import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers'; import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi'; import { getConnectionManager, Repository } from 'typeorm'; import { EntityFromBody } from 'typeorm-routing-controllers-extensions'; import { UserGroupIdsNotMatchingError, UserGroupNotFoundError } from '../errors/UserGroupErrors'; import { CreateUserGroup } from '../models/actions/CreateUserGroup'; import { UserGroup } from '../models/entities/UserGroup'; import { ResponseEmpty } from '../models/responses/ResponseEmpty'; import { ResponseUserGroup } from '../models/responses/ResponseUserGroup'; import { PermissionController } from './PermissionController'; @JsonController('/usergroups') @OpenAPI({ security: [{ "AuthToken": [] }] }) export class UserGroupController { private userGroupsRepository: Repository; /** * Gets the repository of this controller's model/entity. */ constructor() { this.userGroupsRepository = getConnectionManager().get().getRepository(UserGroup); } @Get() @Authorized("USERGROUP:GET") @ResponseSchema(UserGroup, { isArray: true }) @OpenAPI({ description: 'Lists all usergroups.' }) getAll() { return this.userGroupsRepository.find(); } @Get('/:id') @Authorized("USERGROUP:GET") @ResponseSchema(UserGroup) @ResponseSchema(UserGroupNotFoundError, { statusCode: 404 }) @OnUndefined(UserGroupNotFoundError) @OpenAPI({ description: 'Returns a usergroup of a specified id (if it exists)' }) getOne(@Param('id') id: number) { return this.userGroupsRepository.findOne({ id: id }); } @Post() @Authorized("USERGROUP:CREATE") @ResponseSchema(UserGroup) @ResponseSchema(UserGroupNotFoundError) @OpenAPI({ description: 'Create a new usergroup object (id will be generated automagicly).' }) async post(@Body({ validate: true }) createUserGroup: CreateUserGroup) { let userGroup; try { userGroup = await createUserGroup.toUserGroup(); } catch (error) { throw error; } return this.userGroupsRepository.save(userGroup); } @Put('/:id') @Authorized("USERGROUP:UPDATE") @ResponseSchema(UserGroup) @ResponseSchema(UserGroupNotFoundError, { statusCode: 404 }) @ResponseSchema(UserGroupIdsNotMatchingError, { statusCode: 406 }) @OpenAPI({ description: "Update a usergroup object (id can't be changed)." }) async put(@Param('id') id: number, @EntityFromBody() userGroup: UserGroup) { let oldUserGroup = await this.userGroupsRepository.findOne({ id: id }); if (!oldUserGroup) { throw new UserGroupNotFoundError() } if (oldUserGroup.id != userGroup.id) { throw new UserGroupIdsNotMatchingError(); } await this.userGroupsRepository.update(oldUserGroup, userGroup); return userGroup; } @Delete('/:id') @Authorized("USERGROUP:DELETE") @ResponseSchema(ResponseUserGroup) @ResponseSchema(ResponseEmpty, { statusCode: 204 }) @OnUndefined(204) @OpenAPI({ description: 'Delete a specified usergroup (if it exists).' }) async remove(@Param("id") id: number, @QueryParam("force") force: boolean) { let group = await this.userGroupsRepository.findOne({ id: id }); if (!group) { return null; } const responseGroup = await this.userGroupsRepository.findOne({ id: id }, { relations: ['permissions'] });; const permissionControler = new PermissionController(); for (let permission of responseGroup.permissions) { await permissionControler.remove(permission.id, true); } await this.userGroupsRepository.delete(group); return new ResponseUserGroup(responseGroup); } }