From 8942b99372f57d2d76bdd91bd4798c9997f1b8d4 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Wed, 20 Jun 2018 16:50:51 +1000 Subject: [PATCH] Backend api updates --- bin/build-dev | 4 +++ src/backend/internal/user.js | 25 +++----------- src/backend/lib/access/users-create.json | 7 ++++ src/backend/lib/access/users-delete.json | 7 ++++ src/backend/lib/access/users-loginas.json | 7 ++++ src/backend/lib/access/users-password.json | 23 +++++++++++++ src/backend/lib/access/users-update.json | 26 ++++++++++++++ src/backend/lib/validator/index.js | 6 ++-- src/backend/routes/api/users.js | 40 +++++++--------------- src/backend/views/index.ejs | 2 +- 10 files changed, 95 insertions(+), 52 deletions(-) create mode 100755 bin/build-dev create mode 100644 src/backend/lib/access/users-create.json create mode 100644 src/backend/lib/access/users-delete.json create mode 100644 src/backend/lib/access/users-loginas.json create mode 100644 src/backend/lib/access/users-password.json create mode 100644 src/backend/lib/access/users-update.json diff --git a/bin/build-dev b/bin/build-dev new file mode 100755 index 00000000..25203eb9 --- /dev/null +++ b/bin/build-dev @@ -0,0 +1,4 @@ +#!/bin/bash + +sudo /usr/local/bin/docker-compose run --no-deps --rm app npm run-script dev +exit $? diff --git a/src/backend/internal/user.js b/src/backend/internal/user.js index e46c848f..6d545562 100644 --- a/src/backend/internal/user.js +++ b/src/backend/internal/user.js @@ -220,8 +220,8 @@ const internalUser = { /** * This will only count the users * - * @param {Access} access - * @param {String} [search_query] + * @param {Access} access + * @param {String} [search_query] * @returns {*} */ getCount: (access, search_query) => { @@ -252,34 +252,19 @@ const internalUser = { * All users * * @param {Access} access - * @param {Integer} [start] - * @param {Integer} [limit] - * @param {Array} [sort] * @param {Array} [expand] * @param {String} [search_query] * @returns {Promise} */ - getAll: (access, start, limit, sort, expand, search_query) => { + getAll: (access, expand, search_query) => { return access.can('users:list') .then(() => { let query = userModel .query() .where('is_deleted', 0) .groupBy('id') - .limit(limit ? limit : 100) - .omit(['is_deleted']); - - if (typeof start !== 'undefined' && start !== null) { - query.offset(start); - } - - if (typeof sort !== 'undefined' && sort !== null) { - _.map(sort, (item) => { - query.orderBy(item.field, item.dir); - }); - } else { - query.orderBy('name', 'DESC'); - } + .omit(['is_deleted']) + .orderBy('name', 'ASC'); // Query is used for searching if (typeof search_query === 'string') { diff --git a/src/backend/lib/access/users-create.json b/src/backend/lib/access/users-create.json new file mode 100644 index 00000000..d2709fd8 --- /dev/null +++ b/src/backend/lib/access/users-create.json @@ -0,0 +1,7 @@ +{ + "anyOf": [ + { + "$ref": "roles#/definitions/admin" + } + ] +} diff --git a/src/backend/lib/access/users-delete.json b/src/backend/lib/access/users-delete.json new file mode 100644 index 00000000..d2709fd8 --- /dev/null +++ b/src/backend/lib/access/users-delete.json @@ -0,0 +1,7 @@ +{ + "anyOf": [ + { + "$ref": "roles#/definitions/admin" + } + ] +} diff --git a/src/backend/lib/access/users-loginas.json b/src/backend/lib/access/users-loginas.json new file mode 100644 index 00000000..d2709fd8 --- /dev/null +++ b/src/backend/lib/access/users-loginas.json @@ -0,0 +1,7 @@ +{ + "anyOf": [ + { + "$ref": "roles#/definitions/admin" + } + ] +} diff --git a/src/backend/lib/access/users-password.json b/src/backend/lib/access/users-password.json new file mode 100644 index 00000000..04b4e9e9 --- /dev/null +++ b/src/backend/lib/access/users-password.json @@ -0,0 +1,23 @@ +{ + "anyOf": [ + { + "$ref": "roles#/definitions/admin" + }, + { + "type": "object", + "required": ["data", "scope"], + "properties": { + "data": { + "$ref": "objects#/properties/users" + }, + "scope": { + "type": "array", + "contains": { + "type": "string", + "pattern": "^user$" + } + } + } + } + ] +} diff --git a/src/backend/lib/access/users-update.json b/src/backend/lib/access/users-update.json new file mode 100644 index 00000000..a638780b --- /dev/null +++ b/src/backend/lib/access/users-update.json @@ -0,0 +1,26 @@ +{ + "anyOf": [ + { + "$ref": "roles#/definitions/admin" + }, + { + "type": "object", + "required": [ + "data", + "scope" + ], + "properties": { + "data": { + "$ref": "objects#/properties/users" + }, + "scope": { + "type": "array", + "contains": { + "type": "string", + "pattern": "^user$" + } + } + } + } + ] +} diff --git a/src/backend/lib/validator/index.js b/src/backend/lib/validator/index.js index b7d9a52b..46d32f20 100644 --- a/src/backend/lib/validator/index.js +++ b/src/backend/lib/validator/index.js @@ -18,8 +18,8 @@ const ajv = require('ajv')({ /** * - * @param {Object} schema - * @param {Object} payload + * @param {Object} schema + * @param {Object} payload * @returns {Promise} */ function validator (schema, payload) { @@ -34,8 +34,6 @@ function validator (schema, payload) { if (valid && !validate.errors) { resolve(_.cloneDeep(payload)); } else { - //console.log('Validation failed:', schema, payload); - let message = ajv.errorsText(validate.errors); reject(new error.InternalValidationError(message)); } diff --git a/src/backend/routes/api/users.js b/src/backend/routes/api/users.js index 5e630da6..a42d512c 100644 --- a/src/backend/routes/api/users.js +++ b/src/backend/routes/api/users.js @@ -29,14 +29,10 @@ router * * Retrieve all users */ - .get(pagination('name', 0, 50, 300), (req, res, next) => { + .get((req, res, next) => { validator({ additionalProperties: false, - required: ['sort'], properties: { - sort: { - $ref: 'definitions#/definitions/sort' - }, expand: { $ref: 'definitions#/definitions/expand' }, @@ -45,23 +41,13 @@ router } } }, { - sort: req.query.sort, expand: (typeof req.query.expand === 'string' ? req.query.expand.split(',') : null), query: (typeof req.query.query === 'string' ? req.query.query : null) }) - .then((data) => { - return Promise.all([ - internalUser.getCount(res.locals.access, data.query), - internalUser.getAll(res.locals.access, req.query.offset, req.query.limit, data.sort, data.expand, data.query) - ]); + .then(data => { + return internalUser.getAll(res.locals.access, data.expand, data.query); }) - .then((data) => { - res.setHeader('X-Dataset-Total', data.shift()); - res.setHeader('X-Dataset-Offset', req.query.offset); - res.setHeader('X-Dataset-Limit', req.query.limit); - return data.shift(); - }) - .then((users) => { + .then(users => { res.status(200) .send(users); }) @@ -75,10 +61,10 @@ router */ .post((req, res, next) => { apiValidator({$ref: 'endpoints/users#/links/1/schema'}, req.body) - .then((payload) => { + .then(payload => { return internalUser.create(res.locals.access, payload); }) - .then((result) => { + .then(result => { res.status(201) .send(result); }) @@ -119,14 +105,14 @@ router user_id: req.params.user_id, expand: (typeof req.query.expand === 'string' ? req.query.expand.split(',') : null) }) - .then((data) => { + .then(data => { return internalUser.get(res.locals.access, { id: data.user_id, expand: data.expand, omit: internalUser.getUserOmisionsByAccess(res.locals.access, data.user_id) }); }) - .then((user) => { + .then(user => { res.status(200) .send(user); }) @@ -140,11 +126,11 @@ router */ .put((req, res, next) => { apiValidator({$ref: 'endpoints/users#/links/2/schema'}, req.body) - .then((payload) => { + .then(payload => { payload.id = req.params.user_id; return internalUser.update(res.locals.access, payload); }) - .then((result) => { + .then(result => { res.status(200) .send(result); }) @@ -158,7 +144,7 @@ router */ .delete((req, res, next) => { internalUser.delete(res.locals.access, {id: req.params.user_id}) - .then((result) => { + .then(result => { res.status(200) .send(result); }) @@ -216,11 +202,11 @@ router */ .post((req, res, next) => { apiValidator({$ref: 'endpoints/users#/links/5/schema'}, req.body) - .then((payload) => { + .then(payload => { payload.id = req.params.user_id; return internalUser.setServiceSettings(res.locals.access, payload); }) - .then((result) => { + .then(result => { res.status(200) .send(result); }) diff --git a/src/backend/views/index.ejs b/src/backend/views/index.ejs index 89bd8943..ce58fd44 100644 --- a/src/backend/views/index.ejs +++ b/src/backend/views/index.ejs @@ -1,7 +1,7 @@ <% var title = 'Nginx Proxy Manager' %> <%- include partials/header.ejs %> -
+