import { Router, Request } from "express"; import RequestError, { HttpStatusCode } from "../../helper/request_error"; import promiseMiddleware from "../../helper/promiseMiddleware"; import Client from "../../models/client"; import verify, { Types } from "../middlewares/verify"; import { randomBytes } from "crypto"; const ClientRouter: Router = Router(); ClientRouter.route("/") /** * @api {get} /admin/client * @apiName AdminGetClients * * @apiGroup admin_client * @apiPermission admin * * @apiSuccess {Object[]} clients * @apiSuccess {String} clients._id The internally used id * @apiSuccess {String} clients.maintainer * @apiSuccess {Boolean} clients.internal * @apiSuccess {String} clients.name * @apiSuccess {String} clients.redirect_url * @apiSuccess {String} clients.website * @apiSuccess {String} clients.logo * @apiSuccess {String} clients.client_id Client ID used outside of DB * @apiSuccess {String} clients.client_secret */ .get( promiseMiddleware(async (req, res) => { let clients = await Client.find({}); //ToDo check if user is required! res.json(clients); }) ) /** * @api {get} /admin/client * @apiName AdminAddClients * * @apiGroup admin_client * @apiPermission admin * * @apiParam {Boolean} internal Is it an internal app * @apiParam {String} name * @apiParam {String} redirect_url * @apiParam {String} website * @apiParam {String} logo * * @apiSuccess {Object[]} clients * @apiSuccess {String} clients._id The internally used id * @apiSuccess {String} clients.maintainer * @apiSuccess {Boolean} clients.internal * @apiSuccess {String} clients.name * @apiSuccess {String} clients.redirect_url * @apiSuccess {String} clients.website * @apiSuccess {String} clients.logo * @apiSuccess {String} clients.client_id Client ID used outside of DB * @apiSuccess {String} clients.client_secret */ .post( verify( { internal: { type: Types.BOOLEAN, optional: true, }, name: { type: Types.STRING, }, redirect_url: { type: Types.STRING, }, website: { type: Types.STRING, }, logo: { type: Types.STRING, optional: true, }, }, true ), promiseMiddleware(async (req, res) => { req.body.client_secret = randomBytes(32).toString("hex"); let client = Client.new(req.body); client.maintainer = req.user._id; await Client.save(client); res.json(client); }) ); ClientRouter.route("/:id") /** * @api {delete} /admin/client/:id * @apiParam {String} id Client _id * @apiName AdminDeleteClient * * @apiGroup admin_client * @apiPermission admin * * @apiSuccess {Boolean} success */ .delete( promiseMiddleware(async (req, res) => { let { id } = req.params; await Client.delete(id); res.json({ success: true }); }) ) /** * @api {put} /admin/client/:id * @apiParam {String} id Client _id * @apiName AdminUpdateClient * * @apiGroup admin_client * @apiPermission admin * * @apiParam {Boolean} internal Is it an internal app * @apiParam {String} name * @apiParam {String} redirect_url * @apiParam {String} website * @apiParam {String} logo * * @apiSuccess {String} _id The internally used id * @apiSuccess {String} maintainer UserID of client maintainer * @apiSuccess {Boolean} internal Defines if it is a internal client * @apiSuccess {String} name The name of the Client * @apiSuccess {String} redirect_url Redirect URL after login * @apiSuccess {String} website Website of Client * @apiSuccess {String} logo The Logo of the Client (optional) * @apiSuccess {String} client_id Client ID used outside of DB * @apiSuccess {String} client_secret The client secret, that can be used to obtain token */ .put( verify( { internal: { type: Types.BOOLEAN, optional: true, }, name: { type: Types.STRING, optional: true, }, redirect_url: { type: Types.STRING, optional: true, }, website: { type: Types.STRING, optional: true, }, logo: { type: Types.STRING, optional: true, }, }, true ), promiseMiddleware(async (req, res) => { let { id } = req.query; let client = await Client.findById(id); if (!client) throw new RequestError( req.__("Client not found"), HttpStatusCode.BAD_REQUEST ); for (let key in req.body) { client[key] = req.body[key]; } await Client.save(client); res.json(client); }) ); export default ClientRouter;