@drax/identity-back 0.0.14 → 0.0.16

package/src/permissions/IdentityPermissions.ts

@@ -14,6 +14,13 @@ enum IdentityPermissions {
     ManageRole = "role:manage",
     PermissionsRole = "role:permissions",
 
+
+    CreateTenant = "tenant:create",
+    UpdateTenant = "tenant:update",
+    DeleteTenant = "tenant:delete",
+    ViewTenant = "tenant:view",
+    ManageTenant = "tenant:manage",
+
 }
 
 export default IdentityPermissions;

package/src/rbac/Rbac.ts

@@ -1,16 +1,24 @@
-import {IRoleBase} from "../interfaces/IRole";
+import {IRole} from "../interfaces/IRole";
 import {IJwtUser} from "../interfaces/IJwtUser";
 import UnauthorizedError from "../errors/UnauthorizedError.js";
 
 class Rbac{
-    private role: IRoleBase;
+    private role: IRole;
     private authUser: IJwtUser;
 
-    constructor(authUser: IJwtUser, role: IRoleBase) {
+    constructor(authUser: IJwtUser, role: IRole) {
         this.authUser = authUser;
         this.role = role;
     }
 
+    get getRole() {
+        return this.role
+    }
+
+    get getAuthUser() {
+        return this.authUser
+    }
+
     hasPermission(requiredPermission: string): boolean {
         if (!this.authUser || !this.role || !this.role.permissions || this.role.permissions.length === 0) {
             return false;

package/src/repository/mongo/RoleMongoRepository.ts

@@ -10,31 +10,32 @@ class RoleMongoRepository implements IRoleRepository{
     async create(roleData: IRole): Promise<IRole> {
         const role : mongoose.HydratedDocument<IRole> = new RoleModel(roleData)
         await role.save()
+        await role.populate('childRoles')
         return role
     }
 
     async update(id: mongoose.Types.ObjectId | string, roleData: IRole): Promise<IRole> {
-        const role : mongoose.HydratedDocument<IRole> = await RoleModel.findOneAndUpdate({_id: id}, roleData, {new: true}).exec()
+        const role : mongoose.HydratedDocument<IRole> = await RoleModel.findOneAndUpdate({_id: id}, roleData, {new: true}).populate('childRoles').exec()
         return role
     }
 
     async delete(id: mongoose.Types.ObjectId): Promise<boolean> {
-        const result : DeleteResult = await RoleModel.deleteOne(id).exec()
+        const result : DeleteResult = await RoleModel.deleteOne({_id: id}).exec()
         return result.deletedCount == 1
     }
 
     async findById(id: mongoose.Types.ObjectId): Promise<IRole | null>{
-        const role: mongoose.HydratedDocument<IRole> | null = await RoleModel.findById(id).exec()
+        const role: mongoose.HydratedDocument<IRole> | null = await RoleModel.findById(id).populate('childRoles').exec()
         return role
     }
 
     async findByName(name: string): Promise<IRole | null>{
-        const role: mongoose.HydratedDocument<IRole> | null = await RoleModel.findOne({name}).exec()
+        const role: mongoose.HydratedDocument<IRole> | null = await RoleModel.findOne({name}).populate('childRoles').exec()
         return role
     }
 
     async fetchAll(): Promise<IRole[]>{
-        const roles: mongoose.HydratedDocument<IRole>[] = await RoleModel.find().exec()
+        const roles: mongoose.HydratedDocument<IRole>[] = await RoleModel.find().populate('childRoles').exec()
         return roles
     }
 
@@ -48,7 +49,7 @@ class RoleMongoRepository implements IRoleRepository{
             ]
         }
 
-        const options = {page, limit} as PaginateOptions
+        const options = {populate: ['childRoles'], page, limit} as PaginateOptions
         const roles: PaginateResult<IRole> = await RoleModel.paginate(query, options)
         return {
             page: page,

package/src/repository/mongo/TenantMongoRepository.ts

@@ -0,0 +1,62 @@
+import {TenantModel} from "../../models/TenantModel.js";
+import {ITenant} from '../../interfaces/ITenant'
+import {ITenantRepository} from '../../interfaces/ITenantRepository'
+import {IPaginateFilter, IPaginateResult, mongoose} from "@drax/common-back";
+import {FilterQuery, PaginateOptions, PaginateResult} from "mongoose";
+import {DeleteResult} from "mongodb";
+
+class TenantMongoRepository implements ITenantRepository{
+
+    async create(tenantData: ITenant): Promise<ITenant> {
+        const tenant : mongoose.HydratedDocument<ITenant> = new TenantModel(tenantData)
+        await tenant.save()
+        return tenant
+    }
+
+    async update(id: mongoose.Types.ObjectId | string, tenantData: ITenant): Promise<ITenant> {
+        const tenant : mongoose.HydratedDocument<ITenant> = await TenantModel.findOneAndUpdate({_id: id}, tenantData, {new: true}).exec()
+        return tenant
+    }
+
+    async delete(id: mongoose.Types.ObjectId): Promise<boolean> {
+        const result : DeleteResult = await TenantModel.deleteOne({_id:id}).exec()
+        return result.deletedCount == 1
+    }
+
+    async findById(id: mongoose.Types.ObjectId): Promise<ITenant | null>{
+        const tenant: mongoose.HydratedDocument<ITenant> | null = await TenantModel.findById(id).exec()
+        return tenant
+    }
+
+    async findByName(name: string): Promise<ITenant | null>{
+        const tenant: mongoose.HydratedDocument<ITenant> | null = await TenantModel.findOne({name}).exec()
+        return tenant
+    }
+
+    async fetchAll(): Promise<ITenant[]>{
+        const tenants: mongoose.HydratedDocument<ITenant>[] = await TenantModel.find().exec()
+        return tenants
+    }
+
+    async paginate(page:number = 1, limit:number = 5, search:string): Promise<IPaginateResult>{
+
+        const query = {}
+
+        if(search){
+            query['$or'] = [
+                {name: new RegExp(search, 'i')},
+            ]
+        }
+
+        const options = {page, limit} as PaginateOptions
+        const tenants: PaginateResult<ITenant> = await TenantModel.paginate(query, options)
+        return {
+            page: page,
+            limit: limit,
+            total: tenants.totalDocs,
+            items: tenants.docs
+        }
+    }
+}
+
+export default TenantMongoRepository

package/src/repository/mongo/UserMongoRepository.ts

@@ -24,7 +24,7 @@ class UserMongoRepository implements IUserRepository {
 
             const user: mongoose.HydratedDocument<IUser> = new UserModel(userData)
             await user.save()
-            await user.populate('role')
+            await user.populate(['role','tenant'])
             return user
         }catch (e){
             if(e instanceof mongoose.Error.ValidationError){
@@ -37,7 +37,7 @@ class UserMongoRepository implements IUserRepository {
 
     async update(id: mongoose.Types.ObjectId, userData: IUserUpdate): Promise<IUser> {
         try{
-        const user: mongoose.HydratedDocument<IUser> = await UserModel.findOneAndUpdate({_id: id}, userData, {new: true}).populate('role').exec()
+        const user: mongoose.HydratedDocument<IUser> = await UserModel.findOneAndUpdate({_id: id}, userData, {new: true}).populate(['role','tenant']).exec()
         return user
         }catch (e){
             if(e instanceof mongoose.Error.ValidationError){
@@ -57,16 +57,16 @@ class UserMongoRepository implements IUserRepository {
 
 
     async findById(id: mongoose.Types.ObjectId): Promise<IUser> {
-        const user: mongoose.HydratedDocument<IUser> = await UserModel.findById(id).populate('role').exec()
+        const user: mongoose.HydratedDocument<IUser> = await UserModel.findById(id).populate(['role','tenant']).exec()
         return user
     }
 
     async findByUsername(username: string): Promise<IUser> {
-        const user: mongoose.HydratedDocument<IUser> = await UserModel.findOne({username: username}).populate('role').exec()
+        const user: mongoose.HydratedDocument<IUser> = await UserModel.findOne({username: username}).populate(['role','tenant']).exec()
         return user
     }
 
-    async paginate(page: number = 1, limit: number = 5, search?:string): Promise<IPaginateResult> {
+    async paginate(page: number = 1, limit: number = 5, search?:string, filters?:IPaginateFilter[]): Promise<IPaginateResult> {
 
 
         const query = {}
@@ -79,7 +79,21 @@ class UserMongoRepository implements IUserRepository {
             ]
         }
 
-        const options = {populate: ['role'], page: page, limit: limit }
+        if(filters){
+            for(const filter of filters){
+                if(filter.operator === '$eq'){
+                    query[filter.field] = {$eq: filter.value}
+                }
+                if(filter.operator === '$ne'){
+                    query[filter.field] = {$ne: filter.value}
+                }
+                if(filter.operator === '$in'){
+                    query[filter.field] = {$in: filter.value}
+                }
+            }
+        }
+
+        const options = {populate: ['role','tenant'], page: page, limit: limit }
 
         const userPaginated: PaginateResult<IUser> = await UserModel.paginate(query, options)
         return {

package/src/repository/sqlite/RoleSqliteRepository.ts

@@ -25,6 +25,7 @@ class RoleSqliteRepository implements IRoleRepository{
 
     constructor(DATABASE:string, verbose:boolean = false) {
         this.db = new sqlite(DATABASE, {verbose: verbose ? console.log : null});
+        this.table()
     }
 
     table() {
@@ -78,7 +79,7 @@ class RoleSqliteRepository implements IRoleRepository{
     async findById(id: IID): Promise<IRole | null>{
         const role = this.db.prepare('SELECT * FROM roles WHERE id = ?').get(id);
         if(role){
-            role.permissions = role.permissions ? role.permissions.split(",") : []
+            await this.populateRole(role)
             return role
         }
         return undefined
@@ -87,7 +88,7 @@ class RoleSqliteRepository implements IRoleRepository{
     async findByName(name: string): Promise<IRole | null>{
         const role = this.db.prepare('SELECT * FROM roles WHERE name = ?').get(name);
         if(role){
-            role.permissions = role.permissions ? role.permissions.split(",") : []
+            await this.populateRole(role)
             return role
         }
         return undefined
@@ -125,7 +126,7 @@ class RoleSqliteRepository implements IRoleRepository{
     async fetchAll(): Promise<IRole[]>{
         const roles = this.db.prepare('SELECT * FROM roles').all();
         for (const role of roles) {
-            role.permissions = role.permissions? role.permissions.split(",") : []
+            await this.populateRole(role)
         }
         return roles
     }
@@ -133,7 +134,7 @@ class RoleSqliteRepository implements IRoleRepository{
     async paginate(page = 1, limit = 5, search=""): Promise<IPaginateResult>{
         const offset = page > 1 ? (page - 1) * limit : 0
 
-        let where
+        let where=""
         if (search) {
             where = ` WHERE name LIKE '%${search}%'`
         }
@@ -142,10 +143,9 @@ class RoleSqliteRepository implements IRoleRepository{
         const roles = this.db.prepare('SELECT * FROM roles LIMIT ? OFFSET ?'+where).all([limit, offset]);
 
         for (const role of roles) {
-            role.permissions = role.permissions? role.permissions.split(",") : []
+            await this.populateRole(role)
         }
 
-
         return {
             page: page,
             limit: limit,
@@ -154,6 +154,27 @@ class RoleSqliteRepository implements IRoleRepository{
         }
     }
 
+    async findWithoutPopulateById(id: IID): Promise<IRole | null>{
+        const role = this.db.prepare('SELECT * FROM roles WHERE id = ?').get(id);
+        if(role){
+            return role
+        }
+        return undefined
+    }
+
+    async populateRole(role){
+        role.permissions = role.permissions? role.permissions.split(",") : []
+        role.childRoles = role.childRoles? role.childRoles.split(",") : []
+
+        const childRoles = []
+        for(const childRoleId of role.childRoles){
+            const childRole:IRole = await this.findWithoutPopulateById(childRoleId)
+            childRoles.push(childRole)
+        }
+        role.childRoles = childRoles
+        return role
+    }
+
 
 }
 

package/src/repository/sqlite/TenantSqliteRepository.ts

@@ -0,0 +1,139 @@
+import {ITenant} from '../../interfaces/ITenant'
+import {ITenantRepository} from '../../interfaces/ITenantRepository'
+import {UUID} from "crypto";
+import sqlite from "better-sqlite3";
+import {randomUUID} from "node:crypto";
+import {IPaginateFilter, IPaginateResult, ValidationError} from "@drax/common-back";
+import {SqliteErrorToValidationError} from "@drax/common-back";
+import {IID} from "../../interfaces/IID";
+
+const tenantTableSQL: string = `
+    CREATE TABLE IF NOT EXISTS tenants
+    (
+        id TEXT PRIMARY KEY,
+        name TEXT
+    );
+`;
+
+class TenantSqliteRepository implements ITenantRepository{
+
+    private db: any;
+
+    constructor(DATABASE:string, verbose:boolean = false) {
+        this.db = new sqlite(DATABASE, {verbose: verbose ? console.log : null});
+        this.table()
+    }
+
+    table() {
+        this.db.exec(tenantTableSQL);
+    }
+
+
+
+    async create(tenantData: ITenant): Promise<ITenant> {
+        try{
+
+            if(!tenantData.id){
+                tenantData.id = randomUUID()
+            }
+
+
+            const fields = Object.keys(tenantData)
+                .map(field => `${field}`)
+                .join(', ');
+
+            const values = Object.keys(tenantData)
+                .map(field => `@${field}`)
+                .join(', ');
+
+        const stmt = this.db.prepare(`INSERT INTO tenants (${fields}) VALUES (${values})`);
+        stmt.run(tenantData)
+        return this.findById(tenantData.id as UUID)
+        }catch (e){
+            console.log(e)
+            throw SqliteErrorToValidationError(e, tenantData)
+        }
+    }
+
+    async findById(id: IID): Promise<ITenant | null>{
+        const tenant = this.db.prepare('SELECT * FROM tenants WHERE id = ?').get(id);
+        if(tenant){
+            tenant.permissions = tenant.permissions ? tenant.permissions.split(",") : []
+            return tenant
+        }
+        return undefined
+    }
+
+    async findByName(name: string): Promise<ITenant | null>{
+        const tenant = this.db.prepare('SELECT * FROM tenants WHERE name = ?').get(name);
+        if(tenant){
+            tenant.permissions = tenant.permissions ? tenant.permissions.split(",") : []
+            return tenant
+        }
+        return undefined
+    }
+
+    async update(id: IID, tenantData: ITenant): Promise<ITenant> {
+        try{
+            const setClauses = Object.keys(tenantData)
+                .map(field => `${field} = @${field}`)
+                .join(', ');
+            tenantData.id = id
+            const stmt = this.db.prepare( `UPDATE tenants SET ${setClauses} WHERE id = @id `);
+            stmt.run(tenantData);
+            return this.findById(id)
+        }catch (e){
+            console.log(e)
+            throw SqliteErrorToValidationError(e, tenantData)
+        }
+
+    }
+
+    async delete(id: IID): Promise<boolean> {
+        const stmt = this.db.prepare('DELETE FROM tenants WHERE id = ?');
+        stmt.run(id);
+        return true
+    }
+
+    async deleteAll(): Promise<boolean> {
+        const stmt = this.db.prepare('DELETE FROM tenants');
+        stmt.run();
+        return true
+    }
+
+    async fetchAll(): Promise<ITenant[]>{
+        const tenants = this.db.prepare('SELECT * FROM tenants').all();
+        for (const tenant of tenants) {
+            tenant.permissions = tenant.permissions? tenant.permissions.split(",") : []
+        }
+        return tenants
+    }
+
+    async paginate(page = 1, limit = 5, search=""): Promise<IPaginateResult>{
+        const offset = page > 1 ? (page - 1) * limit : 0
+
+        let where=""
+        if (search) {
+            where = ` WHERE name LIKE '%${search}%'`
+        }
+
+        const rCount = this.db.prepare('SELECT COUNT(*) as count FROM tenants'+where).get();
+        const tenants = this.db.prepare('SELECT * FROM tenants LIMIT ? OFFSET ?'+where).all([limit, offset]);
+
+        for (const tenant of tenants) {
+            tenant.permissions = tenant.permissions? tenant.permissions.split(",") : []
+        }
+
+
+        return {
+            page: page,
+            limit: limit,
+            total: rCount.count,
+            items: tenants
+        }
+    }
+
+
+}
+
+export default TenantSqliteRepository

package/src/repository/sqlite/UserSqliteRepository.ts

@@ -3,50 +3,40 @@ import sqlite from "better-sqlite3";
 import {randomUUID} from "node:crypto";
 import {UUID} from "crypto";
 import {IUserRepository} from "../../interfaces/IUserRepository";
-import type {IPaginateResult} from "@drax/common-back";
-import {mongoose, SqliteErrorToValidationError, ValidationError} from "@drax/common-back";
+import type {IPaginateFilter, IPaginateResult} from "@drax/common-back";
+import { SqliteErrorToValidationError, ValidationError} from "@drax/common-back";
 import RoleSqliteRepository from "./RoleSqliteRepository.js";
+import TenantSqliteRepository from "./TenantSqliteRepository.js";
 import {IID} from "../../interfaces/IID";
 
 
 const userTableSQL: string = `
     CREATE TABLE IF NOT EXISTS users
     (
-        id
-        TEXT
-        PRIMARY
-        KEY,
-        name
-        TEXT,
-        username
-        TEXT
-        UNIQUE,
-        active
-        INTEGER,
-        password
-        TEXT,
-        email
-        TEXT
-        UNIQUE,
-        phone
-        TEXT,
-        role
-        TEXT,
-        groups
-        TEXT,
-        avatar
-        TEXT
+        id TEXT PRIMARY KEY,
+        name TEXT,
+        username TEXT UNIQUE,
+        active INTEGER,
+        password TEXT,
+        email TEXT UNIQUE,
+        phone TEXT,
+        role TEXT,
+        tenant TEXT,
+        groups TEXT,
+        avatar TEXT
     );
 `;
 
 class UserSqliteRepository implements IUserRepository {
     private db: any;
     private roleRepository: RoleSqliteRepository;
+    private tenantRepository: TenantSqliteRepository;
 
     constructor(DATABASE: string, verbose: boolean = false) {
         this.db = new sqlite(DATABASE, {verbose: verbose ? console.log : null});
         this.roleRepository = new RoleSqliteRepository(DATABASE, verbose)
-
+        this.tenantRepository = new TenantSqliteRepository(DATABASE, verbose)
+        this.table()
     }
 
     table() {
@@ -81,10 +71,6 @@ class UserSqliteRepository implements IUserRepository {
                 .map(field => `@${field}`)
                 .join(', ');
 
-            /*console.log("fields", fields)
-            console.log("values",values)
-            console.log("userData",userData)*/
-
             const stmt = this.db.prepare(`INSERT INTO users (${fields})
                                           VALUES (${values})`);
             stmt.run(userData)
@@ -135,6 +121,7 @@ class UserSqliteRepository implements IUserRepository {
             return null
         }
         user.role = await this.findRoleById(user.role)
+        user.tenant = await this.findTenantById(user.tenant)
         return user
     }
 
@@ -144,28 +131,49 @@ class UserSqliteRepository implements IUserRepository {
             return null
         }
         user.role = await this.findRoleById(user.role)
+        user.tenant = await this.findTenantById(user.tenant)
         return user
     }
 
-    async paginate(page: number = 1, limit: number = 5, search?: string): Promise<IPaginateResult> {
+    async paginate(page: number = 1, limit: number = 5, search: string = "", filters:IPaginateFilter[] = []): Promise<IPaginateResult> {
 
         const offset = page > 1 ? (page - 1) * limit : 0
 
-        let where
+        let where=""
         if (search) {
-            where = ` WHERE name LIKE '%${search}%' OR username LIKE '%${search}%'`
+            where = ` WHERE (name LIKE '%${search}%' OR username LIKE '%${search}%') `
+        }
+
+        let whereFilters= []
+        if(filters && filters.length > 0 ){
+            where = where ? ` AND ` : ` WHERE `
+            for(const filter of filters){
+                if(filter.operator === '$eq'){
+                    whereFilters.push(` ${filter.field} = '${filter.value}' `)
+                }
+                if(filter.operator === '$ne'){
+                    whereFilters.push(` ${filter.field} != '${filter.value}' `)
+                }
+                if(filter.operator === '$in'){
+                    whereFilters.push(` ${filter.field} LIKE '%${filter.value}%' `)
+                }
+            }
+            where += whereFilters.join(" AND ")
         }
 
+       // console.log("paginate where ", where, "search", search, "filters", filters, "whereFilters", whereFilters)
+
         const rCount = this.db.prepare('SELECT COUNT(*) as count FROM users' + where).get();
-        const users = this.db.prepare('SELECT * FROM users LIMIT ? OFFSET ?' + where).all([limit, offset]);
+
+        const users = this.db.prepare('SELECT * FROM users'  + where + ' LIMIT ? OFFSET ?').all([limit, offset]);
 
         for (const user of users) {
+
             let role = await this.findRoleById(user.role)
-            if (role) {
-                user.role = role
-            } else {
-                user.role = null
-            }
+            user.role = role ? role : null
+
+            let tenant = await this.findTenantById(user.tenant)
+            user.tenant = tenant ? tenant : null
 
             user.active = user.active === 1
         }
@@ -182,6 +190,10 @@ class UserSqliteRepository implements IUserRepository {
         return await this.roleRepository.findById(id)
     }
 
+    async findTenantById(id: IID) {
+        return await this.tenantRepository.findById(id)
+    }
+
     async changePassword(id: IID, password: string): Promise<boolean> {
         const stmt = this.db.prepare(`UPDATE users
                                       SET password = @password

package/src/routes/RoleRoutes.ts

@@ -5,7 +5,7 @@ import {IdentityPermissions} from "../permissions/IdentityPermissions.js";
 import {PermissionService} from "../services/PermissionService.js";
 import UnauthorizedError from "../errors/UnauthorizedError.js";
 
-const roleService = RoleServiceFactory()
+
 
 async function RoleRoutes(fastify, options) {
 
@@ -30,6 +30,7 @@ async function RoleRoutes(fastify, options) {
         try {
             request.rbac.assertPermission(IdentityPermissions.ViewRole)
             const id = request.params.id
+            const roleService = RoleServiceFactory()
             let role = await roleService.findById(id)
             return role
         } catch (e) {
@@ -51,6 +52,7 @@ async function RoleRoutes(fastify, options) {
         try {
             request.rbac.assertPermission(IdentityPermissions.ViewRole)
             const name = request.params.name
+            const roleService = RoleServiceFactory()
             let role = await roleService.findByName(name)
             return role
         } catch (e) {
@@ -71,8 +73,13 @@ async function RoleRoutes(fastify, options) {
     fastify.get('/api/roles/all', async (request, reply): Promise<IRole[]> => {
         try {
             request.rbac.assertPermission(IdentityPermissions.ViewRole)
+            const roleService = RoleServiceFactory()
             let roles = await roleService.fetchAll()
-            return roles
+            if(request.rbac.getRole?.childRoles?.length > 0) {
+                return roles.filter(role => request.rbac.getRole.childRoles.some(childRole => childRole.id === role.id));
+            }else{
+                return roles
+            }
         } catch (e) {
             console.error(e)
             if (e instanceof ValidationError) {
@@ -94,6 +101,7 @@ async function RoleRoutes(fastify, options) {
             const page = request.query.page
             const limit = request.query.limit
             const search = request.query.search
+            const roleService = RoleServiceFactory()
             let paginateResult = await roleService.paginate(page, limit, search)
             return paginateResult
         } catch (e) {
@@ -115,6 +123,7 @@ async function RoleRoutes(fastify, options) {
         try {
             request.rbac.assertPermission(IdentityPermissions.CreateRole)
             const payload = request.body
+            const roleService = RoleServiceFactory()
             let role = await roleService.create(payload)
             return role
         } catch (e) {
@@ -138,7 +147,7 @@ async function RoleRoutes(fastify, options) {
             request.rbac.assertPermission(IdentityPermissions.UpdateRole)
             const id = request.params.id
             const payload = request.body
-
+            const roleService = RoleServiceFactory()
             const currentRole = await roleService.findById(id)
             if(currentRole.readonly){
                 throw new ValidationError([{field:'name', reason:"role.readonly", value:payload.name}])
@@ -166,6 +175,11 @@ async function RoleRoutes(fastify, options) {
         try {
             request.rbac.assertPermission(IdentityPermissions.DeleteRole)
             const id = request.params.id
+            const roleService = RoleServiceFactory()
+            const currentRole = await roleService.findById(id)
+            if(currentRole.readonly){
+                throw new UnauthorizedError()
+            }
             let r = await roleService.delete(id)
             return r
         } catch (e) {