@drax/identity-back 0.0.15 → 0.0.16

package/dist/factory/TenantServiceFactory.js

@@ -0,0 +1,24 @@
+import TenantService from "../services/TenantService.js";
+import TenantMongoRepository from "../repository/mongo/TenantMongoRepository.js";
+import TenantSqliteRepository from "../repository/sqlite/TenantSqliteRepository.js";
+import { DbSetupUtils, DbEngine } from "../utils/DbSetupUtils.js";
+let tenantService;
+const TenantServiceFactory = () => {
+    if (!tenantService) {
+        let tenantRepository;
+        switch (DbSetupUtils.getDbEngine()) {
+            case DbEngine.Mongo:
+                console.log("TenantServiceFactory DB ENGINE MONGODB");
+                tenantRepository = new TenantMongoRepository();
+                break;
+            case DbEngine.Sqlite:
+                console.log("TenantServiceFactory DB ENGINE SQLITE");
+                tenantRepository = new TenantSqliteRepository(DbSetupUtils.getDbConfig(), false);
+                tenantRepository.table();
+                break;
+        }
+        tenantService = new TenantService(tenantRepository);
+    }
+    return tenantService;
+};
+export default TenantServiceFactory;

package/dist/factory/UserServiceFactory.js

@@ -13,7 +13,7 @@ const UserServiceFactory = () => {
                 break;
             case DbEngine.Sqlite:
                 console.log("UserServiceFactory DB ENGINE SQLITE");
-                userRepository = new UserSqliteRepository(DbSetupUtils.getDbConfig(), false);
+                userRepository = new UserSqliteRepository(DbSetupUtils.getDbConfig(), true);
                 userRepository.table();
                 break;
         }

package/dist/graphql/resolvers/role.resolvers.js

@@ -36,9 +36,16 @@ export default {
             try {
                 rbac.assertPermission(IdentityPermissions.ViewRole);
                 const roleService = RoleServiceFactory();
-                return await roleService.fetchAll();
+                const roles = await roleService.fetchAll();
+                if (rbac.getRole?.childRoles?.length > 0) {
+                    return roles.filter(role => rbac.getRole.childRoles.some(childRole => childRole.id === role.id));
+                }
+                else {
+                    return roles;
+                }
             }
             catch (e) {
+                console.error("fetchRole", e);
                 if (e instanceof UnauthorizedError) {
                     throw new GraphQLError(e.message);
                 }
@@ -115,6 +122,10 @@ export default {
             try {
                 rbac.assertPermission(IdentityPermissions.DeleteRole);
                 const roleService = RoleServiceFactory();
+                const currentRole = await roleService.findById(id);
+                if (currentRole.readonly) {
+                    throw new UnauthorizedError();
+                }
                 return await roleService.delete(id);
             }
             catch (e) {

package/dist/graphql/resolvers/tenant.resolvers.js

@@ -0,0 +1,121 @@
+import TenantServiceFactory from "../../factory/TenantServiceFactory.js";
+import { IdentityPermissions } from "../../permissions/IdentityPermissions.js";
+import { ValidationError, ValidationErrorToGraphQLError } from "@drax/common-back";
+import { GraphQLError } from "graphql";
+import UnauthorizedError from "../../errors/UnauthorizedError.js";
+export default {
+    Query: {
+        findTenantById: async (_, { id }, { rbac }) => {
+            try {
+                rbac.assertPermission(IdentityPermissions.ViewTenant);
+                const tenantService = TenantServiceFactory();
+                return await tenantService.findById(id);
+            }
+            catch (e) {
+                if (e instanceof UnauthorizedError) {
+                    throw new GraphQLError(e.message);
+                }
+                throw new GraphQLError('error.server');
+            }
+        },
+        findTenantByName: async (_, { name }, { rbac }) => {
+            try {
+                rbac.assertPermission(IdentityPermissions.ViewTenant);
+                const tenantService = TenantServiceFactory();
+                return await tenantService.findByName(name);
+            }
+            catch (e) {
+                if (e instanceof UnauthorizedError) {
+                    throw new GraphQLError(e.message);
+                }
+                throw new GraphQLError('error.server');
+            }
+        },
+        fetchTenant: async (_, {}, { rbac }) => {
+            try {
+                rbac.assertPermission(IdentityPermissions.ViewTenant);
+                const tenantService = TenantServiceFactory();
+                const tenants = await tenantService.fetchAll();
+                if (rbac.getAuthUser.tenantId) {
+                    return tenants.filter(t => t.id === rbac.getAuthUser.tenantId);
+                }
+                else {
+                    return tenants;
+                }
+            }
+            catch (e) {
+                if (e instanceof UnauthorizedError) {
+                    throw new GraphQLError(e.message);
+                }
+                throw new GraphQLError('error.server');
+            }
+        },
+        paginateTenant: async (_, { page, limit, seach }, { rbac }) => {
+            try {
+                rbac.assertPermission(IdentityPermissions.ViewTenant);
+                const tenantService = TenantServiceFactory();
+                return await tenantService.paginate(page, limit, seach);
+            }
+            catch (e) {
+                console.error("paginateTenant", e);
+                if (e instanceof UnauthorizedError) {
+                    throw new GraphQLError(e.message);
+                }
+                throw new GraphQLError('error.server');
+            }
+        }
+    },
+    Mutation: {
+        createTenant: async (_, { input }, { rbac }) => {
+            try {
+                rbac.assertPermission(IdentityPermissions.CreateTenant);
+                const tenantService = TenantServiceFactory();
+                return await tenantService.create(input);
+            }
+            catch (e) {
+                console.error("createTenant", e);
+                if (e instanceof ValidationError) {
+                    throw ValidationErrorToGraphQLError(e);
+                }
+                if (e instanceof UnauthorizedError) {
+                    throw new GraphQLError(e.message);
+                }
+                throw new GraphQLError('error.server');
+            }
+        },
+        updateTenant: async (_, { id, input }, { rbac }) => {
+            try {
+                rbac.assertPermission(IdentityPermissions.UpdateTenant);
+                const tenantService = TenantServiceFactory();
+                return await tenantService.update(id, input);
+            }
+            catch (e) {
+                console.error("updateTenant", e);
+                if (e instanceof ValidationError) {
+                    throw ValidationErrorToGraphQLError(e);
+                }
+                if (e instanceof UnauthorizedError) {
+                    throw new GraphQLError(e.message);
+                }
+                throw new GraphQLError('error.server');
+            }
+        },
+        deleteTenant: async (_, { id }, { rbac }) => {
+            try {
+                rbac.assertPermission(IdentityPermissions.DeleteTenant);
+                const tenantService = TenantServiceFactory();
+                return await tenantService.delete(id);
+            }
+            catch (e) {
+                console.error("deleteTenant", e);
+                if (e instanceof ValidationError) {
+                    throw ValidationErrorToGraphQLError(e);
+                }
+                if (e instanceof UnauthorizedError) {
+                    throw new GraphQLError(e.message);
+                }
+                throw new GraphQLError('error.server');
+            }
+        }
+    }
+};

package/dist/graphql/resolvers/user.resolvers.js

@@ -34,11 +34,14 @@ export default {
                 throw new GraphQLError('error.server');
             }
         },
-        paginateUser: async (_, { page, limit, search }, { rbac }) => {
+        paginateUser: async (_, { page, limit, search, filters = [] }, { rbac }) => {
             try {
                 rbac.assertPermission(IdentityPermissions.ViewUser);
                 let userService = UserServiceFactory();
-                return await userService.paginate(page, limit, search);
+                if (rbac.getAuthUser.tenantId) {
+                    filters.push({ field: 'tenant', operator: '$eq', value: rbac.getAuthUser.tenantId });
+                }
+                return await userService.paginate(page, limit, search, filters);
             }
             catch (e) {
                 if (e instanceof UnauthorizedError) {

package/dist/graphql/types/tenant.graphql

@@ -0,0 +1,28 @@
+type Tenant {
+    id: ID!
+    name: String
+}
+
+type TenantPaginated{
+    total: Int
+    page: Int
+    limit: Int
+    items: [Tenant]
+}
+
+type Query{
+    paginateTenant(page:Int, limit:Int, search:String): TenantPaginated
+    fetchTenant: [Tenant]
+    findTenantById(id: ID): Tenant
+    findTenantByName(name: String!): Tenant
+}
+
+input TenantInput{
+    name: String
+}
+
+type Mutation{
+    createTenant(input: TenantInput): Tenant
+    updateTenant(id: ID!, input: TenantInput): Tenant
+    deleteTenant(id: ID!): Boolean
+}

package/dist/graphql/types/user.graphql

@@ -4,6 +4,7 @@ type User {
     name: String
     email: String
     role: Role
+    tenant: Tenant
     phone: String
     avatar: String
     active: Boolean
@@ -28,6 +29,7 @@ input UserCreateInput{
     username: String!
     password: String!
     role: ID
+    tenant: ID
     email: String!
     phone: String
     active: Boolean
@@ -37,6 +39,7 @@ input UserUpdateInput{
     name: String
     username: String!
     role: ID
+    tenant: ID
     email: String!
     phone: String
     active: Boolean

package/dist/index.js

@@ -1,12 +1,15 @@
 import GraphqlMerge from "./graphql/index.js";
 import UserServiceFactory from "./factory/UserServiceFactory.js";
 import RoleServiceFactory from "./factory/RoleServiceFactory.js";
+import TenantServiceFactory from "./factory/TenantServiceFactory.js";
 import RoleService from "./services/RoleService.js";
 import UserService from "./services/UserService.js";
+import TenantService from "./services/TenantService.js";
 import PermissionService from "./services/PermissionService.js";
 import Rbac from "./rbac/Rbac.js";
 import { UserRoutes } from "./routes/UserRoutes.js";
 import { RoleRoutes } from "./routes/RoleRoutes.js";
+import { TenantRoutes } from "./routes/TenantRoutes.js";
 import AuthUtils from "./utils/AuthUtils.js";
 import { jwtMiddleware } from "./middleware/jwtMiddleware.js";
 import { rbacMiddleware } from "./middleware/rbacMiddleware.js";
@@ -24,13 +27,13 @@ const identityTypeDefs = await graphqlMergeResult.typeDefs;
 const identityResolvers = await graphqlMergeResult.resolvers;
 export { 
 //Service
-UserService, RoleService, PermissionService, Rbac, 
+UserService, RoleService, TenantService, PermissionService, Rbac, 
 //Factories
-UserServiceFactory, RoleServiceFactory, 
+UserServiceFactory, RoleServiceFactory, TenantServiceFactory, 
 //GQL
 identityTypeDefs, identityResolvers, 
 //API REST
-UserRoutes, RoleRoutes, AuthUtils, 
+UserRoutes, RoleRoutes, TenantRoutes, AuthUtils, 
 //API MIDDLEWARE
 jwtMiddleware, rbacMiddleware, 
 //Permissions

package/dist/interfaces/ITenant.js

@@ -0,0 +1 @@
+export {};

package/dist/interfaces/ITenantRepository.js

@@ -0,0 +1 @@
+export {};

package/dist/middleware/rbacMiddleware.js

@@ -7,10 +7,7 @@ const draxCache = new DraxCache(cacheTTL);
 async function roleLoader(k) {
     const roleService = RoleServiceFactory();
     const role = await roleService.findById(k);
-    if (role) {
-        return { id: role.id, name: role.name, permissions: role.permissions };
-    }
-    return null;
+    return role;
 }
 async function rbacMiddleware(request, reply) {
     try {

package/dist/models/TenantModel.js

@@ -0,0 +1,18 @@
+import { mongoose, MongooseSoftDelete } from '@drax/common-back';
+import uniqueValidator from 'mongoose-unique-validator';
+import mongoosePaginate from 'mongoose-paginate-v2';
+const Schema = mongoose.Schema;
+const TenantSchema = new Schema({
+    name: {
+        type: String, unique: true, required: true, index: true,
+    },
+});
+TenantSchema.plugin(uniqueValidator, { message: 'validation.unique' });
+TenantSchema.plugin(MongooseSoftDelete);
+TenantSchema.plugin(mongoosePaginate);
+TenantSchema.set('toJSON', { getters: true });
+const TENANT_MODEL_NAME = 'Tenant';
+const TENANT_COLLECTION_NAME = 'tenants';
+const TenantModel = mongoose.model(TENANT_MODEL_NAME, TenantSchema, TENANT_COLLECTION_NAME);
+export { TenantSchema, TenantModel };
+export default TenantModel;

package/dist/models/UserModel.js

@@ -50,6 +50,11 @@ const UserSchema = new mongoose.Schema({
         ref: 'Role',
         required: true,
     },
+    tenant: {
+        type: mongoose.Schema.Types.ObjectId,
+        ref: 'Tenant',
+        required: false,
+    },
     groups: [{
             type: mongoose.Schema.Types.ObjectId,
             ref: 'Group',

package/dist/permissions/IdentityPermissions.js

@@ -11,6 +11,11 @@ var IdentityPermissions;
     IdentityPermissions["ViewRole"] = "role:view";
     IdentityPermissions["ManageRole"] = "role:manage";
     IdentityPermissions["PermissionsRole"] = "role:permissions";
+    IdentityPermissions["CreateTenant"] = "tenant:create";
+    IdentityPermissions["UpdateTenant"] = "tenant:update";
+    IdentityPermissions["DeleteTenant"] = "tenant:delete";
+    IdentityPermissions["ViewTenant"] = "tenant:view";
+    IdentityPermissions["ManageTenant"] = "tenant:manage";
 })(IdentityPermissions || (IdentityPermissions = {}));
 export default IdentityPermissions;
 export { IdentityPermissions };

package/dist/rbac/Rbac.js

@@ -4,6 +4,12 @@ class Rbac {
         this.authUser = authUser;
         this.role = role;
     }
+    get getRole() {
+        return this.role;
+    }
+    get getAuthUser() {
+        return this.authUser;
+    }
     hasPermission(requiredPermission) {
         if (!this.authUser || !this.role || !this.role.permissions || this.role.permissions.length === 0) {
             return false;

package/dist/repository/mongo/RoleMongoRepository.js

@@ -3,26 +3,27 @@ class RoleMongoRepository {
     async create(roleData) {
         const role = new RoleModel(roleData);
         await role.save();
+        await role.populate('childRoles');
         return role;
     }
     async update(id, roleData) {
-        const role = await RoleModel.findOneAndUpdate({ _id: id }, roleData, { new: true }).exec();
+        const role = await RoleModel.findOneAndUpdate({ _id: id }, roleData, { new: true }).populate('childRoles').exec();
         return role;
     }
     async delete(id) {
-        const result = await RoleModel.deleteOne(id).exec();
+        const result = await RoleModel.deleteOne({ _id: id }).exec();
         return result.deletedCount == 1;
     }
     async findById(id) {
-        const role = await RoleModel.findById(id).exec();
+        const role = await RoleModel.findById(id).populate('childRoles').exec();
         return role;
     }
     async findByName(name) {
-        const role = await RoleModel.findOne({ name }).exec();
+        const role = await RoleModel.findOne({ name }).populate('childRoles').exec();
         return role;
     }
     async fetchAll() {
-        const roles = await RoleModel.find().exec();
+        const roles = await RoleModel.find().populate('childRoles').exec();
         return roles;
     }
     async paginate(page = 1, limit = 5, search) {
@@ -32,7 +33,7 @@ class RoleMongoRepository {
                 { name: new RegExp(search, 'i') },
             ];
         }
-        const options = { page, limit };
+        const options = { populate: ['childRoles'], page, limit };
         const roles = await RoleModel.paginate(query, options);
         return {
             page: page,

package/dist/repository/mongo/TenantMongoRepository.js

@@ -0,0 +1,45 @@
+import { TenantModel } from "../../models/TenantModel.js";
+class TenantMongoRepository {
+    async create(tenantData) {
+        const tenant = new TenantModel(tenantData);
+        await tenant.save();
+        return tenant;
+    }
+    async update(id, tenantData) {
+        const tenant = await TenantModel.findOneAndUpdate({ _id: id }, tenantData, { new: true }).exec();
+        return tenant;
+    }
+    async delete(id) {
+        const result = await TenantModel.deleteOne({ _id: id }).exec();
+        return result.deletedCount == 1;
+    }
+    async findById(id) {
+        const tenant = await TenantModel.findById(id).exec();
+        return tenant;
+    }
+    async findByName(name) {
+        const tenant = await TenantModel.findOne({ name }).exec();
+        return tenant;
+    }
+    async fetchAll() {
+        const tenants = await TenantModel.find().exec();
+        return tenants;
+    }
+    async paginate(page = 1, limit = 5, search) {
+        const query = {};
+        if (search) {
+            query['$or'] = [
+                { name: new RegExp(search, 'i') },
+            ];
+        }
+        const options = { page, limit };
+        const tenants = await TenantModel.paginate(query, options);
+        return {
+            page: page,
+            limit: limit,
+            total: tenants.totalDocs,
+            items: tenants.docs
+        };
+    }
+}
+export default TenantMongoRepository;

package/dist/repository/mongo/UserMongoRepository.js

@@ -13,7 +13,7 @@ class UserMongoRepository {
             }
             const user = new UserModel(userData);
             await user.save();
-            await user.populate('role');
+            await user.populate(['role', 'tenant']);
             return user;
         }
         catch (e) {
@@ -25,7 +25,7 @@ class UserMongoRepository {
     }
     async update(id, userData) {
         try {
-            const user = await UserModel.findOneAndUpdate({ _id: id }, userData, { new: true }).populate('role').exec();
+            const user = await UserModel.findOneAndUpdate({ _id: id }, userData, { new: true }).populate(['role', 'tenant']).exec();
             return user;
         }
         catch (e) {
@@ -43,14 +43,14 @@ class UserMongoRepository {
         return result.deletedCount == 1;
     }
     async findById(id) {
-        const user = await UserModel.findById(id).populate('role').exec();
+        const user = await UserModel.findById(id).populate(['role', 'tenant']).exec();
         return user;
     }
     async findByUsername(username) {
-        const user = await UserModel.findOne({ username: username }).populate('role').exec();
+        const user = await UserModel.findOne({ username: username }).populate(['role', 'tenant']).exec();
         return user;
     }
-    async paginate(page = 1, limit = 5, search) {
+    async paginate(page = 1, limit = 5, search, filters) {
         const query = {};
         if (search) {
             query['$or'] = [
@@ -59,7 +59,20 @@ class UserMongoRepository {
                 { name: new RegExp(search, 'i') },
             ];
         }
-        const options = { populate: ['role'], page: page, limit: limit };
+        if (filters) {
+            for (const filter of filters) {
+                if (filter.operator === '$eq') {
+                    query[filter.field] = { $eq: filter.value };
+                }
+                if (filter.operator === '$ne') {
+                    query[filter.field] = { $ne: filter.value };
+                }
+                if (filter.operator === '$in') {
+                    query[filter.field] = { $in: filter.value };
+                }
+            }
+        }
+        const options = { populate: ['role', 'tenant'], page: page, limit: limit };
         const userPaginated = await UserModel.paginate(query, options);
         return {
             page: page,

package/dist/repository/sqlite/RoleSqliteRepository.js

@@ -15,6 +15,7 @@ const roleTableSQL = `
 class RoleSqliteRepository {
     constructor(DATABASE, verbose = false) {
         this.db = new sqlite(DATABASE, { verbose: verbose ? console.log : null });
+        this.table();
     }
     table() {
         this.db.exec(roleTableSQL);
@@ -55,7 +56,7 @@ class RoleSqliteRepository {
     async findById(id) {
         const role = this.db.prepare('SELECT * FROM roles WHERE id = ?').get(id);
         if (role) {
-            role.permissions = role.permissions ? role.permissions.split(",") : [];
+            await this.populateRole(role);
             return role;
         }
         return undefined;
@@ -63,7 +64,7 @@ class RoleSqliteRepository {
     async findByName(name) {
         const role = this.db.prepare('SELECT * FROM roles WHERE name = ?').get(name);
         if (role) {
-            role.permissions = role.permissions ? role.permissions.split(",") : [];
+            await this.populateRole(role);
             return role;
         }
         return undefined;
@@ -97,20 +98,20 @@ class RoleSqliteRepository {
     async fetchAll() {
         const roles = this.db.prepare('SELECT * FROM roles').all();
         for (const role of roles) {
-            role.permissions = role.permissions ? role.permissions.split(",") : [];
+            await this.populateRole(role);
         }
         return roles;
     }
     async paginate(page = 1, limit = 5, search = "") {
         const offset = page > 1 ? (page - 1) * limit : 0;
-        let where;
+        let where = "";
         if (search) {
             where = ` WHERE name LIKE '%${search}%'`;
         }
         const rCount = this.db.prepare('SELECT COUNT(*) as count FROM roles' + where).get();
         const roles = this.db.prepare('SELECT * FROM roles LIMIT ? OFFSET ?' + where).all([limit, offset]);
         for (const role of roles) {
-            role.permissions = role.permissions ? role.permissions.split(",") : [];
+            await this.populateRole(role);
         }
         return {
             page: page,
@@ -119,5 +120,23 @@ class RoleSqliteRepository {
             items: roles
         };
     }
+    async findWithoutPopulateById(id) {
+        const role = this.db.prepare('SELECT * FROM roles WHERE id = ?').get(id);
+        if (role) {
+            return role;
+        }
+        return undefined;
+    }
+    async populateRole(role) {
+        role.permissions = role.permissions ? role.permissions.split(",") : [];
+        role.childRoles = role.childRoles ? role.childRoles.split(",") : [];
+        const childRoles = [];
+        for (const childRoleId of role.childRoles) {
+            const childRole = await this.findWithoutPopulateById(childRoleId);
+            childRoles.push(childRole);
+        }
+        role.childRoles = childRoles;
+        return role;
+    }
 }
 export default RoleSqliteRepository;