@drax/identity-back 0.0.14 → 0.0.16

package/dist/services/TenantService.js

@@ -0,0 +1,59 @@
+import { ZodErrorToValidationError } from "@drax/common-back";
+import { tenantSchema } from "../zod/TenantZod.js";
+import { ZodError } from "zod";
+class TenantService {
+    constructor(tenantRepostitory) {
+        this._repository = tenantRepostitory;
+        console.log("TenantService constructor");
+    }
+    async create(tenantData) {
+        try {
+            tenantData.name = tenantData?.name?.trim();
+            await tenantSchema.parseAsync(tenantData);
+            const tenant = await this._repository.create(tenantData);
+            return tenant;
+        }
+        catch (e) {
+            if (e instanceof ZodError) {
+                throw ZodErrorToValidationError(e, tenantData);
+            }
+            throw e;
+        }
+    }
+    async update(id, tenantData) {
+        try {
+            tenantData.name = tenantData?.name?.trim();
+            await tenantSchema.parseAsync(tenantData);
+            const tenant = await this._repository.update(id, tenantData);
+            return tenant;
+        }
+        catch (e) {
+            if (e instanceof ZodError) {
+                throw ZodErrorToValidationError(e, tenantData);
+            }
+            throw e;
+        }
+    }
+    async delete(id) {
+        const currentTenant = await this.findById(id);
+        const deletedTenant = await this._repository.delete(id);
+        return deletedTenant;
+    }
+    async findById(id) {
+        const tenant = await this._repository.findById(id);
+        return tenant;
+    }
+    async findByName(name) {
+        const tenant = await this._repository.findByName(name);
+        return tenant;
+    }
+    async fetchAll() {
+        const tenants = await this._repository.fetchAll();
+        return tenants;
+    }
+    async paginate(page = 1, limit = 5, search, filters) {
+        const pagination = await this._repository.paginate(page, limit, search, filters);
+        return pagination;
+    }
+}
+export default TenantService;

package/dist/services/UserService.js

@@ -15,7 +15,7 @@ class UserService {
         if (user && user.active && AuthUtils.checkPassword(password, user.password)) {
             //TODO: Generar Sesion
             const session = '123';
-            const accessToken = AuthUtils.generateToken(user.id.toString(), user.username, user.role.id, session);
+            const accessToken = AuthUtils.generateToken(user.id.toString(), user.username, user.role.id, user.tenant?.id, session);
             return { accessToken: accessToken };
         }
         else {

package/dist/utils/AuthUtils.js

@@ -24,16 +24,17 @@ class AuthUtils {
     static checkPassword(password, hashPassword) {
         return bcryptjs.compareSync(password, hashPassword);
     }
-    static tokenSignPayload(userId, username, roleId, session) {
+    static tokenSignPayload(userId, username, roleId, tenantId, session) {
         return {
             id: userId,
             username: username,
             roleId: roleId,
+            tenantId: tenantId,
             session: session
         };
     }
-    static generateToken(userId, username, roleId, session) {
-        const payload = AuthUtils.tokenSignPayload(userId, username, roleId, session);
+    static generateToken(userId, username, roleId, tenantId, session) {
+        const payload = AuthUtils.tokenSignPayload(userId, username, roleId, tenantId, session);
         const JWT_SECRET = DraxConfig.getOrLoad(IdentityConfig.JwtSecret);
         if (!JWT_SECRET) {
             throw new Error("JWT_SECRET ENV must be provided");

package/dist/zod/TenantZod.js

@@ -0,0 +1,8 @@
+import { object, string } from "zod";
+const tenantSchema = object({
+    name: string({ required_error: "validation.required" })
+        .min(1, "validation.required")
+        .regex(/^[A-Z]/, "validation.startWithUpperCase"),
+});
+export default tenantSchema;
+export { tenantSchema };

package/package.json

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "0.0.14",
+  "version": "0.0.16",
   "description": "Identity module for user management, authentication and authorization.",
   "main": "dist/index.js",
   "types": "types/index.d.ts",
@@ -56,5 +56,5 @@
       "debug": "0"
     }
   },
-  "gitHead": "ef0b07b3396f6eeb1f045ef430b4ec3856896f7e"
+  "gitHead": "edddb7a152dab85eb7bca07bd79c497bfd12c51f"
 }

package/src/factory/TenantServiceFactory.ts

@@ -0,0 +1,33 @@
+import {DraxConfig} from "@drax/common-back"
+import TenantService from "../services/TenantService.js";
+import TenantMongoRepository from "../repository/mongo/TenantMongoRepository.js";
+import TenantSqliteRepository from "../repository/sqlite/TenantSqliteRepository.js";
+import {DbSetupUtils, DbEngine} from "../utils/DbSetupUtils.js";
+import type {ITenantRepository} from "../interfaces/ITenantRepository";
+
+let tenantService: TenantService
+
+const TenantServiceFactory = () : TenantService => {
+
+    if(!tenantService){
+        let tenantRepository: ITenantRepository
+
+        switch (DbSetupUtils.getDbEngine()) {
+            case DbEngine.Mongo:
+                console.log("TenantServiceFactory DB ENGINE MONGODB")
+                tenantRepository = new TenantMongoRepository()
+                break;
+            case DbEngine.Sqlite:
+                console.log("TenantServiceFactory DB ENGINE SQLITE")
+                tenantRepository = new TenantSqliteRepository(DbSetupUtils.getDbConfig(), false)
+                tenantRepository.table()
+                break;
+        }
+
+        tenantService = new TenantService(tenantRepository)
+    }
+
+    return tenantService
+}
+
+ export default TenantServiceFactory

package/src/factory/UserServiceFactory.ts

@@ -17,7 +17,7 @@ const UserServiceFactory = () : UserService => {
                 break;
             case DbEngine.Sqlite:
                 console.log("UserServiceFactory DB ENGINE SQLITE")
-                userRepository = new UserSqliteRepository(DbSetupUtils.getDbConfig(),false)
+                userRepository = new UserSqliteRepository(DbSetupUtils.getDbConfig(),true)
                 userRepository.table()
                 break;
         }

package/src/graphql/resolvers/role.resolvers.ts

@@ -5,12 +5,13 @@ import {GraphQLError} from "graphql";
 import {PermissionService} from "../../services/PermissionService.js";
 import UnauthorizedError from "../../errors/UnauthorizedError.js";
 
-const roleService = RoleServiceFactory()
+
 export default {
     Query: {
         findRoleById: async (_, {id}, {rbac}) => {
             try {
                 rbac.assertPermission(IdentityPermissions.ViewRole)
+                const roleService = RoleServiceFactory()
                 return await roleService.findById(id)
             } catch (e) {
                 if (e instanceof UnauthorizedError) {
@@ -22,6 +23,7 @@ export default {
         findRoleByName: async (_, {name}, {rbac}) => {
             try {
                 rbac.assertPermission(IdentityPermissions.ViewRole)
+                const roleService = RoleServiceFactory()
                 return await roleService.findByName(name)
             } catch (e) {
                 if (e instanceof UnauthorizedError) {
@@ -33,8 +35,16 @@ export default {
         fetchRole: async (_, {}, {rbac}) => {
             try {
                 rbac.assertPermission(IdentityPermissions.ViewRole)
-                return await roleService.fetchAll()
+                const roleService = RoleServiceFactory()
+                const roles = await roleService.fetchAll()
+                if(rbac.getRole?.childRoles?.length > 0) {
+                    return roles.filter(role => rbac.getRole.childRoles.some(childRole => childRole.id === role.id));
+                }else{
+                    return roles
+                }
+
             } catch (e) {
+                console.error("fetchRole",e)
                 if (e instanceof UnauthorizedError) {
                     throw new GraphQLError(e.message)
                 }
@@ -55,6 +65,7 @@ export default {
         paginateRole: async (_, {page, limit, seach}, {rbac}) => {
             try {
                 rbac.assertPermission(IdentityPermissions.ViewRole)
+                const roleService = RoleServiceFactory()
                 return await roleService.paginate(page, limit, seach)
             } catch (e) {
                 console.error("paginateRole",e)
@@ -69,6 +80,7 @@ export default {
         createRole: async (_, {input}, {rbac}) => {
             try {
                 rbac.assertPermission(IdentityPermissions.CreateRole)
+                const roleService = RoleServiceFactory()
                 return await roleService.create(input)
             } catch (e) {
                 console.error("createRole",e)
@@ -85,7 +97,7 @@ export default {
         updateRole: async (_, {id, input}, {rbac}) => {
             try {
                 rbac.assertPermission(IdentityPermissions.UpdateRole)
-
+                const roleService = RoleServiceFactory()
                 const currentRole = await roleService.findById(id)
                 if(currentRole.readonly){
                     throw new ValidationError([{field:'name', reason:"role.readonly", value:input.name}])
@@ -106,6 +118,12 @@ export default {
         deleteRole: async (_, {id}, {rbac}) => {
             try {
                 rbac.assertPermission(IdentityPermissions.DeleteRole)
+                const roleService = RoleServiceFactory()
+                const currentRole = await roleService.findById(id)
+                if(currentRole.readonly){
+                    throw new UnauthorizedError()
+                }
+
                 return await roleService.delete(id)
             } catch (e) {
                 console.error("deleteRole",e)

package/src/graphql/resolvers/tenant.resolvers.ts

@@ -0,0 +1,119 @@
+import TenantServiceFactory from "../../factory/TenantServiceFactory.js";
+import {IdentityPermissions} from "../../permissions/IdentityPermissions.js";
+import {ValidationError, ValidationErrorToGraphQLError} from "@drax/common-back";
+import {GraphQLError} from "graphql";
+import {PermissionService} from "../../services/PermissionService.js";
+import UnauthorizedError from "../../errors/UnauthorizedError.js";
+
+
+export default {
+    Query: {
+        findTenantById: async (_, {id}, {rbac}) => {
+            try {
+                rbac.assertPermission(IdentityPermissions.ViewTenant)
+                const tenantService = TenantServiceFactory()
+                return await tenantService.findById(id)
+            } catch (e) {
+                if (e instanceof UnauthorizedError) {
+                    throw new GraphQLError(e.message)
+                }
+                throw new GraphQLError('error.server')
+            }
+        },
+        findTenantByName: async (_, {name}, {rbac}) => {
+            try {
+                rbac.assertPermission(IdentityPermissions.ViewTenant)
+                const tenantService = TenantServiceFactory()
+                return await tenantService.findByName(name)
+            } catch (e) {
+                if (e instanceof UnauthorizedError) {
+                    throw new GraphQLError(e.message)
+                }
+                throw new GraphQLError('error.server')
+            }
+        },
+        fetchTenant: async (_, {}, {rbac}) => {
+            try {
+                rbac.assertPermission(IdentityPermissions.ViewTenant)
+                const tenantService = TenantServiceFactory()
+                const tenants =  await tenantService.fetchAll()
+                if(rbac.getAuthUser.tenantId){
+                    return tenants.filter(t => t.id === rbac.getAuthUser.tenantId)
+                }else{
+                    return tenants
+                }
+
+            } catch (e) {
+                if (e instanceof UnauthorizedError) {
+                    throw new GraphQLError(e.message)
+                }
+                throw new GraphQLError('error.server')
+            }
+        },
+        paginateTenant: async (_, {page, limit, seach}, {rbac}) => {
+            try {
+                rbac.assertPermission(IdentityPermissions.ViewTenant)
+                const tenantService = TenantServiceFactory()
+                return await tenantService.paginate(page, limit, seach)
+            } catch (e) {
+                console.error("paginateTenant",e)
+                if (e instanceof UnauthorizedError) {
+                    throw new GraphQLError(e.message)
+                }
+                throw new GraphQLError('error.server')
+            }
+        }
+    },
+    Mutation: {
+        createTenant: async (_, {input}, {rbac}) => {
+            try {
+                rbac.assertPermission(IdentityPermissions.CreateTenant)
+                const tenantService = TenantServiceFactory()
+                return await tenantService.create(input)
+            } catch (e) {
+                console.error("createTenant",e)
+                if (e instanceof ValidationError) {
+                    throw ValidationErrorToGraphQLError(e)
+                }
+                if (e instanceof UnauthorizedError) {
+                    throw new GraphQLError(e.message)
+                }
+                throw new GraphQLError('error.server')
+            }
+
+        },
+        updateTenant: async (_, {id, input}, {rbac}) => {
+            try {
+                rbac.assertPermission(IdentityPermissions.UpdateTenant)
+                const tenantService = TenantServiceFactory()
+                return await tenantService.update(id, input)
+            } catch (e) {
+                console.error("updateTenant",e)
+                if (e instanceof ValidationError) {
+                    throw ValidationErrorToGraphQLError(e)
+                }
+                if (e instanceof UnauthorizedError) {
+                    throw new GraphQLError(e.message)
+                }
+                throw new GraphQLError('error.server')
+            }
+        },
+        deleteTenant: async (_, {id}, {rbac}) => {
+            try {
+                rbac.assertPermission(IdentityPermissions.DeleteTenant)
+                const tenantService = TenantServiceFactory()
+                return await tenantService.delete(id)
+            } catch (e) {
+                console.error("deleteTenant",e)
+                if (e instanceof ValidationError) {
+                    throw ValidationErrorToGraphQLError(e)
+                }
+                if (e instanceof UnauthorizedError) {
+                    throw new GraphQLError(e.message)
+                }
+                throw new GraphQLError('error.server')
+            }
+
+        }
+    }
+}

package/src/graphql/resolvers/user.resolvers.ts

@@ -5,13 +5,12 @@ import {IdentityPermissions} from "../../permissions/IdentityPermissions.js";
 import UnauthorizedError from "../../errors/UnauthorizedError.js";
 import BadCredentialsError from "../../errors/BadCredentialsError.js";
 
-const userService = UserServiceFactory()
-
 export default {
     Query: {
         me: async (_, {}, {authUser}) => {
             try {
                 if (authUser) {
+                    let userService= UserServiceFactory()
                     let user = await userService.findById(authUser.id)
                     delete user.password
                     return user
@@ -26,6 +25,7 @@ export default {
         findUserById: async (_, {id}, {rbac}) => {
             try {
                 rbac.assertPermission(IdentityPermissions.ViewUser)
+                let userService= UserServiceFactory()
                 return await userService.findById(id)
             } catch (e) {
                 if (e instanceof UnauthorizedError) {
@@ -35,10 +35,14 @@ export default {
             }
 
         },
-        paginateUser: async (_, {page, limit, search}, {rbac}) => {
+        paginateUser: async (_, {page, limit, search, filters = []}, {rbac}) => {
             try {
                 rbac.assertPermission(IdentityPermissions.ViewUser)
-                return await userService.paginate(page, limit, search)
+                let userService= UserServiceFactory()
+                if(rbac.getAuthUser.tenantId){
+                    filters.push({field: 'tenant', operator: '$eq', value: rbac.getAuthUser.tenantId})
+                }
+                return await userService.paginate(page, limit, search, filters)
             } catch (e) {
                 if (e instanceof UnauthorizedError) {
                     throw new GraphQLError(e.message)
@@ -50,6 +54,7 @@ export default {
     Mutation: {
         auth: async (_, {input}) => {
             try {
+                let userService= UserServiceFactory()
                 return await userService.auth(input.username, input.password)
             } catch (e) {
                 console.error("auth", e)
@@ -63,6 +68,7 @@ export default {
         createUser: async (_, {input}, {rbac}) => {
             try {
                 rbac.assertPermission(IdentityPermissions.CreateUser)
+                let userService= UserServiceFactory()
                 const user = await userService.create(input)
                 return user
             } catch (e) {
@@ -79,7 +85,7 @@ export default {
         updateUser: async (_, {id, input}, {rbac}) => {
             try {
                 rbac.assertPermission(IdentityPermissions.UpdateUser)
-
+                let userService= UserServiceFactory()
                 const user = await userService.update(id, input)
                 return user
             } catch (e) {
@@ -94,6 +100,7 @@ export default {
         deleteUser: async (_, {id}, {rbac}) => {
             try {
                 rbac.assertPermission(IdentityPermissions.DeleteUser)
+                let userService= UserServiceFactory()
                 return await userService.delete(id)
             } catch (e) {
                 console.error("deleteUser", e)
@@ -111,6 +118,7 @@ export default {
                     throw new UnauthorizedError()
                 }
                 let userId = authUser.id
+                let userService= UserServiceFactory()
                 return await userService.changeOwnPassword(userId, currentPassword, newPassword)
             } catch (e) {
                 if (e instanceof ValidationError) {
@@ -124,7 +132,7 @@ export default {
         changeUserPassword: async (_, {userId, newPassword}, {rbac}) => {
             try {
                 rbac.assertPermission(IdentityPermissions.UpdateUser)
-
+                let userService= UserServiceFactory()
                 return await userService.changeUserPassword(userId, newPassword)
             } catch (e) {
                 if (e instanceof ValidationError) {

package/src/graphql/types/tenant.graphql

@@ -0,0 +1,28 @@
+type Tenant {
+    id: ID!
+    name: String
+}
+
+type TenantPaginated{
+    total: Int
+    page: Int
+    limit: Int
+    items: [Tenant]
+}
+
+type Query{
+    paginateTenant(page:Int, limit:Int, search:String): TenantPaginated
+    fetchTenant: [Tenant]
+    findTenantById(id: ID): Tenant
+    findTenantByName(name: String!): Tenant
+}
+
+input TenantInput{
+    name: String
+}
+
+type Mutation{
+    createTenant(input: TenantInput): Tenant
+    updateTenant(id: ID!, input: TenantInput): Tenant
+    deleteTenant(id: ID!): Boolean
+}

package/src/graphql/types/user.graphql

@@ -4,6 +4,7 @@ type User {
     name: String
     email: String
     role: Role
+    tenant: Tenant
     phone: String
     avatar: String
     active: Boolean
@@ -28,6 +29,7 @@ input UserCreateInput{
     username: String!
     password: String!
     role: ID
+    tenant: ID
     email: String!
     phone: String
     active: Boolean
@@ -37,6 +39,7 @@ input UserUpdateInput{
     name: String
     username: String!
     role: ID
+    tenant: ID
     email: String!
     phone: String
     active: Boolean

package/src/index.ts

@@ -1,12 +1,15 @@
 import GraphqlMerge from "./graphql/index.js"
 import UserServiceFactory from "./factory/UserServiceFactory.js";
 import RoleServiceFactory from "./factory/RoleServiceFactory.js";
+import TenantServiceFactory from "./factory/TenantServiceFactory.js";
 import RoleService from "./services/RoleService.js";
 import UserService from "./services/UserService.js";
+import TenantService from "./services/TenantService.js";
 import PermissionService from "./services/PermissionService.js";
 import Rbac from "./rbac/Rbac.js";
 import {UserRoutes} from "./routes/UserRoutes.js";
 import {RoleRoutes} from "./routes/RoleRoutes.js";
+import {TenantRoutes} from "./routes/TenantRoutes.js";
 import AuthUtils from "./utils/AuthUtils.js";
 import {jwtMiddleware} from "./middleware/jwtMiddleware.js";
 import {rbacMiddleware} from "./middleware/rbacMiddleware.js";
@@ -45,12 +48,14 @@ export {
     //Service
     UserService,
     RoleService,
+    TenantService,
     PermissionService,
     Rbac,
 
     //Factories
     UserServiceFactory,
     RoleServiceFactory,
+    TenantServiceFactory,
 
     //GQL
     identityTypeDefs,
@@ -59,6 +64,7 @@ export {
     //API REST
     UserRoutes,
     RoleRoutes,
+    TenantRoutes,
 
     AuthUtils,
 

package/src/interfaces/ITenant.ts

@@ -0,0 +1,9 @@
+import {IID} from "./IID";
+
+interface ITenant{
+    id: IID
+    name: string
+}
+
+
+export {ITenant}

package/src/interfaces/ITenantRepository.ts

@@ -0,0 +1,15 @@
+import {ITenant} from './ITenant'
+import {IPaginateFilter, IPaginateResult} from "@drax/common-back";
+import {IID} from "./IID";
+interface ITenantRepository{
+    create(role: ITenant): Promise<ITenant>;
+    update(id: IID, updatedRole: ITenant): Promise<ITenant | null>;
+    delete(id: IID): Promise<boolean>;
+    findById(id: IID): Promise<ITenant | null>;
+    findByName(name: string): Promise<ITenant | null>;
+    fetchAll(): Promise<ITenant[]>;
+    paginate(page?: number, limit?: number, search?:string, filters?: IPaginateFilter[]): Promise<IPaginateResult>;
+    table?():void
+}
+
+export {ITenantRepository}

package/src/interfaces/IUser.ts

@@ -1,7 +1,7 @@
-import {mongoose} from "@drax/common-back";
 import {IRole} from "./IRole";
 import {IUserGroup} from "./IUserGroup";
 import {IID} from "./IID";
+import {ITenant} from "./ITenant";
 
 interface IUser {
     id?: IID
@@ -14,6 +14,7 @@ interface IUser {
     avatar?: string
     code?: string
     role: IRole | IID
+    tenant?: ITenant | IID
     groups: IID[] | IUserGroup[] | string[] | string
     toObject(): IUser;
 }
@@ -27,6 +28,7 @@ interface IUserCreate {
     active: boolean | number
     phone: string
     role: IID
+    tenant?: IID
     groups: IID[] | string
 }
 
@@ -38,6 +40,7 @@ interface IUserUpdate {
     active: boolean
     phone: string
     role: IID
+    tenant?: IID
     groups: IID[]
     password?: string
 }

package/src/middleware/rbacMiddleware.ts

@@ -1,20 +1,18 @@
 import type {IJwtUser} from "../interfaces/IJwtUser";
-import type {IRole, IRoleBase} from "../interfaces/IRole";
+import type {IRole} from "../interfaces/IRole";
 import {DraxCache, DraxConfig} from "@drax/common-back";
 import RoleServiceFactory from "../factory/RoleServiceFactory.js";
 import Rbac from "../rbac/Rbac.js";
 import IdentityConfig from "../config/IdentityConfig.js";
 
 const cacheTTL = DraxConfig.getOrLoad(IdentityConfig.RbacCacheTTL) ? parseInt(DraxConfig.getOrLoad(IdentityConfig.RbacCacheTTL)) : 10000;
-const draxCache = new DraxCache<IRoleBase>(cacheTTL);
-const roleService = RoleServiceFactory()
+const draxCache = new DraxCache<IRole>(cacheTTL);
 
-async function roleLoader(k):Promise<IRoleBase | null> {
+
+async function roleLoader(k):Promise<IRole | null> {
+    const roleService = RoleServiceFactory()
     const role: IRole = await roleService.findById(k)
-    if(role){
-        return {id: role.id, name: role.name, permissions: role.permissions} as IRoleBase
-    }
-    return null
+    return role
 }
 
 async function rbacMiddleware (request, reply) {

package/src/models/TenantModel.ts

@@ -0,0 +1,32 @@
+import {mongoose, MongooseSoftDelete} from '@drax/common-back';
+import uniqueValidator from 'mongoose-unique-validator';
+import mongoosePaginate from 'mongoose-paginate-v2'
+import {ITenant} from '../interfaces/ITenant'
+const Schema = mongoose.Schema
+import {PaginateModel} from "mongoose";
+
+
+const TenantSchema = new Schema<ITenant>({
+    name: {
+        type: String, unique: true, required: true, index: true,
+    },
+});
+
+TenantSchema.plugin(uniqueValidator, {message: 'validation.unique'});
+TenantSchema.plugin(MongooseSoftDelete);
+TenantSchema.plugin(mongoosePaginate);
+
+
+TenantSchema.set('toJSON', {getters: true});
+
+const TENANT_MODEL_NAME = 'Tenant';
+const TENANT_COLLECTION_NAME = 'tenants';
+const TenantModel = mongoose.model<ITenant, PaginateModel<ITenant>>(TENANT_MODEL_NAME, TenantSchema,TENANT_COLLECTION_NAME);
+
+export {
+    TenantSchema,
+    TenantModel
+}
+
+export default TenantModel
+

package/src/models/UserModel.ts

@@ -54,6 +54,11 @@ const UserSchema = new mongoose.Schema<IUser>({
         ref: 'Role',
         required: true,
     },
+    tenant: {
+        type: mongoose.Schema.Types.ObjectId,
+        ref: 'Tenant',
+        required: false,
+    },
     groups: [{
         type: mongoose.Schema.Types.ObjectId,
         ref: 'Group',