@drax/identity-back 0.5.3 → 0.5.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (60) hide show
  1. package/dist/controllers/RoleController.js +84 -0
  2. package/dist/controllers/TenantController.js +1 -2
  3. package/dist/controllers/UserApiKeyController.js +127 -0
  4. package/dist/controllers/UserController.js +295 -0
  5. package/dist/index.js +1 -2
  6. package/dist/repository/mongo/RoleMongoRepository.js +12 -3
  7. package/dist/repository/mongo/TenantMongoRepository.js +11 -0
  8. package/dist/routes/RoleRoutes.js +11 -207
  9. package/dist/routes/TenantRoutes.js +1 -0
  10. package/dist/routes/UserApiKeyRoutes.js +6 -114
  11. package/dist/routes/UserRoutes.js +12 -218
  12. package/dist/services/RoleService.js +42 -2
  13. package/dist/services/TenantService.js +5 -0
  14. package/dist/services/UserApiKeyService.js +9 -1
  15. package/dist/services/UserService.js +14 -4
  16. package/dist/setup/CreateOrUpdateRole.js +1 -1
  17. package/package.json +4 -4
  18. package/src/controllers/RoleController.ts +94 -0
  19. package/src/controllers/TenantController.ts +1 -2
  20. package/src/controllers/UserApiKeyController.ts +144 -0
  21. package/src/controllers/UserController.ts +300 -0
  22. package/src/index.ts +0 -2
  23. package/src/repository/mongo/RoleMongoRepository.ts +12 -3
  24. package/src/repository/mongo/TenantMongoRepository.ts +11 -0
  25. package/src/routes/RoleRoutes.ts +11 -186
  26. package/src/routes/TenantRoutes.ts +2 -0
  27. package/src/routes/UserApiKeyRoutes.ts +6 -113
  28. package/src/routes/UserRoutes.ts +12 -202
  29. package/src/services/RoleService.ts +45 -4
  30. package/src/services/TenantService.ts +7 -1
  31. package/src/services/UserApiKeyService.ts +11 -1
  32. package/src/services/UserService.ts +16 -4
  33. package/src/setup/CreateOrUpdateRole.ts +1 -1
  34. package/tsconfig.tsbuildinfo +1 -1
  35. package/types/controllers/RoleController.d.ts +14 -0
  36. package/types/controllers/RoleController.d.ts.map +1 -0
  37. package/types/controllers/TenantController.d.ts.map +1 -1
  38. package/types/controllers/UserApiKeyController.d.ts +14 -0
  39. package/types/controllers/UserApiKeyController.d.ts.map +1 -0
  40. package/types/controllers/UserController.d.ts +27 -0
  41. package/types/controllers/UserController.d.ts.map +1 -0
  42. package/types/index.d.ts +1 -2
  43. package/types/index.d.ts.map +1 -1
  44. package/types/repository/mongo/RoleMongoRepository.d.ts +2 -0
  45. package/types/repository/mongo/RoleMongoRepository.d.ts.map +1 -1
  46. package/types/repository/mongo/TenantMongoRepository.d.ts +2 -0
  47. package/types/repository/mongo/TenantMongoRepository.d.ts.map +1 -1
  48. package/types/routes/RoleRoutes.d.ts.map +1 -1
  49. package/types/routes/TenantRoutes.d.ts.map +1 -1
  50. package/types/routes/UserApiKeyRoutes.d.ts.map +1 -1
  51. package/types/routes/UserRoutes.d.ts.map +1 -1
  52. package/types/services/RoleService.d.ts +5 -1
  53. package/types/services/RoleService.d.ts.map +1 -1
  54. package/types/services/TenantService.d.ts +1 -0
  55. package/types/services/TenantService.d.ts.map +1 -1
  56. package/types/services/UserApiKeyService.d.ts +2 -1
  57. package/types/services/UserApiKeyService.d.ts.map +1 -1
  58. package/types/services/UserService.d.ts +3 -1
  59. package/types/services/UserService.d.ts.map +1 -1
  60. package/src/routes/UserAvatarRoutes.ts +0 -82
package/dist/routes/RoleRoutes.js CHANGED
@@ -1,211 +1,15 @@
1
- import { ValidationError, UnauthorizedError } from "@drax/common-back";
2
- import RoleServiceFactory from "../factory/RoleServiceFactory.js";
3
- import { IdentityPermissions } from "../permissions/IdentityPermissions.js";
4
- import { PermissionService } from "../services/PermissionService.js";
1
+ import RoleController from "../controllers/RoleController.js";
5
2
  async function RoleRoutes(fastify, options) {
6
- fastify.get('/api/permissions', async (request, reply) => {
7
- try {
8
- request.rbac.assertPermission(IdentityPermissions.PermissionsRole);
9
- let permissions = PermissionService.getPermissions();
10
- return permissions;
11
- }
12
- catch (e) {
13
- console.error(e);
14
- if (e instanceof UnauthorizedError) {
15
- reply.statusCode = e.statusCode;
16
- reply.send({ error: e.message });
17
- }
18
- else {
19
- reply.statusCode = 500;
20
- reply.send({ error: 'INTERNAL_SERVER_ERROR' });
21
- }
22
- }
23
- });
24
- fastify.get('/api/roles/:id', async (request, reply) => {
25
- try {
26
- request.rbac.assertPermission(IdentityPermissions.ViewRole);
27
- const id = request.params.id;
28
- const roleService = RoleServiceFactory();
29
- let role = await roleService.findById(id);
30
- return role;
31
- }
32
- catch (e) {
33
- console.error(e);
34
- if (e instanceof ValidationError) {
35
- reply.statusCode = e.statusCode;
36
- reply.send({ error: e.message, inputErrors: e.errors });
37
- }
38
- else if (e instanceof UnauthorizedError) {
39
- reply.statusCode = e.statusCode;
40
- reply.send({ error: e.message });
41
- }
42
- else {
43
- reply.statusCode = 500;
44
- reply.send({ error: 'INTERNAL_SERVER_ERROR' });
45
- }
46
- }
47
- });
48
- fastify.get('/api/roles/name/:name', async (request, reply) => {
49
- try {
50
- request.rbac.assertPermission(IdentityPermissions.ViewRole);
51
- const name = request.params.name;
52
- const roleService = RoleServiceFactory();
53
- let role = await roleService.findByName(name);
54
- return role;
55
- }
56
- catch (e) {
57
- console.error(e);
58
- if (e instanceof ValidationError) {
59
- reply.statusCode = e.statusCode;
60
- reply.send({ error: e.message, inputErrors: e.errors });
61
- }
62
- else if (e instanceof UnauthorizedError) {
63
- reply.statusCode = e.statusCode;
64
- reply.send({ error: e.message });
65
- }
66
- else {
67
- reply.statusCode = 500;
68
- reply.send({ error: 'INTERNAL_SERVER_ERROR' });
69
- }
70
- }
71
- });
72
- fastify.get('/api/roles/all', async (request, reply) => {
73
- try {
74
- request.rbac.assertPermission(IdentityPermissions.ViewRole);
75
- const roleService = RoleServiceFactory();
76
- let roles = await roleService.fetchAll();
77
- if (request.rbac.getRole?.childRoles?.length > 0) {
78
- return roles.filter(role => request.rbac.getRole.childRoles.some(childRole => childRole.id === role.id));
79
- }
80
- else {
81
- return roles;
82
- }
83
- }
84
- catch (e) {
85
- console.error(e);
86
- if (e instanceof ValidationError) {
87
- reply.statusCode = e.statusCode;
88
- reply.send({ error: e.message, inputErrors: e.errors });
89
- }
90
- else if (e instanceof UnauthorizedError) {
91
- reply.statusCode = e.statusCode;
92
- reply.send({ error: e.message });
93
- }
94
- else {
95
- reply.statusCode = 500;
96
- reply.send({ error: 'INTERNAL_SERVER_ERROR' });
97
- }
98
- }
99
- });
100
- fastify.get('/api/roles', async (request, reply) => {
101
- try {
102
- request.rbac.assertPermission(IdentityPermissions.ViewRole);
103
- const page = request.query.page;
104
- const limit = request.query.limit;
105
- const orderBy = request.query.orderBy;
106
- const order = request.query.order;
107
- const search = request.query.search;
108
- const roleService = RoleServiceFactory();
109
- let paginateResult = await roleService.paginate({ page, limit, search, orderBy, order });
110
- return paginateResult;
111
- }
112
- catch (e) {
113
- console.error(e);
114
- if (e instanceof ValidationError) {
115
- reply.statusCode = e.statusCode;
116
- reply.send({ error: e.message, inputErrors: e.errors });
117
- }
118
- else if (e instanceof UnauthorizedError) {
119
- reply.statusCode = e.statusCode;
120
- reply.send({ error: e.message });
121
- }
122
- else {
123
- reply.statusCode = 500;
124
- reply.send({ error: 'INTERNAL_SERVER_ERROR' });
125
- }
126
- }
127
- });
128
- fastify.post('/api/roles', async (request, reply) => {
129
- try {
130
- request.rbac.assertPermission(IdentityPermissions.CreateRole);
131
- const payload = request.body;
132
- const roleService = RoleServiceFactory();
133
- let role = await roleService.create(payload);
134
- return role;
135
- }
136
- catch (e) {
137
- console.error(e);
138
- if (e instanceof ValidationError) {
139
- reply.statusCode = e.statusCode;
140
- reply.send({ error: e.message, inputErrors: e.errors });
141
- }
142
- else if (e instanceof UnauthorizedError) {
143
- reply.statusCode = e.statusCode;
144
- reply.send({ error: e.message });
145
- }
146
- else {
147
- reply.statusCode = 500;
148
- reply.send({ error: 'INTERNAL_SERVER_ERROR' });
149
- }
150
- }
151
- });
152
- fastify.put('/api/roles/:id', async (request, reply) => {
153
- try {
154
- request.rbac.assertPermission(IdentityPermissions.UpdateRole);
155
- const id = request.params.id;
156
- const payload = request.body;
157
- const roleService = RoleServiceFactory();
158
- const currentRole = await roleService.findById(id);
159
- if (currentRole.readonly) {
160
- throw new ValidationError([{ field: 'name', reason: "role.readonly", value: payload.name }]);
161
- }
162
- let role = await roleService.update(id, payload);
163
- return role;
164
- }
165
- catch (e) {
166
- console.error(e);
167
- if (e instanceof ValidationError) {
168
- reply.statusCode = e.statusCode;
169
- reply.send({ error: e.message, inputErrors: e.errors });
170
- }
171
- else if (e instanceof UnauthorizedError) {
172
- reply.statusCode = e.statusCode;
173
- reply.send({ error: e.message });
174
- }
175
- else {
176
- reply.statusCode = 500;
177
- reply.send({ error: 'INTERNAL_SERVER_ERROR' });
178
- }
179
- }
180
- });
181
- fastify.delete('/api/roles/:id', async (request, reply) => {
182
- try {
183
- request.rbac.assertPermission(IdentityPermissions.DeleteRole);
184
- const id = request.params.id;
185
- const roleService = RoleServiceFactory();
186
- const currentRole = await roleService.findById(id);
187
- if (currentRole.readonly) {
188
- throw new UnauthorizedError();
189
- }
190
- let r = await roleService.delete(id);
191
- return r;
192
- }
193
- catch (e) {
194
- console.error(e);
195
- if (e instanceof ValidationError) {
196
- reply.statusCode = e.statusCode;
197
- reply.send({ error: e.message, inputErrors: e.errors });
198
- }
199
- else if (e instanceof UnauthorizedError) {
200
- reply.statusCode = e.statusCode;
201
- reply.send({ error: e.message });
202
- }
203
- else {
204
- reply.statusCode = 500;
205
- reply.send({ error: 'INTERNAL_SERVER_ERROR' });
206
- }
207
- }
208
- });
3
+ const controller = new RoleController();
4
+ fastify.get('/api/permissions', (req, rep) => controller.permissions(req, rep));
5
+ fastify.get('/api/roles/search', (req, rep) => controller.search(req, rep));
6
+ fastify.get('/api/roles/:id', (req, rep) => controller.findById(req, rep));
7
+ fastify.get('/api/roles/name/:name', (req, rep) => controller.findByName(req, rep));
8
+ fastify.get('/api/roles/all', (req, rep) => controller.all(req, rep));
9
+ fastify.get('/api/roles', (req, rep) => controller.paginate(req, rep));
10
+ fastify.post('/api/roles', (req, rep) => controller.create(req, rep));
11
+ fastify.put('/api/roles/:id', (req, rep) => controller.update(req, rep));
12
+ fastify.delete('/api/roles/:id', (req, rep) => controller.delete(req, rep));
209
13
  }
210
14
  export default RoleRoutes;
211
15
  export { RoleRoutes };
package/dist/routes/TenantRoutes.js CHANGED
@@ -2,6 +2,7 @@ import TenantController from '../controllers/TenantController.js';
2
2
  async function TenantRoutes(fastify, options) {
3
3
  const controller = new TenantController();
4
4
  fastify.get('/api/tenants/export', (req, rep) => controller.export(req, rep));
5
+ fastify.get('/api/tenants/search', (req, rep) => controller.search(req, rep));
5
6
  fastify.get('/api/tenants/:id', (req, rep) => controller.findById(req, rep));
6
7
  fastify.get('/api/tenants/name/:name', (req, rep) => controller.findByName(req, rep));
7
8
  fastify.get('/api/tenants/all', (req, rep) => controller.all(req, rep));
package/dist/routes/UserApiKeyRoutes.js CHANGED
@@ -1,118 +1,10 @@
1
- import UserApiKeyServiceFactory from "../factory/UserApiKeyServiceFactory.js";
2
- import { ValidationError, UnauthorizedError } from "@drax/common-back";
3
- import { IdentityPermissions } from "../permissions/IdentityPermissions.js";
1
+ import UserApiKeyController from "../controllers/UserApiKeyController.js";
4
2
  async function UserApiKeyRoutes(fastify, options) {
5
- fastify.get('/api/user-api-keys', async (request, reply) => {
6
- try {
7
- request.rbac.assertAuthenticated();
8
- request.rbac.assertOrPermissions([
9
- IdentityPermissions.ViewUserApiKey,
10
- IdentityPermissions.ViewMyUserApiKey
11
- ]);
12
- const filters = [];
13
- if (!request.rbac.hasPermission(IdentityPermissions.ViewUserApiKey)) {
14
- filters.push({ field: "user", operator: "eq", value: request.rbac.authUser.id });
15
- }
16
- const page = request.query.page;
17
- const limit = request.query.limit;
18
- const orderBy = request.query.orderBy;
19
- const order = request.query.order;
20
- const search = request.query.search;
21
- const userApiKeyService = UserApiKeyServiceFactory();
22
- let paginateResult = await userApiKeyService.paginate({ page, limit, orderBy, order, search, filters });
23
- return paginateResult;
24
- }
25
- catch (e) {
26
- console.log("/api/user-api-keys", e);
27
- if (e instanceof ValidationError) {
28
- reply.statusCode = e.statusCode;
29
- reply.send({ error: e.message, inputErrors: e.errors });
30
- }
31
- else if (e instanceof UnauthorizedError) {
32
- reply.statusCode = e.statusCode;
33
- reply.send({ error: e.message });
34
- }
35
- else {
36
- reply.statusCode = 500;
37
- reply.send({ error: 'error.server' });
38
- }
39
- }
40
- });
41
- fastify.post('/api/user-api-keys', async (request, reply) => {
42
- try {
43
- request.rbac.assertPermission(IdentityPermissions.CreateUserApiKey);
44
- const payload = request.body;
45
- payload.user = request.rbac.authUser.id;
46
- const userApiKeyService = UserApiKeyServiceFactory();
47
- let userApiKey = await userApiKeyService.create(payload);
48
- return userApiKey;
49
- }
50
- catch (e) {
51
- if (e instanceof ValidationError) {
52
- reply.statusCode = e.statusCode;
53
- reply.send({ error: e.message, inputErrors: e.errors });
54
- }
55
- else if (e instanceof UnauthorizedError) {
56
- reply.statusCode = e.statusCode;
57
- reply.send({ error: e.message });
58
- }
59
- else {
60
- reply.statusCode = 500;
61
- reply.send({ error: 'error.server' });
62
- }
63
- }
64
- });
65
- fastify.put('/api/user-api-keys/:id', async (request, reply) => {
66
- try {
67
- request.rbac.assertPermission(IdentityPermissions.UpdateUserApiKey);
68
- const id = request.params.id;
69
- const payload = request.body;
70
- const userApiKeyService = UserApiKeyServiceFactory();
71
- let userApiKey = await userApiKeyService.update(id, payload);
72
- return userApiKey;
73
- }
74
- catch (e) {
75
- if (e instanceof ValidationError) {
76
- reply.statusCode = e.statusCode;
77
- reply.send({ error: e.message, inputErrors: e.errors });
78
- }
79
- if (e instanceof UnauthorizedError) {
80
- reply.statusCode = e.statusCode;
81
- reply.send({ error: e.message });
82
- }
83
- else if (e instanceof UnauthorizedError) {
84
- reply.statusCode = e.statusCode;
85
- reply.send({ error: e.message });
86
- }
87
- else {
88
- reply.statusCode = 500;
89
- reply.send({ error: 'error.server' });
90
- }
91
- }
92
- });
93
- fastify.delete('/api/user-api-keys/:id', async (request, reply) => {
94
- try {
95
- request.rbac.assertPermission(IdentityPermissions.DeleteUserApiKey);
96
- const id = request.params.id;
97
- const userApiKeyService = UserApiKeyServiceFactory();
98
- let r = await userApiKeyService.delete(id);
99
- return r;
100
- }
101
- catch (e) {
102
- if (e instanceof ValidationError) {
103
- reply.statusCode = e.statusCode;
104
- reply.send({ error: e.message, inputErrors: e.errors });
105
- }
106
- else if (e instanceof UnauthorizedError) {
107
- reply.statusCode = e.statusCode;
108
- reply.send({ error: e.message });
109
- }
110
- else {
111
- reply.statusCode = 500;
112
- reply.send({ error: 'error.server' });
113
- }
114
- }
115
- });
3
+ const controller = new UserApiKeyController();
4
+ fastify.get('/api/user-api-keys', (req, rep) => controller.paginate(req, rep));
5
+ fastify.post('/api/user-api-keys', (req, rep) => controller.create(req, rep));
6
+ fastify.put('/api/user-api-keys/:id', (req, rep) => controller.update(req, rep));
7
+ fastify.delete('/api/user-api-keys/:id', (req, rep) => controller.delete(req, rep));
116
8
  }
117
9
  export default UserApiKeyRoutes;
118
10
  export { UserApiKeyRoutes };
package/dist/routes/UserRoutes.js CHANGED
@@ -1,222 +1,16 @@
1
- import UserServiceFactory from "../factory/UserServiceFactory.js";
2
- import { ValidationError, UnauthorizedError } from "@drax/common-back";
3
- import { IdentityPermissions } from "../permissions/IdentityPermissions.js";
4
- import BadCredentialsError from "../errors/BadCredentialsError.js";
1
+ import UserController from "../controllers/UserController.js";
5
2
  async function UserRoutes(fastify, options) {
6
- fastify.post('/api/auth', async (request, reply) => {
7
- try {
8
- const username = request.body.username;
9
- const password = request.body.password;
10
- const userService = UserServiceFactory();
11
- return await userService.auth(username, password);
12
- }
13
- catch (e) {
14
- console.error('/api/auth error', e);
15
- if (e instanceof BadCredentialsError) {
16
- reply.code(401);
17
- reply.send({ error: e.message });
18
- }
19
- reply.code(500);
20
- reply.send({ error: 'error.server' });
21
- }
22
- });
23
- fastify.get('/api/me', async (request, reply) => {
24
- try {
25
- if (request.authUser) {
26
- const userService = UserServiceFactory();
27
- let user = await userService.findById(request.authUser.id);
28
- user.password = undefined;
29
- delete user.password;
30
- return user;
31
- }
32
- else {
33
- throw new UnauthorizedError();
34
- }
35
- }
36
- catch (e) {
37
- if (e instanceof UnauthorizedError) {
38
- reply.code(401);
39
- reply.send({ error: "Unauthorized" });
40
- }
41
- else if (e instanceof UnauthorizedError) {
42
- reply.statusCode = e.statusCode;
43
- reply.send({ error: e.message });
44
- }
45
- else {
46
- reply.statusCode = 500;
47
- reply.send({ error: 'error.server' });
48
- }
49
- }
50
- });
51
- fastify.get('/api/users', async (request, reply) => {
52
- try {
53
- request.rbac.assertPermission(IdentityPermissions.ViewUser);
54
- const page = request.query.page;
55
- const limit = request.query.limit;
56
- const orderBy = request.query.orderBy;
57
- const order = request.query.order;
58
- const search = request.query.search;
59
- const userService = UserServiceFactory();
60
- const filters = [];
61
- if (request.rbac.getAuthUser.tenantId) {
62
- filters.push({ field: 'tenant', operator: 'eq', value: request.rbac.getAuthUser.tenantId });
63
- }
64
- let paginateResult = await userService.paginate({ page, limit, orderBy, order, search, filters });
65
- for (let item of paginateResult.items) {
66
- item.password = undefined;
67
- delete item.password;
68
- }
69
- return paginateResult;
70
- }
71
- catch (e) {
72
- if (e instanceof ValidationError) {
73
- reply.statusCode = e.statusCode;
74
- reply.send({ error: e.message, inputErrors: e.errors });
75
- }
76
- else if (e instanceof UnauthorizedError) {
77
- reply.statusCode = e.statusCode;
78
- reply.send({ error: e.message });
79
- }
80
- else {
81
- reply.statusCode = 500;
82
- reply.send({ error: 'error.server' });
83
- }
84
- }
85
- });
86
- fastify.post('/api/users', async (request, reply) => {
87
- try {
88
- request.rbac.assertPermission(IdentityPermissions.CreateUser);
89
- const payload = request.body;
90
- const userService = UserServiceFactory();
91
- if (request.rbac.getAuthUser.tenantId) {
92
- payload.tenant = request.rbac.getAuthUser.tenantId;
93
- }
94
- let user = await userService.create(payload);
95
- return user;
96
- }
97
- catch (e) {
98
- if (e instanceof ValidationError) {
99
- reply.statusCode = e.statusCode;
100
- reply.send({ error: e.message, inputErrors: e.errors });
101
- }
102
- else if (e instanceof UnauthorizedError) {
103
- reply.statusCode = e.statusCode;
104
- reply.send({ error: e.message });
105
- }
106
- else {
107
- reply.statusCode = 500;
108
- reply.send({ error: 'error.server' });
109
- }
110
- }
111
- });
112
- fastify.put('/api/users/:id', async (request, reply) => {
113
- try {
114
- request.rbac.assertPermission(IdentityPermissions.UpdateUser);
115
- const id = request.params.id;
116
- const payload = request.body;
117
- const userService = UserServiceFactory();
118
- if (request.rbac.getAuthUser.tenantId) {
119
- payload.tenant = request.rbac.getAuthUser.tenantId;
120
- }
121
- let user = await userService.update(id, payload);
122
- return user;
123
- }
124
- catch (e) {
125
- if (e instanceof ValidationError) {
126
- reply.statusCode = e.statusCode;
127
- reply.send({ error: e.message, inputErrors: e.errors });
128
- }
129
- if (e instanceof UnauthorizedError) {
130
- reply.statusCode = e.statusCode;
131
- reply.send({ error: e.message });
132
- }
133
- else if (e instanceof UnauthorizedError) {
134
- reply.statusCode = e.statusCode;
135
- reply.send({ error: e.message });
136
- }
137
- else {
138
- reply.statusCode = 500;
139
- reply.send({ error: 'error.server' });
140
- }
141
- }
142
- });
143
- fastify.delete('/api/users/:id', async (request, reply) => {
144
- try {
145
- request.rbac.assertPermission(IdentityPermissions.DeleteUser);
146
- const id = request.params.id;
147
- const userService = UserServiceFactory();
148
- let r = await userService.delete(id);
149
- return r;
150
- }
151
- catch (e) {
152
- if (e instanceof ValidationError) {
153
- reply.statusCode = e.statusCode;
154
- reply.send({ error: e.message, inputErrors: e.errors });
155
- }
156
- else if (e instanceof UnauthorizedError) {
157
- reply.statusCode = e.statusCode;
158
- reply.send({ error: e.message });
159
- }
160
- else {
161
- reply.statusCode = 500;
162
- reply.send({ error: 'error.server' });
163
- }
164
- }
165
- });
166
- fastify.post('/api/password', async (request, reply) => {
167
- try {
168
- if (!request.authUser) {
169
- throw new UnauthorizedError();
170
- }
171
- const userId = request.authUser.id;
172
- const currentPassword = request.body.currentPassword;
173
- const newPassword = request.body.newPassword;
174
- const userService = UserServiceFactory();
175
- return await userService.changeOwnPassword(userId, currentPassword, newPassword);
176
- }
177
- catch (e) {
178
- console.error('/api/password error', e);
179
- if (e instanceof ValidationError) {
180
- reply.statusCode = e.statusCode;
181
- reply.send({ error: e.message, inputErrors: e.errors });
182
- }
183
- else if (e instanceof UnauthorizedError) {
184
- reply.statusCode = e.statusCode;
185
- reply.send({ error: e.message });
186
- }
187
- else {
188
- reply.statusCode = 500;
189
- reply.send({ error: 'error.server' });
190
- }
191
- }
192
- });
193
- fastify.post('/api/password/:id', async (request, reply) => {
194
- try {
195
- request.rbac.assertPermission(IdentityPermissions.UpdateUser);
196
- const userId = request.params.id;
197
- if (!userId) {
198
- throw new UnauthorizedError();
199
- }
200
- const newPassword = request.body.newPassword;
201
- const userService = UserServiceFactory();
202
- return await userService.changeUserPassword(userId, newPassword);
203
- }
204
- catch (e) {
205
- console.error('/api/password error', e);
206
- if (e instanceof ValidationError) {
207
- reply.statusCode = e.statusCode;
208
- reply.send({ error: e.message, inputErrors: e.errors });
209
- }
210
- else if (e instanceof UnauthorizedError) {
211
- reply.statusCode = e.statusCode;
212
- reply.send({ error: e.message });
213
- }
214
- else {
215
- reply.statusCode = 500;
216
- reply.send({ error: 'error.server' });
217
- }
218
- }
219
- });
3
+ const controller = new UserController();
4
+ fastify.post('/api/auth', (req, rep) => controller.auth(req, rep));
5
+ fastify.get('/api/me', (req, rep) => controller.me(req, rep));
6
+ fastify.get('/api/users', (req, rep) => controller.paginate(req, rep));
7
+ fastify.post('/api/users', (req, rep) => controller.create(req, rep));
8
+ fastify.put('/api/users/:id', (req, rep) => controller.update(req, rep));
9
+ fastify.delete('/api/users/:id', (req, rep) => controller.delete(req, rep));
10
+ fastify.post('/api/password', (req, rep) => controller.myPassword(req, rep));
11
+ fastify.post('/api/password/:id', (req, rep) => controller.password(req, rep));
12
+ fastify.post('/api/user/avatar', (req, rep) => controller.updateAvatar(req, rep));
13
+ fastify.get('/api/user/avatar/:filename', (req, rep) => controller.getAvatar(req, rep));
220
14
  }
221
15
  export default UserRoutes;
222
16
  export { UserRoutes };
package/dist/services/RoleService.js CHANGED
@@ -1,8 +1,10 @@
1
- import { ZodErrorToValidationError } from "@drax/common-back";
1
+ import { UnauthorizedError, ValidationError, ZodErrorToValidationError } from "@drax/common-back";
2
+ import { AbstractService } from "@drax/crud-back";
2
3
  import { roleSchema } from "../zod/RoleZod.js";
3
4
  import { ZodError } from "zod";
4
- class RoleService {
5
+ class RoleService extends AbstractService {
5
6
  constructor(roleRepostitory) {
7
+ super(roleRepostitory, roleSchema);
6
8
  this._repository = roleRepostitory;
7
9
  console.log("RoleService constructor");
8
10
  }
@@ -25,6 +27,10 @@ class RoleService {
25
27
  try {
26
28
  roleData.name = roleData?.name?.trim();
27
29
  await roleSchema.parseAsync(roleData);
30
+ const currentRole = await this.findById(id);
31
+ if (currentRole.readonly) {
32
+ throw new ValidationError([{ field: 'name', reason: "role.readonly", value: roleData.name }]);
33
+ }
28
34
  const role = await this._repository.update(id, roleData);
29
35
  return role;
30
36
  }
@@ -36,7 +42,36 @@ class RoleService {
36
42
  throw e;
37
43
  }
38
44
  }
45
+ async systemUpdate(id, roleData) {
46
+ try {
47
+ roleData.name = roleData?.name?.trim();
48
+ await roleSchema.parseAsync(roleData);
49
+ const role = await this._repository.update(id, roleData);
50
+ return role;
51
+ }
52
+ catch (e) {
53
+ console.error("Error systemUpdating role", e);
54
+ if (e instanceof ZodError) {
55
+ throw ZodErrorToValidationError(e, roleData);
56
+ }
57
+ throw e;
58
+ }
59
+ }
39
60
  async delete(id) {
61
+ try {
62
+ const currentRole = await this.findById(id);
63
+ if (currentRole.readonly) {
64
+ throw new UnauthorizedError();
65
+ }
66
+ const deletedRole = await this._repository.delete(id);
67
+ return deletedRole;
68
+ }
69
+ catch (e) {
70
+ console.error("Error deleting role", e);
71
+ throw e;
72
+ }
73
+ }
74
+ async systemDelete(id) {
40
75
  try {
41
76
  const deletedRole = await this._repository.delete(id);
42
77
  return deletedRole;
@@ -70,6 +105,11 @@ class RoleService {
70
105
  const roles = await this._repository.fetchAll();
71
106
  return roles;
72
107
  }
108
+ async search(value) {
109
+ const limit = 100;
110
+ const roles = await this._repository.search(value, limit);
111
+ return roles;
112
+ }
73
113
  async paginate({ page = 1, limit = 5, orderBy = '', order = false, search = '', filters = [] }) {
74
114
  try {
75
115
  const pagination = await this._repository.paginate({ page, limit, orderBy, order, search, filters });
package/dist/services/TenantService.js CHANGED
@@ -78,6 +78,11 @@ class TenantService extends AbstractService {
78
78
  throw e;
79
79
  }
80
80
  }
81
+ async search(value) {
82
+ const limit = 100;
83
+ const tenants = await this._repository.search(value, limit);
84
+ return tenants;
85
+ }
81
86
  async paginate({ page = 1, limit = 5, orderBy = '', order = false, search = '', filters = [] }) {
82
87
  try {
83
88
  const pagination = await this._repository.paginate({ page, limit, orderBy, order, search, filters });