@blazedpath/commons 0.1.1 → 0.2.1

package/README.md

@@ -2,6 +2,14 @@
 
 ## Publish
 
+Login:
+
+```sh
+npm login
+```
+
+Publish:
+
 ```sh
 npm publish
 ```

package/blz-rds-postgres/syntaxis.json

@@ -35,7 +35,7 @@
         "addMonths": "%1$s + %2$s * INTERVAL '1 MONTH'",
         "addSeconds": "%1$s + %2$s * INTERVAL '1 SECOND'",
         "addYears": "%1$s + %2$s * INTERVAL '1 YEAR'",
-        "date": "TO_TIMESTAMP('%1$s-%2$s-%3$s 0:0:0', 'YYYY-MM-DD HH24:MI:SS')",
+        "date": "TO_DATE('%1$s-%2$s-%3$s', 'YYYY-MM-DD')",
         "dateDiff": "DATE_PART('day', (%1$s) - (%2$s))",
         "datetime": "TO_TIMESTAMP('%1$s-%2$s-%3$s %4$s:%5$s:%6$s', 'YYYY-MM-DD HH24:MI:SS')",
         "datetimeDiff": "(((DATE_PART('day', %1$s - %2$s) * 24 + DATE_PART('hour', %1$s - %2$s)) * 60 + DATE_PART('minute', %1$s - %2$s)) * 60 + DATE_PART('second', %1$s - %2$s)) * 1000",

package/blz-security/__test__/AuthorizationKpn.yaml

@@ -98,8 +98,6 @@ permissions:
         enable: false  
       - path: customer-message
         enable: false  
-      - path: /debtor/**
-        enable: false
       - path: /debtor-account-stage/**
         enable: false
       - path: debtor-account-stage
@@ -110,6 +108,8 @@ permissions:
         enable: false
       - path: /debtors/**
         enable: false
+      - path: /debtor/**
+        enable: false  
       - path: /dim-messages/**
         enable: false
       - path: /dim-messages-entity/**
@@ -462,20 +462,20 @@ permissions:
 
       # region Consumer Costumer Widgets Rules
       # Filters (Alphabetic Order List, this rule will be disabled in all roles always)
-      - path: /debtors/**
+      - path: /debtor/**
         actions: filters_AlphabeticOrderList
         enable: false
 
       # Body - 360 Cards
-      - path: /debtors/**
+      - path: /debtor/**
         actions: cc_depositAccountCard
         enable: false
 
-      - path: /debtors/**
+      - path: /debtor/**
         actions: cc_creditDisputeCard
         enable: false
 
-      - path: /debtors/**
+      - path: /debtor/**
         actions: cc_settlementDiscountCard
         enable: false
 
@@ -563,18 +563,48 @@ permissions:
       # region Business Customer
 
       # Body - 360 Cards
-      - path: /debtors/**
+      - path: /debtor/**
         actions: bc_depositAccountCard
         enable: false
 
-      - path: /debtors/**
+      - path: /debtor/**
         actions: bc_creditDisputeCard
         enable: false
 
-      - path: /debtors/**
+      - path: /debtor/**
         actions: bc_settlementDiscountCard
         enable: false
 
+      - path: /debtor/**
+        actions: cc_cancelPaymentArrangement
+        enable: false  
+        
+      - path: /debtor/**
+        actions: cc_rejectDispute
+        enable: false
+      
+      - path: /debtor/**
+        actions: cc_resolveDispute
+        enable: false
+      
+      - path: /debtor/**
+        actions: cc_updateExemption
+        enable: false
+      
+      - path: /debtor/**
+        actions: cc_editOldTrustee
+        enable: false
+      
+      - path: /debtor/**
+        actions: cc_editNewTrustee
+        enable: false
+
+      # Dunning debtor option
+
+      - path: /debtor/**
+        actions: dunning_CreateFinancingAgreement,dunming_ReallocateTransaction
+        enable: false   
+
       # Dunning screen
       - path: /dunning/**
         actions: bc_dunningSuspendAccount
@@ -705,23 +735,27 @@ permissions:
   # Home Rules
   - name: agent_home
     rules:
-      - path: /collection-home
+      - path: /collection-home      
     domain: agent
+  # Agent View Only
+  - name: agent_viewOnly
+    rules:
+      - path: /colm/**
+      - path: /debtors
+    domain: agent  
   # Consumer Costumer Rules
   - name: agent_consumer_costumer
+    extends: 
+      - agent_viewOnly
     rules:
       - path: consumer-debtor
       - path: /debtors
       - path: /debtor/**
     domain: agent
-  - name: agent_viewOnly
-    rules:
-      - path: /colm/**
-    domain: agent
   # 360 View
   - name: agent_consumer_costumer_360View_settlementDiscountCard
     rules:
-      - path: /debtors/**
+      - path: /debtor/**
         actions: cc_settlementDiscountCard
         enable: true
     domain: agent
@@ -793,17 +827,71 @@ permissions:
     rules:
       - path: organization-debtor
       - path: /debtors
-      - path: /debtor/**
+      # - path: /debtor/**
     domain: agent
 
   # 360 View
   - name: agent_business_costumer_360View_settlementDiscountCard
     rules:
-      - path: /debtors/**
+      - path: /debtor/**
         actions: bc_settlementDiscountCard
         enable: true
     domain: agent
 
+  - name: agent_business_costumer_360View_cancelPaymentArrangement
+    rules:
+      - path: /debtor/**
+        actions: cc_cancelPaymentArrangement
+        enable: true
+    domain: agent  
+  
+  - name: agent_business_costumer_360View_resolveDispute
+    rules:
+      - path: /debtor/**
+        actions: cc_cc_resolveDispute
+        enable: true
+    domain: agent
+    
+  - name: agent_business_costumer_360View_rejectDispute
+    rules:
+      - path: /debtor/**
+        actions: cc_rejectDispute
+        enable: true
+    domain: agent
+   
+   
+  - name: agent_business_costumer_360View_updateExemption
+    rules:
+      - path: /debtor/**
+        actions: cc_updateExemption
+        enable: true
+    domain: agent
+  
+  - name: agent_business_costumer_360View_editNewTrustee
+    rules:
+      - path: /debtor/**
+        actions: cc_editNewTrustee
+        enable: true
+    domain: agent
+  
+  - name: agent_business_costumer_360View_cc_editOldTrustee
+    rules:
+      - path: /debtor/**
+        actions: cc_editOldTrustee
+        enable: true
+    domain: agent
+
+  - name: agent_business_costumer_360View_dunning_CreateFinancingAgreement
+    rules:
+      - path: /debtor/**
+        actions: dunning_CreateFinancingAgreement
+    domain: agent
+  - name: agent_business_costumer_360View_dunming_ReallocateTransaction
+    rules:
+      - path: /debtor/**
+        actions: dunming_ReallocateTransaction
+    domain: agent 
+
   # Dunning screen
   - name: agent_business_costumer_dunning_SuspendAccountCard
     rules:
@@ -950,6 +1038,8 @@ permissions:
         actions: GET
       - path: /api/ms-operation-scheduler/**
         actions: GET
+      - path: /api/ms-placement/**
+        actions: GET
       - path: /api/bkr-ext/**
         actions: GET
     domain: agent
@@ -1001,6 +1091,7 @@ roles:
   - name: Collections.ViewOnly
     permissions:
       - agent_home
+      - agent_viewOnly
       - agent_consumer_costumer
       - agent_business_costumer
       - agent_viewonly_portal_apis
@@ -1011,6 +1102,14 @@ roles:
       - agent_task_management
       - agent_entry_process
       - agent_portal_apis
+      - agent_business_costumer_360View_cancelPaymentArrangement
+      - agent_business_costumer_360View_resolveDispute
+      - agent_business_costumer_360View_rejectDispute
+      - agent_business_costumer_360View_updateExemption
+      - agent_business_costumer_360View_editOldTrustee
+      - agent_business_costumer_360View_editNewTrustee
+      - agent_business_costumer_360View_dunning_CreateFinancingAgreement
+      - agent_business_costumer_360View_dunming_ReallocateTransaction
   - name: Collections.FinanceBV
     extends:
       - Collections.ViewOnly

package/blz-security/__test__/secureUrl.test.js

@@ -42,7 +42,7 @@ describe('SecureUrlService', () => {
     } catch (error) {
       expect(error.message).toBe('The token has expired.');
       expect(error.name).toBe('SecureUrlError');
-      expect(error.code).toBe(408); // o el campo que uses para el código
+      expect(error.code).toBe(410); // o el campo que uses para el código
     }
   })
 
@@ -64,7 +64,7 @@ describe('SecureUrlService', () => {
     } catch (error) {
       expect(error.message).toBe('The token has expired.');
       expect(error.name).toBe('SecureUrlError');
-      expect(error.code).toBe(408); // o el campo que uses para el código
+      expect(error.code).toBe(410); // o el campo que uses para el código
     }
   })
 

package/blz-security/doc/README.md

@@ -42,9 +42,9 @@
   - path: ~/blazedapth/blz/blz-builder/burners/web-frontend/sources/startup/index.js
   - path: ~/blazedapth/blz/blz-suite/backend/servers/web-frontend/index.js
 - Se modifica Blz.setSecurityRule por BlzSecurity.setSecurityRule
-  - path: ~/blazedapth/blz/blz-shared/js-generator/commands/set-security-rule.js
+  - path: ~/blazedapth/blz/blz-commons/js-generator/commands/set-security-rule.js
 - Se modifica Blz.clearSecurityRules por BlzSecurity.clearSecurityRules  
-  - path: ~/blazedapth/blz/blz-shared/js-generator/commands/reset-security-rules.js
+  - path: ~/blazedapth/blz/blz-commons/js-generator/commands/reset-security-rules.js
 - Se agrega BlzSecurity en Blz_controls_RouteResolver
   - path: ~/blazedapth/blz/blz-ui/assets/js/blz-wrappers/Blz_controls_RouteResolver.js
 
@@ -71,5 +71,5 @@ grunt prod-prod
 - Documentation
   - [security rules and options](https://docs-blz.bsn-dev.beesion.team/#/doc/security-rules-and-options)
 - Demo
-  - [DemoAuth](~/blazedapth/blz/blz-shared/essentials/solutions/DemoAuth)
+  - [DemoAuth](~/blazedapth/blz/blz-commons/essentials/solutions/DemoAuth)
   

package/blz-security/lab/index.js

@@ -17,19 +17,26 @@ async function getAuthorizationService(configPath) {
 
 ;(async () => {
 
-  
+  let result= null
   
   const authorizationService = await getAuthorizationService('../__test__/AuthorizationKpn.yaml')
- 
+  
   // expect('[{"path":"/api/ms-financing-setting/fnc-catalog","actions":"*","enable":true}]').toStrictEqual(result)
 
   // console.log(authorizationService.getFrontendSecurityRules(["Configuration.Admin"],["config"] ))
   // console.log(JSON.stringify(authorizationService.getFrontendSecurityRules(['Configuration.Admin'],['agent'] )))
-  const result = authorizationService.checkAuthorize('/ep-manual-credit/undefined', null, ['Configuration.Admin'], ['agent'])
+  // let result = authorizationService.checkAuthorize('/ep-manual-credit/undefined', null, ['Configuration.Admin'], ['agent'])
+  // console.log(result)
+  // result = authorizationService.checkAuthorize('/ep-manual-credit/undefined', null, ['Collections.Admin','Collections.Finance','Configuration.Admin'], ['agent'])
+  // console.log(result)
+  result = authorizationService.checkAuthorize('/debtor/102592', 'dunning_CreateFinancingAgreement', ['Collections.ViewOnly'], ['agent'])
   console.log(result)
-  result = authorizationService.checkAuthorize('/ep-manual-credit/undefined', null, ['Collections.Admin','Collections.Finance','Configuration.Admin'], ['agent'])
+  result = authorizationService.checkAuthorize('/debtor/102592', 'dunning_CreateFinancingAgreement', ['Configuration.Admin'], ['agent'])
   console.log(result)
 
+  // no debe tener acceso ViewOnly Financiamiento
+  //
+
 
 
 

package/blz-security/middleware/HapiServerAzureAd.js

@@ -594,12 +594,13 @@ class HapiServerAzureAd {
 
 		// Register the @hapi/cookie plugin
 		await server.register(hapiCookie);
-
+		
+		const hapiCookiePassword = process.env.blz_hapiCookiePassword || 'supersecretpasswordmustbeatleast32characterslong';
 		// Define the cookie-based auth strategy
 		server.auth.strategy('cookieAuth', 'cookie', {
 			cookie: {
 				name: 'sid', // Primary session cookie
-				password: 'supersecretpasswordmustbeatleast32characterslong', // Encryption key
+				password: hapiCookiePassword, // Encryption key
 				isSecure: true, // Should be true in production
 				isHttpOnly: true, // Prevents client-side JavaScript access
 				isSameSite: 'Lax', // Protects against CSRF

package/blz-security/middleware/HapiServerKeycloak.js

@@ -59,13 +59,10 @@ class HapiServerKeycloak {
         this.securityService = null;
         this.securityUrlCookieKey = null;
     }
+    
     async generateGuid() {
-        return 'xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx'.replace(/[xy]/g, function(c) {
-          const r = Math.random() * 16 | 0;
-          const v = (c === 'x') ? r : (r & 0x3 | 0x8);
-          return v.toString(16);
-        });
-      }
+        return crypto.randomUUID();
+    }
 
     async connect(_securityService, hapiServer, config) {
         contextConfig = config
@@ -630,11 +627,12 @@ class HapiServerKeycloak {
         // Register the @hapi/cookie plugin
         await server.register(hapiCookie);
 
+        const hapiCookiePassword = process.env.blz_hapiCookiePassword || 'supersecretpasswordmustbeatleast32characterslong';
         // Define the cookie-based auth strategy
         server.auth.strategy('cookieAuth', 'cookie', {
             cookie: {
                 name: 'sid', // Primary session cookie
-                password: 'supersecretpasswordmustbeatleast32characterslong', // Encryption key
+                password: hapiCookiePassword, // Encryption key
                 isSecure: true, // Should be true in production
                 isHttpOnly: true, // Prevents client-side JavaScript access
                 isSameSite: 'Lax', // Protects against CSRF

package/blz-security/middleware/hapiServer.js

@@ -736,11 +736,12 @@ class HapiServer {
     // Register the @hapi/cookie plugin
     await server.register(hapiCookie);
 
+    const hapiCookiePassword = process.env.blz_hapiCookiePassword || 'supersecretpasswordmustbeatleast32characterslong';
     // Define the cookie-based auth strategy
     server.auth.strategy('cookieAuth', 'cookie', {
       cookie: {
           name: 'sid', // Primary session cookie
-          password: 'supersecretpasswordmustbeatleast32characterslong', // Encryption key
+          password: hapiCookiePassword, // Encryption key
           isSecure: true, // Should be true in production
           isHttpOnly: true, // Prevents client-side JavaScript access
           isSameSite: 'Lax', // Protects against CSRF

package/blz-security/secureUrlService.js

@@ -41,8 +41,7 @@ module.exports = class SecureUrlService {
       const path = url.split('?')[0];      
       const session_key = isBase64(_session_key)?atob(_session_key):_session_key
       const key = `${session_key}${btoa(decodeURIComponent(path))}`;
-      const getNow = () => Function('"use strict";return (' + atob("bmV3IERhdGUoKS5nZXRUaW1lKCk=") + ')')();
-      const token = CryptoJS.AES.encrypt((getNow()).toString(), key).toString();
+      const token = CryptoJS.AES.encrypt((Date.now()).toString(), key).toString();
       return encodeURIComponent(token);      
     }
 }

package/package.json

@@ -1,11 +1,13 @@
 {
   "name": "@blazedpath/commons",
-  "version": "0.1.1",
+  "version": "0.2.1",
   "description": "commos library for blazedpath applications",
   "main": "index.js",
   "types": "dist/index.d.ts",
   "license": "UNLICENSED",
-  "publishConfig": { "access": "public" },
+  "publishConfig": {
+    "access": "public"
+  },
   "dependencies": {
     "@hapi/boom": "^10.0.1",
     "@hapi/call": "^9.0.1",
@@ -79,7 +81,7 @@
     "@types/node": "20.11.17",
     "jest": "^29.7.0"
   },
-    "bin": {
+  "bin": {
     "blz-security": "."
   },
   "eslintConfig": {
@@ -92,6 +94,9 @@
   },
   "overrides": {
     "shelljs": "0.9.2",
-    "cross-spawn": "7.0.6"
+    "cross-spawn": "7.0.6",
+    "glob": "^12.0.0",
+     "qs": "^6.14.1",
+      "jws": "^4.0.1"
   }
-}
+}