huanld/speckle-server
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
f9eea0eac254eb902c6c1fd75005d91cbf455a66
speckle-server/modules/core/graph/resolvers/user.js
T
Dimitrie Stefanescu 187204073d refactor(naming): renamed root to appRoot & updated all usage
2020-07-14 15:13:44 +01:00

73 lines
2.7 KiB
JavaScript
Raw Blame History

'use strict'
const appRoot = require( 'app-root-path' )
const { ApolloError, AuthenticationError, UserInputError } = require( 'apollo-server-express' )
const { createUser, getUser, getUserByEmail, getUserRole, updateUser, deleteUser, validatePasssword } = require( '../../services/users' )
const { createPersonalAccessToken, createAppToken, revokeToken, revokeTokenById, validateToken, getUserTokens } = require( '../../services/tokens' )
const { validateServerRole, validateScopes, authorizeResolver } = require( `${appRoot}/modules/shared` )
const setupCheck = require( `${appRoot}/setupcheck` )
const zxcvbn = require( 'zxcvbn' )
module.exports = {
Query: {
async _( ) {
return `Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn.`
},
async user( parent, args, context, info ) {
await validateServerRole( context, 'server:user' )
if ( !args.id )
await validateScopes( context.scopes, 'profile:read' )
else
await validateScopes( context.scopes, 'users:read' )
if ( !args.id && !context.userId ) {
throw new UserInputError( 'You must provide an user id.' )
}
return await getUser( args.id || context.userId )
},
async userPwdStrength( parent, args, context, info ) {
let res = zxcvbn( args.pwd )
return { score: res.score, feedback: res.feedback }
}
},
User: {
async email( parent, args, context, info ) {
// NOTE: we're redacting the field (returning null) rather than throwing a full error which would invalidate the request.
if ( context.userId === parent.id ) {
try {
await validateScopes( context.scopes, 'profile:email' )
return parent.email
} catch ( err ) {
return null
}
}
try {
await validateScopes( context.scopes, 'users:email' )
return parent.email
} catch ( err ) {
return null
}
},
async role( parent, args, context, info ) {
return await getUserRole( parent.id )
}
},
Mutation: {
async userEdit( parent, args, context, info ) {
await validateServerRole( context, 'server:user' )
await updateUser( context.userId, args.user )
return true
},
// TODO: remove; setup step needs to get rid of this dependency
async userCreateAdmin( parent, args, context, info ) {
let setupComplete = await setupCheck( )
if ( setupComplete ) throw new ApolloError( 'Registration method not available' )
let userId = await createUser( args.user )
let token = await createPersonalAccessToken( userId, "Default Token", [ 'server:setup', 'profile:read', 'profile:email', 'users:read', 'users:email' ] )
return token
}
}
}
Reference in New Issue View Git Blame Copy Permalink