Files
poshmanager/server/controllers/graphController.js
2026-06-25 12:05:53 -05:00

66 lines
2.9 KiB
JavaScript

import { graphConnectionSchema } from '../forms/schemas.js';
import { createGraphConnection, deleteGraphConnection, getGraphConnection, listGraphConnections, recordGraphConnectionTest, updateGraphConnection } from '../models/graphModel.js';
import { listGraphMobileApps, testGraphConnection } from '../services/graphService.js';
export function index(req, res) {
res.json(listGraphConnections(req.user.id));
}
// Governance flags (tenant write-back, approval requirement) are administrative.
// On create, non-admins always get read-only. On update, non-admins keep the
// existing flag values so they can never grant or silently downgrade them.
export function create(req, res) {
const parsed = graphConnectionSchema.safeParse(req.body);
if (!parsed.success || !parsed.data.clientSecret) return res.status(400).json({ error: 'Valid Graph connection payload with client secret is required' });
if (req.user.role !== 'admin') {
parsed.data.allowWrite = false;
parsed.data.requireApproval = false;
parsed.data.publisherIds = [];
parsed.data.approverIds = [];
}
res.status(201).json(createGraphConnection(parsed.data, req.user.id));
}
export function update(req, res) {
const parsed = graphConnectionSchema.safeParse(req.body);
if (!parsed.success) return res.status(400).json({ error: 'Invalid Graph connection payload' });
if (req.user.role !== 'admin') {
const existing = getGraphConnection(req.params.id, req.user.id);
parsed.data.allowWrite = Boolean(existing?.allowWrite);
parsed.data.requireApproval = Boolean(existing?.requireApproval);
parsed.data.publisherIds = existing?.publisherIds || [];
parsed.data.approverIds = existing?.approverIds || [];
}
const connection = updateGraphConnection(req.params.id, parsed.data, req.user.id);
if (!connection) return res.status(404).json({ error: 'Graph connection not found' });
res.json(connection);
}
export function destroy(req, res) {
deleteGraphConnection(req.params.id, req.user.id);
res.status(204).end();
}
export async function test(req, res) {
const connection = getGraphConnection(req.params.id, req.user.id, true);
if (!connection) return res.status(404).json({ error: 'Graph connection not found' });
try {
const result = await testGraphConnection(connection);
recordGraphConnectionTest(req.params.id, 'success', result.message);
res.json(result);
} catch (error) {
recordGraphConnectionTest(req.params.id, 'failed', error.message);
res.status(400).json({ ok: false, error: error.message });
}
}
export async function mobileApps(req, res) {
const connection = getGraphConnection(req.params.id, req.user.id, true);
if (!connection) return res.status(404).json({ error: 'Graph connection not found' });
try {
res.json(await listGraphMobileApps(connection, String(req.query.q || '')));
} catch (error) {
res.status(400).json({ error: error.message });
}
}