unleash.unleash/src/lib/routes/admin-api/user-admin.ts

import Controller from '../controller';
import { ADMIN } from '../../permissions';
import UserService from '../../services/user-service';
import { AccessService } from '../../services/access-service';
import { Logger } from '../../logger';
import { handleErrors } from './util';
import { IUnleashConfig } from '../../types/option';
import { EmailService, MAIL_ACCEPTED } from '../../services/email-service';
import ResetTokenService from '../../services/reset-token-service';
import { IUnleashServices } from '../../types/services';

const getCreatorUsernameOrPassword = req => req.user.username || req.user.email;

export default class UserAdminController extends Controller {
    private userService: UserService;

    private accessService: AccessService;

    private readonly logger: Logger;

    private emailService: EmailService;

    private resetTokenService: ResetTokenService;

    constructor(
        config: IUnleashConfig,
        {
            userService,
            accessService,
            emailService,
            resetTokenService,
        }: Pick<
        IUnleashServices,
        | 'userService'
        | 'accessService'
        | 'emailService'
        | 'resetTokenService'
        >,
    ) {
        super(config);
        this.userService = userService;
        this.accessService = accessService;
        this.logger = config.getLogger('routes/user-controller.ts');
        this.emailService = emailService;
        this.resetTokenService = resetTokenService;

        this.get('/', this.getUsers, ADMIN);
        this.get('/search', this.search);
        this.post('/', this.createUser, ADMIN);
        this.post('/validate-password', this.validatePassword);
        this.put('/:id', this.updateUser, ADMIN);
        this.post('/:id/change-password', this.changePassword, ADMIN);
        this.delete('/:id', this.deleteUser, ADMIN);
        this.post('/reset-password', this.resetPassword);
    }

    // eslint-disable-next-line @typescript-eslint/explicit-module-boundary-types
    async resetPassword(req, res): Promise<void> {
        try {
            const requester = getCreatorUsernameOrPassword(req);
            const receiver = req.body.id;
            const resetPasswordUrl = await this.userService.createResetPasswordEmail(
                receiver,
                requester,
            );
            res.json({ resetPasswordUrl });
        } catch (e) {
            handleErrors(res, this.logger, e);
        }
    }

    // eslint-disable-next-line @typescript-eslint/explicit-module-boundary-types
    async getUsers(req, res): Promise<void> {
        try {
            const users = await this.userService.getAll();
            const rootRoles = await this.accessService.getRootRoles();
            const inviteLinks = await this.resetTokenService.getActiveInvitations();

            const usersWithInviteLinks = users.map(user => {
                const inviteLink = inviteLinks[user.id] || '';
                return { ...user, inviteLink };
            });

            res.json({ users: usersWithInviteLinks, rootRoles });
        } catch (error) {
            this.logger.error(error);
            res.status(500).send({ msg: 'server errors' });
        }
    }

    // eslint-disable-next-line @typescript-eslint/explicit-module-boundary-types
    async search(req, res): Promise<void> {
        const { q } = req.query;
        try {
            const users =
                q && q.length > 1 ? await this.userService.search(q) : [];
            res.json(users);
        } catch (error) {
            this.logger.error(error);
            res.status(500).send({ msg: 'server errors' });
        }
    }

    // eslint-disable-next-line @typescript-eslint/explicit-module-boundary-types
    async createUser(req, res): Promise<void> {
        const { username, email, name, rootRole } = req.body;
        const { user } = req;

        try {
            const createdUser = await this.userService.createUser({
                username,
                email,
                name,
                rootRole: Number(rootRole),
            });

            const inviteLink = await this.resetTokenService.createNewUserUrl(
                createdUser.id,
                user.email,
            );

            const emailConfigured = this.emailService.configured();
            if (emailConfigured) {
                await this.emailService.sendGettingStartedMail(
                    createdUser.name,
                    createdUser.email,
                    inviteLink.toString(),
                );
            } else {
                this.logger.warn(
                    'email was not sent to the user because email configuration is lacking',
                );
            }

            res.status(201).send({
                ...createdUser,
                inviteLink,
                emailSent: emailConfigured,
                rootRole,
            });
        } catch (e) {
            this.logger.warn(e.message);
            res.status(400).send([{ msg: e.message }]);
        }
    }

    // eslint-disable-next-line @typescript-eslint/explicit-module-boundary-types
    async updateUser(req, res): Promise<void> {
        const { id } = req.params;
        const { name, email, rootRole } = req.body;

        try {
            const user = await this.userService.updateUser({
                id: Number(id),
                name,
                email,
                rootRole: Number(rootRole),
            });
            res.status(200).send({ ...user, rootRole });
        } catch (e) {
            this.logger.warn(e.message);
            res.status(400).send([{ msg: e.message }]);
        }
    }

    // eslint-disable-next-line @typescript-eslint/explicit-module-boundary-types
    async deleteUser(req, res): Promise<void> {
        const { id } = req.params;

        try {
            await this.userService.deleteUser(+id);
            res.status(200).send();
        } catch (error) {
            this.logger.warn(error);
            res.status(500).send();
        }
    }

    // eslint-disable-next-line @typescript-eslint/explicit-module-boundary-types
    async validatePassword(req, res): Promise<void> {
        const { password } = req.body;

        try {
            this.userService.validatePassword(password);
            res.status(200).send();
        } catch (e) {
            res.status(400).send([{ msg: e.message }]);
        }
    }

    // eslint-disable-next-line @typescript-eslint/explicit-module-boundary-types
    async changePassword(req, res): Promise<void> {
        const { id } = req.params;
        const { password } = req.body;

        try {
            await this.userService.changePassword(+id, password);
            res.status(200).send();
        } catch (e) {
            res.status(400).send([{ msg: e.message }]);
        }
    }
}

module.exports = UserAdminController;
feat: Add username/password authentication (#777) 2021-04-09 13:46:53 +02:00			`import Controller from '../controller';`
			`import { ADMIN } from '../../permissions';`
			`import UserService from '../../services/user-service';`
Reset token (#786) feat: Add Reset token functionality This allows admin users to create a reset token for other users. Thus allowing resetting their password. Co-authored-by: Fredrik Oseberg <fredrik.no@gmail.com> fixes: #778 2021-04-16 15:29:23 +02:00			`import { AccessService } from '../../services/access-service';`
feat: Add username/password authentication (#777) 2021-04-09 13:46:53 +02:00			`import { Logger } from '../../logger';`
Reset token (#786) feat: Add Reset token functionality This allows admin users to create a reset token for other users. Thus allowing resetting their password. Co-authored-by: Fredrik Oseberg <fredrik.no@gmail.com> fixes: #778 2021-04-16 15:29:23 +02:00			`import { handleErrors } from './util';`
Feat/options need types (#794) feat: options are now typed - This makes it easier to know what to send to unleash.start / unleash.create - Using a Partial to instantiate the config, then melding it with defaults to get a config object with all fields set either to their defaults or to whatever is passed in. Co-authored-by: Fredrik Strand Oseberg <fredrik.no@gmail.com> Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> 2021-04-22 10:07:10 +02:00			`import { IUnleashConfig } from '../../types/option';`
Feat/add new user email (#793) * feat: send email when adding a new user * fix: rename method * fix: create welcome email * fix: update email templates * fix: add name to templates * refactor: reduce database calls to one * fix: alter tests * fix: remove console logs 2021-04-23 10:58:47 +02:00			`import { EmailService, MAIL_ACCEPTED } from '../../services/email-service';`
			`import ResetTokenService from '../../services/reset-token-service';`
fix: send email on process.nextTick (#805) To avoid users having to wait while we wait for a response from the email provider, we now send the mail on nextTick 2021-04-27 09:05:46 +02:00			`import { IUnleashServices } from '../../types/services';`
Reset token (#786) feat: Add Reset token functionality This allows admin users to create a reset token for other users. Thus allowing resetting their password. Co-authored-by: Fredrik Oseberg <fredrik.no@gmail.com> fixes: #778 2021-04-16 15:29:23 +02:00
			`const getCreatorUsernameOrPassword = req => req.user.username \|\| req.user.email;`
feat: Add username/password authentication (#777) 2021-04-09 13:46:53 +02:00
Feat/options need types (#794) feat: options are now typed - This makes it easier to know what to send to unleash.start / unleash.create - Using a Partial to instantiate the config, then melding it with defaults to get a config object with all fields set either to their defaults or to whatever is passed in. Co-authored-by: Fredrik Strand Oseberg <fredrik.no@gmail.com> Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> 2021-04-22 10:07:10 +02:00			`export default class UserAdminController extends Controller {`
feat: Add username/password authentication (#777) 2021-04-09 13:46:53 +02:00			`private userService: UserService;`

			`private accessService: AccessService;`

Feat/options need types (#794) feat: options are now typed - This makes it easier to know what to send to unleash.start / unleash.create - Using a Partial to instantiate the config, then melding it with defaults to get a config object with all fields set either to their defaults or to whatever is passed in. Co-authored-by: Fredrik Strand Oseberg <fredrik.no@gmail.com> Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> 2021-04-22 10:07:10 +02:00			`private readonly logger: Logger;`
feat: Add username/password authentication (#777) 2021-04-09 13:46:53 +02:00
Feat/add new user email (#793) * feat: send email when adding a new user * fix: rename method * fix: create welcome email * fix: update email templates * fix: add name to templates * refactor: reduce database calls to one * fix: alter tests * fix: remove console logs 2021-04-23 10:58:47 +02:00			`private emailService: EmailService;`

			`private resetTokenService: ResetTokenService;`

			`constructor(`
			`config: IUnleashConfig,`
fix: send email on process.nextTick (#805) To avoid users having to wait while we wait for a response from the email provider, we now send the mail on nextTick 2021-04-27 09:05:46 +02:00			`{`
			`userService,`
			`accessService,`
			`emailService,`
			`resetTokenService,`
			`}: Pick<`
			`IUnleashServices,`
			`\| 'userService'`
			`\| 'accessService'`
			`\| 'emailService'`
			`\| 'resetTokenService'`
			`>,`
Feat/add new user email (#793) * feat: send email when adding a new user * fix: rename method * fix: create welcome email * fix: update email templates * fix: add name to templates * refactor: reduce database calls to one * fix: alter tests * fix: remove console logs 2021-04-23 10:58:47 +02:00			`) {`
feat: Add username/password authentication (#777) 2021-04-09 13:46:53 +02:00			`super(config);`
			`this.userService = userService;`
			`this.accessService = accessService;`
Feat/options need types (#794) feat: options are now typed - This makes it easier to know what to send to unleash.start / unleash.create - Using a Partial to instantiate the config, then melding it with defaults to get a config object with all fields set either to their defaults or to whatever is passed in. Co-authored-by: Fredrik Strand Oseberg <fredrik.no@gmail.com> Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> 2021-04-22 10:07:10 +02:00			`this.logger = config.getLogger('routes/user-controller.ts');`
Feat/add new user email (#793) * feat: send email when adding a new user * fix: rename method * fix: create welcome email * fix: update email templates * fix: add name to templates * refactor: reduce database calls to one * fix: alter tests * fix: remove console logs 2021-04-23 10:58:47 +02:00			`this.emailService = emailService;`
			`this.resetTokenService = resetTokenService;`
feat: Add username/password authentication (#777) 2021-04-09 13:46:53 +02:00
fix: only ADMIN can list all users 2021-04-22 12:13:41 +02:00			`this.get('/', this.getUsers, ADMIN);`
feat: Add username/password authentication (#777) 2021-04-09 13:46:53 +02:00			`this.get('/search', this.search);`
			`this.post('/', this.createUser, ADMIN);`
			`this.post('/validate-password', this.validatePassword);`
			`this.put('/:id', this.updateUser, ADMIN);`
			`this.post('/:id/change-password', this.changePassword, ADMIN);`
			`this.delete('/:id', this.deleteUser, ADMIN);`
Reset token (#786) feat: Add Reset token functionality This allows admin users to create a reset token for other users. Thus allowing resetting their password. Co-authored-by: Fredrik Oseberg <fredrik.no@gmail.com> fixes: #778 2021-04-16 15:29:23 +02:00			`this.post('/reset-password', this.resetPassword);`
			`}`

Feat/options need types (#794) feat: options are now typed - This makes it easier to know what to send to unleash.start / unleash.create - Using a Partial to instantiate the config, then melding it with defaults to get a config object with all fields set either to their defaults or to whatever is passed in. Co-authored-by: Fredrik Strand Oseberg <fredrik.no@gmail.com> Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> 2021-04-22 10:07:10 +02:00			`// eslint-disable-next-line @typescript-eslint/explicit-module-boundary-types`
			`async resetPassword(req, res): Promise<void> {`
Reset token (#786) feat: Add Reset token functionality This allows admin users to create a reset token for other users. Thus allowing resetting their password. Co-authored-by: Fredrik Oseberg <fredrik.no@gmail.com> fixes: #778 2021-04-16 15:29:23 +02:00			`try {`
			`const requester = getCreatorUsernameOrPassword(req);`
			`const receiver = req.body.id;`
			`const resetPasswordUrl = await this.userService.createResetPasswordEmail(`
			`receiver,`
			`requester,`
			`);`
			`res.json({ resetPasswordUrl });`
			`} catch (e) {`
			`handleErrors(res, this.logger, e);`
			`}`
feat: Add username/password authentication (#777) 2021-04-09 13:46:53 +02:00			`}`

Feat/options need types (#794) feat: options are now typed - This makes it easier to know what to send to unleash.start / unleash.create - Using a Partial to instantiate the config, then melding it with defaults to get a config object with all fields set either to their defaults or to whatever is passed in. Co-authored-by: Fredrik Strand Oseberg <fredrik.no@gmail.com> Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> 2021-04-22 10:07:10 +02:00			`// eslint-disable-next-line @typescript-eslint/explicit-module-boundary-types`
			`async getUsers(req, res): Promise<void> {`
feat: Add username/password authentication (#777) 2021-04-09 13:46:53 +02:00			`try {`
			`const users = await this.userService.getAll();`
			`const rootRoles = await this.accessService.getRootRoles();`
Feat/add new user email (#793) * feat: send email when adding a new user * fix: rename method * fix: create welcome email * fix: update email templates * fix: add name to templates * refactor: reduce database calls to one * fix: alter tests * fix: remove console logs 2021-04-23 10:58:47 +02:00			`const inviteLinks = await this.resetTokenService.getActiveInvitations();`

			`const usersWithInviteLinks = users.map(user => {`
			`const inviteLink = inviteLinks[user.id] \|\| '';`
			`return { ...user, inviteLink };`
			`});`
feat: Add username/password authentication (#777) 2021-04-09 13:46:53 +02:00
Feat/add new user email (#793) * feat: send email when adding a new user * fix: rename method * fix: create welcome email * fix: update email templates * fix: add name to templates * refactor: reduce database calls to one * fix: alter tests * fix: remove console logs 2021-04-23 10:58:47 +02:00			`res.json({ users: usersWithInviteLinks, rootRoles });`
feat: Add username/password authentication (#777) 2021-04-09 13:46:53 +02:00			`} catch (error) {`
			`this.logger.error(error);`
			`res.status(500).send({ msg: 'server errors' });`
			`}`
			`}`

Feat/options need types (#794) feat: options are now typed - This makes it easier to know what to send to unleash.start / unleash.create - Using a Partial to instantiate the config, then melding it with defaults to get a config object with all fields set either to their defaults or to whatever is passed in. Co-authored-by: Fredrik Strand Oseberg <fredrik.no@gmail.com> Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> 2021-04-22 10:07:10 +02:00			`// eslint-disable-next-line @typescript-eslint/explicit-module-boundary-types`
			`async search(req, res): Promise<void> {`
feat: Add username/password authentication (#777) 2021-04-09 13:46:53 +02:00			`const { q } = req.query;`
			`try {`
			`const users =`
			`q && q.length > 1 ? await this.userService.search(q) : [];`
			`res.json(users);`
			`} catch (error) {`
			`this.logger.error(error);`
			`res.status(500).send({ msg: 'server errors' });`
			`}`
			`}`

Feat/options need types (#794) feat: options are now typed - This makes it easier to know what to send to unleash.start / unleash.create - Using a Partial to instantiate the config, then melding it with defaults to get a config object with all fields set either to their defaults or to whatever is passed in. Co-authored-by: Fredrik Strand Oseberg <fredrik.no@gmail.com> Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> 2021-04-22 10:07:10 +02:00			`// eslint-disable-next-line @typescript-eslint/explicit-module-boundary-types`
			`async createUser(req, res): Promise<void> {`
feat: Add username/password authentication (#777) 2021-04-09 13:46:53 +02:00			`const { username, email, name, rootRole } = req.body;`
Feat/add new user email (#793) * feat: send email when adding a new user * fix: rename method * fix: create welcome email * fix: update email templates * fix: add name to templates * refactor: reduce database calls to one * fix: alter tests * fix: remove console logs 2021-04-23 10:58:47 +02:00			`const { user } = req;`
feat: Add username/password authentication (#777) 2021-04-09 13:46:53 +02:00
			`try {`
Feat/add new user email (#793) * feat: send email when adding a new user * fix: rename method * fix: create welcome email * fix: update email templates * fix: add name to templates * refactor: reduce database calls to one * fix: alter tests * fix: remove console logs 2021-04-23 10:58:47 +02:00			`const createdUser = await this.userService.createUser({`
feat: Add username/password authentication (#777) 2021-04-09 13:46:53 +02:00			`username,`
			`email,`
			`name,`
			`rootRole: Number(rootRole),`
			`});`
Feat/add new user email (#793) * feat: send email when adding a new user * fix: rename method * fix: create welcome email * fix: update email templates * fix: add name to templates * refactor: reduce database calls to one * fix: alter tests * fix: remove console logs 2021-04-23 10:58:47 +02:00
			`const inviteLink = await this.resetTokenService.createNewUserUrl(`
			`createdUser.id,`
			`user.email,`
			`);`

			`const emailConfigured = this.emailService.configured();`
			`if (emailConfigured) {`
fix: emailservice now just returns if email was configured 2021-04-23 15:24:32 +02:00			`await this.emailService.sendGettingStartedMail(`
Feat/add new user email (#793) * feat: send email when adding a new user * fix: rename method * fix: create welcome email * fix: update email templates * fix: add name to templates * refactor: reduce database calls to one * fix: alter tests * fix: remove console logs 2021-04-23 10:58:47 +02:00			`createdUser.name,`
			`createdUser.email,`
			`inviteLink.toString(),`
			`);`
			`} else {`
			`this.logger.warn(`
			`'email was not sent to the user because email configuration is lacking',`
			`);`
			`}`

			`res.status(201).send({`
			`...createdUser,`
			`inviteLink,`
fix: emailservice now just returns if email was configured 2021-04-23 15:24:32 +02:00			`emailSent: emailConfigured,`
Feat/add new user email (#793) * feat: send email when adding a new user * fix: rename method * fix: create welcome email * fix: update email templates * fix: add name to templates * refactor: reduce database calls to one * fix: alter tests * fix: remove console logs 2021-04-23 10:58:47 +02:00			`rootRole,`
			`});`
feat: Add username/password authentication (#777) 2021-04-09 13:46:53 +02:00			`} catch (e) {`
			`this.logger.warn(e.message);`
			`res.status(400).send([{ msg: e.message }]);`
			`}`
			`}`

Feat/options need types (#794) feat: options are now typed - This makes it easier to know what to send to unleash.start / unleash.create - Using a Partial to instantiate the config, then melding it with defaults to get a config object with all fields set either to their defaults or to whatever is passed in. Co-authored-by: Fredrik Strand Oseberg <fredrik.no@gmail.com> Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> 2021-04-22 10:07:10 +02:00			`// eslint-disable-next-line @typescript-eslint/explicit-module-boundary-types`
			`async updateUser(req, res): Promise<void> {`
feat: Add username/password authentication (#777) 2021-04-09 13:46:53 +02:00			`const { id } = req.params;`
			`const { name, email, rootRole } = req.body;`

			`try {`
			`const user = await this.userService.updateUser({`
			`id: Number(id),`
			`name,`
			`email,`
			`rootRole: Number(rootRole),`
			`});`
			`res.status(200).send({ ...user, rootRole });`
			`} catch (e) {`
			`this.logger.warn(e.message);`
			`res.status(400).send([{ msg: e.message }]);`
			`}`
			`}`

Feat/options need types (#794) feat: options are now typed - This makes it easier to know what to send to unleash.start / unleash.create - Using a Partial to instantiate the config, then melding it with defaults to get a config object with all fields set either to their defaults or to whatever is passed in. Co-authored-by: Fredrik Strand Oseberg <fredrik.no@gmail.com> Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> 2021-04-22 10:07:10 +02:00			`// eslint-disable-next-line @typescript-eslint/explicit-module-boundary-types`
			`async deleteUser(req, res): Promise<void> {`
feat: Add username/password authentication (#777) 2021-04-09 13:46:53 +02:00			`const { id } = req.params;`

			`try {`
			`await this.userService.deleteUser(+id);`
			`res.status(200).send();`
			`} catch (error) {`
			`this.logger.warn(error);`
			`res.status(500).send();`
			`}`
			`}`

Feat/options need types (#794) feat: options are now typed - This makes it easier to know what to send to unleash.start / unleash.create - Using a Partial to instantiate the config, then melding it with defaults to get a config object with all fields set either to their defaults or to whatever is passed in. Co-authored-by: Fredrik Strand Oseberg <fredrik.no@gmail.com> Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> 2021-04-22 10:07:10 +02:00			`// eslint-disable-next-line @typescript-eslint/explicit-module-boundary-types`
			`async validatePassword(req, res): Promise<void> {`
feat: Add username/password authentication (#777) 2021-04-09 13:46:53 +02:00			`const { password } = req.body;`

			`try {`
			`this.userService.validatePassword(password);`
			`res.status(200).send();`
			`} catch (e) {`
			`res.status(400).send([{ msg: e.message }]);`
			`}`
			`}`

Feat/options need types (#794) feat: options are now typed - This makes it easier to know what to send to unleash.start / unleash.create - Using a Partial to instantiate the config, then melding it with defaults to get a config object with all fields set either to their defaults or to whatever is passed in. Co-authored-by: Fredrik Strand Oseberg <fredrik.no@gmail.com> Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> 2021-04-22 10:07:10 +02:00			`// eslint-disable-next-line @typescript-eslint/explicit-module-boundary-types`
			`async changePassword(req, res): Promise<void> {`
feat: Add username/password authentication (#777) 2021-04-09 13:46:53 +02:00			`const { id } = req.params;`
			`const { password } = req.body;`

			`try {`
			`await this.userService.changePassword(+id, password);`
			`res.status(200).send();`
			`} catch (e) {`
			`res.status(400).send([{ msg: e.message }]);`
			`}`
			`}`
			`}`

			`module.exports = UserAdminController;`