@things-factory/auth-base 6.2.169 → 6.2.177

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/dist-client/tsconfig.tsbuildinfo +1 -1
  2. package/dist-server/service/index.d.ts +1 -1
  3. package/dist-server/service/user/index.d.ts +1 -1
  4. package/dist-server/service/user/user-mutation.js +33 -17
  5. package/dist-server/service/user/user-mutation.js.map +1 -1
  6. package/dist-server/tsconfig.tsbuildinfo +1 -1
  7. package/package.json +7 -7
  8. package/server/service/user/user-mutation.ts +44 -36
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@things-factory/auth-base",
3
- "version": "6.2.169",
3
+ "version": "6.2.177",
4
4
  "main": "dist-server/index.js",
5
5
  "browser": "dist-client/index.js",
6
6
  "things-factory": true,
@@ -30,11 +30,11 @@
30
30
  "migration:create": "node ../../node_modules/typeorm/cli.js migration:create -d ./server/migrations"
31
31
  },
32
32
  "dependencies": {
33
- "@things-factory/email-base": "^6.2.169",
34
- "@things-factory/env": "^6.2.139",
35
- "@things-factory/i18n-base": "^6.2.169",
36
- "@things-factory/shell": "^6.2.169",
37
- "@things-factory/utils": "^6.2.122",
33
+ "@things-factory/email-base": "^6.2.170",
34
+ "@things-factory/env": "^6.2.170",
35
+ "@things-factory/i18n-base": "^6.2.170",
36
+ "@things-factory/shell": "^6.2.170",
37
+ "@things-factory/utils": "^6.2.170",
38
38
  "jsonwebtoken": "^9.0.0",
39
39
  "koa-passport": "^6.0.0",
40
40
  "koa-session": "^6.4.0",
@@ -43,5 +43,5 @@
43
43
  "passport-local": "^1.0.0",
44
44
  "popsicle-cookie-jar": "^1.0.0"
45
45
  },
46
- "gitHead": "21624eb18b06f8f3bfc753de1a64b61e99ccc2a9"
46
+ "gitHead": "853eef803719c588c9808df30dd134263a78d645"
47
47
  }
package/server/service/user/user-mutation.ts CHANGED
@@ -1,9 +1,9 @@
1
1
  import { Arg, Ctx, Directive, Mutation, Resolver } from 'type-graphql'
2
2
  import { GraphQLEmailAddress } from 'graphql-scalars'
3
- import { ILike, In, SelectQueryBuilder } from 'typeorm'
3
+ import { ILike, In, SelectQueryBuilder, EntityManager } from 'typeorm'
4
4
 
5
5
  import { config } from '@things-factory/env'
6
- import { Domain, getRepository, ObjectRef } from '@things-factory/shell'
6
+ import { Domain, ObjectRef } from '@things-factory/shell'
7
7
 
8
8
  import { deleteUser as commonDeleteUser, deleteUsers as commonDeleteUsers } from '../../controllers/delete-user'
9
9
  import { buildDomainUsersQueryBuilder } from '../../utils/get-domain-users'
@@ -17,13 +17,13 @@ export class UserMutation {
17
17
  @Directive('@transaction')
18
18
  @Mutation(returns => User, { description: 'To create new user' })
19
19
  async createUser(@Arg('user') user: NewUser, @Ctx() context: ResolverContext) {
20
- const { domain } = context.state
20
+ const { domain, tx } = context.state
21
21
  const { defaultPassword } = config.get('password')
22
22
  const { email } = user
23
23
 
24
24
  user.email = email.trim()
25
25
 
26
- const oldUser: User = await getRepository(User).findOne({ where: { email: ILike(user.email) } })
26
+ const oldUser: User = await tx.getRepository(User).findOne({ where: { email: ILike(user.email) } })
27
27
  if (oldUser) {
28
28
  throw new Error(context.t('error.x already exists in y', { x: context.t('field.user'), y: 'operato' }))
29
29
  }
@@ -34,14 +34,14 @@ export class UserMutation {
34
34
 
35
35
  const salt = User.generateSalt()
36
36
 
37
- return await getRepository(User).save({
37
+ return await tx.getRepository(User).save({
38
38
  creator: context.state.user,
39
39
  updater: context.state.user,
40
40
  ...user,
41
41
  domains: [domain],
42
42
  roles:
43
43
  user.roles && user.roles.length
44
- ? await getRepository(Role).findBy({
44
+ ? await tx.getRepository(Role).findBy({
45
45
  id: In(user.roles.map(role => role.id)),
46
46
  domain: { id: domain.id }
47
47
  })
@@ -55,12 +55,8 @@ export class UserMutation {
55
55
  @Directive('@privilege(category: "user", privilege: "mutation", domainOwnerGranted: true)')
56
56
  @Directive('@transaction')
57
57
  @Mutation(returns => User, { description: 'To modify user information' })
58
- async updateUser(
59
- @Arg('email', type => GraphQLEmailAddress) email: string,
60
- @Arg('patch') patch: UserPatch,
61
- @Ctx() context: ResolverContext
62
- ) {
63
- const { domain, user: updater }: { domain: Domain; user: User } = context.state
58
+ async updateUser(@Arg('email', type => GraphQLEmailAddress) email: string, @Arg('patch') patch: UserPatch, @Ctx() context: ResolverContext) {
59
+ const { domain, user: updater, tx }: { domain: Domain; user: User; tx?: EntityManager } = context.state
64
60
  const qb: SelectQueryBuilder<User> = buildDomainUsersQueryBuilder(domain.id, 'USER')
65
61
  const user: User = await qb
66
62
  .andWhere('LOWER(USER.email) = :email', { email: email?.toLowerCase().trim() || '' })
@@ -69,14 +65,16 @@ export class UserMutation {
69
65
  .getOne()
70
66
 
71
67
  if (patch.roles) {
72
- patch.roles = await getRepository(Role).find({ where: { id: In(patch.roles.map((r: Partial<Role>) => r.id)) } })
68
+ patch.roles = await tx.getRepository(Role).find({
69
+ where: { id: In(patch.roles.map((r: Partial<Role>) => r.id)) }
70
+ })
73
71
  }
74
72
 
75
73
  if (patch.status && patch.status === 'activated') {
76
74
  user.status = UserStatus.ACTIVATED
77
75
  }
78
76
 
79
- return await getRepository(User).save({
77
+ return await tx.getRepository(User).save({
80
78
  ...user,
81
79
  ...patch,
82
80
  updater
@@ -199,12 +197,9 @@ export class UserMutation {
199
197
 
200
198
  @Directive('@transaction')
201
199
  @Mutation(returns => Boolean, { description: 'To invite new user' })
202
- async inviteUser(
203
- @Arg('email', type => GraphQLEmailAddress) email: string,
204
- @Ctx() context: ResolverContext
205
- ): Promise<boolean> {
206
- const { domain } = context.state
207
- const invitee: User = await getRepository(User).findOne({
200
+ async inviteUser(@Arg('email', type => GraphQLEmailAddress) email: string, @Ctx() context: ResolverContext): Promise<boolean> {
201
+ const { domain, tx } = context.state
202
+ const invitee: User = await tx.getRepository(User).findOne({
208
203
  where: { email: ILike(email) },
209
204
  relations: ['domains']
210
205
  })
@@ -218,7 +213,7 @@ export class UserMutation {
218
213
  throw new Error(context.t('error.x already exists in y', { x: context.t('field.user'), y: domain.name }))
219
214
  }
220
215
  invitee.domains = [...existingDomains, domain]
221
- await getRepository(User).save(invitee)
216
+ await tx.getRepository(User).save(invitee)
222
217
 
223
218
  return true
224
219
  }
@@ -226,15 +221,13 @@ export class UserMutation {
226
221
  @Directive('@transaction')
227
222
  @Directive('@privilege(category: "user", privilege: "mutation", domainOwnerGranted: true)')
228
223
  @Mutation(returns => Boolean, { description: 'To delete domain user' })
229
- async deleteDomainUser(
230
- @Arg('email', type => GraphQLEmailAddress) email: string,
231
- @Ctx() context: ResolverContext
232
- ): Promise<boolean> {
224
+ async deleteDomainUser(@Arg('email', type => GraphQLEmailAddress) email: string, @Ctx() context: ResolverContext): Promise<boolean> {
233
225
  const { tx, domain } = context.state
234
226
 
235
- let user: User = await tx
236
- .getRepository(User)
237
- .findOne({ where: { email: ILike(email) }, relations: ['domains', 'roles', 'roles.domain'] })
227
+ let user: User = await tx.getRepository(User).findOne({
228
+ where: { email: ILike(email) },
229
+ relations: ['domains', 'roles', 'roles.domain']
230
+ })
238
231
  if (!user) {
239
232
  throw new Error(context.t('error.failed to find x', { x: context.t('field.user') }))
240
233
  }
@@ -258,16 +251,31 @@ export class UserMutation {
258
251
  @Directive('@privilege(domainOwnerGranted: true, superUserGranted: true)')
259
252
  @Directive('@transaction')
260
253
  @Mutation(returns => Boolean, { description: 'To transfer owner of domain' })
261
- async transferOwner(
262
- @Arg('email', type => GraphQLEmailAddress) email: string,
263
- @Ctx() context: ResolverContext
264
- ): Promise<boolean> {
265
- const { domain } = context.state
266
- const user: User = await getRepository(User).findOne({
267
- where: { email: ILike(email) }
254
+ async transferOwner(@Arg('email', type => GraphQLEmailAddress) email: string, @Ctx() context: ResolverContext): Promise<boolean> {
255
+ const { domain, tx } = context.state
256
+ const user: User = await tx.getRepository(User).findOne({
257
+ where: { email: ILike(email) },
258
+ relations: ['domains', 'roles']
268
259
  })
260
+
261
+ if (!user) {
262
+ throw new Error('Failed to find user')
263
+ }
264
+
265
+ if (user.status !== UserStatus.ACTIVATED) {
266
+ throw new Error('Only activated users are eligible to receive admin privileges.')
267
+ }
268
+
269
+ if (user.domains.map((d: Domain) => d.id).indexOf(domain.id) < 0) {
270
+ throw new Error(`User is not belongs to current domain`)
271
+ }
272
+
273
+ if (user.roles.filter((r: Role) => r.domainId == domain.id).length == 0) {
274
+ throw new Error(`Only users with at least one role in this domain are eligible to receive admin privileges.`)
275
+ }
276
+
269
277
  domain.owner = user.id
270
- await getRepository(Domain).save(domain)
278
+ await tx.getRepository(Domain).save(domain)
271
279
 
272
280
  return true
273
281
  }