@mesob/auth-hono 0.4.4 → 0.4.5

package/dist/index.js

@@ -862,8 +862,17 @@ var userSchema = z.object({
   emailVerified: z.boolean(),
   phoneVerified: z.boolean(),
   lastSignInAt: z.string().datetime().nullable(),
+  createdAt: z.string().datetime().nullable().optional(),
+  userType: z.array(z.string()).optional(),
   roles: z.array(z.string()).nullable().optional(),
   roleCodes: z.array(z.string()).nullable().optional(),
+  userRoles: z.array(
+    z.object({
+      code: z.string(),
+      name: z.record(z.string(), z.string())
+    })
+  ).nullable().optional(),
+  activeSessionCount: z.number().int().min(0).optional(),
   permissions: z.array(z.string()).nullable().optional()
 });
 var sessionSchema = z.object({
@@ -3547,13 +3556,18 @@ function buildPermissionDescription(code) {
   };
 }
 function buildPermissionSeedRows(permissions) {
-  return getPermissionEntries3(permissions).map((entry) => ({
-    id: entry.code,
-    application: entry.application,
-    feature: entry.feature,
-    activity: entry.activity,
-    description: buildPermissionDescription(entry.code)
-  }));
+  const entries = getPermissionEntries3(permissions);
+  const byId = /* @__PURE__ */ new Map();
+  for (const entry of entries) {
+    byId.set(entry.code, {
+      id: entry.code,
+      application: entry.application,
+      feature: entry.feature,
+      activity: entry.activity,
+      description: buildPermissionDescription(entry.code)
+    });
+  }
+  return [...byId.values()];
 }
 async function seedPermissions({
   database,
@@ -7236,22 +7250,78 @@ var inviteUserHandler = async (c) => {
 };
 
 // src/routes/users/handler/list-users.ts
-import { and as and53, asc as asc5, desc as desc5, eq as eq58, ilike as ilike4, sql as sql27 } from "drizzle-orm";
-var sortColumnMap4 = {
-  createdAt: usersInIam.createdAt,
-  updatedAt: usersInIam.updatedAt,
+import { and as and53, asc as asc5, desc as desc5, eq as eq58, ilike as ilike4, inArray as inArray6, or as or4, sql as sql27 } from "drizzle-orm";
+var userSelect = {
+  id: usersInIam.id,
+  tenantId: usersInIam.tenantId,
   fullName: usersInIam.fullName,
+  email: usersInIam.email,
+  phone: usersInIam.phone,
   handle: usersInIam.handle,
-  lastSignInAt: usersInIam.lastSignInAt
+  image: usersInIam.image,
+  emailVerified: usersInIam.emailVerified,
+  phoneVerified: usersInIam.phoneVerified,
+  lastSignInAt: usersInIam.lastSignInAt,
+  createdAt: usersInIam.createdAt,
+  userType: usersInIam.userType,
+  roleCount: sql27`(select count(*)::int from ${userRolesInIam} where ${userRolesInIam.userId} = ${usersInIam.id} and ${userRolesInIam.tenantId} = ${usersInIam.tenantId})`.as(
+    "roleCount"
+  ),
+  activeSessionCount: sql27`(select count(*)::int from ${sessionsInIam} where ${sessionsInIam.userId} = ${usersInIam.id} and ${sessionsInIam.tenantId} = ${usersInIam.tenantId} and ${sessionsInIam.expiresAt} > now())`.as(
+    "activeSessionCount"
+  )
 };
+var sortColumnMap4 = {
+  fullName: usersInIam.fullName,
+  email: usersInIam.email,
+  phone: usersInIam.phone,
+  userType: sql27`(${usersInIam.userType})[1]`,
+  roleCount: sql27`(select count(*)::int from ${userRolesInIam} where ${userRolesInIam.userId} = ${usersInIam.id} and ${userRolesInIam.tenantId} = ${usersInIam.tenantId})`,
+  lastSignInAt: usersInIam.lastSignInAt,
+  activeSessionCount: sql27`(select count(*)::int from ${sessionsInIam} where ${sessionsInIam.userId} = ${usersInIam.id} and ${sessionsInIam.tenantId} = ${usersInIam.tenantId} and ${sessionsInIam.expiresAt} > now())`,
+  createdAt: usersInIam.createdAt
+};
+function roleNameToLocaleRecord(name, code) {
+  if (typeof name === "string") {
+    return { en: name };
+  }
+  if (name && typeof name === "object" && !Array.isArray(name)) {
+    const rec = name;
+    const out = {};
+    for (const [k, v] of Object.entries(rec)) {
+      if (typeof v === "string") {
+        out[k] = v;
+      }
+    }
+    return Object.keys(out).length > 0 ? out : { en: code };
+  }
+  return { en: code };
+}
 var listUsersHandler = async (c) => {
   const query = c.req.valid("query");
   const database = c.get("database");
   const tenantId = c.get("tenantId");
+  const config = c.get("config");
   const page = query.page || 1;
   const limit = query.limit || 20;
   const offset = (page - 1) * limit;
+  const userTypeFilter = (query.userType && query.userType !== "all" ? query.userType : null) ?? config.userType;
   const conditions = [eq58(usersInIam.tenantId, tenantId)];
+  if (userTypeFilter) {
+    conditions.push(
+      sql27`${usersInIam.userType} @> ARRAY[${userTypeFilter}]::text[]`
+    );
+  }
+  if (query.search?.trim()) {
+    const term = `%${query.search.trim().replace(/[%_\\]/g, (c2) => `\\${c2}`)}%`;
+    conditions.push(
+      or4(
+        ilike4(usersInIam.fullName, term),
+        ilike4(usersInIam.email, term),
+        ilike4(usersInIam.phone, term)
+      )
+    );
+  }
   if (query.email) {
     conditions.push(ilike4(usersInIam.email, `%${query.email}%`));
   }
@@ -7261,37 +7331,58 @@ var listUsersHandler = async (c) => {
   if (query.handle) {
     conditions.push(ilike4(usersInIam.handle, `%${query.handle}%`));
   }
-  if (query.filter === "emailVerified") {
-    conditions.push(eq58(usersInIam.emailVerified, true));
-  } else if (query.filter === "phoneVerified") {
-    conditions.push(eq58(usersInIam.phoneVerified, true));
-  } else if (query.filter === "notVerified") {
+  if (query.filter === "verified") {
+    conditions.push(
+      or4(
+        eq58(usersInIam.emailVerified, true),
+        eq58(usersInIam.phoneVerified, true)
+      )
+    );
+  } else if (query.filter === "unverified") {
     conditions.push(eq58(usersInIam.emailVerified, false));
     conditions.push(eq58(usersInIam.phoneVerified, false));
   }
   const orderDir = query.order === "asc" ? asc5 : desc5;
-  const sortCol = query.sort && sortColumnMap4[query.sort] ? sortColumnMap4[query.sort] : usersInIam.createdAt;
+  const sortCol = query.sort && sortColumnMap4[query.sort] ? sortColumnMap4[query.sort] : usersInIam.fullName;
+  const whereClause = and53(...conditions);
   const [users, totalResult] = await Promise.all([
-    database.select({
-      id: usersInIam.id,
-      tenantId: usersInIam.tenantId,
-      fullName: usersInIam.fullName,
-      email: usersInIam.email,
-      phone: usersInIam.phone,
-      handle: usersInIam.handle,
-      image: usersInIam.image,
-      emailVerified: usersInIam.emailVerified,
-      phoneVerified: usersInIam.phoneVerified,
-      lastSignInAt: usersInIam.lastSignInAt
-    }).from(usersInIam).where(and53(...conditions)).orderBy(orderDir(sortCol)).limit(limit).offset(offset),
-    database.select({ count: sql27`count(*)` }).from(usersInIam).where(and53(...conditions))
+    database.select(userSelect).from(usersInIam).where(whereClause).orderBy(orderDir(sortCol)).limit(limit).offset(offset),
+    database.select({ count: sql27`count(*)` }).from(usersInIam).where(whereClause)
   ]);
   const total = Number(totalResult[0]?.count || 0);
+  const userIds = users.map((u) => u.id);
+  const roleRows = userIds.length > 0 ? await database.select({
+    userId: userRolesInIam.userId,
+    code: rolesInIam.code,
+    name: rolesInIam.name
+  }).from(userRolesInIam).innerJoin(
+    rolesInIam,
+    and53(
+      eq58(rolesInIam.tenantId, userRolesInIam.tenantId),
+      eq58(rolesInIam.id, userRolesInIam.roleId)
+    )
+  ).where(
+    and53(
+      eq58(userRolesInIam.tenantId, tenantId),
+      inArray6(userRolesInIam.userId, userIds)
+    )
+  ) : [];
+  const userRolesMap = /* @__PURE__ */ new Map();
+  for (const r of roleRows) {
+    const list = userRolesMap.get(r.userId) ?? [];
+    list.push({
+      code: r.code,
+      name: roleNameToLocaleRecord(r.name, r.code)
+    });
+    userRolesMap.set(r.userId, list);
+  }
   return c.json(
     {
       users: users.map((u) => ({
         ...u,
-        roles: null
+        roles: null,
+        userRoles: userRolesMap.get(u.id) ?? [],
+        activeSessionCount: Number(u.activeSessionCount) ?? 0
       })),
       total,
       page,
@@ -7302,7 +7393,7 @@ var listUsersHandler = async (c) => {
 };
 
 // src/routes/users/handler/search-users.ts
-import { and as and54, eq as eq59, ilike as ilike5, or as or4 } from "drizzle-orm";
+import { and as and54, eq as eq59, ilike as ilike5, or as or5 } from "drizzle-orm";
 var searchUsersHandler = async (c) => {
   const query = c.req.valid("query");
   const database = c.get("database");
@@ -7310,7 +7401,7 @@ var searchUsersHandler = async (c) => {
   const limit = query.limit || 20;
   const conditions = [eq59(usersInIam.tenantId, tenantId)];
   if (query.search && query.search.trim().length > 0) {
-    const searchCondition = or4(
+    const searchCondition = or5(
       ilike5(usersInIam.fullName, `%${query.search}%`),
       ilike5(usersInIam.email, `%${query.search}%`),
       ilike5(usersInIam.handle, `%${query.search}%`)
@@ -7331,7 +7422,7 @@ var searchUsersHandler = async (c) => {
 };
 
 // src/routes/users/handler/update-user.ts
-import { and as and55, eq as eq60, sql as sql28 } from "drizzle-orm";
+import { and as and55, eq as eq60, inArray as inArray7, sql as sql28 } from "drizzle-orm";
 var updateUserHandler = async (c) => {
   const { id } = c.req.valid("param");
   const body = c.req.valid("json");
@@ -7392,32 +7483,80 @@ var updateUserHandler = async (c) => {
   if (!updated) {
     return c.json({ error: "User not found" }, 404);
   }
-  return c.json({ user: normalizeUser(updated) }, 200);
+  if (body.roleIds !== void 0) {
+    const roleIds = body.roleIds;
+    if (roleIds.length > 0) {
+      const validRoles = await database.select({ id: rolesInIam.id, code: rolesInIam.code }).from(rolesInIam).where(
+        and55(
+          eq60(rolesInIam.tenantId, tenantId),
+          inArray7(rolesInIam.id, roleIds)
+        )
+      );
+      const assignableIds = new Set(
+        validRoles.filter((r) => (r.code ?? "").toLowerCase() !== "owner").map((r) => r.id)
+      );
+      const toInsert = roleIds.filter((rid) => assignableIds.has(rid));
+      await database.delete(userRolesInIam).where(
+        and55(
+          eq60(userRolesInIam.tenantId, tenantId),
+          eq60(userRolesInIam.userId, id)
+        )
+      );
+      if (toInsert.length > 0) {
+        await database.insert(userRolesInIam).values(
+          toInsert.map((roleId) => ({
+            tenantId,
+            userId: id,
+            roleId
+          }))
+        );
+      }
+    } else {
+      await database.delete(userRolesInIam).where(
+        and55(
+          eq60(userRolesInIam.tenantId, tenantId),
+          eq60(userRolesInIam.userId, id)
+        )
+      );
+    }
+  }
+  const userWithRoles = await fetchUserWithRoles({
+    database,
+    userId: id,
+    tenantId
+  });
+  return c.json(
+    {
+      user: normalizeUser(userWithRoles ?? updated)
+    },
+    200
+  );
 };
 
 // src/routes/users/users.schema.ts
 import { z as z11 } from "zod";
 var sortableFields = [
-  "createdAt",
-  "updatedAt",
   "fullName",
-  "handle",
-  "lastSignInAt"
-];
-var filterValues = [
-  "",
-  "emailVerified",
-  "phoneVerified",
-  "notVerified"
+  "email",
+  "phone",
+  "userType",
+  "roleCount",
+  "lastSignInAt",
+  "activeSessionCount",
+  "createdAt"
 ];
+var filterValues = ["", "verified", "unverified"];
+var userTypeValues = ["all", "employee", "candidate", "admin"];
 var listUsersQuerySchema = z11.object({
   page: z11.coerce.number().min(1).default(1).optional(),
   limit: z11.coerce.number().min(1).max(100).default(20).optional(),
   tenantId: z11.string().optional(),
+  search: z11.string().optional(),
   email: z11.string().optional(),
   phone: z11.string().optional(),
   handle: z11.string().optional(),
   filter: z11.enum(filterValues).optional(),
+  userType: z11.enum(userTypeValues).optional(),
   sort: z11.enum(sortableFields).optional(),
   order: z11.enum(["asc", "desc"]).optional()
 });
@@ -7441,7 +7580,8 @@ var updateUserSchema = z11.object({
   handle: z11.string().optional(),
   image: z11.string().url().nullable().optional(),
   emailVerified: z11.boolean().optional(),
-  phoneVerified: z11.boolean().optional()
+  phoneVerified: z11.boolean().optional(),
+  roleIds: z11.array(z11.string().uuid()).optional()
 });
 var banUserSchema = z11.object({
   bannedUntil: z11.string().datetime().nullable().optional()