224 lines
5.3 KiB
JavaScript
Raw Normal View History

2017-11-14 11:11:22 +01:00
'use strict';
/**
* User.js controller
*
* @description: A set of functions called "actions" for managing `User`.
*/
2017-12-04 15:35:45 +01:00
const _ = require('lodash');
2021-04-29 13:51:12 +02:00
const { sanitizeEntity } = require('@strapi/utils');
2021-07-08 18:15:32 +02:00
const { getService } = require('../utils');
2019-09-12 10:50:52 +02:00
const sanitizeUser = user =>
sanitizeEntity(user, {
2021-08-06 18:09:49 +02:00
model: strapi.getModel('plugin::users-permissions.user'),
2019-09-12 10:50:52 +02:00
});
2017-12-04 15:35:45 +01:00
const formatError = error => [
{ messages: [{ id: error.id, message: error.message, field: error.field }] },
];
module.exports = {
/**
* Create a/an user record.
* @return {Object}
*/
async create(ctx) {
const advanced = await strapi
.store({ type: 'plugin', name: 'users-permissions', key: 'advanced' })
.get();
const { email, username, password, role } = ctx.request.body;
if (!email) return ctx.badRequest('missing.email');
if (!username) return ctx.badRequest('missing.username');
if (!password) return ctx.badRequest('missing.password');
const userWithSameUsername = await strapi
.query('plugin::users-permissions.user')
.findOne({ where: { username } });
2017-11-14 11:11:22 +01:00
if (userWithSameUsername) {
return ctx.badRequest(
null,
formatError({
id: 'Auth.form.error.username.taken',
message: 'Username already taken.',
field: ['username'],
})
);
}
if (advanced.unique_email) {
const userWithSameEmail = await strapi
.query('plugin::users-permissions.user')
.findOne({ where: { email: email.toLowerCase() } });
if (userWithSameEmail) {
return ctx.badRequest(
null,
formatError({
id: 'Auth.form.error.email.taken',
message: 'Email already taken.',
field: ['email'],
})
);
}
}
const user = {
...ctx.request.body,
provider: 'local',
};
user.email = _.toLower(user.email);
if (!role) {
const defaultRole = await strapi
.query('plugin::users-permissions.role')
.findOne({ where: { type: advanced.default_role } });
user.role = defaultRole.id;
}
try {
const data = await getService('user').add(user);
ctx.created(sanitizeUser(data));
} catch (error) {
ctx.badRequest(null, formatError(error));
}
},
/**
* Update a/an user record.
* @return {Object}
*/
async update(ctx) {
const advancedConfigs = await strapi
.store({ type: 'plugin', name: 'users-permissions', key: 'advanced' })
.get();
const { id } = ctx.params;
const { email, username, password } = ctx.request.body;
const user = await getService('user').fetch({ id });
if (_.has(ctx.request.body, 'email') && !email) {
return ctx.badRequest('email.notNull');
}
if (_.has(ctx.request.body, 'username') && !username) {
return ctx.badRequest('username.notNull');
}
if (_.has(ctx.request.body, 'password') && !password && user.provider === 'local') {
return ctx.badRequest('password.notNull');
}
if (_.has(ctx.request.body, 'username')) {
const userWithSameUsername = await strapi
.query('plugin::users-permissions.user')
.findOne({ where: { username } });
if (userWithSameUsername && userWithSameUsername.id != id) {
return ctx.badRequest(
null,
formatError({
id: 'Auth.form.error.username.taken',
message: 'username.alreadyTaken.',
field: ['username'],
})
);
}
}
if (_.has(ctx.request.body, 'email') && advancedConfigs.unique_email) {
const userWithSameEmail = await strapi
.query('plugin::users-permissions.user')
.findOne({ where: { email: email.toLowerCase() } });
if (userWithSameEmail && userWithSameEmail.id != id) {
return ctx.badRequest(
null,
formatError({
id: 'Auth.form.error.email.taken',
message: 'Email already taken',
field: ['email'],
})
);
}
ctx.request.body.email = ctx.request.body.email.toLowerCase();
}
let updateData = {
...ctx.request.body,
};
const data = await getService('user').edit({ id }, updateData);
ctx.send(sanitizeUser(data));
},
2017-11-14 11:11:22 +01:00
/**
* Retrieve user records.
* @return {Object|Array}
*/
async find(ctx, next, { populate } = {}) {
2021-07-28 21:03:32 +02:00
const users = await getService('user').fetchAll(ctx.query, populate);
2019-05-21 16:18:18 +02:00
ctx.body = users.map(sanitizeUser);
},
2017-11-14 11:11:22 +01:00
/**
* Retrieve a user record.
* @return {Object}
*/
async findOne(ctx) {
const { id } = ctx.params;
2021-07-08 22:07:52 +02:00
let data = await getService('user').fetch({ id });
if (data) {
data = sanitizeUser(data);
}
2017-11-14 11:11:22 +01:00
ctx.body = data;
2017-11-14 11:11:22 +01:00
},
/**
* Retrieve user count.
* @return {Number}
2017-11-14 11:11:22 +01:00
*/
async count(ctx) {
2021-07-08 18:15:32 +02:00
ctx.body = await getService('user').count(ctx.query);
2017-11-14 11:11:22 +01:00
},
/**
* Destroy a/an user record.
2017-11-14 11:11:22 +01:00
* @return {Object}
*/
async destroy(ctx) {
const { id } = ctx.params;
2021-07-08 18:15:32 +02:00
const data = await getService('user').remove({ id });
ctx.send(sanitizeUser(data));
},
2017-11-14 11:11:22 +01:00
/**
* Retrieve authenticated user.
* @return {Object|Array}
2017-11-14 11:11:22 +01:00
*/
async me(ctx) {
const user = ctx.state.user;
if (!user) {
2021-09-07 09:45:45 +02:00
return ctx.badRequest('Unauthenticated request');
}
ctx.body = sanitizeUser(user);
},
2017-11-14 11:11:22 +01:00
};