@inweb/client 25.4.11 → 25.6.0

package/src/Api/User.ts

@@ -22,6 +22,7 @@
 ///////////////////////////////////////////////////////////////////////////////
 
 import { IHttpClient } from "./IHttpClient";
+import { FetchError } from "./FetchError";
 import { userFullName, userInitials } from "./Utils";
 
 /**
@@ -59,8 +60,8 @@ export class User {
   }
 
   /**
-   * User account registration time (UTC) in the format specified in <a
-   * href="https://www.wikipedia.org/wiki/ISO_8601" target="_blank">ISO 8601</a>.
+   * Account registration time (UTC) in the format specified in
+   * {@link https://www.wikipedia.org/wiki/ISO_8601 | ISO 8601}.
    *
    * @readonly
    */
@@ -167,8 +168,8 @@ export class User {
   }
 
   /**
-   * User last update time (UTC) in the format specified in <a
-   * href="https://www.wikipedia.org/wiki/ISO_8601" target="_blank">ISO 8601</a>.
+   * User last update time (UTC) in the format specified in
+   * {@link https://www.wikipedia.org/wiki/ISO_8601 | ISO 8601}.
    */
   get lastModified(): string {
     return this.data.lastModified;
@@ -186,8 +187,8 @@ export class User {
   }
 
   /**
-   * User last sign in time (UTC) in the format specified in <a
-   * href="https://www.wikipedia.org/wiki/ISO_8601" target="_blank">ISO 8601</a>.
+   * User last sign in time (UTC) in the format specified in
+   * {@link https://www.wikipedia.org/wiki/ISO_8601 | ISO 8601}.
    */
   get lastSignIn(): string {
     return this.data.lastSignIn;
@@ -202,6 +203,13 @@ export class User {
     return this.data.projectsLimit;
   }
 
+  /**
+   * The identity provider used to create the account. Can be `ldap`, `oauth`, `saml` or empty.
+   */
+  get providerType(): string {
+    return this.data.providerType;
+  }
+
   /**
    * The user's access token (API key). Use {@link Client.signInWithToken()} to log in using token.
    *
@@ -223,47 +231,55 @@ export class User {
   }
 
   /**
-   * Refresh user data. Only admins can checkout other users, if the current logged in user
-   * does not have administrator rights, hi can only checkout himself, otherwise an exception
-   * will be thrown.
+   * Refresh user data.
+   *
+   * Only admins can checkout other users, if the current logged in user does not have
+   * administrator rights, hi can only checkout himself, otherwise an exception will be thrown.
    */
   async checkout(): Promise<this> {
-    if (this.id === this.httpClient.signInUserId) {
+    if (this.httpClient.signInUserIsAdmin) {
+      const response = await this.httpClient.get(`/users/${this.id}`);
+      const data = await response.json();
+      this.data = { id: data.id, ...data.userBrief };
+    } else if (this.id === this.httpClient.signInUserId) {
       const response = await this.httpClient.get("/user");
       const data = await response.json();
       this.data = { id: this.id, ...data };
     } else {
-      const response = await this.httpClient.get(`/users/${this.id}`);
-      const data = await response.json();
-      this.data = { id: data.id, ...data.userBrief };
+      return Promise.reject(new FetchError(403));
     }
     return this;
   }
 
   /**
-   * Update user data on the server. Only admins can update other users, if the current logged
-   * in user does not have administrator rights, hi can only update himself, otherwise an
-   * exception will be thrown.
+   * Update user data on the server.
+   *
+   * Only admins can update other users, if the current logged in user does not have
+   * administrator rights, hi can only update himself, otherwise an exception will be thrown.
    *
    * @async
    * @param data - Raw user data.
    */
   async update(data: any): Promise<this> {
-    if (this.id === this.httpClient.signInUserId) {
+    if (this.httpClient.signInUserIsAdmin) {
+      const response = await this.httpClient.put(`/users/${this.id}`, { userBrief: data });
+      const newData = await response.json();
+      this.data = { id: newData.id, ...newData.userBrief };
+    } else if (this.id === this.httpClient.signInUserId) {
       const response = await this.httpClient.put("/user", data);
       const newData = await response.json();
       this.data = { id: this.id, ...newData };
     } else {
-      const response = await this.httpClient.put(`/users/${this.id}`, { userBrief: data });
-      const newData = await response.json();
-      this.data = { id: newData.id, ...newData.userBrief };
+      return Promise.reject(new FetchError(403));
     }
     return this;
   }
 
   /**
-   * Delete a user from the server. Only admins can delete users, if the current logged in user
-   * does not have administrator rights, an exception will be thrown.
+   * Delete a user from the server.
+   *
+   * Only admins can delete users, if the current logged in user does not have administrator
+   * rights, an exception will be thrown.
    *
    * Admins can delete themselves or other admins. An admin can only delete himself if he is
    * not the last administrator.
@@ -274,16 +290,21 @@ export class User {
    * @returns Returns the raw data of a deleted user.
    */
   delete(): Promise<any> {
-    return this.httpClient
-      .delete(`/users/${this.id}`)
-      .then((response) => response.json())
-      .then((data) => {
-        if (this.id === this.httpClient.signInUserId) {
-          this.httpClient.headers = {};
-          this.httpClient.signInUserId = "";
-        }
-        return data;
-      });
+    if (this.httpClient.signInUserIsAdmin) {
+      return this.httpClient
+        .delete(`/users/${this.id}`)
+        .then((response) => response.json())
+        .then((data) => {
+          if (this.id === this.httpClient.signInUserId) {
+            this.httpClient.headers = {};
+            this.httpClient.signInUserId = "";
+            this.httpClient.signInUserIsAdmin = false;
+          }
+          return data;
+        });
+    } else {
+      return Promise.reject(new FetchError(403));
+    }
   }
 
   /**
@@ -297,41 +318,57 @@ export class User {
   }
 
   /**
-   * Set or remove the user avatar. Only admins can set the avatar of other users, if the
-   * current logged in user does not have administrator rights, he can only set his own avatar,
-   * otherwise an exception will be thrown.
+   * Set or remove the user avatar.
+   *
+   * Only admins can set the avatar of other users, if the current logged in user does not have
+   * administrator rights, he can only set his own avatar, otherwise an exception will be thrown.
    *
    * @async
-   * @param image - Avatar image. Can be a <a
-   *   href="https://developer.mozilla.org/docs/Web/HTTP/Basics_of_HTTP/Data_URIs"
-   *   target="_blank">Data URL</a> string, <a
-   *   href="https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer"
-   *   target="_blank">ArrayBuffer</a>, <a
-   *   href="https://developer.mozilla.org/docs/Web/API/Blob/Blob" target="_blank">Blob</a> or
-   *   Web API <a href="https://developer.mozilla.org/docs/Web/API/File"
-   *   target="_blank">File</a> object. Setting the `image` to `null` will remove the avatar.
+   * @param image - Avatar image. Can be a
+   *   {@link https://developer.mozilla.org/docs/Web/HTTP/Basics_of_HTTP/Data_URIs | Data URL}
+   *   string,
+   *   {@link https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer | ArrayBuffer},
+   *   {@link https://developer.mozilla.org/docs/Web/API/Blob/Blob | Blob} or Web API
+   *   {@link https://developer.mozilla.org/docs/Web/API/File | File} object. Setting the
+   *   `image` to `null` will remove the avatar.
    */
-  async setAvatar(image: BodyInit | null): Promise<this> {
-    if (image) {
-      if (this.id === this.httpClient.signInUserId) {
-        const response = await this.httpClient.post("/user/avatar", image);
-        const data = await response.json();
-        this.data = { id: this.id, ...data };
-      } else {
-        const response = await this.httpClient.post(`/users/${this.id}/avatar`, image);
-        const data = await response.json();
-        this.data = { id: data.id, ...data.userBrief };
-      }
+  async setAvatar(image?: BodyInit | null): Promise<this> {
+    if (!image) {
+      await this.deleteAvatar();
+    } else if (this.httpClient.signInUserIsAdmin) {
+      const response = await this.httpClient.post(`/users/${this.id}/avatar`, image);
+      const data = await response.json();
+      this.data = { id: data.id, ...data.userBrief };
+    } else if (this.id === this.httpClient.signInUserId) {
+      const response = await this.httpClient.post("/user/avatar", image);
+      const data = await response.json();
+      this.data = { id: this.id, ...data };
+    } else {
+      return Promise.reject(new FetchError(403));
+    }
+    return this;
+  }
+
+  /**
+   * Remove the user avatar.
+   *
+   * Only admins can remove the avatar of other users, if the current logged in user does not
+   * have administrator rights, they can only remove their own avatar, otherwise an exception
+   * will be thrown.
+   *
+   * @async
+   */
+  async deleteAvatar(): Promise<this> {
+    if (this.httpClient.signInUserIsAdmin) {
+      const response = await this.httpClient.delete(`/users/${this.id}/avatar`);
+      const data = await response.json();
+      this.data = { id: data.id, ...data.userBrief };
+    } else if (this.id === this.httpClient.signInUserId) {
+      const response = await this.httpClient.delete("/user/avatar");
+      const data = await response.json();
+      this.data = { id: this.id, ...data };
     } else {
-      if (this.id === this.httpClient.signInUserId) {
-        const response = await this.httpClient.delete("/user/avatar");
-        const data = await response.json();
-        this.data = { id: this.id, ...data };
-      } else {
-        const response = await this.httpClient.delete(`/users/${this.id}/avatar`);
-        const data = await response.json();
-        this.data = { id: data.id, ...data.userBrief };
-      }
+      return Promise.reject(new FetchError(403));
     }
     return this;
   }