84 lines
2.3 KiB
TypeScript
84 lines
2.3 KiB
TypeScript
import {
|
|
BadRequestException,
|
|
Body,
|
|
Controller,
|
|
Get,
|
|
Post,
|
|
Request,
|
|
ValidationPipe
|
|
} from '@nestjs/common';
|
|
import { AuthService } from 'services/auth';
|
|
import { Requests, Responses, UserRole } from '../../dto';
|
|
import { Role } from 'authguards';
|
|
import { tfaTypes } from 'entities';
|
|
|
|
@Controller('api/admin')
|
|
export default class AdminController {
|
|
constructor(private authService: AuthService) {}
|
|
|
|
@Role(UserRole.ADMIN)
|
|
@Get('users')
|
|
async getUsers(): Promise<Responses.Admin.GetUsers> {
|
|
const users = await this.authService.getUsers();
|
|
const entries = users.map(
|
|
(user) =>
|
|
new Responses.Admin.GetUsersEntry(
|
|
user.id,
|
|
user.isGitlabUser,
|
|
user.name,
|
|
user.role,
|
|
this.authService.requiresTfa(user)
|
|
)
|
|
);
|
|
return new Responses.Admin.GetUsers(entries);
|
|
}
|
|
|
|
@Role(UserRole.ADMIN)
|
|
@Post('set_role')
|
|
async setRole(
|
|
@Request() req,
|
|
@Body(new ValidationPipe()) data: Requests.Admin.SetUserRole
|
|
): Promise<Responses.Admin.SetUserRole> {
|
|
const user = await this.authService.getUser(data.user);
|
|
if (!user) throw new BadRequestException('Invalid user');
|
|
await this.authService.setUserRole(user, data.role);
|
|
return new Responses.Admin.SetUserRole();
|
|
}
|
|
|
|
@Role(UserRole.ADMIN)
|
|
@Post('logout')
|
|
async logout(
|
|
@Request() req,
|
|
@Body(new ValidationPipe()) data: Requests.Admin.LogoutAll
|
|
): Promise<Responses.Admin.LogoutAllUser> {
|
|
const user = await this.authService.getUser(data.user);
|
|
if (!user) throw new BadRequestException('Invalid user');
|
|
await this.authService.revokeAll(user);
|
|
return new Responses.Admin.LogoutAllUser();
|
|
}
|
|
|
|
@Role(UserRole.ADMIN)
|
|
@Post('delete')
|
|
async delete(
|
|
@Request() req,
|
|
@Body(new ValidationPipe()) data: Requests.Admin.DeleteUser
|
|
): Promise<Responses.Admin.DeleteUser> {
|
|
const user = await this.authService.getUser(data.user);
|
|
if (!user) throw new BadRequestException('Invalid user');
|
|
await this.authService.deleteUser(user);
|
|
return new Responses.Admin.DeleteUser();
|
|
}
|
|
|
|
@Role(UserRole.ADMIN)
|
|
@Post('disable_2fa')
|
|
async disableTfa(
|
|
@Request() req,
|
|
@Body(new ValidationPipe()) data: Requests.Admin.DisableTfa
|
|
): Promise<Responses.Admin.DisableTfa> {
|
|
const user = await this.authService.getUser(data.user);
|
|
if (!user) throw new BadRequestException('Invalid user');
|
|
await this.authService.setTfaType(user, tfaTypes.NONE);
|
|
return new Responses.Admin.DisableTfa();
|
|
}
|
|
}
|