npm - @mesob/auth-hono - Versions diffs - 0.4.3 → 0.4.5 - Mend

@mesob/auth-hono 0.4.3 → 0.4.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/index.js CHANGED Viewed

@@ -862,8 +862,17 @@ var userSchema = z.object({
   emailVerified: z.boolean(),
   phoneVerified: z.boolean(),
   lastSignInAt: z.string().datetime().nullable(),
+  createdAt: z.string().datetime().nullable().optional(),
+  userType: z.array(z.string()).optional(),
   roles: z.array(z.string()).nullable().optional(),
   roleCodes: z.array(z.string()).nullable().optional(),
+  userRoles: z.array(
+    z.object({
+      code: z.string(),
+      name: z.record(z.string(), z.string())
+    })
+  ).nullable().optional(),
+  activeSessionCount: z.number().int().min(0).optional(),
   permissions: z.array(z.string()).nullable().optional()
 });
 var sessionSchema = z.object({
@@ -1059,10 +1068,10 @@ var checkAccountHandler = async (c) => {
     hasPassword: sql4`exists(
         select 1
         from ${accountsInIam}
-        where ${accountsInIam.tenantId} = ${resolvedTenantId}
-          and ${accountsInIam.userId} = ${usersInIam.id}
-          and ${accountsInIam.provider} = 'credentials'
-          and ${accountsInIam.password} is not null
+        where ${eq5(accountsInIam.tenantId, resolvedTenantId)}
+          and ${eq5(accountsInIam.userId, usersInIam.id)}
+          and ${eq5(accountsInIam.provider, "credentials")}
+          and ${sql4`${accountsInIam.password} is not null`}
       )`
   }).from(usersInIam).where(whereClause).limit(1);
   const verified = result?.verified ?? false;
@@ -1419,10 +1428,10 @@ var fetchUserForLogin = async ({
     hasPassword: sql6`exists(
         select 1
         from ${accountsInIam}
-        where ${accountsInIam.tenantId} = ${tenantId}
-          and ${accountsInIam.userId} = ${usersInIam.id}
-          and ${accountsInIam.provider} = 'credentials'
-          and ${accountsInIam.password} is not null
+        where ${eq7(accountsInIam.tenantId, tenantId)}
+          and ${eq7(accountsInIam.userId, usersInIam.id)}
+          and ${eq7(accountsInIam.provider, "credentials")}
+          and ${sql6`${accountsInIam.password} is not null`}
       )`
   }).from(usersInIam).where(whereClause).limit(1);
   return row || null;
@@ -3547,13 +3556,18 @@ function buildPermissionDescription(code) {
   };
 }
 function buildPermissionSeedRows(permissions) {
-  return getPermissionEntries3(permissions).map((entry) => ({
-    id: entry.code,
-    application: entry.application,
-    feature: entry.feature,
-    activity: entry.activity,
-    description: buildPermissionDescription(entry.code)
-  }));
+  const entries = getPermissionEntries3(permissions);
+  const byId = /* @__PURE__ */ new Map();
+  for (const entry of entries) {
+    byId.set(entry.code, {
+      id: entry.code,
+      application: entry.application,
+      feature: entry.feature,
+      activity: entry.activity,
+      description: buildPermissionDescription(entry.code)
+    });
+  }
+  return [...byId.values()];
 }
 async function seedPermissions({
   database,
@@ -7236,22 +7250,78 @@ var inviteUserHandler = async (c) => {
 };
 // src/routes/users/handler/list-users.ts
-import { and as and53, asc as asc5, desc as desc5, eq as eq58, ilike as ilike4, sql as sql27 } from "drizzle-orm";
-var sortColumnMap4 = {
-  createdAt: usersInIam.createdAt,
-  updatedAt: usersInIam.updatedAt,
+import { and as and53, asc as asc5, desc as desc5, eq as eq58, ilike as ilike4, inArray as inArray6, or as or4, sql as sql27 } from "drizzle-orm";
+var userSelect = {
+  id: usersInIam.id,
+  tenantId: usersInIam.tenantId,
   fullName: usersInIam.fullName,
+  email: usersInIam.email,
+  phone: usersInIam.phone,
   handle: usersInIam.handle,
-  lastSignInAt: usersInIam.lastSignInAt
+  image: usersInIam.image,
+  emailVerified: usersInIam.emailVerified,
+  phoneVerified: usersInIam.phoneVerified,
+  lastSignInAt: usersInIam.lastSignInAt,
+  createdAt: usersInIam.createdAt,
+  userType: usersInIam.userType,
+  roleCount: sql27`(select count(*)::int from ${userRolesInIam} where ${userRolesInIam.userId} = ${usersInIam.id} and ${userRolesInIam.tenantId} = ${usersInIam.tenantId})`.as(
+    "roleCount"
+  ),
+  activeSessionCount: sql27`(select count(*)::int from ${sessionsInIam} where ${sessionsInIam.userId} = ${usersInIam.id} and ${sessionsInIam.tenantId} = ${usersInIam.tenantId} and ${sessionsInIam.expiresAt} > now())`.as(
+    "activeSessionCount"
+  )
 };
+var sortColumnMap4 = {
+  fullName: usersInIam.fullName,
+  email: usersInIam.email,
+  phone: usersInIam.phone,
+  userType: sql27`(${usersInIam.userType})[1]`,
+  roleCount: sql27`(select count(*)::int from ${userRolesInIam} where ${userRolesInIam.userId} = ${usersInIam.id} and ${userRolesInIam.tenantId} = ${usersInIam.tenantId})`,
+  lastSignInAt: usersInIam.lastSignInAt,
+  activeSessionCount: sql27`(select count(*)::int from ${sessionsInIam} where ${sessionsInIam.userId} = ${usersInIam.id} and ${sessionsInIam.tenantId} = ${usersInIam.tenantId} and ${sessionsInIam.expiresAt} > now())`,
+  createdAt: usersInIam.createdAt
+};
+function roleNameToLocaleRecord(name, code) {
+  if (typeof name === "string") {
+    return { en: name };
+  }
+  if (name && typeof name === "object" && !Array.isArray(name)) {
+    const rec = name;
+    const out = {};
+    for (const [k, v] of Object.entries(rec)) {
+      if (typeof v === "string") {
+        out[k] = v;
+      }
+    }
+    return Object.keys(out).length > 0 ? out : { en: code };
+  }
+  return { en: code };
+}
 var listUsersHandler = async (c) => {
   const query = c.req.valid("query");
   const database = c.get("database");
   const tenantId = c.get("tenantId");
+  const config = c.get("config");
   const page = query.page || 1;
   const limit = query.limit || 20;
   const offset = (page - 1) * limit;
+  const userTypeFilter = (query.userType && query.userType !== "all" ? query.userType : null) ?? config.userType;
   const conditions = [eq58(usersInIam.tenantId, tenantId)];
+  if (userTypeFilter) {
+    conditions.push(
+      sql27`${usersInIam.userType} @> ARRAY[${userTypeFilter}]::text[]`
+    );
+  }
+  if (query.search?.trim()) {
+    const term = `%${query.search.trim().replace(/[%_\\]/g, (c2) => `\\${c2}`)}%`;
+    conditions.push(
+      or4(
+        ilike4(usersInIam.fullName, term),
+        ilike4(usersInIam.email, term),
+        ilike4(usersInIam.phone, term)
+      )
+    );
+  }
   if (query.email) {
     conditions.push(ilike4(usersInIam.email, `%${query.email}%`));
   }
@@ -7261,37 +7331,58 @@ var listUsersHandler = async (c) => {
   if (query.handle) {
     conditions.push(ilike4(usersInIam.handle, `%${query.handle}%`));
   }
-  if (query.filter === "emailVerified") {
-    conditions.push(eq58(usersInIam.emailVerified, true));
-  } else if (query.filter === "phoneVerified") {
-    conditions.push(eq58(usersInIam.phoneVerified, true));
-  } else if (query.filter === "notVerified") {
+  if (query.filter === "verified") {
+    conditions.push(
+      or4(
+        eq58(usersInIam.emailVerified, true),
+        eq58(usersInIam.phoneVerified, true)
+      )
+    );
+  } else if (query.filter === "unverified") {
     conditions.push(eq58(usersInIam.emailVerified, false));
     conditions.push(eq58(usersInIam.phoneVerified, false));
   }
   const orderDir = query.order === "asc" ? asc5 : desc5;
-  const sortCol = query.sort && sortColumnMap4[query.sort] ? sortColumnMap4[query.sort] : usersInIam.createdAt;
+  const sortCol = query.sort && sortColumnMap4[query.sort] ? sortColumnMap4[query.sort] : usersInIam.fullName;
+  const whereClause = and53(...conditions);
   const [users, totalResult] = await Promise.all([
-    database.select({
-      id: usersInIam.id,
-      tenantId: usersInIam.tenantId,
-      fullName: usersInIam.fullName,
-      email: usersInIam.email,
-      phone: usersInIam.phone,
-      handle: usersInIam.handle,
-      image: usersInIam.image,
-      emailVerified: usersInIam.emailVerified,
-      phoneVerified: usersInIam.phoneVerified,
-      lastSignInAt: usersInIam.lastSignInAt
-    }).from(usersInIam).where(and53(...conditions)).orderBy(orderDir(sortCol)).limit(limit).offset(offset),
-    database.select({ count: sql27`count(*)` }).from(usersInIam).where(and53(...conditions))
+    database.select(userSelect).from(usersInIam).where(whereClause).orderBy(orderDir(sortCol)).limit(limit).offset(offset),
+    database.select({ count: sql27`count(*)` }).from(usersInIam).where(whereClause)
   ]);
   const total = Number(totalResult[0]?.count || 0);
+  const userIds = users.map((u) => u.id);
+  const roleRows = userIds.length > 0 ? await database.select({
+    userId: userRolesInIam.userId,
+    code: rolesInIam.code,
+    name: rolesInIam.name
+  }).from(userRolesInIam).innerJoin(
+    rolesInIam,
+    and53(
+      eq58(rolesInIam.tenantId, userRolesInIam.tenantId),
+      eq58(rolesInIam.id, userRolesInIam.roleId)
+    )
+  ).where(
+    and53(
+      eq58(userRolesInIam.tenantId, tenantId),
+      inArray6(userRolesInIam.userId, userIds)
+    )
+  ) : [];
+  const userRolesMap = /* @__PURE__ */ new Map();
+  for (const r of roleRows) {
+    const list = userRolesMap.get(r.userId) ?? [];
+    list.push({
+      code: r.code,
+      name: roleNameToLocaleRecord(r.name, r.code)
+    });
+    userRolesMap.set(r.userId, list);
+  }
   return c.json(
     {
       users: users.map((u) => ({
         ...u,
-        roles: null
+        roles: null,
+        userRoles: userRolesMap.get(u.id) ?? [],
+        activeSessionCount: Number(u.activeSessionCount) ?? 0
       })),
       total,
       page,
@@ -7302,7 +7393,7 @@ var listUsersHandler = async (c) => {
 };
 // src/routes/users/handler/search-users.ts
-import { and as and54, eq as eq59, ilike as ilike5, or as or4 } from "drizzle-orm";
+import { and as and54, eq as eq59, ilike as ilike5, or as or5 } from "drizzle-orm";
 var searchUsersHandler = async (c) => {
   const query = c.req.valid("query");
   const database = c.get("database");
@@ -7310,7 +7401,7 @@ var searchUsersHandler = async (c) => {
   const limit = query.limit || 20;
   const conditions = [eq59(usersInIam.tenantId, tenantId)];
   if (query.search && query.search.trim().length > 0) {
-    const searchCondition = or4(
+    const searchCondition = or5(
       ilike5(usersInIam.fullName, `%${query.search}%`),
       ilike5(usersInIam.email, `%${query.search}%`),
       ilike5(usersInIam.handle, `%${query.search}%`)
@@ -7331,7 +7422,7 @@ var searchUsersHandler = async (c) => {
 };
 // src/routes/users/handler/update-user.ts
-import { and as and55, eq as eq60, sql as sql28 } from "drizzle-orm";
+import { and as and55, eq as eq60, inArray as inArray7, sql as sql28 } from "drizzle-orm";
 var updateUserHandler = async (c) => {
   const { id } = c.req.valid("param");
   const body = c.req.valid("json");
@@ -7392,32 +7483,80 @@ var updateUserHandler = async (c) => {
   if (!updated) {
     return c.json({ error: "User not found" }, 404);
   }
-  return c.json({ user: normalizeUser(updated) }, 200);
+  if (body.roleIds !== void 0) {
+    const roleIds = body.roleIds;
+    if (roleIds.length > 0) {
+      const validRoles = await database.select({ id: rolesInIam.id, code: rolesInIam.code }).from(rolesInIam).where(
+        and55(
+          eq60(rolesInIam.tenantId, tenantId),
+          inArray7(rolesInIam.id, roleIds)
+        )
+      );
+      const assignableIds = new Set(
+        validRoles.filter((r) => (r.code ?? "").toLowerCase() !== "owner").map((r) => r.id)
+      );
+      const toInsert = roleIds.filter((rid) => assignableIds.has(rid));
+      await database.delete(userRolesInIam).where(
+        and55(
+          eq60(userRolesInIam.tenantId, tenantId),
+          eq60(userRolesInIam.userId, id)
+        )
+      );
+      if (toInsert.length > 0) {
+        await database.insert(userRolesInIam).values(
+          toInsert.map((roleId) => ({
+            tenantId,
+            userId: id,
+            roleId
+          }))
+        );
+      }
+    } else {
+      await database.delete(userRolesInIam).where(
+        and55(
+          eq60(userRolesInIam.tenantId, tenantId),
+          eq60(userRolesInIam.userId, id)
+        )
+      );
+    }
+  }
+  const userWithRoles = await fetchUserWithRoles({
+    database,
+    userId: id,
+    tenantId
+  });
+  return c.json(
+    {
+      user: normalizeUser(userWithRoles ?? updated)
+    },
+    200
+  );
 };
 // src/routes/users/users.schema.ts
 import { z as z11 } from "zod";
 var sortableFields = [
-  "createdAt",
-  "updatedAt",
   "fullName",
-  "handle",
-  "lastSignInAt"
-];
-var filterValues = [
-  "",
-  "emailVerified",
-  "phoneVerified",
-  "notVerified"
+  "email",
+  "phone",
+  "userType",
+  "roleCount",
+  "lastSignInAt",
+  "activeSessionCount",
+  "createdAt"
 ];
+var filterValues = ["", "verified", "unverified"];
+var userTypeValues = ["all", "employee", "candidate", "admin"];
 var listUsersQuerySchema = z11.object({
   page: z11.coerce.number().min(1).default(1).optional(),
   limit: z11.coerce.number().min(1).max(100).default(20).optional(),
   tenantId: z11.string().optional(),
+  search: z11.string().optional(),
   email: z11.string().optional(),
   phone: z11.string().optional(),
   handle: z11.string().optional(),
   filter: z11.enum(filterValues).optional(),
+  userType: z11.enum(userTypeValues).optional(),
   sort: z11.enum(sortableFields).optional(),
   order: z11.enum(["asc", "desc"]).optional()
 });
@@ -7441,7 +7580,8 @@ var updateUserSchema = z11.object({
   handle: z11.string().optional(),
   image: z11.string().url().nullable().optional(),
   emailVerified: z11.boolean().optional(),
-  phoneVerified: z11.boolean().optional()
+  phoneVerified: z11.boolean().optional(),
+  roleIds: z11.array(z11.string().uuid()).optional()
 });
 var banUserSchema = z11.object({
   bannedUntil: z11.string().datetime().nullable().optional()