Flowise/packages/server/src/enterprise/controllers/role.controller.ts at cbad1a96ed6e2b4ac39d577c4acfd3d8716ba00a · FlowiseAI/Flowise · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
import { NextFunction, Request, Response } from 'express'
import { StatusCodes } from 'http-status-codes'
import { getRunningExpressApp } from '../../utils/getRunningExpressApp'
import { Role } from '../database/entities/role.entity'
import { RoleErrorMessage, RoleService } from '../services/role.service'
import { InternalFlowiseError } from '../../errors/internalFlowiseError'
import { GeneralErrorMessage } from '../../utils/constants'
import { getLoggedInUser } from '../utils/tenantRequestGuards'

export class RoleController {
    public async create(req: Request, res: Response, next: NextFunction) {
        try {
            const roleService = new RoleService()
            const newRole = await roleService.createRole(req.body)
            return res.status(StatusCodes.CREATED).json(newRole)
        } catch (error) {
            next(error)
        }
    }

    public async read(req: Request, res: Response, next: NextFunction) {
        let queryRunner
        try {
            const user = getLoggedInUser(req)
            queryRunner = getRunningExpressApp().AppDataSource.createQueryRunner()
            await queryRunner.connect()
            const query = req.query as Partial<Role>
            const roleService = new RoleService()

            let role: Role | Role[] | null | (Role & { userCount: number })[]
            if (query.id) {
                const oneRole = await roleService.readRoleById(query.id, queryRunner)
                if (!oneRole) {
                    throw new InternalFlowiseError(StatusCodes.NOT_FOUND, RoleErrorMessage.ROLE_NOT_FOUND)
                }
                if (oneRole.organizationId != null) {
                    if (!user.activeOrganizationId || oneRole.organizationId !== user.activeOrganizationId) {
                        throw new InternalFlowiseError(StatusCodes.FORBIDDEN, GeneralErrorMessage.FORBIDDEN)
                    }
                }
                role = oneRole
            } else if (query.organizationId) {
                if (!user.activeOrganizationId || query.organizationId !== user.activeOrganizationId) {
                    throw new InternalFlowiseError(StatusCodes.FORBIDDEN, GeneralErrorMessage.FORBIDDEN)
                }
                role = await roleService.readRoleByOrganizationId(query.organizationId, queryRunner)
            } else {
                role = await roleService.readRoleByGeneral(queryRunner)
            }

            return res.status(StatusCodes.OK).json(role)
        } catch (error) {
            next(error)
        } finally {
            if (queryRunner) await queryRunner.release()
        }
    }

    public async update(req: Request, res: Response, next: NextFunction) {
        try {
            const roleService = new RoleService()
            const role = await roleService.updateRole(req.body)
            return res.status(StatusCodes.OK).json(role)
        } catch (error) {
            next(error)
        }
    }

    public async delete(req: Request, res: Response, next: NextFunction) {
        try {
            const query = req.query as Partial<Role>
            if (!query.id) {
                throw new InternalFlowiseError(StatusCodes.BAD_REQUEST, 'Role ID is required')
            }
            if (!query.organizationId) {
                throw new InternalFlowiseError(StatusCodes.BAD_REQUEST, 'Organization ID is required')
            }
            const roleService = new RoleService()
            const role = await roleService.deleteRole(query.organizationId, query.id)
            return res.status(StatusCodes.OK).json(role)
        } catch (error) {
            next(error)
        }
    }
}