import { ControllerContainerInterface, Username } from '@standardnotes/domain-core' import { SettingName } from '@standardnotes/settings' import { Request } from 'express' import { inject } from 'inversify' import { BaseHttpController, controller, httpDelete, httpGet, httpPost, // eslint-disable-next-line @typescript-eslint/no-unused-vars results, } from 'inversify-express-utils' import TYPES from '../Bootstrap/Types' import { CreateOfflineSubscriptionToken } from '../Domain/UseCase/CreateOfflineSubscriptionToken/CreateOfflineSubscriptionToken' import { CreateSubscriptionToken } from '../Domain/UseCase/CreateSubscriptionToken/CreateSubscriptionToken' import { DeleteSetting } from '../Domain/UseCase/DeleteSetting/DeleteSetting' import { UserRepositoryInterface } from '../Domain/User/UserRepositoryInterface' @controller('/admin') export class AdminController extends BaseHttpController { constructor( @inject(TYPES.Auth_DeleteSetting) private doDeleteSetting: DeleteSetting, @inject(TYPES.Auth_UserRepository) private userRepository: UserRepositoryInterface, @inject(TYPES.Auth_CreateSubscriptionToken) private createSubscriptionToken: CreateSubscriptionToken, @inject(TYPES.Auth_CreateOfflineSubscriptionToken) private createOfflineSubscriptionToken: CreateOfflineSubscriptionToken, @inject(TYPES.Auth_ControllerContainer) private controllerContainer: ControllerContainerInterface, ) { super() this.controllerContainer.register('admin.getUser', this.getUser.bind(this)) this.controllerContainer.register('admin.deleteMFASetting', this.deleteMFASetting.bind(this)) this.controllerContainer.register('admin.createToken', this.createToken.bind(this)) this.controllerContainer.register('admin.createOfflineToken', this.createOfflineToken.bind(this)) this.controllerContainer.register('admin.disableEmailBackups', this.disableEmailBackups.bind(this)) } @httpGet('/user/:email') async getUser(request: Request): Promise { const usernameOrError = Username.create(request.params.email ?? '') if (usernameOrError.isFailed()) { return this.json( { error: { message: 'Missing email parameter.', }, }, 400, ) } const username = usernameOrError.getValue() const user = await this.userRepository.findOneByUsernameOrEmail(username) if (!user) { return this.json( { error: { message: `No user with email '${username.value}'.`, }, }, 400, ) } return this.json({ uuid: user.uuid, }) } @httpDelete('/users/:userUuid/mfa') async deleteMFASetting(request: Request): Promise { const { userUuid } = request.params const { uuid, updatedAt } = request.body const result = await this.doDeleteSetting.execute({ uuid, userUuid, settingName: SettingName.NAMES.MfaSecret, timestamp: updatedAt, softDelete: true, }) if (result.success) { return this.json(result) } return this.json(result, 400) } @httpPost('/users/:userUuid/subscription-token') async createToken(request: Request): Promise { const { userUuid } = request.params const result = await this.createSubscriptionToken.execute({ userUuid, }) return this.json({ token: result.subscriptionToken.token, }) } @httpPost('/users/:email/offline-subscription-token') async createOfflineToken(request: Request): Promise { const { email } = request.params const result = await this.createOfflineSubscriptionToken.execute({ userEmail: email, }) if (!result.success) { return this.badRequest() } return this.json({ token: result.offlineSubscriptionToken.token, }) } @httpPost('/users/:userUuid/email-backups') async disableEmailBackups(request: Request): Promise { const { userUuid } = request.params const result = await this.doDeleteSetting.execute({ userUuid, settingName: SettingName.NAMES.EmailBackupFrequency, }) if (result.success) { return this.ok() } return this.badRequest('No email backups found') } }