2017-11-06 11:14:43 +01:00
|
|
|
'use strict';
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* UsersPermissions.js controller
|
|
|
|
|
*
|
|
|
|
|
* @description: A set of functions called "actions" of the `users-permissions` plugin.
|
|
|
|
|
*/
|
|
|
|
|
|
2017-11-15 15:06:09 +01:00
|
|
|
const _ = require('lodash');
|
|
|
|
|
|
2017-11-06 11:14:43 +01:00
|
|
|
module.exports = {
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Default action.
|
|
|
|
|
*
|
|
|
|
|
* @return {Object}
|
|
|
|
|
*/
|
2017-11-23 17:13:46 +01:00
|
|
|
createRole: async (ctx) => {
|
2017-11-23 11:03:26 +01:00
|
|
|
if (_.isEmpty(ctx.request.body)) {
|
|
|
|
|
return ctx.badRequest(null, [{ messages: [{ id: 'Cannot be empty' }] }]);
|
|
|
|
|
}
|
2017-11-23 17:13:46 +01:00
|
|
|
|
2017-11-23 11:03:26 +01:00
|
|
|
try {
|
2017-11-27 16:49:56 +01:00
|
|
|
await strapi.plugins['users-permissions'].services.userspermissions.createRole(ctx.request.body);
|
2017-11-23 11:03:26 +01:00
|
|
|
ctx.send({ ok: true });
|
|
|
|
|
} catch(err) {
|
|
|
|
|
ctx.badRequest(null, [{ messages: [{ id: 'An error occured' }] }]);
|
|
|
|
|
}
|
|
|
|
|
},
|
2017-11-06 11:14:43 +01:00
|
|
|
|
2017-11-23 18:08:14 +01:00
|
|
|
deleteProvider: async ctx => {
|
|
|
|
|
const { provider } = ctx.params;
|
|
|
|
|
|
|
|
|
|
if (!provider) {
|
|
|
|
|
return ctx.badRequest(null, [{ messages: [{ id: 'Bad request' }] }]);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// TODO handle dynamic
|
|
|
|
|
return ctx.send({ ok: true });
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
deleteRole: async ctx => {
|
|
|
|
|
const { role } = ctx.params;
|
|
|
|
|
|
|
|
|
|
if (!role) {
|
|
|
|
|
return ctx.badRequest(null, [{ messages: [{ id: 'Bad request' }] }]);
|
|
|
|
|
}
|
|
|
|
|
|
2017-12-04 15:03:53 +01:00
|
|
|
if (role === '0' || role === '1') {
|
2017-11-27 17:02:45 +01:00
|
|
|
return ctx.badRequest(null, [{ messages: [{ id: 'Unauthorized' }] }]);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
try {
|
|
|
|
|
await strapi.plugins['users-permissions'].services.userspermissions.deleteRole(role);
|
|
|
|
|
return ctx.send({ ok: true });
|
|
|
|
|
} catch(err) {
|
|
|
|
|
return ctx.badRequest(null, [{ messages: [{ id: 'Bad request' }] }]);
|
|
|
|
|
}
|
2017-11-23 18:08:14 +01:00
|
|
|
},
|
|
|
|
|
|
2017-11-23 17:13:46 +01:00
|
|
|
getPermissions: async (ctx) => {
|
2017-11-15 15:11:10 +01:00
|
|
|
try {
|
2017-11-16 17:59:41 +01:00
|
|
|
const permissions = await strapi.plugins['users-permissions'].services.userspermissions.getActions();
|
|
|
|
|
ctx.send({ permissions });
|
2017-11-15 15:11:10 +01:00
|
|
|
} catch(err) {
|
|
|
|
|
ctx.badRequest(null, [{ message: [{ id: 'Not Found' }] }]);
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
|
2017-11-29 18:45:51 +01:00
|
|
|
getPolicies: async (ctx) => {
|
|
|
|
|
return ctx.send({
|
|
|
|
|
policies: _.without(_.keys(strapi.plugins['users-permissions'].config.policies), 'permissions')
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
|
2017-11-23 17:13:46 +01:00
|
|
|
getRole: async (ctx) => {
|
2017-11-15 14:00:51 +01:00
|
|
|
const { id } = ctx.params;
|
2017-11-30 16:52:28 +01:00
|
|
|
const role = await strapi.plugins['users-permissions'].services.userspermissions.getRole(id);
|
2017-11-15 15:11:10 +01:00
|
|
|
|
|
|
|
|
if (_.isEmpty(role)) {
|
2017-11-20 14:35:24 +01:00
|
|
|
return ctx.badRequest(null, [{ messages: [{ id: `Role don't exist` }] }]);
|
2017-11-15 15:11:10 +01:00
|
|
|
}
|
2017-11-15 14:00:51 +01:00
|
|
|
|
2017-11-15 15:11:10 +01:00
|
|
|
return ctx.send({ role });
|
2017-11-15 14:00:51 +01:00
|
|
|
},
|
2017-11-06 11:14:43 +01:00
|
|
|
|
2017-11-27 16:04:57 +01:00
|
|
|
getRoles: async (ctx) => {
|
|
|
|
|
try {
|
|
|
|
|
const roles = await strapi.plugins['users-permissions'].services.userspermissions.getRoles();
|
|
|
|
|
|
|
|
|
|
ctx.send({ roles });
|
|
|
|
|
} catch(err) {
|
|
|
|
|
ctx.badRequest(null, [{ messages: [{ id: 'Not found' }] }]);
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
|
2017-11-30 16:34:43 +01:00
|
|
|
getRoutes: async (ctx) => {
|
|
|
|
|
try {
|
|
|
|
|
const routes = await strapi.plugins['users-permissions'].services.userspermissions.getRoutes();
|
|
|
|
|
|
|
|
|
|
ctx.send({ routes });
|
|
|
|
|
} catch(err) {
|
|
|
|
|
ctx.badRequest(null, [{ messages: [{ id: 'Not found' }] }]);
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
|
2017-11-06 11:14:43 +01:00
|
|
|
index: async (ctx) => {
|
|
|
|
|
// Add your own logic here.
|
|
|
|
|
|
|
|
|
|
// Send 200 `ok`
|
|
|
|
|
ctx.send({
|
|
|
|
|
message: 'ok'
|
|
|
|
|
});
|
2017-11-14 17:09:13 +01:00
|
|
|
},
|
|
|
|
|
|
|
|
|
|
init: async (ctx) => {
|
2017-12-11 11:14:07 +01:00
|
|
|
const hasAdmin = await strapi.query('user', 'users-permissions').find(strapi.utils.models.convertParams('user', { role: '0' }));
|
2017-11-29 15:42:11 +01:00
|
|
|
|
2017-12-11 11:14:07 +01:00
|
|
|
ctx.send({ hasAdmin: hasAdmin.length > 0 });
|
2017-11-23 17:13:46 +01:00
|
|
|
},
|
|
|
|
|
|
2017-11-27 12:19:36 +01:00
|
|
|
searchUsers: async (ctx) => {
|
|
|
|
|
const data = await strapi.query('user', 'users-permissions').search(ctx.params);
|
|
|
|
|
return ctx.send(data);
|
|
|
|
|
},
|
|
|
|
|
|
2017-11-23 17:13:46 +01:00
|
|
|
updateRole: async (ctx) => {
|
2017-11-27 17:50:51 +01:00
|
|
|
const roleId = ctx.params.role;
|
|
|
|
|
// Prevent from updating the Administrator role
|
|
|
|
|
if (roleId === '0') {
|
|
|
|
|
return ctx.badRequest(null, [{ messages: [{ id: 'Unauthorized' }] }]);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (_.isEmpty(ctx.request.body)) {
|
|
|
|
|
return ctx.badRequest(null, [{ messages: [{ id: 'Bad request' }] }]);
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-23 17:13:46 +01:00
|
|
|
try {
|
2017-11-27 17:50:51 +01:00
|
|
|
await strapi.plugins['users-permissions'].services.userspermissions.updateRole(roleId, ctx.request.body);
|
2017-11-23 17:13:46 +01:00
|
|
|
ctx.send({ ok: true });
|
|
|
|
|
} catch(error) {
|
|
|
|
|
ctx.badRequest(null, [{ messages: [{ id: 'An error occurred' }] }]);
|
|
|
|
|
}
|
2017-11-06 11:14:43 +01:00
|
|
|
}
|
|
|
|
|
};
|
