mirror of
https://github.com/jambonz/jambonz-api-server.git
synced 2026-01-25 02:08:24 +00:00
89 lines
2.9 KiB
JavaScript
89 lines
2.9 KiB
JavaScript
const router = require('express').Router();
|
|
const decorate = require('./decorate');
|
|
const sysError = require('../error');
|
|
const Client = require('../../models/client');
|
|
const Account = require('../../models/account');
|
|
const { DbErrorBadRequest, DbErrorForbidden } = require('../../utils/errors');
|
|
const { encrypt, decrypt, obscureKey } = require('../../utils/encrypt-decrypt');
|
|
|
|
const commonCheck = async(req) => {
|
|
if (req.user.hasAccountAuth) {
|
|
req.body.account_sid = req.user.account_sid;
|
|
} else if (req.user.hasServiceProviderAuth && req.body.account_sid) {
|
|
const accounts = await Account.retrieve(req.body.account_sid, req.user.service_provider_sid);
|
|
if (accounts.length === 0) {
|
|
throw new DbErrorForbidden('insufficient permissions');
|
|
}
|
|
}
|
|
|
|
if (req.body.password) {
|
|
req.body.password = encrypt(req.body.password);
|
|
}
|
|
};
|
|
|
|
const validateAdd = async(req) => {
|
|
await commonCheck(req);
|
|
|
|
const clients = await Client.retrieveByAccountSidAndUserName(req.body.account_sid, req.body.username);
|
|
if (clients.length) {
|
|
throw new DbErrorBadRequest('the client\'s username already exists');
|
|
}
|
|
};
|
|
|
|
const validateUpdate = async(req, sid) => {
|
|
await commonCheck(req);
|
|
|
|
const clients = await Client.retrieveByAccountSidAndUserName(req.body.account_sid, req.body.username);
|
|
if (clients.length && clients[0].client_sid !== sid) {
|
|
throw new DbErrorBadRequest('the client\'s username already exists');
|
|
}
|
|
};
|
|
|
|
|
|
const preconditions = {
|
|
add: validateAdd,
|
|
update: validateUpdate,
|
|
};
|
|
|
|
decorate(router, Client, ['add', 'update', 'delete'], preconditions);
|
|
|
|
router.get('/', async(req, res) => {
|
|
const logger = req.app.locals.logger;
|
|
try {
|
|
const results = req.user.hasAdminAuth ?
|
|
await Client.retrieveAll() : req.user.hasAccountAuth ?
|
|
await Client.retrieveAllByAccountSid(req.user.hasAccountAuth ? req.user.account_sid : null) :
|
|
await Client.retrieveAllByServiceProviderSid(req.user.service_provider_sid);
|
|
const ret = results.map((c) => {
|
|
c.password = obscureKey(decrypt(c.password), 1);
|
|
return c;
|
|
});
|
|
res.status(200).json(ret);
|
|
} catch (err) {
|
|
sysError(logger, res, err);
|
|
}
|
|
});
|
|
|
|
router.get('/:sid', async(req, res) => {
|
|
const logger = req.app.locals.logger;
|
|
try {
|
|
const results = await Client.retrieve(req.params.sid);
|
|
if (results.length === 0) return res.sendStatus(404);
|
|
const client = results[0];
|
|
client.password = obscureKey(decrypt(client.password), 1);
|
|
if (req.user.hasAccountAuth && client.account_sid !== req.user.account_sid) {
|
|
return res.sendStatus(404);
|
|
} else if (req.user.hasServiceProviderAuth) {
|
|
const accounts = await Account.retrieve(client.account_sid, req.user.service_provider_sid);
|
|
if (!accounts.length) {
|
|
return res.sendStatus(404);
|
|
}
|
|
}
|
|
return res.status(200).json(client);
|
|
} catch (err) {
|
|
sysError(logger, res, err);
|
|
}
|
|
});
|
|
|
|
module.exports = router;
|