mirror of
https://github.com/Drop-OSS/drop.git
synced 2025-11-21 04:01:10 +10:00
partial: user routes
This commit is contained in:
DecDuck
@ -2,16 +2,15 @@ import { APITokenMode } from "~/prisma/client/enums";
|
||||
import aclManager from "~/server/internal/acls";
|
||||
import prisma from "~/server/internal/db/database";
|
||||
|
||||
/**
|
||||
* Revoke token
|
||||
* @param id Token ID
|
||||
*/
|
||||
export default defineEventHandler(async (h3) => {
|
||||
const userId = await aclManager.getUserIdACL(h3, []); // No ACLs only allows session authentication
|
||||
if (!userId) throw createError({ statusCode: 403 });
|
||||
|
||||
const id = h3.context.params?.id;
|
||||
if (!id)
|
||||
throw createError({
|
||||
statusCode: 400,
|
||||
statusMessage: "No id in router params",
|
||||
});
|
||||
const id = getRouterParam(h3, "id")!;
|
||||
|
||||
const deleted = await prisma.aPIToken.delete({
|
||||
where: { id: id, userId: userId, mode: APITokenMode.User },
|
||||
|
||||
@ -1,6 +1,9 @@
|
||||
import aclManager from "~/server/internal/acls";
|
||||
import { userACLDescriptions } from "~/server/internal/acls/descriptions";
|
||||
|
||||
/**
|
||||
* Fetch ACL descriptions.
|
||||
*/
|
||||
export default defineEventHandler(async (h3) => {
|
||||
const userId = await aclManager.getUserIdACL(h3, []); // No ACLs only allows session authentication
|
||||
if (!userId) throw createError({ statusCode: 403 });
|
||||
|
||||
@ -2,6 +2,9 @@ import { APITokenMode } from "~/prisma/client/enums";
|
||||
import aclManager from "~/server/internal/acls";
|
||||
import prisma from "~/server/internal/db/database";
|
||||
|
||||
/**
|
||||
* Fetch all API tokens for this account.
|
||||
*/
|
||||
export default defineEventHandler(async (h3) => {
|
||||
const userId = await aclManager.getUserIdACL(h3, []); // No ACLs only allows session authentication
|
||||
if (!userId) throw createError({ statusCode: 403 });
|
||||
|
||||
@ -1,46 +1,44 @@
|
||||
import { type } from "arktype";
|
||||
import { APITokenMode } from "~/prisma/client/enums";
|
||||
import { readDropValidatedBody, throwingArktype } from "~/server/arktype";
|
||||
import aclManager, { userACLs } from "~/server/internal/acls";
|
||||
import prisma from "~/server/internal/db/database";
|
||||
|
||||
export default defineEventHandler(async (h3) => {
|
||||
const userId = await aclManager.getUserIdACL(h3, []); // No ACLs only allows session authentication
|
||||
if (!userId) throw createError({ statusCode: 403 });
|
||||
const CreateToken = type({
|
||||
name: "string",
|
||||
acls: "string[] > 0",
|
||||
}).configure(throwingArktype);
|
||||
|
||||
const body = await readBody(h3);
|
||||
const name: string = body.name;
|
||||
const acls: string[] = body.acls;
|
||||
/**
|
||||
*
|
||||
*/
|
||||
export default defineEventHandler<{ body: typeof CreateToken.infer }>(
|
||||
async (h3) => {
|
||||
const userId = await aclManager.getUserIdACL(h3, []); // No ACLs only allows session authentication
|
||||
if (!userId) throw createError({ statusCode: 403 });
|
||||
|
||||
if (!name || typeof name !== "string")
|
||||
throw createError({
|
||||
statusCode: 400,
|
||||
statusMessage: "Token name required",
|
||||
});
|
||||
if (!acls || !Array.isArray(acls))
|
||||
throw createError({ statusCode: 400, statusMessage: "ACLs required" });
|
||||
const body = await readDropValidatedBody(h3, CreateToken);
|
||||
const name: string = body.name;
|
||||
const acls: string[] = body.acls;
|
||||
|
||||
if (acls.length == 0)
|
||||
throw createError({
|
||||
statusCode: 400,
|
||||
statusMessage: "Token requires more than zero ACLs",
|
||||
const invalidACLs = acls.filter(
|
||||
(e) => userACLs.findIndex((v) => e == v) == -1,
|
||||
);
|
||||
if (invalidACLs.length > 0)
|
||||
throw createError({
|
||||
statusCode: 400,
|
||||
statusMessage: `Invalid ACLs: ${invalidACLs.join(", ")}`,
|
||||
});
|
||||
|
||||
const token = await prisma.aPIToken.create({
|
||||
data: {
|
||||
mode: APITokenMode.User,
|
||||
name: name,
|
||||
userId: userId,
|
||||
acls: acls,
|
||||
},
|
||||
});
|
||||
|
||||
const invalidACLs = acls.filter(
|
||||
(e) => userACLs.findIndex((v) => e == v) == -1,
|
||||
);
|
||||
if (invalidACLs.length > 0)
|
||||
throw createError({
|
||||
statusCode: 400,
|
||||
statusMessage: `Invalid ACLs: ${invalidACLs.join(", ")}`,
|
||||
});
|
||||
|
||||
const token = await prisma.aPIToken.create({
|
||||
data: {
|
||||
mode: APITokenMode.User,
|
||||
name: name,
|
||||
userId: userId,
|
||||
acls: acls,
|
||||
},
|
||||
});
|
||||
|
||||
return token;
|
||||
});
|
||||
return token;
|
||||
},
|
||||
);
|
||||
|
||||
Reference in New Issue
Block a user