2018-03-25 02:35:47 +00:00
|
|
|
const graphHelper = require('../../helpers/graph')
|
2019-01-12 23:33:30 +00:00
|
|
|
const safeRegex = require('safe-regex')
|
2019-01-13 03:33:30 +00:00
|
|
|
const _ = require('lodash')
|
2017-08-07 01:05:10 +00:00
|
|
|
|
2018-03-05 20:49:36 +00:00
|
|
|
/* global WIKI */
|
2017-08-07 01:05:10 +00:00
|
|
|
|
2017-08-14 00:33:06 +00:00
|
|
|
const gql = require('graphql')
|
|
|
|
|
2017-08-07 01:05:10 +00:00
|
|
|
module.exports = {
|
2017-08-09 02:36:29 +00:00
|
|
|
Query: {
|
2018-03-19 03:12:56 +00:00
|
|
|
async groups() { return {} }
|
|
|
|
},
|
|
|
|
Mutation: {
|
|
|
|
async groups() { return {} }
|
|
|
|
},
|
|
|
|
GroupQuery: {
|
2018-03-25 02:35:47 +00:00
|
|
|
async list(obj, args, context, info) {
|
2018-07-30 02:23:33 +00:00
|
|
|
return WIKI.models.groups.query().select(
|
2018-05-19 20:40:07 +00:00
|
|
|
'groups.*',
|
2018-07-30 02:23:33 +00:00
|
|
|
WIKI.models.groups.relatedQuery('users').count().as('userCount')
|
2018-05-19 20:40:07 +00:00
|
|
|
)
|
2018-03-28 04:02:32 +00:00
|
|
|
},
|
|
|
|
async single(obj, args, context, info) {
|
2018-07-30 02:23:33 +00:00
|
|
|
return WIKI.models.groups.query().findById(args.id)
|
2017-08-09 02:36:29 +00:00
|
|
|
}
|
|
|
|
},
|
2018-03-19 03:12:56 +00:00
|
|
|
GroupMutation: {
|
2018-05-12 20:13:04 +00:00
|
|
|
async assignUser(obj, args) {
|
2018-07-30 02:23:33 +00:00
|
|
|
const grp = await WIKI.models.groups.query().findById(args.groupId)
|
2018-05-12 20:13:04 +00:00
|
|
|
if (!grp) {
|
|
|
|
throw new gql.GraphQLError('Invalid Group ID')
|
|
|
|
}
|
2018-07-30 02:23:33 +00:00
|
|
|
const usr = await WIKI.models.users.query().findById(args.userId)
|
2018-05-12 20:13:04 +00:00
|
|
|
if (!usr) {
|
|
|
|
throw new gql.GraphQLError('Invalid User ID')
|
|
|
|
}
|
2019-10-15 03:56:37 +00:00
|
|
|
const relExist = await WIKI.models.knex('userGroups').where({
|
|
|
|
userId: args.userId,
|
|
|
|
groupId: args.groupId
|
|
|
|
}).first()
|
|
|
|
if (relExist) {
|
|
|
|
throw new gql.GraphQLError('User is already assigned to group.')
|
|
|
|
}
|
2018-05-19 20:40:07 +00:00
|
|
|
await grp.$relatedQuery('users').relate(usr.id)
|
2020-06-25 03:56:37 +00:00
|
|
|
|
|
|
|
WIKI.auth.revokeUserTokens({ id: usr.id, kind: 'u' })
|
|
|
|
WIKI.events.outbound.emit('addAuthRevoke', { id: usr.id, kind: 'u' })
|
|
|
|
|
2018-05-12 20:13:04 +00:00
|
|
|
return {
|
|
|
|
responseResult: graphHelper.generateSuccess('User has been assigned to group.')
|
|
|
|
}
|
2017-08-14 00:33:06 +00:00
|
|
|
},
|
2018-03-25 02:35:47 +00:00
|
|
|
async create(obj, args) {
|
2018-07-30 02:23:33 +00:00
|
|
|
const group = await WIKI.models.groups.query().insertAndFetch({
|
2018-10-14 21:38:39 +00:00
|
|
|
name: args.name,
|
|
|
|
permissions: JSON.stringify(WIKI.data.groups.defaultPermissions),
|
2019-05-05 05:03:42 +00:00
|
|
|
pageRules: JSON.stringify(WIKI.data.groups.defaultPageRules),
|
2018-10-14 21:38:39 +00:00
|
|
|
isSystem: false
|
2018-03-25 02:35:47 +00:00
|
|
|
})
|
2019-01-12 23:33:30 +00:00
|
|
|
await WIKI.auth.reloadGroups()
|
2020-04-20 00:26:26 +00:00
|
|
|
WIKI.events.outbound.emit('reloadGroups')
|
2018-03-25 02:35:47 +00:00
|
|
|
return {
|
|
|
|
responseResult: graphHelper.generateSuccess('Group created successfully.'),
|
|
|
|
group
|
|
|
|
}
|
2017-08-14 00:33:06 +00:00
|
|
|
},
|
2018-03-26 05:11:49 +00:00
|
|
|
async delete(obj, args) {
|
2018-07-30 02:23:33 +00:00
|
|
|
await WIKI.models.groups.query().deleteById(args.id)
|
2020-06-25 03:56:37 +00:00
|
|
|
|
|
|
|
WIKI.auth.revokeUserTokens({ id: args.id, kind: 'g' })
|
|
|
|
WIKI.events.outbound.emit('addAuthRevoke', { id: args.id, kind: 'g' })
|
|
|
|
|
2019-01-12 23:33:30 +00:00
|
|
|
await WIKI.auth.reloadGroups()
|
2020-04-20 00:26:26 +00:00
|
|
|
WIKI.events.outbound.emit('reloadGroups')
|
2020-06-25 03:56:37 +00:00
|
|
|
|
2018-03-26 05:11:49 +00:00
|
|
|
return {
|
|
|
|
responseResult: graphHelper.generateSuccess('Group has been deleted.')
|
|
|
|
}
|
2017-08-14 00:33:06 +00:00
|
|
|
},
|
2018-05-12 20:13:04 +00:00
|
|
|
async unassignUser(obj, args) {
|
2018-07-30 02:23:33 +00:00
|
|
|
const grp = await WIKI.models.groups.query().findById(args.groupId)
|
2018-05-12 20:13:04 +00:00
|
|
|
if (!grp) {
|
|
|
|
throw new gql.GraphQLError('Invalid Group ID')
|
|
|
|
}
|
2018-07-30 02:23:33 +00:00
|
|
|
const usr = await WIKI.models.users.query().findById(args.userId)
|
2018-05-12 20:13:04 +00:00
|
|
|
if (!usr) {
|
|
|
|
throw new gql.GraphQLError('Invalid User ID')
|
|
|
|
}
|
2018-05-19 20:40:07 +00:00
|
|
|
await grp.$relatedQuery('users').unrelate().where('userId', usr.id)
|
2020-06-25 03:56:37 +00:00
|
|
|
|
|
|
|
WIKI.auth.revokeUserTokens({ id: usr.id, kind: 'u' })
|
|
|
|
WIKI.events.outbound.emit('addAuthRevoke', { id: usr.id, kind: 'u' })
|
|
|
|
|
2018-05-12 20:13:04 +00:00
|
|
|
return {
|
|
|
|
responseResult: graphHelper.generateSuccess('User has been unassigned from group.')
|
|
|
|
}
|
2017-08-20 02:51:25 +00:00
|
|
|
},
|
2018-05-12 20:13:04 +00:00
|
|
|
async update(obj, args) {
|
2019-08-04 20:31:13 +00:00
|
|
|
if (_.some(args.pageRules, pr => {
|
2019-01-13 20:37:45 +00:00
|
|
|
return pr.match === 'REGEX' && !safeRegex(pr.path)
|
2019-01-12 23:33:30 +00:00
|
|
|
})) {
|
|
|
|
throw new gql.GraphQLError('Some Page Rules contains unsafe or exponential time regex.')
|
|
|
|
}
|
|
|
|
|
2018-12-30 02:30:51 +00:00
|
|
|
await WIKI.models.groups.query().patch({
|
|
|
|
name: args.name,
|
|
|
|
permissions: JSON.stringify(args.permissions),
|
|
|
|
pageRules: JSON.stringify(args.pageRules)
|
|
|
|
}).where('id', args.id)
|
2019-01-12 23:33:30 +00:00
|
|
|
|
2020-06-25 03:56:37 +00:00
|
|
|
WIKI.auth.revokeUserTokens({ id: args.id, kind: 'g' })
|
|
|
|
WIKI.events.outbound.emit('addAuthRevoke', { id: args.id, kind: 'g' })
|
|
|
|
|
2019-01-12 23:33:30 +00:00
|
|
|
await WIKI.auth.reloadGroups()
|
2020-04-20 00:26:26 +00:00
|
|
|
WIKI.events.outbound.emit('reloadGroups')
|
2019-01-12 23:33:30 +00:00
|
|
|
|
2018-05-12 20:13:04 +00:00
|
|
|
return {
|
|
|
|
responseResult: graphHelper.generateSuccess('Group has been updated.')
|
|
|
|
}
|
2017-08-09 02:36:29 +00:00
|
|
|
}
|
2017-08-07 01:05:10 +00:00
|
|
|
},
|
2017-08-09 02:36:29 +00:00
|
|
|
Group: {
|
2017-08-07 01:05:10 +00:00
|
|
|
users(grp) {
|
2018-05-19 20:40:07 +00:00
|
|
|
return grp.$relatedQuery('users')
|
2017-08-07 01:05:10 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|