RageStudio/comty
1
0
Fork 0
mirror of https://github.com/ragestudio/comty.git synced 2025-06-11 03:24:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

use methods

Browse Source
This commit is contained in:
srgooglo 2022-03-11 01:07:38 +01:00
parent c2a2e2ff25
commit 64edf048e2
1 changed files with 83 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

98
packages/server/src/controllers/UserController/index.js
View File

@ -9,14 +9,54 @@ import AvatarController from "dicebar_lib"
import _ from "lodash" import _ from "lodash"
const AllowedUserUpdateKeys = [ const AllowedUserUpdateKeys = [
"avatar",
"username", "username",
"email", "email",
"fullName", "fullName",
"verified",
] ]
export default class UserController extends ComplexController { export default class UserController extends ComplexController {
static refName = "UserController" static refName = "UserController"
methods = {
update: async (payload) => {
if (typeof payload.user_id === "undefined") {
throw new Error("No user_id provided")
}
if (typeof payload.update === "undefined") {
throw new Error("No update provided")
}
let user = await User.findById(payload.user_id)
if (!user) {
throw new Error("User not found")
}
const updateKeys = Object.keys(payload.update)
updateKeys.forEach((key) => {
if (!AllowedUserUpdateKeys.includes(key)) {
return false
}
user[key] = payload.update[key]
})
await user.save()
global.wsInterface.io.emit(`user.update`, {
...user.toObject(),
})
global.wsInterface.io.emit(`user.update.${payload.user_id}`, {
...user.toObject(),
})
return user.toObject()
}
}
get = { get = {
"/self": { "/self": {
middlewares: ["withAuthentication"], middlewares: ["withAuthentication"],
@ -164,32 +204,58 @@ export default class UserController extends ComplexController {
required: ["_id", "update"], required: ["_id", "update"],
select: ["_id", "update"], select: ["_id", "update"],
}, async (req, res) => { }, async (req, res) => {
let user = await User.findById(req.selection._id).catch(() => { if (!req.selection.user_id) {
return false req.selection.user_id = req.user._id.toString()
})
if (!user) {
return res.status(404).json({ error: "User not exists" })
} }
if ((user._id.toString() !== req.user._id.toString()) && (req.hasRole("admin") === false)) { if ((req.selection.user_id !== req.user._id.toString()) && (req.hasRole("admin") === false)) {
return res.status(403).json({ error: "You are not allowed to update this user" }) return res.status(403).json({ error: "You are not allowed to update this user" })
} }
AllowedUserUpdateKeys.forEach((key) => { this.methods.update({
if (typeof req.selection.update[key] !== "undefined") { user_id: req.selection.user_id,
user[key] = req.selection.update[key] update: req.selection.update,
} }).then((user) => {
return res.json({
...user
}) })
user.save()
.then(() => {
return res.send(user)
}) })
.catch((err) => { .catch((err) => {
return res.send(500).send(err) return res.send(500).json({
error: err.message
})
}) })
}), }),
}, },
"/unset_public_name": {
middlewares: ["withAuthentication"],
fn: Schematized({
select: ["user_id", "roles"],
}, async (req, res) => {
if (!req.selection.user_id) {
req.selection.user_id = req.user._id.toString()
}
if ((req.selection.user_id !== req.user._id.toString()) && (req.hasRole("admin") === false)) {
return res.status(403).json({ error: "You are not allowed to update this user" })
}
this.methods.update({
user_id: req.selection.user_id,
update: {
fullName: undefined
}
}).then((user) => {
return res.json({
...user
})
})
.catch((err) => {
return res.send(500).json({
error: err.message
})
})
})
}
} }
} }