@overlordai/server 1.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/database/migrations/001-init-schema.sql +226 -0
- package/database/migrations/002-add-indexes.sql +17 -0
- package/database/migrations/003-add-settings-table.sql +4 -0
- package/database/migrations/004-add-developer-id-index.sql +5 -0
- package/dist/adapters/adapter.interface.d.ts +41 -0
- package/dist/adapters/adapter.interface.d.ts.map +1 -0
- package/dist/adapters/adapter.interface.js +6 -0
- package/dist/adapters/adapter.interface.js.map +1 -0
- package/dist/adapters/adapter.module.d.ts +3 -0
- package/dist/adapters/adapter.module.d.ts.map +1 -0
- package/dist/adapters/adapter.module.js +54 -0
- package/dist/adapters/adapter.module.js.map +1 -0
- package/dist/adapters/adapter.registry.d.ts +19 -0
- package/dist/adapters/adapter.registry.d.ts.map +1 -0
- package/dist/adapters/adapter.registry.js +51 -0
- package/dist/adapters/adapter.registry.js.map +1 -0
- package/dist/adapters/lark/lark-card.builder.d.ts +48 -0
- package/dist/adapters/lark/lark-card.builder.d.ts.map +1 -0
- package/dist/adapters/lark/lark-card.builder.js +259 -0
- package/dist/adapters/lark/lark-card.builder.js.map +1 -0
- package/dist/adapters/lark/lark-message.parser.d.ts +51 -0
- package/dist/adapters/lark/lark-message.parser.d.ts.map +1 -0
- package/dist/adapters/lark/lark-message.parser.js +189 -0
- package/dist/adapters/lark/lark-message.parser.js.map +1 -0
- package/dist/adapters/lark/lark-signature.d.ts +13 -0
- package/dist/adapters/lark/lark-signature.d.ts.map +1 -0
- package/dist/adapters/lark/lark-signature.js +58 -0
- package/dist/adapters/lark/lark-signature.js.map +1 -0
- package/dist/adapters/lark/lark.adapter.d.ts +65 -0
- package/dist/adapters/lark/lark.adapter.d.ts.map +1 -0
- package/dist/adapters/lark/lark.adapter.js +565 -0
- package/dist/adapters/lark/lark.adapter.js.map +1 -0
- package/dist/adapters/lark/lark.controller.d.ts +21 -0
- package/dist/adapters/lark/lark.controller.d.ts.map +1 -0
- package/dist/adapters/lark/lark.controller.js +120 -0
- package/dist/adapters/lark/lark.controller.js.map +1 -0
- package/dist/adapters/slack/slack.adapter.d.ts +19 -0
- package/dist/adapters/slack/slack.adapter.d.ts.map +1 -0
- package/dist/adapters/slack/slack.adapter.js +42 -0
- package/dist/adapters/slack/slack.adapter.js.map +1 -0
- package/dist/app.module.d.ts +5 -0
- package/dist/app.module.d.ts.map +1 -0
- package/dist/app.module.js +48 -0
- package/dist/app.module.js.map +1 -0
- package/dist/auth/auth.controller.d.ts +15 -0
- package/dist/auth/auth.controller.d.ts.map +1 -0
- package/dist/auth/auth.controller.js +67 -0
- package/dist/auth/auth.controller.js.map +1 -0
- package/dist/auth/auth.module.d.ts +3 -0
- package/dist/auth/auth.module.d.ts.map +1 -0
- package/dist/auth/auth.module.js +46 -0
- package/dist/auth/auth.module.js.map +1 -0
- package/dist/auth/auth.service.d.ts +62 -0
- package/dist/auth/auth.service.d.ts.map +1 -0
- package/dist/auth/auth.service.js +307 -0
- package/dist/auth/auth.service.js.map +1 -0
- package/dist/auth/decorators/allow-totp-setup.decorator.d.ts +3 -0
- package/dist/auth/decorators/allow-totp-setup.decorator.d.ts.map +1 -0
- package/dist/auth/decorators/allow-totp-setup.decorator.js +8 -0
- package/dist/auth/decorators/allow-totp-setup.decorator.js.map +1 -0
- package/dist/auth/decorators/project-roles.decorator.d.ts +4 -0
- package/dist/auth/decorators/project-roles.decorator.d.ts.map +1 -0
- package/dist/auth/decorators/project-roles.decorator.js +8 -0
- package/dist/auth/decorators/project-roles.decorator.js.map +1 -0
- package/dist/auth/decorators/roles.decorator.d.ts +4 -0
- package/dist/auth/decorators/roles.decorator.d.ts.map +1 -0
- package/dist/auth/decorators/roles.decorator.js +8 -0
- package/dist/auth/decorators/roles.decorator.js.map +1 -0
- package/dist/auth/extract-user.middleware.d.ts +21 -0
- package/dist/auth/extract-user.middleware.d.ts.map +1 -0
- package/dist/auth/extract-user.middleware.js +57 -0
- package/dist/auth/extract-user.middleware.js.map +1 -0
- package/dist/auth/guards/jwt-auth.guard.d.ts +14 -0
- package/dist/auth/guards/jwt-auth.guard.d.ts.map +1 -0
- package/dist/auth/guards/jwt-auth.guard.js +139 -0
- package/dist/auth/guards/jwt-auth.guard.js.map +1 -0
- package/dist/auth/guards/project-role.guard.d.ts +10 -0
- package/dist/auth/guards/project-role.guard.d.ts.map +1 -0
- package/dist/auth/guards/project-role.guard.js +72 -0
- package/dist/auth/guards/project-role.guard.js.map +1 -0
- package/dist/auth/guards/roles.guard.d.ts +8 -0
- package/dist/auth/guards/roles.guard.d.ts.map +1 -0
- package/dist/auth/guards/roles.guard.js +56 -0
- package/dist/auth/guards/roles.guard.js.map +1 -0
- package/dist/auth/jwt.strategy.d.ts +23 -0
- package/dist/auth/jwt.strategy.d.ts.map +1 -0
- package/dist/auth/jwt.strategy.js +49 -0
- package/dist/auth/jwt.strategy.js.map +1 -0
- package/dist/common/crypto.service.d.ts +31 -0
- package/dist/common/crypto.service.d.ts.map +1 -0
- package/dist/common/crypto.service.js +120 -0
- package/dist/common/crypto.service.js.map +1 -0
- package/dist/common/error-filter.d.ts +6 -0
- package/dist/common/error-filter.d.ts.map +1 -0
- package/dist/common/error-filter.js +78 -0
- package/dist/common/error-filter.js.map +1 -0
- package/dist/common/health.controller.d.ts +13 -0
- package/dist/common/health.controller.d.ts.map +1 -0
- package/dist/common/health.controller.js +75 -0
- package/dist/common/health.controller.js.map +1 -0
- package/dist/common/logger.service.d.ts +11 -0
- package/dist/common/logger.service.d.ts.map +1 -0
- package/dist/common/logger.service.js +48 -0
- package/dist/common/logger.service.js.map +1 -0
- package/dist/common/pagination.d.ts +18 -0
- package/dist/common/pagination.d.ts.map +1 -0
- package/dist/common/pagination.js +39 -0
- package/dist/common/pagination.js.map +1 -0
- package/dist/common/rate-limit.guard.d.ts +48 -0
- package/dist/common/rate-limit.guard.d.ts.map +1 -0
- package/dist/common/rate-limit.guard.js +129 -0
- package/dist/common/rate-limit.guard.js.map +1 -0
- package/dist/common/sensitive-filter.d.ts +7 -0
- package/dist/common/sensitive-filter.d.ts.map +1 -0
- package/dist/common/sensitive-filter.js +20 -0
- package/dist/common/sensitive-filter.js.map +1 -0
- package/dist/database/database.module.d.ts +3 -0
- package/dist/database/database.module.d.ts.map +1 -0
- package/dist/database/database.module.js +22 -0
- package/dist/database/database.module.js.map +1 -0
- package/dist/database/database.service.d.ts +13 -0
- package/dist/database/database.service.d.ts.map +1 -0
- package/dist/database/database.service.js +107 -0
- package/dist/database/database.service.js.map +1 -0
- package/dist/database/migration-runner.d.ts +5 -0
- package/dist/database/migration-runner.d.ts.map +1 -0
- package/dist/database/migration-runner.js +86 -0
- package/dist/database/migration-runner.js.map +1 -0
- package/dist/database/repositories/audit-log.repository.d.ts +29 -0
- package/dist/database/repositories/audit-log.repository.d.ts.map +1 -0
- package/dist/database/repositories/audit-log.repository.js +80 -0
- package/dist/database/repositories/audit-log.repository.js.map +1 -0
- package/dist/database/repositories/bot.repository.d.ts +67 -0
- package/dist/database/repositories/bot.repository.d.ts.map +1 -0
- package/dist/database/repositories/bot.repository.js +133 -0
- package/dist/database/repositories/bot.repository.js.map +1 -0
- package/dist/database/repositories/developer-token.repository.d.ts +40 -0
- package/dist/database/repositories/developer-token.repository.d.ts.map +1 -0
- package/dist/database/repositories/developer-token.repository.js +84 -0
- package/dist/database/repositories/developer-token.repository.js.map +1 -0
- package/dist/database/repositories/developer.repository.d.ts +25 -0
- package/dist/database/repositories/developer.repository.d.ts.map +1 -0
- package/dist/database/repositories/developer.repository.js +139 -0
- package/dist/database/repositories/developer.repository.js.map +1 -0
- package/dist/database/repositories/machine.repository.d.ts +39 -0
- package/dist/database/repositories/machine.repository.d.ts.map +1 -0
- package/dist/database/repositories/machine.repository.js +176 -0
- package/dist/database/repositories/machine.repository.js.map +1 -0
- package/dist/database/repositories/notification.repository.d.ts +19 -0
- package/dist/database/repositories/notification.repository.d.ts.map +1 -0
- package/dist/database/repositories/notification.repository.js +94 -0
- package/dist/database/repositories/notification.repository.js.map +1 -0
- package/dist/database/repositories/project-member.repository.d.ts +30 -0
- package/dist/database/repositories/project-member.repository.d.ts.map +1 -0
- package/dist/database/repositories/project-member.repository.js +75 -0
- package/dist/database/repositories/project-member.repository.js.map +1 -0
- package/dist/database/repositories/project.repository.d.ts +24 -0
- package/dist/database/repositories/project.repository.d.ts.map +1 -0
- package/dist/database/repositories/project.repository.js +154 -0
- package/dist/database/repositories/project.repository.js.map +1 -0
- package/dist/database/repositories/session.repository.d.ts +19 -0
- package/dist/database/repositories/session.repository.d.ts.map +1 -0
- package/dist/database/repositories/session.repository.js +117 -0
- package/dist/database/repositories/session.repository.js.map +1 -0
- package/dist/database/repositories/task.repository.d.ts +37 -0
- package/dist/database/repositories/task.repository.d.ts.map +1 -0
- package/dist/database/repositories/task.repository.js +229 -0
- package/dist/database/repositories/task.repository.js.map +1 -0
- package/dist/database/repositories/worker-token.repository.d.ts +20 -0
- package/dist/database/repositories/worker-token.repository.d.ts.map +1 -0
- package/dist/database/repositories/worker-token.repository.js +94 -0
- package/dist/database/repositories/worker-token.repository.js.map +1 -0
- package/dist/database/repositories/workspace.repository.d.ts +19 -0
- package/dist/database/repositories/workspace.repository.d.ts.map +1 -0
- package/dist/database/repositories/workspace.repository.js +82 -0
- package/dist/database/repositories/workspace.repository.js.map +1 -0
- package/dist/dispatcher/capability.service.d.ts +50 -0
- package/dist/dispatcher/capability.service.d.ts.map +1 -0
- package/dist/dispatcher/capability.service.js +159 -0
- package/dist/dispatcher/capability.service.js.map +1 -0
- package/dist/dispatcher/cleanup.service.d.ts +23 -0
- package/dist/dispatcher/cleanup.service.d.ts.map +1 -0
- package/dist/dispatcher/cleanup.service.js +107 -0
- package/dist/dispatcher/cleanup.service.js.map +1 -0
- package/dist/dispatcher/dedup.service.d.ts +48 -0
- package/dist/dispatcher/dedup.service.d.ts.map +1 -0
- package/dist/dispatcher/dedup.service.js +189 -0
- package/dist/dispatcher/dedup.service.js.map +1 -0
- package/dist/dispatcher/dispatcher.module.d.ts +3 -0
- package/dist/dispatcher/dispatcher.module.d.ts.map +1 -0
- package/dist/dispatcher/dispatcher.module.js +76 -0
- package/dist/dispatcher/dispatcher.module.js.map +1 -0
- package/dist/dispatcher/dispatcher.service.d.ts +134 -0
- package/dist/dispatcher/dispatcher.service.d.ts.map +1 -0
- package/dist/dispatcher/dispatcher.service.js +1034 -0
- package/dist/dispatcher/dispatcher.service.js.map +1 -0
- package/dist/dispatcher/heartbeat.service.d.ts +50 -0
- package/dist/dispatcher/heartbeat.service.d.ts.map +1 -0
- package/dist/dispatcher/heartbeat.service.js +154 -0
- package/dist/dispatcher/heartbeat.service.js.map +1 -0
- package/dist/dispatcher/machine-selector.d.ts +18 -0
- package/dist/dispatcher/machine-selector.d.ts.map +1 -0
- package/dist/dispatcher/machine-selector.js +144 -0
- package/dist/dispatcher/machine-selector.js.map +1 -0
- package/dist/dispatcher/pty-relay.service.d.ts +75 -0
- package/dist/dispatcher/pty-relay.service.d.ts.map +1 -0
- package/dist/dispatcher/pty-relay.service.js +404 -0
- package/dist/dispatcher/pty-relay.service.js.map +1 -0
- package/dist/dispatcher/reconciler.d.ts +39 -0
- package/dist/dispatcher/reconciler.d.ts.map +1 -0
- package/dist/dispatcher/reconciler.js +556 -0
- package/dist/dispatcher/reconciler.js.map +1 -0
- package/dist/dispatcher/scheduler.service.d.ts +50 -0
- package/dist/dispatcher/scheduler.service.d.ts.map +1 -0
- package/dist/dispatcher/scheduler.service.js +287 -0
- package/dist/dispatcher/scheduler.service.js.map +1 -0
- package/dist/dispatcher/state-machine.d.ts +16 -0
- package/dist/dispatcher/state-machine.d.ts.map +1 -0
- package/dist/dispatcher/state-machine.js +77 -0
- package/dist/dispatcher/state-machine.js.map +1 -0
- package/dist/dispatcher/task-log-batcher.d.ts +50 -0
- package/dist/dispatcher/task-log-batcher.d.ts.map +1 -0
- package/dist/dispatcher/task-log-batcher.js +184 -0
- package/dist/dispatcher/task-log-batcher.js.map +1 -0
- package/dist/dispatcher/worker-connection.manager.d.ts +49 -0
- package/dist/dispatcher/worker-connection.manager.d.ts.map +1 -0
- package/dist/dispatcher/worker-connection.manager.js +128 -0
- package/dist/dispatcher/worker-connection.manager.js.map +1 -0
- package/dist/main.d.ts +2 -0
- package/dist/main.d.ts.map +1 -0
- package/dist/main.js +85 -0
- package/dist/main.js.map +1 -0
- package/dist/notifier/debouncer.d.ts +39 -0
- package/dist/notifier/debouncer.d.ts.map +1 -0
- package/dist/notifier/debouncer.js +123 -0
- package/dist/notifier/debouncer.js.map +1 -0
- package/dist/notifier/notification-consumer.d.ts +88 -0
- package/dist/notifier/notification-consumer.d.ts.map +1 -0
- package/dist/notifier/notification-consumer.js +186 -0
- package/dist/notifier/notification-consumer.js.map +1 -0
- package/dist/notifier/notifier.module.d.ts +9 -0
- package/dist/notifier/notifier.module.d.ts.map +1 -0
- package/dist/notifier/notifier.module.js +58 -0
- package/dist/notifier/notifier.module.js.map +1 -0
- package/dist/notifier/notifier.service.d.ts +40 -0
- package/dist/notifier/notifier.service.d.ts.map +1 -0
- package/dist/notifier/notifier.service.js +191 -0
- package/dist/notifier/notifier.service.js.map +1 -0
- package/dist/notifier/template.service.d.ts +42 -0
- package/dist/notifier/template.service.d.ts.map +1 -0
- package/dist/notifier/template.service.js +201 -0
- package/dist/notifier/template.service.js.map +1 -0
- package/dist/redis/redis.module.d.ts +3 -0
- package/dist/redis/redis.module.d.ts.map +1 -0
- package/dist/redis/redis.module.js +22 -0
- package/dist/redis/redis.module.js.map +1 -0
- package/dist/redis/redis.service.d.ts +19 -0
- package/dist/redis/redis.service.d.ts.map +1 -0
- package/dist/redis/redis.service.js +69 -0
- package/dist/redis/redis.service.js.map +1 -0
- package/dist/web/admin/admin-audit.controller.d.ts +7 -0
- package/dist/web/admin/admin-audit.controller.d.ts.map +1 -0
- package/dist/web/admin/admin-audit.controller.js +53 -0
- package/dist/web/admin/admin-audit.controller.js.map +1 -0
- package/dist/web/admin/admin-bot.controller.d.ts +79 -0
- package/dist/web/admin/admin-bot.controller.d.ts.map +1 -0
- package/dist/web/admin/admin-bot.controller.js +193 -0
- package/dist/web/admin/admin-bot.controller.js.map +1 -0
- package/dist/web/admin/admin-developer.controller.d.ts +52 -0
- package/dist/web/admin/admin-developer.controller.d.ts.map +1 -0
- package/dist/web/admin/admin-developer.controller.js +160 -0
- package/dist/web/admin/admin-developer.controller.js.map +1 -0
- package/dist/web/admin/admin-machine.controller.d.ts +64 -0
- package/dist/web/admin/admin-machine.controller.d.ts.map +1 -0
- package/dist/web/admin/admin-machine.controller.js +111 -0
- package/dist/web/admin/admin-machine.controller.js.map +1 -0
- package/dist/web/admin/admin-project.controller.d.ts +45 -0
- package/dist/web/admin/admin-project.controller.d.ts.map +1 -0
- package/dist/web/admin/admin-project.controller.js +207 -0
- package/dist/web/admin/admin-project.controller.js.map +1 -0
- package/dist/web/admin/admin-settings.controller.d.ts +18 -0
- package/dist/web/admin/admin-settings.controller.d.ts.map +1 -0
- package/dist/web/admin/admin-settings.controller.js +93 -0
- package/dist/web/admin/admin-settings.controller.js.map +1 -0
- package/dist/web/admin/admin-token.controller.d.ts +45 -0
- package/dist/web/admin/admin-token.controller.d.ts.map +1 -0
- package/dist/web/admin/admin-token.controller.js +182 -0
- package/dist/web/admin/admin-token.controller.js.map +1 -0
- package/dist/web/dashboard.controller.d.ts +16 -0
- package/dist/web/dashboard.controller.d.ts.map +1 -0
- package/dist/web/dashboard.controller.js +78 -0
- package/dist/web/dashboard.controller.js.map +1 -0
- package/dist/web/dashboard.service.d.ts +39 -0
- package/dist/web/dashboard.service.d.ts.map +1 -0
- package/dist/web/dashboard.service.js +234 -0
- package/dist/web/dashboard.service.js.map +1 -0
- package/dist/web/interaction.service.d.ts +42 -0
- package/dist/web/interaction.service.d.ts.map +1 -0
- package/dist/web/interaction.service.js +102 -0
- package/dist/web/interaction.service.js.map +1 -0
- package/dist/web/machine.controller.d.ts +102 -0
- package/dist/web/machine.controller.d.ts.map +1 -0
- package/dist/web/machine.controller.js +121 -0
- package/dist/web/machine.controller.js.map +1 -0
- package/dist/web/notification.controller.d.ts +22 -0
- package/dist/web/notification.controller.d.ts.map +1 -0
- package/dist/web/notification.controller.js +70 -0
- package/dist/web/notification.controller.js.map +1 -0
- package/dist/web/profile.controller.d.ts +70 -0
- package/dist/web/profile.controller.d.ts.map +1 -0
- package/dist/web/profile.controller.js +262 -0
- package/dist/web/profile.controller.js.map +1 -0
- package/dist/web/project.controller.d.ts +8 -0
- package/dist/web/project.controller.d.ts.map +1 -0
- package/dist/web/project.controller.js +54 -0
- package/dist/web/project.controller.js.map +1 -0
- package/dist/web/pty.gateway.d.ts +32 -0
- package/dist/web/pty.gateway.d.ts.map +1 -0
- package/dist/web/pty.gateway.js +358 -0
- package/dist/web/pty.gateway.js.map +1 -0
- package/dist/web/search.service.d.ts +34 -0
- package/dist/web/search.service.d.ts.map +1 -0
- package/dist/web/search.service.js +106 -0
- package/dist/web/search.service.js.map +1 -0
- package/dist/web/task.controller.d.ts +54 -0
- package/dist/web/task.controller.d.ts.map +1 -0
- package/dist/web/task.controller.js +266 -0
- package/dist/web/task.controller.js.map +1 -0
- package/dist/web/web.module.d.ts +3 -0
- package/dist/web/web.module.d.ts.map +1 -0
- package/dist/web/web.module.js +97 -0
- package/dist/web/web.module.js.map +1 -0
- package/dist/web/worker-channel.gateway.d.ts +45 -0
- package/dist/web/worker-channel.gateway.d.ts.map +1 -0
- package/dist/web/worker-channel.gateway.js +283 -0
- package/dist/web/worker-channel.gateway.js.map +1 -0
- package/dist/web/worker.controller.d.ts +14 -0
- package/dist/web/worker.controller.d.ts.map +1 -0
- package/dist/web/worker.controller.js +73 -0
- package/dist/web/worker.controller.js.map +1 -0
- package/dist/web/workspace.controller.d.ts +109 -0
- package/dist/web/workspace.controller.d.ts.map +1 -0
- package/dist/web/workspace.controller.js +386 -0
- package/dist/web/workspace.controller.js.map +1 -0
- package/package.json +61 -0
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import { CanActivate, ExecutionContext } from '@nestjs/common';
|
|
2
|
+
import { Reflector } from '@nestjs/core';
|
|
3
|
+
import { DatabaseService } from '../../database/database.service';
|
|
4
|
+
export declare class ProjectRoleGuard implements CanActivate {
|
|
5
|
+
private readonly reflector;
|
|
6
|
+
private readonly database;
|
|
7
|
+
constructor(reflector: Reflector, database: DatabaseService);
|
|
8
|
+
canActivate(context: ExecutionContext): boolean;
|
|
9
|
+
}
|
|
10
|
+
//# sourceMappingURL=project-role.guard.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"project-role.guard.d.ts","sourceRoot":"","sources":["../../../src/auth/guards/project-role.guard.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,WAAW,EACX,gBAAgB,EAGjB,MAAM,gBAAgB,CAAC;AACxB,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAEzC,OAAO,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAC;AAWlE,qBACa,gBAAiB,YAAW,WAAW;IAEhD,OAAO,CAAC,QAAQ,CAAC,SAAS;IAC1B,OAAO,CAAC,QAAQ,CAAC,QAAQ;gBADR,SAAS,EAAE,SAAS,EACpB,QAAQ,EAAE,eAAe;IAG5C,WAAW,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO;CA2DhD"}
|
|
@@ -0,0 +1,72 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
9
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
|
+
};
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
exports.ProjectRoleGuard = void 0;
|
|
13
|
+
const common_1 = require("@nestjs/common");
|
|
14
|
+
const core_1 = require("@nestjs/core");
|
|
15
|
+
const protocol_1 = require("@overlordai/protocol");
|
|
16
|
+
const database_service_1 = require("../../database/database.service");
|
|
17
|
+
const project_roles_decorator_1 = require("../decorators/project-roles.decorator");
|
|
18
|
+
let ProjectRoleGuard = class ProjectRoleGuard {
|
|
19
|
+
reflector;
|
|
20
|
+
database;
|
|
21
|
+
constructor(reflector, database) {
|
|
22
|
+
this.reflector = reflector;
|
|
23
|
+
this.database = database;
|
|
24
|
+
}
|
|
25
|
+
canActivate(context) {
|
|
26
|
+
const requiredRoles = this.reflector.getAllAndOverride(project_roles_decorator_1.PROJECT_ROLES_KEY, [context.getHandler(), context.getClass()]);
|
|
27
|
+
// No @ProjectRoles() decorator means no project role check needed
|
|
28
|
+
if (!requiredRoles || requiredRoles.length === 0) {
|
|
29
|
+
return true;
|
|
30
|
+
}
|
|
31
|
+
const request = context.switchToHttp().getRequest();
|
|
32
|
+
const user = request.user;
|
|
33
|
+
if (!user) {
|
|
34
|
+
throw new common_1.ForbiddenException('Access denied');
|
|
35
|
+
}
|
|
36
|
+
// Admin bypasses project role check
|
|
37
|
+
if (user.role === protocol_1.DeveloperRole.ADMIN) {
|
|
38
|
+
return true;
|
|
39
|
+
}
|
|
40
|
+
// Extract projectKey from route params
|
|
41
|
+
const projectKey = request.params?.projectKey ?? request.params?.project_key;
|
|
42
|
+
if (!projectKey) {
|
|
43
|
+
throw new common_1.ForbiddenException('Project key not found in route params');
|
|
44
|
+
}
|
|
45
|
+
const membership = this.database
|
|
46
|
+
.getDb()
|
|
47
|
+
.prepare('SELECT * FROM project_members WHERE project_key = ? AND developer_id = ?')
|
|
48
|
+
.get(projectKey, user.sub);
|
|
49
|
+
if (!membership) {
|
|
50
|
+
throw new common_1.ForbiddenException('Not a member of this project');
|
|
51
|
+
}
|
|
52
|
+
// Check if the member's project role satisfies the requirement
|
|
53
|
+
// maintainer > member (maintainer satisfies member requirement)
|
|
54
|
+
const roleHierarchy = {
|
|
55
|
+
[protocol_1.ProjectRole.MEMBER]: 0,
|
|
56
|
+
[protocol_1.ProjectRole.MAINTAINER]: 1,
|
|
57
|
+
};
|
|
58
|
+
const memberLevel = roleHierarchy[membership.role] ?? -1;
|
|
59
|
+
const minRequired = Math.min(...requiredRoles.map((r) => roleHierarchy[r] ?? Infinity));
|
|
60
|
+
if (memberLevel < minRequired) {
|
|
61
|
+
throw new common_1.ForbiddenException('Insufficient project role');
|
|
62
|
+
}
|
|
63
|
+
return true;
|
|
64
|
+
}
|
|
65
|
+
};
|
|
66
|
+
exports.ProjectRoleGuard = ProjectRoleGuard;
|
|
67
|
+
exports.ProjectRoleGuard = ProjectRoleGuard = __decorate([
|
|
68
|
+
(0, common_1.Injectable)(),
|
|
69
|
+
__metadata("design:paramtypes", [core_1.Reflector,
|
|
70
|
+
database_service_1.DatabaseService])
|
|
71
|
+
], ProjectRoleGuard);
|
|
72
|
+
//# sourceMappingURL=project-role.guard.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"project-role.guard.js","sourceRoot":"","sources":["../../../src/auth/guards/project-role.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAKwB;AACxB,uCAAyC;AACzC,mDAAkE;AAClE,sEAAkE;AAClE,mFAA0E;AAWnE,IAAM,gBAAgB,GAAtB,MAAM,gBAAgB;IAER;IACA;IAFnB,YACmB,SAAoB,EACpB,QAAyB;QADzB,cAAS,GAAT,SAAS,CAAW;QACpB,aAAQ,GAAR,QAAQ,CAAiB;IACzC,CAAC;IAEJ,WAAW,CAAC,OAAyB;QACnC,MAAM,aAAa,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAEpD,2CAAiB,EAAE,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QAEjE,kEAAkE;QAClE,IAAI,CAAC,aAAa,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACjD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QACpD,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;QAE1B,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,2BAAkB,CAAC,eAAe,CAAC,CAAC;QAChD,CAAC;QAED,oCAAoC;QACpC,IAAI,IAAI,CAAC,IAAI,KAAK,wBAAa,CAAC,KAAK,EAAE,CAAC;YACtC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,uCAAuC;QACvC,MAAM,UAAU,GACd,OAAO,CAAC,MAAM,EAAE,UAAU,IAAI,OAAO,CAAC,MAAM,EAAE,WAAW,CAAC;QAE5D,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,2BAAkB,CAAC,uCAAuC,CAAC,CAAC;QACxE,CAAC;QAED,MAAM,UAAU,GAAG,IAAI,CAAC,QAAQ;aAC7B,KAAK,EAAE;aACP,OAAO,CACN,0EAA0E,CAC3E;aACA,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,GAAG,CAAiC,CAAC;QAE7D,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,2BAAkB,CAAC,8BAA8B,CAAC,CAAC;QAC/D,CAAC;QAED,+DAA+D;QAC/D,gEAAgE;QAChE,MAAM,aAAa,GAA2B;YAC5C,CAAC,sBAAW,CAAC,MAAM,CAAC,EAAE,CAAC;YACvB,CAAC,sBAAW,CAAC,UAAU,CAAC,EAAE,CAAC;SAC5B,CAAC;QAEF,MAAM,WAAW,GAAG,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;QACzD,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAC1B,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC,CAC1D,CAAC;QAEF,IAAI,WAAW,GAAG,WAAW,EAAE,CAAC;YAC9B,MAAM,IAAI,2BAAkB,CAAC,2BAA2B,CAAC,CAAC;QAC5D,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;CACF,CAAA;AAjEY,4CAAgB;2BAAhB,gBAAgB;IAD5B,IAAA,mBAAU,GAAE;qCAGmB,gBAAS;QACV,kCAAe;GAHjC,gBAAgB,CAiE5B"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import { CanActivate, ExecutionContext } from '@nestjs/common';
|
|
2
|
+
import { Reflector } from '@nestjs/core';
|
|
3
|
+
export declare class RolesGuard implements CanActivate {
|
|
4
|
+
private readonly reflector;
|
|
5
|
+
constructor(reflector: Reflector);
|
|
6
|
+
canActivate(context: ExecutionContext): boolean;
|
|
7
|
+
}
|
|
8
|
+
//# sourceMappingURL=roles.guard.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"roles.guard.d.ts","sourceRoot":"","sources":["../../../src/auth/guards/roles.guard.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,WAAW,EACX,gBAAgB,EAGjB,MAAM,gBAAgB,CAAC;AACxB,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAczC,qBACa,UAAW,YAAW,WAAW;IAChC,OAAO,CAAC,QAAQ,CAAC,SAAS;gBAAT,SAAS,EAAE,SAAS;IAEjD,WAAW,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO;CA8BhD"}
|
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
9
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
|
+
};
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
exports.RolesGuard = void 0;
|
|
13
|
+
const common_1 = require("@nestjs/common");
|
|
14
|
+
const core_1 = require("@nestjs/core");
|
|
15
|
+
const protocol_1 = require("@overlordai/protocol");
|
|
16
|
+
const roles_decorator_1 = require("../decorators/roles.decorator");
|
|
17
|
+
/**
|
|
18
|
+
* DeveloperRole hierarchy: admin > lead > developer
|
|
19
|
+
* A higher role implicitly satisfies a lower role requirement.
|
|
20
|
+
*/
|
|
21
|
+
const ROLE_HIERARCHY = {
|
|
22
|
+
[protocol_1.DeveloperRole.DEVELOPER]: 0,
|
|
23
|
+
[protocol_1.DeveloperRole.LEAD]: 1,
|
|
24
|
+
[protocol_1.DeveloperRole.ADMIN]: 2,
|
|
25
|
+
};
|
|
26
|
+
let RolesGuard = class RolesGuard {
|
|
27
|
+
reflector;
|
|
28
|
+
constructor(reflector) {
|
|
29
|
+
this.reflector = reflector;
|
|
30
|
+
}
|
|
31
|
+
canActivate(context) {
|
|
32
|
+
const requiredRoles = this.reflector.getAllAndOverride(roles_decorator_1.ROLES_KEY, [context.getHandler(), context.getClass()]);
|
|
33
|
+
// No @Roles() decorator means allow all authenticated users
|
|
34
|
+
if (!requiredRoles || requiredRoles.length === 0) {
|
|
35
|
+
return true;
|
|
36
|
+
}
|
|
37
|
+
const request = context.switchToHttp().getRequest();
|
|
38
|
+
const user = request.user;
|
|
39
|
+
if (!user || !user.role) {
|
|
40
|
+
throw new common_1.ForbiddenException('Access denied');
|
|
41
|
+
}
|
|
42
|
+
const userLevel = ROLE_HIERARCHY[user.role] ?? -1;
|
|
43
|
+
// User satisfies if their hierarchy level >= the minimum required level
|
|
44
|
+
const minRequired = Math.min(...requiredRoles.map((r) => ROLE_HIERARCHY[r] ?? Infinity));
|
|
45
|
+
if (userLevel < minRequired) {
|
|
46
|
+
throw new common_1.ForbiddenException('Insufficient role');
|
|
47
|
+
}
|
|
48
|
+
return true;
|
|
49
|
+
}
|
|
50
|
+
};
|
|
51
|
+
exports.RolesGuard = RolesGuard;
|
|
52
|
+
exports.RolesGuard = RolesGuard = __decorate([
|
|
53
|
+
(0, common_1.Injectable)(),
|
|
54
|
+
__metadata("design:paramtypes", [core_1.Reflector])
|
|
55
|
+
], RolesGuard);
|
|
56
|
+
//# sourceMappingURL=roles.guard.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"roles.guard.js","sourceRoot":"","sources":["../../../src/auth/guards/roles.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAKwB;AACxB,uCAAyC;AACzC,mDAAqD;AACrD,mEAA0D;AAE1D;;;GAGG;AACH,MAAM,cAAc,GAAkC;IACpD,CAAC,wBAAa,CAAC,SAAS,CAAC,EAAE,CAAC;IAC5B,CAAC,wBAAa,CAAC,IAAI,CAAC,EAAE,CAAC;IACvB,CAAC,wBAAa,CAAC,KAAK,CAAC,EAAE,CAAC;CACzB,CAAC;AAGK,IAAM,UAAU,GAAhB,MAAM,UAAU;IACQ;IAA7B,YAA6B,SAAoB;QAApB,cAAS,GAAT,SAAS,CAAW;IAAG,CAAC;IAErD,WAAW,CAAC,OAAyB;QACnC,MAAM,aAAa,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAEpD,2BAAS,EAAE,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QAEzD,4DAA4D;QAC5D,IAAI,CAAC,aAAa,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACjD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QACpD,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;QAE1B,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;YACxB,MAAM,IAAI,2BAAkB,CAAC,eAAe,CAAC,CAAC;QAChD,CAAC;QAED,MAAM,SAAS,GAAG,cAAc,CAAC,IAAI,CAAC,IAAqB,CAAC,IAAI,CAAC,CAAC,CAAC;QAEnE,wEAAwE;QACxE,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAC1B,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC,CAC3D,CAAC;QAEF,IAAI,SAAS,GAAG,WAAW,EAAE,CAAC;YAC5B,MAAM,IAAI,2BAAkB,CAAC,mBAAmB,CAAC,CAAC;QACpD,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;CACF,CAAA;AAjCY,gCAAU;qBAAV,UAAU;IADtB,IAAA,mBAAU,GAAE;qCAE6B,gBAAS;GADtC,UAAU,CAiCtB"}
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
import { Strategy } from 'passport-jwt';
|
|
2
|
+
import { DeveloperRepository } from '../database/repositories/developer.repository';
|
|
3
|
+
interface JwtPayload {
|
|
4
|
+
sub: number;
|
|
5
|
+
name: string;
|
|
6
|
+
role: string;
|
|
7
|
+
jti: string;
|
|
8
|
+
scope?: string;
|
|
9
|
+
}
|
|
10
|
+
declare const JwtStrategy_base: new (...args: any[]) => Strategy;
|
|
11
|
+
export declare class JwtStrategy extends JwtStrategy_base {
|
|
12
|
+
private readonly developerRepo;
|
|
13
|
+
constructor(developerRepo: DeveloperRepository);
|
|
14
|
+
validate(payload: JwtPayload): {
|
|
15
|
+
sub: number;
|
|
16
|
+
name: string;
|
|
17
|
+
role: string;
|
|
18
|
+
jti: string;
|
|
19
|
+
scope?: string;
|
|
20
|
+
};
|
|
21
|
+
}
|
|
22
|
+
export {};
|
|
23
|
+
//# sourceMappingURL=jwt.strategy.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"jwt.strategy.d.ts","sourceRoot":"","sources":["../../src/auth/jwt.strategy.ts"],"names":[],"mappings":"AAEA,OAAO,EAAc,QAAQ,EAAE,MAAM,cAAc,CAAC;AACpD,OAAO,EAAE,mBAAmB,EAAE,MAAM,+CAA+C,CAAC;AAEpF,UAAU,UAAU;IAClB,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;;AAED,qBACa,WAAY,SAAQ,gBAA0B;IAC7C,OAAO,CAAC,QAAQ,CAAC,aAAa;gBAAb,aAAa,EAAE,mBAAmB;IAQ/D,QAAQ,CAAC,OAAO,EAAE,UAAU,GAAG;QAC7B,GAAG,EAAE,MAAM,CAAC;QACZ,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;QACb,GAAG,EAAE,MAAM,CAAC;QACZ,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB;CAmBF"}
|
|
@@ -0,0 +1,49 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
9
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
|
+
};
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
exports.JwtStrategy = void 0;
|
|
13
|
+
const common_1 = require("@nestjs/common");
|
|
14
|
+
const passport_1 = require("@nestjs/passport");
|
|
15
|
+
const passport_jwt_1 = require("passport-jwt");
|
|
16
|
+
const developer_repository_1 = require("../database/repositories/developer.repository");
|
|
17
|
+
let JwtStrategy = class JwtStrategy extends (0, passport_1.PassportStrategy)(passport_jwt_1.Strategy) {
|
|
18
|
+
developerRepo;
|
|
19
|
+
constructor(developerRepo) {
|
|
20
|
+
super({
|
|
21
|
+
jwtFromRequest: passport_jwt_1.ExtractJwt.fromAuthHeaderAsBearerToken(),
|
|
22
|
+
ignoreExpiration: false,
|
|
23
|
+
secretOrKey: process.env.JWT_SECRET || 'default-jwt-secret',
|
|
24
|
+
});
|
|
25
|
+
this.developerRepo = developerRepo;
|
|
26
|
+
}
|
|
27
|
+
validate(payload) {
|
|
28
|
+
const developer = this.developerRepo.findById(payload.sub);
|
|
29
|
+
if (!developer) {
|
|
30
|
+
throw new common_1.UnauthorizedException('Developer not found');
|
|
31
|
+
}
|
|
32
|
+
if (developer.status !== 'active') {
|
|
33
|
+
throw new common_1.UnauthorizedException('Developer account is inactive');
|
|
34
|
+
}
|
|
35
|
+
return {
|
|
36
|
+
sub: payload.sub,
|
|
37
|
+
name: payload.name,
|
|
38
|
+
role: payload.role,
|
|
39
|
+
jti: payload.jti,
|
|
40
|
+
scope: payload.scope,
|
|
41
|
+
};
|
|
42
|
+
}
|
|
43
|
+
};
|
|
44
|
+
exports.JwtStrategy = JwtStrategy;
|
|
45
|
+
exports.JwtStrategy = JwtStrategy = __decorate([
|
|
46
|
+
(0, common_1.Injectable)(),
|
|
47
|
+
__metadata("design:paramtypes", [developer_repository_1.DeveloperRepository])
|
|
48
|
+
], JwtStrategy);
|
|
49
|
+
//# sourceMappingURL=jwt.strategy.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"jwt.strategy.js","sourceRoot":"","sources":["../../src/auth/jwt.strategy.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAmE;AACnE,+CAAoD;AACpD,+CAAoD;AACpD,wFAAoF;AAW7E,IAAM,WAAW,GAAjB,MAAM,WAAY,SAAQ,IAAA,2BAAgB,EAAC,uBAAQ,CAAC;IAC5B;IAA7B,YAA6B,aAAkC;QAC7D,KAAK,CAAC;YACJ,cAAc,EAAE,yBAAU,CAAC,2BAA2B,EAAE;YACxD,gBAAgB,EAAE,KAAK;YACvB,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI,oBAAoB;SAC5D,CAAC,CAAC;QALwB,kBAAa,GAAb,aAAa,CAAqB;IAM/D,CAAC;IAED,QAAQ,CAAC,OAAmB;QAO1B,MAAM,SAAS,GAAG,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QAE3D,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,IAAI,8BAAqB,CAAC,qBAAqB,CAAC,CAAC;QACzD,CAAC;QAED,IAAI,SAAS,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;YAClC,MAAM,IAAI,8BAAqB,CAAC,+BAA+B,CAAC,CAAC;QACnE,CAAC;QAED,OAAO;YACL,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,KAAK,EAAE,OAAO,CAAC,KAAK;SACrB,CAAC;IACJ,CAAC;CACF,CAAA;AAlCY,kCAAW;sBAAX,WAAW;IADvB,IAAA,mBAAU,GAAE;qCAEiC,0CAAmB;GADpD,WAAW,CAkCvB"}
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
export declare class CryptoService {
|
|
2
|
+
/**
|
|
3
|
+
* Hash a plaintext password using bcrypt with the protocol-defined cost factor.
|
|
4
|
+
*/
|
|
5
|
+
hashPassword(password: string): Promise<string>;
|
|
6
|
+
/**
|
|
7
|
+
* Compare a plaintext password against a bcrypt hash.
|
|
8
|
+
*/
|
|
9
|
+
comparePassword(password: string, hash: string): Promise<boolean>;
|
|
10
|
+
/**
|
|
11
|
+
* Encrypt plaintext using AES-256-GCM.
|
|
12
|
+
* Uses ENCRYPTION_KEY from environment (must be a 64-char hex string = 32 bytes).
|
|
13
|
+
* Returns base64(iv + authTag + ciphertext).
|
|
14
|
+
*/
|
|
15
|
+
encryptAes(plaintext: string): string;
|
|
16
|
+
/**
|
|
17
|
+
* Decrypt a value produced by encryptAes.
|
|
18
|
+
* Decodes base64, extracts IV (16 bytes), authTag (16 bytes), and ciphertext.
|
|
19
|
+
*/
|
|
20
|
+
decryptAes(ciphertext: string): string;
|
|
21
|
+
/**
|
|
22
|
+
* Generate a new TOTP secret for two-factor authentication.
|
|
23
|
+
*/
|
|
24
|
+
generateTotpSecret(): string;
|
|
25
|
+
/**
|
|
26
|
+
* Verify a TOTP code against a secret.
|
|
27
|
+
*/
|
|
28
|
+
verifyTotp(secret: string, code: string): boolean;
|
|
29
|
+
private getEncryptionKey;
|
|
30
|
+
}
|
|
31
|
+
//# sourceMappingURL=crypto.service.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"crypto.service.d.ts","sourceRoot":"","sources":["../../src/common/crypto.service.ts"],"names":[],"mappings":"AAMA,qBACa,aAAa;IACxB;;OAEG;IACG,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAIrD;;OAEG;IACG,eAAe,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAIvE;;;;OAIG;IACH,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM;IAerC;;;OAGG;IACH,UAAU,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM;IAkBtC;;OAEG;IACH,kBAAkB,IAAI,MAAM;IAI5B;;OAEG;IACH,UAAU,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO;IAIjD,OAAO,CAAC,gBAAgB;CASzB"}
|
|
@@ -0,0 +1,120 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
19
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
20
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
21
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
22
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
23
|
+
};
|
|
24
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
25
|
+
var ownKeys = function(o) {
|
|
26
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
27
|
+
var ar = [];
|
|
28
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
29
|
+
return ar;
|
|
30
|
+
};
|
|
31
|
+
return ownKeys(o);
|
|
32
|
+
};
|
|
33
|
+
return function (mod) {
|
|
34
|
+
if (mod && mod.__esModule) return mod;
|
|
35
|
+
var result = {};
|
|
36
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
37
|
+
__setModuleDefault(result, mod);
|
|
38
|
+
return result;
|
|
39
|
+
};
|
|
40
|
+
})();
|
|
41
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
42
|
+
exports.CryptoService = void 0;
|
|
43
|
+
const common_1 = require("@nestjs/common");
|
|
44
|
+
const crypto = __importStar(require("node:crypto"));
|
|
45
|
+
const bcrypt = __importStar(require("bcrypt"));
|
|
46
|
+
const otplib_1 = require("otplib");
|
|
47
|
+
const protocol_1 = require("@overlordai/protocol");
|
|
48
|
+
let CryptoService = class CryptoService {
|
|
49
|
+
/**
|
|
50
|
+
* Hash a plaintext password using bcrypt with the protocol-defined cost factor.
|
|
51
|
+
*/
|
|
52
|
+
async hashPassword(password) {
|
|
53
|
+
return bcrypt.hash(password, protocol_1.BCRYPT_COST_FACTOR);
|
|
54
|
+
}
|
|
55
|
+
/**
|
|
56
|
+
* Compare a plaintext password against a bcrypt hash.
|
|
57
|
+
*/
|
|
58
|
+
async comparePassword(password, hash) {
|
|
59
|
+
return bcrypt.compare(password, hash);
|
|
60
|
+
}
|
|
61
|
+
/**
|
|
62
|
+
* Encrypt plaintext using AES-256-GCM.
|
|
63
|
+
* Uses ENCRYPTION_KEY from environment (must be a 64-char hex string = 32 bytes).
|
|
64
|
+
* Returns base64(iv + authTag + ciphertext).
|
|
65
|
+
*/
|
|
66
|
+
encryptAes(plaintext) {
|
|
67
|
+
const key = this.getEncryptionKey();
|
|
68
|
+
const iv = crypto.randomBytes(16);
|
|
69
|
+
const cipher = crypto.createCipheriv('aes-256-gcm', key, iv);
|
|
70
|
+
const encrypted = Buffer.concat([
|
|
71
|
+
cipher.update(plaintext, 'utf8'),
|
|
72
|
+
cipher.final(),
|
|
73
|
+
]);
|
|
74
|
+
const authTag = cipher.getAuthTag();
|
|
75
|
+
const combined = Buffer.concat([iv, authTag, encrypted]);
|
|
76
|
+
return combined.toString('base64');
|
|
77
|
+
}
|
|
78
|
+
/**
|
|
79
|
+
* Decrypt a value produced by encryptAes.
|
|
80
|
+
* Decodes base64, extracts IV (16 bytes), authTag (16 bytes), and ciphertext.
|
|
81
|
+
*/
|
|
82
|
+
decryptAes(ciphertext) {
|
|
83
|
+
const key = this.getEncryptionKey();
|
|
84
|
+
const combined = Buffer.from(ciphertext, 'base64');
|
|
85
|
+
const iv = combined.subarray(0, 16);
|
|
86
|
+
const authTag = combined.subarray(16, 32);
|
|
87
|
+
const encrypted = combined.subarray(32);
|
|
88
|
+
const decipher = crypto.createDecipheriv('aes-256-gcm', key, iv);
|
|
89
|
+
decipher.setAuthTag(authTag);
|
|
90
|
+
const decrypted = Buffer.concat([
|
|
91
|
+
decipher.update(encrypted),
|
|
92
|
+
decipher.final(),
|
|
93
|
+
]);
|
|
94
|
+
return decrypted.toString('utf8');
|
|
95
|
+
}
|
|
96
|
+
/**
|
|
97
|
+
* Generate a new TOTP secret for two-factor authentication.
|
|
98
|
+
*/
|
|
99
|
+
generateTotpSecret() {
|
|
100
|
+
return otplib_1.authenticator.generateSecret();
|
|
101
|
+
}
|
|
102
|
+
/**
|
|
103
|
+
* Verify a TOTP code against a secret.
|
|
104
|
+
*/
|
|
105
|
+
verifyTotp(secret, code) {
|
|
106
|
+
return otplib_1.authenticator.check(code, secret);
|
|
107
|
+
}
|
|
108
|
+
getEncryptionKey() {
|
|
109
|
+
const hex = process.env.ENCRYPTION_KEY;
|
|
110
|
+
if (!hex || hex.length !== 64) {
|
|
111
|
+
throw new Error('ENCRYPTION_KEY environment variable must be a 64-character hex string (32 bytes)');
|
|
112
|
+
}
|
|
113
|
+
return Buffer.from(hex, 'hex');
|
|
114
|
+
}
|
|
115
|
+
};
|
|
116
|
+
exports.CryptoService = CryptoService;
|
|
117
|
+
exports.CryptoService = CryptoService = __decorate([
|
|
118
|
+
(0, common_1.Injectable)()
|
|
119
|
+
], CryptoService);
|
|
120
|
+
//# sourceMappingURL=crypto.service.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"crypto.service.js","sourceRoot":"","sources":["../../src/common/crypto.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAA4C;AAC5C,oDAAsC;AACtC,+CAAiC;AACjC,mCAAuC;AACvC,mDAA0D;AAGnD,IAAM,aAAa,GAAnB,MAAM,aAAa;IACxB;;OAEG;IACH,KAAK,CAAC,YAAY,CAAC,QAAgB;QACjC,OAAO,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,6BAAkB,CAAC,CAAC;IACnD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,eAAe,CAAC,QAAgB,EAAE,IAAY;QAClD,OAAO,MAAM,CAAC,OAAO,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;IACxC,CAAC;IAED;;;;OAIG;IACH,UAAU,CAAC,SAAiB;QAC1B,MAAM,GAAG,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACpC,MAAM,EAAE,GAAG,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;QAClC,MAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAAC,aAAa,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;QAE7D,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC;YAC9B,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC;YAChC,MAAM,CAAC,KAAK,EAAE;SACf,CAAC,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;QAEpC,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC,CAAC;QACzD,OAAO,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACrC,CAAC;IAED;;;OAGG;IACH,UAAU,CAAC,UAAkB;QAC3B,MAAM,GAAG,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACpC,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;QAEnD,MAAM,EAAE,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACpC,MAAM,OAAO,GAAG,QAAQ,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QAC1C,MAAM,SAAS,GAAG,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QAExC,MAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CAAC,aAAa,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;QACjE,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAE7B,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC;YAC9B,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC;YAC1B,QAAQ,CAAC,KAAK,EAAE;SACjB,CAAC,CAAC;QACH,OAAO,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IACpC,CAAC;IAED;;OAEG;IACH,kBAAkB;QAChB,OAAO,sBAAa,CAAC,cAAc,EAAE,CAAC;IACxC,CAAC;IAED;;OAEG;IACH,UAAU,CAAC,MAAc,EAAE,IAAY;QACrC,OAAO,sBAAa,CAAC,KAAK,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IAC3C,CAAC;IAEO,gBAAgB;QACtB,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC;QACvC,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;YAC9B,MAAM,IAAI,KAAK,CACb,kFAAkF,CACnF,CAAC;QACJ,CAAC;QACD,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IACjC,CAAC;CACF,CAAA;AAhFY,sCAAa;wBAAb,aAAa;IADzB,IAAA,mBAAU,GAAE;GACA,aAAa,CAgFzB"}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
import { ExceptionFilter, ArgumentsHost } from '@nestjs/common';
|
|
2
|
+
export declare class GlobalExceptionFilter implements ExceptionFilter {
|
|
3
|
+
catch(exception: unknown, host: ArgumentsHost): void;
|
|
4
|
+
private httpStatusToCode;
|
|
5
|
+
}
|
|
6
|
+
//# sourceMappingURL=error-filter.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"error-filter.d.ts","sourceRoot":"","sources":["../../src/common/error-filter.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,eAAe,EACf,aAAa,EAEd,MAAM,gBAAgB,CAAC;AAIxB,qBACa,qBAAsB,YAAW,eAAe;IAC3D,KAAK,CAAC,SAAS,EAAE,OAAO,EAAE,IAAI,EAAE,aAAa,GAAG,IAAI;IA4CpD,OAAO,CAAC,gBAAgB;CAoBzB"}
|
|
@@ -0,0 +1,78 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
9
|
+
exports.GlobalExceptionFilter = void 0;
|
|
10
|
+
const common_1 = require("@nestjs/common");
|
|
11
|
+
const sensitive_filter_1 = require("./sensitive-filter");
|
|
12
|
+
let GlobalExceptionFilter = class GlobalExceptionFilter {
|
|
13
|
+
catch(exception, host) {
|
|
14
|
+
const ctx = host.switchToHttp();
|
|
15
|
+
const response = ctx.getResponse();
|
|
16
|
+
let statusCode;
|
|
17
|
+
let code;
|
|
18
|
+
let message;
|
|
19
|
+
if (exception instanceof common_1.HttpException) {
|
|
20
|
+
statusCode = exception.getStatus();
|
|
21
|
+
const exceptionResponse = exception.getResponse();
|
|
22
|
+
if (typeof exceptionResponse === 'string') {
|
|
23
|
+
message = exceptionResponse;
|
|
24
|
+
}
|
|
25
|
+
else if (typeof exceptionResponse === 'object' &&
|
|
26
|
+
exceptionResponse !== null &&
|
|
27
|
+
'message' in exceptionResponse) {
|
|
28
|
+
const msg = exceptionResponse.message;
|
|
29
|
+
message = Array.isArray(msg) ? msg.join('; ') : String(msg);
|
|
30
|
+
}
|
|
31
|
+
else {
|
|
32
|
+
message = exception.message;
|
|
33
|
+
}
|
|
34
|
+
code = statusCode >= 500 ? 'INTERNAL_ERROR' : this.httpStatusToCode(statusCode);
|
|
35
|
+
}
|
|
36
|
+
else {
|
|
37
|
+
statusCode = 500;
|
|
38
|
+
code = 'INTERNAL_ERROR';
|
|
39
|
+
message =
|
|
40
|
+
exception instanceof Error
|
|
41
|
+
? exception.message
|
|
42
|
+
: 'An unexpected error occurred';
|
|
43
|
+
}
|
|
44
|
+
const body = {
|
|
45
|
+
error: {
|
|
46
|
+
code,
|
|
47
|
+
message: (0, sensitive_filter_1.sanitize)(message),
|
|
48
|
+
statusCode,
|
|
49
|
+
},
|
|
50
|
+
};
|
|
51
|
+
response.status(statusCode).json(body);
|
|
52
|
+
}
|
|
53
|
+
httpStatusToCode(status) {
|
|
54
|
+
switch (status) {
|
|
55
|
+
case 400:
|
|
56
|
+
return 'BAD_REQUEST';
|
|
57
|
+
case 401:
|
|
58
|
+
return 'UNAUTHORIZED';
|
|
59
|
+
case 403:
|
|
60
|
+
return 'FORBIDDEN';
|
|
61
|
+
case 404:
|
|
62
|
+
return 'NOT_FOUND';
|
|
63
|
+
case 409:
|
|
64
|
+
return 'CONFLICT';
|
|
65
|
+
case 422:
|
|
66
|
+
return 'UNPROCESSABLE_ENTITY';
|
|
67
|
+
case 429:
|
|
68
|
+
return 'TOO_MANY_REQUESTS';
|
|
69
|
+
default:
|
|
70
|
+
return 'ERROR';
|
|
71
|
+
}
|
|
72
|
+
}
|
|
73
|
+
};
|
|
74
|
+
exports.GlobalExceptionFilter = GlobalExceptionFilter;
|
|
75
|
+
exports.GlobalExceptionFilter = GlobalExceptionFilter = __decorate([
|
|
76
|
+
(0, common_1.Catch)()
|
|
77
|
+
], GlobalExceptionFilter);
|
|
78
|
+
//# sourceMappingURL=error-filter.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"error-filter.js","sourceRoot":"","sources":["../../src/common/error-filter.ts"],"names":[],"mappings":";;;;;;;;;AAAA,2CAKwB;AAExB,yDAA8C;AAGvC,IAAM,qBAAqB,GAA3B,MAAM,qBAAqB;IAChC,KAAK,CAAC,SAAkB,EAAE,IAAmB;QAC3C,MAAM,GAAG,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;QAChC,MAAM,QAAQ,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC;QAEnC,IAAI,UAAkB,CAAC;QACvB,IAAI,IAAY,CAAC;QACjB,IAAI,OAAe,CAAC;QAEpB,IAAI,SAAS,YAAY,sBAAa,EAAE,CAAC;YACvC,UAAU,GAAG,SAAS,CAAC,SAAS,EAAE,CAAC;YACnC,MAAM,iBAAiB,GAAG,SAAS,CAAC,WAAW,EAAE,CAAC;YAClD,IAAI,OAAO,iBAAiB,KAAK,QAAQ,EAAE,CAAC;gBAC1C,OAAO,GAAG,iBAAiB,CAAC;YAC9B,CAAC;iBAAM,IACL,OAAO,iBAAiB,KAAK,QAAQ;gBACrC,iBAAiB,KAAK,IAAI;gBAC1B,SAAS,IAAI,iBAAiB,EAC9B,CAAC;gBACD,MAAM,GAAG,GAAI,iBAA6C,CAAC,OAAO,CAAC;gBACnE,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC9D,CAAC;iBAAM,CAAC;gBACN,OAAO,GAAG,SAAS,CAAC,OAAO,CAAC;YAC9B,CAAC;YACD,IAAI,GAAG,UAAU,IAAI,GAAG,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC;QAClF,CAAC;aAAM,CAAC;YACN,UAAU,GAAG,GAAG,CAAC;YACjB,IAAI,GAAG,gBAAgB,CAAC;YACxB,OAAO;gBACL,SAAS,YAAY,KAAK;oBACxB,CAAC,CAAC,SAAS,CAAC,OAAO;oBACnB,CAAC,CAAC,8BAA8B,CAAC;QACvC,CAAC;QAED,MAAM,IAAI,GAAa;YACrB,KAAK,EAAE;gBACL,IAAI;gBACJ,OAAO,EAAE,IAAA,2BAAQ,EAAC,OAAO,CAAC;gBAC1B,UAAU;aACX;SACF,CAAC;QAEF,QAAQ,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACzC,CAAC;IAEO,gBAAgB,CAAC,MAAc;QACrC,QAAQ,MAAM,EAAE,CAAC;YACf,KAAK,GAAG;gBACN,OAAO,aAAa,CAAC;YACvB,KAAK,GAAG;gBACN,OAAO,cAAc,CAAC;YACxB,KAAK,GAAG;gBACN,OAAO,WAAW,CAAC;YACrB,KAAK,GAAG;gBACN,OAAO,WAAW,CAAC;YACrB,KAAK,GAAG;gBACN,OAAO,UAAU,CAAC;YACpB,KAAK,GAAG;gBACN,OAAO,sBAAsB,CAAC;YAChC,KAAK,GAAG;gBACN,OAAO,mBAAmB,CAAC;YAC7B;gBACE,OAAO,OAAO,CAAC;QACnB,CAAC;IACH,CAAC;CACF,CAAA;AAjEY,sDAAqB;gCAArB,qBAAqB;IADjC,IAAA,cAAK,GAAE;GACK,qBAAqB,CAiEjC"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
import { RedisService } from '../redis/redis.service';
|
|
2
|
+
import { DatabaseService } from '../database/database.service';
|
|
3
|
+
export declare class HealthController {
|
|
4
|
+
private readonly redis;
|
|
5
|
+
private readonly database;
|
|
6
|
+
constructor(redis: RedisService, database: DatabaseService);
|
|
7
|
+
check(res: {
|
|
8
|
+
status(code: number): {
|
|
9
|
+
json(body: unknown): void;
|
|
10
|
+
};
|
|
11
|
+
}): Promise<void>;
|
|
12
|
+
}
|
|
13
|
+
//# sourceMappingURL=health.controller.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"health.controller.d.ts","sourceRoot":"","sources":["../../src/common/health.controller.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AACtD,OAAO,EAAE,eAAe,EAAE,MAAM,8BAA8B,CAAC;AAU/D,qBACa,gBAAgB;IAEzB,OAAO,CAAC,QAAQ,CAAC,KAAK;IACtB,OAAO,CAAC,QAAQ,CAAC,QAAQ;gBADR,KAAK,EAAE,YAAY,EACnB,QAAQ,EAAE,eAAe;IAItC,KAAK,CAAQ,GAAG,EAAE;QAAE,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG;YAAE,IAAI,CAAC,IAAI,EAAE,OAAO,GAAG,IAAI,CAAA;SAAE,CAAA;KAAE,GAAG,OAAO,CAAC,IAAI,CAAC;CAwChG"}
|
|
@@ -0,0 +1,75 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
9
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
|
+
};
|
|
11
|
+
var __param = (this && this.__param) || function (paramIndex, decorator) {
|
|
12
|
+
return function (target, key) { decorator(target, key, paramIndex); }
|
|
13
|
+
};
|
|
14
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
|
+
exports.HealthController = void 0;
|
|
16
|
+
const common_1 = require("@nestjs/common");
|
|
17
|
+
const redis_service_1 = require("../redis/redis.service");
|
|
18
|
+
const database_service_1 = require("../database/database.service");
|
|
19
|
+
let HealthController = class HealthController {
|
|
20
|
+
redis;
|
|
21
|
+
database;
|
|
22
|
+
constructor(redis, database) {
|
|
23
|
+
this.redis = redis;
|
|
24
|
+
this.database = database;
|
|
25
|
+
}
|
|
26
|
+
async check(res) {
|
|
27
|
+
const health = {
|
|
28
|
+
status: 'ok',
|
|
29
|
+
redis: 'connected',
|
|
30
|
+
sqlite: 'writable',
|
|
31
|
+
bullmq: 'ready',
|
|
32
|
+
uptime: process.uptime(),
|
|
33
|
+
};
|
|
34
|
+
// Check Redis
|
|
35
|
+
try {
|
|
36
|
+
const client = this.redis.getClient();
|
|
37
|
+
const pong = await client.ping();
|
|
38
|
+
if (pong !== 'PONG') {
|
|
39
|
+
health.redis = 'disconnected';
|
|
40
|
+
health.status = 'error';
|
|
41
|
+
}
|
|
42
|
+
}
|
|
43
|
+
catch {
|
|
44
|
+
health.redis = 'disconnected';
|
|
45
|
+
health.status = 'error';
|
|
46
|
+
}
|
|
47
|
+
// Check SQLite
|
|
48
|
+
try {
|
|
49
|
+
const db = this.database.getDb();
|
|
50
|
+
db.exec(`CREATE TABLE IF NOT EXISTS _health_check (_id INTEGER PRIMARY KEY);
|
|
51
|
+
INSERT INTO _health_check (_id) VALUES (1);
|
|
52
|
+
DELETE FROM _health_check WHERE _id = 1;`);
|
|
53
|
+
}
|
|
54
|
+
catch {
|
|
55
|
+
health.sqlite = 'error';
|
|
56
|
+
health.status = 'error';
|
|
57
|
+
}
|
|
58
|
+
const statusCode = health.status === 'ok' ? common_1.HttpStatus.OK : common_1.HttpStatus.SERVICE_UNAVAILABLE;
|
|
59
|
+
res.status(statusCode).json(health);
|
|
60
|
+
}
|
|
61
|
+
};
|
|
62
|
+
exports.HealthController = HealthController;
|
|
63
|
+
__decorate([
|
|
64
|
+
(0, common_1.Get)(),
|
|
65
|
+
__param(0, (0, common_1.Res)()),
|
|
66
|
+
__metadata("design:type", Function),
|
|
67
|
+
__metadata("design:paramtypes", [Object]),
|
|
68
|
+
__metadata("design:returntype", Promise)
|
|
69
|
+
], HealthController.prototype, "check", null);
|
|
70
|
+
exports.HealthController = HealthController = __decorate([
|
|
71
|
+
(0, common_1.Controller)('healthz'),
|
|
72
|
+
__metadata("design:paramtypes", [redis_service_1.RedisService,
|
|
73
|
+
database_service_1.DatabaseService])
|
|
74
|
+
], HealthController);
|
|
75
|
+
//# sourceMappingURL=health.controller.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"health.controller.js","sourceRoot":"","sources":["../../src/common/health.controller.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAAkE;AAClE,0DAAsD;AACtD,mEAA+D;AAWxD,IAAM,gBAAgB,GAAtB,MAAM,gBAAgB;IAER;IACA;IAFnB,YACmB,KAAmB,EACnB,QAAyB;QADzB,UAAK,GAAL,KAAK,CAAc;QACnB,aAAQ,GAAR,QAAQ,CAAiB;IACzC,CAAC;IAGE,AAAN,KAAK,CAAC,KAAK,CAAQ,GAA4D;QAC7E,MAAM,MAAM,GAAiB;YAC3B,MAAM,EAAE,IAAI;YACZ,KAAK,EAAE,WAAW;YAClB,MAAM,EAAE,UAAU;YAClB,MAAM,EAAE,OAAO;YACf,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE;SACzB,CAAC;QAEF,cAAc;QACd,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC;YACtC,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,IAAI,EAAE,CAAC;YACjC,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;gBACpB,MAAM,CAAC,KAAK,GAAG,cAAc,CAAC;gBAC9B,MAAM,CAAC,MAAM,GAAG,OAAO,CAAC;YAC1B,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,CAAC,KAAK,GAAG,cAAc,CAAC;YAC9B,MAAM,CAAC,MAAM,GAAG,OAAO,CAAC;QAC1B,CAAC;QAED,eAAe;QACf,IAAI,CAAC;YACH,MAAM,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC;YACjC,EAAE,CAAC,IAAI,CACL;;kDAE0C,CAC3C,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,CAAC,MAAM,GAAG,OAAO,CAAC;YACxB,MAAM,CAAC,MAAM,GAAG,OAAO,CAAC;QAC1B,CAAC;QAED,MAAM,UAAU,GACd,MAAM,CAAC,MAAM,KAAK,IAAI,CAAC,CAAC,CAAC,mBAAU,CAAC,EAAE,CAAC,CAAC,CAAC,mBAAU,CAAC,mBAAmB,CAAC;QAE1E,GAAG,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACtC,CAAC;CACF,CAAA;AA/CY,4CAAgB;AAOrB;IADL,IAAA,YAAG,GAAE;IACO,WAAA,IAAA,YAAG,GAAE,CAAA;;;;6CAuCjB;2BA9CU,gBAAgB;IAD5B,IAAA,mBAAU,EAAC,SAAS,CAAC;qCAGM,4BAAY;QACT,kCAAe;GAHjC,gBAAgB,CA+C5B"}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import { LoggerService as NestLoggerService } from '@nestjs/common';
|
|
2
|
+
export declare class LoggerService implements NestLoggerService {
|
|
3
|
+
private readonly logger;
|
|
4
|
+
constructor();
|
|
5
|
+
log(message: unknown, context?: string): void;
|
|
6
|
+
error(message: unknown, trace?: string, context?: string): void;
|
|
7
|
+
warn(message: unknown, context?: string): void;
|
|
8
|
+
debug(message: unknown, context?: string): void;
|
|
9
|
+
verbose(message: unknown, context?: string): void;
|
|
10
|
+
}
|
|
11
|
+
//# sourceMappingURL=logger.service.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"logger.service.d.ts","sourceRoot":"","sources":["../../src/common/logger.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,aAAa,IAAI,iBAAiB,EAAE,MAAM,gBAAgB,CAAC;AAIhF,qBACa,aAAc,YAAW,iBAAiB;IACrD,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAc;;IASrC,GAAG,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI;IAI7C,KAAK,CAAC,OAAO,EAAE,OAAO,EAAE,KAAK,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI;IAO/D,IAAI,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI;IAI9C,KAAK,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI;IAI/C,OAAO,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI;CAGlD"}
|