Merge pull request #95 from Turbasen/edit-users

Håvard Ranum · web-flow · commit f8594c8ac56e · 2017-03-09T13:53:03.000+01:00
feat(admin): add details page for user
diff --git a/apps/admin/controller.js b/apps/admin/controller.js
@@ -9,6 +9,7 @@ const ApiUser = require('../app/model').ApiUser;
 
 const filters = require('./filters');
 const sendgrid = require('../../lib/sendgrid');
+const keygen = require('../../lib/keygen');
 
 if (module.parent.exports.nunjucks) {
   Object.keys(filters).forEach(filter => {
@@ -33,6 +34,13 @@ route.get('/users', (req, res, next) => {
   });
 });
 
+route.get('/users/:id', (req, res, next) => {
+  ApiUser.findOne({ _id: req.params.id }).exec((err, user) => {
+    if (err) { return next(err); }
+    return res.render('admin/user.html', { req, user });
+  });
+});
+
 route.get('/limits', (req, res, next) => {
   const error = req.session.message;
   delete req.session.message;
@@ -54,6 +62,62 @@ route.get('/limits', (req, res, next) => {
   });
 });
 
+route.post('/users/:userId/apps/:appId', (req, res, next) => {
+  const promise = ApiUser.findOne({ 'apps._id': req.params.appId });
+
+  promise.then(user => {
+    req.app = user.apps.id(req.params.appId);
+
+    req.app.set('name', req.body.name);
+    req.app.set('url', req.body.url || undefined);
+    req.app.set('desc', req.body.desc);
+
+    if (req.body.generate_key_dev) {
+      req.app.set('key.dev', keygen());
+    }
+
+    if (req.body.generate_key_prod) {
+      req.app.set('key.prod', keygen());
+    }
+
+    req.app.limit.prod = parseInt(req.body.limit_prod, 10);
+    req.app.limit.prodRequest = undefined;
+
+    req.app.limit.dev = parseInt(req.body.limit_dev, 10);
+    req.app.limit.devRequest = undefined;
+
+    const error = user.validateSync();
+
+    if (error) {
+      req.session.message = error[0];
+
+      res.set('x-app-status', 'failure');
+      res.set('x-app-message', 'validation_error');
+      res.redirect(303, `/admin/users/${req.params.userId}`);
+
+      return;
+    }
+
+    user.save(saveErr => {
+      if (saveErr) { next(saveErr); return; }
+
+      req.session.message = {
+        class: 'positive',
+        title: 'App oppdatert',
+        message: `Applikasjonen «${req.body.name}» ble oppdatert.`,
+        app: req.app._id,
+      };
+
+      res.set('x-app-status', 'success');
+      res.redirect(303, `/admin/users/${req.params.userId}`);
+
+      return;
+    });
+
+    return;
+  });
+});
+
 route.post('/limits/:userId/:appId', (req, res, next) => {
   ApiUser.findOne({ _id: req.params.userId }, (err, user) => {
     if (err) { return next(err); }
diff --git a/views/admin/user.html b/views/admin/user.html
@@ -0,0 +1,123 @@
+{% extends "admin/layout.html" %}
+
+{% block title %}Users - {{ super() }}{% endblock %}
+
+<div class="twelve wide column">
+  {% include "components/message.html" %}
+
+  {% block content %}
+  {% for app in user.apps %}
+    <div class="ui" id="{{ app.slugg }}" style="margin-bottom: 10px;">
+      <div class="ui attached message">
+        <div class="header">{{ app.name }}</div>
+      </div>
+      {% if app.isActive or app.isPending %}
+      <form
+        class="ui form attached fluid segment"
+        method="post"
+        action="/admin/users/{{ user._id}}/apps/{{ app._id }}">
+        <div class="two fields">
+          <div class="field">
+            <label>App Navn</label>
+            <input type="text" name="name" value="{{ app.name }}">
+          </div>
+          <div class="field">
+            <label>URL</label>
+            <input type="text" name="url" value="{{ app.url }}">
+          </div>
+        </div>
+        <div class="field">
+          <label>Beskrivelse</label>
+          <textarea rows="2" name="desc">{{ app.desc }}</textarea>
+        </div>
+        <div class="fields">
+          <div class="twelve wide field">
+            <label>Prod-nøkkel</label>
+            <div class="ui input">
+              <input
+                type="text"
+                name="key_prod"
+                value="{{ app.key.prod }}">
+            </div>
+          </div>
+          <div class="four wide field">
+            <label>Rate Limit</label>
+            <input
+              type="text"
+              name="limit_prod"
+              placeholder="{{ app.limit.prod }}"
+              value="{{ app.limit.prodRequest | d(app.limit.prod) }}">
+          </div>
+        </div>
+        <div class="fields">
+          <div class="sixteen wide field">
+            <div class="ui checkbox">
+              <input type="checkbox" name="generate_key_prod">
+              <label>Generer ny API-nøkkel</label>
+            </div>
+            <div class="ui warning message generate_key_prod">
+              <i class="icon warning"></i>
+              Ny API-nøkkel vil genereres ved lagring, og vil erstatte den nåværende umiddelbart.
+            </div>
+          </div>
+        </div>
+        <div class="fields">
+          <div class="twelve wide field">
+            <label>Dev-nøkkel</label>
+            <div class="ui input">
+              <input
+                type="text"
+                name="key_dev"
+                value="{{ app.key.dev }}">
+            </div>
+          </div>
+          <div class="four wide field">
+            <label>Rate Limit</label>
+            <input
+              type="text"
+              name="limit_dev"
+              placeholder="{{ app.limit.dev }}"
+              value="{{ app.limit.devRequest | d(app.limit.dev) }}">
+          </div>
+        </div>
+        <div class="fields">
+          <div class="sixteen wide field">
+            <div class="ui checkbox">
+              <input type="checkbox" name="generate_key_dev">
+              <label>Generer ny API-nøkkel</label>
+            </div>
+            <div class="ui warning message generate_key_dev">
+              <i class="icon warning"></i>
+              Ny API-nøkkel vil genereres ved lagring, og vil erstatte den nåværende umiddelbart.
+            </div>
+          </div>
+        </div>
+        <button class="ui blue submit button" type="submit">
+          Lagre
+        </button>
+      </form>
+      {% endif %}
+      {% if app.isRejected %}
+        <div class="ui bottom attached error message">
+          <i class="icon warning"></i>
+          Denne applikasjonen er avvist. {{ app.rejection }}
+        </div>
+      {% elif app.isPending %}
+        <div class="ui bottom attached info message">
+          <i class="icon wait"></i>
+          Denne applikasjonen venter på godkjenning.
+        </div>
+      {% elif app.limit.devRequest or app.limit.prodRequest %}
+        <div class="ui bottom attached info message">
+          <i class="icon wait"></i>
+          Endring av API rate-limit venter på godkjenning.
+        </div>
+      {% elif not app.isActive %}
+        <div class="ui bottom attached warning message">
+          <i class="icon warning"></i>
+          Denne applikasjonen er deaktivert.
+        </div>
+      {% endif %}
+    </div>
+  {% endfor %}
+{% endblock %}
diff --git a/views/admin/users.html b/views/admin/users.html
@@ -15,7 +15,7 @@
         <img src="{{ app.owner[0].avatarUrl|d("/static/images/image.png") }}" alt="">
       </div>
       <div class="content">
-        <a class="header">{{ app.provider }}</a>
+        <a href="/admin/users/{{ app._id }}" class="header">{{ app.provider }}</a>
         <div class="meta">
           <span class="date">{{ app.updated|dateformat("YYYY-MM-DD HH:MM") }}</span>
         </div>
