@simitgroup/simpleapp-generator 1.6.7-h-alpha → 1.6.7-j-alpha

package/templates/basic/nest/controller.ts.eta

@@ -34,28 +34,41 @@ import {Role} from '../commons/roles/roles.enum'
 import { Response } from 'express';
 import {AppUser} from '../commons/decorators/appuser.decorator'
 import {UserContext} from '../commons/user.context'
+import { MiniAppScope } from 'src/modules/mini-app/mini-app-scope/mini-app-scope.decorator';
 
+<%
+  const drawMiniAppScope = (actionName) => {
+    if(isWhitelistedMiniApp(actionName, it)){
+      return `@MiniAppScope('${it.resourceName}.${actionName}')`;
+    }
 
-<% const getFieldType =(proptype, typename,actionname)=>{
-  const systemtypes = ['Boolean','boolean','string','String','number','Number','object','Object','integer','Integer']
-  if(!typename) throw actionname +" undefine schema";
-  let tmptypename = typename.replace('[','').replace(']','')
-  
-  if(systemtypes.includes(tmptypename)){
-    if(proptype=='type' ) tmptypename =tmptypename.toLowerCase();
-  }else if(proptype=='schema'){
-    tmptypename= 'schemas.'+tmptypename    
-  }else{ //type
-    tmptypename= 'types.'+tmptypename
+    return '';
   }
+%>
 
-  if(typename.includes('[')){
-    return  proptype=='schema' ?  `[${tmptypename}]` : `${tmptypename}[]`
-  }else{
-    return tmptypename
+
+<% 
+  const getFieldType =(proptype, typename,actionname)=>{
+    const systemtypes = ['Boolean','boolean','string','String','number','Number','object','Object','integer','Integer']
+    if(!typename) throw actionname +" undefine schema";
+    let tmptypename = typename.replace('[','').replace(']','')
+    
+    if(systemtypes.includes(tmptypename)){
+      if(proptype=='type' ) tmptypename =tmptypename.toLowerCase();
+    }else if(proptype=='schema'){
+      tmptypename= 'schemas.'+tmptypename    
+    }else{ //type
+      tmptypename= 'types.'+tmptypename
+    }
+
+    if(typename.includes('[')){
+      return  proptype=='schema' ?  `[${tmptypename}]` : `${tmptypename}[]`
+    }else{
+      return tmptypename
+    }
   }
-}
 %>
+
 <% let superadmindoctype = ['tenant','globaluser'] %>
 const apiname = '<%= it.typename %>'.toUpperCase();
 @ApiTags(apiname)
@@ -103,6 +116,7 @@ export class <%= it.typename %>Controller extends SimpleAppAbstractController<
   @ApiQuery({ name: 'keyword', type:String})
   @ApiBody({ description: 'Data', type: ()=>Object})
   @ApiOperation({ operationId: 'autoComplete',description:"retrieve array of {_id, code, name}" })
+  <%~ drawMiniAppScope('autoComplete') %>
   async autoComplete(@AppUser() appuser: UserContext,
   @Query('keyword') keyword:string,
   @Body() data: types.<%=it.typename%>,
@@ -127,6 +141,7 @@ export class <%= it.typename %>Controller extends SimpleAppAbstractController<
   @ApiResponse({ status: 500, description: 'internal error' })
   @ApiBody({ description: 'Data',type:schemas.<%= it.typename%> })
   @ApiOperation({ operationId: 'runCreate' })
+  <%~ drawMiniAppScope('create') %>
   async create(@AppUser() appuser: UserContext,@Body() data: schemas.<%= it.typename%>) {    
     return await this._create(appuser,data)
   }
@@ -147,6 +162,7 @@ export class <%= it.typename %>Controller extends SimpleAppAbstractController<
   @ApiResponse({ status: 500, description: 'internal error' })
   @ApiBody({ description: 'Data', type: schemas.ApiSearchBody })
   @ApiOperation({ operationId: 'runSearch' })
+  <%~ drawMiniAppScope('list') %>
   async search(@AppUser() appuser: UserContext,@Body() data: types.SearchBody) {
     return await this._search(appuser,data)
   }
@@ -207,6 +223,7 @@ export class <%= it.typename %>Controller extends SimpleAppAbstractController<
         @ApiQuery({name: "<%=api['queryPara'][q]%>",required: false,type: String})
       <%}%> 
   <%}%>  
+  <%~ drawMiniAppScope(api.action) %>
   async <%=capitalizeFirstLetter(api.action) %>(
     @AppUser() appuser: UserContext,
     <%if(['post','put','patch'].includes(api.method.toLowerCase())){%> 
@@ -284,6 +301,7 @@ export class <%= it.typename %>Controller extends SimpleAppAbstractController<
   @ApiResponse({ status: 404, description: 'Document not found' })
   @ApiResponse({ status: 500, description: 'Internal error' })
   @ApiOperation({ operationId: 'runFindOne' })
+  <%~ drawMiniAppScope('detail') %>
   async findOne(@AppUser() appuser: UserContext,@Param('id') id: string) {    
     const data = await this._findOne(appuser, id);
      if(!data ){
@@ -308,6 +326,7 @@ export class <%= it.typename %>Controller extends SimpleAppAbstractController<
   @ApiResponse({ status: 500, description: 'Internal error' })
   @ApiBody({ description: 'Data',type: schemas.<%= it.typename%> })
   @ApiOperation({ operationId: 'runUpdate' })
+  <%~ drawMiniAppScope('update') %>
   async update(@AppUser() appuser: UserContext,@Param('id') id: string, @Body() data: schemas.<%= it.typename%>) {    
     return await this._update(appuser,id, data) ;
   }
@@ -325,6 +344,7 @@ export class <%= it.typename %>Controller extends SimpleAppAbstractController<
   @ApiResponse({ status: 500, description: 'Internal error' })
   @ApiBody({ description: 'Data',type: schemas.<%= it.typename%> })
   @ApiOperation({ operationId: 'runPatch' })
+  <%~ drawMiniAppScope('patch') %>
   async patch(@AppUser() appuser: UserContext,@Param('id') id: string, @Body() data: schemas.<%= it.typename%>) {    
     return await this._patch(appuser,id, data) ;
   }
@@ -343,6 +363,7 @@ export class <%= it.typename %>Controller extends SimpleAppAbstractController<
   @ApiResponse({ status: 404, description: 'Document not found' })
   @ApiResponse({ status: 500, description: 'Internal error' })
   @ApiOperation({ operationId: 'runDelete' })
+  <%~ drawMiniAppScope('delete') %>
   async delete(@AppUser() appuser: UserContext,@Param('id') id: string) {
     return this._delete(appuser,id);
   }

package/templates/basic/nuxt/resource-bridge.service.ts.eta

@@ -24,12 +24,13 @@ export type <%= typeActionName %> = (typeof actions)[number];
 export class MiniApp<%= pascalName %>BridgeService {
   protected api!: <%= apiName %>;
 
-  constructor(miniAppCode: string) {
+  constructor(miniAppCode: string, developerPortalAppId: string) {
     const config = getAxiosConfig();
     if(miniAppCode !== ""){
       config.baseOptions = {
         headers: {
-          "x-mini-app-code": miniAppCode
+          "x-mini-app-code": miniAppCode,
+          "x-mini-app-dev-portal-app-id": developerPortalAppId,
         }
       }
     }

package/templates/miniApi/src/constants/api-scopes.ts.eta

@@ -7,45 +7,63 @@
     const resourcePascalName = upperFirstCase(simpleAppConfig.resourceName);
     const resourceKebabName = camelToKebab(simpleAppConfig.resourceName);
     const additionalApis = simpleAppConfig?.additionalApis || [];
+    const resourceTitleName = titleCase(resourcePascalName);
     let availableApis = {};
 
     Object.entries(miniAppWhitelistApis).forEach(([action, value]) => {
       if (value !== true && typeof value !== 'object') { return; }
       let method = '';
+      let description = '';
+
       switch(action) {
-        case 'list':
         case 'detail':
           method = 'get';
+          description = `Retrieve a single ${resourceTitleName} record by ID.`;
+          break;
+
+        case 'list':
+          method = 'post';
+          description = `Retrieve ${resourceTitleName} records with optional filtering, sorting, and field selection.`;
           break;
 
         case 'create':
+          method = 'post';
+          description = `Create a new ${resourceTitleName} record.`;
+          break;
+
         case 'autoComplete':
           method = 'post';
+          description = `Retrieve a selectable list of ${resourceTitleName} options for dropdowns or autocomplete fields.`;
           break;
 
         case 'update':
           method = 'put';
+          description = `Replace an existing ${resourceTitleName} record with new data.`;
           break;
 
         case 'patch':
           method = 'patch';
+          description = `Update specific fields of an existing ${resourceTitleName} record.`;
           break;
 
         case 'delete':
           method = 'delete';
+          description = `Delete an existing ${resourceTitleName} record.`;
           break;
 
         case 'current':
           return;
-          break;
 
         default:
-          method = (additionalApis ?? []).find(item => item.action === action)?.method ?? '';
+          const additionalApiConfig = (additionalApis ?? []).find(item => item.action === action);
+          method = additionalApiConfig?.method ?? '';
+          description = additionalApiConfig?.description ?? '';
           break;
       }
 
       availableApis[action] = {
-        method: method
+        method: method,
+        description: description,
       }
     });
     

package/templates/miniApi/src/constants/available-custom-field.ts.eta

@@ -0,0 +1,22 @@
+<%
+  const modules = it.modules.sort((a, b) => a.docname.localeCompare(b.docname, undefined, { sensitivity: 'base' }));
+%>
+
+const customFields = [
+  <% modules.forEach(module => { %>
+    <%
+      const schema = module.schema; 
+      const simpleAppConfig = schema['x-simpleapp-config'];
+      const isEnabled = simpleAppConfig?.customField?.isEnable || false;
+    %>
+    <% if(isEnabled) { %>
+      {
+        documentType: '<%= simpleAppConfig.documentType%>',
+        documentName: '<%= simpleAppConfig.documentName%>',
+        resourceName: '<%= simpleAppConfig.resourceName%>',
+      },
+    <% } %>
+  <% }); %>
+];
+
+export default customFields;

package/templates/nest/src/simpleapp/generate/commons/middlewares/tenant.middleware.ts.eta

@@ -13,8 +13,10 @@ import { Model } from 'mongoose';
 import { Permission } from '../../types/perm.type';
 import { User } from '../../types/user.type';
 import { Appintegration } from '../../types/appintegration.type';
-import { Webhook } from '../../types';
+import { Miniappinstallation, Webhook } from '../../types';
 import { UserContext } from '../user.context';
+import { ApiKeyService } from './api-key/api-key.service';
+import { HEADER_X_API_KEY, HEADER_X_API_SECRET } from '../constants/header';
 
 @Injectable()
 export class TenantMiddleware implements NestMiddleware {
@@ -29,6 +31,8 @@ export class TenantMiddleware implements NestMiddleware {
     @InjectModel('Permission') private readonly permModel: Model<Permission>,
     @InjectModel('Appintegration') private readonly appModel: Model<Appintegration>,
     @InjectModel('Webhook') private readonly webhookModel: Model<Webhook>,
+    @InjectModel('Miniappinstallation') private readonly miniAppInstallationModel: Model<Miniappinstallation>,
+    private readonly apiKeyService: ApiKeyService,
   ) {}
 
   requireXOrg(baseurl: string): boolean {
@@ -51,11 +55,11 @@ export class TenantMiddleware implements NestMiddleware {
     tokenStr = tokenStr.replace('Bearer ', '');
     const xOrg = req.get('x-org') ?? this.defaultXOrg;
 
-    const user = new UserContext(this.userModel, this.permModel, this.appModel);
+    const user = new UserContext(this.userModel, this.permModel, this.appModel, this.miniAppInstallationModel);
 
     if (req.baseUrl == '/graphql') {
       if (tokenStr) {
-        await user.setCurrentUserInfo(tokenStr, xOrg,this.webhookModel);
+        await user.setCurrentUserInfo(tokenStr, xOrg, this.webhookModel);
       }
       req['sessionuser'] = user;
       next();
@@ -63,22 +67,37 @@ export class TenantMiddleware implements NestMiddleware {
     }
     this.logger.debug(`Running TenantMiddleware for ${req.baseUrl}`);
 
-    // If X_APIKEY defined, and there is api key and secret supplied. use robot user
-    if (process.env.X_APIKEY && req.get('x-apikey') && req.get('x-apisecret')) {
-      if (req.get('x-apikey') == process.env.X_APIKEY && req.get('x-apisecret') == process.env.X_APISECRET) {
-        user.setAsStaticUser('00000000-0000-0000-0000-000000000000', 'robot', 'Robot', 'robot@a.org', req.get('x-org') ?? this.defaultXOrg);
-        if (req.get('x-guest-accesstoken')) {
-          user.setGuestToken(req.get('x-guest-accesstoken'));
-        }
+    // Request Using API Key & Secret
+    const isApiKeyRequest = process.env.X_APIKEY && req.get(HEADER_X_API_KEY) && req.get(HEADER_X_API_SECRET);
+    if (isApiKeyRequest) {
+      try {
+        await this.apiKeyService.validate(req, user);
+
         req['sessionuser'] = user;
         next();
         return;
-      } else {
-        this.logger.log('Invalid API Key / Secret');
-        throw new BadRequestException('Invalid API Key / Secret');
+      } catch (e) {
+        throw e;
       }
     }
 
+    // If X_APIKEY defined, and there is api key and secret supplied. use robot user
+    // if (process.env.X_APIKEY && req.get('x-apikey') && req.get('x-apisecret')) {
+    //   if (req.get('x-apikey') == process.env.X_APIKEY && req.get('x-apisecret') == process.env.X_APISECRET) {
+    //     user.setAsStaticUser('00000000-0000-0000-0000-000000000000', 'robot', 'Robot', 'robot@a.org', req.get('x-org') ?? this.defaultXOrg);
+    //     if (req.get('x-guest-accesstoken')) {
+    //       user.setGuestToken(req.get('x-guest-accesstoken'));
+    //     }
+
+    //     req['sessionuser'] = user;
+    //     next();
+    //     return;
+    //   } else {
+    //     this.logger.log('Invalid API Key / Secret');
+    //     throw new BadRequestException('Invalid API Key / Secret');
+    //   }
+    // }
+
     if (!req.get('authorization')) {
       this.logger.log('Undefine Bearer Token');
       return res.status(401).send('Undefine Bearer Token');
@@ -90,7 +109,8 @@ export class TenantMiddleware implements NestMiddleware {
     }
 
     try {
-      await user.setCurrentUserInfo(tokenStr, xOrg,this.webhookModel);
+      await user.setCurrentUserInfo(tokenStr, xOrg, this.webhookModel);
+      user.detectMiniAppSdkRequest(req);
       if (user.getId() == '' && this.requireXOrg(req.baseUrl)) {
         this.logger.log('Access deny for user:', req.baseUrl);
         return res.status(401).send('Access deny for user');

package/templates/nest/src/simpleapp/generate/commons/robotuser.service.ts.eta

@@ -11,6 +11,7 @@ import { UserContext } from 'src/simpleapp/generate/commons/user.context';
 import { Permission } from 'src/simpleapp/services/perm.service';
 import { User } from 'src/simpleapp/services/user.service';
 import { Appintegration } from 'src/simpleapp/services/appintegration.service';
+import { Miniappinstallation } from '../types';
 const Base64URL = require('@darkwolf/base64url');
 @Injectable()
 export class SimpleAppRobotUserService {
@@ -22,6 +23,7 @@ export class SimpleAppRobotUserService {
   @InjectModel('User') private readonly usermodel: Model<User>;
   @InjectModel('Permission') private readonly permmodel: Model<Permission>;
   @InjectModel('Appintegration') private readonly appmodel: Model<Appintegration>;
+  @InjectModel('Miniappinstallation') private readonly miniAppInstallationModel: Model<Miniappinstallation>;
 
   constructor() {
     this.init();
@@ -91,14 +93,8 @@ export class SimpleAppRobotUserService {
 
   prepareAppUser(data: any) {
     // console.log('prepareAppUserprepareAppUser');
-    const appuser = new UserContext(this.usermodel, this.permmodel, this.appmodel);
-    appuser.setAsStaticUser(
-      '00000000-0000-0000-0000-000000000000',
-      'robot',
-      'Robot',
-      'robot@a.org',
-      Base64URL.encodeText('0-0-0'),
-    );
+    const appuser = new UserContext(this.usermodel, this.permmodel, this.appmodel, this.miniAppInstallationModel);
+    appuser.setAsStaticUser('00000000-0000-0000-0000-000000000000', 'robot', 'Robot', 'robot@a.org', Base64URL.encodeText('0-0-0'));
 
     const tenantId = data?.tenantId ?? 0;
     const orgId = data?.orgId ?? 0;

package/templates/nest/src/simpleapp/generate/commons/user.context.ts.eta

@@ -10,13 +10,14 @@ import { InjectModel } from '@nestjs/mongoose';
 import { BadRequestException, ForbiddenException, Injectable, Logger, Scope } from '@nestjs/common';
 import * as jwt from 'jsonwebtoken';
 import { ClientSession, Model, PipelineStage } from 'mongoose';
-import { Branch, Organization, Permission, Tenant, TenantClientSetting, User, Appintegration, Webhook } from 'src/simpleapp/generate/types';
+import { Branch, Organization, Permission, Tenant, TenantClientSetting, User, Appintegration, Webhook, Miniappinstallation, TUserType, TMiniApiTokenInfo } from 'src/simpleapp/generate/types';
 import { ProfileUserBranch, ProfileUserInvites } from '../../profile/profile.types';
 import { ModifiedRecords } from '../types';
 import { Role } from './roles/roles.enum';
 import systemWebHooks from '../../webhooks';
 import * as rolegroups from './roles/roles.group';
-
+import { isEmpty } from 'lodash';
+import { Request } from 'express';
 
 @Injectable({ scope: Scope.REQUEST })
 export class UserContext {
@@ -62,6 +63,10 @@ export class UserContext {
     email: string;
   } = { uid: '', uname: '', fullname: '', email: '' };
 
+  protected miniApiToken?: string;
+
+  protected miniApiTokenInfo?: TMiniApiTokenInfo;
+
   protected groups: string[] = [];
 
   protected branchCode: string = '';
@@ -92,7 +97,7 @@ export class UserContext {
 
   protected package: string = '';
 
-  protected webhooks: Webhook[] = systemWebHooks
+  protected webhooks: Webhook[] = systemWebHooks;
   protected clientSetting: TenantClientSetting = {
     auditTrail: false,
     support: false,
@@ -101,7 +106,7 @@ export class UserContext {
   };
 
   private dbsession: ClientSession;
-  
+
   protected modifiedRecords: ModifiedRecords = {
     createds: {},
     updateds: {},
@@ -113,10 +118,13 @@ export class UserContext {
     einvoice: boolean;
   } = { simbiz6: false, einvoice: false };
 
+  protected userType: TUserType = 'normal';
+
   constructor(
-    private readonly userModel: Model<User>,    
+    private readonly userModel: Model<User>,
     private readonly permModel: Model<Permission>,
     private readonly appModel: Model<Appintegration>,
+    private readonly miniAppInstallationModel: Model<Miniappinstallation>,
   ) {}
 
   setDBSession = (dbsession: ClientSession) => {
@@ -206,14 +214,31 @@ export class UserContext {
     return data;
   };
 
-  
-  setCurrentUserInfo = async (tokenstr: string, xOrg: string,webhookModel:Model<Webhook>) => {
+  getUserToken = () => this.token;
+
+  getMiniApiToken = () => this.miniApiToken;
+
+  getMiniApiTokenInfo = () => this.miniApiTokenInfo;
+
+  setMiniApiToken = (token: string) => {
+    this.miniApiToken = token;
+  };
+
+  setMiniApiTokenInfo = (miniApiTokenInfo: TMiniApiTokenInfo) => {
+    this.miniApiTokenInfo = miniApiTokenInfo;
+  };
+
+  setCurrentUserInfo = async (tokenstr: string, xOrg: string, webhookModel: Model<Webhook>) => {
     this.setXOrg(xOrg);
-    await this.setUserToken(tokenstr);   
-    const wh = await webhookModel.find({branchId:this.getBranchId(),active:true})
+    await this.setUserToken(tokenstr);
+    this.setUserType('normal');
+    const wh = await webhookModel.find({ branchId: this.getBranchId(), active: true });
+
+    if (Array.isArray(wh) && wh.length > 0) this.webhooks = this.webhooks.concat(wh);
+  };
 
-    if(Array.isArray(wh) && wh.length>0)
-      this.webhooks = this.webhooks.concat(wh)
+  setPackage = (packageName: string) => {
+    this.package = packageName;
   };
 
   /**
@@ -267,7 +292,7 @@ export class UserContext {
               as: 'currentTenant',
             },
           },
-          
+
           {
             $unwind: '$currentTenant',
           },
@@ -327,8 +352,6 @@ export class UserContext {
     return userProfile;
   };
 
-  getUserToken = () => this.token;
-
   setUserToken = async (tokenStr: string) => {
     this.logger.debug(`===setUserToken===`);
     // Define token info
@@ -401,8 +424,8 @@ export class UserContext {
       orgId: this.orgId,
     };
   };
-  getWebHooks = ()=> this.webhooks
-  
+  getWebHooks = () => this.webhooks;
+
   getWorkflowTaskFilter() {
     return {
       'data.tenantId': this.tenantId,
@@ -467,6 +490,28 @@ export class UserContext {
     }
   };
 
+  decodeXOrg = (xOrg: string) => {
+    try {
+      const decodedText: string = Base64URL.decodeText(xOrg);
+      const xOrgRealm = decodedText.includes('/') ? decodedText.split('/') : decodedText.split('-');
+
+      const tenantId = Number(xOrgRealm[0]);
+      const orgId = Number(xOrgRealm[1]);
+      const branchId = Number(xOrgRealm[2]);
+      if (xOrgRealm.length == 3 && !isNaN(tenantId) && !isNaN(orgId) && !isNaN(branchId)) {
+        return {
+          tenantId,
+          orgId,
+          branchId,
+        };
+      } else {
+        throw new BadRequestException('invalidXorg');
+      }
+    } catch (err) {
+      throw new BadRequestException(err);
+    }
+  };
+
   async getUserInfo(): Promise<UserInfo> {
     this.logger.debug('===getUserInfo===');
 
@@ -495,6 +540,7 @@ export class UserContext {
       invites: this.getInvites(),
       moreProps: this.getMoreProps(),
       appintegration: this.getAppIntegration(),
+      userType: this.getUserType(),
     };
 
     if (this.getId() != '') {
@@ -749,6 +795,96 @@ export class UserContext {
     this.guestInfo.email = <string>tokeninfo?.email ?? '';
     this.guestInfo.uname = <string>tokeninfo?.preferred_username ?? '';
     this.guestInfo.fullname = <string>tokeninfo?.name ?? '';
+
+    this.setUserType('guest');
+  }
+
+  getUserType = () => this.userType;
+
+  setUserType = (userType: TUserType) => {
+    this.userType = userType;
+  };
+
+  detectMiniAppSdkRequest(req: Request) {
+    if (!isEmpty(req.headers['x-mini-app-dev-portal-app-id'])) {
+      this.setUserType('miniAppSdk');
+    }
+  }
+
+  async setMiniApiUser(tokenStr: string, xOrg: string) {
+    const tokenInfo: TMiniApiTokenInfo = jwt.decode(tokenStr) as TMiniApiTokenInfo;
+    const appId = tokenInfo?.miniAppId ?? '';
+
+    this.setXOrg(xOrg);
+    this.setUserType('miniApi');
+    this.setMiniApiToken(tokenStr);
+    this.setMiniApiTokenInfo(tokenInfo);
+
+    const miniAppInstallation = await this.findIsCentreInstalledMiniApp(appId);
+
+    if (isEmpty(miniAppInstallation.miniApiUser) || isEmpty(miniAppInstallation.miniApiUser.uid)) {
+      throw new ForbiddenException('NOT found connected user');
+    }
+
+    this.token = tokenStr;
+    this.uid = miniAppInstallation.miniApiUser.uid;
+
+    await this.setUserProfileFromDB();
+  }
+
+  async findIsCentreInstalledMiniApp(developerPortalAppId: string) {
+    const miniAppInstallation = await this.miniAppInstallationModel.findOne({
+      'miniApp.developerPortalAppId': developerPortalAppId,
+      isActive: true,
+      tenantId: this.tenantId,
+      orgId: this.orgId,
+      branchId: this.branchId,
+    });
+
+    if (!miniAppInstallation) {
+      throw new ForbiddenException('NOT allowed to access this centre');
+    }
+
+    return miniAppInstallation;
+  }
+
+  async setUserProfileFromDB() {
+    const userProfile = await this.obtainProfileFromDB();
+    if (userProfile) {
+      this.logger.debug(`User ${this.uid} exists in tenant (${this.tenantId})`);
+
+      this._id = userProfile._id.toString();
+      this.email = userProfile.email ?? '';
+      this.uname = userProfile.uname ?? '';
+      this.fullname = userProfile.fullname ?? '';
+
+      this.branchCode = userProfile['branchCode'] ?? '';
+      this.branchName = userProfile['branchName'] ?? '';
+      this.orgCode = userProfile['orgCode'] ?? '';
+      this.orgName = userProfile['orgName'] ?? '';
+      this.timeZone = userProfile['timeZone'] ?? '';
+      this.currency = userProfile['currency'] ?? '';
+      this.country = userProfile['country'] ?? '';
+      this.offsetMinute = userProfile['offsetMinute'] ?? 0;
+      this.orgRecordId = userProfile['orgRecordId'] ?? '';
+      this.branchRecordId = userProfile['branchRecordId'] ?? '';
+      this.groups = userProfile['groups'] ?? [];
+      this.clientSetting = userProfile['clientSetting'] ?? {};
+      this.roles = userProfile['roles'] ?? [Role.Everyone, Role.User];
+      this.moreProps = this.setMoreProps(userProfile);
+      this.package = userProfile['package'];
+      this.appintegration = await this.setAppIntegration();
+    } else {
+      this.logger.debug(`User ${this.uid} not exists in tenant (${this.tenantId})`);
+      this.logger.debug(`Set unknown id of current user`);
+      this.roles = [Role.Everyone, Role.Unknown];
+    }
+
+    if (this.isRealmAdmin() && !this.roles.includes(Role.SuperAdmin)) {
+      this.roles.push(Role.SuperAdmin);
+    }
+
+    this.logger.verbose(`User ${this.uid} have _id (${this.getId()}), groups (${this.groups.join(',')}) and roles (${this.getRoles().join(',')}).`);
   }
 
   getAppIntegration = () => this.appintegration;
@@ -773,6 +909,7 @@ export class UserContext {
     }
     return this.appintegration;
   }
+
   /**
    * Define additional properties from user into moreProps
    */
@@ -927,4 +1064,4 @@ type UserInfo = {
 type UserTenant = User & {
   tenantName: string;
   permissions: Permission[];
-};
+};