Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-13 22:41:32 -05:00
Code Issues Activity
ghost/core/server/api/users.js
Sebastian Gierlinger fd0f5a5028 Add distinct error classes 
closes #2690
- added new error classes
- moved errorhandling.js to /errors/index.js
- changed API errors to use new classes
- updated tests
2014-05-09 12:11:29 +02:00

148 lines
5.5 KiB
JavaScript
Raw Blame History

var when = require('when'),
_ = require('lodash'),
dataProvider = require('../models'),
settings = require('./settings'),
canThis = require('../permissions').canThis,
errors = require('../errors'),
ONE_DAY = 86400000,
users;
function checkUserData(userData) {
if (_.isEmpty(userData) || _.isEmpty(userData.users) || _.isEmpty(userData.users[0])) {
return when.reject(new errors.BadRequestError('No root key (\'users\') provided.'));
}
return when.resolve(userData);
}
// ## Users
users = {
// #### Browse
// **takes:** options object
browse: function browse(options) {
// **returns:** a promise for a collection of users in a json object
return canThis(this).browse.user().then(function () {
return dataProvider.User.findAll(options).then(function (result) {
return { users: result.toJSON() };
});
}, function () {
return when.reject(new errors.NoPermissionError('You do not have permission to browse users.'));
});
},
// #### Read
// **takes:** an identifier (id or slug?)
read: function read(args) {
// **returns:** a promise for a single user in a json object
if (args.id === 'me') {
args = {id: this.user};
}
return dataProvider.User.findOne(args).then(function (result) {
if (result) {
return { users: [result.toJSON()] };
}
return when.reject(new errors.NotFoundError('User not found.'));
});
},
// #### Edit
// **takes:** a json object representing a user
edit: function edit(userData) {
// **returns:** a promise for the resulting user in a json object
var self = this;
return canThis(this).edit.user(userData.users[0].id).then(function () {
return checkUserData(userData).then(function (checkedUserData) {
return dataProvider.User.edit(checkedUserData.users[0], {user: self.user});
}).then(function (result) {
if (result) {
return { users: [result.toJSON()]};
}
return when.reject(new errors.NotFoundError('User not found.'));
});
}, function () {
return when.reject(new errors.NoPermissionError('You do not have permission to edit this users.'));
});
},
// #### Add
// **takes:** a json object representing a user
add: function add(userData) {
// **returns:** a promise for the resulting user in a json object
var self = this;
return canThis(this).add.user().then(function () {
return checkUserData(userData).then(function (checkedUserData) {
// if the user is created by users.register(), use id: 1
// as the creator for now
if (self.internal) {
self.user = 1;
}
return dataProvider.User.add(checkedUserData.users[0], {user: self.user});
}).then(function (result) {
if (result) {
return { users: [result.toJSON()]};
}
});
}, function () {
return when.reject(new errors.NoPermissionError('You do not have permission to add a users.'));
});
},
// #### Register
// **takes:** a json object representing a user
register: function register(userData) {
// TODO: if we want to prevent users from being created with the signup form
// this is the right place to do it
return users.add.call({internal: true}, userData);
},
// #### Check
// Checks a password matches the given email address
// **takes:** a json object representing a user
check: function check(userData) {
// **returns:** on success, returns a promise for the resulting user in a json object
return dataProvider.User.check(userData);
},
// #### Change Password
// **takes:** a json object representing a user
changePassword: function changePassword(userData) {
// **returns:** on success, returns a promise for the resulting user in a json object
return dataProvider.User.changePassword(userData);
},
generateResetToken: function generateResetToken(email) {
var expires = Date.now() + ONE_DAY;
return settings.read.call({ internal: true }, 'dbHash').then(function (response) {
var dbHash = response.settings[0].value;
return dataProvider.User.generateResetToken(email, expires, dbHash);
});
},
validateToken: function validateToken(token) {
return settings.read.call({ internal: true }, 'dbHash').then(function (response) {
var dbHash = response.settings[0].value;
return dataProvider.User.validateToken(token, dbHash);
});
},
resetPassword: function resetPassword(token, newPassword, ne2Password) {
return settings.read.call({ internal: true }, 'dbHash').then(function (response) {
var dbHash = response.settings[0].value;
return dataProvider.User.resetPassword(token, newPassword, ne2Password, dbHash);
});
},
doesUserExist: function doesUserExist() {
return dataProvider.User.findAll().then(function (users) {
if (users.length === 0) {
return false;
}
return true;
});
}
};
module.exports = users;
Reference in a new issue View git blame Copy permalink