@flusys/nestjs-iam 0.1.0-alpha.1 → 0.1.0-beta.2

package/cjs/dtos/role.dto.js

@@ -0,0 +1,238 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+    value: true
+});
+function _export(target, all) {
+    for(var name in all)Object.defineProperty(target, name, {
+        enumerable: true,
+        get: Object.getOwnPropertyDescriptor(all, name).get
+    });
+}
+_export(exports, {
+    get CreateRoleDto () {
+        return CreateRoleDto;
+    },
+    get RoleQueryDto () {
+        return RoleQueryDto;
+    },
+    get RoleResponseDto () {
+        return RoleResponseDto;
+    },
+    get UpdateRoleDto () {
+        return UpdateRoleDto;
+    }
+});
+const _swagger = require("@nestjs/swagger");
+const _classvalidator = require("class-validator");
+function _define_property(obj, key, value) {
+    if (key in obj) {
+        Object.defineProperty(obj, key, {
+            value: value,
+            enumerable: true,
+            configurable: true,
+            writable: true
+        });
+    } else {
+        obj[key] = value;
+    }
+    return obj;
+}
+function _ts_decorate(decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for(var i = decorators.length - 1; i >= 0; i--)if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+}
+function _ts_metadata(k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+}
+let CreateRoleDto = class CreateRoleDto {
+    constructor(){
+        _define_property(this, "name", void 0);
+        _define_property(this, "description", void 0);
+        _define_property(this, "companyId", void 0);
+        _define_property(this, "isActive", void 0);
+        _define_property(this, "serial", void 0);
+        _define_property(this, "metadata", void 0);
+    }
+};
+_ts_decorate([
+    (0, _swagger.ApiProperty)({
+        description: 'Role name',
+        example: 'Manager'
+    }),
+    (0, _classvalidator.IsString)(),
+    (0, _classvalidator.IsNotEmpty)(),
+    (0, _classvalidator.MaxLength)(255),
+    _ts_metadata("design:type", String)
+], CreateRoleDto.prototype, "name", void 0);
+_ts_decorate([
+    (0, _swagger.ApiProperty)({
+        description: 'Role description',
+        example: 'Management level access',
+        required: false
+    }),
+    (0, _classvalidator.IsString)(),
+    (0, _classvalidator.IsOptional)(),
+    (0, _classvalidator.MaxLength)(500),
+    _ts_metadata("design:type", String)
+], CreateRoleDto.prototype, "description", void 0);
+_ts_decorate([
+    (0, _swagger.ApiProperty)({
+        description: 'Company ID (scope role to specific company) - Only available when company feature is enabled',
+        example: '123e4567-e89b-12d3-a456-426614174000',
+        required: false
+    }),
+    (0, _classvalidator.IsUUID)(),
+    (0, _classvalidator.IsOptional)(),
+    _ts_metadata("design:type", String)
+], CreateRoleDto.prototype, "companyId", void 0);
+_ts_decorate([
+    (0, _swagger.ApiProperty)({
+        description: 'Active status',
+        default: true,
+        required: false
+    }),
+    (0, _classvalidator.IsBoolean)(),
+    (0, _classvalidator.IsOptional)(),
+    _ts_metadata("design:type", Boolean)
+], CreateRoleDto.prototype, "isActive", void 0);
+_ts_decorate([
+    (0, _swagger.ApiProperty)({
+        description: 'Display order',
+        required: false
+    }),
+    (0, _classvalidator.IsInt)(),
+    (0, _classvalidator.IsOptional)(),
+    _ts_metadata("design:type", Number)
+], CreateRoleDto.prototype, "serial", void 0);
+_ts_decorate([
+    (0, _swagger.ApiProperty)({
+        description: 'Additional metadata',
+        required: false
+    }),
+    (0, _classvalidator.IsOptional)(),
+    _ts_metadata("design:type", typeof Record === "undefined" ? Object : Record)
+], CreateRoleDto.prototype, "metadata", void 0);
+let UpdateRoleDto = class UpdateRoleDto extends (0, _swagger.PartialType)(CreateRoleDto) {
+    constructor(...args){
+        super(...args), _define_property(this, "id", void 0);
+    }
+};
+_ts_decorate([
+    (0, _swagger.ApiProperty)({
+        description: 'Role ID',
+        example: '123e4567-e89b-12d3-a456-426614174000'
+    }),
+    (0, _classvalidator.IsUUID)(),
+    (0, _classvalidator.IsNotEmpty)(),
+    _ts_metadata("design:type", String)
+], UpdateRoleDto.prototype, "id", void 0);
+let RoleQueryDto = class RoleQueryDto {
+    constructor(){
+        _define_property(this, "companyId", void 0);
+        _define_property(this, "isActive", void 0);
+    }
+};
+_ts_decorate([
+    (0, _swagger.ApiProperty)({
+        description: 'Filter by company ID - Only available when company feature is enabled',
+        required: false
+    }),
+    (0, _classvalidator.IsUUID)(),
+    (0, _classvalidator.IsOptional)(),
+    _ts_metadata("design:type", String)
+], RoleQueryDto.prototype, "companyId", void 0);
+_ts_decorate([
+    (0, _swagger.ApiProperty)({
+        description: 'Filter by active status',
+        required: false
+    }),
+    (0, _classvalidator.IsBoolean)(),
+    (0, _classvalidator.IsOptional)(),
+    _ts_metadata("design:type", Boolean)
+], RoleQueryDto.prototype, "isActive", void 0);
+let RoleResponseDto = class RoleResponseDto {
+    constructor(){
+        _define_property(this, "id", void 0);
+        _define_property(this, "readOnly", void 0);
+        _define_property(this, "name", void 0);
+        _define_property(this, "description", void 0);
+        _define_property(this, "companyId", void 0);
+        _define_property(this, "isActive", void 0);
+        _define_property(this, "serial", void 0);
+        _define_property(this, "metadata", void 0);
+        _define_property(this, "createdAt", void 0);
+        _define_property(this, "updatedAt", void 0);
+        _define_property(this, "deletedAt", void 0);
+        _define_property(this, "createdById", void 0);
+        _define_property(this, "updatedById", void 0);
+        _define_property(this, "deletedById", void 0);
+    }
+};
+_ts_decorate([
+    (0, _swagger.ApiProperty)(),
+    _ts_metadata("design:type", String)
+], RoleResponseDto.prototype, "id", void 0);
+_ts_decorate([
+    (0, _swagger.ApiProperty)(),
+    _ts_metadata("design:type", Boolean)
+], RoleResponseDto.prototype, "readOnly", void 0);
+_ts_decorate([
+    (0, _swagger.ApiProperty)(),
+    _ts_metadata("design:type", String)
+], RoleResponseDto.prototype, "name", void 0);
+_ts_decorate([
+    (0, _swagger.ApiProperty)(),
+    _ts_metadata("design:type", Object)
+], RoleResponseDto.prototype, "description", void 0);
+_ts_decorate([
+    (0, _swagger.ApiProperty)(),
+    _ts_metadata("design:type", Object)
+], RoleResponseDto.prototype, "companyId", void 0);
+_ts_decorate([
+    (0, _swagger.ApiProperty)(),
+    _ts_metadata("design:type", Boolean)
+], RoleResponseDto.prototype, "isActive", void 0);
+_ts_decorate([
+    (0, _swagger.ApiProperty)(),
+    _ts_metadata("design:type", Object)
+], RoleResponseDto.prototype, "serial", void 0);
+_ts_decorate([
+    (0, _swagger.ApiProperty)({
+        required: false
+    }),
+    _ts_metadata("design:type", Object)
+], RoleResponseDto.prototype, "metadata", void 0);
+_ts_decorate([
+    (0, _swagger.ApiProperty)(),
+    _ts_metadata("design:type", typeof Date === "undefined" ? Object : Date)
+], RoleResponseDto.prototype, "createdAt", void 0);
+_ts_decorate([
+    (0, _swagger.ApiProperty)(),
+    _ts_metadata("design:type", typeof Date === "undefined" ? Object : Date)
+], RoleResponseDto.prototype, "updatedAt", void 0);
+_ts_decorate([
+    (0, _swagger.ApiProperty)({
+        required: false
+    }),
+    _ts_metadata("design:type", Object)
+], RoleResponseDto.prototype, "deletedAt", void 0);
+_ts_decorate([
+    (0, _swagger.ApiProperty)({
+        required: false
+    }),
+    _ts_metadata("design:type", Object)
+], RoleResponseDto.prototype, "createdById", void 0);
+_ts_decorate([
+    (0, _swagger.ApiProperty)({
+        required: false
+    }),
+    _ts_metadata("design:type", Object)
+], RoleResponseDto.prototype, "updatedById", void 0);
+_ts_decorate([
+    (0, _swagger.ApiProperty)({
+        required: false
+    }),
+    _ts_metadata("design:type", Object)
+], RoleResponseDto.prototype, "deletedById", void 0);

package/cjs/entities/action-base.entity.js

@@ -0,0 +1,135 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+    value: true
+});
+Object.defineProperty(exports, "ActionBase", {
+    enumerable: true,
+    get: function() {
+        return ActionBase;
+    }
+});
+const _nestjsshared = require("@flusys/nestjs-shared");
+const _typeorm = require("typeorm");
+const _enums = require("../enums");
+function _define_property(obj, key, value) {
+    if (key in obj) {
+        Object.defineProperty(obj, key, {
+            value: value,
+            enumerable: true,
+            configurable: true,
+            writable: true
+        });
+    } else {
+        obj[key] = value;
+    }
+    return obj;
+}
+function _ts_decorate(decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for(var i = decorators.length - 1; i >= 0; i--)if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+}
+function _ts_metadata(k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+}
+let ActionBase = class ActionBase extends _nestjsshared.Identity {
+    constructor(...args){
+        super(...args), _define_property(this, "readOnly", void 0), _define_property(this, "name", void 0), _define_property(this, "description", void 0), _define_property(this, "code", void 0), _define_property(this, "actionType", void 0), _define_property(this, "permissionLogic", void 0), _define_property(this, "serial", void 0), _define_property(this, "isActive", void 0), _define_property(this, "parent", void 0), _define_property(this, "parentId", void 0), _define_property(this, "children", void 0), _define_property(this, "metadata", void 0);
+    }
+};
+_ts_decorate([
+    (0, _typeorm.Column)({
+        type: 'boolean',
+        nullable: false,
+        default: false,
+        name: 'read_only'
+    }),
+    _ts_metadata("design:type", Boolean)
+], ActionBase.prototype, "readOnly", void 0);
+_ts_decorate([
+    (0, _typeorm.Column)({
+        type: 'varchar',
+        length: 255,
+        nullable: false
+    }),
+    _ts_metadata("design:type", String)
+], ActionBase.prototype, "name", void 0);
+_ts_decorate([
+    (0, _typeorm.Column)({
+        type: 'varchar',
+        length: 500,
+        nullable: true
+    }),
+    _ts_metadata("design:type", Object)
+], ActionBase.prototype, "description", void 0);
+_ts_decorate([
+    (0, _typeorm.Column)({
+        type: 'varchar',
+        length: 255,
+        nullable: true,
+        unique: true
+    }),
+    _ts_metadata("design:type", Object)
+], ActionBase.prototype, "code", void 0);
+_ts_decorate([
+    (0, _typeorm.Column)({
+        type: 'enum',
+        enum: _enums.ActionType,
+        nullable: false,
+        default: _enums.ActionType.BACKEND,
+        name: 'action_type'
+    }),
+    _ts_metadata("design:type", typeof _enums.ActionType === "undefined" ? Object : _enums.ActionType)
+], ActionBase.prototype, "actionType", void 0);
+_ts_decorate([
+    (0, _typeorm.Column)('simple-json', {
+        nullable: true,
+        name: 'permission_logic'
+    }),
+    _ts_metadata("design:type", Object)
+], ActionBase.prototype, "permissionLogic", void 0);
+_ts_decorate([
+    (0, _typeorm.Column)({
+        type: 'int',
+        nullable: true
+    }),
+    _ts_metadata("design:type", Object)
+], ActionBase.prototype, "serial", void 0);
+_ts_decorate([
+    (0, _typeorm.Column)({
+        type: 'boolean',
+        nullable: false,
+        default: true,
+        name: 'is_active'
+    }),
+    _ts_metadata("design:type", Boolean)
+], ActionBase.prototype, "isActive", void 0);
+_ts_decorate([
+    (0, _typeorm.ManyToOne)('Action', 'children', {
+        nullable: true,
+        onDelete: 'CASCADE'
+    }),
+    (0, _typeorm.JoinColumn)({
+        name: 'parent_id'
+    }),
+    _ts_metadata("design:type", Object)
+], ActionBase.prototype, "parent", void 0);
+_ts_decorate([
+    (0, _typeorm.Column)({
+        type: 'uuid',
+        nullable: true,
+        name: 'parent_id'
+    }),
+    _ts_metadata("design:type", Object)
+], ActionBase.prototype, "parentId", void 0);
+_ts_decorate([
+    (0, _typeorm.OneToMany)('Action', 'parent'),
+    _ts_metadata("design:type", Array)
+], ActionBase.prototype, "children", void 0);
+_ts_decorate([
+    (0, _typeorm.Column)('simple-json', {
+        nullable: true
+    }),
+    _ts_metadata("design:type", Object)
+], ActionBase.prototype, "metadata", void 0);

package/cjs/entities/action.entity.js

@@ -0,0 +1,28 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+    value: true
+});
+Object.defineProperty(exports, "Action", {
+    enumerable: true,
+    get: function() {
+        return Action;
+    }
+});
+const _typeorm = require("typeorm");
+const _actionbaseentity = require("./action-base.entity");
+function _ts_decorate(decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for(var i = decorators.length - 1; i >= 0; i--)if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+}
+let Action = class Action extends _actionbaseentity.ActionBase {
+};
+Action = _ts_decorate([
+    (0, _typeorm.Entity)({
+        name: 'action'
+    }),
+    (0, _typeorm.Index)([
+        'parentId'
+    ])
+], Action);

package/cjs/entities/index.js

@@ -0,0 +1,81 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+    value: true
+});
+function _export(target, all) {
+    for(var name in all)Object.defineProperty(target, name, {
+        enumerable: true,
+        get: Object.getOwnPropertyDescriptor(all, name).get
+    });
+}
+_export(exports, {
+    get IAMAllEntities () {
+        return IAMAllEntities;
+    },
+    get IAMCompanyEntities () {
+        return IAMCompanyEntities;
+    },
+    get IAMCoreEntities () {
+        return IAMCoreEntities;
+    },
+    get getIAMEntitiesByConfig () {
+        return getIAMEntitiesByConfig;
+    }
+});
+_export_star(require("./action-base.entity"), exports);
+const _actionentity = _export_star(require("./action.entity"), exports);
+_export_star(require("./permission-base.entity"), exports);
+const _permissionwithcompanyentity = _export_star(require("./permission-with-company.entity"), exports);
+_export_star(require("./role-base.entity"), exports);
+const _rolewithcompanyentity = _export_star(require("./role-with-company.entity"), exports);
+const _roleentity = _export_star(require("./role.entity"), exports);
+const _useriampermissionentity = _export_star(require("./user-iam-permission.entity"), exports);
+function _export_star(from, to) {
+    Object.keys(from).forEach(function(k) {
+        if (k !== "default" && !Object.prototype.hasOwnProperty.call(to, k)) {
+            Object.defineProperty(to, k, {
+                enumerable: true,
+                get: function() {
+                    return from[k];
+                }
+            });
+        }
+    });
+    return from;
+}
+const IAMCoreEntities = [
+    _actionentity.Action,
+    _roleentity.Role,
+    _useriampermissionentity.UserIamPermission
+];
+const IAMCompanyEntities = [
+    _rolewithcompanyentity.RoleWithCompany,
+    _permissionwithcompanyentity.UserIamPermissionWithCompany
+];
+const IAMAllEntities = [
+    _actionentity.Action,
+    _roleentity.Role,
+    _rolewithcompanyentity.RoleWithCompany,
+    _useriampermissionentity.UserIamPermission,
+    _permissionwithcompanyentity.UserIamPermissionWithCompany
+];
+function getIAMEntitiesByConfig(enableCompanyFeature, permissionMode = 'FULL') {
+    const entities = [
+        _actionentity.Action
+    ];
+    // Permission entity - always included
+    if (enableCompanyFeature) {
+        entities.push(_permissionwithcompanyentity.UserIamPermissionWithCompany);
+    } else {
+        entities.push(_useriampermissionentity.UserIamPermission);
+    }
+    // Role entity - Only for RBAC or FULL mode (not DIRECT)
+    if (permissionMode === 'RBAC' || permissionMode === 'FULL') {
+        if (enableCompanyFeature) {
+            entities.push(_rolewithcompanyentity.RoleWithCompany);
+        } else {
+            entities.push(_roleentity.Role);
+        }
+    }
+    return entities;
+}

package/cjs/entities/permission-base.entity.js

@@ -0,0 +1,156 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+    value: true
+});
+function _export(target, all) {
+    for(var name in all)Object.defineProperty(target, name, {
+        enumerable: true,
+        get: Object.getOwnPropertyDescriptor(all, name).get
+    });
+}
+_export(exports, {
+    get IamEntityType () {
+        return IamEntityType;
+    },
+    get IamPermissionType () {
+        return IamPermissionType;
+    },
+    get PermissionBase () {
+        return PermissionBase;
+    }
+});
+const _nestjsshared = require("@flusys/nestjs-shared");
+const _typeorm = require("typeorm");
+function _define_property(obj, key, value) {
+    if (key in obj) {
+        Object.defineProperty(obj, key, {
+            value: value,
+            enumerable: true,
+            configurable: true,
+            writable: true
+        });
+    } else {
+        obj[key] = value;
+    }
+    return obj;
+}
+function _ts_decorate(decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for(var i = decorators.length - 1; i >= 0; i--)if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+}
+function _ts_metadata(k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+}
+var IamPermissionType = /*#__PURE__*/ function(IamPermissionType) {
+    IamPermissionType["USER_ROLE"] = "user_role";
+    IamPermissionType["ROLE_ACTION"] = "role_action";
+    IamPermissionType["USER_ACTION"] = "user_action";
+    IamPermissionType["COMPANY_ACTION"] = "company_action";
+    return IamPermissionType;
+}({});
+var IamEntityType = /*#__PURE__*/ function(IamEntityType) {
+    IamEntityType["USER"] = "user";
+    IamEntityType["ROLE"] = "role";
+    IamEntityType["ACTION"] = "action";
+    IamEntityType["COMPANY"] = "company";
+    return IamEntityType;
+}({});
+let PermissionBase = class PermissionBase extends _nestjsshared.Identity {
+    isUserRole() {
+        return this.permissionType === "user_role";
+    }
+    isRoleAction() {
+        return this.permissionType === "role_action";
+    }
+    isUserAction() {
+        return this.permissionType === "user_action";
+    }
+    isCompanyAction() {
+        return this.permissionType === "company_action";
+    }
+    isValid(now = new Date()) {
+        if (this.validFrom && now < this.validFrom) return false;
+        if (this.validUntil && now > this.validUntil) return false;
+        return true;
+    }
+    constructor(...args){
+        super(...args), _define_property(this, "permissionType", void 0), _define_property(this, "sourceType", void 0), _define_property(this, "sourceId", void 0), _define_property(this, "targetType", void 0), _define_property(this, "targetId", void 0), _define_property(this, "userId", void 0), _define_property(this, "validFrom", void 0), _define_property(this, "validUntil", void 0), _define_property(this, "reason", void 0), _define_property(this, "metadata", void 0);
+    }
+};
+_ts_decorate([
+    (0, _typeorm.Column)({
+        type: 'enum',
+        enum: IamPermissionType,
+        name: 'permission_type'
+    }),
+    _ts_metadata("design:type", String)
+], PermissionBase.prototype, "permissionType", void 0);
+_ts_decorate([
+    (0, _typeorm.Column)({
+        type: 'enum',
+        enum: IamEntityType,
+        name: 'source_type'
+    }),
+    _ts_metadata("design:type", String)
+], PermissionBase.prototype, "sourceType", void 0);
+_ts_decorate([
+    (0, _typeorm.Column)({
+        type: 'uuid',
+        name: 'source_id'
+    }),
+    _ts_metadata("design:type", String)
+], PermissionBase.prototype, "sourceId", void 0);
+_ts_decorate([
+    (0, _typeorm.Column)({
+        type: 'enum',
+        enum: IamEntityType,
+        name: 'target_type'
+    }),
+    _ts_metadata("design:type", String)
+], PermissionBase.prototype, "targetType", void 0);
+_ts_decorate([
+    (0, _typeorm.Column)({
+        type: 'uuid',
+        name: 'target_id'
+    }),
+    _ts_metadata("design:type", String)
+], PermissionBase.prototype, "targetId", void 0);
+_ts_decorate([
+    (0, _typeorm.Column)({
+        type: 'uuid',
+        nullable: true,
+        name: 'user_id'
+    }),
+    _ts_metadata("design:type", Object)
+], PermissionBase.prototype, "userId", void 0);
+_ts_decorate([
+    (0, _typeorm.Column)({
+        type: 'timestamp',
+        nullable: true,
+        name: 'valid_from'
+    }),
+    _ts_metadata("design:type", Object)
+], PermissionBase.prototype, "validFrom", void 0);
+_ts_decorate([
+    (0, _typeorm.Column)({
+        type: 'timestamp',
+        nullable: true,
+        name: 'valid_until'
+    }),
+    _ts_metadata("design:type", Object)
+], PermissionBase.prototype, "validUntil", void 0);
+_ts_decorate([
+    (0, _typeorm.Column)({
+        type: 'text',
+        nullable: true
+    }),
+    _ts_metadata("design:type", Object)
+], PermissionBase.prototype, "reason", void 0);
+_ts_decorate([
+    (0, _typeorm.Column)('simple-json', {
+        nullable: true
+    }),
+    _ts_metadata("design:type", Object)
+], PermissionBase.prototype, "metadata", void 0);