@simitgroup/simpleapp-generator 1.0.23 → 1.0.25

package/templates/nest/SimpleAppController.eta

@@ -13,6 +13,7 @@ import { ApiTags, ApiBody, ApiResponse, ApiOperation } from '@nestjs/swagger';
 const doctype = 'person'.toUpperCase();
 type ServiceType = {
   list: Function;
+  search: Function;
   create: Function;
   update: Function;
   delete: Function;
@@ -34,10 +35,12 @@ export class SimpleAppController<TService extends ServiceType, TApiSchema, T> {
     this.service = service;
   }
 
-  
   async _list() {
     return this.service.list();
   }
+  async _search(searchObject:Object) {
+    return this.service.search(searchObject);
+  }
   async _autocomplete(keyword: string) {
     return this.service.getAutoComplete(keyword);
   }
@@ -47,7 +50,6 @@ export class SimpleAppController<TService extends ServiceType, TApiSchema, T> {
     return result as Type<TApiSchema>;
   }
 
-  
   async _create(data: TApiSchema) {
     //const newdata: persontype.Person = { ...data };
     const newdata: T = {} as T; //= { ...data };
@@ -55,14 +57,12 @@ export class SimpleAppController<TService extends ServiceType, TApiSchema, T> {
     return this.service.setData(newdata).create() as TApiSchema;
   }
 
-  
-  async _update( id: string,data: TApiSchema) {
+  async _update(id: string, data: TApiSchema) {
     const newdata: T = {} as T; //= { ...data };
     Object.assign(newdata, data); //
     return this.service.findIdThenUpdate(id, newdata) as TApiSchema;
   }
 
- 
   async _delete(id: string) {
     return this.service.findIdThenDelete(id);
   }

package/templates/nest/SimpleAppService.eta

@@ -4,10 +4,18 @@ import { Model } from 'mongoose';
 import Ajv from 'ajv';
 import addFormats from 'ajv-formats';
 import foreignkeys from '../dicts/foreignkeys.json';
+
 import {
   NotFoundException,
   InternalServerErrorException,
 } from '@nestjs/common/exceptions';
+import { User } from './User';
+
+export enum IsolationType {
+  'org' = 'org',
+  'tenant' = 'tenant',
+  'branch' = 'branch',
+}
 @Injectable()
 export class SimpleAppService<T extends { _id?: string }> {
   protected jsonschema = { type: 'object', properties: {}, required: [] };
@@ -16,11 +24,19 @@ export class SimpleAppService<T extends { _id?: string }> {
   protected documentName = 'category';
   protected documentType = 'CAT';
   protected LIMITPERPAGE = 20;
+  protected isolationtype: IsolationType = IsolationType.org;
+  protected isolationFilter: any = {};
   protected data: T = { _id: '' } as T;
-  protected doc: Model<T>;
+  private doc: Model<T>; //set private to prevent developer break data isolation control
   protected errorlist = [];
-  constructor(newdoc: Model<T>) {
+  constructor(
+    newdoc: Model<T>,
+    isolationtype: IsolationType = IsolationType.org,
+  ) {
     this.doc = newdoc;
+    this.isolationtype = isolationtype;
+
+    // this.tenantdoc = tenantdoc
   }
   getRecordId = (): string => this.data._id;
   setSchema = (newschema) => (this.jsonschema = newschema);
@@ -34,9 +50,27 @@ export class SimpleAppService<T extends { _id?: string }> {
     this.data = { ...newdata };
     return this;
   };
+  getIsolationFilter = () => {
+    let isolationFilter = {};
+    switch (this.isolationtype) {
+      case 'branch':
+        isolationFilter = User.getInstance().getBranchFilter();
+        break;
+      case 'tenant':
+        isolationFilter = User.getInstance().getTenantFilter();
+        break;
+      case 'org':
+      default:
+        isolationFilter = User.getInstance().getOrgFilter();
+        break;
+    }
+    return isolationFilter;
+  };
   async list() {
     try {
-      const products = await this.doc.find();
+      //console.log("this.isolationFilter",this.getIsolationFilter())
+      const products = await this.doc.find(this.getIsolationFilter());
+      // console.log(products)
       const productlist = products.map((p: T) => {
         return p;
       });
@@ -53,6 +87,8 @@ export class SimpleAppService<T extends { _id?: string }> {
       filter1[this.documentIdentityCode] = { $regex: keyword };
       filter2[this.documentIdentityName] = { $regex: keyword };
       const filterobj = { $or: [filter1, filter2] };
+
+      Object.assign(filterobj, this.getIsolationFilter());
       const projections = {
         id: `\$_id`,
         label: `\$${this.documentIdentityCode}`,
@@ -69,31 +105,37 @@ export class SimpleAppService<T extends { _id?: string }> {
       throw new InternalServerErrorException(err.message);
     }
   }
-  async findById(id: string) {
+  async search(filters: Object) {
     try {
-      //console.log('findById', id);
-      this.data = await this.doc.findById(id);
-      //console.log('findById done', this.data);
+      Object.assign(filters, this.getIsolationFilter());
+      const products = await this.doc.find(filters);
+      const productlist = products.map((p: T) => {
+        return p;
+      });
+      //   console.log(products);
+      return productlist;
     } catch (err) {
-      //error
       throw new InternalServerErrorException(err.message);
     }
-
-    if (!this.data) {
-      //data not found
-      throw new NotFoundException('Document Not found:');
-    }
-    //console.log('this.data', this.data);
-    return this.data;
     // return this;
   }
+  async findById(id: string) {
+    const data = await this.search({ _id: id });
+    if (data.length == 1) {
+      // console.log('data0', data[0]);
+      return data[0];
+    } else {
+      return null;
+    }
+  }
 
   async create() {
     let result;
 
     try {
+      Object.assign(this.data, User.getInstance().getCreateFilter());
       delete this.data._id;
-      this.validateData(this.data);
+      this.validateData(this.data);      
       const newdoc = new this.doc(this.data);
       result = await newdoc.save();
     } catch (err) {
@@ -103,14 +145,14 @@ export class SimpleAppService<T extends { _id?: string }> {
   }
   async update() {
     const id: string = this.getRecordId();
+    Object.assign(this.data, User.getInstance().getUpdateFilter());
     this.findIdThenUpdate(id, this.data);
   }
   async delete() {
-    
     const id: string = this.getRecordId();
     const dependency = await this.getRelatedRecords(id);
     if (!dependency) {
-     return await this.findIdThenDelete(id);
+      return await this.findIdThenDelete(id);
     } else {
       return dependency;
     }
@@ -121,10 +163,10 @@ export class SimpleAppService<T extends { _id?: string }> {
   validateData(data: T) {
     const ajv = new Ajv({ allErrors: true });
     addFormats(ajv);
-    ajv.addFormat('field-autocomplete-code', /.*$/);
-    ajv.addFormat('field-autocomplete-name', /.*$/);
-    ajv.addFormat('x-text',/.*$/)
-    ajv.addFormat('x-html',/.*$/)
+    ajv.addFormat('x-document-no', /.*$/);
+    ajv.addFormat('x-document-name', /.*$/);
+    ajv.addFormat('x-text', /.*$/);
+    ajv.addFormat('x-html', /.*$/);
     ajv.addKeyword({
       keyword: 'x-foreignkey',
       type: 'string',
@@ -135,28 +177,36 @@ export class SimpleAppService<T extends { _id?: string }> {
       for (let i = 0; i < this.errorlist.length; i++) {
         erromsg.push(this.errorlist[i].message);
       }
+      console.log("pre-validation:",erromsg)
       throw new InternalServerErrorException(erromsg.join('\n'));
     }
     const validate = ajv.compile(this.jsonschema);
     const valid = validate(data);
+    //console.log(validate.errors);
     if (!valid) {
-      //console.log(validate.errors);
+      // console.log(validate.errors);
       const erromsg: string[] = [];
       for (let i = 0; i < validate.errors.length; i++) {
         erromsg.push(validate.errors[i].message);
       }
+      console.log("ajv erromsg: ",erromsg)
       throw new InternalServerErrorException(erromsg.join('\n'));
     }
     this.hook('post-validation', data);
   }
 
-  async findIdThenDelete(id: string) {
+  async findIdThenDelete(id: string): Promise<any> {
     // const data = await this.findById(id);
     try {
       //console.log('deletedeletedeletedelete');
       const dependency = await this.getRelatedRecords(id);
       if (!dependency) {
-        const deleteresult = await this.doc.findByIdAndDelete(id);
+        let filter = this.getIsolationFilter();
+        filter['_id'] = id;
+        const deleteresult = await this.doc.deleteOne(filter);
+        // this.doc.findByIdAndDelete(id)
+
+        //this.doc.findByIdAndDelete(id);
         return deleteresult;
       } else {
         return Promise.reject(dependency);
@@ -166,20 +216,26 @@ export class SimpleAppService<T extends { _id?: string }> {
     }
   }
 
-  async findIdThenUpdate(id: string, data: T) {
-    // const existingdata = await this.findById(id);
+  updateOne = async (data: T) => {
+    this.doc.updateOne(data);
+  };
+
+  findIdThenUpdate = async (id: string, data: T) => {
+    const existingdata = await this.findById(id);
 
     try {
-      //console.log('findIdThenUpdate', id);
+      Object.assign(data, User.getInstance().getUpdateFilter());
+      Object.assign(existingdata, data);
       this.validateData(data);
-      // const result = await existingdata.doc.updateOne(data);
-      const result = await this.doc.findByIdAndUpdate(id, data);
+      let filter = this.getIsolationFilter();
+      filter['_id'] = id;
+      const result = await this.doc.findOneAndUpdate(filter, data);
 
       return result;
     } catch (err) {
       throw new InternalServerErrorException(err.message);
     }
-  }
+  };
 
   //find what foreign key constraint
   async getRelatedRecords(id: string) {

package/templates/nest/TenantMiddleware.eta

@@ -0,0 +1,39 @@
+import { Injectable, NestMiddleware, Scope } from '@nestjs/common';
+import { Request, Response, NextFunction } from 'express';
+// import * as jwt from 'nestjs-jwt'
+
+
+import { User } from './User';
+// import {KeycloakConfigService} from "../keycloak/keycloak.service"
+@Injectable({
+  scope: Scope.REQUEST,
+})
+
+export class TenantMiddleware implements NestMiddleware {
+  use(req: Request, res: Response, next: NextFunction) {
+    if (req.baseUrl == '/oauth2-redirect.html') {
+      next();
+      return ;
+    }
+    if(!req.headers['authorization']){
+      return res.status(401).send('Undefine bearer token');
+    }
+    if (!req.headers['x-org']){
+      return res.status(401).send('undefine header string x-org');
+    }
+    const u = User.getInstance();      
+
+    try {
+      u.setXorg(req.headers['x-org'].toString());
+      let tokenstr:string = req.headers['authorization']
+      tokenstr = tokenstr.replace("Bearer ",'')
+      u.setUserToken(tokenstr);      
+      next();
+    } catch {
+      return res.status(401).send('Invalid x-org or user info');
+    }
+
+
+    
+  }
+}

package/templates/nest/User.eta

@@ -0,0 +1,115 @@
+import { Injectable, Scope } from '@nestjs/common';
+import Base64URL from '@darkwolf/base64url';
+import  * as jwt from   'jsonwebtoken'
+
+
+
+      
+
+@Injectable({
+  scope: Scope.REQUEST,
+})
+export class User {
+  private static instance: User;
+  protected uid: string = '';
+  protected uname: string = '';
+  protected email: string = '';
+  protected fullname:string=''
+  protected xOrg: string = '';
+  protected tenantId: number = 0;
+  protected orgId: number = 0;
+  protected branchId: number = 0;
+  protected accessrights:any = {}
+  protected token:string = ''
+  protected refreshtoken:string = ''
+  constructor() {}
+  public static getInstance(): User {
+    if (!User.instance) {
+      User.instance = new User();
+    }
+    return User.instance;
+  }
+  setUserToken = (tokenstr: string) => {
+    const tokeninfo = jwt.decode(tokenstr)
+    // realm_access: {
+      //   roles: [
+      //     'default-roles-simitdeveloper',
+      //     'offline_access',
+      //     'uma_authorization'
+      //   ]
+      // },
+      // resource_access: { account: { roles: [Array] } },
+      // scope: 'openid email profile',
+      // sid: '53192f53-d4af-413b-b8d7-1e186419fe53',
+      // email_verified: false,
+      // name: 'kstan kstan',
+      // preferred_username: 'kstan',
+      // given_name: 'kstan',
+      // family_name: 'kstan',
+      // email: 'kstan@simitgroup.com'
+    
+    const u = User.getInstance()
+    u.token = tokenstr
+    u.uid = tokeninfo.sid;
+    u.email = tokeninfo.email
+    u.uname = tokeninfo.preferred_username
+    u.fullname = tokeninfo.name
+    u.accessrights = tokeninfo.resource_access
+  };
+  getInfo = () => {
+    return User.getInstance();
+  };
+  getBranchFilter = () => {
+    return {
+      tenantId: User.getInstance().tenantId,
+      orgId: User.getInstance().orgId,
+      branchId: User.getInstance().branchId,
+    };
+  };
+  getTenantFilter = () => {
+    return { tenantId: User.getInstance().tenantId };
+  };
+  getOrgFilter = () => {
+    return {
+      tenantId: User.getInstance().tenantId,
+      orgId: User.getInstance().orgId,
+    };
+  };
+
+  getCreateFilter = () => {
+    const u = User.getInstance();
+    return {
+      tenantId: u.tenantId,
+      orgId: u.orgId,
+      branchId: u.branchId,
+      createdby: u.uid,
+      updatedby: u.uid,
+      created: new Date().getTime().toString(),
+      updated: new Date().getTime().toString(),
+    };
+  };
+  getUpdateFilter = () => {
+    const u = User.getInstance();
+    return {
+      updatedby: u.uid,
+      updated: new Date().getTime().toString(),
+    };
+  };
+  setXorg = (xorg) => {
+    try {
+      const decodedText: string = Base64URL.decodeText(xorg);
+      const arrXorg = decodedText.split('-');
+
+      if (arrXorg.length == 3) {
+        const u = User.getInstance();
+        u.tenantId = Number(arrXorg[0]);
+        u.orgId = Number(arrXorg[1]);
+        u.branchId = Number(arrXorg[2]);
+      } else {
+        throw 'invalid x-org';
+      }
+    } catch (err) {
+      throw err;
+    }
+  };
+}

package/templates/nest/app.module.eta

@@ -1,15 +1,35 @@
-import { Module } from '@nestjs/common';
+import { Module,MiddlewareConsumer,NestModule } from '@nestjs/common';
 import { MongooseModule } from '@nestjs/mongoose';
 import { ConfigModule } from '@nestjs/config';
-
+import { ServeStaticModule } from '@nestjs/serve-static';
+import { join } from 'path';
+import {TenantMiddleware} from './class/TenantMiddleware'
 <% for(let i=0;i<it.length; i++){ %>
 import {<%= it[i].docname %>Module} from './docs/<%= it[i].doctype %>/<%= it[i].doctype %>.module'
 <%}%>
 
 @Module({
     //define environment variables: MONGODB_URL='mongodb://<user>:<pass>@<host>:<port>/<db>?authMechanism=DEFAULT'
-  imports: [ConfigModule.forRoot(),MongooseModule.forRoot(process.env.MONGODB_URL),<% for(let i=0;i<it.length; i++){ %><%= it[i].docname %>Module,<%}%>],
+  imports: [
+    ConfigModule.forRoot(),
+    MongooseModule.forRoot(process.env.MONGODB_URL),
+    ServeStaticModule.forRoot({
+      rootPath: join(__dirname, '..', 'public_html'),
+      exclude: ['/api/(.*)'],      
+    }),
+    <% for(let i=0;i<it.length; i++){ %><%= it[i].docname %>Module,<%}%>],
   controllers: [],
   providers: [],
 })
-export class AppModule {}
+export class AppModule implements NestModule{
+  configure(consumer: MiddlewareConsumer) {
+    consumer
+      .apply(TenantMiddleware)
+      // .exclude('/api-yaml')
+      // .exclude('/api-json')
+      // .exclude('/api')
+      .forRoutes('*')
+      
+      
+  }
+}

package/templates/nest/inputvalidation-exception.eta

@@ -0,0 +1,6 @@
+import {HttpException,HttpStatus} from '@nestjs/common'
+export class InputValidationExceptions extends HttpException {
+    constructor() {
+      super('input error', HttpStatus.INTERNAL_SERVER_ERROR);
+    }
+  }

package/templates/nest/nest.env.eta

@@ -4,4 +4,15 @@ HTTP_PORT=<%=it.backendPort%>
 
 PROJECT_NAME=SimpleApp Demo1
 PROJECT_DESCRIPTION=Try CRUD
-PROJECT_Version=1.0.0
+PROJECT_Version=1.0.0
+
+
+OAUTH2_CONFIGURL=<%=it.keycloaksetting.OAUTH2_CONFIGURL%>
+
+OAUTH2_CLIENTID=<%=it.keycloaksetting.OAUTH2_CLIENTID%>
+
+OAUTH2_CLIENTSECRET=<%=it.keycloaksetting.OAUTH2_CLIENTSECRET%>
+
+AUTH_SECRET_KEY=<%=it.keycloaksetting.AUTH_SECRET_KEY%>
+
+AUTH_ORIGIN=http://localhost:8080

package/templates/nest/nest.main.eta

@@ -9,12 +9,23 @@ async function bootstrap() {
     .setTitle(process.env.PROJECT_NAME)
     .setDescription(process.env.PROJECT_DESCRIPTION)
     .setVersion(process.env.PROJECT_VERSION)
+    .addApiKey({
+        in: 'header',name: 'x-org',type: 'apiKey',description: 'base 64 url encode. example: MS0xLTE',
+      },'x-org',)
+    .addOAuth2({
+        name:'oauth2',in:'header',type:'oauth2',flows:{          
+          implicit:{          
+            authorizationUrl: `${process.env.OAUTH2_CONFIGURL}/protocol/openid-connect/auth`,
+            scopes:[],                      
+          }}},'oauth2')
+    .addSecurityRequirements('x-org')
+    .addSecurityRequirements('oauth2')
     .build();
   const document = SwaggerModule.createDocument(app, config);
   SwaggerModule.setup('api', app, document, {
-    swaggerOptions: { showExtensions: true },
+    swaggerOptions: { showExtensions: true, persistAuthorization: true },
   });
 
-  await app.listen(process.env.HTTP_PORT ?? <%=it.backendPort%>); //listen which port
+  await app.listen(process.env.HTTP_PORT ?? 8000); //listen which port
 }
-bootstrap();
+bootstrap();

package/templates/nest/oauth2-redirect.eta

@@ -0,0 +1,79 @@
+<!doctype html>
+<html lang="en-US">
+<head>
+    <title>Swagger UI: OAuth2 Redirect</title>
+</head>
+<body>
+<script>
+    'use strict';
+    function run () {
+        var oauth2 = window.opener.swaggerUIRedirectOauth2;
+        var sentState = oauth2.state;
+        var redirectUrl = oauth2.redirectUrl;
+        var isValid, qp, arr;
+
+        if (/code|token|error/.test(window.location.hash)) {
+            qp = window.location.hash.substring(1).replace('?', '&');
+        } else {
+            qp = location.search.substring(1);
+        }
+
+        arr = qp.split("&");
+        arr.forEach(function (v,i,_arr) { _arr[i] = '"' + v.replace('=', '":"') + '"';});
+        qp = qp ? JSON.parse('{' + arr.join() + '}',
+                function (key, value) {
+                    return key === "" ? value : decodeURIComponent(value);
+                }
+        ) : {};
+
+        isValid = qp.state === sentState;
+
+        if ((
+          oauth2.auth.schema.get("flow") === "accessCode" ||
+          oauth2.auth.schema.get("flow") === "authorizationCode" ||
+          oauth2.auth.schema.get("flow") === "authorization_code"
+        ) && !oauth2.auth.code) {
+            if (!isValid) {
+                oauth2.errCb({
+                    authId: oauth2.auth.name,
+                    source: "auth",
+                    level: "warning",
+                    message: "Authorization may be unsafe, passed state was changed in server. The passed state wasn't returned from auth server."
+                });
+            }
+
+            if (qp.code) {
+                delete oauth2.state;
+                oauth2.auth.code = qp.code;
+                oauth2.callback({auth: oauth2.auth, redirectUrl: redirectUrl});
+            } else {
+                let oauthErrorMsg;
+                if (qp.error) {
+                    oauthErrorMsg = "["+qp.error+"]: " +
+                        (qp.error_description ? qp.error_description+ ". " : "no accessCode received from the server. ") +
+                        (qp.error_uri ? "More info: "+qp.error_uri : "");
+                }
+
+                oauth2.errCb({
+                    authId: oauth2.auth.name,
+                    source: "auth",
+                    level: "error",
+                    message: oauthErrorMsg || "[Authorization failed]: no accessCode received from the server."
+                });
+            }
+        } else {
+            oauth2.callback({auth: oauth2.auth, token: qp, isValid: isValid, redirectUrl: redirectUrl});
+        }
+        window.close();
+    }
+
+    if (document.readyState !== 'loading') {
+        run();
+    } else {
+        document.addEventListener('DOMContentLoaded', function () {
+            run();
+        });
+    }
+</script>
+</body>
+</html>