/**
## /user/list
Exports the [user] list method for the /api/user/list route.
@requires module:/user/acl
@module /user/cookie
*/
const acl = require('./acl')
/**
@function list
@description
/api/user/list returns a list of all ACL records.
@param {Object} req HTTP request.
@param {Object} res HTTP response.
@param {Object} req.params.user
Requesting user.
@param {boolean} req.params.user.admin
Requesting user is admin.
*/
module.exports = async (req, res) => {
if (!req.params.user) {
return new Error('login_required')
}
if (!req.params.user?.admin) {
return new Error('admin_required')
}
let rows = await acl(`
SELECT
email,
verified,
approved,
admin,
length(api)::boolean AS api,
roles,
language,
access_log[array_upper(access_log, 1)],
failedattempts,
approved_by,
${process.env.APPROVAL_EXPIRY ? 'expires_on,' : ''}
blocked,
verificationtoken
FROM acl_schema.acl_table
ORDER BY email;`)
if (rows instanceof Error) {
return res.status(500).send('Failed to access ACL.')
}
// return 204 if no record was returned from database.
if (!rows?.length) {
return res.status(202).send('No rows returned from table.')
}
// rows must be returned as an array.
rows = rows.length === 1 && rows[0] || rows
// Send the infoj object with values back to the client.
res.send(rows)
}