Compare commits
27 Commits
a18d4d3cee
...
v0.4.5
| Author | SHA1 | Date | |
|---|---|---|---|
| a46d14278b | |||
| 680ae8ebbb | |||
| cc869f69ad | |||
| b9aac71676 | |||
| a30a342e00 | |||
| bdcfce88cb | |||
| dd81f4c7e4 | |||
| 416f2a1366 | |||
| 5e353db206 | |||
| 0c9867d706 | |||
| 8379c3e29c | |||
| c4edccace7 | |||
| 74de6559d7 | |||
| a6f73c733c | |||
| ca3d093e54 | |||
| 28cfbaa662 | |||
| 90e1ad7db7 | |||
| 906a1dc9e7 | |||
| 5872c6335b | |||
| 701706c028 | |||
| 09bbc70f5f | |||
| dd9cb6d3ef | |||
| 23c732b690 | |||
| 656d564baa | |||
| f3f5cb462e | |||
| 9959172f2a | |||
| 8f0a396dd0 |
40
CHANGELOG.md
40
CHANGELOG.md
@@ -2,8 +2,48 @@
|
||||
|
||||
All notable changes to this project will be documented in this file. Dates are displayed in UTC.
|
||||
|
||||
#### [v0.4.5](https://git.odit.services/lfk/backend/compare/v0.4.4...v0.4.5)
|
||||
|
||||
- 🚀Bumped version to v0.4.5 [`cc869f6`](https://git.odit.services/lfk/backend/commit/cc869f69add1f1a175ff94510d52888f81bccb69)
|
||||
- Implemented /groups/permissions endpoint [`0c9867d`](https://git.odit.services/lfk/backend/commit/0c9867d70616615c8f3c72bbec37a4441e4868ef)
|
||||
- 🧾New changelog file version [CI SKIP] [skip ci] [`b9aac71`](https://git.odit.services/lfk/backend/commit/b9aac7167681ff0945e538dd177abd6f97771bf2)
|
||||
- Merge pull request 'usergroups/permissions endpoint feature/143-usergroup_permissions_endpoint' (#144) from feature/143-usergroup_permissions_endpoint into dev [`a30a342`](https://git.odit.services/lfk/backend/commit/a30a342e00ba944f8014044bba28141c0657a17f)
|
||||
- Now all /usergroups endpoints return ResponseUserGroup [`bdcfce8`](https://git.odit.services/lfk/backend/commit/bdcfce88cbe069f9ba1925fcaac06367a109d2b7)
|
||||
- The ResponseUserGroup now returns their permisssions as a string array [`416f2a1`](https://git.odit.services/lfk/backend/commit/416f2a1366c570998011d022ebd7f5f44276b2c9)
|
||||
- The ResponseUserGroup now returns their permisssions as a string array [`5e353db`](https://git.odit.services/lfk/backend/commit/5e353db2061c30b4d10965c47f0dcbecb7f59fc5)
|
||||
- 🧾New changelog file version [CI SKIP] [skip ci] [`8379c3e`](https://git.odit.services/lfk/backend/commit/8379c3e29c45f0d7c4c84bce1f3abc718158fa84)
|
||||
|
||||
#### [v0.4.4](https://git.odit.services/lfk/backend/compare/v0.4.3...v0.4.4)
|
||||
|
||||
> 9 February 2021
|
||||
|
||||
- Merge pull request 'Alpha release 0.4.4' (#142) from dev into main [`c4edcca`](https://git.odit.services/lfk/backend/commit/c4edccace78765dd5caa0f0e79c52f07c8a3568e)
|
||||
- 🧾New changelog file version [CI SKIP] [skip ci] [`ca3d093`](https://git.odit.services/lfk/backend/commit/ca3d093e54bfaaa77c97e96738a74eeb25aee440)
|
||||
- Now loading runner's group's parentgroup with every runner controller request [`701706c`](https://git.odit.services/lfk/backend/commit/701706c0289b357439608b4e2eaa66c617d16e9d)
|
||||
- 🧾New changelog file version [CI SKIP] [skip ci] [`74de655`](https://git.odit.services/lfk/backend/commit/74de6559d7c5e8c6d257d41dc91396b53bf0c071)
|
||||
- The group/runners endpoints now also deliver the runner's group's parentGroup [`906a1dc`](https://git.odit.services/lfk/backend/commit/906a1dc9e79ea4eb298a561cf98e6ae42b3ae4ec)
|
||||
- 🚀Bumped version to v0.4.4 [`a6f73c7`](https://git.odit.services/lfk/backend/commit/a6f73c733c8cfc8d84beb7e0bbd5bcd1313df9d0)
|
||||
- Merge pull request 'Expanded runner response feature/140-runner_group_parent' (#141) from feature/140-runner_group_parent into dev [`28cfbaa`](https://git.odit.services/lfk/backend/commit/28cfbaa6624d0bc65e2a9b72ffed17060e828735)
|
||||
- 🧾New changelog file version [CI SKIP] [skip ci] [`09bbc70`](https://git.odit.services/lfk/backend/commit/09bbc70f5fd1f026148be07fe889a6907bc3f75a)
|
||||
- Adjusted test for the new response depth [`90e1ad7`](https://git.odit.services/lfk/backend/commit/90e1ad7db72732d13002c87461c33560b74befa6)
|
||||
- Adjusted test for the new response depth [`5872c63`](https://git.odit.services/lfk/backend/commit/5872c6335be573d849cdc3746b261c6cf476c3de)
|
||||
|
||||
#### [v0.4.3](https://git.odit.services/lfk/backend/compare/v0.4.2...v0.4.3)
|
||||
|
||||
> 7 February 2021
|
||||
|
||||
- Merge pull request 'Alpha Release 0.4.3' (#139) from dev into main [`dd9cb6d`](https://git.odit.services/lfk/backend/commit/dd9cb6d3ef60cb118391abc2ba17fd0f83db0b1c)
|
||||
- 🚀Bumped version to v0.4.3 [`656d564`](https://git.odit.services/lfk/backend/commit/656d564baa8c8bf1f63523b0301ad9ff23e08aa4)
|
||||
- Bugfix for @lfk/frontend/#43 [`8f0a396`](https://git.odit.services/lfk/backend/commit/8f0a396dd07937fb7ccfb345d1acbac86eb5d9bb)
|
||||
- 🧾New changelog file version [CI SKIP] [skip ci] [`f3f5cb4`](https://git.odit.services/lfk/backend/commit/f3f5cb462e4ecf932ad55eb519815222b4e5dd17)
|
||||
- 🧾New changelog file version [CI SKIP] [skip ci] [`23c732b`](https://git.odit.services/lfk/backend/commit/23c732b6905cc9f6479a53a7744b72d01e345ecb)
|
||||
- Merge pull request 'Bugfix for @lfk/frontend/#43' (#138) from bugfix/118-encode_jwt_in_mail into dev [`9959172`](https://git.odit.services/lfk/backend/commit/9959172f2ae11cbb7a2b8e97bad432956fc70a80)
|
||||
- 🧾New changelog file version [CI SKIP] [skip ci] [`a18d4d3`](https://git.odit.services/lfk/backend/commit/a18d4d3cee58f8eb9dc428b051a2394bd3ece5c2)
|
||||
|
||||
#### [v0.4.2](https://git.odit.services/lfk/backend/compare/v0.4.1...v0.4.2)
|
||||
|
||||
> 2 February 2021
|
||||
|
||||
- Merge pull request 'Alpha Release 0.4.2' (#137) from dev into main [`390b36d`](https://git.odit.services/lfk/backend/commit/390b36dfd46cf8829126581bd62dd3d4ce8558fa)
|
||||
- 🧾New changelog file version [CI SKIP] [skip ci] [`3b718f3`](https://git.odit.services/lfk/backend/commit/3b718f3ce58f12007b6068e5db00a00dbe1c5398)
|
||||
- 🧾New changelog file version [CI SKIP] [skip ci] [`f7a0ec7`](https://git.odit.services/lfk/backend/commit/f7a0ec7174521b1863a4bc58c7ff2b86cafdee66)
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "@odit/lfk-backend",
|
||||
"version": "0.4.2",
|
||||
"version": "0.4.5",
|
||||
"main": "src/app.ts",
|
||||
"repository": "https://git.odit.services/lfk/backend",
|
||||
"author": {
|
||||
|
||||
@@ -11,7 +11,7 @@ export const config = {
|
||||
postalcode_validation_countrycode: getPostalCodeLocale(),
|
||||
version: process.env.VERSION || require('../package.json').version,
|
||||
seedTestData: getDataSeeding(),
|
||||
app_url: process.env.APP_URL || "http://localhost:4010",
|
||||
app_url: process.env.APP_URL || "http://localhost:8080",
|
||||
mail_server: process.env.MAIL_SERVER,
|
||||
mail_port: Number(process.env.MAIL_PORT) || 25,
|
||||
mail_user: process.env.MAIL_USER,
|
||||
|
||||
@@ -1,110 +1,110 @@
|
||||
import { Body, CookieParam, JsonController, Param, Post, Req, Res } from 'routing-controllers';
|
||||
import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
|
||||
import { IllegalJWTError, InvalidCredentialsError, JwtNotProvidedError, PasswordNeededError, RefreshTokenCountInvalidError, UsernameOrEmailNeededError } from '../errors/AuthError';
|
||||
import { UserNotFoundError } from '../errors/UserErrors';
|
||||
import { Mailer } from '../mailer';
|
||||
import { CreateAuth } from '../models/actions/create/CreateAuth';
|
||||
import { CreateResetToken } from '../models/actions/create/CreateResetToken';
|
||||
import { HandleLogout } from '../models/actions/HandleLogout';
|
||||
import { RefreshAuth } from '../models/actions/RefreshAuth';
|
||||
import { ResetPassword } from '../models/actions/ResetPassword';
|
||||
import { ResponseAuth } from '../models/responses/ResponseAuth';
|
||||
import { ResponseEmpty } from '../models/responses/ResponseEmpty';
|
||||
import { Logout } from '../models/responses/ResponseLogout';
|
||||
|
||||
@JsonController('/auth')
|
||||
export class AuthController {
|
||||
|
||||
private mailer: Mailer;
|
||||
|
||||
constructor() {
|
||||
this.mailer = new Mailer();
|
||||
}
|
||||
|
||||
@Post("/login")
|
||||
@ResponseSchema(ResponseAuth)
|
||||
@ResponseSchema(InvalidCredentialsError)
|
||||
@ResponseSchema(UserNotFoundError)
|
||||
@ResponseSchema(UsernameOrEmailNeededError)
|
||||
@ResponseSchema(PasswordNeededError)
|
||||
@ResponseSchema(InvalidCredentialsError)
|
||||
@OpenAPI({ description: 'Login with your username/email and password. <br> You will receive: \n * access token (use it as a bearer token) \n * refresh token (will also be sent as a cookie)' })
|
||||
async login(@Body({ validate: true }) createAuth: CreateAuth, @Res() response: any) {
|
||||
let auth;
|
||||
try {
|
||||
auth = await createAuth.toAuth();
|
||||
response.cookie('lfk_backend__refresh_token', auth.refresh_token, { expires: new Date(auth.refresh_token_expires_at * 1000), httpOnly: true });
|
||||
response.cookie('lfk_backend__refresh_token_expires_at', auth.refresh_token_expires_at, { expires: new Date(auth.refresh_token_expires_at * 1000), httpOnly: true });
|
||||
return response.send(auth)
|
||||
} catch (error) {
|
||||
throw error;
|
||||
}
|
||||
}
|
||||
|
||||
@Post("/logout")
|
||||
@ResponseSchema(Logout)
|
||||
@ResponseSchema(InvalidCredentialsError)
|
||||
@ResponseSchema(UserNotFoundError)
|
||||
@ResponseSchema(UsernameOrEmailNeededError)
|
||||
@ResponseSchema(PasswordNeededError)
|
||||
@ResponseSchema(InvalidCredentialsError)
|
||||
@OpenAPI({ description: 'Logout using your refresh token. <br> This instantly invalidates all your access and refresh tokens.', security: [{ "RefreshTokenCookie": [] }] })
|
||||
async logout(@Body({ validate: true }) handleLogout: HandleLogout, @CookieParam("lfk_backend__refresh_token") refresh_token: string, @Res() response: any) {
|
||||
if (refresh_token && refresh_token.length != 0 && handleLogout.token == undefined) {
|
||||
handleLogout.token = refresh_token;
|
||||
}
|
||||
|
||||
let logout;
|
||||
try {
|
||||
logout = await handleLogout.logout()
|
||||
await response.cookie('lfk_backend__refresh_token', "expired", { expires: new Date(Date.now()), httpOnly: true });
|
||||
response.cookie('lfk_backend__refresh_token_expires_at', "expired", { expires: new Date(Date.now()), httpOnly: true });
|
||||
} catch (error) {
|
||||
throw error;
|
||||
}
|
||||
return response.send(logout)
|
||||
}
|
||||
|
||||
@Post("/refresh")
|
||||
@ResponseSchema(ResponseAuth)
|
||||
@ResponseSchema(JwtNotProvidedError)
|
||||
@ResponseSchema(IllegalJWTError)
|
||||
@ResponseSchema(UserNotFoundError)
|
||||
@ResponseSchema(RefreshTokenCountInvalidError)
|
||||
@OpenAPI({ description: 'Refresh your access and refresh tokens using a valid refresh token. <br> You will receive: \n * access token (use it as a bearer token) \n * refresh token (will also be sent as a cookie)', security: [{ "RefreshTokenCookie": [] }] })
|
||||
async refresh(@Body({ validate: true }) refreshAuth: RefreshAuth, @CookieParam("lfk_backend__refresh_token") refresh_token: string, @Res() response: any, @Req() req: any) {
|
||||
if (refresh_token && refresh_token.length != 0 && refreshAuth.token == undefined) {
|
||||
refreshAuth.token = refresh_token;
|
||||
}
|
||||
let auth;
|
||||
try {
|
||||
auth = await refreshAuth.toAuth();
|
||||
response.cookie('lfk_backend__refresh_token', auth.refresh_token, { expires: new Date(auth.refresh_token_expires_at * 1000), httpOnly: true });
|
||||
response.cookie('lfk_backend__refresh_token_expires_at', auth.refresh_token_expires_at, { expires: new Date(auth.refresh_token_expires_at * 1000), httpOnly: true });
|
||||
} catch (error) {
|
||||
throw error;
|
||||
}
|
||||
return response.send(auth)
|
||||
}
|
||||
|
||||
@Post("/reset")
|
||||
@ResponseSchema(ResponseEmpty, { statusCode: 200 })
|
||||
@ResponseSchema(UserNotFoundError, { statusCode: 404 })
|
||||
@ResponseSchema(UsernameOrEmailNeededError, { statusCode: 406 })
|
||||
@OpenAPI({ description: "Request a password reset token. <br> This will provide you with a reset token that you can use by posting to /api/auth/reset/{token}." })
|
||||
async getResetToken(@Body({ validate: true }) passwordReset: CreateResetToken) {
|
||||
const reset_token: String = await passwordReset.toResetToken();
|
||||
await this.mailer.sendResetMail(passwordReset.email, reset_token);
|
||||
return new ResponseEmpty();
|
||||
}
|
||||
|
||||
@Post("/reset/:token")
|
||||
@ResponseSchema(ResponseAuth)
|
||||
@ResponseSchema(UserNotFoundError)
|
||||
@ResponseSchema(UsernameOrEmailNeededError)
|
||||
@OpenAPI({ description: "Reset a user's utilising a valid password reset token. <br> This will set the user's password to the one you provided in the body. <br> To get a reset token post to /api/auth/reset with your username." })
|
||||
async resetPassword(@Param("token") token: string, @Body({ validate: true }) passwordReset: ResetPassword) {
|
||||
passwordReset.resetToken = token;
|
||||
return await passwordReset.resetPassword();
|
||||
}
|
||||
}
|
||||
import { Body, CookieParam, JsonController, Param, Post, Req, Res } from 'routing-controllers';
|
||||
import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
|
||||
import { IllegalJWTError, InvalidCredentialsError, JwtNotProvidedError, PasswordNeededError, RefreshTokenCountInvalidError, UsernameOrEmailNeededError } from '../errors/AuthError';
|
||||
import { UserNotFoundError } from '../errors/UserErrors';
|
||||
import { Mailer } from '../mailer';
|
||||
import { CreateAuth } from '../models/actions/create/CreateAuth';
|
||||
import { CreateResetToken } from '../models/actions/create/CreateResetToken';
|
||||
import { HandleLogout } from '../models/actions/HandleLogout';
|
||||
import { RefreshAuth } from '../models/actions/RefreshAuth';
|
||||
import { ResetPassword } from '../models/actions/ResetPassword';
|
||||
import { ResponseAuth } from '../models/responses/ResponseAuth';
|
||||
import { ResponseEmpty } from '../models/responses/ResponseEmpty';
|
||||
import { Logout } from '../models/responses/ResponseLogout';
|
||||
|
||||
@JsonController('/auth')
|
||||
export class AuthController {
|
||||
|
||||
private mailer: Mailer;
|
||||
|
||||
constructor() {
|
||||
this.mailer = new Mailer();
|
||||
}
|
||||
|
||||
@Post("/login")
|
||||
@ResponseSchema(ResponseAuth)
|
||||
@ResponseSchema(InvalidCredentialsError)
|
||||
@ResponseSchema(UserNotFoundError)
|
||||
@ResponseSchema(UsernameOrEmailNeededError)
|
||||
@ResponseSchema(PasswordNeededError)
|
||||
@ResponseSchema(InvalidCredentialsError)
|
||||
@OpenAPI({ description: 'Login with your username/email and password. <br> You will receive: \n * access token (use it as a bearer token) \n * refresh token (will also be sent as a cookie)' })
|
||||
async login(@Body({ validate: true }) createAuth: CreateAuth, @Res() response: any) {
|
||||
let auth;
|
||||
try {
|
||||
auth = await createAuth.toAuth();
|
||||
response.cookie('lfk_backend__refresh_token', auth.refresh_token, { expires: new Date(auth.refresh_token_expires_at * 1000), httpOnly: true });
|
||||
response.cookie('lfk_backend__refresh_token_expires_at', auth.refresh_token_expires_at, { expires: new Date(auth.refresh_token_expires_at * 1000), httpOnly: true });
|
||||
return response.send(auth)
|
||||
} catch (error) {
|
||||
throw error;
|
||||
}
|
||||
}
|
||||
|
||||
@Post("/logout")
|
||||
@ResponseSchema(Logout)
|
||||
@ResponseSchema(InvalidCredentialsError)
|
||||
@ResponseSchema(UserNotFoundError)
|
||||
@ResponseSchema(UsernameOrEmailNeededError)
|
||||
@ResponseSchema(PasswordNeededError)
|
||||
@ResponseSchema(InvalidCredentialsError)
|
||||
@OpenAPI({ description: 'Logout using your refresh token. <br> This instantly invalidates all your access and refresh tokens.', security: [{ "RefreshTokenCookie": [] }] })
|
||||
async logout(@Body({ validate: true }) handleLogout: HandleLogout, @CookieParam("lfk_backend__refresh_token") refresh_token: string, @Res() response: any) {
|
||||
if (refresh_token && refresh_token.length != 0 && handleLogout.token == undefined) {
|
||||
handleLogout.token = refresh_token;
|
||||
}
|
||||
|
||||
let logout;
|
||||
try {
|
||||
logout = await handleLogout.logout()
|
||||
await response.cookie('lfk_backend__refresh_token', "expired", { expires: new Date(Date.now()), httpOnly: true });
|
||||
response.cookie('lfk_backend__refresh_token_expires_at', "expired", { expires: new Date(Date.now()), httpOnly: true });
|
||||
} catch (error) {
|
||||
throw error;
|
||||
}
|
||||
return response.send(logout)
|
||||
}
|
||||
|
||||
@Post("/refresh")
|
||||
@ResponseSchema(ResponseAuth)
|
||||
@ResponseSchema(JwtNotProvidedError)
|
||||
@ResponseSchema(IllegalJWTError)
|
||||
@ResponseSchema(UserNotFoundError)
|
||||
@ResponseSchema(RefreshTokenCountInvalidError)
|
||||
@OpenAPI({ description: 'Refresh your access and refresh tokens using a valid refresh token. <br> You will receive: \n * access token (use it as a bearer token) \n * refresh token (will also be sent as a cookie)', security: [{ "RefreshTokenCookie": [] }] })
|
||||
async refresh(@Body({ validate: true }) refreshAuth: RefreshAuth, @CookieParam("lfk_backend__refresh_token") refresh_token: string, @Res() response: any, @Req() req: any) {
|
||||
if (refresh_token && refresh_token.length != 0 && refreshAuth.token == undefined) {
|
||||
refreshAuth.token = refresh_token;
|
||||
}
|
||||
let auth;
|
||||
try {
|
||||
auth = await refreshAuth.toAuth();
|
||||
response.cookie('lfk_backend__refresh_token', auth.refresh_token, { expires: new Date(auth.refresh_token_expires_at * 1000), httpOnly: true });
|
||||
response.cookie('lfk_backend__refresh_token_expires_at', auth.refresh_token_expires_at, { expires: new Date(auth.refresh_token_expires_at * 1000), httpOnly: true });
|
||||
} catch (error) {
|
||||
throw error;
|
||||
}
|
||||
return response.send(auth)
|
||||
}
|
||||
|
||||
@Post("/reset")
|
||||
@ResponseSchema(ResponseEmpty, { statusCode: 200 })
|
||||
@ResponseSchema(UserNotFoundError, { statusCode: 404 })
|
||||
@ResponseSchema(UsernameOrEmailNeededError, { statusCode: 406 })
|
||||
@OpenAPI({ description: "Request a password reset token. <br> This will provide you with a reset token that you can use by posting to /api/auth/reset/{token}." })
|
||||
async getResetToken(@Body({ validate: true }) passwordReset: CreateResetToken) {
|
||||
const reset_token: string = await passwordReset.toResetToken();
|
||||
await this.mailer.sendResetMail(passwordReset.email, reset_token);
|
||||
return new ResponseEmpty();
|
||||
}
|
||||
|
||||
@Post("/reset/:token")
|
||||
@ResponseSchema(ResponseAuth)
|
||||
@ResponseSchema(UserNotFoundError)
|
||||
@ResponseSchema(UsernameOrEmailNeededError)
|
||||
@OpenAPI({ description: "Reset a user's utilising a valid password reset token. <br> This will set the user's password to the one you provided in the body. <br> To get a reset token post to /api/auth/reset with your username." })
|
||||
async resetPassword(@Param("token") token: string, @Body({ validate: true }) passwordReset: ResetPassword) {
|
||||
passwordReset.resetToken = token;
|
||||
return await passwordReset.resetPassword();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -32,7 +32,7 @@ export class RunnerController {
|
||||
@OpenAPI({ description: 'Lists all runners from all teams/orgs. <br> This includes the runner\'s group and distance ran.' })
|
||||
async getAll() {
|
||||
let responseRunners: ResponseRunner[] = new Array<ResponseRunner>();
|
||||
const runners = await this.runnerRepository.find({ relations: ['scans', 'group', 'scans.track', 'cards'] });
|
||||
const runners = await this.runnerRepository.find({ relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards'] });
|
||||
runners.forEach(runner => {
|
||||
responseRunners.push(new ResponseRunner(runner));
|
||||
});
|
||||
@@ -46,7 +46,7 @@ export class RunnerController {
|
||||
@OnUndefined(RunnerNotFoundError)
|
||||
@OpenAPI({ description: 'Lists all information about the runner whose id got provided.' })
|
||||
async getOne(@Param('id') id: number) {
|
||||
let runner = await this.runnerRepository.findOne({ id: id }, { relations: ['scans', 'group', 'scans.track', 'cards'] })
|
||||
let runner = await this.runnerRepository.findOne({ id: id }, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards'] })
|
||||
if (!runner) { throw new RunnerNotFoundError(); }
|
||||
return new ResponseRunner(runner);
|
||||
}
|
||||
@@ -91,7 +91,7 @@ export class RunnerController {
|
||||
}
|
||||
|
||||
runner = await this.runnerRepository.save(runner)
|
||||
return new ResponseRunner(await this.runnerRepository.findOne(runner, { relations: ['scans', 'group', 'scans.track', 'cards'] }));
|
||||
return new ResponseRunner(await this.runnerRepository.findOne(runner, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards'] }));
|
||||
}
|
||||
|
||||
@Put('/:id')
|
||||
@@ -112,7 +112,7 @@ export class RunnerController {
|
||||
}
|
||||
|
||||
await this.runnerRepository.save(await runner.update(oldRunner));
|
||||
return new ResponseRunner(await this.runnerRepository.findOne({ id: id }, { relations: ['scans', 'group', 'scans.track', 'cards'] }));
|
||||
return new ResponseRunner(await this.runnerRepository.findOne({ id: id }, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards'] }));
|
||||
}
|
||||
|
||||
@Delete('/:id')
|
||||
@@ -125,7 +125,7 @@ export class RunnerController {
|
||||
async remove(@Param("id") id: number, @QueryParam("force") force: boolean) {
|
||||
let runner = await this.runnerRepository.findOne({ id: id });
|
||||
if (!runner) { return null; }
|
||||
const responseRunner = await this.runnerRepository.findOne(runner, { relations: ['scans', 'group', 'scans.track', 'cards'] });
|
||||
const responseRunner = await this.runnerRepository.findOne(runner, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards'] });
|
||||
|
||||
if (!runner) {
|
||||
throw new RunnerNotFoundError();
|
||||
|
||||
@@ -58,8 +58,8 @@ export class RunnerOrganizationController {
|
||||
async getRunners(@Param('id') id: number, @QueryParam('onlyDirect') onlyDirect: boolean) {
|
||||
let responseRunners: ResponseRunner[] = new Array<ResponseRunner>();
|
||||
let runners: Runner[];
|
||||
if (!onlyDirect) { runners = (await this.runnerOrganizationRepository.findOne({ id: id }, { relations: ['runners', 'runners.group', 'runners.scans', 'runners.scans.track', 'teams', 'teams.runners', 'teams.runners.group', 'teams.runners.scans', 'teams.runners.scans.track'] })).allRunners; }
|
||||
else { runners = (await this.runnerOrganizationRepository.findOne({ id: id }, { relations: ['runners', 'runners.group', 'runners.scans', 'runners.scans.track'] })).runners; }
|
||||
if (!onlyDirect) { runners = (await this.runnerOrganizationRepository.findOne({ id: id }, { relations: ['runners', 'runners.group', 'runners.group.parentGroup', 'runners.scans', 'runners.scans.track', 'teams', 'teams.runners', 'teams.runners.group', 'teams.runners.group.parentGroup', 'teams.runners.scans', 'teams.runners.scans.track'] })).allRunners; }
|
||||
else { runners = (await this.runnerOrganizationRepository.findOne({ id: id }, { relations: ['runners', 'runners.group', 'runners.group.parentGroup', 'runners.scans', 'runners.scans.track'] })).runners; }
|
||||
runners.forEach(runner => {
|
||||
responseRunners.push(new ResponseRunner(runner));
|
||||
});
|
||||
|
||||
@@ -55,7 +55,7 @@ export class RunnerTeamController {
|
||||
@OpenAPI({ description: 'Lists all runners from this team. <br> This includes the runner\'s group and distance ran.' })
|
||||
async getRunners(@Param('id') id: number) {
|
||||
let responseRunners: ResponseRunner[] = new Array<ResponseRunner>();
|
||||
const runners = (await this.runnerTeamRepository.findOne({ id: id }, { relations: ['runners', 'runners.group', 'runners.scans', 'runners.scans.track'] })).runners;
|
||||
const runners = (await this.runnerTeamRepository.findOne({ id: id }, { relations: ['runners', 'runners.group', 'runners.group.parentGroup', 'runners.scans', 'runners.scans.track'] })).runners;
|
||||
runners.forEach(runner => {
|
||||
responseRunners.push(new ResponseRunner(runner));
|
||||
});
|
||||
|
||||
@@ -8,6 +8,7 @@ import { UpdateUserGroup } from '../models/actions/update/UpdateUserGroup';
|
||||
import { UserGroup } from '../models/entities/UserGroup';
|
||||
import { ResponseEmpty } from '../models/responses/ResponseEmpty';
|
||||
import { ResponseUserGroup } from '../models/responses/ResponseUserGroup';
|
||||
import { ResponseUserGroupPermissions } from '../models/responses/ResponseUserGroupPermissions';
|
||||
import { PermissionController } from './PermissionController';
|
||||
|
||||
|
||||
@@ -25,20 +26,37 @@ export class UserGroupController {
|
||||
|
||||
@Get()
|
||||
@Authorized("USERGROUP:GET")
|
||||
@ResponseSchema(UserGroup, { isArray: true })
|
||||
@ResponseSchema(ResponseUserGroup, { isArray: true })
|
||||
@OpenAPI({ description: 'Lists all groups. <br> The information provided might change while the project continues to evolve.' })
|
||||
getAll() {
|
||||
return this.userGroupsRepository.find({ relations: ["permissions"] });
|
||||
async getAll() {
|
||||
let responseGroups: ResponseUserGroup[] = new Array<ResponseUserGroup>();
|
||||
const groups = await this.userGroupsRepository.find({ relations: ['permissions'] });
|
||||
groups.forEach(group => {
|
||||
responseGroups.push(group.toResponse());
|
||||
});
|
||||
return responseGroups;
|
||||
}
|
||||
|
||||
@Get('/:id')
|
||||
@Authorized("USERGROUP:GET")
|
||||
@ResponseSchema(UserGroup)
|
||||
@ResponseSchema(ResponseUserGroup)
|
||||
@ResponseSchema(UserGroupNotFoundError, { statusCode: 404 })
|
||||
@OnUndefined(UserGroupNotFoundError)
|
||||
@OpenAPI({ description: 'Lists all information about the group whose id got provided. <br> The information provided might change while the project continues to evolve.' })
|
||||
getOne(@Param('id') id: number) {
|
||||
return this.userGroupsRepository.findOne({ id: id }, { relations: ["permissions"] });
|
||||
async getOne(@Param('id') id: number) {
|
||||
return await (await (this.userGroupsRepository.findOne({ id: id }, { relations: ["permissions"] }))).toResponse();
|
||||
}
|
||||
|
||||
@Get('/:id/permissions')
|
||||
@Authorized("USERGROUP:GET")
|
||||
@ResponseSchema(ResponseUserGroupPermissions)
|
||||
@ResponseSchema(UserGroupNotFoundError, { statusCode: 404 })
|
||||
@OnUndefined(UserGroupNotFoundError)
|
||||
@OpenAPI({ description: 'Lists all permissions granted to the group as permission response objects.' })
|
||||
async getPermissions(@Param('id') id: number) {
|
||||
let group = await this.userGroupsRepository.findOne({ id: id }, { relations: ['permissions', 'permissions.principal'] })
|
||||
if (!group) { throw new UserGroupNotFoundError(); }
|
||||
return new ResponseUserGroupPermissions(group);
|
||||
}
|
||||
|
||||
@Post()
|
||||
@@ -54,7 +72,8 @@ export class UserGroupController {
|
||||
throw error;
|
||||
}
|
||||
|
||||
return this.userGroupsRepository.save(userGroup);
|
||||
userGroup = await this.userGroupsRepository.save(userGroup);
|
||||
return (await (this.userGroupsRepository.findOne({ id: userGroup.id }, { relations: ["permissions"] }))).toResponse();
|
||||
}
|
||||
|
||||
@Put('/:id')
|
||||
|
||||
@@ -38,8 +38,8 @@ export class Mailer {
|
||||
* @param to_address The address the mail will be sent to. Should always get pulled from a user object.
|
||||
* @param token The requested password reset token - will be combined with the app_url to generate a password reset link.
|
||||
*/
|
||||
public async sendResetMail(to_address: string, token: String) {
|
||||
const reset_link = `${config.app_url}/reset/${token}`
|
||||
public async sendResetMail(to_address: string, token: string) {
|
||||
const reset_link = `${config.app_url}/reset/${(Buffer.from(token)).toString("base64")}`
|
||||
const body_html = fs.readFileSync(__dirname + '/static/mail_templates/pw-reset.html', { encoding: 'utf8' }).replace("{{reset_link}}", reset_link).replace("{{recipient_mail}}", to_address).replace("{{copyright_owner}}", "LfK!").replace("{{link_imprint}}", `${config.app_url}/imprint`).replace("{{link_privacy}}", `${config.app_url}/privacy`);
|
||||
const body_txt = fs.readFileSync(__dirname + '/static/mail_templates/pw-reset.html', { encoding: 'utf8' }).replace("{{reset_link}}", reset_link).replace("{{recipient_mail}}", to_address).replace("{{copyright_owner}}", "LfK!").replace("{{link_imprint}}", `${config.app_url}/imprint`).replace("{{link_privacy}}", `${config.app_url}/privacy`);
|
||||
|
||||
|
||||
@@ -23,7 +23,7 @@ export class CreateResetToken {
|
||||
/**
|
||||
* Create a password reset token based on this.
|
||||
*/
|
||||
public async toResetToken(): Promise<any> {
|
||||
public async toResetToken(): Promise<string> {
|
||||
if (!this.email) {
|
||||
throw new UserEmailNeededError();
|
||||
}
|
||||
@@ -37,7 +37,7 @@ export class CreateResetToken {
|
||||
await getConnectionManager().get().getRepository(User).save(found_user);
|
||||
|
||||
//Create the reset token
|
||||
let reset_token = JwtCreator.createReset(found_user);
|
||||
let reset_token: string = JwtCreator.createReset(found_user);
|
||||
|
||||
return reset_token;
|
||||
}
|
||||
|
||||
@@ -2,7 +2,6 @@ import { IsArray, IsNotEmpty, IsOptional, IsString } from "class-validator";
|
||||
import { UserGroup } from '../entities/UserGroup';
|
||||
import { ResponseObjectType } from '../enums/ResponseObjectType';
|
||||
import { IResponse } from './IResponse';
|
||||
import { ResponsePermission } from './ResponsePermission';
|
||||
import { ResponsePrincipal } from './ResponsePrincipal';
|
||||
|
||||
/**
|
||||
@@ -34,7 +33,7 @@ export class ResponseUserGroup extends ResponsePrincipal implements IResponse {
|
||||
*/
|
||||
@IsArray()
|
||||
@IsOptional()
|
||||
permissions: ResponsePermission[];
|
||||
permissions: string[] = new Array<string>();
|
||||
|
||||
/**
|
||||
* Creates a ResponseUserGroup object from a userGroup.
|
||||
@@ -46,7 +45,7 @@ export class ResponseUserGroup extends ResponsePrincipal implements IResponse {
|
||||
this.description = group.description;
|
||||
if (group.permissions) {
|
||||
for (let permission of group.permissions) {
|
||||
this.permissions.push(permission.toResponse());
|
||||
this.permissions.push(permission.toString());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
43
src/models/responses/ResponseUserGroupPermissions.ts
Normal file
43
src/models/responses/ResponseUserGroupPermissions.ts
Normal file
@@ -0,0 +1,43 @@
|
||||
import {
|
||||
IsArray,
|
||||
IsOptional
|
||||
} from "class-validator";
|
||||
import { UserGroup } from '../entities/UserGroup';
|
||||
import { ResponseObjectType } from '../enums/ResponseObjectType';
|
||||
import { IResponse } from './IResponse';
|
||||
import { ResponsePermission } from './ResponsePermission';
|
||||
|
||||
/**
|
||||
* Defines the group permission response (get /api/groups/:id/permissions).
|
||||
*/
|
||||
export class ResponseUserGroupPermissions implements IResponse {
|
||||
/**
|
||||
* The responseType.
|
||||
* This contains the type of class/entity this response contains.
|
||||
*/
|
||||
responseType: ResponseObjectType = ResponseObjectType.USERPERMISSIONS;
|
||||
|
||||
/**
|
||||
* The permissions directly granted to the group.
|
||||
*/
|
||||
@IsArray()
|
||||
@IsOptional()
|
||||
directlyGranted: ResponsePermission[] = new Array<ResponsePermission>();
|
||||
|
||||
/**
|
||||
* Is just here for compatability.
|
||||
*/
|
||||
@IsArray()
|
||||
@IsOptional()
|
||||
inherited: ResponsePermission[] = new Array<ResponsePermission>();
|
||||
|
||||
/**
|
||||
* Creates a ResponseUserPermissions object from a group.
|
||||
* @param group The group the response shall be build for.
|
||||
*/
|
||||
public constructor(group: UserGroup) {
|
||||
for (let permission of group.permissions) {
|
||||
this.directlyGranted.push(permission.toResponse());
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user