jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
61f37e0260ca5e59c22ff4e97638a8c278833174
cloudron-box/src/routes/groups.js
Girish Ramakrishnan 12e073e8cf use node: prefix for requires 
mostly because code is being autogenerated by all the AI stuff using
this prefix. it's also used in the stack trace.
2025-08-14 12:55:35 +05:30

104 lines
3.7 KiB
JavaScript
Raw Blame History

'use strict';
exports = module.exports = {
load,
get,
list,
add,
setName,
del,
setMembers,
setAllowedApps
};
const assert = require('node:assert'),
AuditSource = require('../auditsource.js'),
BoxError = require('../boxerror.js'),
groups = require('../groups.js'),
HttpError = require('@cloudron/connect-lastmile').HttpError,
HttpSuccess = require('@cloudron/connect-lastmile').HttpSuccess,
safe = require('safetydance');
async function load(req, res, next) {
assert.strictEqual(typeof req.params.groupId, 'string');
const [error, result] = await safe(groups.getWithMembers(req.params.groupId));
if (error) return next(BoxError.toHttpError(error));
if (!result) return next(new HttpError(404, 'Group not found'));
req.resources.group = result;
next();
}
async function add(req, res, next) {
assert.strictEqual(typeof req.body, 'object');
if (typeof req.body.name !== 'string') return next(new HttpError(400, 'name must be string'));
const [error, group] = await safe(groups.add({ name: req.body.name, source : '' }, AuditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(201, { id: group.id, name: group.name }));
}
async function get(req, res, next) {
assert.strictEqual(typeof req.params.groupId, 'string');
next(new HttpSuccess(200, req.resources.group));
}
async function setName(req, res, next) {
assert.strictEqual(typeof req.resources.group, 'object');
assert.strictEqual(typeof req.body, 'object');
if (typeof req.body.name !== 'string') return next(new HttpError(400, 'name must be a string'));
const [error] = await safe(groups.setName(req.resources.group, req.body.name, AuditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(200, {}));
}
async function setMembers(req, res, next) {
assert.strictEqual(typeof req.resources.group, 'object');
if (!req.body.userIds) return next(new HttpError(404, 'missing or invalid userIds fields'));
if (!Array.isArray(req.body.userIds)) return next(new HttpError(404, 'userIds must be an array'));
if (req.body.userIds.some((u) => typeof u !== 'string')) return next(new HttpError(400, 'userIds array must contain strings'));
const [error] = await safe(groups.setMembers(req.resources.group, req.body.userIds, { skipSourceCheck: false }, AuditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(200, {}));
}
async function setAllowedApps(req, res, next) {
assert.strictEqual(typeof req.resources.group, 'object');
if (!req.body.appIds) return next(new HttpError(404, 'missing or invalid userIds fields'));
if (!Array.isArray(req.body.appIds)) return next(new HttpError(404, 'appIds must be an array'));
if (req.body.appIds.some((a) => typeof a !== 'string')) return next(new HttpError(400, 'appIds array must contain strings'));
const [error] = await safe(groups.setAllowedApps(req.resources.group, req.body.appIds, AuditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(200, {}));
}
async function list(req, res, next) {
const [error, result] = await safe(groups.listWithMembers());
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(200, { groups: result }));
}
async function del(req, res, next) {
assert.strictEqual(typeof req.params.groupId, 'string');
const [error] = await safe(groups.del(req.resources.group, AuditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(204));
}
Reference in New Issue View Git Blame Copy Permalink