openhim-core/lib/api/clients.js

The OpenHIM core application that provides logging and routing of http requests

"use strict";

Object.defineProperty(exports, "__esModule", {
  value: true
});
exports.addClient = addClient;
exports.getClient = getClient;
exports.findClientByDomain = findClientByDomain;
exports.updateClient = updateClient;
exports.removeClient = removeClient;
exports.getClients = getClients;

var _winston = _interopRequireDefault(require("winston"));

var _clients = require("../model/clients");

var _channels = require("../model/channels");

var authorisation = _interopRequireWildcard(require("./authorisation"));

var utils = _interopRequireWildcard(require("../utils"));

function _getRequireWildcardCache() { if (typeof WeakMap !== "function") return null; var cache = new WeakMap(); _getRequireWildcardCache = function () { return cache; }; return cache; }

function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }

function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }

/*
 * Adds a client
 */
async function addClient(ctx) {
  // Test if the user is authorised
  if (!authorisation.inGroup('admin', ctx.authenticated)) {
    utils.logAndSetResponse(ctx, 403, `User ${ctx.authenticated.email} is not an admin, API access to addClient denied.`, 'info');
    return;
  }

  const clientData = ctx.request.body;

  if (clientData.clientID) {
    const chResult = await _channels.ChannelModelAPI.find({
      allow: {
        $in: [clientData.clientID]
      }
    }, {
      name: 1
    }).exec();
    const clResult = await _clients.ClientModelAPI.find({
      roles: {
        $in: [clientData.clientID]
      }
    }, {
      clientID: 1
    }).exec();

    if ((chResult != null ? chResult.length : undefined) > 0 || (clResult != null ? clResult.length : undefined) > 0) {
      return utils.logAndSetResponse(ctx, 409, `A role name conflicts with clientID '${clientData.clientID}'. A role name cannot be the same as a clientID.`, 'info');
    }
  }

  try {
    const client = new _clients.ClientModelAPI(clientData);
    await client.save();

    _winston.default.info(`User ${ctx.authenticated.email} created client with id ${client.id}`);

    ctx.body = 'Client successfully created';
    ctx.status = 201;
  } catch (e) {
    _winston.default.error(`Could not add a client via the API: ${e.message}`);

    ctx.body = e.message;
    ctx.status = 400;
  }
}
/*
 * Retrieves the details of a specific client
 */


async function getClient(ctx, clientId, property) {
  let projectionRestriction = null; // if property - Setup client projection and bypass authorization

  if (typeof property === 'string') {
    if (property === 'clientName') {
      projectionRestriction = {
        _id: 0,
        name: 1
      };
    } else {
      utils.logAndSetResponse(ctx, 404, `The property (${property}) you are trying to retrieve is not found.`, 'info');
      return;
    }
  } else if (!authorisation.inGroup('admin', ctx.authenticated)) {
    utils.logAndSetResponse(ctx, 403, `User ${ctx.authenticated.email} is not an admin, API access to findClientById denied.`, 'info');
    return;
  }

  clientId = unescape(clientId);

  try {
    const result = await _clients.ClientModelAPI.findById(clientId, projectionRestriction).exec();

    if (result === null) {
      utils.logAndSetResponse(ctx, 404, `Client with id ${clientId} could not be found.`, 'info');
    } else {
      ctx.body = result;
    }
  } catch (e) {
    _winston.default.error(`Could not find client by id ${clientId} via the API: ${e.message}`);

    ctx.body = e.message;
    ctx.status = 500;
  }
}

async function findClientByDomain(ctx, clientDomain) {
  // Test if the user is authorised
  if (!authorisation.inGroup('admin', ctx.authenticated)) {
    utils.logAndSetResponse(ctx, 403, `User ${ctx.authenticated.email} is not an admin, API access to findClientByDomain denied.`, 'info');
    return;
  }

  clientDomain = unescape(clientDomain);

  try {
    const result = await _clients.ClientModelAPI.findOne({
      clientDomain
    }).exec();

    if (result === null) {
      utils.logAndSetResponse(ctx, 404, `Could not find client with clientDomain ${clientDomain}`, 'info');
    } else {
      ctx.body = result;
    }
  } catch (e) {
    _winston.default.error(`Could not find client by client Domain ${clientDomain} via the API: ${e.message}`);

    ctx.body = e.message;
    ctx.status = 500;
  }
}

async function updateClient(ctx, clientId) {
  // Test if the user is authorised
  if (!authorisation.inGroup('admin', ctx.authenticated)) {
    utils.logAndSetResponse(ctx, 403, `User ${ctx.authenticated.email} is not an admin, API access to updateClient denied.`, 'info');
    return;
  }

  clientId = unescape(clientId);
  const clientData = ctx.request.body; // Ignore _id if it exists, a user shouldn't be able to update the internal id

  if (clientData._id) {
    delete clientData._id;
  }

  if (clientData.clientID) {
    const chResult = await _channels.ChannelModelAPI.find({
      allow: {
        $in: [clientData.clientID]
      }
    }, {
      name: 1
    }).exec();
    const clResult = await _clients.ClientModelAPI.find({
      roles: {
        $in: [clientData.clientID]
      }
    }, {
      clientID: 1
    }).exec();

    if ((chResult != null ? chResult.length : undefined) > 0 || (clResult != null ? clResult.length : undefined) > 0) {
      return utils.logAndSetResponse(ctx, 409, `A role name conflicts with clientID '${clientData.clientID}'. A role name cannot be the same as a clientID.`, 'info');
    }
  }

  try {
    await _clients.ClientModelAPI.findByIdAndUpdate(clientId, clientData).exec();

    _winston.default.info(`User ${ctx.authenticated.email} updated client with id ${clientId}`);

    ctx.body = 'Successfully updated client.';
  } catch (e) {
    _winston.default.error(`Could not update client by ID ${clientId} via the API: ${e.message}`);

    ctx.body = e.message;
    ctx.status = 500;
  }
}

async function removeClient(ctx, clientId) {
  // Test if the user is authorised
  if (!authorisation.inGroup('admin', ctx.authenticated)) {
    utils.logAndSetResponse(ctx, 403, `User ${ctx.authenticated.email} is not an admin, API access to removeClient denied.`, 'info');
    return;
  }

  clientId = unescape(clientId);

  try {
    await _clients.ClientModelAPI.findByIdAndRemove(clientId).exec();
    ctx.body = `Successfully removed client with ID ${clientId}`;

    _winston.default.info(`User ${ctx.authenticated.email} removed client with id ${clientId}`);
  } catch (e) {
    _winston.default.error(`Could not remove client by ID ${clientId} via the API: ${e.message}`);

    ctx.body = e.message;
    ctx.status = 500;
  }
}

async function getClients(ctx) {
  // Test if the user is authorised
  if (!authorisation.inGroup('admin', ctx.authenticated)) {
    utils.logAndSetResponse(ctx, 403, `User ${ctx.authenticated.email} is not an admin, API access to getClients denied.`, 'info');
    return;
  }

  try {
    ctx.body = await _clients.ClientModelAPI.find().exec();
  } catch (e) {
    _winston.default.error(`Could not fetch all clients via the API: ${e.message}`);

    ctx.message = e.message;
    ctx.status = 500;
  }
}
//# sourceMappingURL=clients.js.map