npm - @koloseum/utils - Versions diffs - 0.2.0 → 0.2.1 - Mend

@koloseum/utils 0.2.0 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/utils.d.ts CHANGED Viewed

@@ -34,7 +34,7 @@ export declare const Utility: {
     /**
      * Calls a Supabase Edge function.
      * @param {boolean} browser - Whether the function is being called in the browser
-     * @param {SupabaseClient} supabase - The Supabase client
+     * @param {SupabaseClient<Database>} supabase - The Supabase client
      * @param {string} path - The path to the Edge function
      * @param {FunctionInvokeOptions} [options] - The options to use for the function invocation; defaults to `{ method: "GET" }`
      * @returns The response from the Edge function
@@ -124,6 +124,30 @@ export declare const Utility: {
      * @param {PronounsCheckboxes} checkboxes - The pronouns checkboxes
      */
     handlePronounsCheckboxClick: (e: MouseEvent, checkboxes: PronounsCheckboxes) => void;
+    /**
+     * Checks if a user is authorised to access a microservice.
+     * @param {SupabaseClient<Database>} supabase - The Supabase client.
+     * @param {UserWithCustomMetadata} user - The user to check.
+     * @param {Object} options - The options for the function.
+     * @param {MicroserviceGroup} options.microserviceGroup - The microservice group.
+     * @param {Microservice<MicroserviceGroup> | string} options.microservice - The microservice.
+     * @param {string} options.playersUrl - The URL to the Players microservice.
+     * @param {(role: string) => string} options.requestedPermission - A function that returns the requested permission for a given role.
+     * @returns {Promise<{ isAuthorised?: boolean; redirect?: { code: number; url: string }; error?: CustomError }>} The result of the function.
+     */
+    isUserAuthorised: (supabase: SupabaseClient<Database>, user: UserWithCustomMetadata, options: {
+        microserviceGroup: MicroserviceGroup;
+        microservice: Microservice<MicroserviceGroup> | string;
+        playersUrl: string;
+        requestedPermission: (role: string) => string;
+    }) => Promise<{
+        isAuthorised?: boolean;
+        redirect?: {
+            code: number;
+            url: string;
+        };
+        error?: CustomError;
+    }>;
     /**
      * A reference of microservices available on the platform, represented as an object with each user group (i.e. `public`, `players`, `lounges`, and `backroom`) having its own array of microservices. Each microservice in a list is an object with the following properties:
      * - `name`: The name of the microservice.

package/dist/utils.js CHANGED Viewed

@@ -88,7 +88,7 @@ export const Utility = {
     /**
      * Calls a Supabase Edge function.
      * @param {boolean} browser - Whether the function is being called in the browser
-     * @param {SupabaseClient} supabase - The Supabase client
+     * @param {SupabaseClient<Database>} supabase - The Supabase client
      * @param {string} path - The path to the Edge function
      * @param {FunctionInvokeOptions} [options] - The options to use for the function invocation; defaults to `{ method: "GET" }`
      * @returns The response from the Edge function
@@ -581,6 +581,105 @@ export const Utility = {
             }
         }
     },
+    /**
+     * Checks if a user is authorised to access a microservice.
+     * @param {SupabaseClient<Database>} supabase - The Supabase client.
+     * @param {UserWithCustomMetadata} user - The user to check.
+     * @param {Object} options - The options for the function.
+     * @param {MicroserviceGroup} options.microserviceGroup - The microservice group.
+     * @param {Microservice<MicroserviceGroup> | string} options.microservice - The microservice.
+     * @param {string} options.playersUrl - The URL to the Players microservice.
+     * @param {(role: string) => string} options.requestedPermission - A function that returns the requested permission for a given role.
+     * @returns {Promise<{ isAuthorised?: boolean; redirect?: { code: number; url: string }; error?: CustomError }>} The result of the function.
+     */
+    isUserAuthorised: async (supabase, user, options) => {
+        // Destructure options
+        const { microserviceGroup, microservice, playersUrl } = options;
+        // Return true if microservice group is public
+        if (microserviceGroup === "public")
+            return { isAuthorised: true };
+        // Get user's roles and the role prefix
+        const roles = [];
+        const rolePrefix = microserviceGroup === "backroom" ? "backroom" : microserviceGroup.slice(0, -1);
+        for (const role of user.app_metadata.roles) {
+            if (role === "player")
+                continue;
+            if (role.startsWith(`${rolePrefix}_`))
+                roles.push(role.replace(`${rolePrefix}_`, ""));
+        }
+        // Redirect to Players microservices if user does not have any roles for the microservice group
+        if (roles.length === 0)
+            return { redirect: { code: 307, url: playersUrl } };
+        // Destructure role
+        const [role] = roles;
+        let isAuthorised = false;
+        // Grant access if superuser or account microservice
+        const isSuperuser = (microserviceGroup === "backroom" || microserviceGroup === "lounges") && role === "superuser";
+        if (isSuperuser || microservice === "account")
+            isAuthorised = true;
+        // Evaluate access
+        else if (microserviceGroup !== "players") {
+            // Get user's role and requested app permission
+            const requestedPermission = options.requestedPermission(role);
+            // Check if user has the requested permission
+            const { data, error: isAuthorisedError } = await supabase
+                .schema("compliance")
+                .rpc("authorise", { requested_permission: requestedPermission });
+            if (isAuthorisedError)
+                return Utility.parsePostgrestError(isAuthorisedError);
+            // Grant access if user has the requested permission
+            isAuthorised = data;
+        }
+        // Validate SuprSend subscriber
+        let personData;
+        if (user.app_metadata.person_data) {
+            const { first_name: firstName, last_name: lastName, pseudonym } = user.app_metadata.person_data;
+            personData = { firstName, lastName, phone: user.phone, pseudonym };
+        }
+        const { code, error: validationError } = await Utility.callEdgeFunction(false, supabase, `suprsend/validate-subscriber?user-id=${user.id}`, { method: "POST", body: personData });
+        if (validationError)
+            return { error: Utility.customError(code, validationError) };
+        // Initialise user metadata if not already done
+        if (!user.user_metadata.backroom) {
+            // Update user metadata in database
+            const { error: updateError } = await supabase.auth.updateUser({
+                data: { backroom: { welcome_notification_sent: false } }
+            });
+            if (updateError)
+                return { error: Utility.customError(updateError.status ?? 500, updateError.message) };
+            // Update user object in memory
+            user.user_metadata.backroom = { welcome_notification_sent: false };
+        }
+        // Send welcome notification if user is new
+        if (!user.user_metadata.backroom.welcome_notification_sent) {
+            // Define workflow body
+            const workflowBody = {
+                name: "welcome-to-backroom",
+                template: "welcome-to-backroom",
+                notification_category: "system",
+                users: [
+                    {
+                        distinct_id: user.id,
+                        $skip_create: true
+                    }
+                ]
+            };
+            // Trigger workflow
+            const { code, error: workflowError } = await Utility.callEdgeFunction(false, supabase, `suprsend/trigger-workflow?user-id=${user.id}`, { method: "POST", body: workflowBody });
+            if (workflowError)
+                return { error: Utility.customError(code, workflowError) };
+            // Update user metadata in database
+            const { error: updateError } = await supabase.auth.updateUser({
+                data: { backroom: { welcome_notification_sent: true } }
+            });
+            if (updateError)
+                return { error: Utility.customError(updateError.status ?? 500, updateError.message) };
+            // Update user object in memory
+            user.user_metadata.backroom.welcome_notification_sent = true;
+        }
+        // Return result
+        return { isAuthorised };
+    },
     /**
      * A reference of microservices available on the platform, represented as an object with each user group (i.e. `public`, `players`, `lounges`, and `backroom`) having its own array of microservices. Each microservice in a list is an object with the following properties:
      * - `name`: The name of the microservice.

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
 	"name": "@koloseum/utils",
-	"version": "0.2.0",
+	"version": "0.2.1",
 	"author": "Koloseum Technologies Limited",
 	"type": "module",
 	"description": "Utility logic for use across Koloseum web apps (TypeScript)",
@@ -36,7 +36,7 @@
 		"validator": "^13.15.15"
 	},
 	"devDependencies": {
-		"@koloseum/types": "^0.2.0",
+		"@koloseum/types": "^0.2.1",
 		"@playwright/test": "^1.53.1",
 		"@suprsend/web-components": "^0.2.1",
 		"@types/sanitize-html": "^2.16.0",