Apq
/
nginx-proxy-manager
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239
							const express      = require('express');
const validator    = require('../../lib/validator');
const jwtdecode    = require('../../lib/express/jwt-decode');
const userIdFromMe = require('../../lib/express/user-id-from-me');
const internalUser = require('../../internal/user');
const apiValidator = require('../../lib/validator/api');

let router = express.Router({
	caseSensitive: true,
	strict:        true,
	mergeParams:   true
});

/**
 * /api/users
 */
router
	.route('/')
	.options((req, res) => {
		res.sendStatus(204);
	})
	.all(jwtdecode())

	/**
	 * GET /api/users
	 *
	 * Retrieve all users
	 */
	.get((req, res, next) => {
		validator({
			additionalProperties: false,
			properties:           {
				expand: {
					$ref: 'definitions#/definitions/expand'
				},
				query: {
					$ref: 'definitions#/definitions/query'
				}
			}
		}, {
			expand: (typeof req.query.expand === 'string' ? req.query.expand.split(',') : null),
			query:  (typeof req.query.query === 'string' ? req.query.query : null)
		})
			.then((data) => {
				return internalUser.getAll(res.locals.access, data.expand, data.query);
			})
			.then((users) => {
				res.status(200)
					.send(users);
			})
			.catch(next);
	})

	/**
	 * POST /api/users
	 *
	 * Create a new User
	 */
	.post((req, res, next) => {
		apiValidator({$ref: 'endpoints/users#/links/1/schema'}, req.body)
			.then((payload) => {
				return internalUser.create(res.locals.access, payload);
			})
			.then((result) => {
				res.status(201)
					.send(result);
			})
			.catch(next);
	});

/**
 * Specific user
 *
 * /api/users/123
 */
router
	.route('/:user_id')
	.options((req, res) => {
		res.sendStatus(204);
	})
	.all(jwtdecode())
	.all(userIdFromMe)

	/**
	 * GET /users/123 or /users/me
	 *
	 * Retrieve a specific user
	 */
	.get((req, res, next) => {
		validator({
			required:             ['user_id'],
			additionalProperties: false,
			properties:           {
				user_id: {
					$ref: 'definitions#/definitions/id'
				},
				expand: {
					$ref: 'definitions#/definitions/expand'
				}
			}
		}, {
			user_id: req.params.user_id,
			expand:  (typeof req.query.expand === 'string' ? req.query.expand.split(',') : null)
		})
			.then((data) => {
				return internalUser.get(res.locals.access, {
					id:     data.user_id,
					expand: data.expand,
					omit:   internalUser.getUserOmisionsByAccess(res.locals.access, data.user_id)
				});
			})
			.then((user) => {
				res.status(200)
					.send(user);
			})
			.catch(next);
	})

	/**
	 * PUT /api/users/123
	 *
	 * Update and existing user
	 */
	.put((req, res, next) => {
		apiValidator({$ref: 'endpoints/users#/links/2/schema'}, req.body)
			.then((payload) => {
				payload.id = req.params.user_id;
				return internalUser.update(res.locals.access, payload);
			})
			.then((result) => {
				res.status(200)
					.send(result);
			})
			.catch(next);
	})

	/**
	 * DELETE /api/users/123
	 *
	 * Update and existing user
	 */
	.delete((req, res, next) => {
		internalUser.delete(res.locals.access, {id: req.params.user_id})
			.then((result) => {
				res.status(200)
					.send(result);
			})
			.catch(next);
	});

/**
 * Specific user auth
 *
 * /api/users/123/auth
 */
router
	.route('/:user_id/auth')
	.options((req, res) => {
		res.sendStatus(204);
	})
	.all(jwtdecode())
	.all(userIdFromMe)

	/**
	 * PUT /api/users/123/auth
	 *
	 * Update password for a user
	 */
	.put((req, res, next) => {
		apiValidator({$ref: 'endpoints/users#/links/4/schema'}, req.body)
			.then((payload) => {
				payload.id = req.params.user_id;
				return internalUser.setPassword(res.locals.access, payload);
			})
			.then((result) => {
				res.status(201)
					.send(result);
			})
			.catch(next);
	});

/**
 * Specific user permissions
 *
 * /api/users/123/permissions
 */
router
	.route('/:user_id/permissions')
	.options((req, res) => {
		res.sendStatus(204);
	})
	.all(jwtdecode())
	.all(userIdFromMe)

	/**
	 * PUT /api/users/123/permissions
	 *
	 * Set some or all permissions for a user
	 */
	.put((req, res, next) => {
		apiValidator({$ref: 'endpoints/users#/links/5/schema'}, req.body)
			.then((payload) => {
				payload.id = req.params.user_id;
				return internalUser.setPermissions(res.locals.access, payload);
			})
			.then((result) => {
				res.status(201)
					.send(result);
			})
			.catch(next);
	});

/**
 * Specific user login as
 *
 * /api/users/123/login
 */
router
	.route('/:user_id/login')
	.options((req, res) => {
		res.sendStatus(204);
	})
	.all(jwtdecode())

	/**
	 * POST /api/users/123/login
	 *
	 * Log in as a user
	 */
	.post((req, res, next) => {
		internalUser.loginAs(res.locals.access, {id: parseInt(req.params.user_id, 10)})
			.then((result) => {
				res.status(201)
					.send(result);
			})
			.catch(next);
	});

module.exports = router;