Merge pull request 'feature/#22-API-Tokens' (#49) from feature/#22-API-Tokens into develop

Reviewed-on: #49
2025-01-22 10:59:46 +00:00 · 2025-01-22 10:59:46 +00:00 · bbfdc69049
commit bbfdc69049
parent d3870b4c8d a165231c47
28 changed files with 886 additions and 9 deletions
--- a/src/routes/admin/index.ts
+++ b/src/routes/admin/index.ts
@ -21,6 +21,8 @@ import newsletter from "./club/newsletter";
 import role from "./user/role";
 import user from "./user/user";
 import invite from "./user/invite";
+import api from "./user/webapi";
+import preventWebapiAccess from "../../middleware/preventWebApiAccess";

 var router = express.Router({ mergeParams: true });

@ -60,5 +62,6 @@ router.use("/newsletter", PermissionHelper.passCheckMiddleware("read", "club", "
 router.use("/role", PermissionHelper.passCheckMiddleware("read", "user", "role"), role);
 router.use("/user", PermissionHelper.passCheckMiddleware("read", "user", "user"), user);
 router.use("/invite", PermissionHelper.passCheckMiddleware("read", "user", "user"), invite);
+router.use("/webapi", preventWebapiAccess, PermissionHelper.passCheckMiddleware("read", "user", "webapi"), api);

 export default router;
--- a/src/routes/admin/user/webapi.ts
+++ b/src/routes/admin/user/webapi.ts
@ -0,0 +1,64 @@
+import express, { Request, Response } from "express";
+import PermissionHelper from "../../../helpers/permissionHelper";
+import {
+  createWebapi,
+  deleteWebapi,
+  getAllWebapis,
+  getWebapiById,
+  getWebapiPermissions,
+  getWebapiTokenById,
+  updateWebapi,
+  updateWebapiPermissions,
+} from "../../../controller/admin/user/webapiController";
+
+var router = express.Router({ mergeParams: true });
+
+router.get("/", async (req: Request, res: Response) => {
+  await getAllWebapis(req, res);
+});
+
+router.get("/:id", async (req: Request, res: Response) => {
+  await getWebapiById(req, res);
+});
+
+router.get("/:id/token", async (req: Request, res: Response) => {
+  await getWebapiTokenById(req, res);
+});
+
+router.get("/:id/permissions", async (req: Request, res: Response) => {
+  await getWebapiPermissions(req, res);
+});
+
+router.post(
+  "/",
+  PermissionHelper.passCheckMiddleware("create", "user", "webapi"),
+  async (req: Request, res: Response) => {
+    await createWebapi(req, res);
+  }
+);
+
+router.patch(
+  "/:id",
+  PermissionHelper.passCheckMiddleware("update", "user", "webapi"),
+  async (req: Request, res: Response) => {
+    await updateWebapi(req, res);
+  }
+);
+
+router.patch(
+  "/:id/permissions",
+  PermissionHelper.passCheckMiddleware("admin", "user", "webapi"),
+  async (req: Request, res: Response) => {
+    await updateWebapiPermissions(req, res);
+  }
+);
+
+router.delete(
+  "/:id",
+  PermissionHelper.passCheckMiddleware("delete", "user", "webapi"),
+  async (req: Request, res: Response) => {
+    await deleteWebapi(req, res);
+  }
+);
+
+export default router;
--- a/src/routes/index.ts
+++ b/src/routes/index.ts
@ -14,6 +14,8 @@ import auth from "./auth";
 import admin from "./admin/index";
 import user from "./user";
 import detectPWA from "../middleware/detectPWA";
+import api from "./webapi";
+import authenticateAPI from "../middleware/authenticateAPI";

 export default (app: Express) => {
  app.set("query parser", "extended");
@ -32,6 +34,7 @@ export default (app: Express) => {
  app.use("/api/reset", reset);
  app.use("/api/invite", invite);
  app.use("/api/auth", auth);
+  app.use("/api/webapi", authenticateAPI, api);
  app.use(authenticate);
  app.use("/api/admin", admin);
  app.use("/api/user", user);
--- a/src/routes/webapi.ts
+++ b/src/routes/webapi.ts
@ -0,0 +1,10 @@
+import express, { Request, Response } from "express";
+import { getWebApiAccess } from "../controller/webapiController";
+
+var router = express.Router({ mergeParams: true });
+
+router.get("/retrieve", async (req: Request, res: Response) => {
+  await getWebApiAccess(req, res);
+});
+
+export default router;