|
@@ -1,35 +1,73 @@
|
|
|
-import { Request, Response, NextFunction } from 'express';
|
|
|
-import { z } from 'zod';
|
|
|
-import { db } from '@server/db';
|
|
|
-import { targets, resources } from '@server/db/schema';
|
|
|
+import { ActionsEnum, checkUserActionPermission } from "@server/auth/actions";
|
|
|
+import { db } from "@server/db";
|
|
|
+import { targets, resources } from "@server/db/schema";
|
|
|
+import HttpCode from "@server/types/HttpCode";
|
|
|
import response from "@server/utils/response";
|
|
|
-import HttpCode from '@server/types/HttpCode';
|
|
|
-import createHttpError from 'http-errors';
|
|
|
-import { sql, eq } from 'drizzle-orm';
|
|
|
-import { ActionsEnum, checkUserActionPermission } from '@server/auth/actions';
|
|
|
-import logger from '@server/logger';
|
|
|
+import { eq, sql } from "drizzle-orm";
|
|
|
+import { NextFunction, Request, Response } from "express";
|
|
|
+import createHttpError from "http-errors";
|
|
|
+import { z } from "zod";
|
|
|
+import { fromError } from "zod-validation-error";
|
|
|
+import logger from "@server/logger";
|
|
|
|
|
|
const listTargetsParamsSchema = z.object({
|
|
|
- resourceId: z.string().optional()
|
|
|
+ resourceId: z.string()
|
|
|
});
|
|
|
|
|
|
const listTargetsSchema = z.object({
|
|
|
- limit: z.string().optional().transform(Number).pipe(z.number().int().positive().default(10)),
|
|
|
- offset: z.string().optional().transform(Number).pipe(z.number().int().nonnegative().default(0)),
|
|
|
+ limit: z
|
|
|
+ .string()
|
|
|
+ .optional()
|
|
|
+ .default("1000")
|
|
|
+ .transform(Number)
|
|
|
+ .pipe(z.number().int().positive()),
|
|
|
+ offset: z
|
|
|
+ .string()
|
|
|
+ .optional()
|
|
|
+ .default("0")
|
|
|
+ .transform(Number)
|
|
|
+ .pipe(z.number().int().nonnegative()),
|
|
|
});
|
|
|
|
|
|
-export async function listTargets(req: Request, res: Response, next: NextFunction): Promise<any> {
|
|
|
+function queryTargets(resourceId: string) {
|
|
|
+ let baseQuery = db
|
|
|
+ .select({
|
|
|
+ targetId: targets.targetId,
|
|
|
+ ip: targets.ip,
|
|
|
+ method: targets.method,
|
|
|
+ port: targets.port,
|
|
|
+ protocol: targets.protocol,
|
|
|
+ enabled: targets.enabled,
|
|
|
+ resourceId: targets.resourceId,
|
|
|
+ // resourceName: resources.name,
|
|
|
+ })
|
|
|
+ .from(targets)
|
|
|
+ // .leftJoin(resources, eq(targets.resourceId, resources.resourceId))
|
|
|
+ .where(eq(targets.resourceId, resourceId));
|
|
|
+
|
|
|
+ return baseQuery;
|
|
|
+}
|
|
|
+
|
|
|
+export type ListTargetsResponse = {
|
|
|
+ targets: Awaited<ReturnType<typeof queryTargets>>;
|
|
|
+ pagination: { total: number; limit: number; offset: number };
|
|
|
+};
|
|
|
+
|
|
|
+export async function listTargets(
|
|
|
+ req: Request,
|
|
|
+ res: Response,
|
|
|
+ next: NextFunction
|
|
|
+): Promise<any> {
|
|
|
try {
|
|
|
const parsedQuery = listTargetsSchema.safeParse(req.query);
|
|
|
if (!parsedQuery.success) {
|
|
|
return next(
|
|
|
createHttpError(
|
|
|
HttpCode.BAD_REQUEST,
|
|
|
- parsedQuery.error.errors.map(e => e.message).join(', ')
|
|
|
+ fromError(parsedQuery.error)
|
|
|
)
|
|
|
);
|
|
|
}
|
|
|
-
|
|
|
const { limit, offset } = parsedQuery.data;
|
|
|
|
|
|
const parsedParams = listTargetsParamsSchema.safeParse(req.params);
|
|
@@ -37,44 +75,38 @@ export async function listTargets(req: Request, res: Response, next: NextFunctio
|
|
|
return next(
|
|
|
createHttpError(
|
|
|
HttpCode.BAD_REQUEST,
|
|
|
- parsedParams.error.errors.map(e => e.message).join(', ')
|
|
|
+ fromError(parsedParams.error)
|
|
|
)
|
|
|
);
|
|
|
}
|
|
|
-
|
|
|
const { resourceId } = parsedParams.data;
|
|
|
|
|
|
- // Check if the user has permission to list sites
|
|
|
- const hasPermission = await checkUserActionPermission(ActionsEnum.listTargets, req);
|
|
|
+ // Check if the user has permission to list targets
|
|
|
+ const hasPermission = await checkUserActionPermission(
|
|
|
+ ActionsEnum.listTargets,
|
|
|
+ req
|
|
|
+ );
|
|
|
if (!hasPermission) {
|
|
|
- return next(createHttpError(HttpCode.FORBIDDEN, 'User does not have permission to perform this action'));
|
|
|
+ return next(
|
|
|
+ createHttpError(
|
|
|
+ HttpCode.FORBIDDEN,
|
|
|
+ "User does not have permission to perform this action"
|
|
|
+ )
|
|
|
+ );
|
|
|
}
|
|
|
|
|
|
- let baseQuery: any = db
|
|
|
- .select({
|
|
|
- targetId: targets.targetId,
|
|
|
- ip: targets.ip,
|
|
|
- method: targets.method,
|
|
|
- port: targets.port,
|
|
|
- protocol: targets.protocol,
|
|
|
- enabled: targets.enabled,
|
|
|
- resourceName: resources.name,
|
|
|
- })
|
|
|
- .from(targets)
|
|
|
- .leftJoin(resources, eq(targets.resourceId, resources.resourceId));
|
|
|
-
|
|
|
- let countQuery: any = db.select({ count: sql<number>`cast(count(*) as integer)` }).from(targets);
|
|
|
+ const baseQuery = queryTargets(resourceId);
|
|
|
|
|
|
- if (resourceId) {
|
|
|
- baseQuery = baseQuery.where(eq(targets.resourceId, resourceId));
|
|
|
- countQuery = countQuery.where(eq(targets.resourceId, resourceId));
|
|
|
- }
|
|
|
+ let countQuery = db
|
|
|
+ .select({ count: sql<number>`cast(count(*) as integer)` })
|
|
|
+ .from(targets)
|
|
|
+ .where(eq(targets.resourceId, resourceId));
|
|
|
|
|
|
const targetsList = await baseQuery.limit(limit).offset(offset);
|
|
|
const totalCountResult = await countQuery;
|
|
|
const totalCount = totalCountResult[0].count;
|
|
|
|
|
|
- return response(res, {
|
|
|
+ return response<ListTargetsResponse>(res, {
|
|
|
data: {
|
|
|
targets: targetsList,
|
|
|
pagination: {
|
|
@@ -90,6 +122,11 @@ export async function listTargets(req: Request, res: Response, next: NextFunctio
|
|
|
});
|
|
|
} catch (error) {
|
|
|
logger.error(error);
|
|
|
- return next(createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred..."));
|
|
|
+ return next(
|
|
|
+ createHttpError(
|
|
|
+ HttpCode.INTERNAL_SERVER_ERROR,
|
|
|
+ "An error occurred..."
|
|
|
+ )
|
|
|
+ );
|
|
|
}
|
|
|
}
|