@drax/identity-back 0.0.9 → 0.0.10

package/src/interfaces/IUserRepository.ts

@@ -1,11 +1,16 @@
-import {IUser} from './IUser'
+import {IUser, IUserCreate, IUserUpdate} from './IUser'
+import {IPaginateFilter, IPaginateResult} from "@drax/common-back";
+import {IID} from "./IID";
 interface IUserRepository{
-    create(role: IUser): Promise<IUser>;
-    update(_id: any, updatedRole: IUser): Promise<IUser | null>;
-    delete(_id: any): Promise<boolean>;
-    findById(_id: any): Promise<IUser | null>;
+    create(role: IUserCreate): Promise<IUser>;
+    update(id: IID, updatedRole: IUserUpdate): Promise<IUser | null>;
+    delete(id: IID): Promise<boolean>;
+    findById(id: IID): Promise<IUser | null>;
     findByUsername(username: string): Promise<IUser | null>;
-    paginate(query: any, options: any): any;
+    paginate(page?: number, limit?: number, search?: string, filters?: IPaginateFilter[]): Promise<IPaginateResult>;
+    changePassword(id: IID, password:string):Promise<Boolean>;
+    table?():void
+
 }
 
 export {IUserRepository}

package/src/middleware/jwtMiddleware.ts

@@ -0,0 +1,22 @@
+import AuthUtils from "../utils/AuthUtils.js";
+import {IJwtUser} from "../interfaces/IJwtUser";
+
+function jwtMiddleware (request, reply, done) {
+        try{
+            const token = request.headers?.authorization?.replace(/Bearer /i, "")
+
+            if(token){
+                const authUser = AuthUtils.verifyToken(token) as IJwtUser
+                if(authUser){
+                    request.authUser = authUser
+                }
+            }
+            done()
+        }catch (e) {
+            console.error(e)
+            reply.code(401).send({ error: 'Token JWT inválido' });
+        }
+}
+
+export default jwtMiddleware;
+export {jwtMiddleware}

package/src/middleware/rbacMiddleware.ts

@@ -0,0 +1,40 @@
+import type {IJwtUser} from "../interfaces/IJwtUser";
+import type {IRole, IRoleBase} from "../interfaces/IRole";
+import {DraxCache} from "@drax/common-back";
+import RoleServiceFactory from "../factory/RoleServiceFactory.js";
+import Rbac from "../rbac/Rbac.js";
+
+const cacheTTL = process.env.RBAC_CACHE_TTL ? parseInt(process.env.RBAC_CACHE_TTL) : 10000;
+const draxCache = new DraxCache<IRoleBase>(cacheTTL);
+const roleService = RoleServiceFactory
+
+async function roleLoader(k):Promise<IRoleBase | null> {
+    const role: IRole = await roleService.findById(k)
+    if(role){
+        return {id: role.id, name: role.name, permissions: role.permissions} as IRoleBase
+    }
+    return null
+}
+
+async function rbacMiddleware (request, reply) {
+        try{
+            //console.log("rbacMiddleware authUser",request.authUser)
+            if(request.authUser as IJwtUser){
+                const authUser = request.authUser
+                const cacheKey= authUser.roleId
+                const role = await draxCache.getOrLoad(cacheKey, roleLoader)
+                const rbac = new Rbac(authUser,role)
+                request.rbac = rbac
+            }else{
+                const rbac = new Rbac(null,null)
+                request.rbac = rbac
+            }
+            return
+        }catch (e) {
+            console.error(e)
+            reply.code(500).send({ error: 'RBAC ERROR' });
+        }
+}
+
+export default rbacMiddleware;
+export {rbacMiddleware}

package/src/models/RoleModel.ts

@@ -9,15 +9,6 @@ import {PaginateModel} from "mongoose";
 const RoleSchema = new Schema<IRole>({
     name: {
         type: String, unique: true, required: true, index: true,
-        validate: [
-            {
-                validator: function(v) {
-                    return !/(\s){2}/.test(v);
-                },
-                message: props => `Role name cant contain two spaces`
-            },
-
-        ],
     },
     permissions: [{type: String, required: true}],
     childRoles: [{

package/src/models/UserModel.ts

@@ -49,7 +49,6 @@ const UserSchema = new mongoose.Schema<IUser>({
         }
     },
     avatar: {type: String, required: false},
-    avatarurl: {type: String, required: false},
     role: {
         type: mongoose.Schema.Types.ObjectId,
         ref: 'Role',
@@ -69,7 +68,7 @@ const UserSchema = new mongoose.Schema<IUser>({
             }
         ],
         default: [],
-        _id: false
+        id: false
     }*/
 }, {timestamps: true});
 

package/src/permissions/IdentityPermissions.ts

@@ -0,0 +1,20 @@
+enum IdentityPermissions {
+
+
+    CreateUser = "user:create",
+    UpdateUser = "user:update",
+    DeleteUser = "user:delete",
+    ViewUser = "user:view",
+    ManageUser = "user:manage",
+
+    CreateRole = "role:create",
+    UpdateRole = "role:update",
+    DeleteRole = "role:delete",
+    ViewRole = "role:view",
+    ManageRole = "role:manage",
+    PermissionsRole = "role:permissions",
+
+}
+
+export default IdentityPermissions;
+export {IdentityPermissions};

package/src/rbac/Rbac.ts

@@ -0,0 +1,31 @@
+import {IRoleBase} from "../interfaces/IRole";
+import {IJwtUser} from "identity";
+import UnauthorizedError from "../errors/UnauthorizedError.js";
+
+class Rbac{
+    private role: IRoleBase;
+    private authUser: IJwtUser;
+
+    constructor(authUser: IJwtUser, role: IRoleBase) {
+        this.authUser = authUser;
+        this.role = role;
+    }
+
+    hasPermission(requiredPermission: string): boolean {
+        if (!this.authUser || !this.role || !this.role.permissions || this.role.permissions.length === 0) {
+            return false;
+        }
+
+        return this.role.permissions.includes(requiredPermission);
+    }
+
+    assertPermission(requiredPermission: string) {
+        if(!this.hasPermission(requiredPermission)){
+            throw new UnauthorizedError()
+        }
+    }
+
+}
+
+export default Rbac;
+export {Rbac}

package/src/repository/mongo/RoleMongoRepository.ts

@@ -0,0 +1,57 @@
+import {RoleModel} from "../../models/RoleModel.js";
+import {IRole} from '../../interfaces/IRole'
+import {IRoleRepository} from '../../interfaces/IRoleRepository'
+import {IPaginateFilter, IPaginateResult, mongoose} from "@drax/common-back";
+import {FilterQuery, PaginateOptions, PaginateResult} from "mongoose";
+import {DeleteResult} from "mongodb";
+
+class RoleMongoRepository implements IRoleRepository{
+
+    async create(roleData: IRole): Promise<IRole> {
+        const role : mongoose.HydratedDocument<IRole> = new RoleModel(roleData)
+        await role.save()
+        return role
+    }
+
+    async update(id: mongoose.Types.ObjectId | string, roleData: IRole): Promise<IRole> {
+        const role : mongoose.HydratedDocument<IRole> = await RoleModel.findOneAndUpdate({_id: id}, roleData, {new: true}).exec()
+        return role
+    }
+
+    async delete(id: mongoose.Types.ObjectId): Promise<boolean> {
+        const result : DeleteResult = await RoleModel.deleteOne(id).exec()
+        return result.deletedCount == 1
+    }
+
+    async findById(id: mongoose.Types.ObjectId): Promise<IRole | null>{
+        const role: mongoose.HydratedDocument<IRole> | null = await RoleModel.findById(id).exec()
+        return role
+    }
+
+    async fetchAll(): Promise<IRole[]>{
+        const roles: mongoose.HydratedDocument<IRole>[] = await RoleModel.find().exec()
+        return roles
+    }
+
+    async paginate(page:number = 1, limit:number = 5, search:string): Promise<IPaginateResult>{
+
+        const query = {}
+
+        if(search){
+            query['$or'] = [
+                {name: new RegExp(search, 'i')},
+            ]
+        }
+
+        const options = {page, limit} as PaginateOptions
+        const roles: PaginateResult<IRole> = await RoleModel.paginate(query, options)
+        return {
+            page: page,
+            limit: limit,
+            total: roles.totalDocs,
+            items: roles.docs
+        }
+    }
+}
+
+export default RoleMongoRepository

package/src/repository/mongo/UserMongoRepository.ts

@@ -0,0 +1,104 @@
+import {UserModel} from "../../models/UserModel.js";
+import {mongoose, MongooseErrorToValidationError, MongoServerErrorToValidationError, ValidationError} from "@drax/common-back"
+import type {IPaginateFilter, IPaginateResult} from "@drax/common-back"
+import type {IUser, IUserCreate, IUserUpdate} from "../../interfaces/IUser";
+import {DeleteResult, MongoServerError} from "mongodb";
+import type {IUserRepository} from "../../interfaces/IUserRepository";
+import {PaginateResult} from "mongoose";
+import RoleMongoRepository from "./RoleMongoRepository.js";
+
+class UserMongoRepository implements IUserRepository {
+    private roleRepository: RoleMongoRepository;
+
+
+    constructor() {
+        this.roleRepository = new RoleMongoRepository()
+    }
+
+    async create(userData: IUserCreate): Promise<IUser> {
+        try{
+
+            if(!await this.roleRepository.findById(userData.role as mongoose.Types.ObjectId)){
+                throw new ValidationError([{field: 'role', reason: 'validation.notfound', value: userData.role}])
+            }
+
+            const user: mongoose.HydratedDocument<IUser> = new UserModel(userData)
+            await user.save()
+            await user.populate('role')
+            return user
+        }catch (e){
+            if(e instanceof mongoose.Error.ValidationError){
+                throw MongooseErrorToValidationError(e)
+            }
+            throw e
+        }
+
+    }
+
+    async update(id: mongoose.Types.ObjectId, userData: IUserUpdate): Promise<IUser> {
+        try{
+        const user: mongoose.HydratedDocument<IUser> = await UserModel.findOneAndUpdate({_id: id}, userData, {new: true}).populate('role').exec()
+        return user
+        }catch (e){
+            if(e instanceof mongoose.Error.ValidationError){
+                throw MongooseErrorToValidationError(e)
+            }
+            if(e instanceof MongoServerError || e.name === 'MongoServerError'){
+                throw MongoServerErrorToValidationError(e)
+            }
+            throw e
+        }
+    }
+
+    async delete(id: mongoose.Types.ObjectId): Promise<boolean> {
+        const result: DeleteResult = await UserModel.deleteOne({_id: id}).exec()
+        return result.deletedCount == 1
+    }
+
+
+    async findById(id: mongoose.Types.ObjectId): Promise<IUser> {
+        const user: mongoose.HydratedDocument<IUser> = await UserModel.findById(id).populate('role').exec()
+        return user
+    }
+
+    async findByUsername(username: string): Promise<IUser> {
+        const user: mongoose.HydratedDocument<IUser> = await UserModel.findOne({username: username}).populate('role').exec()
+        return user
+    }
+
+    async paginate(page: number = 1, limit: number = 5, search?:string): Promise<IPaginateResult> {
+
+
+        const query = {}
+
+        if(search){
+            query['$or'] = [
+                {username: new RegExp(search, 'i')},
+                {email: new RegExp(search, 'i')},
+                {name: new RegExp(search, 'i')},
+            ]
+        }
+
+        const options = {populate: ['role'], page: page, limit: limit }
+
+        const userPaginated: PaginateResult<IUser> = await UserModel.paginate(query, options)
+        return {
+            page: page,
+            limit: limit,
+            total: userPaginated.totalDocs,
+            items: userPaginated.docs
+        }
+    }
+
+    async changePassword(id: mongoose.Types.ObjectId, password: string):Promise<boolean> {
+        try{
+        await UserModel.findOneAndUpdate({_id: id}, {password}).exec()
+        return true
+        }catch (e){
+            console.error(e)
+            return false
+        }
+    }
+}
+
+export default UserMongoRepository

package/src/repository/sqlite/RoleSqliteRepository.ts

@@ -0,0 +1,151 @@
+import {IRole} from '../../interfaces/IRole'
+import {IRoleRepository} from '../../interfaces/IRoleRepository'
+import {UUID} from "crypto";
+import sqlite from "better-sqlite3";
+import {randomUUID} from "node:crypto";
+import {IPaginateFilter, IPaginateResult, ValidationError} from "@drax/common-back";
+import {SqliteErrorToValidationError} from "@drax/common-back";
+import {IID} from "../../interfaces/IID";
+
+const roleTableSQL: string = `
+    CREATE TABLE IF NOT EXISTS roles
+    (
+        id TEXT PRIMARY KEY,
+        name TEXT,
+        permissions TEXT,
+        readonly INTEGER,
+        childRoles TEXT
+        
+    );
+`;
+
+class RoleSqliteRepository implements IRoleRepository{
+
+    private db: any;
+
+    constructor(DATABASE:string, verbose:boolean = false) {
+        this.db = new sqlite(DATABASE, {verbose: verbose ? console.log : null});
+    }
+
+    table() {
+        this.db.exec(roleTableSQL);
+    }
+
+    normalizeData(roleData: IRole){
+
+        roleData.readonly = roleData.readonly ? 1 : 0
+
+        if(roleData.permissions && Array.isArray(roleData.permissions)){
+            roleData.permissions = roleData.permissions.join(",")
+        }
+
+        if(roleData.childRoles && Array.isArray(roleData.childRoles)){
+            roleData.childRoles = roleData.childRoles.join(",")
+        }
+    }
+
+    async create(roleData: IRole): Promise<IRole> {
+        try{
+
+            if(!roleData.id){
+                roleData.id = randomUUID()
+            }
+
+            this.normalizeData(roleData)
+
+
+            const fields = Object.keys(roleData)
+                .map(field => `${field}`)
+                .join(', ');
+
+            const values = Object.keys(roleData)
+                .map(field => `@${field}`)
+                .join(', ');
+
+           /* console.log("fields", fields)
+            console.log("values",values)
+            console.log("userData",roleData)*/
+
+        const stmt = this.db.prepare(`INSERT INTO roles (${fields}) VALUES (${values})`);
+        stmt.run(roleData)
+        return this.findById(roleData.id as UUID)
+        }catch (e){
+            console.log(e)
+            throw SqliteErrorToValidationError(e, roleData)
+        }
+    }
+
+    async findById(id: IID): Promise<IRole | null>{
+        const role = this.db.prepare('SELECT * FROM roles WHERE id = ?').get(id);
+        if(role){
+            role.permissions = role.permissions ? role.permissions.split(",") : []
+            return role
+        }
+        return undefined
+    }
+
+    async update(id: IID, roleData: IRole): Promise<IRole> {
+        try{
+            this.normalizeData(roleData)
+            const setClauses = Object.keys(roleData)
+                .map(field => `${field} = @${field}`)
+                .join(', ');
+            roleData.id = id
+            const stmt = this.db.prepare( `UPDATE roles SET ${setClauses} WHERE id = @id `);
+            stmt.run(roleData);
+            return this.findById(id)
+        }catch (e){
+            console.log(e)
+            throw SqliteErrorToValidationError(e, roleData)
+        }
+
+    }
+
+    async delete(id: IID): Promise<boolean> {
+        const stmt = this.db.prepare('DELETE FROM roles WHERE id = ?');
+        stmt.run(id);
+        return true
+    }
+
+    async deleteAll(): Promise<boolean> {
+        const stmt = this.db.prepare('DELETE FROM roles');
+        stmt.run();
+        return true
+    }
+
+    async fetchAll(): Promise<IRole[]>{
+        const roles = this.db.prepare('SELECT * FROM roles').all();
+        for (const role of roles) {
+            role.permissions = role.permissions? role.permissions.split(",") : []
+        }
+        return roles
+    }
+
+    async paginate(page = 1, limit = 5, search=""): Promise<IPaginateResult>{
+        const offset = page > 1 ? (page - 1) * limit : 0
+
+        let where
+        if (search) {
+            where = ` WHERE name LIKE '%${search}%'`
+        }
+
+        const rCount = this.db.prepare('SELECT COUNT(*) as count FROM roles'+where).get();
+        const roles = this.db.prepare('SELECT * FROM roles LIMIT ? OFFSET ?'+where).all([limit, offset]);
+
+        for (const role of roles) {
+            role.permissions = role.permissions? role.permissions.split(",") : []
+        }
+
+
+        return {
+            page: page,
+            limit: limit,
+            total: rCount.count,
+            items: roles
+        }
+    }
+
+
+}
+
+export default RoleSqliteRepository

package/src/repository/sqlite/UserSqliteRepository.ts

@@ -0,0 +1,194 @@
+import {IUser, IUserCreate, IUserUpdate} from "../../interfaces/IUser";
+import sqlite from "better-sqlite3";
+import {randomUUID} from "node:crypto";
+import {UUID} from "crypto";
+import {IUserRepository} from "../../interfaces/IUserRepository";
+import type {IPaginateResult} from "@drax/common-back";
+import {mongoose, SqliteErrorToValidationError, ValidationError} from "@drax/common-back";
+import RoleSqliteRepository from "./RoleSqliteRepository.js";
+import {IID} from "../../interfaces/IID";
+
+
+const userTableSQL: string = `
+    CREATE TABLE IF NOT EXISTS users
+    (
+        id
+        TEXT
+        PRIMARY
+        KEY,
+        name
+        TEXT,
+        username
+        TEXT
+        UNIQUE,
+        active
+        INTEGER,
+        password
+        TEXT,
+        email
+        TEXT
+        UNIQUE,
+        phone
+        TEXT,
+        role
+        TEXT,
+        groups
+        TEXT,
+        avatar
+        TEXT
+    );
+`;
+
+class UserSqliteRepository implements IUserRepository {
+    private db: any;
+    private roleRepository: RoleSqliteRepository;
+
+    constructor(DATABASE: string, verbose: boolean = false) {
+        this.db = new sqlite(DATABASE, {verbose: verbose ? console.log : null});
+        this.roleRepository = new RoleSqliteRepository(DATABASE, verbose)
+
+    }
+
+    table() {
+        this.db.exec(userTableSQL);
+    }
+
+    normalizeData(userData: IUserCreate | IUserUpdate): void {
+        if (userData.groups && Array.isArray(userData.groups)) {
+            userData.groups = userData.groups.join(",")
+        }
+        userData.active = userData.active ? 1 : 0
+    }
+
+    async create(userData: IUserCreate): Promise<IUser> {
+        if (!userData.id) {
+            userData.id = randomUUID()
+        }
+
+        if (!await this.findRoleById(userData.role)) {
+            throw new ValidationError([{field: 'role', reason: 'validation.notfound', value: userData.role}])
+        }
+
+        this.normalizeData(userData)
+
+        try {
+
+            const fields = Object.keys(userData)
+                .map(field => `${field}`)
+                .join(', ');
+
+            const values = Object.keys(userData)
+                .map(field => `@${field}`)
+                .join(', ');
+
+            /*console.log("fields", fields)
+            console.log("values",values)
+            console.log("userData",userData)*/
+
+            const stmt = this.db.prepare(`INSERT INTO users (${fields})
+                                          VALUES (${values})`);
+            stmt.run(userData)
+            return this.findById(userData.id as UUID)
+        } catch (e) {
+            throw SqliteErrorToValidationError(e, userData)
+        }
+
+    }
+
+    async update(id: UUID, userData: IUserUpdate): Promise<IUser> {
+        try {
+            if (!await this.findRoleById(userData.role)) {
+                throw new ValidationError([{field: 'role', reason: 'validation.notfound', value: userData.role}])
+            }
+
+            this.normalizeData(userData)
+
+            const setClauses = Object.keys(userData)
+                .map(field => `${field} = @${field}`)
+                .join(', ');
+            userData.id = id
+            const stmt = this.db.prepare(`UPDATE users
+                                          SET ${setClauses}
+                                          WHERE id = @id `);
+            stmt.run(userData);
+        } catch (e) {
+            throw SqliteErrorToValidationError(e, userData)
+        }
+        return this.findById(id)
+    }
+
+    async delete(id: UUID): Promise<boolean> {
+        const stmt = this.db.prepare('DELETE FROM users WHERE id = ?');
+        stmt.run(id);
+        return true
+    }
+
+    async deleteAll(): Promise<boolean> {
+        const stmt = this.db.prepare('DELETE FROM users');
+        stmt.run();
+        return true
+    }
+
+    async findById(id: UUID): Promise<IUser> {
+        const user = this.db.prepare('SELECT * FROM users WHERE id = ?').get(id);
+        if (!user) {
+            return null
+        }
+        user.role = await this.findRoleById(user.role)
+        return user
+    }
+
+    async findByUsername(username: string): Promise<IUser> {
+        const user = this.db.prepare('SELECT * FROM users WHERE username = ?').get(username);
+        if (!user) {
+            return null
+        }
+        user.role = await this.findRoleById(user.role)
+        return user
+    }
+
+    async paginate(page: number = 1, limit: number = 5, search?: string): Promise<IPaginateResult> {
+
+        const offset = page > 1 ? (page - 1) * limit : 0
+
+        let where
+        if (search) {
+            where = ` WHERE name LIKE '%${search}%' OR username LIKE '%${search}%'`
+        }
+
+        const rCount = this.db.prepare('SELECT COUNT(*) as count FROM users' + where).get();
+        const users = this.db.prepare('SELECT * FROM users LIMIT ? OFFSET ?' + where).all([limit, offset]);
+
+        for (const user of users) {
+            let role = await this.findRoleById(user.role)
+            if (role) {
+                user.role = role
+            } else {
+                user.role = null
+            }
+
+            user.active = user.active === 1
+        }
+
+        return {
+            page: page,
+            limit: limit,
+            total: rCount.count,
+            items: users
+        }
+    }
+
+    async findRoleById(id: IID) {
+        return await this.roleRepository.findById(id)
+    }
+
+    async changePassword(id: IID, password: string): Promise<boolean> {
+        const stmt = this.db.prepare(`UPDATE users
+                                      SET password = @password
+                                      WHERE id = @id `);
+        stmt.run({id: id, password: password});
+        return true
+    }
+}
+
+export default UserSqliteRepository