@drax/identity-back 0.11.4 → 0.12.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/controllers/RoleController.js +8 -39
- package/dist/controllers/TenantController.js +1 -28
- package/dist/controllers/UserApiKeyController.js +6 -3
- package/dist/controllers/UserController.js +48 -209
- package/dist/errors/BadCredentialsError.js +12 -0
- package/dist/factory/RoleServiceFactory.js +1 -0
- package/dist/factory/TenantServiceFactory.js +1 -0
- package/dist/factory/UserApiKeyServiceFactory.js +5 -4
- package/dist/factory/UserServiceFactory.js +1 -0
- package/dist/graphql/resolvers/role.resolvers.js +2 -2
- package/dist/graphql/resolvers/tenant.resolvers.js +2 -2
- package/dist/graphql/resolvers/user-api-key.resolvers.js +2 -2
- package/dist/graphql/resolvers/user.resolvers.js +1 -1
- package/dist/graphql/types/userApiKey.graphql +1 -0
- package/dist/index.js +6 -0
- package/dist/middleware/apiKeyMiddleware.js +2 -2
- package/dist/models/RoleModel.js +10 -7
- package/dist/models/TenantModel.js +11 -8
- package/dist/models/UserApiKeyModel.js +15 -7
- package/dist/models/UserGroupModel.js +7 -7
- package/dist/models/UserModel.js +10 -8
- package/dist/permissions/UserApiKeyPermissions.js +2 -1
- package/dist/rbac/Rbac.js +10 -8
- package/dist/repository/mongo/RoleMongoRepository.js +20 -65
- package/dist/repository/mongo/TenantMongoRepository.js +18 -66
- package/dist/repository/mongo/UserApiKeyMongoRepository.js +29 -44
- package/dist/repository/mongo/UserMongoRepository.js +56 -85
- package/dist/repository/sqlite/RoleSqliteRepository.js +30 -115
- package/dist/repository/sqlite/TenantSqliteRepository.js +15 -105
- package/dist/repository/sqlite/UserApiKeySqliteRepository.js +42 -115
- package/dist/repository/sqlite/UserSqliteRepository.js +49 -130
- package/dist/routes/RoleRoutes.js +35 -10
- package/dist/routes/TenantRoutes.js +18 -9
- package/dist/routes/UserApiKeyRoutes.js +20 -4
- package/dist/routes/UserRoutes.js +92 -17
- package/dist/schemas/LoginSchema.js +9 -0
- package/dist/schemas/PasswordSchema.js +12 -0
- package/dist/schemas/RegisterSchema.js +19 -0
- package/dist/schemas/RoleSchema.js +23 -0
- package/dist/schemas/TenantSchema.js +13 -0
- package/dist/schemas/UserApiKeySchema.js +14 -0
- package/dist/schemas/UserSchema.js +39 -0
- package/dist/services/PermissionService.js +5 -5
- package/dist/services/RoleService.js +6 -6
- package/dist/services/TenantService.js +6 -6
- package/dist/services/UserApiKeyService.js +5 -5
- package/dist/services/UserService.js +14 -14
- package/dist/setup/CreateOrUpdateRole.js +5 -2
- package/dist/setup/CreateUserIfNotExist.js +3 -1
- package/dist/setup/RecoveryUserPassword.js +1 -1
- package/dist/zod/EndpointZod.js +9 -0
- package/dist/zod/TenantSchema.js +12 -0
- package/dist/zod/TenantZod.js +5 -3
- package/dist/zod/UserApiKeyZod.js +7 -3
- package/package.json +10 -9
- package/src/controllers/RoleController.ts +8 -36
- package/src/controllers/TenantController.ts +2 -25
- package/src/controllers/UserApiKeyController.ts +8 -3
- package/src/controllers/UserController.ts +50 -183
- package/src/errors/BadCredentialsError.ts +18 -1
- package/src/factory/RoleServiceFactory.ts +1 -0
- package/src/factory/TenantServiceFactory.ts +1 -0
- package/src/factory/UserApiKeyServiceFactory.ts +5 -4
- package/src/factory/UserServiceFactory.ts +1 -0
- package/src/graphql/resolvers/role.resolvers.ts +3 -2
- package/src/graphql/resolvers/tenant.resolvers.ts +3 -2
- package/src/graphql/resolvers/user-api-key.resolvers.ts +3 -2
- package/src/graphql/resolvers/user.resolvers.ts +2 -1
- package/src/graphql/types/userApiKey.graphql +1 -0
- package/src/index.ts +16 -0
- package/src/interfaces/ITenantRepository.ts +2 -2
- package/src/interfaces/IUserApiKeyRepository.ts +2 -2
- package/src/interfaces/IUserRepository.ts +3 -2
- package/src/middleware/apiKeyMiddleware.ts +2 -2
- package/src/models/RoleModel.ts +12 -7
- package/src/models/TenantModel.ts +13 -8
- package/src/models/UserApiKeyModel.ts +17 -7
- package/src/models/UserGroupModel.ts +7 -7
- package/src/models/UserModel.ts +10 -8
- package/src/permissions/UserApiKeyPermissions.ts +2 -1
- package/src/rbac/Rbac.ts +12 -9
- package/src/repository/mongo/RoleMongoRepository.ts +23 -94
- package/src/repository/mongo/TenantMongoRepository.ts +19 -98
- package/src/repository/mongo/UserApiKeyMongoRepository.ts +31 -53
- package/src/repository/mongo/UserMongoRepository.ts +71 -130
- package/src/repository/sqlite/RoleSqliteRepository.ts +37 -146
- package/src/repository/sqlite/TenantSqliteRepository.ts +16 -156
- package/src/repository/sqlite/UserApiKeySqliteRepository.ts +46 -149
- package/src/repository/sqlite/UserSqliteRepository.ts +59 -173
- package/src/routes/RoleRoutes.ts +35 -12
- package/src/routes/TenantRoutes.ts +25 -9
- package/src/routes/UserApiKeyRoutes.ts +23 -7
- package/src/routes/UserRoutes.ts +117 -34
- package/src/schemas/LoginSchema.ts +12 -0
- package/src/schemas/PasswordSchema.ts +16 -0
- package/src/{zod/UserZod.ts → schemas/RegisterSchema.ts} +7 -10
- package/src/schemas/RoleSchema.ts +29 -0
- package/src/schemas/TenantSchema.ts +22 -0
- package/src/{zod/UserApiKeyZod.ts → schemas/UserApiKeySchema.ts} +8 -3
- package/src/schemas/UserSchema.ts +57 -0
- package/src/services/PermissionService.ts +6 -5
- package/src/services/RoleService.ts +6 -6
- package/src/services/TenantService.ts +10 -10
- package/src/services/UserApiKeyService.ts +5 -5
- package/src/services/UserService.ts +15 -16
- package/src/setup/CreateOrUpdateRole.ts +7 -4
- package/src/setup/CreateUserIfNotExist.ts +5 -3
- package/src/setup/RecoveryUserPassword.ts +1 -1
- package/test/data-obj/apikey/root-mongo-user-apikey.ts +2 -1
- package/test/data-obj/roles/admin-sqlite-role.ts +2 -2
- package/test/data-obj/roles/operator-sqlite-role.ts +1 -1
- package/test/data-obj/tenants/company-sqlite-tenant.ts +6 -0
- package/test/data-obj/users/root-sqlite-user.ts +2 -2
- package/test/initializers/RoleSqliteInitializer.ts +1 -1
- package/test/repository/mongo/role-mongo-repository.test.ts +3 -3
- package/test/repository/mongo/user-apikey-mongo-repository.test.ts +5 -4
- package/test/repository/mongo/user-mongo-repository.test.ts +4 -4
- package/test/repository/sqlite/role-sqlite-repository.test.ts +21 -9
- package/test/repository/sqlite/tenant-sqlite-repository.test.ts +74 -0
- package/test/repository/sqlite/user-sqlite-repository.test.ts +15 -9
- package/test/routes/data/admin-role.ts +10 -0
- package/test/routes/data/root-user.ts +13 -0
- package/test/routes/helpers/CreateRootUserAndAdminRole.ts +17 -0
- package/test/routes/helpers/FastifyTestServerFactory.ts +34 -0
- package/test/routes/helpers/InitializePermissions.ts +23 -0
- package/test/routes/helpers/SetupIdentityDrax.ts +22 -0
- package/test/routes/tenant-route.test.ts +336 -0
- package/test/routes/user-route.test.ts +186 -0
- package/test/schemas/lab-schema.test.ts +110 -0
- package/test/service/mock-service.test.ts +3 -3
- package/test/service/role-service.test.ts +3 -3
- package/test/service/user-service.test.ts +16 -25
- package/test.db +0 -0
- package/tsconfig.tsbuildinfo +1 -1
- package/types/controllers/RoleController.d.ts +0 -1
- package/types/controllers/RoleController.d.ts.map +1 -1
- package/types/controllers/TenantController.d.ts +0 -1
- package/types/controllers/TenantController.d.ts.map +1 -1
- package/types/controllers/UserApiKeyController.d.ts.map +1 -1
- package/types/controllers/UserController.d.ts +11 -4
- package/types/controllers/UserController.d.ts.map +1 -1
- package/types/errors/BadCredentialsError.d.ts +9 -1
- package/types/errors/BadCredentialsError.d.ts.map +1 -1
- package/types/factory/RoleServiceFactory.d.ts.map +1 -1
- package/types/factory/TenantServiceFactory.d.ts.map +1 -1
- package/types/factory/UserApiKeyServiceFactory.d.ts.map +1 -1
- package/types/factory/UserServiceFactory.d.ts.map +1 -1
- package/types/graphql/resolvers/role.resolvers.d.ts +3 -9
- package/types/graphql/resolvers/role.resolvers.d.ts.map +1 -1
- package/types/graphql/resolvers/tenant.resolvers.d.ts +3 -9
- package/types/graphql/resolvers/tenant.resolvers.d.ts.map +1 -1
- package/types/graphql/resolvers/user-api-key.resolvers.d.ts +3 -9
- package/types/graphql/resolvers/user-api-key.resolvers.d.ts.map +1 -1
- package/types/graphql/resolvers/user.resolvers.d.ts +3 -9
- package/types/graphql/resolvers/user.resolvers.d.ts.map +1 -1
- package/types/index.d.ts +5 -1
- package/types/index.d.ts.map +1 -1
- package/types/interfaces/ITenantRepository.d.ts +2 -2
- package/types/interfaces/ITenantRepository.d.ts.map +1 -1
- package/types/interfaces/IUserApiKeyRepository.d.ts +2 -2
- package/types/interfaces/IUserApiKeyRepository.d.ts.map +1 -1
- package/types/interfaces/IUserRepository.d.ts +3 -2
- package/types/interfaces/IUserRepository.d.ts.map +1 -1
- package/types/models/RoleModel.d.ts +7 -7
- package/types/models/RoleModel.d.ts.map +1 -1
- package/types/models/TenantModel.d.ts +7 -7
- package/types/models/TenantModel.d.ts.map +1 -1
- package/types/models/UserApiKeyModel.d.ts +7 -7
- package/types/models/UserApiKeyModel.d.ts.map +1 -1
- package/types/models/UserGroupModel.d.ts +2 -2
- package/types/models/UserGroupModel.d.ts.map +1 -1
- package/types/models/UserModel.d.ts +7 -7
- package/types/models/UserModel.d.ts.map +1 -1
- package/types/permissions/UserApiKeyPermissions.d.ts +2 -1
- package/types/permissions/UserApiKeyPermissions.d.ts.map +1 -1
- package/types/permissions/index.d.ts +1 -0
- package/types/permissions/index.d.ts.map +1 -1
- package/types/rbac/Rbac.d.ts +1 -1
- package/types/rbac/Rbac.d.ts.map +1 -1
- package/types/repository/mongo/RoleMongoRepository.d.ts +9 -11
- package/types/repository/mongo/RoleMongoRepository.d.ts.map +1 -1
- package/types/repository/mongo/TenantMongoRepository.d.ts +8 -11
- package/types/repository/mongo/TenantMongoRepository.d.ts.map +1 -1
- package/types/repository/mongo/UserApiKeyMongoRepository.d.ts +12 -5
- package/types/repository/mongo/UserApiKeyMongoRepository.d.ts.map +1 -1
- package/types/repository/mongo/UserMongoRepository.d.ts +11 -12
- package/types/repository/mongo/UserMongoRepository.d.ts.map +1 -1
- package/types/repository/sqlite/RoleSqliteRepository.d.ts +14 -14
- package/types/repository/sqlite/RoleSqliteRepository.d.ts.map +1 -1
- package/types/repository/sqlite/TenantSqliteRepository.d.ts +12 -14
- package/types/repository/sqlite/TenantSqliteRepository.d.ts.map +1 -1
- package/types/repository/sqlite/UserApiKeySqliteRepository.d.ts +15 -11
- package/types/repository/sqlite/UserApiKeySqliteRepository.d.ts.map +1 -1
- package/types/repository/sqlite/UserSqliteRepository.d.ts +15 -12
- package/types/repository/sqlite/UserSqliteRepository.d.ts.map +1 -1
- package/types/routes/RoleRoutes.d.ts.map +1 -1
- package/types/routes/TenantRoutes.d.ts.map +1 -1
- package/types/routes/UserApiKeyRoutes.d.ts.map +1 -1
- package/types/routes/UserRoutes.d.ts.map +1 -1
- package/types/schemas/LoginSchema.d.ts +20 -0
- package/types/schemas/LoginSchema.d.ts.map +1 -0
- package/types/schemas/PasswordSchema.d.ts +27 -0
- package/types/schemas/PasswordSchema.d.ts.map +1 -0
- package/types/schemas/RegisterSchema.d.ts +32 -0
- package/types/schemas/RegisterSchema.d.ts.map +1 -0
- package/types/schemas/RoleSchema.d.ts +67 -0
- package/types/schemas/RoleSchema.d.ts.map +1 -0
- package/types/schemas/TenantSchema.d.ts +29 -0
- package/types/schemas/TenantSchema.d.ts.map +1 -0
- package/types/schemas/UserApiKeySchema.d.ts +39 -0
- package/types/schemas/UserApiKeySchema.d.ts.map +1 -0
- package/types/schemas/UserSchema.d.ts +161 -0
- package/types/schemas/UserSchema.d.ts.map +1 -0
- package/types/services/PermissionService.d.ts +1 -0
- package/types/services/PermissionService.d.ts.map +1 -1
- package/types/services/TenantService.d.ts +3 -3
- package/types/services/TenantService.d.ts.map +1 -1
- package/types/services/UserService.d.ts.map +1 -1
- package/types/setup/CreateOrUpdateRole.d.ts +2 -2
- package/types/setup/CreateOrUpdateRole.d.ts.map +1 -1
- package/types/setup/CreateUserIfNotExist.d.ts +2 -2
- package/types/setup/CreateUserIfNotExist.d.ts.map +1 -1
- package/types/zod/EndpointZod.d.ts +20 -0
- package/types/zod/EndpointZod.d.ts.map +1 -0
- package/types/zod/TenantSchema.d.ts +26 -0
- package/types/zod/TenantSchema.d.ts.map +1 -0
- package/types/zod/TenantZod.d.ts +13 -3
- package/types/zod/TenantZod.d.ts.map +1 -1
- package/types/zod/UserApiKeyZod.d.ts +23 -3
- package/types/zod/UserApiKeyZod.d.ts.map +1 -1
- package/types/zod/UserZod.d.ts +6 -6
- package/src/zod/RoleZod.ts +0 -14
- package/src/zod/TenantZod.ts +0 -14
|
@@ -1,19 +1,19 @@
|
|
|
1
|
-
const permissions = [];
|
|
2
1
|
class PermissionService {
|
|
3
2
|
static addPermission(permission) {
|
|
4
3
|
if (PermissionService.hasPermission(permission))
|
|
5
4
|
return;
|
|
6
|
-
permissions.push(permission);
|
|
5
|
+
PermissionService.permissions.push(permission);
|
|
7
6
|
}
|
|
8
7
|
static removePermission(permission) {
|
|
9
|
-
permissions.splice(permissions.indexOf(permission), 1);
|
|
8
|
+
PermissionService.permissions.splice(PermissionService.permissions.indexOf(permission), 1);
|
|
10
9
|
}
|
|
11
10
|
static hasPermission(permission) {
|
|
12
|
-
return permissions.includes(permission);
|
|
11
|
+
return PermissionService.permissions.includes(permission);
|
|
13
12
|
}
|
|
14
13
|
static getPermissions() {
|
|
15
|
-
return permissions;
|
|
14
|
+
return PermissionService.permissions;
|
|
16
15
|
}
|
|
17
16
|
}
|
|
17
|
+
PermissionService.permissions = [];
|
|
18
18
|
export default PermissionService;
|
|
19
19
|
export { PermissionService };
|
|
@@ -1,17 +1,17 @@
|
|
|
1
1
|
import { UnauthorizedError, ValidationError, ZodErrorToValidationError } from "@drax/common-back";
|
|
2
2
|
import { AbstractService } from "@drax/crud-back";
|
|
3
|
-
import {
|
|
3
|
+
import { RoleBaseSchema } from "../schemas/RoleSchema.js";
|
|
4
4
|
import { ZodError } from "zod";
|
|
5
5
|
class RoleService extends AbstractService {
|
|
6
6
|
constructor(roleRepostitory) {
|
|
7
|
-
super(roleRepostitory,
|
|
7
|
+
super(roleRepostitory, RoleBaseSchema);
|
|
8
8
|
this._repository = roleRepostitory;
|
|
9
9
|
console.log("RoleService constructor");
|
|
10
10
|
}
|
|
11
11
|
async create(roleData) {
|
|
12
12
|
try {
|
|
13
13
|
roleData.name = roleData?.name?.trim();
|
|
14
|
-
await
|
|
14
|
+
await RoleBaseSchema.parseAsync(roleData);
|
|
15
15
|
const role = await this._repository.create(roleData);
|
|
16
16
|
return role;
|
|
17
17
|
}
|
|
@@ -26,7 +26,7 @@ class RoleService extends AbstractService {
|
|
|
26
26
|
async update(id, roleData) {
|
|
27
27
|
try {
|
|
28
28
|
roleData.name = roleData?.name?.trim();
|
|
29
|
-
await
|
|
29
|
+
await RoleBaseSchema.parseAsync(roleData);
|
|
30
30
|
const currentRole = await this.findById(id);
|
|
31
31
|
if (currentRole.readonly) {
|
|
32
32
|
throw new ValidationError([{ field: 'name', reason: "role.readonly", value: roleData.name }]);
|
|
@@ -45,7 +45,7 @@ class RoleService extends AbstractService {
|
|
|
45
45
|
async systemUpdate(id, roleData) {
|
|
46
46
|
try {
|
|
47
47
|
roleData.name = roleData?.name?.trim();
|
|
48
|
-
await
|
|
48
|
+
await RoleBaseSchema.parseAsync(roleData);
|
|
49
49
|
const role = await this._repository.update(id, roleData);
|
|
50
50
|
return role;
|
|
51
51
|
}
|
|
@@ -109,7 +109,7 @@ class RoleService extends AbstractService {
|
|
|
109
109
|
const roles = await this._repository.search(value, limit, filters);
|
|
110
110
|
return roles;
|
|
111
111
|
}
|
|
112
|
-
async paginate({ page = 1, limit = 5, orderBy = '', order =
|
|
112
|
+
async paginate({ page = 1, limit = 5, orderBy = '', order = "asc", search = '', filters = [] }) {
|
|
113
113
|
try {
|
|
114
114
|
const pagination = await this._repository.paginate({ page, limit, orderBy, order, search, filters });
|
|
115
115
|
return pagination;
|
|
@@ -1,17 +1,17 @@
|
|
|
1
1
|
import { ZodErrorToValidationError } from "@drax/common-back";
|
|
2
|
-
import { tenantSchema } from "../zod/TenantZod.js";
|
|
3
|
-
import { ZodError } from "zod";
|
|
4
2
|
import { AbstractService } from "@drax/crud-back";
|
|
3
|
+
import { TenantBaseSchema } from "../schemas/TenantSchema.js";
|
|
4
|
+
import { ZodError } from "zod";
|
|
5
5
|
class TenantService extends AbstractService {
|
|
6
6
|
constructor(tenantRepostitory) {
|
|
7
|
-
super(tenantRepostitory,
|
|
7
|
+
super(tenantRepostitory, TenantBaseSchema);
|
|
8
8
|
this._repository = tenantRepostitory;
|
|
9
9
|
console.log("TenantService constructor");
|
|
10
10
|
}
|
|
11
11
|
async create(tenantData) {
|
|
12
12
|
try {
|
|
13
13
|
tenantData.name = tenantData?.name?.trim();
|
|
14
|
-
await
|
|
14
|
+
await TenantBaseSchema.parseAsync(tenantData);
|
|
15
15
|
const tenant = await this._repository.create(tenantData);
|
|
16
16
|
return tenant;
|
|
17
17
|
}
|
|
@@ -26,7 +26,7 @@ class TenantService extends AbstractService {
|
|
|
26
26
|
async update(id, tenantData) {
|
|
27
27
|
try {
|
|
28
28
|
tenantData.name = tenantData?.name?.trim();
|
|
29
|
-
await
|
|
29
|
+
await TenantBaseSchema.parseAsync(tenantData);
|
|
30
30
|
const tenant = await this._repository.update(id, tenantData);
|
|
31
31
|
return tenant;
|
|
32
32
|
}
|
|
@@ -82,7 +82,7 @@ class TenantService extends AbstractService {
|
|
|
82
82
|
const tenants = await this._repository.search(value, limit, filters);
|
|
83
83
|
return tenants;
|
|
84
84
|
}
|
|
85
|
-
async paginate({ page = 1, limit = 5, orderBy = '', order =
|
|
85
|
+
async paginate({ page = 1, limit = 5, orderBy = '', order = "asc", search = '', filters = [] }) {
|
|
86
86
|
try {
|
|
87
87
|
const pagination = await this._repository.paginate({ page, limit, orderBy, order, search, filters });
|
|
88
88
|
return pagination;
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { DraxConfig, ZodErrorToValidationError } from "@drax/common-back";
|
|
2
|
-
import {
|
|
2
|
+
import { UserApiKeyBaseSchema } from "../schemas/UserApiKeySchema.js";
|
|
3
3
|
import { ZodError } from "zod";
|
|
4
4
|
import crypto from "node:crypto";
|
|
5
5
|
import AuthUtils from "../utils/AuthUtils.js";
|
|
@@ -7,7 +7,7 @@ import IdentityConfig from "../config/IdentityConfig.js";
|
|
|
7
7
|
import { AbstractService } from "@drax/crud-back";
|
|
8
8
|
class UserApiKeyService extends AbstractService {
|
|
9
9
|
constructor(userApiKeyRepostitory) {
|
|
10
|
-
super(userApiKeyRepostitory,
|
|
10
|
+
super(userApiKeyRepostitory, UserApiKeyBaseSchema);
|
|
11
11
|
this._repository = userApiKeyRepostitory;
|
|
12
12
|
console.log("UserApiKeyService constructor");
|
|
13
13
|
}
|
|
@@ -20,7 +20,7 @@ class UserApiKeyService extends AbstractService {
|
|
|
20
20
|
throw new Error('ApiKey miss configuration');
|
|
21
21
|
}
|
|
22
22
|
userApiKeyData.secret = AuthUtils.generateHMAC(APIKEY_SECRET, secret);
|
|
23
|
-
await
|
|
23
|
+
await UserApiKeyBaseSchema.parseAsync(userApiKeyData);
|
|
24
24
|
const userApiKey = await this._repository.create(userApiKeyData);
|
|
25
25
|
userApiKey.secret = secret;
|
|
26
26
|
return userApiKey;
|
|
@@ -37,7 +37,7 @@ class UserApiKeyService extends AbstractService {
|
|
|
37
37
|
try {
|
|
38
38
|
userApiKeyData.name = userApiKeyData?.name?.trim();
|
|
39
39
|
delete userApiKeyData.secret;
|
|
40
|
-
await
|
|
40
|
+
await UserApiKeyBaseSchema.parseAsync(userApiKeyData);
|
|
41
41
|
const userApiKey = await this._repository.update(id, userApiKeyData);
|
|
42
42
|
return userApiKey;
|
|
43
43
|
}
|
|
@@ -84,7 +84,7 @@ class UserApiKeyService extends AbstractService {
|
|
|
84
84
|
throw e;
|
|
85
85
|
}
|
|
86
86
|
}
|
|
87
|
-
async paginate({ page = 1, limit = 5, orderBy = '', order =
|
|
87
|
+
async paginate({ page = 1, limit = 5, orderBy = '', order = "asc", search = '', filters = [] }) {
|
|
88
88
|
try {
|
|
89
89
|
const pagination = await this._repository.paginate({ page, limit, orderBy, order, search, filters });
|
|
90
90
|
return pagination;
|
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
import { ZodError } from "zod";
|
|
2
2
|
import { SecuritySensitiveError, ValidationError, ZodErrorToValidationError } from "@drax/common-back";
|
|
3
3
|
import AuthUtils from "../utils/AuthUtils.js";
|
|
4
|
-
import {
|
|
4
|
+
import { UserCreateSchema, UserUpdateSchema, UserBaseSchema } from "../schemas/UserSchema.js";
|
|
5
5
|
import BadCredentialsError from "../errors/BadCredentialsError.js";
|
|
6
6
|
import { AbstractService } from "@drax/crud-back";
|
|
7
7
|
import { randomUUID } from "crypto";
|
|
8
8
|
class UserService extends AbstractService {
|
|
9
9
|
constructor(userRepository) {
|
|
10
|
-
super(userRepository,
|
|
10
|
+
super(userRepository, UserBaseSchema);
|
|
11
11
|
this._repository = userRepository;
|
|
12
12
|
console.log("UserService constructor");
|
|
13
13
|
}
|
|
@@ -18,7 +18,7 @@ class UserService extends AbstractService {
|
|
|
18
18
|
if (user && user.active && AuthUtils.checkPassword(password, user.password)) {
|
|
19
19
|
//TODO: Generar session
|
|
20
20
|
const session = randomUUID();
|
|
21
|
-
const accessToken = AuthUtils.generateToken(user.
|
|
21
|
+
const accessToken = AuthUtils.generateToken(user._id.toString(), user.username, user.role._id, user.tenant?._id, session);
|
|
22
22
|
return { accessToken: accessToken };
|
|
23
23
|
}
|
|
24
24
|
else {
|
|
@@ -36,7 +36,7 @@ class UserService extends AbstractService {
|
|
|
36
36
|
}
|
|
37
37
|
if (user && user.active) {
|
|
38
38
|
const session = randomUUID();
|
|
39
|
-
const accessToken = AuthUtils.generateToken(user.
|
|
39
|
+
const accessToken = AuthUtils.generateToken(user._id.toString(), user.username, user.role._id, user.tenant?._id, session);
|
|
40
40
|
return { accessToken: accessToken };
|
|
41
41
|
}
|
|
42
42
|
else {
|
|
@@ -44,7 +44,7 @@ class UserService extends AbstractService {
|
|
|
44
44
|
}
|
|
45
45
|
}
|
|
46
46
|
async changeUserPassword(userId, newPassword) {
|
|
47
|
-
const user = await this.
|
|
47
|
+
const user = await this._repository.findByIdWithPassword(userId);
|
|
48
48
|
if (user) {
|
|
49
49
|
newPassword = AuthUtils.hashPassword(newPassword);
|
|
50
50
|
await this._repository.changePassword(userId, newPassword);
|
|
@@ -55,7 +55,7 @@ class UserService extends AbstractService {
|
|
|
55
55
|
}
|
|
56
56
|
}
|
|
57
57
|
async changeOwnPassword(userId, currentPassword, newPassword) {
|
|
58
|
-
const user = await this.
|
|
58
|
+
const user = await this._repository.findByIdWithPassword(userId);
|
|
59
59
|
if (user && user.active) {
|
|
60
60
|
if (currentPassword === newPassword) {
|
|
61
61
|
throw new ValidationError([{ field: 'newPassword', reason: 'validation.password.currentDifferent' }]);
|
|
@@ -88,7 +88,7 @@ class UserService extends AbstractService {
|
|
|
88
88
|
const recoveryCode = randomUUID();
|
|
89
89
|
const user = await this._repository.findByEmail(email);
|
|
90
90
|
if (user && user.active) {
|
|
91
|
-
await this._repository.updatePartial(user.
|
|
91
|
+
await this._repository.updatePartial(user._id, { recoveryCode: recoveryCode });
|
|
92
92
|
return recoveryCode;
|
|
93
93
|
}
|
|
94
94
|
else {
|
|
@@ -107,8 +107,8 @@ class UserService extends AbstractService {
|
|
|
107
107
|
console.log("changeUserPasswordByCode user", user);
|
|
108
108
|
if (user && user.active) {
|
|
109
109
|
newPassword = AuthUtils.hashPassword(newPassword);
|
|
110
|
-
await this._repository.changePassword(user.
|
|
111
|
-
await this._repository.updatePartial(user.
|
|
110
|
+
await this._repository.changePassword(user._id, newPassword);
|
|
111
|
+
await this._repository.updatePartial(user._id, { recoveryCode: null });
|
|
112
112
|
return true;
|
|
113
113
|
}
|
|
114
114
|
else {
|
|
@@ -141,7 +141,7 @@ class UserService extends AbstractService {
|
|
|
141
141
|
async verifyEmail(emailCode) {
|
|
142
142
|
const user = await this._repository.findByEmailCode(emailCode);
|
|
143
143
|
if (user && user.emailVerified === false) {
|
|
144
|
-
await this._repository.updatePartial(user.
|
|
144
|
+
await this._repository.updatePartial(user._id, {
|
|
145
145
|
emailVerified: true,
|
|
146
146
|
active: true
|
|
147
147
|
});
|
|
@@ -154,7 +154,7 @@ class UserService extends AbstractService {
|
|
|
154
154
|
async verifyPhone(phoneCode) {
|
|
155
155
|
const user = await this._repository.findByPhoneCode(phoneCode);
|
|
156
156
|
if (user && user.phoneVerified === false) {
|
|
157
|
-
await this._repository.updatePartial(user.
|
|
157
|
+
await this._repository.updatePartial(user._id, {
|
|
158
158
|
phoneVerified: true,
|
|
159
159
|
active: true
|
|
160
160
|
});
|
|
@@ -170,7 +170,7 @@ class UserService extends AbstractService {
|
|
|
170
170
|
userData.username = userData?.username.trim();
|
|
171
171
|
userData.password = userData?.password.trim();
|
|
172
172
|
userData.tenant = userData.tenant === "" ? null : userData.tenant;
|
|
173
|
-
await
|
|
173
|
+
await UserCreateSchema.parseAsync(userData);
|
|
174
174
|
userData.password = AuthUtils.hashPassword(userData.password.trim());
|
|
175
175
|
const user = await this._repository.create(userData);
|
|
176
176
|
return user;
|
|
@@ -189,7 +189,7 @@ class UserService extends AbstractService {
|
|
|
189
189
|
userData.username = userData?.username.trim();
|
|
190
190
|
delete userData.password;
|
|
191
191
|
userData.tenant = userData.tenant === "" ? null : userData.tenant;
|
|
192
|
-
await
|
|
192
|
+
await UserUpdateSchema.parseAsync(userData);
|
|
193
193
|
const user = await this._repository.update(id, userData);
|
|
194
194
|
return user;
|
|
195
195
|
}
|
|
@@ -254,7 +254,7 @@ class UserService extends AbstractService {
|
|
|
254
254
|
throw e;
|
|
255
255
|
}
|
|
256
256
|
}
|
|
257
|
-
async paginate({ page = 1, limit =
|
|
257
|
+
async paginate({ page = 1, limit = 10, orderBy = '', order = "asc", search = '', filters = [] }) {
|
|
258
258
|
try {
|
|
259
259
|
const pagination = await this._repository.paginate({ page, limit, orderBy, order, search, filters });
|
|
260
260
|
return pagination;
|
|
@@ -7,7 +7,7 @@ async function CreateOrUpdateRole(roleData) {
|
|
|
7
7
|
roleData.childRoles = await Promise.all(roleData.childRoles.map(async (childRole) => {
|
|
8
8
|
const role = await roleService.findByName(childRole);
|
|
9
9
|
if (role) {
|
|
10
|
-
return role.
|
|
10
|
+
return role._id.toString();
|
|
11
11
|
}
|
|
12
12
|
else {
|
|
13
13
|
return childRole;
|
|
@@ -15,12 +15,15 @@ async function CreateOrUpdateRole(roleData) {
|
|
|
15
15
|
}));
|
|
16
16
|
}
|
|
17
17
|
if (role) {
|
|
18
|
-
|
|
18
|
+
console.log("RoleData", roleData);
|
|
19
|
+
const r = await roleService.systemUpdate(role._id.toString(), roleData);
|
|
19
20
|
console.log("Role Updated. Name: " + roleData.name);
|
|
21
|
+
return r;
|
|
20
22
|
}
|
|
21
23
|
else {
|
|
22
24
|
const r = await roleService.create(roleData);
|
|
23
25
|
console.log("Role Created. Name: " + roleData.name);
|
|
26
|
+
return r;
|
|
24
27
|
}
|
|
25
28
|
}
|
|
26
29
|
export default CreateOrUpdateRole;
|
|
@@ -5,12 +5,14 @@ async function CreateUserIfNotExist(userData) {
|
|
|
5
5
|
const roleService = RoleServiceFactory();
|
|
6
6
|
const user = await userService.findByUsername(userData.username);
|
|
7
7
|
if (user) {
|
|
8
|
+
return user;
|
|
8
9
|
}
|
|
9
10
|
else {
|
|
10
11
|
const role = await roleService.findByName(userData.role);
|
|
11
|
-
userData.role = role.
|
|
12
|
+
userData.role = role._id.toString();
|
|
12
13
|
const r = await userService.create(userData);
|
|
13
14
|
console.log("User Created. Username: " + userData.username);
|
|
15
|
+
return r;
|
|
14
16
|
}
|
|
15
17
|
}
|
|
16
18
|
export default CreateUserIfNotExist;
|
|
@@ -2,7 +2,7 @@ import UserServiceFactory from "../factory/UserServiceFactory.js";
|
|
|
2
2
|
async function RecoveryUserPassword(username, password) {
|
|
3
3
|
const userService = UserServiceFactory();
|
|
4
4
|
const user = await userService.findByUsername(username);
|
|
5
|
-
const r = await userService.changeUserPassword(user.
|
|
5
|
+
const r = await userService.changeUserPassword(user._id, password);
|
|
6
6
|
console.log("User password recovered. Username: " + username);
|
|
7
7
|
}
|
|
8
8
|
export default RecoveryUserPassword;
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import { object, string, date } from "zod";
|
|
2
|
+
const TenantBaseSchema = object({
|
|
3
|
+
name: string({ required_error: "validation.required" })
|
|
4
|
+
.min(1, "validation.required")
|
|
5
|
+
.regex(/^[A-Z]/, "validation.startWithUpperCase"),
|
|
6
|
+
});
|
|
7
|
+
const TenantSchema = TenantBaseSchema.extend({
|
|
8
|
+
id: string(),
|
|
9
|
+
createdAt: date(),
|
|
10
|
+
updatedAt: date()
|
|
11
|
+
});
|
|
12
|
+
export { TenantSchema, TenantBaseSchema };
|
package/dist/zod/TenantZod.js
CHANGED
|
@@ -1,8 +1,10 @@
|
|
|
1
1
|
import { object, string } from "zod";
|
|
2
|
-
const
|
|
2
|
+
const TenantBaseSchema = object({
|
|
3
3
|
name: string({ required_error: "validation.required" })
|
|
4
4
|
.min(1, "validation.required")
|
|
5
5
|
.regex(/^[A-Z]/, "validation.startWithUpperCase"),
|
|
6
6
|
});
|
|
7
|
-
|
|
8
|
-
|
|
7
|
+
const TenantSchema = TenantBaseSchema.extend({
|
|
8
|
+
id: string(),
|
|
9
|
+
});
|
|
10
|
+
export { TenantSchema, TenantBaseSchema };
|
|
@@ -1,9 +1,13 @@
|
|
|
1
1
|
import { array, object, string } from "zod";
|
|
2
|
-
const
|
|
2
|
+
const userApiKeyBaseSchema = object({
|
|
3
3
|
name: string({ required_error: "validation.required" })
|
|
4
4
|
.min(1, "validation.required"),
|
|
5
5
|
ipv4: array(string().ip({ version: "v4", message: 'validation.invalidIpv4' })),
|
|
6
6
|
ipv6: array(string().ip({ version: "v6", message: 'validation.invalidIpv6' })),
|
|
7
7
|
});
|
|
8
|
-
|
|
9
|
-
|
|
8
|
+
const userApiKeySchema = userApiKeyBaseSchema.extend({
|
|
9
|
+
id: string(),
|
|
10
|
+
createdBy: string(),
|
|
11
|
+
});
|
|
12
|
+
export default userApiKeyBaseSchema;
|
|
13
|
+
export { userApiKeyBaseSchema, userApiKeySchema };
|
package/package.json
CHANGED
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
"publishConfig": {
|
|
4
4
|
"access": "public"
|
|
5
5
|
},
|
|
6
|
-
"version": "0.
|
|
6
|
+
"version": "0.12.1",
|
|
7
7
|
"description": "Identity module for user management, authentication and authorization.",
|
|
8
8
|
"main": "dist/index.js",
|
|
9
9
|
"types": "types/index.d.ts",
|
|
@@ -28,11 +28,11 @@
|
|
|
28
28
|
"author": "Cristian Incarnato & Drax Team",
|
|
29
29
|
"license": "ISC",
|
|
30
30
|
"dependencies": {
|
|
31
|
-
"@drax/common-back": "^0.
|
|
32
|
-
"@drax/crud-back": "^0.
|
|
33
|
-
"@drax/crud-share": "^0.
|
|
34
|
-
"@drax/email-back": "^0.
|
|
35
|
-
"@drax/identity-share": "^0.
|
|
31
|
+
"@drax/common-back": "^0.12.1",
|
|
32
|
+
"@drax/crud-back": "^0.12.1",
|
|
33
|
+
"@drax/crud-share": "^0.12.1",
|
|
34
|
+
"@drax/email-back": "^0.12.1",
|
|
35
|
+
"@drax/identity-share": "^0.12.1",
|
|
36
36
|
"bcryptjs": "^2.4.3",
|
|
37
37
|
"express-jwt": "^8.4.1",
|
|
38
38
|
"graphql": "^16.8.2",
|
|
@@ -41,7 +41,7 @@
|
|
|
41
41
|
},
|
|
42
42
|
"peerDependencies": {
|
|
43
43
|
"better-sqlite3": "^11.0.0",
|
|
44
|
-
"fastify": "^
|
|
44
|
+
"fastify": "^5.2.1",
|
|
45
45
|
"mongoose": "^8.6.3",
|
|
46
46
|
"mongoose-paginate-v2": "^1.8.3",
|
|
47
47
|
"mongoose-unique-validator": "^5.0.1"
|
|
@@ -56,12 +56,13 @@
|
|
|
56
56
|
"ts-node": "^10.9.2",
|
|
57
57
|
"tsc-alias": "^1.8.10",
|
|
58
58
|
"tsx": "^3.12.7",
|
|
59
|
-
"typescript": "^5.4.5"
|
|
59
|
+
"typescript": "^5.4.5",
|
|
60
|
+
"vitest": "^3.0.8"
|
|
60
61
|
},
|
|
61
62
|
"config": {
|
|
62
63
|
"mongodbMemoryServer": {
|
|
63
64
|
"debug": "0"
|
|
64
65
|
}
|
|
65
66
|
},
|
|
66
|
-
"gitHead": "
|
|
67
|
+
"gitHead": "76fd366e12449f5f605662197f985a28d98058a2"
|
|
67
68
|
}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import type {IRole, IRoleBase} from "@drax/identity-share";
|
|
2
2
|
import {AbstractFastifyController} from "@drax/crud-back";
|
|
3
|
-
import {
|
|
3
|
+
import { NotFoundError} from "@drax/common-back";
|
|
4
4
|
|
|
5
5
|
import RoleServiceFactory from "../factory/RoleServiceFactory.js";
|
|
6
6
|
import RoleService from "../services/RoleService.js";
|
|
@@ -21,19 +21,12 @@ class RoleController extends AbstractFastifyController<IRole, IRoleBase, IRoleBa
|
|
|
21
21
|
const name = request.params.name
|
|
22
22
|
const roleService = RoleServiceFactory()
|
|
23
23
|
let role = await roleService.findByName(name)
|
|
24
|
+
if(!role){
|
|
25
|
+
throw new NotFoundError()
|
|
26
|
+
}
|
|
24
27
|
return role
|
|
25
28
|
} catch (e) {
|
|
26
|
-
|
|
27
|
-
if (e instanceof ValidationError) {
|
|
28
|
-
reply.statusCode = e.statusCode
|
|
29
|
-
reply.send({error: e.message, inputErrors: e.errors})
|
|
30
|
-
} else if (e instanceof UnauthorizedError) {
|
|
31
|
-
reply.statusCode = e.statusCode
|
|
32
|
-
reply.send({error: e.message})
|
|
33
|
-
} else {
|
|
34
|
-
reply.statusCode = 500
|
|
35
|
-
reply.send({error: 'INTERNAL_SERVER_ERROR'})
|
|
36
|
-
}
|
|
29
|
+
this.handleError(e,reply)
|
|
37
30
|
}
|
|
38
31
|
}
|
|
39
32
|
|
|
@@ -43,22 +36,12 @@ class RoleController extends AbstractFastifyController<IRole, IRoleBase, IRoleBa
|
|
|
43
36
|
const roleService = RoleServiceFactory()
|
|
44
37
|
let roles = await roleService.fetchAll()
|
|
45
38
|
if(request.rbac.getRole?.childRoles?.length > 0) {
|
|
46
|
-
return roles.filter(role => request.rbac.getRole.childRoles.some(childRole => childRole.
|
|
39
|
+
return roles.filter(role => request.rbac.getRole.childRoles.some(childRole => childRole._id === role._id));
|
|
47
40
|
}else{
|
|
48
41
|
return roles
|
|
49
42
|
}
|
|
50
43
|
} catch (e) {
|
|
51
|
-
|
|
52
|
-
if (e instanceof ValidationError) {
|
|
53
|
-
reply.statusCode = e.statusCode
|
|
54
|
-
reply.send({error: e.message, inputErrors: e.errors})
|
|
55
|
-
} else if (e instanceof UnauthorizedError) {
|
|
56
|
-
reply.statusCode = e.statusCode
|
|
57
|
-
reply.send({error: e.message})
|
|
58
|
-
} else {
|
|
59
|
-
reply.statusCode = 500
|
|
60
|
-
reply.send({error: 'INTERNAL_SERVER_ERROR'})
|
|
61
|
-
}
|
|
44
|
+
this.handleError(e,reply)
|
|
62
45
|
}
|
|
63
46
|
}
|
|
64
47
|
|
|
@@ -68,23 +51,12 @@ class RoleController extends AbstractFastifyController<IRole, IRoleBase, IRoleBa
|
|
|
68
51
|
let permissions = PermissionService.getPermissions()
|
|
69
52
|
return permissions
|
|
70
53
|
}catch (e){
|
|
71
|
-
|
|
72
|
-
if (e instanceof UnauthorizedError) {
|
|
73
|
-
reply.statusCode = e.statusCode
|
|
74
|
-
reply.send({error: e.message})
|
|
75
|
-
} else {
|
|
76
|
-
reply.statusCode = 500
|
|
77
|
-
reply.send({error: 'INTERNAL_SERVER_ERROR'})
|
|
78
|
-
}
|
|
54
|
+
this.handleError(e,reply)
|
|
79
55
|
}
|
|
80
56
|
}
|
|
81
57
|
|
|
82
58
|
|
|
83
59
|
|
|
84
|
-
async xxxx(request, reply) {
|
|
85
|
-
|
|
86
|
-
}
|
|
87
|
-
|
|
88
60
|
}
|
|
89
61
|
|
|
90
62
|
export default RoleController;
|
|
@@ -14,37 +14,14 @@ class TenantController extends AbstractFastifyController<ITenant, ITenantBase, I
|
|
|
14
14
|
super(TenantServiceFactory(), TenantPermissions)
|
|
15
15
|
}
|
|
16
16
|
|
|
17
|
-
|
|
18
|
-
try {
|
|
19
|
-
request.rbac.assertPermission(this.permission.View)
|
|
20
|
-
if(!request.params.id){
|
|
21
|
-
reply.statusCode = 400
|
|
22
|
-
reply.send({error: 'BAD REQUEST'})
|
|
23
|
-
}
|
|
24
|
-
const name = request.params.name
|
|
25
|
-
let item = await this.service.findByName(name)
|
|
26
|
-
return item
|
|
27
|
-
} catch (e) {
|
|
28
|
-
console.error(e)
|
|
29
|
-
if (e instanceof ValidationError) {
|
|
30
|
-
reply.statusCode = e.statusCode
|
|
31
|
-
reply.send({error: e.message, inputErrors: e.errors})
|
|
32
|
-
} else if (e instanceof UnauthorizedError) {
|
|
33
|
-
reply.statusCode = e.statusCode
|
|
34
|
-
reply.send({error: e.message})
|
|
35
|
-
} else {
|
|
36
|
-
reply.statusCode = 500
|
|
37
|
-
reply.send({error: 'INTERNAL_SERVER_ERROR'})
|
|
38
|
-
}
|
|
39
|
-
}
|
|
40
|
-
}
|
|
17
|
+
|
|
41
18
|
|
|
42
19
|
async all(request, reply) {
|
|
43
20
|
try {
|
|
44
21
|
request.rbac.assertPermission(this.permission.View)
|
|
45
22
|
let tenants = await this.service.fetchAll()
|
|
46
23
|
if(request.rbac.getAuthUser.tenantId){
|
|
47
|
-
return tenants.filter(t => t.
|
|
24
|
+
return tenants.filter(t => t._id === request.rbac.getAuthUser.tenantId)
|
|
48
25
|
}else{
|
|
49
26
|
return tenants
|
|
50
27
|
}
|
|
@@ -27,7 +27,7 @@ class UserApiKeyController extends AbstractFastifyController<IUserApiKey, IUserA
|
|
|
27
27
|
const filters = []
|
|
28
28
|
|
|
29
29
|
if(!request.rbac.hasPermission(UserApiKeyPermissions.View)){
|
|
30
|
-
filters.push({field: "user", operator: "eq", value: request.rbac.
|
|
30
|
+
filters.push({field: "user", operator: "eq", value: request.rbac.userId})
|
|
31
31
|
}
|
|
32
32
|
|
|
33
33
|
const page = request.query.page
|
|
@@ -58,9 +58,14 @@ class UserApiKeyController extends AbstractFastifyController<IUserApiKey, IUserA
|
|
|
58
58
|
|
|
59
59
|
async create(request, reply) {
|
|
60
60
|
try {
|
|
61
|
-
request.rbac.
|
|
61
|
+
request.rbac.assertOrPermissions([UserApiKeyPermissions.Create, UserApiKeyPermissions.CreateMy])
|
|
62
62
|
const payload = request.body
|
|
63
|
-
|
|
63
|
+
|
|
64
|
+
if(!request.rbac.hasPermission(UserApiKeyPermissions.Create) || !payload.user){
|
|
65
|
+
payload.user = request.rbac.userId
|
|
66
|
+
}
|
|
67
|
+
|
|
68
|
+
payload.createdBy = request.rbac.userId
|
|
64
69
|
|
|
65
70
|
const userApiKeyService = UserApiKeyServiceFactory()
|
|
66
71
|
|