npm - @lenne.tech/nest-server - Versions diffs - 10.3.1 → 10.3.3 - Mend

@lenne.tech/nest-server 10.3.1 → 10.3.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (107) hide show

package/src/core/modules/user/core-user.model.ts CHANGED Viewed

@@ -3,6 +3,8 @@ import { Schema as MongooseSchema, Prop, raw } from '@nestjs/mongoose';
 import { IsEmail, IsOptional } from 'class-validator';
 import { Document } from 'mongoose';
+import { Restricted } from '../../common/decorators/restricted.decorator';
+import { RoleEnum } from '../../common/enums/role.enum';
 import { CorePersistenceModel } from '../../common/models/core-persistence.model';
 import { CoreTokenData } from '../auth/interfaces/core-token-data.interface';
@@ -11,6 +13,7 @@ export type CoreUserModelDocument = CoreUserModel & Document;
 /**
  * User model
  */
+@Restricted(RoleEnum.S_EVERYONE)
 @ObjectType({ description: 'User', isAbstract: true })
 @MongooseSchema({ timestamps: true })
 export abstract class CoreUserModel extends CorePersistenceModel {
@@ -21,6 +24,7 @@ export abstract class CoreUserModel extends CorePersistenceModel {
   /**
    * E-Mail address of the user
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field({ description: 'Email of the user', nullable: true })
   @IsEmail()
   @Prop({ lowercase: true, trim: true, unique: true })
@@ -29,6 +33,7 @@ export abstract class CoreUserModel extends CorePersistenceModel {
   /**
    * First name of the user
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field({ description: 'First name of the user', nullable: true })
   @IsOptional()
   @Prop()
@@ -37,6 +42,7 @@ export abstract class CoreUserModel extends CorePersistenceModel {
   /**
    * Last name of the user
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field({ description: 'Last name of the user', nullable: true })
   @IsOptional()
   @Prop()
@@ -45,12 +51,14 @@ export abstract class CoreUserModel extends CorePersistenceModel {
   /**
    * Password of the user
    */
+  @Restricted(RoleEnum.S_NO_ONE)
   @Prop()
   password: string = undefined;
   /**
    * Roles of the user
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field(type => [String], { description: 'Roles of the user', nullable: true })
   @IsOptional()
   @Prop([String])
@@ -59,6 +67,7 @@ export abstract class CoreUserModel extends CorePersistenceModel {
   /**
    * Username of the user
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field({ description: 'Username of the user', nullable: true })
   @IsOptional()
   @Prop()
@@ -67,6 +76,7 @@ export abstract class CoreUserModel extends CorePersistenceModel {
   /**
    * Password reset token of the user
    */
+  @Restricted(RoleEnum.S_NO_ONE)
   @IsOptional()
   @Prop()
   passwordResetToken: string = undefined;
@@ -76,6 +86,7 @@ export abstract class CoreUserModel extends CorePersistenceModel {
    * key: Token
    * value: TokenData
    */
+  @Restricted(RoleEnum.S_NO_ONE)
   @IsOptional()
   @Prop(raw({}))
   refreshTokens: Record<string, CoreTokenData> = undefined;
@@ -84,6 +95,7 @@ export abstract class CoreUserModel extends CorePersistenceModel {
    * Temporary token for parallel requests during the token refresh process
    * See sameTokenIdPeriod in configuration
    */
+  @Restricted(RoleEnum.S_NO_ONE)
   @IsOptional()
   @Prop(raw({}))
   tempTokens: Record<string, { createdAt: number; deviceId: string; tokenId: string }> = undefined;
@@ -91,6 +103,7 @@ export abstract class CoreUserModel extends CorePersistenceModel {
   /**
    * Verification token of the user
    */
+  @Restricted(RoleEnum.S_NO_ONE)
   @IsOptional()
   @Prop()
   verificationToken: string = undefined;
@@ -98,6 +111,7 @@ export abstract class CoreUserModel extends CorePersistenceModel {
   /**
    * Verification of the user
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field(type => Boolean, { description: 'Verification state of the user', nullable: true })
   @Prop({ type: Boolean })
   verified: boolean = undefined;
@@ -105,6 +119,7 @@ export abstract class CoreUserModel extends CorePersistenceModel {
   /**
    * Verification date
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field({ description: 'Verified date', nullable: true })
   @Prop()
   verifiedAt: Date = undefined;

package/src/core/modules/user/inputs/core-user-create.input.ts CHANGED Viewed

@@ -1,6 +1,8 @@
 import { Field, InputType } from '@nestjs/graphql';
 import { IsEmail } from 'class-validator';
+import { Restricted } from '../../../common/decorators/restricted.decorator';
+import { RoleEnum } from '../../../common/enums/role.enum';
 import { CoreUserInput } from './core-user.input';
 /**
@@ -10,8 +12,10 @@ import { CoreUserInput } from './core-user.input';
  * otherwise the property will not be recognized via Object.keys (this is necessary for mapping) or will be initialized
  * with a default value that may overwrite an existing value in the DB.
  */
+@Restricted(RoleEnum.S_EVERYONE)
 @InputType({ description: 'User input to create a new user', isAbstract: true })
 export abstract class CoreUserCreateInput extends CoreUserInput {
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field({ description: 'Email of the user', nullable: false })
   @IsEmail()
   override email: string = undefined;

package/src/core/modules/user/inputs/core-user.input.ts CHANGED Viewed

@@ -13,11 +13,13 @@ import { CoreInput } from '../../../common/inputs/core-input.input';
  * otherwise the property will not be recognized via Object.keys (this is necessary for mapping) or will be initialized
  * with a default value that may overwrite an existing value in the DB.
  */
+@Restricted(RoleEnum.S_EVERYONE)
 @InputType({ description: 'User input', isAbstract: true })
 export abstract class CoreUserInput extends CoreInput {
   /**
    * Email of the user
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field({ description: 'Email of the user', nullable: true })
   @IsOptional()
   @IsEmail()
@@ -26,6 +28,7 @@ export abstract class CoreUserInput extends CoreInput {
   /**
    * First name of the user
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field({ description: 'First name of the user', nullable: true })
   @IsOptional()
   firstName?: string = undefined;
@@ -33,6 +36,7 @@ export abstract class CoreUserInput extends CoreInput {
   /**
    * Last name of the user
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field({ description: 'Last name of the user', nullable: true })
   @IsOptional()
   lastName?: string = undefined;
@@ -48,6 +52,7 @@ export abstract class CoreUserInput extends CoreInput {
   /**
    * Username / alias of the user
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field({ description: 'Username / alias of the user', nullable: true })
   @IsOptional()
   username?: string = undefined;
@@ -55,6 +60,7 @@ export abstract class CoreUserInput extends CoreInput {
   /**
    * Password of the user
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field({ description: 'Password of the user', nullable: true })
   @IsOptional()
   password?: string = undefined;

package/src/server/common/models/persistence.model.ts CHANGED Viewed

@@ -2,6 +2,8 @@ import { Field, ObjectType } from '@nestjs/graphql';
 import { Prop } from '@nestjs/mongoose';
 import { Types } from 'mongoose';
+import { Restricted } from '../../../core/common/decorators/restricted.decorator';
+import { RoleEnum } from '../../../core/common/enums/role.enum';
 import { CorePersistenceModel } from '../../../core/common/models/core-persistence.model';
 import { User } from '../../modules/user/user.model';
@@ -12,6 +14,7 @@ import mongoose = require('mongoose');
  *
  * The models are a combination of MikroORM Entities and TypeGraphQL Types
  */
+@Restricted(RoleEnum.ADMIN)
 @ObjectType({
   description: 'Persistence model which will be saved in DB',
   isAbstract: true,
@@ -26,6 +29,7 @@ export abstract class PersistenceModel extends CorePersistenceModel {
    *
    * Not set when created by system
    */
+  @Restricted(RoleEnum.ADMIN)
   @Field(() => User, {
     description: 'ID of the user who created the object',
     nullable: true,
@@ -38,6 +42,7 @@ export abstract class PersistenceModel extends CorePersistenceModel {
    *
    * Not set when updated by system
    */
+  @Restricted(RoleEnum.ADMIN)
   @Field(() => User, {
     description: 'ID of the user who updated the object',
     nullable: true,

package/src/server/modules/auth/auth.controller.ts CHANGED Viewed

@@ -1,9 +1,12 @@
 import { Controller } from '@nestjs/common';
+import { Roles } from '../../../core/common/decorators/roles.decorator';
+import { RoleEnum } from '../../../core/common/enums/role.enum';
 import { ConfigService } from '../../../core/common/services/config.service';
 import { CoreAuthController } from '../../../core/modules/auth/core-auth.controller';
 import { AuthService } from './auth.service';
+@Roles(RoleEnum.ADMIN)
 @Controller('auth')
 export class AuthController extends CoreAuthController {
   /**

package/src/server/modules/auth/auth.model.ts CHANGED Viewed

@@ -1,5 +1,7 @@
 import { Field, ObjectType } from '@nestjs/graphql';
+import { Restricted } from '../../../core/common/decorators/restricted.decorator';
+import { RoleEnum } from '../../../core/common/enums/role.enum';
 import { mapClasses } from '../../../core/common/helpers/model.helper';
 import { CoreAuthModel } from '../../../core/modules/auth/core-auth.model';
 import { User } from '../user/user.model';
@@ -7,6 +9,7 @@ import { User } from '../user/user.model';
 /**
  * Authentication data
  */
+@Restricted(RoleEnum.ADMIN)
 @ObjectType({ description: 'Authentication data' })
 export class Auth extends CoreAuthModel {
   // ===================================================================================================================
@@ -16,6 +19,7 @@ export class Auth extends CoreAuthModel {
   /**
    * Signed-in user
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field(() => User, { description: 'User who signed in' })
   override user: User = undefined;

package/src/server/modules/auth/auth.resolver.ts CHANGED Viewed

@@ -2,6 +2,8 @@ import { Args, Context, Mutation, Resolver } from '@nestjs/graphql';
 import { Response as ResponseType } from 'express';
 import { GraphQLServiceOptions } from '../../../core/common/decorators/graphql-service-options.decorator';
+import { Roles } from '../../../core/common/decorators/roles.decorator';
+import { RoleEnum } from '../../../core/common/enums/role.enum';
 import { ServiceOptions } from '../../../core/common/interfaces/service-options.interface';
 import { ConfigService } from '../../../core/common/services/config.service';
 import { CoreAuthResolver } from '../../../core/modules/auth/core-auth.resolver';
@@ -13,6 +15,7 @@ import { AuthSignUpInput } from './inputs/auth-sign-up.input';
 /**
  * Authentication resolver for the sign in
  */
+@Roles(RoleEnum.ADMIN)
 @Resolver(() => Auth)
 export class AuthResolver extends CoreAuthResolver {
   /**
@@ -28,6 +31,7 @@ export class AuthResolver extends CoreAuthResolver {
   /**
    * SignIn for User
    */
+  @Roles(RoleEnum.S_EVERYONE)
   @Mutation(() => Auth, { description: 'Sign in and get JWT token' })
   override async signIn(
     @GraphQLServiceOptions({ gqlPath: 'signIn.user' }) serviceOptions: ServiceOptions,
@@ -44,6 +48,7 @@ export class AuthResolver extends CoreAuthResolver {
   /**
    * Sign up for user
    */
+  @Roles(RoleEnum.S_EVERYONE)
   @Mutation(() => Auth, {
     description: 'Sign up user and get JWT token',
   })

package/src/server/modules/auth/inputs/auth-sign-in.input.ts CHANGED Viewed

@@ -1,10 +1,13 @@
 import { InputType } from '@nestjs/graphql';
+import { Restricted } from '../../../../core/common/decorators/restricted.decorator';
+import { RoleEnum } from '../../../../core/common/enums/role.enum';
 import { CoreAuthSignInInput } from '../../../../core/modules/auth/inputs/core-auth-sign-in.input';
 /**
  * SignIn input
  */
+@Restricted(RoleEnum.ADMIN)
 @InputType({ description: 'Sign-in input' })
 export class AuthSignInInput extends CoreAuthSignInInput {
   // Extend UserInput here

package/src/server/modules/auth/inputs/auth-sign-up.input.ts CHANGED Viewed

@@ -1,19 +1,24 @@
 import { Field, InputType } from '@nestjs/graphql';
+import { Restricted } from '../../../../core/common/decorators/restricted.decorator';
+import { RoleEnum } from '../../../../core/common/enums/role.enum';
 import { CoreAuthSignUpInput } from '../../../../core/modules/auth/inputs/core-auth-sign-up.input';
 /**
  * SignUp input
  */
+@Restricted(RoleEnum.ADMIN)
 @InputType({ description: 'Sign-up input' })
 export class AuthSignUpInput extends CoreAuthSignUpInput {
   // ===================================================================================================================
   // Properties
   // ===================================================================================================================
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field({ description: 'firstName', nullable: true })
   firstName: string = undefined;
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field({ description: 'lastName', nullable: true })
   lastName: string = undefined;
 }

package/src/server/modules/file/file-info.model.ts CHANGED Viewed

@@ -1,11 +1,14 @@
 import { ObjectType } from '@nestjs/graphql';
 import { Schema as MongooseSchema, SchemaFactory } from '@nestjs/mongoose';
+import { Restricted } from '../../../core/common/decorators/restricted.decorator';
+import { RoleEnum } from '../../../core/common/enums/role.enum';
 import { CoreFileInfo } from '../../../core/modules/file/core-file-info.model';
 /**
  * File info model
  */
+@Restricted(RoleEnum.ADMIN)
 @ObjectType({ description: 'Information about file' })
 @MongooseSchema({ collection: 'fs.files' })
 export class FileInfo extends CoreFileInfo {}

package/src/server/modules/file/file.controller.ts CHANGED Viewed

@@ -30,6 +30,7 @@ export class FileController {
   /**
    * Upload file
    */
+  @Roles(RoleEnum.ADMIN)
   @Post('upload')
   @UseInterceptors(FileInterceptor('file'))
   uploadFile(@UploadedFile() file: Express.Multer.File): any {
@@ -39,6 +40,7 @@ export class FileController {
   /**
    * Download file
    */
+  @Roles(RoleEnum.ADMIN)
   @Get(':id')
   async getFile(@Param('id') id: string, @Res() res) {
     if (!id) {
@@ -65,6 +67,7 @@ export class FileController {
   /**
    * Get file information
    */
+  @Roles(RoleEnum.ADMIN)
   @Get('info/:id')
   async getFileInfo(@Param('id') id: string) {
     return await this.fileService.getFileInfo(id);
@@ -73,6 +76,7 @@ export class FileController {
   /**
    * Delete file
    */
+  @Roles(RoleEnum.ADMIN)
   @Delete(':id')
   async deleteFile(@Param('id') id: string) {
     if (!id) {

package/src/server/modules/user/avatar.controller.ts CHANGED Viewed

@@ -13,6 +13,7 @@ import { UserService } from './user.service';
 /**
  * Controller for avatar
  */
+@Roles(RoleEnum.ADMIN)
 @Controller('avatar')
 export class AvatarController {
   /**

package/src/server/modules/user/inputs/user-create.input.ts CHANGED Viewed

@@ -1,10 +1,13 @@
 import { InputType } from '@nestjs/graphql';
+import { Restricted } from '../../../../core/common/decorators/restricted.decorator';
+import { RoleEnum } from '../../../../core/common/enums/role.enum';
 import { CoreUserCreateInput } from '../../../../core/modules/user/inputs/core-user-create.input';
 /**
  * User input to create a new user
  */
+@Restricted(RoleEnum.ADMIN)
 @InputType({ description: 'User input to create a new user' })
 export class UserCreateInput extends CoreUserCreateInput {
   // Extend UserCreateInput here

package/src/server/modules/user/inputs/user.input.ts CHANGED Viewed

@@ -1,10 +1,13 @@
 import { InputType } from '@nestjs/graphql';
+import { Restricted } from '../../../../core/common/decorators/restricted.decorator';
+import { RoleEnum } from '../../../../core/common/enums/role.enum';
 import { CoreUserInput } from '../../../../core/modules/user/inputs/core-user.input';
 /**
  * User input to update a user
  */
+@Restricted(RoleEnum.ADMIN)
 @InputType({ description: 'User input' })
 export class UserInput extends CoreUserInput {
   // Extend UserInput here

package/src/server/modules/user/outputs/find-and-count-users-result.output.ts CHANGED Viewed

@@ -1,12 +1,17 @@
 import { Field, ObjectType } from '@nestjs/graphql';
+import { Restricted } from '../../../../core/common/decorators/restricted.decorator';
+import { RoleEnum } from '../../../../core/common/enums/role.enum';
 import { User } from '../user.model';
+@Restricted(RoleEnum.ADMIN)
 @ObjectType({ description: 'Result of find and count' })
 export class FindAndCountUsersResult {
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field(() => [User], { description: 'Found users' })
   items: User[];
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field({ description: 'Total count (skip/offset and limit/take are ignored in the count)' })
   totalCount: number;
 }

package/src/server/modules/user/user.model.ts CHANGED Viewed

@@ -1,7 +1,9 @@
 import { Field, ObjectType } from '@nestjs/graphql';
 import { Schema as MongooseSchema, Prop, SchemaFactory } from '@nestjs/mongoose';
+import { IsOptional } from 'class-validator';
 import { Document, Schema } from 'mongoose';
+import { Restricted } from '../../../core/common/decorators/restricted.decorator';
 import { RoleEnum } from '../../../core/common/enums/role.enum';
 import { CoreUserModel } from '../../../core/modules/user/core-user.model';
 import { PersistenceModel } from '../../common/models/persistence.model';
@@ -11,6 +13,7 @@ export type UserDocument = Document & User;
 /**
  * User model
  */
+@Restricted(RoleEnum.ADMIN)
 @ObjectType({ description: 'User' })
 @MongooseSchema({ timestamps: true })
 export class User extends CoreUserModel implements PersistenceModel {
@@ -21,6 +24,7 @@ export class User extends CoreUserModel implements PersistenceModel {
   /**
    * URL to avatar file of the user
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field({ description: 'URL to avatar file of the user', nullable: true })
   @Prop()
   avatar: string = undefined;
@@ -30,6 +34,7 @@ export class User extends CoreUserModel implements PersistenceModel {
    *
    * Not set when created by system
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field(() => String, {
     description: 'ID of the user who created the object',
     nullable: true,
@@ -37,11 +42,21 @@ export class User extends CoreUserModel implements PersistenceModel {
   @Prop({ ref: 'User', type: Schema.Types.ObjectId })
   createdBy: string = undefined;
+  /**
+   * Roles of the user
+   */
+  @Restricted(RoleEnum.S_EVERYONE)
+  @Field(type => [String], { description: 'Roles of the user', nullable: true })
+  @IsOptional()
+  @Prop([String])
+  override roles: string[] = undefined;
   /**
    * ID of the user who updated the object
    *
    * Not set when updated by system
    */
+  @Restricted(RoleEnum.S_USER)
   @Field(() => String, {
     description: 'ID of the user who last updated the object',
     nullable: true,

package/src/server/server.controller.ts CHANGED Viewed

@@ -2,10 +2,12 @@ import { Controller, Get, Render } from '@nestjs/common';
 import { ConfigService, RoleEnum, Roles } from '..';
+@Roles(RoleEnum.ADMIN)
 @Controller()
 export class ServerController {
   constructor(protected configService: ConfigService) {}
+  @Roles(RoleEnum.S_EVERYONE)
   @Get()
   @Render('index')
   root() {

package/src/test/test.helper.ts CHANGED Viewed

@@ -125,6 +125,7 @@ export interface TestGraphQLOptions {
  */
 export interface TestRestOptions {
   attachments?: Record<string, string>;
+  headers?: Record<string, string>;
   log?: boolean;
   logError?: boolean;
   method?: 'DELETE' | 'GET' | 'PATCH' | 'POST' | 'PUT';
@@ -320,6 +321,7 @@ export class TestHelper {
     // Request configuration
     const requestConfig: any = {
+      headers: config.headers,
       method: config.method,
       url,
     };
@@ -435,7 +437,7 @@ export class TestHelper {
   ): Promise<any> {
     // Token
     if (token) {
-      requestConfig.headers = { authorization: `Bearer ${token}` };
+      requestConfig.headers = { authorization: `Bearer ${token}`, ...(requestConfig.headers || {}) };
     }
     // Init response
@@ -465,6 +467,13 @@ export class TestHelper {
       request.set('Authorization', `bearer ${token}`);
     }
+    // Headers
+    if (requestConfig.headers) {
+      for (const [key, value] of Object.entries(requestConfig.headers)) {
+        request.set(key, value);
+      }
+    }
     // Process variables (incl. attachments for GraphQL)
     if (variables) {
       request = this.processVariables(request, variables, (requestConfig.payload as any)?.query);