Add update user route in the user api

2025-12-27 15:13:21 +00:00 · 2020-05-27 16:06:15 +02:00 · 2020-05-27 16:06:15 +02:00 · 6897cbf6ad
commit 6897cbf6ad
parent c91ebf6dab
5 changed files with 87 additions and 23 deletions
--- a/packages/strapi-admin/config/routes.json
+++ b/packages/strapi-admin/config/routes.json
@ -146,6 +146,11 @@
        "policies": []
      }
    },
+    {
+      "method": "PUT",
+      "path": "/users/:id",
+      "handler": "User.update"
+    },
    {
      "method": "GET",
      "path": "/roles/:id/permissions",
--- a/packages/strapi-admin/controllers/user.js
+++ b/packages/strapi-admin/controllers/user.js
@ -1,7 +1,7 @@
 'use strict';

 const _ = require('lodash');
-const { validateUserCreationInput } = require('../validation/user');
+const { validateUserCreationInput, validateUserUpdateInput } = require('../validation/user');

 module.exports = {
  async create(ctx) {
@ -43,4 +43,27 @@ module.exports = {
      },
    };
  },
+
+  async update(ctx) {
+    const { id } = ctx.params;
+    const { body: input } = ctx.request;
+
+    try {
+      await validateUserUpdateInput(input);
+    } catch (err) {
+      return ctx.badRequest('ValidationError', err);
+    }
+
+    const userExists = await strapi.admin.services.user.exists({ id });
+
+    if (!userExists) {
+      return ctx.badRequest('User does not exists');
+    }
+
+    const updatedUser = await strapi.admin.services.user.update({ id }, input);
+
+    ctx.body = {
+      data: strapi.admin.services.user.sanitizeUser(updatedUser),
+    };
+  },
 };
--- a/packages/strapi-admin/services/user.js
+++ b/packages/strapi-admin/services/user.js
@ -8,7 +8,12 @@ const { createUser } = require('../domain/user');
 * @param {Object} user - user to sanitize
 */
 const sanitizeUser = user => {
-  return _.omit(user, ['password', 'resetPasswordToken']);
+  const sanitizeUserRoles = role => _.pick(role, ['id', 'name', 'description']);
+
+  return {
+    ..._.omit(user, ['password', 'resetPasswordToken', 'roles']),
+    roles: user.roles.map(sanitizeUserRoles),
+  };
 };

 /**
--- a/packages/strapi-admin/validation/common-validators.js
+++ b/packages/strapi-admin/validation/common-validators.js
@ -2,20 +2,36 @@

 const { yup } = require('strapi-utils');

-const validators = {
-  email: yup
-    .string()
-    .email()
-    .min(1),
-  firstname: yup.string().min(1),
-  lastname: yup.string().min(1),
-  password: yup
-    .string()
-    .min(8)
-    .matches(/[a-z]/, '${path} must contain at least one lowercase character')
-    .matches(/[A-Z]/, '${path} must contain at least one uppercase character')
-    .matches(/\d/, '${path} must contain at least one number'),
-  strapiId: yup.lazy(value => (typeof value === 'number' ? yup.number().integer() : yup.string())), // https://github.com/jquense/yup/issues/665
-};
+const strapiID = yup.lazy(value =>
+  typeof value === 'number' ? yup.number().integer() : yup.string()
+); // https://github.com/jquense/yup/issues/665

-module.exports = validators;
+const email = yup
+  .string()
+  .email()
+  .min(1);
+
+const firstname = yup.string().min(1);
+
+const lastname = yup.string().min(1);
+
+const username = yup.string().min(1);
+
+const password = yup
+  .string()
+  .min(8)
+  .matches(/[a-z]/, '${path} must contain at least one lowercase character')
+  .matches(/[A-Z]/, '${path} must contain at least one uppercase character')
+  .matches(/\d/, '${path} must contain at least one number');
+
+const roles = yup.array(strapiID);
+
+module.exports = {
+  email,
+  firstname,
+  lastname,
+  username,
+  password,
+  roles,
+  strapiID,
+};
--- a/packages/strapi-admin/validation/user.js
+++ b/packages/strapi-admin/validation/user.js
@ -11,7 +11,7 @@ const userCreationSchema = yup
    email: validators.email.required(),
    firstname: validators.firstname.required(),
    lastname: validators.lastname.required(),
-    roles: yup.array(), // FIXME: set min to 1 once the create  role API is created,
+    roles: validators.roles, // FIXME: set min to 1 once the create  role API is created,
  })
  .noUnknown();

@ -25,10 +25,7 @@ const profileUpdateSchema = yup
    email: validators.email,
    firstname: validators.firstname,
    lastname: validators.lastname,
-    username: yup
-      .string()
-      .min(1)
-      .nullable(),
+    username: validators.username.nullable(),
    password: validators.password,
  })
  .noUnknown();
@ -39,7 +36,25 @@ const validateProfileUpdateInput = data => {
    .catch(handleReject);
 };

+const userUpdateSchema = yup
+  .object()
+  .shape({
+    email: validators.email,
+    firstname: validators.firstname,
+    lastname: validators.lastname,
+    username: validators.username.nullable(),
+    password: validators.password,
+    isActive: yup.bool(),
+    roles: validators.roles.min(1),
+  })
+  .noUnknown();
+
+const validateUserUpdateInput = data => {
+  return userUpdateSchema.validate(data, { strict: true, abortEarly: false }).catch(handleReject);
+};
+
 module.exports = {
  validateUserCreationInput,
  validateProfileUpdateInput,
+  validateUserUpdateInput,
 };