server/api/v1/user/index.js

   1 'use strict';
   2
   3 var restSerializer = require('../../../serializers/rest-serializer');
   4 var githubGitterUserSearch = require('../../../services/github-gitter-user-search');
   5 var gitterUserSearch = require('../../../services/user-search-service');
   6 var StatusError = require('statuserror');
   7 var mongoUtils = require('gitter-web-persistence-utils/lib/mongo-utils');
   8 var userRemovalService = require('gitter-web-rooms/lib/user-removal-service');
   9
  10 module.exports = {
  11   id: 'resourceUser',
  12   index: function(req) {
  13     if (!req.user) {
  14       throw new StatusError(403);
  15     }
  16
  17     if (req.query.q) {
  18       var searchQuery = req.query.q;
  19       var user = req.user;
  20       var searchType = req.query.type;
  21
  22       var options = {
  23         limit: parseInt(req.query.limit, 10) || 10,
  24         skip: parseInt(req.query.skip, 10),
  25         excludeTroupeId: req.query.excludeTroupeId
  26       };
  27
  28       return (searchType === 'gitter'
  29         ? gitterUserSearch.globalUserSearch(searchQuery, options)
  30         : githubGitterUserSearch(searchQuery, user, options)
  31       ).then(function(searchResults) {
  32         var strategy = new restSerializer.SearchResultsStrategy({
  33           resultItemStrategy: new restSerializer.UserStrategy()
  34         });
  35
  36         return restSerializer.serializeObject(searchResults.results, strategy);
  37       });
  38     }
  39
  40     var strategy = new restSerializer.UserStrategy({ includeProviders: true });
  41     return restSerializer.serialize([req.user], strategy);
  42   },
  43
  44   show: function(req) {
  45     var strategy = new restSerializer.UserStrategy({ includeProviders: true });
  46     return restSerializer.serializeObject(req.resourceUser, strategy);
  47   },
  48
  49   destroy: async function(req) {
  50     if (!req.user) throw new StatusError(401);
  51
  52     let ghost = false;
  53     if (typeof req.body.ghost === 'boolean') {
  54       ghost = req.body.ghost;
  55     }
  56
  57     await userRemovalService.removeByUsername(req.user.username, {
  58       ghost: ghost
  59     });
  60
  61     return { success: true };
  62   },
  63
  64   load: function(req, id) {
  65     if (!req.user) throw new StatusError(401);
  66
  67     if (id === 'me') return req.user;
  68
  69     // TODO: can the currently logged in user view information about this other user?
  70     // For the moment, you'll only be able to see your own information
  71     if (!mongoUtils.objectIDsEqual(req.user.id, id)) throw new StatusError(403);
  72
  73     return req.user;
  74   },
  75
  76   subresources: {
  77     rooms: require('./troupes'),
  78     orgs: require('./orgs'),
  79     repos: require('./repos'),
  80     groups: require('./groups'),
  81     settings: require('./user-settings'),
  82     suggestedRooms: require('./suggested-rooms'),
  83     unreadItems: require('./aggregated-unread-items')
  84   }
  85 };