parent
9feeb302e8
commit
37fc167002
|
@ -1,7 +1,7 @@
|
|||
import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
|
||||
import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
|
||||
import { getConnectionManager, Repository } from 'typeorm';
|
||||
import { UserIdsNotMatchingError, UserNotFoundError } from '../errors/UserErrors';
|
||||
import { UserIdsNotMatchingError, UsernameContainsIllegalCharacterError, UserNotFoundError } from '../errors/UserErrors';
|
||||
import { UserGroupNotFoundError } from '../errors/UserGroupErrors';
|
||||
import { CreateUser } from '../models/actions/create/CreateUser';
|
||||
import { UpdateUser } from '../models/actions/update/UpdateUser';
|
||||
|
@ -51,7 +51,8 @@ export class UserController {
|
|||
@Post()
|
||||
@Authorized("USER:CREATE")
|
||||
@ResponseSchema(ResponseUser)
|
||||
@ResponseSchema(UserGroupNotFoundError)
|
||||
@ResponseSchema(UserGroupNotFoundError, { statusCode: 404 })
|
||||
@ResponseSchema(UsernameContainsIllegalCharacterError, { statusCode: 406 })
|
||||
@OpenAPI({ description: 'Create a new user. <br> If you want to grant permissions to the user you have to create them seperately by posting to /api/permissions after creating the user.' })
|
||||
async post(@Body({ validate: true }) createUser: CreateUser) {
|
||||
let user;
|
||||
|
@ -70,6 +71,7 @@ export class UserController {
|
|||
@ResponseSchema(ResponseUser)
|
||||
@ResponseSchema(UserNotFoundError, { statusCode: 404 })
|
||||
@ResponseSchema(UserIdsNotMatchingError, { statusCode: 406 })
|
||||
@ResponseSchema(UsernameContainsIllegalCharacterError, { statusCode: 406 })
|
||||
@OpenAPI({ description: "Update the user whose id you provided. <br> To change the permissions directly granted to the user please use /api/permissions instead. <br> Please remember that ids can't be changed." })
|
||||
async put(@Param('id') id: number, @Body({ validate: true }) updateUser: UpdateUser) {
|
||||
let oldUser = await this.userRepository.findOne({ id: id });
|
||||
|
|
|
@ -14,6 +14,18 @@ export class UsernameOrEmailNeededError extends NotFoundError {
|
|||
message = "No username or email is set!"
|
||||
}
|
||||
|
||||
/**
|
||||
* Error to throw when no username contains illegal characters.
|
||||
* Right now the only one is "@" but this could change in the future.
|
||||
*/
|
||||
export class UsernameContainsIllegalCharacterError extends NotAcceptableError {
|
||||
@IsString()
|
||||
name = "UsernameContainsIllegalCharacterError"
|
||||
|
||||
@IsString()
|
||||
message = "The provided username contains illegal characters! \n Right now the following characters are considered illegal: '@'"
|
||||
}
|
||||
|
||||
/**
|
||||
* Error to throw when no email is set.
|
||||
* We somehow need to identify you :)
|
||||
|
|
|
@ -3,7 +3,7 @@ import { IsBoolean, IsEmail, IsNotEmpty, IsOptional, IsPhoneNumber, IsString, Is
|
|||
import { getConnectionManager } from 'typeorm';
|
||||
import * as uuid from 'uuid';
|
||||
import { config } from '../../../config';
|
||||
import { UserEmailNeededError } from '../../../errors/UserErrors';
|
||||
import { UserEmailNeededError, UsernameContainsIllegalCharacterError } from '../../../errors/UserErrors';
|
||||
import { UserGroupNotFoundError } from '../../../errors/UserGroupErrors';
|
||||
import { User } from '../../entities/User';
|
||||
import { UserGroup } from '../../entities/UserGroup';
|
||||
|
@ -94,6 +94,7 @@ export class CreateUser {
|
|||
if (!this.email) {
|
||||
throw new UserEmailNeededError();
|
||||
}
|
||||
if (this.username.includes("@")) { throw new UsernameContainsIllegalCharacterError(); }
|
||||
|
||||
newUser.email = this.email
|
||||
newUser.username = this.username
|
||||
|
|
|
@ -2,7 +2,7 @@ import * as argon2 from "argon2";
|
|||
import { IsBoolean, IsEmail, IsInt, IsNotEmpty, IsOptional, IsPhoneNumber, IsString, IsUrl } from 'class-validator';
|
||||
import { getConnectionManager } from 'typeorm';
|
||||
import { config } from '../../../config';
|
||||
import { UserEmailNeededError } from '../../../errors/UserErrors';
|
||||
import { UserEmailNeededError, UsernameContainsIllegalCharacterError } from '../../../errors/UserErrors';
|
||||
import { UserGroupNotFoundError } from '../../../errors/UserGroupErrors';
|
||||
import { User } from '../../entities/User';
|
||||
import { UserGroup } from '../../entities/UserGroup';
|
||||
|
@ -101,13 +101,15 @@ export class UpdateUser {
|
|||
if (!this.email) {
|
||||
throw new UserEmailNeededError();
|
||||
}
|
||||
user.email = this.email;
|
||||
user.username = this.username;
|
||||
if (this.username.includes("@")) { throw new UsernameContainsIllegalCharacterError(); }
|
||||
|
||||
if (this.password) {
|
||||
user.password = await argon2.hash(this.password + user.uuid);
|
||||
user.refreshTokenCount = user.refreshTokenCount + 1;
|
||||
}
|
||||
|
||||
user.email = this.email;
|
||||
user.username = this.username;
|
||||
user.enabled = this.enabled;
|
||||
user.firstname = this.firstname
|
||||
user.middlename = this.middlename
|
||||
|
|
Loading…
Reference in New Issue