-
-
Notifications
You must be signed in to change notification settings - Fork 2.1k
/
authenticationProviders.ts
120 lines (103 loc) · 3.26 KB
/
authenticationProviders.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
import Router from "koa-router";
import { sequelize } from "@server/database/sequelize";
import auth from "@server/middlewares/authentication";
import validate from "@server/middlewares/validate";
import { AuthenticationProvider, Event } from "@server/models";
import { authorize } from "@server/policies";
import {
presentAuthenticationProvider,
presentPolicies,
} from "@server/presenters";
import { APIContext } from "@server/types";
import allAuthenticationProviders from "../../auth/providers";
import * as T from "./schema";
const router = new Router();
router.post(
"authenticationProviders.info",
auth({ admin: true }),
validate(T.AuthenticationProvidersInfoSchema),
async (ctx: APIContext<T.AuthenticationProvidersInfoReq>) => {
const { id } = ctx.input.body;
const { user } = ctx.state.auth;
const authenticationProvider = await AuthenticationProvider.findByPk(id);
authorize(user, "read", authenticationProvider);
ctx.body = {
data: presentAuthenticationProvider(authenticationProvider),
policies: presentPolicies(user, [authenticationProvider]),
};
}
);
router.post(
"authenticationProviders.update",
auth({ admin: true }),
validate(T.AuthenticationProvidersUpdateSchema),
async (ctx: APIContext<T.AuthenticationProvidersUpdateReq>) => {
const { id, isEnabled } = ctx.input.body;
const { user } = ctx.state.auth;
const authenticationProvider = await sequelize.transaction(
async (transaction) => {
const authenticationProvider = await AuthenticationProvider.findByPk(
id,
{
transaction,
lock: transaction.LOCK.UPDATE,
}
);
authorize(user, "update", authenticationProvider);
const enabled = !!isEnabled;
if (enabled) {
await authenticationProvider.enable({ transaction });
} else {
await authenticationProvider.disable({ transaction });
}
await Event.create(
{
name: "authenticationProviders.update",
data: {
enabled,
},
modelId: id,
teamId: user.teamId,
actorId: user.id,
ip: ctx.request.ip,
},
{ transaction }
);
return authenticationProvider;
}
);
ctx.body = {
data: presentAuthenticationProvider(authenticationProvider),
policies: presentPolicies(user, [authenticationProvider]),
};
}
);
router.post(
"authenticationProviders.list",
auth({ admin: true }),
async (ctx: APIContext) => {
const { user } = ctx.state.auth;
authorize(user, "read", user.team);
const teamAuthenticationProviders = (await user.team.$get(
"authenticationProviders"
)) as AuthenticationProvider[];
const data = allAuthenticationProviders
.filter((p) => p.id !== "email")
.map((p) => {
const row = teamAuthenticationProviders.find((t) => t.name === p.id);
return {
id: p.id,
name: p.id,
displayName: p.name,
isEnabled: false,
isConnected: false,
...(row ? presentAuthenticationProvider(row) : {}),
};
})
.sort((a) => (a.isEnabled ? -1 : 1));
ctx.body = {
data,
};
}
);
export default router;