@drax/identity-back 0.0.15 → 0.0.16

package/src/graphql/resolvers/tenant.resolvers.ts

@@ -0,0 +1,119 @@
+import TenantServiceFactory from "../../factory/TenantServiceFactory.js";
+import {IdentityPermissions} from "../../permissions/IdentityPermissions.js";
+import {ValidationError, ValidationErrorToGraphQLError} from "@drax/common-back";
+import {GraphQLError} from "graphql";
+import {PermissionService} from "../../services/PermissionService.js";
+import UnauthorizedError from "../../errors/UnauthorizedError.js";
+
+
+export default {
+    Query: {
+        findTenantById: async (_, {id}, {rbac}) => {
+            try {
+                rbac.assertPermission(IdentityPermissions.ViewTenant)
+                const tenantService = TenantServiceFactory()
+                return await tenantService.findById(id)
+            } catch (e) {
+                if (e instanceof UnauthorizedError) {
+                    throw new GraphQLError(e.message)
+                }
+                throw new GraphQLError('error.server')
+            }
+        },
+        findTenantByName: async (_, {name}, {rbac}) => {
+            try {
+                rbac.assertPermission(IdentityPermissions.ViewTenant)
+                const tenantService = TenantServiceFactory()
+                return await tenantService.findByName(name)
+            } catch (e) {
+                if (e instanceof UnauthorizedError) {
+                    throw new GraphQLError(e.message)
+                }
+                throw new GraphQLError('error.server')
+            }
+        },
+        fetchTenant: async (_, {}, {rbac}) => {
+            try {
+                rbac.assertPermission(IdentityPermissions.ViewTenant)
+                const tenantService = TenantServiceFactory()
+                const tenants =  await tenantService.fetchAll()
+                if(rbac.getAuthUser.tenantId){
+                    return tenants.filter(t => t.id === rbac.getAuthUser.tenantId)
+                }else{
+                    return tenants
+                }
+
+            } catch (e) {
+                if (e instanceof UnauthorizedError) {
+                    throw new GraphQLError(e.message)
+                }
+                throw new GraphQLError('error.server')
+            }
+        },
+        paginateTenant: async (_, {page, limit, seach}, {rbac}) => {
+            try {
+                rbac.assertPermission(IdentityPermissions.ViewTenant)
+                const tenantService = TenantServiceFactory()
+                return await tenantService.paginate(page, limit, seach)
+            } catch (e) {
+                console.error("paginateTenant",e)
+                if (e instanceof UnauthorizedError) {
+                    throw new GraphQLError(e.message)
+                }
+                throw new GraphQLError('error.server')
+            }
+        }
+    },
+    Mutation: {
+        createTenant: async (_, {input}, {rbac}) => {
+            try {
+                rbac.assertPermission(IdentityPermissions.CreateTenant)
+                const tenantService = TenantServiceFactory()
+                return await tenantService.create(input)
+            } catch (e) {
+                console.error("createTenant",e)
+                if (e instanceof ValidationError) {
+                    throw ValidationErrorToGraphQLError(e)
+                }
+                if (e instanceof UnauthorizedError) {
+                    throw new GraphQLError(e.message)
+                }
+                throw new GraphQLError('error.server')
+            }
+
+        },
+        updateTenant: async (_, {id, input}, {rbac}) => {
+            try {
+                rbac.assertPermission(IdentityPermissions.UpdateTenant)
+                const tenantService = TenantServiceFactory()
+                return await tenantService.update(id, input)
+            } catch (e) {
+                console.error("updateTenant",e)
+                if (e instanceof ValidationError) {
+                    throw ValidationErrorToGraphQLError(e)
+                }
+                if (e instanceof UnauthorizedError) {
+                    throw new GraphQLError(e.message)
+                }
+                throw new GraphQLError('error.server')
+            }
+        },
+        deleteTenant: async (_, {id}, {rbac}) => {
+            try {
+                rbac.assertPermission(IdentityPermissions.DeleteTenant)
+                const tenantService = TenantServiceFactory()
+                return await tenantService.delete(id)
+            } catch (e) {
+                console.error("deleteTenant",e)
+                if (e instanceof ValidationError) {
+                    throw ValidationErrorToGraphQLError(e)
+                }
+                if (e instanceof UnauthorizedError) {
+                    throw new GraphQLError(e.message)
+                }
+                throw new GraphQLError('error.server')
+            }
+
+        }
+    }
+}

package/src/graphql/resolvers/user.resolvers.ts

@@ -35,11 +35,14 @@ export default {
             }
 
         },
-        paginateUser: async (_, {page, limit, search}, {rbac}) => {
+        paginateUser: async (_, {page, limit, search, filters = []}, {rbac}) => {
             try {
                 rbac.assertPermission(IdentityPermissions.ViewUser)
                 let userService= UserServiceFactory()
-                return await userService.paginate(page, limit, search)
+                if(rbac.getAuthUser.tenantId){
+                    filters.push({field: 'tenant', operator: '$eq', value: rbac.getAuthUser.tenantId})
+                }
+                return await userService.paginate(page, limit, search, filters)
             } catch (e) {
                 if (e instanceof UnauthorizedError) {
                     throw new GraphQLError(e.message)

package/src/graphql/types/tenant.graphql

@@ -0,0 +1,28 @@
+type Tenant {
+    id: ID!
+    name: String
+}
+
+type TenantPaginated{
+    total: Int
+    page: Int
+    limit: Int
+    items: [Tenant]
+}
+
+type Query{
+    paginateTenant(page:Int, limit:Int, search:String): TenantPaginated
+    fetchTenant: [Tenant]
+    findTenantById(id: ID): Tenant
+    findTenantByName(name: String!): Tenant
+}
+
+input TenantInput{
+    name: String
+}
+
+type Mutation{
+    createTenant(input: TenantInput): Tenant
+    updateTenant(id: ID!, input: TenantInput): Tenant
+    deleteTenant(id: ID!): Boolean
+}

package/src/graphql/types/user.graphql

@@ -4,6 +4,7 @@ type User {
     name: String
     email: String
     role: Role
+    tenant: Tenant
     phone: String
     avatar: String
     active: Boolean
@@ -28,6 +29,7 @@ input UserCreateInput{
     username: String!
     password: String!
     role: ID
+    tenant: ID
     email: String!
     phone: String
     active: Boolean
@@ -37,6 +39,7 @@ input UserUpdateInput{
     name: String
     username: String!
     role: ID
+    tenant: ID
     email: String!
     phone: String
     active: Boolean

package/src/index.ts

@@ -1,12 +1,15 @@
 import GraphqlMerge from "./graphql/index.js"
 import UserServiceFactory from "./factory/UserServiceFactory.js";
 import RoleServiceFactory from "./factory/RoleServiceFactory.js";
+import TenantServiceFactory from "./factory/TenantServiceFactory.js";
 import RoleService from "./services/RoleService.js";
 import UserService from "./services/UserService.js";
+import TenantService from "./services/TenantService.js";
 import PermissionService from "./services/PermissionService.js";
 import Rbac from "./rbac/Rbac.js";
 import {UserRoutes} from "./routes/UserRoutes.js";
 import {RoleRoutes} from "./routes/RoleRoutes.js";
+import {TenantRoutes} from "./routes/TenantRoutes.js";
 import AuthUtils from "./utils/AuthUtils.js";
 import {jwtMiddleware} from "./middleware/jwtMiddleware.js";
 import {rbacMiddleware} from "./middleware/rbacMiddleware.js";
@@ -45,12 +48,14 @@ export {
     //Service
     UserService,
     RoleService,
+    TenantService,
     PermissionService,
     Rbac,
 
     //Factories
     UserServiceFactory,
     RoleServiceFactory,
+    TenantServiceFactory,
 
     //GQL
     identityTypeDefs,
@@ -59,6 +64,7 @@ export {
     //API REST
     UserRoutes,
     RoleRoutes,
+    TenantRoutes,
 
     AuthUtils,
 

package/src/interfaces/ITenant.ts

@@ -0,0 +1,9 @@
+import {IID} from "./IID";
+
+interface ITenant{
+    id: IID
+    name: string
+}
+
+
+export {ITenant}

package/src/interfaces/ITenantRepository.ts

@@ -0,0 +1,15 @@
+import {ITenant} from './ITenant'
+import {IPaginateFilter, IPaginateResult} from "@drax/common-back";
+import {IID} from "./IID";
+interface ITenantRepository{
+    create(role: ITenant): Promise<ITenant>;
+    update(id: IID, updatedRole: ITenant): Promise<ITenant | null>;
+    delete(id: IID): Promise<boolean>;
+    findById(id: IID): Promise<ITenant | null>;
+    findByName(name: string): Promise<ITenant | null>;
+    fetchAll(): Promise<ITenant[]>;
+    paginate(page?: number, limit?: number, search?:string, filters?: IPaginateFilter[]): Promise<IPaginateResult>;
+    table?():void
+}
+
+export {ITenantRepository}

package/src/interfaces/IUser.ts

@@ -1,7 +1,7 @@
-import {mongoose} from "@drax/common-back";
 import {IRole} from "./IRole";
 import {IUserGroup} from "./IUserGroup";
 import {IID} from "./IID";
+import {ITenant} from "./ITenant";
 
 interface IUser {
     id?: IID
@@ -14,6 +14,7 @@ interface IUser {
     avatar?: string
     code?: string
     role: IRole | IID
+    tenant?: ITenant | IID
     groups: IID[] | IUserGroup[] | string[] | string
     toObject(): IUser;
 }
@@ -27,6 +28,7 @@ interface IUserCreate {
     active: boolean | number
     phone: string
     role: IID
+    tenant?: IID
     groups: IID[] | string
 }
 
@@ -38,6 +40,7 @@ interface IUserUpdate {
     active: boolean
     phone: string
     role: IID
+    tenant?: IID
     groups: IID[]
     password?: string
 }

package/src/middleware/rbacMiddleware.ts

@@ -1,21 +1,18 @@
 import type {IJwtUser} from "../interfaces/IJwtUser";
-import type {IRole, IRoleBase} from "../interfaces/IRole";
+import type {IRole} from "../interfaces/IRole";
 import {DraxCache, DraxConfig} from "@drax/common-back";
 import RoleServiceFactory from "../factory/RoleServiceFactory.js";
 import Rbac from "../rbac/Rbac.js";
 import IdentityConfig from "../config/IdentityConfig.js";
 
 const cacheTTL = DraxConfig.getOrLoad(IdentityConfig.RbacCacheTTL) ? parseInt(DraxConfig.getOrLoad(IdentityConfig.RbacCacheTTL)) : 10000;
-const draxCache = new DraxCache<IRoleBase>(cacheTTL);
+const draxCache = new DraxCache<IRole>(cacheTTL);
 
 
-async function roleLoader(k):Promise<IRoleBase | null> {
+async function roleLoader(k):Promise<IRole | null> {
     const roleService = RoleServiceFactory()
     const role: IRole = await roleService.findById(k)
-    if(role){
-        return {id: role.id, name: role.name, permissions: role.permissions} as IRoleBase
-    }
-    return null
+    return role
 }
 
 async function rbacMiddleware (request, reply) {

package/src/models/TenantModel.ts

@@ -0,0 +1,32 @@
+import {mongoose, MongooseSoftDelete} from '@drax/common-back';
+import uniqueValidator from 'mongoose-unique-validator';
+import mongoosePaginate from 'mongoose-paginate-v2'
+import {ITenant} from '../interfaces/ITenant'
+const Schema = mongoose.Schema
+import {PaginateModel} from "mongoose";
+
+
+const TenantSchema = new Schema<ITenant>({
+    name: {
+        type: String, unique: true, required: true, index: true,
+    },
+});
+
+TenantSchema.plugin(uniqueValidator, {message: 'validation.unique'});
+TenantSchema.plugin(MongooseSoftDelete);
+TenantSchema.plugin(mongoosePaginate);
+
+
+TenantSchema.set('toJSON', {getters: true});
+
+const TENANT_MODEL_NAME = 'Tenant';
+const TENANT_COLLECTION_NAME = 'tenants';
+const TenantModel = mongoose.model<ITenant, PaginateModel<ITenant>>(TENANT_MODEL_NAME, TenantSchema,TENANT_COLLECTION_NAME);
+
+export {
+    TenantSchema,
+    TenantModel
+}
+
+export default TenantModel
+

package/src/models/UserModel.ts

@@ -54,6 +54,11 @@ const UserSchema = new mongoose.Schema<IUser>({
         ref: 'Role',
         required: true,
     },
+    tenant: {
+        type: mongoose.Schema.Types.ObjectId,
+        ref: 'Tenant',
+        required: false,
+    },
     groups: [{
         type: mongoose.Schema.Types.ObjectId,
         ref: 'Group',

package/src/permissions/IdentityPermissions.ts

@@ -14,6 +14,13 @@ enum IdentityPermissions {
     ManageRole = "role:manage",
     PermissionsRole = "role:permissions",
 
+
+    CreateTenant = "tenant:create",
+    UpdateTenant = "tenant:update",
+    DeleteTenant = "tenant:delete",
+    ViewTenant = "tenant:view",
+    ManageTenant = "tenant:manage",
+
 }
 
 export default IdentityPermissions;

package/src/rbac/Rbac.ts

@@ -1,16 +1,24 @@
-import {IRoleBase} from "../interfaces/IRole";
+import {IRole} from "../interfaces/IRole";
 import {IJwtUser} from "../interfaces/IJwtUser";
 import UnauthorizedError from "../errors/UnauthorizedError.js";
 
 class Rbac{
-    private role: IRoleBase;
+    private role: IRole;
     private authUser: IJwtUser;
 
-    constructor(authUser: IJwtUser, role: IRoleBase) {
+    constructor(authUser: IJwtUser, role: IRole) {
         this.authUser = authUser;
         this.role = role;
     }
 
+    get getRole() {
+        return this.role
+    }
+
+    get getAuthUser() {
+        return this.authUser
+    }
+
     hasPermission(requiredPermission: string): boolean {
         if (!this.authUser || !this.role || !this.role.permissions || this.role.permissions.length === 0) {
             return false;

package/src/repository/mongo/RoleMongoRepository.ts

@@ -10,31 +10,32 @@ class RoleMongoRepository implements IRoleRepository{
     async create(roleData: IRole): Promise<IRole> {
         const role : mongoose.HydratedDocument<IRole> = new RoleModel(roleData)
         await role.save()
+        await role.populate('childRoles')
         return role
     }
 
     async update(id: mongoose.Types.ObjectId | string, roleData: IRole): Promise<IRole> {
-        const role : mongoose.HydratedDocument<IRole> = await RoleModel.findOneAndUpdate({_id: id}, roleData, {new: true}).exec()
+        const role : mongoose.HydratedDocument<IRole> = await RoleModel.findOneAndUpdate({_id: id}, roleData, {new: true}).populate('childRoles').exec()
         return role
     }
 
     async delete(id: mongoose.Types.ObjectId): Promise<boolean> {
-        const result : DeleteResult = await RoleModel.deleteOne(id).exec()
+        const result : DeleteResult = await RoleModel.deleteOne({_id: id}).exec()
         return result.deletedCount == 1
     }
 
     async findById(id: mongoose.Types.ObjectId): Promise<IRole | null>{
-        const role: mongoose.HydratedDocument<IRole> | null = await RoleModel.findById(id).exec()
+        const role: mongoose.HydratedDocument<IRole> | null = await RoleModel.findById(id).populate('childRoles').exec()
         return role
     }
 
     async findByName(name: string): Promise<IRole | null>{
-        const role: mongoose.HydratedDocument<IRole> | null = await RoleModel.findOne({name}).exec()
+        const role: mongoose.HydratedDocument<IRole> | null = await RoleModel.findOne({name}).populate('childRoles').exec()
         return role
     }
 
     async fetchAll(): Promise<IRole[]>{
-        const roles: mongoose.HydratedDocument<IRole>[] = await RoleModel.find().exec()
+        const roles: mongoose.HydratedDocument<IRole>[] = await RoleModel.find().populate('childRoles').exec()
         return roles
     }
 
@@ -48,7 +49,7 @@ class RoleMongoRepository implements IRoleRepository{
             ]
         }
 
-        const options = {page, limit} as PaginateOptions
+        const options = {populate: ['childRoles'], page, limit} as PaginateOptions
         const roles: PaginateResult<IRole> = await RoleModel.paginate(query, options)
         return {
             page: page,

package/src/repository/mongo/TenantMongoRepository.ts

@@ -0,0 +1,62 @@
+import {TenantModel} from "../../models/TenantModel.js";
+import {ITenant} from '../../interfaces/ITenant'
+import {ITenantRepository} from '../../interfaces/ITenantRepository'
+import {IPaginateFilter, IPaginateResult, mongoose} from "@drax/common-back";
+import {FilterQuery, PaginateOptions, PaginateResult} from "mongoose";
+import {DeleteResult} from "mongodb";
+
+class TenantMongoRepository implements ITenantRepository{
+
+    async create(tenantData: ITenant): Promise<ITenant> {
+        const tenant : mongoose.HydratedDocument<ITenant> = new TenantModel(tenantData)
+        await tenant.save()
+        return tenant
+    }
+
+    async update(id: mongoose.Types.ObjectId | string, tenantData: ITenant): Promise<ITenant> {
+        const tenant : mongoose.HydratedDocument<ITenant> = await TenantModel.findOneAndUpdate({_id: id}, tenantData, {new: true}).exec()
+        return tenant
+    }
+
+    async delete(id: mongoose.Types.ObjectId): Promise<boolean> {
+        const result : DeleteResult = await TenantModel.deleteOne({_id:id}).exec()
+        return result.deletedCount == 1
+    }
+
+    async findById(id: mongoose.Types.ObjectId): Promise<ITenant | null>{
+        const tenant: mongoose.HydratedDocument<ITenant> | null = await TenantModel.findById(id).exec()
+        return tenant
+    }
+
+    async findByName(name: string): Promise<ITenant | null>{
+        const tenant: mongoose.HydratedDocument<ITenant> | null = await TenantModel.findOne({name}).exec()
+        return tenant
+    }
+
+    async fetchAll(): Promise<ITenant[]>{
+        const tenants: mongoose.HydratedDocument<ITenant>[] = await TenantModel.find().exec()
+        return tenants
+    }
+
+    async paginate(page:number = 1, limit:number = 5, search:string): Promise<IPaginateResult>{
+
+        const query = {}
+
+        if(search){
+            query['$or'] = [
+                {name: new RegExp(search, 'i')},
+            ]
+        }
+
+        const options = {page, limit} as PaginateOptions
+        const tenants: PaginateResult<ITenant> = await TenantModel.paginate(query, options)
+        return {
+            page: page,
+            limit: limit,
+            total: tenants.totalDocs,
+            items: tenants.docs
+        }
+    }
+}
+
+export default TenantMongoRepository

package/src/repository/mongo/UserMongoRepository.ts

@@ -24,7 +24,7 @@ class UserMongoRepository implements IUserRepository {
 
             const user: mongoose.HydratedDocument<IUser> = new UserModel(userData)
             await user.save()
-            await user.populate('role')
+            await user.populate(['role','tenant'])
             return user
         }catch (e){
             if(e instanceof mongoose.Error.ValidationError){
@@ -37,7 +37,7 @@ class UserMongoRepository implements IUserRepository {
 
     async update(id: mongoose.Types.ObjectId, userData: IUserUpdate): Promise<IUser> {
         try{
-        const user: mongoose.HydratedDocument<IUser> = await UserModel.findOneAndUpdate({_id: id}, userData, {new: true}).populate('role').exec()
+        const user: mongoose.HydratedDocument<IUser> = await UserModel.findOneAndUpdate({_id: id}, userData, {new: true}).populate(['role','tenant']).exec()
         return user
         }catch (e){
             if(e instanceof mongoose.Error.ValidationError){
@@ -57,16 +57,16 @@ class UserMongoRepository implements IUserRepository {
 
 
     async findById(id: mongoose.Types.ObjectId): Promise<IUser> {
-        const user: mongoose.HydratedDocument<IUser> = await UserModel.findById(id).populate('role').exec()
+        const user: mongoose.HydratedDocument<IUser> = await UserModel.findById(id).populate(['role','tenant']).exec()
         return user
     }
 
     async findByUsername(username: string): Promise<IUser> {
-        const user: mongoose.HydratedDocument<IUser> = await UserModel.findOne({username: username}).populate('role').exec()
+        const user: mongoose.HydratedDocument<IUser> = await UserModel.findOne({username: username}).populate(['role','tenant']).exec()
         return user
     }
 
-    async paginate(page: number = 1, limit: number = 5, search?:string): Promise<IPaginateResult> {
+    async paginate(page: number = 1, limit: number = 5, search?:string, filters?:IPaginateFilter[]): Promise<IPaginateResult> {
 
 
         const query = {}
@@ -79,7 +79,21 @@ class UserMongoRepository implements IUserRepository {
             ]
         }
 
-        const options = {populate: ['role'], page: page, limit: limit }
+        if(filters){
+            for(const filter of filters){
+                if(filter.operator === '$eq'){
+                    query[filter.field] = {$eq: filter.value}
+                }
+                if(filter.operator === '$ne'){
+                    query[filter.field] = {$ne: filter.value}
+                }
+                if(filter.operator === '$in'){
+                    query[filter.field] = {$in: filter.value}
+                }
+            }
+        }
+
+        const options = {populate: ['role','tenant'], page: page, limit: limit }
 
         const userPaginated: PaginateResult<IUser> = await UserModel.paginate(query, options)
         return {

package/src/repository/sqlite/RoleSqliteRepository.ts

@@ -25,6 +25,7 @@ class RoleSqliteRepository implements IRoleRepository{
 
     constructor(DATABASE:string, verbose:boolean = false) {
         this.db = new sqlite(DATABASE, {verbose: verbose ? console.log : null});
+        this.table()
     }
 
     table() {
@@ -78,7 +79,7 @@ class RoleSqliteRepository implements IRoleRepository{
     async findById(id: IID): Promise<IRole | null>{
         const role = this.db.prepare('SELECT * FROM roles WHERE id = ?').get(id);
         if(role){
-            role.permissions = role.permissions ? role.permissions.split(",") : []
+            await this.populateRole(role)
             return role
         }
         return undefined
@@ -87,7 +88,7 @@ class RoleSqliteRepository implements IRoleRepository{
     async findByName(name: string): Promise<IRole | null>{
         const role = this.db.prepare('SELECT * FROM roles WHERE name = ?').get(name);
         if(role){
-            role.permissions = role.permissions ? role.permissions.split(",") : []
+            await this.populateRole(role)
             return role
         }
         return undefined
@@ -125,7 +126,7 @@ class RoleSqliteRepository implements IRoleRepository{
     async fetchAll(): Promise<IRole[]>{
         const roles = this.db.prepare('SELECT * FROM roles').all();
         for (const role of roles) {
-            role.permissions = role.permissions? role.permissions.split(",") : []
+            await this.populateRole(role)
         }
         return roles
     }
@@ -133,7 +134,7 @@ class RoleSqliteRepository implements IRoleRepository{
     async paginate(page = 1, limit = 5, search=""): Promise<IPaginateResult>{
         const offset = page > 1 ? (page - 1) * limit : 0
 
-        let where
+        let where=""
         if (search) {
             where = ` WHERE name LIKE '%${search}%'`
         }
@@ -142,10 +143,9 @@ class RoleSqliteRepository implements IRoleRepository{
         const roles = this.db.prepare('SELECT * FROM roles LIMIT ? OFFSET ?'+where).all([limit, offset]);
 
         for (const role of roles) {
-            role.permissions = role.permissions? role.permissions.split(",") : []
+            await this.populateRole(role)
         }
 
-
         return {
             page: page,
             limit: limit,
@@ -154,6 +154,27 @@ class RoleSqliteRepository implements IRoleRepository{
         }
     }
 
+    async findWithoutPopulateById(id: IID): Promise<IRole | null>{
+        const role = this.db.prepare('SELECT * FROM roles WHERE id = ?').get(id);
+        if(role){
+            return role
+        }
+        return undefined
+    }
+
+    async populateRole(role){
+        role.permissions = role.permissions? role.permissions.split(",") : []
+        role.childRoles = role.childRoles? role.childRoles.split(",") : []
+
+        const childRoles = []
+        for(const childRoleId of role.childRoles){
+            const childRole:IRole = await this.findWithoutPopulateById(childRoleId)
+            childRoles.push(childRole)
+        }
+        role.childRoles = childRoles
+        return role
+    }
+
 
 }