@punks/backend-entity-manager 0.0.67 → 0.0.69

package/dist/cjs/index.js

@@ -5,6 +5,7 @@ Object.defineProperty(exports, '__esModule', { value: true });
 var backendCore = require('@punks/backend-core');
 var common = require('@nestjs/common');
 var swagger = require('@nestjs/swagger');
+var core = require('@nestjs/core');
 var async_hooks = require('async_hooks');
 var bcrypt = require('bcrypt');
 var constants = require('@nestjs/common/constants');
@@ -13,7 +14,6 @@ var metadataScanner = require('@nestjs/core/metadata-scanner');
 var jwt = require('@nestjs/jwt');
 var eventEmitter = require('@nestjs/event-emitter');
 var typeorm = require('typeorm');
-var core = require('@nestjs/core');
 var clientSes = require('@aws-sdk/client-ses');
 var require$$2 = require('fs');
 var mail = require('@sendgrid/mail');
@@ -320,10 +320,27 @@ __decorate([
 
 const AuthenticationExtensionSymbols = {
     UserService: Symbol.for("WP.EXT:AUTHENTICATION.USER_SERVICE"),
+    RolesService: Symbol.for("WP.EXT:AUTHENTICATION.ROLES_SERVICE"),
+    UserRolesService: Symbol.for("WP.EXT:AUTHENTICATION.USER_ROLES_SERVICE"),
+};
+const AuthenticationGuardsSymbols = {
+    Authenticated: "guard:authenticated",
+    Public: "guard:public",
+    Roles: "guard:roles",
+    MemberOf: "guard:memberOf",
 };
 
+const Public = () => common.SetMetadata(AuthenticationGuardsSymbols.Public, true);
+const Authenticated = () => common.SetMetadata(AuthenticationGuardsSymbols.Authenticated, true);
+const Roles = (...roles) => common.SetMetadata(AuthenticationGuardsSymbols.Roles, roles);
+const MemberOf = (...groups) => common.SetMetadata(AuthenticationGuardsSymbols.MemberOf, groups);
+
+const WpRolesService = () => common.applyDecorators(common.Injectable(), common.SetMetadata(AuthenticationExtensionSymbols.RolesService, true));
+
 const WpUserService = () => common.applyDecorators(common.Injectable(), common.SetMetadata(AuthenticationExtensionSymbols.UserService, true));
 
+const WpUserRolesService = () => common.applyDecorators(common.Injectable(), common.SetMetadata(AuthenticationExtensionSymbols.UserRolesService, true));
+
 const AuthenticationEmailTemplates = {
     Registration: "registration",
     PasswordReset: "passwordReset",
@@ -358,6 +375,59 @@ const AuthenticationEvents = {
     UserPasswordResetCompleted: `${AUTHENTICATION_EVENTS_NAMESPACE}:user.passwordResetCompleted`,
 };
 
+exports.AuthGuard = class AuthGuard {
+    constructor(reflector) {
+        this.reflector = reflector;
+    }
+    canActivate(context) {
+        const isPublic = this.getIsPublic(context);
+        if (isPublic) {
+            return true;
+        }
+        const auth = this.getCurrentAuth(context);
+        const allowedRoles = this.getAllowedRoles(context);
+        if (allowedRoles) {
+            return this.isRoleMatching(allowedRoles, auth?.roles ?? []);
+        }
+        const isForAllAuthenticated = this.getIsForAllAuthenticated(context);
+        if (isForAllAuthenticated) {
+            return !!auth?.user;
+        }
+        return false;
+    }
+    isRoleMatching(allowedRoles, userRoles) {
+        return userRoles.some((role) => allowedRoles.includes(role.uid));
+    }
+    getIsForAllAuthenticated(context) {
+        return this.getMetadata(AuthenticationGuardsSymbols.Authenticated, context);
+    }
+    getIsPublic(context) {
+        return this.getMetadata(AuthenticationGuardsSymbols.Public, context);
+    }
+    getAllowedRoles(context) {
+        return this.getMetadata(AuthenticationGuardsSymbols.Roles, context);
+    }
+    getCurrentAuth(context) {
+        const request = context.switchToHttp()?.getRequest();
+        return request?.auth?.user
+            ? {
+                user: request.auth.user,
+                roles: request.auth.roles,
+            }
+            : undefined;
+    }
+    getMetadata(symbol, context) {
+        return this.reflector.getAllAndOverride(symbol, [
+            context.getHandler(),
+            context.getClass(),
+        ]);
+    }
+};
+exports.AuthGuard = __decorate([
+    common.Injectable(),
+    __metadata("design:paramtypes", [core.Reflector])
+], exports.AuthGuard);
+
 const asyncLocalStorage = new async_hooks.AsyncLocalStorage();
 
 exports.AppSessionService = class AppSessionService {
@@ -19081,12 +19151,30 @@ let AuthenticationServicesResolver = class AuthenticationServicesResolver {
     registerUsersService(usersService) {
         this.usersService = usersService;
     }
+    registerRoleService(rolesService) {
+        this.rolesService = rolesService;
+    }
+    registerUserRolesService(userRolesService) {
+        this.usersRolesService = userRolesService;
+    }
     getUsersService() {
         if (!this.usersService) {
             throw new Error("Users service is not registered");
         }
         return this.usersService;
     }
+    getRoleService() {
+        if (!this.rolesService) {
+            throw new Error("Roles service is not registered");
+        }
+        return this.rolesService;
+    }
+    getUserRoleService() {
+        if (!this.usersRolesService) {
+            throw new Error("User roles service is not registered");
+        }
+        return this.usersRolesService;
+    }
 };
 AuthenticationServicesResolver = __decorate([
     common.Injectable()
@@ -19195,6 +19283,7 @@ let UserRegistrationHandler = class UserRegistrationHandler {
             this.logger.debug(`User already exists but not verified. Sending new verification email: ${input.email} - ${input.userName}`, { user });
             return {
                 success: true,
+                userId: user.id,
             };
         }
         const newUser = await this.createUser(input.email, input.registrationInfo, input.context);
@@ -19209,6 +19298,7 @@ let UserRegistrationHandler = class UserRegistrationHandler {
         });
         return {
             success: true,
+            userId: newUser.id,
         };
     }
     async createPasswordHash(password, userId) {
@@ -19573,7 +19663,7 @@ UserVerifyRequestHandler = __decorate([
 ], UserVerifyRequestHandler);
 
 exports.AuthenticationService = class AuthenticationService {
-    constructor(userDisableHandler, userEnableHandler, userLoginHandler, userPasswordChangeHandler, userPasswordResetFinalizeHandler, userPasswordResetRequestHandler, userRegistrationHandler, userTokenVerifyHandler, userVerifyRequestHandler, userVerifyCompleteHandler) {
+    constructor(userDisableHandler, userEnableHandler, userLoginHandler, userPasswordChangeHandler, userPasswordResetFinalizeHandler, userPasswordResetRequestHandler, userRegistrationHandler, userTokenVerifyHandler, userVerifyRequestHandler, userVerifyCompleteHandler, resolver) {
         this.userDisableHandler = userDisableHandler;
         this.userEnableHandler = userEnableHandler;
         this.userLoginHandler = userLoginHandler;
@@ -19584,6 +19674,7 @@ exports.AuthenticationService = class AuthenticationService {
         this.userTokenVerifyHandler = userTokenVerifyHandler;
         this.userVerifyRequestHandler = userVerifyRequestHandler;
         this.userVerifyCompleteHandler = userVerifyCompleteHandler;
+        this.resolver = resolver;
     }
     async userDisable(input) {
         await this.userDisableHandler.execute(input);
@@ -19615,6 +19706,15 @@ exports.AuthenticationService = class AuthenticationService {
     async userTokenVerify(input) {
         return await this.userTokenVerifyHandler.execute(input);
     }
+    get usersService() {
+        return this.resolver.getUsersService();
+    }
+    get rolesService() {
+        return this.resolver.getRoleService();
+    }
+    get userRolesService() {
+        return this.resolver.getUserRoleService();
+    }
 };
 exports.AuthenticationService = __decorate([
     common.Injectable(),
@@ -19627,12 +19727,13 @@ exports.AuthenticationService = __decorate([
         UserRegistrationHandler,
         UserTokenVerifyHandler,
         UserVerifyRequestHandler,
-        UserVerifyCompleteHandler])
+        UserVerifyCompleteHandler,
+        AuthenticationServicesResolver])
 ], exports.AuthenticationService);
 
-const Services$1 = [exports.AuthenticationService];
+const Services$2 = [exports.AuthenticationService];
 
-const Services = [
+const Services$1 = [
     exports.AppSessionService,
     exports.AppHashingService,
     exports.EntityManagerService,
@@ -19855,8 +19956,8 @@ exports.EntityManagerModule = class EntityManagerModule {
 exports.EntityManagerModule = __decorate([
     common.Module({
         imports: [CustomDiscoveryModule, eventEmitter.EventEmitterModule],
-        providers: [...IoC, ...Providers, ...Processors, ...Services],
-        exports: [exports.EntityManagerRegistry, ...Services],
+        providers: [...IoC, ...Providers, ...Processors, ...Services$1],
+        exports: [exports.EntityManagerRegistry, ...Services$1],
     })
 ], exports.EntityManagerModule);
 
@@ -19883,16 +19984,44 @@ let AuthenticationInitializer = AuthenticationInitializer_1 = class Authenticati
         this.logger = new common.Logger(AuthenticationInitializer_1.name);
     }
     async initialize(app) {
-        const userService = await this.discoverUserService();
-        if (!userService) {
+        await this.registerRolesService();
+        await this.registerUsersService();
+        await this.registerUserRolesService();
+        this.logger.log("Authentication initialized 🔑");
+    }
+    async registerRolesService() {
+        const service = await this.discoverRolesService();
+        if (!service) {
+            throw new Error("No roles service found");
+        }
+        this.registry.registerRoleService(service.discoveredClass.instance);
+        this.logger.log(`Authentication roles service ${service.discoveredClass.name} registered`);
+    }
+    async registerUsersService() {
+        const service = await this.discoverUserService();
+        if (!service) {
             throw new Error("No user service found");
         }
-        this.registry.registerUsersService(userService.discoveredClass.instance);
-        this.logger.log("Authentication initialized 🔑");
+        this.registry.registerUsersService(service.discoveredClass.instance);
+        this.logger.log(`Authentication users service ${service.discoveredClass.name} registered`);
+    }
+    async registerUserRolesService() {
+        const service = await this.discoverUserRolesService();
+        if (!service) {
+            throw new Error("No user roles service found");
+        }
+        this.registry.registerUserRolesService(service.discoveredClass.instance);
+        this.logger.log(`Authentication user roles service ${service.discoveredClass.name} registered`);
     }
     async discoverUserService() {
         return await this.discover.providerWithMetaAtKey(AuthenticationExtensionSymbols.UserService);
     }
+    async discoverRolesService() {
+        return await this.discover.providerWithMetaAtKey(AuthenticationExtensionSymbols.RolesService);
+    }
+    async discoverUserRolesService() {
+        return await this.discover.providerWithMetaAtKey(AuthenticationExtensionSymbols.UserRolesService);
+    }
 };
 AuthenticationInitializer = AuthenticationInitializer_1 = __decorate([
     WpAppInitializer(),
@@ -19900,17 +20029,95 @@ AuthenticationInitializer = AuthenticationInitializer_1 = __decorate([
         AuthenticationServicesResolver])
 ], AuthenticationInitializer);
 
+class AppSession {
+    constructor(request, response) {
+        this._map = new Map();
+        this._request = request;
+        this._response = response;
+    }
+    get(key) {
+        return this._map.get(key);
+    }
+    set(key, value) {
+        this._map.set(key, value);
+    }
+    delete(key) {
+        this._map.delete(key);
+    }
+    clear() {
+        this._map.clear();
+    }
+    get request() {
+        return this._request;
+    }
+    get response() {
+        return this._response;
+    }
+}
+
+exports.AppSessionMiddleware = class AppSessionMiddleware {
+    use(req, res, next) {
+        asyncLocalStorage.run(new AppSession(req, res), () => {
+            next();
+        });
+    }
+};
+exports.AppSessionMiddleware = __decorate([
+    common.Injectable()
+], exports.AppSessionMiddleware);
+function appSessionMiddleware(req, res, next) {
+    asyncLocalStorage.run(new AppSession(req, res), () => {
+        next();
+    });
+}
+
+let AuthenticationMiddleware = class AuthenticationMiddleware {
+    constructor(authService) {
+        this.authService = authService;
+    }
+    async use(req, res, next) {
+        const token = this.extractTokenFromHeader(req);
+        if (token) {
+            const parsedToken = await this.authService.userTokenVerify({ token });
+            if (parsedToken.isValid) {
+                const user = await this.getUserFromToken(parsedToken.data);
+                const roles = user ? await this.getUserRoles(user) : [];
+                req.auth = {
+                    user,
+                    roles,
+                };
+            }
+        }
+        next();
+    }
+    async getUserFromToken(parsedToken) {
+        return await this.authService.usersService.getById(parsedToken.userId);
+    }
+    async getUserRoles(user) {
+        return await this.authService.userRolesService.getUserRoles(user.id);
+    }
+    extractTokenFromHeader(request) {
+        const [type, token] = request.headers.authorization?.split(" ") ?? [];
+        return type === "Bearer" ? token : undefined;
+    }
+};
+AuthenticationMiddleware = __decorate([
+    common.Injectable(),
+    __metadata("design:paramtypes", [exports.AuthenticationService])
+], AuthenticationMiddleware);
+
 var AuthenticationModule_1;
 const ModuleData$2 = {
     imports: [exports.EntityManagerModule, jwt.JwtModule],
     providers: [
         AuthenticationServicesResolver,
         AuthenticationInitializer,
-        ...Services$1,
+        exports.AuthGuard,
+        ...Services$2,
         ...UserHandlers,
         ...AuthenticationProviders,
     ],
-    exports: [...Services$1],
+    exports: [...Services$2],
 };
 exports.AuthenticationModule = AuthenticationModule_1 = class AuthenticationModule {
     static forRoot(input) {
@@ -19920,6 +20127,13 @@ exports.AuthenticationModule = AuthenticationModule_1 = class AuthenticationModu
             ...ModuleData$2,
         };
     }
+    configure(consumer) {
+        consumer
+            .apply(appSessionMiddleware)
+            .forRoutes("*")
+            .apply(AuthenticationMiddleware)
+            .forRoutes("*");
+    }
 };
 exports.AuthenticationModule = AuthenticationModule_1 = __decorate([
     common.Module({
@@ -19927,10 +20141,41 @@ exports.AuthenticationModule = AuthenticationModule_1 = __decorate([
     })
 ], exports.AuthenticationModule);
 
+let OrganizationInitializerService = class OrganizationInitializerService {
+    constructor(registry) {
+        this.registry = registry;
+    }
+    async execute(template) { }
+};
+OrganizationInitializerService = __decorate([
+    common.Injectable(),
+    __metadata("design:paramtypes", [exports.EntityManagerRegistry])
+], OrganizationInitializerService);
+
+let TenantInitializerService = class TenantInitializerService {
+    constructor(registry) {
+        this.registry = registry;
+    }
+    async execute(template) { }
+};
+TenantInitializerService = __decorate([
+    common.Injectable(),
+    __metadata("design:paramtypes", [exports.EntityManagerRegistry])
+], TenantInitializerService);
+
+const Services = [
+    OrganizationInitializerService,
+    TenantInitializerService,
+];
+
 exports.MultiTenancyModule = class MultiTenancyModule {
 };
 exports.MultiTenancyModule = __decorate([
-    common.Module({})
+    common.Module({
+        imports: [exports.EntityManagerModule],
+        providers: [...Providers, ...Services],
+        exports: [...Services],
+    })
 ], exports.MultiTenancyModule);
 
 class QueryBuilderBase {
@@ -19980,7 +20225,7 @@ class TypeOrmQueryBuilder extends QueryBuilderBase {
                 ...(context ? this.buildContextFilter(context) : {}),
                 ...this.buildWhereClause(request),
             },
-            relations: this.getRelationsToLoad(request),
+            relations: this.getRelationsToLoad(request, context),
             ...this.buildPagingParameters(request),
         });
     }
@@ -25407,46 +25652,10 @@ exports.SendgridEmailModule = SendgridEmailModule_1 = __decorate([
     })
 ], exports.SendgridEmailModule);
 
-class AppSession {
-    constructor(request, response) {
-        this._map = new Map();
-        this._request = request;
-        this._response = response;
-    }
-    get(key) {
-        return this._map.get(key);
-    }
-    set(key, value) {
-        this._map.set(key, value);
-    }
-    delete(key) {
-        this._map.delete(key);
-    }
-    clear() {
-        this._map.clear();
-    }
-    get request() {
-        return this._request;
-    }
-    get response() {
-        return this._response;
-    }
-}
-
-exports.AppSessionMiddleware = class AppSessionMiddleware {
-    use(req, res, next) {
-        asyncLocalStorage.run(new AppSession(req, res), () => {
-            next();
-        });
-    }
-};
-exports.AppSessionMiddleware = __decorate([
-    common.Injectable()
-], exports.AppSessionMiddleware);
-
 exports.AUTHENTICATION_EVENTS_NAMESPACE = AUTHENTICATION_EVENTS_NAMESPACE;
 exports.AppExceptionsFilterBase = AppExceptionsFilterBase;
 exports.AppInMemorySettings = AppInMemorySettings;
+exports.Authenticated = Authenticated;
 exports.AuthenticationEmailTemplates = AuthenticationEmailTemplates;
 exports.AuthenticationError = AuthenticationError;
 exports.AuthenticationEvents = AuthenticationEvents;
@@ -25462,6 +25671,7 @@ exports.EntityNotFoundException = EntityNotFoundException;
 exports.EntityOperationUnauthorizedException = EntityOperationUnauthorizedException;
 exports.EntitySeeder = EntitySeeder;
 exports.InvalidCredentialsError = InvalidCredentialsError;
+exports.MemberOf = MemberOf;
 exports.MultipleEntitiesFoundException = MultipleEntitiesFoundException;
 exports.NestEntityActions = NestEntityActions;
 exports.NestEntityAuthorizationMiddleware = NestEntityAuthorizationMiddleware;
@@ -25474,7 +25684,9 @@ exports.NumericFacetItem = NumericFacetItem;
 exports.OperationTokenMismatchError = OperationTokenMismatchError;
 exports.PLATFORM_EVENT_NAMESPACE = PLATFORM_EVENT_NAMESPACE;
 exports.PlatformEvents = PlatformEvents;
+exports.Public = Public;
 exports.QueryBuilderBase = QueryBuilderBase;
+exports.Roles = Roles;
 exports.SendgridEmailTemplate = SendgridEmailTemplate;
 exports.StringFacet = StringFacet;
 exports.StringFacetItem = StringFacetItem;
@@ -25492,7 +25704,9 @@ exports.WpEntityQueryBuilder = WpEntityQueryBuilder;
 exports.WpEntityRepository = WpEntityRepository;
 exports.WpEntitySeeder = WpEntitySeeder;
 exports.WpEventsTracker = WpEventsTracker;
+exports.WpRolesService = WpRolesService;
 exports.WpSendgridEmailTemplate = WpSendgridEmailTemplate;
+exports.WpUserRolesService = WpUserRolesService;
 exports.WpUserService = WpUserService;
 exports.getLocalizedText = getLocalizedText;
 exports.newUuid = newUuid;