@open-core/identity 1.0.0 → 1.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (49) hide show
  1. package/README.md +54 -658
  2. package/dist/contracts.d.ts +93 -0
  3. package/dist/contracts.js +21 -0
  4. package/dist/entities/account.entity.js +1 -2
  5. package/dist/entities/role.entity.js +1 -2
  6. package/dist/events/identity.events.js +1 -2
  7. package/dist/index.d.ts +86 -67
  8. package/dist/index.js +110 -99
  9. package/dist/providers/auth/api-auth.provider.d.ts +52 -0
  10. package/dist/providers/auth/api-auth.provider.js +82 -0
  11. package/dist/providers/auth/credentials-auth.provider.d.ts +63 -0
  12. package/dist/providers/auth/credentials-auth.provider.js +149 -0
  13. package/dist/providers/auth/local-auth.provider.d.ts +82 -0
  14. package/dist/providers/auth/local-auth.provider.js +151 -0
  15. package/dist/providers/identity-auth.provider.d.ts +0 -0
  16. package/dist/providers/identity-auth.provider.js +1 -0
  17. package/dist/providers/principal/api-principal.provider.d.ts +50 -0
  18. package/dist/providers/principal/api-principal.provider.js +84 -0
  19. package/dist/providers/principal/local-principal.provider.d.ts +77 -0
  20. package/dist/providers/principal/local-principal.provider.js +164 -0
  21. package/dist/repositories/account.repository.d.ts +4 -4
  22. package/dist/repositories/account.repository.js +2 -6
  23. package/dist/repositories/role.repository.d.ts +4 -4
  24. package/dist/repositories/role.repository.js +2 -6
  25. package/dist/services/account.service.d.ts +52 -57
  26. package/dist/services/account.service.js +80 -166
  27. package/dist/services/auth/api-auth.provider.js +7 -10
  28. package/dist/services/auth/credentials-auth.provider.js +8 -44
  29. package/dist/services/auth/local-auth.provider.js +7 -10
  30. package/dist/services/cache/memory-cache.service.js +4 -7
  31. package/dist/services/identity-auth.provider.js +7 -10
  32. package/dist/services/identity-principal.provider.js +12 -15
  33. package/dist/services/principal/api-principal.provider.js +9 -12
  34. package/dist/services/principal/local-principal.provider.js +12 -15
  35. package/dist/services/role.service.d.ts +33 -54
  36. package/dist/services/role.service.js +51 -109
  37. package/dist/setup.js +25 -28
  38. package/dist/tokens.d.ts +7 -0
  39. package/dist/tokens.js +7 -0
  40. package/dist/types/auth.types.js +1 -2
  41. package/dist/types/index.js +1 -2
  42. package/dist/types.d.ts +170 -0
  43. package/dist/types.js +1 -0
  44. package/package.json +13 -8
  45. package/migrations/001_accounts_table.sql +0 -16
  46. package/migrations/002_roles_table.sql +0 -21
  47. package/migrations/003_alter_accounts_add_role.sql +0 -24
  48. package/migrations/004_rename_uuid_to_linked_id.sql +0 -12
  49. package/migrations/005_add_password_hash.sql +0 -7
package/dist/services/auth/api-auth.provider.js CHANGED
@@ -1,4 +1,3 @@
1
- "use strict";
2
1
  var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
3
2
  var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
4
3
  if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
@@ -8,11 +7,9 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
8
7
  var __metadata = (this && this.__metadata) || function (k, v) {
9
8
  if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
10
9
  };
11
- Object.defineProperty(exports, "__esModule", { value: true });
12
- exports.ApiAuthProvider = void 0;
13
- const tsyringe_1 = require("tsyringe");
14
- const framework_1 = require("@open-core/framework");
15
- const memory_cache_service_1 = require("../cache/memory-cache.service");
10
+ import { injectable } from "tsyringe";
11
+ import { Server } from "@open-core/framework";
12
+ import { MemoryCacheService } from "../cache/memory-cache.service";
16
13
  /**
17
14
  * API-based authentication provider that delegates auth to external API.
18
15
  * Does NOT require local database (uses memory cache only).
@@ -127,8 +124,8 @@ let ApiAuthProvider = class ApiAuthProvider {
127
124
  }
128
125
  }
129
126
  };
130
- exports.ApiAuthProvider = ApiAuthProvider;
131
- exports.ApiAuthProvider = ApiAuthProvider = __decorate([
132
- (0, tsyringe_1.injectable)(),
133
- __metadata("design:paramtypes", [framework_1.Server.ConfigService, framework_1.Server.HttpService, memory_cache_service_1.MemoryCacheService])
127
+ ApiAuthProvider = __decorate([
128
+ injectable(),
129
+ __metadata("design:paramtypes", [Server.ConfigService, Server.HttpService, MemoryCacheService])
134
130
  ], ApiAuthProvider);
131
+ export { ApiAuthProvider };
package/dist/services/auth/credentials-auth.provider.js CHANGED
@@ -1,52 +1,16 @@
1
- "use strict";
2
- var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
- if (k2 === undefined) k2 = k;
4
- var desc = Object.getOwnPropertyDescriptor(m, k);
5
- if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6
- desc = { enumerable: true, get: function() { return m[k]; } };
7
- }
8
- Object.defineProperty(o, k2, desc);
9
- }) : (function(o, m, k, k2) {
10
- if (k2 === undefined) k2 = k;
11
- o[k2] = m[k];
12
- }));
13
- var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
14
- Object.defineProperty(o, "default", { enumerable: true, value: v });
15
- }) : function(o, v) {
16
- o["default"] = v;
17
- });
18
1
  var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
19
2
  var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
20
3
  if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
21
4
  else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
22
5
  return c > 3 && r && Object.defineProperty(target, key, r), r;
23
6
  };
24
- var __importStar = (this && this.__importStar) || (function () {
25
- var ownKeys = function(o) {
26
- ownKeys = Object.getOwnPropertyNames || function (o) {
27
- var ar = [];
28
- for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
29
- return ar;
30
- };
31
- return ownKeys(o);
32
- };
33
- return function (mod) {
34
- if (mod && mod.__esModule) return mod;
35
- var result = {};
36
- if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
37
- __setModuleDefault(result, mod);
38
- return result;
39
- };
40
- })();
41
7
  var __metadata = (this && this.__metadata) || function (k, v) {
42
8
  if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
43
9
  };
44
- Object.defineProperty(exports, "__esModule", { value: true });
45
- exports.CredentialsAuthProvider = void 0;
46
- const tsyringe_1 = require("tsyringe");
47
- const framework_1 = require("@open-core/framework");
48
- const bcrypt = __importStar(require("bcrypt"));
49
- const account_service_1 = require("../account.service");
10
+ import { injectable } from "tsyringe";
11
+ import { Server } from "@open-core/framework";
12
+ import * as bcrypt from "bcrypt";
13
+ import { AccountService } from "../account.service";
50
14
  /**
51
15
  * Credentials-based authentication provider using username/password.
52
16
  * Requires password_hash column in accounts table (migration 005).
@@ -207,8 +171,8 @@ let CredentialsAuthProvider = class CredentialsAuthProvider {
207
171
  return result;
208
172
  }
209
173
  };
210
- exports.CredentialsAuthProvider = CredentialsAuthProvider;
211
- exports.CredentialsAuthProvider = CredentialsAuthProvider = __decorate([
212
- (0, tsyringe_1.injectable)(),
213
- __metadata("design:paramtypes", [account_service_1.AccountService, framework_1.Server.ConfigService])
174
+ CredentialsAuthProvider = __decorate([
175
+ injectable(),
176
+ __metadata("design:paramtypes", [AccountService, Server.ConfigService])
214
177
  ], CredentialsAuthProvider);
178
+ export { CredentialsAuthProvider };
package/dist/services/auth/local-auth.provider.js CHANGED
@@ -1,4 +1,3 @@
1
- "use strict";
2
1
  var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
3
2
  var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
4
3
  if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
@@ -8,11 +7,9 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
8
7
  var __metadata = (this && this.__metadata) || function (k, v) {
9
8
  if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
10
9
  };
11
- Object.defineProperty(exports, "__esModule", { value: true });
12
- exports.LocalAuthProvider = void 0;
13
- const tsyringe_1 = require("tsyringe");
14
- const framework_1 = require("@open-core/framework");
15
- const account_service_1 = require("../account.service");
10
+ import { injectable } from "tsyringe";
11
+ import { Server } from "@open-core/framework";
12
+ import { AccountService } from "../account.service";
16
13
  /**
17
14
  * Local authentication provider that auto-creates accounts based on FiveM identifiers.
18
15
  * This is the default/traditional authentication method for FiveM servers.
@@ -128,8 +125,8 @@ let LocalAuthProvider = class LocalAuthProvider {
128
125
  return result;
129
126
  }
130
127
  };
131
- exports.LocalAuthProvider = LocalAuthProvider;
132
- exports.LocalAuthProvider = LocalAuthProvider = __decorate([
133
- (0, tsyringe_1.injectable)(),
134
- __metadata("design:paramtypes", [account_service_1.AccountService, framework_1.Server.ConfigService])
128
+ LocalAuthProvider = __decorate([
129
+ injectable(),
130
+ __metadata("design:paramtypes", [AccountService, Server.ConfigService])
135
131
  ], LocalAuthProvider);
132
+ export { LocalAuthProvider };
package/dist/services/cache/memory-cache.service.js CHANGED
@@ -1,4 +1,3 @@
1
- "use strict";
2
1
  var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
3
2
  var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
4
3
  if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
@@ -8,9 +7,7 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
8
7
  var __metadata = (this && this.__metadata) || function (k, v) {
9
8
  if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
10
9
  };
11
- Object.defineProperty(exports, "__esModule", { value: true });
12
- exports.MemoryCacheService = void 0;
13
- const tsyringe_1 = require("tsyringe");
10
+ import { injectable } from "tsyringe";
14
11
  /**
15
12
  * Simple in-memory cache with TTL support.
16
13
  * Used to cache API responses and reduce external calls.
@@ -101,8 +98,8 @@ let MemoryCacheService = class MemoryCacheService {
101
98
  }
102
99
  }
103
100
  };
104
- exports.MemoryCacheService = MemoryCacheService;
105
- exports.MemoryCacheService = MemoryCacheService = __decorate([
106
- (0, tsyringe_1.injectable)(),
101
+ MemoryCacheService = __decorate([
102
+ injectable(),
107
103
  __metadata("design:paramtypes", [])
108
104
  ], MemoryCacheService);
105
+ export { MemoryCacheService };
package/dist/services/identity-auth.provider.js CHANGED
@@ -1,4 +1,3 @@
1
- "use strict";
2
1
  var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
3
2
  var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
4
3
  if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
@@ -8,11 +7,9 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
8
7
  var __metadata = (this && this.__metadata) || function (k, v) {
9
8
  if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
10
9
  };
11
- Object.defineProperty(exports, "__esModule", { value: true });
12
- exports.IdentityAuthProvider = void 0;
13
- const tsyringe_1 = require("tsyringe");
14
- const framework_1 = require("@open-core/framework");
15
- const account_service_1 = require("./account.service");
10
+ import { injectable } from "tsyringe";
11
+ import { Server } from "@open-core/framework";
12
+ import { AccountService } from "./account.service";
16
13
  let IdentityAuthProvider = class IdentityAuthProvider {
17
14
  constructor(accounts, config) {
18
15
  this.accounts = accounts;
@@ -118,8 +115,8 @@ let IdentityAuthProvider = class IdentityAuthProvider {
118
115
  return result;
119
116
  }
120
117
  };
121
- exports.IdentityAuthProvider = IdentityAuthProvider;
122
- exports.IdentityAuthProvider = IdentityAuthProvider = __decorate([
123
- (0, tsyringe_1.injectable)(),
124
- __metadata("design:paramtypes", [account_service_1.AccountService, framework_1.Server.ConfigService])
118
+ IdentityAuthProvider = __decorate([
119
+ injectable(),
120
+ __metadata("design:paramtypes", [AccountService, Server.ConfigService])
125
121
  ], IdentityAuthProvider);
122
+ export { IdentityAuthProvider };
package/dist/services/identity-principal.provider.js CHANGED
@@ -1,4 +1,3 @@
1
- "use strict";
2
1
  var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
3
2
  var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
4
3
  if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
@@ -8,12 +7,10 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
8
7
  var __metadata = (this && this.__metadata) || function (k, v) {
9
8
  if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
10
9
  };
11
- Object.defineProperty(exports, "__esModule", { value: true });
12
- exports.IdentityPrincipalProvider = void 0;
13
- const tsyringe_1 = require("tsyringe");
14
- const framework_1 = require("@open-core/framework");
15
- const account_service_1 = require("./account.service");
16
- const account_repository_1 = require("../repositories/account.repository");
10
+ import { injectable } from "tsyringe";
11
+ import { Utils } from "@open-core/framework";
12
+ import { AccountService } from "./account.service";
13
+ import { AccountRepository } from "../repositories/account.repository";
17
14
  let IdentityPrincipalProvider = class IdentityPrincipalProvider {
18
15
  constructor(accounts, repo) {
19
16
  this.accounts = accounts;
@@ -22,11 +19,11 @@ let IdentityPrincipalProvider = class IdentityPrincipalProvider {
22
19
  async getPrincipal(player) {
23
20
  const linked = player.accountID;
24
21
  if (!linked) {
25
- throw new framework_1.Utils.AppError("UNAUTHORIZED", "Player is not authenticated (no linked account)", "server");
22
+ throw new Utils.AppError("UNAUTHORIZED", "Player is not authenticated (no linked account)", "server");
26
23
  }
27
24
  const result = await this.repo.findByLinkedIdWithRole(String(linked));
28
25
  if (!result) {
29
- throw new framework_1.Utils.AppError("UNAUTHORIZED", "Linked account not found", "server");
26
+ throw new Utils.AppError("UNAUTHORIZED", "Linked account not found", "server");
30
27
  }
31
28
  const { account, role } = result;
32
29
  if (this.accounts.isBanExpired(account)) {
@@ -34,7 +31,7 @@ let IdentityPrincipalProvider = class IdentityPrincipalProvider {
34
31
  account.banned = false;
35
32
  }
36
33
  if (account.banned) {
37
- throw new framework_1.Utils.AppError("PERMISSION_DENIED", "Account is banned", "server", {
34
+ throw new Utils.AppError("PERMISSION_DENIED", "Account is banned", "server", {
38
35
  banReason: account.banReason,
39
36
  banExpires: account.banExpires,
40
37
  });
@@ -96,9 +93,9 @@ let IdentityPrincipalProvider = class IdentityPrincipalProvider {
96
93
  return Array.from(base);
97
94
  }
98
95
  };
99
- exports.IdentityPrincipalProvider = IdentityPrincipalProvider;
100
- exports.IdentityPrincipalProvider = IdentityPrincipalProvider = __decorate([
101
- (0, tsyringe_1.injectable)(),
102
- __metadata("design:paramtypes", [account_service_1.AccountService,
103
- account_repository_1.AccountRepository])
96
+ IdentityPrincipalProvider = __decorate([
97
+ injectable(),
98
+ __metadata("design:paramtypes", [AccountService,
99
+ AccountRepository])
104
100
  ], IdentityPrincipalProvider);
101
+ export { IdentityPrincipalProvider };
package/dist/services/principal/api-principal.provider.js CHANGED
@@ -1,4 +1,3 @@
1
- "use strict";
2
1
  var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
3
2
  var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
4
3
  if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
@@ -8,11 +7,9 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
8
7
  var __metadata = (this && this.__metadata) || function (k, v) {
9
8
  if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
10
9
  };
11
- Object.defineProperty(exports, "__esModule", { value: true });
12
- exports.ApiPrincipalProvider = void 0;
13
- const tsyringe_1 = require("tsyringe");
14
- const framework_1 = require("@open-core/framework");
15
- const memory_cache_service_1 = require("../cache/memory-cache.service");
10
+ import { injectable } from "tsyringe";
11
+ import { Server, Utils } from "@open-core/framework";
12
+ import { MemoryCacheService } from "../cache/memory-cache.service";
16
13
  /**
17
14
  * API-based principal provider that fetches permissions from external API.
18
15
  * Does NOT require local database (uses memory cache only).
@@ -46,7 +43,7 @@ let ApiPrincipalProvider = class ApiPrincipalProvider {
46
43
  async getPrincipal(player) {
47
44
  const linked = player.accountID;
48
45
  if (!linked) {
49
- throw new framework_1.Utils.AppError("UNAUTHORIZED", "Player is not authenticated (no linked account)", "server");
46
+ throw new Utils.AppError("UNAUTHORIZED", "Player is not authenticated (no linked account)", "server");
50
47
  }
51
48
  // Check cache first
52
49
  const cacheKey = `principal:${linked}`;
@@ -82,7 +79,7 @@ let ApiPrincipalProvider = class ApiPrincipalProvider {
82
79
  meta: {},
83
80
  };
84
81
  }
85
- throw new framework_1.Utils.AppError("UNAUTHORIZED", `Failed to fetch principal from API: ${error instanceof Error ? error.message : "Unknown error"}`, "server");
82
+ throw new Utils.AppError("UNAUTHORIZED", `Failed to fetch principal from API: ${error instanceof Error ? error.message : "Unknown error"}`, "server");
86
83
  }
87
84
  }
88
85
  async refreshPrincipal(player) {
@@ -134,8 +131,8 @@ let ApiPrincipalProvider = class ApiPrincipalProvider {
134
131
  }
135
132
  }
136
133
  };
137
- exports.ApiPrincipalProvider = ApiPrincipalProvider;
138
- exports.ApiPrincipalProvider = ApiPrincipalProvider = __decorate([
139
- (0, tsyringe_1.injectable)(),
140
- __metadata("design:paramtypes", [framework_1.Server.ConfigService, framework_1.Server.HttpService, memory_cache_service_1.MemoryCacheService])
134
+ ApiPrincipalProvider = __decorate([
135
+ injectable(),
136
+ __metadata("design:paramtypes", [Server.ConfigService, Server.HttpService, MemoryCacheService])
141
137
  ], ApiPrincipalProvider);
138
+ export { ApiPrincipalProvider };
package/dist/services/principal/local-principal.provider.js CHANGED
@@ -1,4 +1,3 @@
1
- "use strict";
2
1
  var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
3
2
  var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
4
3
  if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
@@ -8,12 +7,10 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
8
7
  var __metadata = (this && this.__metadata) || function (k, v) {
9
8
  if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
10
9
  };
11
- Object.defineProperty(exports, "__esModule", { value: true });
12
- exports.LocalPrincipalProvider = void 0;
13
- const tsyringe_1 = require("tsyringe");
14
- const framework_1 = require("@open-core/framework");
15
- const account_service_1 = require("../account.service");
16
- const account_repository_1 = require("../../repositories/account.repository");
10
+ import { injectable } from "tsyringe";
11
+ import { Utils } from "@open-core/framework";
12
+ import { AccountService } from "../account.service";
13
+ import { AccountRepository } from "../../repositories/account.repository";
17
14
  /**
18
15
  * Local principal provider that reads roles and permissions from local database.
19
16
  * This is the default/traditional principal provider for FiveM servers.
@@ -32,11 +29,11 @@ let LocalPrincipalProvider = class LocalPrincipalProvider {
32
29
  async getPrincipal(player) {
33
30
  const linked = player.accountID;
34
31
  if (!linked) {
35
- throw new framework_1.Utils.AppError("UNAUTHORIZED", "Player is not authenticated (no linked account)", "server");
32
+ throw new Utils.AppError("UNAUTHORIZED", "Player is not authenticated (no linked account)", "server");
36
33
  }
37
34
  const result = await this.repo.findByLinkedIdWithRole(String(linked));
38
35
  if (!result) {
39
- throw new framework_1.Utils.AppError("UNAUTHORIZED", "Linked account not found", "server");
36
+ throw new Utils.AppError("UNAUTHORIZED", "Linked account not found", "server");
40
37
  }
41
38
  const { account, role } = result;
42
39
  if (this.accounts.isBanExpired(account)) {
@@ -44,7 +41,7 @@ let LocalPrincipalProvider = class LocalPrincipalProvider {
44
41
  account.banned = false;
45
42
  }
46
43
  if (account.banned) {
47
- throw new framework_1.Utils.AppError("PERMISSION_DENIED", "Account is banned", "server", {
44
+ throw new Utils.AppError("PERMISSION_DENIED", "Account is banned", "server", {
48
45
  banReason: account.banReason,
49
46
  banExpires: account.banExpires,
50
47
  });
@@ -106,9 +103,9 @@ let LocalPrincipalProvider = class LocalPrincipalProvider {
106
103
  return Array.from(base);
107
104
  }
108
105
  };
109
- exports.LocalPrincipalProvider = LocalPrincipalProvider;
110
- exports.LocalPrincipalProvider = LocalPrincipalProvider = __decorate([
111
- (0, tsyringe_1.injectable)(),
112
- __metadata("design:paramtypes", [account_service_1.AccountService,
113
- account_repository_1.AccountRepository])
106
+ LocalPrincipalProvider = __decorate([
107
+ injectable(),
108
+ __metadata("design:paramtypes", [AccountService,
109
+ AccountRepository])
114
110
  ], LocalPrincipalProvider);
111
+ export { LocalPrincipalProvider };
package/dist/services/role.service.d.ts CHANGED
@@ -1,73 +1,52 @@
1
- import type { Role } from "../entities/role.entity";
2
- import type { CreateRoleInput, UpdateRoleInput } from "../types";
3
- import { RoleRepository } from "../repositories/role.repository";
1
+ import { RoleStore } from "../contracts";
2
+ import type { IdentityOptions, IdentityRole } from "../types";
4
3
  /**
5
- * Service for managing roles and their permissions.
6
- * Handles CRUD operations and permission management for roles.
4
+ * High-level service for managing security roles and their associated permissions.
5
+ *
6
+ * Provides a programmer-friendly API for role administration, including creation,
7
+ * updates, and permission retrieval. This service interacts with the configured
8
+ * {@link RoleStore}.
9
+ *
10
+ * @public
11
+ * @injectable
7
12
  */
8
13
  export declare class RoleService {
9
- private readonly repo;
10
- constructor(repo: RoleRepository);
14
+ private readonly store;
15
+ private readonly options;
11
16
  /**
12
- * Find a role by its ID.
17
+ * Initializes a new instance of the RoleService.
13
18
  *
14
- * @param id - Role ID
15
- * @returns The role or null if not found
19
+ * @param store - Persistence layer for role definitions.
20
+ * @param options - Identity system configuration options.
16
21
  */
17
- findById(id: number): Promise<Role | null>;
22
+ constructor(store: RoleStore, options: IdentityOptions);
18
23
  /**
19
- * Find a role by its internal name.
24
+ * Persists a new security role definition.
20
25
  *
21
- * @param name - Role name (e.g., 'admin', 'user')
22
- * @returns The role or null if not found
26
+ * @param role - The complete role definition to create.
27
+ * @returns A promise that resolves when the role is saved.
23
28
  */
24
- findByName(name: string): Promise<Role | null>;
29
+ create(role: IdentityRole): Promise<void>;
25
30
  /**
26
- * Get all roles.
31
+ * Updates an existing role's rank or permissions.
27
32
  *
28
- * @returns Array of all roles
33
+ * @param name - The unique technical name of the role to update.
34
+ * @param data - Partial object containing the fields to modify.
35
+ * @returns A promise that resolves when the update is complete.
29
36
  */
30
- getAll(): Promise<Role[]>;
37
+ update(name: string, data: Partial<Omit<IdentityRole, "name">>): Promise<void>;
31
38
  /**
32
- * Get the default role for new accounts.
39
+ * Permanently removes a role definition from the system.
33
40
  *
34
- * @returns The default role or null if none is configured
41
+ * @param name - The technical name of the role to delete.
42
+ * @returns A promise that resolves when the role is deleted.
35
43
  */
36
- getDefaultRole(): Promise<Role | null>;
44
+ delete(name: string): Promise<void>;
37
45
  /**
38
- * Create a new role.
46
+ * Retrieves the full list of permissions granted to a specific role.
39
47
  *
40
- * @param input - Role creation data
41
- * @returns The created role
48
+ * @param name - The technical name of the role.
49
+ * @returns A promise resolving to an array of permission strings.
42
50
  */
43
- create(input: CreateRoleInput): Promise<Role>;
44
- /**
45
- * Update an existing role.
46
- *
47
- * @param id - Role ID
48
- * @param input - Update data
49
- * @returns The updated role or null if not found
50
- */
51
- update(id: number, input: UpdateRoleInput): Promise<Role | null>;
52
- /**
53
- * Delete a role.
54
- *
55
- * @param id - Role ID
56
- * @returns true if deleted, false if not found
57
- */
58
- delete(id: number): Promise<boolean>;
59
- /**
60
- * Add a permission to a role.
61
- *
62
- * @param roleId - Role ID
63
- * @param permission - Permission string to add
64
- */
65
- addPermission(roleId: number, permission: string): Promise<void>;
66
- /**
67
- * Remove a permission from a role.
68
- *
69
- * @param roleId - Role ID
70
- * @param permission - Permission string to remove
71
- */
72
- removePermission(roleId: number, permission: string): Promise<void>;
51
+ getPermissions(name: string): Promise<string[]>;
73
52
  }