@paroicms/server 1.109.5 → 1.110.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/ddl/main.ddl.sql +51 -10
- package/dist/admin-backend/account/account-role.queries.d.ts +3 -0
- package/dist/admin-backend/account/account-role.queries.js +18 -0
- package/dist/admin-backend/account/account-role.queries.js.map +1 -0
- package/dist/admin-backend/account/account-role.resolver.d.ts +3 -0
- package/dist/admin-backend/account/account-role.resolver.js +49 -0
- package/dist/admin-backend/account/account-role.resolver.js.map +1 -0
- package/dist/admin-backend/account/account.queries.d.ts +11 -2
- package/dist/admin-backend/account/account.queries.js +114 -25
- package/dist/admin-backend/account/account.queries.js.map +1 -1
- package/dist/admin-backend/account/account.resolver.js +126 -10
- package/dist/admin-backend/account/account.resolver.js.map +1 -1
- package/dist/admin-backend/account/author-account.queries.d.ts +12 -0
- package/dist/admin-backend/account/author-account.queries.js +110 -0
- package/dist/admin-backend/account/author-account.queries.js.map +1 -0
- package/dist/admin-backend/account/author-account.resolver.d.ts +3 -0
- package/dist/admin-backend/account/author-account.resolver.js +39 -0
- package/dist/admin-backend/account/author-account.resolver.js.map +1 -0
- package/dist/admin-backend/auth/auth.helper.d.ts +2 -0
- package/dist/admin-backend/auth/auth.helper.js +10 -2
- package/dist/admin-backend/auth/auth.helper.js.map +1 -1
- package/dist/admin-backend/auth/auth.service.d.ts +1 -1
- package/dist/admin-backend/auth/auth.service.js +147 -67
- package/dist/admin-backend/auth/auth.service.js.map +1 -1
- package/dist/admin-backend/auth/auth.types.d.ts +3 -1
- package/dist/admin-backend/auth/authorization.helper.d.ts +11 -0
- package/dist/admin-backend/auth/authorization.helper.js +37 -0
- package/dist/admin-backend/auth/authorization.helper.js.map +1 -0
- package/dist/admin-backend/auth/special-account.helper.d.ts +10 -0
- package/dist/admin-backend/auth/special-account.helper.js +38 -0
- package/dist/admin-backend/auth/special-account.helper.js.map +1 -0
- package/dist/admin-backend/backup/backup.resolver.js +2 -2
- package/dist/admin-backend/backup/backup.resolver.js.map +1 -1
- package/dist/admin-backend/document/document.resolver.extend.js +1 -3
- package/dist/admin-backend/document/document.resolver.extend.js.map +1 -1
- package/dist/admin-backend/document/document.resolver.js +95 -13
- package/dist/admin-backend/document/document.resolver.js.map +1 -1
- package/dist/admin-backend/event-log/event-log.queries.d.ts +24 -0
- package/dist/admin-backend/event-log/event-log.queries.js +84 -0
- package/dist/admin-backend/event-log/event-log.queries.js.map +1 -0
- package/dist/admin-backend/event-log/event-log.resolver.d.ts +3 -0
- package/dist/admin-backend/event-log/event-log.resolver.js +21 -0
- package/dist/admin-backend/event-log/event-log.resolver.js.map +1 -0
- package/dist/admin-backend/event-log/event-log.service.d.ts +11 -0
- package/dist/admin-backend/event-log/event-log.service.js +290 -0
- package/dist/admin-backend/event-log/event-log.service.js.map +1 -0
- package/dist/admin-backend/event-log/event-log.types.d.ts +142 -0
- package/dist/admin-backend/event-log/event-log.types.js +2 -0
- package/dist/admin-backend/event-log/event-log.types.js.map +1 -0
- package/dist/admin-backend/fields/fields.resolver.js +3 -2
- package/dist/admin-backend/fields/fields.resolver.js.map +1 -1
- package/dist/admin-backend/lnode/lnode-wrap.resolver.js +6 -6
- package/dist/admin-backend/lnode/lnode-wrap.resolver.js.map +1 -1
- package/dist/admin-backend/login/login.controller.js +32 -3
- package/dist/admin-backend/login/login.controller.js.map +1 -1
- package/dist/admin-backend/media/media-upload.controller.js +15 -0
- package/dist/admin-backend/media/media-upload.controller.js.map +1 -1
- package/dist/admin-backend/media/media.resolver.extend.js +1 -3
- package/dist/admin-backend/media/media.resolver.extend.js.map +1 -1
- package/dist/admin-backend/media/media.resolver.js +70 -11
- package/dist/admin-backend/media/media.resolver.js.map +1 -1
- package/dist/admin-backend/migration/migration.resolver.js +3 -3
- package/dist/admin-backend/migration/migration.resolver.js.map +1 -1
- package/dist/admin-backend/node/node.resolver.extend.js +1 -3
- package/dist/admin-backend/node/node.resolver.extend.js.map +1 -1
- package/dist/admin-backend/node/node.resolver.js +6 -5
- package/dist/admin-backend/node/node.resolver.js.map +1 -1
- package/dist/admin-backend/part/part.resolver.extend.js +2 -5
- package/dist/admin-backend/part/part.resolver.extend.js.map +1 -1
- package/dist/admin-backend/part/part.resolver.js +56 -10
- package/dist/admin-backend/part/part.resolver.js.map +1 -1
- package/dist/admin-backend/routing-cluster/routing-cluster.resolver.js +7 -7
- package/dist/admin-backend/routing-cluster/routing-cluster.resolver.js.map +1 -1
- package/dist/admin-backend/unprotected/unprotected.resolver.js +3 -2
- package/dist/admin-backend/unprotected/unprotected.resolver.js.map +1 -1
- package/dist/common/data-format.d.ts +5 -1
- package/dist/common/data-format.js +6 -2
- package/dist/common/data-format.js.map +1 -1
- package/dist/connector/app-conf/app-conf-formatter.js +4 -1
- package/dist/connector/app-conf/app-conf-formatter.js.map +1 -1
- package/dist/connector/app-conf/app-conf.types.d.ts +3 -3
- package/dist/connector/db-init/db-constants.d.ts +1 -1
- package/dist/connector/db-init/db-constants.js +1 -1
- package/dist/connector/db-init/db-init.d.ts +2 -0
- package/dist/connector/db-init/db-init.js +2 -2
- package/dist/connector/db-init/db-init.js.map +1 -1
- package/dist/connector/db-init/ddl-migration.d.ts +2 -0
- package/dist/connector/db-init/ddl-migration.js +191 -1
- package/dist/connector/db-init/ddl-migration.js.map +1 -1
- package/dist/connector/row-types.d.ts +5 -3
- package/dist/connector/site-schema/site-schema-factory.js +76 -0
- package/dist/connector/site-schema/site-schema-factory.js.map +1 -1
- package/dist/graphql/apollo-server-init.js +6 -0
- package/dist/graphql/apollo-server-init.js.map +1 -1
- package/dist/maintenance/maintenance-task.d.ts +1 -1
- package/dist/maintenance/maintenance-task.js +5 -0
- package/dist/maintenance/maintenance-task.js.map +1 -1
- package/dist/protected-site/protected-access-token.d.ts +3 -3
- package/dist/protected-site/protected-access-token.js +3 -3
- package/dist/protected-site/protected-access-token.js.map +1 -1
- package/dist/protected-site/protected-site.req-handler.js +4 -4
- package/dist/protected-site/protected-site.req-handler.js.map +1 -1
- package/dist/public-api/password-reset/password-reset.controller.js +4 -11
- package/dist/public-api/password-reset/password-reset.controller.js.map +1 -1
- package/dist/public-api/password-reset/password-reset.service.js +9 -6
- package/dist/public-api/password-reset/password-reset.service.js.map +1 -1
- package/dist/rendered-site/feed/feed-generator.js +2 -2
- package/dist/rendered-site/feed/feed-generator.js.map +1 -1
- package/dist/site-context/load-site-context.js +3 -5
- package/dist/site-context/load-site-context.js.map +1 -1
- package/dist/site-context/main-medias-databases.js +1 -1
- package/dist/site-context/main-medias-databases.js.map +1 -1
- package/dist/tsconfig.tsbuildinfo +1 -1
- package/package.json +11 -11
- package/schema.graphql +46 -2
- package/dist/helpers/special-account.helpers.d.ts +0 -9
- package/dist/helpers/special-account.helpers.js +0 -36
- package/dist/helpers/special-account.helpers.js.map +0 -1
|
@@ -1,13 +1,16 @@
|
|
|
1
1
|
import { ApiError } from "@paroicms/public-server-lib";
|
|
2
2
|
import { siteReadyGuard } from "../../graphql/graphql.types.js";
|
|
3
3
|
import { authGuard, verifyAccessToken } from "../auth/auth.helper.js";
|
|
4
|
+
import { permissionGuard } from "../auth/authorization.helper.js";
|
|
5
|
+
import { loadAccountPermissions, loadAccountRoles } from "../auth/special-account.helper.js";
|
|
6
|
+
import { recordEvent } from "../event-log/event-log.service.js";
|
|
4
7
|
import { formatAccountType } from "./account.formatters.js";
|
|
5
|
-
import { createAccount, deleteAccount, getAccount, getAllAccounts, getAuthenticatedAccount, resetAccountPassword, setAccountPreferences, updateAccount, } from "./account.queries.js";
|
|
8
|
+
import { createAccount, deleteAccount, getAccount, getAllAccounts, getAuthenticatedAccount, resetAccountPassword, setAccountPreferences, updateAccount, updateAccountActive, } from "./account.queries.js";
|
|
6
9
|
export const accountResolvers = {
|
|
7
10
|
Query: {
|
|
8
11
|
account: async (_parent, { id }, { siteContext, httpContext }) => {
|
|
9
|
-
authGuard(httpContext);
|
|
10
12
|
siteReadyGuard(siteContext);
|
|
13
|
+
await permissionGuard(siteContext, httpContext, "site.manageUsers");
|
|
11
14
|
const acccount = await getAccount(siteContext, id);
|
|
12
15
|
return acccount;
|
|
13
16
|
},
|
|
@@ -25,50 +28,163 @@ export const accountResolvers = {
|
|
|
25
28
|
return await getAuthenticatedAccount(siteContext, payload.id);
|
|
26
29
|
},
|
|
27
30
|
allAccounts: async (_parent, _values, { siteContext, httpContext }) => {
|
|
28
|
-
authGuard(httpContext);
|
|
29
31
|
siteReadyGuard(siteContext);
|
|
32
|
+
await permissionGuard(siteContext, httpContext, "site.manageUsers");
|
|
30
33
|
return await getAllAccounts(siteContext);
|
|
31
34
|
},
|
|
32
35
|
},
|
|
33
36
|
Mutation: {
|
|
34
37
|
createAccount: async (_parent, { values }, { siteContext, httpContext }) => {
|
|
35
|
-
authGuard(httpContext);
|
|
36
38
|
siteReadyGuard(siteContext);
|
|
37
|
-
|
|
39
|
+
const authorizedAccount = await permissionGuard(siteContext, httpContext, "site.manageUsers");
|
|
40
|
+
const newAccount = await createAccount(siteContext, {
|
|
38
41
|
accountType: formatAccountType(values.accountType),
|
|
39
42
|
email: values.email,
|
|
40
43
|
language: values.language,
|
|
41
44
|
name: values.name ?? undefined,
|
|
42
45
|
});
|
|
46
|
+
recordEvent(siteContext, {
|
|
47
|
+
eventType: "account.create",
|
|
48
|
+
actorId: authorizedAccount.accountId,
|
|
49
|
+
targetType: "account",
|
|
50
|
+
targetId: newAccount.id,
|
|
51
|
+
eventData: {
|
|
52
|
+
accountId: newAccount.id,
|
|
53
|
+
email: newAccount.email,
|
|
54
|
+
name: newAccount.name,
|
|
55
|
+
},
|
|
56
|
+
});
|
|
57
|
+
return newAccount;
|
|
43
58
|
},
|
|
44
59
|
updateAccount: async (_parent, { accountId, values }, { siteContext, httpContext }) => {
|
|
45
|
-
authGuard(httpContext);
|
|
46
60
|
siteReadyGuard(siteContext);
|
|
47
|
-
|
|
61
|
+
const authorizedAccount = await permissionGuard(siteContext, httpContext, "site.manageUsers");
|
|
62
|
+
const accountToUpdate = await getAccount(siteContext, accountId);
|
|
63
|
+
if (["localDev", "platformAdmin"].includes(accountToUpdate.loginMethod ?? "")) {
|
|
64
|
+
throw new ApiError("Cannot update special accounts", 403);
|
|
65
|
+
}
|
|
66
|
+
if (!accountToUpdate.active) {
|
|
67
|
+
throw new ApiError("Cannot update inactive accounts", 403);
|
|
68
|
+
}
|
|
69
|
+
const oldAccount = accountToUpdate;
|
|
70
|
+
const changedFields = [];
|
|
71
|
+
if (values.name !== undefined && values.name !== oldAccount.name) {
|
|
72
|
+
changedFields.push("name");
|
|
73
|
+
}
|
|
74
|
+
if (values.email !== undefined && values.email !== oldAccount.email) {
|
|
75
|
+
changedFields.push("email");
|
|
76
|
+
}
|
|
77
|
+
const updatedAccount = await updateAccount(siteContext, accountId, {
|
|
48
78
|
email: values.email ?? undefined,
|
|
49
79
|
name: values.name ?? undefined,
|
|
50
80
|
});
|
|
81
|
+
if (changedFields.length > 0) {
|
|
82
|
+
recordEvent(siteContext, {
|
|
83
|
+
eventType: "account.update",
|
|
84
|
+
actorId: authorizedAccount.accountId,
|
|
85
|
+
targetType: "account",
|
|
86
|
+
targetId: accountId,
|
|
87
|
+
eventData: {
|
|
88
|
+
accountId,
|
|
89
|
+
email: updatedAccount.email,
|
|
90
|
+
changedFields,
|
|
91
|
+
},
|
|
92
|
+
});
|
|
93
|
+
}
|
|
94
|
+
return updatedAccount;
|
|
51
95
|
},
|
|
52
96
|
deleteAccount: async (_parent, { accountId }, { siteContext, httpContext }) => {
|
|
53
|
-
authGuard(httpContext);
|
|
54
97
|
siteReadyGuard(siteContext);
|
|
98
|
+
const authorizedAccount = await permissionGuard(siteContext, httpContext, "site.manageUsers");
|
|
99
|
+
const account = await getAccount(siteContext, accountId);
|
|
100
|
+
if (!account.active) {
|
|
101
|
+
throw new ApiError("Cannot delete inactive accounts", 403);
|
|
102
|
+
}
|
|
55
103
|
await deleteAccount(siteContext, accountId);
|
|
104
|
+
recordEvent(siteContext, {
|
|
105
|
+
eventType: "account.delete",
|
|
106
|
+
actorId: authorizedAccount.accountId,
|
|
107
|
+
targetType: "account",
|
|
108
|
+
targetId: accountId,
|
|
109
|
+
eventData: {
|
|
110
|
+
accountId,
|
|
111
|
+
email: account.email,
|
|
112
|
+
name: account.name,
|
|
113
|
+
},
|
|
114
|
+
});
|
|
115
|
+
return true;
|
|
116
|
+
},
|
|
117
|
+
reactivateAccount: async (_parent, { accountId }, { siteContext, httpContext }) => {
|
|
118
|
+
siteReadyGuard(siteContext);
|
|
119
|
+
const authorizedAccount = await permissionGuard(siteContext, httpContext, "site.manageUsers");
|
|
120
|
+
const account = await getAccount(siteContext, accountId);
|
|
121
|
+
if (account.active) {
|
|
122
|
+
throw new ApiError("Account is already active", 400);
|
|
123
|
+
}
|
|
124
|
+
await updateAccountActive(siteContext, accountId, true);
|
|
125
|
+
recordEvent(siteContext, {
|
|
126
|
+
eventType: "account.update",
|
|
127
|
+
actorId: authorizedAccount.accountId,
|
|
128
|
+
targetType: "account",
|
|
129
|
+
targetId: accountId,
|
|
130
|
+
eventData: {
|
|
131
|
+
accountId,
|
|
132
|
+
email: account.email,
|
|
133
|
+
changedFields: ["active"],
|
|
134
|
+
},
|
|
135
|
+
});
|
|
56
136
|
return true;
|
|
57
137
|
},
|
|
58
138
|
resetAccountPassword: async (_parent, { accountId }, { siteContext, httpContext }) => {
|
|
59
|
-
authGuard(httpContext);
|
|
60
139
|
siteReadyGuard(siteContext);
|
|
140
|
+
const authorizedAccount = await permissionGuard(siteContext, httpContext, "site.manageUsers");
|
|
141
|
+
const account = await getAccount(siteContext, accountId);
|
|
142
|
+
if (account.loginMethod && ["localDev", "platformAdmin"].includes(account.loginMethod)) {
|
|
143
|
+
throw new ApiError("Cannot reset password for special accounts", 403);
|
|
144
|
+
}
|
|
61
145
|
await resetAccountPassword(siteContext, accountId);
|
|
146
|
+
recordEvent(siteContext, {
|
|
147
|
+
eventType: "account.update",
|
|
148
|
+
actorId: authorizedAccount.accountId,
|
|
149
|
+
targetType: "account",
|
|
150
|
+
targetId: accountId,
|
|
151
|
+
eventData: {
|
|
152
|
+
accountId,
|
|
153
|
+
email: account.email,
|
|
154
|
+
changedFields: ["passwordReset"],
|
|
155
|
+
},
|
|
156
|
+
});
|
|
62
157
|
return true;
|
|
63
158
|
},
|
|
64
159
|
setAccountPreferences: async (_parent, { accountId, values }, { siteContext, httpContext }) => {
|
|
65
|
-
authGuard(httpContext);
|
|
66
160
|
siteReadyGuard(siteContext);
|
|
161
|
+
const account = await permissionGuard(siteContext, httpContext, "document.edit");
|
|
162
|
+
if (accountId !== account.accountId && !account.permissions.includes("site.manageUsers")) {
|
|
163
|
+
throw new ApiError("Cannot modify other users' preferences", 403);
|
|
164
|
+
}
|
|
67
165
|
await setAccountPreferences(siteContext, accountId, {
|
|
68
166
|
language: values.language ?? undefined,
|
|
167
|
+
currentAuthorNodeId: values.currentAuthorNodeId ?? undefined,
|
|
69
168
|
});
|
|
70
169
|
return accountId;
|
|
71
170
|
},
|
|
72
171
|
},
|
|
172
|
+
AuthenticatedAccount: {
|
|
173
|
+
roles: async (parent, _args, { siteContext }) => {
|
|
174
|
+
return await loadAccountRoles(siteContext, parent);
|
|
175
|
+
},
|
|
176
|
+
permissions: async (parent, _args, { siteContext }) => {
|
|
177
|
+
return await loadAccountPermissions(siteContext, parent);
|
|
178
|
+
},
|
|
179
|
+
active: () => {
|
|
180
|
+
return true;
|
|
181
|
+
},
|
|
182
|
+
loginMethod: (parent) => {
|
|
183
|
+
if (!parent.loginMethod) {
|
|
184
|
+
throw new ApiError("loginMethod is required for authenticated accounts", 500);
|
|
185
|
+
}
|
|
186
|
+
return parent.loginMethod;
|
|
187
|
+
},
|
|
188
|
+
},
|
|
73
189
|
};
|
|
74
190
|
//# sourceMappingURL=account.resolver.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"account.resolver.js","sourceRoot":"","sources":["../../../src/admin-backend/account/account.resolver.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,6BAA6B,CAAC;AAEvD,OAAO,EAAE,cAAc,EAAuB,MAAM,gCAAgC,CAAC;AACrF,OAAO,EAAE,SAAS,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AACtE,OAAO,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAC5D,OAAO,EACL,aAAa,EACb,aAAa,EACb,UAAU,EACV,cAAc,EACd,uBAAuB,EACvB,oBAAoB,EACpB,qBAAqB,EACrB,aAAa,
|
|
1
|
+
{"version":3,"file":"account.resolver.js","sourceRoot":"","sources":["../../../src/admin-backend/account/account.resolver.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,6BAA6B,CAAC;AAEvD,OAAO,EAAE,cAAc,EAAuB,MAAM,gCAAgC,CAAC;AACrF,OAAO,EAAE,SAAS,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AACtE,OAAO,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAC;AAClE,OAAO,EAAE,sBAAsB,EAAE,gBAAgB,EAAE,MAAM,mCAAmC,CAAC;AAC7F,OAAO,EAAE,WAAW,EAAE,MAAM,mCAAmC,CAAC;AAMhE,OAAO,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAC5D,OAAO,EACL,aAAa,EACb,aAAa,EACb,UAAU,EACV,cAAc,EACd,uBAAuB,EACvB,oBAAoB,EACpB,qBAAqB,EACrB,aAAa,EACb,mBAAmB,GACpB,MAAM,sBAAsB,CAAC;AAE9B,MAAM,CAAC,MAAM,gBAAgB,GAAiC;IAC5D,KAAK,EAAE;QACL,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,WAAW,EAAE,WAAW,EAAE,EAAE,EAAE;YAC/D,cAAc,CAAC,WAAW,CAAC,CAAC;YAC5B,MAAM,eAAe,CAAC,WAAW,EAAE,WAAW,EAAE,kBAAkB,CAAC,CAAC;YACpE,MAAM,QAAQ,GAAG,MAAM,UAAU,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;YACnD,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,WAAW,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,EAAE,WAAW,EAAE,WAAW,EAAE,EAAE,EAAE;YACpE,SAAS,CAAC,WAAW,CAAC,CAAC;YACvB,cAAc,CAAC,WAAW,CAAC,CAAC;YAC5B,MAAM,KAAK,GAAG,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,aAAa,EAAE,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;YAC/E,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,MAAM,IAAI,QAAQ,CAAC,gCAAgC,EAAE,GAAG,CAAC,CAAC;YAC5D,CAAC;YAED,MAAM,OAAO,GAAG,iBAAiB,CAAC,KAAK,CAAC,CAAC;YACzC,IAAI,CAAC,OAAO,CAAC,EAAE,EAAE,CAAC;gBAChB,MAAM,IAAI,QAAQ,CAAC,2BAA2B,EAAE,GAAG,CAAC,CAAC;YACvD,CAAC;YACD,OAAO,MAAM,uBAAuB,CAAC,WAAW,EAAE,OAAO,CAAC,EAAE,CAAC,CAAC;QAChE,CAAC;QAED,WAAW,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,EAAE,WAAW,EAAE,WAAW,EAAE,EAAE,EAAE;YACpE,cAAc,CAAC,WAAW,CAAC,CAAC;YAC5B,MAAM,eAAe,CAAC,WAAW,EAAE,WAAW,EAAE,kBAAkB,CAAC,CAAC;YACpE,OAAO,MAAM,cAAc,CAAC,WAAW,CAAC,CAAC;QAC3C,CAAC;KACF;IACD,QAAQ,EAAE;QACR,aAAa,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,WAAW,EAAE,WAAW,EAAE,EAAE,EAAE;YACzE,cAAc,CAAC,WAAW,CAAC,CAAC;YAC5B,MAAM,iBAAiB,GAAG,MAAM,eAAe,CAAC,WAAW,EAAE,WAAW,EAAE,kBAAkB,CAAC,CAAC;YAC9F,MAAM,UAAU,GAAG,MAAM,aAAa,CAAC,WAAW,EAAE;gBAClD,WAAW,EAAE,iBAAiB,CAAC,MAAM,CAAC,WAAW,CAAC;gBAClD,KAAK,EAAE,MAAM,CAAC,KAAK;gBACnB,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACzB,IAAI,EAAE,MAAM,CAAC,IAAI,IAAI,SAAS;aAC/B,CAAC,CAAC;YAEH,WAAW,CAAC,WAAW,EAAE;gBACvB,SAAS,EAAE,gBAAgB;gBAC3B,OAAO,EAAE,iBAAiB,CAAC,SAAS;gBACpC,UAAU,EAAE,SAAS;gBACrB,QAAQ,EAAE,UAAU,CAAC,EAAE;gBACvB,SAAS,EAAE;oBACT,SAAS,EAAE,UAAU,CAAC,EAAE;oBACxB,KAAK,EAAE,UAAU,CAAC,KAAK;oBACvB,IAAI,EAAE,UAAU,CAAC,IAAI;iBACY;aACpC,CAAC,CAAC;YAEH,OAAO,UAAU,CAAC;QACpB,CAAC;QAED,aAAa,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE,WAAW,EAAE,WAAW,EAAE,EAAE,EAAE;YACpF,cAAc,CAAC,WAAW,CAAC,CAAC;YAC5B,MAAM,iBAAiB,GAAG,MAAM,eAAe,CAAC,WAAW,EAAE,WAAW,EAAE,kBAAkB,CAAC,CAAC;YAE9F,MAAM,eAAe,GAAG,MAAM,UAAU,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC;YACjE,IAAI,CAAC,UAAU,EAAE,eAAe,CAAC,CAAC,QAAQ,CAAC,eAAe,CAAC,WAAW,IAAI,EAAE,CAAC,EAAE,CAAC;gBAC9E,MAAM,IAAI,QAAQ,CAAC,gCAAgC,EAAE,GAAG,CAAC,CAAC;YAC5D,CAAC;YACD,IAAI,CAAC,eAAe,CAAC,MAAM,EAAE,CAAC;gBAC5B,MAAM,IAAI,QAAQ,CAAC,iCAAiC,EAAE,GAAG,CAAC,CAAC;YAC7D,CAAC;YAED,MAAM,UAAU,GAAG,eAAe,CAAC;YACnC,MAAM,aAAa,GAAa,EAAE,CAAC;YAEnC,IAAI,MAAM,CAAC,IAAI,KAAK,SAAS,IAAI,MAAM,CAAC,IAAI,KAAK,UAAU,CAAC,IAAI,EAAE,CAAC;gBACjE,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAC7B,CAAC;YACD,IAAI,MAAM,CAAC,KAAK,KAAK,SAAS,IAAI,MAAM,CAAC,KAAK,KAAK,UAAU,CAAC,KAAK,EAAE,CAAC;gBACpE,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC9B,CAAC;YAED,MAAM,cAAc,GAAG,MAAM,aAAa,CAAC,WAAW,EAAE,SAAS,EAAE;gBACjE,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI,SAAS;gBAChC,IAAI,EAAE,MAAM,CAAC,IAAI,IAAI,SAAS;aAC/B,CAAC,CAAC;YAEH,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC7B,WAAW,CAAC,WAAW,EAAE;oBACvB,SAAS,EAAE,gBAAgB;oBAC3B,OAAO,EAAE,iBAAiB,CAAC,SAAS;oBACpC,UAAU,EAAE,SAAS;oBACrB,QAAQ,EAAE,SAAS;oBACnB,SAAS,EAAE;wBACT,SAAS;wBACT,KAAK,EAAE,cAAc,CAAC,KAAK;wBAC3B,aAAa;qBACoB;iBACpC,CAAC,CAAC;YACL,CAAC;YAED,OAAO,cAAc,CAAC;QACxB,CAAC;QAED,aAAa,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,WAAW,EAAE,WAAW,EAAE,EAAE,EAAE;YAC5E,cAAc,CAAC,WAAW,CAAC,CAAC;YAC5B,MAAM,iBAAiB,GAAG,MAAM,eAAe,CAAC,WAAW,EAAE,WAAW,EAAE,kBAAkB,CAAC,CAAC;YAE9F,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC;YAEzD,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,QAAQ,CAAC,iCAAiC,EAAE,GAAG,CAAC,CAAC;YAC7D,CAAC;YAED,MAAM,aAAa,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC;YAE5C,WAAW,CAAC,WAAW,EAAE;gBACvB,SAAS,EAAE,gBAAgB;gBAC3B,OAAO,EAAE,iBAAiB,CAAC,SAAS;gBACpC,UAAU,EAAE,SAAS;gBACrB,QAAQ,EAAE,SAAS;gBACnB,SAAS,EAAE;oBACT,SAAS;oBACT,KAAK,EAAE,OAAO,CAAC,KAAK;oBACpB,IAAI,EAAE,OAAO,CAAC,IAAI;iBACe;aACpC,CAAC,CAAC;YAEH,OAAO,IAAI,CAAC;QACd,CAAC;QAED,iBAAiB,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,WAAW,EAAE,WAAW,EAAE,EAAE,EAAE;YAChF,cAAc,CAAC,WAAW,CAAC,CAAC;YAC5B,MAAM,iBAAiB,GAAG,MAAM,eAAe,CAAC,WAAW,EAAE,WAAW,EAAE,kBAAkB,CAAC,CAAC;YAE9F,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC;YAEzD,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;gBACnB,MAAM,IAAI,QAAQ,CAAC,2BAA2B,EAAE,GAAG,CAAC,CAAC;YACvD,CAAC;YAED,MAAM,mBAAmB,CAAC,WAAW,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;YAExD,WAAW,CAAC,WAAW,EAAE;gBACvB,SAAS,EAAE,gBAAgB;gBAC3B,OAAO,EAAE,iBAAiB,CAAC,SAAS;gBACpC,UAAU,EAAE,SAAS;gBACrB,QAAQ,EAAE,SAAS;gBACnB,SAAS,EAAE;oBACT,SAAS;oBACT,KAAK,EAAE,OAAO,CAAC,KAAK;oBACpB,aAAa,EAAE,CAAC,QAAQ,CAAC;iBACQ;aACpC,CAAC,CAAC;YAEH,OAAO,IAAI,CAAC;QACd,CAAC;QAED,oBAAoB,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,WAAW,EAAE,WAAW,EAAE,EAAE,EAAE;YACnF,cAAc,CAAC,WAAW,CAAC,CAAC;YAC5B,MAAM,iBAAiB,GAAG,MAAM,eAAe,CAAC,WAAW,EAAE,WAAW,EAAE,kBAAkB,CAAC,CAAC;YAE9F,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC;YAEzD,IAAI,OAAO,CAAC,WAAW,IAAI,CAAC,UAAU,EAAE,eAAe,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;gBACvF,MAAM,IAAI,QAAQ,CAAC,4CAA4C,EAAE,GAAG,CAAC,CAAC;YACxE,CAAC;YAED,MAAM,oBAAoB,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC;YAEnD,WAAW,CAAC,WAAW,EAAE;gBACvB,SAAS,EAAE,gBAAgB;gBAC3B,OAAO,EAAE,iBAAiB,CAAC,SAAS;gBACpC,UAAU,EAAE,SAAS;gBACrB,QAAQ,EAAE,SAAS;gBACnB,SAAS,EAAE;oBACT,SAAS;oBACT,KAAK,EAAE,OAAO,CAAC,KAAK;oBACpB,aAAa,EAAE,CAAC,eAAe,CAAC;iBACC;aACpC,CAAC,CAAC;YAEH,OAAO,IAAI,CAAC;QACd,CAAC;QAED,qBAAqB,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE,WAAW,EAAE,WAAW,EAAE,EAAE,EAAE;YAC5F,cAAc,CAAC,WAAW,CAAC,CAAC;YAC5B,MAAM,OAAO,GAAG,MAAM,eAAe,CAAC,WAAW,EAAE,WAAW,EAAE,eAAe,CAAC,CAAC;YACjF,IAAI,SAAS,KAAK,OAAO,CAAC,SAAS,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,CAAC;gBACzF,MAAM,IAAI,QAAQ,CAAC,wCAAwC,EAAE,GAAG,CAAC,CAAC;YACpE,CAAC;YACD,MAAM,qBAAqB,CAAC,WAAW,EAAE,SAAS,EAAE;gBAClD,QAAQ,EAAE,MAAM,CAAC,QAAQ,IAAI,SAAS;gBACtC,mBAAmB,EAAE,MAAM,CAAC,mBAAmB,IAAI,SAAS;aAC7D,CAAC,CAAC;YACH,OAAO,SAAS,CAAC;QACnB,CAAC;KACF;IAED,oBAAoB,EAAE;QACpB,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE;YAC9C,OAAO,MAAM,gBAAgB,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;QACrD,CAAC;QAED,WAAW,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE;YACpD,OAAO,MAAM,sBAAsB,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;QAC3D,CAAC;QAED,MAAM,EAAE,GAAG,EAAE;YACX,OAAO,IAAI,CAAC;QACd,CAAC;QAED,WAAW,EAAE,CAAC,MAAM,EAAE,EAAE;YACtB,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;gBACxB,MAAM,IAAI,QAAQ,CAAC,oDAAoD,EAAE,GAAG,CAAC,CAAC;YAChF,CAAC;YACD,OAAO,MAAM,CAAC,WAAW,CAAC;QAC5B,CAAC;KACF;CACF,CAAC"}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import type { Account } from "../../common/data-format.js";
|
|
2
|
+
import type { SiteContext } from "../../site-context/site-context.types.js";
|
|
3
|
+
export interface AuthorNode {
|
|
4
|
+
nodeId: string;
|
|
5
|
+
title?: string;
|
|
6
|
+
}
|
|
7
|
+
export declare function linkAuthorToAccount(siteContext: Pick<SiteContext, "cn">, authorNodeId: string, accountId: string): Promise<void>;
|
|
8
|
+
export declare function unlinkAuthorFromAccount(siteContext: Pick<SiteContext, "cn">, authorNodeId: string, accountId: string): Promise<void>;
|
|
9
|
+
export declare function getLinkedAuthors(siteContext: Pick<SiteContext, "cn">, accountId: string): Promise<AuthorNode[]>;
|
|
10
|
+
export declare function getLinkedAccounts(siteContext: Pick<SiteContext, "cn">, authorNodeId: string): Promise<Account[]>;
|
|
11
|
+
export declare function setCurrentAuthor(siteContext: Pick<SiteContext, "cn">, accountId: string, authorNodeId: string | undefined): Promise<void>;
|
|
12
|
+
export declare function getCurrentAuthor(siteContext: Pick<SiteContext, "cn">, accountId: string): Promise<AuthorNode | undefined>;
|
|
@@ -0,0 +1,110 @@
|
|
|
1
|
+
import { type } from "arktype";
|
|
2
|
+
import { AccountPreferencesAT, formatAccount } from "../../common/data-format.js";
|
|
3
|
+
const AuthorNodeRowAT = type({
|
|
4
|
+
nodeId: "number",
|
|
5
|
+
title: "string|null",
|
|
6
|
+
"+": "reject",
|
|
7
|
+
}).pipe((r) => ({
|
|
8
|
+
nodeId: String(r.nodeId),
|
|
9
|
+
title: r.title ?? undefined,
|
|
10
|
+
}));
|
|
11
|
+
const AccountRowAT = type({
|
|
12
|
+
id: "number",
|
|
13
|
+
email: "string",
|
|
14
|
+
name: "string|null",
|
|
15
|
+
preferences: "string|null",
|
|
16
|
+
passwordResetToken: "string|null",
|
|
17
|
+
active: "0|1",
|
|
18
|
+
"+": "reject",
|
|
19
|
+
}).pipe((r) => ({
|
|
20
|
+
id: String(r.id),
|
|
21
|
+
email: r.email,
|
|
22
|
+
name: r.name ?? undefined,
|
|
23
|
+
preferences: r.preferences ?? undefined,
|
|
24
|
+
passwordResetToken: r.passwordResetToken ?? undefined,
|
|
25
|
+
active: r.active === 1,
|
|
26
|
+
}));
|
|
27
|
+
export async function linkAuthorToAccount(siteContext, authorNodeId, accountId) {
|
|
28
|
+
await siteContext.cn("PaAuthorAccount").insert({
|
|
29
|
+
authorNodeId,
|
|
30
|
+
accountId,
|
|
31
|
+
});
|
|
32
|
+
}
|
|
33
|
+
export async function unlinkAuthorFromAccount(siteContext, authorNodeId, accountId) {
|
|
34
|
+
await siteContext.cn("PaAuthorAccount").where({ authorNodeId, accountId }).delete();
|
|
35
|
+
}
|
|
36
|
+
export async function getLinkedAuthors(siteContext, accountId) {
|
|
37
|
+
const rows = await siteContext
|
|
38
|
+
.cn("PaAuthorAccount as aa")
|
|
39
|
+
.innerJoin("PaNode as n", "n.id", "aa.authorNodeId")
|
|
40
|
+
.leftJoin("PaDocument as d", function () {
|
|
41
|
+
this.on("d.nodeId", "=", "n.id").andOn("d.language", "=", siteContext.cn.raw("?", ["en"]));
|
|
42
|
+
})
|
|
43
|
+
.select("n.id as nodeId", "d.title")
|
|
44
|
+
.where("aa.accountId", accountId);
|
|
45
|
+
return rows.map((row) => AuthorNodeRowAT.assert(row));
|
|
46
|
+
}
|
|
47
|
+
export async function getLinkedAccounts(siteContext, authorNodeId) {
|
|
48
|
+
const rows = await siteContext
|
|
49
|
+
.cn("PaAuthorAccount as aa")
|
|
50
|
+
.innerJoin("PaAccount as a", "a.id", "aa.accountId")
|
|
51
|
+
.select("a.id", "a.email", "a.name", "a.preferences", "a.passwordResetToken", "a.active")
|
|
52
|
+
.where("aa.authorNodeId", authorNodeId);
|
|
53
|
+
return rows.map((row) => formatAccount(AccountRowAT.assert(row)));
|
|
54
|
+
}
|
|
55
|
+
export async function setCurrentAuthor(siteContext, accountId, authorNodeId) {
|
|
56
|
+
const account = await siteContext
|
|
57
|
+
.cn("PaAccount")
|
|
58
|
+
.select("preferences")
|
|
59
|
+
.where("id", accountId)
|
|
60
|
+
.first();
|
|
61
|
+
if (!account)
|
|
62
|
+
return;
|
|
63
|
+
const PreferencesRowAT = type({
|
|
64
|
+
preferences: "string|null",
|
|
65
|
+
"+": "reject",
|
|
66
|
+
}).pipe((r) => ({
|
|
67
|
+
preferences: r.preferences ?? undefined,
|
|
68
|
+
}));
|
|
69
|
+
const validatedRow = PreferencesRowAT.assert(account);
|
|
70
|
+
const currentPreferences = validatedRow.preferences
|
|
71
|
+
? AccountPreferencesAT.assert(JSON.parse(validatedRow.preferences))
|
|
72
|
+
: {};
|
|
73
|
+
const newPreferences = {
|
|
74
|
+
...currentPreferences,
|
|
75
|
+
currentAuthorNodeId: authorNodeId,
|
|
76
|
+
};
|
|
77
|
+
await siteContext
|
|
78
|
+
.cn("PaAccount")
|
|
79
|
+
.where("id", accountId)
|
|
80
|
+
.update({ preferences: JSON.stringify(newPreferences) });
|
|
81
|
+
}
|
|
82
|
+
export async function getCurrentAuthor(siteContext, accountId) {
|
|
83
|
+
const linkedAuthors = await getLinkedAuthors(siteContext, accountId);
|
|
84
|
+
if (linkedAuthors.length === 0)
|
|
85
|
+
return;
|
|
86
|
+
if (linkedAuthors.length === 1)
|
|
87
|
+
return linkedAuthors[0];
|
|
88
|
+
const account = await siteContext
|
|
89
|
+
.cn("PaAccount")
|
|
90
|
+
.select("preferences")
|
|
91
|
+
.where("id", accountId)
|
|
92
|
+
.first();
|
|
93
|
+
if (!account)
|
|
94
|
+
return;
|
|
95
|
+
const PreferencesRowAT = type({
|
|
96
|
+
preferences: "string|null",
|
|
97
|
+
"+": "reject",
|
|
98
|
+
}).pipe((r) => ({
|
|
99
|
+
preferences: r.preferences ?? undefined,
|
|
100
|
+
}));
|
|
101
|
+
const validatedRow = PreferencesRowAT.assert(account);
|
|
102
|
+
if (!validatedRow.preferences)
|
|
103
|
+
return;
|
|
104
|
+
const preferences = AccountPreferencesAT.assert(JSON.parse(validatedRow.preferences));
|
|
105
|
+
if (!preferences.currentAuthorNodeId)
|
|
106
|
+
return;
|
|
107
|
+
const currentAuthor = linkedAuthors.find((author) => author.nodeId === preferences.currentAuthorNodeId);
|
|
108
|
+
return currentAuthor;
|
|
109
|
+
}
|
|
110
|
+
//# sourceMappingURL=author-account.queries.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"author-account.queries.js","sourceRoot":"","sources":["../../../src/admin-backend/account/author-account.queries.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,SAAS,CAAC;AAE/B,OAAO,EAAE,oBAAoB,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAQlF,MAAM,eAAe,GAAG,IAAI,CAAC;IAC3B,MAAM,EAAE,QAAQ;IAChB,KAAK,EAAE,aAAa;IACpB,GAAG,EAAE,QAAQ;CACd,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACd,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;IACxB,KAAK,EAAE,CAAC,CAAC,KAAK,IAAI,SAAS;CAC5B,CAAC,CAAC,CAAC;AAEJ,MAAM,YAAY,GAAG,IAAI,CAAC;IACxB,EAAE,EAAE,QAAQ;IACZ,KAAK,EAAE,QAAQ;IACf,IAAI,EAAE,aAAa;IACnB,WAAW,EAAE,aAAa;IAC1B,kBAAkB,EAAE,aAAa;IACjC,MAAM,EAAE,KAAK;IACb,GAAG,EAAE,QAAQ;CACd,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACd,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC;IAChB,KAAK,EAAE,CAAC,CAAC,KAAK;IACd,IAAI,EAAE,CAAC,CAAC,IAAI,IAAI,SAAS;IACzB,WAAW,EAAE,CAAC,CAAC,WAAW,IAAI,SAAS;IACvC,kBAAkB,EAAE,CAAC,CAAC,kBAAkB,IAAI,SAAS;IACrD,MAAM,EAAE,CAAC,CAAC,MAAM,KAAK,CAAC;CACvB,CAAC,CAAC,CAAC;AAEJ,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,WAAoC,EACpC,YAAoB,EACpB,SAAiB;IAEjB,MAAM,WAAW,CAAC,EAAE,CAAC,iBAAiB,CAAC,CAAC,MAAM,CAAC;QAC7C,YAAY;QACZ,SAAS;KACV,CAAC,CAAC;AACL,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,WAAoC,EACpC,YAAoB,EACpB,SAAiB;IAEjB,MAAM,WAAW,CAAC,EAAE,CAAC,iBAAiB,CAAC,CAAC,KAAK,CAAC,EAAE,YAAY,EAAE,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC;AACtF,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,WAAoC,EACpC,SAAiB;IAEjB,MAAM,IAAI,GAAG,MAAM,WAAW;SAC3B,EAAE,CAAC,uBAAuB,CAAC;SAC3B,SAAS,CAAC,aAAa,EAAE,MAAM,EAAE,iBAAiB,CAAC;SACnD,QAAQ,CAAC,iBAAiB,EAAE;QAC3B,IAAI,CAAC,EAAE,CAAC,UAAU,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC,KAAK,CAAC,YAAY,EAAE,GAAG,EAAE,WAAW,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC7F,CAAC,CAAC;SACD,MAAM,CAAC,gBAAgB,EAAE,SAAS,CAAC;SACnC,KAAK,CAAC,cAAc,EAAE,SAAS,CAAC,CAAC;IAEpC,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,eAAe,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;AACxD,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,WAAoC,EACpC,YAAoB;IAEpB,MAAM,IAAI,GAAG,MAAM,WAAW;SAC3B,EAAE,CAAC,uBAAuB,CAAC;SAC3B,SAAS,CAAC,gBAAgB,EAAE,MAAM,EAAE,cAAc,CAAC;SACnD,MAAM,CAAC,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,eAAe,EAAE,sBAAsB,EAAE,UAAU,CAAC;SACxF,KAAK,CAAC,iBAAiB,EAAE,YAAY,CAAC,CAAC;IAE1C,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,aAAa,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;AACpE,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,WAAoC,EACpC,SAAiB,EACjB,YAAgC;IAEhC,MAAM,OAAO,GAAG,MAAM,WAAW;SAC9B,EAAE,CAAC,WAAW,CAAC;SACf,MAAM,CAAC,aAAa,CAAC;SACrB,KAAK,CAAC,IAAI,EAAE,SAAS,CAAC;SACtB,KAAK,EAAE,CAAC;IAEX,IAAI,CAAC,OAAO;QAAE,OAAO;IAErB,MAAM,gBAAgB,GAAG,IAAI,CAAC;QAC5B,WAAW,EAAE,aAAa;QAC1B,GAAG,EAAE,QAAQ;KACd,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACd,WAAW,EAAE,CAAC,CAAC,WAAW,IAAI,SAAS;KACxC,CAAC,CAAC,CAAC;IAEJ,MAAM,YAAY,GAAG,gBAAgB,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAEtD,MAAM,kBAAkB,GAAuB,YAAY,CAAC,WAAW;QACrE,CAAC,CAAC,oBAAoB,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;QACnE,CAAC,CAAC,EAAE,CAAC;IAEP,MAAM,cAAc,GAAuB;QACzC,GAAG,kBAAkB;QACrB,mBAAmB,EAAE,YAAY;KAClC,CAAC;IAEF,MAAM,WAAW;SACd,EAAE,CAAC,WAAW,CAAC;SACf,KAAK,CAAC,IAAI,EAAE,SAAS,CAAC;SACtB,MAAM,CAAC,EAAE,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC,EAAE,CAAC,CAAC;AAC7D,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,WAAoC,EACpC,SAAiB;IAEjB,MAAM,aAAa,GAAG,MAAM,gBAAgB,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC;IAErE,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO;IAEvC,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,aAAa,CAAC,CAAC,CAAC,CAAC;IAExD,MAAM,OAAO,GAAG,MAAM,WAAW;SAC9B,EAAE,CAAC,WAAW,CAAC;SACf,MAAM,CAAC,aAAa,CAAC;SACrB,KAAK,CAAC,IAAI,EAAE,SAAS,CAAC;SACtB,KAAK,EAAE,CAAC;IAEX,IAAI,CAAC,OAAO;QAAE,OAAO;IAErB,MAAM,gBAAgB,GAAG,IAAI,CAAC;QAC5B,WAAW,EAAE,aAAa;QAC1B,GAAG,EAAE,QAAQ;KACd,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACd,WAAW,EAAE,CAAC,CAAC,WAAW,IAAI,SAAS;KACxC,CAAC,CAAC,CAAC;IAEJ,MAAM,YAAY,GAAG,gBAAgB,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAEtD,IAAI,CAAC,YAAY,CAAC,WAAW;QAAE,OAAO;IAEtC,MAAM,WAAW,GAAuB,oBAAoB,CAAC,MAAM,CACjE,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,WAAW,CAAC,CACrC,CAAC;IAEF,IAAI,CAAC,WAAW,CAAC,mBAAmB;QAAE,OAAO;IAE7C,MAAM,aAAa,GAAG,aAAa,CAAC,IAAI,CACtC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,KAAK,WAAW,CAAC,mBAAmB,CAC9D,CAAC;IAEF,OAAO,aAAa,CAAC;AACvB,CAAC"}
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
import { siteReadyGuard } from "../../graphql/graphql.types.js";
|
|
2
|
+
import { permissionGuard } from "../auth/authorization.helper.js";
|
|
3
|
+
import { getCurrentAuthor, getLinkedAccounts, getLinkedAuthors, linkAuthorToAccount, setCurrentAuthor, unlinkAuthorFromAccount, } from "./author-account.queries.js";
|
|
4
|
+
export const authorAccountResolvers = {
|
|
5
|
+
Mutation: {
|
|
6
|
+
linkAuthorToAccount: async (_parent, { authorNodeId, accountId }, { siteContext, httpContext }) => {
|
|
7
|
+
siteReadyGuard(siteContext);
|
|
8
|
+
await permissionGuard(siteContext, httpContext, "site.manageUsers");
|
|
9
|
+
await linkAuthorToAccount(siteContext, authorNodeId, accountId);
|
|
10
|
+
return true;
|
|
11
|
+
},
|
|
12
|
+
unlinkAuthorFromAccount: async (_parent, { authorNodeId, accountId }, { siteContext, httpContext }) => {
|
|
13
|
+
siteReadyGuard(siteContext);
|
|
14
|
+
await permissionGuard(siteContext, httpContext, "site.manageUsers");
|
|
15
|
+
await unlinkAuthorFromAccount(siteContext, authorNodeId, accountId);
|
|
16
|
+
return true;
|
|
17
|
+
},
|
|
18
|
+
setCurrentAuthor: async (_parent, { accountId, authorNodeId }, { siteContext, httpContext }) => {
|
|
19
|
+
siteReadyGuard(siteContext);
|
|
20
|
+
await permissionGuard(siteContext, httpContext, "site.manageUsers");
|
|
21
|
+
await setCurrentAuthor(siteContext, accountId, authorNodeId ?? undefined);
|
|
22
|
+
return true;
|
|
23
|
+
},
|
|
24
|
+
},
|
|
25
|
+
Account: {
|
|
26
|
+
linkedAuthors: async (parent, _args, { siteContext }) => {
|
|
27
|
+
return await getLinkedAuthors(siteContext, parent.id);
|
|
28
|
+
},
|
|
29
|
+
currentAuthor: async (parent, _args, { siteContext }) => {
|
|
30
|
+
return (await getCurrentAuthor(siteContext, parent.id)) ?? null;
|
|
31
|
+
},
|
|
32
|
+
},
|
|
33
|
+
Author: {
|
|
34
|
+
linkedAccounts: async (parent, _args, { siteContext }) => {
|
|
35
|
+
return await getLinkedAccounts(siteContext, parent.nodeId);
|
|
36
|
+
},
|
|
37
|
+
},
|
|
38
|
+
};
|
|
39
|
+
//# sourceMappingURL=author-account.resolver.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"author-account.resolver.js","sourceRoot":"","sources":["../../../src/admin-backend/account/author-account.resolver.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAuB,MAAM,gCAAgC,CAAC;AACrF,OAAO,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAC;AAClE,OAAO,EACL,gBAAgB,EAChB,iBAAiB,EACjB,gBAAgB,EAChB,mBAAmB,EACnB,gBAAgB,EAChB,uBAAuB,GACxB,MAAM,6BAA6B,CAAC;AAErC,MAAM,CAAC,MAAM,sBAAsB,GAAiC;IAClE,QAAQ,EAAE;QACR,mBAAmB,EAAE,KAAK,EACxB,OAAO,EACP,EAAE,YAAY,EAAE,SAAS,EAAE,EAC3B,EAAE,WAAW,EAAE,WAAW,EAAE,EAC5B,EAAE;YACF,cAAc,CAAC,WAAW,CAAC,CAAC;YAC5B,MAAM,eAAe,CAAC,WAAW,EAAE,WAAW,EAAE,kBAAkB,CAAC,CAAC;YACpE,MAAM,mBAAmB,CAAC,WAAW,EAAE,YAAY,EAAE,SAAS,CAAC,CAAC;YAChE,OAAO,IAAI,CAAC;QACd,CAAC;QAED,uBAAuB,EAAE,KAAK,EAC5B,OAAO,EACP,EAAE,YAAY,EAAE,SAAS,EAAE,EAC3B,EAAE,WAAW,EAAE,WAAW,EAAE,EAC5B,EAAE;YACF,cAAc,CAAC,WAAW,CAAC,CAAC;YAC5B,MAAM,eAAe,CAAC,WAAW,EAAE,WAAW,EAAE,kBAAkB,CAAC,CAAC;YACpE,MAAM,uBAAuB,CAAC,WAAW,EAAE,YAAY,EAAE,SAAS,CAAC,CAAC;YACpE,OAAO,IAAI,CAAC;QACd,CAAC;QAED,gBAAgB,EAAE,KAAK,EACrB,OAAO,EACP,EAAE,SAAS,EAAE,YAAY,EAAE,EAC3B,EAAE,WAAW,EAAE,WAAW,EAAE,EAC5B,EAAE;YACF,cAAc,CAAC,WAAW,CAAC,CAAC;YAC5B,MAAM,eAAe,CAAC,WAAW,EAAE,WAAW,EAAE,kBAAkB,CAAC,CAAC;YACpE,MAAM,gBAAgB,CAAC,WAAW,EAAE,SAAS,EAAE,YAAY,IAAI,SAAS,CAAC,CAAC;YAC1E,OAAO,IAAI,CAAC;QACd,CAAC;KACF;IAED,OAAO,EAAE;QACP,aAAa,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE;YACtD,OAAO,MAAM,gBAAgB,CAAC,WAAW,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC;QACxD,CAAC;QAED,aAAa,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE;YACtD,OAAO,CAAC,MAAM,gBAAgB,CAAC,WAAW,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC,IAAI,IAAI,CAAC;QAClE,CAAC;KACF;IAED,MAAM,EAAE;QACN,cAAc,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE;YACvD,OAAO,MAAM,iBAAiB,CAAC,WAAW,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;QAC7D,CAAC;KACF;CACF,CAAC"}
|
|
@@ -1,9 +1,11 @@
|
|
|
1
|
+
import type { LoginMethod } from "@paroicms/public-anywhere-lib";
|
|
1
2
|
import type { PaHttpContext } from "@paroicms/public-server-lib";
|
|
2
3
|
import type { Request, Response } from "express";
|
|
3
4
|
export interface BearerTokenPayload {
|
|
4
5
|
id: string;
|
|
5
6
|
email: string;
|
|
6
7
|
fqdn: string;
|
|
8
|
+
loginMethod: LoginMethod;
|
|
7
9
|
}
|
|
8
10
|
export declare function authGuard(httpContext: PaHttpContext): BearerTokenPayload;
|
|
9
11
|
export interface GoogleUser {
|
|
@@ -1,8 +1,16 @@
|
|
|
1
1
|
import { isObj } from "@paroicms/public-anywhere-lib";
|
|
2
2
|
import { ApiError } from "@paroicms/public-server-lib";
|
|
3
|
+
import { type } from "arktype";
|
|
3
4
|
import passport from "passport";
|
|
4
5
|
import { jwtExpiresIn, jwtSecret, platformJwtSecret } from "../../context.js";
|
|
5
6
|
const { sign, verify } = (await import("jsonwebtoken")).default;
|
|
7
|
+
const BearerTokenPayloadAT = type({
|
|
8
|
+
id: "string",
|
|
9
|
+
email: "string",
|
|
10
|
+
fqdn: "string",
|
|
11
|
+
loginMethod: '"local"|"localDev"|"platform"|"platformAdmin"',
|
|
12
|
+
"+": "ignore",
|
|
13
|
+
});
|
|
6
14
|
export function authGuard(httpContext) {
|
|
7
15
|
const { req } = httpContext;
|
|
8
16
|
const authorization = req.headers.authorization;
|
|
@@ -12,7 +20,7 @@ export function authGuard(httpContext) {
|
|
|
12
20
|
const token = authorization.substring(7);
|
|
13
21
|
let payload;
|
|
14
22
|
try {
|
|
15
|
-
payload = verify(token, jwtSecret);
|
|
23
|
+
payload = BearerTokenPayloadAT.assert(verify(token, jwtSecret));
|
|
16
24
|
}
|
|
17
25
|
catch {
|
|
18
26
|
throw new ApiError("Unauthorized", 401);
|
|
@@ -38,7 +46,7 @@ function isGoogleUser(user) {
|
|
|
38
46
|
}
|
|
39
47
|
export function verifyAccessToken(token) {
|
|
40
48
|
try {
|
|
41
|
-
return verify(token, jwtSecret);
|
|
49
|
+
return BearerTokenPayloadAT.assert(verify(token, jwtSecret));
|
|
42
50
|
}
|
|
43
51
|
catch {
|
|
44
52
|
throw new ApiError("Invalid token", 401);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.helper.js","sourceRoot":"","sources":["../../../src/admin-backend/auth/auth.helper.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"auth.helper.js","sourceRoot":"","sources":["../../../src/admin-backend/auth/auth.helper.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,EAAE,MAAM,+BAA+B,CAAC;AAEtD,OAAO,EAAE,QAAQ,EAAE,MAAM,6BAA6B,CAAC;AACvD,OAAO,EAAE,IAAI,EAAE,MAAM,SAAS,CAAC;AAE/B,OAAO,QAAQ,MAAM,UAAU,CAAC;AAChC,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAE9E,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,MAAM,CAAC,cAAc,CAAC,CAAC,CAAC,OAAO,CAAC;AAShE,MAAM,oBAAoB,GAAG,IAAI,CAAC;IAChC,EAAE,EAAE,QAAQ;IACZ,KAAK,EAAE,QAAQ;IACf,IAAI,EAAE,QAAQ;IACd,WAAW,EAAE,+CAA+C;IAC5D,GAAG,EAAE,QAAQ;CACd,CAAC,CAAC;AAEH,MAAM,UAAU,SAAS,CAAC,WAA0B;IAClD,MAAM,EAAE,GAAG,EAAE,GAAG,WAAW,CAAC;IAC5B,MAAM,aAAa,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC;IAEhD,IAAI,CAAC,aAAa,IAAI,CAAC,aAAa,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC3D,MAAM,IAAI,QAAQ,CAAC,cAAc,EAAE,GAAG,CAAC,CAAC;IAC1C,CAAC;IAED,MAAM,KAAK,GAAG,aAAa,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;IAEzC,IAAI,OAA2B,CAAC;IAChC,IAAI,CAAC;QACH,OAAO,GAAG,oBAAoB,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC,CAAC;IAClE,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,QAAQ,CAAC,cAAc,EAAE,GAAG,CAAC,CAAC;IAC1C,CAAC;IACD,IAAI,OAAO,CAAC,IAAI,KAAK,GAAG,CAAC,QAAQ,EAAE,CAAC;QAClC,MAAM,IAAI,QAAQ,CAAC,qBAAqB,EAAE,GAAG,CAAC,CAAC;IACjD,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAMD,MAAM,UAAU,eAAe,CAAC,GAAY,EAAE,GAAa;IACzD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,QAAQ,CAAC,YAAY,CAAC,QAAQ,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,CAAC,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE;YACvE,IAAI,GAAG,IAAI,CAAC,IAAI,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,EAAE,CAAC;gBACxC,MAAM,CAAC,IAAI,QAAQ,CAAC,cAAc,EAAE,GAAG,CAAC,CAAC,CAAC;gBAC1C,OAAO;YACT,CAAC;YACD,OAAO,CAAC,IAAI,CAAC,CAAC;QAChB,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IACf,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,YAAY,CAAC,IAAa;IACjC,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,CAAC;AACvD,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,KAAa;IAC7C,IAAI,CAAC;QACH,OAAO,oBAAoB,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC,CAAC;IAC/D,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,QAAQ,CAAC,eAAe,EAAE,GAAG,CAAC,CAAC;IAC3C,CAAC;AACH,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,aAAqB;IACvD,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACvB,MAAM,IAAI,QAAQ,CAAC,wBAAwB,EAAE,GAAG,CAAC,CAAC;IACpD,CAAC;IAED,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,CAAC,aAAa,EAAE,iBAAiB,CAAe,CAAC;QACvE,IAAI,CAAC,OAAO,EAAE,KAAK,EAAE,CAAC;YACpB,MAAM,IAAI,QAAQ,CAAC,kCAAkC,EAAE,GAAG,CAAC,CAAC;QAC9D,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,QAAQ,CAAC,yBAAyB,EAAE,GAAG,CAAC,CAAC;IACrD,CAAC;AACH,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,OAA2B;IAC7D,OAAO,IAAI,CAAC,OAAO,EAAE,SAAS,EAAE,EAAE,SAAS,EAAE,YAAY,EAAE,CAAC,CAAC;AAC/D,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,OAAmB;IACvD,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACvB,MAAM,IAAI,QAAQ,CAAC,wBAAwB,EAAE,GAAG,CAAC,CAAC;IACpD,CAAC;IAED,OAAO,IAAI,CAAC,OAAO,EAAE,iBAAiB,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;AAC/D,CAAC"}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import type { SiteContext } from "../../site-context/site-context.types.js";
|
|
2
2
|
import type { LoginFailed, LoginInput, LoginSuccess } from "./auth.types.js";
|
|
3
|
-
export declare function
|
|
3
|
+
export declare function loginLocalUser(siteContext: Pick<SiteContext, "cn" | "logger" | "fqdn">, options: {
|
|
4
4
|
user: LoginInput;
|
|
5
5
|
defaultLanguage: string;
|
|
6
6
|
}): Promise<LoginSuccess | LoginFailed>;
|