2021-09-21 02:53:40 +00:00
|
|
|
package resolvers
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"context"
|
|
|
|
|
"fmt"
|
|
|
|
|
"log"
|
|
|
|
|
"strings"
|
|
|
|
|
"time"
|
|
|
|
|
|
2021-10-13 16:41:41 +00:00
|
|
|
"github.com/authorizerdev/authorizer/server/constants"
|
2021-09-21 02:53:40 +00:00
|
|
|
"github.com/authorizerdev/authorizer/server/db"
|
2022-01-21 08:04:04 +00:00
|
|
|
"github.com/authorizerdev/authorizer/server/db/models"
|
2022-01-17 06:02:13 +00:00
|
|
|
"github.com/authorizerdev/authorizer/server/email"
|
|
|
|
|
"github.com/authorizerdev/authorizer/server/envstore"
|
2021-09-21 02:53:40 +00:00
|
|
|
"github.com/authorizerdev/authorizer/server/graph/model"
|
2022-01-22 19:54:41 +00:00
|
|
|
"github.com/authorizerdev/authorizer/server/sessionstore"
|
|
|
|
|
"github.com/authorizerdev/authorizer/server/token"
|
2021-09-21 02:53:40 +00:00
|
|
|
"github.com/authorizerdev/authorizer/server/utils"
|
|
|
|
|
)
|
|
|
|
|
|
2022-01-17 06:02:13 +00:00
|
|
|
// UpdateUserResolver is a resolver for update user mutation
|
|
|
|
|
// This is admin only mutation
|
|
|
|
|
func UpdateUserResolver(ctx context.Context, params model.UpdateUserInput) (*model.User, error) {
|
2021-09-21 02:53:40 +00:00
|
|
|
gc, err := utils.GinContextFromContext(ctx)
|
|
|
|
|
var res *model.User
|
|
|
|
|
if err != nil {
|
|
|
|
|
return res, err
|
|
|
|
|
}
|
|
|
|
|
|
2022-01-22 19:54:41 +00:00
|
|
|
if !token.IsSuperAdmin(gc) {
|
2021-09-21 02:53:40 +00:00
|
|
|
return res, fmt.Errorf("unauthorized")
|
|
|
|
|
}
|
|
|
|
|
|
2021-12-22 05:21:12 +00:00
|
|
|
if params.GivenName == nil && params.FamilyName == nil && params.Picture == nil && params.MiddleName == nil && params.Nickname == nil && params.Email == nil && params.Birthdate == nil && params.Gender == nil && params.PhoneNumber == nil && params.Roles == nil {
|
2021-09-21 02:53:40 +00:00
|
|
|
return res, fmt.Errorf("please enter atleast one param to update")
|
|
|
|
|
}
|
|
|
|
|
|
2022-01-21 08:04:04 +00:00
|
|
|
user, err := db.Provider.GetUserByID(params.ID)
|
2021-09-21 02:53:40 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return res, fmt.Errorf(`User not found`)
|
|
|
|
|
}
|
|
|
|
|
|
2021-12-22 10:01:45 +00:00
|
|
|
if params.GivenName != nil && user.GivenName != params.GivenName {
|
|
|
|
|
user.GivenName = params.GivenName
|
2021-09-21 02:53:40 +00:00
|
|
|
}
|
|
|
|
|
|
2021-12-22 10:01:45 +00:00
|
|
|
if params.FamilyName != nil && user.FamilyName != params.FamilyName {
|
|
|
|
|
user.FamilyName = params.FamilyName
|
2021-09-21 02:53:40 +00:00
|
|
|
}
|
|
|
|
|
|
2021-12-22 10:01:45 +00:00
|
|
|
if params.MiddleName != nil && user.MiddleName != params.MiddleName {
|
|
|
|
|
user.MiddleName = params.MiddleName
|
2021-12-22 05:21:12 +00:00
|
|
|
}
|
|
|
|
|
|
2021-12-22 10:01:45 +00:00
|
|
|
if params.Nickname != nil && user.Nickname != params.Nickname {
|
|
|
|
|
user.Nickname = params.Nickname
|
2021-12-22 05:21:12 +00:00
|
|
|
}
|
|
|
|
|
|
2021-12-22 10:01:45 +00:00
|
|
|
if params.Birthdate != nil && user.Birthdate != params.Birthdate {
|
|
|
|
|
user.Birthdate = params.Birthdate
|
2021-12-22 05:21:12 +00:00
|
|
|
}
|
|
|
|
|
|
2021-12-22 10:01:45 +00:00
|
|
|
if params.Gender != nil && user.Gender != params.Gender {
|
|
|
|
|
user.Gender = params.Gender
|
2021-12-22 05:21:12 +00:00
|
|
|
}
|
|
|
|
|
|
2021-12-22 10:01:45 +00:00
|
|
|
if params.PhoneNumber != nil && user.PhoneNumber != params.PhoneNumber {
|
|
|
|
|
user.PhoneNumber = params.PhoneNumber
|
2021-12-22 05:21:12 +00:00
|
|
|
}
|
|
|
|
|
|
2021-12-22 10:01:45 +00:00
|
|
|
if params.Picture != nil && user.Picture != params.Picture {
|
|
|
|
|
user.Picture = params.Picture
|
2021-09-21 02:53:40 +00:00
|
|
|
}
|
|
|
|
|
|
2022-01-17 06:02:13 +00:00
|
|
|
if params.EmailVerified != nil {
|
|
|
|
|
if *params.EmailVerified {
|
|
|
|
|
now := time.Now().Unix()
|
|
|
|
|
user.EmailVerifiedAt = &now
|
|
|
|
|
} else {
|
|
|
|
|
user.EmailVerifiedAt = nil
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-09-21 02:53:40 +00:00
|
|
|
if params.Email != nil && user.Email != *params.Email {
|
|
|
|
|
// check if valid email
|
|
|
|
|
if !utils.IsValidEmail(*params.Email) {
|
|
|
|
|
return res, fmt.Errorf("invalid email address")
|
|
|
|
|
}
|
|
|
|
|
newEmail := strings.ToLower(*params.Email)
|
|
|
|
|
// check if user with new email exists
|
2022-01-21 08:04:04 +00:00
|
|
|
_, err = db.Provider.GetUserByEmail(newEmail)
|
2021-09-21 02:53:40 +00:00
|
|
|
// err = nil means user exists
|
|
|
|
|
if err == nil {
|
|
|
|
|
return res, fmt.Errorf("user with this email address already exists")
|
|
|
|
|
}
|
|
|
|
|
|
2022-03-02 12:12:31 +00:00
|
|
|
// TODO figure out how to do this
|
|
|
|
|
go sessionstore.DeleteAllUserSession(user.ID)
|
2021-09-21 02:53:40 +00:00
|
|
|
|
2022-01-31 06:05:24 +00:00
|
|
|
hostname := utils.GetHost(gc)
|
2021-09-21 02:53:40 +00:00
|
|
|
user.Email = newEmail
|
2021-12-22 10:08:51 +00:00
|
|
|
user.EmailVerifiedAt = nil
|
2021-09-21 02:53:40 +00:00
|
|
|
// insert verification request
|
2022-03-02 12:12:31 +00:00
|
|
|
nonce, nonceHash, err := utils.GenerateNonce()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return res, err
|
|
|
|
|
}
|
2022-01-17 06:02:13 +00:00
|
|
|
verificationType := constants.VerificationTypeUpdateEmail
|
2022-03-02 12:12:31 +00:00
|
|
|
verificationToken, err := token.CreateVerificationToken(newEmail, verificationType, hostname, nonceHash)
|
2021-09-21 02:53:40 +00:00
|
|
|
if err != nil {
|
2021-12-17 15:55:07 +00:00
|
|
|
log.Println(`error generating token`, err)
|
2021-09-21 02:53:40 +00:00
|
|
|
}
|
2022-01-21 08:04:04 +00:00
|
|
|
db.Provider.AddVerificationRequest(models.VerificationRequest{
|
2022-01-22 19:54:41 +00:00
|
|
|
Token: verificationToken,
|
2021-09-21 02:53:40 +00:00
|
|
|
Identifier: verificationType,
|
|
|
|
|
ExpiresAt: time.Now().Add(time.Minute * 30).Unix(),
|
|
|
|
|
Email: newEmail,
|
2022-03-02 12:12:31 +00:00
|
|
|
Nonce: nonce,
|
2021-09-21 02:53:40 +00:00
|
|
|
})
|
|
|
|
|
|
|
|
|
|
// exec it as go routin so that we can reduce the api latency
|
2022-03-02 12:12:31 +00:00
|
|
|
go email.SendVerificationMail(newEmail, verificationToken, hostname)
|
|
|
|
|
|
2021-09-21 02:53:40 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
rolesToSave := ""
|
|
|
|
|
if params.Roles != nil && len(params.Roles) > 0 {
|
|
|
|
|
currentRoles := strings.Split(user.Roles, ",")
|
|
|
|
|
inputRoles := []string{}
|
|
|
|
|
for _, item := range params.Roles {
|
|
|
|
|
inputRoles = append(inputRoles, *item)
|
|
|
|
|
}
|
|
|
|
|
|
2022-02-28 02:25:01 +00:00
|
|
|
if !utils.IsValidRoles(inputRoles, append([]string{}, append(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyRoles), envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyProtectedRoles)...)...)) {
|
2021-09-21 02:53:40 +00:00
|
|
|
return res, fmt.Errorf("invalid list of roles")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if !utils.IsStringArrayEqual(inputRoles, currentRoles) {
|
|
|
|
|
rolesToSave = strings.Join(inputRoles, ",")
|
|
|
|
|
}
|
|
|
|
|
|
2022-03-02 12:12:31 +00:00
|
|
|
go sessionstore.DeleteAllUserSession(user.ID)
|
2021-09-21 02:53:40 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if rolesToSave != "" {
|
|
|
|
|
user.Roles = rolesToSave
|
|
|
|
|
}
|
|
|
|
|
|
2022-01-21 08:04:04 +00:00
|
|
|
user, err = db.Provider.UpdateUser(user)
|
2021-09-21 02:53:40 +00:00
|
|
|
if err != nil {
|
2021-12-17 15:55:07 +00:00
|
|
|
log.Println("error updating user:", err)
|
2021-09-21 02:53:40 +00:00
|
|
|
return res, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
res = &model.User{
|
2021-12-22 05:21:12 +00:00
|
|
|
ID: params.ID,
|
|
|
|
|
Email: user.Email,
|
2021-12-22 10:01:45 +00:00
|
|
|
Picture: user.Picture,
|
|
|
|
|
GivenName: user.GivenName,
|
|
|
|
|
FamilyName: user.FamilyName,
|
2021-12-22 05:21:12 +00:00
|
|
|
Roles: strings.Split(user.Roles, ","),
|
|
|
|
|
CreatedAt: &user.CreatedAt,
|
|
|
|
|
UpdatedAt: &user.UpdatedAt,
|
2021-09-21 02:53:40 +00:00
|
|
|
}
|
|
|
|
|
return res, nil
|
|
|
|
|
}
|
