import { Body, Controller, Delete, Get, Path, Post, Put, Query, Request, Route, Security, Tags, } from "tsoa"; import { addUserGroup, addUserRoles, createGroup, createUser, deleteGroup, deleteUser, editUser, getGroups, getRoles, getUser, getUserGroups, getUserList, removeUserGroup, removeUserRoles, } from "../keycloak"; // import * as io from "../lib/websocket"; // import elasticsearch from "../elasticsearch"; // import { StorageFolder } from "../interfaces/storage-fs"; // if (!process.env.MINIO_BUCKET) throw Error("Default MinIO bucket must be specified."); // if (!process.env.ELASTICSEARCH_INDEX) throw Error("Default ElasticSearch index must be specified."); // const DEFAULT_INDEX = process.env.ELASTICSEARCH_INDEX; function stripLeadingSlash(str: string) { return str.replace(/^\//, ""); } @Route("keycloak") @Tags("Single-Sign On") @Security("bearerAuth") export class KeycloakController extends Controller { @Get("user/{id}") async getUser(@Path() id: string) { return await getUser(id); } @Post("user") @Security("bearerAuth", ["system", "admin"]) async createUser( @Request() request: { user: { sub: string; preferred_username: string } }, @Body() body: { username: string; password: string; firstName?: string; lastName?: string; email?: string; }, ) { const userId = await createUser(body.username, body.password, { firstName: body.firstName, lastName: body.lastName, email: body.email, requiredActions: ["UPDATE_PASSWORD"], }); if (typeof userId !== "string") { throw new Error("ไม่สามารถติดต่อกับระบบจัดการผู้ใช้งานได้"); } const now = new Date().toISOString(); const folderData: any = { pathname: stripLeadingSlash(`${body.username.trim()}/`), path: "", name: body.username.trim(), hidden: false, permissionGroup: [], permissionUser: [], permissionOther: { create: false, read: false, update: false, delete: false, perm: false, }, favourite: false, color: "default", type: "folder", owner: body.username, ownerId: userId, createdAt: now, createdBy: request.user.preferred_username, createdByUserId: request.user.sub, updatedAt: now, updatedBy: request.user.preferred_username, updatedByUserId: request.user.sub, }; // await elasticsearch.index({ // index: DEFAULT_INDEX!, // document: folderData, // refresh: "wait_for", // }); // io.getInstance()?.emit("FolderCreate", folderData); return userId; } @Put("user/{userId}") async editUser( @Path() userId: string, @Body() body: { username?: string; password?: string; firstName?: string; lastName?: string; email?: string; }, ) { return await editUser(userId, body); } @Delete("user/{userId}") @Security("bearerAuth", ["system", "admin"]) async deleteUser(@Path() userId: string) { return await deleteUser(userId).then(async (v) => { if (!v) throw new Error("ไม่สามารถติดต่อกับระบบจัดการผู้ใช้งานได้"); // await elasticsearch.deleteByQuery({ // index: DEFAULT_INDEX, // query: { // bool: { // must: [ // { prefix: { pathname: stripLeadingSlash(`${userId}/`) } }, // { match: { type: "folder" } }, // ], // }, // }, // }); // delete file that is not uploaded // await elasticsearch.deleteByQuery({ // index: DEFAULT_INDEX, // query: { // bool: { // must: [ // { prefix: { pathname: stripLeadingSlash(`${userId}/`) } }, // { match: { upload: false } }, // ], // }, // }, // }); // io.getInstance()?.emit("FolderDelete", { pathname: userId + "/" }); }); } @Get("role") async getRole() { const role = await getRoles(); if (Array.isArray(role)) return role.filter( (a) => !["uma_authorization", "offline_access", "default-roles"].some((b) => a.name.includes(b)), ); throw new Error("Failed. Cannot get role."); } @Post("{userId}/role") async addRole(@Path() userId: string, @Body() body: { role: string[] }) { const list = await getRoles(); if (!Array.isArray(list)) throw new Error("Failed. Cannot get role(s) data from the server."); const result = await addUserRoles( userId, list.filter((v) => body.role.includes(v.id)), ); if (!result) throw new Error("Failed. Cannot set user's role."); } @Delete("{userId}/role/{roleId}") async deleteRole(@Path() userId: string, @Path() roleId: string) { const list = await getRoles(); if (!Array.isArray(list)) throw new Error("Failed. Cannot get role(s) data from the server."); const result = await removeUserRoles( userId, list.filter((v) => roleId === v.id), ); if (!result) throw new Error("Failed. Cannot remove user's role."); } @Get("user") async getUserList(@Query() search = "") { const result = await getUserList(search); if (Array.isArray(result)) { return result; } throw new Error("Failed. Cannot get user list."); } @Get("group") async getGroup() { const group = await getGroups(); if (Array.isArray(group)) return group; throw new Error("Failed. Cannot get group."); } @Post("group") async createGroup(@Body() body: { name: string }) { const result = await createGroup(body.name); if (!result) throw new Error("Failed. Cannot create group."); } @Delete("group/{groupId}") async deleteGroup(@Path() groupId: string) { const result = await deleteGroup(groupId); if (!result) throw new Error("Failed. Cannot delete group."); } @Get("user/{userId}/group") async getUserGroup(@Path() userId: string) { const result = await getUserGroups(userId); if (!result) throw new Error("Failed. Cannot list group to user."); return result; } @Post("user/{userId}/group/{groupId}") async addUserGroup(@Path() userId: string, @Path() groupId: string) { const result = await addUserGroup(userId, groupId); if (!result) throw new Error("Failed. Cannot assign group to user."); } @Delete("user/{userId}/group/{groupId}") async removeUserGroup(@Path() userId: string, @Path() groupId: string) { const result = await removeUserGroup(userId, groupId); if (!result) throw new Error("Failed. Cannot remove group to user."); } }