feat(admin): get admin by id, unselect admin password field (#341)

packages/admin/src/index.ts

@@ -74,7 +74,8 @@ export default class AdminModule extends IConduitAdmin {
   private _sdkRoutes: ConduitRoute[] = [
     adminRoutes.getLoginRoute(),
     adminRoutes.getCreateAdminRoute(),
-    adminRoutes.getAdminUsersRoute(),
+    adminRoutes.getAdminRoute(),
+    adminRoutes.getAdminsRoute(),
     adminRoutes.deleteAdminUserRoute(),
     adminRoutes.changePasswordRoute(),
     adminRoutes.getReadyRoute(),

packages/admin/src/middleware/Auth.middleware.ts

@@ -77,7 +77,7 @@ export function getAuthMiddleware(grpcSdk: ConduitGrpcSdk, conduit: ConduitCommo
 
     Admin.getInstance()
       .findOne({ _id: id })
-      .then((admin: any) => {
+      .then(admin => {
         if (isNil(admin)) {
           return res.status(401).json({ error: 'No such user exists' });
         }

packages/admin/src/models/Admin.schema.ts

@@ -1,6 +1,6 @@
 import { ConduitActiveSchema, DatabaseProvider, TYPE } from '@conduitplatform/grpc-sdk';
 
-export const schema = {
+const schema = {
   _id: TYPE.ObjectId,
   username: {
     type: TYPE.String,
@@ -9,6 +9,7 @@ export const schema = {
   password: {
     type: TYPE.String,
     required: true,
+    select: false,
   },
   hasTwoFA: {
     type: TYPE.Boolean,

packages/admin/src/models/index.ts

@@ -1,2 +1,2 @@
-export { Admin } from './Admin.schema';
+export * from './Admin.schema';
 export * from './AdminTwoFactorSecret';

packages/admin/src/routes/ChangePassword.route.ts

@@ -24,9 +24,15 @@ export function changePasswordRoute() {
     new ConduitRouteReturnDefinition('ChangePassword', {
       message: ConduitString.Required,
     }),
-    async (params: ConduitRouteParameters) => {
-      const { oldPassword, newPassword } = params.params!;
-      const admin = params.context!.admin;
+    async (req: ConduitRouteParameters) => {
+      const { oldPassword, newPassword } = req.params!;
+      const admin = await Admin.getInstance().findOne(
+        { _id: req.context!.admin },
+        'password',
+      );
+      if (!admin) {
+        throw ConduitError.notFound('Authenticated admin no longer exists');
+      }
 
       if (isNil(oldPassword) || isNil(newPassword)) {
         throw new ConduitError(

packages/admin/src/routes/ChangeUsersPassword.route.ts

@@ -26,9 +26,9 @@ export function changeUsersPasswordRoute() {
     new ConduitRouteReturnDefinition('ChangePassword', {
       message: ConduitString.Required,
     }),
-    async (params: ConduitRouteParameters) => {
-      const { adminId, newPassword } = params.params!;
-      const loggedInAdmin = params.context!.admin;
+    async (req: ConduitRouteParameters) => {
+      const { adminId, newPassword } = req.params!;
+      const loggedInAdmin = req.context!.admin;
 
       if (!loggedInAdmin.isSuperAdmin) {
         throw new ConduitError(

packages/admin/src/routes/CreateAdmin.route.ts

@@ -24,9 +24,9 @@ export function getCreateAdminRoute() {
     new ConduitRouteReturnDefinition('Create', {
       message: ConduitString.Required,
     }),
-    async (params: ConduitRouteParameters) => {
-      const { username, password } = params.params!;
-      const loggedInAdmin = params.context!.admin;
+    async (req: ConduitRouteParameters) => {
+      const { username, password } = req.params!;
+      const loggedInAdmin = req.context!.admin;
 
       if (isNil(username) || isNil(password)) {
         throw new ConduitError(

packages/admin/src/routes/DeleteAdminUser.route.ts

@@ -21,9 +21,9 @@ export function deleteAdminUserRoute() {
     new ConduitRouteReturnDefinition('DeleteAdminUser', {
       message: ConduitString.Required,
     }),
-    async (params: ConduitRouteParameters) => {
-      const { id } = params.params!;
-      const loggedInAdmin = params.context!.admin;
+    async (req: ConduitRouteParameters) => {
+      const { id } = req.params!;
+      const loggedInAdmin = req.context!.admin;
       if (isNil(id)) {
         throw new ConduitError('INVALID_ARGUMENTS', 400, 'Id must be provided');
       }

packages/admin/src/routes/GetAdmin.route.ts

@@ -0,0 +1,33 @@
+import {
+  ConduitRouteActions,
+  ConduitRouteParameters,
+  ConduitString,
+  ConduitError,
+} from '@conduitplatform/grpc-sdk';
+import { Admin } from '../models';
+import { ConduitRoute, ConduitRouteReturnDefinition } from '@conduitplatform/hermes';
+
+export function getAdminRoute() {
+  return new ConduitRoute(
+    {
+      path: '/admins/:id',
+      action: ConduitRouteActions.GET,
+      description: `Returns an admin user. Passing 'me' as 'id' returns the authenticated admin performing the request`,
+      urlParams: {
+        id: ConduitString.Required,
+      },
+    },
+    new ConduitRouteReturnDefinition('GetAdmin', Admin.name),
+    async (req: ConduitRouteParameters) => {
+      const adminId = req.params!.id;
+      const admin: Admin =
+        adminId === 'me'
+          ? req.context!.admin
+          : await Admin.getInstance().findOne({ _id: adminId });
+      if (!admin) {
+        throw ConduitError.notFound('Admin does not exist');
+      }
+      return admin;
+    },
+  );
+}

packages/admin/src/routes/GetAdminUsers.route.ts → packages/admin/src/routes/GetAdmins.route.ts

@@ -6,9 +6,8 @@ import {
 } from '@conduitplatform/grpc-sdk';
 import { Admin } from '../models';
 import { ConduitRoute, ConduitRouteReturnDefinition } from '@conduitplatform/hermes';
-import { schema as AdminSchema } from '../models/Admin.schema';
 
-export function getAdminUsersRoute() {
+export function getAdminsRoute() {
   return new ConduitRoute(
     {
       path: '/admins',
@@ -21,13 +20,13 @@ export function getAdminUsersRoute() {
       },
     },
     new ConduitRouteReturnDefinition('GetAdminUsers', {
-      admins: [AdminSchema],
+      admins: [Admin.name],
       count: ConduitNumber.Required,
     }),
-    async (params: ConduitRouteParameters) => {
-      const skip = params.params!.skip ?? 0;
-      const limit = params.params!.limit ?? 25;
-      const sort = params.params!.sort;
+    async (req: ConduitRouteParameters) => {
+      const skip = req.params!.skip ?? 0;
+      const limit = req.params!.limit ?? 25;
+      const sort = req.params!.sort;
       const adminsPromise = Admin.getInstance().findMany(
         {},
         '-password',

packages/admin/src/routes/Login.route.ts

@@ -26,8 +26,8 @@ export function getLoginRoute() {
     new ConduitRouteReturnDefinition('Login', {
       token: ConduitString.Required,
     }),
-    async (params: ConduitRouteParameters) => {
-      const { username, password } = params.params!;
+    async (req: ConduitRouteParameters) => {
+      const { username, password } = req.params!;
       if (isNil(username) || isNil(password)) {
         throw new ConduitError(
           'INVALID_ARGUMENTS',
@@ -36,7 +36,7 @@ export function getLoginRoute() {
         );
       }
 
-      const admin = await Admin.getInstance().findOne({ username });
+      const admin = await Admin.getInstance().findOne({ username }, 'password');
       if (isNil(admin)) {
         throw new ConduitError('UNAUTHORIZED', 401, 'Invalid username/password');
       }

packages/admin/src/routes/ToggleTwoFa.route.ts

@@ -23,10 +23,10 @@ export function toggleTwoFaRoute() {
     new ConduitRouteReturnDefinition('ToggleTwoFaResponse', {
       message: ConduitString.Required,
     }),
-    async (params: ConduitRouteParameters) => {
-      const { enableTwoFa } = params.params!;
-      const admin = params.context!.admin;
-      const context = params.context!;
+    async (req: ConduitRouteParameters) => {
+      const { enableTwoFa } = req.params!;
+      const admin = req.context!.admin;
+      const context = req.context!;
 
       if (isNil(context) || isNil(admin)) {
         throw new GrpcError(status.UNAUTHENTICATED, 'Unauthorized');

packages/admin/src/routes/VerifyQrCode.route.ts

@@ -22,11 +22,11 @@ export function verifyQrCodeRoute() {
     new ConduitRouteReturnDefinition('VerifyQRCodeResponse', {
       message: ConduitString.Required,
     }),
-    async (params: ConduitRouteParameters) => {
-      const admin = params.context!.admin;
-      const context = params.context!;
+    async (req: ConduitRouteParameters) => {
+      const admin = req.context!.admin;
+      const context = req.context!;
 
-      const { code } = params.params!;
+      const { code } = req.params!;
 
       if (isNil(context) || isEmpty(context)) {
         throw new GrpcError(status.UNAUTHENTICATED, 'User unauthenticated');

packages/admin/src/routes/VerifyTwoFa.route.ts

@@ -18,9 +18,9 @@ export function verifyTwoFaRoute() {
     new ConduitRouteReturnDefinition('VerifyTwoFaResponse', {
       token: ConduitString.Required,
     }),
-    async (params: ConduitRouteParameters) => {
-      const { code } = params.params!;
-      const admin = params.context!.admin;
+    async (req: ConduitRouteParameters) => {
+      const { code } = req.params!;
+      const admin = req.context!.admin;
       return await verify2Fa(admin, code);
     },
   );

packages/admin/src/routes/index.ts

@@ -1,6 +1,7 @@
 export * from './Login.route';
 export * from './CreateAdmin.route';
-export * from './GetAdminUsers.route';
+export * from './GetAdmin.route';
+export * from './GetAdmins.route';
 export * from './DeleteAdminUser.route';
 export * from './ChangePassword.route';
 export * from './Ready';