Add admin user api interfaces

2025-08-30 14:39:29 +02:00 · 2025-03-21 17:05:04 -04:00 · 2025-03-21 17:05:04 -04:00 · deb30ed4ae
commit deb30ed4ae
parent 3b09ef3345
7 changed files with 204 additions and 3 deletions
--- a/server/middlewares/index.ts
+++ b/server/middlewares/index.ts
@ -14,3 +14,4 @@ export * from "./verifyAdmin";
 export * from "./verifySetResourceUsers";
 export * from "./verifyUserInRole";
 export * from "./verifyAccessTokenAccess";
 export * from "./verifyUserIsServerAdmin";
--- a/server/middlewares/verifyUserIsServerAdmin.ts
+++ b/server/middlewares/verifyUserIsServerAdmin.ts
@ -0,0 +1,37 @@
 import { Request, Response, NextFunction } from "express";
 import createHttpError from "http-errors";
 import HttpCode from "@server/types/HttpCode";
 export async function verifyUserIsServerAdmin(
    req: Request,
    res: Response,
    next: NextFunction
 ) {
    const userId = req.user!.userId;
    if (!userId) {
        return next(
            createHttpError(HttpCode.UNAUTHORIZED, "User not authenticated")
        );
    }
    try {
        if (!req.user?.serverAdmin) {
            return next(
                createHttpError(
                    HttpCode.FORBIDDEN,
                    "User is not a server admin"
                )
            );
        }
        return next();
    } catch (e) {
        return next(
            createHttpError(
                HttpCode.INTERNAL_SERVER_ERROR,
                "Error verifying organization access"
            )
        );
    }
 }
--- a/server/routers/external.ts
+++ b/server/routers/external.ts
@ -23,7 +23,8 @@ import {
    verifyRoleAccess,
    verifySetResourceUsers,
    verifyUserAccess,
-    getUserOrgs
+    getUserOrgs,
    verifyUserIsServerAdmin
 } from "@server/middlewares";
 import { verifyUserHasAction } from "../middlewares/verifyUserHasAction";
 import { ActionsEnum } from "@server/auth/actions";
@ -418,6 +419,13 @@ unauthenticated.get("/resource/:resourceId/auth", resource.getResourceAuthInfo);
 unauthenticated.get("/user", verifySessionMiddleware, user.getUser);
 authenticated.get("/users", verifyUserIsServerAdmin, user.adminListUsers);
 authenticated.delete(
    "/user/:userId",
    verifyUserIsServerAdmin,
    user.adminRemoveUser
 );
 authenticated.get("/org/:orgId/user/:userId", verifyOrgAccess, user.getOrgUser);
 authenticated.get(
    "/org/:orgId/users",
--- a/server/routers/user/adminListUsers.ts
+++ b/server/routers/user/adminListUsers.ts
@ -0,0 +1,92 @@
 import { Request, Response, NextFunction } from "express";
 import { z } from "zod";
 import { db } from "@server/db";
 import response from "@server/lib/response";
 import HttpCode from "@server/types/HttpCode";
 import createHttpError from "http-errors";
 import { sql, eq } from "drizzle-orm";
 import logger from "@server/logger";
 import { users } from "@server/db/schema";
 const listUsersSchema = z
    .object({
        limit: z
            .string()
            .optional()
            .default("1000")
            .transform(Number)
            .pipe(z.number().int().nonnegative()),
        offset: z
            .string()
            .optional()
            .default("0")
            .transform(Number)
            .pipe(z.number().int().nonnegative())
    })
    .strict();
 async function queryUsers(limit: number, offset: number) {
    return await db
        .select({
            id: users.userId,
            email: users.email,
            dateCreated: users.dateCreated,
        })
        .from(users)
        .where(eq(users.serverAdmin, false))
        .limit(limit)
        .offset(offset);
 }
 export type AdminListUsersResponse = {
    users: NonNullable<Awaited<ReturnType<typeof queryUsers>>>;
    pagination: { total: number; limit: number; offset: number };
 };
 export async function adminListUsers(
    req: Request,
    res: Response,
    next: NextFunction
 ): Promise<any> {
    try {
        const parsedQuery = listUsersSchema.safeParse(req.query);
        if (!parsedQuery.success) {
            return next(
                createHttpError(
                    HttpCode.BAD_REQUEST,
                    parsedQuery.error.errors.map((e) => e.message).join(", ")
                )
            );
        }
        const { limit, offset } = parsedQuery.data;
        const allUsers = await queryUsers(
            limit,
            offset
        );
        const [{ count }] = await db
            .select({ count: sql<number>`count(*)` })
            .from(users);
        return response<AdminListUsersResponse>(res, {
            data: {
                users: allUsers,
                pagination: {
                    total: count,
                    limit,
                    offset
                }
            },
            success: true,
            error: false,
            message: "Users retrieved successfully",
            status: HttpCode.OK
        });
    } catch (error) {
        logger.error(error);
        return next(
            createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred")
        );
    }
 }
--- a/server/routers/user/adminRemoveUser.ts
+++ b/server/routers/user/adminRemoveUser.ts
@ -0,0 +1,61 @@
 import { Request, Response, NextFunction } from "express";
 import { z } from "zod";
 import { db } from "@server/db";
 import { userOrgs, users } from "@server/db/schema";
 import { and, eq } from "drizzle-orm";
 import response from "@server/lib/response";
 import HttpCode from "@server/types/HttpCode";
 import createHttpError from "http-errors";
 import logger from "@server/logger";
 import { fromError } from "zod-validation-error";
 const removeUserSchema = z
    .object({
        userId: z.string()
    })
    .strict();
 export async function adminRemoveUser(
    req: Request,
    res: Response,
    next: NextFunction
 ): Promise<any> {
    try {
        const parsedParams = removeUserSchema.safeParse(req.params);
        if (!parsedParams.success) {
            return next(
                createHttpError(
                    HttpCode.BAD_REQUEST,
                    fromError(parsedParams.error).toString()
                )
            );
        }
        const { userId } = parsedParams.data;
        // get the user first
        const user = await db
            .select()
            .from(userOrgs)
            .where(eq(userOrgs.userId, userId));
        if (!user || user.length === 0) {
            return next(createHttpError(HttpCode.NOT_FOUND, "User not found"));
        }
        await db.delete(users).where(eq(users.userId, userId));
        return response(res, {
            data: null,
            success: true,
            error: false,
            message: "User removed successfully",
            status: HttpCode.OK
        });
    } catch (error) {
        logger.error(error);
        return next(
            createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred")
        );
    }
 }
--- a/server/routers/user/index.ts
+++ b/server/routers/user/index.ts
@ -4,4 +4,6 @@ export * from "./listUsers";
 export * from "./addUserRole";
 export * from "./inviteUser";
 export * from "./acceptInvite";
-export * from "./getOrgUser";
+export * from "./getOrgUser";
 export * from "./adminListUsers";
 export * from "./adminRemoveUser";
--- a/server/routers/user/removeUserOrg.ts
+++ b/server/routers/user/removeUserOrg.ts
@ -71,7 +71,7 @@ export async function removeUserOrg(
            data: null,
            success: true,
            error: false,
-            message: "User remove from org successfully",
+            message: "User removed from org successfully",
            status: HttpCode.OK
        });
    } catch (error) {