@jskit-ai/users-core 0.1.33 → 0.1.36

package/src/server/registerWorkspaceCore.js

@@ -3,12 +3,11 @@ import {
 } from "@jskit-ai/kernel/server/actions";
 import { registerRouteVisibilityResolver } from "@jskit-ai/kernel/server/http";
 import { resolveAppConfig } from "@jskit-ai/kernel/server/support";
-import { TENANCY_MODE_WORKSPACES, resolveTenancyProfile } from "../shared/tenancyProfile.js";
 import { createService as createWorkspaceService } from "./common/services/workspaceContextService.js";
-import { createService as createAuthProfileSyncService } from "./common/services/authProfileSyncService.js";
 import { createWorkspaceActionContextContributor } from "./common/contributors/workspaceActionContextContributor.js";
 import { createWorkspaceRouteVisibilityResolver } from "./common/contributors/workspaceRouteVisibilityResolver.js";
 import { createWorkspaceAuthPolicyContextResolver } from "./common/contributors/workspaceAuthPolicyContextResolver.js";
+import { TENANCY_MODE_WORKSPACES } from "../shared/tenancyProfile.js";
 import { resolveWorkspaceInvitationsPolicy } from "./support/workspaceInvitationsPolicy.js";
 import { resolveWorkspaceSurfaceIdsFromAppConfig } from "./support/workspaceActionSurfaces.js";
 
@@ -27,20 +26,6 @@ function registerWorkspaceCore(app) {
       workspaceSettingsRepository: scope.make("workspaceSettingsRepository")
     });
   });
-
-  app.singleton("users.profile.sync.service", (scope) => {
-    return createAuthProfileSyncService({
-      usersRepository: scope.make("usersRepository"),
-      userSettingsRepository: scope.make("userSettingsRepository"),
-      workspaceProvisioningService: scope.make("users.workspace.service")
-    });
-  });
-
-  app.singleton("users.tenancy.profile", (scope) => {
-    const appConfig = resolveAppConfig(scope);
-    return resolveTenancyProfile(appConfig);
-  });
-
   app.singleton("users.workspace.enabled", (scope) => {
     return scope.make("users.tenancy.profile").workspace.enabled === true;
   });

package/src/server/registerWorkspaceRepositories.js

@@ -0,0 +1,26 @@
+import { createRepository as createWorkspacesRepository } from "./common/repositories/workspacesRepository.js";
+import { createRepository as createWorkspaceMembershipsRepository } from "./common/repositories/workspaceMembershipsRepository.js";
+import { createRepository as createWorkspaceInvitesRepository } from "./common/repositories/workspaceInvitesRepository.js";
+
+function registerWorkspaceRepositories(app) {
+  if (!app || typeof app.singleton !== "function") {
+    throw new Error("registerWorkspaceRepositories requires application singleton().");
+  }
+
+  app.singleton("workspacesRepository", (scope) => {
+    const knex = scope.make("jskit.database.knex");
+    return createWorkspacesRepository(knex);
+  });
+
+  app.singleton("workspaceMembershipsRepository", (scope) => {
+    const knex = scope.make("jskit.database.knex");
+    return createWorkspaceMembershipsRepository(knex);
+  });
+
+  app.singleton("workspaceInvitesRepository", (scope) => {
+    const knex = scope.make("jskit.database.knex");
+    return createWorkspaceInvitesRepository(knex);
+  });
+}
+
+export { registerWorkspaceRepositories };

package/src/server/usersBootstrapContributor.js

@@ -0,0 +1,248 @@
+import { AppError } from "@jskit-ai/kernel/server/runtime";
+import { requireServiceMethod } from "@jskit-ai/kernel/shared/actions/actionContributorHelpers";
+import { normalizeLowerText, normalizeText } from "@jskit-ai/kernel/shared/actions/textNormalization";
+import {
+  TENANCY_MODE_NONE,
+  TENANCY_MODE_PERSONAL,
+  TENANCY_MODE_WORKSPACES,
+  WORKSPACE_SLUG_POLICY_NONE,
+  WORKSPACE_SLUG_POLICY_IMMUTABLE_USERNAME,
+  WORKSPACE_SLUG_POLICY_USER_SELECTED,
+  resolveTenancyProfile
+} from "../shared/tenancyProfile.js";
+import { accountAvatarFormatter } from "./common/formatters/accountAvatarFormatter.js";
+import { authenticatedUserValidator } from "./common/validators/authenticatedUserValidator.js";
+import { userSettingsFields } from "../shared/resources/userSettingsFields.js";
+
+function getOAuthProviderCatalogPayload(authService) {
+  if (!authService || typeof authService.getOAuthProviderCatalog !== "function") {
+    return {
+      oauthProviders: [],
+      oauthDefaultProvider: null
+    };
+  }
+
+  const catalog = authService.getOAuthProviderCatalog();
+  const providers = Array.isArray(catalog?.providers)
+    ? catalog.providers
+        .map((provider) => ({
+          id: normalizeLowerText(provider?.id),
+          label: normalizeText(provider?.label)
+        }))
+        .filter((provider) => provider.id && provider.label)
+    : [];
+  const defaultProvider = normalizeLowerText(catalog?.defaultProvider);
+
+  return {
+    oauthProviders: providers,
+    oauthDefaultProvider: providers.some((provider) => provider.id === defaultProvider) ? defaultProvider : null
+  };
+}
+
+function normalizeBoolean(value, fallback) {
+  if (typeof value === "boolean") {
+    return value;
+  }
+  if (typeof value === "string") {
+    const normalized = normalizeLowerText(value);
+    if (normalized === "true") {
+      return true;
+    }
+    if (normalized === "false") {
+      return false;
+    }
+  }
+  return fallback;
+}
+
+function resolveAppState(appConfig = {}, { workspaceInvitationsEnabled = false } = {}) {
+  const features = {
+    workspaceSwitching: normalizeBoolean(appConfig.workspaceSwitching, false),
+    workspaceInvites: workspaceInvitationsEnabled === true,
+    assistantEnabled: normalizeBoolean(appConfig.assistantEnabled, false),
+    assistantRequiredPermission: normalizeText(appConfig.assistantRequiredPermission),
+    socialEnabled: normalizeBoolean(appConfig.socialEnabled, false),
+    socialFederationEnabled: normalizeBoolean(appConfig.socialFederationEnabled, false)
+  };
+
+  return {
+    features
+  };
+}
+
+function normalizeSlugPolicy(value = "") {
+  const normalizedValue = normalizeLowerText(value);
+  if (
+    normalizedValue === WORKSPACE_SLUG_POLICY_IMMUTABLE_USERNAME ||
+    normalizedValue === WORKSPACE_SLUG_POLICY_USER_SELECTED
+  ) {
+    return normalizedValue;
+  }
+  return WORKSPACE_SLUG_POLICY_NONE;
+}
+
+function isSupportedTenancyMode(value = "") {
+  return value === TENANCY_MODE_NONE || value === TENANCY_MODE_PERSONAL || value === TENANCY_MODE_WORKSPACES;
+}
+
+function resolveBootstrapTenancyProfile(tenancyProfile = null, appConfig = {}) {
+  const fallback = resolveTenancyProfile(appConfig);
+  const source = tenancyProfile && typeof tenancyProfile === "object" ? tenancyProfile : fallback;
+  const mode = isSupportedTenancyMode(source?.mode) ? source.mode : fallback.mode;
+  const workspace = source?.workspace && typeof source.workspace === "object" ? source.workspace : fallback.workspace;
+
+  return Object.freeze({
+    mode,
+    workspace: Object.freeze({
+      enabled: workspace.enabled === true,
+      autoProvision: workspace.autoProvision === true,
+      allowSelfCreate: workspace.allowSelfCreate === true,
+      slugPolicy: normalizeSlugPolicy(workspace.slugPolicy)
+    })
+  });
+}
+
+function createAnonymousBootstrapPayload({ appState, tenancyProfile }) {
+  return {
+    session: {
+      authenticated: false
+    },
+    profile: null,
+    tenancy: tenancyProfile,
+    app: appState,
+    workspaces: [],
+    pendingInvites: [],
+    activeWorkspace: null,
+    membership: null,
+    requestedWorkspace: null,
+    permissions: [],
+    surfaceAccess: {
+      consoleowner: false
+    },
+    workspaceSettings: null,
+    userSettings: null,
+    requestMeta: {
+      hasRequest: false
+    }
+  };
+}
+
+function mapUserSettingsBootstrap(settings = {}) {
+  const source = settings && typeof settings === "object" ? settings : {};
+  const mapped = {};
+
+  for (const field of userSettingsFields) {
+    if (field.includeInBootstrap === false) {
+      continue;
+    }
+    const rawValue = Object.hasOwn(source, field.key)
+      ? source[field.key]
+      : field.resolveDefault({
+          settings: source
+        });
+    mapped[field.key] = field.normalizeOutput(rawValue, {
+      settings: source
+    });
+  }
+
+  return mapped;
+}
+
+function createUsersBootstrapContributor({
+  usersRepository,
+  userSettingsRepository,
+  appConfig = {},
+  tenancyProfile = null,
+  authService,
+  consoleService = null
+} = {}) {
+  const contributorId = "users.bootstrap";
+  const appState = resolveAppState(appConfig);
+  const resolvedTenancyProfile = resolveBootstrapTenancyProfile(tenancyProfile, appConfig);
+
+  requireServiceMethod(usersRepository, "findById", contributorId, {
+    serviceLabel: "usersRepository"
+  });
+  requireServiceMethod(userSettingsRepository, "ensureForUserId", contributorId, {
+    serviceLabel: "userSettingsRepository"
+  });
+
+  return Object.freeze({
+    contributorId,
+    async contribute({ request = null, reply = null } = {}) {
+      const authResult = await request.executeAction({
+        actionId: "auth.session.read"
+      });
+
+      if (authResult?.clearSession === true && typeof authService?.clearSessionCookies === "function") {
+        authService.clearSessionCookies(reply);
+      }
+      if (authResult?.session && typeof authService?.writeSessionCookies === "function") {
+        authService.writeSessionCookies(reply, authResult.session);
+      }
+      if (authResult?.transientFailure === true) {
+        throw new AppError(503, "Authentication service temporarily unavailable. Please retry.");
+      }
+
+      const normalizedUser = authenticatedUserValidator.normalize(authResult?.authenticated ? authResult?.profile : null);
+      let payload = createAnonymousBootstrapPayload({
+        appState,
+        tenancyProfile: resolvedTenancyProfile
+      });
+
+      if (normalizedUser) {
+        const latestProfile = (await usersRepository.findById(normalizedUser.id)) || normalizedUser;
+        const userSettings = await userSettingsRepository.ensureForUserId(latestProfile.id);
+
+        let seededConsoleOwnerUserId = 0;
+        if (
+          consoleService &&
+          typeof consoleService.ensureInitialConsoleMember === "function"
+        ) {
+          seededConsoleOwnerUserId = Number(await consoleService.ensureInitialConsoleMember(latestProfile.id));
+        }
+
+        payload = {
+          session: {
+            authenticated: true,
+            userId: latestProfile.id
+          },
+          profile: {
+            displayName: latestProfile.displayName,
+            email: latestProfile.email,
+            avatar: accountAvatarFormatter(latestProfile, userSettings)
+          },
+          tenancy: resolvedTenancyProfile,
+          app: appState,
+          workspaces: [],
+          pendingInvites: [],
+          activeWorkspace: null,
+          membership: null,
+          requestedWorkspace: null,
+          permissions: [],
+          surfaceAccess: {
+            consoleowner: seededConsoleOwnerUserId > 0 && seededConsoleOwnerUserId === Number(latestProfile.id)
+          },
+          workspaceSettings: null,
+          userSettings: mapUserSettingsBootstrap(userSettings),
+          requestMeta: {
+            hasRequest: Boolean(request)
+          }
+        };
+      }
+
+      const oauthCatalogPayload = getOAuthProviderCatalogPayload(authService);
+      const session = payload?.session && typeof payload.session === "object" ? payload.session : { authenticated: false };
+
+      return {
+        ...payload,
+        session: {
+          ...session,
+          ...oauthCatalogPayload
+        }
+      };
+    }
+  });
+}
+
+export { createUsersBootstrapContributor };