npm - @loomcore/api - Versions diffs - 0.1.21 → 0.1.24 - Mend

@loomcore/api 0.1.21 → 0.1.24

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (31) hide show

package/dist/databases/postgres/migrations/010-create-authorizations-table.migration.js ADDED Viewed

@@ -0,0 +1,74 @@
+import { randomUUID } from "crypto";
+import { doesTableExist } from "../utils/does-table-exist.util.js";
+export class CreateAuthorizationsTableMigration {
+    client;
+    constructor(client) {
+        this.client = client;
+    }
+    index = 10;
+    async execute(_orgId) {
+        const _id = randomUUID().toString();
+        try {
+            await this.client.query('BEGIN');
+            const tableExists = await doesTableExist(this.client, 'authorizations');
+            if (!tableExists) {
+                await this.client.query(`
+                    CREATE TABLE "authorizations" (
+                        "_id" VARCHAR(255) PRIMARY KEY,
+                        "_orgId" VARCHAR(255),
+                        "_roleId" VARCHAR(255) NOT NULL,
+                        "_featureId" VARCHAR(255) NOT NULL,
+                        "startDate" TIMESTAMP,
+                        "endDate" TIMESTAMP,
+                        "config" JSONB,
+                        "_created" TIMESTAMP NOT NULL,
+                        "_createdBy" VARCHAR(255) NOT NULL,
+                        "_updated" TIMESTAMP NOT NULL,
+                        "_updatedBy" VARCHAR(255) NOT NULL,
+                        "_deleted" TIMESTAMP,
+                        "_deletedBy" VARCHAR(255),
+                        CONSTRAINT "fk_authorizations_organization" FOREIGN KEY ("_orgId") REFERENCES "organizations"("_id") ON DELETE CASCADE,
+                        CONSTRAINT "fk_authorizations_role" FOREIGN KEY ("_roleId") REFERENCES "roles"("_id") ON DELETE CASCADE,
+                        CONSTRAINT "fk_authorizations_feature" FOREIGN KEY ("_featureId") REFERENCES "features"("_id") ON DELETE CASCADE,
+                        CONSTRAINT "uk_authorizations" UNIQUE ("_orgId", "_roleId", "_featureId")
+                    )
+                `);
+            }
+            const result = await this.client.query(`
+                    INSERT INTO "migrations" ("_id", "index", "hasRun", "reverted")
+                    VALUES ('${_id}', ${this.index}, TRUE, FALSE);
+                `);
+            if (result.rowCount === 0) {
+                await this.client.query('ROLLBACK');
+                return { success: false, error: new Error(`Error inserting migration ${this.index} to migrations table: No row returned`) };
+            }
+            await this.client.query('COMMIT');
+            return { success: true, error: null };
+        }
+        catch (error) {
+            await this.client.query('ROLLBACK');
+            return { success: false, error: new Error(`Error executing migration ${this.index}: ${error.message}`) };
+        }
+    }
+    async revert() {
+        try {
+            await this.client.query('BEGIN');
+            await this.client.query(`
+                DROP TABLE "authorizations";
+            `);
+            const updateResult = await this.client.query(`
+                UPDATE "migrations" SET "reverted" = TRUE WHERE "index" = '${this.index}';
+            `);
+            if (updateResult.rowCount === 0) {
+                await this.client.query('ROLLBACK');
+                return { success: false, error: new Error(`Error updating migration record for index ${this.index}: No row returned`) };
+            }
+            await this.client.query('COMMIT');
+            return { success: true, error: null };
+        }
+        catch (error) {
+            await this.client.query('ROLLBACK');
+            return { success: false, error: new Error(`Error reverting migration ${this.index}: ${error.message}`) };
+        }
+    }
+}

package/dist/databases/postgres/migrations/setup-for-auth.migration.js CHANGED Viewed

@@ -3,7 +3,10 @@ import { CreateMigrationTableMigration } from "./001-create-migrations-table.mig
 import { CreateUsersTableMigration } from "./003-create-users-table.migration.js";
 import { doesTableExist } from "../utils/does-table-exist.util.js";
 import { CreateAdminUserMigration } from "./006-create-admin-user.migration.js";
-import { getSystemUserContext } from "@loomcore/common/models";
+import { CreateUserRolesTableMigration } from "./008-create-user-roles-table.migration.js";
+import { CreateRoleTableMigration } from "./007-create-roles-table.migration.js";
+import { CreateAuthorizationsTableMigration } from "./010-create-authorizations-table.migration.js";
+import { CreateFeaturesTableMigration } from "./009-create-features-table.migration.js";
 export async function setupDatabaseForAuth(client, adminUsername, adminPassword) {
     let runMigrations = [];
     if (await doesTableExist(client, 'migrations')) {
@@ -23,10 +26,16 @@ export async function setupDatabaseForAuth(client, adminUsername, adminPassword)
         migrationsToRun.push(new CreateUsersTableMigration(client));
     if (!runMigrations.includes(4))
         migrationsToRun.push(new CreateRefreshTokenTableMigration(client));
-    if (!runMigrations.includes(6)) {
-        const systemUserContext = getSystemUserContext();
-        migrationsToRun.push(new CreateAdminUserMigration(client, adminUsername, adminPassword, systemUserContext._orgId));
-    }
+    if (!runMigrations.includes(6))
+        migrationsToRun.push(new CreateAdminUserMigration(client, adminUsername, adminPassword));
+    if (!runMigrations.includes(7))
+        migrationsToRun.push(new CreateRoleTableMigration(client));
+    if (!runMigrations.includes(8))
+        migrationsToRun.push(new CreateUserRolesTableMigration(client));
+    if (!runMigrations.includes(9))
+        migrationsToRun.push(new CreateFeaturesTableMigration(client));
+    if (!runMigrations.includes(10))
+        migrationsToRun.push(new CreateAuthorizationsTableMigration(client));
     for (const migration of migrationsToRun) {
         await migration.execute();
     }

package/dist/databases/postgres/migrations/setup-for-multitenant.migration.d.ts CHANGED Viewed

@@ -1,5 +1,5 @@
 import { Client } from "pg";
-export declare function setupDatabaseForMultitenant(client: Client, orgName: string, orgCode: string): Promise<{
+export declare function setupDatabaseForMultitenant(client: Client, metaOrgName: string, metaOrgCode: string): Promise<{
     success: boolean;
     metaOrgId: string | undefined;
     error: Error | null;

package/dist/databases/postgres/migrations/setup-for-multitenant.migration.js CHANGED Viewed

@@ -2,13 +2,12 @@ import { CreateMigrationTableMigration } from "./001-create-migrations-table.mig
 import { CreateOrganizationsTableMigration } from "./002-create-organizations-table.migration.js";
 import { doesTableExist } from "../utils/does-table-exist.util.js";
 import { CreateMetaOrgMigration } from "./005-create-meta-org.migration.js";
-import { randomUUID } from 'crypto';
 import { PostgresDatabase } from "../postgres.database.js";
 import { OrganizationService } from "../../../services/index.js";
 import { EmptyUserContext } from "@loomcore/common/models";
-export async function setupDatabaseForMultitenant(client, orgName, orgCode) {
+export async function setupDatabaseForMultitenant(client, metaOrgName, metaOrgCode) {
     let runMigrations = [];
-    let metaOrgId = randomUUID().toString();
+    let metaOrgId;
     if (await doesTableExist(client, 'migrations')) {
         const migrations = await client.query(`
             SELECT "_id", "index"
@@ -28,7 +27,7 @@ export async function setupDatabaseForMultitenant(client, orgName, orgCode) {
         }
     }
     if (!runMigrations.includes(2)) {
-        const createOrganizationTableMigration = new CreateOrganizationsTableMigration(client, orgName, orgCode);
+        const createOrganizationTableMigration = new CreateOrganizationsTableMigration(client);
         const result = await createOrganizationTableMigration.execute();
         if (!result.success) {
             console.log('setupDatabaseForMultitenant: error creating organizations table', result.error);
@@ -44,11 +43,22 @@ export async function setupDatabaseForMultitenant(client, orgName, orgCode) {
         }
     }
     if (!runMigrations.includes(5)) {
-        const createMetaOrgMigration = new CreateMetaOrgMigration(client, orgName, orgCode);
+        const createMetaOrgMigration = new CreateMetaOrgMigration(client, metaOrgName, metaOrgCode);
         const result = await createMetaOrgMigration.execute();
         if (!result.success || !result.metaOrgId) {
             console.log('setupDatabaseForMultitenant: error creating meta org', result.error);
-            return { success: false, metaOrgId: metaOrgId, error: result.error };
+            return { success: false, metaOrgId: result.metaOrgId, error: result.error };
+        }
+        metaOrgId = result.metaOrgId;
+    }
+    else {
+        if (!metaOrgId) {
+            const database = new PostgresDatabase(client);
+            const organizationService = new OrganizationService(database);
+            const metaOrg = await organizationService.getMetaOrg(EmptyUserContext);
+            if (metaOrg) {
+                metaOrgId = metaOrg._id;
+            }
         }
     }
     return { success: true, metaOrgId: metaOrgId, error: null };

package/dist/models/refresh-token.model.d.ts CHANGED Viewed

@@ -12,7 +12,7 @@ export declare const refreshTokenSchema: import("@sinclair/typebox").TObject<{
     deviceId: import("@sinclair/typebox").TString;
     userId: import("@sinclair/typebox").TString;
     expiresOn: import("@sinclair/typebox").TNumber;
-    created: import("@sinclair/typebox").TUnion<[import("@sinclair/typebox").TTransform<import("@sinclair/typebox").TString, Date>, import("@sinclair/typebox").TUndefined]>;
+    created: import("@sinclair/typebox").TTransform<import("@sinclair/typebox").TString, Date>;
     createdBy: import("@sinclair/typebox").TString;
 }>;
 export declare const refreshTokenModelSpec: import("@loomcore/common/models").IModelSpec<import("@sinclair/typebox").TSchema>;

package/dist/services/auth.service.d.ts CHANGED Viewed

@@ -21,7 +21,7 @@ export declare class AuthService extends MultiTenantApiService<IUser> {
     } | null>;
     getUserByEmail(email: string): Promise<IUser | null>;
     createUser(userContext: IUserContext, user: Partial<IUser>): Promise<IUser | null>;
-    requestTokenUsingRefreshToken(userContext: IUserContext, refreshToken: string, deviceId: string): Promise<ITokenResponse | null>;
+    requestTokenUsingRefreshToken(refreshToken: string, deviceId: string): Promise<ITokenResponse | null>;
     changeLoggedInUsersPassword(userContext: IUserContext, body: any): Promise<UpdateResult>;
     changePassword(userContext: IUserContext, queryObject: any, password: string): Promise<UpdateResult>;
     createNewTokens(userContext: IUserContext, activeRefreshToken: IRefreshToken): Promise<{
@@ -29,8 +29,8 @@ export declare class AuthService extends MultiTenantApiService<IUser> {
         refreshToken: string;
         expiresOn: number;
     }>;
-    getActiveRefreshToken(userContext: IUserContext, refreshToken: string, deviceId: string): Promise<IRefreshToken | null>;
-    createNewRefreshToken(userId: string, deviceId: string, existingExpiresOn?: number | null, orgId?: string): Promise<IRefreshToken | null>;
+    getActiveRefreshToken(refreshToken: string, deviceId: string): Promise<IRefreshToken | null>;
+    createNewRefreshToken(userId: string, deviceId: string, orgId?: string): Promise<IRefreshToken | null>;
     sendResetPasswordEmail(emailAddress: string): Promise<void>;
     resetPassword(email: string, passwordResetToken: string, password: string): Promise<UpdateResult>;
     deleteRefreshTokensForDevice(deviceId: string): Promise<import("../databases/models/delete-result.js").DeleteResult>;

package/dist/services/auth.service.js CHANGED Viewed

@@ -44,7 +44,7 @@ export class AuthService extends MultiTenantApiService {
     async logUserIn(userContext, deviceId) {
         const payload = userContext;
         const accessToken = this.generateJwt(payload);
-        const refreshTokenObject = await this.createNewRefreshToken(userContext.user._id, deviceId, null, userContext._orgId);
+        const refreshTokenObject = await this.createNewRefreshToken(userContext.user._id, deviceId, userContext._orgId);
         const accessTokenExpiresOn = this.getExpiresOnFromSeconds(config.auth.jwtExpirationInSeconds);
         let loginResponse = null;
         if (refreshTokenObject) {
@@ -88,10 +88,16 @@ export class AuthService extends MultiTenantApiService {
         const createdUser = await this.create(userContext, user);
         return createdUser;
     }
-    async requestTokenUsingRefreshToken(userContext, refreshToken, deviceId) {
+    async requestTokenUsingRefreshToken(refreshToken, deviceId) {
         let tokens = null;
-        const activeRefreshToken = await this.getActiveRefreshToken(userContext, refreshToken, deviceId);
+        const activeRefreshToken = await this.getActiveRefreshToken(refreshToken, deviceId);
         if (activeRefreshToken) {
+            const systemUserContext = getSystemUserContext();
+            const user = await this.getById(systemUserContext, activeRefreshToken.userId);
+            const userContext = {
+                _orgId: user._orgId,
+                user: user
+            };
             tokens = await this.createNewTokens(userContext, activeRefreshToken);
         }
         return tokens;
@@ -121,8 +127,8 @@ export class AuthService extends MultiTenantApiService {
         };
         return tokenResponse;
     }
-    async getActiveRefreshToken(userContext, refreshToken, deviceId) {
-        const refreshTokenResult = await this.refreshTokenService.findOne(userContext, { filters: { token: { eq: refreshToken }, deviceId: { eq: deviceId } } });
+    async getActiveRefreshToken(refreshToken, deviceId) {
+        const refreshTokenResult = await this.refreshTokenService.findOne(EmptyUserContext, { filters: { token: { eq: refreshToken }, deviceId: { eq: deviceId } } });
         let activeRefreshToken = null;
         if (refreshTokenResult) {
             const now = Date.now();
@@ -133,8 +139,8 @@ export class AuthService extends MultiTenantApiService {
         }
         return activeRefreshToken;
     }
-    async createNewRefreshToken(userId, deviceId, existingExpiresOn = null, orgId) {
-        const expiresOn = existingExpiresOn ? existingExpiresOn : this.getExpiresOnFromDays(config.auth.refreshTokenExpirationInDays);
+    async createNewRefreshToken(userId, deviceId, orgId) {
+        const expiresOn = this.getExpiresOnFromDays(config.auth.refreshTokenExpirationInDays);
         const newRefreshToken = {
             _orgId: orgId,
             token: this.generateRefreshToken(),
@@ -236,9 +242,6 @@ export class AuthService extends MultiTenantApiService {
             const hash = await passwordUtils.hashPassword(entity.password);
             entity.password = hash;
         }
-        if (isCreate && !entity.roles) {
-            entity.roles = ["user"];
-        }
         const preparedEntity = await super.preprocessEntity(userContext, entity, isCreate, allowId);
         return preparedEntity;
     }

package/dist/services/multi-tenant-api.service.js CHANGED Viewed

@@ -11,7 +11,7 @@ export class MultiTenantApiService extends GenericApiService {
         }
     }
     prepareQuery(userContext, queryOptions, operations) {
-        if (!config?.app?.isMultiTenant) {
+        if (!config?.app?.isMultiTenant || userContext?.user?._id === 'system') {
             return super.prepareQuery(userContext, queryOptions, operations);
         }
         if (!userContext || !userContext._orgId) {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@loomcore/api",
-  "version": "0.1.21",
+  "version": "0.1.24",
   "private": false,
   "description": "Loom Core Api - An opinionated Node.js api using Typescript, Express, and MongoDb or PostgreSQL",
   "scripts": {
@@ -13,8 +13,8 @@
     "push": "git push",
     "publishMe": "npm publish --access public",
     "pub": "npm-run-all -s add commit patch build push publishMe",
-    "update-lib-versions": "npx --yes npm-check-updates -u -f @loomcore/models",
-    "install-updated-libs": "npm i @loomcore/models",
+    "update-lib-versions": "npx --yes npm-check-updates -u -f @loomcore/common",
+    "install-updated-libs": "npm i @loomcore/common",
     "update-libs": "npm-run-all -s update-lib-versions install-updated-libs",
     "typecheck": "tsc",
     "test": "npm-run-all -s test:postgres test:mongodb",
@@ -53,7 +53,7 @@
     "qs": "^6.14.0"
   },
   "peerDependencies": {
-    "@loomcore/common": "^0.0.19",
+    "@loomcore/common": "^0.0.27",
     "@sinclair/typebox": "0.34.33",
     "cookie-parser": "^1.4.6",
     "cors": "^2.8.5",
@@ -70,17 +70,17 @@
     "@types/express": "^5.0.1",
     "@types/jsonwebtoken": "^9.0.9",
     "@types/lodash": "^4.17.13",
+    "@types/pg": "^8.15.6",
     "@types/qs": "^6.14.0",
     "@types/supertest": "^6.0.3",
-    "@types/pg": "^8.15.6",
     "@vitest/coverage-v8": "^3.0.9",
     "cross-env": "^7.0.3",
     "mongodb-memory-server": "^9.3.0",
     "npm-run-all": "^4.1.5",
+    "pg-mem": "^3.0.5",
     "rxjs": "^7.8.0",
     "supertest": "^7.1.0",
     "typescript": "^5.8.3",
-    "pg-mem": "^3.0.5",
     "vite": "^6.2.5",
     "vitest": "^3.0.9"
   }