@spinajs/rbac-http 2.0.131 → 2.0.133

package/lib/cjs/controllers/TwoFactorAuthController.js

@@ -1,71 +0,0 @@
-"use strict";
-var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
-    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
-    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
-    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
-    return c > 3 && r && Object.defineProperty(target, key, r), r;
-};
-var __metadata = (this && this.__metadata) || function (k, v) {
-    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
-};
-var __param = (this && this.__param) || function (paramIndex, decorator) {
-    return function (target, key) { decorator(target, key, paramIndex); }
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.TwoFactorAuthController = void 0;
-const token_dto_js_1 = require("./../dto/token-dto.js");
-const http_1 = require("@spinajs/http");
-const rbac_1 = require("@spinajs/rbac");
-const http_2 = require("@spinajs/http");
-const decorators_js_1 = require("../decorators.js");
-const _2FaPolicy_js_1 = require("../policies/2FaPolicy.js");
-const configuration_1 = require("@spinajs/configuration");
-const interfaces_js_1 = require("../interfaces.js");
-const luxon_1 = require("luxon");
-const UserLoginSuccess_js_1 = require("../events/UserLoginSuccess.js");
-const di_1 = require("@spinajs/di");
-const queue_1 = require("@spinajs/queue");
-let TwoFactorAuthController = class TwoFactorAuthController extends http_1.BaseController {
-    async verifyToken(logged, token, ssid) {
-        const result = await this.TwoFactorAuthProvider.verifyToken(token.Token, logged);
-        if (result) {
-            return new http_1.Unauthorized(`invalid token`);
-        }
-        logged.LastLoginAt = luxon_1.DateTime.now();
-        await logged.update();
-        await this.Queue.emit(new UserLoginSuccess_js_1.UserLoginSuccess(logged.Uuid));
-        await this.SessionProvider.save(ssid, {
-            Authorized: true,
-            TwoFactorAuth_check: true,
-        });
-        // return user data
-        return new http_1.Ok(logged.dehydrate());
-    }
-};
-__decorate([
-    (0, di_1.Autoinject)(queue_1.QueueService),
-    __metadata("design:type", queue_1.QueueService)
-], TwoFactorAuthController.prototype, "Queue", void 0);
-__decorate([
-    (0, configuration_1.AutoinjectService)('rbac.session'),
-    __metadata("design:type", rbac_1.SessionProvider)
-], TwoFactorAuthController.prototype, "SessionProvider", void 0);
-__decorate([
-    (0, configuration_1.AutoinjectService)('rbac.twoFactorAuth'),
-    __metadata("design:type", interfaces_js_1.TwoFactorAuthProvider)
-], TwoFactorAuthController.prototype, "TwoFactorAuthProvider", void 0);
-__decorate([
-    (0, http_1.Post)('2fa/verify'),
-    __param(0, (0, decorators_js_1.User)()),
-    __param(1, (0, http_2.Body)()),
-    __param(2, (0, http_1.Cookie)()),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [rbac_1.User, token_dto_js_1.TokenDto, String]),
-    __metadata("design:returntype", Promise)
-], TwoFactorAuthController.prototype, "verifyToken", null);
-TwoFactorAuthController = __decorate([
-    (0, http_1.BasePath)('user/auth'),
-    (0, http_2.Policy)(_2FaPolicy_js_1.TwoFacRouteEnabled)
-], TwoFactorAuthController);
-exports.TwoFactorAuthController = TwoFactorAuthController;
-//# sourceMappingURL=TwoFactorAuthController.js.map

package/lib/cjs/controllers/TwoFactorAuthController.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"TwoFactorAuthController.js","sourceRoot":"","sources":["../../../src/controllers/TwoFactorAuthController.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,wDAAiD;AACjD,wCAAyF;AACzF,wCAAmE;AACnE,wCAA6C;AAE7C,oDAAwC;AACxC,4DAA8D;AAC9D,0DAA2D;AAC3D,oDAAyD;AACzD,iCAAiC;AACjC,uEAAiE;AACjE,oCAAyC;AACzC,0CAA8C;AAIvC,IAAM,uBAAuB,GAA7B,MAAM,uBAAwB,SAAQ,qBAAc;IAW5C,AAAN,KAAK,CAAC,WAAW,CAAS,MAAiB,EAAU,KAAe,EAAY,IAAY;QACjG,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,WAAW,CAAC,KAAK,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;QAEjF,IAAI,MAAM,EAAE;YACV,OAAO,IAAI,mBAAY,CAAC,eAAe,CAAC,CAAC;SAC1C;QAED,MAAM,CAAC,WAAW,GAAG,gBAAQ,CAAC,GAAG,EAAE,CAAC;QACpC,MAAM,MAAM,CAAC,MAAM,EAAE,CAAC;QAEtB,MAAM,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,sCAAgB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;QAEzD,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,EAAE;YACpC,UAAU,EAAE,IAAI;YAChB,mBAAmB,EAAE,IAAI;SAC1B,CAAC,CAAC;QAEH,mBAAmB;QACnB,OAAO,IAAI,SAAE,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;IACpC,CAAC;CACF,CAAA;AA9BC;IAAC,IAAA,eAAU,EAAC,oBAAY,CAAC;8BACR,oBAAY;sDAAC;AAE9B;IAAC,IAAA,iCAAiB,EAAC,cAAc,CAAC;8BACP,sBAAe;gEAAC;AAE3C;IAAC,IAAA,iCAAiB,EAAC,oBAAoB,CAAC;8BACP,qCAAqB;sEAAC;AAG1C;IADZ,IAAA,WAAI,EAAC,YAAY,CAAC;IACO,WAAA,IAAA,oBAAI,GAAE,CAAA;IAAqB,WAAA,IAAA,WAAI,GAAE,CAAA;IAAmB,WAAA,IAAA,aAAM,GAAE,CAAA;;qCAA7C,WAAS,EAAiB,uBAAQ;;0DAmB1E;AA9BU,uBAAuB;IAFnC,IAAA,eAAQ,EAAC,WAAW,CAAC;IACrB,IAAA,aAAM,EAAC,kCAAkB,CAAC;GACd,uBAAuB,CA+BnC;AA/BY,0DAAuB"}

package/lib/cjs/controllers/UserAdminController.d.ts

@@ -1,4 +0,0 @@
-import { BaseController } from '@spinajs/http';
-export declare class UsersController extends BaseController {
-}
-//# sourceMappingURL=UserAdminController.d.ts.map

package/lib/cjs/controllers/UserAdminController.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"UserAdminController.d.ts","sourceRoot":"","sources":["../../../src/controllers/UserAdminController.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAY,MAAM,eAAe,CAAC;AAGzD,qBAEa,eAAgB,SAAQ,cAAc;CAuElD"}

package/lib/cjs/controllers/UserAdminController.js

@@ -1,19 +0,0 @@
-"use strict";
-var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
-    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
-    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
-    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
-    return c > 3 && r && Object.defineProperty(target, key, r), r;
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.UsersController = void 0;
-const http_1 = require("@spinajs/http");
-const decorators_js_1 = require("./../decorators.js");
-let UsersController = class UsersController extends http_1.BaseController {
-};
-UsersController = __decorate([
-    (0, decorators_js_1.Resource)('user'),
-    (0, http_1.BasePath)('user')
-], UsersController);
-exports.UsersController = UsersController;
-//# sourceMappingURL=UserAdminController.js.map

package/lib/cjs/controllers/UserAdminController.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"UserAdminController.js","sourceRoot":"","sources":["../../../src/controllers/UserAdminController.ts"],"names":[],"mappings":";;;;;;;;;AAAA,wCAAyD;AACzD,sDAA8C;AAIvC,IAAM,eAAe,GAArB,MAAM,eAAgB,SAAQ,qBAAc;CAuElD,CAAA;AAvEY,eAAe;IAF3B,IAAA,wBAAQ,EAAC,MAAM,CAAC;IAChB,IAAA,eAAQ,EAAC,MAAM,CAAC;GACJ,eAAe,CAuE3B;AAvEY,0CAAe"}

package/lib/cjs/controllers/UserController.d.ts

@@ -1,11 +0,0 @@
-import { PasswordDto } from '../dto/password-dto.js';
-import { User as UserModel, PasswordProvider, SessionProvider } from '@spinajs/rbac';
-import { BaseController, Ok } from '@spinajs/http';
-export declare class UserController extends BaseController {
-    protected PasswordProvider: PasswordProvider;
-    protected CoockieSecret: string;
-    protected SessionProvider: SessionProvider;
-    refresh(user: UserModel, ssid: string): Promise<Ok>;
-    newPassword(user: UserModel, pwd: PasswordDto): Promise<Ok>;
-}
-//# sourceMappingURL=UserController.d.ts.map

package/lib/cjs/controllers/UserController.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"UserController.d.ts","sourceRoot":"","sources":["../../../src/controllers/UserController.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAAE,IAAI,IAAI,SAAS,EAAE,gBAAgB,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AACrF,OAAO,EAAE,cAAc,EAAiB,EAAE,EAAuB,MAAM,eAAe,CAAC;AAQvF,qBAEa,cAAe,SAAQ,cAAc;IAEhD,SAAS,CAAC,gBAAgB,EAAE,gBAAgB,CAAC;IAG7C,SAAS,CAAC,aAAa,EAAE,MAAM,CAAC;IAGhC,SAAS,CAAC,eAAe,EAAE,eAAe,CAAC;IAI9B,OAAO,CAAS,IAAI,EAAE,SAAS,EAAY,IAAI,EAAE,MAAM;IAkBvD,WAAW,CAAS,IAAI,EAAE,SAAS,EAAU,GAAG,EAAE,WAAW;CAgB3E"}

package/lib/cjs/controllers/UserController.js

@@ -1,110 +0,0 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
-    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
-    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
-    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
-    return c > 3 && r && Object.defineProperty(target, key, r), r;
-};
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
-var __metadata = (this && this.__metadata) || function (k, v) {
-    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
-};
-var __param = (this && this.__param) || function (paramIndex, decorator) {
-    return function (target, key) { decorator(target, key, paramIndex); }
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.UserController = void 0;
-const password_dto_js_1 = require("../dto/password-dto.js");
-const rbac_1 = require("@spinajs/rbac");
-const http_1 = require("@spinajs/http");
-const exceptions_1 = require("@spinajs/exceptions");
-const di_1 = require("@spinajs/di");
-const decorators_js_1 = require("../decorators.js");
-const configuration_1 = require("@spinajs/configuration");
-const cs = __importStar(require("cookie-signature"));
-let UserController = class UserController extends http_1.BaseController {
-    async refresh(user, ssid) {
-        // get user data from db
-        await user.refresh();
-        await user.Metadata.populate();
-        // refresh session data from DB
-        const sId = cs.unsign(ssid, this.CoockieSecret);
-        if (sId) {
-            const session = await this.SessionProvider.restore(sId);
-            if (session) {
-                session.Data.set('User', user.dehydrate());
-            }
-        }
-        return new http_1.Ok(user.dehydrate());
-    }
-    async newPassword(user, pwd) {
-        if (pwd.Password !== pwd.ConfirmPassword) {
-            throw new exceptions_1.InvalidArgument('password does not match');
-        }
-        const isValid = await this.PasswordProvider.verify(user.Password, pwd.OldPassword);
-        if (!isValid) {
-            throw new exceptions_1.Forbidden('old password do not match');
-        }
-        const hashedPassword = await this.PasswordProvider.hash(pwd.Password);
-        user.Password = hashedPassword;
-        await user.update();
-        return new http_1.Ok();
-    }
-};
-__decorate([
-    (0, di_1.Autoinject)(),
-    __metadata("design:type", rbac_1.PasswordProvider)
-], UserController.prototype, "PasswordProvider", void 0);
-__decorate([
-    (0, configuration_1.Config)('http.cookie.secret'),
-    __metadata("design:type", String)
-], UserController.prototype, "CoockieSecret", void 0);
-__decorate([
-    (0, di_1.Autoinject)(),
-    __metadata("design:type", rbac_1.SessionProvider)
-], UserController.prototype, "SessionProvider", void 0);
-__decorate([
-    (0, http_1.Get)(),
-    (0, decorators_js_1.Permission)('readOwn'),
-    __param(0, (0, decorators_js_1.User)()),
-    __param(1, (0, http_1.Cookie)()),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [rbac_1.User, String]),
-    __metadata("design:returntype", Promise)
-], UserController.prototype, "refresh", null);
-__decorate([
-    (0, http_1.Patch)('/password'),
-    __param(0, (0, decorators_js_1.User)()),
-    __param(1, (0, http_1.Body)()),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [rbac_1.User, password_dto_js_1.PasswordDto]),
-    __metadata("design:returntype", Promise)
-], UserController.prototype, "newPassword", null);
-UserController = __decorate([
-    (0, http_1.BasePath)('user'),
-    (0, decorators_js_1.Resource)('user')
-], UserController);
-exports.UserController = UserController;
-//# sourceMappingURL=UserController.js.map

package/lib/cjs/controllers/UserController.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"UserController.js","sourceRoot":"","sources":["../../../src/controllers/UserController.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,4DAAqD;AACrD,wCAAqF;AACrF,wCAAuF;AACvF,oDAAiE;AACjE,oCAAyC;AACzC,oDAA8D;AAC9D,0DAAgD;AAChD,qDAAuC;AAKhC,IAAM,cAAc,GAApB,MAAM,cAAe,SAAQ,qBAAc;IAYnC,AAAN,KAAK,CAAC,OAAO,CAAS,IAAe,EAAY,IAAY;QAClE,wBAAwB;QACxB,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;QACrB,MAAM,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;QAE/B,+BAA+B;QAC/B,MAAM,GAAG,GAAmB,EAAE,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;QAChE,IAAI,GAAG,EAAE;YACP,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YACxD,IAAI,OAAO,EAAE;gBACX,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;aAC5C;SACF;QAED,OAAO,IAAI,SAAE,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;IAClC,CAAC;IAGY,AAAN,KAAK,CAAC,WAAW,CAAS,IAAe,EAAU,GAAgB;QACxE,IAAI,GAAG,CAAC,QAAQ,KAAK,GAAG,CAAC,eAAe,EAAE;YACxC,MAAM,IAAI,4BAAe,CAAC,yBAAyB,CAAC,CAAC;SACtD;QAED,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,CAAC,WAAW,CAAC,CAAC;QAEnF,IAAI,CAAC,OAAO,EAAE;YACZ,MAAM,IAAI,sBAAS,CAAC,2BAA2B,CAAC,CAAC;SAClD;QAED,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACtE,IAAI,CAAC,QAAQ,GAAG,cAAc,CAAC;QAC/B,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;QACpB,OAAO,IAAI,SAAE,EAAE,CAAC;IAClB,CAAC;CACF,CAAA;AA7CC;IAAC,IAAA,eAAU,GAAE;8BACe,uBAAgB;wDAAC;AAE7C;IAAC,IAAA,sBAAM,EAAC,oBAAoB,CAAC;;qDACG;AAEhC;IAAC,IAAA,eAAU,GAAE;8BACc,sBAAe;uDAAC;AAI9B;IAFZ,IAAA,UAAG,GAAE;IACL,IAAA,0BAAU,EAAC,SAAS,CAAC;IACA,WAAA,IAAA,oBAAI,GAAE,CAAA;IAAmB,WAAA,IAAA,aAAM,GAAE,CAAA;;qCAApB,WAAS;;6CAe3C;AAGY;IADZ,IAAA,YAAK,EAAC,WAAW,CAAC;IACO,WAAA,IAAA,oBAAI,GAAE,CAAA;IAAmB,WAAA,IAAA,WAAI,GAAE,CAAA;;qCAAlB,WAAS,EAAe,6BAAW;;iDAezE;AA7CU,cAAc;IAF1B,IAAA,eAAQ,EAAC,MAAM,CAAC;IAChB,IAAA,wBAAQ,EAAC,MAAM,CAAC;GACJ,cAAc,CA8C1B;AA9CY,wCAAc"}

package/lib/cjs/controllers/UserMetadata.d.ts

@@ -1,7 +0,0 @@
-import { Ok } from '@spinajs/http';
-import { User as UserModel, UserMetadata } from '@spinajs/rbac';
-export declare class UserMetaController {
-    addMetadata(logged: UserModel, user: UserModel, meta: UserMetadata): Promise<Ok>;
-    updateMetadata(logged: UserModel, user: UserModel, meta: UserMetadata): Promise<Ok>;
-}
-//# sourceMappingURL=UserMetadata.d.ts.map

package/lib/cjs/controllers/UserMetadata.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"UserMetadata.d.ts","sourceRoot":"","sources":["../../../src/controllers/UserMetadata.ts"],"names":[],"mappings":"AAAA,OAAO,EAAuB,EAAE,EAAa,MAAM,eAAe,CAAC;AACnE,OAAO,EAAE,IAAI,IAAI,SAAS,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAIhE,qBAEa,kBAAkB;IAIhB,WAAW,CAAS,MAAM,EAAE,SAAS,EAAe,IAAI,EAAE,SAAS,EAAa,IAAI,EAAE,YAAY;IAWlG,cAAc,CAAS,MAAM,EAAE,SAAS,EAAe,IAAI,EAAE,SAAS,EAAe,IAAI,EAAE,YAAY;CAcrH"}

package/lib/cjs/controllers/UserMetadata.js

@@ -1,69 +0,0 @@
-"use strict";
-var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
-    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
-    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
-    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
-    return c > 3 && r && Object.defineProperty(target, key, r), r;
-};
-var __metadata = (this && this.__metadata) || function (k, v) {
-    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
-};
-var __param = (this && this.__param) || function (paramIndex, decorator) {
-    return function (target, key) { decorator(target, key, paramIndex); }
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.UserMetaController = void 0;
-const http_1 = require("@spinajs/http");
-const rbac_1 = require("@spinajs/rbac");
-const decorators_js_1 = require("../decorators.js");
-const orm_http_1 = require("@spinajs/orm-http");
-let UserMetaController = class UserMetaController {
-    async addMetadata(logged, user, meta) {
-        if (logged.Id !== user.Id) {
-            throw new http_1.Forbidden('cannot add metadata to another user');
-        }
-        await user.Metadata.add(meta);
-        return new http_1.Ok(meta);
-    }
-    async updateMetadata(logged, user, meta) {
-        if (logged.Id !== user.Id) {
-            throw new http_1.Forbidden('cannot add metadata to another user');
-        }
-        await meta.User.populate();
-        if (meta.User.Value.Id !== logged.Id) {
-            throw new http_1.Forbidden('cannot edit metadata that is not own by user');
-        }
-        await meta.update();
-        return new http_1.Ok();
-    }
-};
-__decorate([
-    (0, http_1.Post)(),
-    (0, decorators_js_1.Permission)('updateOwn'),
-    __param(0, (0, decorators_js_1.User)()),
-    __param(1, (0, orm_http_1.FromModel)()),
-    __param(2, (0, orm_http_1.AsModel)()),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [rbac_1.User, rbac_1.User, rbac_1.UserMetadata]),
-    __metadata("design:returntype", Promise)
-], UserMetaController.prototype, "addMetadata", null);
-__decorate([
-    (0, http_1.Put)('user/:user/metadata/:meta'),
-    (0, decorators_js_1.Permission)('updateOwn'),
-    __param(0, (0, decorators_js_1.User)()),
-    __param(1, (0, orm_http_1.FromModel)()),
-    __param(2, (0, orm_http_1.FromModel)()),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [rbac_1.User, rbac_1.User, rbac_1.UserMetadata]),
-    __metadata("design:returntype", Promise)
-], UserMetaController.prototype, "updateMetadata", null);
-UserMetaController = __decorate([
-    (0, http_1.BasePath)('user/:user/metadata'),
-    (0, decorators_js_1.Resource)('user.metadata')
-], UserMetaController);
-exports.UserMetaController = UserMetaController;
-// function userOwnerPermissionStrategy(){
-//    // 1. obtain current logged user
-//    // 2. find
-// }
-//# sourceMappingURL=UserMetadata.js.map

package/lib/cjs/controllers/UserMetadata.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"UserMetadata.js","sourceRoot":"","sources":["../../../src/controllers/UserMetadata.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,wCAAmE;AACnE,wCAAgE;AAChE,oDAA8D;AAC9D,gDAAuD;AAIhD,IAAM,kBAAkB,GAAxB,MAAM,kBAAkB;IAIhB,AAAN,KAAK,CAAC,WAAW,CAAS,MAAiB,EAAe,IAAe,EAAa,IAAkB;QAC7G,IAAI,MAAM,CAAC,EAAE,KAAK,IAAI,CAAC,EAAE,EAAE;YACzB,MAAM,IAAI,gBAAS,CAAC,qCAAqC,CAAC,CAAC;SAC5D;QAED,MAAM,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAC9B,OAAO,IAAI,SAAE,CAAC,IAAI,CAAC,CAAC;IACtB,CAAC;IAIY,AAAN,KAAK,CAAC,cAAc,CAAS,MAAiB,EAAe,IAAe,EAAe,IAAkB;QAClH,IAAI,MAAM,CAAC,EAAE,KAAK,IAAI,CAAC,EAAE,EAAE;YACzB,MAAM,IAAI,gBAAS,CAAC,qCAAqC,CAAC,CAAC;SAC5D;QAED,MAAM,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;QAC3B,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,KAAK,MAAM,CAAC,EAAE,EAAE;YACpC,MAAM,IAAI,gBAAS,CAAC,8CAA8C,CAAC,CAAC;SACrE;QAED,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;QAEpB,OAAO,IAAI,SAAE,EAAE,CAAC;IAClB,CAAC;CACF,CAAA;AAzBc;IAFZ,IAAA,WAAI,GAAE;IACN,IAAA,0BAAU,EAAC,WAAW,CAAC;IACE,WAAA,IAAA,oBAAI,GAAE,CAAA;IAAqB,WAAA,IAAA,oBAAS,GAAE,CAAA;IAAmB,WAAA,IAAA,kBAAO,GAAE,CAAA;;qCAAnD,WAAS,EAAqB,WAAS,EAAmB,mBAAY;;qDAO9G;AAIY;IAFZ,IAAA,UAAG,EAAC,2BAA2B,CAAC;IAChC,IAAA,0BAAU,EAAC,WAAW,CAAC;IACK,WAAA,IAAA,oBAAI,GAAE,CAAA;IAAqB,WAAA,IAAA,oBAAS,GAAE,CAAA;IAAmB,WAAA,IAAA,oBAAS,GAAE,CAAA;;qCAArD,WAAS,EAAqB,WAAS,EAAqB,mBAAY;;wDAanH;AA5BU,kBAAkB;IAF9B,IAAA,eAAQ,EAAC,qBAAqB,CAAC;IAC/B,IAAA,wBAAQ,EAAC,eAAe,CAAC;GACb,kBAAkB,CA6B9B;AA7BY,gDAAkB;AA+B/B,0CAA0C;AAE1C,sCAAsC;AACtC,gBAAgB;AAEhB,IAAI"}

package/lib/cjs/dto/login-dto.d.ts

@@ -1,17 +0,0 @@
-export declare const LoginDtoSchema: {
-    $schema: string;
-    title: string;
-    type: string;
-    properties: {
-        Login: {
-            type: string;
-            format: string;
-        };
-    };
-    required: string[];
-};
-export declare class UserLoginDto {
-    Email: string;
-    constructor(data: any);
-}
-//# sourceMappingURL=login-dto.d.ts.map

package/lib/cjs/dto/login-dto.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"login-dto.d.ts","sourceRoot":"","sources":["../../../src/dto/login-dto.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,cAAc;;;;;;;;;;;CAQ1B,CAAC;AAEF,qBACa,YAAY;IAChB,KAAK,EAAE,MAAM,CAAC;gBAET,IAAI,EAAE,GAAG;CAGtB"}

package/lib/cjs/dto/login-dto.js

@@ -1,33 +0,0 @@
-"use strict";
-var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
-    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
-    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
-    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
-    return c > 3 && r && Object.defineProperty(target, key, r), r;
-};
-var __metadata = (this && this.__metadata) || function (k, v) {
-    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.UserLoginDto = exports.LoginDtoSchema = void 0;
-const validation_1 = require("@spinajs/validation");
-exports.LoginDtoSchema = {
-    $schema: 'http://json-schema.org/draft-07/schema#',
-    title: 'login DTO',
-    type: 'object',
-    properties: {
-        Login: { type: 'string', format: 'email' },
-    },
-    required: ['Email'],
-};
-let UserLoginDto = class UserLoginDto {
-    constructor(data) {
-        Object.assign(this, data);
-    }
-};
-UserLoginDto = __decorate([
-    (0, validation_1.Schema)(exports.LoginDtoSchema),
-    __metadata("design:paramtypes", [Object])
-], UserLoginDto);
-exports.UserLoginDto = UserLoginDto;
-//# sourceMappingURL=login-dto.js.map

package/lib/cjs/dto/login-dto.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"login-dto.js","sourceRoot":"","sources":["../../../src/dto/login-dto.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,oDAA6C;AAEhC,QAAA,cAAc,GAAG;IAC5B,OAAO,EAAE,yCAAyC;IAClD,KAAK,EAAE,WAAW;IAClB,IAAI,EAAE,QAAQ;IACd,UAAU,EAAE;QACV,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE;KAC3C;IACD,QAAQ,EAAE,CAAC,OAAO,CAAC;CACpB,CAAC;AAGK,IAAM,YAAY,GAAlB,MAAM,YAAY;IAGvB,YAAY,IAAS;QACnB,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IAC5B,CAAC;CACF,CAAA;AANY,YAAY;IADxB,IAAA,mBAAM,EAAC,sBAAc,CAAC;;GACV,YAAY,CAMxB;AANY,oCAAY"}

package/lib/cjs/dto/password-dto.d.ts

@@ -1,30 +0,0 @@
-export declare const PasswordDtoSchema: {
-    $schema: string;
-    title: string;
-    type: string;
-    properties: {
-        OldPassword: {
-            type: string;
-            maxLength: number;
-            minLength: number;
-        };
-        Password: {
-            type: string;
-            maxLength: number;
-            minLength: number;
-        };
-        ConfirmPassword: {
-            type: string;
-            maxLength: number;
-            minLength: number;
-        };
-    };
-    required: string[];
-};
-export declare class PasswordDto {
-    OldPassword: string;
-    Password: string;
-    ConfirmPassword: string;
-    constructor(data: any);
-}
-//# sourceMappingURL=password-dto.d.ts.map

package/lib/cjs/dto/password-dto.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"password-dto.d.ts","sourceRoot":"","sources":["../../../src/dto/password-dto.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;;;;;;;;;CAU7B,CAAC;AAEF,qBACa,WAAW;IACf,WAAW,EAAE,MAAM,CAAC;IAEpB,QAAQ,EAAE,MAAM,CAAC;IAEjB,eAAe,EAAE,MAAM,CAAC;gBAEnB,IAAI,EAAE,GAAG;CAGtB"}

package/lib/cjs/dto/password-dto.js

@@ -1,35 +0,0 @@
-"use strict";
-var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
-    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
-    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
-    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
-    return c > 3 && r && Object.defineProperty(target, key, r), r;
-};
-var __metadata = (this && this.__metadata) || function (k, v) {
-    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.PasswordDto = exports.PasswordDtoSchema = void 0;
-const validation_1 = require("@spinajs/validation");
-exports.PasswordDtoSchema = {
-    $schema: 'http://json-schema.org/draft-07/schema#',
-    title: 'User password DTO',
-    type: 'object',
-    properties: {
-        OldPassword: { type: 'string', maxLength: 32, minLength: 6 },
-        Password: { type: 'string', maxLength: 32, minLength: 6 },
-        ConfirmPassword: { type: 'string', maxLength: 32, minLength: 6 },
-    },
-    required: ['OldPassword', 'Password', 'ConfirmPassword'],
-};
-let PasswordDto = class PasswordDto {
-    constructor(data) {
-        Object.assign(this, data);
-    }
-};
-PasswordDto = __decorate([
-    (0, validation_1.Schema)(exports.PasswordDtoSchema),
-    __metadata("design:paramtypes", [Object])
-], PasswordDto);
-exports.PasswordDto = PasswordDto;
-//# sourceMappingURL=password-dto.js.map

package/lib/cjs/dto/password-dto.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"password-dto.js","sourceRoot":"","sources":["../../../src/dto/password-dto.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,oDAA6C;AAEhC,QAAA,iBAAiB,GAAG;IAC/B,OAAO,EAAE,yCAAyC;IAClD,KAAK,EAAE,mBAAmB;IAC1B,IAAI,EAAE,QAAQ;IACd,UAAU,EAAE;QACV,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,EAAE,EAAE,SAAS,EAAE,CAAC,EAAE;QAC5D,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,EAAE,EAAE,SAAS,EAAE,CAAC,EAAE;QACzD,eAAe,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,EAAE,EAAE,SAAS,EAAE,CAAC,EAAE;KACjE;IACD,QAAQ,EAAE,CAAC,aAAa,EAAE,UAAU,EAAE,iBAAiB,CAAC;CACzD,CAAC;AAGK,IAAM,WAAW,GAAjB,MAAM,WAAW;IAOtB,YAAY,IAAS;QACnB,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IAC5B,CAAC;CACF,CAAA;AAVY,WAAW;IADvB,IAAA,mBAAM,EAAC,yBAAiB,CAAC;;GACb,WAAW,CAUvB;AAVY,kCAAW"}

package/lib/cjs/dto/restore-password-dto.d.ts

@@ -1,24 +0,0 @@
-export declare const RestorePasswordDtoSchema: {
-    $schema: string;
-    title: string;
-    type: string;
-    properties: {
-        Password: {
-            type: string;
-            maxLength: number;
-            minLength: number;
-        };
-        ConfirmPassword: {
-            type: string;
-            maxLength: number;
-            minLength: number;
-        };
-    };
-    required: string[];
-};
-export declare class RestorePasswordDto {
-    Password: string;
-    ConfirmPassword: string;
-    constructor(data: any);
-}
-//# sourceMappingURL=restore-password-dto.d.ts.map

package/lib/cjs/dto/restore-password-dto.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"restore-password-dto.d.ts","sourceRoot":"","sources":["../../../src/dto/restore-password-dto.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,wBAAwB;;;;;;;;;;;;;;;;;CASpC,CAAC;AAEF,qBACa,kBAAkB;IACtB,QAAQ,EAAE,MAAM,CAAC;IAEjB,eAAe,EAAE,MAAM,CAAC;gBAEnB,IAAI,EAAE,GAAG;CAGtB"}

package/lib/cjs/dto/restore-password-dto.js

@@ -1,34 +0,0 @@
-"use strict";
-var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
-    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
-    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
-    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
-    return c > 3 && r && Object.defineProperty(target, key, r), r;
-};
-var __metadata = (this && this.__metadata) || function (k, v) {
-    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.RestorePasswordDto = exports.RestorePasswordDtoSchema = void 0;
-const validation_1 = require("@spinajs/validation");
-exports.RestorePasswordDtoSchema = {
-    $schema: 'http://json-schema.org/draft-07/schema#',
-    title: 'User password DTO',
-    type: 'object',
-    properties: {
-        Password: { type: 'string', maxLength: 32, minLength: 6 },
-        ConfirmPassword: { type: 'string', maxLength: 32, minLength: 6 },
-    },
-    required: ['Password', 'ConfirmPassword'],
-};
-let RestorePasswordDto = class RestorePasswordDto {
-    constructor(data) {
-        Object.assign(this, data);
-    }
-};
-RestorePasswordDto = __decorate([
-    (0, validation_1.Schema)(exports.RestorePasswordDtoSchema),
-    __metadata("design:paramtypes", [Object])
-], RestorePasswordDto);
-exports.RestorePasswordDto = RestorePasswordDto;
-//# sourceMappingURL=restore-password-dto.js.map

package/lib/cjs/dto/restore-password-dto.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"restore-password-dto.js","sourceRoot":"","sources":["../../../src/dto/restore-password-dto.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,oDAA6C;AAEhC,QAAA,wBAAwB,GAAG;IACtC,OAAO,EAAE,yCAAyC;IAClD,KAAK,EAAE,mBAAmB;IAC1B,IAAI,EAAE,QAAQ;IACd,UAAU,EAAE;QACV,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,EAAE,EAAE,SAAS,EAAE,CAAC,EAAE;QACzD,eAAe,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,EAAE,EAAE,SAAS,EAAE,CAAC,EAAE;KACjE;IACD,QAAQ,EAAE,CAAC,UAAU,EAAE,iBAAiB,CAAC;CAC1C,CAAC;AAGK,IAAM,kBAAkB,GAAxB,MAAM,kBAAkB;IAK7B,YAAY,IAAS;QACnB,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IAC5B,CAAC;CACF,CAAA;AARY,kBAAkB;IAD9B,IAAA,mBAAM,EAAC,gCAAwB,CAAC;;GACpB,kBAAkB,CAQ9B;AARY,gDAAkB"}

package/lib/cjs/dto/token-dto.d.ts

@@ -1,16 +0,0 @@
-export declare const TokenDtoSchema: {
-    $schema: string;
-    title: string;
-    type: string;
-    properties: {
-        Token: {
-            type: string;
-            maxLength: number;
-        };
-    };
-};
-export declare class TokenDto {
-    Token: string;
-    constructor(data: any);
-}
-//# sourceMappingURL=token-dto.d.ts.map

package/lib/cjs/dto/token-dto.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"token-dto.d.ts","sourceRoot":"","sources":["../../../src/dto/token-dto.ts"],"names":[],"mappings":"AACA,eAAO,MAAM,cAAc;;;;;;;;;;CAO1B,CAAC;AAEF,qBACa,QAAQ;IACZ,KAAK,EAAE,MAAM,CAAC;gBAET,IAAI,EAAE,GAAG;CAGtB"}

package/lib/cjs/dto/token-dto.js

@@ -1,32 +0,0 @@
-"use strict";
-var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
-    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
-    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
-    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
-    return c > 3 && r && Object.defineProperty(target, key, r), r;
-};
-var __metadata = (this && this.__metadata) || function (k, v) {
-    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.TokenDto = exports.TokenDtoSchema = void 0;
-const validation_1 = require("@spinajs/validation");
-exports.TokenDtoSchema = {
-    $schema: 'http://json-schema.org/draft-07/schema#',
-    title: 'Token DTO',
-    type: 'object',
-    properties: {
-        Token: { type: 'string', maxLength: 64 },
-    },
-};
-let TokenDto = class TokenDto {
-    constructor(data) {
-        Object.assign(this, data);
-    }
-};
-TokenDto = __decorate([
-    (0, validation_1.Schema)(exports.TokenDtoSchema),
-    __metadata("design:paramtypes", [Object])
-], TokenDto);
-exports.TokenDto = TokenDto;
-//# sourceMappingURL=token-dto.js.map

package/lib/cjs/dto/token-dto.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"token-dto.js","sourceRoot":"","sources":["../../../src/dto/token-dto.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,oDAA6C;AAChC,QAAA,cAAc,GAAG;IAC5B,OAAO,EAAE,yCAAyC;IAClD,KAAK,EAAE,WAAW;IAClB,IAAI,EAAE,QAAQ;IACd,UAAU,EAAE;QACV,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,EAAE,EAAE;KACzC;CACF,CAAC;AAGK,IAAM,QAAQ,GAAd,MAAM,QAAQ;IAGnB,YAAY,IAAS;QACnB,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IAC5B,CAAC;CACF,CAAA;AANY,QAAQ;IADpB,IAAA,mBAAM,EAAC,sBAAc,CAAC;;GACV,QAAQ,CAMpB;AANY,4BAAQ"}

package/lib/cjs/dto/user-dto.d.ts

@@ -1,22 +0,0 @@
-export declare const UserDtoSchema: {
-    $schema: string;
-    title: string;
-    type: string;
-    properties: {
-        Email: {
-            type: string;
-            format: string;
-            maxLength: number;
-        };
-        Login: {
-            type: string;
-            maxLength: number;
-        };
-    };
-};
-export declare class UserDto {
-    Email: string;
-    Login: string;
-    constructor(data: any);
-}
-//# sourceMappingURL=user-dto.d.ts.map

package/lib/cjs/dto/user-dto.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"user-dto.d.ts","sourceRoot":"","sources":["../../../src/dto/user-dto.ts"],"names":[],"mappings":"AACA,eAAO,MAAM,aAAa;;;;;;;;;;;;;;;CAQzB,CAAC;AAEF,qBACa,OAAO;IACX,KAAK,EAAE,MAAM,CAAC;IAEd,KAAK,EAAE,MAAM,CAAC;gBAET,IAAI,EAAE,GAAG;CAGtB"}