@drax/identity-back 0.13.0 → 0.13.1

package/dist/middleware/apiKeyMiddleware.js

@@ -21,9 +21,13 @@ async function apiKeyMiddleware(request, reply) {
         if (apiKey) {
             const userApiKey = await draxCache.getOrLoad(apiKey, userApiKeyLoader);
             if (userApiKey && userApiKey.user) {
-                request.authUser = userApiKey.user;
-                request.authUser.roleId = userApiKey.user.role._id;
-                request.authUser.tenantId = userApiKey.user?.tenant?._id;
+                const authUser = {
+                    id: userApiKey.user._id.toString(),
+                    username: userApiKey.user.username,
+                    roleId: userApiKey.user.role?._id?.toString(),
+                    tenantId: userApiKey.user?.tenant?._id?.toString(),
+                };
+                request.authUser = authUser;
             }
         }
         return;

package/dist/rbac/Rbac.js

@@ -8,13 +8,24 @@ class Rbac {
         return this.role;
     }
     get getAuthUser() {
-        return this.authUser;
+        return {
+            id: this.userId,
+            username: this.username,
+            roleId: this.roleId,
+            tenantId: this.tenantId
+        };
+    }
+    get username() {
+        return this.authUser.username;
     }
     get userId() {
-        return this.authUser.id;
+        return this.authUser?.id.toString();
+    }
+    get roleId() {
+        return this.authUser?.roleId.toString();
     }
     get tenantId() {
-        return this.authUser.tenantId;
+        return this.authUser?.tenantId?.toString();
     }
     assertAuthenticated() {
         if (!this.authUser) {
@@ -43,11 +54,17 @@ class Rbac {
         throw new ForbiddenError();
     }
     assertUserId(userId) {
+        if (userId && typeof userId != 'string') {
+            throw new Error('Rbac Error: userId must be a string');
+        }
         if (this.userId != userId) {
             throw new UnauthorizedError();
         }
     }
     assertTenantId(tenantId) {
+        if (tenantId && typeof tenantId != 'string') {
+            throw new Error('Rbac Error: tenantId must be a string or null|undefined');
+        }
         if (this.tenantId && this.tenantId != tenantId) {
             throw new UnauthorizedError();
         }

package/dist/repository/mongo/UserApiKeyMongoRepository.js

@@ -10,7 +10,7 @@ class UserApiKeyMongoRepository extends AbstractMongoRepository {
             { path: 'createdBy', populate: { path: 'tenant role' } },
         ];
         this._model = UserApiKeyModel;
-        this._lean = false;
+        this._lean = true;
     }
     async delete(id) {
         const userApiKey = await UserApiKeyModel

package/dist/repository/mongo/UserMongoRepository.js

@@ -8,7 +8,7 @@ class UserMongoRepository extends AbstractMongoRepository {
         this._searchFields = ['name', 'username', 'email', 'phone'];
         this._populateFields = ['role', 'tenant'];
         this._model = UserModel;
-        this._lean = false;
+        this._lean = true;
         this.roleRepository = new RoleMongoRepository();
     }
     async create(userData) {

package/package.json

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "0.13.0",
+  "version": "0.13.1",
   "description": "Identity module for user management, authentication and authorization.",
   "main": "dist/index.js",
   "types": "types/index.d.ts",
@@ -29,10 +29,10 @@
   "license": "ISC",
   "dependencies": {
     "@drax/common-back": "^0.13.0",
-    "@drax/crud-back": "^0.13.0",
+    "@drax/crud-back": "^0.13.1",
     "@drax/crud-share": "^0.13.0",
     "@drax/email-back": "^0.13.0",
-    "@drax/identity-share": "^0.13.0",
+    "@drax/identity-share": "^0.13.1",
     "bcryptjs": "^2.4.3",
     "express-jwt": "^8.4.1",
     "graphql": "^16.8.2",
@@ -64,5 +64,5 @@
       "debug": "0"
     }
   },
-  "gitHead": "ff7df3bb96303a056ad2e1ee70dc9dfa4a43ef9e"
+  "gitHead": "240696be4da58de762018927cda04f6c2446a473"
 }

package/src/middleware/apiKeyMiddleware.ts

@@ -1,4 +1,4 @@
-import {IUserApiKey} from "@drax/identity-share";
+import {IAuthUser, IUserApiKey} from "@drax/identity-share";
 import {DraxCache, DraxConfig} from "@drax/common-back";
 import UserApiKeyServiceFactory from "../factory/UserApiKeyServiceFactory.js";
 import IdentityConfig from "../config/IdentityConfig.js";
@@ -29,9 +29,13 @@ async function apiKeyMiddleware (request, reply) {
             if(apiKey){
                 const userApiKey = await draxCache.getOrLoad(apiKey, userApiKeyLoader)
                 if(userApiKey && userApiKey.user){
-                    request.authUser = userApiKey.user
-                    request.authUser.roleId = userApiKey.user.role._id
-                    request.authUser.tenantId = userApiKey.user?.tenant?._id
+                    const authUser: IAuthUser = {
+                        id: userApiKey.user._id.toString(),
+                        username: userApiKey.user.username,
+                        roleId:  userApiKey.user.role?._id?.toString(),
+                        tenantId: userApiKey.user?.tenant?._id?.toString(),
+                    }
+                    request.authUser = authUser
                 }
             }
             return

package/src/rbac/Rbac.ts

@@ -1,29 +1,43 @@
 import type {IJwtUser, IRole, IRbac} from "@drax/identity-share";
 import {UnauthorizedError, ForbiddenError} from "@drax/common-back";
+import {IAuthUser} from "@drax/identity-share/dist";
 
 class Rbac implements IRbac{
     private role: IRole;
-    private authUser: IJwtUser;
+    private authUser: IAuthUser;
 
     constructor(authUser: IJwtUser, role: IRole) {
         this.authUser = authUser;
         this.role = role;
     }
 
-    get getRole() {
+    get getRole(): IRole {
         return this.role
     }
 
-    get getAuthUser() {
-        return this.authUser
+    get getAuthUser():IAuthUser {
+        return {
+            id: this.userId,
+            username: this.username,
+            roleId: this.roleId,
+            tenantId: this.tenantId
+        }
+    }
+
+    get username(): string{
+        return this.authUser.username
     }
 
-    get userId(){
-        return this.authUser.id
+    get userId(): string  {
+        return this.authUser?.id.toString()
     }
 
-    get tenantId(){
-        return this.authUser.tenantId
+    get roleId(): string  {
+        return this.authUser?.roleId.toString()
+    }
+
+    get tenantId(): string | undefined  {
+        return this.authUser?.tenantId?.toString();
     }
 
     assertAuthenticated() {
@@ -61,15 +75,26 @@ class Rbac implements IRbac{
 
 
     assertUserId(userId: string) {
+
+        if(userId && typeof userId != 'string'){
+            throw new Error('Rbac Error: userId must be a string')
+        }
+
         if (this.userId != userId) {
             throw new UnauthorizedError()
         }
     }
 
     assertTenantId(tenantId: string) {
+
+        if(tenantId && typeof tenantId != 'string'){
+            throw new Error('Rbac Error: tenantId must be a string or null|undefined')
+        }
+
         if (this.tenantId && this.tenantId != tenantId) {
             throw new UnauthorizedError()
         }
+
     }
 
 }

package/src/repository/mongo/UserApiKeyMongoRepository.ts

@@ -18,7 +18,7 @@ class UserApiKeyMongoRepository extends AbstractMongoRepository<IUserApiKey,IUse
         {path: 'createdBy', populate: {path: 'tenant role'} },
     ]
     protected _model = UserApiKeyModel
-    protected _lean = false
+    protected _lean = true
 
 
     async delete(id: string): Promise<boolean> {

package/src/repository/mongo/UserMongoRepository.ts

@@ -19,7 +19,7 @@ class UserMongoRepository extends AbstractMongoRepository<IUser,IUserCreate,IUse
     protected _searchFields = ['name','username','email','phone']
     protected _populateFields = ['role','tenant']
     protected _model = UserModel
-    protected _lean = false
+    protected _lean = true
 
     constructor() {
         super()

package/test/repository/mongo/user-apikey-mongo-repository.test.ts

@@ -1,4 +1,4 @@
-import {beforeAll, afterAll, describe, it, test} from "vitest"
+import {beforeAll, afterAll, describe, test, expect} from "vitest"
 import assert, {equal} from "assert";
 import UserApiKeyMongoRepository from "../../../src/repository/mongo/UserApiKeyMongoRepository";
 import MongoInMemory from "../../db/MongoInMemory";
@@ -35,14 +35,13 @@ describe("UserApiKeyRepositoryTest", function () {
         data = (await import("../../data-obj/apikey/root-mongo-user-apikey")).default
         console.log("Data:",data)
         let userApiKeyCreated = await userApiKeyRepository.create(data)
-        equal(userApiKeyCreated.name, data.name)
+        expect(userApiKeyCreated.name).toBe(data.name)
     })
 
     test("Find mongo user by ID successfully", async function () {
         data = (await import("../../data-obj/apikey/root-mongo-user-apikey")).default
         let userApiKeyFound = await userApiKeyRepository.findById(data._id)
-
-        equal(userApiKeyFound.name, data.name)
+        expect(userApiKeyFound.name).toBe(data.name)
     })
 
     test("Find mongo user by secret successfully", async function () {

package/test/repository/mongo/user-mongo-repository.test.ts

@@ -1,4 +1,4 @@
-import  {beforeAll, afterAll, describe, test} from "vitest"
+import  {beforeAll, afterAll, describe, test, expect} from "vitest"
 import assert, {equal} from "assert";
 import UserMongoRepository from "../../../src/repository/mongo/UserMongoRepository";
 import MongoInMemory from "../../db/MongoInMemory";
@@ -6,6 +6,7 @@ import RoleMongoInitializer from "../../initializers/RoleMongoInitializer";
 import {IUser} from "../../../../identity-share/src/interfaces/IUser";
 import type {IDraxPaginateResult} from "@drax/crud-share";
 import {mongoose, ValidationError} from "@drax/common-back";
+import {object} from "zod";
 
 
 describe("UserRepositoryTest", function () {
@@ -102,7 +103,9 @@ describe("UserRepositoryTest", function () {
     test("Find mongo user by ID successfully", async function () {
         let adminData = (await import("../../data-obj/users/root-mongo-user")).default
         let userFound = await userRepository.findById(adminData._id)
+        console.log("userFound",userFound)
         equal(userFound.username, userAdminData.username)
+        expect(userFound).toBeInstanceOf(Object)
     })
 
     test("Find mongo user by username successfully", async function () {

package/test/routes/helpers/FastifyTestServerFactory.ts

@@ -19,14 +19,6 @@ const FastifyTestServerFactory = () => {
     fastify.addHook('onRequest', rbacMiddleware)
     fastify.addHook('onRequest', apiKeyMiddleware)
 
-
-    // fastify.addHook('preHandler', async (request, reply) => {
-    //     //@ts-ignore
-    //     request.rbac = {assertPermission: () => true, getAuthUser: {username: 'admin', tenantId: ''}};
-    //     //@ts-ignore
-    //     request.authUser = {id:USER._id, username: USER.username, tenantId: '', roleId: USER.role};
-    // });
-
     return fastify
 }
 

package/test/routes/user-route.test.ts

@@ -4,12 +4,11 @@ import MongoInMemory from "../db/MongoInMemory";
 process.env.DRAX_DB_ENGINE = "mongo"
 process.env.DRAX_JWT_SECRET = "asdasdasd"
 
-// import {InitializePermissions} from "./helpers/InitializePermissions.js"
-// import {CreateRootUserAndAdminRole} from "./helpers/CreateRootUserAndAdminRole.js"
+
 import {SetupIdentityDrax} from "./helpers/SetupIdentityDrax.js"
 import {FastifyTestServerFactory} from './helpers/FastifyTestServerFactory.js'
-import {IRoleBase, IUserCreate} from "@drax/identity-share";
-import {UserRoutes, RoleServiceFactory, UserServiceFactory, PermissionService} from "../../src/index.js"
+import {IUserCreate} from "@drax/identity-share";
+import {UserRoutes} from "../../src/index.js"
 
 
 const USER1: IUserCreate = {