API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 20th, 2017
101
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.14 KB | None | 0 0
raw download clone embed print report
  1. /* Notes:
  2. Async/Sync
  3. For the sake of simplicity, we aren't going to use Promises or callback
  4. functions, but assume their implementation.
  5. */
  6. create(request, response) {
  7. // Authentication: session exists
  8. let auth_user = redis.get(request.get('X-Session-Token'));
  9. if (auth_user === undefined) {
  10. response.status(401).json({});
  11. }
  12.  
  13. // User group / role permissions
  14. auth_user = Models.users.find(auth_user.id);
  15. if (auth_user.permissions('can_create_users') !== true) {
  16. response.status(403).json({});
  17. }
  18.  
  19. // Input validation and sanitization
  20. let errors = [];
  21. if (request.query.type !== 'admin' || request.query.type !== 'poweruser') {
  22. errors.push('invalid type: admin or poweruser requestuired');
  23. }
  24. if (!request.body.name) {
  25. errors.push('name requestuired');
  26. }
  27. if (!request.body.email || !validator.is_email(request.body.email)) {
  28. errors.push('email requestuired');
  29. }
  30. if (!request.body.phone || !validator.is_phone(request.body.phone)) {
  31. errors.push('phone requestuired');
  32. }
  33. if (errors.length) {
  34. response.status(400).json({});
  35. }
  36.  
  37. // Create User
  38. let password = library.generate_password();
  39. let created_user = Models.user.create({
  40. name: request.body.name,
  41. email: request.body.email,
  42. phone: request.body.phone,
  43. password: password,
  44. created_by: auth_user.id
  45. });
  46.  
  47. response.status(200).json({
  48. user: {}
  49. });
  50.  
  51. // Async non-blocking actions
  52. // Send new user email
  53. emails.send('user_created', {
  54. email: request.body.email
  55. });
  56. // Alert sales team of new user creation
  57. emails.send('internal_user_created', {
  58. url: 'fake-url-to-new-user-page'
  59. });
  60. // Alert sales team via Slack
  61. slack.new_user_added({
  62. url: 'fake-url-to-new-user-page'
  63. });
  64. // Add new user to SalesForce
  65. salesforce.add_user({
  66. name: request.body.name,
  67. email: request.body.email,
  68. phone: request.body.phone
  69. });
  70. // Send user their password via SMS
  71. sms.send_password({
  72. phone: request.body.phone,
  73. password: password
  74. });
  75. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!