@ahksolution/permissions-sdk 1.1.2 → 1.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +87 -9
- package/dist/client/permissions-client.module.d.ts.map +1 -1
- package/dist/client/permissions-client.module.js +2 -0
- package/dist/client/permissions-client.module.js.map +1 -1
- package/dist/client/permissions-grpc.client.d.ts +14 -1
- package/dist/client/permissions-grpc.client.d.ts.map +1 -1
- package/dist/client/permissions-grpc.client.js +81 -1
- package/dist/client/permissions-grpc.client.js.map +1 -1
- package/dist/proto/permissions.proto +54 -0
- package/dist/types/grpc.types.d.ts +28 -0
- package/dist/types/grpc.types.d.ts.map +1 -1
- package/dist/types/jwt.types.d.ts +25 -0
- package/dist/types/jwt.types.d.ts.map +1 -1
- package/package.json +1 -1
- package/src/proto/permissions.proto +54 -0
package/README.md
CHANGED
|
@@ -261,15 +261,18 @@ export class OrderService {
|
|
|
261
261
|
|
|
262
262
|
### PermissionsGrpcClient
|
|
263
263
|
|
|
264
|
-
| Method | Description
|
|
265
|
-
| --------------------------------------------------------- |
|
|
266
|
-
| `validateToken(token)` | Validates JWT and returns `ValidateTokenResult`
|
|
267
|
-
| `hasPermission(userId, permissionCode)` | Returns `boolean` - does user have this permission?
|
|
268
|
-
| `hasAllPermissions(userId, permissionCodes)` | Returns `boolean` - does user have ALL permissions?
|
|
269
|
-
| `hasAnyPermission(userId, permissionCodes)` | Returns `boolean` - does user have ANY permission?
|
|
270
|
-
| `checkPermission(userId, permissionCode, options?)` | Returns full `EvaluationResult` with details
|
|
271
|
-
| `checkBulkPermissions(userId, permissionCodes, options?)` | Returns results for multiple permissions
|
|
272
|
-
| `getEffectivePermissions(userId)` | Returns all permissions and roles for a user
|
|
264
|
+
| Method | Description |
|
|
265
|
+
| --------------------------------------------------------- | ------------------------------------------------------ |
|
|
266
|
+
| `validateToken(token)` | Validates JWT and returns `ValidateTokenResult` |
|
|
267
|
+
| `hasPermission(userId, permissionCode)` | Returns `boolean` - does user have this permission? |
|
|
268
|
+
| `hasAllPermissions(userId, permissionCodes)` | Returns `boolean` - does user have ALL permissions? |
|
|
269
|
+
| `hasAnyPermission(userId, permissionCodes)` | Returns `boolean` - does user have ANY permission? |
|
|
270
|
+
| `checkPermission(userId, permissionCode, options?)` | Returns full `EvaluationResult` with details |
|
|
271
|
+
| `checkBulkPermissions(userId, permissionCodes, options?)` | Returns results for multiple permissions |
|
|
272
|
+
| `getEffectivePermissions(userId)` | Returns all permissions and roles for a user |
|
|
273
|
+
| `getUserInfo(userId)` | Returns complete user profile with roles & permissions |
|
|
274
|
+
| `getUserRoles(userId)` | Returns user's roles only |
|
|
275
|
+
| `getUserPermissions(userId)` | Returns user's permission codes only |
|
|
273
276
|
|
|
274
277
|
### Decorators
|
|
275
278
|
|
|
@@ -355,6 +358,81 @@ console.log(effective);
|
|
|
355
358
|
// }
|
|
356
359
|
```
|
|
357
360
|
|
|
361
|
+
### User Data Methods (v1.2.0+)
|
|
362
|
+
|
|
363
|
+
Fetch user data directly by userId without token validation. Useful for service-to-service calls.
|
|
364
|
+
|
|
365
|
+
```typescript
|
|
366
|
+
import { Injectable, NotFoundException } from '@nestjs/common';
|
|
367
|
+
import { PermissionsGrpcClient } from '@ahksolution/permissions-sdk';
|
|
368
|
+
|
|
369
|
+
@Injectable()
|
|
370
|
+
export class UserProfileService {
|
|
371
|
+
constructor(private readonly permissions: PermissionsGrpcClient) {}
|
|
372
|
+
|
|
373
|
+
// Get complete user profile with roles and permissions
|
|
374
|
+
async getUserProfile(userId: string) {
|
|
375
|
+
const result = await this.permissions.getUserInfo(userId);
|
|
376
|
+
if (!result.found) {
|
|
377
|
+
throw new NotFoundException(result.errorMessage); // 'USER_NOT_FOUND' | 'USER_INACTIVE'
|
|
378
|
+
}
|
|
379
|
+
return result.user;
|
|
380
|
+
// {
|
|
381
|
+
// id: '...',
|
|
382
|
+
// email: 'user@example.com',
|
|
383
|
+
// phone: '+1234567890',
|
|
384
|
+
// userType: 'CUSTOMER',
|
|
385
|
+
// status: 'ACTIVE',
|
|
386
|
+
// isProfileComplete: true,
|
|
387
|
+
// roles: [{ id, code, name, isSystem }],
|
|
388
|
+
// permissions: ['orders:read', 'orders:create'],
|
|
389
|
+
// hasAllAccess: false
|
|
390
|
+
// }
|
|
391
|
+
}
|
|
392
|
+
|
|
393
|
+
// Get only user's roles
|
|
394
|
+
async getUserRoleNames(userId: string) {
|
|
395
|
+
const result = await this.permissions.getUserRoles(userId);
|
|
396
|
+
if (!result.found) {
|
|
397
|
+
throw new NotFoundException(result.errorMessage);
|
|
398
|
+
}
|
|
399
|
+
return result.roles.map((r) => r.name); // ['Admin', 'Manager']
|
|
400
|
+
}
|
|
401
|
+
|
|
402
|
+
// Get only user's permissions
|
|
403
|
+
async canAccessFeature(userId: string, featurePermission: string) {
|
|
404
|
+
const result = await this.permissions.getUserPermissions(userId);
|
|
405
|
+
if (!result.found) return false;
|
|
406
|
+
|
|
407
|
+
// Check if user has all access or the specific permission
|
|
408
|
+
return result.hasAllAccess || result.permissions.includes(featurePermission);
|
|
409
|
+
}
|
|
410
|
+
}
|
|
411
|
+
```
|
|
412
|
+
|
|
413
|
+
**Return Types:**
|
|
414
|
+
|
|
415
|
+
```typescript
|
|
416
|
+
interface GetUserInfoResult {
|
|
417
|
+
found: boolean;
|
|
418
|
+
errorMessage?: string; // 'USER_NOT_FOUND' | 'USER_INACTIVE' | 'INTERNAL_ERROR'
|
|
419
|
+
user?: JwtUserData; // Only populated if found=true
|
|
420
|
+
}
|
|
421
|
+
|
|
422
|
+
interface GetUserRolesResult {
|
|
423
|
+
found: boolean;
|
|
424
|
+
errorMessage?: string;
|
|
425
|
+
roles: RoleInfo[];
|
|
426
|
+
}
|
|
427
|
+
|
|
428
|
+
interface GetUserPermissionsResult {
|
|
429
|
+
found: boolean;
|
|
430
|
+
errorMessage?: string;
|
|
431
|
+
permissions: string[];
|
|
432
|
+
hasAllAccess: boolean;
|
|
433
|
+
}
|
|
434
|
+
```
|
|
435
|
+
|
|
358
436
|
## Environment Variables
|
|
359
437
|
|
|
360
438
|
| Variable | Description | Default |
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"permissions-client.module.d.ts","sourceRoot":"","sources":["../../src/client/permissions-client.module.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAU,MAAM,gBAAgB,CAAC;AAavD;;GAEG;AACH,MAAM,WAAW,8BAA8B;IAC7C;;;OAGG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IAEb;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,mCAAmC;IAClD;;OAEG;IACH,OAAO,CAAC,EAAE,aAAa,CAAC,SAAS,CAAC,CAAC;IAEnC;;OAEG;IACH,UAAU,EAAE,CACV,GAAG,IAAI,EAAE,OAAO,EAAE,KACf,8BAA8B,GAAG,OAAO,CAAC,8BAA8B,CAAC,CAAC;IAE9E;;OAEG;IACH,MAAM,CAAC,EAAE,OAAO,EAAE,CAAC;CACpB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AACH,qBACa,uBAAuB;IAClC;;OAEG;IACH,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,8BAA8B,GAAG,aAAa;
|
|
1
|
+
{"version":3,"file":"permissions-client.module.d.ts","sourceRoot":"","sources":["../../src/client/permissions-client.module.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAU,MAAM,gBAAgB,CAAC;AAavD;;GAEG;AACH,MAAM,WAAW,8BAA8B;IAC7C;;;OAGG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IAEb;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,mCAAmC;IAClD;;OAEG;IACH,OAAO,CAAC,EAAE,aAAa,CAAC,SAAS,CAAC,CAAC;IAEnC;;OAEG;IACH,UAAU,EAAE,CACV,GAAG,IAAI,EAAE,OAAO,EAAE,KACf,8BAA8B,GAAG,OAAO,CAAC,8BAA8B,CAAC,CAAC;IAE9E;;OAEG;IACH,MAAM,CAAC,EAAE,OAAO,EAAE,CAAC;CACpB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AACH,qBACa,uBAAuB;IAClC;;OAEG;IACH,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,8BAA8B,GAAG,aAAa;IAgCxE;;OAEG;IACH,MAAM,CAAC,aAAa,CAAC,OAAO,EAAE,mCAAmC,GAAG,aAAa;CAuClF"}
|
|
@@ -53,6 +53,7 @@ let PermissionsClientModule = PermissionsClientModule_1 = class PermissionsClien
|
|
|
53
53
|
const url = options?.url ?? constants_1.DEFAULT_GRPC_OPTIONS.url;
|
|
54
54
|
const protoPath = options?.protoPath ?? (0, path_1.join)(__dirname, '..', 'proto', 'permissions.proto');
|
|
55
55
|
return {
|
|
56
|
+
global: true,
|
|
56
57
|
module: PermissionsClientModule_1,
|
|
57
58
|
imports: [
|
|
58
59
|
microservices_1.ClientsModule.register([
|
|
@@ -83,6 +84,7 @@ let PermissionsClientModule = PermissionsClientModule_1 = class PermissionsClien
|
|
|
83
84
|
*/
|
|
84
85
|
static registerAsync(options) {
|
|
85
86
|
return {
|
|
87
|
+
global: true,
|
|
86
88
|
module: PermissionsClientModule_1,
|
|
87
89
|
imports: [
|
|
88
90
|
...(options.imports ?? []),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"permissions-client.module.js","sourceRoot":"","sources":["../../src/client/permissions-client.module.ts"],"names":[],"mappings":";;;;;;;;;;AAAA,2CAAuD;AACvD,yDAAiE;AACjE,+BAA4B;AAE5B,4CAIsB;AACtB,6DAAwD;AACxD,mEAA+D;AAC/D,uEAAkE;AAyClE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AAEI,IAAM,uBAAuB,+BAA7B,MAAM,uBAAuB;IAClC;;OAEG;IACH,MAAM,CAAC,QAAQ,CAAC,OAAwC;QACtD,MAAM,GAAG,GAAG,OAAO,EAAE,GAAG,IAAI,gCAAoB,CAAC,GAAG,CAAC;QACrD,MAAM,SAAS,GAAG,OAAO,EAAE,SAAS,IAAI,IAAA,WAAI,EAAC,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,mBAAmB,CAAC,CAAC;QAE5F,OAAO;YACL,MAAM,EAAE,yBAAuB;YAC/B,OAAO,EAAE;gBACP,6BAAa,CAAC,QAAQ,CAAC;oBACrB;wBACE,IAAI,EAAE,mCAAuB;wBAC7B,SAAS,EAAE,yBAAS,CAAC,IAAI;wBACzB,OAAO,EAAE;4BACP,GAAG;4BACH,OAAO,EAAE,oCAAwB;4BACjC,SAAS;4BACT,MAAM,EAAE;gCACN,QAAQ,EAAE,KAAK,EAAE,kCAAkC;gCACnD,KAAK,EAAE,MAAM;gCACb,KAAK,EAAE,MAAM;gCACb,QAAQ,EAAE,IAAI;gCACd,MAAM,EAAE,IAAI;6BACb;yBACF;qBACF;iBACF,CAAC;aACH;YACD,SAAS,EAAE,CAAC,+CAAqB,EAAE,6BAAY,EAAE,oCAAgB,CAAC;YAClE,OAAO,EAAE,CAAC,+CAAqB,EAAE,6BAAY,EAAE,oCAAgB,CAAC;SACjE,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,aAAa,CAAC,OAA4C;QAC/D,OAAO;YACL,MAAM,EAAE,yBAAuB;YAC/B,OAAO,EAAE;gBACP,GAAG,CAAC,OAAO,CAAC,OAAO,IAAI,EAAE,CAAC;gBAC1B,6BAAa,CAAC,aAAa,CAAC;oBAC1B;wBACE,IAAI,EAAE,mCAAuB;wBAC7B,UAAU,EAAE,KAAK,EAAE,GAAG,IAAe,EAAE,EAAE;4BACvC,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC;4BACjD,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,IAAI,gCAAoB,CAAC,GAAG,CAAC;4BACnD,MAAM,SAAS,GACb,MAAM,CAAC,SAAS,IAAI,IAAA,WAAI,EAAC,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,mBAAmB,CAAC,CAAC;4BAE1E,OAAO;gCACL,SAAS,EAAE,yBAAS,CAAC,IAAI;gCACzB,OAAO,EAAE;oCACP,GAAG;oCACH,OAAO,EAAE,oCAAwB;oCACjC,SAAS;oCACT,MAAM,EAAE;wCACN,QAAQ,EAAE,KAAK,EAAE,kCAAkC;wCACnD,KAAK,EAAE,MAAM;wCACb,KAAK,EAAE,MAAM;wCACb,QAAQ,EAAE,IAAI;wCACd,MAAM,EAAE,IAAI;qCACb;iCACF;6BACF,CAAC;wBACJ,CAAC;wBACD,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,EAAE;qBAC7B;iBACF,CAAC;aACH;YACD,SAAS,EAAE,CAAC,+CAAqB,EAAE,6BAAY,EAAE,oCAAgB,CAAC;YAClE,OAAO,EAAE,CAAC,+CAAqB,EAAE,6BAAY,EAAE,oCAAgB,CAAC;SACjE,CAAC;IACJ,CAAC;CACF,CAAA;
|
|
1
|
+
{"version":3,"file":"permissions-client.module.js","sourceRoot":"","sources":["../../src/client/permissions-client.module.ts"],"names":[],"mappings":";;;;;;;;;;AAAA,2CAAuD;AACvD,yDAAiE;AACjE,+BAA4B;AAE5B,4CAIsB;AACtB,6DAAwD;AACxD,mEAA+D;AAC/D,uEAAkE;AAyClE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AAEI,IAAM,uBAAuB,+BAA7B,MAAM,uBAAuB;IAClC;;OAEG;IACH,MAAM,CAAC,QAAQ,CAAC,OAAwC;QACtD,MAAM,GAAG,GAAG,OAAO,EAAE,GAAG,IAAI,gCAAoB,CAAC,GAAG,CAAC;QACrD,MAAM,SAAS,GAAG,OAAO,EAAE,SAAS,IAAI,IAAA,WAAI,EAAC,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,mBAAmB,CAAC,CAAC;QAE5F,OAAO;YACL,MAAM,EAAE,IAAI;YACZ,MAAM,EAAE,yBAAuB;YAC/B,OAAO,EAAE;gBACP,6BAAa,CAAC,QAAQ,CAAC;oBACrB;wBACE,IAAI,EAAE,mCAAuB;wBAC7B,SAAS,EAAE,yBAAS,CAAC,IAAI;wBACzB,OAAO,EAAE;4BACP,GAAG;4BACH,OAAO,EAAE,oCAAwB;4BACjC,SAAS;4BACT,MAAM,EAAE;gCACN,QAAQ,EAAE,KAAK,EAAE,kCAAkC;gCACnD,KAAK,EAAE,MAAM;gCACb,KAAK,EAAE,MAAM;gCACb,QAAQ,EAAE,IAAI;gCACd,MAAM,EAAE,IAAI;6BACb;yBACF;qBACF;iBACF,CAAC;aACH;YACD,SAAS,EAAE,CAAC,+CAAqB,EAAE,6BAAY,EAAE,oCAAgB,CAAC;YAClE,OAAO,EAAE,CAAC,+CAAqB,EAAE,6BAAY,EAAE,oCAAgB,CAAC;SACjE,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,aAAa,CAAC,OAA4C;QAC/D,OAAO;YACL,MAAM,EAAE,IAAI;YACZ,MAAM,EAAE,yBAAuB;YAC/B,OAAO,EAAE;gBACP,GAAG,CAAC,OAAO,CAAC,OAAO,IAAI,EAAE,CAAC;gBAC1B,6BAAa,CAAC,aAAa,CAAC;oBAC1B;wBACE,IAAI,EAAE,mCAAuB;wBAC7B,UAAU,EAAE,KAAK,EAAE,GAAG,IAAe,EAAE,EAAE;4BACvC,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC;4BACjD,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,IAAI,gCAAoB,CAAC,GAAG,CAAC;4BACnD,MAAM,SAAS,GACb,MAAM,CAAC,SAAS,IAAI,IAAA,WAAI,EAAC,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,mBAAmB,CAAC,CAAC;4BAE1E,OAAO;gCACL,SAAS,EAAE,yBAAS,CAAC,IAAI;gCACzB,OAAO,EAAE;oCACP,GAAG;oCACH,OAAO,EAAE,oCAAwB;oCACjC,SAAS;oCACT,MAAM,EAAE;wCACN,QAAQ,EAAE,KAAK,EAAE,kCAAkC;wCACnD,KAAK,EAAE,MAAM;wCACb,KAAK,EAAE,MAAM;wCACb,QAAQ,EAAE,IAAI;wCACd,MAAM,EAAE,IAAI;qCACb;iCACF;6BACF,CAAC;wBACJ,CAAC;wBACD,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,EAAE;qBAC7B;iBACF,CAAC;aACH;YACD,SAAS,EAAE,CAAC,+CAAqB,EAAE,6BAAY,EAAE,oCAAgB,CAAC;YAClE,OAAO,EAAE,CAAC,+CAAqB,EAAE,6BAAY,EAAE,oCAAgB,CAAC;SACjE,CAAC;IACJ,CAAC;CACF,CAAA;AA9EY,0DAAuB;kCAAvB,uBAAuB;IADnC,IAAA,eAAM,EAAC,EAAE,CAAC;GACE,uBAAuB,CA8EnC"}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { OnModuleInit } from '@nestjs/common';
|
|
2
2
|
import { ClientGrpc } from '@nestjs/microservices';
|
|
3
|
-
import type { BulkPermissionResultRecord, EffectivePermissions, EvaluationResult, RequestContext, ResourceContext, ValidateTokenResult } from '../types';
|
|
3
|
+
import type { BulkPermissionResultRecord, EffectivePermissions, EvaluationResult, GetUserInfoResult, GetUserPermissionsResult, GetUserRolesResult, RequestContext, ResourceContext, ValidateTokenResult } from '../types';
|
|
4
4
|
/**
|
|
5
5
|
* gRPC client for the Permissions Service
|
|
6
6
|
* Provides methods to check permissions via gRPC calls to the permissions microservice
|
|
@@ -50,5 +50,18 @@ export declare class PermissionsGrpcClient implements OnModuleInit {
|
|
|
50
50
|
* Maps gRPC user data to JwtUserData type
|
|
51
51
|
*/
|
|
52
52
|
private mapToJwtUserData;
|
|
53
|
+
/**
|
|
54
|
+
* Get complete user profile including roles and permissions by userId
|
|
55
|
+
* Used for internal service-to-service calls without token validation
|
|
56
|
+
*/
|
|
57
|
+
getUserInfo(userId: string): Promise<GetUserInfoResult>;
|
|
58
|
+
/**
|
|
59
|
+
* Get user's roles only by userId
|
|
60
|
+
*/
|
|
61
|
+
getUserRoles(userId: string): Promise<GetUserRolesResult>;
|
|
62
|
+
/**
|
|
63
|
+
* Get user's permission codes only by userId
|
|
64
|
+
*/
|
|
65
|
+
getUserPermissions(userId: string): Promise<GetUserPermissionsResult>;
|
|
53
66
|
}
|
|
54
67
|
//# sourceMappingURL=permissions-grpc.client.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"permissions-grpc.client.d.ts","sourceRoot":"","sources":["../../src/client/permissions-grpc.client.ts"],"names":[],"mappings":"AAAA,OAAO,EAIL,YAAY,EAEb,MAAM,gBAAgB,CAAC;AACxB,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAInD,OAAO,KAAK,EACV,0BAA0B,EAC1B,oBAAoB,EACpB,gBAAgB,
|
|
1
|
+
{"version":3,"file":"permissions-grpc.client.d.ts","sourceRoot":"","sources":["../../src/client/permissions-grpc.client.ts"],"names":[],"mappings":"AAAA,OAAO,EAIL,YAAY,EAEb,MAAM,gBAAgB,CAAC;AACxB,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAInD,OAAO,KAAK,EACV,0BAA0B,EAC1B,oBAAoB,EACpB,gBAAgB,EAEhB,iBAAiB,EACjB,wBAAwB,EACxB,kBAAkB,EAElB,cAAc,EACd,eAAe,EAEf,mBAAmB,EACpB,MAAM,UAAU,CAAC;AAmGlB;;;GAGG;AACH,qBACa,qBAAsB,YAAW,YAAY;IAMtD,OAAO,CAAC,QAAQ,CAAC,MAAM;IALzB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA0C;IACjE,OAAO,CAAC,kBAAkB,CAA0B;gBAIjC,MAAM,EAAE,UAAU;IAGrC,YAAY,IAAI,IAAI;IAMpB;;OAEG;IACG,eAAe,CACnB,MAAM,EAAE,MAAM,EACd,cAAc,EAAE,MAAM,EACtB,OAAO,CAAC,EAAE;QACR,QAAQ,CAAC,EAAE,eAAe,CAAC;QAC3B,OAAO,CAAC,EAAE,cAAc,CAAC;KAC1B,GACA,OAAO,CAAC,gBAAgB,CAAC;IAiB5B;;OAEG;IACG,oBAAoB,CACxB,MAAM,EAAE,MAAM,EACd,eAAe,EAAE,MAAM,EAAE,EACzB,OAAO,CAAC,EAAE;QACR,QAAQ,CAAC,EAAE,eAAe,CAAC;QAC3B,OAAO,CAAC,EAAE,cAAc,CAAC;KAC1B,GACA,OAAO,CAAC,0BAA0B,CAAC;IAwBtC;;OAEG;IACG,uBAAuB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAsB5E;;OAEG;IACG,aAAa,CAAC,MAAM,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAY7E;;OAEG;IACG,iBAAiB,CAAC,MAAM,EAAE,MAAM,EAAE,eAAe,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC;IAYpF;;OAEG;IACG,gBAAgB,CAAC,MAAM,EAAE,MAAM,EAAE,eAAe,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC;IAYnF;;;OAGG;IACG,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAyBhE;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAuBxB;;;OAGG;IACG,WAAW,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAwB7D;;OAEG;IACG,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAgC/D;;OAEG;IACG,kBAAkB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,wBAAwB,CAAC;CA0B5E"}
|
|
@@ -229,7 +229,7 @@ let PermissionsGrpcClient = PermissionsGrpcClient_1 = class PermissionsGrpcClien
|
|
|
229
229
|
}
|
|
230
230
|
catch (error) {
|
|
231
231
|
const grpcError = error;
|
|
232
|
-
this.logger.error(`gRPC validateToken failed - code: ${grpcError.code}, details: ${grpcError.details}, message: ${grpcError.message}`);
|
|
232
|
+
this.logger.error(`gRPC validateToken failed - code: ${String(grpcError.code)}, details: ${String(grpcError.details)}, message: ${String(grpcError.message)}`);
|
|
233
233
|
throw new common_1.ServiceUnavailableException('Authentication service unavailable');
|
|
234
234
|
}
|
|
235
235
|
}
|
|
@@ -257,6 +257,86 @@ let PermissionsGrpcClient = PermissionsGrpcClient_1 = class PermissionsGrpcClien
|
|
|
257
257
|
hasAllAccess: userData.hasAllAccess,
|
|
258
258
|
};
|
|
259
259
|
}
|
|
260
|
+
/**
|
|
261
|
+
* Get complete user profile including roles and permissions by userId
|
|
262
|
+
* Used for internal service-to-service calls without token validation
|
|
263
|
+
*/
|
|
264
|
+
async getUserInfo(userId) {
|
|
265
|
+
try {
|
|
266
|
+
const response = await (0, rxjs_1.firstValueFrom)(this.permissionsService.getUserInfo({ userId }));
|
|
267
|
+
if (!response.found) {
|
|
268
|
+
return {
|
|
269
|
+
found: false,
|
|
270
|
+
errorMessage: response.errorMessage,
|
|
271
|
+
};
|
|
272
|
+
}
|
|
273
|
+
return {
|
|
274
|
+
found: true,
|
|
275
|
+
user: this.mapToJwtUserData(response.user),
|
|
276
|
+
};
|
|
277
|
+
}
|
|
278
|
+
catch (error) {
|
|
279
|
+
const grpcError = error;
|
|
280
|
+
this.logger.error(`gRPC getUserInfo failed - code: ${String(grpcError.code)}, details: ${String(grpcError.details)}, message: ${String(grpcError.message)}`);
|
|
281
|
+
throw new common_1.ServiceUnavailableException('User service unavailable');
|
|
282
|
+
}
|
|
283
|
+
}
|
|
284
|
+
/**
|
|
285
|
+
* Get user's roles only by userId
|
|
286
|
+
*/
|
|
287
|
+
async getUserRoles(userId) {
|
|
288
|
+
try {
|
|
289
|
+
const response = await (0, rxjs_1.firstValueFrom)(this.permissionsService.getUserRoles({ userId }));
|
|
290
|
+
if (!response.found) {
|
|
291
|
+
return {
|
|
292
|
+
found: false,
|
|
293
|
+
errorMessage: response.errorMessage,
|
|
294
|
+
roles: [],
|
|
295
|
+
};
|
|
296
|
+
}
|
|
297
|
+
const roles = response.roles.map((role) => ({
|
|
298
|
+
id: role.id,
|
|
299
|
+
code: role.code,
|
|
300
|
+
name: role.name,
|
|
301
|
+
isSystem: role.isSystem,
|
|
302
|
+
}));
|
|
303
|
+
return {
|
|
304
|
+
found: true,
|
|
305
|
+
roles,
|
|
306
|
+
};
|
|
307
|
+
}
|
|
308
|
+
catch (error) {
|
|
309
|
+
const grpcError = error;
|
|
310
|
+
this.logger.error(`gRPC getUserRoles failed - code: ${String(grpcError.code)}, details: ${String(grpcError.details)}, message: ${String(grpcError.message)}`);
|
|
311
|
+
throw new common_1.ServiceUnavailableException('User service unavailable');
|
|
312
|
+
}
|
|
313
|
+
}
|
|
314
|
+
/**
|
|
315
|
+
* Get user's permission codes only by userId
|
|
316
|
+
*/
|
|
317
|
+
async getUserPermissions(userId) {
|
|
318
|
+
try {
|
|
319
|
+
const response = await (0, rxjs_1.firstValueFrom)(this.permissionsService.getUserPermissions({ userId }));
|
|
320
|
+
if (!response.found) {
|
|
321
|
+
return {
|
|
322
|
+
found: false,
|
|
323
|
+
errorMessage: response.errorMessage,
|
|
324
|
+
permissions: [],
|
|
325
|
+
hasAllAccess: false,
|
|
326
|
+
};
|
|
327
|
+
}
|
|
328
|
+
return {
|
|
329
|
+
found: true,
|
|
330
|
+
permissions: response.permissions,
|
|
331
|
+
hasAllAccess: response.hasAllAccess,
|
|
332
|
+
};
|
|
333
|
+
}
|
|
334
|
+
catch (error) {
|
|
335
|
+
const grpcError = error;
|
|
336
|
+
this.logger.error(`gRPC getUserPermissions failed - code: ${String(grpcError.code)}, details: ${String(grpcError.details)}, message: ${String(grpcError.message)}`);
|
|
337
|
+
throw new common_1.ServiceUnavailableException('User service unavailable');
|
|
338
|
+
}
|
|
339
|
+
}
|
|
260
340
|
};
|
|
261
341
|
exports.PermissionsGrpcClient = PermissionsGrpcClient;
|
|
262
342
|
exports.PermissionsGrpcClient = PermissionsGrpcClient = PermissionsGrpcClient_1 = __decorate([
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"permissions-grpc.client.js","sourceRoot":"","sources":["../../src/client/permissions-grpc.client.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CAMwB;AAExB,+BAAsC;AAEtC,4CAAiF;
|
|
1
|
+
{"version":3,"file":"permissions-grpc.client.js","sourceRoot":"","sources":["../../src/client/permissions-grpc.client.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CAMwB;AAExB,+BAAsC;AAEtC,4CAAiF;AAuBjF;;GAEG;AACH,SAAS,mBAAmB,CAAC,MAA4B;IACvD,MAAM,SAAS,GAAmD;QAChE,CAAC,EAAE,QAAQ;QACX,CAAC,EAAE,MAAM;QACT,CAAC,EAAE,MAAM;QACT,CAAC,EAAE,aAAa;QAChB,CAAC,EAAE,QAAQ;KACZ,CAAC;IACF,OAAO,SAAS,CAAC,MAAM,CAAC,CAAC;AAC3B,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CAAC,QAAiC;IAC3D,OAAO;QACL,OAAO,EAAE,QAAQ,CAAC,OAAO;QACzB,MAAM,EAAE,mBAAmB,CAAC,QAAQ,CAAC,MAAM,CAAC;QAC5C,YAAY,EAAE,QAAQ,CAAC,YAAY;QACnC,eAAe,EAAE,QAAQ,CAAC,eAAe;QACzC,MAAM,EAAE,QAAQ,CAAC,MAAM;QACvB,gBAAgB,EAAE,QAAQ,CAAC,gBAAgB;KAC5C,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,qBAAqB,CAAC,OAAyB;IAStD,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;QAC1B,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,IAAI,EAAE,GAAG,OAAO,CAAC;IAC3D,MAAM,UAAU,GAA2B,EAAE,CAAC;IAC9C,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;QAChD,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;YAC1C,UAAU,CAAC,GAAG,CAAC,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;QAC9E,CAAC;IACH,CAAC;IACD,OAAO;QACL,EAAE;QACF,IAAI;QACJ,OAAO;QACP,UAAU;QACV,UAAU,EAAE,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;KACxE,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,oBAAoB,CAAC,OAAwB;IASpD,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;QAC1B,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,MAAM,EAAE,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,IAAI,EAAE,GAAG,OAAO,CAAC;IACzD,MAAM,UAAU,GAA2B,EAAE,CAAC;IAC9C,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;QAChD,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;YAC1C,UAAU,CAAC,GAAG,CAAC,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;QAC9E,CAAC;IACH,CAAC;IACD,OAAO;QACL,EAAE;QACF,SAAS;QACT,MAAM;QACN,IAAI;QACJ,UAAU,EAAE,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;KACxE,CAAC;AACJ,CAAC;AAED;;;GAGG;AAEI,IAAM,qBAAqB,6BAA3B,MAAM,qBAAqB;IAMb;IALF,MAAM,GAAG,IAAI,eAAM,CAAC,uBAAqB,CAAC,IAAI,CAAC,CAAC;IACzD,kBAAkB,CAA0B;IAEpD,YAEmB,MAAkB;QAAlB,WAAM,GAAN,MAAM,CAAY;IAClC,CAAC;IAEJ,YAAY;QACV,IAAI,CAAC,kBAAkB;YACrB,IAAI,CAAC,MAAM,CAAC,UAAU,CAAyB,oCAAwB,CAAC,CAAC;QAC3E,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,qCAAqC,CAAC,CAAC;IACzD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,eAAe,CACnB,MAAc,EACd,cAAsB,EACtB,OAGC;QAED,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAA,qBAAc,EACnC,IAAI,CAAC,kBAAkB,CAAC,eAAe,CAAC;gBACtC,MAAM;gBACN,cAAc;gBACd,eAAe,EAAE,qBAAqB,CAAC,OAAO,EAAE,QAAQ,CAAC;gBACzD,cAAc,EAAE,oBAAoB,CAAC,OAAO,EAAE,OAAO,CAAC;aACvD,CAAC,CACH,CAAC;YACF,OAAO,kBAAkB,CAAC,QAAQ,CAAC,CAAC;QACtC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,wCAAwC,MAAM,EAAE,EAAE,KAAK,CAAC,CAAC;YAC3E,MAAM,IAAI,oCAA2B,CAAC,iCAAiC,CAAC,CAAC;QAC3E,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,oBAAoB,CACxB,MAAc,EACd,eAAyB,EACzB,OAGC;QAED,IAAI,CAAC;YACH,MAAM,QAAQ,GAAiC,MAAM,IAAA,qBAAc,EACjE,IAAI,CAAC,kBAAkB,CAAC,oBAAoB,CAAC;gBAC3C,MAAM;gBACN,eAAe;gBACf,eAAe,EAAE,qBAAqB,CAAC,OAAO,EAAE,QAAQ,CAAC;gBACzD,cAAc,EAAE,oBAAoB,CAAC,OAAO,EAAE,OAAO,CAAC;aACvD,CAAC,CACH,CAAC;YACF,MAAM,OAAO,GAAqC,EAAE,CAAC;YACrD,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC5D,OAAO,CAAC,GAAG,CAAC,GAAG,kBAAkB,CAAC,KAAK,CAAC,CAAC;YAC3C,CAAC;YACD,OAAO;gBACL,OAAO;gBACP,WAAW,EAAE,QAAQ,CAAC,WAAW;aAClC,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,6CAA6C,MAAM,EAAE,EAAE,KAAK,CAAC,CAAC;YAChF,MAAM,IAAI,oCAA2B,CAAC,iCAAiC,CAAC,CAAC;QAC3E,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,uBAAuB,CAAC,MAAc;QAC1C,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAA,qBAAc,EACnC,IAAI,CAAC,kBAAkB,CAAC,uBAAuB,CAAC,EAAE,MAAM,EAAE,CAAC,CAC5D,CAAC;YACF,OAAO;gBACL,WAAW,EAAE,QAAQ,CAAC,WAAW;gBACjC,KAAK,EAAE,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;oBAChC,EAAE,EAAE,CAAC,CAAC,EAAE;oBACR,IAAI,EAAE,CAAC,CAAC,IAAI;oBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;oBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;iBACrB,CAAC,CAAC;gBACH,OAAO,EAAE,QAAQ,CAAC,OAAO;gBACzB,UAAU,EAAE,IAAI,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC;aAC1C,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,gDAAgD,MAAM,EAAE,EAAE,KAAK,CAAC,CAAC;YACnF,MAAM,IAAI,oCAA2B,CAAC,iCAAiC,CAAC,CAAC;QAC3E,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,aAAa,CAAC,MAAc,EAAE,cAAsB;QACxD,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAA,qBAAc,EACnC,IAAI,CAAC,kBAAkB,CAAC,aAAa,CAAC,EAAE,MAAM,EAAE,cAAc,EAAE,CAAC,CAClE,CAAC;YACF,OAAO,QAAQ,CAAC,aAAa,CAAC;QAChC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,sCAAsC,MAAM,EAAE,EAAE,KAAK,CAAC,CAAC;YACzE,MAAM,IAAI,oCAA2B,CAAC,iCAAiC,CAAC,CAAC;QAC3E,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,iBAAiB,CAAC,MAAc,EAAE,eAAyB;QAC/D,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAA,qBAAc,EACnC,IAAI,CAAC,kBAAkB,CAAC,iBAAiB,CAAC,EAAE,MAAM,EAAE,eAAe,EAAE,CAAC,CACvE,CAAC;YACF,OAAO,QAAQ,CAAC,aAAa,CAAC;QAChC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,0CAA0C,MAAM,EAAE,EAAE,KAAK,CAAC,CAAC;YAC7E,MAAM,IAAI,oCAA2B,CAAC,iCAAiC,CAAC,CAAC;QAC3E,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,gBAAgB,CAAC,MAAc,EAAE,eAAyB;QAC9D,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAA,qBAAc,EACnC,IAAI,CAAC,kBAAkB,CAAC,gBAAgB,CAAC,EAAE,MAAM,EAAE,eAAe,EAAE,CAAC,CACtE,CAAC;YACF,OAAO,QAAQ,CAAC,aAAa,CAAC;QAChC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,yCAAyC,MAAM,EAAE,EAAE,KAAK,CAAC,CAAC;YAC5E,MAAM,IAAI,oCAA2B,CAAC,iCAAiC,CAAC,CAAC;QAC3E,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,aAAa,CAAC,KAAa;QAC/B,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAA,qBAAc,EAAC,IAAI,CAAC,kBAAkB,CAAC,aAAa,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;YAExF,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC;gBACpB,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,SAAS,EAAE,QAAQ,CAAC,SAAS;oBAC7B,YAAY,EAAE,QAAQ,CAAC,YAAY;iBACpC,CAAC;YACJ,CAAC;YAED,OAAO;gBACL,KAAK,EAAE,IAAI;gBACX,IAAI,EAAE,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,IAAI,CAAC;aAC3C,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,SAAS,GAAG,KAA8D,CAAC;YACjF,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,qCAAqC,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,cAAc,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,EAAE,CAC5I,CAAC;YACF,MAAM,IAAI,oCAA2B,CAAC,oCAAoC,CAAC,CAAC;QAC9E,CAAC;IACH,CAAC;IAED;;OAEG;IACK,gBAAgB,CAAC,QAAuB;QAC9C,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;YAC3B,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,OAAO;YACL,EAAE,EAAE,QAAQ,CAAC,EAAE;YACf,KAAK,EAAE,QAAQ,CAAC,KAAK,KAAK,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI;YACpD,KAAK,EAAE,QAAQ,CAAC,KAAK,KAAK,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI;YACpD,QAAQ,EAAE,QAAQ,CAAC,QAAQ;YAC3B,MAAM,EAAE,QAAQ,CAAC,MAAM;YACvB,iBAAiB,EAAE,QAAQ,CAAC,iBAAiB;YAC7C,KAAK,EAAE,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;gBACnC,EAAE,EAAE,IAAI,CAAC,EAAE;gBACX,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;aACxB,CAAC,CAAC;YACH,WAAW,EAAE,QAAQ,CAAC,WAAW;YACjC,YAAY,EAAE,QAAQ,CAAC,YAAY;SACpC,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,WAAW,CAAC,MAAc;QAC9B,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAA,qBAAc,EAAC,IAAI,CAAC,kBAAkB,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC;YAEvF,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC;gBACpB,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,YAAY,EAAE,QAAQ,CAAC,YAAY;iBACpC,CAAC;YACJ,CAAC;YAED,OAAO;gBACL,KAAK,EAAE,IAAI;gBACX,IAAI,EAAE,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,IAAI,CAAC;aAC3C,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,SAAS,GAAG,KAA8D,CAAC;YACjF,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,mCAAmC,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,cAAc,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,EAAE,CAC1I,CAAC;YACF,MAAM,IAAI,oCAA2B,CAAC,0BAA0B,CAAC,CAAC;QACpE,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY,CAAC,MAAc;QAC/B,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAA,qBAAc,EAAC,IAAI,CAAC,kBAAkB,CAAC,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC;YAExF,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC;gBACpB,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,YAAY,EAAE,QAAQ,CAAC,YAAY;oBACnC,KAAK,EAAE,EAAE;iBACV,CAAC;YACJ,CAAC;YAED,MAAM,KAAK,GAAe,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;gBACtD,EAAE,EAAE,IAAI,CAAC,EAAE;gBACX,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;aACxB,CAAC,CAAC,CAAC;YAEJ,OAAO;gBACL,KAAK,EAAE,IAAI;gBACX,KAAK;aACN,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,SAAS,GAAG,KAA8D,CAAC;YACjF,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,oCAAoC,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,cAAc,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,EAAE,CAC3I,CAAC;YACF,MAAM,IAAI,oCAA2B,CAAC,0BAA0B,CAAC,CAAC;QACpE,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,kBAAkB,CAAC,MAAc;QACrC,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAA,qBAAc,EAAC,IAAI,CAAC,kBAAkB,CAAC,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC;YAE9F,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC;gBACpB,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,YAAY,EAAE,QAAQ,CAAC,YAAY;oBACnC,WAAW,EAAE,EAAE;oBACf,YAAY,EAAE,KAAK;iBACpB,CAAC;YACJ,CAAC;YAED,OAAO;gBACL,KAAK,EAAE,IAAI;gBACX,WAAW,EAAE,QAAQ,CAAC,WAAW;gBACjC,YAAY,EAAE,QAAQ,CAAC,YAAY;aACpC,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,SAAS,GAAG,KAA8D,CAAC;YACjF,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,0CAA0C,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,cAAc,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,cAAc,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,EAAE,CACjJ,CAAC;YACF,MAAM,IAAI,oCAA2B,CAAC,0BAA0B,CAAC,CAAC;QACpE,CAAC;IACH,CAAC;CACF,CAAA;AArSY,sDAAqB;gCAArB,qBAAqB;IADjC,IAAA,mBAAU,GAAE;IAMR,WAAA,IAAA,eAAM,EAAC,mCAAuB,CAAC,CAAA;;GALvB,qBAAqB,CAqSjC"}
|
|
@@ -4,6 +4,7 @@ package permissions;
|
|
|
4
4
|
|
|
5
5
|
/**
|
|
6
6
|
* Permissions Service
|
|
7
|
+
* Version: 1.1.0 (Added MFA fields to UserData)
|
|
7
8
|
* Provides gRPC endpoints for permission evaluation in a microservice architecture.
|
|
8
9
|
* Supports RBAC (Role-Based Access Control) and ABAC (Attribute-Based Access Control).
|
|
9
10
|
*/
|
|
@@ -43,6 +44,22 @@ service PermissionsService {
|
|
|
43
44
|
* Used by consuming services to authenticate requests via gRPC
|
|
44
45
|
*/
|
|
45
46
|
rpc ValidateToken(ValidateTokenRequest) returns (ValidateTokenResponse);
|
|
47
|
+
|
|
48
|
+
/**
|
|
49
|
+
* Get complete user profile including roles and permissions by userId
|
|
50
|
+
* Does not require token validation - for internal service-to-service calls
|
|
51
|
+
*/
|
|
52
|
+
rpc GetUserInfo(GetUserInfoRequest) returns (GetUserInfoResponse);
|
|
53
|
+
|
|
54
|
+
/**
|
|
55
|
+
* Get user's roles only by userId
|
|
56
|
+
*/
|
|
57
|
+
rpc GetUserRoles(GetUserRolesRequest) returns (GetUserRolesResponse);
|
|
58
|
+
|
|
59
|
+
/**
|
|
60
|
+
* Get user's permission codes only by userId
|
|
61
|
+
*/
|
|
62
|
+
rpc GetUserPermissions(GetUserPermissionsRequest) returns (GetUserPermissionsResponse);
|
|
46
63
|
}
|
|
47
64
|
|
|
48
65
|
// ============================================================================
|
|
@@ -184,6 +201,8 @@ message UserData {
|
|
|
184
201
|
repeated UserRoleInfo roles = 7;
|
|
185
202
|
repeated string permissions = 8;
|
|
186
203
|
bool has_all_access = 9;
|
|
204
|
+
bool mfa_enabled = 10;
|
|
205
|
+
bool mfa_verified = 11;
|
|
187
206
|
}
|
|
188
207
|
|
|
189
208
|
/**
|
|
@@ -195,3 +214,38 @@ message UserRoleInfo {
|
|
|
195
214
|
string name = 3;
|
|
196
215
|
bool is_system = 4;
|
|
197
216
|
}
|
|
217
|
+
|
|
218
|
+
// ============================================================================
|
|
219
|
+
// User Data Lookup Messages (by userId, no token required)
|
|
220
|
+
// ============================================================================
|
|
221
|
+
|
|
222
|
+
message GetUserInfoRequest {
|
|
223
|
+
string user_id = 1;
|
|
224
|
+
}
|
|
225
|
+
|
|
226
|
+
message GetUserInfoResponse {
|
|
227
|
+
bool found = 1;
|
|
228
|
+
string error_message = 2; // "USER_NOT_FOUND", "USER_INACTIVE", "INTERNAL_ERROR"
|
|
229
|
+
UserData user = 3; // Only populated if found=true
|
|
230
|
+
}
|
|
231
|
+
|
|
232
|
+
message GetUserRolesRequest {
|
|
233
|
+
string user_id = 1;
|
|
234
|
+
}
|
|
235
|
+
|
|
236
|
+
message GetUserRolesResponse {
|
|
237
|
+
bool found = 1;
|
|
238
|
+
string error_message = 2;
|
|
239
|
+
repeated UserRoleInfo roles = 3;
|
|
240
|
+
}
|
|
241
|
+
|
|
242
|
+
message GetUserPermissionsRequest {
|
|
243
|
+
string user_id = 1;
|
|
244
|
+
}
|
|
245
|
+
|
|
246
|
+
message GetUserPermissionsResponse {
|
|
247
|
+
bool found = 1;
|
|
248
|
+
string error_message = 2;
|
|
249
|
+
repeated string permissions = 3;
|
|
250
|
+
bool has_all_access = 4;
|
|
251
|
+
}
|
|
@@ -108,6 +108,31 @@ export interface ValidateTokenResponse {
|
|
|
108
108
|
errorMessage: string;
|
|
109
109
|
user?: GrpcUserData;
|
|
110
110
|
}
|
|
111
|
+
export interface GetUserInfoRequest {
|
|
112
|
+
userId: string;
|
|
113
|
+
}
|
|
114
|
+
export interface GetUserInfoResponse {
|
|
115
|
+
found: boolean;
|
|
116
|
+
errorMessage: string;
|
|
117
|
+
user?: GrpcUserData;
|
|
118
|
+
}
|
|
119
|
+
export interface GetUserRolesRequest {
|
|
120
|
+
userId: string;
|
|
121
|
+
}
|
|
122
|
+
export interface GetUserRolesResponse {
|
|
123
|
+
found: boolean;
|
|
124
|
+
errorMessage: string;
|
|
125
|
+
roles: GrpcUserRoleInfo[];
|
|
126
|
+
}
|
|
127
|
+
export interface GetUserPermissionsRequest {
|
|
128
|
+
userId: string;
|
|
129
|
+
}
|
|
130
|
+
export interface GetUserPermissionsResponse {
|
|
131
|
+
found: boolean;
|
|
132
|
+
errorMessage: string;
|
|
133
|
+
permissions: string[];
|
|
134
|
+
hasAllAccess: boolean;
|
|
135
|
+
}
|
|
111
136
|
/**
|
|
112
137
|
* gRPC Permissions Service client interface
|
|
113
138
|
* This interface is used by NestJS microservices to define the client methods
|
|
@@ -120,5 +145,8 @@ export interface PermissionsGrpcService {
|
|
|
120
145
|
hasAllPermissions: (request: HasMultiplePermissionsRequest) => Observable<HasPermissionResponse>;
|
|
121
146
|
hasAnyPermission: (request: HasMultiplePermissionsRequest) => Observable<HasPermissionResponse>;
|
|
122
147
|
validateToken: (request: ValidateTokenRequest) => Observable<ValidateTokenResponse>;
|
|
148
|
+
getUserInfo: (request: GetUserInfoRequest) => Observable<GetUserInfoResponse>;
|
|
149
|
+
getUserRoles: (request: GetUserRolesRequest) => Observable<GetUserRolesResponse>;
|
|
150
|
+
getUserPermissions: (request: GetUserPermissionsRequest) => Observable<GetUserPermissionsResponse>;
|
|
123
151
|
}
|
|
124
152
|
//# sourceMappingURL=grpc.types.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"grpc.types.d.ts","sourceRoot":"","sources":["../../src/types/grpc.types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,MAAM,CAAC;AAEvC;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACrC;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACrC;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,OAAO,CAAC;CACnB;AAED;;GAEG;AACH,oBAAY,oBAAoB;IAC9B,6BAA6B,IAAI;IACjC,sBAAsB,IAAI;IAC1B,sBAAsB,IAAI;IAC1B,6BAA6B,IAAI;IACjC,wBAAwB,IAAI;CAC7B;AAMD,MAAM,WAAW,sBAAsB;IACrC,MAAM,EAAE,MAAM,CAAC;IACf,cAAc,EAAE,MAAM,CAAC;IACvB,eAAe,CAAC,EAAE,mBAAmB,CAAC;IACtC,cAAc,CAAC,EAAE,kBAAkB,CAAC;CACrC;AAED,MAAM,WAAW,2BAA2B;IAC1C,MAAM,EAAE,MAAM,CAAC;IACf,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,eAAe,CAAC,EAAE,mBAAmB,CAAC;IACtC,cAAc,CAAC,EAAE,kBAAkB,CAAC;CACrC;AAED,MAAM,WAAW,8BAA8B;IAC7C,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,oBAAoB;IACnC,MAAM,EAAE,MAAM,CAAC;IACf,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,6BAA6B;IAC5C,MAAM,EAAE,MAAM,CAAC;IACf,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAMD,MAAM,WAAW,uBAAuB;IACtC,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,oBAAoB,CAAC;IAC7B,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,MAAM,EAAE,MAAM,CAAC;IACf,gBAAgB,EAAE,MAAM,CAAC;CAC1B;AAED,MAAM,WAAW,4BAA4B;IAC3C,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,uBAAuB,CAAC,CAAC;IACjD,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,+BAA+B;IAC9C,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,KAAK,EAAE,YAAY,EAAE,CAAC;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,qBAAqB;IACpC,aAAa,EAAE,OAAO,CAAC;CACxB;AAMD,MAAM,WAAW,oBAAoB;IACnC,KAAK,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,OAAO,CAAC;CACnB;AAED,MAAM,WAAW,YAAY;IAC3B,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,iBAAiB,EAAE,OAAO,CAAC;IAC3B,KAAK,EAAE,gBAAgB,EAAE,CAAC;IAC1B,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,YAAY,EAAE,OAAO,CAAC;CACvB;AAED,MAAM,WAAW,qBAAqB;IACpC,KAAK,EAAE,OAAO,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,IAAI,CAAC,EAAE,YAAY,CAAC;CACrB;AAMD;;;GAGG;AACH,MAAM,WAAW,sBAAsB;IACrC,eAAe,EAAE,CAAC,OAAO,EAAE,sBAAsB,KAAK,UAAU,CAAC,uBAAuB,CAAC,CAAC;IAC1F,oBAAoB,EAAE,CACpB,OAAO,EAAE,2BAA2B,KACjC,UAAU,CAAC,4BAA4B,CAAC,CAAC;IAC9C,uBAAuB,EAAE,CACvB,OAAO,EAAE,8BAA8B,KACpC,UAAU,CAAC,+BAA+B,CAAC,CAAC;IACjD,aAAa,EAAE,CAAC,OAAO,EAAE,oBAAoB,KAAK,UAAU,CAAC,qBAAqB,CAAC,CAAC;IACpF,iBAAiB,EAAE,CAAC,OAAO,EAAE,6BAA6B,KAAK,UAAU,CAAC,qBAAqB,CAAC,CAAC;IACjG,gBAAgB,EAAE,CAAC,OAAO,EAAE,6BAA6B,KAAK,UAAU,CAAC,qBAAqB,CAAC,CAAC;IAChG,aAAa,EAAE,CAAC,OAAO,EAAE,oBAAoB,KAAK,UAAU,CAAC,qBAAqB,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"grpc.types.d.ts","sourceRoot":"","sources":["../../src/types/grpc.types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,MAAM,CAAC;AAEvC;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACrC;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACrC;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,OAAO,CAAC;CACnB;AAED;;GAEG;AACH,oBAAY,oBAAoB;IAC9B,6BAA6B,IAAI;IACjC,sBAAsB,IAAI;IAC1B,sBAAsB,IAAI;IAC1B,6BAA6B,IAAI;IACjC,wBAAwB,IAAI;CAC7B;AAMD,MAAM,WAAW,sBAAsB;IACrC,MAAM,EAAE,MAAM,CAAC;IACf,cAAc,EAAE,MAAM,CAAC;IACvB,eAAe,CAAC,EAAE,mBAAmB,CAAC;IACtC,cAAc,CAAC,EAAE,kBAAkB,CAAC;CACrC;AAED,MAAM,WAAW,2BAA2B;IAC1C,MAAM,EAAE,MAAM,CAAC;IACf,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,eAAe,CAAC,EAAE,mBAAmB,CAAC;IACtC,cAAc,CAAC,EAAE,kBAAkB,CAAC;CACrC;AAED,MAAM,WAAW,8BAA8B;IAC7C,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,oBAAoB;IACnC,MAAM,EAAE,MAAM,CAAC;IACf,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,6BAA6B;IAC5C,MAAM,EAAE,MAAM,CAAC;IACf,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAMD,MAAM,WAAW,uBAAuB;IACtC,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,oBAAoB,CAAC;IAC7B,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,MAAM,EAAE,MAAM,CAAC;IACf,gBAAgB,EAAE,MAAM,CAAC;CAC1B;AAED,MAAM,WAAW,4BAA4B;IAC3C,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,uBAAuB,CAAC,CAAC;IACjD,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,+BAA+B;IAC9C,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,KAAK,EAAE,YAAY,EAAE,CAAC;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,qBAAqB;IACpC,aAAa,EAAE,OAAO,CAAC;CACxB;AAMD,MAAM,WAAW,oBAAoB;IACnC,KAAK,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,OAAO,CAAC;CACnB;AAED,MAAM,WAAW,YAAY;IAC3B,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,iBAAiB,EAAE,OAAO,CAAC;IAC3B,KAAK,EAAE,gBAAgB,EAAE,CAAC;IAC1B,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,YAAY,EAAE,OAAO,CAAC;CACvB;AAED,MAAM,WAAW,qBAAqB;IACpC,KAAK,EAAE,OAAO,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,IAAI,CAAC,EAAE,YAAY,CAAC;CACrB;AAMD,MAAM,WAAW,kBAAkB;IACjC,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,mBAAmB;IAClC,KAAK,EAAE,OAAO,CAAC;IACf,YAAY,EAAE,MAAM,CAAC;IACrB,IAAI,CAAC,EAAE,YAAY,CAAC;CACrB;AAED,MAAM,WAAW,mBAAmB;IAClC,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,oBAAoB;IACnC,KAAK,EAAE,OAAO,CAAC;IACf,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,gBAAgB,EAAE,CAAC;CAC3B;AAED,MAAM,WAAW,yBAAyB;IACxC,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,0BAA0B;IACzC,KAAK,EAAE,OAAO,CAAC;IACf,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,YAAY,EAAE,OAAO,CAAC;CACvB;AAMD;;;GAGG;AACH,MAAM,WAAW,sBAAsB;IACrC,eAAe,EAAE,CAAC,OAAO,EAAE,sBAAsB,KAAK,UAAU,CAAC,uBAAuB,CAAC,CAAC;IAC1F,oBAAoB,EAAE,CACpB,OAAO,EAAE,2BAA2B,KACjC,UAAU,CAAC,4BAA4B,CAAC,CAAC;IAC9C,uBAAuB,EAAE,CACvB,OAAO,EAAE,8BAA8B,KACpC,UAAU,CAAC,+BAA+B,CAAC,CAAC;IACjD,aAAa,EAAE,CAAC,OAAO,EAAE,oBAAoB,KAAK,UAAU,CAAC,qBAAqB,CAAC,CAAC;IACpF,iBAAiB,EAAE,CAAC,OAAO,EAAE,6BAA6B,KAAK,UAAU,CAAC,qBAAqB,CAAC,CAAC;IACjG,gBAAgB,EAAE,CAAC,OAAO,EAAE,6BAA6B,KAAK,UAAU,CAAC,qBAAqB,CAAC,CAAC;IAChG,aAAa,EAAE,CAAC,OAAO,EAAE,oBAAoB,KAAK,UAAU,CAAC,qBAAqB,CAAC,CAAC;IACpF,WAAW,EAAE,CAAC,OAAO,EAAE,kBAAkB,KAAK,UAAU,CAAC,mBAAmB,CAAC,CAAC;IAC9E,YAAY,EAAE,CAAC,OAAO,EAAE,mBAAmB,KAAK,UAAU,CAAC,oBAAoB,CAAC,CAAC;IACjF,kBAAkB,EAAE,CAClB,OAAO,EAAE,yBAAyB,KAC/B,UAAU,CAAC,0BAA0B,CAAC,CAAC;CAC7C"}
|
|
@@ -23,4 +23,29 @@ export interface ValidateTokenResult {
|
|
|
23
23
|
readonly errorMessage?: string;
|
|
24
24
|
readonly user?: JwtUserData;
|
|
25
25
|
}
|
|
26
|
+
/**
|
|
27
|
+
* Result of GetUserInfo from gRPC
|
|
28
|
+
*/
|
|
29
|
+
export interface GetUserInfoResult {
|
|
30
|
+
readonly found: boolean;
|
|
31
|
+
readonly errorMessage?: string;
|
|
32
|
+
readonly user?: JwtUserData;
|
|
33
|
+
}
|
|
34
|
+
/**
|
|
35
|
+
* Result of GetUserRoles from gRPC
|
|
36
|
+
*/
|
|
37
|
+
export interface GetUserRolesResult {
|
|
38
|
+
readonly found: boolean;
|
|
39
|
+
readonly errorMessage?: string;
|
|
40
|
+
readonly roles: readonly RoleInfo[];
|
|
41
|
+
}
|
|
42
|
+
/**
|
|
43
|
+
* Result of GetUserPermissions from gRPC
|
|
44
|
+
*/
|
|
45
|
+
export interface GetUserPermissionsResult {
|
|
46
|
+
readonly found: boolean;
|
|
47
|
+
readonly errorMessage?: string;
|
|
48
|
+
readonly permissions: readonly string[];
|
|
49
|
+
readonly hasAllAccess: boolean;
|
|
50
|
+
}
|
|
26
51
|
//# sourceMappingURL=jwt.types.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt.types.d.ts","sourceRoot":"","sources":["../../src/types/jwt.types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAEnD;;;GAGG;AACH,MAAM,WAAW,WAAW;IAC1B,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IAC9B,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IAC9B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,iBAAiB,EAAE,OAAO,CAAC;IACpC,QAAQ,CAAC,KAAK,EAAE,SAAS,QAAQ,EAAE,CAAC;IACpC,QAAQ,CAAC,WAAW,EAAE,SAAS,MAAM,EAAE,CAAC;IACxC,QAAQ,CAAC,YAAY,EAAE,OAAO,CAAC;CAChC;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC;IACxB,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,IAAI,CAAC,EAAE,WAAW,CAAC;CAC7B"}
|
|
1
|
+
{"version":3,"file":"jwt.types.d.ts","sourceRoot":"","sources":["../../src/types/jwt.types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAEnD;;;GAGG;AACH,MAAM,WAAW,WAAW;IAC1B,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IAC9B,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IAC9B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,iBAAiB,EAAE,OAAO,CAAC;IACpC,QAAQ,CAAC,KAAK,EAAE,SAAS,QAAQ,EAAE,CAAC;IACpC,QAAQ,CAAC,WAAW,EAAE,SAAS,MAAM,EAAE,CAAC;IACxC,QAAQ,CAAC,YAAY,EAAE,OAAO,CAAC;CAChC;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC;IACxB,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,IAAI,CAAC,EAAE,WAAW,CAAC;CAC7B;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC;IACxB,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,IAAI,CAAC,EAAE,WAAW,CAAC;CAC7B;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC;IACxB,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,KAAK,EAAE,SAAS,QAAQ,EAAE,CAAC;CACrC;AAED;;GAEG;AACH,MAAM,WAAW,wBAAwB;IACvC,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC;IACxB,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,WAAW,EAAE,SAAS,MAAM,EAAE,CAAC;IACxC,QAAQ,CAAC,YAAY,EAAE,OAAO,CAAC;CAChC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@ahksolution/permissions-sdk",
|
|
3
|
-
"version": "1.1
|
|
3
|
+
"version": "1.2.1",
|
|
4
4
|
"description": "gRPC client SDK for AHK Solution Permissions Microservice - provides NestJS guard, decorators, and client for inter-service permission checks",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
@@ -4,6 +4,7 @@ package permissions;
|
|
|
4
4
|
|
|
5
5
|
/**
|
|
6
6
|
* Permissions Service
|
|
7
|
+
* Version: 1.1.0 (Added MFA fields to UserData)
|
|
7
8
|
* Provides gRPC endpoints for permission evaluation in a microservice architecture.
|
|
8
9
|
* Supports RBAC (Role-Based Access Control) and ABAC (Attribute-Based Access Control).
|
|
9
10
|
*/
|
|
@@ -43,6 +44,22 @@ service PermissionsService {
|
|
|
43
44
|
* Used by consuming services to authenticate requests via gRPC
|
|
44
45
|
*/
|
|
45
46
|
rpc ValidateToken(ValidateTokenRequest) returns (ValidateTokenResponse);
|
|
47
|
+
|
|
48
|
+
/**
|
|
49
|
+
* Get complete user profile including roles and permissions by userId
|
|
50
|
+
* Does not require token validation - for internal service-to-service calls
|
|
51
|
+
*/
|
|
52
|
+
rpc GetUserInfo(GetUserInfoRequest) returns (GetUserInfoResponse);
|
|
53
|
+
|
|
54
|
+
/**
|
|
55
|
+
* Get user's roles only by userId
|
|
56
|
+
*/
|
|
57
|
+
rpc GetUserRoles(GetUserRolesRequest) returns (GetUserRolesResponse);
|
|
58
|
+
|
|
59
|
+
/**
|
|
60
|
+
* Get user's permission codes only by userId
|
|
61
|
+
*/
|
|
62
|
+
rpc GetUserPermissions(GetUserPermissionsRequest) returns (GetUserPermissionsResponse);
|
|
46
63
|
}
|
|
47
64
|
|
|
48
65
|
// ============================================================================
|
|
@@ -184,6 +201,8 @@ message UserData {
|
|
|
184
201
|
repeated UserRoleInfo roles = 7;
|
|
185
202
|
repeated string permissions = 8;
|
|
186
203
|
bool has_all_access = 9;
|
|
204
|
+
bool mfa_enabled = 10;
|
|
205
|
+
bool mfa_verified = 11;
|
|
187
206
|
}
|
|
188
207
|
|
|
189
208
|
/**
|
|
@@ -195,3 +214,38 @@ message UserRoleInfo {
|
|
|
195
214
|
string name = 3;
|
|
196
215
|
bool is_system = 4;
|
|
197
216
|
}
|
|
217
|
+
|
|
218
|
+
// ============================================================================
|
|
219
|
+
// User Data Lookup Messages (by userId, no token required)
|
|
220
|
+
// ============================================================================
|
|
221
|
+
|
|
222
|
+
message GetUserInfoRequest {
|
|
223
|
+
string user_id = 1;
|
|
224
|
+
}
|
|
225
|
+
|
|
226
|
+
message GetUserInfoResponse {
|
|
227
|
+
bool found = 1;
|
|
228
|
+
string error_message = 2; // "USER_NOT_FOUND", "USER_INACTIVE", "INTERNAL_ERROR"
|
|
229
|
+
UserData user = 3; // Only populated if found=true
|
|
230
|
+
}
|
|
231
|
+
|
|
232
|
+
message GetUserRolesRequest {
|
|
233
|
+
string user_id = 1;
|
|
234
|
+
}
|
|
235
|
+
|
|
236
|
+
message GetUserRolesResponse {
|
|
237
|
+
bool found = 1;
|
|
238
|
+
string error_message = 2;
|
|
239
|
+
repeated UserRoleInfo roles = 3;
|
|
240
|
+
}
|
|
241
|
+
|
|
242
|
+
message GetUserPermissionsRequest {
|
|
243
|
+
string user_id = 1;
|
|
244
|
+
}
|
|
245
|
+
|
|
246
|
+
message GetUserPermissionsResponse {
|
|
247
|
+
bool found = 1;
|
|
248
|
+
string error_message = 2;
|
|
249
|
+
repeated string permissions = 3;
|
|
250
|
+
bool has_all_access = 4;
|
|
251
|
+
}
|