hrms-bangkok/hrms-api-org
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions
hrms-api-org/src/controllers/UserController.ts
DESKTOP-1R2VSQH\Lenovo ThinkPad E490 27500667a3 keycloak get role
2024-05-29 16:17:53 +07:00

240 lines
6.2 KiB
TypeScript
Raw Blame History

import {
Body,
Controller,
Delete,
Get,
Path,
Post,
Put,
Query,
Request,
Route,
Security,
Tags,
} from "tsoa";
import {
addUserGroup,
addUserRoles,
createGroup,
createUser,
deleteGroup,
deleteUser,
editUser,
getGroups,
getRoles,
getUser,
getUserGroups,
getUserList,
removeUserGroup,
removeUserRoles,
getRoleMappings,
} from "../keycloak";
// import * as io from "../lib/websocket";
// import elasticsearch from "../elasticsearch";
// import { StorageFolder } from "../interfaces/storage-fs";
// if (!process.env.MINIO_BUCKET) throw Error("Default MinIO bucket must be specified.");
// if (!process.env.ELASTICSEARCH_INDEX) throw Error("Default ElasticSearch index must be specified.");
// const DEFAULT_INDEX = process.env.ELASTICSEARCH_INDEX;
function stripLeadingSlash(str: string) {
return str.replace(/^\//, "");
}
@Route("keycloak")
@Tags("Single-Sign On")
@Security("bearerAuth")
export class KeycloakController extends Controller {
@Get("user/{id}")
async getUser(@Path("id") id: string) {
const userData = await getUser(id);
if (!userData) {
throw new Error("User not found");
}
const rolesData = await getRoleMappings(id);
if (!rolesData) {
throw new Error("Role mappings not found");
}
const userDataWithRoles = {
...userData,
roles: rolesData,
};
return userDataWithRoles;
}
// async getUser(@Path() id: string) {
// return await getUser(id);
// }
@Post("user")
@Security("bearerAuth", ["system", "admin"])
async createUser(
@Request() request: { user: { sub: string; preferred_username: string } },
@Body()
body: {
username: string;
password: string;
firstName?: string;
lastName?: string;
email?: string;
},
) {
const userId = await createUser(body.username, body.password, {
firstName: body.firstName,
lastName: body.lastName,
email: body.email,
requiredActions: ["UPDATE_PASSWORD"],
});
if (typeof userId !== "string") {
throw new Error("ไม่สามารถติดต่อกับระบบจัดการผู้ใช้งานได้");
}
const now = new Date().toISOString();
const folderData: any = {
pathname: stripLeadingSlash(`${body.username.trim()}/`),
path: "",
name: body.username.trim(),
hidden: false,
permissionGroup: [],
permissionUser: [],
permissionOther: {
create: false,
read: false,
update: false,
delete: false,
perm: false,
},
favourite: false,
color: "default",
type: "folder",
owner: body.username,
ownerId: userId,
createdAt: now,
createdBy: request.user.preferred_username,
createdByUserId: request.user.sub,
updatedAt: now,
updatedBy: request.user.preferred_username,
updatedByUserId: request.user.sub,
};
// await elasticsearch.index({
// index: DEFAULT_INDEX!,
// document: folderData,
// refresh: "wait_for",
// });
// io.getInstance()?.emit("FolderCreate", folderData);
return userId;
}
@Put("user/{userId}")
async editUser(
@Path() userId: string,
@Body()
body: {
username?: string;
password?: string;
firstName?: string;
lastName?: string;
email?: string;
},
) {
return await editUser(userId, body);
}
@Delete("user/{userId}")
async deleteUser(@Path() userId: string) {
const result = await deleteUser(userId);
if (!result) throw new Error("Failed. Cannot delete userId.");
}
// @Security("bearerAuth", ["system", "admin"])
@Get("role")
async getRole() {
const role = await getRoles();
if (Array.isArray(role))
return role.filter(
(a) =>
!["uma_authorization", "offline_access", "default-roles"].some((b) => a.name.includes(b)),
);
throw new Error("Failed. Cannot get role.");
}
@Post("{userId}/role")
async addRole(@Path() userId: string, @Body() body: { role: string[] }) {
const list = await getRoles();
if (!Array.isArray(list)) throw new Error("Failed. Cannot get role(s) data from the server.");
const result = await addUserRoles(
userId,
list.filter((v) => body.role.includes(v.id)),
);
if (!result) throw new Error("Failed. Cannot set user's role.");
}
@Delete("{userId}/role/{roleId}")
async deleteRole(@Path() userId: string, @Path() roleId: string) {
const list = await getRoles();
if (!Array.isArray(list)) throw new Error("Failed. Cannot get role(s) data from the server.");
const result = await removeUserRoles(
userId,
list.filter((v) => roleId === v.id),
);
if (!result) throw new Error("Failed. Cannot remove user's role.");
}
@Get("user")
async getUserList(@Query() search = "") {
const result = await getUserList(search);
if (Array.isArray(result)) {
return result;
}
throw new Error("Failed. Cannot get user list.");
}
@Get("group")
async getGroup() {
const group = await getGroups();
if (Array.isArray(group)) return group;
throw new Error("Failed. Cannot get group.");
}
@Post("group")
async createGroup(@Body() body: { name: string }) {
const result = await createGroup(body.name);
if (!result) throw new Error("Failed. Cannot create group.");
}
@Delete("group/{groupId}")
async deleteGroup(@Path() groupId: string) {
const result = await deleteGroup(groupId);
if (!result) throw new Error("Failed. Cannot delete group.");
}
@Get("user/{userId}/group")
async getUserGroup(@Path() userId: string) {
const result = await getUserGroups(userId);
if (!result) throw new Error("Failed. Cannot list group to user.");
return result;
}
@Post("user/{userId}/group/{groupId}")
async addUserGroup(@Path() userId: string, @Path() groupId: string) {
const result = await addUserGroup(userId, groupId);
if (!result) throw new Error("Failed. Cannot assign group to user.");
}
@Delete("user/{userId}/group/{groupId}")
async removeUserGroup(@Path() userId: string, @Path() groupId: string) {
const result = await removeUserGroup(userId, groupId);
if (!result) throw new Error("Failed. Cannot remove group to user.");
}
}
Reference in a new issue View git blame Copy permalink