Merge branch 'nice' into develop

2024-05-29 14:01:59 +07:00 · 2024-05-29 14:01:59 +07:00 · 7c1bcebcb8
commit 7c1bcebcb8
parent 4cfe61f0a2 9004721331
2 changed files with 791 additions and 0 deletions
--- a/src/controllers/UserController.ts
+++ b/src/controllers/UserController.ts
@ -0,0 +1,249 @@
+import {
+  Body,
+  Controller,
+  Delete,
+  Get,
+  Path,
+  Post,
+  Put,
+  Query,
+  Request,
+  Route,
+  Security,
+  Tags,
+} from "tsoa";
+import {
+  addUserGroup,
+  addUserRoles,
+  createGroup,
+  createUser,
+  deleteGroup,
+  deleteUser,
+  editUser,
+  getGroups,
+  getRoles,
+  getUser,
+  getUserGroups,
+  getUserList,
+  removeUserGroup,
+  removeUserRoles,
+} from "../keycloak";
+// import * as io from "../lib/websocket";
+// import elasticsearch from "../elasticsearch";
+// import { StorageFolder } from "../interfaces/storage-fs";
+
+// if (!process.env.MINIO_BUCKET) throw Error("Default MinIO bucket must be specified.");
+// if (!process.env.ELASTICSEARCH_INDEX) throw Error("Default ElasticSearch index must be specified.");
+
+// const DEFAULT_INDEX = process.env.ELASTICSEARCH_INDEX;
+
+function stripLeadingSlash(str: string) {
+  return str.replace(/^\//, "");
+}
+
+@Route("keycloak")
+@Tags("Single-Sign On")
+@Security("bearerAuth")
+export class KeycloakController extends Controller {
+  @Get("user/{id}")
+  async getUser(@Path() id: string) {
+    return await getUser(id);
+  }
+
+  @Post("user")
+  @Security("bearerAuth", ["system", "admin"])
+  async createUser(
+    @Request() request: { user: { sub: string; preferred_username: string } },
+    @Body()
+    body: {
+      username: string;
+      password: string;
+      firstName?: string;
+      lastName?: string;
+      email?: string;
+    },
+  ) {
+    const userId = await createUser(body.username, body.password, {
+      firstName: body.firstName,
+      lastName: body.lastName,
+      email: body.email,
+      requiredActions: ["UPDATE_PASSWORD"],
+    });
+
+    if (typeof userId !== "string") {
+      throw new Error("ไม่สามารถติดต่อกับระบบจัดการผู้ใช้งานได้");
+    }
+
+    const now = new Date().toISOString();
+    const folderData: any = {
+      pathname: stripLeadingSlash(`${body.username.trim()}/`),
+      path: "",
+      name: body.username.trim(),
+      hidden: false,
+      permissionGroup: [],
+      permissionUser: [],
+      permissionOther: {
+        create: false,
+        read: false,
+        update: false,
+        delete: false,
+        perm: false,
+      },
+      favourite: false,
+      color: "default",
+      type: "folder",
+      owner: body.username,
+      ownerId: userId,
+      createdAt: now,
+      createdBy: request.user.preferred_username,
+      createdByUserId: request.user.sub,
+      updatedAt: now,
+      updatedBy: request.user.preferred_username,
+      updatedByUserId: request.user.sub,
+    };
+
+    // await elasticsearch.index({
+    //   index: DEFAULT_INDEX!,
+    //   document: folderData,
+    //   refresh: "wait_for",
+    // });
+
+    // io.getInstance()?.emit("FolderCreate", folderData);
+
+    return userId;
+  }
+
+  @Put("user/{userId}")
+  async editUser(
+    @Path() userId: string,
+    @Body()
+    body: {
+      username?: string;
+      password?: string;
+      firstName?: string;
+      lastName?: string;
+      email?: string;
+    },
+  ) {
+    return await editUser(userId, body);
+  }
+
+  @Delete("user/{userId}")
+  @Security("bearerAuth", ["system", "admin"])
+  async deleteUser(@Path() userId: string) {
+    return await deleteUser(userId).then(async (v) => {
+      if (!v) throw new Error("ไม่สามารถติดต่อกับระบบจัดการผู้ใช้งานได้");
+      // await elasticsearch.deleteByQuery({
+      //   index: DEFAULT_INDEX,
+      //   query: {
+      //     bool: {
+      //       must: [
+      //         { prefix: { pathname: stripLeadingSlash(`${userId}/`) } },
+      //         { match: { type: "folder" } },
+      //       ],
+      //     },
+      //   },
+      // });
+      // delete file that is not uploaded
+      // await elasticsearch.deleteByQuery({
+      //   index: DEFAULT_INDEX,
+      //   query: {
+      //     bool: {
+      //       must: [
+      //         { prefix: { pathname: stripLeadingSlash(`${userId}/`) } },
+      //         { match: { upload: false } },
+      //       ],
+      //     },
+      //   },
+      // });
+
+      // io.getInstance()?.emit("FolderDelete", { pathname: userId + "/" });
+    });
+  }
+
+  @Get("role")
+  async getRole() {
+    const role = await getRoles();
+    if (Array.isArray(role))
+      return role.filter(
+        (a) =>
+          !["uma_authorization", "offline_access", "default-roles"].some((b) => a.name.includes(b)),
+      );
+    throw new Error("Failed. Cannot get role.");
+  }
+
+  @Post("{userId}/role")
+  async addRole(@Path() userId: string, @Body() body: { role: string[] }) {
+    const list = await getRoles();
+
+    if (!Array.isArray(list)) throw new Error("Failed. Cannot get role(s) data from the server.");
+
+    const result = await addUserRoles(
+      userId,
+      list.filter((v) => body.role.includes(v.id)),
+    );
+
+    if (!result) throw new Error("Failed. Cannot set user's role.");
+  }
+
+  @Delete("{userId}/role/{roleId}")
+  async deleteRole(@Path() userId: string, @Path() roleId: string) {
+    const list = await getRoles();
+
+    if (!Array.isArray(list)) throw new Error("Failed. Cannot get role(s) data from the server.");
+
+    const result = await removeUserRoles(
+      userId,
+      list.filter((v) => roleId === v.id),
+    );
+    if (!result) throw new Error("Failed. Cannot remove user's role.");
+  }
+
+  @Get("user")
+  async getUserList(@Query() search = "") {
+    const result = await getUserList(search);
+
+    if (Array.isArray(result)) {
+      return result;
+    }
+    throw new Error("Failed. Cannot get user list.");
+  }
+
+  @Get("group")
+  async getGroup() {
+    const group = await getGroups();
+    if (Array.isArray(group)) return group;
+    throw new Error("Failed. Cannot get group.");
+  }
+
+  @Post("group")
+  async createGroup(@Body() body: { name: string }) {
+    const result = await createGroup(body.name);
+    if (!result) throw new Error("Failed. Cannot create group.");
+  }
+
+  @Delete("group/{groupId}")
+  async deleteGroup(@Path() groupId: string) {
+    const result = await deleteGroup(groupId);
+    if (!result) throw new Error("Failed. Cannot delete group.");
+  }
+
+  @Get("user/{userId}/group")
+  async getUserGroup(@Path() userId: string) {
+    const result = await getUserGroups(userId);
+    if (!result) throw new Error("Failed. Cannot list group to user.");
+    return result;
+  }
+
+  @Post("user/{userId}/group/{groupId}")
+  async addUserGroup(@Path() userId: string, @Path() groupId: string) {
+    const result = await addUserGroup(userId, groupId);
+    if (!result) throw new Error("Failed. Cannot assign group to user.");
+  }
+
+  @Delete("user/{userId}/group/{groupId}")
+  async removeUserGroup(@Path() userId: string, @Path() groupId: string) {
+    const result = await removeUserGroup(userId, groupId);
+    if (!result) throw new Error("Failed. Cannot remove group to user.");
+  }
+}