@things-factory/auth-base 6.1.194 → 6.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist-server/controllers/checkin.js.map +1 -1
- package/dist-server/middlewares/domain-authenticate-middleware.js.map +1 -1
- package/dist-server/router/auth-checkin-router.js +4 -3
- package/dist-server/router/auth-checkin-router.js.map +1 -1
- package/dist-server/router/auth-private-process-router.js +1 -10
- package/dist-server/router/auth-private-process-router.js.map +1 -1
- package/dist-server/router/site-root-router.js.map +1 -1
- package/dist-server/service/app-binding/app-binding.js +1 -0
- package/dist-server/service/app-binding/app-binding.js.map +1 -1
- package/dist-server/service/application/application.js +1 -0
- package/dist-server/service/application/application.js.map +1 -1
- package/dist-server/service/index.d.ts +1 -1
- package/dist-server/service/login-history/login-history.d.ts +1 -1
- package/dist-server/service/login-history/login-history.js.map +1 -1
- package/dist-server/service/privilege/privilege-query.d.ts +1 -1
- package/dist-server/service/privilege/privilege-query.js.map +1 -1
- package/dist-server/service/user/user.d.ts +1 -1
- package/dist-server/tsconfig.tsbuildinfo +1 -1
- package/dist-server/utils/get-user-domains.d.ts +4 -4
- package/dist-server/utils/get-user-domains.js +19 -7
- package/dist-server/utils/get-user-domains.js.map +1 -1
- package/package.json +7 -7
- package/server/controllers/checkin.ts +1 -1
- package/server/middlewares/domain-authenticate-middleware.ts +1 -1
- package/server/router/auth-checkin-router.ts +12 -6
- package/server/router/auth-private-process-router.ts +2 -11
- package/server/router/site-root-router.ts +1 -1
- package/server/service/app-binding/app-binding.ts +2 -1
- package/server/service/application/application.ts +2 -1
- package/server/service/login-history/login-history.ts +1 -1
- package/server/service/privilege/privilege-query.ts +1 -1
- package/server/utils/get-user-domains.ts +98 -74
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"checkin.js","sourceRoot":"","sources":["../../server/controllers/checkin.ts"],"names":[],"mappings":";;;AAAA,iDAA6D;AAE7D,+CAA2C;AAC3C,gEAA0D;AAEnD,KAAK,UAAU,OAAO,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE;IACjD,MAAM,QAAQ,GAAG,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAA;IACpC,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,CAAC,CAAA;IAC9D,MAAM,OAAO,
|
|
1
|
+
{"version":3,"file":"checkin.js","sourceRoot":"","sources":["../../server/controllers/checkin.ts"],"names":[],"mappings":";;;AAAA,iDAA6D;AAE7D,+CAA2C;AAC3C,gEAA0D;AAEnD,KAAK,UAAU,OAAO,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE;IACjD,MAAM,QAAQ,GAAG,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAA;IACpC,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,CAAC,CAAA;IAC9D,MAAM,OAAO,GAAsB,MAAM,IAAA,iCAAc,EAAC,IAAI,CAAC,CAAA;IAE7D,IAAI,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,MAAM,CAAA,EAAE;QACpB,OAAO,KAAK,CAAA;KACb;IAED,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,IAAI,SAAS,CAAC,CAAA;IACpE,IAAI,CAAC,MAAM,EAAE;QACX,OAAO,KAAK,CAAA;KACb;IAED,OAAO,MAAM,IAAI,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,CAAC,CAAA;AACvC,CAAC;AAfD,0BAeC","sourcesContent":["import { Domain, getRepository } from '@things-factory/shell'\n\nimport { User } from '../service/user/user'\nimport { getUserDomains } from '../utils/get-user-domains'\n\nexport async function checkin({ userId, subdomain }) {\n const userRepo = getRepository(User)\n const user = await userRepo.findOne({ where: { id: userId } })\n const domains: Partial<Domain>[] = await getUserDomains(user)\n\n if (!domains?.length) {\n return false\n }\n\n const domain = domains.find(domain => domain.subdomain == subdomain)\n if (!domain) {\n return false\n }\n\n return await user.sign({ subdomain })\n}\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"domain-authenticate-middleware.js","sourceRoot":"","sources":["../../server/middlewares/domain-authenticate-middleware.ts"],"names":[],"mappings":";;;AAAA,6CAA4C;AAC5C,iDAA6D;AAE7D,qDAAgD;AAChD,+CAA2C;AAC3C,gEAA0D;AAE1D,MAAM,yBAAyB,GAAG,CAAC,CAAC,YAAM,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAA;AAC3E,MAAM,KAAK,GAAG,YAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;AACrC,MAAM,eAAe,GAAG,YAAM,CAAC,SAAS,CAAC,iBAAiB,EAAE,CAAC,CAAC,CAAA;AAW9D,OAAO,CAAC,kBAAkB,GAAG,KAAK,EAAE,MAAc,EAAE,IAAU,EAAoB,EAAE;IAClF,OAAO,MAAM,IAAI,MAAM,CAAC,KAAK,KAAK,IAAI,CAAC,EAAE,CAAA;AAC3C,CAAC,CAAA;AAED,OAAO,CAAC,gBAAgB,GAAG,KAAK,EAAE,MAAc,EAAE,IAAU,EAAoB,EAAE;IAChF,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE;QACxB,IAAI,GAAG,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,OAAO,CAAC;YACvC,KAAK,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE;YACtB,SAAS,EAAE,CAAC,SAAS,CAAC;SACvB,CAAC,CAAA;KACH;IAED,MAAM,YAAY,GAAW,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,MAAc,EAAE,EAAE,CAAC,MAAM,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAA;IACjG,IAAI,CAAC,YAAY,EAAE;QACjB,OAAO,KAAK,CAAA;KACb;IAED,OAAO,YAAY,CAAC,KAAK,KAAK,IAAI,CAAC,EAAE,CAAA;AACvC,CAAC,CAAA;AAED;;;;;;;;GAQG;AAEI,KAAK,UAAU,4BAA4B,CAAC,OAAY,EAAE,IAAS;IACxE,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAEtC,MAAM,SAAS,GAAW,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,SAAS,CAAA;IAE3C,gCAAgC;IAChC,mBAAmB;IACnB,IAAI,CAAC,SAAS,EAAE;QACd,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,kBAAkB;SACpD,CAAC,CAAA;KACH;IAED,4BAA4B;IAC5B,MAAM,WAAW,
|
|
1
|
+
{"version":3,"file":"domain-authenticate-middleware.js","sourceRoot":"","sources":["../../server/middlewares/domain-authenticate-middleware.ts"],"names":[],"mappings":";;;AAAA,6CAA4C;AAC5C,iDAA6D;AAE7D,qDAAgD;AAChD,+CAA2C;AAC3C,gEAA0D;AAE1D,MAAM,yBAAyB,GAAG,CAAC,CAAC,YAAM,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAA;AAC3E,MAAM,KAAK,GAAG,YAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;AACrC,MAAM,eAAe,GAAG,YAAM,CAAC,SAAS,CAAC,iBAAiB,EAAE,CAAC,CAAC,CAAA;AAW9D,OAAO,CAAC,kBAAkB,GAAG,KAAK,EAAE,MAAc,EAAE,IAAU,EAAoB,EAAE;IAClF,OAAO,MAAM,IAAI,MAAM,CAAC,KAAK,KAAK,IAAI,CAAC,EAAE,CAAA;AAC3C,CAAC,CAAA;AAED,OAAO,CAAC,gBAAgB,GAAG,KAAK,EAAE,MAAc,EAAE,IAAU,EAAoB,EAAE;IAChF,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE;QACxB,IAAI,GAAG,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,OAAO,CAAC;YACvC,KAAK,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE;YACtB,SAAS,EAAE,CAAC,SAAS,CAAC;SACvB,CAAC,CAAA;KACH;IAED,MAAM,YAAY,GAAW,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,MAAc,EAAE,EAAE,CAAC,MAAM,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAA;IACjG,IAAI,CAAC,YAAY,EAAE;QACjB,OAAO,KAAK,CAAA;KACb;IAED,OAAO,YAAY,CAAC,KAAK,KAAK,IAAI,CAAC,EAAE,CAAA;AACvC,CAAC,CAAA;AAED;;;;;;;;GAQG;AAEI,KAAK,UAAU,4BAA4B,CAAC,OAAY,EAAE,IAAS;IACxE,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAEtC,MAAM,SAAS,GAAW,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,SAAS,CAAA;IAE3C,gCAAgC;IAChC,mBAAmB;IACnB,IAAI,CAAC,SAAS,EAAE;QACd,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,kBAAkB;SACpD,CAAC,CAAA;KACH;IAED,4BAA4B;IAC5B,MAAM,WAAW,GAAsB,MAAM,IAAA,iCAAc,EAAC,IAAI,CAAC,CAAA;IACjE,IAAI,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,IAAI,SAAS,CAAC,IAAI,CAAC,MAAM,OAAO,CAAC,gBAAgB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,EAAE;QAC/G,OAAO,MAAM,IAAI,EAAE,CAAA;KACpB;IAED,MAAM,IAAI,sBAAS,CAAC;QAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,kBAAkB;KACpD,CAAC,CAAA;AACJ,CAAC;AAvBD,oEAuBC","sourcesContent":["import { config } from '@things-factory/env'\nimport { Domain, getRepository } from '@things-factory/shell'\n\nimport { AuthError } from '../errors/auth-error'\nimport { User } from '../service/user/user'\nimport { getUserDomains } from '../utils/get-user-domains'\n\nconst useVirtualHostBasedDomain = !!config.get('useVirtualHostBasedDomain')\nconst fixed = config.get('subdomain')\nconst subdomainOffset = config.getNumber('subdomainOffset', 2)\n\ndeclare global {\n namespace NodeJS {\n interface Process {\n domainOwnerGranted: (domain: Domain, user: User) => Promise<boolean>\n superUserGranted: (domain: Domain, user: User) => Promise<boolean>\n }\n }\n}\n\nprocess.domainOwnerGranted = async (domain: Domain, user: User): Promise<boolean> => {\n return domain && domain.owner === user.id\n}\n\nprocess.superUserGranted = async (domain: Domain, user: User): Promise<boolean> => {\n if (!user.domains.length) {\n user = await getRepository(User).findOne({\n where: { id: user.id },\n relations: ['domains']\n })\n }\n\n const systemDomain: Domain = user.domains.find((domain: Domain) => domain.subdomain === 'system')\n if (!systemDomain) {\n return false\n }\n\n return systemDomain.owner === user.id\n}\n\n/*\n * 현재 subdomain 과 user의 domain list와의 비교를 통해서,\n * 인증 성공 또는 인증 에러를 발생시킬 것인지를 결정한다.\n * 1. 현재 subdomain 이 결정되지 않은 경우.\n * - checkin로 이동한다.\n * 2. superUser 판단\n * 3. 현재 subdomain 이 결정된 경우.\n * - user의 domains 리스트에 해당 subdomain이 없다면, 인증 오류를 발생한다.\n */\n\nexport async function domainAuthenticateMiddleware(context: any, next: any) {\n const { t } = context\n const { domain, user } = context.state\n\n const subdomain: string = domain?.subdomain\n\n // 1. 현재 subdomain 이 결정되지 않은 경우.\n // - checkin로 이동한다.\n if (!subdomain) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.SUBDOMAIN_NOTFOUND\n })\n }\n\n // 2. 현재 subdomain 이 결정된 경우.\n const userDomains: Partial<Domain>[] = await getUserDomains(user)\n if (userDomains.find(domain => domain.subdomain == subdomain) || (await process.superUserGranted(domain, user))) {\n return await next()\n }\n\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.SUBDOMAIN_NOTFOUND\n })\n}\n"]}
|
|
@@ -24,7 +24,7 @@ exports.authCheckinRouter.get('/auth/checkin/:subdomain?', async (context, next)
|
|
|
24
24
|
try {
|
|
25
25
|
if (!subdomain)
|
|
26
26
|
throw new Error(t('error.domain not specified', { subdomain })); // When params doesn't have subdomain
|
|
27
|
-
const checkInDomain = domains.find(
|
|
27
|
+
const checkInDomain = domains.find(d => d.subdomain === subdomain); // When no matched domain with subdomain
|
|
28
28
|
if (!checkInDomain)
|
|
29
29
|
throw new Error(t('error.domain not specified', { subdomain }));
|
|
30
30
|
await checkIn(checkInDomain, null, context);
|
|
@@ -53,13 +53,14 @@ exports.authCheckinRouter.get('/auth/checkin/:subdomain?', async (context, next)
|
|
|
53
53
|
else if (domains.length === 1) {
|
|
54
54
|
checkInDomain = domains[0];
|
|
55
55
|
}
|
|
56
|
-
if (checkInDomain)
|
|
56
|
+
if (checkInDomain) {
|
|
57
57
|
return await checkIn(checkInDomain, redirectTo, context);
|
|
58
|
+
}
|
|
58
59
|
await context.render('auth-page', {
|
|
59
60
|
pageElement: 'auth-checkin',
|
|
60
61
|
elementScript: '/auth/checkin.js',
|
|
61
62
|
data: {
|
|
62
|
-
user,
|
|
63
|
+
user: { email: user.email, locale: user.locale, name: user.name, userType: user.userType },
|
|
63
64
|
domains,
|
|
64
65
|
domainType,
|
|
65
66
|
redirectTo,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth-checkin-router.js","sourceRoot":"","sources":["../../server/router/auth-checkin-router.ts"],"names":[],"mappings":";;;;AAAA,oEAA+B;AAE/B,6CAA4C;AAC5C,iDAA+F;AAE/F,0EAAqE;AAErE,8CAA0C;AAC1C,sEAAqE;AACrE,gEAA0D;AAE1D,MAAM,UAAU,GAAG,YAAM,CAAC,GAAG,CAAC,YAAY,CAAC,CAAA;AAE9B,QAAA,iBAAiB,GAAG,IAAI,oBAAM,EAAE,CAAA;AAE7C,yBAAiB,CAAC,GAAG,CAAC,2BAA2B,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACzE,MAAM,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC9B,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAA;IAC7B,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC9B,IAAI,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC,MAAM,CAAA;IAElC,IAAI,OAAO,
|
|
1
|
+
{"version":3,"file":"auth-checkin-router.js","sourceRoot":"","sources":["../../server/router/auth-checkin-router.ts"],"names":[],"mappings":";;;;AAAA,oEAA+B;AAE/B,6CAA4C;AAC5C,iDAA+F;AAE/F,0EAAqE;AAErE,8CAA0C;AAC1C,sEAAqE;AACrE,gEAA0D;AAE1D,MAAM,UAAU,GAAG,YAAM,CAAC,GAAG,CAAC,YAAY,CAAC,CAAA;AAE9B,QAAA,iBAAiB,GAAG,IAAI,oBAAM,EAAE,CAAA;AAE7C,yBAAiB,CAAC,GAAG,CAAC,2BAA2B,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACzE,MAAM,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC9B,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAA;IAC7B,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC9B,IAAI,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC,MAAM,CAAA;IAElC,IAAI,OAAO,GAAsB,MAAM,IAAA,iCAAc,EAAC,IAAI,CAAC,CAAA;IAC3D,IAAI,UAAU;QAAE,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,IAAI,UAAU,CAAC,CAAA;IAEtE,IAAI,CAAC,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE;QACjD,yCAAyC;QACzC,IAAI;YACF,IAAI,CAAC,SAAS;gBAAE,MAAM,IAAI,KAAK,CAAC,CAAC,CAAC,4BAA4B,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC,CAAA,CAAC,qCAAqC;YACrH,MAAM,aAAa,GAAgC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,SAAS,CAAC,CAAA,CAAC,wCAAwC;YACxI,IAAI,CAAC,aAAa;gBAAE,MAAM,IAAI,KAAK,CAAC,CAAC,CAAC,4BAA4B,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC,CAAA;YAEnF,MAAM,OAAO,CAAC,aAAa,EAAE,IAAI,EAAE,OAAO,CAAC,CAAA;YAC3C,OAAO,CAAC,IAAI,GAAG,IAAI,CAAA;SACpB;QAAC,OAAO,CAAC,EAAE;YACV,IAAA,4CAAsB,EAAC,OAAO,CAAC,CAAA;YAC/B,MAAM,CAAC,CAAA;SACR;KACF;SAAM;QACL,qCAAqC;QACrC,MAAM,EAAE,WAAW,EAAE,UAAU,GAAG,GAAG,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QAEvD,IAAI;YACF,IAAI,OAAe,CAAA;YAEnB,IAAI,CAAC,SAAS,EAAE;gBACd,6CAA6C;gBAC7C,SAAS,GAAG,IAAA,6BAAqB,EAAC,OAAO,EAAE,UAAU,CAAC,CAAA;aACvD;YAED,IAAI,aAA8B,CAAA;YAClC,IAAI,SAAS,EAAE;gBACb,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,SAAS,CAAC,CAAA;gBAC3D,IAAI,CAAC,aAAa;oBAAE,OAAO,GAAG,CAAC,CAAC,0BAA0B,EAAE,EAAE,SAAS,EAAE,CAAC,CAAA;aAC3E;iBAAM,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE;gBAC/B,aAAa,GAAG,OAAO,CAAC,CAAC,CAAC,CAAA;aAC3B;YAED,IAAI,aAAa,EAAE;gBACjB,OAAO,MAAM,OAAO,CAAC,aAAa,EAAE,UAAU,EAAE,OAAO,CAAC,CAAA;aACzD;YAED,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;gBAChC,WAAW,EAAE,cAAc;gBAC3B,aAAa,EAAE,kBAAkB;gBACjC,IAAI,EAAE;oBACJ,IAAI,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE;oBAC1F,OAAO;oBACP,UAAU;oBACV,UAAU;oBACV,OAAO;iBACR;aACF,CAAC,CAAA;SACH;QAAC,OAAO,CAAC,EAAE;YACV,IAAA,4CAAsB,EAAC,OAAO,CAAC,CAAA;YAC/B,OAAO,CAAC,QAAQ,CACd,sBAAsB,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,gBAAgB,kBAAkB,CAAC,UAAU,CAAC,EAAE,CACrG,CAAA;SACF;KACF;AACH,CAAC,CAAC,CAAA;AAEF,yBAAiB,CAAC,GAAG,CAAC,eAAe,EAAE,KAAK,EAAC,OAAO,EAAC,EAAE;IACrD,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC9B,IAAI,OAAO,GAAG,MAAM,IAAA,iCAAc,EAAC,IAAI,CAAC,CAAA;IACxC,IAAI,UAAU,EAAE;QACd,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,IAAI,UAAU,CAAC,CAAA;KACvD;IAED,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;AACxB,CAAC,CAAC,CAAA;AAEF,KAAK,UAAU,OAAO,CACpB,aAA8B,EAC9B,UAAyB,EACzB,OAAwB;IAExB,MAAM,IAAI,GAAS,OAAO,CAAC,KAAK,CAAC,IAAI,CAAA;IACrC,MAAM,4BAAY,CAAC,KAAK,CAAC,aAAa,EAAE,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,aAAa,CAAC,CAAA;IAEnF,IAAI,UAAU,EAAE;QACd,OAAO,OAAO,CAAC,QAAQ,CAAC,IAAA,gCAAwB,EAAC,OAAO,EAAE,aAAa,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC,CAAA;KAChG;AACH,CAAC","sourcesContent":["import Router from 'koa-router'\n\nimport { config } from '@things-factory/env'\nimport { Domain, findSubdomainFromPath, getRedirectSubdomainPath } from '@things-factory/shell'\n\nimport { LoginHistory } from '../service/login-history/login-history'\nimport { User } from '../service/user/user'\nimport { accepts } from '../utils/accepts'\nimport { clearAccessTokenCookie } from '../utils/access-token-cookie'\nimport { getUserDomains } from '../utils/get-user-domains'\n\nconst domainType = config.get('domainType')\n\nexport const authCheckinRouter = new Router()\n\nauthCheckinRouter.get('/auth/checkin/:subdomain?', async (context, next) => {\n const { request, t } = context\n const header = request.header\n const { user } = context.state\n let { subdomain } = context.params\n\n let domains: Partial<Domain>[] = await getUserDomains(user)\n if (domainType) domains = domains.filter(d => d.extType == domainType)\n\n if (!accepts(header.accept, ['text/html', '*/*'])) {\n // When request expects non html response\n try {\n if (!subdomain) throw new Error(t('error.domain not specified', { subdomain })) // When params doesn't have subdomain\n const checkInDomain: Partial<Domain> | undefined = domains.find(d => d.subdomain === subdomain) // When no matched domain with subdomain\n if (!checkInDomain) throw new Error(t('error.domain not specified', { subdomain }))\n\n await checkIn(checkInDomain, null, context)\n context.body = true\n } catch (e) {\n clearAccessTokenCookie(context)\n throw e\n }\n } else {\n // When request expects html response\n const { redirect_to: redirectTo = '/' } = context.query\n\n try {\n let message: string\n\n if (!subdomain) {\n /* try to find domain from redirectTo path */\n subdomain = findSubdomainFromPath(context, redirectTo)\n }\n\n let checkInDomain: Partial<Domain>\n if (subdomain) {\n checkInDomain = domains.find(d => d.subdomain == subdomain)\n if (!checkInDomain) message = t('error.domain not allowed', { subdomain })\n } else if (domains.length === 1) {\n checkInDomain = domains[0]\n }\n\n if (checkInDomain) {\n return await checkIn(checkInDomain, redirectTo, context)\n }\n\n await context.render('auth-page', {\n pageElement: 'auth-checkin',\n elementScript: '/auth/checkin.js',\n data: {\n user: { email: user.email, locale: user.locale, name: user.name, userType: user.userType },\n domains,\n domainType,\n redirectTo,\n message\n }\n })\n } catch (e) {\n clearAccessTokenCookie(context)\n context.redirect(\n `/auth/signin?email=${encodeURIComponent(user.email)}&redirect_to=${encodeURIComponent(redirectTo)}`\n )\n }\n }\n})\n\nauthCheckinRouter.get('/auth/domains', async context => {\n const { user } = context.state\n var domains = await getUserDomains(user)\n if (domainType) {\n domains = domains.filter(d => d.extType == domainType)\n }\n\n context.body = domains\n})\n\nasync function checkIn(\n checkInDomain: Partial<Domain>,\n redirectTo: string | null,\n context: ResolverContext\n): Promise<void> {\n const user: User = context.state.user\n await LoginHistory.stamp(checkInDomain, user, context.req.connection.remoteAddress)\n\n if (redirectTo) {\n return context.redirect(getRedirectSubdomainPath(context, checkInDomain.subdomain, redirectTo))\n }\n}\n"]}
|
|
@@ -69,16 +69,7 @@ exports.authPrivateProcessRouter
|
|
|
69
69
|
super: await process.superUserGranted(domain, user),
|
|
70
70
|
privileges: await user_1.User.getPrivilegesByDomain(user, domain)
|
|
71
71
|
},
|
|
72
|
-
domains
|
|
73
|
-
return {
|
|
74
|
-
subdomain: d.subdomain,
|
|
75
|
-
name: d.name,
|
|
76
|
-
description: d.description,
|
|
77
|
-
extType: d.extType,
|
|
78
|
-
brandName: d.brandName,
|
|
79
|
-
brandImage: d.brandImage
|
|
80
|
-
};
|
|
81
|
-
}),
|
|
72
|
+
domains,
|
|
82
73
|
domain: domain && {
|
|
83
74
|
name: domain.name,
|
|
84
75
|
subdomain: domain.subdomain
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth-private-process-router.js","sourceRoot":"","sources":["../../server/router/auth-private-process-router.ts"],"names":[],"mappings":";;;;AAAA,qCAA+B;AAC/B,oEAA+B;AAE/B,6CAA4C;AAC5C,iDAA6D;AAE7D,0DAAqD;AACrD,4DAAuD;AACvD,oDAAsD;AACtD,+CAA2C;AAC3C,sEAA2F;AAC3F,gEAA0D;AAE1D,MAAM,UAAU,GAAG,YAAM,CAAC,GAAG,CAAC,YAAY,CAAC,CAAA;AAE9B,QAAA,wBAAwB,GAAG,IAAI,oBAAM,CAAC;IACjD,MAAM,EAAE,OAAO;CAChB,CAAC,CAAA;AAEF,gCAAwB;KACrB,IAAI,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC5C,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,YAAY,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAEnE,MAAM,KAAK,GAAG,MAAM,IAAA,sBAAS,EAAC,OAAO,CAAC,KAAK,CAAC,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,YAAY,EAAE,OAAO,CAAC,CAAA;IAEhG,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,oCAAoC,CAAC,CAAA;IAEtD,IAAA,0CAAoB,EAAC,OAAO,EAAE,KAAK,CAAC,CAAA;AACtC,CAAC,CAAC;KACD,IAAI,CAAC,iBAAiB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC/C,MAAM,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC9B,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IACxC,MAAM,IAAA,uBAAa,EAAC,OAAO,CAAC,KAAK,CAAC,IAAI,EAAE,WAAW,CAAC,CAAA;IAEpD,IAAI,WAAW,CAAC,MAAM,EAAE;QACtB,OAAO,CAAC,IAAI,GAAG,OAAO,CAAC,SAAS,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,mCAAmC,CAAC,CAAA;KAC1F;SAAM;QACL,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,mCAAmC,CAAC,CAAA;KACtD;AACH,CAAC,CAAC;KACD,IAAI,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC5C,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,IAAI,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC5B,IAAI,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,IAAI,CAAA;IAE/B,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAE9C,MAAM,QAAQ,GAAG,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAA;IACpC,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC;QACtC,KAAK,EAAE;YACL,KAAK,EAAE,IAAA,eAAK,EAAC,SAAS,CAAC;SACxB;QACD,SAAS,EAAE,CAAC,SAAS,CAAC;KACvB,CAAC,CAAA;IAEF,IAAI,KAAK,IAAI,SAAS,IAAI,CAAC,WAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,CAAC,IAAI,CAAC,EAAE;QAClF,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,8BAA8B,CAAC,CAAA;QAChD,OAAM;KACP;IAED,MAAM,IAAA,wBAAU,EAAC,IAAI,CAAC,CAAA;IAEtB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,6BAA6B,CAAC,CAAA;IAC/C,IAAA,4CAAsB,EAAC,OAAO,CAAC,CAAA;AACjC,CAAC,CAAC;KACD,GAAG,CAAC,UAAU,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACvC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAEtC,IAAI,OAAO,
|
|
1
|
+
{"version":3,"file":"auth-private-process-router.js","sourceRoot":"","sources":["../../server/router/auth-private-process-router.ts"],"names":[],"mappings":";;;;AAAA,qCAA+B;AAC/B,oEAA+B;AAE/B,6CAA4C;AAC5C,iDAA6D;AAE7D,0DAAqD;AACrD,4DAAuD;AACvD,oDAAsD;AACtD,+CAA2C;AAC3C,sEAA2F;AAC3F,gEAA0D;AAE1D,MAAM,UAAU,GAAG,YAAM,CAAC,GAAG,CAAC,YAAY,CAAC,CAAA;AAE9B,QAAA,wBAAwB,GAAG,IAAI,oBAAM,CAAC;IACjD,MAAM,EAAE,OAAO;CAChB,CAAC,CAAA;AAEF,gCAAwB;KACrB,IAAI,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC5C,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,YAAY,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAEnE,MAAM,KAAK,GAAG,MAAM,IAAA,sBAAS,EAAC,OAAO,CAAC,KAAK,CAAC,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,YAAY,EAAE,OAAO,CAAC,CAAA;IAEhG,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,oCAAoC,CAAC,CAAA;IAEtD,IAAA,0CAAoB,EAAC,OAAO,EAAE,KAAK,CAAC,CAAA;AACtC,CAAC,CAAC;KACD,IAAI,CAAC,iBAAiB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC/C,MAAM,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC9B,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IACxC,MAAM,IAAA,uBAAa,EAAC,OAAO,CAAC,KAAK,CAAC,IAAI,EAAE,WAAW,CAAC,CAAA;IAEpD,IAAI,WAAW,CAAC,MAAM,EAAE;QACtB,OAAO,CAAC,IAAI,GAAG,OAAO,CAAC,SAAS,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,mCAAmC,CAAC,CAAA;KAC1F;SAAM;QACL,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,mCAAmC,CAAC,CAAA;KACtD;AACH,CAAC,CAAC;KACD,IAAI,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC5C,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,IAAI,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC5B,IAAI,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,IAAI,CAAA;IAE/B,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAE9C,MAAM,QAAQ,GAAG,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAA;IACpC,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC;QACtC,KAAK,EAAE;YACL,KAAK,EAAE,IAAA,eAAK,EAAC,SAAS,CAAC;SACxB;QACD,SAAS,EAAE,CAAC,SAAS,CAAC;KACvB,CAAC,CAAA;IAEF,IAAI,KAAK,IAAI,SAAS,IAAI,CAAC,WAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,CAAC,IAAI,CAAC,EAAE;QAClF,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,8BAA8B,CAAC,CAAA;QAChD,OAAM;KACP;IAED,MAAM,IAAA,wBAAU,EAAC,IAAI,CAAC,CAAA;IAEtB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,6BAA6B,CAAC,CAAA;IAC/C,IAAA,4CAAsB,EAAC,OAAO,CAAC,CAAA;AACjC,CAAC,CAAC;KACD,GAAG,CAAC,UAAU,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACvC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAEtC,IAAI,OAAO,GAAsB,MAAM,IAAA,iCAAc,EAAC,IAAI,CAAC,CAAA;IAC3D,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,IAAI,UAAU,CAAC,CAAA;IAEhE,OAAO,CAAC,IAAI,GAAG;QACb,IAAI,EAAE;YACJ,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,KAAK,EAAE,MAAM,OAAO,CAAC,kBAAkB,CAAC,MAAM,EAAE,IAAI,CAAC;YACrD,KAAK,EAAE,MAAM,OAAO,CAAC,gBAAgB,CAAC,MAAM,EAAE,IAAI,CAAC;YACnD,UAAU,EAAE,MAAM,WAAI,CAAC,qBAAqB,CAAC,IAAI,EAAE,MAAM,CAAC;SAC3D;QACD,OAAO;QACP,MAAM,EAAE,MAAM,IAAI;YAChB,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,SAAS,EAAE,MAAM,CAAC,SAAS;SAC5B;KACF,CAAA;AACH,CAAC,CAAC,CAAA","sourcesContent":["import { ILike } from 'typeorm'\nimport Router from 'koa-router'\n\nimport { config } from '@things-factory/env'\nimport { Domain, getRepository } from '@things-factory/shell'\n\nimport { changePwd } from '../controllers/change-pwd'\nimport { deleteUser } from '../controllers/delete-user'\nimport { updateProfile } from '../controllers/profile'\nimport { User } from '../service/user/user'\nimport { clearAccessTokenCookie, setAccessTokenCookie } from '../utils/access-token-cookie'\nimport { getUserDomains } from '../utils/get-user-domains'\n\nconst domainType = config.get('domainType')\n\nexport const authPrivateProcessRouter = new Router({\n prefix: '/auth'\n})\n\nauthPrivateProcessRouter\n .post('/change-pass', async (context, next) => {\n const { t } = context\n let { current_pass, new_pass, confirm_pass } = context.request.body\n\n const token = await changePwd(context.state.user, current_pass, new_pass, confirm_pass, context)\n\n context.body = t('text.password changed successfully')\n\n setAccessTokenCookie(context, token)\n })\n .post('/update-profile', async (context, next) => {\n const { i18next, t } = context\n const newProfiles = context.request.body\n await updateProfile(context.state.user, newProfiles)\n\n if (newProfiles.locale) {\n context.body = i18next.getFixedT(newProfiles.locale)('text.profile changed successfully')\n } else {\n context.body = t('text.profile changed successfully')\n }\n })\n .post('/delete-user', async (context, next) => {\n const { t } = context\n var { user } = context.state\n var { email: userEmail } = user\n\n var { password, email } = context.request.body\n\n const userRepo = getRepository(User)\n const userInfo = await userRepo.findOne({\n where: {\n email: ILike(userEmail)\n },\n relations: ['domains']\n })\n\n if (email != userEmail || !User.verify(userInfo.password, password, userInfo.salt)) {\n context.status = 401\n context.body = t('error.user validation failed')\n return\n }\n\n await deleteUser(user)\n\n context.body = t('text.delete account succeed')\n clearAccessTokenCookie(context)\n })\n .get('/profile', async (context, next) => {\n const { domain, user } = context.state\n\n let domains: Partial<Domain>[] = await getUserDomains(user)\n domains = domains.filter((d: Domain) => d.extType == domainType)\n\n context.body = {\n user: {\n email: user.email,\n name: user.name,\n userType: user.userType,\n owner: await process.domainOwnerGranted(domain, user),\n super: await process.superUserGranted(domain, user),\n privileges: await User.getPrivilegesByDomain(user, domain)\n },\n domains,\n domain: domain && {\n name: domain.name,\n subdomain: domain.subdomain\n }\n }\n })\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"site-root-router.js","sourceRoot":"","sources":["../../server/router/site-root-router.ts"],"names":[],"mappings":";;;;AAAA,oEAA+B;AAC/B,wEAAmC;AAEnC,iDAAgE;AAChE,6CAA4C;AAE5C,+CAA2C;AAC3C,gEAA0D;AAE1D,MAAM,iBAAiB,GAAG,YAAM,CAAC,GAAG,CAAC,iBAAiB,EAAE,cAAc,CAAC,CAAA;AAE1D,QAAA,cAAc,GAAG,IAAI,oBAAM,EAAE,CAAA;AAE1C,KAAK,UAAU,QAAQ,CAAC,OAAO,EAAE,IAAI;IACnC,OAAO,MAAM,sBAAQ,CAAC,YAAY,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;QACzF,IAAI,OAAO,EAAE;YACX,IAAI;gBACF,MAAM,IAAI,GAAG,MAAM,WAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAA;gBAC1C,OAAO,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,CAAA;aAC1B;YAAC,OAAO,CAAC,EAAE,GAAE;SACf;QAED,MAAM,IAAI,EAAE,CAAA;IACd,CAAC,CAAC,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;AACnB,CAAC;AAED,sBAAc,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,EAAE,wBAAgB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC1E,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAEtC,MAAM,SAAS,GAAG,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,SAAS,CAAA;IAEnC,IAAI,IAAI,IAAI,SAAS,EAAE;QACrB,MAAM,WAAW,
|
|
1
|
+
{"version":3,"file":"site-root-router.js","sourceRoot":"","sources":["../../server/router/site-root-router.ts"],"names":[],"mappings":";;;;AAAA,oEAA+B;AAC/B,wEAAmC;AAEnC,iDAAgE;AAChE,6CAA4C;AAE5C,+CAA2C;AAC3C,gEAA0D;AAE1D,MAAM,iBAAiB,GAAG,YAAM,CAAC,GAAG,CAAC,iBAAiB,EAAE,cAAc,CAAC,CAAA;AAE1D,QAAA,cAAc,GAAG,IAAI,oBAAM,EAAE,CAAA;AAE1C,KAAK,UAAU,QAAQ,CAAC,OAAO,EAAE,IAAI;IACnC,OAAO,MAAM,sBAAQ,CAAC,YAAY,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;QACzF,IAAI,OAAO,EAAE;YACX,IAAI;gBACF,MAAM,IAAI,GAAG,MAAM,WAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAA;gBAC1C,OAAO,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,CAAA;aAC1B;YAAC,OAAO,CAAC,EAAE,GAAE;SACf;QAED,MAAM,IAAI,EAAE,CAAA;IACd,CAAC,CAAC,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;AACnB,CAAC;AAED,sBAAc,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,EAAE,wBAAgB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC1E,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAEtC,MAAM,SAAS,GAAG,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,SAAS,CAAA;IAEnC,IAAI,IAAI,IAAI,SAAS,EAAE;QACrB,MAAM,WAAW,GAAsB,MAAM,IAAA,iCAAc,EAAC,IAAI,CAAC,CAAA;QACjE,IAAI,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,UAAU,CAAC,SAAS,IAAI,SAAS,CAAC,EAAE;YACrE,OAAO,MAAM,IAAI,EAAE,CAAA;SACpB;QAED,OAAO,OAAO,CAAC,QAAQ,CAAC,iBAAiB,SAAS,EAAE,CAAC,CAAA;KACtD;IAED,IAAI,IAAI,IAAI,CAAC,SAAS,EAAE;QACtB,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAA;QAEjC,OAAM;KACP;IAED,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAA;AACrC,CAAC,CAAC,CAAA","sourcesContent":["import Router from 'koa-router'\nimport passport from 'koa-passport'\n\nimport { Domain, domainMiddleware } from '@things-factory/shell'\nimport { config } from '@things-factory/env'\n\nimport { User } from '../service/user/user'\nimport { getUserDomains } from '../utils/get-user-domains'\n\nconst PUBLIC_HOME_ROUTE = config.get('publicHomeRoute', '/public/home')\n\nexport const siteRootRouter = new Router()\n\nasync function findAuth(context, next) {\n return await passport.authenticate('jwt', { session: false }, async (err, decoded, info) => {\n if (decoded) {\n try {\n const user = await User.checkAuth(decoded)\n context.state.user = user\n } catch (e) {}\n }\n\n await next()\n })(context, next)\n}\n\nsiteRootRouter.get('/', findAuth, domainMiddleware, async (context, next) => {\n const { user, domain } = context.state\n\n const subdomain = domain?.subdomain\n\n if (user && subdomain) {\n const userDomains: Partial<Domain>[] = await getUserDomains(user)\n if (userDomains.find(userDomain => userDomain.subdomain == subdomain)) {\n return await next()\n }\n\n return context.redirect(`/auth/checkin/${subdomain}`)\n }\n\n if (user && !subdomain) {\n context.redirect('/auth/checkin')\n\n return\n }\n\n context.redirect(PUBLIC_HOME_ROUTE)\n})\n"]}
|
|
@@ -17,6 +17,7 @@ tslib_1.__decorate([
|
|
|
17
17
|
], AppBinding.prototype, "scope", void 0);
|
|
18
18
|
tslib_1.__decorate([
|
|
19
19
|
(0, type_graphql_1.Field)({ nullable: true }),
|
|
20
|
+
(0, type_graphql_1.Directive)('@privilege(category: "security", privilege: "query", domainOwnerGranted: true)'),
|
|
20
21
|
tslib_1.__metadata("design:type", String)
|
|
21
22
|
], AppBinding.prototype, "refreshToken", void 0);
|
|
22
23
|
AppBinding = tslib_1.__decorate([
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"app-binding.js","sourceRoot":"","sources":["../../../server/service/app-binding/app-binding.ts"],"names":[],"mappings":";;;;AAAA,+
|
|
1
|
+
{"version":3,"file":"app-binding.js","sourceRoot":"","sources":["../../../server/service/app-binding/app-binding.ts"],"names":[],"mappings":";;;;AAAA,+CAA2D;AAE3D,4DAAwD;AACxD,uCAA+C;AAGxC,IAAM,UAAU,GAAhB,MAAM,UAAW,SAAQ,WAAI;CAUnC,CAAA;AATC;IAAC,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACb,yBAAW;+CAAA;AAExB;IAAC,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;yCACb;AAEb;IAAC,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IACzB,IAAA,wBAAS,EAAC,gFAAgF,CAAC;;gDACxE;AATT,UAAU;IADtB,IAAA,yBAAU,GAAE;GACA,UAAU,CAUtB;AAVY,gCAAU","sourcesContent":["import { ObjectType, Field, Directive } from 'type-graphql'\nimport { Domain } from '@things-factory/shell'\nimport { Application } from '../application/application'\nimport { User, UserStatus } from '../user/user'\n\n@ObjectType()\nexport class AppBinding extends User {\n @Field({ nullable: true })\n application: Application\n\n @Field({ nullable: true })\n scope: string\n\n @Field({ nullable: true })\n @Directive('@privilege(category: \"security\", privilege: \"query\", domainOwnerGranted: true)')\n refreshToken: string\n}\n"]}
|
|
@@ -159,6 +159,7 @@ tslib_1.__decorate([
|
|
|
159
159
|
: 'varchar'
|
|
160
160
|
}),
|
|
161
161
|
(0, type_graphql_1.Field)({ nullable: true }),
|
|
162
|
+
(0, type_graphql_1.Directive)('@privilege(category: "security", privilege: "query", domainOwnerGranted: true)'),
|
|
162
163
|
tslib_1.__metadata("design:type", String)
|
|
163
164
|
], Application.prototype, "appSecret", void 0);
|
|
164
165
|
tslib_1.__decorate([
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"application.js","sourceRoot":"","sources":["../../../server/service/application/application.ts"],"names":[],"mappings":";;;;AAAA,4DAA2B;AAC3B,wEAA8B;AAC9B,+
|
|
1
|
+
{"version":3,"file":"application.js","sourceRoot":"","sources":["../../../server/service/application/application.ts"],"names":[],"mappings":";;;;AAAA,4DAA2B;AAC3B,wEAA8B;AAC9B,+CAAiF;AACjF,qCASgB;AAEhB,6CAA4C;AAC5C,iDAA8C;AAE9C,uDAA+C;AAC/C,uCAA+C;AAE/C,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC,CAAA;AAC7C,MAAM,aAAa,GAAG,SAAS,CAAC,IAAI,CAAA;AAEpC,IAAY,iBAGX;AAHD,WAAY,iBAAiB;IAC3B,oCAAe,CAAA;IACf,4CAAuB,CAAA;AACzB,CAAC,EAHW,iBAAiB,GAAjB,yBAAiB,KAAjB,yBAAiB,QAG5B;AAED,IAAA,+BAAgB,EAAC,iBAAiB,EAAE;IAClC,IAAI,EAAE,mBAAmB;IACzB,WAAW,EAAE,oCAAoC;CAClD,CAAC,CAAA;AAEF,IAAY,eAOX;AAPD,WAAY,eAAe;IACzB,8CAA2B,CAAA;IAC3B,oCAAiB,CAAA;IACjB,8BAAW,CAAA;IACX,gCAAa,CAAA;IACb,oCAAiB,CAAA;IACjB,gCAAa,CAAA;AACf,CAAC,EAPW,eAAe,GAAf,uBAAe,KAAf,uBAAe,QAO1B;AAED,IAAA,+BAAgB,EAAC,eAAe,EAAE;IAChC,IAAI,EAAE,iBAAiB;IACvB,WAAW,EAAE,oCAAoC;CAClD,CAAC,CAAA;AAIK,IAAM,WAAW,GAAjB,MAAM,WAAW;IAyGtB,uBAAuB;IACvB,MAAM,CAAC,iBAAiB;QACtB,OAAO,gBAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;IAC/C,CAAC;IAED,MAAM,CAAC,cAAc;QACnB,OAAO,gBAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;IAC/C,CAAC;IAED,8BAA8B;IAC9B,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK;QACzD,IAAI,WAAW,GAAG;YAChB,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,QAAQ,EAAE,aAAa;YACvB,WAAW,EAAE;gBACX,MAAM;aACP;YACD,MAAM,EAAE,iBAAU,CAAC,SAAS;YAC5B,MAAM,EAAE;gBACN,SAAS,EAAE,MAAM,CAAC,SAAS;aAC5B;YACD,KAAK;SACN,CAAA;QAED,OAAO,sBAAG,CAAC,IAAI,CAAC,WAAW,EAAE,mBAAM,EAAE;YACnC,SAAS;YACT,MAAM,EAAE,cAAc;YACtB,OAAO;SACR,CAAC,CAAA;IACJ,CAAC;IAED,MAAM,CAAC,mBAAmB,CAAC,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK;QACpD,uDAAuD;QACvD,OAAO,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC,CAAA;IACtE,CAAC;IAED,MAAM,CAAC,oBAAoB,CAAC,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK;QACrD,uDAAuD;QACvD,OAAO,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC,CAAA;IACtE,CAAC;IAED,wCAAwC;IACxC,MAAM,CAAC,gBAAgB,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK;QAC7D,IAAI,UAAU,GAAG;YACf,KAAK;YACL,MAAM;YACN,SAAS;YACT,MAAM;YACN,KAAK;SACN,CAAA;QAED,OAAO,sBAAG,CAAC,IAAI,CAAC,UAAU,EAAE,mBAAM,EAAE;YAClC,SAAS,EAAE,IAAI;SAChB,CAAC,CAAA;IACJ,CAAC;IAED,wCAAwC;IACxC,MAAM,CAAC,cAAc,CAAC,QAAQ;QAC5B,OAAO,sBAAG,CAAC,MAAM,CAAC,QAAQ,EAAE,mBAAM,CAAC,CAAA;IACrC,CAAC;CACF,CAAA;AApKC;IAAC,IAAA,gCAAsB,EAAC,MAAM,CAAC;IAC9B,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,iBAAE,CAAC;;uCACC;AAEnB;IAAC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,cAAM,CAAC;sCAClB,cAAM;2CAAA;AAEd;IAAC,IAAA,oBAAU,EAAC,CAAC,WAAwB,EAAE,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC;;6CAC7C;AAEhB;IAAC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,GAAE;;yCACI;AAEZ;IAAC,IAAA,gBAAM,EAAC;QACN,QAAQ,EAAE,IAAI;KACf,CAAC;IACD,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;gDACP;AAEnB;IAAC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,GAAE;;0CACK;AAEb;IAAC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,GAAE;;wCACG;AAEX;IAAC,IAAA,gBAAM,EAAC;QACN,QAAQ,EAAE,IAAI;KACf,CAAC;IACD,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;yCACd;AAEZ;IAAC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,GAAE;;gDACW;AAEnB;IAAC,IAAA,gBAAM,EAAC;QACN,QAAQ,EAAE,IAAI;KACf,CAAC;IACD,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;4CACX;AAEf;IAAC,IAAA,gBAAM,EAAC;QACN,QAAQ,EAAE,IAAI;KACf,CAAC;IACD,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;2CACZ;AAEd;IAAC,IAAA,gBAAM,EAAC;QACN,QAAQ,EAAE,IAAI;QACd,IAAI,EACF,aAAa,IAAI,OAAO,IAAI,aAAa,IAAI,SAAS;YACpD,CAAC,CAAC,UAAU;YACZ,CAAC,CAAC,aAAa,IAAI,QAAQ;gBAC3B,CAAC,CAAC,MAAM;gBACR,CAAC,CAAC,SAAS;KAChB,CAAC;IACD,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IACzB,IAAA,wBAAS,EAAC,gFAAgF,CAAC;;8CAC3E;AAEjB;IAAC,IAAA,gBAAM,EAAC;QACN,OAAO,EAAE,iBAAiB,CAAC,KAAK;KACjC,CAAC;IACD,IAAA,oBAAK,GAAE;;2CACiB;AAEzB;IAAC,IAAA,gBAAM,EAAC;QACN,IAAI,EACF,aAAa,IAAI,UAAU,IAAI,aAAa,IAAI,OAAO,IAAI,aAAa,IAAI,SAAS;YACnF,CAAC,CAAC,MAAM;YACR,CAAC,CAAC,aAAa,IAAI,QAAQ;gBAC3B,CAAC,CAAC,UAAU;gBACZ,CAAC,CAAC,UAAU;QAChB,IAAI,EAAE,eAAe;QACrB,OAAO,EAAE,eAAe,CAAC,MAAM;KAChC,CAAC;IACD,IAAA,oBAAK,GAAE;;yCACa;AAErB;IAAC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACf,IAAI;8CAAA;AAEf;IAAC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACf,IAAI;8CAAA;AAEf;IAAC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,WAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACjB,WAAI;4CAAA;AAEb;IAAC,IAAA,oBAAU,EAAC,CAAC,WAAwB,EAAE,EAAE,CAAC,WAAW,CAAC,OAAO,CAAC;;8CAC7C;AAEjB;IAAC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,WAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACjB,WAAI;4CAAA;AAEb;IAAC,IAAA,oBAAU,EAAC,CAAC,WAAwB,EAAE,EAAE,CAAC,WAAW,CAAC,OAAO,CAAC;;8CAC7C;AAvGN,WAAW;IAHvB,IAAA,gBAAM,GAAE;IACR,IAAA,eAAK,EAAC,kBAAkB,EAAE,CAAC,WAAwB,EAAE,EAAE,CAAC,CAAC,WAAW,CAAC,MAAM,CAAC,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;IAC/F,IAAA,yBAAU,GAAE;GACA,WAAW,CAqKvB;AArKY,kCAAW","sourcesContent":["import crypto from 'crypto'\nimport jwt from 'jsonwebtoken'\nimport { Directive, Field, ID, ObjectType, registerEnumType } from 'type-graphql'\nimport {\n Column,\n CreateDateColumn,\n Entity,\n Index,\n ManyToOne,\n PrimaryGeneratedColumn,\n RelationId,\n UpdateDateColumn\n} from 'typeorm'\n\nimport { config } from '@things-factory/env'\nimport { Domain } from '@things-factory/shell'\n\nimport { SECRET } from '../../utils/get-secret'\nimport { User, UserStatus } from '../user/user'\n\nconst ORMCONFIG = config.get('ormconfig', {})\nconst DATABASE_TYPE = ORMCONFIG.type\n\nexport enum ApplicationStatus {\n DRAFT = 'DRAFT',\n ACTIVATED = 'ACTIVATED'\n}\n\nregisterEnumType(ApplicationStatus, {\n name: 'ApplicationStatus',\n description: 'state enumeration of a application'\n})\n\nexport enum ApplicationType {\n SELLERCRAFT = 'SELLERCRAFT',\n XILNEX = 'XILNEX',\n MMS = 'MMS',\n XERO = 'XERO',\n OTHERS = 'OTHERS',\n SFTP = 'SFTP'\n}\n\nregisterEnumType(ApplicationType, {\n name: 'ApplicationType',\n description: 'state enumeration of a application'\n})\n@Entity()\n@Index('ix_application_0', (application: Application) => [application.appKey], { unique: true })\n@ObjectType()\nexport class Application {\n @PrimaryGeneratedColumn('uuid')\n @Field(type => ID)\n readonly id: string\n\n @ManyToOne(type => Domain)\n domain: Domain\n\n @RelationId((application: Application) => application.domain)\n domainId: string\n\n @Column()\n @Field()\n name: string\n\n @Column({\n nullable: true\n })\n @Field({ nullable: true })\n description: string\n\n @Column()\n @Field()\n email: string\n\n @Column()\n @Field()\n url: string\n\n @Column({\n nullable: true\n })\n @Field({ nullable: true })\n icon: string\n\n @Column()\n @Field()\n redirectUrl: string\n\n @Column({\n nullable: true\n })\n @Field({ nullable: true })\n webhook: string\n\n @Column({\n nullable: true\n })\n @Field({ nullable: true })\n appKey: string\n\n @Column({\n nullable: true,\n type:\n DATABASE_TYPE == 'mysql' || DATABASE_TYPE == 'mariadb'\n ? 'longtext'\n : DATABASE_TYPE == 'oracle'\n ? 'clob'\n : 'varchar'\n })\n @Field({ nullable: true })\n @Directive('@privilege(category: \"security\", privilege: \"query\", domainOwnerGranted: true)')\n appSecret: string\n\n @Column({\n default: ApplicationStatus.DRAFT\n })\n @Field()\n status: ApplicationStatus\n\n @Column({\n type:\n DATABASE_TYPE == 'postgres' || DATABASE_TYPE == 'mysql' || DATABASE_TYPE == 'mariadb'\n ? 'enum'\n : DATABASE_TYPE == 'oracle'\n ? 'varchar2'\n : 'smallint',\n enum: ApplicationType,\n default: ApplicationType.OTHERS\n })\n @Field()\n type: ApplicationType\n\n @CreateDateColumn()\n @Field({ nullable: true })\n createdAt: Date\n\n @UpdateDateColumn()\n @Field({ nullable: true })\n updatedAt: Date\n\n @ManyToOne(type => User, { nullable: true })\n @Field({ nullable: true })\n creator: User\n\n @RelationId((application: Application) => application.creator)\n creatorId: string\n\n @ManyToOne(type => User, { nullable: true })\n @Field({ nullable: true })\n updater: User\n\n @RelationId((application: Application) => application.updater)\n updaterId: string\n\n /* generateAppSecret */\n static generateAppSecret() {\n return crypto.randomBytes(16).toString('hex')\n }\n\n static generateAppKey() {\n return crypto.randomBytes(16).toString('hex')\n }\n\n /* signing for jsonwebtoken */\n static sign(subject, expiresIn, domain, user, appKey, scope) {\n var application = {\n id: user.id,\n userType: 'application',\n application: {\n appKey\n },\n status: UserStatus.ACTIVATED,\n domain: {\n subdomain: domain.subdomain\n },\n scope\n }\n\n return jwt.sign(application, SECRET, {\n expiresIn,\n issuer: 'hatiolab.com',\n subject\n })\n }\n\n static generateAccessToken(domain, user, appKey, scope) {\n /* how to set expiresIn https://github.com/vercel/ms */\n return this.sign('access-token', '30d', domain, user, appKey, scope)\n }\n\n static generateRefreshToken(domain, user, appKey, scope) {\n /* how to set expiresIn https://github.com/vercel/ms */\n return this.sign('refresh-token', '1y', domain, user, appKey, scope)\n }\n\n /* auth-code signing for jsonwebtoken */\n static generateAuthCode(email, appKey, subdomain, scopes, state) {\n var credential = {\n email,\n appKey,\n subdomain,\n scopes,\n state\n }\n\n return jwt.sign(credential, SECRET, {\n expiresIn: '1m'\n })\n }\n\n /* auth-code signing for jsonwebtoken */\n static verifyAuthCode(authcode) {\n return jwt.verify(authcode, SECRET)\n }\n}\n"]}
|
|
@@ -21,7 +21,7 @@ export * from './partner/partner-types';
|
|
|
21
21
|
export * from './privilege/privilege-types';
|
|
22
22
|
export * from './role/role-types';
|
|
23
23
|
export * from './user/user-types';
|
|
24
|
-
export declare const entities: (typeof import("./auth-provider/auth-provider").AuthProvider | typeof import("./users-auth-providers/users-auth-providers").UsersAuthProviders | typeof import("./
|
|
24
|
+
export declare const entities: (typeof import("./user/user").User | typeof import("./auth-provider/auth-provider").AuthProvider | typeof import("./users-auth-providers/users-auth-providers").UsersAuthProviders | typeof import("./role/role").Role | typeof import("./privilege/privilege").Privilege | typeof import("./verification-token/verification-token").VerificationToken | typeof import("./verification-token/verification-token").VerificationTokenType | typeof import("./password-history/password-history").PasswordHistory | typeof import("./invitation/invitation").Invitation | typeof import("./application/application").Application | typeof import("./login-history/login-history").LoginHistory | typeof import("./appliance/appliance").Appliance | typeof import("./granted-role/granted-role").GrantedRole | typeof import("./partner/partner").Partner)[];
|
|
25
25
|
export declare const schema: {
|
|
26
26
|
typeDefs: {
|
|
27
27
|
privilegeDirectiveTypeDefs: import("graphql").DocumentNode;
|
|
@@ -8,5 +8,5 @@ export declare class LoginHistory {
|
|
|
8
8
|
accessUserId: string;
|
|
9
9
|
accessorIp: string;
|
|
10
10
|
accessedAt: Date;
|
|
11
|
-
static stamp(accessDomain: Domain
|
|
11
|
+
static stamp(accessDomain: Partial<Domain>, accessUser: User, accessorIp: string): Promise<void>;
|
|
12
12
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"login-history.js","sourceRoot":"","sources":["../../../server/service/login-history/login-history.ts"],"names":[],"mappings":";;;;;AAAA,+CAAoD;AACpD,qCAAgH;AAEhH,iDAA6D;AAE7D,uCAAmC;AAK5B,IAAM,YAAY,oBAAlB,MAAM,YAAY;IA2BvB,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,
|
|
1
|
+
{"version":3,"file":"login-history.js","sourceRoot":"","sources":["../../../server/service/login-history/login-history.ts"],"names":[],"mappings":";;;;;AAAA,+CAAoD;AACpD,qCAAgH;AAEhH,iDAA6D;AAE7D,uCAAmC;AAK5B,IAAM,YAAY,oBAAlB,MAAM,YAAY;IA2BvB,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,YAA6B,EAAE,UAAgB,EAAE,UAAkB;QACpF,MAAM,IAAA,qBAAa,EAAC,cAAY,CAAC,CAAC,IAAI,CAAC;YACrC,YAAY;YACZ,UAAU;YACV,UAAU;SACX,CAAC,CAAA;IACJ,CAAC;CACF,CAAA;AAjCC;IAAC,IAAA,gCAAsB,EAAC,MAAM,CAAC;IAC9B,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,iBAAE,CAAC;;wCACC;AAEnB;IAAC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,cAAM,CAAC;IACzB,IAAA,oBAAK,GAAE;sCACM,cAAM;kDAAA;AAEpB;IAAC,IAAA,oBAAU,EAAC,CAAC,YAA0B,EAAE,EAAE,CAAC,YAAY,CAAC,YAAY,CAAC;;oDAChD;AAEtB;IAAC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,WAAI,CAAC;IACvB,IAAA,oBAAK,GAAE;sCACI,WAAI;gDAAA;AAEhB;IAAC,IAAA,oBAAU,EAAC,CAAC,YAA0B,EAAE,EAAE,CAAC,YAAY,CAAC,UAAU,CAAC;;kDAChD;AAEpB;IAAC,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;gDACR;AAElB;IAAC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACd,IAAI;gDAAA;AAzBL,YAAY;IAHxB,IAAA,gBAAM,GAAE;IACR,IAAA,eAAK,EAAC,oBAAoB,EAAE,CAAC,YAA0B,EAAE,EAAE,CAAC,CAAC,YAAY,CAAC,YAAY,EAAE,YAAY,CAAC,UAAU,CAAC,CAAC;IACjH,IAAA,yBAAU,GAAE;GACA,YAAY,CAkCxB;AAlCY,oCAAY","sourcesContent":["import { Field, ID, ObjectType } from 'type-graphql'\nimport { Column, CreateDateColumn, Entity, Index, ManyToOne, PrimaryGeneratedColumn, RelationId } from 'typeorm'\n\nimport { Domain, getRepository } from '@things-factory/shell'\n\nimport { User } from '../user/user'\n\n@Entity()\n@Index('ix_login_history_0', (loginHistory: LoginHistory) => [loginHistory.accessDomain, loginHistory.accessUser])\n@ObjectType()\nexport class LoginHistory {\n @PrimaryGeneratedColumn('uuid')\n @Field(type => ID)\n readonly id: string\n\n @ManyToOne(type => Domain)\n @Field()\n accessDomain: Domain\n\n @RelationId((loginHistory: LoginHistory) => loginHistory.accessDomain)\n accessDomainId: string\n\n @ManyToOne(type => User)\n @Field()\n accessUser: User\n\n @RelationId((loginHistory: LoginHistory) => loginHistory.accessUser)\n accessUserId: string\n\n @Column({ nullable: true })\n @Field({ nullable: true })\n accessorIp: string\n\n @CreateDateColumn()\n @Field({ nullable: true })\n accessedAt: Date\n\n static async stamp(accessDomain: Partial<Domain>, accessUser: User, accessorIp: string): Promise<void> {\n await getRepository(LoginHistory).save({\n accessDomain,\n accessUser,\n accessorIp\n })\n }\n}\n"]}
|
|
@@ -8,7 +8,7 @@ export declare class PrivilegeQuery {
|
|
|
8
8
|
privileges(params: ListParam, context: ResolverContext): Promise<PrivilegeList>;
|
|
9
9
|
myPrivileges(context: ResolverContext): Promise<Privilege[]>;
|
|
10
10
|
hasPrivilege(name: string, category: string, context: ResolverContext): Promise<Boolean>;
|
|
11
|
-
domainsWithPrivilege(name: string, category: string, context: ResolverContext): Promise<Domain[]>;
|
|
11
|
+
domainsWithPrivilege(name: string, category: string, context: ResolverContext): Promise<Partial<Domain>[]>;
|
|
12
12
|
description(privilege: Privilege, context: ResolverContext): Promise<string>;
|
|
13
13
|
roles(privilege: Privilege): Promise<Role[]>;
|
|
14
14
|
updater(privilege: Privilege): Promise<User>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"privilege-query.js","sourceRoot":"","sources":["../../../server/service/privilege/privilege-query.ts"],"names":[],"mappings":";;;;AAAA,+CAA8F;AAC9F,iDAAuG;AAEvG,uCAAmC;AACnC,uCAAmC;AACnC,2CAAuC;AACvC,uDAAiD;AAG1C,IAAM,cAAc,GAApB,MAAM,cAAc;IAGnB,AAAN,KAAK,CAAC,SAAS,CAAc,IAAY,EAAmB,QAAgB;QAC1E,OAAO,MAAM,IAAA,qBAAa,EAAC,qBAAS,CAAC,CAAC,OAAO,CAAC;YAC5C,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;SAC1B,CAAC,CAAA;IACJ,CAAC;IAIK,AAAN,KAAK,CAAC,UAAU,CAAS,MAAiB,EAAS,OAAwB;QACzE,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,GAAG,MAAM,IAAA,qCAA6B,EAAC;YACzD,MAAM;YACN,UAAU,EAAE,IAAA,qBAAa,EAAC,qBAAS,CAAC;YACpC,WAAW,EAAE,CAAC,MAAM,EAAE,UAAU,CAAC;SAClC,CAAC,CAAC,eAAe,EAAE,CAAA;QAEpB,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,CAAA;IACzB,CAAC;IAKK,AAAN,KAAK,CAAC,YAAY,CAAQ,OAAwB;QAChD,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QAEtC,OAAO,WAAI,CAAC,qBAAqB,CAAC,IAAI,EAAE,MAAM,CAAC,CAAA;IACjD,CAAC;IAGK,AAAN,KAAK,CAAC,YAAY,CACH,IAAY,EACR,QAAgB,EAC1B,OAAwB;QAE/B,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QACtC,OAAO,MAAM,WAAI,CAAC,YAAY,CAAC,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,CAAA;IAC9D,CAAC;IAGK,AAAN,KAAK,CAAC,oBAAoB,CACX,IAAY,EACR,QAAgB,EAC1B,OAAwB;QAE/B,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QAC9B,OAAO,MAAM,WAAI,CAAC,uBAAuB,CAAC,IAAI,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAA;IACjE,CAAC;IAGK,AAAN,KAAK,CAAC,WAAW,CAAS,SAAoB,EAAS,OAAwB;QAC7E,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;QACrB,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,SAAS,CAAA;QAEpC,MAAM,OAAO,GAAG,kBAAkB,IAAI,EAAE,CAAA;QACxC,MAAM,WAAW,GAAG,sBAAsB,QAAQ,EAAE,CAAA;QACpD,MAAM,KAAK,GAAG,CAAC,CAAC,OAAO,CAAC,CAAA;QACxB,MAAM,SAAS,GAAG,CAAC,CAAC,WAAW,CAAC,CAAA;QAEhC,OAAO,CAAC,CAAC,uBAAuB,EAAE;YAChC,IAAI,EAAE,KAAK,KAAK,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK;YACtC,QAAQ,EAAE,SAAS,KAAK,WAAW,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;SAC3D,CAAC,CAAA;IACJ,CAAC;IAGK,AAAN,KAAK,CAAC,KAAK,CAAS,SAAoB;QACtC,OAAO,CACL,MAAM,IAAA,qBAAa,EAAC,qBAAS,CAAC,CAAC,OAAO,CAAC;YACrC,KAAK,EAAE,EAAE,EAAE,EAAE,SAAS,CAAC,EAAE,EAAE;YAC3B,SAAS,EAAE,CAAC,OAAO,CAAC;SACrB,CAAC,CACH,CAAC,KAAK,CAAA;IACT,CAAC;IAGK,AAAN,KAAK,CAAC,OAAO,CAAS,SAAoB;QACxC,OAAO,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,SAAS,CAAC,SAAS,EAAE,CAAC,CAAA;IACzE,CAAC;IAGK,AAAN,KAAK,CAAC,OAAO,CAAS,SAAoB;QACxC,OAAO,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,SAAS,CAAC,SAAS,EAAE,CAAC,CAAA;IACzE,CAAC;CACF,CAAA;AAlFO;IAFL,IAAA,wBAAS,EAAC,yGAAyG,CAAC;IACpH,IAAA,oBAAK,EAAC,OAAO,CAAC,EAAE,CAAC,qBAAS,EAAE,EAAE,WAAW,EAAE,oBAAoB,EAAE,CAAC;IAClD,mBAAA,IAAA,kBAAG,EAAC,MAAM,CAAC,CAAA;IAAgB,mBAAA,IAAA,kBAAG,EAAC,UAAU,CAAC,CAAA;;;;+CAI1D;AAIK;IAFL,IAAA,wBAAS,EAAC,yGAAyG,CAAC;IACpH,IAAA,oBAAK,EAAC,OAAO,CAAC,EAAE,CAAC,+BAAa,EAAE,EAAE,WAAW,EAAE,8BAA8B,EAAE,CAAC;IAC/D,mBAAA,IAAA,mBAAI,GAAE,CAAA;IAAqB,mBAAA,IAAA,kBAAG,GAAE,CAAA;;6CAAjB,iBAAS;;gDAQzC;AAKK;IAHL,IAAA,oBAAK,EAAC,OAAO,CAAC,EAAE,CAAC,CAAC,qBAAS,CAAC,EAAE;QAC7B,WAAW,EAAE,sDAAsD;KACpE,CAAC;IACkB,mBAAA,IAAA,kBAAG,GAAE,CAAA;;;;kDAIxB;AAGK;IADL,IAAA,oBAAK,EAAC,OAAO,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,8CAA8C,EAAE,CAAC;IAExF,mBAAA,IAAA,kBAAG,EAAC,MAAM,CAAC,CAAA;IACX,mBAAA,IAAA,kBAAG,EAAC,UAAU,CAAC,CAAA;IACf,mBAAA,IAAA,kBAAG,GAAE,CAAA;;;;kDAIP;AAGK;IADL,IAAA,oBAAK,EAAC,OAAO,CAAC,EAAE,CAAC,CAAC,cAAM,CAAC,EAAE,EAAE,WAAW,EAAE,gDAAgD,EAAE,CAAC;IAE3F,mBAAA,IAAA,kBAAG,EAAC,MAAM,CAAC,CAAA;IACX,mBAAA,IAAA,kBAAG,EAAC,UAAU,CAAC,CAAA;IACf,mBAAA,IAAA,kBAAG,GAAE,CAAA;;;;0DAIP;AAGK;IADL,IAAA,4BAAa,EAAC,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC;IACX,mBAAA,IAAA,mBAAI,GAAE,CAAA;IAAwB,mBAAA,IAAA,kBAAG,GAAE,CAAA;;6CAAjB,qBAAS;;iDAa7C;AAGK;IADL,IAAA,4BAAa,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC,WAAI,CAAC,CAAC;IACjB,mBAAA,IAAA,mBAAI,GAAE,CAAA;;6CAAY,qBAAS;;2CAOvC;AAGK;IADL,IAAA,4BAAa,EAAC,IAAI,CAAC,EAAE,CAAC,WAAI,CAAC;IACb,mBAAA,IAAA,mBAAI,GAAE,CAAA;;6CAAY,qBAAS;;6CAEzC;AAGK;IADL,IAAA,4BAAa,EAAC,IAAI,CAAC,EAAE,CAAC,WAAI,CAAC;IACb,mBAAA,IAAA,mBAAI,GAAE,CAAA;;6CAAY,qBAAS;;6CAEzC;AApFU,cAAc;IAD1B,IAAA,uBAAQ,EAAC,qBAAS,CAAC;GACP,cAAc,CAqF1B;AArFY,wCAAc","sourcesContent":["import { Arg, Args, Ctx, Directive, FieldResolver, Query, Resolver, Root } from 'type-graphql'\nimport { Domain, getQueryBuilderFromListParams, getRepository, ListParam } from '@things-factory/shell'\n\nimport { Role } from '../role/role'\nimport { User } from '../user/user'\nimport { Privilege } from './privilege'\nimport { PrivilegeList } from './privilege-types'\n\n@Resolver(Privilege)\nexport class PrivilegeQuery {\n @Directive('@privilege(category: \"privilege\", privilege: \"query\", domainOwnerGranted: true, superUserGranted: true)')\n @Query(returns => Privilege, { description: 'To fetch privilege' })\n async privilege(@Arg('name') name: string, @Arg('category') category: string): Promise<Privilege> {\n return await getRepository(Privilege).findOne({\n where: { name, category }\n })\n }\n\n @Directive('@privilege(category: \"privilege\", privilege: \"query\", domainOwnerGranted: true, superUserGranted: true)')\n @Query(returns => PrivilegeList, { description: 'To fetch multiple privileges' })\n async privileges(@Args() params: ListParam, @Ctx() context: ResolverContext): Promise<PrivilegeList> {\n const [items, total] = await getQueryBuilderFromListParams({\n params,\n repository: getRepository(Privilege),\n searchables: ['name', 'category']\n }).getManyAndCount()\n\n return { items, total }\n }\n\n @Query(returns => [Privilege], {\n description: 'To fetch current users privileges for current domain'\n })\n async myPrivileges(@Ctx() context: ResolverContext): Promise<Privilege[]> {\n const { user, domain } = context.state\n\n return User.getPrivilegesByDomain(user, domain)\n }\n\n @Query(returns => Boolean, { description: 'To query whether I have the given permission' })\n async hasPrivilege(\n @Arg('name') name: string,\n @Arg('category') category: string,\n @Ctx() context: ResolverContext\n ): Promise<Boolean> {\n const { domain, user } = context.state\n return await User.hasPrivilege(name, category, domain, user)\n }\n\n @Query(returns => [Domain], { description: 'To fetch domains with given privilege for user' })\n async domainsWithPrivilege(\n @Arg('name') name: string,\n @Arg('category') category: string,\n @Ctx() context: ResolverContext\n ): Promise<Domain[]> {\n const { user } = context.state\n return await User.getDomainsWithPrivilege(name, category, user)\n }\n\n @FieldResolver(type => String)\n async description(@Root() privilege: Privilege, @Ctx() context: ResolverContext) {\n const { t } = context\n const { name, category } = privilege\n\n const keyname = `privilege.name.${name}`\n const keycategory = `privilege.category.${category}`\n const tname = t(keyname)\n const tcategory = t(keycategory)\n\n return t('privilege.description', {\n name: tname === keyname ? name : tname,\n category: tcategory === keycategory ? category : tcategory\n })\n }\n\n @FieldResolver(type => [Role])\n async roles(@Root() privilege: Privilege) {\n return (\n await getRepository(Privilege).findOne({\n where: { id: privilege.id },\n relations: ['roles']\n })\n ).roles\n }\n\n @FieldResolver(type => User)\n async updater(@Root() privilege: Privilege): Promise<User> {\n return await getRepository(User).findOneBy({ id: privilege.updaterId })\n }\n\n @FieldResolver(type => User)\n async creator(@Root() privilege: Privilege): Promise<User> {\n return await getRepository(User).findOneBy({ id: privilege.creatorId })\n }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"privilege-query.js","sourceRoot":"","sources":["../../../server/service/privilege/privilege-query.ts"],"names":[],"mappings":";;;;AAAA,+CAA8F;AAC9F,iDAAuG;AAEvG,uCAAmC;AACnC,uCAAmC;AACnC,2CAAuC;AACvC,uDAAiD;AAG1C,IAAM,cAAc,GAApB,MAAM,cAAc;IAGnB,AAAN,KAAK,CAAC,SAAS,CAAc,IAAY,EAAmB,QAAgB;QAC1E,OAAO,MAAM,IAAA,qBAAa,EAAC,qBAAS,CAAC,CAAC,OAAO,CAAC;YAC5C,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;SAC1B,CAAC,CAAA;IACJ,CAAC;IAIK,AAAN,KAAK,CAAC,UAAU,CAAS,MAAiB,EAAS,OAAwB;QACzE,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,GAAG,MAAM,IAAA,qCAA6B,EAAC;YACzD,MAAM;YACN,UAAU,EAAE,IAAA,qBAAa,EAAC,qBAAS,CAAC;YACpC,WAAW,EAAE,CAAC,MAAM,EAAE,UAAU,CAAC;SAClC,CAAC,CAAC,eAAe,EAAE,CAAA;QAEpB,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,CAAA;IACzB,CAAC;IAKK,AAAN,KAAK,CAAC,YAAY,CAAQ,OAAwB;QAChD,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QAEtC,OAAO,WAAI,CAAC,qBAAqB,CAAC,IAAI,EAAE,MAAM,CAAC,CAAA;IACjD,CAAC;IAGK,AAAN,KAAK,CAAC,YAAY,CACH,IAAY,EACR,QAAgB,EAC1B,OAAwB;QAE/B,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QACtC,OAAO,MAAM,WAAI,CAAC,YAAY,CAAC,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,CAAA;IAC9D,CAAC;IAGK,AAAN,KAAK,CAAC,oBAAoB,CACX,IAAY,EACR,QAAgB,EAC1B,OAAwB;QAE/B,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QAC9B,OAAO,MAAM,WAAI,CAAC,uBAAuB,CAAC,IAAI,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAA;IACjE,CAAC;IAGK,AAAN,KAAK,CAAC,WAAW,CAAS,SAAoB,EAAS,OAAwB;QAC7E,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;QACrB,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,SAAS,CAAA;QAEpC,MAAM,OAAO,GAAG,kBAAkB,IAAI,EAAE,CAAA;QACxC,MAAM,WAAW,GAAG,sBAAsB,QAAQ,EAAE,CAAA;QACpD,MAAM,KAAK,GAAG,CAAC,CAAC,OAAO,CAAC,CAAA;QACxB,MAAM,SAAS,GAAG,CAAC,CAAC,WAAW,CAAC,CAAA;QAEhC,OAAO,CAAC,CAAC,uBAAuB,EAAE;YAChC,IAAI,EAAE,KAAK,KAAK,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK;YACtC,QAAQ,EAAE,SAAS,KAAK,WAAW,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;SAC3D,CAAC,CAAA;IACJ,CAAC;IAGK,AAAN,KAAK,CAAC,KAAK,CAAS,SAAoB;QACtC,OAAO,CACL,MAAM,IAAA,qBAAa,EAAC,qBAAS,CAAC,CAAC,OAAO,CAAC;YACrC,KAAK,EAAE,EAAE,EAAE,EAAE,SAAS,CAAC,EAAE,EAAE;YAC3B,SAAS,EAAE,CAAC,OAAO,CAAC;SACrB,CAAC,CACH,CAAC,KAAK,CAAA;IACT,CAAC;IAGK,AAAN,KAAK,CAAC,OAAO,CAAS,SAAoB;QACxC,OAAO,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,SAAS,CAAC,SAAS,EAAE,CAAC,CAAA;IACzE,CAAC;IAGK,AAAN,KAAK,CAAC,OAAO,CAAS,SAAoB;QACxC,OAAO,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,SAAS,CAAC,SAAS,EAAE,CAAC,CAAA;IACzE,CAAC;CACF,CAAA;AAlFO;IAFL,IAAA,wBAAS,EAAC,yGAAyG,CAAC;IACpH,IAAA,oBAAK,EAAC,OAAO,CAAC,EAAE,CAAC,qBAAS,EAAE,EAAE,WAAW,EAAE,oBAAoB,EAAE,CAAC;IAClD,mBAAA,IAAA,kBAAG,EAAC,MAAM,CAAC,CAAA;IAAgB,mBAAA,IAAA,kBAAG,EAAC,UAAU,CAAC,CAAA;;;;+CAI1D;AAIK;IAFL,IAAA,wBAAS,EAAC,yGAAyG,CAAC;IACpH,IAAA,oBAAK,EAAC,OAAO,CAAC,EAAE,CAAC,+BAAa,EAAE,EAAE,WAAW,EAAE,8BAA8B,EAAE,CAAC;IAC/D,mBAAA,IAAA,mBAAI,GAAE,CAAA;IAAqB,mBAAA,IAAA,kBAAG,GAAE,CAAA;;6CAAjB,iBAAS;;gDAQzC;AAKK;IAHL,IAAA,oBAAK,EAAC,OAAO,CAAC,EAAE,CAAC,CAAC,qBAAS,CAAC,EAAE;QAC7B,WAAW,EAAE,sDAAsD;KACpE,CAAC;IACkB,mBAAA,IAAA,kBAAG,GAAE,CAAA;;;;kDAIxB;AAGK;IADL,IAAA,oBAAK,EAAC,OAAO,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,8CAA8C,EAAE,CAAC;IAExF,mBAAA,IAAA,kBAAG,EAAC,MAAM,CAAC,CAAA;IACX,mBAAA,IAAA,kBAAG,EAAC,UAAU,CAAC,CAAA;IACf,mBAAA,IAAA,kBAAG,GAAE,CAAA;;;;kDAIP;AAGK;IADL,IAAA,oBAAK,EAAC,OAAO,CAAC,EAAE,CAAC,CAAC,cAAM,CAAC,EAAE,EAAE,WAAW,EAAE,gDAAgD,EAAE,CAAC;IAE3F,mBAAA,IAAA,kBAAG,EAAC,MAAM,CAAC,CAAA;IACX,mBAAA,IAAA,kBAAG,EAAC,UAAU,CAAC,CAAA;IACf,mBAAA,IAAA,kBAAG,GAAE,CAAA;;;;0DAIP;AAGK;IADL,IAAA,4BAAa,EAAC,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC;IACX,mBAAA,IAAA,mBAAI,GAAE,CAAA;IAAwB,mBAAA,IAAA,kBAAG,GAAE,CAAA;;6CAAjB,qBAAS;;iDAa7C;AAGK;IADL,IAAA,4BAAa,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC,WAAI,CAAC,CAAC;IACjB,mBAAA,IAAA,mBAAI,GAAE,CAAA;;6CAAY,qBAAS;;2CAOvC;AAGK;IADL,IAAA,4BAAa,EAAC,IAAI,CAAC,EAAE,CAAC,WAAI,CAAC;IACb,mBAAA,IAAA,mBAAI,GAAE,CAAA;;6CAAY,qBAAS;;6CAEzC;AAGK;IADL,IAAA,4BAAa,EAAC,IAAI,CAAC,EAAE,CAAC,WAAI,CAAC;IACb,mBAAA,IAAA,mBAAI,GAAE,CAAA;;6CAAY,qBAAS;;6CAEzC;AApFU,cAAc;IAD1B,IAAA,uBAAQ,EAAC,qBAAS,CAAC;GACP,cAAc,CAqF1B;AArFY,wCAAc","sourcesContent":["import { Arg, Args, Ctx, Directive, FieldResolver, Query, Resolver, Root } from 'type-graphql'\nimport { Domain, getQueryBuilderFromListParams, getRepository, ListParam } from '@things-factory/shell'\n\nimport { Role } from '../role/role'\nimport { User } from '../user/user'\nimport { Privilege } from './privilege'\nimport { PrivilegeList } from './privilege-types'\n\n@Resolver(Privilege)\nexport class PrivilegeQuery {\n @Directive('@privilege(category: \"privilege\", privilege: \"query\", domainOwnerGranted: true, superUserGranted: true)')\n @Query(returns => Privilege, { description: 'To fetch privilege' })\n async privilege(@Arg('name') name: string, @Arg('category') category: string): Promise<Privilege> {\n return await getRepository(Privilege).findOne({\n where: { name, category }\n })\n }\n\n @Directive('@privilege(category: \"privilege\", privilege: \"query\", domainOwnerGranted: true, superUserGranted: true)')\n @Query(returns => PrivilegeList, { description: 'To fetch multiple privileges' })\n async privileges(@Args() params: ListParam, @Ctx() context: ResolverContext): Promise<PrivilegeList> {\n const [items, total] = await getQueryBuilderFromListParams({\n params,\n repository: getRepository(Privilege),\n searchables: ['name', 'category']\n }).getManyAndCount()\n\n return { items, total }\n }\n\n @Query(returns => [Privilege], {\n description: 'To fetch current users privileges for current domain'\n })\n async myPrivileges(@Ctx() context: ResolverContext): Promise<Privilege[]> {\n const { user, domain } = context.state\n\n return User.getPrivilegesByDomain(user, domain)\n }\n\n @Query(returns => Boolean, { description: 'To query whether I have the given permission' })\n async hasPrivilege(\n @Arg('name') name: string,\n @Arg('category') category: string,\n @Ctx() context: ResolverContext\n ): Promise<Boolean> {\n const { domain, user } = context.state\n return await User.hasPrivilege(name, category, domain, user)\n }\n\n @Query(returns => [Domain], { description: 'To fetch domains with given privilege for user' })\n async domainsWithPrivilege(\n @Arg('name') name: string,\n @Arg('category') category: string,\n @Ctx() context: ResolverContext\n ): Promise<Partial<Domain>[]> {\n const { user } = context.state\n return await User.getDomainsWithPrivilege(name, category, user)\n }\n\n @FieldResolver(type => String)\n async description(@Root() privilege: Privilege, @Ctx() context: ResolverContext) {\n const { t } = context\n const { name, category } = privilege\n\n const keyname = `privilege.name.${name}`\n const keycategory = `privilege.category.${category}`\n const tname = t(keyname)\n const tcategory = t(keycategory)\n\n return t('privilege.description', {\n name: tname === keyname ? name : tname,\n category: tcategory === keycategory ? category : tcategory\n })\n }\n\n @FieldResolver(type => [Role])\n async roles(@Root() privilege: Privilege) {\n return (\n await getRepository(Privilege).findOne({\n where: { id: privilege.id },\n relations: ['roles']\n })\n ).roles\n }\n\n @FieldResolver(type => User)\n async updater(@Root() privilege: Privilege): Promise<User> {\n return await getRepository(User).findOneBy({ id: privilege.updaterId })\n }\n\n @FieldResolver(type => User)\n async creator(@Root() privilege: Privilege): Promise<User> {\n return await getRepository(User).findOneBy({ id: privilege.creatorId })\n }\n}\n"]}
|
|
@@ -42,5 +42,5 @@ export declare class User {
|
|
|
42
42
|
static checkAuth(decoded: any): Promise<User>;
|
|
43
43
|
static hasPrivilege(name: string, category: string, domain: Domain, user: User): Promise<boolean>;
|
|
44
44
|
static getPrivilegesByDomain(user: User, domain: Domain): Promise<any>;
|
|
45
|
-
static getDomainsWithPrivilege(name: string, category: string, user: User): Promise<Domain[]>;
|
|
45
|
+
static getDomainsWithPrivilege(name: string, category: string, user: User): Promise<Partial<Domain>[]>;
|
|
46
46
|
}
|