add public services to add and remove user realms

thegameofcode · Mar 16, 2016 · 88ca174 · 88ca174
1 parent 585c4d5
commit 88ca174
Show file tree

Hide file tree

Showing 6 changed files with 334 additions and 18 deletions.
diff --git a/src/managers/dao.js b/src/managers/dao.js
@@ -148,7 +148,7 @@ function getFromUsername(username, cbk) {
 		return cbk({err: 'invalid_username'});
 	}
 	const usernameRe = makeRegEx(username);
-	usersCollection.find({ username: usernameRe }, {password: 0}, function (err, users) {
+	usersCollection.find({username: usernameRe}, {password: 0}, function (err, users) {
 		if (err) {
 			return cbk(err);
 		}
@@ -168,7 +168,7 @@ function getFromUsername(username, cbk) {
 function getFromUsernamePassword(username, password, cbk) {
 	const usernameRE = makeRegEx(username);
 
-	usersCollection.find({ username: usernameRE, password }, {password: 0}, function (err, users) {
+	usersCollection.find({username: usernameRE, password}, {password: 0}, function (err, users) {
 		if (err) {
 			return cbk(err, null);
 		}
@@ -190,7 +190,7 @@ function getAllUserFields(username, cbk) {
 		return cbk({err: 'invalid_username'}, null);
 	}
 	const usernameRE = makeRegEx(username);
-	usersCollection.find({ username: usernameRE }, function (err, users) {
+	usersCollection.find({username: usernameRE}, function (err, users) {
 		if (err) {
 			return cbk(err, null);
 		}
@@ -233,8 +233,22 @@ function getFromId(id, cbk) {
 	});
 }
 
+function removeFromArrayFieldById(userId, fieldName, fieldValue, cbk) {
+	const data = {
+		$pull: {
+			[fieldName]: fieldValue
+		}
+	};
+
+	usersCollection.update({_id: userId}, data, function (err, updatedProfiles) {
+		if (err) {
+			return cbk(err, null);
+		}
+		return cbk(null, updatedProfiles);
+	});
+}
+
 function addToArrayFieldById(userId, fieldName, fieldValue, cbk) {
-	const _id = new ObjectID(userId);
 
 	const data = {
 		$push: {
@@ -243,7 +257,7 @@ function addToArrayFieldById(userId, fieldName, fieldValue, cbk) {
 			}
 		}
 	};
-	usersCollection.update({ _id }, data, function (err, updatedProfiles) {
+	usersCollection.update({_id: userId}, data, function (err, updatedProfiles) {
 		if (err) {
 			return cbk(err, null);
 		}
@@ -314,6 +328,28 @@ function addRealm(realmToAdd, cbk) {
 	});
 }
 
+function getRealmFromName(name, cbk) {
+	if (!name) {
+		return cbk({err: 'invalid_realm_name', code: 400});
+	}
+	const nameRe = makeRegEx(name);
+	realmsCollection.find({name: nameRe}, {_id: 0}, function (err, realms) {
+		if (err) {
+			return cbk(err);
+		}
+
+		realms.nextObject(function (err, realm) {
+			if (err) {
+				return cbk(err);
+			}
+			if (!realm) {
+				return cbk({err: 'realm_not_found', code: 400});
+			}
+			return cbk(null, realm);
+		});
+	});
+}
+
 function getRealms(cbk) {
 	const now = new Date().getTime();
 	const timeSinceLastRefresh = now - lastTimeRefresedRealms;
@@ -369,13 +405,15 @@ module.exports = {
 	updateField,
 	updateArrayItem,
 	addToArrayFieldById,
+	removeFromArrayFieldById,
 	getAllUserFields,
 
 	ERROR_USER_NOT_FOUND,
 	ERROR_USERNAME_ALREADY_EXISTS,
 
 	addRealm,
 	getRealms,
+	getRealmFromName,
 	resetRealmsVariables,
 	deleteAllRealms,
 	findByEmail,

diff --git a/src/managers/user.js b/src/managers/user.js
@@ -480,6 +480,48 @@ function isValidDomain(email, cbk) {
 	});
 }
 
+function removeRealmFromUser(userId, name, cbk) {
+	daoMng.removeFromArrayFieldById(userId, 'realms', name, function (err, removed) {
+		if (err) {
+			return cbk(err);
+		}
+		return cbk();
+	});
+}
+
+function addRealmToUser(userId, name, cbk) {
+	async.waterfall([
+		function (done) {
+			daoMng.getRealmFromName(name, function (err, realm) {
+				if (err) {
+					return done(err);
+				}
+				return done(null, realm);
+			});
+		},
+		function (realm, done) {
+			daoMng.addToArrayFieldById(userId, 'realms', realm.name, function (err, added) {
+				if (err) {
+					return done(err);
+				}
+				if (added !== 1) {
+					return done({
+						err: 'realm not added to user',
+						code: 400
+					});
+				}
+				return done();
+			});
+		}
+	], function (err) {
+		if (err) {
+			log.error({err});
+			return cbk(err);
+		}
+		return cbk();
+	});
+}
+
 function validatePwd(pwd, regexp) {
 	return (new RegExp(regexp)).test(pwd);
 }
@@ -492,6 +534,8 @@ module.exports = function (settings) {
 		createUser,
 		createUserByToken,
 		setPassword,
-		validateOldPassword
+		validateOldPassword,
+		removeRealmFromUser,
+		addRealmToUser
 	};
 };
diff --git a/src/routes_public/routes.js b/src/routes_public/routes.js
@@ -29,6 +29,8 @@ const createUser_post = require('./user/createUser_post');
 
 const validateOldPassword = require('./user/validateOldPassword_put');
 const setPassword = require('./user/setPassword_put');
+const addUserRealm = require('./user/addUserRealm_post');
+const removeUserRealm = require('./user/removeUserRealm_del');
 
 module.exports = function(server){
 	server.post('/auth/login', login_post);
@@ -44,4 +46,6 @@ module.exports = function(server){
 	server.post('/user/activate', activateUser_post);
 	server.post('/user/email/available', checkEmailAvailability_post);
 	server.put('/user/me/password', checkAccessTokenParam, checkAuthHeader, decodeToken, bodyRequired, findUser, validateOldPassword, setPassword);
+	server.post('/user/me/realms', checkAccessTokenParam, checkAuthHeader, decodeToken, bodyRequired, findUser, addUserRealm);
+	server.del('/user/me/realms', checkAccessTokenParam, checkAuthHeader, decodeToken, bodyRequired, findUser, removeUserRealm);
 };
diff --git a/src/routes_public/user/addUserRealm_post.js b/src/routes_public/user/addUserRealm_post.js
@@ -0,0 +1,33 @@
+'use strict';
+
+const userMng = require('../../managers/user');
+const _ = require('lodash');
+
+module.exports = function (req, res, next) {
+	const name = req.body.name;
+
+	if (_.isEmpty(name)) {
+		res.send(400, {
+			err: 'BadRequestError',
+			des: 'Missing name in request body'
+		});
+		return next();
+	}
+
+	userMng().addRealmToUser(req.user._id, name, function (err) {
+		if (err) {
+			if (!err.code) {
+				res.send(500, err);
+				return next(err);
+			}
+
+			const errCode = err.code;
+			delete(err.code);
+			res.send(errCode, err);
+			return next(err);
+		}
+
+		res.send(204);
+		return next();
+	});
+};
diff --git a/src/routes_public/user/removeUserRealm_del.js b/src/routes_public/user/removeUserRealm_del.js
@@ -0,0 +1,33 @@
+'use strict';
+
+const userMng = require('../../managers/user');
+const _ = require('lodash');
+
+module.exports = function (req, res, next) {
+	const name = req.body.name;
+
+	if (_.isEmpty(name)) {
+		res.send(400, {
+			err: 'BadRequestError',
+			des: 'Missing name in request body'
+		});
+		return next();
+	}
+
+	userMng().removeRealmFromUser(req.user._id, req.body.name, function (err) {
+		if (err) {
+			if (!err.code) {
+				res.send(500, err);
+				return next(err);
+			}
+
+			const errCode = err.code;
+			delete(err.code);
+			res.send(errCode, err);
+			return next(err);
+		}
+
+		res.send(200);
+		return next();
+	});
+};