Merge 8ecad75 into ed088f5

server/models/user.js

@@ -1,154 +1,94 @@
 'use strict';
-const Async = require('async');
+const Assert = require('assert');
 const Bcrypt = require('bcrypt');
-const Clinician = require('./clinician');
 const Joi = require('joi');
 const MongoModels = require('hicsail-mongo-models');
 
 
 class User extends MongoModels {
-  static generatePasswordHash(password, callback) {
 
-    Async.auto({
-      salt: function (done) {
+  static async generatePasswordHash(password) {
 
-        Bcrypt.genSalt(10, done);
-      },
-      hash: ['salt', function (results, done) {
+    Assert.ok(password, 'Missing pasword arugment.');
+    const salt = await (Bcrypt.genSalt(10));
+    const hash = await (Bcrypt.hash(password,salt));
 
-        Bcrypt.hash(password, results.salt, done);
-      }]
-    }, (err, results) => {
+    return { password, hash };
 
-      if (err) {
-        return callback(err);
-      }
-
-      callback(null, {
-        password,
-        hash: results.hash
-      });
-    });
   }
 
-  static create(username, password, email, name, callback) {
+  static async create(username, password, email, name) {
 
     const self = this;
 
-    Async.auto({
-      passwordHash: this.generatePasswordHash.bind(this, password),
-      newUser: ['passwordHash', function (results, done) {
-
-        const document = {
-          isActive: true,
-          inStudy: true,
-          username: username.toLowerCase(),
-          password: results.passwordHash.hash,
-          email: email.toLowerCase(),
-          name,
-          roles: {},
-          studyID: null,
-          timeCreated: new Date()
-        };
-
-        self.insertOne(document, done);
-      }]
-    }, (err, results) => {
-
-      if (err) {
-        return callback(err);
-      }
-
-      results.newUser[0].password = results.passwordHash.password;
-
-      callback(null, results.newUser[0]);
+    Assert.ok(username, 'Missing username argument');
+    Assert.ok(password, 'Missing password argument');
+    Assert.ok(email, 'Missing email argument.');
+    Assert.ok(name, 'Missing name argument.');
+
+    const passwordHash = await this.generatePasswordHash(password);
+    const document =  new this({
+      isActive: true,
+      inStudy: true,
+      username: username.toLowerCase(),
+      password: passwordHash.hash,
+      email: email.toLowerCase(),
+      name,
+      roles: {},
+      studyID: null,
+      timeCreated: new Date()
     });
-  }
 
-  static findByCredentials(username, password, callback) {
+    const users = await self.insertOne(document);
 
-    const self = this;
+    users[0].password = passwordHash.password;
+
+    return users[0];
 
-    Async.auto({
-      user: function (done) {
+  }
 
-        const query = {
-          isActive: true
-        };
 
-        if (username.indexOf('@') > -1) {
-          query.email = username.toLowerCase();
-        }
-        else {
-          query.username = username.toLowerCase();
-        }
+  static async findByCredentials(username, password) {
 
-        self.findOne(query, done);
-      },
-      passwordMatch: ['user', function (results, done) {
+    Assert.ok(username,'Missing username argument.');
+    Assert.ok(password,'Missing password argument.');
 
-        if (!results.user) {
-          return done(null, false);
-        }
+    const query = { isActive: true };
 
-        const source = results.user.password;
-        Bcrypt.compare(password, source, done);
-      }]
-    }, (err, results) => {
+    if (username.indexOf('@') > -1) {
+      query.email = username.toLowerCase();
+    }
 
-      if (err) {
-        return callback(err);
-      }
+    else {
+      query.username = username.toLowerCase();
+    }
 
-      if (results.passwordMatch) {
-        return callback(null, results.user);
-      }
+    const user = await this.findOne(query);
 
-      callback();
-    });
-  }
+    if (!user) {
+      return;
+    }
 
-  static findByUsername(username, callback) {
+    const passwordMatch = await Bcrypt.compare(password,user.password);
 
-    const query = { username: username.toLowerCase() };
+    if (passwordMatch) {
+      return user;
+    }
 
-    this.findOne(query, callback);
   }
 
-  static highestRole(roles) {
 
-    if (roles.root) {
-      return 5;
-    }
-    else if (roles.admin) {
-      return 4;
-    }
-    else if (roles.researcher) {
-      return 3;
-    }
-    else if (roles.clinician) {
-      return 2;
-    }
-    else if (roles.analyst) {
-      return 1;
-    }
-    return 0;
-  }
+  static findByUsername(username) {
 
-  constructor(attrs) {
+    Assert.ok(username, 'Misisng username argument.');
 
-    super(attrs);
+    const query = { username: username.toLowerCase() };
 
-    Object.defineProperty(this, '_roles', {
-      writable: true,
-      enumerable: false
-    });
+    return this.findOne(query);
   }
 
-  static PHI() {
 
-    return ['username', 'password', 'name', 'email'];
-  }
+
 }
 
 
@@ -163,25 +103,23 @@ User.schema = Joi.object({
   name: Joi.string(),
   inStudy: Joi.boolean().default(true),
   email: Joi.string().email().lowercase().required(),
-  roles: Joi.object({
-    clinician: Clinician.schema,
-    analyst: Joi.boolean().required(),
-    researcher: Joi.boolean().required(),
-    admin: Joi.boolean().required(),
-    root: Joi.boolean().required()
-  }),
+  permissions: Joi.object(),
+  roles: Joi.array().items(Joi.string()),
   resetPassword: Joi.object({
     token: Joi.string().required(),
     expires: Joi.date().required()
   }),
-  timeCreated: Joi.date()
+  createdAt: Joi.date(),
+  updatedAt: Joi.date()
 });
 
 User.payload = Joi.object({
   username: Joi.string().token().lowercase().invalid('root').required(),
   password: Joi.string().required(),
   email: Joi.string().email().lowercase().required(),
-  name: Joi.string().required()
+  name: Joi.string().required(),
+  permissions: Joi.object(),
+  roles: Joi.array().items(Joi.string())
 });