Skip to content
This repository was archived by the owner on Feb 25, 2019. It is now read-only.

Commit 389c500

Browse files
bauglirbauglir
committed
feat(rest): add endpoints for manipulating client roles
1 parent 1bfc263 commit 389c500

File tree

3 files changed

+450
-0
lines changed

3 files changed

+450
-0
lines changed

routes/rest/v1/clientRoles.js

Lines changed: 90 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,90 @@
1+
/**
2+
* Module dependencies
3+
*/
4+
5+
var Client = require('../../../models/Client')
6+
var Role = require('../../../models/Role')
7+
var NotFoundError = require('../../../errors/NotFoundError')
8+
var settings = require('../../../boot/settings')
9+
var oidc = require('../../../oidc')
10+
11+
/**
12+
* Export
13+
*/
14+
15+
module.exports = function (server) {
16+
/**
17+
* Token-based Auth Middleware
18+
*/
19+
20+
var authorize = [
21+
oidc.parseAuthorizationHeader,
22+
oidc.getBearerToken,
23+
oidc.verifyAccessToken({
24+
iss: settings.issuer,
25+
key: settings.keys.sig.pub,
26+
scope: 'realm'
27+
})
28+
]
29+
30+
/**
31+
* GET /v1/clients/:clientId/roles
32+
*/
33+
34+
server.get('/v1/clients/:clientId/roles',
35+
authorize,
36+
function (req, res, next) {
37+
// first, ensure the client exists
38+
Client.get(req.params.clientId, function (err, instance) {
39+
if (err) { return next(err) }
40+
if (!instance) { return next(new NotFoundError()) }
41+
42+
// then list roles by account
43+
Role.listByClients(req.params.clientId, function (err, instances) {
44+
if (err) { return next(err) }
45+
res.json(instances)
46+
})
47+
})
48+
})
49+
50+
/**
51+
* PUT /v1/clients/:clientId/roles/:roleId
52+
*/
53+
54+
server.put('/v1/clients/:clientId/roles/:roleId',
55+
authorize,
56+
function (req, res, next) {
57+
Client.get(req.params.clientId, function (err, instance) {
58+
if (err) { return next(err) }
59+
if (!instance) { return next(new NotFoundError()) }
60+
61+
Role.get(req.params.roleId, function (err, role) {
62+
if (err) { return next(err) }
63+
if (!role) { return next(new NotFoundError()) }
64+
65+
instance.addRoles(req.params.roleId, function (err, result) {
66+
if (err) { return next(err) }
67+
res.json({ added: true })
68+
})
69+
})
70+
})
71+
})
72+
73+
/**
74+
* DELETE /v1/clients/:clientId/roles/:roleId
75+
*/
76+
77+
server.delete('/v1/clients/:clientId/roles/:roleId',
78+
authorize,
79+
function (req, res, next) {
80+
Client.get(req.params.clientId, function (err, instance) {
81+
if (err) { return next(err) }
82+
if (!instance) { return next(new NotFoundError()) }
83+
84+
instance.removeRoles(req.params.roleId, function (err, result) {
85+
if (err) { return next(err) }
86+
res.sendStatus(204)
87+
})
88+
})
89+
})
90+
}

server.js

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -43,6 +43,7 @@ require('./routes/applications')(server)
4343
*/
4444

4545
require('./routes/rest/v1/users')(server)
46+
require('./routes/rest/v1/clientRoles')(server)
4647
require('./routes/rest/v1/clients')(server)
4748
require('./routes/rest/v1/scopes')(server)
4849
require('./routes/rest/v1/roles')(server)

0 commit comments

Comments
 (0)