@drax/identity-back 0.0.15 → 0.0.16

package/dist/repository/sqlite/TenantSqliteRepository.js

@@ -0,0 +1,106 @@
+import sqlite from "better-sqlite3";
+import { randomUUID } from "node:crypto";
+import { SqliteErrorToValidationError } from "@drax/common-back";
+const tenantTableSQL = `
+    CREATE TABLE IF NOT EXISTS tenants
+    (
+        id TEXT PRIMARY KEY,
+        name TEXT
+    );
+`;
+class TenantSqliteRepository {
+    constructor(DATABASE, verbose = false) {
+        this.db = new sqlite(DATABASE, { verbose: verbose ? console.log : null });
+        this.table();
+    }
+    table() {
+        this.db.exec(tenantTableSQL);
+    }
+    async create(tenantData) {
+        try {
+            if (!tenantData.id) {
+                tenantData.id = randomUUID();
+            }
+            const fields = Object.keys(tenantData)
+                .map(field => `${field}`)
+                .join(', ');
+            const values = Object.keys(tenantData)
+                .map(field => `@${field}`)
+                .join(', ');
+            const stmt = this.db.prepare(`INSERT INTO tenants (${fields}) VALUES (${values})`);
+            stmt.run(tenantData);
+            return this.findById(tenantData.id);
+        }
+        catch (e) {
+            console.log(e);
+            throw SqliteErrorToValidationError(e, tenantData);
+        }
+    }
+    async findById(id) {
+        const tenant = this.db.prepare('SELECT * FROM tenants WHERE id = ?').get(id);
+        if (tenant) {
+            tenant.permissions = tenant.permissions ? tenant.permissions.split(",") : [];
+            return tenant;
+        }
+        return undefined;
+    }
+    async findByName(name) {
+        const tenant = this.db.prepare('SELECT * FROM tenants WHERE name = ?').get(name);
+        if (tenant) {
+            tenant.permissions = tenant.permissions ? tenant.permissions.split(",") : [];
+            return tenant;
+        }
+        return undefined;
+    }
+    async update(id, tenantData) {
+        try {
+            const setClauses = Object.keys(tenantData)
+                .map(field => `${field} = @${field}`)
+                .join(', ');
+            tenantData.id = id;
+            const stmt = this.db.prepare(`UPDATE tenants SET ${setClauses} WHERE id = @id `);
+            stmt.run(tenantData);
+            return this.findById(id);
+        }
+        catch (e) {
+            console.log(e);
+            throw SqliteErrorToValidationError(e, tenantData);
+        }
+    }
+    async delete(id) {
+        const stmt = this.db.prepare('DELETE FROM tenants WHERE id = ?');
+        stmt.run(id);
+        return true;
+    }
+    async deleteAll() {
+        const stmt = this.db.prepare('DELETE FROM tenants');
+        stmt.run();
+        return true;
+    }
+    async fetchAll() {
+        const tenants = this.db.prepare('SELECT * FROM tenants').all();
+        for (const tenant of tenants) {
+            tenant.permissions = tenant.permissions ? tenant.permissions.split(",") : [];
+        }
+        return tenants;
+    }
+    async paginate(page = 1, limit = 5, search = "") {
+        const offset = page > 1 ? (page - 1) * limit : 0;
+        let where = "";
+        if (search) {
+            where = ` WHERE name LIKE '%${search}%'`;
+        }
+        const rCount = this.db.prepare('SELECT COUNT(*) as count FROM tenants' + where).get();
+        const tenants = this.db.prepare('SELECT * FROM tenants LIMIT ? OFFSET ?' + where).all([limit, offset]);
+        for (const tenant of tenants) {
+            tenant.permissions = tenant.permissions ? tenant.permissions.split(",") : [];
+        }
+        return {
+            page: page,
+            limit: limit,
+            total: rCount.count,
+            items: tenants
+        };
+    }
+}
+export default TenantSqliteRepository;

package/dist/repository/sqlite/UserSqliteRepository.js

@@ -2,39 +2,29 @@ import sqlite from "better-sqlite3";
 import { randomUUID } from "node:crypto";
 import { SqliteErrorToValidationError, ValidationError } from "@drax/common-back";
 import RoleSqliteRepository from "./RoleSqliteRepository.js";
+import TenantSqliteRepository from "./TenantSqliteRepository.js";
 const userTableSQL = `
     CREATE TABLE IF NOT EXISTS users
     (
-        id
-        TEXT
-        PRIMARY
-        KEY,
-        name
-        TEXT,
-        username
-        TEXT
-        UNIQUE,
-        active
-        INTEGER,
-        password
-        TEXT,
-        email
-        TEXT
-        UNIQUE,
-        phone
-        TEXT,
-        role
-        TEXT,
-        groups
-        TEXT,
-        avatar
-        TEXT
+        id TEXT PRIMARY KEY,
+        name TEXT,
+        username TEXT UNIQUE,
+        active INTEGER,
+        password TEXT,
+        email TEXT UNIQUE,
+        phone TEXT,
+        role TEXT,
+        tenant TEXT,
+        groups TEXT,
+        avatar TEXT
     );
 `;
 class UserSqliteRepository {
     constructor(DATABASE, verbose = false) {
         this.db = new sqlite(DATABASE, { verbose: verbose ? console.log : null });
         this.roleRepository = new RoleSqliteRepository(DATABASE, verbose);
+        this.tenantRepository = new TenantSqliteRepository(DATABASE, verbose);
+        this.table();
     }
     table() {
         this.db.exec(userTableSQL);
@@ -60,9 +50,6 @@ class UserSqliteRepository {
             const values = Object.keys(userData)
                 .map(field => `@${field}`)
                 .join(', ');
-            /*console.log("fields", fields)
-            console.log("values",values)
-            console.log("userData",userData)*/
             const stmt = this.db.prepare(`INSERT INTO users (${fields})
                                           VALUES (${values})`);
             stmt.run(userData);
@@ -108,6 +95,7 @@ class UserSqliteRepository {
             return null;
         }
         user.role = await this.findRoleById(user.role);
+        user.tenant = await this.findTenantById(user.tenant);
         return user;
     }
     async findByUsername(username) {
@@ -116,24 +104,39 @@ class UserSqliteRepository {
             return null;
         }
         user.role = await this.findRoleById(user.role);
+        user.tenant = await this.findTenantById(user.tenant);
         return user;
     }
-    async paginate(page = 1, limit = 5, search) {
+    async paginate(page = 1, limit = 5, search = "", filters = []) {
         const offset = page > 1 ? (page - 1) * limit : 0;
-        let where;
+        let where = "";
         if (search) {
-            where = ` WHERE name LIKE '%${search}%' OR username LIKE '%${search}%'`;
+            where = ` WHERE (name LIKE '%${search}%' OR username LIKE '%${search}%') `;
         }
+        let whereFilters = [];
+        if (filters && filters.length > 0) {
+            where = where ? ` AND ` : ` WHERE `;
+            for (const filter of filters) {
+                if (filter.operator === '$eq') {
+                    whereFilters.push(` ${filter.field} = '${filter.value}' `);
+                }
+                if (filter.operator === '$ne') {
+                    whereFilters.push(` ${filter.field} != '${filter.value}' `);
+                }
+                if (filter.operator === '$in') {
+                    whereFilters.push(` ${filter.field} LIKE '%${filter.value}%' `);
+                }
+            }
+            where += whereFilters.join(" AND ");
+        }
+        // console.log("paginate where ", where, "search", search, "filters", filters, "whereFilters", whereFilters)
         const rCount = this.db.prepare('SELECT COUNT(*) as count FROM users' + where).get();
-        const users = this.db.prepare('SELECT * FROM users LIMIT ? OFFSET ?' + where).all([limit, offset]);
+        const users = this.db.prepare('SELECT * FROM users' + where + ' LIMIT ? OFFSET ?').all([limit, offset]);
         for (const user of users) {
             let role = await this.findRoleById(user.role);
-            if (role) {
-                user.role = role;
-            }
-            else {
-                user.role = null;
-            }
+            user.role = role ? role : null;
+            let tenant = await this.findTenantById(user.tenant);
+            user.tenant = tenant ? tenant : null;
             user.active = user.active === 1;
         }
         return {
@@ -146,6 +149,9 @@ class UserSqliteRepository {
     async findRoleById(id) {
         return await this.roleRepository.findById(id);
     }
+    async findTenantById(id) {
+        return await this.tenantRepository.findById(id);
+    }
     async changePassword(id, password) {
         const stmt = this.db.prepare(`UPDATE users
                                       SET password = @password

package/dist/routes/RoleRoutes.js

@@ -75,7 +75,12 @@ async function RoleRoutes(fastify, options) {
             request.rbac.assertPermission(IdentityPermissions.ViewRole);
             const roleService = RoleServiceFactory();
             let roles = await roleService.fetchAll();
-            return roles;
+            if (request.rbac.getRole?.childRoles?.length > 0) {
+                return roles.filter(role => request.rbac.getRole.childRoles.some(childRole => childRole.id === role.id));
+            }
+            else {
+                return roles;
+            }
         }
         catch (e) {
             console.error(e);
@@ -177,6 +182,10 @@ async function RoleRoutes(fastify, options) {
             request.rbac.assertPermission(IdentityPermissions.DeleteRole);
             const id = request.params.id;
             const roleService = RoleServiceFactory();
+            const currentRole = await roleService.findById(id);
+            if (currentRole.readonly) {
+                throw new UnauthorizedError();
+            }
             let r = await roleService.delete(id);
             return r;
         }

package/dist/routes/TenantRoutes.js

@@ -0,0 +1,183 @@
+import { ValidationError } from "@drax/common-back";
+import TenantServiceFactory from "../factory/TenantServiceFactory.js";
+import { IdentityPermissions } from "../permissions/IdentityPermissions.js";
+import UnauthorizedError from "../errors/UnauthorizedError.js";
+async function TenantRoutes(fastify, options) {
+    fastify.get('/api/tenants/:id', async (request, reply) => {
+        try {
+            request.rbac.assertPermission(IdentityPermissions.ViewTenant);
+            const id = request.params.id;
+            const tenantService = TenantServiceFactory();
+            let tenant = await tenantService.findById(id);
+            return tenant;
+        }
+        catch (e) {
+            console.error(e);
+            if (e instanceof ValidationError) {
+                reply.statusCode = e.statusCode;
+                reply.send({ error: e.message, inputErrors: e.errors });
+            }
+            else if (e instanceof UnauthorizedError) {
+                reply.statusCode = e.statusCode;
+                reply.send({ error: e.message });
+            }
+            else {
+                reply.statusCode = 500;
+                reply.send({ error: 'INTERNAL_SERVER_ERROR' });
+            }
+        }
+    });
+    fastify.get('/api/tenants/name/:name', async (request, reply) => {
+        try {
+            request.rbac.assertPermission(IdentityPermissions.ViewTenant);
+            const name = request.params.name;
+            const tenantService = TenantServiceFactory();
+            let tenant = await tenantService.findByName(name);
+            return tenant;
+        }
+        catch (e) {
+            console.error(e);
+            if (e instanceof ValidationError) {
+                reply.statusCode = e.statusCode;
+                reply.send({ error: e.message, inputErrors: e.errors });
+            }
+            else if (e instanceof UnauthorizedError) {
+                reply.statusCode = e.statusCode;
+                reply.send({ error: e.message });
+            }
+            else {
+                reply.statusCode = 500;
+                reply.send({ error: 'INTERNAL_SERVER_ERROR' });
+            }
+        }
+    });
+    fastify.get('/api/tenants/all', async (request, reply) => {
+        try {
+            request.rbac.assertPermission(IdentityPermissions.ViewTenant);
+            const tenantService = TenantServiceFactory();
+            let tenants = await tenantService.fetchAll();
+            if (request.rbac.getAuthUser.tenantId) {
+                return tenants.filter(t => t.id === request.rbac.getAuthUser.tenantId);
+            }
+            else {
+                return tenants;
+            }
+        }
+        catch (e) {
+            console.error(e);
+            if (e instanceof ValidationError) {
+                reply.statusCode = e.statusCode;
+                reply.send({ error: e.message, inputErrors: e.errors });
+            }
+            else if (e instanceof UnauthorizedError) {
+                reply.statusCode = e.statusCode;
+                reply.send({ error: e.message });
+            }
+            else {
+                reply.statusCode = 500;
+                reply.send({ error: 'INTERNAL_SERVER_ERROR' });
+            }
+        }
+    });
+    fastify.get('/api/tenants', async (request, reply) => {
+        try {
+            request.rbac.assertPermission(IdentityPermissions.ViewTenant);
+            const page = request.query.page;
+            const limit = request.query.limit;
+            const search = request.query.search;
+            const tenantService = TenantServiceFactory();
+            let paginateResult = await tenantService.paginate(page, limit, search);
+            return paginateResult;
+        }
+        catch (e) {
+            console.error(e);
+            if (e instanceof ValidationError) {
+                reply.statusCode = e.statusCode;
+                reply.send({ error: e.message, inputErrors: e.errors });
+            }
+            else if (e instanceof UnauthorizedError) {
+                reply.statusCode = e.statusCode;
+                reply.send({ error: e.message });
+            }
+            else {
+                reply.statusCode = 500;
+                reply.send({ error: 'INTERNAL_SERVER_ERROR' });
+            }
+        }
+    });
+    fastify.post('/api/tenants', async (request, reply) => {
+        try {
+            request.rbac.assertPermission(IdentityPermissions.CreateTenant);
+            const payload = request.body;
+            const tenantService = TenantServiceFactory();
+            let tenant = await tenantService.create(payload);
+            return tenant;
+        }
+        catch (e) {
+            console.error(e);
+            if (e instanceof ValidationError) {
+                reply.statusCode = e.statusCode;
+                reply.send({ error: e.message, inputErrors: e.errors });
+            }
+            else if (e instanceof UnauthorizedError) {
+                reply.statusCode = e.statusCode;
+                reply.send({ error: e.message });
+            }
+            else {
+                reply.statusCode = 500;
+                reply.send({ error: 'INTERNAL_SERVER_ERROR' });
+            }
+        }
+    });
+    fastify.put('/api/tenants/:id', async (request, reply) => {
+        try {
+            request.rbac.assertPermission(IdentityPermissions.UpdateTenant);
+            const id = request.params.id;
+            const payload = request.body;
+            const tenantService = TenantServiceFactory();
+            let tenant = await tenantService.update(id, payload);
+            return tenant;
+        }
+        catch (e) {
+            console.error(e);
+            if (e instanceof ValidationError) {
+                reply.statusCode = e.statusCode;
+                reply.send({ error: e.message, inputErrors: e.errors });
+            }
+            else if (e instanceof UnauthorizedError) {
+                reply.statusCode = e.statusCode;
+                reply.send({ error: e.message });
+            }
+            else {
+                reply.statusCode = 500;
+                reply.send({ error: 'INTERNAL_SERVER_ERROR' });
+            }
+        }
+    });
+    fastify.delete('/api/tenants/:id', async (request, reply) => {
+        try {
+            request.rbac.assertPermission(IdentityPermissions.DeleteTenant);
+            const id = request.params.id;
+            const tenantService = TenantServiceFactory();
+            let r = await tenantService.delete(id);
+            return r;
+        }
+        catch (e) {
+            console.error(e);
+            if (e instanceof ValidationError) {
+                reply.statusCode = e.statusCode;
+                reply.send({ error: e.message, inputErrors: e.errors });
+            }
+            else if (e instanceof UnauthorizedError) {
+                reply.statusCode = e.statusCode;
+                reply.send({ error: e.message });
+            }
+            else {
+                reply.statusCode = 500;
+                reply.send({ error: 'INTERNAL_SERVER_ERROR' });
+            }
+        }
+    });
+}
+export default TenantRoutes;
+export { TenantRoutes };

package/dist/routes/UserRoutes.js

@@ -55,10 +55,15 @@ async function UserRoutes(fastify, options) {
             const limit = request.query.limit;
             const search = request.query.search;
             const userService = UserServiceFactory();
-            let paginateResult = await userService.paginate(page, limit, search);
+            const filters = [];
+            if (request.rbac.getAuthUser.tenantId) {
+                filters.push({ field: 'tenant', operator: '$eq', value: request.rbac.getAuthUser.tenantId });
+            }
+            let paginateResult = await userService.paginate(page, limit, search, filters);
             return paginateResult;
         }
         catch (e) {
+            console.log("/api/users", e);
             if (e instanceof ValidationError) {
                 reply.statusCode = e.statusCode;
                 reply.send({ error: e.message, inputErrors: e.errors });

package/dist/services/RoleService.js

@@ -1,7 +1,6 @@
 import { ZodErrorToValidationError } from "@drax/common-back";
 import { roleSchema } from "../zod/RoleZod.js";
 import { ZodError } from "zod";
-import UnauthorizedError from "../errors/UnauthorizedError.js";
 class RoleService {
     constructor(roleRepostitory) {
         this._repository = roleRepostitory;
@@ -36,10 +35,6 @@ class RoleService {
         }
     }
     async delete(id) {
-        const currentRole = await this.findById(id);
-        if (currentRole.readonly) {
-            throw new UnauthorizedError();
-        }
         const deletedRole = await this._repository.delete(id);
         return deletedRole;
     }

package/dist/services/TenantService.js

@@ -0,0 +1,59 @@
+import { ZodErrorToValidationError } from "@drax/common-back";
+import { tenantSchema } from "../zod/TenantZod.js";
+import { ZodError } from "zod";
+class TenantService {
+    constructor(tenantRepostitory) {
+        this._repository = tenantRepostitory;
+        console.log("TenantService constructor");
+    }
+    async create(tenantData) {
+        try {
+            tenantData.name = tenantData?.name?.trim();
+            await tenantSchema.parseAsync(tenantData);
+            const tenant = await this._repository.create(tenantData);
+            return tenant;
+        }
+        catch (e) {
+            if (e instanceof ZodError) {
+                throw ZodErrorToValidationError(e, tenantData);
+            }
+            throw e;
+        }
+    }
+    async update(id, tenantData) {
+        try {
+            tenantData.name = tenantData?.name?.trim();
+            await tenantSchema.parseAsync(tenantData);
+            const tenant = await this._repository.update(id, tenantData);
+            return tenant;
+        }
+        catch (e) {
+            if (e instanceof ZodError) {
+                throw ZodErrorToValidationError(e, tenantData);
+            }
+            throw e;
+        }
+    }
+    async delete(id) {
+        const currentTenant = await this.findById(id);
+        const deletedTenant = await this._repository.delete(id);
+        return deletedTenant;
+    }
+    async findById(id) {
+        const tenant = await this._repository.findById(id);
+        return tenant;
+    }
+    async findByName(name) {
+        const tenant = await this._repository.findByName(name);
+        return tenant;
+    }
+    async fetchAll() {
+        const tenants = await this._repository.fetchAll();
+        return tenants;
+    }
+    async paginate(page = 1, limit = 5, search, filters) {
+        const pagination = await this._repository.paginate(page, limit, search, filters);
+        return pagination;
+    }
+}
+export default TenantService;

package/dist/services/UserService.js

@@ -15,7 +15,7 @@ class UserService {
         if (user && user.active && AuthUtils.checkPassword(password, user.password)) {
             //TODO: Generar Sesion
             const session = '123';
-            const accessToken = AuthUtils.generateToken(user.id.toString(), user.username, user.role.id, session);
+            const accessToken = AuthUtils.generateToken(user.id.toString(), user.username, user.role.id, user.tenant?.id, session);
             return { accessToken: accessToken };
         }
         else {

package/dist/utils/AuthUtils.js

@@ -24,16 +24,17 @@ class AuthUtils {
     static checkPassword(password, hashPassword) {
         return bcryptjs.compareSync(password, hashPassword);
     }
-    static tokenSignPayload(userId, username, roleId, session) {
+    static tokenSignPayload(userId, username, roleId, tenantId, session) {
         return {
             id: userId,
             username: username,
             roleId: roleId,
+            tenantId: tenantId,
             session: session
         };
     }
-    static generateToken(userId, username, roleId, session) {
-        const payload = AuthUtils.tokenSignPayload(userId, username, roleId, session);
+    static generateToken(userId, username, roleId, tenantId, session) {
+        const payload = AuthUtils.tokenSignPayload(userId, username, roleId, tenantId, session);
         const JWT_SECRET = DraxConfig.getOrLoad(IdentityConfig.JwtSecret);
         if (!JWT_SECRET) {
             throw new Error("JWT_SECRET ENV must be provided");

package/dist/zod/TenantZod.js

@@ -0,0 +1,8 @@
+import { object, string } from "zod";
+const tenantSchema = object({
+    name: string({ required_error: "validation.required" })
+        .min(1, "validation.required")
+        .regex(/^[A-Z]/, "validation.startWithUpperCase"),
+});
+export default tenantSchema;
+export { tenantSchema };

package/package.json

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "0.0.15",
+  "version": "0.0.16",
   "description": "Identity module for user management, authentication and authorization.",
   "main": "dist/index.js",
   "types": "types/index.d.ts",
@@ -56,5 +56,5 @@
       "debug": "0"
     }
   },
-  "gitHead": "141cd8b418596b7a16d4baf7f5f0b8b7587ec546"
+  "gitHead": "edddb7a152dab85eb7bca07bd79c497bfd12c51f"
 }

package/src/factory/TenantServiceFactory.ts

@@ -0,0 +1,33 @@
+import {DraxConfig} from "@drax/common-back"
+import TenantService from "../services/TenantService.js";
+import TenantMongoRepository from "../repository/mongo/TenantMongoRepository.js";
+import TenantSqliteRepository from "../repository/sqlite/TenantSqliteRepository.js";
+import {DbSetupUtils, DbEngine} from "../utils/DbSetupUtils.js";
+import type {ITenantRepository} from "../interfaces/ITenantRepository";
+
+let tenantService: TenantService
+
+const TenantServiceFactory = () : TenantService => {
+
+    if(!tenantService){
+        let tenantRepository: ITenantRepository
+
+        switch (DbSetupUtils.getDbEngine()) {
+            case DbEngine.Mongo:
+                console.log("TenantServiceFactory DB ENGINE MONGODB")
+                tenantRepository = new TenantMongoRepository()
+                break;
+            case DbEngine.Sqlite:
+                console.log("TenantServiceFactory DB ENGINE SQLITE")
+                tenantRepository = new TenantSqliteRepository(DbSetupUtils.getDbConfig(), false)
+                tenantRepository.table()
+                break;
+        }
+
+        tenantService = new TenantService(tenantRepository)
+    }
+
+    return tenantService
+}
+
+ export default TenantServiceFactory

package/src/factory/UserServiceFactory.ts

@@ -17,7 +17,7 @@ const UserServiceFactory = () : UserService => {
                 break;
             case DbEngine.Sqlite:
                 console.log("UserServiceFactory DB ENGINE SQLITE")
-                userRepository = new UserSqliteRepository(DbSetupUtils.getDbConfig(),false)
+                userRepository = new UserSqliteRepository(DbSetupUtils.getDbConfig(),true)
                 userRepository.table()
                 break;
         }

package/src/graphql/resolvers/role.resolvers.ts

@@ -36,8 +36,15 @@ export default {
             try {
                 rbac.assertPermission(IdentityPermissions.ViewRole)
                 const roleService = RoleServiceFactory()
-                return await roleService.fetchAll()
+                const roles = await roleService.fetchAll()
+                if(rbac.getRole?.childRoles?.length > 0) {
+                    return roles.filter(role => rbac.getRole.childRoles.some(childRole => childRole.id === role.id));
+                }else{
+                    return roles
+                }
+
             } catch (e) {
+                console.error("fetchRole",e)
                 if (e instanceof UnauthorizedError) {
                     throw new GraphQLError(e.message)
                 }
@@ -112,6 +119,11 @@ export default {
             try {
                 rbac.assertPermission(IdentityPermissions.DeleteRole)
                 const roleService = RoleServiceFactory()
+                const currentRole = await roleService.findById(id)
+                if(currentRole.readonly){
+                    throw new UnauthorizedError()
+                }
+
                 return await roleService.delete(id)
             } catch (e) {
                 console.error("deleteRole",e)