@canmingir/link-express 1.6.0

package/.env.test

@@ -0,0 +1,3 @@
+PROFILE=TEST
+OAUTH_CLIENT_SECRET=53b08fe45a3c616a9ce3e05174ea82e502df6baf
+JWT_SECRET=q8fvthcTaz8qKQDAS7hJRK

package/.eslintrc.js

@@ -0,0 +1,20 @@
+module.exports = {
+  env: {
+    es6: true,
+    node: true,
+    mocha: true,
+  },
+  extends: ["eslint:recommended", "plugin:prettier/recommended"],
+  parserOptions: {
+    ecmaVersion: 2022,
+    sourceType: "module",
+  },
+  ignorePatterns: "/node_modules",
+  rules: {
+    eqeqeq: ["error", "always"],
+    "no-console": "off",
+    "no-eval": "error",
+    "no-var": "error",
+    "prefer-arrow-callback": "error",
+  },
+};

package/.gitattributes

@@ -0,0 +1 @@
+* text=auto eol=lf

package/.github/workflows/publish.yml

@@ -0,0 +1,9 @@
+name: publish
+on:
+    push:
+      tags:
+        - v[0-9]+.[0-9]+.[0-9]+
+jobs:
+  deploy:
+    uses: NucleoidAI/actions/.github/workflows/publish.yml@main
+    secrets: inherit

package/README.md

@@ -0,0 +1 @@
+# platform-express

package/index.js

@@ -0,0 +1 @@
+module.exports = require("./src/platform");

package/package.json

@@ -0,0 +1,51 @@
+{
+  "name": "@canmingir/link-express",
+  "version": "1.6.0",
+  "description": "",
+  "main": "index.js",
+  "author": "NucTeam",
+  "exports": {
+    ".": "./index.js",
+    "./models": "./src/models/index.js",
+    "./test": "./src/test.js",
+    "./authorization": "./src/authorization.js",
+    "./error": "./src/error.js"
+  },
+  "scripts": {
+    "prepare": "node prepare.js",
+    "dev": "node server --dev",
+    "start": "node server",
+    "test": "mocha 'src/**/*.spec.js' --forbid-only",
+    "lint": "eslint . --ext .js"
+  },
+  "dependencies": {
+    "@aws-sdk/client-dynamodb": "^3.614.0",
+    "@aws-sdk/lib-dynamodb": "^3.614.0",
+    "axios": "^1.7.2",
+    "cors": "^2.8.5",
+    "dotenv": "^16.4.5",
+    "express": "^4.19.2",
+    "express-async-errors": "^3.1.1",
+    "helmet": "^7.1.0",
+    "joi": "^17.13.3",
+    "joi-to-swagger": "^6.2.0",
+    "jsonwebtoken": "^9.0.2",
+    "lodash": "^4.17.21",
+    "morgan": "^1.10.0",
+    "pg": "^8.12.0",
+    "sequelize": "^6.37.3",
+    "swagger-jsdoc": "^6.2.8",
+    "swagger-ui-express": "^5.0.1",
+    "uuid": "^10.0.0"
+  },
+  "devDependencies": {
+    "axios-mock-adapter": "^1.21.1",
+    "eslint": "^8.16.0",
+    "eslint-config-prettier": "^8.5.0",
+    "eslint-plugin-prettier": "^4.0.0",
+    "mocha": "10.8.2",
+    "prettier": "^2.6.2",
+    "sqlite3": "^5.1.6",
+    "supertest": "^7.0.0"
+  }
+}

package/prepare.js

@@ -0,0 +1,15 @@
+const fs = require("fs");
+
+const prePush = `#!/usr/bin/env node
+const { execSync } = require("child_process");
+
+try {
+  execSync("npm run lint");
+  execSync("npm test");
+} catch (err) {
+  console.log(err.stdout.toString());
+  process.exit(1);
+}
+`;
+
+fs.writeFileSync(`${__dirname}/.git/hooks/pre-push`, prePush);

package/src/authorization.js

@@ -0,0 +1,102 @@
+const jwt = require("jsonwebtoken");
+const { AuthorizationError } = require("./error");
+function verify(req, res, next) {
+  if (process.env.PROFILE === "TEST") {
+    switch (process.env.PROJECT_ID) {
+      case "0c756054-2d28-4f87-9b12-8023a79136a5":
+        req.session = {
+          projectId: "0c756054-2d28-4f87-9b12-8023a79136a5",
+          userId: "1001",
+          roles: ["ADMIN"],
+          appId: "977f5f57-8936-4388-8eb0-00a512cf01cc",
+          organizationId: "1c063446-7e78-432a-a273-34f481d0f0c3",
+        };
+        break;
+      case "21d2530b-4657-4ac0-b8cd-1a9f82786e32":
+        req.session = {
+          projectId: "21d2530b-4657-4ac0-b8cd-1a9f82786e32",
+          userId: "1001",
+          roles: ["ADMIN"],
+          appId: "977f5f57-8936-4388-8eb0-00a512cf01cc",
+          organizationId: "5459ab03-204a-4627-bdde-667b7802cb35",
+        };
+        break;
+      case "add6dfa4-45ba-4da2-bc5c-5a529610b52f":
+        req.session = {
+          appId: "10b7bc8c-a49c-4002-b0ec-63599e4b5210",
+          organizationId: "dfb990bb-81dd-4584-82ce-050eb8f6a12f",
+          projectId: "add6dfa4-45ba-4da2-bc5c-5a529610b52f",
+          userId: "1001",
+          roles: ["ADMIN"],
+        };
+        break;
+      case "e6d4744d-a11b-4c75-acad-e24a02903729":
+        req.session = {
+          appId: "10b7bc8c-a49c-4002-b0ec-63599e4b5210",
+          organizationId: "1c063446-7e78-432a-a273-34f481d0f0c3",
+          projectId: "e6d4744d-a11b-4c75-acad-e24a02903729",
+          userId: "1001",
+          roles: ["ADMIN"],
+        };
+        break;
+      default:
+        req.session = {
+          projectId: "cb16e069-6214-47f1-9922-1f7fe7629525",
+          userId: "1001",
+          roles: ["ADMIN"],
+          appId: "977f5f57-8936-4388-8eb0-00a512cf01cc",
+          organizationId: "dfb990bb-81dd-4584-82ce-050eb8f6a12f",
+        };
+        break;
+    }
+    return next();
+  }
+
+  const authorization = req.headers["authorization"];
+
+  if (!authorization) {
+    throw new AuthorizationError();
+  }
+
+  const parts = authorization.split(" ");
+
+  if (parts.length !== 2 || parts[0] !== "Bearer") {
+    throw new AuthorizationError();
+  }
+
+  const token = parts[1];
+
+  try {
+    const { sub, aud, rls, aid, oid } = jwt.verify(
+      token,
+      process.env.JWT_SECRET
+    );
+    req.session = {
+      projectId: aud,
+      userId: sub,
+      roles: rls,
+      appId: aid,
+      organizationId: oid,
+    };
+  } catch (error) {
+    throw new AuthorizationError();
+  }
+
+  next();
+}
+
+// eslint-disable-next-line no-unused-vars
+function authorize(role) {
+  return (req, res, next) => {
+    const { roles } = req.session;
+
+    // TODO Add expression check for role
+    if (!roles || roles.length) {
+      next();
+    } else {
+      throw new AuthorizationError();
+    }
+  };
+}
+
+module.exports = { verify, authorize };

package/src/config.js

@@ -0,0 +1,20 @@
+const _ = require("lodash");
+let _config = {};
+
+function init(config = {}) {
+  _config = _.merge(
+    {
+      link: {},
+      project: null,
+      openapi: {},
+      postgres: null,
+      dynamodb: null,
+    },
+    config
+  );
+
+  return _config;
+}
+
+module.exports = () => _config;
+module.exports.init = init;

package/src/dynamodb.js

@@ -0,0 +1,18 @@
+const { DynamoDBClient } = require("@aws-sdk/client-dynamodb");
+const { DynamoDBDocumentClient } = require("@aws-sdk/lib-dynamodb");
+
+const config = require("./config");
+require("dotenv").config();
+
+const { dynamodb } = config();
+
+const client = new DynamoDBClient({
+  region: dynamodb.region,
+  credentials: {
+    accessKeyId: process.env.AWS_ACCESS_KEY_ID,
+    secretAccessKey: process.env.AWS_SECRET_ACCESS_KEY,
+  },
+});
+const docClient = DynamoDBDocumentClient.from(client);
+
+module.exports = { docClient };

package/src/error.js

@@ -0,0 +1,46 @@
+const { ValidationError } = require("joi");
+
+// eslint-disable-next-line no-unused-vars
+const handle = (err, req, res, next) => {
+  if (typeof err === "string") {
+    return res.status(400).json({ error: err });
+  }
+
+  if (err instanceof ValidationError) {
+    return res.status(400).json({ message: err.message });
+  }
+
+  if (err instanceof AuthorizationError) {
+    return res.status(401).end();
+  }
+
+  if (err instanceof AuthenticationError) {
+    return res.status(403).end();
+  }
+
+  if (err instanceof NotFoundError) {
+    return res.status(404).end();
+  }
+
+  if (err.isAxiosError) {
+    return res.status(err.response?.status || 503).end();
+  }
+
+  if (err.error) {
+    return res.status(400).json(err);
+  } else {
+    console.error(err);
+    return res.status(500).end();
+  }
+};
+
+class AuthorizationError extends Error {}
+class AuthenticationError extends Error {}
+class NotFoundError extends Error {}
+
+module.exports = {
+  handle,
+  AuthorizationError,
+  NotFoundError,
+  AuthenticationError,
+};

package/src/express.js

@@ -0,0 +1,58 @@
+const express = require("express");
+require("express-async-errors");
+
+const cors = require("cors");
+const morgan = require("morgan");
+const helmet = require("helmet");
+const app = express();
+
+const metrics = require("./routes/metrics");
+
+const swaggerUi = require("swagger-ui-express");
+const openapi = require("./openapi");
+const error = require("./error");
+const authorization = require("./authorization");
+const settings = require("./routes/settings");
+
+const config = require("./config")();
+
+app.use(helmet());
+app.use(cors());
+app.use(morgan("tiny"));
+
+app.use(express.json(), (err, req, res, next) =>
+  err ? res.status(422).end() : next()
+);
+
+if (config.project) {
+  const oauth = require("./routes/oauth");
+  app.use(
+    "/oauth",
+    express.urlencoded(),
+    (err, req, res, next) => (err ? res.status(422).end() : next()),
+    oauth
+  );
+}
+
+app.use("/openapi", swaggerUi.serve, swaggerUi.setup(openapi));
+app.use("/metrics", metrics);
+
+setImmediate(() => {
+  process.env.PROFILE === "TEST" && app.use(authorization.verify);
+
+  if (config.project) {
+    const permissions = require("./routes/permissions");
+    const organizations = require("./routes/organizations");
+    const projects = require("./routes/projects");
+
+    app.use("/projects", projects);
+    app.use("/organizations", organizations);
+    app.use("/permissions", permissions);
+    app.use("/projects/:projectId/settings", settings);
+  }
+
+  app.use((req, res) => res.status(404).end());
+  app.use(error.handle);
+});
+
+module.exports = app;

package/src/lib/settings.js

@@ -0,0 +1,36 @@
+const Settings = require("../models/Settings");
+
+async function get({ projectId }) {
+  const settingsInstance = await Settings.findOne({
+    where: { projectId },
+  });
+
+  if (settingsInstance) {
+    return settingsInstance.settings;
+  } else {
+    return {};
+  }
+}
+
+async function upsert({ projectId }, settings) {
+  const settingsInstance = await Settings.findOne({
+    where: { projectId },
+  });
+
+  if (settingsInstance) {
+    await settingsInstance.update({
+      projectId,
+      settings: {
+        ...settingsInstance.toJSON().settings,
+        ...settings,
+      },
+    });
+  } else {
+    await Settings.create({
+      projectId,
+      settings: { ...settings },
+    });
+  }
+}
+
+module.exports = { get, upsert };

package/src/lib/test.js

@@ -0,0 +1,58 @@
+require("dotenv").config({ path: ".env.test" });
+const { init } = require("../platform");
+
+init({
+  project: {
+    oauth: {
+      jwt: {
+        identifier: "email",
+      },
+      tokenUrl: "https://github.com/login/oauth/access_token",
+      userUrl: "https://api.github.com/user",
+      clientId: "0c2844d3d19dc9293fc5",
+      redirectUri: "http://localhost:5173/callback",
+    },
+  },
+  postgres: {
+    uri: "sqlite::memory:",
+    debug: true,
+    sync: false,
+  },
+});
+
+const models = require("../models");
+
+async function reset() {
+  const { sequelize } = require("../postgres");
+
+  if (await models.init()) {
+    await sequelize.sync({ force: true });
+  }
+
+  const Organization = require("../models/Organization");
+
+  const Project = require("../models/Project");
+  const Permission = require("../models/Permission");
+  const Settings = require("../models/Settings");
+
+  await Organization.destroy({ truncate: true });
+  await Project.destroy({ truncate: true });
+  await Permission.destroy({ truncate: true });
+  await Settings.destroy({ truncate: true });
+
+  async function seed() {
+    const { seed: organizations } = require("../seeds/Organization.json");
+    const { seed: permissions } = require("../seeds/Permission.json");
+    const { seed: projects } = require("../seeds/Project.json");
+    const { seed: settings } = require("../seeds/Settings.json");
+
+    await Organization.bulkCreate(organizations);
+    await Project.bulkCreate(projects);
+    await Permission.bulkCreate(permissions);
+    await Settings.bulkCreate(settings);
+  }
+
+  await seed();
+}
+
+module.exports = { reset };

package/src/models/Organization.js

@@ -0,0 +1,17 @@
+const { sequelize } = require("../postgres");
+const { DataTypes, UUIDV4 } = require("sequelize");
+
+const Organization = sequelize.define("Organization", {
+  id: {
+    type: DataTypes.UUID,
+    defaultValue: UUIDV4,
+    primaryKey: true,
+    allowNull: false,
+  },
+  name: {
+    type: DataTypes.STRING,
+    allowNull: false,
+  },
+});
+
+module.exports = Organization;

package/src/models/Permission.js

@@ -0,0 +1,33 @@
+const { sequelize } = require("../postgres");
+const { DataTypes, UUIDV4 } = require("sequelize");
+
+const Permission = sequelize.define("Permission", {
+  id: {
+    type: DataTypes.UUID,
+    defaultValue: UUIDV4,
+    primaryKey: true,
+    allowNull: false,
+  },
+  appId: {
+    type: DataTypes.UUID,
+    allowNull: false,
+  },
+  organizationId: {
+    type: DataTypes.UUID,
+    allowNull: false,
+  },
+  projectId: {
+    type: DataTypes.UUID,
+    allowNull: false,
+  },
+  userId: {
+    type: DataTypes.STRING,
+    allowNull: false,
+  },
+  role: {
+    type: DataTypes.STRING,
+    allowNull: false,
+  },
+});
+
+module.exports = Permission;

package/src/models/Project.js

@@ -0,0 +1,37 @@
+const { sequelize } = require("../postgres");
+const { DataTypes, UUIDV4 } = require("sequelize");
+
+const Project = sequelize.define("Project", {
+  id: {
+    type: DataTypes.UUID,
+    defaultValue: UUIDV4,
+    primaryKey: true,
+    allowNull: false,
+  },
+  name: {
+    type: DataTypes.STRING,
+    allowNull: false,
+  },
+  icon: {
+    type: DataTypes.STRING,
+    allowNull: false,
+  },
+  description: {
+    type: DataTypes.STRING,
+    allowNull: true,
+  },
+  type: {
+    type: DataTypes.STRING,
+    allowNull: true,
+  },
+  organizationId: {
+    type: DataTypes.UUID,
+    allowNull: true,
+  },
+  coach: {
+    type: DataTypes.STRING,
+    allowNull: true,
+  },
+});
+
+module.exports = Project;

package/src/models/Settings.js

@@ -0,0 +1,21 @@
+const { sequelize } = require("../postgres");
+const { DataTypes, UUIDV4 } = require("sequelize");
+
+const Settings = sequelize.define("Settings", {
+  id: {
+    type: DataTypes.UUID,
+    defaultValue: UUIDV4,
+    primaryKey: true,
+    allowNull: false,
+  },
+  projectId: {
+    type: DataTypes.UUID,
+    allowNull: false,
+  },
+  settings: {
+    type: DataTypes.JSONB,
+    allowNull: false,
+  },
+});
+
+module.exports = Settings;

package/src/models/index.js

@@ -0,0 +1,51 @@
+const Project = require("./Project");
+const Organization = require("./Organization");
+const Permission = require("./Permission");
+const Setting = require("./Settings");
+
+let _init = false;
+
+async function init() {
+  if (!_init) {
+    _init = true;
+  } else {
+    return false;
+  }
+
+  Organization.hasMany(Permission, {
+    foreignKey: "organizationId",
+    as: "permissions",
+  });
+
+  Permission.belongsTo(Organization, {
+    foreignKey: "organizationId",
+    as: "organization",
+  });
+
+  Project.belongsTo(Organization, {
+    foreignKey: "organizationId",
+    as: "organization",
+  });
+
+  Organization.hasMany(Project, {
+    foreignKey: "organizationId",
+    as: "projects",
+  });
+
+  Project.hasMany(Permission, {
+    foreignKey: "projectId",
+    as: "permissions",
+  });
+
+  Organization.addHook("beforeDestroy", async (organization) => {
+    await Project.destroy({
+      where: {
+        organizationId: organization.id,
+      },
+    });
+  });
+
+  return true;
+}
+
+module.exports = { Project, Organization, Permission, init, Setting };

package/src/openapi.js

@@ -0,0 +1,40 @@
+const { title, version } = require("./config")();
+const swaggerJsdoc = require("swagger-jsdoc");
+const j2s = require("joi-to-swagger");
+
+const swaggerSpec = swaggerJsdoc({
+  definition: {
+    openapi: "3.0.0",
+    info: { title, version },
+    servers: [{ url: "/api" }],
+  },
+
+  apis: [`${process.cwd()}/src/routes/*.js`],
+});
+
+swaggerSpec.components = {
+  schemas: {},
+};
+
+let schemas;
+try {
+  schemas = require(`${process.cwd()}/src/schemas`);
+} catch (error) {
+  console.warn("[NUC]: Could not load schemas");
+  schemas = {};
+}
+
+if (schemas && typeof schemas === "object") {
+  if (schemas.default) {
+    for (const schema in schemas) {
+      try {
+        const { swagger } = j2s(schemas[schema]);
+        swaggerSpec.components.schemas[schema] = swagger;
+      } catch (error) {
+        console.warn(`Warning: Failed to process schema "${schema}":`);
+      }
+    }
+  }
+}
+
+module.exports = swaggerSpec;