2020-01-31 15:28:42 -08:00
|
|
|
'use strict';
|
|
|
|
|
|
|
|
|
|
exports = module.exports = {
|
2021-05-01 11:21:09 -07:00
|
|
|
list,
|
|
|
|
|
get,
|
|
|
|
|
del,
|
|
|
|
|
add
|
2020-01-31 15:28:42 -08:00
|
|
|
};
|
|
|
|
|
|
2021-06-25 22:11:17 -07:00
|
|
|
const appPasswords = require('../apppasswords.js'),
|
|
|
|
|
assert = require('assert'),
|
2020-01-31 15:28:42 -08:00
|
|
|
BoxError = require('../boxerror.js'),
|
|
|
|
|
HttpError = require('connect-lastmile').HttpError,
|
|
|
|
|
HttpSuccess = require('connect-lastmile').HttpSuccess,
|
2021-06-25 22:11:17 -07:00
|
|
|
safe = require('safetydance');
|
2020-01-31 15:28:42 -08:00
|
|
|
|
2021-06-25 22:11:17 -07:00
|
|
|
async function get(req, res, next) {
|
2020-01-31 15:28:42 -08:00
|
|
|
assert.strictEqual(typeof req.user, 'object');
|
|
|
|
|
assert.strictEqual(typeof req.params.id, 'string');
|
|
|
|
|
|
2021-06-25 22:11:17 -07:00
|
|
|
const [error, result] = await safe(appPasswords.get(req.params.id));
|
|
|
|
|
if (error) return next(BoxError.toHttpError(error));
|
|
|
|
|
if (!result) return next(new HttpError(404, 'appPassword not found'));
|
2020-01-31 15:28:42 -08:00
|
|
|
|
2021-06-25 22:11:17 -07:00
|
|
|
next(new HttpSuccess(200, appPasswords.removePrivateFields(result)));
|
2020-01-31 15:28:42 -08:00
|
|
|
}
|
|
|
|
|
|
2021-06-25 22:11:17 -07:00
|
|
|
async function add(req, res, next) {
|
2020-01-31 15:28:42 -08:00
|
|
|
assert.strictEqual(typeof req.user, 'object');
|
|
|
|
|
assert.strictEqual(typeof req.body, 'object');
|
|
|
|
|
|
|
|
|
|
if (typeof req.body.name !== 'string') return next(new HttpError(400, 'name must be string'));
|
|
|
|
|
if (typeof req.body.identifier !== 'string') return next(new HttpError(400, 'identifier must be string'));
|
|
|
|
|
|
2021-06-25 22:11:17 -07:00
|
|
|
const [error, result] = await safe(appPasswords.add(req.user.id, req.body.identifier, req.body.name));
|
|
|
|
|
if (error) return next(BoxError.toHttpError(error));
|
2020-01-31 15:28:42 -08:00
|
|
|
|
2021-06-25 22:11:17 -07:00
|
|
|
next(new HttpSuccess(201, { id: result.id, password: result.password }));
|
2020-01-31 15:28:42 -08:00
|
|
|
}
|
|
|
|
|
|
2021-06-25 22:11:17 -07:00
|
|
|
async function list(req, res, next) {
|
2020-01-31 15:28:42 -08:00
|
|
|
assert.strictEqual(typeof req.user, 'object');
|
|
|
|
|
|
2021-06-25 22:11:17 -07:00
|
|
|
let [error, result] = await safe(appPasswords.list(req.user.id));
|
|
|
|
|
if (error) return next(BoxError.toHttpError(error));
|
2020-01-31 15:28:42 -08:00
|
|
|
|
2021-06-25 22:11:17 -07:00
|
|
|
result = result.map(appPasswords.removePrivateFields);
|
|
|
|
|
next(new HttpSuccess(200, { appPasswords: result }));
|
2020-01-31 15:28:42 -08:00
|
|
|
}
|
|
|
|
|
|
2021-06-25 22:11:17 -07:00
|
|
|
async function del(req, res, next) {
|
2020-01-31 15:28:42 -08:00
|
|
|
assert.strictEqual(typeof req.user, 'object');
|
|
|
|
|
assert.strictEqual(typeof req.params.id, 'string');
|
|
|
|
|
|
2020-02-01 10:00:52 -08:00
|
|
|
// TODO: verify userId owns the id ?
|
2021-06-25 22:11:17 -07:00
|
|
|
const [error] = await safe(appPasswords.del(req.params.id));
|
|
|
|
|
if (error) return next(BoxError.toHttpError(error));
|
2020-01-31 15:28:42 -08:00
|
|
|
|
2021-06-25 22:11:17 -07:00
|
|
|
next(new HttpSuccess(204, {}));
|
2020-01-31 15:28:42 -08:00
|
|
|
}
|
