11import { BaseContext } from 'koa' ;
2- import { getManager , Repository } from 'typeorm' ;
2+ import { getManager , Repository , Not , Equal } from 'typeorm' ;
33import { validate , ValidationError } from 'class-validator' ;
44import { User } from '../entity/user' ;
55
@@ -13,7 +13,8 @@ export default class UserController {
1313 // load all users
1414 const users : User [ ] = await userRepository . find ( ) ;
1515
16- // return loaded users
16+ // return OK status code and loaded users array
17+ ctx . status = 200 ;
1718 ctx . body = users ;
1819 }
1920
@@ -23,10 +24,11 @@ export default class UserController {
2324 const userRepository : Repository < User > = getManager ( ) . getRepository ( User ) ;
2425
2526 // load user by id
26- const user : User = await userRepository . findOne ( ctx . params . id ) ;
27+ const user : User = await userRepository . findOne ( + ctx . params . id || 0 ) ;
2728
2829 if ( user ) {
29- // return loaded user
30+ // return OK status code and loaded user object
31+ ctx . status = 200 ;
3032 ctx . body = user ;
3133 } else {
3234 // return a BAD REQUEST status code and error message
@@ -50,13 +52,17 @@ export default class UserController {
5052 const errors : ValidationError [ ] = await validate ( userToBeSaved ) ; // errors is an array of validation errors
5153
5254 if ( errors . length > 0 ) {
53- // return bad request status code and errors array
55+ // return BAD REQUEST status code and errors array
5456 ctx . status = 400 ;
5557 ctx . body = errors ;
58+ } else if ( await userRepository . findOne ( { email : userToBeSaved . email } ) ) {
59+ // return BAD REQUEST status code and email already exists error
60+ ctx . status = 400 ;
61+ ctx . body = 'The specified e-mail address already exists' ;
5662 } else {
5763 // save the user contained in the POST body
5864 const user = await userRepository . save ( userToBeSaved ) ;
59- // return created status code and updated user
65+ // return CREATED status code and updated user
6066 ctx . status = 201 ;
6167 ctx . body = user ;
6268 }
@@ -67,34 +73,35 @@ export default class UserController {
6773 // get a user repository to perform operations with user
6874 const userRepository : Repository < User > = getManager ( ) . getRepository ( User ) ;
6975
70- // check if a user with the specified id exists
71- if ( await userRepository . findOne ( ctx . params . id ) ) {
72- // update the user by specified id
73- // build up entity user to be updated
74- const userToBeUpdated : User = new User ( ) ;
75- userToBeUpdated . id = + ctx . params . id ;
76- userToBeUpdated . name = ctx . request . body . name ;
77- userToBeUpdated . email = ctx . request . body . email ;
78-
79- // validate user entity
80- const errors : ValidationError [ ] = await validate ( userToBeUpdated ) ; // errors is an array of validation errors
81-
82- if ( errors . length > 0 ) {
83- // return bad request status code and errors array
84- ctx . status = 400 ;
85- ctx . body = errors ;
86- } else {
87- // save the user contained in the PUT body
88- const user = await userRepository . save ( userToBeUpdated ) ;
89- // return created status code and updated user
90- ctx . status = 201 ;
91- ctx . body = user ;
92- }
76+ // update the user by specified id
77+ // build up entity user to be updated
78+ const userToBeUpdated : User = new User ( ) ;
79+ userToBeUpdated . id = + ctx . params . id || 0 ; // will always have a number, this will avoid errors
80+ userToBeUpdated . name = ctx . request . body . name ;
81+ userToBeUpdated . email = ctx . request . body . email ;
9382
94- } else {
83+ // validate user entity
84+ const errors : ValidationError [ ] = await validate ( userToBeUpdated ) ; // errors is an array of validation errors
85+
86+ if ( errors . length > 0 ) {
87+ // return BAD REQUEST status code and errors array
88+ ctx . status = 400 ;
89+ ctx . body = errors ;
90+ } else if ( ! await userRepository . findOne ( userToBeUpdated . id ) ) {
91+ // check if a user with the specified id exists
9592 // return a BAD REQUEST status code and error message
9693 ctx . status = 400 ;
9794 ctx . body = 'The user you are trying to update doesn\'t exist in the db' ;
95+ } else if ( await userRepository . findOne ( { id : Not ( Equal ( userToBeUpdated . id ) ) , email : userToBeUpdated . email } ) ) {
96+ // return BAD REQUEST status code and email already exists error
97+ ctx . status = 400 ;
98+ ctx . body = 'The specified e-mail address already exists' ;
99+ } else {
100+ // save the user contained in the PUT body
101+ const user = await userRepository . save ( userToBeUpdated ) ;
102+ // return CREATED status code and updated user
103+ ctx . status = 201 ;
104+ ctx . body = user ;
98105 }
99106
100107 }
@@ -105,16 +112,21 @@ export default class UserController {
105112 const userRepository = getManager ( ) . getRepository ( User ) ;
106113
107114 // find the user by specified id
108- const userToRemove : User = await userRepository . findOne ( ctx . params . id ) ;
109- if ( userToRemove ) {
115+ const userToRemove : User = await userRepository . findOne ( + ctx . params . id || 0 ) ;
116+ if ( ! userToRemove ) {
117+ // return a BAD REQUEST status code and error message
118+ ctx . status = 400 ;
119+ ctx . body = 'The user you are trying to delete doesn\'t exist in the db' ;
120+ } else if ( + ctx . state . user . id !== userToRemove . id ) {
121+ // check user's token id and user id are the same
122+ // if not, return a FORBIDDEN status code and error message
123+ ctx . status = 403 ;
124+ ctx . body = 'A user can only be deleted by himself' ;
125+ } else {
110126 // the user is there so can be removed
111127 await userRepository . remove ( userToRemove ) ;
112128 // return a NO CONTENT status code
113129 ctx . status = 204 ;
114- } else {
115- // return a BAD REQUEST status code and error message
116- ctx . status = 400 ;
117- ctx . body = 'The user you are trying to delete doesn\'t exist in the db' ;
118130 }
119131
120132 }
0 commit comments