diff --git a/src/controllers/MeController.ts b/src/controllers/MeController.ts index 8895073..bcdb48b 100644 --- a/src/controllers/MeController.ts +++ b/src/controllers/MeController.ts @@ -1,10 +1,13 @@ -import { Body, CurrentUser, Get, JsonController, OnUndefined, Put } from 'routing-controllers'; +import { Body, CurrentUser, Delete, Get, JsonController, OnUndefined, Put, QueryParam } from 'routing-controllers'; import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi'; import { getConnectionManager, Repository } from 'typeorm'; -import { UserIdsNotMatchingError, UsernameContainsIllegalCharacterError, UserNotFoundError } from '../errors/UserErrors'; +import { UserDeletionNotConfirmedError, UserIdsNotMatchingError, UsernameContainsIllegalCharacterError, UserNotFoundError } from '../errors/UserErrors'; import { UpdateUser } from '../models/actions/update/UpdateUser'; import { User } from '../models/entities/User'; +import { ResponseEmpty } from '../models/responses/ResponseEmpty'; import { ResponseUser } from '../models/responses/ResponseUser'; +import { ResponseUserPermissions } from '../models/responses/ResponseUserPermissions'; +import { PermissionController } from './PermissionController'; @JsonController('/me') @@ -23,13 +26,24 @@ export class MeController { @ResponseSchema(ResponseUser) @ResponseSchema(UserNotFoundError, { statusCode: 404 }) @OnUndefined(UserNotFoundError) - @OpenAPI({ description: 'Lists all permissions granted to the user sorted into directly granted and inherited as permission response objects.' }) + @OpenAPI({ description: 'Lists all information about yourself.' }) async get(@CurrentUser() currentUser: User) { let user = await this.userRepository.findOne({ id: currentUser.id }, { relations: ['permissions', 'groups', 'groups.permissions', 'permissions.principal', 'groups.permissions.principal'] }) if (!user) { throw new UserNotFoundError(); } return new ResponseUser(user); } + @Get('/') + @ResponseSchema(ResponseUserPermissions) + @ResponseSchema(UserNotFoundError, { statusCode: 404 }) + @OnUndefined(UserNotFoundError) + @OpenAPI({ description: 'Lists all permissions granted to the you sorted into directly granted and inherited as permission response objects.' }) + async getPermissions(@CurrentUser() currentUser: User) { + let user = await this.userRepository.findOne({ id: currentUser.id }, { relations: ['permissions', 'groups', 'groups.permissions', 'permissions.principal', 'groups.permissions.principal'] }) + if (!user) { throw new UserNotFoundError(); } + return new ResponseUserPermissions(user); + } + @Put('/') @ResponseSchema(ResponseUser) @ResponseSchema(UserNotFoundError, { statusCode: 404 }) @@ -51,4 +65,24 @@ export class MeController { return new ResponseUser(await this.userRepository.findOne({ id: currentUser.id }, { relations: ['permissions', 'groups', 'groups.permissions'] })); } -} + + @Delete('/') + @ResponseSchema(ResponseUser) + @ResponseSchema(ResponseEmpty, { statusCode: 204 }) + @ResponseSchema(UserDeletionNotConfirmedError, { statusCode: 406 }) + @OnUndefined(204) + @OpenAPI({ description: 'Delete the user whose id you provided.
If there are any permissions directly granted to the user they will get deleted as well.
If no user with this id exists it will just return 204(no content).' }) + async remove(@CurrentUser() currentUser: User, @QueryParam("force") force: boolean) { + if (!force) { throw new UserDeletionNotConfirmedError; } + if (!currentUser) { return null; } + const responseUser = await this.userRepository.findOne({ id: currentUser.id }, { relations: ['permissions', 'groups', 'groups.permissions'] });; + + const permissionControler = new PermissionController(); + for (let permission of responseUser.permissions) { + await permissionControler.remove(permission.id, true); + } + + await this.userRepository.delete(currentUser); + return new ResponseUser(responseUser); + } +} \ No newline at end of file