@solidstarters/solid-core 1.2.48 → 1.2.49

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@solidstarters/solid-core",
-  "version": "1.2.48",
+  "version": "1.2.49",
   "description": "This module is a NestJS module containing all the required core providers required by a Solid application",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",

package/src/controllers/security-rule.controller.ts

@@ -0,0 +1,93 @@
+import { Controller, Post, Body, Param, UploadedFiles, UseInterceptors, Put, Get, Query, Delete, Patch } from '@nestjs/common';
+import { AnyFilesInterceptor } from "@nestjs/platform-express";
+import { ApiBearerAuth, ApiQuery, ApiTags } from '@nestjs/swagger';
+import { SecurityRuleService } from '../services/security-rule.service';
+import { CreateSecurityRuleDto } from '../dtos/create-security-rule.dto';
+import { UpdateSecurityRuleDto } from '../dtos/update-security-rule.dto';
+
+enum ShowSoftDeleted {
+  INCLUSIVE = "inclusive",
+  EXCLUSIVE = "exclusive",
+}
+
+@ApiTags('Solid Core')
+@Controller('security-rule')
+export class SecurityRuleController {
+  constructor(private readonly service: SecurityRuleService) {}
+
+  @ApiBearerAuth("jwt")
+  @Post()
+  @UseInterceptors(AnyFilesInterceptor())
+  create(@Body() createDto: CreateSecurityRuleDto, @UploadedFiles() files: Array<Express.Multer.File>) {
+    return this.service.create(createDto, files);
+  }
+
+  @ApiBearerAuth("jwt")
+  @Post('/bulk')
+  @UseInterceptors(AnyFilesInterceptor())
+  insertMany(@Body() createDtos: CreateSecurityRuleDto[], @UploadedFiles() filesArray: Express.Multer.File[][] = []) {
+    return this.service.insertMany(createDtos, filesArray);
+  }
+
+
+  @ApiBearerAuth("jwt")
+  @Put(':id')
+  @UseInterceptors(AnyFilesInterceptor())
+  update(@Param('id') id: number, @Body() updateDto: UpdateSecurityRuleDto, @UploadedFiles() files: Array<Express.Multer.File>) {
+    return this.service.update(id, updateDto, files);
+  }
+
+  @ApiBearerAuth("jwt")
+  @Patch(':id')
+  @UseInterceptors(AnyFilesInterceptor())
+  partialUpdate(@Param('id') id: number, @Body() updateDto: UpdateSecurityRuleDto, @UploadedFiles() files: Array<Express.Multer.File>) {
+    return this.service.update(id, updateDto, files, true);
+  }
+
+  @ApiBearerAuth("jwt")
+  @Post('/bulk-recover')
+  async recoverMany(@Body() ids: number[]) {
+    return this.service.recoverMany(ids);
+  }
+
+  @ApiBearerAuth("jwt")
+  @Get('/recover/:id')
+  async recover(@Param('id') id: number) {
+    return this.service.recover(id);
+  }
+    
+  @ApiBearerAuth("jwt")
+  @ApiQuery({ name: 'showSoftDeleted', required: false, enum: ShowSoftDeleted })
+  @ApiQuery({ name: 'limit', required: false, type: Number })
+  @ApiQuery({ name: 'offset', required: false, type: Number })
+  @ApiQuery({ name: 'fields', required: false, type: Array })
+  @ApiQuery({ name: 'sort', required: false, type: Array }) 
+  @ApiQuery({ name: 'groupBy', required: false, type: Array })
+  @ApiQuery({ name: 'populate', required: false, type: Array })
+  @ApiQuery({ name: 'populateMedia', required: false, type: Array })
+  @ApiQuery({ name: 'filters', required: false, type: Array })
+  @Get()
+  async findMany(@Query() query: any) { 
+    return this.service.find(query);  
+  }
+
+  @ApiBearerAuth("jwt")
+  @Get(':id')
+  async findOne(@Param('id') id: string, @Query() query: any) {
+    return this.service.findOne(+id, query);
+  }
+
+  @ApiBearerAuth("jwt")
+  @Delete('/bulk')
+  async deleteMany(@Body() ids: number[]) {
+    return this.service.deleteMany(ids);
+  }
+
+  @ApiBearerAuth("jwt")
+  @Delete(':id')
+  async delete(@Param('id') id: number) {
+    return this.service.delete(id);
+  }
+
+
+}

package/src/dtos/create-model-metadata.dto.ts

@@ -94,4 +94,18 @@ export class CreateModelMetadataDto {
     @ApiProperty({ description: 'System models are not included in the code generation, the assumption being that system models have manually written code.', })
     @IsBoolean()
     isSystem: boolean;
+
+    @ApiProperty({ description: 'Child models are not included in the code generation, the assumption being that child models have manually written code.', })
+    @IsBoolean()
+    isChild: boolean;
+
+    @ApiProperty({ description: 'Parent model id' })
+    @IsInt()
+    @IsOptional()
+    parentModelId: number;
+
+    @ApiProperty({ description: 'Parent model user key' })
+    @IsString()
+    @IsOptional()
+    parentModelUserKey: string;
 }

package/src/dtos/create-security-rule.dto.ts

@@ -0,0 +1,34 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { IsString } from 'class-validator';
+import { IsNotEmpty, IsInt, IsOptional, IsJSON } from 'class-validator';
+
+export class CreateSecurityRuleDto {
+    @IsNotEmpty()
+    @IsString()
+    @ApiProperty()
+    name: string;
+    @IsNotEmpty()
+    @IsString()
+    @ApiProperty()
+    description: string;
+    @IsOptional()
+    @IsInt()
+    @ApiProperty()
+    roleId: number;
+    @IsString()
+    @IsOptional()
+    @ApiProperty()
+    roleUserKey: string;
+    @IsOptional()
+    @IsInt()
+    @ApiProperty()
+    modelMetadataId: number;
+    @IsString()
+    @IsOptional()
+    @ApiProperty()
+    modelMetadataUserKey: string;
+    @IsNotEmpty()
+    @IsJSON()
+    @ApiProperty()
+    securityRuleConfig: any;
+}

package/src/dtos/security-rule-config.dto.ts

@@ -0,0 +1,5 @@
+import { BasicFilterDto } from "./basic-filters.dto";
+
+export interface SecurityRuleConfig {
+    filters: Record<string, any>;
+}

package/src/dtos/update-security-rule.dto.ts

@@ -0,0 +1,39 @@
+import { IsInt,IsOptional, IsString, IsNotEmpty, IsJSON } from 'class-validator';
+import { ApiProperty } from '@nestjs/swagger';
+
+export class UpdateSecurityRuleDto {
+    @IsOptional()
+    @IsInt()
+    id: number;
+    @IsNotEmpty()
+    @IsOptional()
+    @IsString()
+    @ApiProperty()
+    name: string;
+    @IsNotEmpty()
+    @IsOptional()
+    @IsString()
+    @ApiProperty()
+    description: string;
+    @IsOptional()
+    @IsInt()
+    @ApiProperty()
+    roleId: number;
+    @IsString()
+    @IsOptional()
+    @ApiProperty()
+    roleUserKey: string;
+    @IsOptional()
+    @IsInt()
+    @ApiProperty()
+    modelMetadataId: number;
+    @IsString()
+    @IsOptional()
+    @ApiProperty()
+    modelMetadataUserKey: string;
+    @IsNotEmpty()
+    @IsOptional()
+    @IsJSON()
+    @ApiProperty()
+    securityRuleConfig: any;
+}

package/src/entities/model-metadata.entity.ts

@@ -56,4 +56,10 @@ export class ModelMetadata extends CommonEntity {
 
     @Column({ default: false })
     isSystem: boolean;
+
+    @Column({ default: false })
+    isChild: boolean;
+
+    @ManyToOne(() => ModelMetadata, { onDelete: 'CASCADE' })
+    parentModel: ModelMetadata;
 }

package/src/entities/security-rule.entity.ts

@@ -0,0 +1,25 @@
+import { CommonEntity } from 'src/entities/common.entity';
+import { ModelMetadata } from 'src/entities/model-metadata.entity';
+import { RoleMetadata } from 'src/entities/role-metadata.entity';
+import { Column, Entity, Index, JoinColumn, ManyToOne } from 'typeorm';
+
+@Entity("ss_security_rule")
+export class SecurityRule extends CommonEntity {
+    @Index({ unique: true })
+    @Column({ type: "varchar" })
+    name: string;
+    @Index({ unique: true })
+    @Column({ type: "varchar" })
+    description: string;
+    @Index()
+    @ManyToOne(() => RoleMetadata, { onDelete: "CASCADE", nullable: false })
+    @JoinColumn()
+    role: RoleMetadata;
+    @Index()
+    @ManyToOne(() => ModelMetadata, { onDelete: "CASCADE", nullable: false })
+    @JoinColumn()
+    modelMetadata: ModelMetadata;
+    @Column({ type: "text" })
+    securityRuleConfig: any;
+
+}

package/src/entities/user.entity.ts

@@ -1,9 +1,10 @@
 import { CommonEntity } from "src/entities/common.entity"
-import { Entity, Column, Index, JoinTable, ManyToMany, OneToMany } from "typeorm";
+import { Entity, Column, Index, JoinTable, ManyToMany, OneToMany, TableInheritance } from "typeorm";
 import { RoleMetadata } from 'src/entities/role-metadata.entity';
 import { UserViewMetadata } from 'src/entities/user-view-metadata.entity'
 
 @Entity("ss_user")
+@TableInheritance({ column: { type: "varchar", name: "type", default: "User" } })
 export class User extends CommonEntity {
     @Column({ type: "varchar", nullable: true })
     fullName: string;

package/src/helpers/solid-registry.ts

@@ -1,6 +1,7 @@
 import { Injectable } from '@nestjs/common';
 import { InstanceWrapper } from '@nestjs/core/injector/instance-wrapper';
 import { ISelectionProvider, ISelectionProviderContext } from "../interfaces";
+import { SecurityRule } from 'src/entities/security-rule.entity';
 
 type ControllerMetadata = {
   name: string;
@@ -14,6 +15,23 @@ export enum RESERVED_SOLID_KEYWORDS {
   dataSource = "dataSource",
   repository = "repository",
   entityManager = "entityManager",
+  actionMetadata = "actionMetadata",
+  emailAttachment = "emailAttachment",
+  emailTemplate = "emailTemplate",
+  listOfValues = "listOfValues",
+  mediaStorageProvider = "mediaStorageProvider",
+  media = "media",
+  menuItemMetadata = "menuItemMetadata",
+  mqMessageQueue = "mqMessageQueue",
+  mqMessage = "mqMessage",
+  permissionMetadata = "permissionMetadata",
+  roleMetadata = "roleMetadata",
+  securityRule = "securityRule",
+  setting = "setting",
+  smsTemplate = "smsTemplate",
+  userPasswordHistory = "userPasswordHistory",
+  userMetadata = "userMetadata",
+  user = "user",
 }
 
 @Injectable()
@@ -24,6 +42,7 @@ export class SolidRegistry {
   private solidDatabaseModules: Set<InstanceWrapper> = new Set();
   private controllers: Set<ControllerMetadata> = new Set();
   private modules : Set<InstanceWrapper> = new Set();
+  private securityRules: SecurityRule[] = [];
 
   registerController(name: string, methodNames: string[]): void {
     this.controllers.add({ name: name, methods: methodNames });
@@ -92,4 +111,19 @@ export class SolidRegistry {
     const module = this.getModules().filter((module) => module.name === name).pop();
     return module
   }
+
+  registerSecurityRules(securityRules: SecurityRule[]) {
+    this.securityRules = securityRules;
+  }
+
+  getSecurityRules(modelSingularName:string, roleNames: string[] = []): SecurityRule[] {
+    // If no role is provided, return all security rules for the model
+    if (roleNames.length === 0) {
+      return this.securityRules.filter((rule) => rule.modelMetadata.singularName === modelSingularName);
+    }
+    // If roles are provided, filter the security rules by model and roles
+    return this.securityRules.filter((rule) => {
+      return rule.modelMetadata.singularName === modelSingularName && roleNames.includes(rule.role.name);
+    });
+  }
 }

package/src/index.ts

@@ -78,6 +78,8 @@ export * from './dtos/update-user.dto'
 export * from './dtos/update-view-metadata.dto'
 export * from './dtos/create-setting.dto'
 export * from './dtos/update-setting.dto'
+export * from './dtos/create-security-rule.dto'
+export * from './dtos/update-security-rule.dto'
 
 
 export * from './entities/action-metadata.entity'
@@ -101,6 +103,7 @@ export * from './entities/user.entity'
 export * from './entities/view-metadata.entity'
 export * from './entities/setting.entity'
 export * from './entities/user-view-metadata.entity'
+export * from './entities/security-rule.entity'
 
 export * from './enums/auth-type.enum'
 
@@ -214,6 +217,12 @@ export * from './services/user.service'
 export * from './services/view-metadata.service'
 export * from './services/whatsapp/Msg91WhatsappService' //rename
 export * from './services/setting.service'
+export * from './services/security-rule.service'
+export * from './services/request-context.service'
+
+// Repositories
+export * from './repository/solid-base.repository'
+export * from './repository/security-rule.repository'
 
 
 //softDeleteAwareEventSubscriber.subscriber.ts

package/src/interfaces.ts

@@ -10,6 +10,7 @@ import { CreateRoleMetadataDto } from './dtos/create-role-metadata.dto';
 import { CreateViewMetadataDto } from './dtos/create-view-metadata.dto';
 import { FieldMetadata } from './entities/field-metadata.entity';
 import { Media } from './entities/media.entity';
+import { CreateSecurityRuleDto } from './dtos/create-security-rule.dto';
 
 export interface FieldCrudManager {
   // fieldMetadata: FieldMetadata;
@@ -46,6 +47,7 @@ export interface ModuleMetadataConfiguration {
     emailTemplates?: CreateEmailTemplateDto[],
     smsTemplates?: CreateSmsTemplateDto[],
     mediaStorageProviders?: CreateMediaStorageProviderMetadataDto[]
+    securityRules?: CreateSecurityRuleDto[],
 }
 
 export interface CodeGenerationOptions {

package/src/repository/security-rule.repository.ts

@@ -0,0 +1,135 @@
+import { Injectable, Logger } from '@nestjs/common';
+import { CreateSecurityRuleDto } from 'src/dtos/create-security-rule.dto';
+import { SecurityRuleConfig } from 'src/dtos/security-rule-config.dto';
+import { UpdateSecurityRuleDto } from 'src/dtos/update-security-rule.dto';
+import { CommonEntity } from 'src/entities/common.entity';
+import { ModelMetadata } from 'src/entities/model-metadata.entity';
+import { RoleMetadata } from 'src/entities/role-metadata.entity';
+import { SecurityRule } from 'src/entities/security-rule.entity';
+import { SolidRegistry } from 'src/helpers/solid-registry';
+import { ActiveUserData } from 'src/interfaces/active-user-data.interface';
+import { CrudHelperService } from 'src/services/crud-helper.service';
+import { DataSource, Repository, SelectQueryBuilder } from 'typeorm';
+
+@Injectable()
+export class SecurityRuleRepository extends Repository<SecurityRule> {
+    private readonly logger = new Logger(SecurityRuleRepository.name);
+    constructor(
+        private dataSource: DataSource,
+        private readonly solidRegistry: SolidRegistry,
+        private readonly crudHelperService: CrudHelperService,
+    ) {
+        super(SecurityRule, dataSource.createEntityManager());
+    }
+
+    applySecurityRules<T extends CommonEntity>(qb: SelectQueryBuilder<T>, modelSingularName: string, activeUser: ActiveUserData,): SelectQueryBuilder<T> {
+        // Fetch the security rules for the model and roles
+        const securityRules = this.solidRegistry.getSecurityRules(modelSingularName, activeUser.roles);
+
+        // Loop through the security rules and add only rules that are json parseable and have a rule
+        securityRules.forEach((rule: SecurityRule) => {
+            try {
+                // Parse the security rule and call the buildFilter method to build the query from the security rule
+                const parsedRule = JSON.parse(this.resolveSecurityRuleConfig(rule.securityRuleConfig, activeUser)) as SecurityRuleConfig;
+                if (parsedRule && parsedRule.filters) {
+                    this.crudHelperService.buildFilterQuery(qb, parsedRule, qb.alias);
+                }
+            } catch (error) {
+                this.logger.warn(`Error parsing security rule: ${rule.securityRuleConfig}`, error);
+            }
+        });
+
+        return qb;
+    }
+
+
+    private resolveSecurityRuleConfig(configString: string, activeUser: ActiveUserData) {
+        return configString.replace('$activeUserId', activeUser.sub.toString());
+    }
+
+    async toDto(securityRule: SecurityRule): Promise<UpdateSecurityRuleDto> {
+        // load the role and model relations for the security rule
+        let populatedSecurityRule: SecurityRule = securityRule;
+        // If the security rule does not have the role and model relations loaded, load them
+        if (!securityRule.role || !securityRule.modelMetadata) {
+            populatedSecurityRule = await this.findOne({
+                where: {
+                    id: securityRule.id,
+                },
+                relations: {
+                    role: true,
+                    modelMetadata: true,
+                },
+            });
+        }
+
+        return {
+            id: populatedSecurityRule.id,
+            name: populatedSecurityRule.name,
+            description: populatedSecurityRule.description,
+            roleId: populatedSecurityRule.role.id,
+            roleUserKey: populatedSecurityRule.role.name,
+            modelMetadataId: populatedSecurityRule.modelMetadata.id,
+            modelMetadataUserKey: populatedSecurityRule.modelMetadata.singularName,
+            securityRuleConfig: populatedSecurityRule.securityRuleConfig,
+        };
+    }
+
+    async upsertWithDto(createDto: CreateSecurityRuleDto) {
+        // Populate the role from roleId or roleUserKey
+        const roleRepository = this.dataSource.getRepository(RoleMetadata);
+        if (!createDto.roleId) {
+            const role = await roleRepository.findOne({
+                where: {
+                    id: createDto.roleId,
+                },
+            });
+            createDto['role'] = role;
+        } 
+
+        if (createDto.roleUserKey) {
+            const role = await roleRepository.findOne({
+                where: {
+                    name: createDto.roleUserKey,
+                },
+            });
+            createDto['role'] = role;
+        }
+
+        // Populate the model from modelMetadataId or modelMetadataUserKey
+        const modelMetadataRepository = this.dataSource.getRepository(ModelMetadata);
+        if (!createDto.modelMetadataId) {
+            const modelMetadata = await modelMetadataRepository.findOne({
+                where: {
+                    id: createDto.modelMetadataId,
+                },
+            });
+            createDto['modelMetadata'] = modelMetadata;
+        }
+        if (createDto.modelMetadataUserKey) {
+            const modelMetadata = await modelMetadataRepository.findOne({
+                where: {
+                    singularName: createDto.modelMetadataUserKey,
+                },
+            });
+            createDto['modelMetadata'] = modelMetadata;
+        }
+
+        // First check if module already exists using name
+        const existingSecurityRule = await this.findOne({
+            where: {
+                name: createDto.name,
+            },
+        });
+
+        if (existingSecurityRule) {
+            const updatedSecurityRule = this.merge(existingSecurityRule, createDto);
+            return this.save(updatedSecurityRule);
+        }
+        else {
+            const securityRule = this.create(createDto);
+            return this.save(securityRule);
+        }
+    }
+
+}

package/src/repository/solid-base.repository.ts

@@ -0,0 +1,45 @@
+import { camelize } from '@angular-devkit/core/src/utils/strings';
+import { Logger } from '@nestjs/common';
+import { CommonEntity } from 'src/entities/common.entity';
+import { ActiveUserData } from 'src/interfaces/active-user-data.interface';
+import { RequestContextService } from 'src/services/request-context.service';
+import {
+    DataSource,
+    EntityTarget,
+    QueryRunner,
+    Repository,
+    SelectQueryBuilder
+} from 'typeorm';
+import { SecurityRuleRepository } from './security-rule.repository';
+
+export class SolidBaseRepository<T extends CommonEntity> extends Repository<T> {
+    protected readonly logger: Logger;
+
+    constructor(
+        entity: EntityTarget<T>,
+        dataSource: DataSource,
+        protected readonly requestContextService: RequestContextService,
+        protected readonly securityRuleRepository: SecurityRuleRepository
+    ) {
+        super(entity, dataSource.createEntityManager());
+        this.logger = new Logger(this.constructor.name);
+    }
+
+    modelSingularName(): string {
+        return camelize(this.metadata.name);
+    }
+
+    createQueryBuilder(alias?: string, queryRunner?: QueryRunner): SelectQueryBuilder<T> {
+        const activeUserOrUndefined = this.requestContextService.getActiveUser();
+        const qb = super.createQueryBuilder(alias, queryRunner);
+        if (!activeUserOrUndefined) return qb;
+
+        return this.securityRuleRepository.applySecurityRules(
+            qb,
+            this.modelSingularName(),
+            activeUserOrUndefined as ActiveUserData
+        );
+    }
+
+
+}

package/src/seeders/module-metadata-seeder.service.ts

@@ -32,6 +32,8 @@ import commonConfig from 'src/config/common.config';
 import { CreateSettingDto } from 'src/dtos/create-setting.dto';
 import { SettingService } from 'src/services/setting.service';
 import { Setting } from 'src/entities/setting.entity';
+import { CreateSecurityRuleDto } from 'src/dtos/create-security-rule.dto';
+import { SecurityRuleRepository } from 'src/repository/security-rule.repository';
 
 @Injectable()
 export class ModuleMetadataSeederService {
@@ -62,6 +64,7 @@ export class ModuleMetadataSeederService {
         private readonly service: SettingService,
         @InjectRepository(Setting, 'default')
         readonly settingsRepo: Repository<Setting>,
+        readonly securityRuleRepo: SecurityRuleRepository,
     ) { }
 
     async seed() {
@@ -190,11 +193,17 @@ export class ModuleMetadataSeederService {
             await this.seedSmsTemplates(smsTemplates);
             this.logger.debug(`[End] Processing sms templates for ${moduleMetadata.name}`);
 
-            // Sms templates
+            // Settings
             this.logger.debug(`[Start] Processing settings for ${moduleMetadata.name}`);
             await this.seedSettings(settingsSeederData);
             this.logger.debug(`[End] Processing settings for ${moduleMetadata.name}`);
 
+            // Security rules
+            this.logger.debug(`[Start] Processing security rules for ${moduleMetadata.name}`);
+            const securityRules: CreateSecurityRuleDto[] = overallMetadata.securityRules;
+            await this.seedSecurityRules(securityRules);
+            this.logger.debug(`[End] Processing security rules for ${moduleMetadata.name}`);
+
             this.logger.debug(`[End] module seed data: ${overallMetadata}`);
 
         }
@@ -449,6 +458,13 @@ export class ModuleMetadataSeederService {
             // const fieldsMetadata = modelMetdata.fields;
             // delete modelMetdata['fields'];
             const { fields: fieldsMetadata, ...modelMetaDataWithoutFields } = modelMetadata;
+
+            // Load and set the parent model if it exists.
+            if (modelMetadata.isChild && modelMetadata.parentModelUserKey) {
+                const parentModel = await this.modelMetadataService.findOneByUserKey(modelMetadata.parentModelUserKey);
+                modelMetaDataWithoutFields['parentModel'] = parentModel;
+            }
+
             await this.modelMetadataService.upsert(modelMetaDataWithoutFields);
             const model = await this.modelMetadataService.findOneBySingularName(modelMetadata.singularName)
 
@@ -486,4 +502,15 @@ export class ModuleMetadataSeederService {
             this.service.create(createDto);
         }
     }
+
+    async seedSecurityRules(rulesDto: CreateSecurityRuleDto[]) {
+        if (!rulesDto || rulesDto.length === 0) {
+            this.logger.debug(`No security rules found to seed`);
+            return;
+        }
+        for (const dto of rulesDto) {
+            await this.securityRuleRepo.upsertWithDto({...dto, securityRuleConfig: JSON.stringify(dto.securityRuleConfig)});
+        }
+    }
+
 }