npm - @things-factory/auth-base - Versions diffs - 7.0.0-alpha.8 → 7.0.0 - Mend

@things-factory/auth-base 7.0.0-alpha.8 → 7.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (311) hide show

package/server/router/webauthn-router.ts ADDED Viewed

@@ -0,0 +1,87 @@
+import Router from 'koa-router'
+import { getRepository } from '@things-factory/shell'
+import { appPackage } from '@things-factory/env'
+import { generateRegistrationOptions, generateAuthenticationOptions } from '@simplewebauthn/server'
+import { WebAuthCredential } from '../service/web-auth-credential/web-auth-credential'
+import {
+  PublicKeyCredentialCreationOptionsJSON,
+} from '@simplewebauthn/server/script/deps'
+import { setAccessTokenCookie } from '../utils/access-token-cookie'
+import { createWebAuthnMiddleware } from '../middlewares/webauthn-middleware';
+export const webAuthnGlobalPublicRouter = new Router()
+export const webAuthnGlobalPrivateRouter = new Router()
+const { name: rpName } = appPackage as any
+webAuthnGlobalPrivateRouter.get('/auth/register-webauthn/challenge', async (context, next) => {
+  const { user } = context.state
+  const rpID = context.hostname
+  const webAuthCredentials = await getRepository(WebAuthCredential).find({
+    where: {
+      user: { id: user.id }
+    }
+  })
+  const options: PublicKeyCredentialCreationOptionsJSON = await generateRegistrationOptions({
+    rpName,
+    rpID,
+    userName: user.email,
+    userDisplayName: user.name,
+    // Don't prompt users for additional information about the authenticator
+    // (Recommended for smoother UX)
+    attestationType: 'none',
+    // Prevent users from re-registering existing authenticators
+    excludeCredentials: webAuthCredentials.map(credential => ({
+      id: credential.credentialId
+      // Optional
+      // transports: credential.transports
+    })),
+    authenticatorSelection: {
+      // Defaults
+      residentKey: 'preferred',
+      userVerification: 'preferred',
+      // Optional
+      authenticatorAttachment: 'platform'
+    }
+  })
+  context.session.challenge = options.challenge
+  context.body = options
+})
+webAuthnGlobalPrivateRouter.post('/auth/verify-registration', createWebAuthnMiddleware('webauthn-register'));
+webAuthnGlobalPublicRouter.get('/auth/signin-webauthn/challenge', async (context, next) => {
+  const rpID = context.hostname
+  const options = await generateAuthenticationOptions({
+    rpID,
+    userVerification: 'preferred'
+  })
+  context.session.challenge = options.challenge
+  context.body = options
+})
+webAuthnGlobalPublicRouter.post(
+  '/auth/signin-webauthn', createWebAuthnMiddleware('webauthn-login'),
+  async (context, next) => {
+    const { domain, user } = context. state
+    const { request } = context
+    const { body: reqBody } = request
+    const token = await user.sign({ subdomain: domain?.subdomain })
+    setAccessTokenCookie(context, token)
+    var redirectURL = `/auth/checkin${domain ? '/' + domain.subdomain : ''}?redirect_to=${encodeURIComponent(reqBody.redirectTo || '/')}`
+    /* 2단계 인터렉션 때문에 브라우저에서 fetch(...)로 진행될 것이므로, redirect(3xx) 응답으로 처리할 수 없다. 따라서, 데이타로 redirectURL를 응답한다. */
+    context.body = { redirectURL, verified: true }
+    await next();
+  }
+)

package/server/routes.ts CHANGED Viewed

@@ -10,11 +10,12 @@ import {
   oauth2AuthorizeRouter,
   oauth2Router,
   pathBaseDomainRouter,
-  siteRootRouter
+  siteRootRouter,
+  webAuthnGlobalPublicRouter,
+  webAuthnGlobalPrivateRouter
 } from './router'
 import { setAccessTokenCookie } from './utils/access-token-cookie'
-import { User } from './service/user/user'
 const isPathBaseDomain = !config.get('subdomain') && !config.get('useVirtualHostBasedDomain')
@@ -27,7 +28,7 @@ process.on('bootstrap-module-global-public-route' as any, (app, globalPublicRout
     authSigninRouter.get('/auth/sso-signin', app.ssoMiddlewares[0], async context => {
       const { user } = context.state
-      const token = user.sign()
+      const token = await user.sign()
       setAccessTokenCookie(context, token)
       context.redirect('/auth/checkin')
@@ -41,12 +42,14 @@ process.on('bootstrap-module-global-private-route' as any, (app, globalPrivateRo
   /* globalPrivateRouter based nested-routers */
   globalPrivateRouter.use(authCheckinRouter.routes(), authCheckinRouter.allowedMethods())
   globalPrivateRouter.use(authPrivateProcessRouter.routes(), authPrivateProcessRouter.allowedMethods())
+  globalPrivateRouter.use(webAuthnGlobalPrivateRouter.routes(), webAuthnGlobalPrivateRouter.allowedMethods())
 })
 process.on('bootstrap-module-domain-public-route' as any, (app, domainPublicRouter) => {
   /* domainPublicRouter based nested-routers */
   domainPublicRouter.use(authSigninRouter.routes(), authSigninRouter.allowedMethods())
   domainPublicRouter.use(authSignupRouter.routes(), authSignupRouter.allowedMethods())
+  domainPublicRouter.use(webAuthnGlobalPublicRouter.routes(), webAuthnGlobalPublicRouter.allowedMethods())
   /* path '/admin/oauth/...' is deprecated. should use path '/oauth/...' for oauth2 related routing */
   domainPublicRouter.use('/oauth', oauth2Router.routes(), oauth2Router.allowedMethods()) // if i use context
@@ -61,11 +64,7 @@ process.on('bootstrap-module-domain-private-route' as any, (app, domainPrivateRo
     // pathBaseDomainRouter는 history-fallback의 경우에 인증 처리를 하기 위한 라우터이다.
     // (보통, URL 링크등을 통해서 domain path URL로 바로 요청하는 경우에 해당한다.)
     // pathBaseDomainRouter는 domain path를 domain-private-router를 사용하는 것을 전제로 한다.
-    domainPrivateRouter.use(
-      '/domain/:domain/oauth',
-      oauth2AuthorizeRouter.routes(),
-      oauth2AuthorizeRouter.allowedMethods()
-    )
+    domainPrivateRouter.use('/domain/:domain/oauth', oauth2AuthorizeRouter.routes(), oauth2AuthorizeRouter.allowedMethods())
     domainPrivateRouter.use('/domain', pathBaseDomainRouter.routes(), pathBaseDomainRouter.allowedMethods())
   }

package/server/service/app-binding/app-binding-query.ts CHANGED Viewed

@@ -22,7 +22,7 @@ export class AppBindingQuery {
   /* TODO optimize query */
   @Query(returns => AppBindingList)
-  async appBindings(@Args() params: ListParam, @Ctx() context: ResolverContext): Promise<UserList> {
+  async appBindings(@Args(type => ListParam) params: ListParam, @Ctx() context: ResolverContext): Promise<UserList> {
     const { domain } = context.state
     // const convertedParams = convertListParams(params)

package/server/service/appliance/appliance-query.ts CHANGED Viewed

@@ -17,7 +17,28 @@ export class ApplianceQuery {
   @Directive('@privilege(category: "user", privilege: "query", domainOwnerGranted: true, superUserGranted: true)')
   @Query(returns => ApplianceList, { description: 'To fetch multiple appliance' })
-  async appliances(@Args() params: ListParam, @Ctx() context: ResolverContext): Promise<ApplianceList> {
+  async appliances(
+    @Args(type => ListParam) params: ListParam,
+    @Ctx() context: ResolverContext
+  ): Promise<ApplianceList> {
+    const { domain } = context.state
+    const queryBuilder = getQueryBuilderFromListParams({
+      domain,
+      params,
+      repository: getRepository(Appliance),
+      alias: 'appliance',
+      searchables: ['name', 'description']
+    })
+    const [items, total] = await queryBuilder.getManyAndCount()
+    return { items, total }
+  }
+  @Directive('@privilege(category: "user", privilege: "query", domainOwnerGranted: true, superUserGranted: true)')
+  @Query(returns => ApplianceList, { description: 'To fetch multiple appliance' })
+  async edges(@Args(type => ListParam) params: ListParam, @Ctx() context: ResolverContext): Promise<ApplianceList> {
     const { domain } = context.state
     const queryBuilder = getQueryBuilderFromListParams({

package/server/service/appliance/appliance.ts CHANGED Viewed

@@ -30,7 +30,8 @@ export class Appliance {
   readonly id: string
   @ManyToOne(type => Domain)
-  domain: Domain
+  @Field(type => Domain)
+  domain?: Domain
   @RelationId((appliance: Appliance) => appliance.domain)
   domainId: string
@@ -71,8 +72,8 @@ export class Appliance {
       DATABASE_TYPE == 'mysql' || DATABASE_TYPE == 'mariadb'
         ? 'longtext'
         : DATABASE_TYPE == 'oracle'
-        ? 'clob'
-        : 'varchar'
+          ? 'clob'
+          : 'varchar'
   })
   @Field({ nullable: true })
   @Directive('@privilege(category: "security", privilege: "query", domainOwnerGranted: true)')

package/server/service/application/application-query.ts CHANGED Viewed

@@ -24,7 +24,7 @@ export class ApplicationQuery {
   @Directive('@privilege(category: "user", privilege: "query", domainOwnerGranted: true, superUserGranted: true)')
   @Query(returns => ApplicationList, { description: 'To fetch multiple application' })
-  async applications(@Args() params: ListParam, @Ctx() context: ResolverContext) {
+  async applications(@Args(type => ListParam) params: ListParam, @Ctx() context: ResolverContext) {
     const { domain } = context.state
     const queryBuilder = getQueryBuilderFromListParams({

package/server/service/application/application.ts CHANGED Viewed

@@ -54,6 +54,7 @@ export class Application {
   readonly id?: string
   @ManyToOne(type => Domain)
+  @Field(type => Domain)
   domain?: Domain
   @RelationId((application: Application) => application.domain)
@@ -97,8 +98,8 @@ export class Application {
       DATABASE_TYPE == 'mysql' || DATABASE_TYPE == 'mariadb'
         ? 'longtext'
         : DATABASE_TYPE == 'oracle'
-        ? 'clob'
-        : 'varchar'
+          ? 'clob'
+          : 'varchar'
   })
   @Field({ nullable: true })
   @Directive('@privilege(category: "security", privilege: "query", domainOwnerGranted: true)')
@@ -113,8 +114,8 @@ export class Application {
       DATABASE_TYPE == 'postgres' || DATABASE_TYPE == 'mysql' || DATABASE_TYPE == 'mariadb'
         ? 'enum'
         : DATABASE_TYPE == 'oracle'
-        ? 'varchar2'
-        : 'smallint',
+          ? 'varchar2'
+          : 'smallint',
     enum: ApplicationType,
     default: ApplicationType.OTHERS
   })
@@ -130,14 +131,14 @@ export class Application {
   updatedAt?: Date
   @ManyToOne(type => User, { nullable: true })
-  @Field({ nullable: true })
+  @Field(type => User, { nullable: true })
   creator?: User
   @RelationId((application: Application) => application.creator)
   creatorId?: string
   @ManyToOne(type => User, { nullable: true })
-  @Field({ nullable: true })
+  @Field(type => User, { nullable: true })
   updater?: User
   @RelationId((application: Application) => application.updater)

package/server/service/auth-provider/auth-provider-parameter-spec.ts CHANGED Viewed

@@ -18,4 +18,7 @@ export class AuthProviderParameterSpec {
   @Field(type => ScalarObject, { nullable: true })
   property?: { [key: string]: any }
+  @Field(type => ScalarObject, { nullable: true })
+  styles?: { [key: string]: any }
 }

package/server/service/auth-provider/auth-provider-query.ts CHANGED Viewed

@@ -25,7 +25,10 @@ export class AuthProviderQuery {
   @Directive('@privilege(category: "user", privilege: "query", domainOwnerGranted: true, superUserGranted: true)')
   @Query(returns => AuthProviderList, { description: 'To fetch multiple AuthProviders' })
-  async authProviders(@Args() params: ListParam, @Ctx() context: ResolverContext): Promise<AuthProviderList> {
+  async authProviders(
+    @Args(type => ListParam) params: ListParam,
+    @Ctx() context: ResolverContext
+  ): Promise<AuthProviderList> {
     const { domain } = context.state
     const queryBuilder = getQueryBuilderFromListParams({

package/server/service/auth-provider/auth-provider-type.ts CHANGED Viewed

@@ -1,11 +1,7 @@
-import type { FileUpload } from 'graphql-upload/GraphQLUpload.js'
-import GraphQLUpload from 'graphql-upload/GraphQLUpload.js'
-import { ObjectType, Field, InputType, Int, ID, registerEnumType } from 'type-graphql'
+import { ObjectType, Field, InputType, Int, ID } from 'type-graphql'
-import { ObjectRef, ScalarObject } from '@things-factory/shell'
-import { AuthProvider, AuthProviderStatus } from './auth-provider'
-import { AuthProviderParameterSpec } from './auth-provider-parameter-spec'
+import { ScalarObject } from '@things-factory/shell'
+import { AuthProvider } from './auth-provider'
 @InputType()
 export class NewAuthProvider {

package/server/service/auth-provider/auth-provider.ts CHANGED Viewed

@@ -1,17 +1,15 @@
 import {
   CreateDateColumn,
   UpdateDateColumn,
-  DeleteDateColumn,
   Entity,
   Index,
   Column,
   RelationId,
   ManyToOne,
   OneToMany,
-  PrimaryGeneratedColumn,
-  VersionColumn
+  PrimaryGeneratedColumn
 } from 'typeorm'
-import { Directive, ObjectType, Field, Int, ID, registerEnumType } from 'type-graphql'
+import { Directive, ObjectType, Field, Int, ID } from 'type-graphql'
 import { Domain, ScalarObject, encryptTransformer } from '@things-factory/shell'
 import { User } from '../user/user'
@@ -30,16 +28,6 @@ export type AuthProviderRegistry = {
   [type: string]: AuthProviderImpl
 }
-export enum AuthProviderStatus {
-  STATUS_A = 'STATUS_A',
-  STATUS_B = 'STATUS_B'
-}
-registerEnumType(AuthProviderStatus, {
-  name: 'AuthProviderStatus',
-  description: 'state enumeration of a authProvider'
-})
 @ObjectType()
 export class AuthProviderType {
   @Field()
@@ -75,7 +63,7 @@ export class AuthProvider {
   readonly id: string
   @ManyToOne(type => Domain)
-  @Field({ nullable: true })
+  @Field(type => Domain)
   domain?: Domain
   @RelationId((authProvider: AuthProvider) => authProvider.domain)
@@ -89,10 +77,6 @@ export class AuthProvider {
   @Field({ nullable: true })
   active?: boolean
-  @Column({ nullable: true })
-  @Field({ nullable: true })
-  state?: AuthProviderStatus
   @Directive('@privilege(category: "security", privilege: "query", domainOwnerGranted: true)')
   @Column({ nullable: true })
   @Field({ nullable: true })

package/server/service/granted-role/granted-role.ts CHANGED Viewed

@@ -19,8 +19,8 @@ export class GrantedRole {
   roleId: string
   @ManyToOne(type => Domain)
-  @Field()
-  domain: Domain
+  @Field(type => Domain)
+  domain?: Domain
   @RelationId((grantedRole: GrantedRole) => grantedRole.domain)
   domainId: string

package/server/service/index.ts CHANGED Viewed

@@ -1,8 +1,5 @@
 /* IMPORT ENTITIES AND RESOLVERS */
-import {
-  entities as UsersAuthProvidersEntities,
-  resolvers as UsersAuthProvidersResolvers
-} from './users-auth-providers'
+import { entities as UsersAuthProvidersEntities, resolvers as UsersAuthProvidersResolvers } from './users-auth-providers'
 import { entities as AuthProviderEntities, resolvers as AuthProviderResolvers } from './auth-provider'
 import { resolvers as AppbindingResolver } from './app-binding'
 import { entities as ApplianceEntities, resolvers as ApplianceResolvers } from './appliance'
@@ -18,6 +15,7 @@ import { privilegeDirectiveResolver, privilegeDirectiveTypeDefs } from './privil
 import { entities as RoleEntities, resolvers as RoleResolvers } from './role'
 import { entities as UserEntities, resolvers as UserResolvers } from './user'
 import { entities as VerificationTokenEntities } from './verification-token'
+import { entities as WebAuthCredentialEntities } from './web-auth-credential'
 /* EXPORT ENTITY TYPES */
 export * from './users-auth-providers/users-auth-providers'
@@ -34,6 +32,7 @@ export * from './app-binding/app-binding'
 export * from './password-history/password-history'
 export * from './verification-token/verification-token'
 export * from './login-history/login-history'
+export * from './web-auth-credential/web-auth-credential'
 /* EXPORT TYPES */
 export * from './app-binding/app-binding-types'
@@ -60,7 +59,8 @@ export const entities = [
   ...InvitationEntities,
   ...PasswordHistoryEntities,
   ...VerificationTokenEntities,
-  ...LoginHistoryEntities
+  ...LoginHistoryEntities,
+  ...WebAuthCredentialEntities
 ]
 export const schema = {

package/server/service/login-history/login-history-query.ts CHANGED Viewed

@@ -9,7 +9,10 @@ import { LoginHistoryList } from './login-history-type'
 @Resolver(LoginHistory)
 export class LoginHistoryQuery {
   @Query(returns => LoginHistoryList, { description: 'To fetch multiple LoginHistories' })
-  async loginHistories(@Args() params: ListParam, @Ctx() context: ResolverContext): Promise<LoginHistoryList> {
+  async loginHistories(
+    @Args(type => ListParam) params: ListParam,
+    @Ctx() context: ResolverContext
+  ): Promise<LoginHistoryList> {
     const { domain } = context.state
     const queryBuilder = getQueryBuilderFromListParams({

package/server/service/login-history/login-history.ts CHANGED Viewed

@@ -14,14 +14,14 @@ export class LoginHistory {
   readonly id: string
   @ManyToOne(type => Domain)
-  @Field()
-  accessDomain: Domain
+  @Field(type => Domain)
+  accessDomain?: Domain
   @RelationId((loginHistory: LoginHistory) => loginHistory.accessDomain)
   accessDomainId: string
   @ManyToOne(type => User)
-  @Field()
+  @Field(type => User)
   accessUser: User
   @RelationId((loginHistory: LoginHistory) => loginHistory.accessUser)

package/server/service/partner/partner-query.ts CHANGED Viewed

@@ -12,7 +12,7 @@ import { PartnerList } from './partner-types'
 export class PartnerQuery {
   @Directive('@privilege(category: "partner", privilege: "query", domainOwnerGranted: true)')
   @Query(returns => PartnerList)
-  async partners(@Args() params: ListParam, @Ctx() context: ResolverContext): Promise<PartnerList> {
+  async partners(@Args(type => ListParam) params: ListParam, @Ctx() context: ResolverContext): Promise<PartnerList> {
     if (await checkUserBelongsDomain(context.state.domain, context.state.user)) {
       const { domain } = context.state
@@ -45,7 +45,10 @@ export class PartnerQuery {
   @Directive('@privilege(category: "partner", privilege: "query")')
   @Query(returns => DomainList)
-  async searchCustomers(@Args() params: ListParam, @Ctx() context: ResolverContext): Promise<DomainList> {
+  async searchCustomers(
+    @Args(type => ListParam) params: ListParam,
+    @Ctx() context: ResolverContext
+  ): Promise<DomainList> {
     const { domain } = context.state
     const partners: Partner[] = await getRepository(Partner).find({
       where: { domain: { id: domain.id } },

package/server/service/partner/partner.ts CHANGED Viewed

@@ -20,25 +20,25 @@ export class Partner {
   readonly id: string
   @ManyToOne(type => Domain)
-  @Field()
-  domain: Domain
+  @Field(type => Domain)
+  domain?: Domain
   @RelationId((partner: Partner) => partner.domain)
   domainId: string
   @ManyToOne(type => Domain)
-  @Field()
-  partnerDomain: Domain
+  @Field(type => Domain)
+  partnerDomain?: Domain
   @RelationId((partner: Partner) => partner.partnerDomain)
   partnerDomainId: string
   @CreateDateColumn()
-  @Field()
+  @Field({ nullable: true })
   requestedAt: Date
   @UpdateDateColumn()
-  @Field()
+  @Field({ nullable: true })
   approvedAt: Date
   @ManyToOne(type => User, { nullable: true })

package/server/service/privilege/privilege-query.ts CHANGED Viewed

@@ -10,7 +10,10 @@ import { PrivilegeList } from './privilege-types'
 export class PrivilegeQuery {
   @Directive('@privilege(category: "privilege", privilege: "query", domainOwnerGranted: true, superUserGranted: true)')
   @Query(returns => PrivilegeList, { description: 'To fetch multiple privileges' })
-  async privileges(@Args() params: ListParam, @Ctx() context: ResolverContext): Promise<PrivilegeList> {
+  async privileges(
+    @Args(type => ListParam) params: ListParam,
+    @Ctx() context: ResolverContext
+  ): Promise<PrivilegeList> {
     const [items, total] = await getQueryBuilderFromListParams({
       params,
       repository: getRepository(Privilege),
@@ -29,13 +32,21 @@ export class PrivilegeQuery {
   }
   @Query(returns => Boolean, { description: 'To query whether I have the given permission' })
-  async hasPrivilege(@Arg('privilege') privilege: string, @Arg('category') category: string, @Ctx() context: ResolverContext): Promise<Boolean> {
+  async hasPrivilege(
+    @Arg('privilege') privilege: string,
+    @Arg('category') category: string,
+    @Ctx() context: ResolverContext
+  ): Promise<Boolean> {
     const { domain, user } = context.state
     return await User.hasPrivilege(privilege, category, domain, user)
   }
   @Query(returns => [Domain], { description: 'To fetch domains with given privilege for user' })
-  async domainsWithPrivilege(@Arg('privilege') privilege: string, @Arg('category') category: string, @Ctx() context: ResolverContext): Promise<Partial<Domain>[]> {
+  async domainsWithPrivilege(
+    @Arg('privilege') privilege: string,
+    @Arg('category') category: string,
+    @Ctx() context: ResolverContext
+  ): Promise<Partial<Domain>[]> {
     const { user } = context.state
     return await User.getDomainsWithPrivilege(privilege, category, user)
   }

package/server/service/role/role-query.ts CHANGED Viewed

@@ -24,7 +24,7 @@ export class RoleQuery {
   @Directive('@privilege(category: "user", privilege: "query", domainOwnerGranted: true, superUserGranted: true)')
   @Query(returns => RoleList, { description: 'To fetch multiple users' })
-  async roles(@Args() params: ListParam, @Ctx() context: ResolverContext): Promise<RoleList> {
+  async roles(@Args(type => ListParam) params: ListParam, @Ctx() context: ResolverContext): Promise<RoleList> {
     const { domain } = context.state
     const [items, total] = await getQueryBuilderFromListParams({

package/server/service/role/role.ts CHANGED Viewed

@@ -24,13 +24,14 @@ export class Role {
   readonly id: string
   @ManyToOne(type => Domain)
-  domain: Domain
+  @Field(type => Domain)
+  domain?: Domain
   @RelationId((role: Role) => role.domain)
   domainId: string
   @Column()
-  @Field()
+  @Field({ nullable: true })
   name: string
   @ManyToMany(type => User, user => user.roles)

package/server/service/user/user-query.ts CHANGED Viewed

@@ -27,7 +27,7 @@ export class UserQuery {
   @Directive('@privilege(category: "user", privilege: "query", domainOwnerGranted: true, superUserGranted: true)')
   @Query(returns => UserList, { description: 'To fetch multiple users' })
-  async users(@Args() params: ListParam, @Ctx() context: ResolverContext): Promise<UserList> {
+  async users(@Args(type => ListParam) params: ListParam, @Ctx() context: ResolverContext): Promise<UserList> {
     const { domain } = context.state
     const qb = getQueryBuilderFromListParams({
@@ -83,38 +83,6 @@ export class UserQuery {
     return Boolean(defaultPassword)
   }
-  // @Query(returns => [User], { description: '...' })
-  // async domainUsers(@Ctx() context: ResolverContext): Promise<User[]> {
-  //   const { domain } = context.state
-  //   const qb: SelectQueryBuilder<User> = buildDomainUsersQueryBuilder(domain.id, 'USER')
-  //   const domainUsers: User[] = await qb
-  //     .orWhere(qb => {
-  //       const subQuery = qb
-  //         .subQuery()
-  //         .select('CAST(APPLICATION.id as TEXT)')
-  //         .from(Application, 'APPLICATION')
-  //         .where('APPLICATION.domain_id = :domainId', { domainId: domain.id })
-  //         .getQuery()
-  //       return 'USER.reference IN ' + subQuery
-  //     })
-  //     .orWhere(qb => {
-  //       const subQuery = qb
-  //         .subQuery()
-  //         .select('CAST(APPLIANCE.id as TEXT)')
-  //         .from(Appliance, 'APPLIANCE')
-  //         .where('APPLIANCE.domain_id = :domainId', { domainId: domain.id })
-  //         .getQuery()
-  //       return 'USER.reference IN ' + subQuery
-  //     })
-  //     .getMany()
-  //   return domainUsers.map((user: User & { owner: boolean }) => {
-  //     user.owner = user.id === domain.owner
-  //     return user
-  //   })
-  // }
   @Directive('@privilege(category: "user", privilege: "query")')
   @Query(returns => Boolean, { description: '...' })
   async checkUserExistence(@Arg('email', type => GraphQLEmailAddress) email: string): Promise<Boolean> {