@things-factory/auth-base 8.0.0-beta.1 → 8.0.0-beta.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +6 -6
- package/client/actions/auth.ts +0 -24
- package/client/auth.ts +0 -272
- package/client/bootstrap.ts +0 -47
- package/client/directive/privileged.ts +0 -28
- package/client/index.ts +0 -4
- package/client/profiled.ts +0 -83
- package/client/reducers/auth.ts +0 -31
- package/client/verify-webauthn.ts +0 -86
- package/server/constants/error-code.ts +0 -22
- package/server/constants/error-message.ts +0 -0
- package/server/constants/max-age.ts +0 -1
- package/server/controllers/auth.ts +0 -5
- package/server/controllers/change-pwd.ts +0 -100
- package/server/controllers/checkin.ts +0 -21
- package/server/controllers/delete-user.ts +0 -71
- package/server/controllers/invitation.ts +0 -163
- package/server/controllers/profile.ts +0 -55
- package/server/controllers/reset-password.ts +0 -126
- package/server/controllers/signin.ts +0 -98
- package/server/controllers/signup.ts +0 -72
- package/server/controllers/unlock-user.ts +0 -62
- package/server/controllers/utils/make-invitation-token.ts +0 -5
- package/server/controllers/utils/make-verification-token.ts +0 -4
- package/server/controllers/utils/password-rule.ts +0 -120
- package/server/controllers/utils/save-invitation-token.ts +0 -10
- package/server/controllers/utils/save-verification-token.ts +0 -12
- package/server/controllers/verification.ts +0 -84
- package/server/errors/auth-error.ts +0 -24
- package/server/errors/index.ts +0 -2
- package/server/errors/user-domain-not-match-error.ts +0 -29
- package/server/index.ts +0 -37
- package/server/middlewares/authenticate-401-middleware.ts +0 -114
- package/server/middlewares/domain-authenticate-middleware.ts +0 -78
- package/server/middlewares/graphql-authenticate-middleware.ts +0 -13
- package/server/middlewares/index.ts +0 -67
- package/server/middlewares/jwt-authenticate-middleware.ts +0 -84
- package/server/middlewares/signin-middleware.ts +0 -55
- package/server/middlewares/webauthn-middleware.ts +0 -126
- package/server/migrations/1548206416130-SeedUser.ts +0 -60
- package/server/migrations/1566805283882-SeedPrivilege.ts +0 -28
- package/server/migrations/index.ts +0 -9
- package/server/router/auth-checkin-router.ts +0 -113
- package/server/router/auth-private-process-router.ts +0 -114
- package/server/router/auth-public-process-router.ts +0 -314
- package/server/router/auth-signin-router.ts +0 -55
- package/server/router/auth-signup-router.ts +0 -95
- package/server/router/index.ts +0 -9
- package/server/router/oauth2/index.ts +0 -2
- package/server/router/oauth2/oauth2-authorize-router.ts +0 -81
- package/server/router/oauth2/oauth2-router.ts +0 -165
- package/server/router/oauth2/oauth2-server.ts +0 -262
- package/server/router/oauth2/passport-oauth2-client-password.ts +0 -87
- package/server/router/oauth2/passport-refresh-token.ts +0 -87
- package/server/router/path-base-domain-router.ts +0 -8
- package/server/router/site-root-router.ts +0 -48
- package/server/router/webauthn-router.ts +0 -149
- package/server/routes.ts +0 -80
- package/server/service/app-binding/app-binding-mutation.ts +0 -22
- package/server/service/app-binding/app-binding-query.ts +0 -92
- package/server/service/app-binding/app-binding-types.ts +0 -11
- package/server/service/app-binding/app-binding.ts +0 -17
- package/server/service/app-binding/index.ts +0 -4
- package/server/service/appliance/appliance-mutation.ts +0 -113
- package/server/service/appliance/appliance-query.ts +0 -76
- package/server/service/appliance/appliance-types.ts +0 -56
- package/server/service/appliance/appliance.ts +0 -133
- package/server/service/appliance/index.ts +0 -6
- package/server/service/application/application-mutation.ts +0 -104
- package/server/service/application/application-query.ts +0 -98
- package/server/service/application/application-types.ts +0 -76
- package/server/service/application/application.ts +0 -216
- package/server/service/application/index.ts +0 -6
- package/server/service/auth-provider/auth-provider-mutation.ts +0 -159
- package/server/service/auth-provider/auth-provider-parameter-spec.ts +0 -24
- package/server/service/auth-provider/auth-provider-query.ts +0 -88
- package/server/service/auth-provider/auth-provider-type.ts +0 -67
- package/server/service/auth-provider/auth-provider.ts +0 -155
- package/server/service/auth-provider/index.ts +0 -7
- package/server/service/domain-generator/domain-generator-mutation.ts +0 -117
- package/server/service/domain-generator/domain-generator-types.ts +0 -46
- package/server/service/domain-generator/index.ts +0 -3
- package/server/service/granted-role/granted-role-mutation.ts +0 -156
- package/server/service/granted-role/granted-role-query.ts +0 -60
- package/server/service/granted-role/granted-role.ts +0 -27
- package/server/service/granted-role/index.ts +0 -6
- package/server/service/index.ts +0 -90
- package/server/service/invitation/index.ts +0 -6
- package/server/service/invitation/invitation-mutation.ts +0 -78
- package/server/service/invitation/invitation-query.ts +0 -33
- package/server/service/invitation/invitation-types.ts +0 -11
- package/server/service/invitation/invitation.ts +0 -63
- package/server/service/login-history/index.ts +0 -5
- package/server/service/login-history/login-history-query.ts +0 -51
- package/server/service/login-history/login-history-type.ts +0 -12
- package/server/service/login-history/login-history.ts +0 -45
- package/server/service/partner/index.ts +0 -6
- package/server/service/partner/partner-mutation.ts +0 -61
- package/server/service/partner/partner-query.ts +0 -102
- package/server/service/partner/partner-types.ts +0 -11
- package/server/service/partner/partner.ts +0 -57
- package/server/service/password-history/index.ts +0 -3
- package/server/service/password-history/password-history.ts +0 -16
- package/server/service/privilege/index.ts +0 -6
- package/server/service/privilege/privilege-directive.ts +0 -77
- package/server/service/privilege/privilege-mutation.ts +0 -92
- package/server/service/privilege/privilege-query.ts +0 -94
- package/server/service/privilege/privilege-types.ts +0 -60
- package/server/service/privilege/privilege.ts +0 -102
- package/server/service/role/index.ts +0 -6
- package/server/service/role/role-mutation.ts +0 -109
- package/server/service/role/role-query.ts +0 -155
- package/server/service/role/role-types.ts +0 -81
- package/server/service/role/role.ts +0 -72
- package/server/service/user/domain-query.ts +0 -24
- package/server/service/user/index.ts +0 -7
- package/server/service/user/user-mutation.ts +0 -482
- package/server/service/user/user-query.ts +0 -145
- package/server/service/user/user-types.ts +0 -100
- package/server/service/user/user.ts +0 -381
- package/server/service/users-auth-providers/index.ts +0 -5
- package/server/service/users-auth-providers/users-auth-providers.ts +0 -71
- package/server/service/verification-token/index.ts +0 -3
- package/server/service/verification-token/verification-token.ts +0 -60
- package/server/service/web-auth-credential/index.ts +0 -3
- package/server/service/web-auth-credential/web-auth-credential.ts +0 -67
- package/server/templates/account-unlock-email.ts +0 -65
- package/server/templates/invitation-email.ts +0 -66
- package/server/templates/reset-password-email.ts +0 -65
- package/server/templates/verification-email.ts +0 -66
- package/server/types.ts +0 -21
- package/server/utils/accepts.ts +0 -11
- package/server/utils/access-token-cookie.ts +0 -61
- package/server/utils/check-permission.ts +0 -52
- package/server/utils/check-user-belongs-domain.ts +0 -19
- package/server/utils/check-user-has-role.ts +0 -29
- package/server/utils/encrypt-state.ts +0 -22
- package/server/utils/get-aes-256-key.ts +0 -13
- package/server/utils/get-domain-from-hostname.ts +0 -7
- package/server/utils/get-domain-users.ts +0 -38
- package/server/utils/get-secret.ts +0 -13
- package/server/utils/get-user-domains.ts +0 -112
|
@@ -1,109 +0,0 @@
|
|
|
1
|
-
import { Arg, Ctx, Directive, Mutation, Resolver } from 'type-graphql'
|
|
2
|
-
|
|
3
|
-
import { getRepository } from '@things-factory/shell'
|
|
4
|
-
|
|
5
|
-
import { Privilege } from '../privilege/privilege'
|
|
6
|
-
import { User } from '../user/user'
|
|
7
|
-
import { Role } from './role'
|
|
8
|
-
import { NewRole, RolePatch } from './role-types'
|
|
9
|
-
|
|
10
|
-
@Resolver(Role)
|
|
11
|
-
export class RoleMutation {
|
|
12
|
-
@Directive('@privilege(category: "user", privilege: "mutation", domainOwnerGranted: true)')
|
|
13
|
-
@Mutation(returns => User, { description: 'To create new user' })
|
|
14
|
-
async createRole(@Arg('role') role: NewRole, @Ctx() context: ResolverContext): Promise<Role> {
|
|
15
|
-
const { domain, user } = context.state
|
|
16
|
-
const roleName = role.name.trim()
|
|
17
|
-
|
|
18
|
-
const existsRole: Role = await getRepository(Role).findOne({ where: { name: roleName, domain: { id: domain.id } } })
|
|
19
|
-
|
|
20
|
-
if (existsRole) {
|
|
21
|
-
throw new Error('role name is duplicated')
|
|
22
|
-
}
|
|
23
|
-
|
|
24
|
-
if (role.privileges && role.privileges.length) {
|
|
25
|
-
role.privileges = await getRepository(Privilege).findByIds(role.privileges.map(privilege => privilege.id))
|
|
26
|
-
}
|
|
27
|
-
|
|
28
|
-
if (role.users && role.users.length) {
|
|
29
|
-
role.users = await getRepository(User).findByIds(role.users.map(user => user.id))
|
|
30
|
-
}
|
|
31
|
-
|
|
32
|
-
return await getRepository(Role).save({
|
|
33
|
-
domain,
|
|
34
|
-
updater: user,
|
|
35
|
-
creator: user,
|
|
36
|
-
...role
|
|
37
|
-
})
|
|
38
|
-
}
|
|
39
|
-
|
|
40
|
-
@Directive('@privilege(category: "user", privilege: "mutation", domainOwnerGranted: true)')
|
|
41
|
-
@Mutation(returns => Role, { description: 'To modify role information' })
|
|
42
|
-
async updateRole(
|
|
43
|
-
@Arg('id') id: string,
|
|
44
|
-
@Arg('patch') patch: RolePatch,
|
|
45
|
-
@Ctx() context: ResolverContext
|
|
46
|
-
): Promise<Role> {
|
|
47
|
-
const { domain, user } = context.state
|
|
48
|
-
const { name, description, privileges } = patch
|
|
49
|
-
const roleRepository = getRepository(Role)
|
|
50
|
-
const role: Role = await roleRepository.findOne({
|
|
51
|
-
where: { domain: { id: domain.id }, id },
|
|
52
|
-
relations: ['privileges', 'creator', 'updater']
|
|
53
|
-
})
|
|
54
|
-
|
|
55
|
-
if (name && role.name !== name) {
|
|
56
|
-
const roleName = name.trim()
|
|
57
|
-
const existsRole: Role = await roleRepository.findOne({ where: { name: roleName, domain: { id: domain.id } } })
|
|
58
|
-
if (existsRole) {
|
|
59
|
-
throw new Error('role name is duplicated')
|
|
60
|
-
}
|
|
61
|
-
|
|
62
|
-
role.name = roleName
|
|
63
|
-
}
|
|
64
|
-
|
|
65
|
-
if (description) {
|
|
66
|
-
role.description = description
|
|
67
|
-
}
|
|
68
|
-
|
|
69
|
-
return await roleRepository.save({
|
|
70
|
-
...role,
|
|
71
|
-
...patch,
|
|
72
|
-
privileges: await getRepository(Privilege).findByIds(
|
|
73
|
-
patch.privileges.map((privilege: Privilege) => privilege.id)
|
|
74
|
-
),
|
|
75
|
-
updater: user
|
|
76
|
-
} as any)
|
|
77
|
-
}
|
|
78
|
-
|
|
79
|
-
@Directive('@privilege(category: "user", privilege: "mutation")')
|
|
80
|
-
@Directive('@transaction')
|
|
81
|
-
@Mutation(returns => Boolean, { description: 'To delete role' })
|
|
82
|
-
async deleteRole(@Arg('id') id: string, @Ctx() context: ResolverContext): Promise<Boolean> {
|
|
83
|
-
const { tx, domain } = context.state
|
|
84
|
-
let role: Role = await tx
|
|
85
|
-
.getRepository(Role)
|
|
86
|
-
.findOne({ where: { domain: { id: domain.id }, id }, relations: ['users', 'privileges'] })
|
|
87
|
-
|
|
88
|
-
try {
|
|
89
|
-
if (role.users.length) throw new Error('cannot delete role because it is currently in use')
|
|
90
|
-
|
|
91
|
-
role.privileges = []
|
|
92
|
-
|
|
93
|
-
role = await tx.getRepository(Role).save(role)
|
|
94
|
-
|
|
95
|
-
await tx.getRepository(Role).delete(role.id)
|
|
96
|
-
|
|
97
|
-
return true
|
|
98
|
-
} catch (e) {
|
|
99
|
-
context.throw(401, 'cannot delete role because it is currently in use')
|
|
100
|
-
}
|
|
101
|
-
}
|
|
102
|
-
|
|
103
|
-
@Directive('@privilege(category: "user", privilege: "mutation", domainOwnerGranted: true)')
|
|
104
|
-
@Mutation(returns => Boolean, { description: 'To delete multiple roles' })
|
|
105
|
-
async deleteRoles(@Arg('ids', type => [String]) ids: string[], @Ctx() _context: any) {
|
|
106
|
-
await getRepository(Role).delete(ids)
|
|
107
|
-
return true
|
|
108
|
-
}
|
|
109
|
-
}
|
|
@@ -1,155 +0,0 @@
|
|
|
1
|
-
import { In } from 'typeorm'
|
|
2
|
-
import { Arg, Args, Ctx, Directive, FieldResolver, Query, Resolver, Root } from 'type-graphql'
|
|
3
|
-
import { SelectQueryBuilder } from 'typeorm'
|
|
4
|
-
|
|
5
|
-
import { config } from '@things-factory/env'
|
|
6
|
-
import { Domain, getQueryBuilderFromListParams, getRepository, ListParam } from '@things-factory/shell'
|
|
7
|
-
|
|
8
|
-
import { Privilege } from '../privilege/privilege'
|
|
9
|
-
import { User } from '../user/user'
|
|
10
|
-
import { Role } from './role'
|
|
11
|
-
import { RoleList, RolePrivilege, UserRole } from './role-types'
|
|
12
|
-
|
|
13
|
-
@Resolver(Role)
|
|
14
|
-
export class RoleQuery {
|
|
15
|
-
@Directive('@privilege(category: "user", privilege: "query", domainOwnerGranted: true, superUserGranted: true)')
|
|
16
|
-
@Query(returns => Role, { description: 'To fetch role' })
|
|
17
|
-
async role(@Arg('name') name: string, @Ctx() context: ResolverContext): Promise<Role> {
|
|
18
|
-
const { domain } = context.state
|
|
19
|
-
return await getRepository(Role).findOneBy({
|
|
20
|
-
domain: { id: In([domain.id, domain.parentId].filter(Boolean)) },
|
|
21
|
-
name
|
|
22
|
-
})
|
|
23
|
-
}
|
|
24
|
-
|
|
25
|
-
@Directive('@privilege(category: "user", privilege: "query", domainOwnerGranted: true, superUserGranted: true)')
|
|
26
|
-
@Query(returns => RoleList, { description: 'To fetch multiple users' })
|
|
27
|
-
async roles(@Args(type => ListParam) params: ListParam, @Ctx() context: ResolverContext): Promise<RoleList> {
|
|
28
|
-
const { domain } = context.state
|
|
29
|
-
|
|
30
|
-
const [items, total] = await getQueryBuilderFromListParams({
|
|
31
|
-
repository: getRepository(Role),
|
|
32
|
-
params,
|
|
33
|
-
domain,
|
|
34
|
-
searchables: ['name', 'description']
|
|
35
|
-
}).getManyAndCount()
|
|
36
|
-
|
|
37
|
-
return { items, total }
|
|
38
|
-
}
|
|
39
|
-
|
|
40
|
-
@Directive('@privilege(category: "user", privilege: "query", domainOwnerGranted: true, superUserGranted: true)')
|
|
41
|
-
@Query(returns => [RolePrivilege], { description: 'To fetch privileges of a role' })
|
|
42
|
-
async rolePrivileges(@Arg('roleId') roleId: string, @Ctx() context: ResolverContext): Promise<RolePrivilege[]> {
|
|
43
|
-
const rolePrivileges = await getRepository(Privilege).query(
|
|
44
|
-
`
|
|
45
|
-
SELECT
|
|
46
|
-
id,
|
|
47
|
-
name,
|
|
48
|
-
category,
|
|
49
|
-
description,
|
|
50
|
-
CASE WHEN id IN (
|
|
51
|
-
SELECT
|
|
52
|
-
P.id
|
|
53
|
-
FROM
|
|
54
|
-
privileges P JOIN roles_privileges RP
|
|
55
|
-
ON
|
|
56
|
-
P.id = RP.privileges_id
|
|
57
|
-
WHERE
|
|
58
|
-
RP.roles_id = '${roleId}'
|
|
59
|
-
) THEN true
|
|
60
|
-
ELSE false
|
|
61
|
-
END AS assigned
|
|
62
|
-
FROM
|
|
63
|
-
privileges
|
|
64
|
-
`
|
|
65
|
-
)
|
|
66
|
-
|
|
67
|
-
return rolePrivileges
|
|
68
|
-
}
|
|
69
|
-
|
|
70
|
-
@Directive('@privilege(category: "user", privilege: "query", domainOwnerGranted: true, superUserGranted: true)')
|
|
71
|
-
@Query(returns => [UserRole], { description: 'To fetch roles of a user' })
|
|
72
|
-
async userRoles(@Arg('userId') userId: string, @Ctx() context: ResolverContext): Promise<UserRole[]> {
|
|
73
|
-
const userRoles = await getRepository(Role).query(
|
|
74
|
-
`
|
|
75
|
-
SELECT
|
|
76
|
-
id,
|
|
77
|
-
name,
|
|
78
|
-
description,
|
|
79
|
-
CASE WHEN id IN (
|
|
80
|
-
SELECT
|
|
81
|
-
R.id
|
|
82
|
-
FROM
|
|
83
|
-
roles R JOIN users_roles UR
|
|
84
|
-
ON
|
|
85
|
-
R.id = UR.roles_id
|
|
86
|
-
WHERE
|
|
87
|
-
UR.users_id = '${userId}'
|
|
88
|
-
) THEN true
|
|
89
|
-
ELSE false
|
|
90
|
-
END AS assigned
|
|
91
|
-
FROM
|
|
92
|
-
roles
|
|
93
|
-
`
|
|
94
|
-
)
|
|
95
|
-
|
|
96
|
-
return userRoles
|
|
97
|
-
}
|
|
98
|
-
|
|
99
|
-
@Query(returns => [Role], { description: 'To fetch roles of current user' })
|
|
100
|
-
async myRoles(@Ctx() context: ResolverContext): Promise<Role[]> {
|
|
101
|
-
const { user, domain } = context.state
|
|
102
|
-
|
|
103
|
-
const qb: SelectQueryBuilder<User> = await getRepository(User).createQueryBuilder('USER')
|
|
104
|
-
const { roles }: User = await qb
|
|
105
|
-
.leftJoinAndSelect('USER.roles', 'ROLE')
|
|
106
|
-
.leftJoin('ROLE.domain', 'ROLE_DOMAIN')
|
|
107
|
-
.where('USER.id = :userId', { userId: user.id })
|
|
108
|
-
.andWhere('ROLE_DOMAIN.id In(:...domainIds)', { domainIds: [domain.id, domain.parentId].filter(Boolean) })
|
|
109
|
-
.getOne()
|
|
110
|
-
|
|
111
|
-
return roles || []
|
|
112
|
-
}
|
|
113
|
-
|
|
114
|
-
@Query(returns => [Role], { description: 'To fetch the preset of role for new user' })
|
|
115
|
-
async checkRolePreset(@Ctx() context: ResolverContext): Promise<Role[]> {
|
|
116
|
-
const rolePreset = config.get('rolePreset') || []
|
|
117
|
-
|
|
118
|
-
return rolePreset
|
|
119
|
-
}
|
|
120
|
-
|
|
121
|
-
@FieldResolver(type => Domain)
|
|
122
|
-
async domain(@Root() role: Role) {
|
|
123
|
-
return await getRepository(Domain).findOneBy({ id: role.domainId })
|
|
124
|
-
}
|
|
125
|
-
|
|
126
|
-
@FieldResolver(type => [User])
|
|
127
|
-
async users(@Root() role: Role) {
|
|
128
|
-
return (
|
|
129
|
-
await getRepository(Role).findOne({
|
|
130
|
-
where: { id: role.id },
|
|
131
|
-
relations: ['users']
|
|
132
|
-
})
|
|
133
|
-
).users
|
|
134
|
-
}
|
|
135
|
-
|
|
136
|
-
@FieldResolver(type => [Privilege])
|
|
137
|
-
async privileges(@Root() role: Role) {
|
|
138
|
-
return (
|
|
139
|
-
await getRepository(Role).findOne({
|
|
140
|
-
where: { id: role.id },
|
|
141
|
-
relations: ['privileges']
|
|
142
|
-
})
|
|
143
|
-
).privileges
|
|
144
|
-
}
|
|
145
|
-
|
|
146
|
-
@FieldResolver(type => User)
|
|
147
|
-
async updater(@Root() role: Role): Promise<User> {
|
|
148
|
-
return await getRepository(User).findOneBy({ id: role.updaterId })
|
|
149
|
-
}
|
|
150
|
-
|
|
151
|
-
@FieldResolver(type => User)
|
|
152
|
-
async creator(@Root() role: Role): Promise<User> {
|
|
153
|
-
return await getRepository(User).findOneBy({ id: role.creatorId })
|
|
154
|
-
}
|
|
155
|
-
}
|
|
@@ -1,81 +0,0 @@
|
|
|
1
|
-
import { ObjectType, InputType, Field, Int } from 'type-graphql'
|
|
2
|
-
import { ObjectRef } from '@things-factory/shell'
|
|
3
|
-
import { Role } from './role'
|
|
4
|
-
|
|
5
|
-
@InputType()
|
|
6
|
-
export class NewRole {
|
|
7
|
-
@Field()
|
|
8
|
-
name: string
|
|
9
|
-
|
|
10
|
-
@Field({ nullable: true })
|
|
11
|
-
description?: string
|
|
12
|
-
|
|
13
|
-
@Field(type => [ObjectRef], { nullable: true })
|
|
14
|
-
users?: ObjectRef[]
|
|
15
|
-
|
|
16
|
-
@Field(type => [ObjectRef], { nullable: true })
|
|
17
|
-
privileges?: ObjectRef[]
|
|
18
|
-
}
|
|
19
|
-
|
|
20
|
-
@InputType()
|
|
21
|
-
export class RolePatch {
|
|
22
|
-
@Field({ nullable: true })
|
|
23
|
-
id?: string
|
|
24
|
-
|
|
25
|
-
@Field({ nullable: true })
|
|
26
|
-
name?: string
|
|
27
|
-
|
|
28
|
-
@Field({ nullable: true })
|
|
29
|
-
description?: string
|
|
30
|
-
|
|
31
|
-
@Field(type => [ObjectRef], { nullable: true })
|
|
32
|
-
users?: ObjectRef[]
|
|
33
|
-
|
|
34
|
-
@Field(type => [ObjectRef], { nullable: true })
|
|
35
|
-
privileges?: ObjectRef[]
|
|
36
|
-
|
|
37
|
-
@Field({ nullable: true })
|
|
38
|
-
cuFlag?: string
|
|
39
|
-
}
|
|
40
|
-
|
|
41
|
-
@ObjectType()
|
|
42
|
-
export class RoleList {
|
|
43
|
-
@Field(type => [Role], { nullable: true })
|
|
44
|
-
items?: Role[]
|
|
45
|
-
|
|
46
|
-
@Field(type => Int, { nullable: true })
|
|
47
|
-
total?: number
|
|
48
|
-
}
|
|
49
|
-
|
|
50
|
-
@ObjectType()
|
|
51
|
-
export class RolePrivilege {
|
|
52
|
-
@Field({ nullable: true })
|
|
53
|
-
id?: string
|
|
54
|
-
|
|
55
|
-
@Field({ nullable: true })
|
|
56
|
-
name?: string
|
|
57
|
-
|
|
58
|
-
@Field({ nullable: true })
|
|
59
|
-
category?: string
|
|
60
|
-
|
|
61
|
-
@Field({ nullable: true })
|
|
62
|
-
description?: string
|
|
63
|
-
|
|
64
|
-
@Field({ nullable: true })
|
|
65
|
-
assigned?: boolean
|
|
66
|
-
}
|
|
67
|
-
|
|
68
|
-
@ObjectType()
|
|
69
|
-
export class UserRole {
|
|
70
|
-
@Field({ nullable: true })
|
|
71
|
-
id?: string
|
|
72
|
-
|
|
73
|
-
@Field({ nullable: true })
|
|
74
|
-
name?: string
|
|
75
|
-
|
|
76
|
-
@Field({ nullable: true })
|
|
77
|
-
description?: string
|
|
78
|
-
|
|
79
|
-
@Field({ nullable: true })
|
|
80
|
-
assigned?: boolean
|
|
81
|
-
}
|
|
@@ -1,72 +0,0 @@
|
|
|
1
|
-
import { Domain } from '@things-factory/shell'
|
|
2
|
-
import {
|
|
3
|
-
Column,
|
|
4
|
-
CreateDateColumn,
|
|
5
|
-
Entity,
|
|
6
|
-
Index,
|
|
7
|
-
JoinTable,
|
|
8
|
-
ManyToMany,
|
|
9
|
-
ManyToOne,
|
|
10
|
-
RelationId,
|
|
11
|
-
PrimaryGeneratedColumn,
|
|
12
|
-
UpdateDateColumn
|
|
13
|
-
} from 'typeorm'
|
|
14
|
-
import { ObjectType, Field, ID } from 'type-graphql'
|
|
15
|
-
import { Privilege } from '../privilege/privilege'
|
|
16
|
-
import { User } from '../user/user'
|
|
17
|
-
|
|
18
|
-
@Entity()
|
|
19
|
-
@Index('ix_role_0', (role: Role) => [role.name, role.domain], { unique: true })
|
|
20
|
-
@ObjectType()
|
|
21
|
-
export class Role {
|
|
22
|
-
@PrimaryGeneratedColumn('uuid')
|
|
23
|
-
@Field(type => ID)
|
|
24
|
-
readonly id: string
|
|
25
|
-
|
|
26
|
-
@ManyToOne(type => Domain)
|
|
27
|
-
@Field(type => Domain)
|
|
28
|
-
domain?: Domain
|
|
29
|
-
|
|
30
|
-
@RelationId((role: Role) => role.domain)
|
|
31
|
-
domainId: string
|
|
32
|
-
|
|
33
|
-
@Column()
|
|
34
|
-
@Field({ nullable: true })
|
|
35
|
-
name: string
|
|
36
|
-
|
|
37
|
-
@ManyToMany(type => User, user => user.roles)
|
|
38
|
-
@Field(type => [User], { nullable: true })
|
|
39
|
-
users: User[]
|
|
40
|
-
|
|
41
|
-
@ManyToMany(type => Privilege, privilege => privilege.roles)
|
|
42
|
-
@Field(type => [Privilege], { nullable: true })
|
|
43
|
-
privileges: Privilege[]
|
|
44
|
-
|
|
45
|
-
@Column({
|
|
46
|
-
nullable: true
|
|
47
|
-
})
|
|
48
|
-
@Field({ nullable: true })
|
|
49
|
-
description: string
|
|
50
|
-
|
|
51
|
-
@ManyToOne(type => User, { nullable: true })
|
|
52
|
-
@Field(type => User, { nullable: true })
|
|
53
|
-
creator: User
|
|
54
|
-
|
|
55
|
-
@RelationId((role: Role) => role.creator)
|
|
56
|
-
creatorId: string
|
|
57
|
-
|
|
58
|
-
@ManyToOne(type => User, { nullable: true })
|
|
59
|
-
@Field(type => User, { nullable: true })
|
|
60
|
-
updater: User
|
|
61
|
-
|
|
62
|
-
@RelationId((role: Role) => role.updater)
|
|
63
|
-
updaterId: string
|
|
64
|
-
|
|
65
|
-
@CreateDateColumn()
|
|
66
|
-
@Field({ nullable: true })
|
|
67
|
-
createdAt: Date
|
|
68
|
-
|
|
69
|
-
@UpdateDateColumn()
|
|
70
|
-
@Field({ nullable: true })
|
|
71
|
-
updatedAt: Date
|
|
72
|
-
}
|
|
@@ -1,24 +0,0 @@
|
|
|
1
|
-
import { FieldResolver, Resolver, Root } from 'type-graphql'
|
|
2
|
-
|
|
3
|
-
import { Domain, getRepository } from '@things-factory/shell'
|
|
4
|
-
import { User } from './user'
|
|
5
|
-
|
|
6
|
-
@Resolver(Domain)
|
|
7
|
-
export class DomainQuery {
|
|
8
|
-
@FieldResolver(type => User, { nullable: true })
|
|
9
|
-
async ownerUser(@Root() domain: Domain): Promise<User | null> {
|
|
10
|
-
if (!domain.owner) {
|
|
11
|
-
return
|
|
12
|
-
}
|
|
13
|
-
|
|
14
|
-
const owner = await getRepository(User).findOne({
|
|
15
|
-
where: { id: domain.owner }
|
|
16
|
-
})
|
|
17
|
-
|
|
18
|
-
if (owner && owner.userType !== 'user' && owner.userType !== 'admin') {
|
|
19
|
-
throw 'the type of the given user is not suitable for a owner of a domain'
|
|
20
|
-
}
|
|
21
|
-
|
|
22
|
-
return owner
|
|
23
|
-
}
|
|
24
|
-
}
|
|
@@ -1,7 +0,0 @@
|
|
|
1
|
-
import { User } from './user'
|
|
2
|
-
import { UserQuery } from './user-query'
|
|
3
|
-
import { UserMutation } from './user-mutation'
|
|
4
|
-
import { DomainQuery } from './domain-query'
|
|
5
|
-
|
|
6
|
-
export const entities = [User]
|
|
7
|
-
export const resolvers = [UserQuery, UserMutation, DomainQuery]
|