Initial
This commit is contained in:
65
server/controllers/graphController.js
Normal file
65
server/controllers/graphController.js
Normal file
@@ -0,0 +1,65 @@
|
||||
import { graphConnectionSchema } from '../forms/schemas.js';
|
||||
import { createGraphConnection, deleteGraphConnection, getGraphConnection, listGraphConnections, recordGraphConnectionTest, updateGraphConnection } from '../models/graphModel.js';
|
||||
import { listGraphMobileApps, testGraphConnection } from '../services/graphService.js';
|
||||
|
||||
export function index(req, res) {
|
||||
res.json(listGraphConnections(req.user.id));
|
||||
}
|
||||
|
||||
// Governance flags (tenant write-back, approval requirement) are administrative.
|
||||
// On create, non-admins always get read-only. On update, non-admins keep the
|
||||
// existing flag values so they can never grant or silently downgrade them.
|
||||
export function create(req, res) {
|
||||
const parsed = graphConnectionSchema.safeParse(req.body);
|
||||
if (!parsed.success || !parsed.data.clientSecret) return res.status(400).json({ error: 'Valid Graph connection payload with client secret is required' });
|
||||
if (req.user.role !== 'admin') {
|
||||
parsed.data.allowWrite = false;
|
||||
parsed.data.requireApproval = false;
|
||||
parsed.data.publisherIds = [];
|
||||
parsed.data.approverIds = [];
|
||||
}
|
||||
res.status(201).json(createGraphConnection(parsed.data, req.user.id));
|
||||
}
|
||||
|
||||
export function update(req, res) {
|
||||
const parsed = graphConnectionSchema.safeParse(req.body);
|
||||
if (!parsed.success) return res.status(400).json({ error: 'Invalid Graph connection payload' });
|
||||
if (req.user.role !== 'admin') {
|
||||
const existing = getGraphConnection(req.params.id, req.user.id);
|
||||
parsed.data.allowWrite = Boolean(existing?.allowWrite);
|
||||
parsed.data.requireApproval = Boolean(existing?.requireApproval);
|
||||
parsed.data.publisherIds = existing?.publisherIds || [];
|
||||
parsed.data.approverIds = existing?.approverIds || [];
|
||||
}
|
||||
const connection = updateGraphConnection(req.params.id, parsed.data, req.user.id);
|
||||
if (!connection) return res.status(404).json({ error: 'Graph connection not found' });
|
||||
res.json(connection);
|
||||
}
|
||||
|
||||
export function destroy(req, res) {
|
||||
deleteGraphConnection(req.params.id, req.user.id);
|
||||
res.status(204).end();
|
||||
}
|
||||
|
||||
export async function test(req, res) {
|
||||
const connection = getGraphConnection(req.params.id, req.user.id, true);
|
||||
if (!connection) return res.status(404).json({ error: 'Graph connection not found' });
|
||||
try {
|
||||
const result = await testGraphConnection(connection);
|
||||
recordGraphConnectionTest(req.params.id, 'success', result.message);
|
||||
res.json(result);
|
||||
} catch (error) {
|
||||
recordGraphConnectionTest(req.params.id, 'failed', error.message);
|
||||
res.status(400).json({ ok: false, error: error.message });
|
||||
}
|
||||
}
|
||||
|
||||
export async function mobileApps(req, res) {
|
||||
const connection = getGraphConnection(req.params.id, req.user.id, true);
|
||||
if (!connection) return res.status(404).json({ error: 'Graph connection not found' });
|
||||
try {
|
||||
res.json(await listGraphMobileApps(connection, String(req.query.q || '')));
|
||||
} catch (error) {
|
||||
res.status(400).json({ error: error.message });
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user