CoreID/app/controllers/api/v1/Vault.controller.js

const { Controller } = require('libflitter')

class VaultController extends Controller {
    static get services() {
        return [...super.services, 'models']
    }

    async get_vaults(req, res, next) {
        const Policy = this.models.get('iam:Policy')
        const Vault = this.models.get('vault:Vault')

        await Vault.for_user(req.user)

        const vaults = await Vault.find({ active: true })
        console.log('found vaults', vaults)

        const accessible = []
        for ( const vault of vaults ) {
            if ( await Policy.check_user_access(req.user, vault.id, 'view') ) {
                accessible.push(await vault.to_api())
            }
        }

        return res.api(accessible)
    }

    async get_vault(req, res, next) {
        const Policy = this.models.get('iam:Policy')
        const Vault = this.models.get('vault:Vault')

        const vault = await Vault.findById(req.params.id)
        if ( !vault?.active ) {
            return res.status(404)
                .message(req.T('api.vault_not_found'))
                .api()
        }

        if ( !(await Policy.check_user_access(req.user, vault.id, 'view')) ) {
            return res.status(401)
                .message(req.T('api.insufficient_permissions'))
                .api()
        }

        return res.api(await vault.to_api())
    }

    async create_vault(req, res, next) {
        const Policy = this.models.get('iam:Policy')
        const Vault = this.models.get('vault:Vault')

        if ( !req.body.name ) {
            return res.status(400)
                .message(`${req.T('api.missing_field')} name`)
                .api()
        }

        const vault = new Vault({
            name: req.body.name
        })

        await vault.save()
        await vault.grant_default(req.user)

        return res.api(await vault.to_api())
    }

    async update_vault(req, res, next) {
        const Policy = this.models.get('iam:Policy')
        const Vault = this.models.get('vault:Vault')

        if ( !req.body.name ) {
            return res.status(400)
                .message(`${req.T('api.missing_field')} name`)
                .api()
        }

        const vault = await Vault.findById(req.params.id)
        if ( !vault?.active ) {
            return res.status(404)
                .message(req.T('api.vault_not_found'))
                .api()
        }

        if ( !(await Policy.check_user_access(req.user, vault.id, 'update')) ) {
            return res.status(401)
                .message(req.T('api.insufficient_permissions'))
                .api()
        }

        vault.name = req.body.name
        await vault.save()
        return res.api(await vault.to_api())
    }

    async delete_vault(req, res, next) {
        const Policy = this.models.get('iam:Policy')
        const Vault = this.models.get('vault:Vault')

        const vault = await Vault.findById(req.params.id)
        if ( !vault?.active ) {
            return res.status(404)
                .message(req.T('api.vault_not_found'))
                .api()
        }

        if ( !(await Policy.check_user_access(req.user, vault.id, 'delete')) ) {
            return res.status(401)
                .message(req.T('api.insufficient_permissions'))
                .api()
        }

        vault.active = false
        await vault.save()

        const policies = await Policy.find({
            active: true,
            target_type: 'vault',
            target_id: vault.id,
        })

        for ( const policy of policies ) {
            policy.active = false
            await policy.save()
        }

        return res.api()
    }
}

module.exports = exports = VaultController
Add basic logic for managing vaults 2021-04-15 20:34:13 +00:00			`const { Controller } = require('libflitter')`

			`class VaultController extends Controller {`
			`static get services() {`
			`return [...super.services, 'models']`
			`}`

			`async get_vaults(req, res, next) {`
			`const Policy = this.models.get('iam:Policy')`
			`const Vault = this.models.get('vault:Vault')`

			`await Vault.for_user(req.user)`

			`const vaults = await Vault.find({ active: true })`
			`console.log('found vaults', vaults)`

			`const accessible = []`
			`for ( const vault of vaults ) {`
			`if ( await Policy.check_user_access(req.user, vault.id, 'view') ) {`
			`accessible.push(await vault.to_api())`
			`}`
			`}`

			`return res.api(accessible)`
			`}`

			`async get_vault(req, res, next) {`
			`const Policy = this.models.get('iam:Policy')`
			`const Vault = this.models.get('vault:Vault')`

			`const vault = await Vault.findById(req.params.id)`
			`if ( !vault?.active ) {`
			`return res.status(404)`
			`.message(req.T('api.vault_not_found'))`
			`.api()`
			`}`

			`if ( !(await Policy.check_user_access(req.user, vault.id, 'view')) ) {`
			`return res.status(401)`
			`.message(req.T('api.insufficient_permissions'))`
			`.api()`
			`}`

			`return res.api(await vault.to_api())`
			`}`

			`async create_vault(req, res, next) {`
			`const Policy = this.models.get('iam:Policy')`
			`const Vault = this.models.get('vault:Vault')`

			`if ( !req.body.name ) {`
			`return res.status(400)`
			.message(`${req.T('api.missing_field')} name`)
			`.api()`
			`}`

			`const vault = new Vault({`
			`name: req.body.name`
			`})`

			`await vault.save()`
			`await vault.grant_default(req.user)`

			`return res.api(await vault.to_api())`
			`}`

			`async update_vault(req, res, next) {`
			`const Policy = this.models.get('iam:Policy')`
			`const Vault = this.models.get('vault:Vault')`

			`if ( !req.body.name ) {`
			`return res.status(400)`
			.message(`${req.T('api.missing_field')} name`)
			`.api()`
			`}`

			`const vault = await Vault.findById(req.params.id)`
			`if ( !vault?.active ) {`
			`return res.status(404)`
			`.message(req.T('api.vault_not_found'))`
			`.api()`
			`}`

			`if ( !(await Policy.check_user_access(req.user, vault.id, 'update')) ) {`
			`return res.status(401)`
			`.message(req.T('api.insufficient_permissions'))`
			`.api()`
			`}`

			`vault.name = req.body.name`
			`await vault.save()`
			`return res.api(await vault.to_api())`
			`}`

			`async delete_vault(req, res, next) {`
			`const Policy = this.models.get('iam:Policy')`
			`const Vault = this.models.get('vault:Vault')`

			`const vault = await Vault.findById(req.params.id)`
			`if ( !vault?.active ) {`
			`return res.status(404)`
			`.message(req.T('api.vault_not_found'))`
			`.api()`
			`}`

			`if ( !(await Policy.check_user_access(req.user, vault.id, 'delete')) ) {`
			`return res.status(401)`
			`.message(req.T('api.insufficient_permissions'))`
			`.api()`
			`}`

			`vault.active = false`
			`await vault.save()`

			`const policies = await Policy.find({`
			`active: true,`
			`target_type: 'vault',`
			`target_id: vault.id,`
			`})`

			`for ( const policy of policies ) {`
			`policy.active = false`
			`await policy.save()`
			`}`

			`return res.api()`
			`}`
			`}`

			`module.exports = exports = VaultController`