yujunjun/strapi
1
0
Fork 0
mirror of https://github.com/strapi/strapi.git synced 2025-10-31 09:56:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
strapi/packages/strapi-plugin-users-permissions/controllers/User.js
Jim Laurie 7c16f512e6 Fix unique email for user API
2018-01-26 09:37:24 +01:00

149 lines
4.0 KiB
JavaScript
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

'use strict';
/**
* User.js controller
*
* @description: A set of functions called "actions" for managing `User`.
*/
const _ = require('lodash');
module.exports = {
/**
* Retrieve user records.
*
* @return {Object|Array}
*/
find: async (ctx) => {
let data = await strapi.plugins['users-permissions'].services.user.fetchAll(ctx.query);
data.reduce((acc, user) => {
acc.push(_.omit(user.toJSON ? user.toJSON() : user, ['password', 'resetPasswordToken']));
return acc;
}, []);
// Send 200 `ok`
ctx.send(data);
},
/**
* Retrieve authenticated user.
*
* @return {Object|Array}
*/
me: async (ctx) => {
const user = ctx.state.user;
if (!user) {
return ctx.badRequest(null, [{ messages: [{ id: 'No authorization header was found' }] }]);
}
const data = _.omit(user.toJSON ? user.toJSON() : user, ['password', 'resetPasswordToken']);
// Send 200 `ok`
ctx.send(data);
},
/**
* Retrieve a user record.
*
* @return {Object}
*/
findOne: async (ctx) => {
let data = await strapi.plugins['users-permissions'].services.user.fetch(ctx.params);
if (data) {
data = _.omit(data.toJSON ? data.toJSON() : data, ['password', 'resetPasswordToken']);
}
// Send 200 `ok`
ctx.send(data);
},
/**
* Create a/an user record.
*
* @return {Object}
*/
create: async (ctx) => {
if (strapi.plugins['users-permissions'].config.advanced.unique_email && ctx.request.body.email) {
const user = await strapi.query('user', 'users-permissions').findOne({ email: ctx.request.body.email });
if (user) {
return ctx.badRequest(null, ctx.request.admin ? [{ messages: [{ id: 'Auth.form.error.email.taken' }] }] : 'Email is already taken.');
}
}
try {
const data = await strapi.plugins['users-permissions'].services.user.add(ctx.request.body);
// Send 201 `created`
ctx.created(data);
} catch(error) {
ctx.badRequest(null, ctx.request.admin ? [{ messages: [{ id: error.message, field: error.field }] }] : error.message);
}
},
/**
* Update a/an user record.
*
* @return {Object}
*/
update: async (ctx, next) => {
try {
if (strapi.plugins['users-permissions'].config.advanced.unique_email && ctx.request.body.email) {
const user = await strapi.query('user', 'users-permissions').findOne({ email: ctx.request.body.email });
if (user) {
return ctx.badRequest(null, ctx.request.admin ? [{ messages: [{ id: 'Auth.form.error.email.taken' }] }] : 'Email is already taken.');
}
}
const user = await strapi.plugins['users-permissions'].services.user.fetch(ctx.params);
if (_.get(ctx.request, 'body.password') === user.password) {
delete ctx.request.body.password;
}
if (_.get(ctx.request, 'body.role', '').toString() === '0' && (!_.get(ctx.state, 'user.role') || _.get(ctx.state, 'user.role', '').toString() !== '0')) {
delete ctx.request.body.role;
}
if (ctx.request.body.email && strapi.plugins['users-permissions'].config.advanced.unique_email) {
const user = await strapi.query('user', 'users-permissions').findOne({
email: ctx.request.body.email
});
if (user.id !== ctx.params.id) {
return ctx.badRequest(null, ctx.request.admin ? [{ messages: [{ id: 'Auth.form.error.email.taken' }] }] : 'Email is already taken.');
}
}
const data = await strapi.plugins['users-permissions'].services.user.edit(ctx.params, ctx.request.body) ;
// Send 200 `ok`
ctx.send(data);
} catch(error) {
ctx.badRequest(null, ctx.request.admin ? [{ messages: [{ id: error.message, field: error.field }] }] : error.message);
}
},
/**
* Destroy a/an user record.
*
* @return {Object}
*/
destroy: async (ctx, next) => {
const data = await strapi.plugins['users-permissions'].services.user.remove(ctx.params);
// Send 200 `ok`
ctx.send(data);
}
};
Reference in New Issue View Git Blame Copy Permalink