ where: { email: email.toLowerCase() } });
|
|
|
|
|
|
|
|
if (userWithSameEmail) {
|
|
|
|
return ctx.badRequest(
|
|
|
|
null,
|
|
|
|
|
|
|
|
formatError({
|
|
|
|
id: 'Auth.form.error.email.taken',
|
|
|
|
message: 'Email already taken.',
|
|
|
|
field: ['email'],
|
|
|
|
})
|
|
|
|
);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
const user = {
|
|
|
|
...ctx.request.body,
|
|
|
|
provider: 'local',
|
|
|
|
};
|
|
|
|
|
|
|
|
user.email = _.toLower(user.email);
|
|
|
|
|
|
|
|
if (!role) {
|
|
|
|
const defaultRole = await strapi
|
|
|
|
.query('plugin::users-permissions.role')
|
|
|
|
.findOne({ where: { type: advanced.default_role } });
|
|
|
|
|
|
|
|
user.role = defaultRole.id;
|
|
|
|
}
|
|
|
|
|
|
|
|
try {
|
|
|
|
const data = await getService('user').add(user);
|
|
|
|
|
|
|
|
ctx.created(sanitizeUser(data));
|
|
|
|
} catch (error) {
|
|
|
|
ctx.badRequest(null, formatError(error));
|
|
|
|
}
|
|
|
|
},
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Update a/an user record.
|
|
|
|
* @return {Object}
|
|
|
|
*/
|
|
|
|
async update(ctx) {
|
|
|
|
const advancedConfigs = await strapi
|
|
|
|
.store({ type: 'plugin', name: 'users-permissions', key: 'advanced' })
|
|
|
|
.get();
|
|
|
|
|
|
|
|
const { id } = ctx.params;
|
|
|
|
const { email, username, password } = ctx.request.body;
|
|
|
|
|
|
|
|
const user = await getService('user').fetch({ id });
|
|
|
|
|
|
|
|
if (_.has(ctx.request.body, 'email') && !email) {
|
|
|
|
return ctx.badRequest('email.notNull');
|
|
|
|
}
|
|
|
|
|
|
|
|
if (_.has(ctx.request.body, 'username') && !username) {
|
|
|
|
return ctx.badRequest('username.notNull');
|
|
|
|
}
|
|
|
|
|
|
|
|
if (_.has(ctx.request.body, 'password') && !password && user.provider === 'local') {
|
|
|
|
return ctx.badRequest('password.notNull');
|
|
|
|
}
|
|
|
|
|
|
|
|
if (_.has(ctx.request.body, 'username')) {
|
|
|
|
const userWithSameUsername = await strapi
|
|
|
|
.query('plugin::users-permissions.user')
|
|
|
|
.findOne({ where: { username } });
|
|
|
|
|
|
|
|
if (userWithSameUsername && userWithSameUsername.id != id) {
|
|
|
|
return ctx.badRequest(
|
|
|
|
null,
|
|
|
|
formatError({
|
|
|
|
id: 'Auth.form.error.username.taken',
|
|
|
|
message: 'username.alreadyTaken.',
|
|
|
|
field: ['username'],
|
|
|
|
})
|
|
|
|
);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (_.has(ctx.request.body, 'email') && advancedConfigs.unique_email) {
|
|
|
|
const userWithSameEmail = await strapi
|
|
|
|
.query('plugin::users-permissions.user')
|
|
|
|
.findOne({ where: { email: email.toLowerCase() } });
|
|
|
|
|
|
|
|
if (userWithSameEmail && userWithSameEmail.id != id) {
|
|
|
|
return ctx.badRequest(
|
|
|
|
null,
|
|
|
|
formatError({
|
|
|
|
id: 'Auth.form.error.email.taken',
|
|
|
|
message: 'Email already taken',
|
|
|
|
field: ['email'],
|
|
|
|
})
|
|
|
|
);
|
|
|
|
}
|
|
|
|
ctx.request.body.email = ctx.request.body.email.toLowerCase();
|
|
|
|
}
|
|
|
|
|
|
|
|
let updateData = {
|
|
|
|
...ctx.request.body,
|
|
|
|
};
|
|
|
|
|
|
|
|
const data = await getService('user').edit({ id }, updateData);
|
|
|
|
|
|
|
|
ctx.send(sanitizeUser(data));
|
|
|
|
},
|
2020-07-06 16:25:25 +02:00
|
|
|
|
2017-11-14 11:11:22 +01:00
|
|
|
/**
|
|
|
|
* Retrieve user records.
|
|
|
|
* @return {Object|Array}
|
|
|
|
*/
|
2019-07-15 23:16:50 +02:00
|
|
|
async find(ctx, next, { populate } = {}) {
|
2021-07-28 21:03:32 +02:00
|
|
|
const users = await getService('user').fetchAll(ctx.query, populate);
|
2019-05-21 16:18:18 +02:00
|
|
|
|
2020-07-06 16:25:25 +02:00
|
|
|
ctx.body = users.map(sanitizeUser);
|
2020-04-17 17:33:21 +02:00
|
|
|
},
|
|
|
|
|
2017-11-14 11:11:22 +01:00
|
|
|
/**
|
|
|
|
* Retrieve a user record.
|
|
|
|
* @return {Object}
|
|
|
|
*/
|
2019-07-15 23:16:50 +02:00
|
|
|
async findOne(ctx) {
|
2019-07-16 16:26:53 +02:00
|
|
|
const { id } = ctx.params;
|
2021-07-08 22:07:52 +02:00
|
|
|
let data = await getService('user').fetch({ id });
|
2017-12-06 14:15:27 +01:00
|
|
|
|
|
|
|
if (data) {
|
2019-07-15 23:16:50 +02:00
|
|
|
data = sanitizeUser(data);
|
2017-12-06 14:15:27 +01:00
|
|
|
}
|
2017-11-14 11:11:22 +01:00
|
|
|
|
2020-07-06 16:25:25 +02:00
|
|
|
ctx.body = data;
|
2017-11-14 11:11:22 +01:00
|
|
|
},
|
|
|
|
|
|
|
|
/**
|
2020-07-06 16:25:25 +02:00
|
|
|
* Retrieve user count.
|
|
|
|
* @return {Number}
|
2017-11-14 11:11:22 +01:00
|
|
|
*/
|
2020-07-06 16:25:25 +02:00
|
|
|
async count(ctx) {
|
2021-07-08 18:15:32 +02:00
|
|
|
ctx.body = await getService('user').count(ctx.query);
|
2017-11-14 11:11:22 +01:00
|
|
|
},
|
|
|
|
|
|
|
|
/**
|
2020-07-06 16:25:25 +02:00
|
|
|
* Destroy a/an user record.
|
2017-11-14 11:11:22 +01:00
|
|
|
* @return {Object}
|
|
|
|
*/
|
2020-07-06 16:25:25 +02:00
|
|
|
async destroy(ctx) {
|
2019-07-16 16:26:53 +02:00
|
|
|
const { id } = ctx.params;
|
2021-07-08 18:15:32 +02:00
|
|
|
|
|
|
|
const data = await getService('user').remove({ id });
|
|
|
|
|
2020-07-06 16:25:25 +02:00
|
|
|
ctx.send(sanitizeUser(data));
|
|
|
|
},
|
2019-07-16 16:26:53 +02:00
|
|
|
|
2017-11-14 11:11:22 +01:00
|
|
|
/**
|
2020-07-06 16:25:25 +02:00
|
|
|
* Retrieve authenticated user.
|
|
|
|
* @return {Object|Array}
|
2017-11-14 11:11:22 +01:00
|
|
|
*/
|
2020-07-06 16:25:25 +02:00
|
|
|
async me(ctx) {
|
|
|
|
const user = ctx.state.user;
|
2018-06-06 16:20:52 +02:00
|
|
|
|
2020-07-06 16:25:25 +02:00
|
|
|
if (!user) {
|
2021-09-07 09:45:45 +02:00
|
|
|
return ctx.badRequest('Unauthenticated request');
|
2020-07-06 16:25:25 +02:00
|
|
|
}
|
2018-06-06 16:20:52 +02:00
|
|
|
|
2020-07-06 16:25:25 +02:00
|
|
|
ctx.body = sanitizeUser(user);
|
2019-07-15 23:16:50 +02:00
|
|
|
},
|
2017-11-14 11:11:22 +01:00
|
|
|
};
|