feature: Implement user deletion.

2024-04-21 18:14:16 -04:00 · 2024-04-21 18:14:16 -04:00 · 0db9e69b1b
commit 0db9e69b1b
parent 37886c769d
7 changed files with 95 additions and 23 deletions
--- a/routes/NextNet
+++ b/routes/NextNet
@ -12,7 +12,7 @@ post {

 body:json {
  {
-    "token": "134597ea81976ac0799824ea3f345cfd2e31b9febaeef10ba93817fa562862d69e88d8e3acd58ebdd1345a1fd11f38b7153c5d8516edce67aaebce55fc9cde",
+    "token": "5e2cb92a338a832d385790861312eb85d69f46f82317bfa984ac5e3517368ab5a827897b0f9775a9181b02fa3b9cffed7e59e5b3111d5bdc37f729156caf5f",
    "name": "PortCopier Route",
    "description": "This is a test route for portcopier.",
    "backend": "PortCopier",
--- a/routes/NextNet
+++ b/routes/NextNet
@ -5,7 +5,7 @@ meta {
 }

 post {
-  url: http://127.0.0.1:3000/api/v1/backends/create
+  url: http://127.0.0.1:3000/api/v1/forward/create
  body: json
  auth: none
 }
@ -13,11 +13,14 @@ post {
 body:json {
  {
    "token": "5e2cb92a338a832d385790861312eb85d69f46f82317bfa984ac5e3517368ab5a827897b0f9775a9181b02fa3b9cffed7e59e5b3111d5bdc37f729156caf5f",
-    "name": "PortCopier Route",
+    "name": "Test Route",
    "description": "This is a test route for portcopier.",
-    "backend": "PortCopier",
-    "connectionDetails": {
-      "funny": true
-    }
+    
+    "sourceIP": "127.0.0.1",
+    "sourcePort": "8000",
+    
+    "destinationPort": "9000",
+    
+    "providerID": "1"
  }
 }
--- a/routes/NextNet
+++ b/routes/NextNet
@ -7,13 +7,13 @@ meta {
 post {
  url: http://127.0.0.1:3000/api/v1/users/create
  body: json
-  auth: none
+  auth: inherit
 }

 body:json {
  {
-    "name": "Greyson Hofer",
-    "email": "me@greysoh.dev",
-    "password": "password"
+    "name": "Greysoh Hofuh",
+    "email": "greyson@hofers.cloud",
+    "password": "hunter123"
  }
 }
--- a/Permissions.bru
+++ b/Permissions.bru
@ -5,22 +5,13 @@ meta {
 }

 post {
-  url: http://127.0.0.1:3000/api/v1/forward/create
+  url: http://127.0.0.1:3000/api/v1/getPermissions
  body: json
  auth: none
 }

 body:json {
  {
-    "token": "5e2cb92a338a832d385790861312eb85d69f46f82317bfa984ac5e3517368ab5a827897b0f9775a9181b02fa3b9cffed7e59e5b3111d5bdc37f729156caf5f",
-    "name": "Test Route",
-    "description": "This is a test route for portcopier.",
-    
-    "sourceIP": "127.0.0.1",
-    "sourcePort": "8000",
-    
-    "destinationPort": "9000",
-    
-    "providerID": "1"
+    "token": "5e2cb92a338a832d385790861312eb85d69f46f82317bfa984ac5e3517368ab5a827897b0f9775a9181b02fa3b9cffed7e59e5b3111d5bdc37f729156caf5f"
  }
 }
--- a/routes/NextNet
+++ b/routes/NextNet
@ -0,0 +1,18 @@
+meta {
+  name: Remove User
+  type: http
+  seq: 6
+}
+
+post {
+  url: http://127.0.0.1:3000/api/v1/users/remove
+  body: json
+  auth: inherit
+}
+
+body:json {
+  {
+    "token": "5e2cb92a338a832d385790861312eb85d69f46f82317bfa984ac5e3517368ab5a827897b0f9775a9181b02fa3b9cffed7e59e5b3111d5bdc37f729156caf5f",
+    "uid": "2"
+  }
+}
--- a/src/index.ts
+++ b/src/index.ts
@ -11,6 +11,7 @@ import { route as backendCreate } from "./routes/backends/create.js";

 import { route as forwardCreate } from "./routes/forward/create.js";

+import { route as userRemove } from "./routes/user/remove.js";
 import { route as userCreate } from "./routes/user/create.js";
 import { route as userLogin } from "./routes/user/login.js";

@ -39,11 +40,12 @@ const fastify = Fastify({
 });

 getPermissions(fastify, prisma, sessionTokens, serverOptions);
-
+ 
 backendCreate(fastify, prisma, sessionTokens, serverOptions);

 forwardCreate(fastify, prisma, sessionTokens, serverOptions);

+userRemove(fastify, prisma, sessionTokens, serverOptions);
 userCreate(fastify, prisma, sessionTokens, serverOptions);
 userLogin(fastify, prisma, sessionTokens, serverOptions);

--- a/src/routes/user/remove.ts
+++ b/src/routes/user/remove.ts
@ -0,0 +1,58 @@
+import type { PrismaClient } from "@prisma/client";
+import type { FastifyInstance } from "fastify";
+
+import { ServerOptions, SessionToken } from "../../libs/types.js";
+import { hasPermissionByToken } from "../../libs/permissions.js";
+
+export function route(fastify: FastifyInstance, prisma: PrismaClient, tokens: Record<number, SessionToken[]>, options: ServerOptions) {
+  function hasPermission(token: string, permissionList: string[]): Promise<boolean> {
+    return hasPermissionByToken(permissionList, token, tokens, prisma);
+  };
+  
+  /**
+   * Creates a new backend to use
+   */
+  fastify.post("/api/v1/users/remove", {
+    schema: {
+      body: {
+        type: "object",
+        required: ["token", "uid"],
+
+        properties: {
+          token:             { type: "string" },
+          uid:               { type: "number" }
+        }
+      }
+    }
+  }, async(req, res) => {
+    // @ts-ignore
+    const body: {
+      token: string,
+      uid: number
+    } = req.body;
+
+    if (!await hasPermission(body.token, [
+      "users.remove"
+    ])) {
+      return res.status(403).send({
+        error: "Unauthorized"
+      });
+    };
+
+    await prisma.permission.deleteMany({
+      where: {
+        userID: body.uid
+      }
+    });
+
+    await prisma.user.delete({
+      where: {
+        id: body.uid
+      }
+    });
+
+    return {
+      success: true
+    }
+  });
+};