@lenne.tech/nest-server 8.6.3 → 8.6.6

package/src/core/modules/auth/guards/roles.guard.ts

@@ -38,7 +38,7 @@ export class RolesGuard extends AuthGuard('jwt') {
     }
 
     // Check user and user roles
-    if (!user || !user.hasRole(roles)) {
+    if (!user?.hasRole?.(roles)) {
       // Get args
       const args: any = GqlExecutionContext.create(context).getArgs();
 

package/src/core/modules/user/core-user.service.ts

@@ -3,6 +3,7 @@ import * as bcrypt from 'bcrypt';
 import * as crypto from 'crypto';
 import { Document, Model } from 'mongoose';
 import { merge } from '../../common/helpers/config.helper';
+import { assignPlain } from '../../common/helpers/input.helper';
 import { ServiceOptions } from '../../common/interfaces/service-options.interface';
 import { CrudService } from '../../common/services/crud.service';
 import { EmailService } from '../../common/services/email.service';
@@ -39,9 +40,12 @@ export abstract class CoreUserService<
     return this.process(
       async (data) => {
         // Create user with verification token
+        const currentUserId = serviceOptions?.currentUser?._id;
         const createdUser = new this.mainDbModel({
           ...data.input,
           verificationToken: crypto.randomBytes(32).toString('hex'),
+          createdBy: currentUserId,
+          updatedBy: currentUserId,
         });
 
         // Distinguish between different error messages when saving
@@ -105,21 +109,15 @@ export abstract class CoreUserService<
     }
     return this.process(
       async () => {
-        // Update user
-        await Object.assign(dbObject, {
-          verified: true,
-          verificationToken: null,
-        }).save();
-
-        // Return prepared user
-        return dbObject;
+        // Update and return user
+        return await assignPlain(dbObject, { verified: true, verificationToken: null }).save();
       },
       { dbObject, serviceOptions }
     );
   }
 
   /**
-   * Set newpassword for user with token
+   * Set new password for user with token
    */
   async resetPassword(token: string, newPassword: string, serviceOptions?: ServiceOptions): Promise<TUser> {
     // Get user
@@ -130,14 +128,11 @@ export abstract class CoreUserService<
 
     return this.process(
       async () => {
-        // Update user
-        await Object.assign(dbObject, {
+        // Update and return user
+        return await assignPlain(dbObject, {
           password: await bcrypt.hash(newPassword, 10),
           passwordResetToken: null,
         }).save();
-
-        // Return user
-        return dbObject;
       },
       { dbObject, serviceOptions }
     );
@@ -154,13 +149,9 @@ export abstract class CoreUserService<
     }
     return this.process(
       async () => {
-        // Set reset token
-        const resetToken = crypto.randomBytes(32).toString('hex');
-        dbObject.passwordResetToken = resetToken;
-        await dbObject.save();
-
-        // Return user
-        return dbObject;
+        // Set reset token and return
+        dbObject.passwordResetToken = crypto.randomBytes(32).toString('hex');
+        return await dbObject.save();
       },
       { dbObject, serviceOptions }
     );
@@ -182,7 +173,7 @@ export abstract class CoreUserService<
 
     // Update and return user
     return this.process(
-      async (data) => {
+      async () => {
         return await this.mainDbModel.findByIdAndUpdate(userId, { roles }).exec();
       },
       { serviceOptions }

package/src/core.module.ts

@@ -1,15 +1,17 @@
-import { DynamicModule, Global, Module, UnauthorizedException } from '@nestjs/common';
+import { ApolloDriver, ApolloDriverConfig } from '@nestjs/apollo';
+import { DynamicModule, Global, MiddlewareConsumer, Module, NestModule, UnauthorizedException } from '@nestjs/common';
 import { APP_PIPE } from '@nestjs/core';
 import { GraphQLModule } from '@nestjs/graphql';
+import { MongooseModule } from '@nestjs/mongoose';
+import { Context } from 'apollo-server-core';
+import { graphqlUploadExpress } from 'graphql-upload';
 import { merge } from './core/common/helpers/config.helper';
 import { IServerOptions } from './core/common/interfaces/server-options.interface';
 import { MapAndValidatePipe } from './core/common/pipes/map-and-validate.pipe';
 import { ConfigService } from './core/common/services/config.service';
 import { EmailService } from './core/common/services/email.service';
-import { TemplateService } from './core/common/services/template.service';
-import { MongooseModule } from '@nestjs/mongoose';
 import { MailjetService } from './core/common/services/mailjet.service';
-import { ApolloDriver, ApolloDriverConfig } from '@nestjs/apollo';
+import { TemplateService } from './core/common/services/template.service';
 
 /**
  * Core module (dynamic)
@@ -26,7 +28,13 @@ import { ApolloDriver, ApolloDriverConfig } from '@nestjs/apollo';
  */
 @Global()
 @Module({})
-export class CoreModule {
+export class CoreModule implements NestModule {
+  /**
+   * Integrate middleware, e.g. GraphQL upload handing for express
+   */
+  configure(consumer: MiddlewareConsumer) {
+    consumer.apply(graphqlUploadExpress()).forRoutes('graphql');
+  }
   /**
    * Dynamic module
    * see https://docs.nestjs.com/modules#dynamic-modules
@@ -66,6 +74,28 @@ export class CoreModule {
                         }
                       },
                     },
+                    'graphql-ws': {
+                      onConnect: async (context: Context<any>) => {
+                        const { connectionParams, extra } = context;
+                        if (config.graphQl.enableSubscriptionAuth) {
+                          // get authToken from authorization header
+                          const authToken: string =
+                            'Authorization' in connectionParams && connectionParams?.Authorization?.split(' ')[1];
+                          if (authToken) {
+                            // verify authToken/getJwtPayLoad
+                            const payload = authService.decodeJwt(authToken);
+                            const user = await authService.validateUser(payload);
+                            // the user/jwtPayload object found will be available as context.currentUser/jwtPayload in your GraphQL resolvers
+                            extra.user = user;
+                            extra.header = connectionParams;
+                            return extra;
+                          }
+
+                          throw new UnauthorizedException();
+                        }
+                      },
+                      context: ({ extra }) => extra,
+                    },
                   },
                 },
                 options?.graphQl?.driver
@@ -113,7 +143,9 @@ export class CoreModule {
       module: CoreModule,
       imports: [
         MongooseModule.forRoot(config.mongoose.uri, config.mongoose.options),
-        GraphQLModule.forRootAsync<ApolloDriverConfig>(Object.assign({ driver: ApolloDriver }, config.graphQl.driver)),
+        GraphQLModule.forRootAsync<ApolloDriverConfig>(
+          Object.assign({ driver: ApolloDriver }, config.graphQl.driver, config.graphQl.options)
+        ),
       ],
       providers,
       exports: [ConfigService, EmailService, TemplateService, MailjetService],

package/src/main.ts

@@ -1,5 +1,6 @@
 import { NestFactory } from '@nestjs/core';
 import { NestExpressApplication } from '@nestjs/platform-express';
+import { exec } from 'child_process';
 import envConfig from './config.env';
 import { ServerModule } from './server/server.module';
 
@@ -25,6 +26,21 @@ async function bootstrap() {
 
   // Start server on configured port
   await server.listen(envConfig.port);
+
+  // Run command after server init
+  if (envConfig.execAfterInit) {
+    exec(envConfig.execAfterInit, (error, stdout, stderr) => {
+      if (error) {
+        console.error(`error: ${error.message}`);
+        return;
+      }
+
+      if (stderr) {
+        console.error(`stderr: ${stderr}`);
+        return;
+      }
+    });
+  }
 }
 
 // Start server

package/src/server/modules/auth/auth.module.ts

@@ -27,9 +27,8 @@ export class AuthModule {
             // providers: [] // Integrate additional Providers here to resolve dependencies
           },
         }),
-        EmailService,
       ],
-      providers: [AuthResolver, AuthService],
+      providers: [AuthResolver, AuthService, EmailService],
       exports: [AuthResolver, CoreAuthModule],
     };
   }

package/src/server/modules/file/file.controller.ts

@@ -32,6 +32,6 @@ export class FileController {
     })
   )
   uploadFile(@UploadedFiles() files, @Body() fields: any) {
-    console.log(files, fields);
+    console.log(JSON.stringify({ files, fields }, null, 2));
   }
 }

package/src/server/modules/file/file.resolver.ts

@@ -0,0 +1,55 @@
+import { Args, Mutation, Resolver } from '@nestjs/graphql';
+import { createWriteStream } from 'fs';
+import { FileUpload, GraphQLUpload } from 'graphql-upload';
+
+/**
+ * File resolver
+ */
+@Resolver()
+export class FileResolver {
+  /**
+   * Upload file
+   */
+  @Mutation(() => Boolean)
+  async uploadFile(
+    @Args({ name: 'file', type: () => GraphQLUpload })
+    file: FileUpload
+  ) {
+    console.log(JSON.stringify(file, null, 2));
+    /*
+    const {filename, mimetype, encoding, createReadStream} = file;
+    await new Promise((resolve, reject) =>
+      createReadStream()
+        .pipe(createWriteStream(`./uploads/${filename}`))
+        .on('finish', () => resolve(true))
+        .on('error', (error) => reject(error))
+    );
+    */
+    return true;
+  }
+
+  /**
+   * Upload files
+   */
+  @Mutation(() => Boolean)
+  async uploadFiles(
+    @Args({ name: 'files', type: () => [GraphQLUpload] })
+    files: FileUpload[]
+  ) {
+    const promises: Promise<any>[] = [];
+    for (const file of files) {
+      console.log(JSON.stringify(await file, null, 2));
+      /*
+      const {filename, mimetype, encoding, createReadStream} = await file
+      promises.push(new Promise((resolve, reject) =>
+        createReadStream()
+          .pipe(createWriteStream(`./uploads/${filename}`))
+          .on('finish', () => resolve(true))
+          .on('error', (error) => reject(error))
+      ));
+      */
+    }
+    await Promise.all(promises);
+    return true;
+  }
+}

package/src/server/modules/user/user.resolver.ts

@@ -145,7 +145,7 @@ export class UserResolver {
    */
   @Subscription(() => User, {
     filter(this: UserResolver, payload, variables, context) {
-      return context.user.roles.include(RoleEnum.ADMIN);
+      return context?.user?.hasRole?.(RoleEnum.ADMIN);
     },
     resolve: (user) => user,
   })

package/src/server/modules/user/user.service.ts

@@ -50,7 +50,7 @@ export class UserService extends CoreUserService<User, UserInput, UserCreateInpu
     // and could not exist as currentUser before
     if (!user.createdBy) {
       await this.mainDbModel.findByIdAndUpdate(user.id, { createdBy: user.id });
-      user = await this.get(user.id, { ...serviceOptions, currentUser: serviceOptions.currentUser || user });
+      user = await this.get(user.id, { ...serviceOptions, currentUser: serviceOptions?.currentUser || user });
     }
 
     // Publish action

package/src/server/server.module.ts

@@ -1,10 +1,11 @@
 import { Module } from '@nestjs/common';
 import envConfig from '../config.env';
 import { CoreModule } from '../core.module';
+import { CoreAuthService } from '../core/modules/auth/services/core-auth.service';
 import { AuthModule } from './modules/auth/auth.module';
 import { FileController } from './modules/file/file.controller';
+import { FileResolver } from './modules/file/file.resolver';
 import { ServerController } from './server.controller';
-import { CoreAuthService } from '../core/modules/auth/services/core-auth.service';
 
 /**
  * Server module (dynamic)
@@ -26,6 +27,9 @@ import { CoreAuthService } from '../core/modules/auth/services/core-auth.service
   // Include REST controllers
   controllers: [FileController, ServerController],
 
+  // Include resolvers, services and other providers
+  providers: [FileResolver],
+
   // Export modules for reuse in other modules
   exports: [CoreModule, AuthModule],
 })

package/src/test/test.helper.ts

@@ -1,9 +1,10 @@
 import { INestApplication } from '@nestjs/common';
-// import { FastifyInstance } from 'fastify';
+import { createClient } from 'graphql-ws';
 import { jsonToGraphQLQuery } from 'json-to-graphql-query';
 import * as LightMyRequest from 'light-my-request';
 import * as supertest from 'supertest';
 import * as util from 'util';
+import * as ws from 'ws';
 
 /**
  * GraphQL request type
@@ -64,6 +65,11 @@ export interface TestGraphQLOptions {
    */
   convertEnums?: boolean | string[];
 
+  /**
+   * Count of subscription messages, specifies how many messages are to be received on subscription
+   */
+  countOfSubscriptionMessages?: number;
+
   /**
    * Print console logs
    */
@@ -104,33 +110,35 @@ export class TestHelper {
   // app: FastifyInstance | INestApplication;
   app: INestApplication;
 
+  // URL with port and directory to subscription endpoint
+  // e.g.: ws://localhost:3030/graphql
+  subscriptionUrl: string;
+
   /**
    * Constructor
    */
-  constructor(app: any) {
+  constructor(app: any, subscriptionUrl?: string) {
     this.app = app;
+    this.subscriptionUrl = subscriptionUrl;
   }
 
   /**
    * GraphQL request
-   * @param graphql
-   * @param options
    */
   async graphQl(graphql: string | TestGraphQLConfig, options: TestGraphQLOptions = {}): Promise<any> {
     // Default options
-    options = Object.assign(
-      {
-        convertEnums: true,
-        token: null,
-        statusCode: 200,
-        log: false,
-        logError: false,
-      },
-      options
-    );
+    const config = {
+      convertEnums: true,
+      countOfSubscriptionMessages: 1,
+      token: null,
+      statusCode: 200,
+      log: false,
+      logError: false,
+      ...options,
+    };
 
     // Init vars
-    const { token, statusCode, log, logError } = options;
+    const { token, statusCode, log, logError } = config;
 
     // Init
     let query = '';
@@ -174,10 +182,14 @@ export class TestHelper {
       query = jsonToGraphQLQuery(queryObj, { pretty: true });
     }
 
+    if ((graphql as TestGraphQLConfig).type === TestGraphQLType.SUBSCRIPTION) {
+      return this.getSubscription(graphql as TestGraphQLConfig, query, config);
+    }
+
     // Convert uppercase strings in arguments of query to enums
-    if (options.convertEnums) {
-      if (Array.isArray(options.convertEnums)) {
-        for (const key of Object.values(options.convertEnums)) {
+    if (config.convertEnums) {
+      if (Array.isArray(config.convertEnums)) {
+        for (const key of Object.values(config.convertEnums)) {
           const regExpStr = '(' + key + ': )\\"([_A-Z][_0-9A-Z]*)\\"';
           const regExp = new RegExp(regExpStr, 'g');
           query = query.replace(regExp, '$1$2');
@@ -225,28 +237,26 @@ export class TestHelper {
    */
   async rest(url: string, options: TestRestOptions = {}): Promise<any> {
     // Default options
-    options = Object.assign(
-      {
-        token: null,
-        statusCode: 200,
-        log: false,
-        logError: false,
-        payload: null,
-        method: 'GET',
-      },
-      options
-    );
+    const config: TestRestOptions = {
+      token: null,
+      statusCode: 200,
+      log: false,
+      logError: false,
+      payload: null,
+      method: 'GET',
+      ...options,
+    };
 
     // Init vars
-    const { token, statusCode, log, logError } = options;
+    const { token, statusCode, log, logError } = config;
 
     // Request configuration
     const requestConfig: LightMyRequest.InjectOptions = {
-      method: options.method,
+      method: config.method,
       url,
     };
-    if (options.payload) {
-      requestConfig.payload = options.payload;
+    if (config.payload) {
+      requestConfig.payload = config.payload;
     }
 
     // Process response
@@ -354,7 +364,7 @@ export class TestHelper {
 
     // Log response
     if (log) {
-      console.log(response);
+      console.log(JSON.stringify(response, null, 2));
     }
 
     // Log error
@@ -373,4 +383,52 @@ export class TestHelper {
     // Return response
     return response;
   }
+
+  /**
+   * Get subscription
+   */
+  async getSubscription(graphql: TestGraphQLConfig, query: string, options?: TestGraphQLOptions) {
+    // Check url
+    if (!this.subscriptionUrl) {
+      throw new Error("Missing subscriptionUrl in TestHelper: new TestHelper(app, 'ws://localhost:3030/graphql')");
+    }
+
+    // Prepare subscription
+    let connectionParams;
+    if (options?.token) {
+      connectionParams = { Authorization: `Bearer ${options?.token}` };
+    }
+
+    // Init client
+    if (options.log) {
+      console.log('Subscription query', JSON.stringify(query, null, 2));
+    }
+    const client = createClient({ url: this.subscriptionUrl, connectionParams, webSocketImpl: ws });
+    const messages: any[] = [];
+    let unsubscribe: () => void;
+    const onNext = (message) => {
+      if (options.log) {
+        console.log('Subscription message', JSON.stringify(message, null, 2));
+      }
+      messages.push(message?.data?.[graphql.name]);
+      if (messages.length <= options.countOfSubscriptionMessages) {
+        unsubscribe();
+      }
+    };
+
+    // Subscribe
+    await new Promise((resolve, reject) => {
+      unsubscribe = client.subscribe(
+        { query },
+        {
+          next: onNext,
+          error: reject,
+          complete: resolve as any,
+        }
+      );
+    });
+
+    // Return subscribed messages
+    return messages;
+  }
 }