vanja/feishin
1
0
Fork 0
mirror of https://github.com/jeffvli/feishin.git synced 2026-05-13 20:10:07 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
ec59d27c1da9454c73d657a652b08c3f65cbbbc4
feishin/server/routes/users.route.ts
T
jeffvli 445e4b56b7 Add initial users manager
2022-11-08 18:46:56 -08:00

50 lines
1.4 KiB
TypeScript
Raw Blame History

import express, { Router } from 'express';
import { controller } from '@controllers/index';
import { service } from '@services/index';
import { ApiError } from '@utils/index';
import { validation } from '@validations/index';
import { validateRequest } from '@validations/shared.validation';
import { authenticateAdmin } from '../middleware/authenticate-admin';
export const router: Router = express.Router({ mergeParams: true });
router
.route('/')
.get(
authenticateAdmin,
validateRequest(validation.users.list),
controller.users.getUserList
)
.post(
authenticateAdmin,
validateRequest(validation.users.createUser),
controller.users.createUser
);
router.param('userId', async (req, _res, next, userId) => {
const user = await service.users.findById(req.authUser, { id: userId });
if (req.authUser.id === userId) {
return next();
}
// Only superadmins can modify other admins
if (user.isAdmin && !req.authUser.isSuperAdmin) {
throw ApiError.forbidden('You are not authorized to access this resource');
}
return next();
});
router
.route('/:userId')
.get(validateRequest(validation.users.detail), controller.users.getUserDetail)
.patch(
validateRequest(validation.users.updateUser),
controller.users.updateUser
)
.delete(
validateRequest(validation.users.deleteUser),
controller.users.deleteUser
);
Reference in New Issue View Git Blame Copy Permalink