npm - @lenne.tech/nest-server - Versions diffs - 2.0.1 → 3.0.0 - Mend

@lenne.tech/nest-server 2.0.1 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (126) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@lenne.tech/nest-server",
-  "version": "2.0.1",
+  "version": "3.0.0",
   "description": "Modern, fast, powerful Node.js web framework in TypeScript based on Nest with a GraphQL API and a connection to MongoDB (or other databases).",
   "keywords": [
     "node",
@@ -49,82 +49,72 @@
     "url": "https://github.com/lenneTech/nest-server/issues"
   },
   "engines": {
-    "node": ">= 14.17.0"
-  },
-  "peerDependencies": {
-    "@nestjs/testing": "8.0.6",
-    "@nestjs/core": "8.0.6",
-    "@nestjs/common": "8.0.6",
-    "@nestjs/graphql": "9.0.2",
-    "@nestjs/jwt": "8.0.0",
-    "@nestjs/mongoose": "8.0.1",
-    "@nestjs/passport": "8.0.1",
-    "@nestjs/platform-express": "8.0.6"
+    "node": ">= 16.13.0"
   },
   "dependencies": {
-    "@apollo/federation": "0.29.0",
-    "@apollo/gateway": "0.38.0",
-    "@nestjs/testing": "8.0.6",
-    "@nestjs/core": "8.0.6",
-    "@nestjs/common": "8.0.6",
-    "@nestjs/graphql": "9.0.2",
+    "@apollo/federation": "0.33.9",
+    "@apollo/gateway": "0.42.3",
+    "@nestjs/common": "8.2.6",
+    "@nestjs/core": "8.2.6",
+    "@nestjs/graphql": "9.1.2",
     "@nestjs/jwt": "8.0.0",
-    "@nestjs/mongoose": "8.0.1",
-    "@nestjs/passport": "8.0.1",
-    "@nestjs/platform-express": "8.0.6",
+    "@nestjs/mongoose": "9.0.2",
+    "@nestjs/passport": "8.1.0",
+    "@nestjs/platform-express": "8.2.6",
+    "@nestjs/testing": "8.2.6",
     "@types/ejs": "3.1.0",
-    "@types/jest": "27.0.1",
-    "@types/lodash": "4.14.172",
+    "@types/jest": "27.4.0",
+    "@types/lodash": "4.14.178",
     "@types/multer": "1.4.7",
-    "@types/node": "14.14.37",
+    "@types/node": "16.11.21",
     "@types/nodemailer": "6.4.4",
     "@types/passport": "1.0.7",
     "@types/supertest": "2.0.11",
-    "@typescript-eslint/eslint-plugin": "4.29.2",
-    "@typescript-eslint/parser": "4.29.2",
-    "apollo-server-core": "3.1.2",
-    "apollo-server-express": "3.1.2",
+    "@typescript-eslint/eslint-plugin": "5.10.0",
+    "@typescript-eslint/parser": "5.10.0",
+    "apollo-server-core": "3.6.2",
+    "apollo-server-express": "3.6.2",
     "bcrypt": "5.0.1",
-    "class-transformer": "0.4.0",
-    "class-validator": "0.13.1",
-    "coffeescript": "2.5.1",
+    "class-transformer": "0.5.1",
+    "class-validator": "0.13.2",
+    "coffeescript": "2.6.1",
     "ejs": "3.1.6",
-    "fastify": "3.20.2",
-    "graphql": "15.5.1",
-    "graphql-subscriptions": "1.2.1",
+    "fastify": "3.27.0",
+    "graphql": "15.8.0",
+    "graphql-subscriptions": "2.0.0",
     "grunt": "1.4.1",
     "grunt-bg-shell": "2.3.3",
     "grunt-contrib-clean": "2.0.0",
     "grunt-contrib-watch": "1.1.0",
     "grunt-sync": "0.8.2",
-    "husky": "7.0.0",
-    "jest": "27.0.6",
-    "json-to-graphql-query": "2.1.0",
-    "light-my-request": "4.4.4",
+    "husky": "7.0.4",
+    "jest": "27.4.7",
+    "json-to-graphql-query": "2.2.0",
+    "light-my-request": "4.7.0",
     "lodash": "4.17.21",
-    "mongoose": "5.13.8",
-    "multer": "1.4.3",
-    "nodemailer": "6.6.3",
-    "nodemon": "2.0.12",
-    "passport": "0.4.1",
+    "mongoose": "6.1.7",
+    "multer": "1.4.4",
+    "nodemailer": "6.7.2",
+    "nodemon": "2.0.15",
+    "passport": "0.5.2",
     "passport-jwt": "4.0.0",
     "reflect-metadata": "0.1.13",
     "rimraf": "3.0.2",
-    "rxjs": "7.3.0",
-    "supertest": "6.1.6",
-    "ts-morph": "11.0.3",
-    "ts-node": "9.1.1",
-    "tsconfig-paths": "3.10.1"
+    "rxjs": "7.5.2",
+    "supertest": "6.2.2",
+    "ts-morph": "13.0.3",
+    "ts-node": "10.4.0",
+    "tsconfig-paths": "3.12.0"
   },
   "devDependencies": {
-    "eslint": "7.32.0",
+    "eslint": "8.7.0",
     "eslint-config-prettier": "8.3.0",
     "find-file-up": "2.0.1",
-    "pm2": "5.1.0",
-    "prettier": "2.3.2",
-    "pretty-quick": "3.1.1",
-    "ts-jest": "27.0.5",
-    "typescript": "4.3.5"
+    "pm2": "5.1.2",
+    "prettier": "2.5.1",
+    "pretty-quick": "3.1.3",
+    "ts-jest": "27.1.3",
+    "typescript": "4.5.5"
   },
   "jest": {
     "collectCoverage": true,

package/src/core/common/helpers/service.helper.ts CHANGED Viewed

@@ -1,4 +1,7 @@
+import { UnauthorizedException } from '@nestjs/common';
 import * as bcrypt from 'bcrypt';
+import * as _ from 'lodash';
+import { RoleEnum } from '../enums/role.enum';
 /**
  * Helper class for services
@@ -9,13 +12,15 @@ export class ServiceHelper {
    */
   static async prepareInput(
     input: { [key: string]: any },
-    currentUser: { id: string },
+    currentUser: { [key: string]: any; id: string },
     options: { [key: string]: any; create?: boolean; clone?: boolean } = {},
     ...args: any[]
   ) {
     // Configuration
     const config = {
+      checkRoles: true,
       clone: false,
+      create: false,
       ...options,
     };
@@ -24,7 +29,21 @@ export class ServiceHelper {
       input = JSON.parse(JSON.stringify(input));
     }
-    // Has password
+    // Process roles
+    if (input.roles && config.checkRoles && (!currentUser?.hasRole || !currentUser.hasRole(RoleEnum.ADMIN))) {
+      if (!(currentUser as any)?.roles) {
+        throw new UnauthorizedException('Missing roles of current user');
+      } else {
+        const allowedRoles = _.intersection(input.roles, (currentUser as any).roles);
+        if (allowedRoles.length !== input.roles.length) {
+          const missingRoles = _.difference(input.roles, (currentUser as any).roles);
+          throw new UnauthorizedException('Current user not allowed setting roles: ' + missingRoles);
+        }
+        input.roles = allowedRoles;
+      }
+    }
+    // Hash password
     if (input.password) {
       input.password = await bcrypt.hash((input as any).password, 10);
     }

package/src/core/common/models/core-persistence.model.ts CHANGED Viewed

@@ -19,7 +19,7 @@ export abstract class CorePersistenceModel {
   // Getter
   // ===========================================================================
   get _id() {
-    return mongoose.Types.ObjectId(this.id);
+    return new mongoose.Types.ObjectId(this.id);
   }
   // ===========================================================================

package/src/core/common/services/config.service.ts CHANGED Viewed

@@ -14,20 +14,22 @@ export class ConfigService {
    * Create config service
    */
   constructor(config: { [key: string]: any } & Partial<IServerOptions>) {
-    this._config = config;
+    this._config = config || {};
   }
   /**
-   * Get config
+   * Get config (deep cloned to avoid unwanted side effects)
    */
   get config() {
     return _.cloneDeep(this._config);
   }
   /**
-   * Get data from config
+   * Get data from config (deep cloned to avoid unwanted side effects)
+   * @param key Property name of config object, which is to be returned
+   * @param defaultValue Default value which is to be returned if property doesn't exist
    */
-  get(key: string) {
-    return _.cloneDeep(_.get(this._config, key, undefined));
+  get(key: string, defaultValue: any = undefined) {
+    return _.cloneDeep(_.get(this._config, key, defaultValue));
   }
 }

package/src/core/modules/auth/core-auth.module.ts CHANGED Viewed

@@ -6,6 +6,7 @@ import { RolesGuard } from './guards/roles.guard';
 import { JwtStrategy } from './jwt.strategy';
 import { CoreAuthUserService } from './services/core-auth-user.service';
 import { CoreAuthService } from './services/core-auth.service';
+import { PubSub } from 'graphql-subscriptions';
 /**
  * CoreAuthModule to handle user authentication and enables Roles
@@ -34,6 +35,10 @@ export class CoreAuthModule {
           provide: CoreAuthUserService,
           useClass: UserService,
         },
+        {
+          provide: 'PUB_SUB',
+          useValue: new PubSub(),
+        },
         // Standard services
         CoreAuthService,

package/src/core/modules/auth/guards/auth.guard.ts CHANGED Viewed

@@ -58,6 +58,11 @@ function createAuthGuard(type?: string): Type<CanActivate> {
      * Integrate options
      */
     async canActivate(context: ExecutionContext): Promise<boolean> {
+      const args = context.getArgs();
+      if (args.length > 0 && args[args.length - 1]?.operation?.operation === 'subscription') {
+        return true;
+      }
       const options = { ...defaultOptions, ...this.options };
       const response = context?.switchToHttp()?.getResponse();
       let request = this.getRequest(context);

package/src/core/modules/user/core-basic-user.service.ts CHANGED Viewed

@@ -16,9 +16,9 @@ const pubSub = new PubSub();
  * User service
  */
 export abstract class CoreBasicUserService<
-  TUser = CoreUserModel,
-  TUserInput = CoreUserInput,
-  TUserCreateInput = CoreUserCreateInput
+  TUser extends CoreUserModel,
+  TUserInput extends CoreUserInput,
+  TUserCreateInput extends CoreUserCreateInput
 > {
   protected readonly model: ICorePersistenceModel;

package/src/core/modules/user/core-user.service.ts CHANGED Viewed

@@ -1,13 +1,20 @@
-import { NotFoundException, UnprocessableEntityException } from '@nestjs/common';
+import {
+  BadRequestException,
+  NotFoundException,
+  UnauthorizedException,
+  UnprocessableEntityException,
+} from '@nestjs/common';
 import * as bcrypt from 'bcrypt';
 import { PubSub } from 'graphql-subscriptions';
 import { FilterArgs } from '../../common/args/filter.args';
+import { RoleEnum } from '../../common/enums/role.enum';
 import { Filter } from '../../common/helpers/filter.helper';
 import { CoreBasicUserService } from './core-basic-user.service';
 import { CoreUserModel } from './core-user.model';
 import { CoreUserCreateInput } from './inputs/core-user-create.input';
 import { CoreUserInput } from './inputs/core-user.input';
 import { Model } from 'mongoose';
+import * as _ from 'lodash';
 // Subscription
 const pubSub = new PubSub();
@@ -16,9 +23,9 @@ const pubSub = new PubSub();
  * User service
  */
 export abstract class CoreUserService<
-  TUser = CoreUserModel,
-  TUserInput = CoreUserInput,
-  TUserCreateInput = CoreUserCreateInput
+  TUser extends CoreUserModel,
+  TUserInput extends CoreUserInput,
+  TUserCreateInput extends CoreUserCreateInput
 > extends CoreBasicUserService<TUser, TUserInput, TUserCreateInput> {
   protected constructor(protected readonly userModel: Model<any>) {
     super(userModel);
@@ -108,6 +115,24 @@ export abstract class CoreUserService<
     );
   }
+  /**
+   * Set roles for specified user
+   */
+  async setRoles(userId: string, roles: string[]): Promise<TUser> {
+    // Check roles
+    if (!Array.isArray(roles)) {
+      throw new BadRequestException('Missing roles');
+    }
+    // Check roles values
+    if (roles.some((role) => typeof role !== 'string')) {
+      throw new BadRequestException('roles contains invalid values');
+    }
+    // Update and return user
+    return this.userModel.findByIdAndUpdate(userId, { roles }).exec();
+  }
   /**
    * Update user via ID
    */
@@ -144,22 +169,37 @@ export abstract class CoreUserService<
    */
   protected async prepareInput(
     input: { [key: string]: any },
-    currentUser: TUser,
-    options: { [key: string]: any; create?: boolean; clone?: boolean } = {},
+    currentUser?: TUser,
+    options: { [key: string]: any; checkRoles?: boolean; clone?: boolean } = {},
     ...args: any[]
   ) {
     // Configuration
     const config = {
+      checkRoles: true,
       clone: false,
       ...options,
     };
-    // Clone output
+    // Clone input
     if (config.clone) {
       input = JSON.parse(JSON.stringify(input));
     }
-    // Has password
+    // Process roles
+    if (input.roles && config.checkRoles && (!currentUser?.hasRole || !currentUser.hasRole(RoleEnum.ADMIN))) {
+      if (!(currentUser as any)?.roles) {
+        throw new UnauthorizedException('Missing roles of current user');
+      } else {
+        const allowedRoles = _.intersection(input.roles, (currentUser as any).roles);
+        if (allowedRoles.length !== input.roles.length) {
+          const missingRoles = _.difference(input.roles, (currentUser as any).roles);
+          throw new UnauthorizedException('Current user not allowed setting roles: ' + missingRoles);
+        }
+        input.roles = allowedRoles;
+      }
+    }
+    // Hash password
     if (input.password) {
       input.password = await bcrypt.hash((input as any).password, 10);
     }

package/src/core.module.ts CHANGED Viewed

@@ -41,6 +41,14 @@ export class CoreModule {
           autoSchemaFile: 'schema.gql',
           context: ({ req }) => ({ req }),
           installSubscriptionHandlers: true,
+          subscriptions: {
+            'subscriptions-transport-ws': {
+              onConnect: (connectionParams) => {
+                // TODO: Handle Authorization
+                const authToken = connectionParams.Authorization;
+              },
+            },
+          },
         },
         port: 3000,
         mongoose: {

package/src/server/modules/user/user.module.ts CHANGED Viewed

@@ -5,6 +5,7 @@ import { User, UserSchema } from './user.model';
 import { UserResolver } from './user.resolver';
 import { UserService } from './user.service';
 import { MongooseModule } from '@nestjs/mongoose';
+import { PubSub } from 'graphql-subscriptions';
 /**
  * User module
@@ -12,7 +13,15 @@ import { MongooseModule } from '@nestjs/mongoose';
 @Module({
   imports: [MongooseModule.forFeature([{ name: User.name, schema: UserSchema }])],
   controllers: [AvatarController],
-  providers: [JSON, UserResolver, UserService],
+  providers: [
+    JSON,
+    UserResolver,
+    UserService,
+    {
+      provide: 'PUB_SUB',
+      useValue: new PubSub(),
+    },
+  ],
   exports: [MongooseModule, UserResolver, UserService],
 })
 export class UserModule {}

package/src/server/modules/user/user.resolver.ts CHANGED Viewed

@@ -10,9 +10,7 @@ import { UserCreateInput } from './inputs/user-create.input';
 import { UserInput } from './inputs/user.input';
 import { User } from './user.model';
 import { UserService } from './user.service';
-// Subscription
-const pubSub = new PubSub();
+import { Inject } from '@nestjs/common';
 /**
  * Resolver to process with user data
@@ -22,7 +20,7 @@ export class UserResolver {
   /**
    * Import services
    */
-  constructor(protected readonly usersService: UserService) {}
+  constructor(protected readonly usersService: UserService, @Inject('PUB_SUB') protected readonly pubSub: PubSub) {}
   // ===========================================================================
   // Queries
@@ -96,9 +94,10 @@ export class UserResolver {
   /**
    * Subscritption for create user
    */
-  @Roles(RoleEnum.ADMIN)
-  @Subscription((returns) => User)
-  userCreated() {
-    return pubSub.asyncIterator('userCreated');
+  @Subscription((returns) => User, {
+    resolve: (value) => value,
+  })
+  async userCreated() {
+    return this.pubSub.asyncIterator('userCreated');
   }
 }

package/src/server/modules/user/user.service.ts CHANGED Viewed

@@ -1,7 +1,6 @@
-import { Injectable, UnauthorizedException, UnprocessableEntityException } from '@nestjs/common';
+import { Inject, Injectable, UnauthorizedException, UnprocessableEntityException } from '@nestjs/common';
 import * as fs from 'fs';
 import { GraphQLResolveInfo } from 'graphql';
-import { PubSub } from 'graphql-subscriptions';
 import envConfig from '../../../config.env';
 import { FilterArgs } from '../../../core/common/args/filter.args';
 import { Filter } from '../../../core/common/helpers/filter.helper';
@@ -15,9 +14,7 @@ import { User } from './user.model';
 import { InjectModel } from '@nestjs/mongoose';
 import { Model } from 'mongoose';
 import { ICorePersistenceModel } from '../../../core/common/interfaces/core-persistence-model.interface';
-// Subscription
-const pubSub = new PubSub();
+import { PubSub } from 'graphql-subscriptions';
 /**
  * User service
@@ -42,7 +39,8 @@ export class UserService extends CoreUserService<User, UserInput, UserCreateInpu
   constructor(
     protected readonly configService: ConfigService,
     protected readonly emailService: EmailService,
-    @InjectModel('User') protected readonly userModel: Model<User>
+    @InjectModel('User') protected readonly userModel: Model<User>,
+    @Inject('PUB_SUB') protected readonly pubSub: PubSub
   ) {
     super(userModel);
     this.model = User;
@@ -58,6 +56,7 @@ export class UserService extends CoreUserService<User, UserInput, UserCreateInpu
   async create(input: UserCreateInput, currentUser?: User, ...args: any[]): Promise<User> {
     const user = await super.create(input, currentUser);
     const text = `Welcome ${user.firstName}, this is plain text from server.`;
+    await this.pubSub.publish('userCreated', User.map(user));
     await this.emailService.sendMail(user.email, 'Welcome', {
       htmlTemplate: 'welcome',
       templateData: user,