@things-factory/auth-base 7.0.0-alpha.0 → 7.0.0-alpha.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (32) hide show
  1. package/dist-client/tsconfig.tsbuildinfo +1 -1
  2. package/dist-server/router/auth-private-process-router.js +2 -2
  3. package/dist-server/router/auth-private-process-router.js.map +1 -1
  4. package/dist-server/service/appliance/appliance-query.d.ts +1 -0
  5. package/dist-server/service/appliance/appliance-query.js +21 -0
  6. package/dist-server/service/appliance/appliance-query.js.map +1 -1
  7. package/dist-server/service/privilege/privilege-query.d.ts +0 -1
  8. package/dist-server/service/privilege/privilege-query.js +0 -13
  9. package/dist-server/service/privilege/privilege-query.js.map +1 -1
  10. package/dist-server/service/user/user-query.js +0 -29
  11. package/dist-server/service/user/user-query.js.map +1 -1
  12. package/dist-server/service/user/user.d.ts +4 -1
  13. package/dist-server/service/user/user.js +31 -35
  14. package/dist-server/service/user/user.js.map +1 -1
  15. package/dist-server/tsconfig.tsbuildinfo +1 -1
  16. package/dist-server/types.d.ts +2 -2
  17. package/dist-server/types.js.map +1 -1
  18. package/helps/config/SECRET.md +13 -0
  19. package/helps/config/accessTokenCookieKey.md +11 -0
  20. package/helps/config/applianceJwtExpiresIn.md +26 -0
  21. package/helps/config/disableUserSignupProcess.md +22 -0
  22. package/helps/config/i18n.md +44 -0
  23. package/helps/config/password.md +65 -0
  24. package/helps/config/publicHomeRoute.md +14 -0
  25. package/helps/config/session.md +49 -0
  26. package/package.json +5 -5
  27. package/server/router/auth-private-process-router.ts +2 -2
  28. package/server/service/appliance/appliance-query.ts +18 -0
  29. package/server/service/privilege/privilege-query.ts +2 -19
  30. package/server/service/user/user-query.ts +0 -32
  31. package/server/service/user/user.ts +37 -56
  32. package/server/types.ts +2 -2
package/dist-server/service/user/user.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"user.js","sourceRoot":"","sources":["../../../server/service/user/user.ts"],"names":[],"mappings":";;;;;AAAA,4DAA2B;AAC3B,wEAA8B;AAC9B,+CAA+D;AAC/D,qDAAqD;AACrD,qCAYgB;AAEhB,6CAA4C;AAC5C,iDAA6D;AAE7D,yEAA8E;AAC9E,wDAAmD;AACnD,uDAA+C;AAC/C,uCAAmC;AACnC,uFAAiF;AACjF,mEAAsE;AAEtE,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC,CAAA;AAC7C,MAAM,aAAa,GAAG,SAAS,CAAC,IAAI,CAAA;AAEpC,MAAM,oBAAoB,GAAG,MAAM,CAAC,YAAM,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC,IAAI,IAAI,CAAA;AAEhF,IAAY,UAOX;AAPD,WAAY,UAAU;IACpB,mCAAqB,CAAA;IACrB,qCAAuB,CAAA;IACvB,iCAAmB,CAAA;IACnB,+BAAiB,CAAA;IACjB,+BAAiB,CAAA;IACjB,4DAA8C,CAAA;AAChD,CAAC,EAPW,UAAU,GAAV,kBAAU,KAAV,kBAAU,QAOrB;AAMM,IAAM,IAAI,YAAV,MAAM,IAAI;IAyHf,8BAA8B;IAC9B,KAAK,CAAC,IAAI,CAAC,OAAQ;QACjB,IAAI,EAAE,SAAS,GAAG,oBAAoB,EAAE,SAAS,EAAE,GAAG,OAAO,IAAI,EAAE,CAAA;QAEnE,IAAI,IAAI,GAAG;YACT,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,MAAM,EAAE;gBACN,SAAS;aACV;SACF,CAAA;QAED,OAAO,MAAM,sBAAG,CAAC,IAAI,CAAC,IAAI,EAAE,mBAAM,EAAE;YAClC,SAAS;YACT,MAAM,EAAE,cAAc;YACtB,OAAO,EAAE,MAAM;SAChB,CAAC,CAAA;IACJ,CAAC;IAED,6CAA6C;IAC7C,MAAM,CAAC,sBAAsB,CAAC,QAAQ,EAAE,GAAG;QACzC,IAAA,sCAAsB,EAAC,QAAQ,EAAE,GAAG,CAAC,CAAA;IACvC,CAAC;IAED,mBAAmB;IACnB,MAAM,CAAC,YAAY;QACjB,OAAO,gBAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;IAC/C,CAAC;IAED,qBAAqB;IACrB,MAAM,CAAC,MAAM,CAAC,QAAgB,EAAE,IAAI;QAClC,OAAO,gBAAM;aACV,UAAU,CAAC,QAAQ,EAAE,IAAI,IAAI,mBAAM,CAAC;aACpC,MAAM,CAAC,QAAQ,CAAC;aAChB,MAAM,CAAC,QAAQ,CAAC,CAAA;IACrB,CAAC;IAED,qBAAqB;IACrB,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE,QAAQ,EAAE,IAAI;QAClC,OAAO,CACL,MAAM;YACJ,gBAAM;iBACH,UAAU,CAAC,QAAQ,EAAE,IAAI,IAAI,mBAAM,CAAC;iBACpC,MAAM,CAAC,QAAQ,CAAC;iBAChB,MAAM,CAAC,QAAQ,CAAC;YACrB,MAAM;gBACJ,gBAAM;qBACH,UAAU,CAAC,MAAM,EAAE,IAAI,IAAI,mBAAM,CAAC;qBAClC,MAAM,CAAC,QAAQ,CAAC;qBAChB,MAAM,CAAC,QAAQ,CAAC,CACtB,CAAA;IACH,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,OAAO;QACrC,IAAI,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,CAAA,EAAE;YACnB,MAAM,IAAI,sBAAS,CAAC;gBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,cAAc;aAChD,CAAC,CAAA;SACH;QAED,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,MAAI,CAAC,CAAA;QACtC,IAAI,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;YAClC,KAAK,EAAE,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE;YAC/B,SAAS,EAAE,CAAC,SAAS,CAAC;YACtB,KAAK,EAAE,IAAI;SACZ,CAAC,CAAA;QAEF,IAAI,CAAC,IAAI;YACP,MAAM,IAAI,sBAAS,CAAC;gBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,cAAc;aAChD,CAAC,CAAA;aACC;YACH,QAAQ,IAAI,CAAC,MAAM,EAAE;gBACnB,KAAK,UAAU,CAAC,QAAQ;oBACtB,MAAM,IAAI,sBAAS,CAAC;wBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,kBAAkB;wBACnD,MAAM,EAAE;4BACN,KAAK,EAAE,IAAI,CAAC,KAAK;yBAClB;qBACF,CAAC,CAAA;gBACJ,KAAK,UAAU,CAAC,MAAM;oBACpB,MAAM,IAAI,sBAAS,CAAC;wBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,WAAW;wBAC5C,MAAM,EAAE;4BACN,KAAK,EAAE,IAAI,CAAC,KAAK;yBAClB;qBACF,CAAC,CAAA;gBACJ,KAAK,UAAU,CAAC,OAAO;oBACrB,MAAM,IAAI,sBAAS,CAAC;wBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,YAAY;qBAC9C,CAAC,CAAA;aACL;YAED,OAAO,IAAI,CAAA;SACZ;IACH,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,OAAO;QAC5B,IAAI,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,EAAE,MAAK,SAAS,EAAE;YAC7B,MAAM,IAAI,sBAAS,CAAC;gBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,cAAc;aAChD,CAAC,CAAA;SACH;QAED,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,MAAI,CAAC,CAAA;QACtC,IAAI,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;YAClC,KAAK,EAAE,EAAE,EAAE,EAAE,OAAO,CAAC,EAAE,EAAE;YACzB,SAAS,EAAE,CAAC,SAAS,CAAC;YACtB,KAAK,EAAE,IAAI;SACZ,CAAC,CAAA;QAEF,IAAI,CAAC,IAAI;YACP,MAAM,IAAI,sBAAS,CAAC;gBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,cAAc;aAChD,CAAC,CAAA;aACC;YACH,QAAQ,IAAI,CAAC,MAAM,EAAE;gBACnB,KAAK,UAAU,CAAC,QAAQ;oBACtB,MAAM,IAAI,sBAAS,CAAC;wBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,kBAAkB;wBACnD,MAAM,EAAE;4BACN,KAAK,EAAE,IAAI,CAAC,KAAK;yBAClB;qBACF,CAAC,CAAA;gBACJ,KAAK,UAAU,CAAC,MAAM;oBACpB,MAAM,IAAI,sBAAS,CAAC;wBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,WAAW;wBAC5C,MAAM,EAAE;4BACN,KAAK,EAAE,IAAI,CAAC,KAAK;yBAClB;qBACF,CAAC,CAAA;gBACJ,KAAK,UAAU,CAAC,OAAO;oBACrB,MAAM,IAAI,sBAAS,CAAC;wBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,YAAY;qBAC9C,CAAC,CAAA;aACL;YAED,MAAM,EAAE,eAAe,EAAE,GAAG,YAAM,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;YAElD,IAAI,eAAe,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,IAAI,CAAC,IAAI,CAAC,EAAE;gBAChF,IAAI,CAAC,MAAM,GAAG,UAAU,CAAC,kBAAkB,CAAA;aAC5C;YAED,OAAO,IAAI,CAAA;SACZ;IACH,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC,SAAiB,EAAE,QAAgB,EAAE,MAAc,EAAE,IAAU;QACvF,MAAM,MAAM,GAAG,MAAM,IAAA,qBAAa,EAAC,MAAI,CAAC,CAAC,KAAK,CAC5C;;yCAEmC,QAAQ;mCACd,SAAS;;;;;;mCAMT,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,EAAE;iCACV,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,EAAE;;OAEpC,CACF,CAAA;QAED,OAAO,MAAM,CAAC,CAAC,CAAC,CAAC,aAAa,GAAG,CAAC,CAAA;IACpC,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,qBAAqB,CAAC,IAAU,EAAE,MAAc;QAC3D,MAAM,MAAM,GAAG,MAAM,IAAA,qBAAa,EAAC,MAAI,CAAC,CAAC,KAAK,CAAC;;;;;;;mCAOhB,IAAI,CAAC,EAAE;iCACT,MAAM,CAAC,EAAE;QAClC,CAAC,CAAA;QAEL,OAAO,MAAM,CAAA;IACf,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,uBAAuB,CAAC,SAAiB,EAAE,QAAgB,EAAE,IAAU;QAClF,OAAO,IAAA,0CAAuB,EAAC,IAAI,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAA;IAC3D,CAAC;CACF,CAAA;AAlTC;IAAC,IAAA,gCAAsB,EAAC,MAAM,CAAC;IAC9B,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,iBAAE,CAAC;;gCACC;AAEnB;IAAC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,GAAE;;kCACI;AAEZ;IAAC,IAAA,gBAAM,EAAC;QACN,QAAQ,EAAE,IAAI;KACf,CAAC;IACD,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;yCACP;AAEnB;IAAC,IAAA,oBAAU,EAAC,IAAI,CAAC,EAAE,CAAC,cAAM,CAAC;IAC1B,IAAA,mBAAS,EAAC,EAAE,IAAI,EAAE,eAAe,EAAE,CAAC;IACpC,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC,cAAM,CAAC,CAAC;;qCACN;AAElB;IAAC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,qCAAmB,CAAC;;mCACtB;AAEb;IAAC,IAAA,wBAAS,EAAC,gFAAgF,CAAC;IAC3F,IAAA,gBAAM,EAAC;QACN,QAAQ,EAAE,IAAI;QACd,IAAI,EACF,aAAa,IAAI,OAAO,IAAI,aAAa,IAAI,SAAS;YACpD,CAAC,CAAC,UAAU;YACZ,CAAC,CAAC,aAAa,IAAI,QAAQ;gBAC3B,CAAC,CAAC,MAAM;gBACR,CAAC,CAAC,SAAS;KAChB,CAAC;;sCACc;AAEhB;IAAC,IAAA,oBAAU,EAAC,IAAI,CAAC,EAAE,CAAC,WAAI,EAAE,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC;IAC5C,IAAA,mBAAS,EAAC,EAAE,IAAI,EAAE,aAAa,EAAE,CAAC;IAClC,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC,WAAI,CAAC,CAAC;;mCACR;AAEd;IAAC,IAAA,gBAAM,EAAC;QACN,QAAQ,EAAE,IAAI;KACf,CAAC;IACD,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;sCACV;AAEhB;IAAC,IAAA,gBAAM,EAAC;QACN,QAAQ,EAAE,IAAI;KACf,CAAC;IACD,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;uCACT;AAEjB;IAAC,IAAA,wBAAS,EAAC,gFAAgF,CAAC;IAC3F,IAAA,gBAAM,EAAC;QACN,QAAQ,EAAE,IAAI;KACf,CAAC;;kCACU;AAEZ;IAAC,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;oCACZ;AAEd;IAAC,IAAA,wBAAS,EAAC,gFAAgF,CAAC;IAC3F,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;mCACb;AAEb;IAAC,IAAA,gBAAM,EAAC;QACN,IAAI,EACF,aAAa,IAAI,UAAU,IAAI,aAAa,IAAI,OAAO,IAAI,aAAa,IAAI,SAAS;YACnF,CAAC,CAAC,MAAM;YACR,CAAC,CAAC,aAAa,IAAI,QAAQ;gBAC3B,CAAC,CAAC,UAAU;gBACZ,CAAC,CAAC,UAAU;QAChB,IAAI,EAAE,UAAU;QAChB,OAAO,EAAE,UAAU,CAAC,QAAQ;KAC7B,CAAC;IACD,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC;;oCACJ;AAElB;IAAC,IAAA,gBAAM,EAAC;QACN,IAAI,EAAE,UAAU;QAChB,OAAO,EAAE,CAAC;KACX,CAAC;;uCACe;AAEjB;IAAC,IAAA,gBAAM,EAAC;QACN,QAAQ,EAAE,IAAI;KACf,CAAC;sCACiB,IAAI;+CAAA;AAEvB;IAAC,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;mCACZ;AAEd;IAAC,IAAA,mBAAS,EAAC,GAAG,EAAE,CAAC,yCAAkB,EAAE,kBAAkB,CAAC,EAAE,CAAC,kBAAkB,CAAC,IAAI,CAAC;IAClF,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC,yCAAkB,CAAC,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;gDAChB;AAExC;IAAC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,MAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACjB,IAAI;qCAAA;AAEb;IAAC,IAAA,oBAAU,EAAC,CAAC,IAAU,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC;;uCACxB;AAEjB;IAAC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,MAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACjB,IAAI;qCAAA;AAEb;IAAC,IAAA,oBAAU,EAAC,CAAC,IAAU,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC;;uCACxB;AAEjB;IAAC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACf,IAAI;uCAAA;AAEf;IAAC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACf,IAAI;IAEf,8BAA8B;;uCAFf;AAvHJ,IAAI;IAJhB,IAAA,gBAAM,GAAE;IACR,IAAA,eAAK,EAAC,WAAW,EAAE,CAAC,IAAU,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;IACnE,kEAAkE;;IACjE,IAAA,yBAAU,GAAE;GACA,IAAI,CAmThB;AAnTY,oBAAI","sourcesContent":["import crypto from 'crypto'\nimport jwt from 'jsonwebtoken'\nimport { Directive, Field, ID, ObjectType } from 'type-graphql'\nimport { GraphQLEmailAddress } from 'graphql-scalars'\nimport {\n Column,\n CreateDateColumn,\n Entity,\n Index,\n JoinTable,\n ManyToMany,\n ManyToOne,\n OneToMany,\n PrimaryGeneratedColumn,\n RelationId,\n UpdateDateColumn\n} from 'typeorm'\n\nimport { config } from '@things-factory/env'\nimport { Domain, getRepository } from '@things-factory/shell'\n\nimport { validatePasswordByRule } from '../../controllers/utils/password-rule'\nimport { AuthError } from '../../errors/auth-error'\nimport { SECRET } from '../../utils/get-secret'\nimport { Role } from '../role/role'\nimport { UsersAuthProviders } from '../users-auth-providers/users-auth-providers'\nimport { getDomainsWithPrivilege } from '../../utils/get-user-domains'\n\nconst ORMCONFIG = config.get('ormconfig', {})\nconst DATABASE_TYPE = ORMCONFIG.type\n\nconst sessionExpirySeconds = Number(config.get('session/expirySeconds')) || '7d'\n\nexport enum UserStatus {\n INACTIVE = 'inactive',\n ACTIVATED = 'activated',\n DELETED = 'deleted',\n LOCKED = 'locked',\n BANNED = 'banned',\n PWD_RESET_REQUIRED = 'password_reset_required'\n}\n\n@Entity()\n@Index('ix_user_0', (user: User) => [user.email], { unique: true })\n//@Index('ix_user_1', (user: User) => [user.id], { unique: true })\n@ObjectType()\nexport class User {\n @PrimaryGeneratedColumn('uuid')\n @Field(type => ID)\n readonly id: string\n\n @Column()\n @Field()\n name: string\n\n @Column({\n nullable: true\n })\n @Field({ nullable: true })\n description: string\n\n @ManyToMany(type => Domain)\n @JoinTable({ name: 'users_domains' })\n @Field(type => [Domain])\n domains?: Domain[]\n\n @Column()\n @Field(type => GraphQLEmailAddress)\n email: string\n\n @Directive('@privilege(category: \"security\", privilege: \"query\", domainOwnerGranted: true)')\n @Column({\n nullable: true,\n type:\n DATABASE_TYPE == 'mysql' || DATABASE_TYPE == 'mariadb'\n ? 'longtext'\n : DATABASE_TYPE == 'oracle'\n ? 'clob'\n : 'varchar'\n })\n password: string\n\n @ManyToMany(type => Role, role => role.users)\n @JoinTable({ name: 'users_roles' })\n @Field(type => [Role])\n roles?: Role[]\n\n @Column({\n nullable: true\n })\n @Field({ nullable: true })\n userType: string // default: 'user', enum: 'user', 'application', 'appliance'\n\n @Column({\n nullable: true\n })\n @Field({ nullable: true })\n reference: string\n\n @Directive('@privilege(category: \"security\", privilege: \"query\", domainOwnerGranted: true)')\n @Column({\n nullable: true\n })\n salt: string\n\n @Column({ nullable: true })\n @Field({ nullable: true })\n locale: string\n\n @Directive('@privilege(category: \"security\", privilege: \"query\", domainOwnerGranted: true)')\n @Column({ nullable: true })\n @Field({ nullable: true })\n ssoId: string\n\n @Column({\n type:\n DATABASE_TYPE == 'postgres' || DATABASE_TYPE == 'mysql' || DATABASE_TYPE == 'mariadb'\n ? 'enum'\n : DATABASE_TYPE == 'oracle'\n ? 'varchar2'\n : 'smallint',\n enum: UserStatus,\n default: UserStatus.INACTIVE\n })\n @Field(type => String)\n status: UserStatus\n\n @Column({\n type: 'smallint',\n default: 0\n })\n failCount: number\n\n @Column({\n nullable: true\n })\n passwordUpdatedAt: Date\n\n @Field({ nullable: true })\n owner: boolean /* should not be a column */\n\n @OneToMany(() => UsersAuthProviders, usersAuthProviders => usersAuthProviders.user)\n @Field(type => [UsersAuthProviders], { nullable: true })\n usersAuthProviders: UsersAuthProviders[]\n\n @ManyToOne(type => User, { nullable: true })\n @Field({ nullable: true })\n creator: User\n\n @RelationId((user: User) => user.creator)\n creatorId: string\n\n @ManyToOne(type => User, { nullable: true })\n @Field({ nullable: true })\n updater: User\n\n @RelationId((user: User) => user.updater)\n updaterId: string\n\n @CreateDateColumn()\n @Field({ nullable: true })\n createdAt: Date\n\n @UpdateDateColumn()\n @Field({ nullable: true })\n updatedAt: Date\n\n /* signing for jsonwebtoken */\n async sign(options?) {\n var { expiresIn = sessionExpirySeconds, subdomain } = options || {}\n\n var user = {\n id: this.id,\n userType: this.userType,\n status: this.status,\n domain: {\n subdomain\n }\n }\n\n return await jwt.sign(user, SECRET, {\n expiresIn,\n issuer: 'hatiolab.com',\n subject: 'user'\n })\n }\n\n /* validate password through password rule */\n static validatePasswordByRule(password, lng) {\n validatePasswordByRule(password, lng)\n }\n\n /* generate salt */\n static generateSalt() {\n return crypto.randomBytes(16).toString('hex')\n }\n\n /* encode password */\n static encode(password: string, salt) {\n return crypto\n .createHmac('sha256', salt || SECRET)\n .update(password)\n .digest('base64')\n }\n\n /* verify password */\n static verify(hashed, password, salt) {\n return (\n hashed ==\n crypto\n .createHmac('sha256', salt || SECRET)\n .update(password)\n .digest('base64') ||\n hashed ==\n crypto\n .createHmac('sha1', salt || SECRET)\n .update(password)\n .digest('base64')\n )\n }\n\n static async checkAuthWithEmail(decoded) {\n if (!decoded?.email) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND\n })\n }\n\n const repository = getRepository(User)\n var user = await repository.findOne({\n where: { email: decoded.email },\n relations: ['domains'],\n cache: true\n })\n\n if (!user)\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND\n })\n else {\n switch (user.status) {\n case UserStatus.INACTIVE:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_ACTIVATED,\n detail: {\n email: user.email\n }\n })\n case UserStatus.LOCKED:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_LOCKED,\n detail: {\n email: user.email\n }\n })\n case UserStatus.DELETED:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_DELETED\n })\n }\n\n return user\n }\n }\n\n static async checkAuth(decoded) {\n if (decoded?.id === undefined) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND\n })\n }\n\n const repository = getRepository(User)\n var user = await repository.findOne({\n where: { id: decoded.id },\n relations: ['domains'],\n cache: true\n })\n\n if (!user)\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND\n })\n else {\n switch (user.status) {\n case UserStatus.INACTIVE:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_ACTIVATED,\n detail: {\n email: user.email\n }\n })\n case UserStatus.LOCKED:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_LOCKED,\n detail: {\n email: user.email\n }\n })\n case UserStatus.DELETED:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_DELETED\n })\n }\n\n const { defaultPassword } = config.get('password')\n\n if (defaultPassword && user.password === this.encode(defaultPassword, user.salt)) {\n user.status = UserStatus.PWD_RESET_REQUIRED\n }\n\n return user\n }\n }\n\n static async hasPrivilege(privilege: string, category: string, domain: Domain, user: User) {\n const result = await getRepository(User).query(\n `\n SELECT COUNT(1) AS \"has_privilege\" FROM \"privileges\" \"PRIVILEGES\"\n WHERE \"PRIVILEGES\".\"category\" = '${category}'\n AND \"PRIVILEGES\".\"name\" = '${privilege}'\n AND \"PRIVILEGES\".\"id\" IN (\n SELECT \"RP\".\"privileges_id\"\n FROM \"users_roles\" \"UR\"\n INNER JOIN \"roles_privileges\" \"RP\" ON \"UR\".\"roles_id\" = \"RP\".\"roles_id\"\n LEFT JOIN \"roles\" \"R\" ON \"R\".\"id\" = \"UR\".\"roles_id\"\n WHERE \"UR\".\"users_id\" = '${user?.id}'\n AND \"R\".\"domain_id\" = '${domain?.id}'\n )\n `\n )\n\n return result[0].has_privilege > 0\n }\n\n static async getPrivilegesByDomain(user: User, domain: Domain) {\n const result = await getRepository(User).query(`\n SELECT name privilege, category FROM \"privileges\" \"PRIVILEGES\"\n WHERE \"PRIVILEGES\".\"id\" IN (\n SELECT \"RP\".\"privileges_id\"\n FROM \"users_roles\" \"UR\"\n INNER JOIN \"roles_privileges\" \"RP\" ON \"UR\".\"roles_id\" = \"RP\".\"roles_id\"\n LEFT JOIN \"roles\" \"R\" ON \"R\".\"id\" = \"UR\".\"roles_id\"\n WHERE \"UR\".\"users_id\" = '${user.id}'\n AND \"R\".\"domain_id\" = '${domain.id}'\n )`)\n\n return result\n }\n\n static async getDomainsWithPrivilege(privilege: string, category: string, user: User) {\n return getDomainsWithPrivilege(user, privilege, category)\n }\n}\n"]}
1
+ {"version":3,"file":"user.js","sourceRoot":"","sources":["../../../server/service/user/user.ts"],"names":[],"mappings":";;;;;AAAA,4DAA2B;AAC3B,wEAA8B;AAC9B,+CAA+D;AAC/D,qDAAqD;AACrD,qCAAoK;AAEpK,6CAA4C;AAC5C,iDAA6D;AAE7D,yEAA8E;AAC9E,wDAAmD;AACnD,uDAA+C;AAC/C,uCAAmC;AACnC,sDAAkD;AAClD,uFAAiF;AACjF,mEAAsE;AAEtE,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC,CAAA;AAC7C,MAAM,aAAa,GAAG,SAAS,CAAC,IAAI,CAAA;AAEpC,MAAM,oBAAoB,GAAG,MAAM,CAAC,YAAM,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC,IAAI,IAAI,CAAA;AAEhF,IAAY,UAOX;AAPD,WAAY,UAAU;IACpB,mCAAqB,CAAA;IACrB,qCAAuB,CAAA;IACvB,iCAAmB,CAAA;IACnB,+BAAiB,CAAA;IACjB,+BAAiB,CAAA;IACjB,4DAA8C,CAAA;AAChD,CAAC,EAPW,UAAU,GAAV,kBAAU,KAAV,kBAAU,QAOrB;AAMM,IAAM,IAAI,YAAV,MAAM,IAAI;IA+Gf,8BAA8B;IAC9B,KAAK,CAAC,IAAI,CAAC,OAAQ;QACjB,IAAI,EAAE,SAAS,GAAG,oBAAoB,EAAE,SAAS,EAAE,GAAG,OAAO,IAAI,EAAE,CAAA;QAEnE,IAAI,IAAI,GAAG;YACT,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,MAAM,EAAE;gBACN,SAAS;aACV;SACF,CAAA;QAED,OAAO,MAAM,sBAAG,CAAC,IAAI,CAAC,IAAI,EAAE,mBAAM,EAAE;YAClC,SAAS;YACT,MAAM,EAAE,cAAc;YACtB,OAAO,EAAE,MAAM;SAChB,CAAC,CAAA;IACJ,CAAC;IAED,6CAA6C;IAC7C,MAAM,CAAC,sBAAsB,CAAC,QAAQ,EAAE,GAAG;QACzC,IAAA,sCAAsB,EAAC,QAAQ,EAAE,GAAG,CAAC,CAAA;IACvC,CAAC;IAED,mBAAmB;IACnB,MAAM,CAAC,YAAY;QACjB,OAAO,gBAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;IAC/C,CAAC;IAED,qBAAqB;IACrB,MAAM,CAAC,MAAM,CAAC,QAAgB,EAAE,IAAI;QAClC,OAAO,gBAAM;aACV,UAAU,CAAC,QAAQ,EAAE,IAAI,IAAI,mBAAM,CAAC;aACpC,MAAM,CAAC,QAAQ,CAAC;aAChB,MAAM,CAAC,QAAQ,CAAC,CAAA;IACrB,CAAC;IAED,qBAAqB;IACrB,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE,QAAQ,EAAE,IAAI;QAClC,OAAO,CACL,MAAM;YACJ,gBAAM;iBACH,UAAU,CAAC,QAAQ,EAAE,IAAI,IAAI,mBAAM,CAAC;iBACpC,MAAM,CAAC,QAAQ,CAAC;iBAChB,MAAM,CAAC,QAAQ,CAAC;YACrB,MAAM;gBACJ,gBAAM;qBACH,UAAU,CAAC,MAAM,EAAE,IAAI,IAAI,mBAAM,CAAC;qBAClC,MAAM,CAAC,QAAQ,CAAC;qBAChB,MAAM,CAAC,QAAQ,CAAC,CACtB,CAAA;IACH,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,OAAO;QACrC,IAAI,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,CAAA,EAAE;YACnB,MAAM,IAAI,sBAAS,CAAC;gBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,cAAc;aAChD,CAAC,CAAA;SACH;QAED,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,MAAI,CAAC,CAAA;QACtC,IAAI,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;YAClC,KAAK,EAAE,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE;YAC/B,SAAS,EAAE,CAAC,SAAS,CAAC;YACtB,KAAK,EAAE,IAAI;SACZ,CAAC,CAAA;QAEF,IAAI,CAAC,IAAI;YACP,MAAM,IAAI,sBAAS,CAAC;gBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,cAAc;aAChD,CAAC,CAAA;aACC;YACH,QAAQ,IAAI,CAAC,MAAM,EAAE;gBACnB,KAAK,UAAU,CAAC,QAAQ;oBACtB,MAAM,IAAI,sBAAS,CAAC;wBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,kBAAkB;wBACnD,MAAM,EAAE;4BACN,KAAK,EAAE,IAAI,CAAC,KAAK;yBAClB;qBACF,CAAC,CAAA;gBACJ,KAAK,UAAU,CAAC,MAAM;oBACpB,MAAM,IAAI,sBAAS,CAAC;wBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,WAAW;wBAC5C,MAAM,EAAE;4BACN,KAAK,EAAE,IAAI,CAAC,KAAK;yBAClB;qBACF,CAAC,CAAA;gBACJ,KAAK,UAAU,CAAC,OAAO;oBACrB,MAAM,IAAI,sBAAS,CAAC;wBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,YAAY;qBAC9C,CAAC,CAAA;aACL;YAED,OAAO,IAAI,CAAA;SACZ;IACH,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,OAAO;QAC5B,IAAI,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,EAAE,MAAK,SAAS,EAAE;YAC7B,MAAM,IAAI,sBAAS,CAAC;gBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,cAAc;aAChD,CAAC,CAAA;SACH;QAED,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,MAAI,CAAC,CAAA;QACtC,IAAI,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;YAClC,KAAK,EAAE,EAAE,EAAE,EAAE,OAAO,CAAC,EAAE,EAAE;YACzB,SAAS,EAAE,CAAC,SAAS,CAAC;YACtB,KAAK,EAAE,IAAI;SACZ,CAAC,CAAA;QAEF,IAAI,CAAC,IAAI;YACP,MAAM,IAAI,sBAAS,CAAC;gBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,cAAc;aAChD,CAAC,CAAA;aACC;YACH,QAAQ,IAAI,CAAC,MAAM,EAAE;gBACnB,KAAK,UAAU,CAAC,QAAQ;oBACtB,MAAM,IAAI,sBAAS,CAAC;wBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,kBAAkB;wBACnD,MAAM,EAAE;4BACN,KAAK,EAAE,IAAI,CAAC,KAAK;yBAClB;qBACF,CAAC,CAAA;gBACJ,KAAK,UAAU,CAAC,MAAM;oBACpB,MAAM,IAAI,sBAAS,CAAC;wBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,WAAW;wBAC5C,MAAM,EAAE;4BACN,KAAK,EAAE,IAAI,CAAC,KAAK;yBAClB;qBACF,CAAC,CAAA;gBACJ,KAAK,UAAU,CAAC,OAAO;oBACrB,MAAM,IAAI,sBAAS,CAAC;wBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,YAAY;qBAC9C,CAAC,CAAA;aACL;YAED,MAAM,EAAE,eAAe,EAAE,GAAG,YAAM,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;YAElD,IAAI,eAAe,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,IAAI,CAAC,IAAI,CAAC,EAAE;gBAChF,IAAI,CAAC,MAAM,GAAG,UAAU,CAAC,kBAAkB,CAAA;aAC5C;YAED,OAAO,IAAI,CAAA;SACZ;IACH,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC,SAAiB,EAAE,QAAgB,EAAE,MAAc,EAAE,IAAU;QACvF,MAAM,MAAM,GAAG,MAAM,IAAA,qBAAa,EAAC,qBAAS,CAAC;aAC1C,kBAAkB,CAAC,WAAW,CAAC;aAC/B,SAAS,CAAC,iBAAiB,EAAE,MAAM,CAAC;aACpC,SAAS,CAAC,YAAY,EAAE,MAAM,CAAC;aAC/B,KAAK,CAAC,gCAAgC,EAAE,EAAE,QAAQ,EAAE,CAAC;aACrD,QAAQ,CAAC,6BAA6B,EAAE,EAAE,SAAS,EAAE,CAAC;aACtD,QAAQ,CAAC,mBAAmB,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC;aAClD,QAAQ,CAAC,4BAA4B,EAAE,EAAE,QAAQ,EAAE,MAAM,CAAC,EAAE,EAAE,CAAC;aAC/D,QAAQ,EAAE,CAAA;QAEb,OAAO,MAAM,GAAG,CAAC,CAAA;IACnB,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,qBAAqB,CAAC,IAAU,EAAE,MAAc;QAC3D,MAAM,MAAM,GAAG,MAAM,IAAA,qBAAa,EAAC,MAAI,CAAC;aACrC,kBAAkB,CAAC,MAAM,CAAC;aAC1B,iBAAiB,CAAC,YAAY,EAAE,MAAM,CAAC;aACvC,iBAAiB,CAAC,iBAAiB,EAAE,WAAW,CAAC;aACjD,MAAM,CAAC,CAAC,6BAA6B,EAAE,gCAAgC,CAAC,CAAC;aACzE,KAAK,CAAC,mBAAmB,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC;aAC/C,QAAQ,CAAC,4BAA4B,EAAE,EAAE,QAAQ,EAAE,MAAM,CAAC,EAAE,EAAE,CAAC;aAC/D,OAAO,CAAC,oBAAoB,CAAC;aAC7B,UAAU,CAAC,gBAAgB,CAAC;aAC5B,UAAU,EAAE,CAAA;QAEf,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,OAAO,EAAE,EAAE;YAC9C,MAAM,IAAI,GAAG,GAAG,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;YAChC,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,OAAO,CAAC,SAAS,IAAI,IAAI,CAAC,QAAQ,KAAK,OAAO,CAAC,QAAQ,EAAE;gBACvF,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;aAClB;YACD,OAAO,GAAG,CAAA;QACZ,CAAC,EAAE,EAAE,CAAC,CAAA;QAEN,OAAO,QAAQ,CAAA;IACjB,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,uBAAuB,CAAC,SAAiB,EAAE,QAAgB,EAAE,IAAU;QAClF,OAAO,IAAA,0CAAuB,EAAC,IAAI,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAA;IAC3D,CAAC;CACF,CAAA;AA1SC;IAAC,IAAA,gCAAsB,EAAC,MAAM,CAAC;IAC9B,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,iBAAE,CAAC;;gCACC;AAEnB;IAAC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,GAAE;;kCACI;AAEZ;IAAC,IAAA,gBAAM,EAAC;QACN,QAAQ,EAAE,IAAI;KACf,CAAC;IACD,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;yCACP;AAEnB;IAAC,IAAA,oBAAU,EAAC,IAAI,CAAC,EAAE,CAAC,cAAM,CAAC;IAC1B,IAAA,mBAAS,EAAC,EAAE,IAAI,EAAE,eAAe,EAAE,CAAC;IACpC,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC,cAAM,CAAC,CAAC;;qCACN;AAElB;IAAC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,qCAAmB,CAAC;;mCACtB;AAEb;IAAC,IAAA,wBAAS,EAAC,gFAAgF,CAAC;IAC3F,IAAA,gBAAM,EAAC;QACN,QAAQ,EAAE,IAAI;QACd,IAAI,EAAE,aAAa,IAAI,OAAO,IAAI,aAAa,IAAI,SAAS,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,aAAa,IAAI,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;KAC3H,CAAC;;sCACc;AAEhB;IAAC,IAAA,oBAAU,EAAC,IAAI,CAAC,EAAE,CAAC,WAAI,EAAE,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC;IAC5C,IAAA,mBAAS,EAAC,EAAE,IAAI,EAAE,aAAa,EAAE,CAAC;IAClC,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC,WAAI,CAAC,CAAC;;mCACR;AAEd;IAAC,IAAA,gBAAM,EAAC;QACN,QAAQ,EAAE,IAAI;KACf,CAAC;IACD,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;sCACV;AAEhB;IAAC,IAAA,gBAAM,EAAC;QACN,QAAQ,EAAE,IAAI;KACf,CAAC;IACD,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;uCACT;AAEjB;IAAC,IAAA,wBAAS,EAAC,gFAAgF,CAAC;IAC3F,IAAA,gBAAM,EAAC;QACN,QAAQ,EAAE,IAAI;KACf,CAAC;;kCACU;AAEZ;IAAC,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;oCACZ;AAEd;IAAC,IAAA,wBAAS,EAAC,gFAAgF,CAAC;IAC3F,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;mCACb;AAEb;IAAC,IAAA,gBAAM,EAAC;QACN,IAAI,EAAE,aAAa,IAAI,UAAU,IAAI,aAAa,IAAI,OAAO,IAAI,aAAa,IAAI,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,aAAa,IAAI,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,UAAU;QAC1J,IAAI,EAAE,UAAU;QAChB,OAAO,EAAE,UAAU,CAAC,QAAQ;KAC7B,CAAC;IACD,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC;;oCACJ;AAElB;IAAC,IAAA,gBAAM,EAAC;QACN,IAAI,EAAE,UAAU;QAChB,OAAO,EAAE,CAAC;KACX,CAAC;;uCACe;AAEjB;IAAC,IAAA,gBAAM,EAAC;QACN,QAAQ,EAAE,IAAI;KACf,CAAC;sCACiB,IAAI;+CAAA;AAEvB;IAAC,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;mCACZ;AAEd;IAAC,IAAA,mBAAS,EAAC,GAAG,EAAE,CAAC,yCAAkB,EAAE,kBAAkB,CAAC,EAAE,CAAC,kBAAkB,CAAC,IAAI,CAAC;IAClF,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC,yCAAkB,CAAC,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;gDAChB;AAExC;IAAC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,MAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACjB,IAAI;qCAAA;AAEb;IAAC,IAAA,oBAAU,EAAC,CAAC,IAAU,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC;;uCACxB;AAEjB;IAAC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,MAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACjB,IAAI;qCAAA;AAEb;IAAC,IAAA,oBAAU,EAAC,CAAC,IAAU,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC;;uCACxB;AAEjB;IAAC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACf,IAAI;uCAAA;AAEf;IAAC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACf,IAAI;IAEf,8BAA8B;;uCAFf;AA7GJ,IAAI;IAJhB,IAAA,gBAAM,GAAE;IACR,IAAA,eAAK,EAAC,WAAW,EAAE,CAAC,IAAU,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;IACnE,kEAAkE;;IACjE,IAAA,yBAAU,GAAE;GACA,IAAI,CA2ShB;AA3SY,oBAAI","sourcesContent":["import crypto from 'crypto'\nimport jwt from 'jsonwebtoken'\nimport { Directive, Field, ID, ObjectType } from 'type-graphql'\nimport { GraphQLEmailAddress } from 'graphql-scalars'\nimport { Column, CreateDateColumn, Entity, Index, JoinTable, ManyToMany, ManyToOne, OneToMany, PrimaryGeneratedColumn, RelationId, UpdateDateColumn } from 'typeorm'\n\nimport { config } from '@things-factory/env'\nimport { Domain, getRepository } from '@things-factory/shell'\n\nimport { validatePasswordByRule } from '../../controllers/utils/password-rule'\nimport { AuthError } from '../../errors/auth-error'\nimport { SECRET } from '../../utils/get-secret'\nimport { Role } from '../role/role'\nimport { Privilege } from '../privilege/privilege'\nimport { UsersAuthProviders } from '../users-auth-providers/users-auth-providers'\nimport { getDomainsWithPrivilege } from '../../utils/get-user-domains'\n\nconst ORMCONFIG = config.get('ormconfig', {})\nconst DATABASE_TYPE = ORMCONFIG.type\n\nconst sessionExpirySeconds = Number(config.get('session/expirySeconds')) || '7d'\n\nexport enum UserStatus {\n INACTIVE = 'inactive',\n ACTIVATED = 'activated',\n DELETED = 'deleted',\n LOCKED = 'locked',\n BANNED = 'banned',\n PWD_RESET_REQUIRED = 'password_reset_required'\n}\n\n@Entity()\n@Index('ix_user_0', (user: User) => [user.email], { unique: true })\n//@Index('ix_user_1', (user: User) => [user.id], { unique: true })\n@ObjectType()\nexport class User {\n @PrimaryGeneratedColumn('uuid')\n @Field(type => ID)\n readonly id: string\n\n @Column()\n @Field()\n name: string\n\n @Column({\n nullable: true\n })\n @Field({ nullable: true })\n description: string\n\n @ManyToMany(type => Domain)\n @JoinTable({ name: 'users_domains' })\n @Field(type => [Domain])\n domains?: Domain[]\n\n @Column()\n @Field(type => GraphQLEmailAddress)\n email: string\n\n @Directive('@privilege(category: \"security\", privilege: \"query\", domainOwnerGranted: true)')\n @Column({\n nullable: true,\n type: DATABASE_TYPE == 'mysql' || DATABASE_TYPE == 'mariadb' ? 'longtext' : DATABASE_TYPE == 'oracle' ? 'clob' : 'varchar'\n })\n password: string\n\n @ManyToMany(type => Role, role => role.users)\n @JoinTable({ name: 'users_roles' })\n @Field(type => [Role])\n roles?: Role[]\n\n @Column({\n nullable: true\n })\n @Field({ nullable: true })\n userType: string // default: 'user', enum: 'user', 'application', 'appliance'\n\n @Column({\n nullable: true\n })\n @Field({ nullable: true })\n reference: string\n\n @Directive('@privilege(category: \"security\", privilege: \"query\", domainOwnerGranted: true)')\n @Column({\n nullable: true\n })\n salt: string\n\n @Column({ nullable: true })\n @Field({ nullable: true })\n locale: string\n\n @Directive('@privilege(category: \"security\", privilege: \"query\", domainOwnerGranted: true)')\n @Column({ nullable: true })\n @Field({ nullable: true })\n ssoId: string\n\n @Column({\n type: DATABASE_TYPE == 'postgres' || DATABASE_TYPE == 'mysql' || DATABASE_TYPE == 'mariadb' ? 'enum' : DATABASE_TYPE == 'oracle' ? 'varchar2' : 'smallint',\n enum: UserStatus,\n default: UserStatus.INACTIVE\n })\n @Field(type => String)\n status: UserStatus\n\n @Column({\n type: 'smallint',\n default: 0\n })\n failCount: number\n\n @Column({\n nullable: true\n })\n passwordUpdatedAt: Date\n\n @Field({ nullable: true })\n owner: boolean /* should not be a column */\n\n @OneToMany(() => UsersAuthProviders, usersAuthProviders => usersAuthProviders.user)\n @Field(type => [UsersAuthProviders], { nullable: true })\n usersAuthProviders: UsersAuthProviders[]\n\n @ManyToOne(type => User, { nullable: true })\n @Field({ nullable: true })\n creator: User\n\n @RelationId((user: User) => user.creator)\n creatorId: string\n\n @ManyToOne(type => User, { nullable: true })\n @Field({ nullable: true })\n updater: User\n\n @RelationId((user: User) => user.updater)\n updaterId: string\n\n @CreateDateColumn()\n @Field({ nullable: true })\n createdAt: Date\n\n @UpdateDateColumn()\n @Field({ nullable: true })\n updatedAt: Date\n\n /* signing for jsonwebtoken */\n async sign(options?) {\n var { expiresIn = sessionExpirySeconds, subdomain } = options || {}\n\n var user = {\n id: this.id,\n userType: this.userType,\n status: this.status,\n domain: {\n subdomain\n }\n }\n\n return await jwt.sign(user, SECRET, {\n expiresIn,\n issuer: 'hatiolab.com',\n subject: 'user'\n })\n }\n\n /* validate password through password rule */\n static validatePasswordByRule(password, lng) {\n validatePasswordByRule(password, lng)\n }\n\n /* generate salt */\n static generateSalt() {\n return crypto.randomBytes(16).toString('hex')\n }\n\n /* encode password */\n static encode(password: string, salt) {\n return crypto\n .createHmac('sha256', salt || SECRET)\n .update(password)\n .digest('base64')\n }\n\n /* verify password */\n static verify(hashed, password, salt) {\n return (\n hashed ==\n crypto\n .createHmac('sha256', salt || SECRET)\n .update(password)\n .digest('base64') ||\n hashed ==\n crypto\n .createHmac('sha1', salt || SECRET)\n .update(password)\n .digest('base64')\n )\n }\n\n static async checkAuthWithEmail(decoded) {\n if (!decoded?.email) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND\n })\n }\n\n const repository = getRepository(User)\n var user = await repository.findOne({\n where: { email: decoded.email },\n relations: ['domains'],\n cache: true\n })\n\n if (!user)\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND\n })\n else {\n switch (user.status) {\n case UserStatus.INACTIVE:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_ACTIVATED,\n detail: {\n email: user.email\n }\n })\n case UserStatus.LOCKED:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_LOCKED,\n detail: {\n email: user.email\n }\n })\n case UserStatus.DELETED:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_DELETED\n })\n }\n\n return user\n }\n }\n\n static async checkAuth(decoded) {\n if (decoded?.id === undefined) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND\n })\n }\n\n const repository = getRepository(User)\n var user = await repository.findOne({\n where: { id: decoded.id },\n relations: ['domains'],\n cache: true\n })\n\n if (!user)\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND\n })\n else {\n switch (user.status) {\n case UserStatus.INACTIVE:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_ACTIVATED,\n detail: {\n email: user.email\n }\n })\n case UserStatus.LOCKED:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_LOCKED,\n detail: {\n email: user.email\n }\n })\n case UserStatus.DELETED:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_DELETED\n })\n }\n\n const { defaultPassword } = config.get('password')\n\n if (defaultPassword && user.password === this.encode(defaultPassword, user.salt)) {\n user.status = UserStatus.PWD_RESET_REQUIRED\n }\n\n return user\n }\n }\n\n static async hasPrivilege(privilege: string, category: string, domain: Domain, user: User): Promise<boolean> {\n const result = await getRepository(Privilege)\n .createQueryBuilder('privilege')\n .innerJoin('privilege.roles', 'role')\n .innerJoin('role.users', 'user')\n .where('privilege.category = :category', { category })\n .andWhere('privilege.name = :privilege', { privilege })\n .andWhere('user.id = :userId', { userId: user.id })\n .andWhere('role.domain.id = :domainId', { domainId: domain.id })\n .getCount()\n\n return result > 0\n }\n\n static async getPrivilegesByDomain(user: User, domain: Domain): Promise<{ category: string; privilege: string }[]> {\n const result = await getRepository(User)\n .createQueryBuilder('user')\n .leftJoinAndSelect('user.roles', 'role')\n .leftJoinAndSelect('role.privileges', 'privilege')\n .select(['privilege.name AS privilege', 'privilege.category AS category'])\n .where('user.id = :userId', { userId: user.id })\n .andWhere('role.domain.id = :domainId', { domainId: domain.id })\n .orderBy('privilege.category')\n .addOrderBy('privilege.name')\n .getRawMany()\n\n const distinct = result.reduce((acc, current) => {\n const last = acc[acc.length - 1]\n if (!last || last.privilege !== current.privilege || last.category !== current.category) {\n acc.push(current)\n }\n return acc\n }, [])\n\n return distinct\n }\n\n static async getDomainsWithPrivilege(privilege: string, category: string, user: User) {\n return getDomainsWithPrivilege(user, privilege, category)\n }\n}\n"]}