UNPKG

@fdm-monster/server

Version:

FDM Monster is a bulk OctoPrint, Klipper, PrusaLink and BambuLab manager to set up, configure and monitor 3D printers. Our aim is to provide neat overview over your farm.

github.com/fdm-monster/fdm-monster

fdm-monster/fdm-monster

240 lines (239 loc) • 9.94 kB

JavaScript

import { __exportAll } from "../_virtual/_rolldown/runtime.js"; import { __decorateMetadata } from "../_virtual/_@oxc-project_runtime@0.129.0/helpers/decorateMetadata.js"; import { __decorate } from "../_virtual/_@oxc-project_runtime@0.129.0/helpers/decorate.js"; import { BadRequestException, ForbiddenError } from "../exceptions/runtime.exceptions.js"; import { validateInput, validateMiddleware } from "../handlers/validators.js"; import { AppConstants } from "../server.constants.js"; import { SettingsStore } from "../state/settings.store.js"; import { errorSummary } from "../utils/error.utils.js"; import { ROLES } from "../constants/authorization.constants.js"; import { authenticate, authorizeRoles } from "../middleware/authenticate.js"; import { demoUserNotAllowed } from "../middleware/demo.middleware.js"; import { changePasswordSchema, isRootUserSchema, isVerifiedSchema, registerUserWithRolesSchema, setUserRolesSchema, usernameSchema } from "./validation/user-controller.validation.js"; import { ParamId } from "../middleware/param-converter.middleware.js"; import { DELETE, GET, POST, before, route } from "awilix-express"; //#region src/controllers/user.controller.ts var user_controller_exports = /* @__PURE__ */ __exportAll({ UserController: () => UserController }); var _ref, _UserController; let UserController = _UserController = class UserController { logger; constructor(loggerFactory, userService, configService, roleService, authService, settingsStore) { this.userService = userService; this.configService = configService; this.roleService = roleService; this.authService = authService; this.settingsStore = settingsStore; this.logger = loggerFactory(_UserController.name); } async list(req, res) { const users = await this.userService.listUsers(); res.send(users.map((u) => this.userService.toDto(u))); } async create(req, res) { const { username, password, roles } = await validateMiddleware(req, registerUserWithRolesSchema); if (username.toLowerCase().includes("admin") || username.toLowerCase().includes("root") || username.toLowerCase() === "demo") throw new BadRequestException("Username is not allowed"); await this.userService.register({ username, password, roles, needsPasswordChange: false, isDemoUser: false, isRootUser: false, isVerified: true }); res.send(); } async listRoles(req, res) { const roleDtos = this.roleService.roles.map((r) => this.roleService.toDto(r)); res.send(roleDtos); } async profile(req, res) { if (!req.user?.id) { res.send({}); return; } const user = await this.userService.getUser(req.user?.id); res.send(this.userService.toDto(user)); } async get(req, res) { const user = await this.userService.getUser(req.local.id); res.send(this.userService.toDto(user)); } async delete(req, res) { const deletedUserId = req.local.id; if (req.user?.id == deletedUserId) throw new ForbiddenError("Not allowed to delete own account"); if (await this.userService.isUserRootUser(deletedUserId)) throw new ForbiddenError("Not allowed to delete root user"); if (this.configService.isDemoMode()) { if (deletedUserId === await this.userService.getDemoUserId()) this.throwIfDemoMode(); } await this.userService.deleteUser(deletedUserId); try { await this.authService.logoutUserId(deletedUserId); } catch (e) { this.logger.error(errorSummary(e)); } res.send(); } async changeUsername(req, res) { const changedUserId = req.local.id; if (req.user?.id != changedUserId && await this.settingsStore.getLoginRequired()) throw new ForbiddenError("Not allowed to change username of other users"); const { username } = await validateInput(req.body, usernameSchema); await this.userService.updateUsernameById(changedUserId, username); res.send(); } async changePassword(req, res) { const changedUserId = req.local.id; if (req.user?.id != changedUserId && await this.settingsStore.getLoginRequired()) throw new ForbiddenError("Not allowed to change password of other users"); const { oldPassword, newPassword } = await validateInput(req.body, changePasswordSchema); await this.userService.updatePasswordById(changedUserId, oldPassword, newPassword); res.send(); } async setUserRoles(req, res) { const changedUserId = req.local.id; const ownUserId = req.user?.id; if (!ownUserId) throw new ForbiddenError("Need to be logged in, in order to set user roles"); const ownUser = await this.userService.getUser(ownUserId); const mappedUser = this.userService.toDto(ownUser); const ownUserRoles = mappedUser.roles; if (ownUserId == changedUserId && !ownUserRoles.includes(ROLES.ADMIN) && !mappedUser.isRootUser) throw new ForbiddenError("Only an ADMIN or OWNER user is allowed to change its own roles"); const { roles } = await validateInput(req.body, setUserRolesSchema); if (ownUserId == changedUserId && !roles.includes(ROLES.ADMIN)) if (mappedUser.isRootUser) throw new BadRequestException("It does not make sense to remove ADMIN role from an OWNER user."); else throw new BadRequestException("An ADMIN user cannot remove its ADMIN role."); await this.userService.setUserRoles(changedUserId, roles); res.send(); } async setVerified(req, res) { const changedUserId = req.local.id; if (req.user?.id == changedUserId) throw new ForbiddenError("Not allowed to change own verified status"); if (await this.userService.isUserRootUser(changedUserId)) throw new ForbiddenError("Not allowed to change root user to unverified"); const { isVerified } = await validateInput(req.body, isVerifiedSchema); await this.userService.setVerifiedById(changedUserId, isVerified); res.send(); } async setRootUser(req, res) { const changedUserId = req.local.id; const userId = req.user?.id; if (userId) { if (!await this.userService.isUserRootUser(userId)) throw new ForbiddenError("Not allowed to change owner without being owner yourself"); } const { isRootUser } = await validateInput(req.body, isRootUserSchema); await this.userService.setIsRootUserById(changedUserId, isRootUser); res.send(); } throwIfDemoMode() { if (this.configService.isDemoMode()) throw new ForbiddenError("Not allowed in demo mode"); } }; __decorate([ GET(), route("/"), before([authorizeRoles([ROLES.ADMIN])]), __decorateMetadata("design:type", Function), __decorateMetadata("design:paramtypes", [Object, Object]), __decorateMetadata("design:returntype", Promise) ], UserController.prototype, "list", null); __decorate([ POST(), route("/"), before([authorizeRoles([ROLES.ADMIN])]), __decorateMetadata("design:type", Function), __decorateMetadata("design:paramtypes", [Object, Object]), __decorateMetadata("design:returntype", Promise) ], UserController.prototype, "create", null); __decorate([ GET(), route("/roles"), __decorateMetadata("design:type", Function), __decorateMetadata("design:paramtypes", [Object, Object]), __decorateMetadata("design:returntype", Promise) ], UserController.prototype, "listRoles", null); __decorate([ GET(), route("/profile"), __decorateMetadata("design:type", Function), __decorateMetadata("design:paramtypes", [Object, Object]), __decorateMetadata("design:returntype", Promise) ], UserController.prototype, "profile", null); __decorate([ GET(), route("/:id"), before([authorizeRoles([ROLES.ADMIN]), ParamId("id")]), __decorateMetadata("design:type", Function), __decorateMetadata("design:paramtypes", [Object, Object]), __decorateMetadata("design:returntype", Promise) ], UserController.prototype, "get", null); __decorate([ DELETE(), route("/:id"), before([ authorizeRoles([ROLES.ADMIN]), demoUserNotAllowed, ParamId("id") ]), __decorateMetadata("design:type", Function), __decorateMetadata("design:paramtypes", [Object, Object]), __decorateMetadata("design:returntype", Promise) ], UserController.prototype, "delete", null); __decorate([ POST(), route("/:id/change-username"), before([demoUserNotAllowed, ParamId("id")]), __decorateMetadata("design:type", Function), __decorateMetadata("design:paramtypes", [Object, Object]), __decorateMetadata("design:returntype", Promise) ], UserController.prototype, "changeUsername", null); __decorate([ POST(), route("/:id/change-password"), before([demoUserNotAllowed, ParamId("id")]), __decorateMetadata("design:type", Function), __decorateMetadata("design:paramtypes", [Object, Object]), __decorateMetadata("design:returntype", Promise) ], UserController.prototype, "changePassword", null); __decorate([ POST(), route("/:id/set-user-roles"), before([ authorizeRoles([ROLES.ADMIN]), demoUserNotAllowed, ParamId("id") ]), __decorateMetadata("design:type", Function), __decorateMetadata("design:paramtypes", [Object, Object]), __decorateMetadata("design:returntype", Promise) ], UserController.prototype, "setUserRoles", null); __decorate([ POST(), route("/:id/set-verified"), before([ authorizeRoles([ROLES.ADMIN]), demoUserNotAllowed, ParamId("id") ]), __decorateMetadata("design:type", Function), __decorateMetadata("design:paramtypes", [Object, Object]), __decorateMetadata("design:returntype", Promise) ], UserController.prototype, "setVerified", null); __decorate([ POST(), route("/:id/set-root-user"), before([demoUserNotAllowed, ParamId("id")]), __decorateMetadata("design:type", Function), __decorateMetadata("design:paramtypes", [Object, Object]), __decorateMetadata("design:returntype", Promise) ], UserController.prototype, "setRootUser", null); UserController = _UserController = __decorate([ route(AppConstants.apiRoute + "/user"), before([authenticate()]), __decorateMetadata("design:paramtypes", [ Object, Object, Object, Object, Object, typeof (_ref = typeof SettingsStore !== "undefined" && SettingsStore) === "function" ? _ref : Object ]) ], UserController); //#endregion export { UserController, user_controller_exports }; //# sourceMappingURL=user.controller.js.map