npm - @scryan7371/sdr-security - Versions diffs - 0.1.2 → 0.1.4 - Mend

@scryan7371/sdr-security 0.1.2 → 0.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (83) hide show

package/src/nest/security-workflows.service.test.ts CHANGED Viewed

@@ -20,25 +20,32 @@ const makeNotifier = () => ({
 const makeUser = () => ({
   id: "user-1",
   email: "user@example.com",
-  firstName: "A",
-  lastName: "B",
   isActive: true,
 });
 const setup = () => {
-  const usersRepo = makeRepo();
+  const appUsersRepo = makeRepo();
+  const securityUsersRepo = makeRepo();
   const rolesRepo = makeRepo();
   const userRolesRepo = makeRepo();
   const notifier = makeNotifier();
   const service = new SecurityWorkflowsService(
-    usersRepo as never,
+    appUsersRepo as never,
+    securityUsersRepo as never,
     rolesRepo as never,
     userRolesRepo as never,
     notifier as never,
   );
-  return { service, usersRepo, rolesRepo, userRolesRepo, notifier };
+  return {
+    service,
+    appUsersRepo,
+    securityUsersRepo,
+    rolesRepo,
+    userRolesRepo,
+    notifier,
+  };
 };
 describe("SecurityWorkflowsService", () => {
@@ -47,8 +54,8 @@ describe("SecurityWorkflowsService", () => {
   });
   it("marks email verified and notifies admins", async () => {
-    const { service, usersRepo, userRolesRepo, notifier } = setup();
-    usersRepo.findOne.mockResolvedValue(makeUser());
+    const { service, appUsersRepo, userRolesRepo, notifier } = setup();
+    appUsersRepo.findOne.mockResolvedValue(makeUser());
     const getRawMany = vi
       .fn()
@@ -73,8 +80,8 @@ describe("SecurityWorkflowsService", () => {
   });
   it("returns not-notified when no admins are present", async () => {
-    const { service, usersRepo, userRolesRepo } = setup();
-    usersRepo.findOne.mockResolvedValue(makeUser());
+    const { service, appUsersRepo, userRolesRepo } = setup();
+    appUsersRepo.findOne.mockResolvedValue(makeUser());
     const qb = {
       innerJoin: vi.fn().mockReturnThis(),
@@ -91,8 +98,8 @@ describe("SecurityWorkflowsService", () => {
   });
   it("throws when user is missing during verification flow", async () => {
-    const { service, usersRepo } = setup();
-    usersRepo.findOne.mockResolvedValue(null);
+    const { service, appUsersRepo } = setup();
+    appUsersRepo.findOne.mockResolvedValue(null);
     await expect(
       service.markEmailVerifiedAndNotifyAdmins("missing"),
@@ -100,8 +107,8 @@ describe("SecurityWorkflowsService", () => {
   });
   it("handles admin approval notifications", async () => {
-    const { service, usersRepo, notifier } = setup();
-    usersRepo.findOne.mockResolvedValue(makeUser());
+    const { service, appUsersRepo, notifier } = setup();
+    appUsersRepo.findOne.mockResolvedValue(makeUser());
     await expect(
       service.setAdminApprovalAndNotifyUser("user-1", false),
@@ -113,13 +120,12 @@ describe("SecurityWorkflowsService", () => {
     expect(notifier.sendUserAccountApproved).toHaveBeenCalledWith({
       email: "user@example.com",
-      firstName: "A",
     });
   });
   it("throws when approval target user is missing", async () => {
-    const { service, usersRepo } = setup();
-    usersRepo.findOne.mockResolvedValue(null);
+    const { service, appUsersRepo } = setup();
+    appUsersRepo.findOne.mockResolvedValue(null);
     await expect(
       service.setAdminApprovalAndNotifyUser("missing", true),
@@ -166,8 +172,8 @@ describe("SecurityWorkflowsService", () => {
   });
   it("gets and sets user roles", async () => {
-    const { service, usersRepo, userRolesRepo, rolesRepo } = setup();
-    usersRepo.findOne.mockResolvedValue(makeUser());
+    const { service, appUsersRepo, userRolesRepo, rolesRepo } = setup();
+    appUsersRepo.findOne.mockResolvedValue(makeUser());
     userRolesRepo.find.mockResolvedValue([{ roleId: "r1" }]);
     rolesRepo.find.mockResolvedValue([{ id: "r1", roleKey: "ADMIN" }]);
@@ -189,8 +195,8 @@ describe("SecurityWorkflowsService", () => {
   });
   it("assigns and removes role from user", async () => {
-    const { service, usersRepo, userRolesRepo, rolesRepo } = setup();
-    usersRepo.findOne.mockResolvedValue(makeUser());
+    const { service, appUsersRepo, userRolesRepo, rolesRepo } = setup();
+    appUsersRepo.findOne.mockResolvedValue(makeUser());
     userRolesRepo.find.mockResolvedValue([]);
     rolesRepo.find.mockResolvedValue([]);
@@ -206,21 +212,21 @@ describe("SecurityWorkflowsService", () => {
   });
   it("sets user active state", async () => {
-    const { service, usersRepo } = setup();
+    const { service, securityUsersRepo } = setup();
     await expect(service.setUserActive("user-1", false)).resolves.toEqual({
       success: true,
       userId: "user-1",
       active: false,
     });
-    expect(usersRepo.update).toHaveBeenCalledWith(
-      { id: "user-1" },
+    expect(securityUsersRepo.update).toHaveBeenCalledWith(
+      { userId: "user-1" },
       { isActive: false },
     );
   });
   it("throws when role operations target missing user", async () => {
-    const { service, usersRepo } = setup();
-    usersRepo.findOne.mockResolvedValue(null);
+    const { service, appUsersRepo } = setup();
+    appUsersRepo.findOne.mockResolvedValue(null);
     await expect(service.getUserRoles("missing")).rejects.toBeInstanceOf(
       NotFoundException,

package/src/nest/security-workflows.service.ts CHANGED Viewed

@@ -1,10 +1,12 @@
 import { Inject, Injectable, NotFoundException } from "@nestjs/common";
 import { InjectRepository } from "@nestjs/typeorm";
 import { In, Repository } from "typeorm";
+import { v7 as uuidv7 } from "uuid";
 import { ADMIN_ROLE } from "../api/contracts";
 import { normalizeRoleName } from "../api/roles";
 import { AppUserEntity } from "./entities/app-user.entity";
 import { SecurityRoleEntity } from "./entities/security-role.entity";
+import { SecurityUserEntity } from "./entities/security-user.entity";
 import { SecurityUserRoleEntity } from "./entities/security-user-role.entity";
 import { SecurityWorkflowNotifier } from "./contracts";
 import { SECURITY_WORKFLOW_NOTIFIER } from "./tokens";
@@ -13,7 +15,9 @@ import { SECURITY_WORKFLOW_NOTIFIER } from "./tokens";
 export class SecurityWorkflowsService {
   constructor(
     @InjectRepository(AppUserEntity)
-    private readonly usersRepo: Repository<AppUserEntity>,
+    private readonly appUsersRepo: Repository<AppUserEntity>,
+    @InjectRepository(SecurityUserEntity)
+    private readonly securityUsersRepo: Repository<SecurityUserEntity>,
     @InjectRepository(SecurityRoleEntity)
     private readonly rolesRepo: Repository<SecurityRoleEntity>,
     @InjectRepository(SecurityUserRoleEntity)
@@ -23,12 +27,12 @@ export class SecurityWorkflowsService {
   ) {}
   async markEmailVerifiedAndNotifyAdmins(userId: string) {
-    await this.usersRepo.update(
-      { id: userId },
+    await this.securityUsersRepo.update(
+      { userId },
       { emailVerifiedAt: new Date(), emailVerificationToken: null },
     );
-    const user = await this.usersRepo.findOne({ where: { id: userId } });
+    const user = await this.appUsersRepo.findOne({ where: { id: userId } });
     if (!user) {
       throw new NotFoundException("User not found");
     }
@@ -43,8 +47,6 @@ export class SecurityWorkflowsService {
       user: {
         id: user.id,
         email: user.email,
-        firstName: user.firstName,
-        lastName: user.lastName,
       },
     });
@@ -52,12 +54,12 @@ export class SecurityWorkflowsService {
   }
   async setAdminApprovalAndNotifyUser(userId: string, approved: boolean) {
-    await this.usersRepo.update(
-      { id: userId },
+    await this.securityUsersRepo.update(
+      { userId },
       { adminApprovedAt: approved ? new Date() : null },
     );
-    const user = await this.usersRepo.findOne({ where: { id: userId } });
+    const user = await this.appUsersRepo.findOne({ where: { id: userId } });
     if (!user) {
       throw new NotFoundException("User not found");
     }
@@ -68,7 +70,6 @@ export class SecurityWorkflowsService {
     await this.notifier.sendUserAccountApproved({
       email: user.email,
-      firstName: user.firstName,
     });
     return { success: true as const, notified: true as const };
@@ -79,8 +80,13 @@ export class SecurityWorkflowsService {
       .createQueryBuilder("userRole")
       .innerJoin("security_role", "role", "role.id = userRole.role_id")
       .innerJoin("app_user", "user", "user.id = userRole.user_id")
+      .innerJoin(
+        "security_user",
+        "securityUser",
+        "securityUser.user_id = userRole.user_id",
+      )
       .where("role.role_key = :roleKey", { roleKey: ADMIN_ROLE })
-      .andWhere("user.is_active = :isActive", { isActive: true })
+      .andWhere("securityUser.is_active = :isActive", { isActive: true })
       .select("DISTINCT user.email", "email")
       .getRawMany<{ email: string }>();
@@ -101,6 +107,7 @@ export class SecurityWorkflowsService {
     let role = await this.rolesRepo.findOne({ where: { roleKey } });
     if (!role) {
       role = this.rolesRepo.create({
+        id: uuidv7(),
         roleKey,
         description: description?.trim() || null,
         isSystem: roleKey === ADMIN_ROLE,
@@ -153,6 +160,7 @@ export class SecurityWorkflowsService {
       await this.userRolesRepo.save(
         roles.map((role) =>
           this.userRolesRepo.create({
+            id: uuidv7(),
             userId,
             roleId: role.id,
           }),
@@ -178,12 +186,12 @@ export class SecurityWorkflowsService {
   }
   async setUserActive(userId: string, active: boolean) {
-    await this.usersRepo.update({ id: userId }, { isActive: active });
+    await this.securityUsersRepo.update({ userId }, { isActive: active });
     return { success: true as const, userId, active };
   }
   private async assertUserExists(userId: string) {
-    const user = await this.usersRepo.findOne({ where: { id: userId } });
+    const user = await this.appUsersRepo.findOne({ where: { id: userId } });
     if (!user) {
       throw new NotFoundException("User not found");
     }
@@ -205,6 +213,7 @@ export class SecurityWorkflowsService {
     await this.rolesRepo.save(
       missing.map((roleKey) =>
         this.rolesRepo.create({
+          id: uuidv7(),
           roleKey,
           description: null,
           isSystem: roleKey === ADMIN_ROLE,

package/dist/api/migrations/1739490000000-add-google-subject-to-user.d.ts DELETED Viewed

@@ -1,5 +0,0 @@
-export declare class AddGoogleSubjectToUser1739490000000 {
-    name: string;
-    up(): Promise<void>;
-    down(): Promise<void>;
-}

package/dist/api/migrations/1739490000000-add-google-subject-to-user.js DELETED Viewed

@@ -1,14 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.AddGoogleSubjectToUser1739490000000 = void 0;
-class AddGoogleSubjectToUser1739490000000 {
-    name = "AddGoogleSubjectToUser1739490000000";
-    // Legacy migration retained for backward compatibility with existing migration history.
-    async up() {
-        return;
-    }
-    async down() {
-        return;
-    }
-}
-exports.AddGoogleSubjectToUser1739490000000 = AddGoogleSubjectToUser1739490000000;

package/src/api/migrations/1739490000000-add-google-subject-to-user.ts DELETED Viewed

@@ -1,12 +0,0 @@
-export class AddGoogleSubjectToUser1739490000000 {
-  name = "AddGoogleSubjectToUser1739490000000";
-  // Legacy migration retained for backward compatibility with existing migration history.
-  async up(): Promise<void> {
-    return;
-  }
-  async down(): Promise<void> {
-    return;
-  }
-}