nginx-proxy-manager/backend/routes/api/users.js

const express      = require('express');
const validator    = require('../../lib/validator');
const jwtdecode    = require('../../lib/express/jwt-decode');
const userIdFromMe = require('../../lib/express/user-id-from-me');
const internalUser = require('../../internal/user');
const apiValidator = require('../../lib/validator/api');

let router = express.Router({
	caseSensitive: true,
	strict:        true,
	mergeParams:   true
});

/**
 * /api/users
 */
router
	.route('/')
	.options((req, res) => {
		res.sendStatus(204);
	})
	.all(jwtdecode())

	/**
	 * GET /api/users
	 *
	 * Retrieve all users
	 */
	.get((req, res, next) => {
		validator({
			additionalProperties: false,
			properties:           {
				expand: {
					$ref: 'definitions#/definitions/expand'
				},
				query: {
					$ref: 'definitions#/definitions/query'
				}
			}
		}, {
			expand: (typeof req.query.expand === 'string' ? req.query.expand.split(',') : null),
			query:  (typeof req.query.query === 'string' ? req.query.query : null)
		})
			.then((data) => {
				return internalUser.getAll(res.locals.access, data.expand, data.query);
			})
			.then((users) => {
				res.status(200)
					.send(users);
			})
			.catch(next);
	})

	/**
	 * POST /api/users
	 *
	 * Create a new User
	 */
	.post((req, res, next) => {
		apiValidator({$ref: 'endpoints/users#/links/1/schema'}, req.body)
			.then((payload) => {
				return internalUser.create(res.locals.access, payload);
			})
			.then((result) => {
				res.status(201)
					.send(result);
			})
			.catch(next);
	});

/**
 * Specific user
 *
 * /api/users/123
 */
router
	.route('/:user_id')
	.options((req, res) => {
		res.sendStatus(204);
	})
	.all(jwtdecode())
	.all(userIdFromMe)

	/**
	 * GET /users/123 or /users/me
	 *
	 * Retrieve a specific user
	 */
	.get((req, res, next) => {
		validator({
			required:             ['user_id'],
			additionalProperties: false,
			properties:           {
				user_id: {
					$ref: 'definitions#/definitions/id'
				},
				expand: {
					$ref: 'definitions#/definitions/expand'
				}
			}
		}, {
			user_id: req.params.user_id,
			expand:  (typeof req.query.expand === 'string' ? req.query.expand.split(',') : null)
		})
			.then((data) => {
				return internalUser.get(res.locals.access, {
					id:     data.user_id,
					expand: data.expand,
					omit:   internalUser.getUserOmisionsByAccess(res.locals.access, data.user_id)
				});
			})
			.then((user) => {
				res.status(200)
					.send(user);
			})
			.catch(next);
	})

	/**
	 * PUT /api/users/123
	 *
	 * Update and existing user
	 */
	.put((req, res, next) => {
		apiValidator({$ref: 'endpoints/users#/links/2/schema'}, req.body)
			.then((payload) => {
				payload.id = req.params.user_id;
				return internalUser.update(res.locals.access, payload);
			})
			.then((result) => {
				res.status(200)
					.send(result);
			})
			.catch(next);
	})

	/**
	 * DELETE /api/users/123
	 *
	 * Update and existing user
	 */
	.delete((req, res, next) => {
		internalUser.delete(res.locals.access, {id: req.params.user_id})
			.then((result) => {
				res.status(200)
					.send(result);
			})
			.catch(next);
	});

/**
 * Specific user auth
 *
 * /api/users/123/auth
 */
router
	.route('/:user_id/auth')
	.options((req, res) => {
		res.sendStatus(204);
	})
	.all(jwtdecode())
	.all(userIdFromMe)

	/**
	 * PUT /api/users/123/auth
	 *
	 * Update password for a user
	 */
	.put((req, res, next) => {
		apiValidator({$ref: 'endpoints/users#/links/4/schema'}, req.body)
			.then((payload) => {
				payload.id = req.params.user_id;
				return internalUser.setPassword(res.locals.access, payload);
			})
			.then((result) => {
				res.status(201)
					.send(result);
			})
			.catch(next);
	});

/**
 * Specific user permissions
 *
 * /api/users/123/permissions
 */
router
	.route('/:user_id/permissions')
	.options((req, res) => {
		res.sendStatus(204);
	})
	.all(jwtdecode())
	.all(userIdFromMe)

	/**
	 * PUT /api/users/123/permissions
	 *
	 * Set some or all permissions for a user
	 */
	.put((req, res, next) => {
		apiValidator({$ref: 'endpoints/users#/links/5/schema'}, req.body)
			.then((payload) => {
				payload.id = req.params.user_id;
				return internalUser.setPermissions(res.locals.access, payload);
			})
			.then((result) => {
				res.status(201)
					.send(result);
			})
			.catch(next);
	});

/**
 * Specific user login as
 *
 * /api/users/123/login
 */
router
	.route('/:user_id/login')
	.options((req, res) => {
		res.sendStatus(204);
	})
	.all(jwtdecode())

	/**
	 * POST /api/users/123/login
	 *
	 * Log in as a user
	 */
	.post((req, res, next) => {
		internalUser.loginAs(res.locals.access, {id: parseInt(req.params.user_id, 10)})
			.then((result) => {
				res.status(201)
					.send(result);
			})
			.catch(next);
	});

module.exports = router;
v2.1.0 (#293) * Fix wrapping when too many hosts are shown (#207) * Update npm packages, fixes CVE-2019-10757 * Revert some breaking packages * Major overhaul - Docker buildx support in CI - Cypress API Testing in CI - Restructured folder layout (insert clean face meme) - Added Swagger documentation and validate API against that (to be completed) - Use common base image for all supported archs, which includes updated nginx with ipv6 support - Updated certbot and changes required for it - Large amount of Hosts names will wrap in UI - Updated packages for frontend - Version bump 2.1.0 * Updated documentation * Fix JWT expire time going crazy. Now set to 1day * Backend JS formatting rules * Remove v1 importer, I doubt anyone is using v1 anymore * Added backend formatting rules and enforce them in Jenkins builds * Fix CI, doesn't need a tty * Thanks bcrypt. Why can't you just be normal. * Cleanup after syntax check Co-authored-by: Marcelo Castagna <margaale@users.noreply.github.com> 2020-02-19 04:55:06 +00:00			`const express = require('express');`
			`const validator = require('../../lib/validator');`
			`const jwtdecode = require('../../lib/express/jwt-decode');`
			`const userIdFromMe = require('../../lib/express/user-id-from-me');`
			`const internalUser = require('../../internal/user');`
			`const apiValidator = require('../../lib/validator/api');`

			`let router = express.Router({`
			`caseSensitive: true,`
			`strict: true,`
			`mergeParams: true`
			`});`

			`/**`
			`* /api/users`
			`*/`
			`router`
			`.route('/')`
			`.options((req, res) => {`
			`res.sendStatus(204);`
			`})`
			`.all(jwtdecode())`

			`/**`
			`* GET /api/users`
			`*`
			`* Retrieve all users`
			`*/`
			`.get((req, res, next) => {`
			`validator({`
			`additionalProperties: false,`
			`properties: {`
			`expand: {`
			`$ref: 'definitions#/definitions/expand'`
			`},`
			`query: {`
			`$ref: 'definitions#/definitions/query'`
			`}`
			`}`
			`}, {`
			`expand: (typeof req.query.expand === 'string' ? req.query.expand.split(',') : null),`
			`query: (typeof req.query.query === 'string' ? req.query.query : null)`
			`})`
			`.then((data) => {`
			`return internalUser.getAll(res.locals.access, data.expand, data.query);`
			`})`
			`.then((users) => {`
			`res.status(200)`
			`.send(users);`
			`})`
			`.catch(next);`
			`})`

			`/**`
			`* POST /api/users`
			`*`
			`* Create a new User`
			`*/`
			`.post((req, res, next) => {`
			`apiValidator({$ref: 'endpoints/users#/links/1/schema'}, req.body)`
			`.then((payload) => {`
			`return internalUser.create(res.locals.access, payload);`
			`})`
			`.then((result) => {`
			`res.status(201)`
			`.send(result);`
			`})`
			`.catch(next);`
			`});`

			`/**`
			`* Specific user`
			`*`
			`* /api/users/123`
			`*/`
			`router`
			`.route('/:user_id')`
			`.options((req, res) => {`
			`res.sendStatus(204);`
			`})`
			`.all(jwtdecode())`
			`.all(userIdFromMe)`

			`/**`
			`* GET /users/123 or /users/me`
			`*`
			`* Retrieve a specific user`
			`*/`
			`.get((req, res, next) => {`
			`validator({`
			`required: ['user_id'],`
			`additionalProperties: false,`
			`properties: {`
			`user_id: {`
			`$ref: 'definitions#/definitions/id'`
			`},`
			`expand: {`
			`$ref: 'definitions#/definitions/expand'`
			`}`
			`}`
			`}, {`
			`user_id: req.params.user_id,`
			`expand: (typeof req.query.expand === 'string' ? req.query.expand.split(',') : null)`
			`})`
			`.then((data) => {`
			`return internalUser.get(res.locals.access, {`
			`id: data.user_id,`
			`expand: data.expand,`
			`omit: internalUser.getUserOmisionsByAccess(res.locals.access, data.user_id)`
			`});`
			`})`
			`.then((user) => {`
			`res.status(200)`
			`.send(user);`
			`})`
			`.catch(next);`
			`})`

			`/**`
			`* PUT /api/users/123`
			`*`
			`* Update and existing user`
			`*/`
			`.put((req, res, next) => {`
			`apiValidator({$ref: 'endpoints/users#/links/2/schema'}, req.body)`
			`.then((payload) => {`
			`payload.id = req.params.user_id;`
			`return internalUser.update(res.locals.access, payload);`
			`})`
			`.then((result) => {`
			`res.status(200)`
			`.send(result);`
			`})`
			`.catch(next);`
			`})`

			`/**`
			`* DELETE /api/users/123`
			`*`
			`* Update and existing user`
			`*/`
			`.delete((req, res, next) => {`
			`internalUser.delete(res.locals.access, {id: req.params.user_id})`
			`.then((result) => {`
			`res.status(200)`
			`.send(result);`
			`})`
			`.catch(next);`
			`});`

			`/**`
			`* Specific user auth`
			`*`
			`* /api/users/123/auth`
			`*/`
			`router`
			`.route('/:user_id/auth')`
			`.options((req, res) => {`
			`res.sendStatus(204);`
			`})`
			`.all(jwtdecode())`
			`.all(userIdFromMe)`

			`/**`
			`* PUT /api/users/123/auth`
			`*`
			`* Update password for a user`
			`*/`
			`.put((req, res, next) => {`
			`apiValidator({$ref: 'endpoints/users#/links/4/schema'}, req.body)`
			`.then((payload) => {`
			`payload.id = req.params.user_id;`
			`return internalUser.setPassword(res.locals.access, payload);`
			`})`
			`.then((result) => {`
			`res.status(201)`
			`.send(result);`
			`})`
			`.catch(next);`
			`});`

			`/**`
			`* Specific user permissions`
			`*`
			`* /api/users/123/permissions`
			`*/`
			`router`
			`.route('/:user_id/permissions')`
			`.options((req, res) => {`
			`res.sendStatus(204);`
			`})`
			`.all(jwtdecode())`
			`.all(userIdFromMe)`

			`/**`
			`* PUT /api/users/123/permissions`
			`*`
			`* Set some or all permissions for a user`
			`*/`
			`.put((req, res, next) => {`
			`apiValidator({$ref: 'endpoints/users#/links/5/schema'}, req.body)`
			`.then((payload) => {`
			`payload.id = req.params.user_id;`
			`return internalUser.setPermissions(res.locals.access, payload);`
			`})`
			`.then((result) => {`
			`res.status(201)`
			`.send(result);`
			`})`
			`.catch(next);`
			`});`

			`/**`
			`* Specific user login as`
			`*`
			`* /api/users/123/login`
			`*/`
			`router`
			`.route('/:user_id/login')`
			`.options((req, res) => {`
			`res.sendStatus(204);`
			`})`
			`.all(jwtdecode())`

			`/**`
			`* POST /api/users/123/login`
			`*`
			`* Log in as a user`
			`*/`
			`.post((req, res, next) => {`
			`internalUser.loginAs(res.locals.access, {id: parseInt(req.params.user_id, 10)})`
			`.then((result) => {`
			`res.status(201)`
			`.send(result);`
			`})`
			`.catch(next);`
			`});`

			`module.exports = router;`