npm - @drax/identity-back - Versions diffs - 0.0.28 → 0.0.29 - Mend

@drax/identity-back 0.0.28 → 0.0.29

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (138) hide show

package/dist/graphql/resolvers/role.resolvers.js +2 -2
package/dist/graphql/resolvers/tenant.resolvers.js +2 -2
package/dist/graphql/resolvers/user.resolvers.js +39 -4
package/dist/graphql/types/user.graphql +2 -0
package/dist/index.js +2 -2
package/dist/rbac/Rbac.js +5 -0
package/dist/repository/mongo/UserMongoRepository.js +10 -0
package/dist/repository/sqlite/RoleSqliteRepository.js +1 -1
package/dist/repository/sqlite/TenantSqliteRepository.js +1 -1
package/dist/repository/sqlite/UserSqliteRepository.js +7 -0
package/dist/routes/UserAvatarRoutes.js +69 -0
package/dist/services/UserService.js +13 -0
package/package.json +5 -5
package/src/graphql/resolvers/role.resolvers.ts +2 -2
package/src/graphql/resolvers/tenant.resolvers.ts +2 -2
package/src/graphql/resolvers/user.resolvers.ts +56 -16
package/src/graphql/types/user.graphql +2 -0
package/src/index.ts +2 -1
package/src/interfaces/IUserRepository.ts +1 -0
package/src/rbac/Rbac.ts +6 -0
package/src/repository/mongo/UserMongoRepository.ts +10 -0
package/src/repository/sqlite/RoleSqliteRepository.ts +1 -1
package/src/repository/sqlite/TenantSqliteRepository.ts +1 -1
package/src/repository/sqlite/UserSqliteRepository.ts +8 -0
package/src/routes/UserAvatarRoutes.ts +80 -0
package/src/services/UserService.ts +17 -0
package/test/data-obj/roles/admin-mongo-role.ts +1 -1
package/test/repository/mongo/role-mongo-repository.test.ts +2 -3
package/test/repository/mongo/user-mongo-repository.test.ts +2 -2
package/test/repository/sqlite/role-sqlite-repository.test.ts +2 -2
package/test/repository/sqlite/user-sqlite-repository.test.ts +1 -1
package/tsconfig.json +1 -11
package/tsconfig.tsbuildinfo +1 -1
package/types/graphql/resolvers/role.resolvers.d.ts +9 -6
package/types/graphql/resolvers/role.resolvers.d.ts.map +1 -1
package/types/graphql/resolvers/tenant.resolvers.d.ts +9 -6
package/types/graphql/resolvers/tenant.resolvers.d.ts.map +1 -1
package/types/graphql/resolvers/user.resolvers.d.ts +15 -7
package/types/graphql/resolvers/user.resolvers.d.ts.map +1 -1
package/types/routes/UserAvatarRoutes.d.ts.map +1 -0
package/types/services/UserService.d.ts.map +1 -1
package/types/config/IdentityConfig.d.ts +0 -12
package/types/config/IdentityConfig.d.ts.map +0 -1
package/types/errors/BadCredentialsError.d.ts +0 -6
package/types/errors/BadCredentialsError.d.ts.map +0 -1
package/types/errors/UnauthorizedError.d.ts +0 -6
package/types/errors/UnauthorizedError.d.ts.map +0 -1
package/types/factory/RoleServiceFactory.d.ts +0 -4
package/types/factory/RoleServiceFactory.d.ts.map +0 -1
package/types/factory/TenantServiceFactory.d.ts +0 -4
package/types/factory/TenantServiceFactory.d.ts.map +0 -1
package/types/factory/UserServiceFactory.d.ts +0 -4
package/types/factory/UserServiceFactory.d.ts.map +0 -1
package/types/graphql/index.d.ts +0 -6
package/types/graphql/index.d.ts.map +0 -1
package/types/index.d.ts +0 -31
package/types/index.d.ts.map +0 -1
package/types/interfaces/IID.d.ts +0 -6
package/types/interfaces/IID.d.ts.map +0 -1
package/types/interfaces/IJwtUser.d.ts +0 -7
package/types/interfaces/IJwtUser.d.ts.map +0 -1
package/types/interfaces/IRole.d.ts +0 -18
package/types/interfaces/IRole.d.ts.map +0 -1
package/types/interfaces/IRoleRepository.d.ts +0 -9
package/types/interfaces/IRoleRepository.d.ts.map +0 -1
package/types/interfaces/ITenant.d.ts +0 -7
package/types/interfaces/ITenant.d.ts.map +0 -1
package/types/interfaces/ITenantRepository.d.ts +0 -9
package/types/interfaces/ITenantRepository.d.ts.map +0 -1
package/types/interfaces/IUser.d.ts +0 -45
package/types/interfaces/IUser.d.ts.map +0 -1
package/types/interfaces/IUserGroup.d.ts +0 -11
package/types/interfaces/IUserGroup.d.ts.map +0 -1
package/types/interfaces/IUserRepository.d.ts +0 -9
package/types/interfaces/IUserRepository.d.ts.map +0 -1
package/types/middleware/jwtMiddleware.d.ts +0 -4
package/types/middleware/jwtMiddleware.d.ts.map +0 -1
package/types/middleware/rbacMiddleware.d.ts +0 -4
package/types/middleware/rbacMiddleware.d.ts.map +0 -1
package/types/models/RoleModel.d.ts +0 -16
package/types/models/RoleModel.d.ts.map +0 -1
package/types/models/TenantModel.d.ts +0 -16
package/types/models/TenantModel.d.ts.map +0 -1
package/types/models/UserGroupModel.d.ts +0 -16
package/types/models/UserGroupModel.d.ts.map +0 -1
package/types/models/UserModel.d.ts +0 -16
package/types/models/UserModel.d.ts.map +0 -1
package/types/permissions/IdentityPermissions.d.ts +0 -21
package/types/permissions/IdentityPermissions.d.ts.map +0 -1
package/types/rbac/Rbac.d.ts +0 -13
package/types/rbac/Rbac.d.ts.map +0 -1
package/types/repository/mongo/RoleMongoRepository.d.ts +0 -14
package/types/repository/mongo/RoleMongoRepository.d.ts.map +0 -1
package/types/repository/mongo/TenantMongoRepository.d.ts +0 -14
package/types/repository/mongo/TenantMongoRepository.d.ts.map +0 -1
package/types/repository/mongo/UserMongoRepository.d.ts +0 -16
package/types/repository/mongo/UserMongoRepository.d.ts.map +0 -1
package/types/repository/sqlite/RoleSqliteRepository.d.ts +0 -21
package/types/repository/sqlite/RoleSqliteRepository.d.ts.map +0 -1
package/types/repository/sqlite/TenantSqliteRepository.d.ts +0 -18
package/types/repository/sqlite/TenantSqliteRepository.d.ts.map +0 -1
package/types/repository/sqlite/UserSqliteRepository.d.ts +0 -23
package/types/repository/sqlite/UserSqliteRepository.d.ts.map +0 -1
package/types/routes/RoleRoutes.d.ts +0 -4
package/types/routes/RoleRoutes.d.ts.map +0 -1
package/types/routes/TenantRoutes.d.ts +0 -4
package/types/routes/TenantRoutes.d.ts.map +0 -1
package/types/routes/UserRoutes.d.ts +0 -4
package/types/routes/UserRoutes.d.ts.map +0 -1
package/types/services/PermissionService.d.ts +0 -9
package/types/services/PermissionService.d.ts.map +0 -1
package/types/services/RoleService.d.ts +0 -16
package/types/services/RoleService.d.ts.map +0 -1
package/types/services/TenantService.d.ts +0 -16
package/types/services/TenantService.d.ts.map +0 -1
package/types/services/UserService.d.ts +0 -20
package/types/setup/CreateOrUpdateRole.d.ts +0 -5
package/types/setup/CreateOrUpdateRole.d.ts.map +0 -1
package/types/setup/CreateUserIfNotExist.d.ts +0 -5
package/types/setup/CreateUserIfNotExist.d.ts.map +0 -1
package/types/setup/LoadConfigFromEnv.d.ts +0 -4
package/types/setup/LoadConfigFromEnv.d.ts.map +0 -1
package/types/setup/LoadIdentityConfigFromEnv.d.ts +0 -4
package/types/setup/LoadIdentityConfigFromEnv.d.ts.map +0 -1
package/types/setup/LoadPermissions.d.ts +0 -4
package/types/setup/LoadPermissions.d.ts.map +0 -1
package/types/setup/RecoveryUserPassword.d.ts +0 -4
package/types/setup/RecoveryUserPassword.d.ts.map +0 -1
package/types/utils/AuthUtils.d.ts +0 -16
package/types/utils/AuthUtils.d.ts.map +0 -1
package/types/utils/DbSetupUtils.d.ts +0 -10
package/types/utils/DbSetupUtils.d.ts.map +0 -1
package/types/zod/RoleZod.d.ts +0 -10
package/types/zod/RoleZod.d.ts.map +0 -1
package/types/zod/TenantZod.d.ts +0 -10
package/types/zod/TenantZod.d.ts.map +0 -1
package/types/zod/UserZod.d.ts +0 -53
package/types/zod/UserZod.d.ts.map +0 -1

package/dist/graphql/resolvers/role.resolvers.js CHANGED Viewed

@@ -64,11 +64,11 @@ export default {
                 throw new GraphQLError('error.server');
             }
         },
-        paginateRole: async (_, { page, limit, orderBy, orderDesc, search }, { rbac }) => {
+        paginateRole: async (_, { options = { page: 1, limit: 5, orderBy: "", orderDesc: false, search: "", filters: [] } }, { rbac }) => {
             try {
                 rbac.assertPermission(IdentityPermissions.ViewRole);
                 const roleService = RoleServiceFactory();
-                return await roleService.paginate({ page, limit, orderBy, orderDesc, search });
+                return await roleService.paginate(options);
             }
             catch (e) {
                 console.error("paginateRole", e);

package/dist/graphql/resolvers/tenant.resolvers.js CHANGED Viewed

@@ -50,11 +50,11 @@ export default {
                 throw new GraphQLError('error.server');
             }
         },
-        paginateTenant: async (_, { page, limit, orderBy, orderDesc, search }, { rbac }) => {
+        paginateTenant: async (_, { options = { page: 1, limit: 5, orderBy: "", orderDesc: false, search: "", filters: [] } }, { rbac }) => {
             try {
                 rbac.assertPermission(IdentityPermissions.ViewTenant);
                 const tenantService = TenantServiceFactory();
-                return await tenantService.paginate({ page, limit, orderBy, orderDesc, search });
+                return await tenantService.paginate(options);
             }
             catch (e) {
                 console.error("paginateTenant", e);

package/dist/graphql/resolvers/user.resolvers.js CHANGED Viewed

@@ -1,9 +1,10 @@
 import UserServiceFactory from "../../factory/UserServiceFactory.js";
 import { GraphQLError } from "graphql";
-import { ValidationErrorToGraphQLError, ValidationError } from "@drax/common-back";
+import { ValidationErrorToGraphQLError, ValidationError, StoreManager } from "@drax/common-back";
 import { IdentityPermissions } from "../../permissions/IdentityPermissions.js";
 import UnauthorizedError from "../../errors/UnauthorizedError.js";
 import BadCredentialsError from "../../errors/BadCredentialsError.js";
+import { join } from "path";
 export default {
     Query: {
         me: async (_, {}, { authUser }) => {
@@ -34,14 +35,14 @@ export default {
                 throw new GraphQLError('error.server');
             }
         },
-        paginateUser: async (_, { page, limit, orderBy, orderDesc, search, filters = [] }, { rbac }) => {
+        paginateUser: async (_, { options = { page: 1, limit: 5, orderBy: "", orderDesc: false, search: "", filters: [] } }, { rbac }) => {
             try {
                 rbac.assertPermission(IdentityPermissions.ViewUser);
                 let userService = UserServiceFactory();
                 if (rbac.getAuthUser.tenantId) {
-                    filters.push({ field: 'tenant', operator: '$eq', value: rbac.getAuthUser.tenantId });
+                    options.filters.push({ field: 'tenant', operator: '$eq', value: rbac.getAuthUser.tenantId });
                 }
-                return await userService.paginate({ page, limit, orderBy, orderDesc, search, filters });
+                return await userService.paginate(options);
             }
             catch (e) {
                 if (e instanceof UnauthorizedError) {
@@ -158,5 +159,39 @@ export default {
                 throw new GraphQLError('error.server');
             }
         },
+        changeAvatar: async (_, { file }, { rbac, authUser }) => {
+            try {
+                rbac.assertAuthenticated();
+                const userId = authUser.id;
+                const FILE_DIR = process.env.DRAX_AVATAR_DIR || 'avatars';
+                const BASE_URL = process.env.DRAX_BASE_URL.replace(/\/$/, '') || '';
+                //console.log("FILE:", file)
+                let preFile;
+                //Yoga PonyfillFile
+                if (file.blobParts) {
+                    preFile = {
+                        filename: file.name,
+                        fileStream: file.blobParts,
+                        mimetype: file.type,
+                        encoding: file.encoding,
+                    };
+                }
+                const destinationPath = join(FILE_DIR);
+                const storedFile = await StoreManager.saveFile(preFile, destinationPath);
+                const urlFile = BASE_URL + '/api/user/avatar/' + storedFile.filename;
+                let userService = UserServiceFactory();
+                return await userService.changeAvatar(userId, urlFile);
+            }
+            catch (e) {
+                console.error("changeAvatar", e);
+                if (e instanceof ValidationError) {
+                    throw ValidationErrorToGraphQLError(e);
+                }
+                else if (e instanceof UnauthorizedError) {
+                    throw new GraphQLError(e.message);
+                }
+                throw new GraphQLError('error.server');
+            }
+        },
     }
 };

package/dist/graphql/types/user.graphql CHANGED Viewed

@@ -54,6 +54,7 @@ input AuthInput{
     password: String!
 }
 type Mutation{
     auth(input: AuthInput): Auth
     createUser(input: UserCreateInput): User
@@ -61,4 +62,5 @@ type Mutation{
     deleteUser(id: ID!): Boolean
     changeOwnPassword(currentPassword:String!, newPassword: String!): Boolean
     changeUserPassword(userId:ID!, newPassword:String!): Boolean
+    changeAvatar(file: File!): Boolean
 }

package/dist/index.js CHANGED Viewed

@@ -8,6 +8,7 @@ import TenantService from "./services/TenantService.js";
 import PermissionService from "./services/PermissionService.js";
 import Rbac from "./rbac/Rbac.js";
 import { UserRoutes } from "./routes/UserRoutes.js";
+import { UserAvatarRoutes } from "./routes/UserAvatarRoutes.js";
 import { RoleRoutes } from "./routes/RoleRoutes.js";
 import { TenantRoutes } from "./routes/TenantRoutes.js";
 import AuthUtils from "./utils/AuthUtils.js";
@@ -33,7 +34,7 @@ UserServiceFactory, RoleServiceFactory, TenantServiceFactory,
 //GQL
 identityTypeDefs, identityResolvers,
 //API REST
-UserRoutes, RoleRoutes, TenantRoutes, AuthUtils,
+UserRoutes, RoleRoutes, TenantRoutes, UserAvatarRoutes, AuthUtils,
 //API MIDDLEWARE
 jwtMiddleware, rbacMiddleware,
 //Permissions
@@ -44,4 +45,3 @@ IdentityConfig,
 UnauthorizedError, BadCredentialsError,
 //Setup
 LoadIdentityConfigFromEnv, LoadPermissions, CreateOrUpdateRole, CreateUserIfNotExist, RecoveryUserPassword };
-/// <reference types="index.d.ts" />

package/dist/rbac/Rbac.js CHANGED Viewed

@@ -21,6 +21,11 @@ class Rbac {
             throw new UnauthorizedError();
         }
     }
+    assertAuthenticated() {
+        if (!this.authUser) {
+            throw new UnauthorizedError();
+        }
+    }
 }
 export default Rbac;
 export { Rbac };

package/dist/repository/mongo/UserMongoRepository.js CHANGED Viewed

@@ -91,5 +91,15 @@ class UserMongoRepository {
             return false;
         }
     }
+    async changeAvatar(id, avatar) {
+        try {
+            await UserModel.findOneAndUpdate({ _id: id }, { avatar }).exec();
+            return true;
+        }
+        catch (e) {
+            console.error(e);
+            return false;
+        }
+    }
 }
 export default UserMongoRepository;

package/dist/repository/sqlite/RoleSqliteRepository.js CHANGED Viewed

@@ -76,7 +76,7 @@ class RoleSqliteRepository {
             where = ` WHERE name LIKE '%${search}%'`;
         }
         const rCount = this.db.prepare('SELECT COUNT(*) as count FROM roles' + where).get();
-        const roles = this.db.prepare('SELECT * FROM roles LIMIT ? OFFSET ?' + where).all([limit, offset]);
+        const roles = this.db.prepare('SELECT * FROM roles ' + where + ' LIMIT ? OFFSET ?').all([limit, offset]);
         for (const role of roles) {
             await this.populateRole(role);
         }

package/dist/repository/sqlite/TenantSqliteRepository.js CHANGED Viewed

@@ -83,7 +83,7 @@ class TenantSqliteRepository {
             where = ` WHERE name LIKE '%${search}%'`;
         }
         const rCount = this.db.prepare('SELECT COUNT(*) as count FROM tenants' + where).get();
-        const tenants = this.db.prepare('SELECT * FROM tenants LIMIT ? OFFSET ?' + where).all([limit, offset]);
+        const tenants = this.db.prepare('SELECT * FROM tenants ' + where + ' LIMIT ? OFFSET ?').all([limit, offset]);
         return {
             page: page,
             limit: limit,

package/dist/repository/sqlite/UserSqliteRepository.js CHANGED Viewed

@@ -159,5 +159,12 @@ class UserSqliteRepository {
         stmt.run({ id: id, password: password });
         return true;
     }
+    async changeAvatar(id, avatar) {
+        const stmt = this.db.prepare(`UPDATE users
+                                      SET avatar = @avatar
+                                      WHERE id = @id `);
+        stmt.run({ id: id, avatar: avatar });
+        return true;
+    }
 }
 export default UserSqliteRepository;

package/dist/routes/UserAvatarRoutes.js ADDED Viewed

@@ -0,0 +1,69 @@
+import { join } from "path";
+import { UnauthorizedError } from "@drax/identity-back";
+import { StoreManager, UploadFileError } from "@drax/common-back";
+import UserServiceFactory from "../factory/UserServiceFactory.js";
+const FILE_DIR = process.env.DRAX_AVATAR_DIR || 'avatars';
+const BASE_URL = process.env.DRAX_BASE_URL.replace(/\/$/, '') || '';
+async function UserAvatarRoutes(fastify, options) {
+    fastify.post('/api/user/avatar', async (request, reply) => {
+        try {
+            request.rbac.assertAuthenticated();
+            const userId = request.rbac.getAuthUser.id;
+            const data = await request.file();
+            const file = {
+                filename: data.filename,
+                fileStream: data.file,
+                mimetype: data.mimetype
+            };
+            const destinationPath = join(FILE_DIR);
+            const storedFile = await StoreManager.saveFile(file, destinationPath);
+            const urlFile = BASE_URL + '/api/user/avatar/' + storedFile.filename;
+            //Save into DB
+            const userService = UserServiceFactory();
+            return await userService.changeAvatar(userId, urlFile);
+            return {
+                filename: storedFile.filename,
+                size: storedFile.size,
+                mimetype: storedFile.mimetype,
+                url: urlFile,
+            };
+        }
+        catch (e) {
+            console.error(e);
+            if (e instanceof UploadFileError) {
+                reply.statusCode = e.statusCode;
+                reply.send({ error: e.message });
+            }
+            else if (e instanceof UnauthorizedError) {
+                reply.statusCode = e.statusCode;
+                reply.send({ error: e.message });
+            }
+            else {
+                reply.statusCode = 500;
+                reply.send({ error: 'INTERNAL_SERVER_ERROR' });
+            }
+        }
+    });
+    fastify.get('/api/user/avatar/:filename', async (request, reply) => {
+        try {
+            const filename = request.params.filename;
+            const [year, month] = filename.split('-');
+            const fileDir = join(FILE_DIR, year, month);
+            console.log("FILE_DIR: ", fileDir, " FILENAME:", filename);
+            return reply.sendFile(filename, fileDir);
+        }
+        catch (e) {
+            console.error(e);
+            if (e instanceof UnauthorizedError) {
+                reply.statusCode = e.statusCode;
+                reply.send({ error: e.message });
+            }
+            else {
+                reply.statusCode = 500;
+                reply.send({ error: 'INTERNAL_SERVER_ERROR' });
+            }
+        }
+    });
+}
+export default UserAvatarRoutes;
+export { UserAvatarRoutes };

package/dist/services/UserService.js CHANGED Viewed

@@ -36,6 +36,9 @@ class UserService {
     async changeOwnPassword(userId, currentPassword, newPassword) {
         const user = await this.findById(userId);
         if (user && user.active) {
+            if (currentPassword === newPassword) {
+                throw new ValidationError([{ field: 'newPassword', reason: 'validation.password.currentDifferent' }]);
+            }
             if (AuthUtils.checkPassword(currentPassword, user.password)) {
                 newPassword = AuthUtils.hashPassword(newPassword);
                 await this._repository.changePassword(userId, newPassword);
@@ -49,6 +52,16 @@ class UserService {
             throw new BadCredentialsError();
         }
     }
+    async changeAvatar(userId, avatar) {
+        const user = await this.findById(userId);
+        if (user && user.active) {
+            await this._repository.changeAvatar(userId, avatar);
+            return true;
+        }
+        else {
+            throw new BadCredentialsError();
+        }
+    }
     async create(userData) {
         try {
             userData.name = userData?.name?.trim();

package/package.json CHANGED Viewed

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "0.0.28",
+  "version": "0.0.29",
   "description": "Identity module for user management, authentication and authorization.",
   "main": "dist/index.js",
   "types": "types/index.d.ts",
@@ -26,9 +26,9 @@
   "author": "Cristian Incarnato & Drax Team",
   "license": "ISC",
   "dependencies": {
-    "@drax/common-back": "^0.0.28",
-    "@drax/common-share": "^0.0.28",
-    "@drax/identity-share": "^0.0.28",
+    "@drax/common-back": "^0.0.29",
+    "@drax/common-share": "^0.0.29",
+    "@drax/identity-share": "^0.0.29",
     "bcryptjs": "^2.4.3",
     "express-jwt": "^8.4.1",
     "graphql": "^16.8.2",
@@ -59,5 +59,5 @@
       "debug": "0"
     }
   },
-  "gitHead": "5444ae9e996bbedbc2fab1827d2bf52cbd3703a1"
+  "gitHead": "a067a1fc430dbc7d31835de79cfe385ba9935914"
 }

package/src/graphql/resolvers/role.resolvers.ts CHANGED Viewed

@@ -62,11 +62,11 @@ export default {
                 throw new GraphQLError('error.server')
             }
         },
-        paginateRole: async (_, {page, limit, orderBy, orderDesc, search}, {rbac}) => {
+        paginateRole: async (_, {options= {page:1, limit:5, orderBy:"", orderDesc:false, search:"", filters: []} }, {rbac}) => {
             try {
                 rbac.assertPermission(IdentityPermissions.ViewRole)
                 const roleService = RoleServiceFactory()
-                return await roleService.paginate({page, limit, orderBy, orderDesc, search})
+                return await roleService.paginate(options)
             } catch (e) {
                 console.error("paginateRole",e)
                 if (e instanceof UnauthorizedError) {

package/src/graphql/resolvers/tenant.resolvers.ts CHANGED Viewed

@@ -50,11 +50,11 @@ export default {
                 throw new GraphQLError('error.server')
             }
         },
-        paginateTenant: async (_, {page, limit, orderBy, orderDesc, search}, {rbac}) => {
+        paginateTenant: async (_, {options= {page:1, limit:5, orderBy:"", orderDesc:false, search:"", filters: []} }, {rbac}) => {
             try {
                 rbac.assertPermission(IdentityPermissions.ViewTenant)
                 const tenantService = TenantServiceFactory()
-                return await tenantService.paginate({page, limit, orderBy, orderDesc, search})
+                return await tenantService.paginate(options)
             } catch (e) {
                 console.error("paginateTenant",e)
                 if (e instanceof UnauthorizedError) {

package/src/graphql/resolvers/user.resolvers.ts CHANGED Viewed

@@ -1,16 +1,17 @@
 import UserServiceFactory from "../../factory/UserServiceFactory.js";
 import {GraphQLError} from "graphql";
-import {ValidationErrorToGraphQLError, ValidationError} from "@drax/common-back";
+import {ValidationErrorToGraphQLError, ValidationError, StoreManager} from "@drax/common-back";
 import {IdentityPermissions} from "../../permissions/IdentityPermissions.js";
 import UnauthorizedError from "../../errors/UnauthorizedError.js";
 import BadCredentialsError from "../../errors/BadCredentialsError.js";
+import {join} from "path";
 export default {
     Query: {
         me: async (_, {}, {authUser}) => {
             try {
                 if (authUser) {
-                    let userService= UserServiceFactory()
+                    let userService = UserServiceFactory()
                     let user = await userService.findById(authUser.id)
                     delete user.password
                     return user
@@ -25,7 +26,7 @@ export default {
         findUserById: async (_, {id}, {rbac}) => {
             try {
                 rbac.assertPermission(IdentityPermissions.ViewUser)
-                let userService= UserServiceFactory()
+                let userService = UserServiceFactory()
                 return await userService.findById(id)
             } catch (e) {
                 if (e instanceof UnauthorizedError) {
@@ -35,14 +36,14 @@ export default {
             }
         },
-        paginateUser: async (_, {page, limit, orderBy, orderDesc, search, filters = []}, {rbac}) => {
+        paginateUser: async (_, { options= {page:1, limit:5, orderBy:"", orderDesc:false, search:"", filters: []} }, {rbac}) => {
             try {
                 rbac.assertPermission(IdentityPermissions.ViewUser)
-                let userService= UserServiceFactory()
-                if(rbac.getAuthUser.tenantId){
-                    filters.push({field: 'tenant', operator: '$eq', value: rbac.getAuthUser.tenantId})
+                let userService = UserServiceFactory()
+                if (rbac.getAuthUser.tenantId) {
+                    options.filters.push({field: 'tenant', operator: '$eq', value: rbac.getAuthUser.tenantId})
                 }
-                return await userService.paginate({page, limit, orderBy, orderDesc, search, filters})
+                return await userService.paginate(options)
             } catch (e) {
                 if (e instanceof UnauthorizedError) {
                     throw new GraphQLError(e.message)
@@ -54,7 +55,7 @@ export default {
     Mutation: {
         auth: async (_, {input}) => {
             try {
-                let userService= UserServiceFactory()
+                let userService = UserServiceFactory()
                 return await userService.auth(input.username, input.password)
             } catch (e) {
                 console.error("auth", e)
@@ -68,8 +69,8 @@ export default {
         createUser: async (_, {input}, {rbac}) => {
             try {
                 rbac.assertPermission(IdentityPermissions.CreateUser)
-                let userService= UserServiceFactory()
-                if(rbac.getAuthUser.tenantId){
+                let userService = UserServiceFactory()
+                if (rbac.getAuthUser.tenantId) {
                     input.tenant = rbac.getAuthUser.tenantId
                 }
                 const user = await userService.create(input)
@@ -88,8 +89,8 @@ export default {
         updateUser: async (_, {id, input}, {rbac}) => {
             try {
                 rbac.assertPermission(IdentityPermissions.UpdateUser)
-                let userService= UserServiceFactory()
-                if(rbac.getAuthUser.tenantId){
+                let userService = UserServiceFactory()
+                if (rbac.getAuthUser.tenantId) {
                     input.tenant = rbac.getAuthUser.tenantId
                 }
                 const user = await userService.update(id, input)
@@ -106,7 +107,7 @@ export default {
         deleteUser: async (_, {id}, {rbac}) => {
             try {
                 rbac.assertPermission(IdentityPermissions.DeleteUser)
-                let userService= UserServiceFactory()
+                let userService = UserServiceFactory()
                 return await userService.delete(id)
             } catch (e) {
                 console.error("deleteUser", e)
@@ -124,7 +125,7 @@ export default {
                     throw new UnauthorizedError()
                 }
                 let userId = authUser.id
-                let userService= UserServiceFactory()
+                let userService = UserServiceFactory()
                 return await userService.changeOwnPassword(userId, currentPassword, newPassword)
             } catch (e) {
                 if (e instanceof ValidationError) {
@@ -138,7 +139,7 @@ export default {
         changeUserPassword: async (_, {userId, newPassword}, {rbac}) => {
             try {
                 rbac.assertPermission(IdentityPermissions.UpdateUser)
-                let userService= UserServiceFactory()
+                let userService = UserServiceFactory()
                 return await userService.changeUserPassword(userId, newPassword)
             } catch (e) {
                 if (e instanceof ValidationError) {
@@ -149,6 +150,45 @@ export default {
                 throw new GraphQLError('error.server')
             }
         },
+        changeAvatar: async (_, {file}, {rbac, authUser}) => {
+            try {
+                rbac.assertAuthenticated()
+                const userId = authUser.id
+                const FILE_DIR = process.env.DRAX_AVATAR_DIR || 'avatars';
+                const BASE_URL = process.env.DRAX_BASE_URL.replace(/\/$/, '') || ''
+                //console.log("FILE:", file)
+                let preFile
+                //Yoga PonyfillFile
+                if (file.blobParts) {
+                    preFile = {
+                        filename: file.name,
+                        fileStream: file.blobParts,
+                        mimetype: file.type,
+                        encoding: file.encoding,
+                    }
+                }
+                const destinationPath = join(FILE_DIR)
+                const storedFile = await StoreManager.saveFile(preFile, destinationPath)
+                const urlFile = BASE_URL + '/api/user/avatar/' + storedFile.filename
+                let userService = UserServiceFactory()
+                return await userService.changeAvatar(userId, urlFile)
+            } catch (e) {
+                console.error("changeAvatar", e)
+                if (e instanceof ValidationError) {
+                    throw ValidationErrorToGraphQLError(e)
+                } else if (e instanceof UnauthorizedError) {
+                    throw new GraphQLError(e.message)
+                }
+                throw new GraphQLError('error.server')
+            }
+        },
     }
 }

package/src/graphql/types/user.graphql CHANGED Viewed

@@ -54,6 +54,7 @@ input AuthInput{
     password: String!
 }
 type Mutation{
     auth(input: AuthInput): Auth
     createUser(input: UserCreateInput): User
@@ -61,4 +62,5 @@ type Mutation{
     deleteUser(id: ID!): Boolean
     changeOwnPassword(currentPassword:String!, newPassword: String!): Boolean
     changeUserPassword(userId:ID!, newPassword:String!): Boolean
+    changeAvatar(file: File!): Boolean
 }

package/src/index.ts CHANGED Viewed

@@ -8,6 +8,7 @@ import TenantService from "./services/TenantService.js";
 import PermissionService from "./services/PermissionService.js";
 import Rbac from "./rbac/Rbac.js";
 import {UserRoutes} from "./routes/UserRoutes.js";
+import {UserAvatarRoutes} from "./routes/UserAvatarRoutes.js";
 import {RoleRoutes} from "./routes/RoleRoutes.js";
 import {TenantRoutes} from "./routes/TenantRoutes.js";
 import AuthUtils from "./utils/AuthUtils.js";
@@ -62,6 +63,7 @@ export {
     UserRoutes,
     RoleRoutes,
     TenantRoutes,
+    UserAvatarRoutes,
     AuthUtils,
@@ -88,4 +90,3 @@ export {
 }
-/// <reference types="index.d.ts" />

package/src/interfaces/IUserRepository.ts CHANGED Viewed

@@ -5,6 +5,7 @@ interface IUserRepository extends IDraxCrud<IUser, IUserCreate, IUserUpdate>{
     findById(id: string): Promise<IUser | null>;
     findByUsername(username: string): Promise<IUser | null>;
     changePassword(id: string, password:string):Promise<Boolean>;
+    changeAvatar(id: string, avatarUrl: string): Promise<Boolean>;
 }
 export {IUserRepository}

package/src/rbac/Rbac.ts CHANGED Viewed

@@ -32,6 +32,12 @@ class Rbac{
         }
     }
+    assertAuthenticated() {
+        if (!this.authUser) {
+            throw new UnauthorizedError()
+        }
+    }
 }
 export default Rbac;

package/src/repository/mongo/UserMongoRepository.ts CHANGED Viewed

@@ -118,6 +118,16 @@ class UserMongoRepository implements IUserRepository {
             return false
         }
     }
+    async changeAvatar(id: string, avatar: string):Promise<boolean> {
+        try{
+            await UserModel.findOneAndUpdate({_id: id}, {avatar}).exec()
+            return true
+        }catch (e){
+            console.error(e)
+            return false
+        }
+    }
 }
 export default UserMongoRepository

package/src/repository/sqlite/RoleSqliteRepository.ts CHANGED Viewed

@@ -109,7 +109,7 @@ class RoleSqliteRepository implements IRoleRepository{
         }
         const rCount = this.db.prepare('SELECT COUNT(*) as count FROM roles'+where).get();
-        const roles = this.db.prepare('SELECT * FROM roles LIMIT ? OFFSET ?'+where).all([limit, offset]);
+        const roles = this.db.prepare('SELECT * FROM roles '  + where + ' LIMIT ? OFFSET ?').all([limit, offset]);
         for (const role of roles) {
             await this.populateRole(role)

package/src/repository/sqlite/TenantSqliteRepository.ts CHANGED Viewed

@@ -115,7 +115,7 @@ class TenantSqliteRepository implements ITenantRepository{
         }
         const rCount = this.db.prepare('SELECT COUNT(*) as count FROM tenants'+where).get();
-        const tenants = this.db.prepare('SELECT * FROM tenants LIMIT ? OFFSET ?'+where).all([limit, offset]);
+        const tenants = this.db.prepare('SELECT * FROM tenants '  + where + ' LIMIT ? OFFSET ?').all([limit, offset]);
         return {
             page: page,

package/src/repository/sqlite/UserSqliteRepository.ts CHANGED Viewed

@@ -206,6 +206,14 @@ class UserSqliteRepository implements IUserRepository {
         stmt.run({id: id, password: password});
         return true
     }
+    async changeAvatar(id: string, avatar: string): Promise<boolean> {
+        const stmt = this.db.prepare(`UPDATE users
+                                      SET avatar = @avatar
+                                      WHERE id = @id `);
+        stmt.run({id: id, avatar: avatar});
+        return true
+    }
 }
 export default UserSqliteRepository