@lenne.tech/nest-server 8.0.2 → 8.3.0

package/src/core/common/pipes/map-and-validate.pipe.ts

@@ -1,14 +1,14 @@
 import { PipeTransform, Injectable, ArgumentMetadata, BadRequestException } from '@nestjs/common';
 import { plainToInstance } from 'class-transformer';
 import { validate } from 'class-validator';
-import { InputHelper } from '../helpers/input.helper';
+import { isBasicType } from '../helpers/input.helper';
 
 @Injectable()
 export class MapAndValidatePipe implements PipeTransform {
   async transform(value: any, metadata: ArgumentMetadata) {
     const { metatype } = metadata;
 
-    if (typeof value !== 'object' || !metatype || InputHelper.isBasicType(metatype)) {
+    if (typeof value !== 'object' || !metatype || isBasicType(metatype)) {
       return value;
     }
 

package/src/core/common/services/crud.service.ts

@@ -0,0 +1,100 @@
+import { NotFoundException } from '@nestjs/common';
+import { FilterArgs } from '../args/filter.args';
+import { merge } from '../helpers/config.helper';
+import { convertFilterArgsToQuery } from '../helpers/filter.helper';
+import { ServiceOptions } from '../interfaces/service-options.interface';
+import { CoreModel } from '../models/core-model.model';
+import { ModuleService } from './module.service';
+
+export abstract class CrudService<T extends CoreModel = any> extends ModuleService<T> {
+  /**
+   * Create item
+   */
+  async create(input: any, serviceOptions?: ServiceOptions): Promise<T> {
+    merge({ prepareInput: { create: true } }, serviceOptions);
+    return this.process(
+      async (data) => {
+        return new this.mainDbModel({ ...data.input }).save();
+      },
+      { input, serviceOptions }
+    );
+  }
+
+  /**
+   * Get item by ID
+   */
+  async get(id: string, serviceOptions?: ServiceOptions): Promise<T> {
+    const dbObject = await this.mainDbModel.findById(id).exec();
+    if (!dbObject) {
+      throw new NotFoundException(`No ${this.mainModelConstructor.name} found with ID: ${id}`);
+    }
+    return this.process(async () => dbObject, { dbObject, serviceOptions });
+  }
+
+  /**
+   * Get items via filter
+   */
+  async find(filterArgs?: FilterArgs, serviceOptions?: ServiceOptions): Promise<T[]> {
+    return this.process(
+      async (data) => {
+        const filterQuery = convertFilterArgsToQuery(data.input);
+        return this.mainDbModel.find(filterQuery[0], null, filterQuery[1]).exec();
+      },
+      { input: filterArgs, serviceOptions }
+    );
+  }
+
+  /**
+   * CRUD alias for get
+   */
+  async read(id: string, serviceOptions?: ServiceOptions): Promise<T>;
+
+  /**
+   * CRUD alias for find
+   */
+  async read(filterArgs?: FilterArgs, serviceOptions?: ServiceOptions): Promise<T[]>;
+
+  /**
+   * CRUD alias for get or find
+   */
+  async read(input: string | FilterArgs, serviceOptions?: ServiceOptions): Promise<T | T[]> {
+    if (typeof input === 'string') {
+      return this.get(input, serviceOptions);
+    } else {
+      return this.find(input, serviceOptions);
+    }
+  }
+
+  /**
+   * Update item via ID
+   */
+  async update(id: string, input: any, serviceOptions?: ServiceOptions): Promise<T> {
+    const dbObject = await this.mainDbModel.findById(id).exec();
+    if (!dbObject) {
+      throw new NotFoundException(`No ${this.mainModelConstructor.name} found with ID: ${id}`);
+    }
+    return this.process(
+      async (data) => {
+        return await Object.assign(dbObject, data.input).save();
+      },
+      { dbObject, input, serviceOptions }
+    );
+  }
+
+  /**
+   * Delete item via ID
+   */
+  async delete(id: string, serviceOptions?: ServiceOptions): Promise<T> {
+    const dbObject = await this.mainDbModel.findById(id).exec();
+    if (!dbObject) {
+      throw new NotFoundException(`No ${this.mainModelConstructor.name} found with ID: ${id}`);
+    }
+    return this.process(
+      async (data) => {
+        await this.mainDbModel.findByIdAndDelete(id).exec();
+        return dbObject;
+      },
+      { dbObject, input: id, serviceOptions }
+    );
+  }
+}

package/src/core/common/services/email.service.ts

@@ -1,7 +1,7 @@
 import { Injectable } from '@nestjs/common';
 import * as nodemailer from 'nodemailer';
 import { Attachment } from 'nodemailer/lib/mailer';
-import { InputHelper } from '../helpers/input.helper';
+import { isNonEmptyString, isTrue, returnFalse } from '../helpers/input.helper';
 import { ConfigService } from './config.service';
 import { TemplateService } from './template.service';
 
@@ -43,10 +43,10 @@ export class EmailService {
     let text = config.text;
 
     // Check parameter
-    InputHelper.isTrue(recipients);
-    InputHelper.isNonEmptyString(subject);
-    InputHelper.isNonEmptyString(senderName);
-    InputHelper.isNonEmptyString(senderEmail);
+    isTrue(recipients);
+    isNonEmptyString(subject);
+    isNonEmptyString(senderName);
+    isNonEmptyString(senderEmail);
 
     // Process text template
     if (htmlTemplate) {
@@ -59,11 +59,11 @@ export class EmailService {
     }
 
     // Check if at lest one of text or html is set
-    if (!InputHelper.isNonEmptyString(html, InputHelper.returnFalse)) {
-      InputHelper.isNonEmptyString(text);
+    if (!isNonEmptyString(html, returnFalse)) {
+      isNonEmptyString(text);
     }
-    if (!InputHelper.isNonEmptyString(text, InputHelper.returnFalse)) {
-      InputHelper.isNonEmptyString(html);
+    if (!isNonEmptyString(text, returnFalse)) {
+      isNonEmptyString(html);
     }
 
     // Init transporter

package/src/core/common/services/module.service.ts

@@ -0,0 +1,188 @@
+import { Document, Model, Types } from 'mongoose';
+import { getStringIds, popAndMap } from '../helpers/db.helper';
+import { check } from '../helpers/input.helper';
+import { prepareInput, prepareOutput } from '../helpers/service.helper';
+import { ServiceOptions } from '../interfaces/service-options.interface';
+import { CoreModel } from '../models/core-model.model';
+import { FieldSelection } from '../types/field-selection.type';
+import { IdsType } from '../types/ids.type';
+
+/**
+ * Module service class to be extended by concrete module services
+ */
+export abstract class ModuleService<T extends CoreModel = any> {
+  /**
+   * Main model constructor of the service, will be used as default for populate and mapping
+   */
+  protected mainModelConstructor: new (...args: any[]) => T;
+
+  /**
+   * Main DB model of the service, will be used as default for populate and mapping
+   */
+  protected mainDbModel: Model<T & Document>;
+
+  /**
+   * Set main properties
+   */
+  protected constructor(options?: {
+    mainDbModel: Model<T & Document>;
+    mainModelConstructor?: new (...args: any[]) => T;
+  }) {
+    this.mainDbModel = options?.mainDbModel;
+    this.mainModelConstructor = options?.mainModelConstructor;
+  }
+
+  /**
+   * Check rights of current user for input
+   */
+  checkRights(
+    input: any,
+    currentUser: { id: any; hasRole: (roles: string[]) => boolean },
+    options?: {
+      creator?: IdsType;
+      metatype?: any;
+      ownerIds?: IdsType;
+      roles?: string | string[];
+      throwError?: boolean;
+    }
+  ): Promise<any> {
+    const config = {
+      metatype: this.mainModelConstructor,
+      ...options,
+    };
+    return check(input, currentUser, config);
+  }
+
+  /**
+   * Get function to get Object via ID, necessary for checkInput
+   */
+  abstract get(id: any, ...args: any[]): any;
+
+  /**
+   * Run service function with pre- and post-functions
+   */
+  async process(
+    serviceFunc: (options?: { [key: string]: any; input?: any; serviceOptions?: ServiceOptions }) => any,
+    options?: {
+      [key: string]: any;
+      dbObject?: string | Types.ObjectId | any;
+      input?: any;
+      serviceOptions?: ServiceOptions;
+    }
+  ) {
+    // Configuration with default values
+    const config = {
+      checkRights: true,
+      dbObject: options?.dbObject,
+      input: options?.input,
+      processFieldSelection: {},
+      prepareInput: {},
+      prepareOutput: {},
+      pubSub: true,
+      ...options?.serviceOptions,
+    };
+
+    // Prepare input
+    if (config.prepareInput && this.prepareInput) {
+      await this.prepareInput(config.input, config.prepareInput);
+    }
+
+    // Get DB object
+    const getDbObject = async () => {
+      if (config.dbObject) {
+        if (typeof config.dbObject === 'string' || config.dbObject instanceof Types.ObjectId) {
+          const dbObject = await this.get(getStringIds(config.dbObject));
+          if (dbObject) {
+            config.dbObject = dbObject;
+          }
+        }
+      }
+      return config.dbObject;
+    };
+
+    // Get owner IDs
+    let ownerIds = undefined;
+    if (config.checkRights && this.checkRights) {
+      ownerIds = getStringIds(config.ownerIds);
+      if (!ownerIds?.length) {
+        ownerIds = (await getDbObject())?.ownerIds;
+      }
+    }
+
+    // Check rights for input
+    if (config.input && config.checkRights && this.checkRights) {
+      const opts: any = { creator: (await getDbObject())?.createdBy, ownerIds, roles: config.roles };
+      if (config.inputType) {
+        opts.metatype = config.resultType;
+      }
+      config.input = await this.checkRights(config.input, config.currentUser as any, opts);
+    }
+
+    // Run service function
+    let result = await serviceFunc(config);
+
+    // Pop and map main model
+    if (config.processFieldSelection && config.fieldSelection && this.processFieldSelection) {
+      await this.processFieldSelection(result, config.fieldSelection, config.processFieldSelection);
+    }
+
+    // Prepare output
+    if (config.prepareOutput && this.prepareOutput) {
+      // Check if mapping is already done by processFieldSelection
+      if (config.processFieldSelection && config.fieldSelection && this.processFieldSelection) {
+        config.prepareOutput.targetModel = null;
+      }
+      result = await this.prepareOutput(result, config.prepareOutput);
+    }
+
+    // Check output rights
+    if (config.checkRights && this.checkRights) {
+      const opts: any = { creator: (await getDbObject())?.createdBy, ownerIds, roles: config.roles, throwError: false };
+      if (config.resultType) {
+        opts.metatype = config.resultType;
+      }
+      result = await this.checkRights(result, config.currentUser as any, opts);
+    }
+
+    // Return (prepared) result
+    return result;
+  }
+
+  /**
+   * Prepare input before save
+   */
+  async prepareInput(input: Record<string, any>, options: ServiceOptions = {}) {
+    return prepareInput(input, options.currentUser, options.prepareInput);
+  }
+
+  /**
+   * Prepare output before return
+   */
+  async prepareOutput(output: any, options: ServiceOptions = {}) {
+    const config = {
+      targetModel: this.mainModelConstructor,
+      ...options?.prepareOutput,
+    };
+    return prepareOutput(output, config);
+  }
+
+  /**
+   * Process fieldSelection
+   * @protected
+   */
+  async processFieldSelection(
+    data: any,
+    fieldsSelection: FieldSelection,
+    options: {
+      model?: new (...args: any[]) => T;
+      dbModel?: Model<T & Document>;
+    } = {}
+  ) {
+    const config = {
+      model: this.mainModelConstructor,
+      dbModel: this.mainDbModel,
+      ...options,
+    };
+    return popAndMap(data, fieldsSelection, config.model, config.dbModel);
+  }
+}

package/src/core/common/types/core-model-constructor.type.ts

@@ -0,0 +1,30 @@
+import { CoreModel } from '../models/core-model.model';
+
+export type CoreModelConstructor<T extends CoreModel> = {
+  new (): T;
+  init(this: new (...args: any[]) => T, ...args: any[]): T;
+  map(
+    this: new (...args: any[]) => T,
+    data: Partial<T> | Record<string, any>,
+    options?: {
+      [key: string]: any;
+      cloneDeep?: boolean;
+      funcAllowed?: boolean;
+      init?: any;
+      item?: T;
+      mapId?: boolean;
+    }
+  ): T;
+  mapDeep(
+    this: new (...args: any[]) => T,
+    data: Partial<T> | Record<string, any>,
+    options: {
+      [key: string]: any;
+      cloneDeep?: boolean;
+      funcAllowed?: boolean;
+      init?: any;
+      item?: T;
+      mapId?: boolean;
+    }
+  ): T;
+};

package/src/core/common/types/field-selection.type.ts

@@ -0,0 +1,8 @@
+import { SelectionNode } from 'graphql';
+import { PopulateOptions } from 'mongoose';
+import { ResolveSelector } from '../interfaces/resolve-selector.interface';
+
+/**
+ * Field selection to set fields of (populated) result
+ */
+export type FieldSelection = PopulateOptions[] | SelectionNode[] | ResolveSelector;

package/src/core/common/types/ids.type.ts

@@ -0,0 +1,7 @@
+import { Types } from 'mongoose';
+
+export type IdsType =
+  | string
+  | Types.ObjectId
+  | { id?: string | Types.ObjectId; _id?: string | Types.ObjectId }
+  | (string | Types.ObjectId | { id?: string | Types.ObjectId; _id?: string | Types.ObjectId })[];

package/src/core/common/types/string-or-object-id.type.ts

@@ -0,0 +1,3 @@
+import { Types } from 'mongoose';
+
+export type StringOrObjectId = string | Types.ObjectId | any;

package/src/core/modules/auth/core-auth.module.ts

@@ -25,7 +25,7 @@ export class CoreAuthModule {
       providers?: Provider[];
     }
   ): DynamicModule {
-    // Porcess imports
+    // Process imports
     let imports: any[] = [UserModule, PassportModule.register({ defaultStrategy: 'jwt' }), JwtModule.register(options)];
     if (Array.isArray(options?.imports)) {
       imports = imports.concat(options.imports);

package/src/core/modules/auth/core-auth.resolver.ts

@@ -1,4 +1,5 @@
-import { Args, Query, Resolver } from '@nestjs/graphql';
+import { Args, Info, Query, Resolver } from '@nestjs/graphql';
+import { GraphQLResolveInfo } from 'graphql';
 import { CoreAuthModel } from './core-auth.model';
 import { CoreAuthService } from './services/core-auth.service';
 
@@ -20,7 +21,11 @@ export class CoreAuthResolver {
    * Get user via ID
    */
   @Query((returns) => CoreAuthModel, { description: 'Get JWT token' })
-  async signIn(@Args('email') email: string, @Args('password') password: string): Promise<Partial<CoreAuthModel>> {
-    return await this.authService.signIn(email, password);
+  async signIn(
+    @Args('email') email: string,
+    @Args('password') password: string,
+    @Info() info: GraphQLResolveInfo
+  ): Promise<Partial<CoreAuthModel>> {
+    return await this.authService.signIn(email, password, { fieldSelection: { info, select: 'signIn' } });
   }
 }

package/src/core/modules/auth/guards/roles.guard.ts

@@ -1,4 +1,4 @@
-import { ExecutionContext, Injectable, UnauthorizedException } from '@nestjs/common';
+import { ExecutionContext, Inject, Injectable, UnauthorizedException } from '@nestjs/common';
 import { Reflector } from '@nestjs/core';
 import { GqlExecutionContext } from '@nestjs/graphql';
 import { RoleEnum } from '../../../common/enums/role.enum';
@@ -8,7 +8,8 @@ import { AuthGuard } from './auth.guard';
  * Role guard
  *
  * The RoleGuard is activated by the Role decorator. It checks whether the current user has at least one of the
- * specified roles. If this is not the case, an UnauthorizedException is thrown.
+ * specified roles or is logged in when the S_USER role is set.
+ * If this is not the case, an UnauthorizedException is thrown.
  */
 @Injectable()
 export class RolesGuard extends AuthGuard('jwt') {
@@ -41,11 +42,8 @@ export class RolesGuard extends AuthGuard('jwt') {
       // Get args
       const args: any = GqlExecutionContext.create(context).getArgs();
 
-      // Check special role for user or owner
-      if (
-        user &&
-        (roles.includes(RoleEnum.USER) || (roles.includes(RoleEnum.OWNER) && user.id.toString() === args.id))
-      ) {
+      // Check special user role (user is logged in)
+      if (user && roles.includes(RoleEnum.S_USER)) {
         return user;
       }
 

package/src/core/modules/auth/services/core-auth-user.service.ts

@@ -1,3 +1,4 @@
+import { ServiceOptions } from '../../../common/interfaces/service-options.interface';
 import { ICoreAuthUser } from '../interfaces/core-auth-user.interface';
 
 /**
@@ -7,5 +8,10 @@ export abstract class CoreAuthUserService {
   /**
    * Get user via email
    */
-  abstract getViaEmail(email: string): Promise<ICoreAuthUser>;
+  abstract getViaEmail(email: string, serviceOptions?: ServiceOptions): Promise<ICoreAuthUser>;
+
+  /**
+   * Prepare output
+   */
+  abstract prepareOutput(output: any, options?: ServiceOptions): Promise<ICoreAuthUser>;
 }

package/src/core/modules/auth/services/core-auth.service.ts

@@ -1,6 +1,8 @@
 import { Injectable, UnauthorizedException } from '@nestjs/common';
 import { JwtService } from '@nestjs/jwt';
 import * as bcrypt from 'bcrypt';
+import { merge } from '../../../common/helpers/config.helper';
+import { ServiceOptions } from '../../../common/interfaces/service-options.interface';
 import { ICoreAuthUser } from '../interfaces/core-auth-user.interface';
 import { JwtPayload } from '../interfaces/jwt-payload.interface';
 import { CoreAuthUserService } from './core-auth-user.service';
@@ -15,15 +17,20 @@ export class CoreAuthService {
   /**
    * User sign in via email
    */
-  async signIn(email: string, password: string): Promise<{ token: string; user: ICoreAuthUser }> {
-    const user = await this.userService.getViaEmail(email);
-    if (!(await bcrypt.compare(password, user.password))) {
+  async signIn(
+    email: string,
+    password: string,
+    serviceOptions?: ServiceOptions
+  ): Promise<{ token: string; user: ICoreAuthUser }> {
+    serviceOptions = merge(serviceOptions || {}, { prepareOutput: null });
+    const user = await this.userService.getViaEmail(email, serviceOptions);
+    if (!user || !(await bcrypt.compare(password, user.password))) {
       throw new UnauthorizedException();
     }
     const payload: JwtPayload = { email: user.email };
     return {
       token: this.jwtService.sign(payload),
-      user,
+      user: await this.userService.prepareOutput(user),
     };
   }
 
@@ -34,6 +41,9 @@ export class CoreAuthService {
     return await this.userService.getViaEmail(payload.email);
   }
 
+  /**
+   * Decode JWT
+   */
   decodeJwt(token: string): JwtPayload {
     return this.jwtService.decode(token) as JwtPayload;
   }

package/src/core/modules/user/core-user.model.ts

@@ -1,8 +1,9 @@
 import { Field, ObjectType } from '@nestjs/graphql';
+import { Prop, Schema as MongooseSchema } from '@nestjs/mongoose';
 import { IsEmail, IsOptional } from 'class-validator';
 import { Document } from 'mongoose';
+import { User } from '../../../server/modules/user/user.model';
 import { CorePersistenceModel } from '../../common/models/core-persistence.model';
-import { Prop, Schema as MongooseSchema } from '@nestjs/mongoose';
 
 export type CoreUserModelDocument = CoreUserModel & Document;