npm - @things-factory/auth-base - Versions diffs - 8.0.0-beta.8 → 8.0.0 - Mend

@things-factory/auth-base 8.0.0-beta.8 → 8.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (212) hide show

package/client/actions/auth.ts +24 -0
package/client/auth.ts +272 -0
package/client/bootstrap.ts +47 -0
package/client/directive/privileged.ts +28 -0
package/client/index.ts +3 -0
package/client/profiled.ts +83 -0
package/client/reducers/auth.ts +31 -0
package/dist-client/index.d.ts +0 -1
package/dist-client/index.js +0 -1
package/dist-client/index.js.map +1 -1
package/dist-client/tsconfig.tsbuildinfo +1 -1
package/dist-server/constants/error-code.d.ts +0 -2
package/dist-server/constants/error-code.js +1 -3
package/dist-server/constants/error-code.js.map +1 -1
package/dist-server/controllers/change-pwd.js +2 -2
package/dist-server/controllers/change-pwd.js.map +1 -1
package/dist-server/controllers/delete-user.js +12 -13
package/dist-server/controllers/delete-user.js.map +1 -1
package/dist-server/controllers/invitation.d.ts +1 -2
package/dist-server/controllers/invitation.js +5 -30
package/dist-server/controllers/invitation.js.map +1 -1
package/dist-server/controllers/profile.d.ts +3 -4
package/dist-server/controllers/profile.js +2 -20
package/dist-server/controllers/profile.js.map +1 -1
package/dist-server/controllers/signin.d.ts +1 -4
package/dist-server/controllers/signin.js +1 -17
package/dist-server/controllers/signin.js.map +1 -1
package/dist-server/controllers/signup.js +4 -13
package/dist-server/controllers/signup.js.map +1 -1
package/dist-server/controllers/unlock-user.js +0 -1
package/dist-server/controllers/unlock-user.js.map +1 -1
package/dist-server/controllers/verification.js +0 -1
package/dist-server/controllers/verification.js.map +1 -1
package/dist-server/middlewares/signin-middleware.js +4 -9
package/dist-server/middlewares/signin-middleware.js.map +1 -1
package/dist-server/middlewares/webauthn-middleware.js.map +1 -1
package/dist-server/migrations/1548206416130-SeedUser.js +1 -2
package/dist-server/migrations/1548206416130-SeedUser.js.map +1 -1
package/dist-server/router/auth-checkin-router.js +2 -8
package/dist-server/router/auth-checkin-router.js.map +1 -1
package/dist-server/router/auth-private-process-router.js +7 -12
package/dist-server/router/auth-private-process-router.js.map +1 -1
package/dist-server/router/auth-public-process-router.js +9 -20
package/dist-server/router/auth-public-process-router.js.map +1 -1
package/dist-server/router/auth-signin-router.js +3 -3
package/dist-server/router/auth-signin-router.js.map +1 -1
package/dist-server/router/webauthn-router.js +1 -51
package/dist-server/router/webauthn-router.js.map +1 -1
package/dist-server/service/invitation/invitation-mutation.d.ts +2 -3
package/dist-server/service/invitation/invitation-mutation.js +8 -20
package/dist-server/service/invitation/invitation-mutation.js.map +1 -1
package/dist-server/service/user/user-mutation.d.ts +9 -10
package/dist-server/service/user/user-mutation.js +54 -112
package/dist-server/service/user/user-mutation.js.map +1 -1
package/dist-server/service/user/user-types.d.ts +0 -1
package/dist-server/service/user/user-types.js +0 -4
package/dist-server/service/user/user-types.js.map +1 -1
package/dist-server/service/user/user.d.ts +0 -1
package/dist-server/service/user/user.js +14 -40
package/dist-server/service/user/user.js.map +1 -1
package/dist-server/templates/account-unlock-email.d.ts +1 -2
package/dist-server/templates/account-unlock-email.js +1 -1
package/dist-server/templates/account-unlock-email.js.map +1 -1
package/dist-server/templates/invitation-email.d.ts +1 -2
package/dist-server/templates/invitation-email.js +1 -1
package/dist-server/templates/invitation-email.js.map +1 -1
package/dist-server/templates/verification-email.d.ts +1 -2
package/dist-server/templates/verification-email.js +1 -1
package/dist-server/templates/verification-email.js.map +1 -1
package/dist-server/tsconfig.tsbuildinfo +1 -1
package/package.json +6 -6
package/server/constants/error-code.ts +20 -0
package/server/constants/error-message.ts +0 -0
package/server/constants/max-age.ts +1 -0
package/server/controllers/auth.ts +5 -0
package/server/controllers/change-pwd.ts +99 -0
package/server/controllers/checkin.ts +21 -0
package/server/controllers/delete-user.ts +68 -0
package/server/controllers/invitation.ts +132 -0
package/server/controllers/profile.ts +28 -0
package/server/controllers/reset-password.ts +126 -0
package/server/controllers/signin.ts +79 -0
package/server/controllers/signup.ts +60 -0
package/server/controllers/unlock-user.ts +61 -0
package/server/controllers/utils/make-invitation-token.ts +5 -0
package/server/controllers/utils/make-verification-token.ts +4 -0
package/server/controllers/utils/password-rule.ts +120 -0
package/server/controllers/utils/save-invitation-token.ts +10 -0
package/server/controllers/utils/save-verification-token.ts +12 -0
package/server/controllers/verification.ts +83 -0
package/server/errors/auth-error.ts +24 -0
package/server/errors/index.ts +2 -0
package/server/errors/user-domain-not-match-error.ts +29 -0
package/server/index.ts +37 -0
package/server/middlewares/authenticate-401-middleware.ts +114 -0
package/server/middlewares/domain-authenticate-middleware.ts +78 -0
package/server/middlewares/graphql-authenticate-middleware.ts +13 -0
package/server/middlewares/index.ts +67 -0
package/server/middlewares/jwt-authenticate-middleware.ts +84 -0
package/server/middlewares/signin-middleware.ts +55 -0
package/server/middlewares/webauthn-middleware.ts +127 -0
package/server/migrations/1548206416130-SeedUser.ts +59 -0
package/server/migrations/1566805283882-SeedPrivilege.ts +28 -0
package/server/migrations/index.ts +9 -0
package/server/router/auth-checkin-router.ts +107 -0
package/server/router/auth-private-process-router.ts +107 -0
package/server/router/auth-public-process-router.ts +302 -0
package/server/router/auth-signin-router.ts +55 -0
package/server/router/auth-signup-router.ts +95 -0
package/server/router/index.ts +9 -0
package/server/router/oauth2/index.ts +2 -0
package/server/router/oauth2/oauth2-authorize-router.ts +81 -0
package/server/router/oauth2/oauth2-router.ts +165 -0
package/server/router/oauth2/oauth2-server.ts +262 -0
package/server/router/oauth2/passport-oauth2-client-password.ts +87 -0
package/server/router/oauth2/passport-refresh-token.ts +87 -0
package/server/router/path-base-domain-router.ts +8 -0
package/server/router/site-root-router.ts +48 -0
package/server/router/webauthn-router.ts +87 -0
package/server/routes.ts +80 -0
package/server/service/app-binding/app-binding-mutation.ts +22 -0
package/server/service/app-binding/app-binding-query.ts +92 -0
package/server/service/app-binding/app-binding-types.ts +11 -0
package/server/service/app-binding/app-binding.ts +17 -0
package/server/service/app-binding/index.ts +4 -0
package/server/service/appliance/appliance-mutation.ts +113 -0
package/server/service/appliance/appliance-query.ts +76 -0
package/server/service/appliance/appliance-types.ts +56 -0
package/server/service/appliance/appliance.ts +133 -0
package/server/service/appliance/index.ts +6 -0
package/server/service/application/application-mutation.ts +104 -0
package/server/service/application/application-query.ts +98 -0
package/server/service/application/application-types.ts +76 -0
package/server/service/application/application.ts +216 -0
package/server/service/application/index.ts +6 -0
package/server/service/auth-provider/auth-provider-mutation.ts +159 -0
package/server/service/auth-provider/auth-provider-parameter-spec.ts +24 -0
package/server/service/auth-provider/auth-provider-query.ts +88 -0
package/server/service/auth-provider/auth-provider-type.ts +67 -0
package/server/service/auth-provider/auth-provider.ts +155 -0
package/server/service/auth-provider/index.ts +7 -0
package/server/service/domain-generator/domain-generator-mutation.ts +117 -0
package/server/service/domain-generator/domain-generator-types.ts +46 -0
package/server/service/domain-generator/index.ts +3 -0
package/server/service/granted-role/granted-role-mutation.ts +156 -0
package/server/service/granted-role/granted-role-query.ts +60 -0
package/server/service/granted-role/granted-role.ts +27 -0
package/server/service/granted-role/index.ts +6 -0
package/server/service/index.ts +90 -0
package/server/service/invitation/index.ts +6 -0
package/server/service/invitation/invitation-mutation.ts +63 -0
package/server/service/invitation/invitation-query.ts +33 -0
package/server/service/invitation/invitation-types.ts +11 -0
package/server/service/invitation/invitation.ts +63 -0
package/server/service/login-history/index.ts +5 -0
package/server/service/login-history/login-history-query.ts +51 -0
package/server/service/login-history/login-history-type.ts +12 -0
package/server/service/login-history/login-history.ts +45 -0
package/server/service/partner/index.ts +6 -0
package/server/service/partner/partner-mutation.ts +61 -0
package/server/service/partner/partner-query.ts +102 -0
package/server/service/partner/partner-types.ts +11 -0
package/server/service/partner/partner.ts +57 -0
package/server/service/password-history/index.ts +3 -0
package/server/service/password-history/password-history.ts +16 -0
package/server/service/privilege/index.ts +6 -0
package/server/service/privilege/privilege-directive.ts +77 -0
package/server/service/privilege/privilege-mutation.ts +92 -0
package/server/service/privilege/privilege-query.ts +94 -0
package/server/service/privilege/privilege-types.ts +60 -0
package/server/service/privilege/privilege.ts +102 -0
package/server/service/role/index.ts +6 -0
package/server/service/role/role-mutation.ts +109 -0
package/server/service/role/role-query.ts +155 -0
package/server/service/role/role-types.ts +81 -0
package/server/service/role/role.ts +72 -0
package/server/service/user/domain-query.ts +24 -0
package/server/service/user/index.ts +7 -0
package/server/service/user/user-mutation.ts +413 -0
package/server/service/user/user-query.ts +145 -0
package/server/service/user/user-types.ts +97 -0
package/server/service/user/user.ts +354 -0
package/server/service/users-auth-providers/index.ts +5 -0
package/server/service/users-auth-providers/users-auth-providers.ts +71 -0
package/server/service/verification-token/index.ts +3 -0
package/server/service/verification-token/verification-token.ts +60 -0
package/server/service/web-auth-credential/index.ts +3 -0
package/server/service/web-auth-credential/web-auth-credential.ts +67 -0
package/server/templates/account-unlock-email.ts +65 -0
package/server/templates/invitation-email.ts +66 -0
package/server/templates/reset-password-email.ts +65 -0
package/server/templates/verification-email.ts +66 -0
package/server/types.ts +21 -0
package/server/utils/accepts.ts +11 -0
package/server/utils/access-token-cookie.ts +61 -0
package/server/utils/check-permission.ts +52 -0
package/server/utils/check-user-belongs-domain.ts +19 -0
package/server/utils/check-user-has-role.ts +29 -0
package/server/utils/encrypt-state.ts +22 -0
package/server/utils/get-aes-256-key.ts +13 -0
package/server/utils/get-domain-from-hostname.ts +7 -0
package/server/utils/get-domain-users.ts +38 -0
package/server/utils/get-secret.ts +13 -0
package/server/utils/get-user-domains.ts +112 -0
package/translations/en.json +1 -5
package/translations/ja.json +1 -5
package/translations/ko.json +3 -6
package/translations/ms.json +1 -5
package/translations/zh.json +1 -5
package/dist-client/verify-webauthn.d.ts +0 -13
package/dist-client/verify-webauthn.js +0 -72
package/dist-client/verify-webauthn.js.map +0 -1

package/server/service/granted-role/granted-role-mutation.ts ADDED Viewed

@@ -0,0 +1,156 @@
+import { Arg, Ctx, Directive, Mutation, Resolver } from 'type-graphql'
+import { EntityManager, In, Not, Repository } from 'typeorm'
+import { Domain, getRepository } from '@things-factory/shell'
+import { Partner } from '../partner/partner'
+import { Role } from '../role/role'
+import { RolePatch } from '../role/role-types'
+import { User } from '../user/user'
+import { GrantedRole } from './granted-role'
+@Resolver(GrantedRole)
+export class GrantedRoleMutation {
+  @Directive('@privilege(category: "partner", privilege: "mutation")')
+  @Directive('@transaction')
+  @Mutation(returns => Boolean)
+  async grantRoles(
+    @Arg('customerId') customerId: string,
+    @Arg('roles', type => [RolePatch]) roles: RolePatch[],
+    @Ctx() context: ResolverContext
+  ): Promise<Boolean> {
+    const { tx, domain } = context.state
+    // Check if current domain has partnership with passed `customer`
+    const customerDomain: Domain = await tx.getRepository(Domain).findOneBy({ id: customerId })
+    const customer: Partner = await tx.getRepository(Partner).findOne({
+      where: { domain: { id: domain.id }, partnerDomain: { id: customerDomain.id } }
+    })
+    if (!customer) throw new Error(`Failed to find partnership with customer`)
+    // Remove existing granted roles
+    const grantedRoles: GrantedRole[] = await getGrantedRolesToCustomer(domain, customerDomain, tx)
+    if (grantedRoles.length) {
+      await tx.getRepository(GrantedRole).delete(grantedRoles.map((gr: GrantedRole) => gr.id))
+    }
+    // Insert newly granted roles
+    await tx.getRepository(Role).findBy({
+      id: In(roles.map((role: Partial<Role>) => role.id))
+    })
+    const newlyGrantedRoles: Partial<GrantedRole>[] = roles.map((role: Role) => {
+      return {
+        domain: customerDomain,
+        role
+      }
+    })
+    await tx.getRepository(GrantedRole).save(newlyGrantedRoles)
+    // If there's someone having role which will be removed (refuse roles)
+    // user roles should be removed as well
+    const grantedRoleIds: string[] = roles.map((role: Partial<Role>) => role.id)
+    const nonGrantedRoles: Role[] = await tx.getRepository(Role).find({
+      where: { domain: { id: domain.id }, id: Not(In(grantedRoleIds)) }
+    })
+    if (nonGrantedRoles?.length) {
+      // Find customer's user who has non granted roles already
+      const nonGrantedRoleIds: string[] = nonGrantedRoles.map((role: Role) => role.id)
+      let havingRefusedRoleCustomers: User[] = await getCustomerUsersByRoles(customerDomain, nonGrantedRoles, tx)
+      havingRefusedRoleCustomers = havingRefusedRoleCustomers.map((customerUser: User) => {
+        const customerDomains: Domain[] = customerUser.domains
+        const customerDomainIds: string[] = customerDomains.map((domain: Domain) => domain.id)
+        if (customerDomainIds.indexOf(domain.id) >= 0) {
+          // Case for customer user is a member of current domain.
+          // If user is a member of current domain user can have any roles of the domain even if the roles is not granted
+          return customerUser
+        } else {
+          // Case for customer user is an user of partner domain.
+          // An user of partner domain only can have granted roles
+          customerUser.roles = customerUser.roles.filter((role: Role) => nonGrantedRoleIds.indexOf(role.id) < 0)
+          return customerUser
+        }
+      })
+      await tx.getRepository(User).save(havingRefusedRoleCustomers)
+    }
+    return true
+  }
+}
+export async function getGrantedCustomerUsers(
+  domain: Domain,
+  customerDomain: Domain,
+  trx?: EntityManager
+): Promise<User[]> {
+  const grantedRoles: GrantedRole[] = await getGrantedRolesToCustomer(domain, customerDomain, trx)
+  const roles: Role[] = grantedRoles.map((grantedRole: GrantedRole) => grantedRole.role)
+  return await getCustomerUsersByRoles(customerDomain, roles, trx)
+}
+export async function getCustomerUsersByRoles(
+  customerDomain: Domain,
+  roles: Role[],
+  trx?: EntityManager
+): Promise<User[]> {
+  if (!roles.length) return []
+  const userRepo: Repository<User> = trx?.getRepository(User) || getRepository(User)
+  const customerUsers: User[] = await userRepo
+    .createQueryBuilder('USER')
+    .select('USER.id')
+    .distinct(true)
+    .leftJoin('USER.domains', 'U_DOMAIN')
+    .leftJoin('USER.roles', 'U_ROLE')
+    .where('U_DOMAIN.id = :customerDomainId', { customerDomainId: customerDomain.id })
+    .groupBy('USER.id')
+    .addGroupBy('U_ROLE.id')
+    .having('U_ROLE.id IN (:...roleIds)', {
+      roleIds: roles.map((role: Role) => role.id)
+    })
+    .getMany()
+  return await userRepo.find({
+    where: {
+      id: In(customerUsers.map((user: User) => user.id))
+    },
+    relations: ['domains', 'roles', 'roles.domain']
+  })
+}
+async function getGrantedRolesToCustomer(
+  domain: Domain,
+  customerDomain: Domain,
+  trx?: EntityManager
+): Promise<GrantedRole[]> {
+  const grantedRoleRepo: Repository<GrantedRole> = trx?.getRepository(GrantedRole) || getRepository(GrantedRole)
+  const grantedRoleQueryBuilder = grantedRoleRepo.createQueryBuilder('GRANTED_ROLE')
+  return await grantedRoleQueryBuilder
+    .leftJoinAndSelect('GRANTED_ROLE.domain', 'DOMAIN')
+    .leftJoinAndSelect('GRANTED_ROLE.role', 'ROLE')
+    .leftJoin('ROLE.domain', 'R_DOMAIN')
+    .where('R_DOMAIN.id = :domainId', { domainId: domain.id })
+    .andWhere('DOMAIN.id = :customerDomainId', { customerDomainId: customerDomain.id })
+    .getMany()
+}
+export async function terminateGrantedRoles(
+  domain: Domain,
+  customerDomain: Domain,
+  trx?: EntityManager
+): Promise<void> {
+  const userRepo: Repository<User> = trx?.getRepository(User) || getRepository(User)
+  const grantedRoleRepo: Repository<GrantedRole> = trx?.getRepository(GrantedRole) || getRepository(GrantedRole)
+  const grantedRoles: GrantedRole[] = await getGrantedRolesToCustomer(domain, customerDomain, trx)
+  const customerUsers: User[] = await getGrantedCustomerUsers(domain, customerDomain, trx)
+  for (let i: number = 0; i < customerUsers.length; i++) {
+    customerUsers[i].roles = customerUsers[i].roles.filter((role: Role) => role.domain.id !== domain.id)
+  }
+  if (customerUsers?.length) await userRepo.save(customerUsers)
+  if (grantedRoles?.length) await grantedRoleRepo.delete(grantedRoles.map((grantedRole: GrantedRole) => grantedRole.id))
+}

package/server/service/granted-role/granted-role-query.ts ADDED Viewed

@@ -0,0 +1,60 @@
+import { Arg, Ctx, Directive, FieldResolver, Query, Resolver, Root } from 'type-graphql'
+import { SelectQueryBuilder } from 'typeorm'
+import { Domain, getRepository } from '@things-factory/shell'
+import { Partner } from '../partner/partner'
+import { Role } from '../role/role'
+import { GrantedRole } from './granted-role'
+@Resolver(GrantedRole)
+export class GrantedRoleQuery {
+  @Directive('@privilege(category: "user", privilege: "query", domainOwnerGranted: true, superUserGranted: true)')
+  @Query(returns => [GrantedRole])
+  async grantedRoles(@Ctx() context: ResolverContext): Promise<GrantedRole[]> {
+    const { domain } = context.state
+    return await getRepository(GrantedRole).find({
+      where: { domain: { id: domain.id } }
+    })
+  }
+  /**
+   * @summary The role list that target customer being granted by domain.
+   *
+   * @param customerId
+   * @param context
+   * @returns
+   */
+  @Directive('@privilege(category: "user", privilege: "query", domainOwnerGranted: true)')
+  @Query(returns => [GrantedRole])
+  async grantingRoles(@Arg('customerId') customerId: string, @Ctx() context: ResolverContext): Promise<GrantedRole[]> {
+    const { domain } = context.state
+    const customerDomain: Domain = await getRepository(Domain).findOneBy({ id: customerId })
+    if (!customerDomain) throw new Error(`Failed to find customer by passed customerId (${customerId})`)
+    const hasPartnership: boolean = Boolean(
+      await getRepository(Partner).countBy({ domain: { id: domain.id }, partnerDomain: { id: customerDomain.id } })
+    )
+    if (!hasPartnership) throw new Error(`Company doesn't have partnership with ${customerDomain.name}`)
+    const qb: SelectQueryBuilder<GrantedRole> = getRepository(GrantedRole)
+      .createQueryBuilder('GRANTED_ROLE')
+      .leftJoin('GRANTED_ROLE.role', 'ROLE')
+      .where('GRANTED_ROLE.domain_id = :customerId', { customerId })
+      .andWhere('ROLE.domain_id = :domainId ', { domainId: domain.id })
+    return await qb.getMany()
+  }
+  @FieldResolver(type => Role)
+  async role(@Root() grantedRole: GrantedRole): Promise<Role> {
+    return await getRepository(Role).findOneBy({ id: grantedRole.roleId })
+  }
+  @FieldResolver(type => Domain)
+  async domain(@Root() grantedRole: GrantedRole): Promise<Domain> {
+    return await getRepository(Domain).findOneBy({ id: grantedRole.domainId })
+  }
+}

package/server/service/granted-role/granted-role.ts ADDED Viewed

@@ -0,0 +1,27 @@
+import { Domain } from '@things-factory/shell'
+import { Role } from '../role/role'
+import { ObjectType, Field, ID } from 'type-graphql'
+import { Entity, ManyToOne, PrimaryGeneratedColumn, Index, RelationId } from 'typeorm'
+@Entity()
+@Index('ix_granted_role_0', (grantedRole: GrantedRole) => [grantedRole.role, grantedRole.domain], { unique: true })
+@ObjectType()
+export class GrantedRole {
+  @PrimaryGeneratedColumn('uuid')
+  @Field(type => ID)
+  readonly id: string
+  @ManyToOne(type => Role)
+  @Field()
+  role: Role
+  @RelationId((grantedRole: GrantedRole) => grantedRole.role)
+  roleId: string
+  @ManyToOne(type => Domain)
+  @Field(type => Domain)
+  domain?: Domain
+  @RelationId((grantedRole: GrantedRole) => grantedRole.domain)
+  domainId: string
+}

package/server/service/granted-role/index.ts ADDED Viewed

@@ -0,0 +1,6 @@
+import { GrantedRole } from './granted-role'
+import { GrantedRoleQuery } from './granted-role-query'
+import { GrantedRoleMutation } from './granted-role-mutation'
+export const entities = [GrantedRole]
+export const resolvers = [GrantedRoleQuery, GrantedRoleMutation]

package/server/service/index.ts ADDED Viewed

@@ -0,0 +1,90 @@
+/* IMPORT ENTITIES AND RESOLVERS */
+import { entities as UsersAuthProvidersEntities, resolvers as UsersAuthProvidersResolvers } from './users-auth-providers'
+import { entities as AuthProviderEntities, resolvers as AuthProviderResolvers } from './auth-provider'
+import { resolvers as AppbindingResolver } from './app-binding'
+import { entities as ApplianceEntities, resolvers as ApplianceResolvers } from './appliance'
+import { entities as ApplicationEntities, resolvers as ApplicationResolvers } from './application'
+import { resolvers as DomainGeneratorResolver } from './domain-generator'
+import { entities as GrantedRoleEntities, resolvers as GrantedRoleResolver } from './granted-role'
+import { entities as InvitationEntities, resolvers as InvitationResolver } from './invitation'
+import { entities as LoginHistoryEntities, resolvers as LoginHistoryResolver } from './login-history'
+import { entities as PartnerEntities, resolvers as PartnerResolvers } from './partner'
+import { entities as PasswordHistoryEntities } from './password-history'
+import { entities as PrivilegeEntities, resolvers as PrivilegeResolvers } from './privilege'
+import { privilegeDirectiveResolver, privilegeDirectiveTypeDefs } from './privilege/privilege-directive'
+import { entities as RoleEntities, resolvers as RoleResolvers } from './role'
+import { entities as UserEntities, resolvers as UserResolvers } from './user'
+import { entities as VerificationTokenEntities } from './verification-token'
+import { entities as WebAuthCredentialEntities } from './web-auth-credential'
+/* EXPORT ENTITY TYPES */
+export * from './users-auth-providers/users-auth-providers'
+export * from './auth-provider/auth-provider'
+export * from './application/application'
+export * from './appliance/appliance'
+export * from './privilege/privilege'
+export * from './role/role'
+export * from './user/user'
+export * from './partner/partner'
+export * from './granted-role/granted-role'
+export * from './invitation/invitation'
+export * from './app-binding/app-binding'
+export * from './password-history/password-history'
+export * from './verification-token/verification-token'
+export * from './login-history/login-history'
+export * from './web-auth-credential/web-auth-credential'
+/* EXPORT TYPES */
+export * from './app-binding/app-binding-types'
+export * from './appliance/appliance-types'
+export * from './application/application-types'
+export * from './domain-generator/domain-generator-types'
+export * from './invitation/invitation-types'
+export * from './partner/partner-types'
+export * from './privilege/privilege-types'
+export * from './role/role-types'
+export * from './user/user-types'
+export const entities = [
+  /* ENTITIES */
+  ...UsersAuthProvidersEntities,
+  ...AuthProviderEntities,
+  ...ApplicationEntities,
+  ...ApplianceEntities,
+  ...PrivilegeEntities,
+  ...RoleEntities,
+  ...UserEntities,
+  ...PartnerEntities,
+  ...GrantedRoleEntities,
+  ...InvitationEntities,
+  ...PasswordHistoryEntities,
+  ...VerificationTokenEntities,
+  ...LoginHistoryEntities,
+  ...WebAuthCredentialEntities
+]
+export const schema = {
+  typeDefs: {
+    privilegeDirectiveTypeDefs
+  },
+  resolverClasses: [
+    /* RESOLVER CLASSES */
+    ...UsersAuthProvidersResolvers,
+    ...AuthProviderResolvers,
+    ...ApplicationResolvers,
+    ...ApplianceResolvers,
+    ...PrivilegeResolvers,
+    ...RoleResolvers,
+    ...UserResolvers,
+    ...PartnerResolvers,
+    ...GrantedRoleResolver,
+    ...InvitationResolver,
+    ...AppbindingResolver,
+    ...DomainGeneratorResolver,
+    ...LoginHistoryResolver
+  ],
+  directives: {
+    privilege: privilegeDirectiveResolver
+  }
+}

package/server/service/invitation/index.ts ADDED Viewed

@@ -0,0 +1,6 @@
+import { Invitation } from './invitation'
+import { InvitationQuery } from './invitation-query'
+import { InvitationMutation } from './invitation-mutation'
+export const entities = [Invitation]
+export const resolvers = [InvitationQuery, InvitationMutation]

package/server/service/invitation/invitation-mutation.ts ADDED Viewed

@@ -0,0 +1,63 @@
+import { Arg, Ctx, Mutation, Resolver } from 'type-graphql'
+import { GraphQLEmailAddress } from 'graphql-scalars'
+import { getRepository } from '@things-factory/shell'
+import { sendInvitationEmail } from '../../controllers/invitation'
+import { Invitation } from './invitation'
+@Resolver(Invitation)
+export class InvitationMutation {
+  @Mutation(returns => Boolean)
+  async cancelInvitation(
+    @Arg('email', type => GraphQLEmailAddress) email: string,
+    @Arg('reference') reference: string,
+    @Arg('type') type: string
+  ) {
+    const repository = getRepository(Invitation)
+    await repository.delete({
+      email,
+      reference,
+      type
+    })
+    return true
+  }
+  @Mutation(returns => Invitation)
+  async sendInvitation(
+    @Arg('email', type => GraphQLEmailAddress) email: string,
+    @Arg('reference') reference: string,
+    @Arg('type') type: string,
+    @Ctx() context: ResolverContext
+  ) {
+    const repository = getRepository(Invitation)
+    const oldone = await repository.findOneBy({
+      email,
+      type,
+      reference
+    })
+    // TODO send invitation
+    await sendInvitationEmail({
+      invitation: {
+        email,
+        reference,
+        type
+      },
+      context
+    })
+    // update or create
+    return await repository.save({
+      ...oldone, // take only id from oldone for update
+      email,
+      reference,
+      type,
+      creator: context.state.user,
+      updater: context.state.user
+    })
+  }
+}

package/server/service/invitation/invitation-query.ts ADDED Viewed

@@ -0,0 +1,33 @@
+import { GraphQLEmailAddress } from 'graphql-scalars'
+import { Arg, Query, Resolver } from 'type-graphql'
+import { getRepository } from '@things-factory/shell'
+import { Invitation } from './invitation'
+import { InvitationList } from './invitation-types'
+@Resolver(Invitation)
+export class InvitationQuery {
+  @Query(returns => Invitation)
+  async invitation(
+    @Arg('email', type => GraphQLEmailAddress) email: string,
+    @Arg('reference') reference: string,
+    @Arg('type') type: string
+  ) {
+    return await getRepository(Invitation).findOneBy({
+      email,
+      reference,
+      type
+    })
+  }
+  @Query(returns => InvitationList)
+  async invitations(@Arg('reference') reference: string, @Arg('type') type: string) {
+    const [items, total] = await getRepository(Invitation).findAndCountBy({
+      reference,
+      type
+    })
+    return { items, total }
+  }
+}

package/server/service/invitation/invitation-types.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import { Invitation } from './invitation'
+import { ObjectType, Field, Int } from 'type-graphql'
+@ObjectType()
+export class InvitationList {
+  @Field(type => [Invitation], { nullable: true })
+  items: Invitation[]
+  @Field(type => Int, { nullable: true })
+  total: number
+}

package/server/service/invitation/invitation.ts ADDED Viewed

@@ -0,0 +1,63 @@
+import {
+  CreateDateColumn,
+  UpdateDateColumn,
+  Entity,
+  Index,
+  Column,
+  ManyToOne,
+  RelationId,
+  PrimaryGeneratedColumn
+} from 'typeorm'
+import { ObjectType, Field, ID } from 'type-graphql'
+import { GraphQLEmailAddress } from 'graphql-scalars'
+import { User } from '../user/user'
+@Entity()
+@Index('ix_invitation_0', (invitation: Invitation) => [invitation.email, invitation.reference, invitation.type], {
+  unique: true
+})
+@Index('ix_invitation_1', (invitation: Invitation) => [invitation.token], { unique: true })
+@ObjectType()
+export class Invitation {
+  @PrimaryGeneratedColumn('uuid')
+  @Field(type => ID)
+  readonly id: string
+  @Column()
+  @Field(type => GraphQLEmailAddress)
+  email: string
+  @Column()
+  @Field()
+  reference: string // company, bizplace
+  @Column()
+  @Field()
+  type: string // company, bizplace, .. should think whether this column needs.
+  @Column()
+  @Field()
+  token: string
+  @CreateDateColumn({ nullable: true })
+  @Field({ nullable: true })
+  createdAt: Date
+  @UpdateDateColumn({ nullable: true })
+  @Field({ nullable: true })
+  updatedAt: Date
+  @ManyToOne(type => User, { nullable: true })
+  @Field({ nullable: true })
+  creator: User
+  @RelationId((invitation: Invitation) => invitation.creator)
+  creatorId: string
+  @ManyToOne(type => User, { nullable: true })
+  @Field({ nullable: true })
+  updater: User
+  @RelationId((invitation: Invitation) => invitation.updater)
+  updaterId: string
+}

package/server/service/login-history/index.ts ADDED Viewed

@@ -0,0 +1,5 @@
+import { LoginHistory } from './login-history'
+import { LoginHistoryQuery } from './login-history-query'
+export const entities = [LoginHistory]
+export const resolvers = [LoginHistoryQuery]

package/server/service/login-history/login-history-query.ts ADDED Viewed

@@ -0,0 +1,51 @@
+import { Arg, Args, Ctx, FieldResolver, Query, Resolver, Root } from 'type-graphql'
+import { Domain, getQueryBuilderFromListParams, getRepository, ListParam } from '@things-factory/shell'
+import { User } from '../user/user'
+import { LoginHistory } from './login-history'
+import { LoginHistoryList } from './login-history-type'
+@Resolver(LoginHistory)
+export class LoginHistoryQuery {
+  @Query(returns => LoginHistoryList, { description: 'To fetch multiple LoginHistories' })
+  async loginHistories(
+    @Args(type => ListParam) params: ListParam,
+    @Ctx() context: ResolverContext
+  ): Promise<LoginHistoryList> {
+    const { domain } = context.state
+    const queryBuilder = getQueryBuilderFromListParams({
+      domain,
+      params,
+      repository: await getRepository(LoginHistory)
+    })
+    const [items, total] = await queryBuilder.getManyAndCount()
+    return { items, total }
+  }
+  @Query(returns => [LoginHistory])
+  async myLoginHistories(@Arg('limit') limit: number, @Ctx() context: ResolverContext): Promise<LoginHistory[]> {
+    const user: User = context.state.user
+    if (!user) {
+      throw new Error('No user specified')
+    }
+    return await getRepository(LoginHistory).find({
+      where: { accessUser: { id: user.id } },
+      take: limit || 10,
+      order: { accessedAt: 'DESC' }
+    })
+  }
+  @FieldResolver()
+  async accessDomain(@Root() loginHistory: LoginHistory) {
+    return await getRepository(Domain).findOneBy({ id: loginHistory.accessDomainId })
+  }
+  @FieldResolver()
+  async accessUser(@Root() loginHistory: LoginHistory) {
+    return await getRepository(User).findOneBy({ id: loginHistory.accessUserId })
+  }
+}

package/server/service/login-history/login-history-type.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import { Field, ID, InputType, Int, ObjectType } from 'type-graphql'
+import { LoginHistory } from './login-history'
+@ObjectType()
+export class LoginHistoryList {
+  @Field(type => [LoginHistory])
+  items: LoginHistory[]
+  @Field(type => Int)
+  total: number
+}

package/server/service/login-history/login-history.ts ADDED Viewed

@@ -0,0 +1,45 @@
+import { Field, ID, ObjectType } from 'type-graphql'
+import { Column, CreateDateColumn, Entity, Index, ManyToOne, PrimaryGeneratedColumn, RelationId } from 'typeorm'
+import { Domain, getRepository } from '@things-factory/shell'
+import { User } from '../user/user'
+@Entity()
+@Index('ix_login_history_0', (loginHistory: LoginHistory) => [loginHistory.accessDomain, loginHistory.accessUser])
+@ObjectType()
+export class LoginHistory {
+  @PrimaryGeneratedColumn('uuid')
+  @Field(type => ID)
+  readonly id: string
+  @ManyToOne(type => Domain)
+  @Field(type => Domain)
+  accessDomain?: Domain
+  @RelationId((loginHistory: LoginHistory) => loginHistory.accessDomain)
+  accessDomainId: string
+  @ManyToOne(type => User)
+  @Field(type => User)
+  accessUser: User
+  @RelationId((loginHistory: LoginHistory) => loginHistory.accessUser)
+  accessUserId: string
+  @Column({ nullable: true })
+  @Field({ nullable: true })
+  accessorIp: string
+  @CreateDateColumn()
+  @Field({ nullable: true })
+  accessedAt: Date
+  static async stamp(accessDomain: Partial<Domain>, accessUser: User, accessorIp: string): Promise<void> {
+    await getRepository(LoginHistory).save({
+      accessDomain,
+      accessUser,
+      accessorIp
+    })
+  }
+}

package/server/service/partner/index.ts ADDED Viewed

@@ -0,0 +1,6 @@
+import { Partner } from './partner'
+import { PartnerQuery } from './partner-query'
+import { PartnerMutation } from './partner-mutation'
+export const entities = [Partner]
+export const resolvers = [PartnerQuery, PartnerMutation]