@becomes/cms
Version:
Simple CMS for building APIs.
835 lines • 48.2 kB
JavaScript
"use strict";
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
return c > 3 && r && Object.defineProperty(target, key, r), r;
};
var __metadata = (this && this.__metadata) || function (k, v) {
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
};
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
step((generator = generator.apply(thisArg, _arguments || [])).next());
});
};
var __generator = (this && this.__generator) || function (thisArg, body) {
var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
function verb(n) { return function (v) { return step([n, v]); }; }
function step(op) {
if (f) throw new TypeError("Generator is already executing.");
while (_) try {
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
if (y = 0, t) op = [op[0] & 2, t.value];
switch (op[0]) {
case 0: case 1: t = op; break;
case 4: _.label++; return { value: op[1], done: false };
case 5: _.label++; y = op[1]; op = [0]; continue;
case 7: op = _.ops.pop(); _.trys.pop(); continue;
default:
if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
if (t[2]) _.ops.pop();
_.trys.pop(); continue;
}
op = body.call(thisArg, _);
} catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
}
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.UserController = void 0;
var bcrypt = require("bcrypt");
var purple_cheetah_1 = require("purple-cheetah");
var user_service_1 = require("./user.service");
var user_factory_1 = require("./factories/user.factory");
var refresh_token_factory_1 = require("./factories/refresh-token.factory");
var security_code_buffer_service_1 = require("./security-code-buffer.service");
var UserController = (function () {
function UserController() {
}
UserController_1 = UserController;
UserController.prototype.isInitialized = function (request) {
return __awaiter(this, void 0, void 0, function () {
var userCount;
return __generator(this, function (_a) {
switch (_a.label) {
case 0: return [4, this.userService.count()];
case 1:
userCount = _a.sent();
if (userCount > 0) {
return [2, {
initialized: true,
}];
}
return [2, {
initialized: false,
}];
}
});
});
};
UserController.prototype.getAll = function (request) {
return __awaiter(this, void 0, void 0, function () {
var error, jwt, jwtValid, users;
return __generator(this, function (_a) {
switch (_a.label) {
case 0:
error = purple_cheetah_1.HttpErrorFactory.simple('getAll', this.logger);
jwt = purple_cheetah_1.JWTEncoding.decode(request.headers.authorization);
if (jwt instanceof Error) {
throw error.occurred(purple_cheetah_1.HttpStatus.UNAUTHORIZED, jwt.message);
}
else {
jwtValid = purple_cheetah_1.JWTSecurity.validateAndCheckTokenPermissions(jwt, [purple_cheetah_1.RoleName.ADMIN], purple_cheetah_1.PermissionName.READ, purple_cheetah_1.JWTConfigService.get('user-token-config'));
if (jwtValid instanceof Error) {
throw error.occurred(purple_cheetah_1.HttpStatus.UNAUTHORIZED, jwtValid.message);
}
}
return [4, this.userService.findAll()];
case 1:
users = _a.sent();
return [2, {
users: users.map(function (e) {
return user_factory_1.UserFactory.removeProtected(e);
}),
}];
}
});
});
};
UserController.prototype.getByAccessToken = function (request) {
return __awaiter(this, void 0, void 0, function () {
var error, jwt, jwtValid, user;
return __generator(this, function (_a) {
switch (_a.label) {
case 0:
error = purple_cheetah_1.HttpErrorFactory.simple('.getByAccessToken', this.logger);
jwt = purple_cheetah_1.JWTEncoding.decode(request.headers.authorization);
if (jwt instanceof Error) {
throw error.occurred(purple_cheetah_1.HttpStatus.UNAUTHORIZED, jwt.message);
}
else {
jwtValid = purple_cheetah_1.JWTSecurity.validateAndCheckTokenPermissions(jwt, [purple_cheetah_1.RoleName.ADMIN, purple_cheetah_1.RoleName.USER], purple_cheetah_1.PermissionName.READ, purple_cheetah_1.JWTConfigService.get('user-token-config'));
if (jwtValid instanceof Error) {
throw error.occurred(purple_cheetah_1.HttpStatus.UNAUTHORIZED, jwtValid.message);
}
}
return [4, this.userService.findById(jwt.payload.userId)];
case 1:
user = _a.sent();
if (user === null) {
throw error.occurred(purple_cheetah_1.HttpStatus.INTERNAL_SERVER_ERROR, 'Failed to find a User in database.');
}
return [2, {
user: user_factory_1.UserFactory.removeProtected(user),
}];
}
});
});
};
UserController.prototype.getById = function (request) {
return __awaiter(this, void 0, void 0, function () {
var error, jwt, jwtValid, user;
return __generator(this, function (_a) {
switch (_a.label) {
case 0:
error = purple_cheetah_1.HttpErrorFactory.simple('getById', this.logger);
if (purple_cheetah_1.StringUtility.isIdValid(request.params.id) === false) {
throw error.occurred(purple_cheetah_1.HttpStatus.FORBIDDEN, "Invalid ID '" + request.params.id + "' was provided.");
}
jwt = purple_cheetah_1.JWTEncoding.decode(request.headers.authorization);
if (jwt instanceof Error) {
throw error.occurred(purple_cheetah_1.HttpStatus.UNAUTHORIZED, jwt.message);
}
else {
jwtValid = purple_cheetah_1.JWTSecurity.validateAndCheckTokenPermissions(jwt, [purple_cheetah_1.RoleName.ADMIN], purple_cheetah_1.PermissionName.READ, purple_cheetah_1.JWTConfigService.get('user-token-config'));
if (jwtValid instanceof Error) {
throw error.occurred(purple_cheetah_1.HttpStatus.UNAUTHORIZED, jwtValid.message);
}
}
return [4, this.userService.findById(request.params.id)];
case 1:
user = _a.sent();
if (user === null) {
throw error.occurred(purple_cheetah_1.HttpStatus.NOT_FOUNT, "User with ID '" + request.params.id + "' does not exist.");
}
return [2, {
user: user_factory_1.UserFactory.removeProtected(user),
}];
}
});
});
};
UserController.prototype.update = function (request) {
return __awaiter(this, void 0, void 0, function () {
var error, jwt, jwtValid, user, changeDetected, userWithThisEmail, checkPassword, _a, updateUserResult;
return __generator(this, function (_b) {
switch (_b.label) {
case 0:
error = purple_cheetah_1.HttpErrorFactory.simple('.update', this.logger);
try {
purple_cheetah_1.ObjectUtility.compareWithSchema(request.body, {
email: {
__type: 'string',
__required: false,
},
password: {
__type: 'object',
__required: false,
__child: {
current: {
__type: 'string',
__required: true,
},
new: {
__type: 'string',
__required: true,
},
},
},
customPool: {
__type: 'object',
__required: false,
__child: {
personal: {
__type: 'object',
__required: false,
__child: {
firstName: {
__type: 'string',
__required: false,
},
lastName: {
__type: 'string',
__required: false,
},
avatarUri: {
__type: 'string',
__required: false,
},
},
},
address: {
__type: 'object',
__required: false,
__child: {
country: {
__type: 'string',
__required: false,
},
city: {
__type: 'string',
__required: false,
},
state: {
__type: 'string',
__required: false,
},
zip: {
__type: 'string',
__required: false,
},
street: {
__type: 'object',
__required: false,
__child: {
name: {
__type: 'string',
__required: true,
},
number: {
__type: 'string',
__required: true,
},
},
},
},
},
},
},
}, 'body');
}
catch (e) {
throw error.occurred(purple_cheetah_1.HttpStatus.BAD_REQUEST, e.message);
}
jwt = purple_cheetah_1.JWTEncoding.decode(request.headers.authorization);
if (jwt instanceof Error) {
throw error.occurred(purple_cheetah_1.HttpStatus.UNAUTHORIZED, jwt.message);
}
else {
jwtValid = purple_cheetah_1.JWTSecurity.validateAndCheckTokenPermissions(jwt, [purple_cheetah_1.RoleName.ADMIN, purple_cheetah_1.RoleName.USER], purple_cheetah_1.PermissionName.READ, purple_cheetah_1.JWTConfigService.get('user-token-config'));
if (jwtValid instanceof Error) {
throw error.occurred(purple_cheetah_1.HttpStatus.UNAUTHORIZED, jwtValid.message);
}
}
return [4, this.userService.findById(jwt.payload.userId)];
case 1:
user = _b.sent();
if (user === null) {
throw error.occurred(purple_cheetah_1.HttpStatus.INTERNAL_SERVER_ERROR, 'Failed to find a User in database.');
}
changeDetected = false;
if (!request.body.email) return [3, 3];
return [4, this.userService.findByEmail(request.body.email)];
case 2:
userWithThisEmail = _b.sent();
if (userWithThisEmail !== null) {
throw error.occurred(purple_cheetah_1.HttpStatus.FORBIDDEN, "User with email '" + request.body.email + "' already exist.");
}
user.email = request.body.email;
changeDetected = true;
_b.label = 3;
case 3:
if (!request.body.password) return [3, 6];
return [4, bcrypt.compare(request.body.password.current, user.password)];
case 4:
checkPassword = _b.sent();
if (checkPassword === false) {
throw error.occurred(purple_cheetah_1.HttpStatus.FORBIDDEN, 'Incorrect current password has been provided.');
}
_a = user;
return [4, bcrypt.hash(request.body.password.new, 10)];
case 5:
_a.password = _b.sent();
changeDetected = true;
_b.label = 6;
case 6:
if (request.body.personal) {
if (request.body.personal.firstName) {
user.customPool.personal.firstName = request.body.personal.firstName;
user.username =
user.customPool.personal.firstName +
' ' +
user.customPool.personal.lastName;
changeDetected = true;
}
if (request.body.personal.lastName) {
user.customPool.personal.lastName = request.body.personal.lastName;
user.username =
user.customPool.personal.firstName +
' ' +
user.customPool.personal.lastName;
changeDetected = true;
}
if (request.body.personal.avatarUri) {
user.customPool.personal.avatarUri = request.body.personal.avatarUri;
changeDetected = true;
}
}
if (request.body.address) {
if (request.body.address.country) {
user.customPool.address.country = request.body.address.country;
changeDetected = true;
}
if (request.body.address.city) {
user.customPool.address.city = request.body.address.city;
changeDetected = true;
}
if (request.body.address.state) {
user.customPool.address.state = request.body.address.state;
changeDetected = true;
}
if (request.body.address.zip) {
user.customPool.address.zip = request.body.address.zip;
changeDetected = true;
}
if (request.body.address.street) {
user.customPool.address.street.name = request.body.address.street.name;
user.customPool.address.street.number =
request.body.address.street.number;
changeDetected = true;
}
}
if (changeDetected === false) {
throw error.occurred(purple_cheetah_1.HttpStatus.FORBIDDEN, 'Nothing to update.');
}
return [4, this.userService.updateNew(user)];
case 7:
updateUserResult = _b.sent();
if (updateUserResult === false) {
throw error.occurred(purple_cheetah_1.HttpStatus.INTERNAL_SERVER_ERROR, 'Failed to update a User in database.');
}
return [2, {
user: user_factory_1.UserFactory.removeProtected(user),
}];
}
});
});
};
UserController.prototype.add = function (request) {
return __awaiter(this, void 0, void 0, function () {
var error, jwt, jwtValid, userWithSameEmail, user, _a, addUserResult;
return __generator(this, function (_b) {
switch (_b.label) {
case 0:
error = purple_cheetah_1.HttpErrorFactory.simple('add', this.logger);
try {
purple_cheetah_1.ObjectUtility.compareWithSchema(request.body, {
email: {
__type: 'string',
__required: true,
},
password: {
__type: 'string',
__required: true,
},
customPool: {
__type: 'object',
__required: true,
__child: {
personal: {
__type: 'object',
__required: true,
__child: {
firstName: {
__type: 'string',
__required: true,
},
lastName: {
__type: 'string',
__required: true,
},
},
},
},
},
}, 'body');
}
catch (e) {
throw error.occurred(purple_cheetah_1.HttpStatus.BAD_REQUEST, e.message);
}
jwt = purple_cheetah_1.JWTEncoding.decode(request.headers.authorization);
if (jwt instanceof Error) {
throw error.occurred(purple_cheetah_1.HttpStatus.UNAUTHORIZED, jwt.message);
}
else {
jwtValid = purple_cheetah_1.JWTSecurity.validateAndCheckTokenPermissions(jwt, [purple_cheetah_1.RoleName.ADMIN], purple_cheetah_1.PermissionName.WRITE, purple_cheetah_1.JWTConfigService.get('user-token-config'));
if (jwtValid instanceof Error) {
throw error.occurred(purple_cheetah_1.HttpStatus.UNAUTHORIZED, jwtValid.message);
}
}
return [4, this.userService.findByEmail(request.body.email)];
case 1:
userWithSameEmail = _b.sent();
if (userWithSameEmail !== null) {
throw error.occurred(purple_cheetah_1.HttpStatus.FORBIDDEN, "User with email '" + request.body.email + "' already exist.");
}
if (request.body.email.split('@').length !== 2) {
throw error.occurred(purple_cheetah_1.HttpStatus.FORBIDDEN, "Invalid Email format for '" + request.body.email + "'");
}
user = user_factory_1.UserFactory.user({
username: request.body.customPool.personal.firstName +
' ' +
request.body.customPool.personal.lastName,
email: request.body.email,
firstName: request.body.customPool.personal.firstName,
lastName: request.body.customPool.personal.lastName,
});
if (request.body.password.replace(/ /g, '') === '') {
throw error.occurred(purple_cheetah_1.HttpStatus.FORBIDDEN, 'Password cannot be empty string.');
}
_a = user;
return [4, bcrypt.hash(request.body.password, 10)];
case 2:
_a.password = _b.sent();
return [4, this.userService.add(user)];
case 3:
addUserResult = _b.sent();
if (addUserResult === false) {
throw error.occurred(purple_cheetah_1.HttpStatus.INTERNAL_SERVER_ERROR, 'Failed to add User to database.');
}
return [2, {
user: user_factory_1.UserFactory.removeProtected(user),
}];
}
});
});
};
UserController.prototype.genAdminSecCode = function (request) {
return __awaiter(this, void 0, void 0, function () {
return __generator(this, function (_a) {
security_code_buffer_service_1.SecurityCodeBufferService.gen();
return [2, {
message: 'Success.',
}];
});
});
};
UserController.prototype.createAdmin = function (request) {
return __awaiter(this, void 0, void 0, function () {
var error, userWithSameEmail, user, refreshToken, _a, addUserResult;
return __generator(this, function (_b) {
switch (_b.label) {
case 0:
error = purple_cheetah_1.HttpErrorFactory.simple('.createAdmin', this.logger);
try {
purple_cheetah_1.ObjectUtility.compareWithSchema(request.body, {
securityCode: {
__type: 'string',
__required: true,
},
email: {
__type: 'string',
__required: true,
},
password: {
__type: 'string',
__required: true,
},
customPool: {
__type: 'object',
__required: true,
__child: {
personal: {
__type: 'object',
__required: true,
__child: {
firstName: {
__type: 'string',
__required: true,
},
lastName: {
__type: 'string',
__required: true,
},
},
},
},
},
}, 'body');
}
catch (e) {
throw error.occurred(purple_cheetah_1.HttpStatus.BAD_REQUEST, e.message);
}
if (security_code_buffer_service_1.SecurityCodeBufferService.compare(request.body.securityCode) === false) {
throw error.occurred(purple_cheetah_1.HttpStatus.UNAUTHORIZED, 'Invalid security code.');
}
return [4, this.userService.findByEmail(request.body.email)];
case 1:
userWithSameEmail = _b.sent();
if (userWithSameEmail !== null) {
throw error.occurred(purple_cheetah_1.HttpStatus.FORBIDDEN, "User with email '" + request.body.email + "' already exist.");
}
user = user_factory_1.UserFactory.admin({
username: request.body.customPool.personal.firstName +
' ' +
request.body.customPool.personal.lastName,
email: request.body.email,
firstName: request.body.customPool.personal.firstName,
lastName: request.body.customPool.personal.lastName,
});
refreshToken = refresh_token_factory_1.RefreshTokenFactory.instance;
user.refreshTokens.push(refreshToken);
_a = user;
return [4, bcrypt.hash(request.body.password, 10)];
case 2:
_a.password = _b.sent();
return [4, this.userService.add(user)];
case 3:
addUserResult = _b.sent();
if (addUserResult === false) {
throw error.occurred(purple_cheetah_1.HttpStatus.INTERNAL_SERVER_ERROR, 'Failed to add User to database.');
}
return [2, {
accessToken: purple_cheetah_1.JWTEncoding.encode(purple_cheetah_1.JWTSecurity.createToken(user._id.toHexString(), user.roles, purple_cheetah_1.JWTConfigService.get('user-token-config'), user.customPool)),
refreshToken: refreshToken.value,
}];
}
});
});
};
UserController.prototype.updateUser = function (request) {
return __awaiter(this, void 0, void 0, function () {
var error, jwt, jwtValid, user, userWithSameEmail, _a, updateUserResult;
return __generator(this, function (_b) {
switch (_b.label) {
case 0:
error = purple_cheetah_1.HttpErrorFactory.simple('updateUser', this.logger);
try {
purple_cheetah_1.ObjectUtility.compareWithSchema(request.body, {
_id: {
__type: 'string',
__required: true,
},
email: {
__type: 'string',
__required: false,
},
password: {
__type: 'string',
__required: false,
},
customPool: {
__type: 'object',
__required: false,
__child: {
personal: {
__type: 'object',
__required: false,
__child: {
firstName: {
__type: 'string',
__required: false,
},
lastName: {
__type: 'string',
__required: false,
},
},
},
policy: {
__type: 'object',
__require: true,
__child: {
media: {
__type: 'object',
__required: true,
__child: {
get: {
__type: 'boolean',
__required: true,
},
post: {
__type: 'boolean',
__required: true,
},
put: {
__type: 'boolean',
__required: true,
},
delete: {
__type: 'boolean',
__required: true,
},
},
},
templates: {
__type: 'array',
__required: true,
__child: {
__type: 'object',
__content: {
get: {
__type: 'boolean',
__required: true,
},
post: {
__type: 'boolean',
__required: true,
},
put: {
__type: 'boolean',
__required: true,
},
delete: {
__type: 'boolean',
__required: true,
},
},
},
},
},
},
},
},
}, 'body');
}
catch (e) {
throw error.occurred(purple_cheetah_1.HttpStatus.BAD_REQUEST, e.message);
}
if (purple_cheetah_1.StringUtility.isIdValid(request.body._id) === false) {
throw error.occurred(purple_cheetah_1.HttpStatus.FORBIDDEN, "Invalid ID '" + request.body._id + "' was provided.");
}
jwt = purple_cheetah_1.JWTEncoding.decode(request.headers.authorization);
if (jwt instanceof Error) {
throw error.occurred(purple_cheetah_1.HttpStatus.UNAUTHORIZED, jwt.message);
}
else {
jwtValid = purple_cheetah_1.JWTSecurity.validateAndCheckTokenPermissions(jwt, [purple_cheetah_1.RoleName.ADMIN], purple_cheetah_1.PermissionName.WRITE, purple_cheetah_1.JWTConfigService.get('user-token-config'));
if (jwtValid instanceof Error) {
throw error.occurred(purple_cheetah_1.HttpStatus.UNAUTHORIZED, jwtValid.message);
}
}
return [4, this.userService.findById(request.body._id)];
case 1:
user = _b.sent();
user.customPool.policy = request.body.customPool.policy;
if (user === null) {
throw error.occurred(purple_cheetah_1.HttpStatus.NOT_FOUNT, "User with ID '" + request.body._id + "' does not exist.");
}
if (!(typeof request.body.email !== 'undefined' &&
request.body.email !== user.email)) return [3, 3];
if (request.body.email.split('@').length !== 2) {
throw error.occurred(purple_cheetah_1.HttpStatus.FORBIDDEN, "Invalid Email format for '" + request.body.email + "'");
}
return [4, this.userService.findByEmail(request.body.email)];
case 2:
userWithSameEmail = _b.sent();
if (userWithSameEmail !== null) {
throw error.occurred(purple_cheetah_1.HttpStatus.FORBIDDEN, "User with Email '" + request.body.email + "' already exist.");
}
user.email = request.body.email;
_b.label = 3;
case 3:
if (!(typeof request.body.password !== 'undefined')) return [3, 5];
if (request.body.password.replace(/ /g, '') === '') {
throw error.occurred(purple_cheetah_1.HttpStatus.FORBIDDEN, 'Password cannot be empty string.');
}
_a = user;
return [4, bcrypt.hash(request.body.password, 10)];
case 4:
_a.password = _b.sent();
_b.label = 5;
case 5:
if (typeof request.body.customPool !== 'undefined' &&
typeof request.body.customPool.personal !== 'undefined') {
if (typeof request.body.customPool.personal.firstName !== 'undefined') {
user.customPool.personal.firstName =
request.body.customPool.personal.firstName;
user.username = user.customPool.personal.firstName + " " + user.customPool.personal.lastName;
}
if (typeof request.body.customPool.personal.lastName !== 'undefined') {
user.customPool.personal.lastName =
request.body.customPool.personal.lastName;
user.username = user.customPool.personal.firstName + " " + user.customPool.personal.lastName;
}
}
return [4, this.userService.updateNew(user)];
case 6:
updateUserResult = _b.sent();
if (updateUserResult === false) {
throw error.occurred(purple_cheetah_1.HttpStatus.INTERNAL_SERVER_ERROR, 'Failed to update User in database.');
}
return [2, {
user: user_factory_1.UserFactory.removeProtected(user),
}];
}
});
});
};
UserController.prototype.deleteById = function (request) {
return __awaiter(this, void 0, void 0, function () {
var error, jwt, jwtValid, user, deleteUserResult;
return __generator(this, function (_a) {
switch (_a.label) {
case 0:
error = purple_cheetah_1.HttpErrorFactory.simple('deleteById', this.logger);
if (purple_cheetah_1.StringUtility.isIdValid(request.params.id) === false) {
throw error.occurred(purple_cheetah_1.HttpStatus.FORBIDDEN, "Invalid ID '" + request.params.id + "' was provided.");
}
jwt = purple_cheetah_1.JWTEncoding.decode(request.headers.authorization);
if (jwt instanceof Error) {
throw error.occurred(purple_cheetah_1.HttpStatus.UNAUTHORIZED, jwt.message);
}
else {
jwtValid = purple_cheetah_1.JWTSecurity.validateAndCheckTokenPermissions(jwt, [purple_cheetah_1.RoleName.ADMIN], purple_cheetah_1.PermissionName.DELETE, purple_cheetah_1.JWTConfigService.get('user-token-config'));
if (jwtValid instanceof Error) {
throw error.occurred(purple_cheetah_1.HttpStatus.UNAUTHORIZED, jwtValid.message);
}
}
if (jwt.payload.userId === request.params.id) {
throw error.occurred(purple_cheetah_1.HttpStatus.FORBIDDEN, "You cannot delete yourself.");
}
return [4, this.userService.findById(request.params.id)];
case 1:
user = _a.sent();
if (user === null) {
throw error.occurred(purple_cheetah_1.HttpStatus.NOT_FOUNT, "User with ID '" + request.params.id + "' does not exist.");
}
return [4, this.userService.deleteById(request.params.id)];
case 2:
deleteUserResult = _a.sent();
if (deleteUserResult === false) {
throw error.occurred(purple_cheetah_1.HttpStatus.INTERNAL_SERVER_ERROR, "Failed to remove User from database.");
}
return [2, {
message: 'Success.',
}];
}
});
});
};
var UserController_1;
__decorate([
purple_cheetah_1.AppLogger(UserController_1),
__metadata("design:type", purple_cheetah_1.Logger)
], UserController.prototype, "logger", void 0);
__decorate([
purple_cheetah_1.Service(user_service_1.UserService),
__metadata("design:type", user_service_1.UserService)
], UserController.prototype, "userService", void 0);
__decorate([
purple_cheetah_1.Get('/is-initialized'),
__metadata("design:type", Function),
__metadata("design:paramtypes", [Object]),
__metadata("design:returntype", Promise)
], UserController.prototype, "isInitialized", null);
__decorate([
purple_cheetah_1.Get('/all'),
__metadata("design:type", Function),
__metadata("design:paramtypes", [Object]),
__metadata("design:returntype", Promise)
], UserController.prototype, "getAll", null);
__decorate([
purple_cheetah_1.Get('/me'),
__metadata("design:type", Function),
__metadata("design:paramtypes", [Object]),
__metadata("design:returntype", Promise)
], UserController.prototype, "getByAccessToken", null);
__decorate([
purple_cheetah_1.Get('/:id'),
__metadata("design:type", Function),
__metadata("design:paramtypes", [Object]),
__metadata("design:returntype", Promise)
], UserController.prototype, "getById", null);
__decorate([
purple_cheetah_1.Put('/me'),
__metadata("design:type", Function),
__metadata("design:paramtypes", [Object]),
__metadata("design:returntype", Promise)
], UserController.prototype, "update", null);
__decorate([
purple_cheetah_1.Post(),
__metadata("design:type", Function),
__metadata("design:paramtypes", [Object]),
__metadata("design:returntype", Promise)
], UserController.prototype, "add", null);
__decorate([
purple_cheetah_1.Post('/generate-admin-secret'),
__metadata("design:type", Function),
__metadata("design:paramtypes", [Object]),
__metadata("design:returntype", Promise)
], UserController.prototype, "genAdminSecCode", null);
__decorate([
purple_cheetah_1.Post('/create-admin'),
__metadata("design:type", Function),
__metadata("design:paramtypes", [Object]),
__metadata("design:returntype", Promise)
], UserController.prototype, "createAdmin", null);
__decorate([
purple_cheetah_1.Put(),
__metadata("design:type", Function),
__metadata("design:paramtypes", [Object]),
__metadata("design:returntype", Promise)
], UserController.prototype, "updateUser", null);
__decorate([
purple_cheetah_1.Delete('/:id'),
__metadata("design:type", Function),
__metadata("design:paramtypes", [Object]),
__metadata("design:returntype", Promise)
], UserController.prototype, "deleteById", null);
UserController = UserController_1 = __decorate([
purple_cheetah_1.Controller('/user')
], UserController);
return UserController;
}());
exports.UserController = UserController;
//# sourceMappingURL=user.controller.js.map