import { Body, Controller, Delete, Get, Path, Post, Put, Route, Security, Tags } from "tsoa"; import { addUserRoles, createUser, deleteUser, editUser, listRole, removeUserRoles, } from "../services/keycloak"; @Route("api/v1/keycloak") @Tags("Single-Sign On") @Security("keycloak") export class KeycloakController extends Controller { @Post("user") async createUser( @Body() body: { username: string; password: string; firstName?: string; lastName?: string }, ) { return await createUser(body.username, body.password, { firstName: body.firstName, lastName: body.lastName, requiredActions: ["UPDATE_PASSWORD"], }); } @Put("user/{userId}") async editUser( @Path() userId: string, @Body() body: { username?: string; password?: string; firstName?: string; lastName?: string }, ) { return await editUser(userId, body); } @Delete("user/{userId}") async deleteUser(@Path() userId: string) { return await deleteUser(userId); } @Get("role") async getRole() { const role = await listRole(); if (Array.isArray(role)) return role.filter( (a) => !["uma_authorization", "offline_access", "default-roles", "system"].some((b) => a.name.includes(b), ), ); throw new Error("Failed. Cannot get role."); } @Post("{userId}/role") async addRole(@Path() userId: string, @Body() body: { role: string[] }) { const list = await listRole(); if (!Array.isArray(list)) throw new Error("Failed. Cannot get role(s) data from the server."); const result = await addUserRoles( userId, list.filter((v) => body.role.includes(v.id)), ); if (!result) throw new Error("Failed. Cannot set user's role."); } @Delete("{userId}/role/{roleId}") async deleteRole(@Path() userId: string, @Path() roleId: string) { const list = await listRole(); if (!Array.isArray(list)) throw new Error("Failed. Cannot get role(s) data from the server."); const result = await removeUserRoles( userId, list.filter((v) => roleId === v.id), ); if (!result) throw new Error("Failed. Cannot remove user's role."); } }