@spinajs/rbac-http 1.2.125 → 1.2.136

package/lib/http/src/interfaces.js

@@ -0,0 +1,222 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DataTransformer = exports.BasePolicy = exports.BaseMiddleware = exports.ParameterType = exports.UuidVersion = exports.RouteType = exports.HTTP_STATUS_CODE = exports.ServerMiddleware = exports.HttpAcceptHeaders = void 0;
+const di_1 = require("@spinajs/di");
+/**
+ * Accept header enum
+ */
+var HttpAcceptHeaders;
+(function (HttpAcceptHeaders) {
+    /**
+     * Accept header for JSON
+     */
+    HttpAcceptHeaders[HttpAcceptHeaders["JSON"] = 1] = "JSON";
+    /**
+     * Accept header for HTML
+     */
+    HttpAcceptHeaders[HttpAcceptHeaders["HTML"] = 2] = "HTML";
+    /**
+     * Accept header for XML
+     */
+    HttpAcceptHeaders[HttpAcceptHeaders["XML"] = 4] = "XML";
+    /**
+     * Accept all accept headers shorcut
+     */
+    HttpAcceptHeaders[HttpAcceptHeaders["ALL"] = 7] = "ALL";
+})(HttpAcceptHeaders = exports.HttpAcceptHeaders || (exports.HttpAcceptHeaders = {}));
+class ServerMiddleware extends di_1.AsyncModule {
+}
+exports.ServerMiddleware = ServerMiddleware;
+/**
+ * HTTP response statuses
+ */
+var HTTP_STATUS_CODE;
+(function (HTTP_STATUS_CODE) {
+    /**
+     * All ok with content
+     */
+    HTTP_STATUS_CODE[HTTP_STATUS_CODE["OK"] = 200] = "OK";
+    /**
+     * Request is OK and new resource has been created.
+     */
+    HTTP_STATUS_CODE[HTTP_STATUS_CODE["CREATED"] = 201] = "CREATED";
+    /**
+     * Request is accepted, but has not been completed yet.
+     */
+    HTTP_STATUS_CODE[HTTP_STATUS_CODE["ACCEPTED"] = 202] = "ACCEPTED";
+    /**
+     * ALl is ok & no content to return
+     */
+    HTTP_STATUS_CODE[HTTP_STATUS_CODE["NO_CONTENT"] = 204] = "NO_CONTENT";
+    /**
+     * The server is delivering only part of the resource (byte serving) due to a range header
+     * sent by the client. The range header is used by HTTP clients to enable resuming of
+     * interrupted downloads, or split a download into multiple simultaneous streams.
+     */
+    HTTP_STATUS_CODE[HTTP_STATUS_CODE["PARTIAL_CONTENT"] = 206] = "PARTIAL_CONTENT";
+    /**
+     * Resource is not modified
+     */
+    HTTP_STATUS_CODE[HTTP_STATUS_CODE["NOT_MODIFIED"] = 304] = "NOT_MODIFIED";
+    /**
+     * Invalid request, eg. invalid parameters
+     */
+    HTTP_STATUS_CODE[HTTP_STATUS_CODE["BAD_REQUEST"] = 400] = "BAD_REQUEST";
+    /**
+     * Auth required
+     */
+    HTTP_STATUS_CODE[HTTP_STATUS_CODE["UNAUTHORIZED"] = 401] = "UNAUTHORIZED";
+    /**
+     * No permission
+     */
+    HTTP_STATUS_CODE[HTTP_STATUS_CODE["FORBIDDEN"] = 403] = "FORBIDDEN";
+    /**
+     * Resource not found
+     */
+    HTTP_STATUS_CODE[HTTP_STATUS_CODE["NOT_FOUND"] = 404] = "NOT_FOUND";
+    /**
+     * Not acceptable request headers (Accept header)
+     */
+    HTTP_STATUS_CODE[HTTP_STATUS_CODE["NOT_ACCEPTABLE"] = 406] = "NOT_ACCEPTABLE";
+    /**
+     * Conflict
+     */
+    HTTP_STATUS_CODE[HTTP_STATUS_CODE["CONFLICT"] = 409] = "CONFLICT";
+    /**
+     * Internal server error.
+     */
+    HTTP_STATUS_CODE[HTTP_STATUS_CODE["INTERNAL_ERROR"] = 500] = "INTERNAL_ERROR";
+    /**
+     * Method not implemented
+     */
+    HTTP_STATUS_CODE[HTTP_STATUS_CODE["NOT_IMPLEMENTED"] = 501] = "NOT_IMPLEMENTED";
+})(HTTP_STATUS_CODE = exports.HTTP_STATUS_CODE || (exports.HTTP_STATUS_CODE = {}));
+/**
+ * Avaible route types, match HTTP methods
+ */
+var RouteType;
+(function (RouteType) {
+    /**
+     * POST method - used to create new resource or send data to server
+     */
+    RouteType["POST"] = "post";
+    /**
+     * GET method - used to retrieve data from server
+     */
+    RouteType["GET"] = "get";
+    /**
+     * PUT method - used to updates resource
+     */
+    RouteType["PUT"] = "put";
+    /**
+     * DELETE method - used to delete resource
+     */
+    RouteType["DELETE"] = "delete";
+    /**
+     * PATCH method - used to partially update resource eg. one field
+     */
+    RouteType["PATCH"] = "patch";
+    /**
+     * HEAD method - same as get, but returns no data. usefull for checking if resource exists etc.
+     */
+    RouteType["HEAD"] = "head";
+    /**
+     * FILE method - spine special route type. Internall its simple GET method, but informs that specified route returns binary file
+     */
+    RouteType["FILE"] = "file";
+    RouteType["UNKNOWN"] = "unknown";
+})(RouteType = exports.RouteType || (exports.RouteType = {}));
+var UuidVersion;
+(function (UuidVersion) {
+    UuidVersion[UuidVersion["v1"] = 0] = "v1";
+    UuidVersion[UuidVersion["v3"] = 1] = "v3";
+    UuidVersion[UuidVersion["v4"] = 2] = "v4";
+    UuidVersion[UuidVersion["v5"] = 3] = "v5";
+})(UuidVersion = exports.UuidVersion || (exports.UuidVersion = {}));
+/**
+ * Avaible route parameters type
+ */
+var ParameterType;
+(function (ParameterType) {
+    /**
+     * Parameter is injected from DI container & resolved
+     */
+    ParameterType["FromDi"] = "FromDi";
+    /**
+     * Parameter value is taken from query string eg. `?name=flavio`
+     */
+    ParameterType["FromQuery"] = "FromQuery";
+    /**
+     * From message body, eg. POST json object
+     */
+    ParameterType["FromBody"] = "FromBody";
+    /**
+     * From url params eg: `/:id`
+     */
+    ParameterType["FromParams"] = "FromParams";
+    /**
+     * From form file field
+     */
+    ParameterType["FromFile"] = "FromFile";
+    /**
+     * From form
+     */
+    ParameterType["FromForm"] = "FromForm";
+    /**
+     * From cvs file
+     */
+    ParameterType["FromCSV"] = "FromCSV";
+    /**
+     * From JSON file
+     */
+    ParameterType["FromJSONFile"] = "FromJSONFile";
+    /**
+     * From form field
+     */
+    ParameterType["FormField"] = "FromFormField";
+    /**
+     * From model object
+     */
+    ParameterType["FromModel"] = "FromModel";
+    /**
+     * Data from coockie
+     */
+    ParameterType["FromCookie"] = "FromCookie";
+    /**
+     * From http header
+     */
+    ParameterType["FromHeader"] = "FromHeader";
+    /**
+     * Req from express
+     */
+    ParameterType["Req"] = "ArgAsRequest";
+    // Res from express
+    ParameterType["Res"] = "ArgAsResponse";
+})(ParameterType = exports.ParameterType || (exports.ParameterType = {}));
+/**
+ * Middlewares are classes that can change request object or perform specific task before & after route execution
+ * eg. route parameter logging / headers check etc.
+ */
+class BaseMiddleware {
+}
+exports.BaseMiddleware = BaseMiddleware;
+/**
+ * Base class for policies.
+ *
+ * Policies checks if route can be executed eg. user have proper role
+ */
+class BasePolicy {
+}
+exports.BasePolicy = BasePolicy;
+/**
+ * Base class for data transformers.
+ *
+ * Data formatter helps transforms data for desired format.
+ * Eg. we have API function that returns some data, but we want
+ * to easily transform data for some client
+ * eg. plain array to format that datatables.net can easily read
+ */
+class DataTransformer {
+}
+exports.DataTransformer = DataTransformer;
+//# sourceMappingURL=interfaces.js.map

package/lib/http/src/interfaces.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"interfaces.js","sourceRoot":"","sources":["../../../../http/src/interfaces.ts"],"names":[],"mappings":";;;AACA,oCAAuD;AAGvD;;GAEG;AACH,IAAY,iBAoBX;AApBD,WAAY,iBAAiB;IAC3B;;OAEG;IACH,yDAAQ,CAAA;IAER;;OAEG;IACH,yDAAQ,CAAA;IAER;;OAEG;IACH,uDAAO,CAAA;IAEP;;OAEG;IACH,uDAAe,CAAA;AACjB,CAAC,EApBW,iBAAiB,GAAjB,yBAAiB,KAAjB,yBAAiB,QAoB5B;AAsCD,MAAsB,gBAAiB,SAAQ,gBAAW;CAKzD;AALD,4CAKC;AAED;;GAEG;AACH,IAAY,gBAwEX;AAxED,WAAY,gBAAgB;IAC1B;;OAEG;IACH,qDAAQ,CAAA;IAER;;OAEG;IACH,+DAAa,CAAA;IAEb;;OAEG;IACH,iEAAc,CAAA;IAEd;;OAEG;IACH,qEAAgB,CAAA;IAEhB;;;;OAIG;IACH,+EAAqB,CAAA;IAErB;;OAEG;IACH,yEAAkB,CAAA;IAElB;;OAEG;IACH,uEAAiB,CAAA;IAEjB;;OAEG;IACH,yEAAkB,CAAA;IAElB;;OAEG;IACH,mEAAe,CAAA;IAEf;;OAEG;IACH,mEAAe,CAAA;IAEf;;OAEG;IACH,6EAAoB,CAAA;IAEpB;;OAEG;IACH,iEAAc,CAAA;IAEd;;OAEG;IACH,6EAAoB,CAAA;IAEpB;;OAEG;IACH,+EAAqB,CAAA;AACvB,CAAC,EAxEW,gBAAgB,GAAhB,wBAAgB,KAAhB,wBAAgB,QAwE3B;AAED;;GAEG;AACH,IAAY,SAqCX;AArCD,WAAY,SAAS;IACnB;;OAEG;IACH,0BAAa,CAAA;IAEb;;OAEG;IACH,wBAAW,CAAA;IAEX;;OAEG;IACH,wBAAW,CAAA;IAEX;;OAEG;IACH,8BAAiB,CAAA;IAEjB;;OAEG;IACH,4BAAe,CAAA;IAEf;;OAEG;IACH,0BAAa,CAAA;IAEb;;OAEG;IACH,0BAAa,CAAA;IAEb,gCAAmB,CAAA;AACrB,CAAC,EArCW,SAAS,GAAT,iBAAS,KAAT,iBAAS,QAqCpB;AAED,IAAY,WAKX;AALD,WAAY,WAAW;IACrB,yCAAE,CAAA;IACF,yCAAE,CAAA;IACF,yCAAE,CAAA;IACF,yCAAE,CAAA;AACJ,CAAC,EALW,WAAW,GAAX,mBAAW,KAAX,mBAAW,QAKtB;AAED;;GAEG;AACH,IAAY,aAoEX;AApED,WAAY,aAAa;IACvB;;OAEG;IACH,kCAAiB,CAAA;IAEjB;;OAEG;IACH,wCAAuB,CAAA;IAEvB;;OAEG;IACH,sCAAqB,CAAA;IAErB;;OAEG;IACH,0CAAyB,CAAA;IAEzB;;OAEG;IACH,sCAAqB,CAAA;IAErB;;OAEG;IACH,sCAAqB,CAAA;IAErB;;OAEG;IACH,oCAAmB,CAAA;IAEnB;;OAEG;IACH,8CAA6B,CAAA;IAE7B;;OAEG;IACH,4CAA2B,CAAA;IAE3B;;OAEG;IACH,wCAAuB,CAAA;IAEvB;;OAEG;IACH,0CAAyB,CAAA;IAEzB;;OAEG;IACH,0CAAyB,CAAA;IAEzB;;OAEG;IACH,qCAAoB,CAAA;IAEpB,mBAAmB;IACnB,sCAAqB,CAAA;AACvB,CAAC,EApEW,aAAa,GAAb,qBAAa,KAAb,qBAAa,QAoExB;AA0KD;;;GAGG;AACH,MAAsB,cAAc;CAenC;AAfD,wCAeC;AAWD;;;;GAIG;AACH,MAAsB,UAAU;CAgB/B;AAhBD,gCAgBC;AA2BD;;;;;;;GAOG;AACH,MAAsB,eAAe;CASpC;AATD,0CASC"}

package/lib/interfaces.d.ts

@@ -1,5 +1,5 @@
 export declare type PermissionType = 'readAny' | 'readOwn' | 'updateAny' | 'updateOwn' | 'deleteAny' | 'deleteOwn' | 'createAny' | 'createOwn';
-export interface IAclDescriptor {
+export interface IRbacDescriptor {
     /**
      * Resource name
      */
@@ -13,9 +13,9 @@ export interface IAclDescriptor {
     /**
      * Per routes permissions
      */
-    Routes: Map<string, IAclRoutePermissionDescriptor>;
+    Routes: Map<string, IRbacRoutePermissionDescriptor>;
 }
-export interface IAclRoutePermissionDescriptor {
+export interface IRbacRoutePermissionDescriptor {
     /**
      * controller route permission. It overrides acl descriptor options
      */

package/lib/policies.d.ts

@@ -1,9 +1,13 @@
-import { AccessControl } from '@spinajs/rbac';
+import { AccessControl, Permission } from 'accesscontrol';
 import { BasePolicy, IController, IRoute } from '@spinajs/http';
 import * as express from 'express';
-export declare class AclPolicy extends BasePolicy {
+import { User } from '@spinajs/rbac';
+export declare class RbacPolicy extends BasePolicy {
     protected Ac: AccessControl;
     constructor();
     isEnabled(_action: IRoute, _instance: IController): boolean;
     execute(req: express.Request, action: IRoute, instance: IController): Promise<void>;
 }
+export declare function checkRbacPermission(role: string | string[], resource: string, permission: string): Permission;
+export declare function checkUserPermission(user: User, resource: string, permission: string): Permission;
+export declare function checkRoutePermission(req: express.Request, resource: string, permission: string): Permission;

package/lib/policies.js

@@ -1,11 +1,11 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.AclPolicy = void 0;
+exports.checkRoutePermission = exports.checkUserPermission = exports.checkRbacPermission = exports.RbacPolicy = void 0;
 const http_1 = require("@spinajs/http");
 const exceptions_1 = require("@spinajs/exceptions");
 const decorators_1 = require("./decorators");
 const di_1 = require("@spinajs/di");
-class AclPolicy extends http_1.BasePolicy {
+class RbacPolicy extends http_1.BasePolicy {
     constructor() {
         super();
         this.Ac = di_1.DI.get('AccessControl');
@@ -28,10 +28,30 @@ class AclPolicy extends http_1.BasePolicy {
         if (!req.User) {
             throw new exceptions_1.AuthenticationFailed();
         }
-        if (!this.Ac.can(req.User.Role.split(',')).resource(descriptor.Resource)[permission]()) {
+        if (!checkRoutePermission(req, descriptor.Resource, permission).granted) {
             throw new exceptions_1.Forbidden(`role(s) ${req.User.Role} does not have permission ${permission} for resource ${descriptor.Resource}`);
         }
     }
 }
-exports.AclPolicy = AclPolicy;
+exports.RbacPolicy = RbacPolicy;
+function checkRbacPermission(role, resource, permission) {
+    const ac = di_1.DI.get('AccessControl');
+    return ac.can(role)[permission](resource);
+}
+exports.checkRbacPermission = checkRbacPermission;
+function checkUserPermission(user, resource, permission) {
+    const ac = di_1.DI.get('AccessControl');
+    if (!user) {
+        return null;
+    }
+    return ac.can(user.Role.split(','))[permission](resource);
+}
+exports.checkUserPermission = checkUserPermission;
+function checkRoutePermission(req, resource, permission) {
+    if (!req.User) {
+        return null;
+    }
+    return checkUserPermission(req.User, resource, permission);
+}
+exports.checkRoutePermission = checkRoutePermission;
 //# sourceMappingURL=policies.js.map

package/lib/policies.js.map

@@ -1 +1 @@
-{"version":3,"file":"policies.js","sourceRoot":"","sources":["../src/policies.ts"],"names":[],"mappings":";;;AACA,wCAAgE;AAEhE,oDAAsE;AACtE,6CAAyD;AAEzD,oCAAiC;AAEjC,MAAa,SAAU,SAAQ,iBAAU;IAGvC;QACE,KAAK,EAAE,CAAC;QAER,IAAI,CAAC,EAAE,GAAG,OAAE,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;IACpC,CAAC;IAEM,SAAS,CAAC,OAAe,EAAE,SAAsB;QACtD,0BAA0B;QAC1B,OAAO,IAAI,CAAC;IACd,CAAC;IAEM,KAAK,CAAC,OAAO,CAAC,GAAoB,EAAE,MAAc,EAAE,QAAqB;;QAC9E,MAAM,UAAU,GAAmB,OAAO,CAAC,WAAW,CAAC,sCAAyB,EAAE,QAAQ,CAAC,CAAC;QAC5F,IAAI,UAAU,GAAG,MAAA,UAAU,CAAC,UAAU,mCAAI,EAAE,CAAC;QAE7C,wCAAwC;QACxC,IAAI,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE;YACxC,UAAU,GAAG,MAAA,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,UAAU,mCAAI,EAAE,CAAC;SACpE;QAED,IAAI,CAAC,UAAU,IAAI,CAAC,UAAU,CAAC,UAAU,EAAE;YACzC,MAAM,IAAI,sBAAS,CAAC,2CAA2C,CAAC,CAAC;SAClE;QAED,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE;YACb,MAAM,IAAI,iCAAoB,EAAE,CAAC;SAClC;QAED,IAAI,CAAE,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,QAAQ,CAAS,CAAC,UAAU,CAAC,EAAE,EAAE;YAC/F,MAAM,IAAI,sBAAS,CAAC,WAAW,GAAG,CAAC,IAAI,CAAC,IAAI,6BAA6B,UAAU,iBAAiB,UAAU,CAAC,QAAQ,EAAE,CAAC,CAAC;SAC5H;IACH,CAAC;CACF;AAnCD,8BAmCC"}
+{"version":3,"file":"policies.js","sourceRoot":"","sources":["../src/policies.ts"],"names":[],"mappings":";;;AACA,wCAAgE;AAEhE,oDAAsE;AACtE,6CAAyD;AAEzD,oCAAiC;AAGjC,MAAa,UAAW,SAAQ,iBAAU;IAGxC;QACE,KAAK,EAAE,CAAC;QAER,IAAI,CAAC,EAAE,GAAG,OAAE,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;IACpC,CAAC;IAEM,SAAS,CAAC,OAAe,EAAE,SAAsB;QACtD,0BAA0B;QAC1B,OAAO,IAAI,CAAC;IACd,CAAC;IAEM,KAAK,CAAC,OAAO,CAAC,GAAoB,EAAE,MAAc,EAAE,QAAqB;;QAC9E,MAAM,UAAU,GAAoB,OAAO,CAAC,WAAW,CAAC,sCAAyB,EAAE,QAAQ,CAAC,CAAC;QAC7F,IAAI,UAAU,GAAG,MAAA,UAAU,CAAC,UAAU,mCAAI,EAAE,CAAC;QAE7C,wCAAwC;QACxC,IAAI,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE;YACxC,UAAU,GAAG,MAAA,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,UAAU,mCAAI,EAAE,CAAC;SACpE;QAED,IAAI,CAAC,UAAU,IAAI,CAAC,UAAU,CAAC,UAAU,EAAE;YACzC,MAAM,IAAI,sBAAS,CAAC,2CAA2C,CAAC,CAAC;SAClE;QAED,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE;YACb,MAAM,IAAI,iCAAoB,EAAE,CAAC;SAClC;QAED,IAAI,CAAC,oBAAoB,CAAC,GAAG,EAAE,UAAU,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC,OAAO,EAAE;YACvE,MAAM,IAAI,sBAAS,CAAC,WAAW,GAAG,CAAC,IAAI,CAAC,IAAI,6BAA6B,UAAU,iBAAiB,UAAU,CAAC,QAAQ,EAAE,CAAC,CAAC;SAC5H;IACH,CAAC;CACF;AAnCD,gCAmCC;AAED,SAAgB,mBAAmB,CAAC,IAAuB,EAAE,QAAgB,EAAE,UAAkB;IAC/F,MAAM,EAAE,GAAG,OAAE,CAAC,GAAG,CAAgB,eAAe,CAAC,CAAC;IAClD,OAAQ,EAAE,CAAC,GAAG,CAAC,IAAI,CAAS,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,CAAC;AACrD,CAAC;AAHD,kDAGC;AAED,SAAgB,mBAAmB,CAAC,IAAU,EAAE,QAAgB,EAAE,UAAkB;IAClF,MAAM,EAAE,GAAG,OAAE,CAAC,GAAG,CAAgB,eAAe,CAAC,CAAC;IAElD,IAAI,CAAC,IAAI,EAAE;QACT,OAAO,IAAI,CAAC;KACb;IAED,OAAQ,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAS,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,CAAC;AACrE,CAAC;AARD,kDAQC;AAED,SAAgB,oBAAoB,CAAC,GAAoB,EAAE,QAAgB,EAAE,UAAkB;IAC7F,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE;QACb,OAAO,IAAI,CAAC;KACb;IAED,OAAO,mBAAmB,CAAC,GAAG,CAAC,IAAI,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAC;AAC7D,CAAC;AAND,oDAMC"}

package/lib/rbac-http/src/augumentation.d.ts

@@ -0,0 +1,7 @@
+import '@spinajs/http';
+import { User } from '@spinajs/rbac';
+declare module '@spinajs/http' {
+    interface IActionLocalStoregeContext {
+        user: User;
+    }
+}

package/lib/rbac-http/src/augumentation.js

@@ -0,0 +1,4 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+require("@spinajs/http");
+//# sourceMappingURL=augumentation.js.map

package/lib/rbac-http/src/augumentation.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"augumentation.js","sourceRoot":"","sources":["../../../src/augumentation.ts"],"names":[],"mappings":";;AAAA,yBAAuB"}

package/lib/rbac-http/src/config/rbac-http.d.ts

@@ -0,0 +1 @@
+export {};

package/lib/rbac-http/src/config/rbac-http.js

@@ -0,0 +1,21 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const path_1 = require("path");
+function dir(path) {
+    return (0, path_1.resolve)((0, path_1.normalize)((0, path_1.join)(__dirname, path)));
+}
+module.exports = {
+    system: {
+        dirs: {
+            controllers: [dir('./../controllers')],
+            locales: [dir('./../locales')],
+            views: [dir('./../views')],
+        },
+    },
+    http: {
+        middlewares: [
+        // add global user from session middleware
+        ],
+    },
+};
+//# sourceMappingURL=rbac-http.js.map

package/lib/rbac-http/src/config/rbac-http.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"rbac-http.js","sourceRoot":"","sources":["../../../../src/config/rbac-http.ts"],"names":[],"mappings":";;AAAA,+BAAgD;AAEhD,SAAS,GAAG,CAAC,IAAY;IACvB,OAAO,IAAA,cAAO,EAAC,IAAA,gBAAS,EAAC,IAAA,WAAI,EAAC,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;AACnD,CAAC;AACD,MAAM,CAAC,OAAO,GAAG;IACf,MAAM,EAAE;QACN,IAAI,EAAE;YACJ,WAAW,EAAE,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;YACtC,OAAO,EAAE,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YAC9B,KAAK,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;SAC3B;KACF;IACD,IAAI,EAAE;QACJ,WAAW,EAAE;QACX,0CAA0C;SAC3C;KACF;CACF,CAAC"}

package/lib/rbac-http/src/controllers/LoginController.d.ts

@@ -0,0 +1,12 @@
+import { LoginDto } from './../dto/login-dto';
+import { BaseController, Ok, CookieResponse, Unauthorized } from '@spinajs/http';
+import { AuthProvider, SessionProvider } from '@spinajs/rbac';
+import { Configuration } from '@spinajs/configuration';
+export declare class LoginController extends BaseController {
+    protected Configuration: Configuration;
+    protected AuthProvider: AuthProvider;
+    protected SessionProvider: SessionProvider;
+    protected SessionExpirationTime: number;
+    login(credentials: LoginDto): Promise<Unauthorized | CookieResponse>;
+    logout(ssid: string): Promise<Ok | CookieResponse>;
+}

package/lib/rbac-http/src/controllers/LoginController.js

@@ -0,0 +1,91 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.LoginController = void 0;
+const login_dto_1 = require("./../dto/login-dto");
+const http_1 = require("@spinajs/http");
+const rbac_1 = require("@spinajs/rbac");
+const di_1 = require("@spinajs/di");
+const configuration_1 = require("@spinajs/configuration");
+const luxon_1 = require("luxon");
+let LoginController = class LoginController extends http_1.BaseController {
+    async login(credentials) {
+        const user = await this.AuthProvider.authenticate(credentials.Login, credentials.Password);
+        if (!user) {
+            return new http_1.Unauthorized({
+                error: {
+                    message: 'login or password incorrect',
+                },
+            });
+        }
+        const lifetime = luxon_1.DateTime.now().plus({ minutes: this.SessionExpirationTime });
+        const uObject = {
+            Login: user.Login,
+            Email: user.Email,
+            NiceName: user.NiceName,
+            Metadata: user.Metadata.map((m) => ({ Key: m.Key, Value: m.Value })),
+            Role: user.Role,
+            Id: user.Id,
+        };
+        const session = new rbac_1.Session({
+            Data: uObject,
+            Expiration: lifetime,
+        });
+        await this.SessionProvider.updateSession(session);
+        return new http_1.CookieResponse('ssid', session.SessionId, this.SessionExpirationTime, uObject);
+    }
+    async logout(ssid) {
+        if (!ssid) {
+            return new http_1.Ok();
+        }
+        await this.SessionProvider.deleteSession(ssid);
+        // send empty cookie to confirm session deletion
+        return new http_1.CookieResponse('ssid', null, this.SessionExpirationTime);
+    }
+};
+__decorate([
+    (0, di_1.Autoinject)(),
+    __metadata("design:type", configuration_1.Configuration)
+], LoginController.prototype, "Configuration", void 0);
+__decorate([
+    (0, di_1.Autoinject)(),
+    __metadata("design:type", rbac_1.AuthProvider)
+], LoginController.prototype, "AuthProvider", void 0);
+__decorate([
+    (0, di_1.Autoinject)(),
+    __metadata("design:type", rbac_1.SessionProvider)
+], LoginController.prototype, "SessionProvider", void 0);
+__decorate([
+    (0, configuration_1.Config)('acl.session.expiration', 10),
+    __metadata("design:type", Number)
+], LoginController.prototype, "SessionExpirationTime", void 0);
+__decorate([
+    (0, http_1.Post)(),
+    __param(0, (0, http_1.Body)()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [login_dto_1.LoginDto]),
+    __metadata("design:returntype", Promise)
+], LoginController.prototype, "login", null);
+__decorate([
+    (0, http_1.Get)(),
+    __param(0, (0, http_1.Cookie)()),
+    __metadata("design:type", Function),
+    __metadata("design:paramtypes", [String]),
+    __metadata("design:returntype", Promise)
+], LoginController.prototype, "logout", null);
+LoginController = __decorate([
+    (0, http_1.BasePath)('auth')
+], LoginController);
+exports.LoginController = LoginController;
+//# sourceMappingURL=LoginController.js.map

package/lib/rbac-http/src/controllers/LoginController.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"LoginController.js","sourceRoot":"","sources":["../../../../src/controllers/LoginController.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,kDAA8C;AAC9C,wCAAoH;AACpH,wCAAuE;AACvE,oCAAyC;AACzC,0DAA+D;AAC/D,iCAAiC;AAGjC,IAAa,eAAe,GAA5B,MAAa,eAAgB,SAAQ,qBAAc;IAc1C,KAAK,CAAC,KAAK,CAAS,WAAqB;QAC9C,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,YAAY,CAAC,WAAW,CAAC,KAAK,EAAE,WAAW,CAAC,QAAQ,CAAC,CAAC;QAE3F,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,mBAAY,CAAC;gBACtB,KAAK,EAAE;oBACL,OAAO,EAAE,6BAA6B;iBACvC;aACF,CAAC,CAAC;SACJ;QACD,MAAM,QAAQ,GAAG,gBAAQ,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,CAAC,qBAAqB,EAAE,CAAC,CAAC;QAE9E,MAAM,OAAO,GAAG;YACd,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;YACpE,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,EAAE,EAAE,IAAI,CAAC,EAAE;SACZ,CAAC;QAEF,MAAM,OAAO,GAAG,IAAI,cAAO,CAAC;YAC1B,IAAI,EAAE,OAAO;YACb,UAAU,EAAE,QAAQ;SACrB,CAAC,CAAC;QAEH,MAAM,IAAI,CAAC,eAAe,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;QAElD,OAAO,IAAI,qBAAc,CAAC,MAAM,EAAE,OAAO,CAAC,SAAS,EAAE,IAAI,CAAC,qBAAqB,EAAE,OAAO,CAAC,CAAC;IAC5F,CAAC;IAGM,KAAK,CAAC,MAAM,CAAW,IAAY;QACxC,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,SAAE,EAAE,CAAC;SACjB;QAED,MAAM,IAAI,CAAC,eAAe,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;QAE/C,gDAAgD;QAChD,OAAO,IAAI,qBAAc,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,qBAAqB,CAAC,CAAC;IACtE,CAAC;CACF,CAAA;AAtDC;IADC,IAAA,eAAU,GAAE;8BACY,6BAAa;sDAAC;AAGvC;IADC,IAAA,eAAU,GAAE;8BACW,mBAAY;qDAAC;AAGrC;IADC,IAAA,eAAU,GAAE;8BACc,sBAAe;wDAAC;AAG3C;IADC,IAAA,sBAAM,EAAC,wBAAwB,EAAE,EAAE,CAAC;;8DACG;AAGxC;IADC,IAAA,WAAI,GAAE;IACa,WAAA,IAAA,WAAI,GAAE,CAAA;;qCAAc,oBAAQ;;4CA6B/C;AAGD;IADC,IAAA,UAAG,GAAE;IACe,WAAA,IAAA,aAAM,GAAE,CAAA;;;;6CAS5B;AAvDU,eAAe;IAD3B,IAAA,eAAQ,EAAC,MAAM,CAAC;GACJ,eAAe,CAwD3B;AAxDY,0CAAe"}

package/lib/rbac-http/src/controllers/UsersController.d.ts

@@ -0,0 +1,17 @@
+import { PasswordDto } from './../dto/password-dto';
+import { UserDto } from './../dto/user-dto';
+import * as express from 'express';
+import { BaseController, Ok, NotFound } from '@spinajs/http';
+import { IContainer } from '@spinajs/di';
+import { UserDataTransformer, IUserResult } from '../transformers';
+import { SORT_ORDER } from '@spinajs/orm/lib/enums';
+export declare class UsersController extends BaseController {
+    protected DataTransformer: UserDataTransformer<IUserResult>;
+    protected Container: IContainer;
+    listUsers(search: string, page: number, perPage: number, order: string, orderDirection: SORT_ORDER, request: express.Request): Promise<NotFound | Ok>;
+    getUser(id: number): Promise<Ok>;
+    addUser(user: UserDto): Promise<Ok>;
+    deleteUser(id: number): Promise<Ok>;
+    updateUser(id: number, user: UserDto): Promise<Ok>;
+    updateUserPassword(id: number, pwd: PasswordDto): Promise<Ok>;
+}