import AdminService from '../services/adminService.js'; import Joi from 'joi'; class AdminController { // --- Chat Room Admin --- constructor() { this.getOpenInterests = this.getOpenInterests.bind(this); this.changeInterest = this.changeInterest.bind(this); this.deleteInterest = this.deleteInterest.bind(this); this.changeTranslation = this.changeTranslation.bind(this); this.getOpenContacts = this.getOpenContacts.bind(this); this.answerContact = this.answerContact.bind(this); this.searchUser = this.searchUser.bind(this); this.getFalukantUserById = this.getFalukantUserById.bind(this); this.changeFalukantUser = this.changeFalukantUser.bind(this); this.getFalukantUserBranches = this.getFalukantUserBranches.bind(this); this.updateFalukantStock = this.updateFalukantStock.bind(this); this.addFalukantStock = this.addFalukantStock.bind(this); this.getFalukantStockTypes = this.getFalukantStockTypes.bind(this); this.getRoomTypes = this.getRoomTypes.bind(this); this.getGenderRestrictions = this.getGenderRestrictions.bind(this); this.getUserRights = this.getUserRights.bind(this); this.getRooms = this.getRooms.bind(this); this.createRoom = this.createRoom.bind(this); this.deleteRoom = this.deleteRoom.bind(this); // User administration this.searchUsers = this.searchUsers.bind(this); this.getUser = this.getUser.bind(this); this.getUsers = this.getUsers.bind(this); this.updateUser = this.updateUser.bind(this); // Rights this.listRightTypes = this.listRightTypes.bind(this); this.listUserRights = this.listUserRights.bind(this); this.addUserRight = this.addUserRight.bind(this); this.removeUserRight = this.removeUserRight.bind(this); // Statistics this.getUserStatistics = this.getUserStatistics.bind(this); } async getOpenInterests(req, res) { try { const { userid: userId } = req.headers; const openInterests = await AdminService.getOpenInterests(userId); res.status(200).json(openInterests); } catch (error) { res.status(403).json({ error: error.message }); } } // --- User Administration --- async searchUsers(req, res) { try { const { userid: requester } = req.headers; const { q } = req.query; const result = await AdminService.searchUsers(requester, q || ''); res.status(200).json(result); } catch (error) { const status = error.message === 'noaccess' ? 403 : 500; res.status(status).json({ error: error.message }); } } async getUser(req, res) { try { const { userid: requester } = req.headers; const { id } = req.params; const result = await AdminService.getUserByHashedId(requester, id); res.status(200).json(result); } catch (error) { const status = error.message === 'noaccess' ? 403 : (error.message === 'notfound' ? 404 : 500); res.status(status).json({ error: error.message }); } } async getUsers(req, res) { try { const { userid: requester } = req.headers; let { ids } = req.query; if (!ids) { return res.status(400).json({ error: 'ids query parameter is required' }); } // Unterstütze sowohl Array-Format (ids[]=...) als auch komma-separierten String (ids=...) let hashedIds; if (Array.isArray(ids)) { hashedIds = ids; } else if (typeof ids === 'string') { hashedIds = ids.split(',').map(id => id.trim()).filter(id => id.length > 0); } else { return res.status(400).json({ error: 'ids must be an array or comma-separated string' }); } const result = await AdminService.getUsersByHashedIds(requester, hashedIds); res.status(200).json(result); } catch (error) { const status = error.message === 'noaccess' ? 403 : 500; res.status(status).json({ error: error.message }); } } async updateUser(req, res) { try { const { userid: requester } = req.headers; const { id } = req.params; const result = await AdminService.updateUser(requester, id, req.body || {}); res.status(200).json(result); } catch (error) { const status = error.message === 'noaccess' ? 403 : (error.message === 'notfound' ? 404 : 500); res.status(status).json({ error: error.message }); } } // --- Rights --- async listRightTypes(req, res) { try { const { userid: requester } = req.headers; const types = await AdminService.listUserRightTypes(requester); res.status(200).json(types); } catch (error) { const status = error.message === 'noaccess' ? 403 : 500; res.status(status).json({ error: error.message }); } } async listUserRights(req, res) { try { const { userid: requester } = req.headers; const { id } = req.params; const rights = await AdminService.listUserRightsForUser(requester, id); res.status(200).json(rights); } catch (error) { const status = error.message === 'noaccess' ? 403 : (error.message === 'notfound' ? 404 : 500); res.status(status).json({ error: error.message }); } } async addUserRight(req, res) { try { const { userid: requester } = req.headers; const { id } = req.params; const { rightTypeId } = req.body || {}; const result = await AdminService.addUserRight(requester, id, rightTypeId); res.status(201).json({ status: 'ok' }); } catch (error) { const status = error.message === 'noaccess' ? 403 : (error.message === 'notfound' || error.message === 'wrongtype' ? 404 : 500); res.status(status).json({ error: error.message }); } } async removeUserRight(req, res) { try { const { userid: requester } = req.headers; const { id } = req.params; const { rightTypeId } = req.body || {}; await AdminService.removeUserRight(requester, id, rightTypeId); res.status(204).send(); } catch (error) { const status = error.message === 'noaccess' ? 403 : (error.message === 'notfound' ? 404 : 500); res.status(status).json({ error: error.message }); } } async changeInterest(req, res) { try { const { userid: userId } = req.headers; const { id: interestId, active, adult: adultOnly } = req.body; await AdminService.changeInterest(userId, interestId, active, adultOnly); const updatedInterests = await AdminService.getOpenInterests(userId); res.status(200).json(updatedInterests); } catch (error) { res.status(403).json({ error: error.message }); } } async deleteInterest(req, res) { try { const { userid: userId } = req.headers; const { id: interestId } = req.params; await AdminService.deleteInterest(userId, interestId); const updatedInterests = await AdminService.getOpenInterests(userId); res.status(200).json(updatedInterests); } catch (error) { res.status(403).json({ error: error.message }); } } async changeTranslation(req, res) { try { const { userid: userId } = req.headers; const { id: interestId, translations } = req.body; await AdminService.changeTranslation(userId, interestId, translations); const updatedInterests = await AdminService.getOpenInterests(userId); res.status(200).json(updatedInterests); } catch (error) { res.status(403).json({ error: error.message }); } } async getOpenContacts(req, res) { try { const { userid: userId } = req.headers; const openContacts = await AdminService.getOpenContacts(userId); res.status(200).json(openContacts); } catch (error) { res.status(403).json({ error: error.message }); } } async answerContact(req, res) { try { const schema = Joi.object({ id: Joi.number().integer().required(), answer: Joi.string().min(1).required(), }); const { error, value } = schema.validate(req.body); if (error) { return res.status(400).json({ error: error.details[0].message }); } const { id, answer } = value; await AdminService.answerContact(id, answer); res.status(200).json({ status: 'ok' }); } catch (error) { console.error('Error in answerContact:', error); res.status(error.status || 500).json({ error: error.message || 'Internal Server Error' }); } } async searchUser(req, res) { try { const { userid: userId } = req.headers; const { userName, characterName } = req.body; const response = await AdminService.getFalukantUser(userId, userName, characterName); res.status(200).json(response); } catch (error) { console.log(error); res.status(403).json({ error: error.message }); } } async getFalukantUserById(req, res) { try { const { userid: userId } = req.headers; const { id: hashedId } = req.params; const response = await AdminService.getFalukantUserById(userId, hashedId); res.status(200).json(response); } catch (error) { console.log(error); res.status(403).json({ error: error.message }); } } async changeFalukantUser(req, res) { try { const { userid: userId } = req.headers; const data = req.body; const { id: falukantUserId, } = req.body; const response = await AdminService.changeFalukantUser(userId, falukantUserId, data); res.status(200).json(response); } catch (error) { console.log(error); res.status(403).json({ error: error.message }); } } async getFalukantUserBranches(req, res) { try { const { userid: userId } = req.headers; const { falukantUserId } = req.params; const response = await AdminService.getFalukantUserBranches(userId, falukantUserId); res.status(200).json(response); } catch (error) { console.log(error); res.status(403).json({ error: error.message }); } } async updateFalukantStock(req, res) { try { const { userid: userId } = req.headers; const { stockId } = req.params; const { quantity } = req.body; const response = await AdminService.updateFalukantStock(userId, stockId, quantity); res.status(200).json(response); } catch (error) { console.log(error); res.status(403).json({ error: error.message }); } } async addFalukantStock(req, res) { try { const { userid: userId } = req.headers; const { branchId, stockTypeId, quantity } = req.body; const response = await AdminService.addFalukantStock(userId, branchId, stockTypeId, quantity); res.status(200).json(response); } catch (error) { console.log(error); res.status(403).json({ error: error.message }); } } async getFalukantStockTypes(req, res) { try { const { userid: userId } = req.headers; const response = await AdminService.getFalukantStockTypes(userId); res.status(200).json(response); } catch (error) { console.log(error); res.status(403).json({ error: error.message }); } } async getRoomTypes(req, res) { try { const userId = req.headers.userid; if (!userId) { return res.status(401).json({ error: 'User ID fehlt' }); } const types = await AdminService.getRoomTypes(userId); res.status(200).json(types); } catch (error) { if (error.message === 'noaccess') { res.status(403).json({ error: 'Keine Berechtigung für diese Aktion' }); } else { console.log(error); res.status(500).json({ error: error.message }); } } } async getGenderRestrictions(req, res) { try { const userId = req.headers.userid; if (!userId) { return res.status(401).json({ error: 'User ID fehlt' }); } const restrictions = await AdminService.getGenderRestrictions(userId); res.status(200).json(restrictions); } catch (error) { if (error.message === 'noaccess') { res.status(403).json({ error: 'Keine Berechtigung für diese Aktion' }); } else { console.log(error); res.status(500).json({ error: error.message }); } } } async getUserRights(req, res) { try { const userId = req.headers.userid; if (!userId) { return res.status(401).json({ error: 'User ID fehlt' }); } const rights = await AdminService.getUserRights(userId); res.status(200).json(rights); } catch (error) { if (error.message === 'noaccess') { res.status(403).json({ error: 'Keine Berechtigung für diese Aktion' }); } else { console.log(error); res.status(500).json({ error: error.message }); } } } async getRooms(req, res) { try { const userId = req.headers.userid; if (!userId) { return res.status(401).json({ error: 'User ID fehlt' }); } const rooms = await AdminService.getRooms(userId); res.status(200).json(rooms); } catch (error) { if (error.message === 'noaccess') { res.status(403).json({ error: 'Keine Berechtigung für diese Aktion' }); } else { console.log(error); res.status(500).json({ error: error.message }); } } } async updateRoom(req, res) { try { const userId = req.headers.userid; if (!userId || !(await AdminService.hasUserAccess(userId, 'chatrooms'))) { return res.status(403).json({ error: 'Keine Berechtigung.' }); } const schema = Joi.object({ title: Joi.string().min(1).max(255).required(), roomTypeId: Joi.number().integer().required(), isPublic: Joi.boolean().required(), genderRestrictionId: Joi.number().integer().allow(null), minAge: Joi.number().integer().min(0).allow(null), maxAge: Joi.number().integer().min(0).allow(null), password: Joi.string().allow('', null), friendsOfOwnerOnly: Joi.boolean().allow(null), requiredUserRightId: Joi.number().integer().allow(null) }); const { error, value } = schema.validate(req.body); if (error) { return res.status(400).json({ error: error.details[0].message }); } const room = await AdminService.updateRoom(req.params.id, value); res.status(200).json(room); } catch (error) { console.log(error); res.status(500).json({ error: error.message }); } } async createRoom(req, res) { try { const userId = req.headers.userid; if (!userId || !(await AdminService.hasUserAccess(userId, 'chatrooms'))) { return res.status(403).json({ error: 'Keine Berechtigung.' }); } const schema = Joi.object({ title: Joi.string().min(1).max(255).required(), roomTypeId: Joi.number().integer().required(), isPublic: Joi.boolean().required(), genderRestrictionId: Joi.number().integer().allow(null), minAge: Joi.number().integer().min(0).allow(null), maxAge: Joi.number().integer().min(0).allow(null), password: Joi.string().allow('', null), friendsOfOwnerOnly: Joi.boolean().allow(null), requiredUserRightId: Joi.number().integer().allow(null) }); const { error, value } = schema.validate(req.body); if (error) { return res.status(400).json({ error: error.details[0].message }); } value.ownerId = parseInt(userId, 10); const room = await AdminService.createRoom(userId, value); res.status(201).json(room); } catch (error) { console.log(error); res.status(500).json({ error: error.message }); } } async deleteRoom(req, res) { try { const userId = req.headers.userid; if (!userId || !(await AdminService.hasUserAccess(userId, 'chatrooms'))) { return res.status(403).json({ error: 'Keine Berechtigung.' }); } await AdminService.deleteRoom(req.params.id); res.sendStatus(204); } catch (error) { console.log(error); res.status(500).json({ error: error.message }); } } // --- Match3 Admin Methods --- async getMatch3Campaigns(req, res) { try { const userId = req.headers.userid; if (!userId) { return res.status(401).json({ error: 'User ID fehlt' }); } const campaigns = await AdminService.getMatch3Campaigns(userId); res.status(200).json(campaigns); } catch (error) { if (error.message === 'noaccess') { res.status(403).json({ error: 'Keine Berechtigung für diese Aktion' }); } else { console.error('Error in getMatch3Campaigns:', error); res.status(500).json({ error: error.message }); } } } async getMatch3Campaign(req, res) { try { const userId = req.headers.userid; if (!userId) { return res.status(401).json({ error: 'User ID fehlt' }); } const campaign = await AdminService.getMatch3Campaign(userId, req.params.id); res.status(200).json(campaign); } catch (error) { if (error.message === 'noaccess') { res.status(403).json({ error: 'Keine Berechtigung für diese Aktion' }); } else { console.error('Error in getMatch3Campaign:', error); res.status(500).json({ error: error.message }); } } } async createMatch3Campaign(req, res) { try { const userId = req.headers.userid; if (!userId) { return res.status(401).json({ error: 'User ID fehlt' }); } const campaign = await AdminService.createMatch3Campaign(userId, req.body); res.status(201).json(campaign); } catch (error) { if (error.message === 'noaccess') { res.status(403).json({ error: 'Keine Berechtigung für diese Aktion' }); } else { console.error('Error in createMatch3Campaign:', error); res.status(500).json({ error: error.message }); } } } async updateMatch3Campaign(req, res) { try { const userId = req.headers.userid; if (!userId) { return res.status(401).json({ error: 'User ID fehlt' }); } const campaign = await AdminService.updateMatch3Campaign(userId, req.params.id, req.body); res.status(200).json(campaign); } catch (error) { if (error.message === 'noaccess') { res.status(403).json({ error: 'Keine Berechtigung für diese Aktion' }); } else { console.error('Error in updateMatch3Campaign:', error); res.status(500).json({ error: error.message }); } } } async deleteMatch3Campaign(req, res) { try { const userId = req.headers.userid; if (!userId) { return res.status(401).json({ error: 'User ID fehlt' }); } await AdminService.deleteMatch3Campaign(userId, req.params.id); res.sendStatus(204); } catch (error) { if (error.message === 'noaccess') { res.status(403).json({ error: 'Keine Berechtigung für diese Aktion' }); } else { console.error('Error in deleteMatch3Campaign:', error); res.status(500).json({ error: error.message }); } } } async getMatch3Levels(req, res) { try { const userId = req.headers.userid; if (!userId) { return res.status(401).json({ error: 'User ID fehlt' }); } const levels = await AdminService.getMatch3Levels(userId); res.status(200).json(levels); } catch (error) { if (error.message === 'noaccess') { res.status(403).json({ error: 'Keine Berechtigung für diese Aktion' }); } else { console.error('Error in getMatch3Levels:', error); res.status(500).json({ error: error.message }); } } } async getMatch3Level(req, res) { try { const userId = req.headers.userid; if (!userId) { return res.status(401).json({ error: 'User ID fehlt' }); } const level = await AdminService.getMatch3Level(userId, req.params.id); res.status(200).json(level); } catch (error) { if (error.message === 'noaccess') { res.status(403).json({ error: 'Keine Berechtigung für diese Aktion' }); } else { console.error('Error in getMatch3Level:', error); res.status(500).json({ error: error.message }); } } } async createMatch3Level(req, res) { try { const userId = req.headers.userid; if (!userId) { return res.status(401).json({ error: 'User ID fehlt' }); } const level = await AdminService.createMatch3Level(userId, req.body); res.status(201).json(level); } catch (error) { if (error.message === 'noaccess') { res.status(403).json({ error: 'Keine Berechtigung für diese Aktion' }); } else { console.error('Error in createMatch3Level:', error); res.status(500).json({ error: error.message }); } } } async updateMatch3Level(req, res) { try { const userId = req.headers.userid; if (!userId) { return res.status(401).json({ error: 'User ID fehlt' }); } const level = await AdminService.updateMatch3Level(userId, req.params.id, req.body); res.status(200).json(level); } catch (error) { if (error.message === 'noaccess') { res.status(403).json({ error: 'Keine Berechtigung für diese Aktion' }); } else { console.error('Error in updateMatch3Level:', error); res.status(500).json({ error: error.message }); } } } async deleteMatch3Level(req, res) { try { const userId = req.headers.userid; if (!userId) { return res.status(401).json({ error: 'User ID fehlt' }); } await AdminService.deleteMatch3Level(userId, req.params.id); res.sendStatus(204); } catch (error) { if (error.message === 'noaccess') { res.status(403).json({ error: 'Keine Berechtigung für diese Aktion' }); } else { console.error('Error in deleteMatch3Level:', error); res.status(500).json({ error: error.message }); } } } // Match3 Objectives async getMatch3Objectives(req, res) { try { const userId = req.headers.userid; if (!userId) { return res.status(401).json({ error: 'User ID fehlt' }); } const objectives = await AdminService.getMatch3Objectives(userId); res.status(200).json(objectives); } catch (error) { if (error.message === 'noaccess') { res.status(403).json({ error: 'Keine Berechtigung für diese Aktion' }); } else { console.error('Error in getMatch3Objectives:', error); res.status(500).json({ error: error.message }); } } } async getMatch3Objective(req, res) { try { const userId = req.headers.userid; if (!userId) { return res.status(401).json({ error: 'User ID fehlt' }); } const objective = await AdminService.getMatch3Objective(userId, req.params.id); res.status(200).json(objective); } catch (error) { if (error.message === 'noaccess') { res.status(403).json({ error: 'Keine Berechtigung für diese Aktion' }); } else { console.error('Error in getMatch3Objective:', error); res.status(500).json({ error: error.message }); } } } async createMatch3Objective(req, res) { try { const userId = req.headers.userid; if (!userId) { return res.status(401).json({ error: 'User ID fehlt' }); } const objective = await AdminService.createMatch3Objective(userId, req.body); res.status(201).json(objective); } catch (error) { if (error.message === 'noaccess') { res.status(403).json({ error: 'Keine Berechtigung für diese Aktion' }); } else { console.error('Error in createMatch3Objective:', error); res.status(500).json({ error: error.message }); } } } async updateMatch3Objective(req, res) { try { const userId = req.headers.userid; if (!userId) { return res.status(401).json({ error: 'User ID fehlt' }); } const objective = await AdminService.updateMatch3Objective(userId, req.params.id, req.body); res.status(200).json(objective); } catch (error) { if (error.message === 'noaccess') { res.status(403).json({ error: 'Keine Berechtigung für diese Aktion' }); } else { console.error('Error in updateMatch3Objective:', error); res.status(500).json({ error: error.message }); } } } async deleteMatch3Objective(req, res) { try { const userId = req.headers.userid; if (!userId) { return res.status(401).json({ error: 'User ID fehlt' }); } await AdminService.deleteMatch3Objective(userId, req.params.id); res.sendStatus(204); } catch (error) { if (error.message === 'noaccess') { res.status(403).json({ error: 'Keine Berechtigung für diese Aktion' }); } else { console.error('Error in deleteMatch3Objective:', error); res.status(500).json({ error: error.message }); } } } async getMatch3TileTypes(req, res) { try { const userId = req.headers.userid; if (!userId) { return res.status(401).json({ error: 'User ID fehlt' }); } const tileTypes = await AdminService.getMatch3TileTypes(userId); res.status(200).json(tileTypes); } catch (error) { if (error.message === 'noaccess') { res.status(403).json({ error: 'Keine Berechtigung für diese Aktion' }); } else { console.error('Error in getMatch3TileTypes:', error); res.status(500).json({ error: error.message }); } } } async createMatch3TileType(req, res) { try { const userId = req.headers.userid; if (!userId) { return res.status(401).json({ error: 'User ID fehlt' }); } const tileType = await AdminService.createMatch3TileType(userId, req.body); res.status(201).json(tileType); } catch (error) { if (error.message === 'noaccess') { res.status(403).json({ error: 'Keine Berechtigung für diese Aktion' }); } else { console.error('Error in createMatch3TileType:', error); res.status(500).json({ error: error.message }); } } } async updateMatch3TileType(req, res) { try { const userId = req.headers.userid; if (!userId) { return res.status(401).json({ error: 'User ID fehlt' }); } const tileType = await AdminService.updateMatch3TileType(userId, req.params.id, req.body); res.status(200).json(tileType); } catch (error) { if (error.message === 'noaccess') { res.status(403).json({ error: 'Keine Berechtigung für diese Aktion' }); } else { console.error('Error in updateMatch3TileType:', error); res.status(500).json({ error: error.message }); } } } async deleteMatch3TileType(req, res) { try { const userId = req.headers.userid; if (!userId) { return res.status(401).json({ error: 'User ID fehlt' }); } await AdminService.deleteMatch3TileType(userId, req.params.id); res.sendStatus(204); } catch (error) { if (error.message === 'noaccess') { res.status(403).json({ error: 'Keine Berechtigung für diese Aktion' }); } else { console.error('Error in deleteMatch3TileType:', error); res.status(500).json({ error: error.message }); } } } async getUserStatistics(req, res) { try { const { userid: userId } = req.headers; const statistics = await AdminService.getUserStatistics(userId); res.status(200).json(statistics); } catch (error) { if (error.message === 'noaccess') { res.status(403).json({ error: 'Keine Berechtigung' }); } else { res.status(500).json({ error: error.message }); } } } } export default AdminController;