Fix jwt-token
This commit is contained in:
@@ -564,6 +564,115 @@ router.put('/users/:userId/status', authenticateToken, requirePermissions(['user
|
||||
}
|
||||
});
|
||||
|
||||
/**
|
||||
* PUT /tenant/users/:userId
|
||||
* Update user details (user admin or higher, local auth only)
|
||||
*/
|
||||
router.put('/users/:userId', authenticateToken, requirePermissions(['users.edit']), async (req, res) => {
|
||||
try {
|
||||
// Determine tenant from request
|
||||
const tenantId = await multiAuth.determineTenant(req);
|
||||
if (!tenantId) {
|
||||
return res.status(400).json({
|
||||
success: false,
|
||||
message: 'Unable to determine tenant'
|
||||
});
|
||||
}
|
||||
|
||||
const tenant = await Tenant.findOne({ where: { slug: tenantId } });
|
||||
if (!tenant) {
|
||||
return res.status(404).json({
|
||||
success: false,
|
||||
message: 'Tenant not found'
|
||||
});
|
||||
}
|
||||
|
||||
// Check if tenant uses local authentication
|
||||
if (tenant.auth_provider !== 'local') {
|
||||
return res.status(400).json({
|
||||
success: false,
|
||||
message: `User management is only available for local authentication. This tenant uses ${tenant.auth_provider}.`
|
||||
});
|
||||
}
|
||||
|
||||
const { userId } = req.params;
|
||||
const { email, first_name, last_name, phone, role, password } = req.body;
|
||||
|
||||
// Find user in this tenant
|
||||
const user = await User.findOne({
|
||||
where: {
|
||||
id: userId,
|
||||
tenant_id: tenant.id
|
||||
}
|
||||
});
|
||||
|
||||
if (!user) {
|
||||
return res.status(404).json({
|
||||
success: false,
|
||||
message: 'User not found in this tenant'
|
||||
});
|
||||
}
|
||||
|
||||
// Prepare update data
|
||||
const updateData = {};
|
||||
|
||||
if (email !== undefined) updateData.email = email;
|
||||
if (first_name !== undefined) updateData.first_name = first_name;
|
||||
if (last_name !== undefined) updateData.last_name = last_name;
|
||||
if (phone !== undefined) updateData.phone = phone;
|
||||
|
||||
// Role update with permission check
|
||||
if (role !== undefined) {
|
||||
// Check if current user has permission to assign this role
|
||||
if (!hasPermission(req.user.role, 'users.edit')) {
|
||||
return res.status(403).json({
|
||||
success: false,
|
||||
message: 'Insufficient permissions to change user roles'
|
||||
});
|
||||
}
|
||||
updateData.role = role;
|
||||
}
|
||||
|
||||
// Password update
|
||||
if (password && password.trim()) {
|
||||
const bcrypt = require('bcryptjs');
|
||||
updateData.password_hash = await bcrypt.hash(password.trim(), 10);
|
||||
}
|
||||
|
||||
// Update user
|
||||
await user.update(updateData);
|
||||
|
||||
console.log(`✅ User "${user.username}" updated in tenant "${tenantId}" by admin "${req.user.username}"`);
|
||||
|
||||
// Return updated user data (without password)
|
||||
const userData = {
|
||||
id: user.id,
|
||||
username: user.username,
|
||||
email: user.email,
|
||||
first_name: user.first_name,
|
||||
last_name: user.last_name,
|
||||
phone: user.phone,
|
||||
role: user.role,
|
||||
is_active: user.is_active,
|
||||
created_at: user.created_at,
|
||||
updated_at: user.updated_at
|
||||
};
|
||||
|
||||
res.json({
|
||||
success: true,
|
||||
message: 'User updated successfully',
|
||||
data: userData
|
||||
});
|
||||
|
||||
} catch (error) {
|
||||
console.error('Error updating user:', error);
|
||||
res.status(500).json({
|
||||
success: false,
|
||||
message: 'Failed to update user'
|
||||
});
|
||||
}
|
||||
});
|
||||
|
||||
/**
|
||||
* GET /tenant/auth
|
||||
* Get authentication configuration (auth admins or higher)
|
||||
|
||||
Reference in New Issue
Block a user