npm - @sync-in/server - Versions diffs - 1.5.2 → 1.6.1 - Mend

@sync-in/server 1.5.2 → 1.6.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (355) hide show

package/server/applications/users/services/admin-users-queries.service.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../../../../../backend/src/applications/users/services/admin-users-queries.service.ts"],"sourcesContent":["/\n Copyright (C) 2012-2025 Johan Legrand <johan.legrand@sync-in.com>\n * This file is part of Sync-in \| The open source file sync and share solution\n * See the LICENSE file for licensing details\n */\n\nimport { Inject, Injectable, Logger } from '@nestjs/common'\nimport { and, count, countDistinct, eq, inArray, isNotNull, isNull, lte, SelectedFields, SQL, sql } from 'drizzle-orm'\nimport { alias, union } from 'drizzle-orm/mysql-core'\nimport { DB_TOKEN_PROVIDER } from '../../../infrastructure/database/constants'\nimport { DBSchema } from '../../../infrastructure/database/interfaces/database.interface'\nimport { concatDistinctObjectsInArray, dateTimeUTC, dbCheckAffectedRows, dbGetInsertedId } from '../../../infrastructure/database/utils'\nimport { GROUP_TYPE } from '../constants/group'\nimport { MEMBER_TYPE } from '../constants/member'\nimport { USER_GROUP_ROLE, USER_ROLE } from '../constants/user'\nimport { CreateOrUpdateGroupDto } from '../dto/create-or-update-group.dto'\nimport type { AdminGroup } from '../interfaces/admin-group.interface'\nimport type { AdminUser } from '../interfaces/admin-user.interface'\nimport { Member } from '../interfaces/member.interface'\nimport type { Group } from '../schemas/group.interface'\nimport { groups } from '../schemas/groups.schema'\nimport { UserGroup } from '../schemas/user-group.interface'\nimport { usersGroups } from '../schemas/users-groups.schema'\nimport { usersGuests } from '../schemas/users-guests.schema'\nimport { userFullNameSQL, users } from '../schemas/users.schema'\nimport { UsersQueries } from './users-queries.service'\n\n@Injectable()\nexport class AdminUsersQueries {\n private readonly logger = new Logger(AdminUsersQueries.name)\n\n constructor(\n @Inject(DB_TOKEN_PROVIDER) private readonly db: DBSchema,\n public readonly usersQueries: UsersQueries\n ) {}\n\n async listUsers(): Promise<AdminUser[]>\n async listUsers(userId: number): Promise<AdminUser>\n async listUsers(userId?: number): Promise<AdminUser \| AdminUser[]> {\n const where: SQL[] = [lte(users.role, USER_ROLE.USER), ...(userId ? [eq(users.id, userId)] : [])]\n const q = this.db\n .select({\n id: users.id,\n login: users.login,\n email: users.email,\n role: users.role,\n fullName: userFullNameSQL(users),\n isActive: users.isActive,\n ...(userId && {\n firstName: users.firstName,\n lastName: users.lastName,\n notification: users.notification,\n permissions: users.permissions,\n groups: concatDistinctObjectsInArray(groups.id, {\n id: groups.id,\n name: groups.name,\n description: groups.description,\n type: sql.raw(`'${MEMBER_TYPE.GROUP}'`),\n permissions: groups.permissions,\n createdAt: dateTimeUTC(usersGroups.createdAt)\n } satisfies Record<keyof Pick<Member, 'id' \| 'name' \| 'description' \| 'type' \| 'permissions' \| 'createdAt'>, any>)\n }),\n language: users.language,\n passwordAttempts: users.passwordAttempts,\n storageUsage: users.storageUsage,\n storageQuota: users.storageQuota,\n currentIp: users.currentIp,\n lastIp: users.lastIp,\n currentAccess: users.currentAccess,\n lastAccess: users.lastAccess,\n createdAt: users.createdAt\n } satisfies AdminUser \| SelectedFields<any, any>)\n .from(users)\n if (userId) {\n q.leftJoin(usersGroups, eq(usersGroups.userId, users.id))\n q.leftJoin(groups, and(eq(groups.id, usersGroups.groupId), eq(groups.type, GROUP_TYPE.USER)))\n q.limit(1)\n }\n q.where(and(...where)).groupBy(users.id)\n const rs: AdminUser[] = await q\n if (userId) {\n return rs.length ? rs[0] : null\n }\n return rs\n }\n\n async groupFromId(groupId: number): Promise<AdminGroup> {\n const groupParent = alias(groups, 'groupParent')\n const [group] = await this.db\n .select({\n id: groups.id,\n name: groups.name,\n type: groups.type,\n description: groups.description,\n permissions: groups.permissions,\n visibility: groups.visibility,\n createdAt: groups.createdAt,\n modifiedAt: groups.modifiedAt,\n parent: { id: groupParent.id, name: groupParent.name }\n } satisfies AdminGroup \| SelectedFields<any, any>)\n .from(groups)\n .leftJoin(groupParent, eq(groupParent.id, groups.parentId))\n .where(eq(groups.id, groupId))\n .limit(1)\n return group\n }\n\n async deleteUser(userId: number, userLogin: string): Promise<boolean> {\n return dbCheckAffectedRows(await this.db.delete(users).where(and(eq(users.id, userId), eq(users.login, userLogin))), 1, false)\n }\n\n async groupFromName(groupName: string): Promise<Pick<Group, 'id' \| 'name' \| 'type'>> {\n const [group] = await this.db\n .select({\n id: groups.id,\n name: groups.name,\n type: groups.type\n } satisfies Pick<Group, 'id' \| 'name' \| 'type'> \| SelectedFields<any, any>)\n .from(groups)\n .where(eq(groups.name, groupName))\n .limit(1)\n return group\n }\n\n async browseRootGroupMembers(type: GROUP_TYPE = GROUP_TYPE.USER): Promise<Member[]> {\n const childGroups = alias(groups, 'childGroups')\n return this.db\n .select({\n id: groups.id,\n name: groups.name,\n description: groups.description,\n createdAt: groups.createdAt,\n modifiedAt: groups.modifiedAt,\n type: sql<MEMBER_TYPE>`IF(${groups.type} = ${GROUP_TYPE.USER}, ${MEMBER_TYPE.GROUP}, ${MEMBER_TYPE.PGROUP})`,\n counts: { users: count(usersGroups.userId), groups: countDistinct(childGroups.id) }\n } satisfies Member \| SelectedFields<any, any>)\n .from(groups)\n .leftJoin(usersGroups, eq(usersGroups.groupId, groups.id))\n .leftJoin(childGroups, eq(childGroups.parentId, groups.id))\n .where(and(isNull(groups.parentId), eq(groups.type, type)))\n .groupBy(groups.id)\n }\n\n async browseGroupMembers(groupId: number, type: GROUP_TYPE = GROUP_TYPE.USER): Promise<Member[]> {\n const childGroups = alias(groups, 'childGroups')\n const childGroupMembers = alias(usersGroups, 'childGroupMembers')\n const subChildGroups = alias(groups, 'subChildGroups')\n const userMembers = this.db\n .select({\n id: users.id,\n login: users.login,\n name: userFullNameSQL(users).as('name'),\n description: users.email,\n createdAt: usersGroups.createdAt,\n modifiedAt: sql<Date>`NULL`,\n type: sql<MEMBER_TYPE>`${MEMBER_TYPE.USER}`,\n groupRole: sql<USER_GROUP_ROLE>`${usersGroups.role}`.mapWith(Number),\n counts: { users: sql<number>`0`, groups: sql<number>`0` }\n } satisfies Member \| SelectedFields<any, any>)\n .from(groups)\n .innerJoin(usersGroups, eq(usersGroups.groupId, groups.id))\n .leftJoin(users, eq(users.id, usersGroups.userId))\n .where(and(eq(groups.id, groupId), eq(groups.type, type), isNotNull(users.id)))\n .groupBy(users.id)\n if (type === GROUP_TYPE.PERSONAL) {\n return userMembers\n }\n const groupMembers: any = this.db\n .select({\n id: childGroups.id,\n login: sql`NULL`,\n name: childGroups.name,\n description: childGroups.description,\n createdAt: childGroups.createdAt,\n modifiedAt: childGroups.modifiedAt,\n type: sql<MEMBER_TYPE>`${MEMBER_TYPE.GROUP}`,\n groupRole: sql<USER_GROUP_ROLE>`null`,\n counts: { users: count(usersGroups.userId), groups: count(subChildGroups.id) }\n } satisfies Member \| SelectedFields<any, any>)\n .from(groups)\n .innerJoin(childGroups, eq(childGroups.parentId, groups.id))\n .leftJoin(usersGroups, eq(usersGroups.groupId, childGroups.id))\n .leftJoin(childGroupMembers, eq(childGroupMembers.groupId, childGroups.id))\n .leftJoin(subChildGroups, eq(subChildGroups.parentId, childGroups.id))\n .where(and(eq(groups.id, groupId), eq(groups.type, type), isNotNull(childGroups.id)))\n .groupBy(childGroups.id)\n return union(userMembers, groupMembers)\n }\n\n async updateUserGroups(userId: number, groups: { add: number[]; delete: number[] }): Promise<void> {\n if (groups.add.length) {\n try {\n dbCheckAffectedRows(\n await this.db.insert(usersGroups).values(\n groups.add.map((gid: number) => ({\n userId: userId,\n groupId: gid\n }))\n ),\n groups.add.length\n )\n this.logger.log(`${this.updateUserGroups.name} - user (${userId}) groups ${JSON.stringify(groups.add)} was added`)\n this.usersQueries.clearWhiteListCaches([userId])\n } catch (e) {\n this.logger.error(`${this.updateUserGroups.name} - user (${userId}) groups ${JSON.stringify(groups.add)} was not added: ${e}`)\n throw new Error('User groups was not added')\n }\n }\n if (groups.delete.length) {\n try {\n dbCheckAffectedRows(\n await this.db.delete(usersGroups).where(and(eq(usersGroups.userId, userId), inArray(usersGroups.groupId, groups.delete))),\n groups.delete.length\n )\n this.logger.log(`${this.updateUserGroups.name} - user (${userId}) groups ${JSON.stringify(groups.delete)} was deleted`)\n this.usersQueries.clearWhiteListCaches([userId])\n } catch (e) {\n this.logger.error(`${this.updateUserGroups.name} - user (${userId}) groups ${JSON.stringify(groups.delete)} was not deleted: ${e}`)\n throw new Error('User groups was not deleted')\n }\n }\n }\n\n async createGroup(createGroupDto: CreateOrUpdateGroupDto): Promise<Group['id']> {\n return dbGetInsertedId(await this.db.insert(groups).values({ ...createGroupDto, type: GROUP_TYPE.USER } as Group))\n }\n\n async updateGroup(groupId: number, set: Partial<Record<keyof Group, any>>): Promise<boolean> {\n try {\n dbCheckAffectedRows(await this.db.update(groups).set(set).where(eq(groups.id, groupId)), 1)\n this.logger.log(`${this.updateGroup.name} - group (${groupId}) was updated : ${JSON.stringify(set)}`)\n return true\n } catch (e) {\n this.logger.error(`${this.updateGroup.name} - group (${groupId}) was not updated : ${JSON.stringify(set)} : ${e}`)\n return false\n }\n }\n\n async deleteGroup(groupId: number): Promise<boolean> {\n const [parent] = await this.db.select({ id: groups.parentId }).from(groups).where(eq(groups.id, groupId)).limit(1)\n const parentId = parent?.id\n if (parentId) {\n // attach child groups to current parent\n await this.db\n .update(groups)\n .set({ parentId: parentId } as Partial<Group>)\n .where(eq(groups.parentId, groupId))\n }\n return dbCheckAffectedRows(await this.db.delete(groups).where(eq(groups.id, groupId)).limit(1), 1, false)\n }\n\n async addUsersToGroup(groupId: number, userIds: number[], lowerOrEqualUserRole: USER_ROLE = USER_ROLE.GUEST): Promise<void> {\n const userIdsWithRequiredRole = await this.db\n .select({ id: users.id })\n .from(users)\n .where(and(inArray(users.id, userIds), lte(users.role, lowerOrEqualUserRole)))\n userIds = userIdsWithRequiredRole.map((u) => u.id)\n if (userIds.length === 0) {\n throw new Error('No users to add to group')\n }\n try {\n dbCheckAffectedRows(\n await this.db.insert(usersGroups).values(\n userIdsWithRequiredRole.map((u) => ({\n groupId: groupId,\n userId: u.id\n }))\n ),\n userIdsWithRequiredRole.length\n )\n this.logger.log(`${this.addUsersToGroup.name} - users (${userIds}) was added to group (${groupId})`)\n this.usersQueries.clearWhiteListCaches(userIds)\n } catch (e) {\n this.logger.error(`${this.addUsersToGroup.name} - unable to add users (${userIds}) to group (${groupId}) : ${e}`)\n throw new Error('Unable to add users to group')\n }\n }\n\n async updateUserFromGroup(groupId: number, userId: number, role: USER_GROUP_ROLE): Promise<void> {\n try {\n dbCheckAffectedRows(\n await this.db\n .update(usersGroups)\n .set({ role: role } as UserGroup)\n .where(and(eq(usersGroups.groupId, groupId), eq(usersGroups.userId, userId)))\n .limit(1),\n 1\n )\n this.logger.log(`${this.updateUserFromGroup.name} - user (${userId}) was updated on group (${groupId}) as ${USER_GROUP_ROLE[role]}`)\n } catch (e) {\n this.logger.error(\n `${this.updateUserFromGroup.name} - user (${userId}) was not updated on group (${groupId}) as ${USER_GROUP_ROLE[role]} : ${e}`\n )\n throw new Error('Unable to update user from group')\n }\n }\n\n async removeUserFromGroup(groupId: number, userId: number): Promise<void> {\n try {\n dbCheckAffectedRows(\n await this.db\n .delete(usersGroups)\n .where(and(eq(usersGroups.groupId, groupId), eq(usersGroups.userId, userId)))\n .limit(1),\n 1\n )\n this.logger.log(`${this.removeUserFromGroup.name} - user (${userId}) was removed from group (${groupId})`)\n this.usersQueries.clearWhiteListCaches([userId])\n } catch (e) {\n this.logger.error(`${this.removeUserFromGroup.name} - user (${userId}) or group (${groupId}) does not exist : ${e}`)\n throw new Error('Unable to remove user from group')\n }\n }\n\n async updateGuestManagers(guestId: number, managers: { add: number[]; delete: number[] }): Promise<void> {\n if (managers.add.length) {\n try {\n dbCheckAffectedRows(\n await this.db.insert(usersGuests).values(\n managers.add.map((uid: number) => ({\n userId: uid,\n guestId: guestId\n }))\n ),\n managers.add.length\n )\n this.logger.log(`${this.updateGuestManagers.name} - guest (${guestId}) managers ${JSON.stringify(managers.add)} was added`)\n } catch (e) {\n this.logger.error(`${this.updateGuestManagers.name} - guest (${guestId}) managers ${JSON.stringify(managers.add)} was not added: ${e}`)\n throw new Error('Guest managers was not added')\n }\n }\n if (managers.delete.length) {\n try {\n dbCheckAffectedRows(\n await this.db.delete(usersGuests).where(and(eq(usersGuests.guestId, guestId), inArray(usersGuests.userId, managers.delete))),\n managers.delete.length\n )\n this.logger.log(`${this.updateGuestManagers.name} - guest (${guestId}) managers ${JSON.stringify(managers.delete)} was deleted`)\n } catch (e) {\n this.logger.error(`${this.updateGuestManagers.name} - guest (${guestId}) managers ${JSON.stringify(managers.delete)} was not deleted: ${e}`)\n throw new Error('Guest managers was not deleted')\n }\n }\n }\n}\n"],"names":["AdminUsersQueries","listUsers","userId","where","lte","users","role","USER_ROLE","USER","eq","id","q","db","select","login","email","fullName","userFullNameSQL","isActive","firstName","lastName","notification","permissions","groups","concatDistinctObjectsInArray","name","description","type","sql","raw","MEMBER_TYPE","GROUP","createdAt","dateTimeUTC","usersGroups","language","passwordAttempts","storageUsage","storageQuota","currentIp","lastIp","currentAccess","lastAccess","from","leftJoin","and","groupId","GROUP_TYPE","limit","groupBy","rs","length","groupFromId","groupParent","alias","group","visibility","modifiedAt","parent","parentId","deleteUser","userLogin","dbCheckAffectedRows","delete","groupFromName","groupName","browseRootGroupMembers","childGroups","PGROUP","counts","count","countDistinct","isNull","browseGroupMembers","childGroupMembers","subChildGroups","userMembers","as","groupRole","mapWith","Number","innerJoin","isNotNull","PERSONAL","groupMembers","union","updateUserGroups","add","insert","values","map","gid","logger","log","JSON","stringify","usersQueries","clearWhiteListCaches","e","error","Error","inArray","createGroup","createGroupDto","dbGetInsertedId","updateGroup","set","update","deleteGroup","addUsersToGroup","userIds","lowerOrEqualUserRole","GUEST","userIdsWithRequiredRole","u","updateUserFromGroup","USER_GROUP_ROLE","removeUserFromGroup","updateGuestManagers","guestId","managers","usersGuests","uid","Logger"],"mappings":"AAAA;;;;CAIC;;;;+BAwBYA;;;eAAAA;;;wBAtB8B;4BAC8D;2BAC5E;2BACK;mCACT;uBACuE;uBACrE;wBACC;sBACe;8BAMpB;mCAEK;mCACA;6BACW;qCACV;;;;;;;;;;;;;;;AAGtB,IAAA,AAAMA,oBAAN,MAAMA;IAUX,MAAMC,UAAUC,MAAe,EAAoC;QACjE,MAAMC,QAAe;YAACC,IAAAA,eAAG,EAACC,kBAAK,CAACC,IAAI,EAAEC,eAAS,CAACC,IAAI;eAAON,SAAS;gBAACO,IAAAA,cAAE,EAACJ,kBAAK,CAACK,EAAE,EAAER;aAAQ,GAAG,EAAE;SAAE;QACjG,MAAMS,IAAI,IAAI,CAACC,EAAE,CACdC,MAAM,CAAC;YACNH,IAAIL,kBAAK,CAACK,EAAE;YACZI,OAAOT,kBAAK,CAACS,KAAK;YAClBC,OAAOV,kBAAK,CAACU,KAAK;YAClBT,MAAMD,kBAAK,CAACC,IAAI;YAChBU,UAAUC,IAAAA,4BAAe,EAACZ,kBAAK;YAC/Ba,UAAUb,kBAAK,CAACa,QAAQ;YACxB,GAAIhB,UAAU;gBACZiB,WAAWd,kBAAK,CAACc,SAAS;gBAC1BC,UAAUf,kBAAK,CAACe,QAAQ;gBACxBC,cAAchB,kBAAK,CAACgB,YAAY;gBAChCC,aAAajB,kBAAK,CAACiB,WAAW;gBAC9BC,QAAQC,IAAAA,mCAA4B,EAACD,oBAAM,CAACb,EAAE,EAAE;oBAC9CA,IAAIa,oBAAM,CAACb,EAAE;oBACbe,MAAMF,oBAAM,CAACE,IAAI;oBACjBC,aAAaH,oBAAM,CAACG,WAAW;oBAC/BC,MAAMC,eAAG,CAACC,GAAG,CAAC,CAAC,CAAC,EAAEC,mBAAW,CAACC,KAAK,CAAC,CAAC,CAAC;oBACtCT,aAAaC,oBAAM,CAACD,WAAW;oBAC/BU,WAAWC,IAAAA,kBAAW,EAACC,8BAAW,CAACF,SAAS;gBAC9C;YACF,CAAC;YACDG,UAAU9B,kBAAK,CAAC8B,QAAQ;YACxBC,kBAAkB/B,kBAAK,CAAC+B,gBAAgB;YACxCC,cAAchC,kBAAK,CAACgC,YAAY;YAChCC,cAAcjC,kBAAK,CAACiC,YAAY;YAChCC,WAAWlC,kBAAK,CAACkC,SAAS;YAC1BC,QAAQnC,kBAAK,CAACmC,MAAM;YACpBC,eAAepC,kBAAK,CAACoC,aAAa;YAClCC,YAAYrC,kBAAK,CAACqC,UAAU;YAC5BV,WAAW3B,kBAAK,CAAC2B,SAAS;QAC5B,GACCW,IAAI,CAACtC,kBAAK;QACb,IAAIH,QAAQ;YACVS,EAAEiC,QAAQ,CAACV,8BAAW,EAAEzB,IAAAA,cAAE,EAACyB,8BAAW,CAAChC,MAAM,EAAEG,kBAAK,CAACK,EAAE;YACvDC,EAAEiC,QAAQ,CAACrB,oBAAM,EAAEsB,IAAAA,eAAG,EAACpC,IAAAA,cAAE,EAACc,oBAAM,CAACb,EAAE,EAAEwB,8BAAW,CAACY,OAAO,GAAGrC,IAAAA,cAAE,EAACc,oBAAM,CAACI,IAAI,EAAEoB,iBAAU,CAACvC,IAAI;YAC1FG,EAAEqC,KAAK,CAAC;QACV;QACArC,EAAER,KAAK,CAAC0C,IAAAA,eAAG,KAAI1C,QAAQ8C,OAAO,CAAC5C,kBAAK,CAACK,EAAE;QACvC,MAAMwC,KAAkB,MAAMvC;QAC9B,IAAIT,QAAQ;YACV,OAAOgD,GAAGC,MAAM,GAAGD,EAAE,CAAC,EAAE,GAAG;QAC7B;QACA,OAAOA;IACT;IAEA,MAAME,YAAYN,OAAe,EAAuB;QACtD,MAAMO,cAAcC,IAAAA,gBAAK,EAAC/B,oBAAM,EAAE;QAClC,MAAM,CAACgC,MAAM,GAAG,MAAM,IAAI,CAAC3C,EAAE,CAC1BC,MAAM,CAAC;YACNH,IAAIa,oBAAM,CAACb,EAAE;YACbe,MAAMF,oBAAM,CAACE,IAAI;YACjBE,MAAMJ,oBAAM,CAACI,IAAI;YACjBD,aAAaH,oBAAM,CAACG,WAAW;YAC/BJ,aAAaC,oBAAM,CAACD,WAAW;YAC/BkC,YAAYjC,oBAAM,CAACiC,UAAU;YAC7BxB,WAAWT,oBAAM,CAACS,SAAS;YAC3ByB,YAAYlC,oBAAM,CAACkC,UAAU;YAC7BC,QAAQ;gBAAEhD,IAAI2C,YAAY3C,EAAE;gBAAEe,MAAM4B,YAAY5B,IAAI;YAAC;QACvD,GACCkB,IAAI,CAACpB,oBAAM,EACXqB,QAAQ,CAACS,aAAa5C,IAAAA,cAAE,EAAC4C,YAAY3C,EAAE,EAAEa,oBAAM,CAACoC,QAAQ,GACxDxD,KAAK,CAACM,IAAAA,cAAE,EAACc,oBAAM,CAACb,EAAE,EAAEoC,UACpBE,KAAK,CAAC;QACT,OAAOO;IACT;IAEA,MAAMK,WAAW1D,MAAc,EAAE2D,SAAiB,EAAoB;QACpE,OAAOC,IAAAA,0BAAmB,EAAC,MAAM,IAAI,CAAClD,EAAE,CAACmD,MAAM,CAAC1D,kBAAK,EAAEF,KAAK,CAAC0C,IAAAA,eAAG,EAACpC,IAAAA,cAAE,EAACJ,kBAAK,CAACK,EAAE,EAAER,SAASO,IAAAA,cAAE,EAACJ,kBAAK,CAACS,KAAK,EAAE+C,cAAc,GAAG;IAC1H;IAEA,MAAMG,cAAcC,SAAiB,EAAgD;QACnF,MAAM,CAACV,MAAM,GAAG,MAAM,IAAI,CAAC3C,EAAE,CAC1BC,MAAM,CAAC;YACNH,IAAIa,oBAAM,CAACb,EAAE;YACbe,MAAMF,oBAAM,CAACE,IAAI;YACjBE,MAAMJ,oBAAM,CAACI,IAAI;QACnB,GACCgB,IAAI,CAACpB,oBAAM,EACXpB,KAAK,CAACM,IAAAA,cAAE,EAACc,oBAAM,CAACE,IAAI,EAAEwC,YACtBjB,KAAK,CAAC;QACT,OAAOO;IACT;IAEA,MAAMW,uBAAuBvC,OAAmBoB,iBAAU,CAACvC,IAAI,EAAqB;QAClF,MAAM2D,cAAcb,IAAAA,gBAAK,EAAC/B,oBAAM,EAAE;QAClC,OAAO,IAAI,CAACX,EAAE,CACXC,MAAM,CAAC;YACNH,IAAIa,oBAAM,CAACb,EAAE;YACbe,MAAMF,oBAAM,CAACE,IAAI;YACjBC,aAAaH,oBAAM,CAACG,WAAW;YAC/BM,WAAWT,oBAAM,CAACS,SAAS;YAC3ByB,YAAYlC,oBAAM,CAACkC,UAAU;YAC7B9B,MAAMC,IAAAA,eAAG,CAAa,CAAC,GAAG,EAAEL,oBAAM,CAACI,IAAI,CAAC,GAAG,EAAEoB,iBAAU,CAACvC,IAAI,CAAC,EAAE,EAAEsB,mBAAW,CAACC,KAAK,CAAC,EAAE,EAAED,mBAAW,CAACsC,MAAM,CAAC,CAAC,CAAC;YAC5GC,QAAQ;gBAAEhE,OAAOiE,IAAAA,iBAAK,EAACpC,8BAAW,CAAChC,MAAM;gBAAGqB,QAAQgD,IAAAA,yBAAa,EAACJ,YAAYzD,EAAE;YAAE;QACpF,GACCiC,IAAI,CAACpB,oBAAM,EACXqB,QAAQ,CAACV,8BAAW,EAAEzB,IAAAA,cAAE,EAACyB,8BAAW,CAACY,OAAO,EAAEvB,oBAAM,CAACb,EAAE,GACvDkC,QAAQ,CAACuB,aAAa1D,IAAAA,cAAE,EAAC0D,YAAYR,QAAQ,EAAEpC,oBAAM,CAACb,EAAE,GACxDP,KAAK,CAAC0C,IAAAA,eAAG,EAAC2B,IAAAA,kBAAM,EAACjD,oBAAM,CAACoC,QAAQ,GAAGlD,IAAAA,cAAE,EAACc,oBAAM,CAACI,IAAI,EAAEA,QACnDsB,OAAO,CAAC1B,oBAAM,CAACb,EAAE;IACtB;IAEA,MAAM+D,mBAAmB3B,OAAe,EAAEnB,OAAmBoB,iBAAU,CAACvC,IAAI,EAAqB;QAC/F,MAAM2D,cAAcb,IAAAA,gBAAK,EAAC/B,oBAAM,EAAE;QAClC,MAAMmD,oBAAoBpB,IAAAA,gBAAK,EAACpB,8BAAW,EAAE;QAC7C,MAAMyC,iBAAiBrB,IAAAA,gBAAK,EAAC/B,oBAAM,EAAE;QACrC,MAAMqD,cAAc,IAAI,CAAChE,EAAE,CACxBC,MAAM,CAAC;YACNH,IAAIL,kBAAK,CAACK,EAAE;YACZI,OAAOT,kBAAK,CAACS,KAAK;YAClBW,MAAMR,IAAAA,4BAAe,EAACZ,kBAAK,EAAEwE,EAAE,CAAC;YAChCnD,aAAarB,kBAAK,CAACU,KAAK;YACxBiB,WAAWE,8BAAW,CAACF,SAAS;YAChCyB,YAAY7B,IAAAA,eAAG,CAAM,CAAC,IAAI,CAAC;YAC3BD,MAAMC,IAAAA,eAAG,CAAa,CAAC,EAAEE,mBAAW,CAACtB,IAAI,CAAC,CAAC;YAC3CsE,WAAWlD,IAAAA,eAAG,CAAiB,CAAC,EAAEM,8BAAW,CAAC5B,IAAI,CAAC,CAAC,CAACyE,OAAO,CAACC;YAC7DX,QAAQ;gBAAEhE,OAAOuB,IAAAA,eAAG,CAAQ,CAAC,CAAC,CAAC;gBAAEL,QAAQK,IAAAA,eAAG,CAAQ,CAAC,CAAC,CAAC;YAAC;QAC1D,GACCe,IAAI,CAACpB,oBAAM,EACX0D,SAAS,CAAC/C,8BAAW,EAAEzB,IAAAA,cAAE,EAACyB,8BAAW,CAACY,OAAO,EAAEvB,oBAAM,CAACb,EAAE,GACxDkC,QAAQ,CAACvC,kBAAK,EAAEI,IAAAA,cAAE,EAACJ,kBAAK,CAACK,EAAE,EAAEwB,8BAAW,CAAChC,MAAM,GAC/CC,KAAK,CAAC0C,IAAAA,eAAG,EAACpC,IAAAA,cAAE,EAACc,oBAAM,CAACb,EAAE,EAAEoC,UAAUrC,IAAAA,cAAE,EAACc,oBAAM,CAACI,IAAI,EAAEA,OAAOuD,IAAAA,qBAAS,EAAC7E,kBAAK,CAACK,EAAE,IAC3EuC,OAAO,CAAC5C,kBAAK,CAACK,EAAE;QACnB,IAAIiB,SAASoB,iBAAU,CAACoC,QAAQ,EAAE;YAChC,OAAOP;QACT;QACA,MAAMQ,eAAoB,IAAI,CAACxE,EAAE,CAC9BC,MAAM,CAAC;YACNH,IAAIyD,YAAYzD,EAAE;YAClBI,OAAOc,IAAAA,eAAG,CAAA,CAAC,IAAI,CAAC;YAChBH,MAAM0C,YAAY1C,IAAI;YACtBC,aAAayC,YAAYzC,WAAW;YACpCM,WAAWmC,YAAYnC,SAAS;YAChCyB,YAAYU,YAAYV,UAAU;YAClC9B,MAAMC,IAAAA,eAAG,CAAa,CAAC,EAAEE,mBAAW,CAACC,KAAK,CAAC,CAAC;YAC5C+C,WAAWlD,IAAAA,eAAG,CAAiB,CAAC,IAAI,CAAC;YACrCyC,QAAQ;gBAAEhE,OAAOiE,IAAAA,iBAAK,EAACpC,8BAAW,CAAChC,MAAM;gBAAGqB,QAAQ+C,IAAAA,iBAAK,EAACK,eAAejE,EAAE;YAAE;QAC/E,GACCiC,IAAI,CAACpB,oBAAM,EACX0D,SAAS,CAACd,aAAa1D,IAAAA,cAAE,EAAC0D,YAAYR,QAAQ,EAAEpC,oBAAM,CAACb,EAAE,GACzDkC,QAAQ,CAACV,8BAAW,EAAEzB,IAAAA,cAAE,EAACyB,8BAAW,CAACY,OAAO,EAAEqB,YAAYzD,EAAE,GAC5DkC,QAAQ,CAAC8B,mBAAmBjE,IAAAA,cAAE,EAACiE,kBAAkB5B,OAAO,EAAEqB,YAAYzD,EAAE,GACxEkC,QAAQ,CAAC+B,gBAAgBlE,IAAAA,cAAE,EAACkE,eAAehB,QAAQ,EAAEQ,YAAYzD,EAAE,GACnEP,KAAK,CAAC0C,IAAAA,eAAG,EAACpC,IAAAA,cAAE,EAACc,oBAAM,CAACb,EAAE,EAAEoC,UAAUrC,IAAAA,cAAE,EAACc,oBAAM,CAACI,IAAI,EAAEA,OAAOuD,IAAAA,qBAAS,EAACf,YAAYzD,EAAE,IACjFuC,OAAO,CAACkB,YAAYzD,EAAE;QACzB,OAAO2E,IAAAA,gBAAK,EAACT,aAAaQ;IAC5B;IAEA,MAAME,iBAAiBpF,MAAc,EAAEqB,MAA2C,EAAiB;QACjG,IAAIA,OAAOgE,GAAG,CAACpC,MAAM,EAAE;YACrB,IAAI;gBACFW,IAAAA,0BAAmB,EACjB,MAAM,IAAI,CAAClD,EAAE,CAAC4E,MAAM,CAACtD,8BAAW,EAAEuD,MAAM,CACtClE,OAAOgE,GAAG,CAACG,GAAG,CAAC,CAACC,MAAiB,CAAA;wBAC/BzF,QAAQA;wBACR4C,SAAS6C;oBACX,CAAA,KAEFpE,OAAOgE,GAAG,CAACpC,MAAM;gBAEnB,IAAI,CAACyC,MAAM,CAACC,GAAG,CAAC,GAAG,IAAI,CAACP,gBAAgB,CAAC7D,IAAI,CAAC,SAAS,EAAEvB,OAAO,SAAS,EAAE4F,KAAKC,SAAS,CAACxE,OAAOgE,GAAG,EAAE,UAAU,CAAC;gBACjH,IAAI,CAACS,YAAY,CAACC,oBAAoB,CAAC;oBAAC/F;iBAAO;YACjD,EAAE,OAAOgG,GAAG;gBACV,IAAI,CAACN,MAAM,CAACO,KAAK,CAAC,GAAG,IAAI,CAACb,gBAAgB,CAAC7D,IAAI,CAAC,SAAS,EAAEvB,OAAO,SAAS,EAAE4F,KAAKC,SAAS,CAACxE,OAAOgE,GAAG,EAAE,gBAAgB,EAAEW,GAAG;gBAC7H,MAAM,IAAIE,MAAM;YAClB;QACF;QACA,IAAI7E,OAAOwC,MAAM,CAACZ,MAAM,EAAE;YACxB,IAAI;gBACFW,IAAAA,0BAAmB,EACjB,MAAM,IAAI,CAAClD,EAAE,CAACmD,MAAM,CAAC7B,8BAAW,EAAE/B,KAAK,CAAC0C,IAAAA,eAAG,EAACpC,IAAAA,cAAE,EAACyB,8BAAW,CAAChC,MAAM,EAAEA,SAASmG,IAAAA,mBAAO,EAACnE,8BAAW,CAACY,OAAO,EAAEvB,OAAOwC,MAAM,KACtHxC,OAAOwC,MAAM,CAACZ,MAAM;gBAEtB,IAAI,CAACyC,MAAM,CAACC,GAAG,CAAC,GAAG,IAAI,CAACP,gBAAgB,CAAC7D,IAAI,CAAC,SAAS,EAAEvB,OAAO,SAAS,EAAE4F,KAAKC,SAAS,CAACxE,OAAOwC,MAAM,EAAE,YAAY,CAAC;gBACtH,IAAI,CAACiC,YAAY,CAACC,oBAAoB,CAAC;oBAAC/F;iBAAO;YACjD,EAAE,OAAOgG,GAAG;gBACV,IAAI,CAACN,MAAM,CAACO,KAAK,CAAC,GAAG,IAAI,CAACb,gBAAgB,CAAC7D,IAAI,CAAC,SAAS,EAAEvB,OAAO,SAAS,EAAE4F,KAAKC,SAAS,CAACxE,OAAOwC,MAAM,EAAE,kBAAkB,EAAEmC,GAAG;gBAClI,MAAM,IAAIE,MAAM;YAClB;QACF;IACF;IAEA,MAAME,YAAYC,cAAsC,EAAwB;QAC9E,OAAOC,IAAAA,sBAAe,EAAC,MAAM,IAAI,CAAC5F,EAAE,CAAC4E,MAAM,CAACjE,oBAAM,EAAEkE,MAAM,CAAC;YAAE,GAAGc,cAAc;YAAE5E,MAAMoB,iBAAU,CAACvC,IAAI;QAAC;IACxG;IAEA,MAAMiG,YAAY3D,OAAe,EAAE4D,GAAsC,EAAoB;QAC3F,IAAI;YACF5C,IAAAA,0BAAmB,EAAC,MAAM,IAAI,CAAClD,EAAE,CAAC+F,MAAM,CAACpF,oBAAM,EAAEmF,GAAG,CAACA,KAAKvG,KAAK,CAACM,IAAAA,cAAE,EAACc,oBAAM,CAACb,EAAE,EAAEoC,WAAW;YACzF,IAAI,CAAC8C,MAAM,CAACC,GAAG,CAAC,GAAG,IAAI,CAACY,WAAW,CAAChF,IAAI,CAAC,UAAU,EAAEqB,QAAQ,gBAAgB,EAAEgD,KAAKC,SAAS,CAACW,MAAM;YACpG,OAAO;QACT,EAAE,OAAOR,GAAG;YACV,IAAI,CAACN,MAAM,CAACO,KAAK,CAAC,GAAG,IAAI,CAACM,WAAW,CAAChF,IAAI,CAAC,UAAU,EAAEqB,QAAQ,oBAAoB,EAAEgD,KAAKC,SAAS,CAACW,KAAK,GAAG,EAAER,GAAG;YACjH,OAAO;QACT;IACF;IAEA,MAAMU,YAAY9D,OAAe,EAAoB;QACnD,MAAM,CAACY,OAAO,GAAG,MAAM,IAAI,CAAC9C,EAAE,CAACC,MAAM,CAAC;YAAEH,IAAIa,oBAAM,CAACoC,QAAQ;QAAC,GAAGhB,IAAI,CAACpB,oBAAM,EAAEpB,KAAK,CAACM,IAAAA,cAAE,EAACc,oBAAM,CAACb,EAAE,EAAEoC,UAAUE,KAAK,CAAC;QAChH,MAAMW,WAAWD,QAAQhD;QACzB,IAAIiD,UAAU;YACZ,wCAAwC;YACxC,MAAM,IAAI,CAAC/C,EAAE,CACV+F,MAAM,CAACpF,oBAAM,EACbmF,GAAG,CAAC;gBAAE/C,UAAUA;YAAS,GACzBxD,KAAK,CAACM,IAAAA,cAAE,EAACc,oBAAM,CAACoC,QAAQ,EAAEb;QAC/B;QACA,OAAOgB,IAAAA,0BAAmB,EAAC,MAAM,IAAI,CAAClD,EAAE,CAACmD,MAAM,CAACxC,oBAAM,EAAEpB,KAAK,CAACM,IAAAA,cAAE,EAACc,oBAAM,CAACb,EAAE,EAAEoC,UAAUE,KAAK,CAAC,IAAI,GAAG;IACrG;IAEA,MAAM6D,gBAAgB/D,OAAe,EAAEgE,OAAiB,EAAEC,uBAAkCxG,eAAS,CAACyG,KAAK,EAAiB;QAC1H,MAAMC,0BAA0B,MAAM,IAAI,CAACrG,EAAE,CAC1CC,MAAM,CAAC;YAAEH,IAAIL,kBAAK,CAACK,EAAE;QAAC,GACtBiC,IAAI,CAACtC,kBAAK,EACVF,KAAK,CAAC0C,IAAAA,eAAG,EAACwD,IAAAA,mBAAO,EAAChG,kBAAK,CAACK,EAAE,EAAEoG,UAAU1G,IAAAA,eAAG,EAACC,kBAAK,CAACC,IAAI,EAAEyG;QACzDD,UAAUG,wBAAwBvB,GAAG,CAAC,CAACwB,IAAMA,EAAExG,EAAE;QACjD,IAAIoG,QAAQ3D,MAAM,KAAK,GAAG;YACxB,MAAM,IAAIiD,MAAM;QAClB;QACA,IAAI;YACFtC,IAAAA,0BAAmB,EACjB,MAAM,IAAI,CAAClD,EAAE,CAAC4E,MAAM,CAACtD,8BAAW,EAAEuD,MAAM,CACtCwB,wBAAwBvB,GAAG,CAAC,CAACwB,IAAO,CAAA;oBAClCpE,SAASA;oBACT5C,QAAQgH,EAAExG,EAAE;gBACd,CAAA,KAEFuG,wBAAwB9D,MAAM;YAEhC,IAAI,CAACyC,MAAM,CAACC,GAAG,CAAC,GAAG,IAAI,CAACgB,eAAe,CAACpF,IAAI,CAAC,UAAU,EAAEqF,QAAQ,sBAAsB,EAAEhE,QAAQ,CAAC,CAAC;YACnG,IAAI,CAACkD,YAAY,CAACC,oBAAoB,CAACa;QACzC,EAAE,OAAOZ,GAAG;YACV,IAAI,CAACN,MAAM,CAACO,KAAK,CAAC,GAAG,IAAI,CAACU,eAAe,CAACpF,IAAI,CAAC,wBAAwB,EAAEqF,QAAQ,YAAY,EAAEhE,QAAQ,IAAI,EAAEoD,GAAG;YAChH,MAAM,IAAIE,MAAM;QAClB;IACF;IAEA,MAAMe,oBAAoBrE,OAAe,EAAE5C,MAAc,EAAEI,IAAqB,EAAiB;QAC/F,IAAI;YACFwD,IAAAA,0BAAmB,EACjB,MAAM,IAAI,CAAClD,EAAE,CACV+F,MAAM,CAACzE,8BAAW,EAClBwE,GAAG,CAAC;gBAAEpG,MAAMA;YAAK,GACjBH,KAAK,CAAC0C,IAAAA,eAAG,EAACpC,IAAAA,cAAE,EAACyB,8BAAW,CAACY,OAAO,EAAEA,UAAUrC,IAAAA,cAAE,EAACyB,8BAAW,CAAChC,MAAM,EAAEA,UACnE8C,KAAK,CAAC,IACT;YAEF,IAAI,CAAC4C,MAAM,CAACC,GAAG,CAAC,GAAG,IAAI,CAACsB,mBAAmB,CAAC1F,IAAI,CAAC,SAAS,EAAEvB,OAAO,wBAAwB,EAAE4C,QAAQ,KAAK,EAAEsE,qBAAe,CAAC9G,KAAK,EAAE;QACrI,EAAE,OAAO4F,GAAG;YACV,IAAI,CAACN,MAAM,CAACO,KAAK,CACf,GAAG,IAAI,CAACgB,mBAAmB,CAAC1F,IAAI,CAAC,SAAS,EAAEvB,OAAO,4BAA4B,EAAE4C,QAAQ,KAAK,EAAEsE,qBAAe,CAAC9G,KAAK,CAAC,GAAG,EAAE4F,GAAG;YAEhI,MAAM,IAAIE,MAAM;QAClB;IACF;IAEA,MAAMiB,oBAAoBvE,OAAe,EAAE5C,MAAc,EAAiB;QACxE,IAAI;YACF4D,IAAAA,0BAAmB,EACjB,MAAM,IAAI,CAAClD,EAAE,CACVmD,MAAM,CAAC7B,8BAAW,EAClB/B,KAAK,CAAC0C,IAAAA,eAAG,EAACpC,IAAAA,cAAE,EAACyB,8BAAW,CAACY,OAAO,EAAEA,UAAUrC,IAAAA,cAAE,EAACyB,8BAAW,CAAChC,MAAM,EAAEA,UACnE8C,KAAK,CAAC,IACT;YAEF,IAAI,CAAC4C,MAAM,CAACC,GAAG,CAAC,GAAG,IAAI,CAACwB,mBAAmB,CAAC5F,IAAI,CAAC,SAAS,EAAEvB,OAAO,0BAA0B,EAAE4C,QAAQ,CAAC,CAAC;YACzG,IAAI,CAACkD,YAAY,CAACC,oBAAoB,CAAC;gBAAC/F;aAAO;QACjD,EAAE,OAAOgG,GAAG;YACV,IAAI,CAACN,MAAM,CAACO,KAAK,CAAC,GAAG,IAAI,CAACkB,mBAAmB,CAAC5F,IAAI,CAAC,SAAS,EAAEvB,OAAO,YAAY,EAAE4C,QAAQ,mBAAmB,EAAEoD,GAAG;YACnH,MAAM,IAAIE,MAAM;QAClB;IACF;IAEA,MAAMkB,oBAAoBC,OAAe,EAAEC,QAA6C,EAAiB;QACvG,IAAIA,SAASjC,GAAG,CAACpC,MAAM,EAAE;YACvB,IAAI;gBACFW,IAAAA,0BAAmB,EACjB,MAAM,IAAI,CAAClD,EAAE,CAAC4E,MAAM,CAACiC,8BAAW,EAAEhC,MAAM,CACtC+B,SAASjC,GAAG,CAACG,GAAG,CAAC,CAACgC,MAAiB,CAAA;wBACjCxH,QAAQwH;wBACRH,SAASA;oBACX,CAAA,KAEFC,SAASjC,GAAG,CAACpC,MAAM;gBAErB,IAAI,CAACyC,MAAM,CAACC,GAAG,CAAC,GAAG,IAAI,CAACyB,mBAAmB,CAAC7F,IAAI,CAAC,UAAU,EAAE8F,QAAQ,WAAW,EAAEzB,KAAKC,SAAS,CAACyB,SAASjC,GAAG,EAAE,UAAU,CAAC;YAC5H,EAAE,OAAOW,GAAG;gBACV,IAAI,CAACN,MAAM,CAACO,KAAK,CAAC,GAAG,IAAI,CAACmB,mBAAmB,CAAC7F,IAAI,CAAC,UAAU,EAAE8F,QAAQ,WAAW,EAAEzB,KAAKC,SAAS,CAACyB,SAASjC,GAAG,EAAE,gBAAgB,EAAEW,GAAG;gBACtI,MAAM,IAAIE,MAAM;YAClB;QACF;QACA,IAAIoB,SAASzD,MAAM,CAACZ,MAAM,EAAE;YAC1B,IAAI;gBACFW,IAAAA,0BAAmB,EACjB,MAAM,IAAI,CAAClD,EAAE,CAACmD,MAAM,CAAC0D,8BAAW,EAAEtH,KAAK,CAAC0C,IAAAA,eAAG,EAACpC,IAAAA,cAAE,EAACgH,8BAAW,CAACF,OAAO,EAAEA,UAAUlB,IAAAA,mBAAO,EAACoB,8BAAW,CAACvH,MAAM,EAAEsH,SAASzD,MAAM,KACzHyD,SAASzD,MAAM,CAACZ,MAAM;gBAExB,IAAI,CAACyC,MAAM,CAACC,GAAG,CAAC,GAAG,IAAI,CAACyB,mBAAmB,CAAC7F,IAAI,CAAC,UAAU,EAAE8F,QAAQ,WAAW,EAAEzB,KAAKC,SAAS,CAACyB,SAASzD,MAAM,EAAE,YAAY,CAAC;YACjI,EAAE,OAAOmC,GAAG;gBACV,IAAI,CAACN,MAAM,CAACO,KAAK,CAAC,GAAG,IAAI,CAACmB,mBAAmB,CAAC7F,IAAI,CAAC,UAAU,EAAE8F,QAAQ,WAAW,EAAEzB,KAAKC,SAAS,CAACyB,SAASzD,MAAM,EAAE,kBAAkB,EAAEmC,GAAG;gBAC3I,MAAM,IAAIE,MAAM;YAClB;QACF;IACF;IAzTA,YACE,AAA4CxF,EAAY,EACxD,AAAgBoF,YAA0B,CAC1C;aAF4CpF,KAAAA;aAC5BoF,eAAAA;aAJDJ,SAAS,IAAI+B,cAAM,CAAC3H,kBAAkByB,IAAI;IAKxD;AAuTL"}
1	+ {"version":3,"sources":["../../../../../backend/src/applications/users/services/admin-users-queries.service.ts"],"sourcesContent":["/\n Copyright (C) 2012-2025 Johan Legrand <johan.legrand@sync-in.com>\n * This file is part of Sync-in \| The open source file sync and share solution\n * See the LICENSE file for licensing details\n */\n\nimport { Inject, Injectable, Logger } from '@nestjs/common'\nimport { and, count, countDistinct, eq, inArray, isNotNull, isNull, lte, SelectedFields, SQL, sql } from 'drizzle-orm'\nimport { alias, union } from 'drizzle-orm/mysql-core'\nimport { DB_TOKEN_PROVIDER } from '../../../infrastructure/database/constants'\nimport { DBSchema } from '../../../infrastructure/database/interfaces/database.interface'\nimport { concatDistinctObjectsInArray, dateTimeUTC, dbCheckAffectedRows, dbGetInsertedId } from '../../../infrastructure/database/utils'\nimport { GROUP_TYPE } from '../constants/group'\nimport { MEMBER_TYPE } from '../constants/member'\nimport { USER_GROUP_ROLE, USER_ROLE, USER_SECRET } from '../constants/user'\nimport { CreateOrUpdateGroupDto } from '../dto/create-or-update-group.dto'\nimport type { AdminGroup } from '../interfaces/admin-group.interface'\nimport type { AdminUser } from '../interfaces/admin-user.interface'\nimport { Member } from '../interfaces/member.interface'\nimport type { Group } from '../schemas/group.interface'\nimport { groups } from '../schemas/groups.schema'\nimport { UserGroup } from '../schemas/user-group.interface'\nimport { usersGroups } from '../schemas/users-groups.schema'\nimport { usersGuests } from '../schemas/users-guests.schema'\nimport { userFullNameSQL, users } from '../schemas/users.schema'\nimport { UsersQueries } from './users-queries.service'\n\n@Injectable()\nexport class AdminUsersQueries {\n private readonly logger = new Logger(AdminUsersQueries.name)\n\n constructor(\n @Inject(DB_TOKEN_PROVIDER) private readonly db: DBSchema,\n public readonly usersQueries: UsersQueries\n ) {}\n\n async listUsers(): Promise<AdminUser[]>\n async listUsers(userId: number): Promise<AdminUser>\n async listUsers(userId?: number): Promise<AdminUser \| AdminUser[]> {\n const where: SQL[] = [lte(users.role, USER_ROLE.USER), ...(userId ? [eq(users.id, userId)] : [])]\n const q = this.db\n .select({\n id: users.id,\n login: users.login,\n email: users.email,\n role: users.role,\n fullName: userFullNameSQL(users),\n isActive: users.isActive,\n ...(userId && {\n firstName: users.firstName,\n lastName: users.lastName,\n notification: users.notification,\n permissions: users.permissions,\n twoFaEnabled:\n sql<boolean>`JSON_UNQUOTE(JSON_EXTRACT(${users.secrets}, ${sql.raw(`'$.${USER_SECRET.TWO_FA_SECRET}'`)})) IS NOT NULL`.mapWith(Boolean),\n groups: concatDistinctObjectsInArray(groups.id, {\n id: groups.id,\n name: groups.name,\n description: groups.description,\n type: sql.raw(`'${MEMBER_TYPE.GROUP}'`),\n permissions: groups.permissions,\n createdAt: dateTimeUTC(usersGroups.createdAt)\n } satisfies Record<keyof Pick<Member, 'id' \| 'name' \| 'description' \| 'type' \| 'permissions' \| 'createdAt'>, any>)\n }),\n language: users.language,\n passwordAttempts: users.passwordAttempts,\n storageUsage: users.storageUsage,\n storageQuota: users.storageQuota,\n currentIp: users.currentIp,\n lastIp: users.lastIp,\n currentAccess: users.currentAccess,\n lastAccess: users.lastAccess,\n createdAt: users.createdAt\n } satisfies AdminUser \| SelectedFields<any, any>)\n .from(users)\n if (userId) {\n q.leftJoin(usersGroups, eq(usersGroups.userId, users.id))\n q.leftJoin(groups, and(eq(groups.id, usersGroups.groupId), eq(groups.type, GROUP_TYPE.USER)))\n q.limit(1)\n }\n q.where(and(...where)).groupBy(users.id)\n const rs: AdminUser[] = await q\n if (userId) {\n return rs.length ? rs[0] : null\n }\n return rs\n }\n\n async groupFromId(groupId: number): Promise<AdminGroup> {\n const groupParent = alias(groups, 'groupParent')\n const [group] = await this.db\n .select({\n id: groups.id,\n name: groups.name,\n type: groups.type,\n description: groups.description,\n permissions: groups.permissions,\n visibility: groups.visibility,\n createdAt: groups.createdAt,\n modifiedAt: groups.modifiedAt,\n parent: { id: groupParent.id, name: groupParent.name }\n } satisfies AdminGroup \| SelectedFields<any, any>)\n .from(groups)\n .leftJoin(groupParent, eq(groupParent.id, groups.parentId))\n .where(eq(groups.id, groupId))\n .limit(1)\n return group\n }\n\n async deleteUser(userId: number, userLogin: string): Promise<boolean> {\n return dbCheckAffectedRows(await this.db.delete(users).where(and(eq(users.id, userId), eq(users.login, userLogin))), 1, false)\n }\n\n async groupFromName(groupName: string): Promise<Pick<Group, 'id' \| 'name' \| 'type'>> {\n const [group] = await this.db\n .select({\n id: groups.id,\n name: groups.name,\n type: groups.type\n } satisfies Pick<Group, 'id' \| 'name' \| 'type'> \| SelectedFields<any, any>)\n .from(groups)\n .where(eq(groups.name, groupName))\n .limit(1)\n return group\n }\n\n async browseRootGroupMembers(type: GROUP_TYPE = GROUP_TYPE.USER): Promise<Member[]> {\n const childGroups = alias(groups, 'childGroups')\n return this.db\n .select({\n id: groups.id,\n name: groups.name,\n description: groups.description,\n createdAt: groups.createdAt,\n modifiedAt: groups.modifiedAt,\n type: sql<MEMBER_TYPE>`IF(${groups.type} = ${GROUP_TYPE.USER}, ${MEMBER_TYPE.GROUP}, ${MEMBER_TYPE.PGROUP})`,\n counts: { users: count(usersGroups.userId), groups: countDistinct(childGroups.id) }\n } satisfies Member \| SelectedFields<any, any>)\n .from(groups)\n .leftJoin(usersGroups, eq(usersGroups.groupId, groups.id))\n .leftJoin(childGroups, eq(childGroups.parentId, groups.id))\n .where(and(isNull(groups.parentId), eq(groups.type, type)))\n .groupBy(groups.id)\n }\n\n async browseGroupMembers(groupId: number, type: GROUP_TYPE = GROUP_TYPE.USER): Promise<Member[]> {\n const childGroups = alias(groups, 'childGroups')\n const childGroupMembers = alias(usersGroups, 'childGroupMembers')\n const subChildGroups = alias(groups, 'subChildGroups')\n const userMembers = this.db\n .select({\n id: users.id,\n login: users.login,\n name: userFullNameSQL(users).as('name'),\n description: users.email,\n createdAt: usersGroups.createdAt,\n modifiedAt: sql<Date>`NULL`,\n type: sql<MEMBER_TYPE>`${MEMBER_TYPE.USER}`,\n groupRole: sql<USER_GROUP_ROLE>`${usersGroups.role}`.mapWith(Number),\n counts: { users: sql<number>`0`, groups: sql<number>`0` }\n } satisfies Member \| SelectedFields<any, any>)\n .from(groups)\n .innerJoin(usersGroups, eq(usersGroups.groupId, groups.id))\n .leftJoin(users, eq(users.id, usersGroups.userId))\n .where(and(eq(groups.id, groupId), eq(groups.type, type), isNotNull(users.id)))\n .groupBy(users.id)\n if (type === GROUP_TYPE.PERSONAL) {\n return userMembers\n }\n const groupMembers: any = this.db\n .select({\n id: childGroups.id,\n login: sql`NULL`,\n name: childGroups.name,\n description: childGroups.description,\n createdAt: childGroups.createdAt,\n modifiedAt: childGroups.modifiedAt,\n type: sql<MEMBER_TYPE>`${MEMBER_TYPE.GROUP}`,\n groupRole: sql<USER_GROUP_ROLE>`null`,\n counts: { users: count(usersGroups.userId), groups: count(subChildGroups.id) }\n } satisfies Member \| SelectedFields<any, any>)\n .from(groups)\n .innerJoin(childGroups, eq(childGroups.parentId, groups.id))\n .leftJoin(usersGroups, eq(usersGroups.groupId, childGroups.id))\n .leftJoin(childGroupMembers, eq(childGroupMembers.groupId, childGroups.id))\n .leftJoin(subChildGroups, eq(subChildGroups.parentId, childGroups.id))\n .where(and(eq(groups.id, groupId), eq(groups.type, type), isNotNull(childGroups.id)))\n .groupBy(childGroups.id)\n return union(userMembers, groupMembers)\n }\n\n async updateUserGroups(userId: number, groups: { add: number[]; delete: number[] }): Promise<void> {\n if (groups.add.length) {\n try {\n dbCheckAffectedRows(\n await this.db.insert(usersGroups).values(\n groups.add.map((gid: number) => ({\n userId: userId,\n groupId: gid\n }))\n ),\n groups.add.length\n )\n this.logger.log(`${this.updateUserGroups.name} - user (${userId}) groups ${JSON.stringify(groups.add)} was added`)\n this.usersQueries.clearWhiteListCaches([userId])\n } catch (e) {\n this.logger.error(`${this.updateUserGroups.name} - user (${userId}) groups ${JSON.stringify(groups.add)} was not added: ${e}`)\n throw new Error('User groups was not added')\n }\n }\n if (groups.delete.length) {\n try {\n dbCheckAffectedRows(\n await this.db.delete(usersGroups).where(and(eq(usersGroups.userId, userId), inArray(usersGroups.groupId, groups.delete))),\n groups.delete.length\n )\n this.logger.log(`${this.updateUserGroups.name} - user (${userId}) groups ${JSON.stringify(groups.delete)} was deleted`)\n this.usersQueries.clearWhiteListCaches([userId])\n } catch (e) {\n this.logger.error(`${this.updateUserGroups.name} - user (${userId}) groups ${JSON.stringify(groups.delete)} was not deleted: ${e}`)\n throw new Error('User groups was not deleted')\n }\n }\n }\n\n async createGroup(createGroupDto: CreateOrUpdateGroupDto): Promise<Group['id']> {\n return dbGetInsertedId(await this.db.insert(groups).values({ ...createGroupDto, type: GROUP_TYPE.USER } as Group))\n }\n\n async updateGroup(groupId: number, set: Partial<Record<keyof Group, any>>): Promise<boolean> {\n try {\n dbCheckAffectedRows(await this.db.update(groups).set(set).where(eq(groups.id, groupId)), 1)\n this.logger.log(`${this.updateGroup.name} - group (${groupId}) was updated : ${JSON.stringify(set)}`)\n return true\n } catch (e) {\n this.logger.error(`${this.updateGroup.name} - group (${groupId}) was not updated : ${JSON.stringify(set)} : ${e}`)\n return false\n }\n }\n\n async deleteGroup(groupId: number): Promise<boolean> {\n const [parent] = await this.db.select({ id: groups.parentId }).from(groups).where(eq(groups.id, groupId)).limit(1)\n const parentId = parent?.id\n if (parentId) {\n // attach child groups to current parent\n await this.db\n .update(groups)\n .set({ parentId: parentId } as Partial<Group>)\n .where(eq(groups.parentId, groupId))\n }\n return dbCheckAffectedRows(await this.db.delete(groups).where(eq(groups.id, groupId)).limit(1), 1, false)\n }\n\n async addUsersToGroup(groupId: number, userIds: number[], lowerOrEqualUserRole: USER_ROLE = USER_ROLE.GUEST): Promise<void> {\n const userIdsWithRequiredRole = await this.db\n .select({ id: users.id })\n .from(users)\n .where(and(inArray(users.id, userIds), lte(users.role, lowerOrEqualUserRole)))\n userIds = userIdsWithRequiredRole.map((u) => u.id)\n if (userIds.length === 0) {\n throw new Error('No users to add to group')\n }\n try {\n dbCheckAffectedRows(\n await this.db.insert(usersGroups).values(\n userIdsWithRequiredRole.map((u) => ({\n groupId: groupId,\n userId: u.id\n }))\n ),\n userIdsWithRequiredRole.length\n )\n this.logger.log(`${this.addUsersToGroup.name} - users (${userIds}) was added to group (${groupId})`)\n this.usersQueries.clearWhiteListCaches(userIds)\n } catch (e) {\n this.logger.error(`${this.addUsersToGroup.name} - unable to add users (${userIds}) to group (${groupId}) : ${e}`)\n throw new Error('Unable to add users to group')\n }\n }\n\n async updateUserFromGroup(groupId: number, userId: number, role: USER_GROUP_ROLE): Promise<void> {\n try {\n dbCheckAffectedRows(\n await this.db\n .update(usersGroups)\n .set({ role: role } as UserGroup)\n .where(and(eq(usersGroups.groupId, groupId), eq(usersGroups.userId, userId)))\n .limit(1),\n 1\n )\n this.logger.log(`${this.updateUserFromGroup.name} - user (${userId}) was updated on group (${groupId}) as ${USER_GROUP_ROLE[role]}`)\n } catch (e) {\n this.logger.error(\n `${this.updateUserFromGroup.name} - user (${userId}) was not updated on group (${groupId}) as ${USER_GROUP_ROLE[role]} : ${e}`\n )\n throw new Error('Unable to update user from group')\n }\n }\n\n async removeUserFromGroup(groupId: number, userId: number): Promise<void> {\n try {\n dbCheckAffectedRows(\n await this.db\n .delete(usersGroups)\n .where(and(eq(usersGroups.groupId, groupId), eq(usersGroups.userId, userId)))\n .limit(1),\n 1\n )\n this.logger.log(`${this.removeUserFromGroup.name} - user (${userId}) was removed from group (${groupId})`)\n this.usersQueries.clearWhiteListCaches([userId])\n } catch (e) {\n this.logger.error(`${this.removeUserFromGroup.name} - user (${userId}) or group (${groupId}) does not exist : ${e}`)\n throw new Error('Unable to remove user from group')\n }\n }\n\n async updateGuestManagers(guestId: number, managers: { add: number[]; delete: number[] }): Promise<void> {\n if (managers.add.length) {\n try {\n dbCheckAffectedRows(\n await this.db.insert(usersGuests).values(\n managers.add.map((uid: number) => ({\n userId: uid,\n guestId: guestId\n }))\n ),\n managers.add.length\n )\n this.logger.log(`${this.updateGuestManagers.name} - guest (${guestId}) managers ${JSON.stringify(managers.add)} was added`)\n } catch (e) {\n this.logger.error(`${this.updateGuestManagers.name} - guest (${guestId}) managers ${JSON.stringify(managers.add)} was not added: ${e}`)\n throw new Error('Guest managers was not added')\n }\n }\n if (managers.delete.length) {\n try {\n dbCheckAffectedRows(\n await this.db.delete(usersGuests).where(and(eq(usersGuests.guestId, guestId), inArray(usersGuests.userId, managers.delete))),\n managers.delete.length\n )\n this.logger.log(`${this.updateGuestManagers.name} - guest (${guestId}) managers ${JSON.stringify(managers.delete)} was deleted`)\n } catch (e) {\n this.logger.error(`${this.updateGuestManagers.name} - guest (${guestId}) managers ${JSON.stringify(managers.delete)} was not deleted: ${e}`)\n throw new Error('Guest managers was not deleted')\n }\n }\n }\n}\n"],"names":["AdminUsersQueries","listUsers","userId","where","lte","users","role","USER_ROLE","USER","eq","id","q","db","select","login","email","fullName","userFullNameSQL","isActive","firstName","lastName","notification","permissions","twoFaEnabled","sql","secrets","raw","USER_SECRET","TWO_FA_SECRET","mapWith","Boolean","groups","concatDistinctObjectsInArray","name","description","type","MEMBER_TYPE","GROUP","createdAt","dateTimeUTC","usersGroups","language","passwordAttempts","storageUsage","storageQuota","currentIp","lastIp","currentAccess","lastAccess","from","leftJoin","and","groupId","GROUP_TYPE","limit","groupBy","rs","length","groupFromId","groupParent","alias","group","visibility","modifiedAt","parent","parentId","deleteUser","userLogin","dbCheckAffectedRows","delete","groupFromName","groupName","browseRootGroupMembers","childGroups","PGROUP","counts","count","countDistinct","isNull","browseGroupMembers","childGroupMembers","subChildGroups","userMembers","as","groupRole","Number","innerJoin","isNotNull","PERSONAL","groupMembers","union","updateUserGroups","add","insert","values","map","gid","logger","log","JSON","stringify","usersQueries","clearWhiteListCaches","e","error","Error","inArray","createGroup","createGroupDto","dbGetInsertedId","updateGroup","set","update","deleteGroup","addUsersToGroup","userIds","lowerOrEqualUserRole","GUEST","userIdsWithRequiredRole","u","updateUserFromGroup","USER_GROUP_ROLE","removeUserFromGroup","updateGuestManagers","guestId","managers","usersGuests","uid","Logger"],"mappings":"AAAA;;;;CAIC;;;;+BAwBYA;;;eAAAA;;;wBAtB8B;4BAC8D;2BAC5E;2BACK;mCACT;uBACuE;uBACrE;wBACC;sBAC4B;8BAMjC;mCAEK;mCACA;6BACW;qCACV;;;;;;;;;;;;;;;AAGtB,IAAA,AAAMA,oBAAN,MAAMA;IAUX,MAAMC,UAAUC,MAAe,EAAoC;QACjE,MAAMC,QAAe;YAACC,IAAAA,eAAG,EAACC,kBAAK,CAACC,IAAI,EAAEC,eAAS,CAACC,IAAI;eAAON,SAAS;gBAACO,IAAAA,cAAE,EAACJ,kBAAK,CAACK,EAAE,EAAER;aAAQ,GAAG,EAAE;SAAE;QACjG,MAAMS,IAAI,IAAI,CAACC,EAAE,CACdC,MAAM,CAAC;YACNH,IAAIL,kBAAK,CAACK,EAAE;YACZI,OAAOT,kBAAK,CAACS,KAAK;YAClBC,OAAOV,kBAAK,CAACU,KAAK;YAClBT,MAAMD,kBAAK,CAACC,IAAI;YAChBU,UAAUC,IAAAA,4BAAe,EAACZ,kBAAK;YAC/Ba,UAAUb,kBAAK,CAACa,QAAQ;YACxB,GAAIhB,UAAU;gBACZiB,WAAWd,kBAAK,CAACc,SAAS;gBAC1BC,UAAUf,kBAAK,CAACe,QAAQ;gBACxBC,cAAchB,kBAAK,CAACgB,YAAY;gBAChCC,aAAajB,kBAAK,CAACiB,WAAW;gBAC9BC,cACEC,IAAAA,eAAG,CAAS,CAAC,0BAA0B,EAAEnB,kBAAK,CAACoB,OAAO,CAAC,EAAE,EAAED,eAAG,CAACE,GAAG,CAAC,CAAC,GAAG,EAAEC,iBAAW,CAACC,aAAa,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAACC,OAAO,CAACC;gBACjIC,QAAQC,IAAAA,mCAA4B,EAACD,oBAAM,CAACrB,EAAE,EAAE;oBAC9CA,IAAIqB,oBAAM,CAACrB,EAAE;oBACbuB,MAAMF,oBAAM,CAACE,IAAI;oBACjBC,aAAaH,oBAAM,CAACG,WAAW;oBAC/BC,MAAMX,eAAG,CAACE,GAAG,CAAC,CAAC,CAAC,EAAEU,mBAAW,CAACC,KAAK,CAAC,CAAC,CAAC;oBACtCf,aAAaS,oBAAM,CAACT,WAAW;oBAC/BgB,WAAWC,IAAAA,kBAAW,EAACC,8BAAW,CAACF,SAAS;gBAC9C;YACF,CAAC;YACDG,UAAUpC,kBAAK,CAACoC,QAAQ;YACxBC,kBAAkBrC,kBAAK,CAACqC,gBAAgB;YACxCC,cAActC,kBAAK,CAACsC,YAAY;YAChCC,cAAcvC,kBAAK,CAACuC,YAAY;YAChCC,WAAWxC,kBAAK,CAACwC,SAAS;YAC1BC,QAAQzC,kBAAK,CAACyC,MAAM;YACpBC,eAAe1C,kBAAK,CAAC0C,aAAa;YAClCC,YAAY3C,kBAAK,CAAC2C,UAAU;YAC5BV,WAAWjC,kBAAK,CAACiC,SAAS;QAC5B,GACCW,IAAI,CAAC5C,kBAAK;QACb,IAAIH,QAAQ;YACVS,EAAEuC,QAAQ,CAACV,8BAAW,EAAE/B,IAAAA,cAAE,EAAC+B,8BAAW,CAACtC,MAAM,EAAEG,kBAAK,CAACK,EAAE;YACvDC,EAAEuC,QAAQ,CAACnB,oBAAM,EAAEoB,IAAAA,eAAG,EAAC1C,IAAAA,cAAE,EAACsB,oBAAM,CAACrB,EAAE,EAAE8B,8BAAW,CAACY,OAAO,GAAG3C,IAAAA,cAAE,EAACsB,oBAAM,CAACI,IAAI,EAAEkB,iBAAU,CAAC7C,IAAI;YAC1FG,EAAE2C,KAAK,CAAC;QACV;QACA3C,EAAER,KAAK,CAACgD,IAAAA,eAAG,KAAIhD,QAAQoD,OAAO,CAAClD,kBAAK,CAACK,EAAE;QACvC,MAAM8C,KAAkB,MAAM7C;QAC9B,IAAIT,QAAQ;YACV,OAAOsD,GAAGC,MAAM,GAAGD,EAAE,CAAC,EAAE,GAAG;QAC7B;QACA,OAAOA;IACT;IAEA,MAAME,YAAYN,OAAe,EAAuB;QACtD,MAAMO,cAAcC,IAAAA,gBAAK,EAAC7B,oBAAM,EAAE;QAClC,MAAM,CAAC8B,MAAM,GAAG,MAAM,IAAI,CAACjD,EAAE,CAC1BC,MAAM,CAAC;YACNH,IAAIqB,oBAAM,CAACrB,EAAE;YACbuB,MAAMF,oBAAM,CAACE,IAAI;YACjBE,MAAMJ,oBAAM,CAACI,IAAI;YACjBD,aAAaH,oBAAM,CAACG,WAAW;YAC/BZ,aAAaS,oBAAM,CAACT,WAAW;YAC/BwC,YAAY/B,oBAAM,CAAC+B,UAAU;YAC7BxB,WAAWP,oBAAM,CAACO,SAAS;YAC3ByB,YAAYhC,oBAAM,CAACgC,UAAU;YAC7BC,QAAQ;gBAAEtD,IAAIiD,YAAYjD,EAAE;gBAAEuB,MAAM0B,YAAY1B,IAAI;YAAC;QACvD,GACCgB,IAAI,CAAClB,oBAAM,EACXmB,QAAQ,CAACS,aAAalD,IAAAA,cAAE,EAACkD,YAAYjD,EAAE,EAAEqB,oBAAM,CAACkC,QAAQ,GACxD9D,KAAK,CAACM,IAAAA,cAAE,EAACsB,oBAAM,CAACrB,EAAE,EAAE0C,UACpBE,KAAK,CAAC;QACT,OAAOO;IACT;IAEA,MAAMK,WAAWhE,MAAc,EAAEiE,SAAiB,EAAoB;QACpE,OAAOC,IAAAA,0BAAmB,EAAC,MAAM,IAAI,CAACxD,EAAE,CAACyD,MAAM,CAAChE,kBAAK,EAAEF,KAAK,CAACgD,IAAAA,eAAG,EAAC1C,IAAAA,cAAE,EAACJ,kBAAK,CAACK,EAAE,EAAER,SAASO,IAAAA,cAAE,EAACJ,kBAAK,CAACS,KAAK,EAAEqD,cAAc,GAAG;IAC1H;IAEA,MAAMG,cAAcC,SAAiB,EAAgD;QACnF,MAAM,CAACV,MAAM,GAAG,MAAM,IAAI,CAACjD,EAAE,CAC1BC,MAAM,CAAC;YACNH,IAAIqB,oBAAM,CAACrB,EAAE;YACbuB,MAAMF,oBAAM,CAACE,IAAI;YACjBE,MAAMJ,oBAAM,CAACI,IAAI;QACnB,GACCc,IAAI,CAAClB,oBAAM,EACX5B,KAAK,CAACM,IAAAA,cAAE,EAACsB,oBAAM,CAACE,IAAI,EAAEsC,YACtBjB,KAAK,CAAC;QACT,OAAOO;IACT;IAEA,MAAMW,uBAAuBrC,OAAmBkB,iBAAU,CAAC7C,IAAI,EAAqB;QAClF,MAAMiE,cAAcb,IAAAA,gBAAK,EAAC7B,oBAAM,EAAE;QAClC,OAAO,IAAI,CAACnB,EAAE,CACXC,MAAM,CAAC;YACNH,IAAIqB,oBAAM,CAACrB,EAAE;YACbuB,MAAMF,oBAAM,CAACE,IAAI;YACjBC,aAAaH,oBAAM,CAACG,WAAW;YAC/BI,WAAWP,oBAAM,CAACO,SAAS;YAC3ByB,YAAYhC,oBAAM,CAACgC,UAAU;YAC7B5B,MAAMX,IAAAA,eAAG,CAAa,CAAC,GAAG,EAAEO,oBAAM,CAACI,IAAI,CAAC,GAAG,EAAEkB,iBAAU,CAAC7C,IAAI,CAAC,EAAE,EAAE4B,mBAAW,CAACC,KAAK,CAAC,EAAE,EAAED,mBAAW,CAACsC,MAAM,CAAC,CAAC,CAAC;YAC5GC,QAAQ;gBAAEtE,OAAOuE,IAAAA,iBAAK,EAACpC,8BAAW,CAACtC,MAAM;gBAAG6B,QAAQ8C,IAAAA,yBAAa,EAACJ,YAAY/D,EAAE;YAAE;QACpF,GACCuC,IAAI,CAAClB,oBAAM,EACXmB,QAAQ,CAACV,8BAAW,EAAE/B,IAAAA,cAAE,EAAC+B,8BAAW,CAACY,OAAO,EAAErB,oBAAM,CAACrB,EAAE,GACvDwC,QAAQ,CAACuB,aAAahE,IAAAA,cAAE,EAACgE,YAAYR,QAAQ,EAAElC,oBAAM,CAACrB,EAAE,GACxDP,KAAK,CAACgD,IAAAA,eAAG,EAAC2B,IAAAA,kBAAM,EAAC/C,oBAAM,CAACkC,QAAQ,GAAGxD,IAAAA,cAAE,EAACsB,oBAAM,CAACI,IAAI,EAAEA,QACnDoB,OAAO,CAACxB,oBAAM,CAACrB,EAAE;IACtB;IAEA,MAAMqE,mBAAmB3B,OAAe,EAAEjB,OAAmBkB,iBAAU,CAAC7C,IAAI,EAAqB;QAC/F,MAAMiE,cAAcb,IAAAA,gBAAK,EAAC7B,oBAAM,EAAE;QAClC,MAAMiD,oBAAoBpB,IAAAA,gBAAK,EAACpB,8BAAW,EAAE;QAC7C,MAAMyC,iBAAiBrB,IAAAA,gBAAK,EAAC7B,oBAAM,EAAE;QACrC,MAAMmD,cAAc,IAAI,CAACtE,EAAE,CACxBC,MAAM,CAAC;YACNH,IAAIL,kBAAK,CAACK,EAAE;YACZI,OAAOT,kBAAK,CAACS,KAAK;YAClBmB,MAAMhB,IAAAA,4BAAe,EAACZ,kBAAK,EAAE8E,EAAE,CAAC;YAChCjD,aAAa7B,kBAAK,CAACU,KAAK;YACxBuB,WAAWE,8BAAW,CAACF,SAAS;YAChCyB,YAAYvC,IAAAA,eAAG,CAAM,CAAC,IAAI,CAAC;YAC3BW,MAAMX,IAAAA,eAAG,CAAa,CAAC,EAAEY,mBAAW,CAAC5B,IAAI,CAAC,CAAC;YAC3C4E,WAAW5D,IAAAA,eAAG,CAAiB,CAAC,EAAEgB,8BAAW,CAAClC,IAAI,CAAC,CAAC,CAACuB,OAAO,CAACwD;YAC7DV,QAAQ;gBAAEtE,OAAOmB,IAAAA,eAAG,CAAQ,CAAC,CAAC,CAAC;gBAAEO,QAAQP,IAAAA,eAAG,CAAQ,CAAC,CAAC,CAAC;YAAC;QAC1D,GACCyB,IAAI,CAAClB,oBAAM,EACXuD,SAAS,CAAC9C,8BAAW,EAAE/B,IAAAA,cAAE,EAAC+B,8BAAW,CAACY,OAAO,EAAErB,oBAAM,CAACrB,EAAE,GACxDwC,QAAQ,CAAC7C,kBAAK,EAAEI,IAAAA,cAAE,EAACJ,kBAAK,CAACK,EAAE,EAAE8B,8BAAW,CAACtC,MAAM,GAC/CC,KAAK,CAACgD,IAAAA,eAAG,EAAC1C,IAAAA,cAAE,EAACsB,oBAAM,CAACrB,EAAE,EAAE0C,UAAU3C,IAAAA,cAAE,EAACsB,oBAAM,CAACI,IAAI,EAAEA,OAAOoD,IAAAA,qBAAS,EAAClF,kBAAK,CAACK,EAAE,IAC3E6C,OAAO,CAAClD,kBAAK,CAACK,EAAE;QACnB,IAAIyB,SAASkB,iBAAU,CAACmC,QAAQ,EAAE;YAChC,OAAON;QACT;QACA,MAAMO,eAAoB,IAAI,CAAC7E,EAAE,CAC9BC,MAAM,CAAC;YACNH,IAAI+D,YAAY/D,EAAE;YAClBI,OAAOU,IAAAA,eAAG,CAAA,CAAC,IAAI,CAAC;YAChBS,MAAMwC,YAAYxC,IAAI;YACtBC,aAAauC,YAAYvC,WAAW;YACpCI,WAAWmC,YAAYnC,SAAS;YAChCyB,YAAYU,YAAYV,UAAU;YAClC5B,MAAMX,IAAAA,eAAG,CAAa,CAAC,EAAEY,mBAAW,CAACC,KAAK,CAAC,CAAC;YAC5C+C,WAAW5D,IAAAA,eAAG,CAAiB,CAAC,IAAI,CAAC;YACrCmD,QAAQ;gBAAEtE,OAAOuE,IAAAA,iBAAK,EAACpC,8BAAW,CAACtC,MAAM;gBAAG6B,QAAQ6C,IAAAA,iBAAK,EAACK,eAAevE,EAAE;YAAE;QAC/E,GACCuC,IAAI,CAAClB,oBAAM,EACXuD,SAAS,CAACb,aAAahE,IAAAA,cAAE,EAACgE,YAAYR,QAAQ,EAAElC,oBAAM,CAACrB,EAAE,GACzDwC,QAAQ,CAACV,8BAAW,EAAE/B,IAAAA,cAAE,EAAC+B,8BAAW,CAACY,OAAO,EAAEqB,YAAY/D,EAAE,GAC5DwC,QAAQ,CAAC8B,mBAAmBvE,IAAAA,cAAE,EAACuE,kBAAkB5B,OAAO,EAAEqB,YAAY/D,EAAE,GACxEwC,QAAQ,CAAC+B,gBAAgBxE,IAAAA,cAAE,EAACwE,eAAehB,QAAQ,EAAEQ,YAAY/D,EAAE,GACnEP,KAAK,CAACgD,IAAAA,eAAG,EAAC1C,IAAAA,cAAE,EAACsB,oBAAM,CAACrB,EAAE,EAAE0C,UAAU3C,IAAAA,cAAE,EAACsB,oBAAM,CAACI,IAAI,EAAEA,OAAOoD,IAAAA,qBAAS,EAACd,YAAY/D,EAAE,IACjF6C,OAAO,CAACkB,YAAY/D,EAAE;QACzB,OAAOgF,IAAAA,gBAAK,EAACR,aAAaO;IAC5B;IAEA,MAAME,iBAAiBzF,MAAc,EAAE6B,MAA2C,EAAiB;QACjG,IAAIA,OAAO6D,GAAG,CAACnC,MAAM,EAAE;YACrB,IAAI;gBACFW,IAAAA,0BAAmB,EACjB,MAAM,IAAI,CAACxD,EAAE,CAACiF,MAAM,CAACrD,8BAAW,EAAEsD,MAAM,CACtC/D,OAAO6D,GAAG,CAACG,GAAG,CAAC,CAACC,MAAiB,CAAA;wBAC/B9F,QAAQA;wBACRkD,SAAS4C;oBACX,CAAA,KAEFjE,OAAO6D,GAAG,CAACnC,MAAM;gBAEnB,IAAI,CAACwC,MAAM,CAACC,GAAG,CAAC,GAAG,IAAI,CAACP,gBAAgB,CAAC1D,IAAI,CAAC,SAAS,EAAE/B,OAAO,SAAS,EAAEiG,KAAKC,SAAS,CAACrE,OAAO6D,GAAG,EAAE,UAAU,CAAC;gBACjH,IAAI,CAACS,YAAY,CAACC,oBAAoB,CAAC;oBAACpG;iBAAO;YACjD,EAAE,OAAOqG,GAAG;gBACV,IAAI,CAACN,MAAM,CAACO,KAAK,CAAC,GAAG,IAAI,CAACb,gBAAgB,CAAC1D,IAAI,CAAC,SAAS,EAAE/B,OAAO,SAAS,EAAEiG,KAAKC,SAAS,CAACrE,OAAO6D,GAAG,EAAE,gBAAgB,EAAEW,GAAG;gBAC7H,MAAM,IAAIE,MAAM;YAClB;QACF;QACA,IAAI1E,OAAOsC,MAAM,CAACZ,MAAM,EAAE;YACxB,IAAI;gBACFW,IAAAA,0BAAmB,EACjB,MAAM,IAAI,CAACxD,EAAE,CAACyD,MAAM,CAAC7B,8BAAW,EAAErC,KAAK,CAACgD,IAAAA,eAAG,EAAC1C,IAAAA,cAAE,EAAC+B,8BAAW,CAACtC,MAAM,EAAEA,SAASwG,IAAAA,mBAAO,EAAClE,8BAAW,CAACY,OAAO,EAAErB,OAAOsC,MAAM,KACtHtC,OAAOsC,MAAM,CAACZ,MAAM;gBAEtB,IAAI,CAACwC,MAAM,CAACC,GAAG,CAAC,GAAG,IAAI,CAACP,gBAAgB,CAAC1D,IAAI,CAAC,SAAS,EAAE/B,OAAO,SAAS,EAAEiG,KAAKC,SAAS,CAACrE,OAAOsC,MAAM,EAAE,YAAY,CAAC;gBACtH,IAAI,CAACgC,YAAY,CAACC,oBAAoB,CAAC;oBAACpG;iBAAO;YACjD,EAAE,OAAOqG,GAAG;gBACV,IAAI,CAACN,MAAM,CAACO,KAAK,CAAC,GAAG,IAAI,CAACb,gBAAgB,CAAC1D,IAAI,CAAC,SAAS,EAAE/B,OAAO,SAAS,EAAEiG,KAAKC,SAAS,CAACrE,OAAOsC,MAAM,EAAE,kBAAkB,EAAEkC,GAAG;gBAClI,MAAM,IAAIE,MAAM;YAClB;QACF;IACF;IAEA,MAAME,YAAYC,cAAsC,EAAwB;QAC9E,OAAOC,IAAAA,sBAAe,EAAC,MAAM,IAAI,CAACjG,EAAE,CAACiF,MAAM,CAAC9D,oBAAM,EAAE+D,MAAM,CAAC;YAAE,GAAGc,cAAc;YAAEzE,MAAMkB,iBAAU,CAAC7C,IAAI;QAAC;IACxG;IAEA,MAAMsG,YAAY1D,OAAe,EAAE2D,GAAsC,EAAoB;QAC3F,IAAI;YACF3C,IAAAA,0BAAmB,EAAC,MAAM,IAAI,CAACxD,EAAE,CAACoG,MAAM,CAACjF,oBAAM,EAAEgF,GAAG,CAACA,KAAK5G,KAAK,CAACM,IAAAA,cAAE,EAACsB,oBAAM,CAACrB,EAAE,EAAE0C,WAAW;YACzF,IAAI,CAAC6C,MAAM,CAACC,GAAG,CAAC,GAAG,IAAI,CAACY,WAAW,CAAC7E,IAAI,CAAC,UAAU,EAAEmB,QAAQ,gBAAgB,EAAE+C,KAAKC,SAAS,CAACW,MAAM;YACpG,OAAO;QACT,EAAE,OAAOR,GAAG;YACV,IAAI,CAACN,MAAM,CAACO,KAAK,CAAC,GAAG,IAAI,CAACM,WAAW,CAAC7E,IAAI,CAAC,UAAU,EAAEmB,QAAQ,oBAAoB,EAAE+C,KAAKC,SAAS,CAACW,KAAK,GAAG,EAAER,GAAG;YACjH,OAAO;QACT;IACF;IAEA,MAAMU,YAAY7D,OAAe,EAAoB;QACnD,MAAM,CAACY,OAAO,GAAG,MAAM,IAAI,CAACpD,EAAE,CAACC,MAAM,CAAC;YAAEH,IAAIqB,oBAAM,CAACkC,QAAQ;QAAC,GAAGhB,IAAI,CAAClB,oBAAM,EAAE5B,KAAK,CAACM,IAAAA,cAAE,EAACsB,oBAAM,CAACrB,EAAE,EAAE0C,UAAUE,KAAK,CAAC;QAChH,MAAMW,WAAWD,QAAQtD;QACzB,IAAIuD,UAAU;YACZ,wCAAwC;YACxC,MAAM,IAAI,CAACrD,EAAE,CACVoG,MAAM,CAACjF,oBAAM,EACbgF,GAAG,CAAC;gBAAE9C,UAAUA;YAAS,GACzB9D,KAAK,CAACM,IAAAA,cAAE,EAACsB,oBAAM,CAACkC,QAAQ,EAAEb;QAC/B;QACA,OAAOgB,IAAAA,0BAAmB,EAAC,MAAM,IAAI,CAACxD,EAAE,CAACyD,MAAM,CAACtC,oBAAM,EAAE5B,KAAK,CAACM,IAAAA,cAAE,EAACsB,oBAAM,CAACrB,EAAE,EAAE0C,UAAUE,KAAK,CAAC,IAAI,GAAG;IACrG;IAEA,MAAM4D,gBAAgB9D,OAAe,EAAE+D,OAAiB,EAAEC,uBAAkC7G,eAAS,CAAC8G,KAAK,EAAiB;QAC1H,MAAMC,0BAA0B,MAAM,IAAI,CAAC1G,EAAE,CAC1CC,MAAM,CAAC;YAAEH,IAAIL,kBAAK,CAACK,EAAE;QAAC,GACtBuC,IAAI,CAAC5C,kBAAK,EACVF,KAAK,CAACgD,IAAAA,eAAG,EAACuD,IAAAA,mBAAO,EAACrG,kBAAK,CAACK,EAAE,EAAEyG,UAAU/G,IAAAA,eAAG,EAACC,kBAAK,CAACC,IAAI,EAAE8G;QACzDD,UAAUG,wBAAwBvB,GAAG,CAAC,CAACwB,IAAMA,EAAE7G,EAAE;QACjD,IAAIyG,QAAQ1D,MAAM,KAAK,GAAG;YACxB,MAAM,IAAIgD,MAAM;QAClB;QACA,IAAI;YACFrC,IAAAA,0BAAmB,EACjB,MAAM,IAAI,CAACxD,EAAE,CAACiF,MAAM,CAACrD,8BAAW,EAAEsD,MAAM,CACtCwB,wBAAwBvB,GAAG,CAAC,CAACwB,IAAO,CAAA;oBAClCnE,SAASA;oBACTlD,QAAQqH,EAAE7G,EAAE;gBACd,CAAA,KAEF4G,wBAAwB7D,MAAM;YAEhC,IAAI,CAACwC,MAAM,CAACC,GAAG,CAAC,GAAG,IAAI,CAACgB,eAAe,CAACjF,IAAI,CAAC,UAAU,EAAEkF,QAAQ,sBAAsB,EAAE/D,QAAQ,CAAC,CAAC;YACnG,IAAI,CAACiD,YAAY,CAACC,oBAAoB,CAACa;QACzC,EAAE,OAAOZ,GAAG;YACV,IAAI,CAACN,MAAM,CAACO,KAAK,CAAC,GAAG,IAAI,CAACU,eAAe,CAACjF,IAAI,CAAC,wBAAwB,EAAEkF,QAAQ,YAAY,EAAE/D,QAAQ,IAAI,EAAEmD,GAAG;YAChH,MAAM,IAAIE,MAAM;QAClB;IACF;IAEA,MAAMe,oBAAoBpE,OAAe,EAAElD,MAAc,EAAEI,IAAqB,EAAiB;QAC/F,IAAI;YACF8D,IAAAA,0BAAmB,EACjB,MAAM,IAAI,CAACxD,EAAE,CACVoG,MAAM,CAACxE,8BAAW,EAClBuE,GAAG,CAAC;gBAAEzG,MAAMA;YAAK,GACjBH,KAAK,CAACgD,IAAAA,eAAG,EAAC1C,IAAAA,cAAE,EAAC+B,8BAAW,CAACY,OAAO,EAAEA,UAAU3C,IAAAA,cAAE,EAAC+B,8BAAW,CAACtC,MAAM,EAAEA,UACnEoD,KAAK,CAAC,IACT;YAEF,IAAI,CAAC2C,MAAM,CAACC,GAAG,CAAC,GAAG,IAAI,CAACsB,mBAAmB,CAACvF,IAAI,CAAC,SAAS,EAAE/B,OAAO,wBAAwB,EAAEkD,QAAQ,KAAK,EAAEqE,qBAAe,CAACnH,KAAK,EAAE;QACrI,EAAE,OAAOiG,GAAG;YACV,IAAI,CAACN,MAAM,CAACO,KAAK,CACf,GAAG,IAAI,CAACgB,mBAAmB,CAACvF,IAAI,CAAC,SAAS,EAAE/B,OAAO,4BAA4B,EAAEkD,QAAQ,KAAK,EAAEqE,qBAAe,CAACnH,KAAK,CAAC,GAAG,EAAEiG,GAAG;YAEhI,MAAM,IAAIE,MAAM;QAClB;IACF;IAEA,MAAMiB,oBAAoBtE,OAAe,EAAElD,MAAc,EAAiB;QACxE,IAAI;YACFkE,IAAAA,0BAAmB,EACjB,MAAM,IAAI,CAACxD,EAAE,CACVyD,MAAM,CAAC7B,8BAAW,EAClBrC,KAAK,CAACgD,IAAAA,eAAG,EAAC1C,IAAAA,cAAE,EAAC+B,8BAAW,CAACY,OAAO,EAAEA,UAAU3C,IAAAA,cAAE,EAAC+B,8BAAW,CAACtC,MAAM,EAAEA,UACnEoD,KAAK,CAAC,IACT;YAEF,IAAI,CAAC2C,MAAM,CAACC,GAAG,CAAC,GAAG,IAAI,CAACwB,mBAAmB,CAACzF,IAAI,CAAC,SAAS,EAAE/B,OAAO,0BAA0B,EAAEkD,QAAQ,CAAC,CAAC;YACzG,IAAI,CAACiD,YAAY,CAACC,oBAAoB,CAAC;gBAACpG;aAAO;QACjD,EAAE,OAAOqG,GAAG;YACV,IAAI,CAACN,MAAM,CAACO,KAAK,CAAC,GAAG,IAAI,CAACkB,mBAAmB,CAACzF,IAAI,CAAC,SAAS,EAAE/B,OAAO,YAAY,EAAEkD,QAAQ,mBAAmB,EAAEmD,GAAG;YACnH,MAAM,IAAIE,MAAM;QAClB;IACF;IAEA,MAAMkB,oBAAoBC,OAAe,EAAEC,QAA6C,EAAiB;QACvG,IAAIA,SAASjC,GAAG,CAACnC,MAAM,EAAE;YACvB,IAAI;gBACFW,IAAAA,0BAAmB,EACjB,MAAM,IAAI,CAACxD,EAAE,CAACiF,MAAM,CAACiC,8BAAW,EAAEhC,MAAM,CACtC+B,SAASjC,GAAG,CAACG,GAAG,CAAC,CAACgC,MAAiB,CAAA;wBACjC7H,QAAQ6H;wBACRH,SAASA;oBACX,CAAA,KAEFC,SAASjC,GAAG,CAACnC,MAAM;gBAErB,IAAI,CAACwC,MAAM,CAACC,GAAG,CAAC,GAAG,IAAI,CAACyB,mBAAmB,CAAC1F,IAAI,CAAC,UAAU,EAAE2F,QAAQ,WAAW,EAAEzB,KAAKC,SAAS,CAACyB,SAASjC,GAAG,EAAE,UAAU,CAAC;YAC5H,EAAE,OAAOW,GAAG;gBACV,IAAI,CAACN,MAAM,CAACO,KAAK,CAAC,GAAG,IAAI,CAACmB,mBAAmB,CAAC1F,IAAI,CAAC,UAAU,EAAE2F,QAAQ,WAAW,EAAEzB,KAAKC,SAAS,CAACyB,SAASjC,GAAG,EAAE,gBAAgB,EAAEW,GAAG;gBACtI,MAAM,IAAIE,MAAM;YAClB;QACF;QACA,IAAIoB,SAASxD,MAAM,CAACZ,MAAM,EAAE;YAC1B,IAAI;gBACFW,IAAAA,0BAAmB,EACjB,MAAM,IAAI,CAACxD,EAAE,CAACyD,MAAM,CAACyD,8BAAW,EAAE3H,KAAK,CAACgD,IAAAA,eAAG,EAAC1C,IAAAA,cAAE,EAACqH,8BAAW,CAACF,OAAO,EAAEA,UAAUlB,IAAAA,mBAAO,EAACoB,8BAAW,CAAC5H,MAAM,EAAE2H,SAASxD,MAAM,KACzHwD,SAASxD,MAAM,CAACZ,MAAM;gBAExB,IAAI,CAACwC,MAAM,CAACC,GAAG,CAAC,GAAG,IAAI,CAACyB,mBAAmB,CAAC1F,IAAI,CAAC,UAAU,EAAE2F,QAAQ,WAAW,EAAEzB,KAAKC,SAAS,CAACyB,SAASxD,MAAM,EAAE,YAAY,CAAC;YACjI,EAAE,OAAOkC,GAAG;gBACV,IAAI,CAACN,MAAM,CAACO,KAAK,CAAC,GAAG,IAAI,CAACmB,mBAAmB,CAAC1F,IAAI,CAAC,UAAU,EAAE2F,QAAQ,WAAW,EAAEzB,KAAKC,SAAS,CAACyB,SAASxD,MAAM,EAAE,kBAAkB,EAAEkC,GAAG;gBAC3I,MAAM,IAAIE,MAAM;YAClB;QACF;IACF;IA3TA,YACE,AAA4C7F,EAAY,EACxD,AAAgByF,YAA0B,CAC1C;aAF4CzF,KAAAA;aAC5ByF,eAAAA;aAJDJ,SAAS,IAAI+B,cAAM,CAAChI,kBAAkBiC,IAAI;IAKxD;AAyTL"}

package/server/applications/users/services/users-manager.service.js CHANGED Viewed

@@ -17,13 +17,18 @@ const _bcryptjs = /*#__PURE__*/ _interop_require_default(require("bcryptjs"));
 const _nodefs = require("node:fs");
 const _nodepath = /*#__PURE__*/ _interop_require_default(require("node:path"));
 const _promises = require("node:stream/promises");
+const _constants = require("../../../common/constants");
 const _functions = require("../../../common/functions");
 const _image = require("../../../common/image");
-const _configconstants = require("../../../configuration/config.constants");
+const _shared = require("../../../common/shared");
+const _configenvironment = require("../../../configuration/config.environment");
 const _files = require("../../files/utils/files");
+const _notifications = require("../../notifications/constants/notifications");
+const _notificationsmanagerservice = require("../../notifications/services/notifications-manager.service");
 const _member = require("../constants/member");
 const _user = require("../constants/user");
 const _usermodel = require("../models/user.model");
+const _avatar = require("../utils/avatar");
 const _adminusersmanagerservice = require("./admin-users-manager.service");
 const _usersqueriesservice = require("./users-queries.service");
 function _interop_require_default(obj) {
@@ -49,17 +54,12 @@ let UsersManager = class UsersManager {
         const user = await this.usersQueries.from(null, loginOrEmail);
         return user ? new _usermodel.UserModel(user, removePassword) : null;
     }
-    async logUser(user, password, ip) {
-        if (user.role === _user.USER_ROLE.LINK) {
-            this.logger.error(`${this.logUser.name} - guest link account ${user} is not authorized to login`);
-            throw new _common.HttpException('Account is not allowed', _common.HttpStatus.FORBIDDEN);
-        }
-        if (!user.isActive || user.passwordAttempts >= _user.USER_MAX_PASSWORD_ATTEMPTS) {
-            this.updateAccesses(user, ip, false).catch((e)=>this.logger.error(`${this.logUser.name} - ${e}`));
-            this.logger.error(`${this.logUser.name} - user account *${user.login}* is locked`);
-            throw new _common.HttpException('Account locked', _common.HttpStatus.FORBIDDEN);
+    async logUser(user, password, ip, scope) {
+        this.validateUserAccess(user, ip);
+        let authSuccess = await (0, _functions.comparePassword)(password, user.password);
+        if (!authSuccess && scope) {
+            authSuccess = await this.validateAppPassword(user, password, ip, scope);
         }
-        const authSuccess = await (0, _functions.comparePassword)(password, user.password);
         this.updateAccesses(user, ip, authSuccess).catch((e)=>this.logger.error(`${this.logUser.name} - ${e}`));
         if (authSuccess) {
             await user.makePaths();
@@ -68,15 +68,29 @@ let UsersManager = class UsersManager {
         this.logger.warn(`${this.logUser.name} - bad password for *${user.login}*`);
         return null;
     }
+    validateUserAccess(user, ip) {
+        if (user.role === _user.USER_ROLE.LINK) {
+            this.logger.error(`${this.validateUserAccess.name} - guest link account ${user} is not authorized to login`);
+            throw new _common.HttpException('Account is not allowed', _common.HttpStatus.FORBIDDEN);
+        }
+        if (!user.isActive || user.passwordAttempts >= _user.USER_MAX_PASSWORD_ATTEMPTS) {
+            this.updateAccesses(user, ip, false).catch((e)=>this.logger.error(`${this.validateUserAccess.name} - ${e}`));
+            this.logger.error(`${this.validateUserAccess.name} - user account *${user.login}* is locked`);
+            this.notifyAccountLocked(user, ip);
+            throw new _common.HttpException('Account locked', _common.HttpStatus.FORBIDDEN);
+        }
+    }
     async me(authUser) {
         const user = await this.fromUserId(authUser.id);
         if (!user) {
-            throw new _common.HttpException(`User *${authUser.login} (${authUser.id}) not found`, _common.HttpStatus.NOT_FOUND);
+            this.logger.warn(`User *${authUser.login} (${authUser.id}) not found`);
+            throw new _common.HttpException(`User not found`, _common.HttpStatus.NOT_FOUND);
         }
         user.impersonated = !!authUser.impersonatedFromId;
         user.clientId = authUser.clientId;
         return {
-            user: user
+            user: user,
+            server: _configenvironment.serverConfig
         };
     }
     async compareUserPassword(userId, password) {
@@ -113,13 +127,13 @@ let UsersManager = class UsersManager {
     async updateAvatar(req) {
         const part = await req.file({
             limits: {
-                fileSize: this.maxAvatarUploadSize
+                fileSize: _avatar.USER_AVATAR_MAX_UPLOAD_SIZE
             }
         });
         if (!part.mimetype.startsWith('image/')) {
             throw new _common.HttpException('Unsupported file type', _common.HttpStatus.BAD_REQUEST);
         }
-        const dstPath = _nodepath.default.join(req.user.tmpPath, this.userAvatarFileName);
+        const dstPath = _nodepath.default.join(req.user.tmpPath, _avatar.USER_AVATAR_FILE_NAME);
         try {
             await (0, _promises.pipeline)(part.file, (0, _nodefs.createWriteStream)(dstPath));
         } catch (e) {
@@ -131,14 +145,32 @@ let UsersManager = class UsersManager {
             throw new _common.HttpException('Image is too large (5MB max)', _common.HttpStatus.PAYLOAD_TOO_LARGE);
         }
         try {
-            await (0, _files.moveFiles)(dstPath, _nodepath.default.join(req.user.homePath, this.userAvatarFileName), true);
+            await (0, _files.moveFiles)(dstPath, _nodepath.default.join(req.user.homePath, _avatar.USER_AVATAR_FILE_NAME), true);
         } catch (e) {
             this.logger.error(`${this.updateAvatar.name} - ${e}`);
             throw new _common.HttpException('Unable to create avatar', _common.HttpStatus.INTERNAL_SERVER_ERROR);
         }
     }
-    async updateAccesses(user, ip, success) {
-        const passwordAttempts = success ? 0 : Math.min(user.passwordAttempts + 1, _user.USER_MAX_PASSWORD_ATTEMPTS);
+    async updateSecrets(userId, secrets) {
+        const userSecrets = await this.usersQueries.getUserSecrets(userId);
+        const updatedSecrets = {
+            ...userSecrets,
+            ...secrets
+        };
+        if (!await this.usersQueries.updateUserOrGuest(userId, {
+            secrets: updatedSecrets
+        })) {
+            throw new _common.HttpException('Unable to update secrets', _common.HttpStatus.INTERNAL_SERVER_ERROR);
+        }
+    }
+    async updateAccesses(user, ip, success, isAuthTwoFa = false) {
+        let passwordAttempts;
+        if (!isAuthTwoFa && _configenvironment.configuration.auth.mfa.totp.enabled && user.twoFaEnabled) {
+            // Do not reset password attempts if the login still requires 2FA validation
+            passwordAttempts = user.passwordAttempts;
+        } else {
+            passwordAttempts = success ? 0 : Math.min(user.passwordAttempts + 1, _user.USER_MAX_PASSWORD_ATTEMPTS);
+        }
         await this.usersQueries.updateUserOrGuest(user.id, {
             lastAccess: user.currentAccess,
             currentAccess: new Date(),
@@ -149,14 +181,14 @@ let UsersManager = class UsersManager {
         });
     }
     async getAvatar(userLogin, generate = false, generateIsNotExists) {
-        const avatarPath = _nodepath.default.join(_usermodel.UserModel.getHomePath(userLogin), this.userAvatarFileName);
+        const avatarPath = _nodepath.default.join(_usermodel.UserModel.getHomePath(userLogin), _avatar.USER_AVATAR_FILE_NAME);
         const avatarExists = await (0, _files.isPathExists)(avatarPath);
         if (!avatarExists && generateIsNotExists) {
             generate = true;
         }
         if (!generate) {
             return [
-                avatarExists ? avatarPath : this.defaultAvatarFilePath,
+                avatarExists ? avatarPath : _avatar.USER_DEFAULT_AVATAR_FILE_PATH,
                 avatarExists ? _image.pngMimeType : _image.svgMimeType
             ];
         }
@@ -182,9 +214,78 @@ let UsersManager = class UsersManager {
             ];
         }
     }
-    async getAvatarBase64(userLogin) {
-        const userAvatarPath = _nodepath.default.join(_usermodel.UserModel.getHomePath(userLogin), this.userAvatarFileName);
-        return (0, _image.convertImageToBase64)(await (0, _files.isPathExists)(userAvatarPath) ? userAvatarPath : this.defaultAvatarFilePath);
+    async listAppPasswords(user) {
+        const secrets = await this.usersQueries.getUserSecrets(user.id);
+        if (Array.isArray(secrets.appPasswords)) {
+            // remove passwords from response
+            return secrets.appPasswords.map(({ password, ...rest })=>rest);
+        }
+        return [];
+    }
+    async generateAppPassword(user, userAppPasswordDto) {
+        const secrets = await this.usersQueries.getUserSecrets(user.id);
+        const slugName = (0, _shared.createLightSlug)(userAppPasswordDto.name);
+        if (Array.isArray(secrets.appPasswords) && secrets.appPasswords.find((p)=>p.name === slugName)) {
+            throw new _common.HttpException('Name already used', _common.HttpStatus.BAD_REQUEST);
+        }
+        secrets.appPasswords = Array.isArray(secrets.appPasswords) ? secrets.appPasswords : [];
+        const clearPassword = (0, _shared.genPassword)(24);
+        const appPassword = {
+            name: (0, _shared.createLightSlug)(userAppPasswordDto.name),
+            app: userAppPasswordDto.app,
+            expiration: userAppPasswordDto.expiration,
+            password: await (0, _functions.hashPassword)(clearPassword),
+            createdAt: new Date(),
+            currentIp: null,
+            currentAccess: null,
+            lastIp: null,
+            lastAccess: null
+        };
+        secrets.appPasswords.unshift(appPassword);
+        if (!await this.usersQueries.updateUserOrGuest(user.id, {
+            secrets: secrets
+        })) {
+            throw new _common.HttpException('Unable to update app passwords', _common.HttpStatus.INTERNAL_SERVER_ERROR);
+        }
+        // return clear password only once
+        return {
+            ...appPassword,
+            password: clearPassword
+        };
+    }
+    async deleteAppPassword(user, passwordName) {
+        const secrets = await this.usersQueries.getUserSecrets(user.id);
+        if (!Array.isArray(secrets.appPasswords) || !secrets.appPasswords.find((p)=>p.name === passwordName)) {
+            throw new _common.HttpException('App password not found', _common.HttpStatus.NOT_FOUND);
+        }
+        secrets.appPasswords = secrets.appPasswords.filter((p)=>p.name !== passwordName);
+        if (!await this.usersQueries.updateUserOrGuest(user.id, {
+            secrets: secrets
+        })) {
+            throw new _common.HttpException('Unable to delete app password', _common.HttpStatus.INTERNAL_SERVER_ERROR);
+        }
+    }
+    async validateAppPassword(user, password, ip, scope) {
+        if (!scope || !user.haveRole(_user.USER_ROLE.USER)) return false;
+        const secrets = await this.usersQueries.getUserSecrets(user.id);
+        if (!Array.isArray(secrets.appPasswords)) return false;
+        for (const p of secrets.appPasswords){
+            if (p.app !== scope) continue;
+            const expMs = p.expiration ? new Date(p.expiration) : null;
+            if (p.expiration && new Date() > expMs) continue; // expired
+            if (await (0, _functions.comparePassword)(password, p.password)) {
+                p.lastAccess = p.currentAccess;
+                p.currentAccess = new Date();
+                p.lastIp = p.currentIp;
+                p.currentIp = ip;
+                // update accesses
+                this.usersQueries.updateUserOrGuest(user.id, {
+                    secrets: secrets
+                }).catch((e)=>this.logger.error(`${this.validateAppPassword.name} - ${e}`));
+                return true;
+            }
+        }
+        return false;
     }
     setOnlineStatus(user, onlineStatus) {
         this.usersQueries.setOnlineStatus(user.id, onlineStatus).catch((e)=>this.logger.error(`${this.setOnlineStatus.name} - ${e}`));
@@ -403,12 +504,20 @@ let UsersManager = class UsersManager {
     searchMembers(user, searchMembersDto) {
         return this.usersQueries.searchUsersOrGroups(searchMembersDto, user.id);
     }
-    constructor(usersQueries, adminUsersManager){
+    notifyAccountLocked(user, ip) {
+        this.notificationsManager.sendEmailNotification([
+            user
+        ], {
+            app: _notifications.NOTIFICATION_APP.AUTH_LOCKED,
+            event: _notifications.NOTIFICATION_APP_EVENT.AUTH_LOCKED[_constants.ACTION.DELETE],
+            element: null,
+            url: ip
+        }).catch((e)=>this.logger.error(`${this.validateUserAccess.name} - ${e}`));
+    }
+    constructor(usersQueries, adminUsersManager, notificationsManager){
         this.usersQueries = usersQueries;
         this.adminUsersManager = adminUsersManager;
-        this.defaultAvatarFilePath = _nodepath.default.join(_configconstants.STATIC_ASSETS_PATH, 'avatar.svg');
-        this.userAvatarFileName = 'avatar.png';
-        this.maxAvatarUploadSize = 1024 * 1024 * 5;
+        this.notificationsManager = notificationsManager;
         this.logger = new _common.Logger(UsersManager.name);
     }
 };
@@ -417,7 +526,8 @@ UsersManager = _ts_decorate([
     _ts_metadata("design:type", Function),
     _ts_metadata("design:paramtypes", [
         typeof _usersqueriesservice.UsersQueries === "undefined" ? Object : _usersqueriesservice.UsersQueries,
-        typeof _adminusersmanagerservice.AdminUsersManager === "undefined" ? Object : _adminusersmanagerservice.AdminUsersManager
+        typeof _adminusersmanagerservice.AdminUsersManager === "undefined" ? Object : _adminusersmanagerservice.AdminUsersManager,
+        typeof _notificationsmanagerservice.NotificationsManager === "undefined" ? Object : _notificationsmanagerservice.NotificationsManager
     ])
 ], UsersManager);