@firecms/user_management 3.0.0-canary.9 → 3.0.0-canary.91

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@firecms/user_management",
   "type": "module",
-  "version": "3.0.0-canary.9",
+  "version": "3.0.0-canary.91",
   "publishConfig": {
     "access": "public"
   },
@@ -24,36 +24,26 @@
     },
     "./package.json": "./package.json"
   },
-  "packageManager": "yarn@4.1.0",
   "main": "./dist/index.umd.js",
   "module": "./dist/index.es.js",
   "types": "dist/index.d.ts",
   "source": "src/index.ts",
   "dependencies": {
-    "@firecms/core": "^3.0.0-canary.9",
-    "@firecms/formex": "^3.0.0-canary.9",
-    "@firecms/ui": "^3.0.0-canary.9",
+    "@firecms/core": "^3.0.0-canary.91",
+    "@firecms/formex": "^3.0.0-canary.91",
+    "@firecms/ui": "^3.0.0-canary.91",
     "date-fns": "^3.6.0"
   },
   "peerDependencies": {
-    "firebase": "^10.7.1",
-    "react": "^18.2.0",
-    "react-dom": "^18.2.0"
+    "react": "^18.3.1",
+    "react-dom": "^18.3.1"
   },
   "devDependencies": {
-    "@types/node": "^20.11.30",
-    "@types/react": "^18.2.67",
-    "@types/react-dom": "^18.2.22",
-    "@typescript-eslint/parser": "^7.3.1",
-    "eslint": "^8.57.0",
-    "eslint-config-standard": "^17.1.0",
-    "eslint-plugin-import": "^2.29.1",
-    "eslint-plugin-n": "^16.6.2",
-    "eslint-plugin-promise": "^6.1.1",
-    "eslint-plugin-react": "^7.34.1",
-    "eslint-plugin-react-hooks": "^4.6.0",
-    "typescript": "^5.4.2",
-    "vite": "^5.1.6"
+    "@types/node": "^20.14.12",
+    "@types/react": "^18.3.3",
+    "@types/react-dom": "^18.3.0",
+    "typescript": "^5.5.4",
+    "vite": "^5.3.4"
   },
   "scripts": {
     "dev": "vite",
@@ -65,11 +55,5 @@
     "src",
     "bin"
   ],
-  "eslintConfig": {
-    "extends": [
-      "react-app",
-      "react-app/jest"
-    ]
-  },
-  "gitHead": "5bd7f971be5956d225835af3b6cbe9f71d3e7e50"
+  "gitHead": "fc773194d8166c27d04bc69fec41b171a5b3e2df"
 }

package/src/components/users/UserDetailsForm.tsx

@@ -12,7 +12,7 @@ import {
     TextField,
     Typography,
 } from "@firecms/ui";
-import { FieldCaption, Role, User, useSnackbarController } from "@firecms/core";
+import { FieldCaption, Role, useAuthController, User, useSnackbarController } from "@firecms/core";
 import { Formex, useCreateFormex } from "@firecms/formex";
 
 import { areRolesEqual } from "../../utils";
@@ -56,7 +56,9 @@ export function UserDetailsForm({
 
     const snackbarController = useSnackbarController();
     const {
-        loggedInUser,
+        user: loggedInUser
+    } = useAuthController();
+    const {
         saveUser,
         users,
         roles,

package/src/hooks/index.ts

@@ -1,2 +1,2 @@
-export * from "./useBuildFirestoreUserManagement";
+export * from "./useBuildUserManagement";
 export * from "./useUserManagement";

package/src/hooks/useBuildUserManagement.tsx

@@ -0,0 +1,295 @@
+import React, { useCallback, useEffect } from "react";
+import equal from "react-fast-compare"
+
+import { UserManagement } from "../types";
+import { Authenticator, DataSourceDelegate, Entity, PermissionsBuilder, Role, User } from "@firecms/core";
+import { resolveUserRolePermissions } from "../utils";
+
+type UserWithRoleIds = User & { roles: string[] };
+
+export interface UserManagementParams {
+
+    /**
+     * The delegate in charge of persisting the data.
+     */
+    dataSourceDelegate?: DataSourceDelegate;
+
+    /**
+     * Path where the plugin users configuration is stored.
+     * Default: __FIRECMS/config/users
+     * You can specify a different path if you want to store the user management configuration in a different place.
+     * Please keep in mind that the FireCMS users are not necessarily the same as the Firebase users (but they can be).
+     * The path should be relative to the root of the database, and should always have an odd number of segments.
+     */
+    usersPath?: string;
+
+    /**
+     * Path where the plugin roles configuration is stored.
+     * Default: __FIRECMS/config/roles
+     */
+    rolesPath?: string;
+
+    /**
+     * Maximum number of users that can be created.
+     */
+    usersLimit?: number;
+
+    /**
+     * Can the logged user edit roles
+     */
+    canEditRoles?: boolean;
+
+    /**
+     * If there are no roles in the database, provide a button to create the default roles.
+     */
+    allowDefaultRolesCreation?: boolean;
+
+    /**
+     * Include the collection config permissions in the user management system.
+     */
+    includeCollectionConfigPermissions?: boolean;
+
+}
+
+/**
+ * This hook is used to build a user management object that can be used to
+ * manage users and roles in a Firestore backend.
+ * @param dataSourceDelegate
+ * @param usersPath
+ * @param rolesPath
+ * @param usersLimit
+ * @param canEditRoles
+ * @param allowDefaultRolesCreation
+ * @param includeCollectionConfigPermissions
+ */
+export function useBuildUserManagement({
+                                           dataSourceDelegate,
+                                           usersPath = "__FIRECMS/config/users",
+                                           rolesPath = "__FIRECMS/config/roles",
+                                           usersLimit,
+                                           canEditRoles = true,
+                                           allowDefaultRolesCreation,
+                                           includeCollectionConfigPermissions
+                                       }: UserManagementParams): UserManagement {
+
+    const [rolesLoading, setRolesLoading] = React.useState<boolean>(true);
+    const [usersLoading, setUsersLoading] = React.useState<boolean>(true);
+    const [roles, setRoles] = React.useState<Role[]>([]);
+    const [usersWithRoleIds, setUsersWithRoleIds] = React.useState<UserWithRoleIds[]>([]);
+
+    const users = usersWithRoleIds.map(u => ({
+        ...u,
+        roles: roles.filter(r => u.roles?.includes(r.id))
+    }) as User);
+
+    const [rolesError, setRolesError] = React.useState<Error | undefined>();
+    const [usersError, setUsersError] = React.useState<Error | undefined>();
+
+    const loading = rolesLoading || usersLoading;
+
+    useEffect(() => {
+        if (!dataSourceDelegate || !rolesPath) return;
+        if (dataSourceDelegate.initialised !== undefined && !dataSourceDelegate.initialised) return;
+
+        return dataSourceDelegate.listenCollection?.({
+            path: rolesPath,
+            onUpdate(entities: Entity<any>[]): void {
+                setRolesError(undefined);
+                try {
+                    const newRoles = entityToRoles(entities);
+                    if (!equal(newRoles, roles))
+                        setRoles(newRoles);
+                } catch (e) {
+                    console.error("Error loading roles", e);
+                    setRolesError(e as Error);
+                }
+                setRolesLoading(false);
+            },
+            onError(e: any): void {
+                console.error("Error loading roles", e);
+                setRolesError(e);
+                setRolesLoading(false);
+            }
+        });
+
+    }, [dataSourceDelegate, rolesPath]);
+
+    useEffect(() => {
+        if (!dataSourceDelegate || !usersPath) return;
+        if (dataSourceDelegate.initialised !== undefined && !dataSourceDelegate.initialised) return;
+
+        return dataSourceDelegate.listenCollection?.({
+            path: usersPath,
+            onUpdate(entities: Entity<any>[]): void {
+                setUsersError(undefined);
+                try {
+                    const newUsers = entitiesToUsers(entities);
+                    if (!equal(newUsers, usersWithRoleIds))
+                        setUsersWithRoleIds(newUsers);
+                } catch (e) {
+                    console.error("Error loading users", e);
+                    setUsersError(e as Error);
+                }
+                setUsersLoading(false);
+            },
+            onError(e: any): void {
+                console.error("Error loading users", e);
+                setUsersError(e);
+                setUsersLoading(false);
+            }
+        });
+
+    }, [dataSourceDelegate, usersPath]);
+
+    const saveUser = useCallback(async (user: User): Promise<User> => {
+        if (!dataSourceDelegate) throw Error("useBuildUserManagement Firebase not initialised");
+        if (!usersPath) throw Error("useBuildUserManagement Firestore not initialised");
+
+        console.debug("Persisting user", user);
+
+        const roleIds = user.roles?.map(r => r.id);
+        const {
+            uid,
+            ...userData
+        } = user;
+        const data = {
+            ...userData,
+            roles: roleIds
+        };
+        if (uid) {
+            return dataSourceDelegate.saveEntity({
+                status: "existing",
+                path: usersPath,
+                entityId: uid,
+                values: data
+            }).then(() => user);
+        } else {
+            return dataSourceDelegate.saveEntity({
+                status: "new",
+                path: usersPath,
+                values: data
+            }).then(() => user);
+        }
+    }, [usersPath, dataSourceDelegate]);
+
+    const saveRole = useCallback((role: Role): Promise<void> => {
+        if (!dataSourceDelegate) throw Error("useBuildUserManagement Firebase not initialised");
+        if (!rolesPath) throw Error("useBuildUserManagement Firestore not initialised");
+        console.debug("Persisting role", role);
+        const {
+            id,
+            ...roleData
+        } = role;
+        return dataSourceDelegate.saveEntity({
+            status: "existing",
+            path: rolesPath,
+            entityId: id,
+            values: roleData
+        }).then(() => {
+            return;
+        });
+    }, [rolesPath, dataSourceDelegate]);
+
+    const deleteUser = useCallback(async (user: User): Promise<void> => {
+        if (!dataSourceDelegate) throw Error("useBuildUserManagement Firebase not initialised");
+        if (!usersPath) throw Error("useBuildUserManagement Firestore not initialised");
+        console.debug("Deleting", user);
+        const { uid } = user;
+        const entity: Entity<any> = {
+            path: usersPath,
+            id: uid,
+            values: {}
+        };
+        await dataSourceDelegate.deleteEntity({ entity })
+    }, [usersPath, dataSourceDelegate]);
+
+    const deleteRole = useCallback(async (role: Role): Promise<void> => {
+        if (!dataSourceDelegate) throw Error("useBuildUserManagement Firebase not initialised");
+        if (!rolesPath) throw Error("useBuildUserManagement Firestore not initialised");
+        console.debug("Deleting", role);
+        const { id } = role;
+        const entity: Entity<any> = {
+            path: usersPath,
+            id: id,
+            values: {}
+        };
+        await dataSourceDelegate.deleteEntity({ entity })
+    }, [rolesPath, dataSourceDelegate]);
+
+    const collectionPermissions: PermissionsBuilder = useCallback(({
+                                                                       collection,
+                                                                       user
+                                                                   }) => resolveUserRolePermissions({
+        collection,
+        user
+    }), []);
+
+    const defineRolesFor: ((user: User) => Role[] | undefined) = useCallback((user) => {
+        if (!users) throw Error("Users not loaded");
+        const mgmtUser = users.find(u => u.email?.toLowerCase() === user?.email?.toLowerCase());
+        return mgmtUser?.roles;
+    }, [users]);
+
+    const authenticator: Authenticator = useCallback(({ user }) => {
+        console.debug("Authenticating user", user);
+
+        if (loading) {
+            console.warn("User management is still loading");
+            return false;
+        }
+
+        // This is an example of how you can link the access system to the user management plugin
+        if (users.length === 0) {
+            return true; // If there are no users created yet, we allow access to every user
+        }
+
+        const mgmtUser = users.find(u => u.email?.toLowerCase() === user?.email?.toLowerCase());
+        if (mgmtUser) {
+            return true;
+        }
+
+        throw Error("Could not find a user with the provided email in the user management system.");
+    }, [loading, users]);
+
+    const isAdmin = roles.some(r => r.id === "admin");
+
+    return {
+        loading,
+        roles,
+        users,
+        saveUser,
+        saveRole,
+        rolesError,
+        deleteUser,
+        deleteRole,
+        usersLimit,
+        usersError,
+        isAdmin,
+        canEditRoles: canEditRoles === undefined ? true : canEditRoles,
+        allowDefaultRolesCreation: allowDefaultRolesCreation === undefined ? true : allowDefaultRolesCreation,
+        includeCollectionConfigPermissions: Boolean(includeCollectionConfigPermissions),
+        collectionPermissions,
+        defineRolesFor,
+        authenticator
+    }
+}
+
+const entitiesToUsers = (docs: Entity<Omit<UserWithRoleIds, "id">>[]): (UserWithRoleIds)[] => {
+    return docs.map((doc) => {
+        const data = doc.values as any;
+        const newVar = {
+            uid: doc.id,
+            ...data,
+            created_on: data?.created_on,
+            updated_on: data?.updated_on
+        };
+        return newVar as (UserWithRoleIds);
+    });
+}
+
+const entityToRoles = (entities: Entity<Omit<Role, "id">>[]): Role[] => {
+    return entities.map((doc) => ({
+        id: doc.id,
+        ...doc.values
+    } as Role));
+}

package/src/types/user_management.tsx

@@ -1,16 +1,9 @@
-import { PermissionsBuilder, Role, User } from "@firecms/core";
+import { Authenticator, PermissionsBuilder, Role, User } from "@firecms/core";
 
 export type UserManagement<USER extends User = User> = {
 
     loading: boolean;
 
-    /**
-     * The user currently logged in, in the user management system.
-     * This is the same user that is logged in the Authenticator, but with the roles
-     * and permissions loaded.
-     */
-    loggedInUser: USER | undefined;
-
     users: USER[];
     saveUser: (user: USER) => Promise<USER>;
     deleteUser: (user: USER) => Promise<void>;
@@ -29,6 +22,11 @@ export type UserManagement<USER extends User = User> = {
      */
     canEditRoles?: boolean;
 
+    /**
+     * Is the logged user Admin?
+     */
+    isAdmin?: boolean;
+
     /**
      * Include a button to create default roles, in case there are no roles in the system.
      */
@@ -45,4 +43,19 @@ export type UserManagement<USER extends User = User> = {
      */
     collectionPermissions: PermissionsBuilder;
 
+    /**
+     * Define the roles for a given user. You will typically want to plug this into your auth controller.
+     * @param user
+     */
+    defineRolesFor: (user: User) => Promise<Role[] | undefined> | Role[] | undefined;
+
+    /**
+     * You can build an authenticator callback from the current configuration of the user management.
+     * It will only allow access to users with the required roles.
+     */
+    authenticator?: Authenticator;
+
+    rolesError?: Error;
+    usersError?: Error;
+
 };

package/src/useUserManagementPlugin.tsx

@@ -1,13 +1,28 @@
-import { FireCMSPlugin } from "@firecms/core";
+import { FireCMSPlugin, useAuthController, useSnackbarController } from "@firecms/core";
 import { UserManagementProvider } from "./UserManagementProvider";
-import { UserManagement } from "./types";
+import { PersistedUser, UserManagement } from "./types";
+import { AddIcon, Button, Paper, Typography } from "@firecms/ui";
+import { DEFAULT_ROLES } from "./components/roles/default_roles";
 
 export function useUserManagementPlugin({ userManagement }: {
     userManagement: UserManagement,
 }): FireCMSPlugin {
+
+    const noUsers = userManagement.users.length === 0;
+    const noRoles = userManagement.roles.length === 0;
+
     return {
-        name: "User management plugin",
+        key: "user_management",
         loading: userManagement.loading,
+
+        homePage: {
+            additionalChildrenStart: noUsers || noRoles
+                ? <IntroWidget
+                    noUsers={noUsers}
+                    noRoles={noRoles}
+                    userManagement={userManagement}/>
+                : undefined
+        },
         provider: {
             Component: UserManagementProvider,
             props: {
@@ -16,3 +31,74 @@ export function useUserManagementPlugin({ userManagement }: {
         }
     }
 }
+
+export function IntroWidget({
+                                noUsers,
+                                noRoles,
+                                userManagement
+                            }: {
+    noUsers: boolean;
+    noRoles: boolean;
+    userManagement: UserManagement<PersistedUser>;
+}) {
+
+    const authController = useAuthController();
+    const snackbarController = useSnackbarController();
+
+    const buttonLabel = noUsers && noRoles
+        ? "Create default roles and add current user as admin"
+        : noUsers
+            ? "Add current user as admin"
+            : noRoles ? "Create default roles" : undefined;
+
+    return (
+        <Paper
+            className={"my-4 flex flex-col px-4 py-6 bg-white dark:bg-slate-800 gap-2"}>
+            <Typography variant={"subtitle2"} className={"uppercase"}>Create your users and roles</Typography>
+            <Typography>
+                You have no users or roles defined. You can create default roles and add the current user as admin.
+            </Typography>
+            <Button onClick={() => {
+                if (!authController.user?.uid) {
+                    throw Error("UsersTable, authController misconfiguration");
+                }
+                if (noUsers) {
+                    userManagement.saveUser({
+                        uid: authController.user?.uid,
+                        email: authController.user?.email,
+                        displayName: authController.user?.displayName,
+                        photoURL: authController.user?.photoURL,
+                        providerId: authController.user?.providerId,
+                        isAnonymous: authController.user?.isAnonymous,
+                        roles: [{
+                            id: "admin",
+                            name: "Admin"
+                        }],
+                        created_on: new Date()
+                    })
+                        .then(() => {
+                            snackbarController.open({
+                                type: "success",
+                                message: "User added successfully"
+                            })
+                        })
+                        .catch((error) => {
+                            snackbarController.open({
+                                type: "error",
+                                message: "Error adding user: " + error.message
+                            })
+                        });
+                }
+                if (noRoles) {
+                    DEFAULT_ROLES.forEach((role) => {
+                        userManagement.saveRole(role);
+                    });
+                }
+            }}>
+                <AddIcon/>
+                {buttonLabel}
+            </Button>
+        </Paper>
+    );
+
+}

package/src/utils/permissions.ts

@@ -10,7 +10,10 @@ const DEFAULT_PERMISSIONS = {
 };
 
 export function resolveUserRolePermissions<UserType extends User>
-({ collection, user }: {
+({
+     collection,
+     user
+ }: {
     collection: EntityCollection<any>,
     user: UserType | null
 }): Permissions {