| 
									
										
										
										
											2017-11-14 11:11:22 +01:00
										 |  |  |  | 'use strict'; | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | /** | 
					
						
							|  |  |  |  |  * User.js controller | 
					
						
							|  |  |  |  |  * | 
					
						
							|  |  |  |  |  * @description: A set of functions called "actions" for managing `User`. | 
					
						
							|  |  |  |  |  */ | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-12-04 15:35:45 +01:00
										 |  |  |  | const _ = require('lodash'); | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-11-14 11:11:22 +01:00
										 |  |  |  | module.exports = { | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  |   /** | 
					
						
							|  |  |  |  |    * Retrieve user records. | 
					
						
							|  |  |  |  |    * | 
					
						
							|  |  |  |  |    * @return {Object|Array} | 
					
						
							|  |  |  |  |    */ | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  |   find: async (ctx) => { | 
					
						
							| 
									
										
										
										
											2017-12-14 16:29:13 +01:00
										 |  |  |  |     let data = await strapi.plugins['users-permissions'].services.user.fetchAll(ctx.query); | 
					
						
							|  |  |  |  |     data.reduce((acc, user) => { | 
					
						
							|  |  |  |  |       acc.push(_.omit(user.toJSON ? user.toJSON() : user, ['password', 'resetPasswordToken'])); | 
					
						
							|  |  |  |  |       return acc; | 
					
						
							|  |  |  |  |     }, []); | 
					
						
							| 
									
										
										
										
											2017-11-14 11:11:22 +01:00
										 |  |  |  | 
 | 
					
						
							|  |  |  |  |     // Send 200 `ok`
 | 
					
						
							|  |  |  |  |     ctx.send(data); | 
					
						
							|  |  |  |  |   }, | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-01-10 20:29:34 +01:00
										 |  |  |  |   /** | 
					
						
							|  |  |  |  |    * Retrieve authenticated user. | 
					
						
							|  |  |  |  |    * | 
					
						
							|  |  |  |  |    * @return {Object|Array} | 
					
						
							|  |  |  |  |    */ | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  |   me: async (ctx) => { | 
					
						
							|  |  |  |  |     const user = ctx.state.user; | 
					
						
							| 
									
										
										
										
											2018-01-11 16:24:16 +01:00
										 |  |  |  | 
 | 
					
						
							|  |  |  |  |     if (!user) { | 
					
						
							|  |  |  |  |       return ctx.badRequest(null, [{ messages: [{ id: 'No authorization header was found' }] }]); | 
					
						
							|  |  |  |  |     } | 
					
						
							| 
									
										
										
										
											2018-01-18 14:10:26 +01:00
										 |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-01-10 20:29:34 +01:00
										 |  |  |  |     const data = _.omit(user.toJSON ? user.toJSON() : user, ['password', 'resetPasswordToken']); | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  |     // Send 200 `ok`
 | 
					
						
							|  |  |  |  |     ctx.send(data); | 
					
						
							|  |  |  |  |   }, | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-11-14 11:11:22 +01:00
										 |  |  |  |   /** | 
					
						
							|  |  |  |  |    * Retrieve a user record. | 
					
						
							|  |  |  |  |    * | 
					
						
							|  |  |  |  |    * @return {Object} | 
					
						
							|  |  |  |  |    */ | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  |   findOne: async (ctx) => { | 
					
						
							| 
									
										
										
										
											2017-12-06 14:15:27 +01:00
										 |  |  |  |     let data = await strapi.plugins['users-permissions'].services.user.fetch(ctx.params); | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  |     if (data) { | 
					
						
							| 
									
										
										
										
											2017-12-07 18:16:15 +01:00
										 |  |  |  |       data = _.omit(data.toJSON ? data.toJSON() : data, ['password', 'resetPasswordToken']); | 
					
						
							| 
									
										
										
										
											2017-12-06 14:15:27 +01:00
										 |  |  |  |     } | 
					
						
							| 
									
										
										
										
											2017-11-14 11:11:22 +01:00
										 |  |  |  | 
 | 
					
						
							|  |  |  |  |     // Send 200 `ok`
 | 
					
						
							|  |  |  |  |     ctx.send(data); | 
					
						
							|  |  |  |  |   }, | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  |   /** | 
					
						
							|  |  |  |  |    * Create a/an user record. | 
					
						
							|  |  |  |  |    * | 
					
						
							|  |  |  |  |    * @return {Object} | 
					
						
							|  |  |  |  |    */ | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  |   create: async (ctx) => { | 
					
						
							| 
									
										
										
										
											2018-02-06 13:10:43 +01:00
										 |  |  |  |     if ((await strapi.store({ | 
					
						
							| 
									
										
										
										
											2018-02-13 15:04:21 +01:00
										 |  |  |  |       environment: '', | 
					
						
							| 
									
										
										
										
											2018-02-06 13:10:43 +01:00
										 |  |  |  |       type: 'plugin', | 
					
						
							|  |  |  |  |       name: 'users-permissions', | 
					
						
							|  |  |  |  |       key: 'advanced' | 
					
						
							|  |  |  |  |     }).get()).unique_email && ctx.request.body.email) { | 
					
						
							| 
									
										
										
										
											2018-01-26 09:37:24 +01:00
										 |  |  |  |       const user = await strapi.query('user', 'users-permissions').findOne({ email: ctx.request.body.email }); | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  |       if (user) { | 
					
						
							|  |  |  |  |         return ctx.badRequest(null, ctx.request.admin ? [{ messages: [{ id: 'Auth.form.error.email.taken' }] }] : 'Email is already taken.'); | 
					
						
							|  |  |  |  |       } | 
					
						
							|  |  |  |  |     } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-12-06 15:11:55 +01:00
										 |  |  |  |     try { | 
					
						
							|  |  |  |  |       const data = await strapi.plugins['users-permissions'].services.user.add(ctx.request.body); | 
					
						
							|  |  |  |  |       // Send 201 `created`
 | 
					
						
							|  |  |  |  |       ctx.created(data); | 
					
						
							|  |  |  |  |     } catch(error) { | 
					
						
							|  |  |  |  |       ctx.badRequest(null, ctx.request.admin ? [{ messages: [{ id: error.message, field: error.field }] }] : error.message); | 
					
						
							|  |  |  |  |     } | 
					
						
							| 
									
										
										
										
											2017-11-14 11:11:22 +01:00
										 |  |  |  |   }, | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  |   /** | 
					
						
							|  |  |  |  |    * Update a/an user record. | 
					
						
							|  |  |  |  |    * | 
					
						
							|  |  |  |  |    * @return {Object} | 
					
						
							|  |  |  |  |    */ | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  |   update: async (ctx, next) => { | 
					
						
							| 
									
										
										
										
											2017-12-06 15:11:55 +01:00
										 |  |  |  |     try { | 
					
						
							| 
									
										
										
										
											2018-02-06 13:10:43 +01:00
										 |  |  |  |       const advancedConfigs = await strapi.store({ | 
					
						
							| 
									
										
										
										
											2018-02-13 15:04:21 +01:00
										 |  |  |  |         environment: '', | 
					
						
							| 
									
										
										
										
											2018-02-06 13:10:43 +01:00
										 |  |  |  |         type: 'plugin', | 
					
						
							|  |  |  |  |         name: 'users-permissions', | 
					
						
							|  |  |  |  |         key: 'advanced' | 
					
						
							|  |  |  |  |       }).get(); | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  |       if (advancedConfigs.unique_email && ctx.request.body.email) { | 
					
						
							| 
									
										
										
										
											2018-02-02 12:59:34 +01:00
										 |  |  |  |         const users = await strapi.plugins['users-permissions'].services.user.fetchAll({ email: ctx.request.body.email }); | 
					
						
							| 
									
										
										
										
											2018-01-26 09:37:24 +01:00
										 |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-02-02 12:59:34 +01:00
										 |  |  |  |         if (users && _.find(users, user => (user.id || user._id).toString() !== ctx.params.id)) { | 
					
						
							| 
									
										
										
										
											2018-01-26 09:37:24 +01:00
										 |  |  |  |           return ctx.badRequest(null, ctx.request.admin ? [{ messages: [{ id: 'Auth.form.error.email.taken' }] }] : 'Email is already taken.'); | 
					
						
							|  |  |  |  |         } | 
					
						
							|  |  |  |  |       } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-12-06 15:11:55 +01:00
										 |  |  |  |       const user = await strapi.plugins['users-permissions'].services.user.fetch(ctx.params); | 
					
						
							| 
									
										
										
										
											2017-12-04 15:35:45 +01:00
										 |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-12-06 15:11:55 +01:00
										 |  |  |  |       if (_.get(ctx.request, 'body.password') === user.password) { | 
					
						
							|  |  |  |  |         delete ctx.request.body.password; | 
					
						
							|  |  |  |  |       } | 
					
						
							| 
									
										
										
										
											2017-12-04 15:35:45 +01:00
										 |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-12-15 14:22:11 +01:00
										 |  |  |  |       if (_.get(ctx.request, 'body.role', '').toString() === '0' && (!_.get(ctx.state, 'user.role') || _.get(ctx.state, 'user.role', '').toString() !== '0')) { | 
					
						
							| 
									
										
										
										
											2017-12-15 10:49:01 +01:00
										 |  |  |  |         delete ctx.request.body.role; | 
					
						
							|  |  |  |  |       } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-02-06 13:10:43 +01:00
										 |  |  |  |       if (ctx.request.body.email && advancedConfigs.unique_email) { | 
					
						
							| 
									
										
										
										
											2018-01-18 14:10:26 +01:00
										 |  |  |  |         const user = await strapi.query('user', 'users-permissions').findOne({ | 
					
						
							|  |  |  |  |           email: ctx.request.body.email | 
					
						
							|  |  |  |  |         }); | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-02-02 12:59:34 +01:00
										 |  |  |  |         if ((user.id || user._id).toString() !== ctx.params.id) { | 
					
						
							| 
									
										
										
										
											2018-01-18 14:10:26 +01:00
										 |  |  |  |           return ctx.badRequest(null, ctx.request.admin ? [{ messages: [{ id: 'Auth.form.error.email.taken' }] }] : 'Email is already taken.'); | 
					
						
							|  |  |  |  |         } | 
					
						
							|  |  |  |  |       } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-12-06 15:11:55 +01:00
										 |  |  |  |       const data = await strapi.plugins['users-permissions'].services.user.edit(ctx.params, ctx.request.body) ; | 
					
						
							| 
									
										
										
										
											2017-11-14 11:11:22 +01:00
										 |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-12-06 15:11:55 +01:00
										 |  |  |  |       // Send 200 `ok`
 | 
					
						
							|  |  |  |  |       ctx.send(data); | 
					
						
							|  |  |  |  |     } catch(error) { | 
					
						
							|  |  |  |  |       ctx.badRequest(null, ctx.request.admin ? [{ messages: [{ id: error.message, field: error.field }] }] : error.message); | 
					
						
							|  |  |  |  |     } | 
					
						
							| 
									
										
										
										
											2017-11-14 11:11:22 +01:00
										 |  |  |  |   }, | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  |   /** | 
					
						
							|  |  |  |  |    * Destroy a/an user record. | 
					
						
							|  |  |  |  |    * | 
					
						
							|  |  |  |  |    * @return {Object} | 
					
						
							|  |  |  |  |    */ | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  |   destroy: async (ctx, next) => { | 
					
						
							|  |  |  |  |     const data = await strapi.plugins['users-permissions'].services.user.remove(ctx.params); | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  |     // Send 200 `ok`
 | 
					
						
							|  |  |  |  |     ctx.send(data); | 
					
						
							|  |  |  |  |   } | 
					
						
							|  |  |  |  | }; |