@friggframework/core 2.0.0-next.6 → 2.0.0-next.60

package/user/repositories/user-repository-interface.js

@@ -0,0 +1,201 @@
+/**
+ * User Repository Interface
+ * Abstract base class defining the contract for user persistence adapters
+ *
+ * This follows the Port in Hexagonal Architecture:
+ * - Domain layer depends on this abstraction
+ * - Concrete adapters implement this interface
+ * - Use cases receive repositories via dependency injection
+ *
+ * Note: Currently, User model has identical structure across MongoDB and PostgreSQL,
+ * so UserRepository serves both. This interface exists for consistency and
+ * future-proofing if database-specific implementations become needed.
+ *
+ * @abstract
+ */
+class UserRepositoryInterface {
+    /**
+     * Get session token from base64 buffer token
+     *
+     * @param {string} token - Base64 buffer token
+     * @returns {Promise<Object>} Session token object
+     * @abstract
+     */
+    async getSessionToken(token) {
+        throw new Error(
+            'Method getSessionToken must be implemented by subclass'
+        );
+    }
+
+    /**
+     * Find organization user by ID
+     *
+     * @param {string|number} userId - User ID
+     * @returns {Promise<Object|null>} User object or null
+     * @abstract
+     */
+    async findOrganizationUserById(userId) {
+        throw new Error(
+            'Method findOrganizationUserById must be implemented by subclass'
+        );
+    }
+
+    /**
+     * Find individual user by ID
+     *
+     * @param {string|number} userId - User ID
+     * @returns {Promise<Object|null>} User object or null
+     * @abstract
+     */
+    async findIndividualUserById(userId) {
+        throw new Error(
+            'Method findIndividualUserById must be implemented by subclass'
+        );
+    }
+
+    /**
+     * Create token with expiration
+     *
+     * @param {string|number} userId - User ID
+     * @param {string} rawToken - Raw unhashed token
+     * @param {number} minutes - Minutes until expiration (default 120)
+     * @returns {Promise<string>} Base64 buffer token
+     * @abstract
+     */
+    async createToken(userId, rawToken, minutes = 120) {
+        throw new Error('Method createToken must be implemented by subclass');
+    }
+
+    /**
+     * Create individual user
+     *
+     * @param {Object} params - User creation parameters
+     * @returns {Promise<Object>} Created user object
+     * @abstract
+     */
+    async createIndividualUser(params) {
+        throw new Error(
+            'Method createIndividualUser must be implemented by subclass'
+        );
+    }
+
+    /**
+     * Create organization user
+     *
+     * @param {Object} params - Organization creation parameters
+     * @returns {Promise<Object>} Created organization object
+     * @abstract
+     */
+    async createOrganizationUser(params) {
+        throw new Error(
+            'Method createOrganizationUser must be implemented by subclass'
+        );
+    }
+
+    /**
+     * Find individual user by username
+     *
+     * @param {string} username - Username to search for
+     * @returns {Promise<Object|null>} User object or null
+     * @abstract
+     */
+    async findIndividualUserByUsername(username) {
+        throw new Error(
+            'Method findIndividualUserByUsername must be implemented by subclass'
+        );
+    }
+
+    /**
+     * Find individual user by app user ID
+     *
+     * @param {string} appUserId - App user ID to search for
+     * @returns {Promise<Object|null>} User object or null
+     * @abstract
+     */
+    async findIndividualUserByAppUserId(appUserId) {
+        throw new Error(
+            'Method findIndividualUserByAppUserId must be implemented by subclass'
+        );
+    }
+
+    /**
+     * Find organization user by app org ID
+     *
+     * @param {string} appOrgId - App organization ID to search for
+     * @returns {Promise<Object|null>} User object or null
+     * @abstract
+     */
+    async findOrganizationUserByAppOrgId(appOrgId) {
+        throw new Error(
+            'Method findOrganizationUserByAppOrgId must be implemented by subclass'
+        );
+    }
+
+    /**
+     * Find individual user by email
+     *
+     * @param {string} email - Email to search for
+     * @returns {Promise<Object|null>} User object or null
+     * @abstract
+     */
+    async findIndividualUserByEmail(email) {
+        throw new Error(
+            'Method findIndividualUserByEmail must be implemented by subclass'
+        );
+    }
+
+    /**
+     * Update individual user
+     *
+     * @param {string|number} userId - User ID
+     * @param {Object} updates - Fields to update
+     * @returns {Promise<Object>} Updated user object
+     * @abstract
+     */
+    async updateIndividualUser(userId, updates) {
+        throw new Error(
+            'Method updateIndividualUser must be implemented by subclass'
+        );
+    }
+
+    /**
+     * Update organization user
+     *
+     * @param {string|number} userId - User ID
+     * @param {Object} updates - Fields to update
+     * @returns {Promise<Object>} Updated user object
+     * @abstract
+     */
+    async updateOrganizationUser(userId, updates) {
+        throw new Error(
+            'Method updateOrganizationUser must be implemented by subclass'
+        );
+    }
+
+    /**
+     * Delete user by ID
+     *
+     * @param {string|number} userId - User ID to delete
+     * @returns {Promise<boolean>} True if deleted successfully
+     * @abstract
+     */
+    async deleteUser(userId) {
+        throw new Error('Method deleteUser must be implemented by subclass');
+    }
+
+    /**
+     * Link an individual user to an organization user
+     *
+     * @param {string|number} individualUserId - Individual user ID
+     * @param {string|number} organizationUserId - Organization user ID
+     * @returns {Promise<Object>} Updated individual user object
+     * @abstract
+     */
+    async linkIndividualToOrganization(individualUserId, organizationUserId) {
+        throw new Error(
+            'Method linkIndividualToOrganization must be implemented by subclass'
+        );
+    }
+}
+
+module.exports = { UserRepositoryInterface };

package/user/repositories/user-repository-mongo.js

@@ -0,0 +1,308 @@
+const bcrypt = require('bcryptjs');
+const { prisma } = require('../../database/prisma');
+const {
+    createTokenRepository,
+} = require('../../token/repositories/token-repository-factory');
+const { UserRepositoryInterface } = require('./user-repository-interface');
+const { ClientSafeError } = require('../../errors');
+
+/**
+ * MongoDB User Repository Adapter
+ * Handles user operations with discriminator pattern support
+ *
+ * MongoDB-specific characteristics:
+ * - Uses String IDs (ObjectId)
+ * - No ID conversion needed (IDs are already strings)
+ * - IndividualUser/OrganizationUser discriminators → User model with type field
+ */
+class UserRepositoryMongo extends UserRepositoryInterface {
+    constructor() {
+        super();
+        this.prisma = prisma;
+        this.tokenRepository = createTokenRepository();
+    }
+
+    /**
+     * Get session token from base64 buffer token
+     * Delegates to TokenRepository
+     *
+     * @param {string} token - Base64 buffer token
+     * @returns {Promise<Object>} Session token object with string IDs
+     */
+    async getSessionToken(token) {
+        const jsonToken =
+            this.tokenRepository.getJSONTokenFromBase64BufferToken(token);
+        const sessionToken = await this.tokenRepository.validateAndGetToken(
+            jsonToken
+        );
+        return sessionToken;
+    }
+
+    /**
+     * Find organization user by ID
+     * Replaces: OrganizationUser.findById(userId)
+     *
+     * @param {string} userId - User ID
+     * @returns {Promise<Object|null>} User object with string IDs or null
+     */
+    async findOrganizationUserById(userId) {
+        return await this.prisma.user.findFirst({
+            where: {
+                id: userId,
+                type: 'ORGANIZATION',
+            },
+        });
+    }
+
+    /**
+     * Find individual user by ID
+     * Replaces: IndividualUser.findById(userId)
+     *
+     * @param {string} userId - User ID
+     * @returns {Promise<Object|null>} User object with string IDs or null
+     */
+    async findIndividualUserById(userId) {
+        return await this.prisma.user.findFirst({
+            where: {
+                id: userId,
+                type: 'INDIVIDUAL',
+            },
+        });
+    }
+
+    /**
+     * Create token with expiration
+     * Delegates to TokenRepository
+     *
+     * @param {string} userId - User ID
+     * @param {string} rawToken - Raw unhashed token
+     * @param {number} minutes - Minutes until expiration (default 120)
+     * @returns {Promise<string>} Base64 buffer token
+     */
+    async createToken(userId, rawToken, minutes = 120) {
+        const createdToken = await this.tokenRepository.createTokenWithExpire(
+            userId,
+            rawToken,
+            minutes
+        );
+        return this.tokenRepository.createBase64BufferToken(
+            createdToken,
+            rawToken
+        );
+    }
+
+    /**
+     * Create individual user
+     * Replaces: IndividualUser.create(params)
+     *
+     * @param {Object} params - User creation parameters
+     * @param {string} [params.hashword] - Plain text password (will be bcrypt hashed automatically)
+     * @returns {Promise<Object>} Created user object with string IDs
+     */
+    async createIndividualUser(params) {
+        const data = {
+            type: 'INDIVIDUAL',
+            email: params.email,
+            username: params.username,
+            appUserId: params.appUserId,
+            organizationId: params.organization || params.organizationId,
+        };
+
+        if (
+            params.hashword !== undefined &&
+            params.hashword !== null &&
+            params.hashword !== ''
+        ) {
+            if (typeof params.hashword !== 'string') {
+                throw new ClientSafeError('Password must be a string', 400);
+            }
+
+            // Prevent double-hashing: bcrypt hashes start with $2a$ or $2b$
+            if (params.hashword.startsWith('$2')) {
+                throw new Error(
+                    'Password appears to be already hashed. Pass plain text password only.'
+                );
+            }
+
+            data.hashword = await bcrypt.hash(params.hashword, 10);
+        }
+
+        return await this.prisma.user.create({ data });
+    }
+
+    /**
+     * Create organization user
+     * Replaces: OrganizationUser.create(params)
+     *
+     * @param {Object} params - Organization creation parameters
+     * @returns {Promise<Object>} Created organization object with string IDs
+     */
+    async createOrganizationUser(params) {
+        return await this.prisma.user.create({
+            data: {
+                type: 'ORGANIZATION',
+                appOrgId: params.appOrgId,
+                name: params.name,
+            },
+        });
+    }
+
+    /**
+     * Find individual user by username
+     * Replaces: IndividualUser.findOne({ username })
+     *
+     * @param {string} username - Username to search for
+     * @returns {Promise<Object|null>} User object with string IDs or null
+     */
+    async findIndividualUserByUsername(username) {
+        return await this.prisma.user.findFirst({
+            where: {
+                type: 'INDIVIDUAL',
+                username,
+            },
+        });
+    }
+
+    /**
+     * Find individual user by app user ID
+     * Replaces: IndividualUser.getUserByAppUserId(appUserId)
+     *
+     * @param {string} appUserId - App user ID to search for
+     * @returns {Promise<Object|null>} User object with string IDs or null
+     */
+    async findIndividualUserByAppUserId(appUserId) {
+        return await this.prisma.user.findFirst({
+            where: {
+                type: 'INDIVIDUAL',
+                appUserId,
+            },
+        });
+    }
+
+    /**
+     * Find organization user by app org ID
+     * Replaces: OrganizationUser.getUserByAppOrgId(appOrgId)
+     *
+     * @param {string} appOrgId - App organization ID to search for
+     * @returns {Promise<Object|null>} User object with string IDs or null
+     */
+    async findOrganizationUserByAppOrgId(appOrgId) {
+        return await this.prisma.user.findFirst({
+            where: {
+                type: 'ORGANIZATION',
+                appOrgId,
+            },
+        });
+    }
+
+    /**
+     * Find individual user by email
+     * @param {string} email - Email to search for
+     * @returns {Promise<Object|null>} User object with string IDs or null
+     */
+    async findIndividualUserByEmail(email) {
+        return await this.prisma.user.findFirst({
+            where: {
+                type: 'INDIVIDUAL',
+                email,
+            },
+        });
+    }
+
+    /**
+     * Update individual user
+     * @param {string} userId - User ID
+     * @param {Object} updates - Fields to update
+     * @param {string} [updates.hashword] - Plain text password (will be bcrypt hashed automatically)
+     * @returns {Promise<Object>} Updated user object with string IDs
+     */
+    async updateIndividualUser(userId, updates) {
+        const data = { ...updates };
+
+        if (
+            data.hashword !== undefined &&
+            data.hashword !== null &&
+            data.hashword !== ''
+        ) {
+            if (typeof data.hashword !== 'string') {
+                throw new ClientSafeError('Password must be a string', 400);
+            }
+
+            // Prevent double-hashing: bcrypt hashes start with $2a$ or $2b$
+            if (data.hashword.startsWith('$2')) {
+                throw new Error(
+                    'Password appears to be already hashed. Pass plain text password only.'
+                );
+            }
+
+            data.hashword = await bcrypt.hash(data.hashword, 10);
+        }
+
+        return await this.prisma.user.update({
+            where: { id: userId },
+            data,
+        });
+    }
+
+    /**
+     * Update organization user
+     * @param {string} userId - User ID
+     * @param {Object} updates - Fields to update
+     * @returns {Promise<Object>} Updated user object with string IDs
+     */
+    async updateOrganizationUser(userId, updates) {
+        return await this.prisma.user.update({
+            where: { id: userId },
+            data: updates,
+        });
+    }
+
+    /**
+     * Delete user by ID
+     *
+     * NOTE: This only deletes the user record itself.
+     * Prisma's onDelete: Cascade does NOT work reliably with MongoDB (no database-level referential integrity).
+     * Integration developers MUST manually cascade delete related records before calling this method:
+     * 1. Delete integrations (via deleteIntegrationById)
+     * 2. Delete entities (via deleteEntityById)
+     * 3. Delete credentials (via deleteCredentialById)
+     * 4. Finally delete user (via deleteUserById)
+     *
+     * @param {string} userId - User ID to delete
+     * @returns {Promise<boolean>} True if deleted successfully
+     */
+    async deleteUser(userId) {
+        try {
+            await this.prisma.user.delete({
+                where: { id: userId },
+            });
+            return true;
+        } catch (error) {
+            if (error.code === 'P2025') {
+                // Record not found
+                return false;
+            }
+            throw error;
+        }
+    }
+
+    /**
+     * Link an individual user to an organization user
+     * @param {string} individualUserId - Individual user ID (MongoDB ObjectId string)
+     * @param {string} organizationUserId - Organization user ID (MongoDB ObjectId string)
+     * @returns {Promise<Object>} Updated individual user object
+     */
+    async linkIndividualToOrganization(individualUserId, organizationUserId) {
+        return await this.prisma.user.update({
+            where: {
+                id: individualUserId,
+                type: 'INDIVIDUAL',
+            },
+            data: {
+                organizationId: organizationUserId,
+            },
+        });
+    }
+}
+
+module.exports = { UserRepositoryMongo };