npm - @things-factory/auth-base - Versions diffs - 8.0.0-beta.9 → 8.0.0 - Mend

@things-factory/auth-base 8.0.0-beta.9 → 8.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (212) hide show

package/client/actions/auth.ts +24 -0
package/client/auth.ts +272 -0
package/client/bootstrap.ts +47 -0
package/client/directive/privileged.ts +28 -0
package/client/index.ts +3 -0
package/client/profiled.ts +83 -0
package/client/reducers/auth.ts +31 -0
package/dist-client/index.d.ts +0 -1
package/dist-client/index.js +0 -1
package/dist-client/index.js.map +1 -1
package/dist-client/tsconfig.tsbuildinfo +1 -1
package/dist-server/constants/error-code.d.ts +0 -2
package/dist-server/constants/error-code.js +1 -3
package/dist-server/constants/error-code.js.map +1 -1
package/dist-server/controllers/change-pwd.js +2 -2
package/dist-server/controllers/change-pwd.js.map +1 -1
package/dist-server/controllers/delete-user.js +12 -13
package/dist-server/controllers/delete-user.js.map +1 -1
package/dist-server/controllers/invitation.d.ts +1 -2
package/dist-server/controllers/invitation.js +5 -30
package/dist-server/controllers/invitation.js.map +1 -1
package/dist-server/controllers/profile.d.ts +3 -4
package/dist-server/controllers/profile.js +2 -20
package/dist-server/controllers/profile.js.map +1 -1
package/dist-server/controllers/signin.d.ts +1 -4
package/dist-server/controllers/signin.js +1 -17
package/dist-server/controllers/signin.js.map +1 -1
package/dist-server/controllers/signup.js +4 -13
package/dist-server/controllers/signup.js.map +1 -1
package/dist-server/controllers/unlock-user.js +0 -1
package/dist-server/controllers/unlock-user.js.map +1 -1
package/dist-server/controllers/verification.js +0 -1
package/dist-server/controllers/verification.js.map +1 -1
package/dist-server/middlewares/signin-middleware.js +4 -9
package/dist-server/middlewares/signin-middleware.js.map +1 -1
package/dist-server/middlewares/webauthn-middleware.js.map +1 -1
package/dist-server/migrations/1548206416130-SeedUser.js +1 -2
package/dist-server/migrations/1548206416130-SeedUser.js.map +1 -1
package/dist-server/router/auth-checkin-router.js +2 -8
package/dist-server/router/auth-checkin-router.js.map +1 -1
package/dist-server/router/auth-private-process-router.js +7 -12
package/dist-server/router/auth-private-process-router.js.map +1 -1
package/dist-server/router/auth-public-process-router.js +9 -20
package/dist-server/router/auth-public-process-router.js.map +1 -1
package/dist-server/router/auth-signin-router.js +3 -3
package/dist-server/router/auth-signin-router.js.map +1 -1
package/dist-server/router/webauthn-router.js +1 -51
package/dist-server/router/webauthn-router.js.map +1 -1
package/dist-server/service/invitation/invitation-mutation.d.ts +2 -3
package/dist-server/service/invitation/invitation-mutation.js +8 -20
package/dist-server/service/invitation/invitation-mutation.js.map +1 -1
package/dist-server/service/user/user-mutation.d.ts +9 -10
package/dist-server/service/user/user-mutation.js +54 -112
package/dist-server/service/user/user-mutation.js.map +1 -1
package/dist-server/service/user/user-types.d.ts +0 -1
package/dist-server/service/user/user-types.js +0 -4
package/dist-server/service/user/user-types.js.map +1 -1
package/dist-server/service/user/user.d.ts +0 -1
package/dist-server/service/user/user.js +14 -40
package/dist-server/service/user/user.js.map +1 -1
package/dist-server/templates/account-unlock-email.d.ts +1 -2
package/dist-server/templates/account-unlock-email.js +1 -1
package/dist-server/templates/account-unlock-email.js.map +1 -1
package/dist-server/templates/invitation-email.d.ts +1 -2
package/dist-server/templates/invitation-email.js +1 -1
package/dist-server/templates/invitation-email.js.map +1 -1
package/dist-server/templates/verification-email.d.ts +1 -2
package/dist-server/templates/verification-email.js +1 -1
package/dist-server/templates/verification-email.js.map +1 -1
package/dist-server/tsconfig.tsbuildinfo +1 -1
package/package.json +6 -6
package/server/constants/error-code.ts +20 -0
package/server/constants/error-message.ts +0 -0
package/server/constants/max-age.ts +1 -0
package/server/controllers/auth.ts +5 -0
package/server/controllers/change-pwd.ts +99 -0
package/server/controllers/checkin.ts +21 -0
package/server/controllers/delete-user.ts +68 -0
package/server/controllers/invitation.ts +132 -0
package/server/controllers/profile.ts +28 -0
package/server/controllers/reset-password.ts +126 -0
package/server/controllers/signin.ts +79 -0
package/server/controllers/signup.ts +60 -0
package/server/controllers/unlock-user.ts +61 -0
package/server/controllers/utils/make-invitation-token.ts +5 -0
package/server/controllers/utils/make-verification-token.ts +4 -0
package/server/controllers/utils/password-rule.ts +120 -0
package/server/controllers/utils/save-invitation-token.ts +10 -0
package/server/controllers/utils/save-verification-token.ts +12 -0
package/server/controllers/verification.ts +83 -0
package/server/errors/auth-error.ts +24 -0
package/server/errors/index.ts +2 -0
package/server/errors/user-domain-not-match-error.ts +29 -0
package/server/index.ts +37 -0
package/server/middlewares/authenticate-401-middleware.ts +114 -0
package/server/middlewares/domain-authenticate-middleware.ts +78 -0
package/server/middlewares/graphql-authenticate-middleware.ts +13 -0
package/server/middlewares/index.ts +67 -0
package/server/middlewares/jwt-authenticate-middleware.ts +84 -0
package/server/middlewares/signin-middleware.ts +55 -0
package/server/middlewares/webauthn-middleware.ts +127 -0
package/server/migrations/1548206416130-SeedUser.ts +59 -0
package/server/migrations/1566805283882-SeedPrivilege.ts +28 -0
package/server/migrations/index.ts +9 -0
package/server/router/auth-checkin-router.ts +107 -0
package/server/router/auth-private-process-router.ts +107 -0
package/server/router/auth-public-process-router.ts +302 -0
package/server/router/auth-signin-router.ts +55 -0
package/server/router/auth-signup-router.ts +95 -0
package/server/router/index.ts +9 -0
package/server/router/oauth2/index.ts +2 -0
package/server/router/oauth2/oauth2-authorize-router.ts +81 -0
package/server/router/oauth2/oauth2-router.ts +165 -0
package/server/router/oauth2/oauth2-server.ts +262 -0
package/server/router/oauth2/passport-oauth2-client-password.ts +87 -0
package/server/router/oauth2/passport-refresh-token.ts +87 -0
package/server/router/path-base-domain-router.ts +8 -0
package/server/router/site-root-router.ts +48 -0
package/server/router/webauthn-router.ts +87 -0
package/server/routes.ts +80 -0
package/server/service/app-binding/app-binding-mutation.ts +22 -0
package/server/service/app-binding/app-binding-query.ts +92 -0
package/server/service/app-binding/app-binding-types.ts +11 -0
package/server/service/app-binding/app-binding.ts +17 -0
package/server/service/app-binding/index.ts +4 -0
package/server/service/appliance/appliance-mutation.ts +113 -0
package/server/service/appliance/appliance-query.ts +76 -0
package/server/service/appliance/appliance-types.ts +56 -0
package/server/service/appliance/appliance.ts +133 -0
package/server/service/appliance/index.ts +6 -0
package/server/service/application/application-mutation.ts +104 -0
package/server/service/application/application-query.ts +98 -0
package/server/service/application/application-types.ts +76 -0
package/server/service/application/application.ts +216 -0
package/server/service/application/index.ts +6 -0
package/server/service/auth-provider/auth-provider-mutation.ts +159 -0
package/server/service/auth-provider/auth-provider-parameter-spec.ts +24 -0
package/server/service/auth-provider/auth-provider-query.ts +88 -0
package/server/service/auth-provider/auth-provider-type.ts +67 -0
package/server/service/auth-provider/auth-provider.ts +155 -0
package/server/service/auth-provider/index.ts +7 -0
package/server/service/domain-generator/domain-generator-mutation.ts +117 -0
package/server/service/domain-generator/domain-generator-types.ts +46 -0
package/server/service/domain-generator/index.ts +3 -0
package/server/service/granted-role/granted-role-mutation.ts +156 -0
package/server/service/granted-role/granted-role-query.ts +60 -0
package/server/service/granted-role/granted-role.ts +27 -0
package/server/service/granted-role/index.ts +6 -0
package/server/service/index.ts +90 -0
package/server/service/invitation/index.ts +6 -0
package/server/service/invitation/invitation-mutation.ts +63 -0
package/server/service/invitation/invitation-query.ts +33 -0
package/server/service/invitation/invitation-types.ts +11 -0
package/server/service/invitation/invitation.ts +63 -0
package/server/service/login-history/index.ts +5 -0
package/server/service/login-history/login-history-query.ts +51 -0
package/server/service/login-history/login-history-type.ts +12 -0
package/server/service/login-history/login-history.ts +45 -0
package/server/service/partner/index.ts +6 -0
package/server/service/partner/partner-mutation.ts +61 -0
package/server/service/partner/partner-query.ts +102 -0
package/server/service/partner/partner-types.ts +11 -0
package/server/service/partner/partner.ts +57 -0
package/server/service/password-history/index.ts +3 -0
package/server/service/password-history/password-history.ts +16 -0
package/server/service/privilege/index.ts +6 -0
package/server/service/privilege/privilege-directive.ts +77 -0
package/server/service/privilege/privilege-mutation.ts +92 -0
package/server/service/privilege/privilege-query.ts +94 -0
package/server/service/privilege/privilege-types.ts +60 -0
package/server/service/privilege/privilege.ts +102 -0
package/server/service/role/index.ts +6 -0
package/server/service/role/role-mutation.ts +109 -0
package/server/service/role/role-query.ts +155 -0
package/server/service/role/role-types.ts +81 -0
package/server/service/role/role.ts +72 -0
package/server/service/user/domain-query.ts +24 -0
package/server/service/user/index.ts +7 -0
package/server/service/user/user-mutation.ts +413 -0
package/server/service/user/user-query.ts +145 -0
package/server/service/user/user-types.ts +97 -0
package/server/service/user/user.ts +354 -0
package/server/service/users-auth-providers/index.ts +5 -0
package/server/service/users-auth-providers/users-auth-providers.ts +71 -0
package/server/service/verification-token/index.ts +3 -0
package/server/service/verification-token/verification-token.ts +60 -0
package/server/service/web-auth-credential/index.ts +3 -0
package/server/service/web-auth-credential/web-auth-credential.ts +67 -0
package/server/templates/account-unlock-email.ts +65 -0
package/server/templates/invitation-email.ts +66 -0
package/server/templates/reset-password-email.ts +65 -0
package/server/templates/verification-email.ts +66 -0
package/server/types.ts +21 -0
package/server/utils/accepts.ts +11 -0
package/server/utils/access-token-cookie.ts +61 -0
package/server/utils/check-permission.ts +52 -0
package/server/utils/check-user-belongs-domain.ts +19 -0
package/server/utils/check-user-has-role.ts +29 -0
package/server/utils/encrypt-state.ts +22 -0
package/server/utils/get-aes-256-key.ts +13 -0
package/server/utils/get-domain-from-hostname.ts +7 -0
package/server/utils/get-domain-users.ts +38 -0
package/server/utils/get-secret.ts +13 -0
package/server/utils/get-user-domains.ts +112 -0
package/translations/en.json +1 -5
package/translations/ja.json +1 -5
package/translations/ko.json +3 -6
package/translations/ms.json +1 -5
package/translations/zh.json +1 -5
package/dist-client/verify-webauthn.d.ts +0 -13
package/dist-client/verify-webauthn.js +0 -72
package/dist-client/verify-webauthn.js.map +0 -1

package/server/service/role/role-mutation.ts ADDED Viewed

@@ -0,0 +1,109 @@
+import { Arg, Ctx, Directive, Mutation, Resolver } from 'type-graphql'
+import { getRepository } from '@things-factory/shell'
+import { Privilege } from '../privilege/privilege'
+import { User } from '../user/user'
+import { Role } from './role'
+import { NewRole, RolePatch } from './role-types'
+@Resolver(Role)
+export class RoleMutation {
+  @Directive('@privilege(category: "user", privilege: "mutation", domainOwnerGranted: true)')
+  @Mutation(returns => User, { description: 'To create new user' })
+  async createRole(@Arg('role') role: NewRole, @Ctx() context: ResolverContext): Promise<Role> {
+    const { domain, user } = context.state
+    const roleName = role.name.trim()
+    const existsRole: Role = await getRepository(Role).findOne({ where: { name: roleName, domain: { id: domain.id } } })
+    if (existsRole) {
+      throw new Error('role name is duplicated')
+    }
+    if (role.privileges && role.privileges.length) {
+      role.privileges = await getRepository(Privilege).findByIds(role.privileges.map(privilege => privilege.id))
+    }
+    if (role.users && role.users.length) {
+      role.users = await getRepository(User).findByIds(role.users.map(user => user.id))
+    }
+    return await getRepository(Role).save({
+      domain,
+      updater: user,
+      creator: user,
+      ...role
+    })
+  }
+  @Directive('@privilege(category: "user", privilege: "mutation", domainOwnerGranted: true)')
+  @Mutation(returns => Role, { description: 'To modify role information' })
+  async updateRole(
+    @Arg('id') id: string,
+    @Arg('patch') patch: RolePatch,
+    @Ctx() context: ResolverContext
+  ): Promise<Role> {
+    const { domain, user } = context.state
+    const { name, description, privileges } = patch
+    const roleRepository = getRepository(Role)
+    const role: Role = await roleRepository.findOne({
+      where: { domain: { id: domain.id }, id },
+      relations: ['privileges', 'creator', 'updater']
+    })
+    if (name && role.name !== name) {
+      const roleName = name.trim()
+      const existsRole: Role = await roleRepository.findOne({ where: { name: roleName, domain: { id: domain.id } } })
+      if (existsRole) {
+        throw new Error('role name is duplicated')
+      }
+      role.name = roleName
+    }
+    if (description) {
+      role.description = description
+    }
+    return await roleRepository.save({
+      ...role,
+      ...patch,
+      privileges: await getRepository(Privilege).findByIds(
+        patch.privileges.map((privilege: Privilege) => privilege.id)
+      ),
+      updater: user
+    } as any)
+  }
+  @Directive('@privilege(category: "user", privilege: "mutation")')
+  @Directive('@transaction')
+  @Mutation(returns => Boolean, { description: 'To delete role' })
+  async deleteRole(@Arg('id') id: string, @Ctx() context: ResolverContext): Promise<Boolean> {
+    const { tx, domain } = context.state
+    let role: Role = await tx
+      .getRepository(Role)
+      .findOne({ where: { domain: { id: domain.id }, id }, relations: ['users', 'privileges'] })
+    try {
+      if (role.users.length) throw new Error('cannot delete role because it is currently in use')
+      role.privileges = []
+      role = await tx.getRepository(Role).save(role)
+      await tx.getRepository(Role).delete(role.id)
+      return true
+    } catch (e) {
+      context.throw(401, 'cannot delete role because it is currently in use')
+    }
+  }
+  @Directive('@privilege(category: "user", privilege: "mutation", domainOwnerGranted: true)')
+  @Mutation(returns => Boolean, { description: 'To delete multiple roles' })
+  async deleteRoles(@Arg('ids', type => [String]) ids: string[], @Ctx() _context: any) {
+    await getRepository(Role).delete(ids)
+    return true
+  }
+}

package/server/service/role/role-query.ts ADDED Viewed

@@ -0,0 +1,155 @@
+import { In } from 'typeorm'
+import { Arg, Args, Ctx, Directive, FieldResolver, Query, Resolver, Root } from 'type-graphql'
+import { SelectQueryBuilder } from 'typeorm'
+import { config } from '@things-factory/env'
+import { Domain, getQueryBuilderFromListParams, getRepository, ListParam } from '@things-factory/shell'
+import { Privilege } from '../privilege/privilege'
+import { User } from '../user/user'
+import { Role } from './role'
+import { RoleList, RolePrivilege, UserRole } from './role-types'
+@Resolver(Role)
+export class RoleQuery {
+  @Directive('@privilege(category: "user", privilege: "query", domainOwnerGranted: true, superUserGranted: true)')
+  @Query(returns => Role, { description: 'To fetch role' })
+  async role(@Arg('name') name: string, @Ctx() context: ResolverContext): Promise<Role> {
+    const { domain } = context.state
+    return await getRepository(Role).findOneBy({
+      domain: { id: In([domain.id, domain.parentId].filter(Boolean)) },
+      name
+    })
+  }
+  @Directive('@privilege(category: "user", privilege: "query", domainOwnerGranted: true, superUserGranted: true)')
+  @Query(returns => RoleList, { description: 'To fetch multiple users' })
+  async roles(@Args(type => ListParam) params: ListParam, @Ctx() context: ResolverContext): Promise<RoleList> {
+    const { domain } = context.state
+    const [items, total] = await getQueryBuilderFromListParams({
+      repository: getRepository(Role),
+      params,
+      domain,
+      searchables: ['name', 'description']
+    }).getManyAndCount()
+    return { items, total }
+  }
+  @Directive('@privilege(category: "user", privilege: "query", domainOwnerGranted: true, superUserGranted: true)')
+  @Query(returns => [RolePrivilege], { description: 'To fetch privileges of a role' })
+  async rolePrivileges(@Arg('roleId') roleId: string, @Ctx() context: ResolverContext): Promise<RolePrivilege[]> {
+    const rolePrivileges = await getRepository(Privilege).query(
+      `
+        SELECT
+          id,
+          name,
+          category,
+          description,
+          CASE WHEN id IN (
+            SELECT
+              P.id
+            FROM
+              privileges P JOIN roles_privileges RP
+            ON
+              P.id = RP.privileges_id
+            WHERE
+              RP.roles_id = '${roleId}'
+          ) THEN true
+            ELSE false
+          END AS assigned
+        FROM
+          privileges
+      `
+    )
+    return rolePrivileges
+  }
+  @Directive('@privilege(category: "user", privilege: "query", domainOwnerGranted: true, superUserGranted: true)')
+  @Query(returns => [UserRole], { description: 'To fetch roles of a user' })
+  async userRoles(@Arg('userId') userId: string, @Ctx() context: ResolverContext): Promise<UserRole[]> {
+    const userRoles = await getRepository(Role).query(
+      `
+        SELECT
+          id,
+          name,
+          description,
+          CASE WHEN id IN (
+            SELECT
+              R.id
+            FROM
+              roles R JOIN users_roles UR
+            ON
+              R.id = UR.roles_id
+            WHERE
+              UR.users_id = '${userId}'
+          ) THEN true
+            ELSE false
+          END AS assigned
+        FROM
+          roles
+      `
+    )
+    return userRoles
+  }
+  @Query(returns => [Role], { description: 'To fetch roles of current user' })
+  async myRoles(@Ctx() context: ResolverContext): Promise<Role[]> {
+    const { user, domain } = context.state
+    const qb: SelectQueryBuilder<User> = await getRepository(User).createQueryBuilder('USER')
+    const { roles }: User = await qb
+      .leftJoinAndSelect('USER.roles', 'ROLE')
+      .leftJoin('ROLE.domain', 'ROLE_DOMAIN')
+      .where('USER.id = :userId', { userId: user.id })
+      .andWhere('ROLE_DOMAIN.id In(:...domainIds)', { domainIds: [domain.id, domain.parentId].filter(Boolean) })
+      .getOne()
+    return roles || []
+  }
+  @Query(returns => [Role], { description: 'To fetch the preset of role for new user' })
+  async checkRolePreset(@Ctx() context: ResolverContext): Promise<Role[]> {
+    const rolePreset = config.get('rolePreset') || []
+    return rolePreset
+  }
+  @FieldResolver(type => Domain)
+  async domain(@Root() role: Role) {
+    return await getRepository(Domain).findOneBy({ id: role.domainId })
+  }
+  @FieldResolver(type => [User])
+  async users(@Root() role: Role) {
+    return (
+      await getRepository(Role).findOne({
+        where: { id: role.id },
+        relations: ['users']
+      })
+    ).users
+  }
+  @FieldResolver(type => [Privilege])
+  async privileges(@Root() role: Role) {
+    return (
+      await getRepository(Role).findOne({
+        where: { id: role.id },
+        relations: ['privileges']
+      })
+    ).privileges
+  }
+  @FieldResolver(type => User)
+  async updater(@Root() role: Role): Promise<User> {
+    return await getRepository(User).findOneBy({ id: role.updaterId })
+  }
+  @FieldResolver(type => User)
+  async creator(@Root() role: Role): Promise<User> {
+    return await getRepository(User).findOneBy({ id: role.creatorId })
+  }
+}

package/server/service/role/role-types.ts ADDED Viewed

@@ -0,0 +1,81 @@
+import { ObjectType, InputType, Field, Int } from 'type-graphql'
+import { ObjectRef } from '@things-factory/shell'
+import { Role } from './role'
+@InputType()
+export class NewRole {
+  @Field()
+  name: string
+  @Field({ nullable: true })
+  description?: string
+  @Field(type => [ObjectRef], { nullable: true })
+  users?: ObjectRef[]
+  @Field(type => [ObjectRef], { nullable: true })
+  privileges?: ObjectRef[]
+}
+@InputType()
+export class RolePatch {
+  @Field({ nullable: true })
+  id?: string
+  @Field({ nullable: true })
+  name?: string
+  @Field({ nullable: true })
+  description?: string
+  @Field(type => [ObjectRef], { nullable: true })
+  users?: ObjectRef[]
+  @Field(type => [ObjectRef], { nullable: true })
+  privileges?: ObjectRef[]
+  @Field({ nullable: true })
+  cuFlag?: string
+}
+@ObjectType()
+export class RoleList {
+  @Field(type => [Role], { nullable: true })
+  items?: Role[]
+  @Field(type => Int, { nullable: true })
+  total?: number
+}
+@ObjectType()
+export class RolePrivilege {
+  @Field({ nullable: true })
+  id?: string
+  @Field({ nullable: true })
+  name?: string
+  @Field({ nullable: true })
+  category?: string
+  @Field({ nullable: true })
+  description?: string
+  @Field({ nullable: true })
+  assigned?: boolean
+}
+@ObjectType()
+export class UserRole {
+  @Field({ nullable: true })
+  id?: string
+  @Field({ nullable: true })
+  name?: string
+  @Field({ nullable: true })
+  description?: string
+  @Field({ nullable: true })
+  assigned?: boolean
+}

package/server/service/role/role.ts ADDED Viewed

@@ -0,0 +1,72 @@
+import { Domain } from '@things-factory/shell'
+import {
+  Column,
+  CreateDateColumn,
+  Entity,
+  Index,
+  JoinTable,
+  ManyToMany,
+  ManyToOne,
+  RelationId,
+  PrimaryGeneratedColumn,
+  UpdateDateColumn
+} from 'typeorm'
+import { ObjectType, Field, ID } from 'type-graphql'
+import { Privilege } from '../privilege/privilege'
+import { User } from '../user/user'
+@Entity()
+@Index('ix_role_0', (role: Role) => [role.name, role.domain], { unique: true })
+@ObjectType()
+export class Role {
+  @PrimaryGeneratedColumn('uuid')
+  @Field(type => ID)
+  readonly id: string
+  @ManyToOne(type => Domain)
+  @Field(type => Domain)
+  domain?: Domain
+  @RelationId((role: Role) => role.domain)
+  domainId: string
+  @Column()
+  @Field({ nullable: true })
+  name: string
+  @ManyToMany(type => User, user => user.roles)
+  @Field(type => [User], { nullable: true })
+  users: User[]
+  @ManyToMany(type => Privilege, privilege => privilege.roles)
+  @Field(type => [Privilege], { nullable: true })
+  privileges: Privilege[]
+  @Column({
+    nullable: true
+  })
+  @Field({ nullable: true })
+  description: string
+  @ManyToOne(type => User, { nullable: true })
+  @Field(type => User, { nullable: true })
+  creator: User
+  @RelationId((role: Role) => role.creator)
+  creatorId: string
+  @ManyToOne(type => User, { nullable: true })
+  @Field(type => User, { nullable: true })
+  updater: User
+  @RelationId((role: Role) => role.updater)
+  updaterId: string
+  @CreateDateColumn()
+  @Field({ nullable: true })
+  createdAt: Date
+  @UpdateDateColumn()
+  @Field({ nullable: true })
+  updatedAt: Date
+}

package/server/service/user/domain-query.ts ADDED Viewed

@@ -0,0 +1,24 @@
+import { FieldResolver, Resolver, Root } from 'type-graphql'
+import { Domain, getRepository } from '@things-factory/shell'
+import { User } from './user'
+@Resolver(Domain)
+export class DomainQuery {
+  @FieldResolver(type => User, { nullable: true })
+  async ownerUser(@Root() domain: Domain): Promise<User | null> {
+    if (!domain.owner) {
+      return
+    }
+    const owner = await getRepository(User).findOne({
+      where: { id: domain.owner }
+    })
+    if (owner && owner.userType !== 'user' && owner.userType !== 'admin') {
+      throw 'the type of the given user is not suitable for a owner of a domain'
+    }
+    return owner
+  }
+}

package/server/service/user/index.ts ADDED Viewed

@@ -0,0 +1,7 @@
+import { User } from './user'
+import { UserQuery } from './user-query'
+import { UserMutation } from './user-mutation'
+import { DomainQuery } from './domain-query'
+export const entities = [User]
+export const resolvers = [UserQuery, UserMutation, DomainQuery]