@archbase/security 3.0.0 → 3.0.3

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 Edson Martins
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,51 @@
+# @archbase/security
+
+Security and authentication components for Archbase React.
+
+## Installation
+
+```bash
+npm install @archbase/security
+# or
+pnpm add @archbase/security
+# or
+yarn add @archbase/security
+```
+
+## Features
+
+- **Authentication**: JWT-based authentication
+- **Authorization**: Role-based access control
+- **Crypto Utilities**: Crypto-js wrapper utilities
+- **Session Management**: Session handling and persistence
+- **Security Context**: Global security state management
+
+## Dependencies
+
+```json
+{
+  "@mantine/core": "8.3.12",
+  "@mantine/hooks": "8.3.12",
+  "@tabler/icons-react": "^3.27.0",
+  "react": ">=18.0.0",
+  "react-dom": ">=18.0.0"
+}
+```
+
+## Usage
+
+```typescript
+import { 
+  useAuth,
+  SecurityProvider,
+  ProtectedRoute 
+} from '@archbase/security';
+```
+
+## License
+
+MIT © Edson Martins
+
+## Documentation
+
+For full documentation, visit [https://react.archbase.dev](https://react.archbase.dev)

package/dist/index.d.ts

@@ -0,0 +1,2 @@
+export * from './src/index'
+export {}

package/dist/src/ArchbaseAccessToken.d.ts

@@ -0,0 +1 @@
+export type { ArchbaseAccessToken } from '@archbase/core';

package/dist/src/ArchbaseAccessTokenService.d.ts

@@ -0,0 +1,11 @@
+import { ArchbaseEntityTransformer, ArchbaseRemoteApiClient, ArchbaseRemoteApiService } from '@archbase/data';
+import { AccessTokenDto } from './SecurityDomain';
+export declare class ArchbaseAccessTokenService extends ArchbaseRemoteApiService<AccessTokenDto, string> implements ArchbaseEntityTransformer<AccessTokenDto> {
+    constructor(client: ArchbaseRemoteApiClient);
+    protected configureHeaders(): Record<string, string>;
+    transform(entity: AccessTokenDto): AccessTokenDto;
+    protected getEndpoint(): string;
+    getId(entity: AccessTokenDto): string;
+    isNewRecord(entity: AccessTokenDto): boolean;
+    revoke(token: string): Promise<undefined>;
+}

package/dist/src/ArchbaseApiTokenService.d.ts

@@ -0,0 +1,12 @@
+import { ArchbaseEntityTransformer, ArchbaseRemoteApiClient, ArchbaseRemoteApiService } from '@archbase/data';
+import { ApiTokenDto } from './SecurityDomain';
+export declare class ArchbaseApiTokenService extends ArchbaseRemoteApiService<ApiTokenDto, string> implements ArchbaseEntityTransformer<ApiTokenDto> {
+    constructor(client: ArchbaseRemoteApiClient);
+    protected configureHeaders(): Record<string, string>;
+    transform(entity: ApiTokenDto): ApiTokenDto;
+    protected getEndpoint(): string;
+    getId(entity: ApiTokenDto): string;
+    isNewRecord(entity: ApiTokenDto): boolean;
+    create(email: string, expirationDate: string, name: string, description: string): Promise<ApiTokenDto>;
+    revoke(token: string): Promise<undefined>;
+}

package/dist/src/ArchbaseAuthenticator.d.ts

@@ -0,0 +1,24 @@
+import { ArchbaseAccessToken } from './ArchbaseAccessToken';
+import { ContextualAuthenticationResponse, ContextualAuthenticationRequest, FlexibleLoginRequest, SocialLoginRequest, RegisterUserRequest, SupportedContextsResponse, ContextValidationResponse } from './types/ContextualAuthentication';
+export interface ArchbaseAuthenticator {
+    login(username: string, password: string): Promise<ArchbaseAccessToken>;
+    refreshToken(refresh_token: string): Promise<ArchbaseAccessToken>;
+    sendResetPasswordEmail(email: string): Promise<void>;
+    resetPassword(email: string, passwordResetToken: string, newPassword: string): Promise<void>;
+    /** Login contextual com suporte a enrichers específicos da aplicação */
+    loginWithContext?(request: ContextualAuthenticationRequest): Promise<ContextualAuthenticationResponse>;
+    /** Login flexível com email ou telefone */
+    loginFlexible?(request: FlexibleLoginRequest): Promise<ContextualAuthenticationResponse>;
+    /** Login via provedores sociais (Google, Facebook, Apple) */
+    loginSocial?(request: SocialLoginRequest): Promise<ContextualAuthenticationResponse>;
+    /** Registro de usuário com dados adicionais de negócio */
+    register?(request: RegisterUserRequest): Promise<{
+        email: string;
+        businessId?: string;
+        message: string;
+    }>;
+    /** Lista contextos suportados pela implementação */
+    getSupportedContexts?(): Promise<SupportedContextsResponse>;
+    /** Valida se um contexto específico é suportado */
+    validateContext?(context: string): Promise<ContextValidationResponse>;
+}

package/dist/src/ArchbaseGroupService.d.ts

@@ -0,0 +1,10 @@
+import { ArchbaseRemoteApiService, ArchbaseEntityTransformer, ArchbaseRemoteApiClient } from '@archbase/data';
+import { GroupDto } from './SecurityDomain';
+export declare class ArchbaseGroupService extends ArchbaseRemoteApiService<GroupDto, string> implements ArchbaseEntityTransformer<GroupDto> {
+    constructor(client: ArchbaseRemoteApiClient);
+    protected configureHeaders(): Record<string, string>;
+    transform(entity: GroupDto): GroupDto;
+    protected getEndpoint(): string;
+    getId(entity: GroupDto): string;
+    isNewRecord(entity: GroupDto): boolean;
+}

package/dist/src/ArchbaseLogin.d.ts

@@ -0,0 +1,30 @@
+import { ReactNode } from 'react';
+import { CardProps } from '@mantine/core';
+export interface MockUser {
+    email: string;
+    password: string;
+    type: string;
+}
+export interface ArchbaseLoginOptions {
+    customContentBefore?: React.ReactNode;
+    afterInputs?: React.ReactNode;
+    customContentAfter?: React.ReactNode;
+    cardProps?: CardProps;
+}
+export interface ArchbaseLoginProps {
+    onLogin: (username: string, password: string, rememberMe: boolean) => Promise<void>;
+    error?: string;
+    onClickForgotPassword?: () => void;
+    loginLabel?: string;
+    loginPlaceholder?: string;
+    afterInputs?: ReactNode;
+    showMockUsersSelector?: boolean;
+    mockUsers?: MockUser[];
+    mockUsersGroupMap?: Record<string, string>;
+    options?: ArchbaseLoginOptions;
+    onChangeUsername?: (username: string) => void;
+    disabledLogin?: boolean;
+    isCheckingUsername?: boolean;
+    showSignIn?: boolean;
+}
+export declare function ArchbaseLogin({ onLogin, error, onClickForgotPassword, loginLabel, loginPlaceholder, afterInputs, showMockUsersSelector, mockUsers, mockUsersGroupMap, options, onChangeUsername, disabledLogin, isCheckingUsername, showSignIn, }: ArchbaseLoginProps): import("react/jsx-runtime").JSX.Element;

package/dist/src/ArchbaseProfileService.d.ts

@@ -0,0 +1,10 @@
+import { ArchbaseRemoteApiService, ArchbaseEntityTransformer, ArchbaseRemoteApiClient } from '@archbase/data';
+import { ProfileDto } from './SecurityDomain';
+export declare class ArchbaseProfileService extends ArchbaseRemoteApiService<ProfileDto, string> implements ArchbaseEntityTransformer<ProfileDto> {
+    constructor(client: ArchbaseRemoteApiClient);
+    protected configureHeaders(): Record<string, string>;
+    transform(entity: ProfileDto): ProfileDto;
+    protected getEndpoint(): string;
+    getId(entity: ProfileDto): string;
+    isNewRecord(entity: ProfileDto): boolean;
+}

package/dist/src/ArchbaseResetPassword.d.ts

@@ -0,0 +1,14 @@
+import { CSSProperties } from '@mantine/core';
+export interface ArchbaseResetPasswordProps {
+    error?: string;
+    initialEmail?: string;
+    description?: string;
+    onSendResetPasswordEmail: (email: string) => Promise<void>;
+    onResetPassword: (email: string, passwordResetToken: string, newPassword: string) => Promise<void>;
+    onClickBackToLogin: () => void;
+    validatePassword?: () => string;
+    validateToken?: () => string;
+    /** Estilo do card */
+    style?: CSSProperties;
+}
+export declare function ArchbaseResetPassword({ error, onSendResetPasswordEmail, onResetPassword, onClickBackToLogin, validatePassword, validateToken, initialEmail, description, style }: ArchbaseResetPasswordProps): import("react/jsx-runtime").JSX.Element;

package/dist/src/ArchbaseResourceService.d.ts

@@ -0,0 +1,16 @@
+import { ArchbaseEntityTransformer, ArchbaseRemoteApiClient, ArchbaseRemoteApiService } from '@archbase/data';
+import { ResouceActionPermissionDto, ResoucePermissionsWithTypeDto, ResourceDto, ResourcePermissionsDto, ResourceRegisterDto } from './SecurityDomain';
+import { SecurityType } from './SecurityType';
+export declare class ArchbaseResourceService extends ArchbaseRemoteApiService<ResourceDto, string> implements ArchbaseEntityTransformer<ResourceDto> {
+    constructor(client: ArchbaseRemoteApiClient);
+    protected configureHeaders(): Record<string, string>;
+    transform(entity: ResourceDto): ResourceDto;
+    protected getEndpoint(): string;
+    getId(entity: ResourceDto): string;
+    isNewRecord(entity: ResourceDto): boolean;
+    getAllPermissionsAvailable(): Promise<ResoucePermissionsWithTypeDto[]>;
+    getPermissionsBySecurityId(securityId: string, type: SecurityType): Promise<ResoucePermissionsWithTypeDto[]>;
+    createPermission(securityId: string, actionId: string, type: SecurityType): Promise<ResouceActionPermissionDto>;
+    deletePermission(permissionId: string): Promise<void>;
+    registerResource(resourceRegister: ResourceRegisterDto): Promise<ResourcePermissionsDto>;
+}

package/dist/src/ArchbaseSecurityComponents.d.ts

@@ -0,0 +1,40 @@
+import { default as React, ReactNode } from 'react';
+export interface ArchbaseProtectedComponentProps {
+    children: ReactNode;
+    actionName?: string;
+    requiredPermissions?: string[];
+    requireAll?: boolean;
+    actionDescription?: string;
+    fallback?: ReactNode;
+    autoRegister?: boolean;
+}
+export declare const ArchbaseProtectedComponent: React.FC<ArchbaseProtectedComponentProps>;
+export interface ArchbaseSecureActionButtonProps {
+    actionName: string;
+    actionDescription: string;
+    children: ReactNode;
+    onClick?: () => void;
+    disabled?: boolean;
+    className?: string;
+    style?: React.CSSProperties;
+    variant?: 'primary' | 'secondary' | 'danger' | 'success' | 'warning';
+    size?: 'small' | 'medium' | 'large';
+    type?: 'button' | 'submit' | 'reset';
+}
+export declare const ArchbaseSecureActionButton: React.FC<ArchbaseSecureActionButtonProps>;
+export interface ArchbaseSecureFormFieldProps {
+    children: ReactNode;
+    actionName?: string;
+    actionDescription?: string;
+    showLabel?: boolean;
+    label?: string;
+    fallbackText?: string;
+    fallbackComponent?: ReactNode;
+}
+export declare const ArchbaseSecureFormField: React.FC<ArchbaseSecureFormFieldProps>;
+export declare function withArchbaseSecurity<P extends object>(WrappedComponent: React.ComponentType<P>, securityOptions: {
+    resourceName: string;
+    resourceDescription: string;
+    requiredPermissions?: string[];
+    fallbackComponent?: ReactNode;
+}): (props: P) => import("react/jsx-runtime").JSX.Element;

package/dist/src/ArchbaseSecurityContext.d.ts

@@ -0,0 +1,41 @@
+import { default as React, ReactNode } from 'react';
+import { ArchbaseSecurityManager } from './ArchbaseSecurityManager';
+import { UserDto } from './SecurityDomain';
+export interface ArchbaseSecurityContextType {
+    user: UserDto | null;
+    isLoading: boolean;
+    hasGlobalPermission: (actionName: string) => boolean;
+    hasAnyGlobalPermission: (actions: string[]) => boolean;
+    hasAllGlobalPermissions: (actions: string[]) => boolean;
+    isAdmin: boolean;
+    error: string | null;
+    setError: (error: string | null) => void;
+}
+declare const ArchbaseSecurityContext: React.Context<ArchbaseSecurityContextType>;
+export interface ArchbaseSecurityProviderProps {
+    children: ReactNode;
+    user: UserDto | null;
+    onError?: (error: string) => void;
+}
+export declare const ArchbaseSecurityProvider: React.FC<ArchbaseSecurityProviderProps>;
+export interface ArchbaseViewSecurityContextType {
+    securityManager: ArchbaseSecurityManager | null;
+    hasPermission: (actionName: string) => boolean;
+    hasAnyPermission: (actions: string[]) => boolean;
+    hasAllPermissions: (actions: string[]) => boolean;
+    registerAction: (actionName: string, actionDescription: string) => void;
+    isLoading: boolean;
+    error: string | null;
+}
+declare const ArchbaseViewSecurityContext: React.Context<ArchbaseViewSecurityContextType>;
+export interface ArchbaseViewSecurityProviderProps {
+    children: ReactNode;
+    resourceName: string;
+    resourceDescription: string;
+    requiredPermissions?: string[];
+    fallbackComponent?: ReactNode;
+    onSecurityReady?: (manager: ArchbaseSecurityManager) => void;
+    onError?: (error: string) => void;
+}
+export declare const ArchbaseViewSecurityProvider: React.FC<ArchbaseViewSecurityProviderProps>;
+export { ArchbaseSecurityContext, ArchbaseViewSecurityContext };

package/dist/src/ArchbaseSecurityHooks.d.ts

@@ -0,0 +1,24 @@
+import { ArchbaseSecurityContextType, ArchbaseViewSecurityContextType } from './ArchbaseSecurityContext';
+export declare const useArchbaseSecurity: () => ArchbaseSecurityContextType;
+export declare const useArchbaseViewSecurity: () => ArchbaseViewSecurityContextType;
+export interface UseArchbaseSecureFormReturn {
+    hasPermission: (actionName: string) => boolean;
+    hasAnyPermission: (actions: string[]) => boolean;
+    hasAllPermissions: (actions: string[]) => boolean;
+    registerAction: (actionName: string, actionDescription: string) => void;
+    securityManager: any;
+    canCreate: boolean;
+    canEdit: boolean;
+    canDelete: boolean;
+    canView: boolean;
+    canList: boolean;
+    isLoading: boolean;
+    error: string | null;
+}
+export declare const useArchbaseSecureForm: (resourceName?: string, resourceDescription?: string) => UseArchbaseSecureFormReturn;
+export declare const useArchbasePermissionCheck: () => {
+    check: (actionName: string) => boolean;
+    checkAny: (actions: string[]) => boolean;
+    checkAll: (actions: string[]) => boolean;
+    isAdmin: boolean;
+};

package/dist/src/ArchbaseSecurityManager.d.ts

@@ -0,0 +1,58 @@
+import { ArchbaseResourceService } from './ArchbaseResourceService';
+import { SimpleActionDto, SimpleResourceDto } from './SecurityDomain';
+export interface ISecurityManager {
+    registerAction(actionName: string, actionDescription: string): void;
+}
+export declare class ArchbaseSecurityManager implements ISecurityManager {
+    protected resourceService: ArchbaseResourceService;
+    protected resource: SimpleResourceDto;
+    protected actions: SimpleActionDto[];
+    protected permissions: string[];
+    protected alreadyApplied: boolean;
+    protected error: string;
+    protected isAdmin: boolean;
+    constructor(resourceName: string, resourceDescription: string, isAdmin: boolean);
+    registerAction(actionName: string, actionDescription: string): void;
+    apply(callback?: Function): Promise<void>;
+    hasPermission(actionName: string): boolean;
+    isError(): boolean;
+    getError(): string;
+    /**
+     * Retorna todas as permissões atuais
+     */
+    getPermissions(): string[];
+    /**
+     * Retorna o status de carregamento
+     */
+    isLoading(): boolean;
+    /**
+     * Verifica múltiplas permissões
+     */
+    hasAnyPermission(permissions: string[]): boolean;
+    /**
+     * Verifica se tem todas as permissões
+     */
+    hasAllPermissions(permissions: string[]): boolean;
+    /**
+     * Retorna informações detalhadas sobre uma permissão
+     */
+    getPermissionInfo(actionName: string): {
+        hasPermission: boolean;
+        isAdmin: boolean;
+        reason: string;
+    };
+    /**
+     * Registra múltiplas ações de uma vez
+     */
+    registerActions(actions: Array<{
+        actionName: string;
+        actionDescription: string;
+    }>): void;
+    /**
+     * Retorna todas as ações registradas
+     */
+    getRegisteredActions(): Array<{
+        actionName: string;
+        actionDescription: string;
+    }>;
+}

package/dist/src/ArchbaseTenantManager.d.ts

@@ -0,0 +1,22 @@
+export interface ArchbaseTenantInfo {
+    id: string;
+    code?: string;
+    descricao: string;
+    imagemApresentacao?: string;
+}
+export declare class ArchbaseTenantManager {
+    private static instance;
+    private _currentTenant;
+    private _availableTenants;
+    private constructor();
+    static getInstance(): ArchbaseTenantManager;
+    get currentTenant$(): import('rxjs').Observable<ArchbaseTenantInfo>;
+    get currentTenant(): ArchbaseTenantInfo | null;
+    get availableTenants$(): import('rxjs').Observable<ArchbaseTenantInfo[]>;
+    get availableTenants(): ArchbaseTenantInfo[];
+    setCurrentTenant(tenant: ArchbaseTenantInfo | null): void;
+    setAvailableTenants(tenants: ArchbaseTenantInfo[]): void;
+    clear(): void;
+    getHeaders(): Record<string, string>;
+}
+export declare function useArchbaseTenantManager(): ArchbaseTenantManager;

package/dist/src/ArchbaseTokenManager.d.ts

@@ -0,0 +1 @@
+export type { ArchbaseTokenManager, ArchbaseAccessToken } from '@archbase/core';

package/dist/src/ArchbaseUser.d.ts

@@ -0,0 +1,19 @@
+import { ArchbaseUsernameAndPassword as IArchbaseUsernameAndPassword, ArchbaseUser as IArchbaseUser } from '@archbase/core';
+export declare class ArchbaseUser implements IArchbaseUser {
+    id: string;
+    displayName: string;
+    email: string;
+    photo: string;
+    isAdmin: boolean;
+    constructor(data: any);
+    static newInstance(): ArchbaseUser;
+}
+export declare class ArchbaseUsernameAndPasswordImpl implements IArchbaseUsernameAndPassword {
+    username: string;
+    password: string;
+    remember: boolean;
+    constructor(data: any);
+    static newInstance(): ArchbaseUsernameAndPasswordImpl;
+}
+export { ArchbaseUsernameAndPasswordImpl as ArchbaseUsernameAndPassword };
+export type { ArchbaseUsernameAndPassword as IArchbaseUsernameAndPassword } from '@archbase/core';

package/dist/src/ArchbaseUserService.d.ts

@@ -0,0 +1,11 @@
+import { ArchbaseEntityTransformer, ArchbaseRemoteApiClient, ArchbaseRemoteApiService } from '@archbase/data';
+import { UserDto } from './SecurityDomain';
+export declare class ArchbaseUserService extends ArchbaseRemoteApiService<UserDto, string> implements ArchbaseEntityTransformer<UserDto> {
+    constructor(client: ArchbaseRemoteApiClient);
+    protected configureHeaders(): Record<string, string>;
+    transform(entity: UserDto): UserDto;
+    protected getEndpoint(): string;
+    getId(entity: UserDto): string;
+    isNewRecord(entity: UserDto): boolean;
+    getUserByEmail(email: string): Promise<UserDto>;
+}

package/dist/src/DefaultArchbaseTokenManager.d.ts

@@ -0,0 +1,20 @@
+import { ArchbaseTokenManager, ArchbaseAccessToken, ArchbaseUsernameAndPassword } from '@archbase/core';
+export declare const ENCRYPTION_KEY = "YngzI1guK3dGaElFcFY9MywqK3xgPzg/Ojg7eD8xRmg=";
+export declare const TOKEN_COOKIE_NAME = "c1ab58e7-c113-4225-a190-a9e59d1207fc";
+export declare const USER_NAME_AND_PASSWORD = "6faf6932-a0b5-457b-83b1-8d89ddbd91fd";
+export declare const USER_NAME = "602b05c5-ec46-451e-aba6-187e463bc245";
+export declare const CONTEXT_STORAGE_KEY = "8b4a7c2d-9e5f-4163-b8a7-3f2c9d8e5a1b";
+export declare class DefaultArchbaseTokenManager implements ArchbaseTokenManager {
+    getUsernameAndPassword(): ArchbaseUsernameAndPassword | null;
+    saveUsernameAndPassword(username: string, password: string): void;
+    getUsername(): string | null;
+    saveUsername(username: string): void;
+    isTokenExpired(token?: ArchbaseAccessToken, expirationThreshold?: number): boolean;
+    saveToken(accessToken?: ArchbaseAccessToken): void;
+    clearUsernameAndPassword(): void;
+    clearToken(): void;
+    getToken(): ArchbaseAccessToken | null;
+    saveContext(context: string): void;
+    getContext(): string | null;
+    clearContext(): void;
+}