184 lines
5.1 KiB
JavaScript
Raw Normal View History

2017-11-14 11:11:22 +01:00
'use strict';
/**
* User.js controller
*
* @description: A set of functions called "actions" for managing `User`.
*/
2017-12-04 15:35:45 +01:00
const _ = require('lodash');
2017-11-14 11:11:22 +01:00
module.exports = {
/**
* Retrieve user records.
*
* @return {Object|Array}
*/
2019-02-02 13:28:03 +01:00
find: async (ctx, next, { populate } = {}) => {
2019-05-21 16:18:18 +02:00
let users;
2017-11-14 11:11:22 +01:00
2019-05-21 16:18:18 +02:00
if (_.has(ctx.query, '_q')) {
// use core strapi query to search for users
users = await strapi
.query('user', 'users-permissions')
.search(ctx.query, populate);
} else {
users = await strapi.plugins['users-permissions'].services.user.fetchAll(ctx.query, populate);
}
const data = users.map(user => _.omit(user, ['password', 'resetPasswordToken']));
2017-11-14 11:11:22 +01:00
ctx.send(data);
},
/**
* Retrieve authenticated user.
*
* @return {Object|Array}
*/
me: async (ctx) => {
const user = ctx.state.user;
if (!user) {
return ctx.badRequest(null, [{ messages: [{ id: 'No authorization header was found' }] }]);
}
const data = _.omit(user.toJSON ? user.toJSON() : user, ['password', 'resetPasswordToken']);
// Send 200 `ok`
ctx.send(data);
},
2017-11-14 11:11:22 +01:00
/**
* Retrieve a user record.
*
* @return {Object}
*/
findOne: async (ctx) => {
let data = await strapi.plugins['users-permissions'].services.user.fetch(ctx.params);
if (data) {
2017-12-07 18:16:15 +01:00
data = _.omit(data.toJSON ? data.toJSON() : data, ['password', 'resetPasswordToken']);
}
2017-11-14 11:11:22 +01:00
// Send 200 `ok`
ctx.send(data);
},
/**
* Create a/an user record.
*
* @return {Object}
*/
create: async (ctx) => {
const advanced = await strapi.store({
environment: '',
type: 'plugin',
name: 'users-permissions',
key: 'advanced'
}).get();
if (advanced.unique_email && ctx.request.body.email) {
2019-04-26 10:17:04 +02:00
const user = await strapi.plugins['users-permissions'].queries('user', 'users-permissions').findOne({ email: ctx.request.body.email });
2018-01-26 09:37:24 +01:00
if (user) {
2018-04-24 11:45:09 +02:00
return ctx.badRequest(null, ctx.request.admin ? [{ messages: [{ id: 'Auth.form.error.email.taken', field: ['email'] }] }] : 'Email is already taken.');
2018-01-26 09:37:24 +01:00
}
}
if (!ctx.request.body.role) {
2019-04-26 10:17:04 +02:00
const defaultRole = await strapi.plugins['users-permissions'].queries('role', 'users-permissions').findOne({ type: advanced.default_role }, []);
ctx.request.body.role = defaultRole._id || defaultRole.id;
}
ctx.request.body.provider = 'local';
2017-12-06 15:11:55 +01:00
try {
const data = await strapi.plugins['users-permissions'].services.user.add(ctx.request.body);
2017-12-06 15:11:55 +01:00
// Send 201 `created`
ctx.created(data);
} catch(error) {
ctx.badRequest(null, ctx.request.admin ? [{ messages: [{ id: error.message, field: error.field }] }] : error.message);
}
2017-11-14 11:11:22 +01:00
},
/**
* Update a/an user record.
*
* @return {Object}
*/
update: async (ctx) => {
2017-12-06 15:11:55 +01:00
try {
const advancedConfigs = await strapi.store({
environment: '',
type: 'plugin',
name: 'users-permissions',
key: 'advanced'
}).get();
if (advancedConfigs.unique_email && ctx.request.body.email) {
const users = await strapi.plugins['users-permissions'].services.user.fetchAll({ email: ctx.request.body.email });
2018-01-26 09:37:24 +01:00
2019-01-22 11:41:49 +01:00
if (users && _.find(users, user => (user.id || user._id).toString() !== (ctx.params.id || ctx.params._id))) {
2018-04-24 11:45:09 +02:00
return ctx.badRequest(null, ctx.request.admin ? [{ messages: [{ id: 'Auth.form.error.email.taken', field: ['email'] }] }] : 'Email is already taken.');
2018-01-26 09:37:24 +01:00
}
}
2017-12-06 15:11:55 +01:00
const user = await strapi.plugins['users-permissions'].services.user.fetch(ctx.params);
2017-12-04 15:35:45 +01:00
if (_.get(ctx.request, 'body.password') === user.password) {
2017-12-06 15:11:55 +01:00
delete ctx.request.body.password;
}
2017-12-04 15:35:45 +01:00
2017-12-15 14:22:11 +01:00
if (_.get(ctx.request, 'body.role', '').toString() === '0' && (!_.get(ctx.state, 'user.role') || _.get(ctx.state, 'user.role', '').toString() !== '0')) {
2017-12-15 10:49:01 +01:00
delete ctx.request.body.role;
}
if (ctx.request.body.email && advancedConfigs.unique_email) {
2019-04-26 10:17:04 +02:00
const user = await strapi.plugins['users-permissions'].queries('user', 'users-permissions').findOne({
email: ctx.request.body.email
});
2019-01-22 11:41:49 +01:00
if (user !== null && (user.id || user._id).toString() !== (ctx.params.id || ctx.params._id)) {
2018-04-24 11:45:09 +02:00
return ctx.badRequest(null, ctx.request.admin ? [{ messages: [{ id: 'Auth.form.error.email.taken', field: ['email'] }] }] : 'Email is already taken.');
}
}
2017-12-06 15:11:55 +01:00
const data = await strapi.plugins['users-permissions'].services.user.edit(ctx.params, ctx.request.body) ;
2017-11-14 11:11:22 +01:00
2017-12-06 15:11:55 +01:00
// Send 200 `ok`
ctx.send(data);
} catch(error) {
ctx.badRequest(null, ctx.request.admin ? [{ messages: [{ id: error.message, field: error.field }] }] : error.message);
}
2017-11-14 11:11:22 +01:00
},
/**
* Destroy a/an user record.
*
* @return {Object}
*/
destroy: async (ctx) => {
2017-11-14 11:11:22 +01:00
const data = await strapi.plugins['users-permissions'].services.user.remove(ctx.params);
// Send 200 `ok`
ctx.send(data);
},
destroyAll: async (ctx) => {
const data = await strapi.plugins['users-permissions'].services.user.removeAll(ctx.params, ctx.request.query);
2017-11-14 11:11:22 +01:00
// Send 200 `ok`
ctx.send(data);
}
};