@magda/auth-api-client 2.0.0-alpha.1 → 2.0.0-alpha.2

package/dist/index.d.ts

@@ -14,15 +14,6 @@ declare class ApiClient {
      * @memberof ApiClient
      */
     getUser(userId: string): Promise<Maybe<RequiredKeys<User, "id">>>;
-    /**
-     * Get the data of a user.
-     * (Deprecated) This is the public facing API and will return less fields.
-     *
-     * @param {string} userId
-     * @returns {Promise<Maybe<User>>}
-     * @memberof ApiClient
-     */
-    getUserPublic(userId: string): Promise<Maybe<RequiredKeys<User, "id">>>;
     /**
      * Lookup user by source (identity provider) & sourceId (identity ID)
      *
@@ -35,11 +26,11 @@ declare class ApiClient {
     /**
      * create a user
      *
-     * @param {User} user
-     * @returns {Promise<User>}
+     * @param {CreateUserData} user
+     * @returns {Promise<UserRecord>}
      * @memberof ApiClient
      */
-    createUser(user: User): Promise<RequiredKeys<User, "id">>;
+    createUser(user: CreateUserData): Promise<UserRecord>;
     /**
      * Add Roles to a user.
      * Returns a list of current role ids of the user.
@@ -135,10 +126,21 @@ declare class ApiClient {
      * @memberof ApiClient
      */
     getAllOrgUnitChildren(nodeId: string): Promise<OrgUnit[]>;
+    createOrgNode(parentNodeId: string, node: Partial<Omit<OrgUnitRecord, "id" | "createBy" | "createTime" | "editBy" | "editTime" | "left" | "right">>): Promise<OrgUnit>;
+    createRole(name: string, desc?: string): Promise<Role>;
+    createRolePermission(roleId: string, permissionData: CreateRolePermissionInputData): Promise<PermissionRecord>;
+    getOperationByUri(opUri: string): Promise<OperationRecord>;
+    getResourceByUri(resUri: string): Promise<ResourceRecord>;
     private handleGetResult;
 }
 export default ApiClient;
 
+declare interface CreateRolePermissionInputData extends Omit<PermissionRecord, "id" | "owner_id" | "create_by" | "create_time" | "edit_by" | "edit_time"> {
+    operationIds: string[];
+}
+
+declare type CreateUserData = Partial<Omit<UserRecord, "email" | "displayName" | "id">> & Pick<UserRecord, "displayName" | "email">;
+
 declare interface Eq<T> {
     equals(t: T): boolean;
 }
@@ -206,22 +208,33 @@ export declare interface Operation {
     description?: string;
 }
 
+declare type OperationRecord = {
+    id: string;
+    uri: string;
+    name: string;
+    description: string;
+    resource_id: string;
+};
+
 declare interface OptionalMaybePatterns<T, U> {
     just?: (t: T) => U;
     nothing?: () => U;
 }
 
-export declare interface OrgUnit {
-    id?: string;
-    name?: string;
-    description?: string;
+export declare type OrgUnit = Partial<OrgUnitRecord> & {
     relationship?: OrgUnitRelationshipType;
-    left?: number;
-    right?: number;
-    createBy?: string;
-    createTime?: Date;
-    editBy?: string;
-    editTime?: Date;
+};
+
+declare interface OrgUnitRecord {
+    id: string;
+    name: string;
+    description: string;
+    left: number;
+    right: number;
+    createBy: string;
+    createTime: Date;
+    editBy: string;
+    editTime: Date;
 }
 
 export declare type OrgUnitRelationshipType = "ancestor" | "descendant" | "equal" | "unrelated";
@@ -242,20 +255,37 @@ export declare interface Permission {
     editTime?: Date;
 }
 
-export declare interface PublicUser {
-    id?: string;
-    displayName: string;
-    photoURL?: string;
-    isAdmin: boolean;
+declare interface PermissionRecord {
+    id: string;
+    name: string;
+    description: string;
+    resource_id: string;
+    user_ownership_constraint: boolean;
+    org_unit_ownership_constraint: boolean;
+    pre_authorised_constraint: boolean;
+    owner_id: string;
+    create_time: string;
+    create_by: string;
+    edit_time: string;
+    edit_by: string;
+}
+
+export declare type PublicUser = Partial<Pick<UserRecord, "id" | "photoURL" | "orgUnitId">> & Omit<UserRecord, "id" | "photoURL" | "orgUnitId" | "email" | "source" | "sourceId"> & {
     roles?: Role[];
     permissions?: Permission[];
     managingOrgUnitIds?: string[];
-    orgUnitId?: string;
     orgUnit?: OrgUnit;
-}
+};
 
 declare type RequiredKeys<T, K extends keyof T> = Omit<T, K> & Required<Pick<T, K>>;
 
+declare type ResourceRecord = {
+    id: string;
+    uri: string;
+    name: string;
+    description: string;
+};
+
 export declare interface Role {
     id: string;
     name: string;
@@ -267,7 +297,14 @@ export declare interface Role {
     editTime?: Date;
 }
 
-export declare interface User extends PublicUser {
+export declare type User = PublicUser & Pick<UserRecord, "email" | "source" | "sourceId">;
+
+declare interface UserRecord {
+    id: string;
+    displayName: string;
+    photoURL: string;
+    isAdmin: boolean;
+    orgUnitId: string;
     email: string;
     source: string;
     sourceId: string;

package/dist/index.js

@@ -1806,7 +1806,7 @@ var __WEBPACK_AMD_DEFINE_FACTORY__, __WEBPACK_AMD_DEFINE_RESULT__;/*!
  * URI.js - Mutating URLs
  * IPv6 Support
  *
- * Version: 1.19.5
+ * Version: 1.19.11
  *
  * Author: Rodney Rehm
  * Web: http://medialize.github.io/URI.js/
@@ -1998,7 +1998,7 @@ var __WEBPACK_AMD_DEFINE_FACTORY__, __WEBPACK_AMD_DEFINE_RESULT__;/*!
  * URI.js - Mutating URLs
  * Second Level Domain (SLD) Support
  *
- * Version: 1.19.5
+ * Version: 1.19.11
  *
  * Author: Rodney Rehm
  * Web: http://medialize.github.io/URI.js/
@@ -2281,9 +2281,10 @@ const isomorphic_fetch_1 = __importDefault(__webpack_require__(30));
 const tsmonad_1 = __webpack_require__(15);
 const lodash_1 = __importDefault(__webpack_require__(59));
 const buildJwt_1 = __importDefault(__webpack_require__(60));
-const GenericError_1 = __importDefault(__webpack_require__(79));
-const addTrailingSlash_1 = __importDefault(__webpack_require__(80));
-const urijs_1 = __importDefault(__webpack_require__(81));
+const addTrailingSlash_1 = __importDefault(__webpack_require__(79));
+const urijs_1 = __importDefault(__webpack_require__(80));
+const ServerError_1 = __importDefault(__webpack_require__(81));
+const isUuid_1 = __importDefault(__webpack_require__(82));
 class ApiClient {
     constructor(
     // e.g. http://authorization-api/v0
@@ -2295,14 +2296,29 @@ class ApiClient {
         if (jwtSecret && userId) {
             this.jwt = buildJwt_1.default(jwtSecret, userId);
         }
-        this.requestInitOption = {
-            headers: {
-                "X-Magda-Session": this.jwt
-            }
-        };
+        if (this.jwt) {
+            this.requestInitOption = {
+                headers: {
+                    "X-Magda-Session": this.jwt
+                }
+            };
+        }
     }
     getMergeRequestInitOption(extraOptions = null) {
-        return lodash_1.default.merge({}, this.requestInitOption, extraOptions);
+        let defaultContentTypeCfg = {};
+        if ((extraOptions === null || extraOptions === void 0 ? void 0 : extraOptions.body) &&
+            (!(extraOptions === null || extraOptions === void 0 ? void 0 : extraOptions.headers) ||
+                (typeof extraOptions.headers === "object" &&
+                    Object.keys(extraOptions.headers)
+                        .map((key) => key.toLowerCase())
+                        .indexOf("content-type") == -1))) {
+            defaultContentTypeCfg = {
+                headers: {
+                    "Content-Type": "application/json"
+                }
+            };
+        }
+        return lodash_1.default.merge({}, this.requestInitOption, extraOptions, defaultContentTypeCfg);
     }
     processJsonResponse(res) {
         return __awaiter(this, void 0, void 0, function* () {
@@ -2310,8 +2326,8 @@ class ApiClient {
                 return (yield res.json());
             }
             else {
-                const responseText = (yield res.text()).replace(/<(.|\n)*?>/g, "");
-                throw new GenericError_1.default(responseText, res.status);
+                const responseText = yield res.text();
+                throw new ServerError_1.default(`Error: ${res.statusText}. ${responseText.replace(/<(.|\n)*?>/g, "")}`, res.status);
             }
         });
     }
@@ -2323,19 +2339,6 @@ class ApiClient {
      * @memberof ApiClient
      */
     getUser(userId) {
-        return __awaiter(this, void 0, void 0, function* () {
-            return yield this.handleGetResult(isomorphic_fetch_1.default(`${this.baseUrl}private/users/${userId}`, this.getMergeRequestInitOption()));
-        });
-    }
-    /**
-     * Get the data of a user.
-     * (Deprecated) This is the public facing API and will return less fields.
-     *
-     * @param {string} userId
-     * @returns {Promise<Maybe<User>>}
-     * @memberof ApiClient
-     */
-    getUserPublic(userId) {
         return __awaiter(this, void 0, void 0, function* () {
             return yield this.handleGetResult(isomorphic_fetch_1.default(`${this.baseUrl}public/users/${userId}`, this.getMergeRequestInitOption()));
         });
@@ -2356,14 +2359,14 @@ class ApiClient {
     /**
      * create a user
      *
-     * @param {User} user
-     * @returns {Promise<User>}
+     * @param {CreateUserData} user
+     * @returns {Promise<UserRecord>}
      * @memberof ApiClient
      */
     createUser(user) {
         return __awaiter(this, void 0, void 0, function* () {
             try {
-                const res = yield isomorphic_fetch_1.default(`${this.baseUrl}private/users`, this.getMergeRequestInitOption({
+                const res = yield isomorphic_fetch_1.default(`${this.baseUrl}public/users`, this.getMergeRequestInitOption({
                     method: "POST",
                     headers: {
                         "Content-Type": "application/json"
@@ -2371,10 +2374,10 @@ class ApiClient {
                     body: JSON.stringify(user)
                 }));
                 if (res.status >= 400) {
-                    throw new Error(`Encountered error ${res.status} when POSTing new user to ${this.baseUrl}/private/users`);
+                    throw new Error(`Encountered error ${res.status}: ${yield res.text()} when creating new user to ${this.baseUrl}public/users`);
                 }
                 const resData = yield res.json();
-                return Object.assign(Object.assign({}, user), resData);
+                return resData;
             }
             catch (e) {
                 console.error(e);
@@ -2393,7 +2396,7 @@ class ApiClient {
      */
     addUserRoles(userId, roleIds) {
         return __awaiter(this, void 0, void 0, function* () {
-            const res = yield isomorphic_fetch_1.default(`${this.baseUrl}public/user/${userId}/roles`, this.getMergeRequestInitOption({
+            const res = yield isomorphic_fetch_1.default(`${this.baseUrl}public/users/${userId}/roles`, this.getMergeRequestInitOption({
                 method: "POST",
                 headers: {
                     "Content-Type": "application/json"
@@ -2432,7 +2435,7 @@ class ApiClient {
      */
     getUserRoles(userId) {
         return __awaiter(this, void 0, void 0, function* () {
-            const res = yield isomorphic_fetch_1.default(`${this.baseUrl}public/user/${userId}/roles`, this.getMergeRequestInitOption());
+            const res = yield isomorphic_fetch_1.default(`${this.baseUrl}public/users/${userId}/roles`, this.getMergeRequestInitOption());
             return yield this.processJsonResponse(res);
         });
     }
@@ -2445,7 +2448,7 @@ class ApiClient {
      */
     getUserPermissions(userId) {
         return __awaiter(this, void 0, void 0, function* () {
-            const res = yield isomorphic_fetch_1.default(`${this.baseUrl}public/user/${userId}/permissions`, this.getMergeRequestInitOption());
+            const res = yield isomorphic_fetch_1.default(`${this.baseUrl}public/users/${userId}/permissions`, this.getMergeRequestInitOption());
             return yield this.processJsonResponse(res);
         });
     }
@@ -2458,7 +2461,7 @@ class ApiClient {
      */
     getRolePermissions(roleId) {
         return __awaiter(this, void 0, void 0, function* () {
-            const res = yield isomorphic_fetch_1.default(`${this.baseUrl}public/role/${roleId}/permissions`, this.getMergeRequestInitOption());
+            const res = yield isomorphic_fetch_1.default(`${this.baseUrl}public/roles/${roleId}/permissions`, this.getMergeRequestInitOption());
             return yield this.processJsonResponse(res);
         });
     }
@@ -2568,6 +2571,60 @@ class ApiClient {
             return yield this.processJsonResponse(res);
         });
     }
+    createOrgNode(parentNodeId, node) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const uri = urijs_1.default(`${this.baseUrl}public/orgunits`)
+                .segmentCoded(parentNodeId)
+                .segmentCoded("insert");
+            const res = yield isomorphic_fetch_1.default(uri.toString(), this.getMergeRequestInitOption({
+                method: "post",
+                body: JSON.stringify(node)
+            }));
+            return yield this.processJsonResponse(res);
+        });
+    }
+    createRole(name, desc) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const uri = urijs_1.default(`${this.baseUrl}public/roles`);
+            const res = yield isomorphic_fetch_1.default(uri.toString(), this.getMergeRequestInitOption({
+                method: "post",
+                body: JSON.stringify({
+                    name,
+                    description: desc ? desc : ""
+                })
+            }));
+            return yield this.processJsonResponse(res);
+        });
+    }
+    createRolePermission(roleId, permissionData) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (!isUuid_1.default(roleId)) {
+                throw new ServerError_1.default(`roleId: ${roleId} is not a valid UUID.`);
+            }
+            const uri = urijs_1.default(`${this.baseUrl}public/roles`)
+                .segmentCoded(roleId)
+                .segmentCoded("permissions");
+            const res = yield isomorphic_fetch_1.default(uri.toString(), this.getMergeRequestInitOption({
+                method: "post",
+                body: JSON.stringify(permissionData)
+            }));
+            return yield this.processJsonResponse(res);
+        });
+    }
+    getOperationByUri(opUri) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const uri = urijs_1.default(`${this.baseUrl}public/operations/byUri/${opUri}`);
+            const res = yield isomorphic_fetch_1.default(uri.toString(), this.getMergeRequestInitOption());
+            return yield this.processJsonResponse(res);
+        });
+    }
+    getResourceByUri(resUri) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const uri = urijs_1.default(`${this.baseUrl}public/resources/byUri/${resUri}`);
+            const res = yield isomorphic_fetch_1.default(uri.toString(), this.getMergeRequestInitOption());
+            return yield this.processJsonResponse(res);
+        });
+    }
     handleGetResult(promise) {
         return __awaiter(this, void 0, void 0, function* () {
             return promise
@@ -27562,29 +27619,6 @@ module.exports = once;
 
 "use strict";
 
-Object.defineProperty(exports, "__esModule", { value: true });
-class GenericError extends Error {
-    constructor(message = "Unknown Error", statusCode = 500) {
-        super(message);
-        this.statusCode = statusCode;
-    }
-    toData() {
-        return {
-            isError: true,
-            errorCode: this.statusCode,
-            errorMessage: this.message
-        };
-    }
-}
-exports.default = GenericError;
-//# sourceMappingURL=GenericError.js.map
-
-/***/ }),
-/* 80 */
-/***/ (function(module, exports, __webpack_require__) {
-
-"use strict";
-
 Object.defineProperty(exports, "__esModule", { value: true });
 function addTrailingSlash(url) {
     if (!url) {
@@ -27601,13 +27635,13 @@ exports.default = addTrailingSlash;
 //# sourceMappingURL=addTrailingSlash.js.map
 
 /***/ }),
-/* 81 */
+/* 80 */
 /***/ (function(module, exports, __webpack_require__) {
 
 var __WEBPACK_AMD_DEFINE_FACTORY__, __WEBPACK_AMD_DEFINE_ARRAY__, __WEBPACK_AMD_DEFINE_RESULT__;/*!
  * URI.js - Mutating URLs
  *
- * Version: 1.19.5
+ * Version: 1.19.11
  *
  * Author: Rodney Rehm
  * Web: http://medialize.github.io/URI.js/
@@ -27687,7 +27721,7 @@ var __WEBPACK_AMD_DEFINE_FACTORY__, __WEBPACK_AMD_DEFINE_ARRAY__, __WEBPACK_AMD_
     return /^[0-9]+$/.test(value);
   }
 
-  URI.version = '1.19.5';
+  URI.version = '1.19.11';
 
   var p = URI.prototype;
   var hasOwn = Object.prototype.hasOwnProperty;
@@ -27845,6 +27879,9 @@ var __WEBPACK_AMD_DEFINE_FACTORY__, __WEBPACK_AMD_DEFINE_ARRAY__, __WEBPACK_AMD_
     // balanced parens inclusion (), [], {}, <>
     parens: /(\([^\)]*\)|\[[^\]]*\]|\{[^}]*\}|<[^>]*>)/g,
   };
+  URI.leading_whitespace_expression = /^[\x00-\x20\u00a0\u1680\u2000-\u200a\u2028\u2029\u202f\u205f\u3000\ufeff]+/
+  // https://infra.spec.whatwg.org/#ascii-tab-or-newline
+  URI.ascii_tab_whitespace = /[\u0009\u000A\u000D]+/g
   // http://www.iana.org/assignments/uri-schemes.html
   // http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers#Well-known_ports
   URI.defaultPorts = {
@@ -28100,6 +28137,11 @@ var __WEBPACK_AMD_DEFINE_FACTORY__, __WEBPACK_AMD_DEFINE_ARRAY__, __WEBPACK_AMD_
         preventInvalidHostname: URI.preventInvalidHostname
       };
     }
+
+    string = string.replace(URI.leading_whitespace_expression, '')
+    // https://infra.spec.whatwg.org/#ascii-tab-or-newline
+    string = string.replace(URI.ascii_tab_whitespace, '')
+
     // [protocol"://"[username[":"password]"@"]hostname[":"port]"/"?][path]["?"querystring]["#"fragment]
 
     // extract fragment
@@ -28118,6 +28160,11 @@ var __WEBPACK_AMD_DEFINE_FACTORY__, __WEBPACK_AMD_DEFINE_ARRAY__, __WEBPACK_AMD_
       string = string.substring(0, pos);
     }
 
+    // slashes and backslashes have lost all meaning for the web protocols (https, http, wss, ws)
+    string = string.replace(/^(https?|ftp|wss?)?:+[/\\]*/i, '$1://');
+    // slashes and backslashes have lost all meaning for scheme relative URLs
+    string = string.replace(/^[/\\]{2,}/i, '//');
+
     // extract protocol
     if (string.substring(0, 2) === '//') {
       // relative-scheme
@@ -28132,7 +28179,7 @@ var __WEBPACK_AMD_DEFINE_FACTORY__, __WEBPACK_AMD_DEFINE_ARRAY__, __WEBPACK_AMD_
         if (parts.protocol && !parts.protocol.match(URI.protocol_expression)) {
           // : may be within the path
           parts.protocol = undefined;
-        } else if (string.substring(pos + 1, pos + 3) === '//') {
+        } else if (string.substring(pos + 1, pos + 3).replace(/\\/g, '/') === '//') {
           string = string.substring(pos + 3);
 
           // extract "user:pass@host:port"
@@ -28264,7 +28311,10 @@ var __WEBPACK_AMD_DEFINE_FACTORY__, __WEBPACK_AMD_DEFINE_ARRAY__, __WEBPACK_AMD_
       // no "=" is null according to http://dvcs.w3.org/hg/url/raw-file/tip/Overview.html#collect-url-parameters
       value = v.length ? URI.decodeQuery(v.join('='), escapeQuerySpace) : null;
 
-      if (hasOwn.call(items, name)) {
+      if (name === '__proto__') {
+        // ignore attempt at exploiting JavaScript internals
+        continue;
+      } else if (hasOwn.call(items, name)) {
         if (typeof items[name] === 'string' || items[name] === null) {
           items[name] = [items[name]];
         }
@@ -28357,7 +28407,10 @@ var __WEBPACK_AMD_DEFINE_FACTORY__, __WEBPACK_AMD_DEFINE_ARRAY__, __WEBPACK_AMD_
     var t = '';
     var unique, key, i, length;
     for (key in data) {
-      if (hasOwn.call(data, key)) {
+      if (key === '__proto__') {
+        // ignore attempt at exploiting JavaScript internals
+        continue;
+      } else if (hasOwn.call(data, key)) {
         if (isArray(data[key])) {
           unique = {};
           for (i = 0, length = data[key].length; i < length; i++) {
@@ -29951,6 +30004,41 @@ var __WEBPACK_AMD_DEFINE_FACTORY__, __WEBPACK_AMD_DEFINE_ARRAY__, __WEBPACK_AMD_
 }));
 
 
+/***/ }),
+/* 81 */
+/***/ (function(module, exports, __webpack_require__) {
+
+"use strict";
+
+Object.defineProperty(exports, "__esModule", { value: true });
+class ServerError extends Error {
+    constructor(message = "Unknown Error", statusCode = 500) {
+        super(message);
+        this.statusCode = statusCode;
+    }
+    toData() {
+        return {
+            isError: true,
+            errorCode: this.statusCode,
+            errorMessage: this.message
+        };
+    }
+}
+exports.default = ServerError;
+//# sourceMappingURL=ServerError.js.map
+
+/***/ }),
+/* 82 */
+/***/ (function(module, exports, __webpack_require__) {
+
+"use strict";
+
+Object.defineProperty(exports, "__esModule", { value: true });
+const uuidRegEx = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;
+const isUuid = (id) => typeof id === "string" && uuidRegEx.test(id);
+exports.default = isUuid;
+//# sourceMappingURL=isUuid.js.map
+
 /***/ })
 /******/ ]);
 });

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@magda/auth-api-client",
   "description": "MAGDA Auth API Client",
-  "version": "2.0.0-alpha.1",
+  "version": "2.0.0-alpha.2",
   "scripts": {
     "prebuild": "rimraf dist tsconfig.tsbuildinfo",
     "build": "webpack && api-extractor run -l",
@@ -12,7 +12,7 @@
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "devDependencies": {
-    "@magda/typescript-common": "^2.0.0-alpha.1",
+    "@magda/typescript-common": "^2.0.0-alpha.2",
     "@microsoft/api-extractor": "^7.7.8",
     "ts-loader": "^6.2.1",
     "typescript": "^3.7.2",