@things-factory/auth-base 9.0.0-beta.8 → 9.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (168) hide show
  1. package/config/config.development.js +1 -0
  2. package/dist-client/auth.js +2 -7
  3. package/dist-client/auth.js.map +1 -1
  4. package/dist-client/reducers/auth.js +9 -2
  5. package/dist-client/reducers/auth.js.map +1 -1
  6. package/dist-client/tsconfig.tsbuildinfo +1 -1
  7. package/dist-server/controllers/change-pwd.js +5 -2
  8. package/dist-server/controllers/change-pwd.js.map +1 -1
  9. package/dist-server/controllers/checkin.js +1 -1
  10. package/dist-server/controllers/checkin.js.map +1 -1
  11. package/dist-server/controllers/delete-user.js +2 -2
  12. package/dist-server/controllers/delete-user.js.map +1 -1
  13. package/dist-server/controllers/profile.js +4 -1
  14. package/dist-server/controllers/profile.js.map +1 -1
  15. package/dist-server/controllers/reset-password.js +5 -2
  16. package/dist-server/controllers/reset-password.js.map +1 -1
  17. package/dist-server/controllers/signin.js +2 -2
  18. package/dist-server/controllers/signin.js.map +1 -1
  19. package/dist-server/controllers/signup.js +8 -1
  20. package/dist-server/controllers/signup.js.map +1 -1
  21. package/dist-server/errors/auth-error.js +3 -1
  22. package/dist-server/errors/auth-error.js.map +1 -1
  23. package/dist-server/middlewares/authenticate-401-middleware.js +22 -9
  24. package/dist-server/middlewares/authenticate-401-middleware.js.map +1 -1
  25. package/dist-server/middlewares/bypass-signin-middleware.d.ts +1 -0
  26. package/dist-server/middlewares/bypass-signin-middleware.js +20 -0
  27. package/dist-server/middlewares/bypass-signin-middleware.js.map +1 -0
  28. package/dist-server/middlewares/domain-authenticate-middleware.js +1 -5
  29. package/dist-server/middlewares/domain-authenticate-middleware.js.map +1 -1
  30. package/dist-server/middlewares/index.js +6 -1
  31. package/dist-server/middlewares/index.js.map +1 -1
  32. package/dist-server/middlewares/jwt-authenticate-middleware.js +1 -1
  33. package/dist-server/middlewares/jwt-authenticate-middleware.js.map +1 -1
  34. package/dist-server/migrations/1548206416130-SeedUser.js +11 -3
  35. package/dist-server/migrations/1548206416130-SeedUser.js.map +1 -1
  36. package/dist-server/router/auth-checkin-router.js +11 -13
  37. package/dist-server/router/auth-checkin-router.js.map +1 -1
  38. package/dist-server/router/auth-private-process-router.js +10 -4
  39. package/dist-server/router/auth-private-process-router.js.map +1 -1
  40. package/dist-server/router/auth-signup-router.js +5 -2
  41. package/dist-server/router/auth-signup-router.js.map +1 -1
  42. package/dist-server/router/oauth2/oauth2-authorize-router.js +5 -2
  43. package/dist-server/router/oauth2/oauth2-authorize-router.js.map +1 -1
  44. package/dist-server/router/oauth2/oauth2-router.js +1 -2
  45. package/dist-server/router/oauth2/oauth2-router.js.map +1 -1
  46. package/dist-server/router/oauth2/oauth2-server.js +21 -3
  47. package/dist-server/router/oauth2/oauth2-server.js.map +1 -1
  48. package/dist-server/router/site-root-router.js +1 -1
  49. package/dist-server/router/site-root-router.js.map +1 -1
  50. package/dist-server/router/webauthn-router.js +1 -1
  51. package/dist-server/router/webauthn-router.js.map +1 -1
  52. package/dist-server/routes.js +74 -48
  53. package/dist-server/routes.js.map +1 -1
  54. package/dist-server/service/app-binding/app-binding-types.js +3 -3
  55. package/dist-server/service/app-binding/app-binding-types.js.map +1 -1
  56. package/dist-server/service/app-binding/app-binding.js +6 -4
  57. package/dist-server/service/app-binding/app-binding.js.map +1 -1
  58. package/dist-server/service/appliance/appliance-mutation.js +37 -34
  59. package/dist-server/service/appliance/appliance-mutation.js.map +1 -1
  60. package/dist-server/service/appliance/appliance-types.js +18 -18
  61. package/dist-server/service/appliance/appliance-types.js.map +1 -1
  62. package/dist-server/service/appliance/appliance.d.ts +2 -0
  63. package/dist-server/service/appliance/appliance.js +61 -14
  64. package/dist-server/service/appliance/appliance.js.map +1 -1
  65. package/dist-server/service/application/application-mutation.js +22 -4
  66. package/dist-server/service/application/application-mutation.js.map +1 -1
  67. package/dist-server/service/application/application-types.js +24 -24
  68. package/dist-server/service/application/application-types.js.map +1 -1
  69. package/dist-server/service/application/application.d.ts +6 -6
  70. package/dist-server/service/application/application.js +22 -22
  71. package/dist-server/service/application/application.js.map +1 -1
  72. package/dist-server/service/auth-provider/auth-provider-mutation.js +29 -7
  73. package/dist-server/service/auth-provider/auth-provider-mutation.js.map +1 -1
  74. package/dist-server/service/auth-provider/auth-provider-parameter-spec.js +12 -7
  75. package/dist-server/service/auth-provider/auth-provider-parameter-spec.js.map +1 -1
  76. package/dist-server/service/auth-provider/auth-provider-type.js +24 -21
  77. package/dist-server/service/auth-provider/auth-provider-type.js.map +1 -1
  78. package/dist-server/service/auth-provider/auth-provider.js +35 -25
  79. package/dist-server/service/auth-provider/auth-provider.js.map +1 -1
  80. package/dist-server/service/domain-generator/domain-generator-mutation.js +1 -2
  81. package/dist-server/service/domain-generator/domain-generator-mutation.js.map +1 -1
  82. package/dist-server/service/domain-generator/domain-generator-types.js +17 -14
  83. package/dist-server/service/domain-generator/domain-generator-types.js.map +1 -1
  84. package/dist-server/service/domain-link/domain-link-mutation.d.ts +9 -0
  85. package/dist-server/service/domain-link/domain-link-mutation.js +133 -0
  86. package/dist-server/service/domain-link/domain-link-mutation.js.map +1 -0
  87. package/dist-server/service/domain-link/domain-link-query.d.ts +11 -0
  88. package/dist-server/service/domain-link/domain-link-query.js +75 -0
  89. package/dist-server/service/domain-link/domain-link-query.js.map +1 -0
  90. package/dist-server/service/domain-link/domain-link-types.d.ts +18 -0
  91. package/dist-server/service/domain-link/domain-link-types.js +66 -0
  92. package/dist-server/service/domain-link/domain-link-types.js.map +1 -0
  93. package/dist-server/service/domain-link/domain-link.d.ts +28 -0
  94. package/dist-server/service/domain-link/domain-link.js +105 -0
  95. package/dist-server/service/domain-link/domain-link.js.map +1 -0
  96. package/dist-server/service/domain-link/index.d.ts +6 -0
  97. package/dist-server/service/domain-link/index.js +10 -0
  98. package/dist-server/service/domain-link/index.js.map +1 -0
  99. package/dist-server/service/granted-role/granted-role-mutation.js +7 -7
  100. package/dist-server/service/granted-role/granted-role-mutation.js.map +1 -1
  101. package/dist-server/service/granted-role/granted-role.js +4 -4
  102. package/dist-server/service/granted-role/granted-role.js.map +1 -1
  103. package/dist-server/service/index.d.ts +3 -1
  104. package/dist-server/service/index.js +7 -2
  105. package/dist-server/service/index.js.map +1 -1
  106. package/dist-server/service/invitation/invitation-mutation.js +6 -2
  107. package/dist-server/service/invitation/invitation-mutation.js.map +1 -1
  108. package/dist-server/service/invitation/invitation-types.js +3 -3
  109. package/dist-server/service/invitation/invitation-types.js.map +1 -1
  110. package/dist-server/service/invitation/invitation.js +10 -10
  111. package/dist-server/service/invitation/invitation.js.map +1 -1
  112. package/dist-server/service/login-history/login-history-type.js +3 -3
  113. package/dist-server/service/login-history/login-history-type.js.map +1 -1
  114. package/dist-server/service/login-history/login-history.js +6 -6
  115. package/dist-server/service/login-history/login-history.js.map +1 -1
  116. package/dist-server/service/partner/partner-types.js +3 -3
  117. package/dist-server/service/partner/partner-types.js.map +1 -1
  118. package/dist-server/service/partner/partner.js +8 -8
  119. package/dist-server/service/partner/partner.js.map +1 -1
  120. package/dist-server/service/password-history/password-history.js +3 -3
  121. package/dist-server/service/password-history/password-history.js.map +1 -1
  122. package/dist-server/service/privilege/privilege-directive.js +1 -2
  123. package/dist-server/service/privilege/privilege-directive.js.map +1 -1
  124. package/dist-server/service/privilege/privilege-mutation.js +11 -2
  125. package/dist-server/service/privilege/privilege-mutation.js.map +1 -1
  126. package/dist-server/service/privilege/privilege.js +20 -20
  127. package/dist-server/service/privilege/privilege.js.map +1 -1
  128. package/dist-server/service/role/role-mutation.js +12 -2
  129. package/dist-server/service/role/role-mutation.js.map +1 -1
  130. package/dist-server/service/role/role-query.d.ts +7 -3
  131. package/dist-server/service/role/role-query.js +18 -10
  132. package/dist-server/service/role/role-query.js.map +1 -1
  133. package/dist-server/service/role/role-types.d.ts +4 -0
  134. package/dist-server/service/role/role-types.js +41 -27
  135. package/dist-server/service/role/role-types.js.map +1 -1
  136. package/dist-server/service/role/role.js +11 -11
  137. package/dist-server/service/role/role.js.map +1 -1
  138. package/dist-server/service/user/user-mutation.js +89 -41
  139. package/dist-server/service/user/user-mutation.js.map +1 -1
  140. package/dist-server/service/user/user-query.d.ts +1 -0
  141. package/dist-server/service/user/user-query.js +25 -9
  142. package/dist-server/service/user/user-query.js.map +1 -1
  143. package/dist-server/service/user/user-types.js +35 -32
  144. package/dist-server/service/user/user-types.js.map +1 -1
  145. package/dist-server/service/user/user.d.ts +5 -5
  146. package/dist-server/service/user/user.js +30 -22
  147. package/dist-server/service/user/user.js.map +1 -1
  148. package/dist-server/service/users-auth-providers/users-auth-providers.js +11 -8
  149. package/dist-server/service/users-auth-providers/users-auth-providers.js.map +1 -1
  150. package/dist-server/service/verification-token/verification-token.d.ts +3 -3
  151. package/dist-server/service/verification-token/verification-token.js +8 -8
  152. package/dist-server/service/verification-token/verification-token.js.map +1 -1
  153. package/dist-server/service/web-auth-credential/web-auth-credential.js +11 -10
  154. package/dist-server/service/web-auth-credential/web-auth-credential.js.map +1 -1
  155. package/dist-server/tsconfig.tsbuildinfo +1 -1
  156. package/dist-server/utils/access-token-cookie.js +1 -11
  157. package/dist-server/utils/access-token-cookie.js.map +1 -1
  158. package/dist-server/utils/check-user-belongs-domain.js +1 -2
  159. package/dist-server/utils/check-user-belongs-domain.js.map +1 -1
  160. package/dist-server/utils/get-domain-users.js +2 -2
  161. package/dist-server/utils/get-domain-users.js.map +1 -1
  162. package/dist-server/utils/get-user-domains.d.ts +0 -1
  163. package/dist-server/utils/get-user-domains.js +28 -22
  164. package/dist-server/utils/get-user-domains.js.map +1 -1
  165. package/package.json +6 -6
  166. package/dist-server/utils/get-domain-from-hostname.d.ts +0 -1
  167. package/dist-server/utils/get-domain-from-hostname.js +0 -9
  168. package/dist-server/utils/get-domain-from-hostname.js.map +0 -1
package/dist-server/service/privilege/privilege-directive.js CHANGED
@@ -18,8 +18,7 @@ exports.privilegeDirectiveTypeDefs = (0, graphql_tag_1.default) `
18
18
  `;
19
19
  const privilegeDirectiveResolver = (schema) => (0, utils_1.mapSchema)(schema, {
20
20
  [utils_1.MapperKind.OBJECT_FIELD]: (fieldConfig, fieldName, typeName, schema) => {
21
- var _a;
22
- const privilegeDirective = (_a = (0, utils_1.getDirective)(schema, fieldConfig, DIRECTIVE)) === null || _a === void 0 ? void 0 : _a[0];
21
+ const privilegeDirective = (0, utils_1.getDirective)(schema, fieldConfig, DIRECTIVE)?.[0];
23
22
  if (privilegeDirective) {
24
23
  const { resolve = graphql_1.defaultFieldResolver, args } = fieldConfig;
25
24
  if (!args) {
package/dist-server/service/privilege/privilege-directive.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"privilege-directive.js","sourceRoot":"","sources":["../../../server/service/privilege/privilege-directive.ts"],"names":[],"mappings":";;;;AAAA,qCAA6D;AAC7D,sEAA6B;AAE7B,gDAA0E;AAC1E,yEAAiE;AAEjE,OAAO,CAAC,YAAY,CAAC,GAAG,EAAE,CAAA;AAE1B,MAAM,SAAS,GAAG,WAAW,CAAA;AAEhB,QAAA,0BAA0B,GAAG,IAAA,qBAAG,EAAA;;;;;;;CAO5C,CAAA;AACM,MAAM,0BAA0B,GAAG,CAAC,MAAqB,EAAE,EAAE,CAClE,IAAA,iBAAS,EAAC,MAAM,EAAE;IAChB,CAAC,kBAAU,CAAC,YAAY,CAAC,EAAE,CAAC,WAAW,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE;;QACtE,MAAM,kBAAkB,GAAG,MAAA,IAAA,oBAAY,EAAC,MAAM,EAAE,WAAW,EAAE,SAAS,CAAC,0CAAG,CAAC,CAAC,CAAA;QAC5E,IAAI,kBAAkB,EAAE,CAAC;YACvB,MAAM,EAAE,OAAO,GAAG,8BAAoB,EAAE,IAAI,EAAE,GAAG,WAAW,CAAA;YAE5D,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,MAAM,IAAI,KAAK,CAAC,8EAA8E,SAAS,GAAG,CAAC,CAAA;YAC7G,CAAC;YAED,MAAM,EAAE,kBAAkB,EAAE,gBAAgB,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,kBAAkB,CAAA;YACxF,IAAI,QAAQ,IAAI,SAAS,EAAE,CAAC;gBAC1B,OAAO,CAAC,YAAY,CAAC,CAAC,GAAG,QAAQ,IAAI,SAAS,EAAE,CAAC,GAAG,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAA;YAC3E,CAAC;YAED,0BAA0B;YAC1B,MAAM,mBAAmB,GAAG,WAAW,CAAC,WAAW,IAAI,EAAE,CAAA;YAEzD,gCAAgC;YAChC,MAAM,oBAAoB,GACxB,8BAA8B,QAAQ,IAAI,SAAS,EAAE;gBACrD,CAAC,kBAAkB,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,EAAE,CAAC;gBAChD,CAAC,gBAAgB,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,EAAE,CAAC,CAAA;YAEhD,qBAAqB;YACrB,WAAW,CAAC,WAAW,GAAG,GAAG,mBAAmB,IAAI,oBAAoB,EAAE,CAAC,IAAI,EAAE,CAAA;YAEjF,WAAW,CAAC,OAAO,GAAG,KAAK,WAAW,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI;gBAC/D,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,oBAAoB,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;gBAEtE,IACE,MAAM,IAAA,qCAAe,EACnB;oBACE,QAAQ;oBACR,SAAS;oBACT,KAAK,EAAE,kBAAkB;oBACzB,KAAK,EAAE,gBAAgB;iBACxB,EACD,IAAI,EACJ,MAAM,EACN,QAAQ,EACR,oBAAoB,CACrB,EACD,CAAC;oBACD,OAAO,MAAM,OAAO,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,CAAA;gBAC9D,CAAC;qBAAM,CAAC;oBACN,MAAM,IAAI,KAAK,CACb,iBACE,QAAQ,IAAI,SAAS,CAAC,CAAC,CAAC,QAAQ,GAAG,GAAG,GAAG,SAAS,GAAG,YAAY,CAAC,CAAC,CAAC,mBACtE,WAAW,CACZ,CAAA;gBACH,CAAC;YACH,CAAC,CAAA;YAED,OAAO,WAAW,CAAA;QACpB,CAAC;IACH,CAAC;CACF,CAAC,CAAA;AA1DS,QAAA,0BAA0B,8BA0DnC","sourcesContent":["import { defaultFieldResolver, GraphQLSchema } from 'graphql'\nimport gql from 'graphql-tag'\n\nimport { getDirective, MapperKind, mapSchema } from '@graphql-tools/utils'\nimport { checkPermission } from '../../utils/check-permission.js'\n\nprocess['PRIVILEGES'] = {}\n\nconst DIRECTIVE = 'privilege'\n\nexport const privilegeDirectiveTypeDefs = gql`\n directive @privilege(\n category: String\n privilege: String\n domainOwnerGranted: Boolean\n superUserGranted: Boolean\n ) on FIELD_DEFINITION\n`\nexport const privilegeDirectiveResolver = (schema: GraphQLSchema) =>\n mapSchema(schema, {\n [MapperKind.OBJECT_FIELD]: (fieldConfig, fieldName, typeName, schema) => {\n const privilegeDirective = getDirective(schema, fieldConfig, DIRECTIVE)?.[0]\n if (privilegeDirective) {\n const { resolve = defaultFieldResolver, args } = fieldConfig\n\n if (!args) {\n throw new Error(`Unexpected Error. args should be defined in @privilege directive for field ${fieldName}.`)\n }\n\n const { domainOwnerGranted, superUserGranted, category, privilege } = privilegeDirective\n if (category && privilege) {\n process['PRIVILEGES'][`${category} ${privilege}`] = [category, privilege]\n }\n\n // 필드의 기존 description 가져오기\n const existingDescription = fieldConfig.description || ''\n\n // 권한 정보를 포함한 새로운 description 생성\n const privilegeDescription =\n `\\n\\n🔒 Requires privilege: ${category}:${privilege}` +\n (domainOwnerGranted ? ', Domain ownership' : '') +\n (superUserGranted ? ', System ownership' : '')\n\n // 기존 description과 결합\n fieldConfig.description = `${existingDescription} ${privilegeDescription}`.trim()\n\n fieldConfig.resolve = async function (source, args, context, info) {\n const { domain, user, unsafeIP, prohibitedPrivileges } = context.state\n\n if (\n await checkPermission(\n {\n category,\n privilege,\n owner: domainOwnerGranted,\n super: superUserGranted\n },\n user,\n domain,\n unsafeIP,\n prohibitedPrivileges\n )\n ) {\n return await resolve.call(this, source, args, context, info)\n } else {\n throw new Error(\n `Unauthorized! ${\n category && privilege ? category + ':' + privilege + ' privilege' : 'ownership granted'\n } required`\n )\n }\n }\n\n return fieldConfig\n }\n }\n })\n"]}
1
+ {"version":3,"file":"privilege-directive.js","sourceRoot":"","sources":["../../../server/service/privilege/privilege-directive.ts"],"names":[],"mappings":";;;;AAAA,qCAA6D;AAC7D,sEAA6B;AAE7B,gDAA0E;AAC1E,yEAAiE;AAEjE,OAAO,CAAC,YAAY,CAAC,GAAG,EAAE,CAAA;AAE1B,MAAM,SAAS,GAAG,WAAW,CAAA;AAEhB,QAAA,0BAA0B,GAAG,IAAA,qBAAG,EAAA;;;;;;;CAO5C,CAAA;AACM,MAAM,0BAA0B,GAAG,CAAC,MAAqB,EAAE,EAAE,CAClE,IAAA,iBAAS,EAAC,MAAM,EAAE;IAChB,CAAC,kBAAU,CAAC,YAAY,CAAC,EAAE,CAAC,WAAW,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE;QACtE,MAAM,kBAAkB,GAAG,IAAA,oBAAY,EAAC,MAAM,EAAE,WAAW,EAAE,SAAS,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;QAC5E,IAAI,kBAAkB,EAAE,CAAC;YACvB,MAAM,EAAE,OAAO,GAAG,8BAAoB,EAAE,IAAI,EAAE,GAAG,WAAW,CAAA;YAE5D,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,MAAM,IAAI,KAAK,CAAC,8EAA8E,SAAS,GAAG,CAAC,CAAA;YAC7G,CAAC;YAED,MAAM,EAAE,kBAAkB,EAAE,gBAAgB,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,kBAAkB,CAAA;YACxF,IAAI,QAAQ,IAAI,SAAS,EAAE,CAAC;gBAC1B,OAAO,CAAC,YAAY,CAAC,CAAC,GAAG,QAAQ,IAAI,SAAS,EAAE,CAAC,GAAG,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAA;YAC3E,CAAC;YAED,0BAA0B;YAC1B,MAAM,mBAAmB,GAAG,WAAW,CAAC,WAAW,IAAI,EAAE,CAAA;YAEzD,gCAAgC;YAChC,MAAM,oBAAoB,GACxB,8BAA8B,QAAQ,IAAI,SAAS,EAAE;gBACrD,CAAC,kBAAkB,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,EAAE,CAAC;gBAChD,CAAC,gBAAgB,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,EAAE,CAAC,CAAA;YAEhD,qBAAqB;YACrB,WAAW,CAAC,WAAW,GAAG,GAAG,mBAAmB,IAAI,oBAAoB,EAAE,CAAC,IAAI,EAAE,CAAA;YAEjF,WAAW,CAAC,OAAO,GAAG,KAAK,WAAW,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI;gBAC/D,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,oBAAoB,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;gBAEtE,IACE,MAAM,IAAA,qCAAe,EACnB;oBACE,QAAQ;oBACR,SAAS;oBACT,KAAK,EAAE,kBAAkB;oBACzB,KAAK,EAAE,gBAAgB;iBACxB,EACD,IAAI,EACJ,MAAM,EACN,QAAQ,EACR,oBAAoB,CACrB,EACD,CAAC;oBACD,OAAO,MAAM,OAAO,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,CAAA;gBAC9D,CAAC;qBAAM,CAAC;oBACN,MAAM,IAAI,KAAK,CACb,iBACE,QAAQ,IAAI,SAAS,CAAC,CAAC,CAAC,QAAQ,GAAG,GAAG,GAAG,SAAS,GAAG,YAAY,CAAC,CAAC,CAAC,mBACtE,WAAW,CACZ,CAAA;gBACH,CAAC;YACH,CAAC,CAAA;YAED,OAAO,WAAW,CAAA;QACpB,CAAC;IACH,CAAC;CACF,CAAC,CAAA;AA1DS,QAAA,0BAA0B,8BA0DnC","sourcesContent":["import { defaultFieldResolver, GraphQLSchema } from 'graphql'\nimport gql from 'graphql-tag'\n\nimport { getDirective, MapperKind, mapSchema } from '@graphql-tools/utils'\nimport { checkPermission } from '../../utils/check-permission.js'\n\nprocess['PRIVILEGES'] = {}\n\nconst DIRECTIVE = 'privilege'\n\nexport const privilegeDirectiveTypeDefs = gql`\n directive @privilege(\n category: String\n privilege: String\n domainOwnerGranted: Boolean\n superUserGranted: Boolean\n ) on FIELD_DEFINITION\n`\nexport const privilegeDirectiveResolver = (schema: GraphQLSchema) =>\n mapSchema(schema, {\n [MapperKind.OBJECT_FIELD]: (fieldConfig, fieldName, typeName, schema) => {\n const privilegeDirective = getDirective(schema, fieldConfig, DIRECTIVE)?.[0]\n if (privilegeDirective) {\n const { resolve = defaultFieldResolver, args } = fieldConfig\n\n if (!args) {\n throw new Error(`Unexpected Error. args should be defined in @privilege directive for field ${fieldName}.`)\n }\n\n const { domainOwnerGranted, superUserGranted, category, privilege } = privilegeDirective\n if (category && privilege) {\n process['PRIVILEGES'][`${category} ${privilege}`] = [category, privilege]\n }\n\n // 필드의 기존 description 가져오기\n const existingDescription = fieldConfig.description || ''\n\n // 권한 정보를 포함한 새로운 description 생성\n const privilegeDescription =\n `\\n\\n🔒 Requires privilege: ${category}:${privilege}` +\n (domainOwnerGranted ? ', Domain ownership' : '') +\n (superUserGranted ? ', System ownership' : '')\n\n // 기존 description과 결합\n fieldConfig.description = `${existingDescription} ${privilegeDescription}`.trim()\n\n fieldConfig.resolve = async function (source, args, context, info) {\n const { domain, user, unsafeIP, prohibitedPrivileges } = context.state\n\n if (\n await checkPermission(\n {\n category,\n privilege,\n owner: domainOwnerGranted,\n super: superUserGranted\n },\n user,\n domain,\n unsafeIP,\n prohibitedPrivileges\n )\n ) {\n return await resolve.call(this, source, args, context, info)\n } else {\n throw new Error(\n `Unauthorized! ${\n category && privilege ? category + ':' + privilege + ' privilege' : 'ownership granted'\n } required`\n )\n }\n }\n\n return fieldConfig\n }\n }\n })\n"]}
package/dist-server/service/privilege/privilege-mutation.js CHANGED
@@ -25,7 +25,11 @@ let PrivilegeMutation = class PrivilegeMutation {
25
25
  id: (0, typeorm_1.In)(privilege.roles.map((role) => role.id))
26
26
  });
27
27
  }
28
- return await (0, shell_1.getRepository)(privilege_js_1.Privilege).save(Object.assign({ creator: context.state.user, updater: context.state.user }, privilege));
28
+ return await (0, shell_1.getRepository)(privilege_js_1.Privilege).save({
29
+ creator: context.state.user,
30
+ updater: context.state.user,
31
+ ...privilege
32
+ });
29
33
  }
30
34
  async updatePrivilege(name, category, patch, context) {
31
35
  const repository = (0, shell_1.getRepository)(privilege_js_1.Privilege);
@@ -41,7 +45,12 @@ let PrivilegeMutation = class PrivilegeMutation {
41
45
  }
42
46
  });
43
47
  }
44
- return await repository.save(Object.assign(Object.assign(Object.assign({}, privilege), patch), { roles: await (0, shell_1.getRepository)(role_js_1.Role).findByIds(roleIds), updater: context.state.user }));
48
+ return await repository.save({
49
+ ...privilege,
50
+ ...patch,
51
+ roles: await (0, shell_1.getRepository)(role_js_1.Role).findByIds(roleIds),
52
+ updater: context.state.user
53
+ });
45
54
  }
46
55
  async deletePrivilege(name, category, context) {
47
56
  await (0, shell_1.getRepository)(privilege_js_1.Privilege).delete({ name, category });
package/dist-server/service/privilege/privilege-mutation.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"privilege-mutation.js","sourceRoot":"","sources":["../../../server/service/privilege/privilege-mutation.ts"],"names":[],"mappings":";;;;AAAA,+CAAsE;AACtE,qCAA4B;AAE5B,iDAAqD;AAErD,6CAAsC;AACtC,iDAA0C;AAC1C,6DAAmE;AAG5D,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;IAKtB,AAAN,KAAK,CAAC,0BAA0B,CACZ,SAAuB,EAClC,OAAwB;QAE/B,MAAM,UAAU,GAAG,OAAO,CAAC,YAAY,CAAC,CAAA;QACxC,MAAM,mBAAmB,GAAG,IAAA,qBAAa,EAAC,wBAAS,CAAC,CAAA;QAEpD,KAAK,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,MAAM,CAAC,UAA8B,CAAC,EAAE,CAAC;YAC7E,IAAI,CAAC,IAAI,CAAC,MAAM,mBAAmB,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC;gBAC1E,MAAM,mBAAmB,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAA;YACpD,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAA;IACb,CAAC;IAIK,AAAN,KAAK,CAAC,eAAe,CACD,SAAuB,EAClC,OAAwB;QAE/B,IAAI,SAAS,CAAC,KAAK,IAAI,SAAS,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;YAC9C,SAAS,CAAC,KAAK,GAAG,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,MAAM,CAAC;gBACjD,EAAE,EAAE,IAAA,YAAE,EAAC,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAmB,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;aAC9D,CAAC,CAAA;QACJ,CAAC;QAED,OAAO,MAAM,IAAA,qBAAa,EAAC,wBAAS,CAAC,CAAC,IAAI,iBACxC,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC,IAAI,EAC3B,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC,IAAI,IACxB,SAAS,EACZ,CAAA;IACJ,CAAC;IAIK,AAAN,KAAK,CAAC,eAAe,CACN,IAAY,EACR,QAAgB,EACnB,KAAqB,EAC5B,OAAwB;QAE/B,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,wBAAS,CAAC,CAAA;QAC3C,MAAM,SAAS,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;YACzC,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;YACzB,SAAS,EAAE,CAAC,OAAO,EAAE,SAAS,EAAE,SAAS,CAAC;SAC3C,CAAC,CAAA;QAEF,MAAM,OAAO,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACpD,IAAI,KAAK,CAAC,KAAK,IAAI,KAAK,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;YACtC,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE;gBAC7B,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,CAAC;oBAC1B,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;gBAClB,CAAC;YACH,CAAC,CAAC,CAAA;QACJ,CAAC;QAED,OAAO,MAAM,UAAU,CAAC,IAAI,+CACvB,SAAS,GACT,KAAK,KACR,KAAK,EAAE,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,SAAS,CAAC,OAAO,CAAC,EACnD,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC,IAAI,IAC3B,CAAA;IACJ,CAAC;IAIK,AAAN,KAAK,CAAC,eAAe,CACN,IAAY,EACR,QAAgB,EAC1B,OAAwB;QAE/B,MAAM,IAAA,qBAAa,EAAC,wBAAS,CAAC,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAA;QACzD,OAAO,IAAI,CAAA;IACb,CAAC;CACF,CAAA;AAjFY,8CAAiB;AAKtB;IAJL,IAAA,wBAAS,EAAC,mCAAmC,CAAC;IAC9C,IAAA,uBAAQ,EAAC,OAAO,CAAC,EAAE,CAAC,OAAO,EAAE;QAC5B,WAAW,EAAE,uFAAuF;KACrG,CAAC;IAEC,mBAAA,IAAA,kBAAG,EAAC,WAAW,CAAC,CAAA;IAChB,mBAAA,IAAA,kBAAG,GAAE,CAAA;;6CADuB,iCAAY;;mEAa1C;AAIK;IAFL,IAAA,wBAAS,EAAC,mCAAmC,CAAC;IAC9C,IAAA,uBAAQ,EAAC,OAAO,CAAC,EAAE,CAAC,wBAAS,EAAE,EAAE,WAAW,EAAE,yBAAyB,EAAE,CAAC;IAExE,mBAAA,IAAA,kBAAG,EAAC,WAAW,CAAC,CAAA;IAChB,mBAAA,IAAA,kBAAG,GAAE,CAAA;;6CADuB,iCAAY;;wDAc1C;AAIK;IAFL,IAAA,wBAAS,EAAC,mCAAmC,CAAC;IAC9C,IAAA,uBAAQ,EAAC,OAAO,CAAC,EAAE,CAAC,wBAAS,EAAE,EAAE,WAAW,EAAE,iCAAiC,EAAE,CAAC;IAEhF,mBAAA,IAAA,kBAAG,EAAC,MAAM,CAAC,CAAA;IACX,mBAAA,IAAA,kBAAG,EAAC,UAAU,CAAC,CAAA;IACf,mBAAA,IAAA,kBAAG,EAAC,OAAO,CAAC,CAAA;IACZ,mBAAA,IAAA,kBAAG,GAAE,CAAA;;6DADe,mCAAc;;wDAwBpC;AAIK;IAFL,IAAA,wBAAS,EAAC,mCAAmC,CAAC;IAC9C,IAAA,uBAAQ,EAAC,OAAO,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,qBAAqB,EAAE,CAAC;IAElE,mBAAA,IAAA,kBAAG,EAAC,MAAM,CAAC,CAAA;IACX,mBAAA,IAAA,kBAAG,EAAC,UAAU,CAAC,CAAA;IACf,mBAAA,IAAA,kBAAG,GAAE,CAAA;;;;wDAIP;4BAhFU,iBAAiB;IAD7B,IAAA,uBAAQ,EAAC,wBAAS,CAAC;GACP,iBAAiB,CAiF7B","sourcesContent":["import { Arg, Ctx, Mutation, Resolver, Directive } from 'type-graphql'\nimport { In } from 'typeorm'\n\nimport { getRepository } from '@things-factory/shell'\n\nimport { Role } from '../role/role.js'\nimport { Privilege } from './privilege.js'\nimport { NewPrivilege, PrivilegePatch } from './privilege-types.js'\n\n@Resolver(Privilege)\nexport class PrivilegeMutation {\n @Directive('@privilege(superUserGranted:true)')\n @Mutation(returns => Boolean, {\n description: 'To synchronize privilege master from graphql directives. Only superuser is permitted.'\n })\n async synchronizePrivilegeMaster(\n @Arg('privilege') privilege: NewPrivilege,\n @Ctx() context: ResolverContext\n ): Promise<Boolean> {\n const privileges = process['PRIVILEGES']\n const privilegeRepository = getRepository(Privilege)\n\n for (const [category, name] of Object.values(privileges as [string, string])) {\n if (0 == (await privilegeRepository.count({ where: { category, name } }))) {\n await privilegeRepository.save({ category, name })\n }\n }\n\n return true\n }\n\n @Directive('@privilege(superUserGranted:true)')\n @Mutation(returns => Privilege, { description: 'To create new privilege' })\n async createPrivilege(\n @Arg('privilege') privilege: NewPrivilege,\n @Ctx() context: ResolverContext\n ): Promise<Privilege> {\n if (privilege.roles && privilege.roles.length) {\n privilege.roles = await getRepository(Role).findBy({\n id: In(privilege.roles.map((role: Partial<Role>) => role.id))\n })\n }\n\n return await getRepository(Privilege).save({\n creator: context.state.user,\n updater: context.state.user,\n ...privilege\n })\n }\n\n @Directive('@privilege(superUserGranted:true)')\n @Mutation(returns => Privilege, { description: 'To modify privilege information' })\n async updatePrivilege(\n @Arg('name') name: string,\n @Arg('category') category: string,\n @Arg('patch') patch: PrivilegePatch,\n @Ctx() context: ResolverContext\n ): Promise<Privilege> {\n const repository = getRepository(Privilege)\n const privilege = await repository.findOne({\n where: { name, category },\n relations: ['roles', 'creator', 'updater']\n })\n\n const roleIds = privilege.roles.map(role => role.id)\n if (patch.roles && patch.roles.length) {\n patch.roles.forEach(({ id }) => {\n if (!roleIds.includes(id)) {\n roleIds.push(id)\n }\n })\n }\n\n return await repository.save({\n ...privilege,\n ...patch,\n roles: await getRepository(Role).findByIds(roleIds),\n updater: context.state.user\n })\n }\n\n @Directive('@privilege(superUserGranted:true)')\n @Mutation(returns => Boolean, { description: 'To delete privilege' })\n async deletePrivilege(\n @Arg('name') name: string,\n @Arg('category') category: string,\n @Ctx() context: ResolverContext\n ): Promise<boolean> {\n await getRepository(Privilege).delete({ name, category })\n return true\n }\n}\n"]}
1
+ {"version":3,"file":"privilege-mutation.js","sourceRoot":"","sources":["../../../server/service/privilege/privilege-mutation.ts"],"names":[],"mappings":";;;;AAAA,+CAAsE;AACtE,qCAA4B;AAE5B,iDAAqD;AAErD,6CAAsC;AACtC,iDAA0C;AAC1C,6DAAmE;AAG5D,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;IAKtB,AAAN,KAAK,CAAC,0BAA0B,CACZ,SAAuB,EAClC,OAAwB;QAE/B,MAAM,UAAU,GAAG,OAAO,CAAC,YAAY,CAAC,CAAA;QACxC,MAAM,mBAAmB,GAAG,IAAA,qBAAa,EAAC,wBAAS,CAAC,CAAA;QAEpD,KAAK,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,MAAM,CAAC,UAA8B,CAAC,EAAE,CAAC;YAC7E,IAAI,CAAC,IAAI,CAAC,MAAM,mBAAmB,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC;gBAC1E,MAAM,mBAAmB,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAA;YACpD,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAA;IACb,CAAC;IAIK,AAAN,KAAK,CAAC,eAAe,CACD,SAAuB,EAClC,OAAwB;QAE/B,IAAI,SAAS,CAAC,KAAK,IAAI,SAAS,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;YAC9C,SAAS,CAAC,KAAK,GAAG,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,MAAM,CAAC;gBACjD,EAAE,EAAE,IAAA,YAAE,EAAC,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAmB,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;aAC9D,CAAC,CAAA;QACJ,CAAC;QAED,OAAO,MAAM,IAAA,qBAAa,EAAC,wBAAS,CAAC,CAAC,IAAI,CAAC;YACzC,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC,IAAI;YAC3B,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC,IAAI;YAC3B,GAAG,SAAS;SACb,CAAC,CAAA;IACJ,CAAC;IAIK,AAAN,KAAK,CAAC,eAAe,CACN,IAAY,EACR,QAAgB,EACnB,KAAqB,EAC5B,OAAwB;QAE/B,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,wBAAS,CAAC,CAAA;QAC3C,MAAM,SAAS,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;YACzC,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;YACzB,SAAS,EAAE,CAAC,OAAO,EAAE,SAAS,EAAE,SAAS,CAAC;SAC3C,CAAC,CAAA;QAEF,MAAM,OAAO,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACpD,IAAI,KAAK,CAAC,KAAK,IAAI,KAAK,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;YACtC,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE;gBAC7B,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,CAAC;oBAC1B,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;gBAClB,CAAC;YACH,CAAC,CAAC,CAAA;QACJ,CAAC;QAED,OAAO,MAAM,UAAU,CAAC,IAAI,CAAC;YAC3B,GAAG,SAAS;YACZ,GAAG,KAAK;YACR,KAAK,EAAE,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,SAAS,CAAC,OAAO,CAAC;YACnD,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC,IAAI;SAC5B,CAAC,CAAA;IACJ,CAAC;IAIK,AAAN,KAAK,CAAC,eAAe,CACN,IAAY,EACR,QAAgB,EAC1B,OAAwB;QAE/B,MAAM,IAAA,qBAAa,EAAC,wBAAS,CAAC,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAA;QACzD,OAAO,IAAI,CAAA;IACb,CAAC;CACF,CAAA;AAjFY,8CAAiB;AAKtB;IAJL,IAAA,wBAAS,EAAC,mCAAmC,CAAC;IAC9C,IAAA,uBAAQ,EAAC,OAAO,CAAC,EAAE,CAAC,OAAO,EAAE;QAC5B,WAAW,EAAE,uFAAuF;KACrG,CAAC;IAEC,mBAAA,IAAA,kBAAG,EAAC,WAAW,CAAC,CAAA;IAChB,mBAAA,IAAA,kBAAG,GAAE,CAAA;;6CADuB,iCAAY;;mEAa1C;AAIK;IAFL,IAAA,wBAAS,EAAC,mCAAmC,CAAC;IAC9C,IAAA,uBAAQ,EAAC,OAAO,CAAC,EAAE,CAAC,wBAAS,EAAE,EAAE,WAAW,EAAE,yBAAyB,EAAE,CAAC;IAExE,mBAAA,IAAA,kBAAG,EAAC,WAAW,CAAC,CAAA;IAChB,mBAAA,IAAA,kBAAG,GAAE,CAAA;;6CADuB,iCAAY;;wDAc1C;AAIK;IAFL,IAAA,wBAAS,EAAC,mCAAmC,CAAC;IAC9C,IAAA,uBAAQ,EAAC,OAAO,CAAC,EAAE,CAAC,wBAAS,EAAE,EAAE,WAAW,EAAE,iCAAiC,EAAE,CAAC;IAEhF,mBAAA,IAAA,kBAAG,EAAC,MAAM,CAAC,CAAA;IACX,mBAAA,IAAA,kBAAG,EAAC,UAAU,CAAC,CAAA;IACf,mBAAA,IAAA,kBAAG,EAAC,OAAO,CAAC,CAAA;IACZ,mBAAA,IAAA,kBAAG,GAAE,CAAA;;6DADe,mCAAc;;wDAwBpC;AAIK;IAFL,IAAA,wBAAS,EAAC,mCAAmC,CAAC;IAC9C,IAAA,uBAAQ,EAAC,OAAO,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,qBAAqB,EAAE,CAAC;IAElE,mBAAA,IAAA,kBAAG,EAAC,MAAM,CAAC,CAAA;IACX,mBAAA,IAAA,kBAAG,EAAC,UAAU,CAAC,CAAA;IACf,mBAAA,IAAA,kBAAG,GAAE,CAAA;;;;wDAIP;4BAhFU,iBAAiB;IAD7B,IAAA,uBAAQ,EAAC,wBAAS,CAAC;GACP,iBAAiB,CAiF7B","sourcesContent":["import { Arg, Ctx, Mutation, Resolver, Directive } from 'type-graphql'\nimport { In } from 'typeorm'\n\nimport { getRepository } from '@things-factory/shell'\n\nimport { Role } from '../role/role.js'\nimport { Privilege } from './privilege.js'\nimport { NewPrivilege, PrivilegePatch } from './privilege-types.js'\n\n@Resolver(Privilege)\nexport class PrivilegeMutation {\n @Directive('@privilege(superUserGranted:true)')\n @Mutation(returns => Boolean, {\n description: 'To synchronize privilege master from graphql directives. Only superuser is permitted.'\n })\n async synchronizePrivilegeMaster(\n @Arg('privilege') privilege: NewPrivilege,\n @Ctx() context: ResolverContext\n ): Promise<Boolean> {\n const privileges = process['PRIVILEGES']\n const privilegeRepository = getRepository(Privilege)\n\n for (const [category, name] of Object.values(privileges as [string, string])) {\n if (0 == (await privilegeRepository.count({ where: { category, name } }))) {\n await privilegeRepository.save({ category, name })\n }\n }\n\n return true\n }\n\n @Directive('@privilege(superUserGranted:true)')\n @Mutation(returns => Privilege, { description: 'To create new privilege' })\n async createPrivilege(\n @Arg('privilege') privilege: NewPrivilege,\n @Ctx() context: ResolverContext\n ): Promise<Privilege> {\n if (privilege.roles && privilege.roles.length) {\n privilege.roles = await getRepository(Role).findBy({\n id: In(privilege.roles.map((role: Partial<Role>) => role.id))\n })\n }\n\n return await getRepository(Privilege).save({\n creator: context.state.user,\n updater: context.state.user,\n ...privilege\n })\n }\n\n @Directive('@privilege(superUserGranted:true)')\n @Mutation(returns => Privilege, { description: 'To modify privilege information' })\n async updatePrivilege(\n @Arg('name') name: string,\n @Arg('category') category: string,\n @Arg('patch') patch: PrivilegePatch,\n @Ctx() context: ResolverContext\n ): Promise<Privilege> {\n const repository = getRepository(Privilege)\n const privilege = await repository.findOne({\n where: { name, category },\n relations: ['roles', 'creator', 'updater']\n })\n\n const roleIds = privilege.roles.map(role => role.id)\n if (patch.roles && patch.roles.length) {\n patch.roles.forEach(({ id }) => {\n if (!roleIds.includes(id)) {\n roleIds.push(id)\n }\n })\n }\n\n return await repository.save({\n ...privilege,\n ...patch,\n roles: await getRepository(Role).findByIds(roleIds),\n updater: context.state.user\n })\n }\n\n @Directive('@privilege(superUserGranted:true)')\n @Mutation(returns => Boolean, { description: 'To delete privilege' })\n async deletePrivilege(\n @Arg('name') name: string,\n @Arg('category') category: string,\n @Ctx() context: ResolverContext\n ): Promise<boolean> {\n await getRepository(Privilege).delete({ name, category })\n return true\n }\n}\n"]}
package/dist-server/service/privilege/privilege.js CHANGED
@@ -10,69 +10,69 @@ let PrivilegeObject = class PrivilegeObject {
10
10
  };
11
11
  exports.PrivilegeObject = PrivilegeObject;
12
12
  tslib_1.__decorate([
13
- (0, type_graphql_1.Field)({ nullable: true }),
13
+ (0, type_graphql_1.Field)({ nullable: true, description: 'The name of the privilege.' }),
14
14
  tslib_1.__metadata("design:type", String)
15
15
  ], PrivilegeObject.prototype, "privilege", void 0);
16
16
  tslib_1.__decorate([
17
- (0, type_graphql_1.Field)({ nullable: true }),
17
+ (0, type_graphql_1.Field)({ nullable: true, description: 'The category of the privilege.' }),
18
18
  tslib_1.__metadata("design:type", String)
19
19
  ], PrivilegeObject.prototype, "category", void 0);
20
20
  tslib_1.__decorate([
21
- (0, type_graphql_1.Field)({ nullable: true }),
21
+ (0, type_graphql_1.Field)({ nullable: true, description: 'Indicates if the privilege is for an owner.' }),
22
22
  tslib_1.__metadata("design:type", Boolean)
23
23
  ], PrivilegeObject.prototype, "owner", void 0);
24
24
  tslib_1.__decorate([
25
- (0, type_graphql_1.Field)({ nullable: true }),
25
+ (0, type_graphql_1.Field)({ nullable: true, description: 'Indicates if the privilege is for a superuser.' }),
26
26
  tslib_1.__metadata("design:type", Boolean)
27
27
  ], PrivilegeObject.prototype, "super", void 0);
28
28
  exports.PrivilegeObject = PrivilegeObject = tslib_1.__decorate([
29
- (0, type_graphql_1.ObjectType)()
29
+ (0, type_graphql_1.ObjectType)({ description: 'Represents a privilege object with its properties.' })
30
30
  ], PrivilegeObject);
31
31
  let PrivilegeInput = class PrivilegeInput {
32
32
  };
33
33
  exports.PrivilegeInput = PrivilegeInput;
34
34
  tslib_1.__decorate([
35
- (0, type_graphql_1.Field)({ nullable: true }),
35
+ (0, type_graphql_1.Field)({ nullable: true, description: 'The name of the privilege.' }),
36
36
  tslib_1.__metadata("design:type", String)
37
37
  ], PrivilegeInput.prototype, "privilege", void 0);
38
38
  tslib_1.__decorate([
39
- (0, type_graphql_1.Field)({ nullable: true }),
39
+ (0, type_graphql_1.Field)({ nullable: true, description: 'The category of the privilege.' }),
40
40
  tslib_1.__metadata("design:type", String)
41
41
  ], PrivilegeInput.prototype, "category", void 0);
42
42
  tslib_1.__decorate([
43
- (0, type_graphql_1.Field)({ nullable: true }),
43
+ (0, type_graphql_1.Field)({ nullable: true, description: 'Indicates if the privilege is for an owner.' }),
44
44
  tslib_1.__metadata("design:type", Boolean)
45
45
  ], PrivilegeInput.prototype, "owner", void 0);
46
46
  tslib_1.__decorate([
47
- (0, type_graphql_1.Field)({ nullable: true }),
47
+ (0, type_graphql_1.Field)({ nullable: true, description: 'Indicates if the privilege is for a superuser.' }),
48
48
  tslib_1.__metadata("design:type", Boolean)
49
49
  ], PrivilegeInput.prototype, "super", void 0);
50
50
  exports.PrivilegeInput = PrivilegeInput = tslib_1.__decorate([
51
- (0, type_graphql_1.InputType)()
51
+ (0, type_graphql_1.InputType)({ description: 'Input for privilege data.' })
52
52
  ], PrivilegeInput);
53
53
  let Privilege = class Privilege {
54
54
  };
55
55
  exports.Privilege = Privilege;
56
56
  tslib_1.__decorate([
57
57
  (0, typeorm_1.PrimaryGeneratedColumn)('uuid'),
58
- (0, type_graphql_1.Field)(type => type_graphql_1.ID),
58
+ (0, type_graphql_1.Field)(type => type_graphql_1.ID, { description: 'Unique identifier for the privilege.' }),
59
59
  tslib_1.__metadata("design:type", String)
60
60
  ], Privilege.prototype, "id", void 0);
61
61
  tslib_1.__decorate([
62
62
  (0, typeorm_1.Column)(),
63
- (0, type_graphql_1.Field)(),
63
+ (0, type_graphql_1.Field)({ description: 'The name of the privilege.' }),
64
64
  tslib_1.__metadata("design:type", String)
65
65
  ], Privilege.prototype, "name", void 0);
66
66
  tslib_1.__decorate([
67
67
  (0, typeorm_1.Column)(),
68
- (0, type_graphql_1.Field)({ nullable: true }),
68
+ (0, type_graphql_1.Field)({ nullable: true, description: 'The category of the privilege (e.g., security, resource).' }),
69
69
  tslib_1.__metadata("design:type", String)
70
70
  ], Privilege.prototype, "category", void 0);
71
71
  tslib_1.__decorate([
72
72
  (0, typeorm_1.Column)({
73
73
  nullable: true
74
74
  }),
75
- (0, type_graphql_1.Field)({ nullable: true }),
75
+ (0, type_graphql_1.Field)({ nullable: true, description: 'A detailed description of what the privilege allows.' }),
76
76
  tslib_1.__metadata("design:type", String)
77
77
  ], Privilege.prototype, "description", void 0);
78
78
  tslib_1.__decorate([
@@ -83,12 +83,12 @@ tslib_1.__decorate([
83
83
  joinColumns: [{ name: 'privileges_id', referencedColumnName: 'id' }],
84
84
  inverseJoinColumns: [{ name: 'roles_id', referencedColumnName: 'id' }]
85
85
  }),
86
- (0, type_graphql_1.Field)(type => [role_js_1.Role], { nullable: true }),
86
+ (0, type_graphql_1.Field)(type => [role_js_1.Role], { nullable: true, description: 'Roles that include this privilege.' }),
87
87
  tslib_1.__metadata("design:type", Array)
88
88
  ], Privilege.prototype, "roles", void 0);
89
89
  tslib_1.__decorate([
90
90
  (0, typeorm_1.ManyToOne)(type => user_js_1.User, { nullable: true }),
91
- (0, type_graphql_1.Field)(type => user_js_1.User, { nullable: true }),
91
+ (0, type_graphql_1.Field)(type => user_js_1.User, { nullable: true, description: 'The user who created the privilege.' }),
92
92
  tslib_1.__metadata("design:type", user_js_1.User)
93
93
  ], Privilege.prototype, "creator", void 0);
94
94
  tslib_1.__decorate([
@@ -97,7 +97,7 @@ tslib_1.__decorate([
97
97
  ], Privilege.prototype, "creatorId", void 0);
98
98
  tslib_1.__decorate([
99
99
  (0, typeorm_1.ManyToOne)(type => user_js_1.User, { nullable: true }),
100
- (0, type_graphql_1.Field)(type => user_js_1.User, { nullable: true }),
100
+ (0, type_graphql_1.Field)(type => user_js_1.User, { nullable: true, description: 'The user who last updated the privilege.' }),
101
101
  tslib_1.__metadata("design:type", user_js_1.User)
102
102
  ], Privilege.prototype, "updater", void 0);
103
103
  tslib_1.__decorate([
@@ -106,12 +106,12 @@ tslib_1.__decorate([
106
106
  ], Privilege.prototype, "updaterId", void 0);
107
107
  tslib_1.__decorate([
108
108
  (0, typeorm_1.CreateDateColumn)(),
109
- (0, type_graphql_1.Field)({ nullable: true }),
109
+ (0, type_graphql_1.Field)({ nullable: true, description: 'The timestamp when the privilege was created.' }),
110
110
  tslib_1.__metadata("design:type", Date)
111
111
  ], Privilege.prototype, "createdAt", void 0);
112
112
  tslib_1.__decorate([
113
113
  (0, typeorm_1.UpdateDateColumn)(),
114
- (0, type_graphql_1.Field)({ nullable: true }),
114
+ (0, type_graphql_1.Field)({ nullable: true, description: 'The timestamp when the privilege was last updated.' }),
115
115
  tslib_1.__metadata("design:type", Date)
116
116
  ], Privilege.prototype, "updatedAt", void 0);
117
117
  exports.Privilege = Privilege = tslib_1.__decorate([
@@ -119,6 +119,6 @@ exports.Privilege = Privilege = tslib_1.__decorate([
119
119
  (0, typeorm_1.Index)('ix_privilege_0', (privilege) => [privilege.name, privilege.category], {
120
120
  unique: false
121
121
  }),
122
- (0, type_graphql_1.ObjectType)()
122
+ (0, type_graphql_1.ObjectType)({ description: 'A privilege that can be granted to roles to control access to resources.' })
123
123
  ], Privilege);
124
124
  //# sourceMappingURL=privilege.js.map
package/dist-server/service/privilege/privilege.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"privilege.js","sourceRoot":"","sources":["../../../server/service/privilege/privilege.ts"],"names":[],"mappings":";;;;AAAA,qCAWgB;AAChB,+CAA+D;AAC/D,6CAAsC;AACtC,6CAAsC;AAG/B,IAAM,eAAe,GAArB,MAAM,eAAe;CAY3B,CAAA;AAZY,0CAAe;AAE1B;IADC,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;kDACR;AAGlB;IADC,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;iDACT;AAGjB;IADC,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;8CACX;AAGf;IADC,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;8CACX;0BAXJ,eAAe;IAD3B,IAAA,yBAAU,GAAE;GACA,eAAe,CAY3B;AAGM,IAAM,cAAc,GAApB,MAAM,cAAc;CAY1B,CAAA;AAZY,wCAAc;AAEzB;IADC,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;iDACR;AAGlB;IADC,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;gDACT;AAGjB;IADC,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;6CACX;AAGf;IADC,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;6CACX;yBAXJ,cAAc;IAD1B,IAAA,wBAAS,GAAE;GACC,cAAc,CAY1B;AAOM,IAAM,SAAS,GAAf,MAAM,SAAS;CAkDrB,CAAA;AAlDY,8BAAS;AAGpB;IAFC,IAAA,gCAAsB,EAAC,MAAM,CAAC;IAC9B,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,iBAAE,CAAC;;qCACR;AAIV;IAFC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,GAAE;;uCACI;AAIZ;IAFC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;2CACV;AAMhB;IAJC,IAAA,gBAAM,EAAC;QACN,QAAQ,EAAE,IAAI;KACf,CAAC;IACD,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;8CACP;AAUnB;IARC,IAAA,oBAAU,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC;IACjD,IAAA,mBAAS,EAAC;QACT,uFAAuF;QACvF,IAAI,EAAE,kBAAkB;QACxB,WAAW,EAAE,CAAC,EAAE,IAAI,EAAE,eAAe,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC;QACpE,kBAAkB,EAAE,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC;KACvE,CAAC;IACD,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC,cAAI,CAAC,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;wCAC7B;AAIb;IAFC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCAC/B,cAAI;0CAAA;AAGb;IADC,IAAA,oBAAU,EAAC,CAAC,SAAoB,EAAE,EAAE,CAAC,SAAS,CAAC,OAAO,CAAC;;4CACvC;AAIjB;IAFC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCAC/B,cAAI;0CAAA;AAGb;IADC,IAAA,oBAAU,EAAC,CAAC,SAAoB,EAAE,EAAE,CAAC,SAAS,CAAC,OAAO,CAAC;;4CACvC;AAIjB;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACf,IAAI;4CAAA;AAIf;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACf,IAAI;4CAAA;oBAjDJ,SAAS;IALrB,IAAA,gBAAM,GAAE;IACR,IAAA,eAAK,EAAC,gBAAgB,EAAE,CAAC,SAAoB,EAAE,EAAE,CAAC,CAAC,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,QAAQ,CAAC,EAAE;QACvF,MAAM,EAAE,KAAK;KACd,CAAC;IACD,IAAA,yBAAU,GAAE;GACA,SAAS,CAkDrB","sourcesContent":["import {\n Column,\n CreateDateColumn,\n Entity,\n Index,\n ManyToMany,\n ManyToOne,\n JoinTable,\n RelationId,\n PrimaryGeneratedColumn,\n UpdateDateColumn\n} from 'typeorm'\nimport { ObjectType, InputType, Field, ID } from 'type-graphql'\nimport { Role } from '../role/role.js'\nimport { User } from '../user/user.js'\n\n@ObjectType()\nexport class PrivilegeObject {\n @Field({ nullable: true })\n privilege?: string\n\n @Field({ nullable: true })\n category?: string\n\n @Field({ nullable: true })\n owner?: boolean\n\n @Field({ nullable: true })\n super?: boolean\n}\n\n@InputType()\nexport class PrivilegeInput {\n @Field({ nullable: true })\n privilege?: string\n\n @Field({ nullable: true })\n category?: string\n\n @Field({ nullable: true })\n owner?: boolean\n\n @Field({ nullable: true })\n super?: boolean\n}\n\n@Entity()\n@Index('ix_privilege_0', (privilege: Privilege) => [privilege.name, privilege.category], {\n unique: false\n})\n@ObjectType()\nexport class Privilege {\n @PrimaryGeneratedColumn('uuid')\n @Field(type => ID)\n id: string\n\n @Column()\n @Field()\n name: string\n\n @Column()\n @Field({ nullable: true })\n category: string\n\n @Column({\n nullable: true\n })\n @Field({ nullable: true })\n description: string\n\n @ManyToMany(type => Role, role => role.privileges)\n @JoinTable({\n /* case M2M, JoinTable setting should be defined only one side (never set both side) */\n name: 'roles_privileges',\n joinColumns: [{ name: 'privileges_id', referencedColumnName: 'id' }],\n inverseJoinColumns: [{ name: 'roles_id', referencedColumnName: 'id' }]\n })\n @Field(type => [Role], { nullable: true })\n roles: Role[]\n\n @ManyToOne(type => User, { nullable: true })\n @Field(type => User, { nullable: true })\n creator: User\n\n @RelationId((privilege: Privilege) => privilege.creator)\n creatorId: string\n\n @ManyToOne(type => User, { nullable: true })\n @Field(type => User, { nullable: true })\n updater: User\n\n @RelationId((privilege: Privilege) => privilege.updater)\n updaterId: string\n\n @CreateDateColumn()\n @Field({ nullable: true })\n createdAt: Date\n\n @UpdateDateColumn()\n @Field({ nullable: true })\n updatedAt: Date\n}\n"]}
1
+ {"version":3,"file":"privilege.js","sourceRoot":"","sources":["../../../server/service/privilege/privilege.ts"],"names":[],"mappings":";;;;AAAA,qCAWgB;AAChB,+CAA+D;AAC/D,6CAAsC;AACtC,6CAAsC;AAG/B,IAAM,eAAe,GAArB,MAAM,eAAe;CAY3B,CAAA;AAZY,0CAAe;AAE1B;IADC,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,4BAA4B,EAAE,CAAC;;kDACnD;AAGlB;IADC,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,gCAAgC,EAAE,CAAC;;iDACxD;AAGjB;IADC,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,6CAA6C,EAAE,CAAC;;8CACvE;AAGf;IADC,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,gDAAgD,EAAE,CAAC;;8CAC1E;0BAXJ,eAAe;IAD3B,IAAA,yBAAU,EAAC,EAAE,WAAW,EAAE,oDAAoD,EAAE,CAAC;GACrE,eAAe,CAY3B;AAGM,IAAM,cAAc,GAApB,MAAM,cAAc;CAY1B,CAAA;AAZY,wCAAc;AAEzB;IADC,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,4BAA4B,EAAE,CAAC;;iDACnD;AAGlB;IADC,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,gCAAgC,EAAE,CAAC;;gDACxD;AAGjB;IADC,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,6CAA6C,EAAE,CAAC;;6CACvE;AAGf;IADC,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,gDAAgD,EAAE,CAAC;;6CAC1E;yBAXJ,cAAc;IAD1B,IAAA,wBAAS,EAAC,EAAE,WAAW,EAAE,2BAA2B,EAAE,CAAC;GAC3C,cAAc,CAY1B;AAOM,IAAM,SAAS,GAAf,MAAM,SAAS;CAkDrB,CAAA;AAlDY,8BAAS;AAGpB;IAFC,IAAA,gCAAsB,EAAC,MAAM,CAAC;IAC9B,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,iBAAE,EAAE,EAAE,WAAW,EAAE,sCAAsC,EAAE,CAAC;;qCACjE;AAIV;IAFC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,EAAC,EAAE,WAAW,EAAE,4BAA4B,EAAE,CAAC;;uCACzC;AAIZ;IAFC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,2DAA2D,EAAE,CAAC;;2CACpF;AAMhB;IAJC,IAAA,gBAAM,EAAC;QACN,QAAQ,EAAE,IAAI;KACf,CAAC;IACD,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,sDAAsD,EAAE,CAAC;;8CAC5E;AAUnB;IARC,IAAA,oBAAU,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC;IACjD,IAAA,mBAAS,EAAC;QACT,uFAAuF;QACvF,IAAI,EAAE,kBAAkB;QACxB,WAAW,EAAE,CAAC,EAAE,IAAI,EAAE,eAAe,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC;QACpE,kBAAkB,EAAE,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC;KACvE,CAAC;IACD,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC,cAAI,CAAC,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,oCAAoC,EAAE,CAAC;;wCAChF;AAIb;IAFC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,qCAAqC,EAAE,CAAC;sCACnF,cAAI;0CAAA;AAGb;IADC,IAAA,oBAAU,EAAC,CAAC,SAAoB,EAAE,EAAE,CAAC,SAAS,CAAC,OAAO,CAAC;;4CACvC;AAIjB;IAFC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,0CAA0C,EAAE,CAAC;sCACxF,cAAI;0CAAA;AAGb;IADC,IAAA,oBAAU,EAAC,CAAC,SAAoB,EAAE,EAAE,CAAC,SAAS,CAAC,OAAO,CAAC;;4CACvC;AAIjB;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,+CAA+C,EAAE,CAAC;sCAC7E,IAAI;4CAAA;AAIf;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,oDAAoD,EAAE,CAAC;sCAClF,IAAI;4CAAA;oBAjDJ,SAAS;IALrB,IAAA,gBAAM,GAAE;IACR,IAAA,eAAK,EAAC,gBAAgB,EAAE,CAAC,SAAoB,EAAE,EAAE,CAAC,CAAC,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,QAAQ,CAAC,EAAE;QACvF,MAAM,EAAE,KAAK;KACd,CAAC;IACD,IAAA,yBAAU,EAAC,EAAE,WAAW,EAAE,0EAA0E,EAAE,CAAC;GAC3F,SAAS,CAkDrB","sourcesContent":["import {\n Column,\n CreateDateColumn,\n Entity,\n Index,\n ManyToMany,\n ManyToOne,\n JoinTable,\n RelationId,\n PrimaryGeneratedColumn,\n UpdateDateColumn\n} from 'typeorm'\nimport { ObjectType, InputType, Field, ID } from 'type-graphql'\nimport { Role } from '../role/role.js'\nimport { User } from '../user/user.js'\n\n@ObjectType({ description: 'Represents a privilege object with its properties.' })\nexport class PrivilegeObject {\n @Field({ nullable: true, description: 'The name of the privilege.' })\n privilege?: string\n\n @Field({ nullable: true, description: 'The category of the privilege.' })\n category?: string\n\n @Field({ nullable: true, description: 'Indicates if the privilege is for an owner.' })\n owner?: boolean\n\n @Field({ nullable: true, description: 'Indicates if the privilege is for a superuser.' })\n super?: boolean\n}\n\n@InputType({ description: 'Input for privilege data.' })\nexport class PrivilegeInput {\n @Field({ nullable: true, description: 'The name of the privilege.' })\n privilege?: string\n\n @Field({ nullable: true, description: 'The category of the privilege.' })\n category?: string\n\n @Field({ nullable: true, description: 'Indicates if the privilege is for an owner.' })\n owner?: boolean\n\n @Field({ nullable: true, description: 'Indicates if the privilege is for a superuser.' })\n super?: boolean\n}\n\n@Entity()\n@Index('ix_privilege_0', (privilege: Privilege) => [privilege.name, privilege.category], {\n unique: false\n})\n@ObjectType({ description: 'A privilege that can be granted to roles to control access to resources.' })\nexport class Privilege {\n @PrimaryGeneratedColumn('uuid')\n @Field(type => ID, { description: 'Unique identifier for the privilege.' })\n id: string\n\n @Column()\n @Field({ description: 'The name of the privilege.' })\n name: string\n\n @Column()\n @Field({ nullable: true, description: 'The category of the privilege (e.g., security, resource).' })\n category: string\n\n @Column({\n nullable: true\n })\n @Field({ nullable: true, description: 'A detailed description of what the privilege allows.' })\n description: string\n\n @ManyToMany(type => Role, role => role.privileges)\n @JoinTable({\n /* case M2M, JoinTable setting should be defined only one side (never set both side) */\n name: 'roles_privileges',\n joinColumns: [{ name: 'privileges_id', referencedColumnName: 'id' }],\n inverseJoinColumns: [{ name: 'roles_id', referencedColumnName: 'id' }]\n })\n @Field(type => [Role], { nullable: true, description: 'Roles that include this privilege.' })\n roles: Role[]\n\n @ManyToOne(type => User, { nullable: true })\n @Field(type => User, { nullable: true, description: 'The user who created the privilege.' })\n creator: User\n\n @RelationId((privilege: Privilege) => privilege.creator)\n creatorId: string\n\n @ManyToOne(type => User, { nullable: true })\n @Field(type => User, { nullable: true, description: 'The user who last updated the privilege.' })\n updater: User\n\n @RelationId((privilege: Privilege) => privilege.updater)\n updaterId: string\n\n @CreateDateColumn()\n @Field({ nullable: true, description: 'The timestamp when the privilege was created.' })\n createdAt: Date\n\n @UpdateDateColumn()\n @Field({ nullable: true, description: 'The timestamp when the privilege was last updated.' })\n updatedAt: Date\n}\n"]}
package/dist-server/service/role/role-mutation.js CHANGED
@@ -22,7 +22,12 @@ let RoleMutation = class RoleMutation {
22
22
  if (role.users && role.users.length) {
23
23
  role.users = await (0, shell_1.getRepository)(user_js_1.User).findByIds(role.users.map(user => user.id));
24
24
  }
25
- return await (0, shell_1.getRepository)(role_js_1.Role).save(Object.assign({ domain, updater: user, creator: user }, role));
25
+ return await (0, shell_1.getRepository)(role_js_1.Role).save({
26
+ domain,
27
+ updater: user,
28
+ creator: user,
29
+ ...role
30
+ });
26
31
  }
27
32
  async updateRole(id, patch, context) {
28
33
  const { domain, user } = context.state;
@@ -43,7 +48,12 @@ let RoleMutation = class RoleMutation {
43
48
  if (description) {
44
49
  role.description = description;
45
50
  }
46
- return await roleRepository.save(Object.assign(Object.assign(Object.assign({}, role), patch), { privileges: await (0, shell_1.getRepository)(privilege_js_1.Privilege).findByIds(patch.privileges.map((privilege) => privilege.id)), updater: user }));
51
+ return await roleRepository.save({
52
+ ...role,
53
+ ...patch,
54
+ privileges: await (0, shell_1.getRepository)(privilege_js_1.Privilege).findByIds(patch.privileges.map((privilege) => privilege.id)),
55
+ updater: user
56
+ });
47
57
  }
48
58
  async deleteRole(id, context) {
49
59
  const { tx, domain } = context.state;
package/dist-server/service/role/role-mutation.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"role-mutation.js","sourceRoot":"","sources":["../../../server/service/role/role-mutation.ts"],"names":[],"mappings":";;;;AAAA,+CAAsE;AAEtE,iDAAqD;AAErD,4DAAqD;AACrD,6CAAsC;AACtC,uCAAgC;AAChC,mDAAoD;AAG7C,IAAM,YAAY,GAAlB,MAAM,YAAY;IAGjB,AAAN,KAAK,CAAC,UAAU,CAAc,IAAa,EAAS,OAAwB;QAC1E,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QACtC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAA;QAEjC,MAAM,UAAU,GAAS,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAA;QAEpH,IAAI,UAAU,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAA;QAC5C,CAAC;QAED,IAAI,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC;YAC9C,IAAI,CAAC,UAAU,GAAG,MAAM,IAAA,qBAAa,EAAC,wBAAS,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,CAAA;QAC5G,CAAC;QAED,IAAI,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;YACpC,IAAI,CAAC,KAAK,GAAG,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAA;QACnF,CAAC;QAED,OAAO,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,IAAI,iBACnC,MAAM,EACN,OAAO,EAAE,IAAI,EACb,OAAO,EAAE,IAAI,IACV,IAAI,EACP,CAAA;IACJ,CAAC;IAIK,AAAN,KAAK,CAAC,UAAU,CACH,EAAU,EACP,KAAgB,EACvB,OAAwB;QAE/B,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QACtC,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,UAAU,EAAE,GAAG,KAAK,CAAA;QAC/C,MAAM,cAAc,GAAG,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAA;QAC1C,MAAM,IAAI,GAAS,MAAM,cAAc,CAAC,OAAO,CAAC;YAC9C,KAAK,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE;YACxC,SAAS,EAAE,CAAC,YAAY,EAAE,SAAS,EAAE,SAAS,CAAC;SAChD,CAAC,CAAA;QAEF,IAAI,IAAI,IAAI,IAAI,CAAC,IAAI,KAAK,IAAI,EAAE,CAAC;YAC/B,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,EAAE,CAAA;YAC5B,MAAM,UAAU,GAAS,MAAM,cAAc,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAA;YAC/G,IAAI,UAAU,EAAE,CAAC;gBACf,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAA;YAC5C,CAAC;YAED,IAAI,CAAC,IAAI,GAAG,QAAQ,CAAA;QACtB,CAAC;QAED,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,CAAC,WAAW,GAAG,WAAW,CAAA;QAChC,CAAC;QAED,OAAO,MAAM,cAAc,CAAC,IAAI,CAAC,8CAC5B,IAAI,GACJ,KAAK,KACR,UAAU,EAAE,MAAM,IAAA,qBAAa,EAAC,wBAAS,CAAC,CAAC,SAAS,CAClD,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,SAAoB,EAAE,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC,CAC7D,EACD,OAAO,EAAE,IAAI,GACP,CAAC,CAAA;IACX,CAAC;IAKK,AAAN,KAAK,CAAC,UAAU,CAAY,EAAU,EAAS,OAAwB;QACrE,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QACpC,IAAI,IAAI,GAAS,MAAM,EAAE;aACtB,aAAa,CAAC,cAAI,CAAC;aACnB,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,SAAS,EAAE,CAAC,OAAO,EAAE,YAAY,CAAC,EAAE,CAAC,CAAA;QAE5F,IAAI,CAAC;YACH,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM;gBAAE,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAA;YAE3F,IAAI,CAAC,UAAU,GAAG,EAAE,CAAA;YAEpB,IAAI,GAAG,MAAM,EAAE,CAAC,aAAa,CAAC,cAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;YAE9C,MAAM,EAAE,CAAC,aAAa,CAAC,cAAI,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;YAE5C,OAAO,IAAI,CAAA;QACb,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,OAAO,CAAC,KAAK,CAAC,GAAG,EAAE,mDAAmD,CAAC,CAAA;QACzE,CAAC;IACH,CAAC;IAIK,AAAN,KAAK,CAAC,WAAW,CAA+B,GAAa,EAAS,QAAa;QACjF,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;QACrC,OAAO,IAAI,CAAA;IACb,CAAC;CACF,CAAA;AAlGY,oCAAY;AAGjB;IAFL,IAAA,wBAAS,EAAC,+EAA+E,CAAC;IAC1F,IAAA,uBAAQ,EAAC,OAAO,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,WAAW,EAAE,oBAAoB,EAAE,CAAC;IAC/C,mBAAA,IAAA,kBAAG,EAAC,MAAM,CAAC,CAAA;IAAiB,mBAAA,IAAA,kBAAG,GAAE,CAAA;;6CAAf,uBAAO;;8CAwB1C;AAIK;IAFL,IAAA,wBAAS,EAAC,+EAA+E,CAAC;IAC1F,IAAA,uBAAQ,EAAC,OAAO,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,WAAW,EAAE,4BAA4B,EAAE,CAAC;IAEtE,mBAAA,IAAA,kBAAG,EAAC,IAAI,CAAC,CAAA;IACT,mBAAA,IAAA,kBAAG,EAAC,OAAO,CAAC,CAAA;IACZ,mBAAA,IAAA,kBAAG,GAAE,CAAA;;qDADe,yBAAS;;8CAiC/B;AAKK;IAHL,IAAA,wBAAS,EAAC,qDAAqD,CAAC;IAChE,IAAA,wBAAS,EAAC,cAAc,CAAC;IACzB,IAAA,uBAAQ,EAAC,OAAO,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,gBAAgB,EAAE,CAAC;IAC9C,mBAAA,IAAA,kBAAG,EAAC,IAAI,CAAC,CAAA;IAAc,mBAAA,IAAA,kBAAG,GAAE,CAAA;;;;8CAmB7C;AAIK;IAFL,IAAA,wBAAS,EAAC,+EAA+E,CAAC;IAC1F,IAAA,uBAAQ,EAAC,OAAO,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,0BAA0B,EAAE,CAAC;IACvD,mBAAA,IAAA,kBAAG,EAAC,KAAK,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAA;IAAiB,mBAAA,IAAA,kBAAG,GAAE,CAAA;;;;+CAGpE;uBAjGU,YAAY;IADxB,IAAA,uBAAQ,EAAC,cAAI,CAAC;GACF,YAAY,CAkGxB","sourcesContent":["import { Arg, Ctx, Directive, Mutation, Resolver } from 'type-graphql'\n\nimport { getRepository } from '@things-factory/shell'\n\nimport { Privilege } from '../privilege/privilege.js'\nimport { User } from '../user/user.js'\nimport { Role } from './role.js'\nimport { NewRole, RolePatch } from './role-types.js'\n\n@Resolver(Role)\nexport class RoleMutation {\n @Directive('@privilege(category: \"user\", privilege: \"mutation\", domainOwnerGranted: true)')\n @Mutation(returns => User, { description: 'To create new user' })\n async createRole(@Arg('role') role: NewRole, @Ctx() context: ResolverContext): Promise<Role> {\n const { domain, user } = context.state\n const roleName = role.name.trim()\n\n const existsRole: Role = await getRepository(Role).findOne({ where: { name: roleName, domain: { id: domain.id } } })\n\n if (existsRole) {\n throw new Error('role name is duplicated')\n }\n\n if (role.privileges && role.privileges.length) {\n role.privileges = await getRepository(Privilege).findByIds(role.privileges.map(privilege => privilege.id))\n }\n\n if (role.users && role.users.length) {\n role.users = await getRepository(User).findByIds(role.users.map(user => user.id))\n }\n\n return await getRepository(Role).save({\n domain,\n updater: user,\n creator: user,\n ...role\n })\n }\n\n @Directive('@privilege(category: \"user\", privilege: \"mutation\", domainOwnerGranted: true)')\n @Mutation(returns => Role, { description: 'To modify role information' })\n async updateRole(\n @Arg('id') id: string,\n @Arg('patch') patch: RolePatch,\n @Ctx() context: ResolverContext\n ): Promise<Role> {\n const { domain, user } = context.state\n const { name, description, privileges } = patch\n const roleRepository = getRepository(Role)\n const role: Role = await roleRepository.findOne({\n where: { domain: { id: domain.id }, id },\n relations: ['privileges', 'creator', 'updater']\n })\n\n if (name && role.name !== name) {\n const roleName = name.trim()\n const existsRole: Role = await roleRepository.findOne({ where: { name: roleName, domain: { id: domain.id } } })\n if (existsRole) {\n throw new Error('role name is duplicated')\n }\n\n role.name = roleName\n }\n\n if (description) {\n role.description = description\n }\n\n return await roleRepository.save({\n ...role,\n ...patch,\n privileges: await getRepository(Privilege).findByIds(\n patch.privileges.map((privilege: Privilege) => privilege.id)\n ),\n updater: user\n } as any)\n }\n\n @Directive('@privilege(category: \"user\", privilege: \"mutation\")')\n @Directive('@transaction')\n @Mutation(returns => Boolean, { description: 'To delete role' })\n async deleteRole(@Arg('id') id: string, @Ctx() context: ResolverContext): Promise<Boolean> {\n const { tx, domain } = context.state\n let role: Role = await tx\n .getRepository(Role)\n .findOne({ where: { domain: { id: domain.id }, id }, relations: ['users', 'privileges'] })\n\n try {\n if (role.users.length) throw new Error('cannot delete role because it is currently in use')\n\n role.privileges = []\n\n role = await tx.getRepository(Role).save(role)\n\n await tx.getRepository(Role).delete(role.id)\n\n return true\n } catch (e) {\n context.throw(401, 'cannot delete role because it is currently in use')\n }\n }\n\n @Directive('@privilege(category: \"user\", privilege: \"mutation\", domainOwnerGranted: true)')\n @Mutation(returns => Boolean, { description: 'To delete multiple roles' })\n async deleteRoles(@Arg('ids', type => [String]) ids: string[], @Ctx() _context: any) {\n await getRepository(Role).delete(ids)\n return true\n }\n}\n"]}
1
+ {"version":3,"file":"role-mutation.js","sourceRoot":"","sources":["../../../server/service/role/role-mutation.ts"],"names":[],"mappings":";;;;AAAA,+CAAsE;AAEtE,iDAAqD;AAErD,4DAAqD;AACrD,6CAAsC;AACtC,uCAAgC;AAChC,mDAAoD;AAG7C,IAAM,YAAY,GAAlB,MAAM,YAAY;IAGjB,AAAN,KAAK,CAAC,UAAU,CAAc,IAAa,EAAS,OAAwB;QAC1E,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QACtC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAA;QAEjC,MAAM,UAAU,GAAS,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAA;QAEpH,IAAI,UAAU,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAA;QAC5C,CAAC;QAED,IAAI,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC;YAC9C,IAAI,CAAC,UAAU,GAAG,MAAM,IAAA,qBAAa,EAAC,wBAAS,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,CAAA;QAC5G,CAAC;QAED,IAAI,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;YACpC,IAAI,CAAC,KAAK,GAAG,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAA;QACnF,CAAC;QAED,OAAO,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,IAAI,CAAC;YACpC,MAAM;YACN,OAAO,EAAE,IAAI;YACb,OAAO,EAAE,IAAI;YACb,GAAG,IAAI;SACR,CAAC,CAAA;IACJ,CAAC;IAIK,AAAN,KAAK,CAAC,UAAU,CACH,EAAU,EACP,KAAgB,EACvB,OAAwB;QAE/B,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QACtC,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,UAAU,EAAE,GAAG,KAAK,CAAA;QAC/C,MAAM,cAAc,GAAG,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAA;QAC1C,MAAM,IAAI,GAAS,MAAM,cAAc,CAAC,OAAO,CAAC;YAC9C,KAAK,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE;YACxC,SAAS,EAAE,CAAC,YAAY,EAAE,SAAS,EAAE,SAAS,CAAC;SAChD,CAAC,CAAA;QAEF,IAAI,IAAI,IAAI,IAAI,CAAC,IAAI,KAAK,IAAI,EAAE,CAAC;YAC/B,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,EAAE,CAAA;YAC5B,MAAM,UAAU,GAAS,MAAM,cAAc,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAA;YAC/G,IAAI,UAAU,EAAE,CAAC;gBACf,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAA;YAC5C,CAAC;YAED,IAAI,CAAC,IAAI,GAAG,QAAQ,CAAA;QACtB,CAAC;QAED,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,CAAC,WAAW,GAAG,WAAW,CAAA;QAChC,CAAC;QAED,OAAO,MAAM,cAAc,CAAC,IAAI,CAAC;YAC/B,GAAG,IAAI;YACP,GAAG,KAAK;YACR,UAAU,EAAE,MAAM,IAAA,qBAAa,EAAC,wBAAS,CAAC,CAAC,SAAS,CAClD,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,SAAoB,EAAE,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC,CAC7D;YACD,OAAO,EAAE,IAAI;SACP,CAAC,CAAA;IACX,CAAC;IAKK,AAAN,KAAK,CAAC,UAAU,CAAY,EAAU,EAAS,OAAwB;QACrE,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QACpC,IAAI,IAAI,GAAS,MAAM,EAAE;aACtB,aAAa,CAAC,cAAI,CAAC;aACnB,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,SAAS,EAAE,CAAC,OAAO,EAAE,YAAY,CAAC,EAAE,CAAC,CAAA;QAE5F,IAAI,CAAC;YACH,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM;gBAAE,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAA;YAE3F,IAAI,CAAC,UAAU,GAAG,EAAE,CAAA;YAEpB,IAAI,GAAG,MAAM,EAAE,CAAC,aAAa,CAAC,cAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;YAE9C,MAAM,EAAE,CAAC,aAAa,CAAC,cAAI,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;YAE5C,OAAO,IAAI,CAAA;QACb,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,OAAO,CAAC,KAAK,CAAC,GAAG,EAAE,mDAAmD,CAAC,CAAA;QACzE,CAAC;IACH,CAAC;IAIK,AAAN,KAAK,CAAC,WAAW,CAA+B,GAAa,EAAS,QAAa;QACjF,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;QACrC,OAAO,IAAI,CAAA;IACb,CAAC;CACF,CAAA;AAlGY,oCAAY;AAGjB;IAFL,IAAA,wBAAS,EAAC,+EAA+E,CAAC;IAC1F,IAAA,uBAAQ,EAAC,OAAO,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,WAAW,EAAE,oBAAoB,EAAE,CAAC;IAC/C,mBAAA,IAAA,kBAAG,EAAC,MAAM,CAAC,CAAA;IAAiB,mBAAA,IAAA,kBAAG,GAAE,CAAA;;6CAAf,uBAAO;;8CAwB1C;AAIK;IAFL,IAAA,wBAAS,EAAC,+EAA+E,CAAC;IAC1F,IAAA,uBAAQ,EAAC,OAAO,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,WAAW,EAAE,4BAA4B,EAAE,CAAC;IAEtE,mBAAA,IAAA,kBAAG,EAAC,IAAI,CAAC,CAAA;IACT,mBAAA,IAAA,kBAAG,EAAC,OAAO,CAAC,CAAA;IACZ,mBAAA,IAAA,kBAAG,GAAE,CAAA;;qDADe,yBAAS;;8CAiC/B;AAKK;IAHL,IAAA,wBAAS,EAAC,qDAAqD,CAAC;IAChE,IAAA,wBAAS,EAAC,cAAc,CAAC;IACzB,IAAA,uBAAQ,EAAC,OAAO,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,gBAAgB,EAAE,CAAC;IAC9C,mBAAA,IAAA,kBAAG,EAAC,IAAI,CAAC,CAAA;IAAc,mBAAA,IAAA,kBAAG,GAAE,CAAA;;;;8CAmB7C;AAIK;IAFL,IAAA,wBAAS,EAAC,+EAA+E,CAAC;IAC1F,IAAA,uBAAQ,EAAC,OAAO,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,0BAA0B,EAAE,CAAC;IACvD,mBAAA,IAAA,kBAAG,EAAC,KAAK,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAA;IAAiB,mBAAA,IAAA,kBAAG,GAAE,CAAA;;;;+CAGpE;uBAjGU,YAAY;IADxB,IAAA,uBAAQ,EAAC,cAAI,CAAC;GACF,YAAY,CAkGxB","sourcesContent":["import { Arg, Ctx, Directive, Mutation, Resolver } from 'type-graphql'\n\nimport { getRepository } from '@things-factory/shell'\n\nimport { Privilege } from '../privilege/privilege.js'\nimport { User } from '../user/user.js'\nimport { Role } from './role.js'\nimport { NewRole, RolePatch } from './role-types.js'\n\n@Resolver(Role)\nexport class RoleMutation {\n @Directive('@privilege(category: \"user\", privilege: \"mutation\", domainOwnerGranted: true)')\n @Mutation(returns => User, { description: 'To create new user' })\n async createRole(@Arg('role') role: NewRole, @Ctx() context: ResolverContext): Promise<Role> {\n const { domain, user } = context.state\n const roleName = role.name.trim()\n\n const existsRole: Role = await getRepository(Role).findOne({ where: { name: roleName, domain: { id: domain.id } } })\n\n if (existsRole) {\n throw new Error('role name is duplicated')\n }\n\n if (role.privileges && role.privileges.length) {\n role.privileges = await getRepository(Privilege).findByIds(role.privileges.map(privilege => privilege.id))\n }\n\n if (role.users && role.users.length) {\n role.users = await getRepository(User).findByIds(role.users.map(user => user.id))\n }\n\n return await getRepository(Role).save({\n domain,\n updater: user,\n creator: user,\n ...role\n })\n }\n\n @Directive('@privilege(category: \"user\", privilege: \"mutation\", domainOwnerGranted: true)')\n @Mutation(returns => Role, { description: 'To modify role information' })\n async updateRole(\n @Arg('id') id: string,\n @Arg('patch') patch: RolePatch,\n @Ctx() context: ResolverContext\n ): Promise<Role> {\n const { domain, user } = context.state\n const { name, description, privileges } = patch\n const roleRepository = getRepository(Role)\n const role: Role = await roleRepository.findOne({\n where: { domain: { id: domain.id }, id },\n relations: ['privileges', 'creator', 'updater']\n })\n\n if (name && role.name !== name) {\n const roleName = name.trim()\n const existsRole: Role = await roleRepository.findOne({ where: { name: roleName, domain: { id: domain.id } } })\n if (existsRole) {\n throw new Error('role name is duplicated')\n }\n\n role.name = roleName\n }\n\n if (description) {\n role.description = description\n }\n\n return await roleRepository.save({\n ...role,\n ...patch,\n privileges: await getRepository(Privilege).findByIds(\n patch.privileges.map((privilege: Privilege) => privilege.id)\n ),\n updater: user\n } as any)\n }\n\n @Directive('@privilege(category: \"user\", privilege: \"mutation\")')\n @Directive('@transaction')\n @Mutation(returns => Boolean, { description: 'To delete role' })\n async deleteRole(@Arg('id') id: string, @Ctx() context: ResolverContext): Promise<Boolean> {\n const { tx, domain } = context.state\n let role: Role = await tx\n .getRepository(Role)\n .findOne({ where: { domain: { id: domain.id }, id }, relations: ['users', 'privileges'] })\n\n try {\n if (role.users.length) throw new Error('cannot delete role because it is currently in use')\n\n role.privileges = []\n\n role = await tx.getRepository(Role).save(role)\n\n await tx.getRepository(Role).delete(role.id)\n\n return true\n } catch (e) {\n context.throw(401, 'cannot delete role because it is currently in use')\n }\n }\n\n @Directive('@privilege(category: \"user\", privilege: \"mutation\", domainOwnerGranted: true)')\n @Mutation(returns => Boolean, { description: 'To delete multiple roles' })\n async deleteRoles(@Arg('ids', type => [String]) ids: string[], @Ctx() _context: any) {\n await getRepository(Role).delete(ids)\n return true\n }\n}\n"]}
package/dist-server/service/role/role-query.d.ts CHANGED
@@ -2,16 +2,20 @@ import { Domain, ListParam } from '@things-factory/shell';
2
2
  import { Privilege } from '../privilege/privilege.js';
3
3
  import { User } from '../user/user.js';
4
4
  import { Role } from './role.js';
5
- import { RoleList, RolePrivilege, UserRole } from './role-types.js';
5
+ import { RoleList, RolePrivilege, UserRole, RoleBrief } from './role-types.js';
6
6
  export declare class RoleQuery {
7
7
  role(name: string, context: ResolverContext): Promise<Role>;
8
8
  roles(params: ListParam, context: ResolverContext): Promise<RoleList>;
9
9
  rolePrivileges(roleId: string, context: ResolverContext): Promise<RolePrivilege[]>;
10
10
  userRoles(userId: string, context: ResolverContext): Promise<UserRole[]>;
11
- myRoles(context: ResolverContext): Promise<Role[]>;
11
+ myRoles(context: ResolverContext): Promise<RoleBrief[]>;
12
12
  checkRolePreset(context: ResolverContext): Promise<Role[]>;
13
13
  domain(role: Role): Promise<Domain>;
14
- users(role: Role): Promise<User[]>;
14
+ /**
15
+ * Role의 users 필드를 위한 리졸버
16
+ * 사용자 조회 권한이 있는 경우에만 접근 가능
17
+ */
18
+ users(role: Role, context: ResolverContext): Promise<User[]>;
15
19
  privileges(role: Role): Promise<Privilege[]>;
16
20
  updater(role: Role): Promise<User>;
17
21
  creator(role: Role): Promise<User>;
package/dist-server/service/role/role-query.js CHANGED
@@ -77,14 +77,15 @@ let RoleQuery = class RoleQuery {
77
77
  }
78
78
  async myRoles(context) {
79
79
  const { user, domain } = context.state;
80
- const qb = await (0, shell_1.getRepository)(user_js_1.User).createQueryBuilder('USER');
81
- const { roles } = await qb
82
- .leftJoinAndSelect('USER.roles', 'ROLE')
80
+ const roles = await (0, shell_1.getRepository)(role_js_1.Role)
81
+ .createQueryBuilder('ROLE')
82
+ .leftJoin('ROLE.users', 'USER')
83
83
  .leftJoin('ROLE.domain', 'ROLE_DOMAIN')
84
84
  .where('USER.id = :userId', { userId: user.id })
85
85
  .andWhere('ROLE_DOMAIN.id In(:...domainIds)', { domainIds: [domain.id, domain.parentId].filter(Boolean) })
86
- .getOne();
87
- return roles || [];
86
+ .select(['ROLE.id', 'ROLE.name'])
87
+ .getMany();
88
+ return roles;
88
89
  }
89
90
  async checkRolePreset(context) {
90
91
  const rolePreset = env_1.config.get('rolePreset') || [];
@@ -93,11 +94,16 @@ let RoleQuery = class RoleQuery {
93
94
  async domain(role) {
94
95
  return await (0, shell_1.getRepository)(shell_1.Domain).findOneBy({ id: role.domainId });
95
96
  }
96
- async users(role) {
97
- return (await (0, shell_1.getRepository)(role_js_1.Role).findOne({
97
+ /**
98
+ * Role의 users 필드를 위한 리졸버
99
+ * 사용자 조회 권한이 있는 경우에만 접근 가능
100
+ */
101
+ async users(role, context) {
102
+ const roleData = await (0, shell_1.getRepository)(role_js_1.Role).findOne({
98
103
  where: { id: role.id },
99
104
  relations: ['users']
100
- })).users;
105
+ });
106
+ return roleData?.users || [];
101
107
  }
102
108
  async privileges(role) {
103
109
  return (await (0, shell_1.getRepository)(role_js_1.Role).findOne({
@@ -150,7 +156,7 @@ tslib_1.__decorate([
150
156
  tslib_1.__metadata("design:returntype", Promise)
151
157
  ], RoleQuery.prototype, "userRoles", null);
152
158
  tslib_1.__decorate([
153
- (0, type_graphql_1.Query)(returns => [role_js_1.Role], { description: 'To fetch roles of current user' }),
159
+ (0, type_graphql_1.Query)(returns => [role_types_js_1.RoleBrief], { description: 'To fetch roles of current user (id, name only)' }),
154
160
  tslib_1.__param(0, (0, type_graphql_1.Ctx)()),
155
161
  tslib_1.__metadata("design:type", Function),
156
162
  tslib_1.__metadata("design:paramtypes", [Object]),
@@ -171,10 +177,12 @@ tslib_1.__decorate([
171
177
  tslib_1.__metadata("design:returntype", Promise)
172
178
  ], RoleQuery.prototype, "domain", null);
173
179
  tslib_1.__decorate([
180
+ (0, type_graphql_1.Directive)('@privilege(category: "user", privilege: "query", domainOwnerGranted: true, superUserGranted: true)'),
174
181
  (0, type_graphql_1.FieldResolver)(type => [user_js_1.User]),
175
182
  tslib_1.__param(0, (0, type_graphql_1.Root)()),
183
+ tslib_1.__param(1, (0, type_graphql_1.Ctx)()),
176
184
  tslib_1.__metadata("design:type", Function),
177
- tslib_1.__metadata("design:paramtypes", [role_js_1.Role]),
185
+ tslib_1.__metadata("design:paramtypes", [role_js_1.Role, Object]),
178
186
  tslib_1.__metadata("design:returntype", Promise)
179
187
  ], RoleQuery.prototype, "users", null);
180
188
  tslib_1.__decorate([
package/dist-server/service/role/role-query.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"role-query.js","sourceRoot":"","sources":["../../../server/service/role/role-query.ts"],"names":[],"mappings":";;;;AAAA,qCAA4B;AAC5B,+CAA8F;AAG9F,6CAA4C;AAC5C,iDAAuG;AAEvG,4DAAqD;AACrD,6CAAsC;AACtC,uCAAgC;AAChC,mDAAmE;AAG5D,IAAM,SAAS,GAAf,MAAM,SAAS;IAGd,AAAN,KAAK,CAAC,IAAI,CAAc,IAAY,EAAS,OAAwB;QACnE,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QAChC,OAAO,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,SAAS,CAAC;YACzC,MAAM,EAAE,EAAE,EAAE,EAAE,IAAA,YAAE,EAAC,CAAC,MAAM,CAAC,EAAE,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,EAAE;YAChE,IAAI;SACL,CAAC,CAAA;IACJ,CAAC;IAIK,AAAN,KAAK,CAAC,KAAK,CAA0B,MAAiB,EAAS,OAAwB;QACrF,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QAEhC,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,GAAG,MAAM,IAAA,qCAA6B,EAAC;YACzD,UAAU,EAAE,IAAA,qBAAa,EAAC,cAAI,CAAC;YAC/B,MAAM;YACN,MAAM;YACN,WAAW,EAAE,CAAC,MAAM,EAAE,aAAa,CAAC;SACrC,CAAC,CAAC,eAAe,EAAE,CAAA;QAEpB,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,CAAA;IACzB,CAAC;IAIK,AAAN,KAAK,CAAC,cAAc,CAAgB,MAAc,EAAS,OAAwB;QACjF,MAAM,cAAc,GAAG,MAAM,IAAA,qBAAa,EAAC,wBAAS,CAAC,CAAC,KAAK,CACzD;;;;;;;;;;;;;;+BAcyB,MAAM;;;;;;OAM9B,CACF,CAAA;QAED,OAAO,cAAc,CAAA;IACvB,CAAC;IAIK,AAAN,KAAK,CAAC,SAAS,CAAgB,MAAc,EAAS,OAAwB;QAC5E,MAAM,SAAS,GAAG,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,KAAK,CAC/C;;;;;;;;;;;;;+BAayB,MAAM;;;;;;OAM9B,CACF,CAAA;QAED,OAAO,SAAS,CAAA;IAClB,CAAC;IAGK,AAAN,KAAK,CAAC,OAAO,CAAQ,OAAwB;QAC3C,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QAEtC,MAAM,EAAE,GAA6B,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAA;QACzF,MAAM,EAAE,KAAK,EAAE,GAAS,MAAM,EAAE;aAC7B,iBAAiB,CAAC,YAAY,EAAE,MAAM,CAAC;aACvC,QAAQ,CAAC,aAAa,EAAE,aAAa,CAAC;aACtC,KAAK,CAAC,mBAAmB,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC;aAC/C,QAAQ,CAAC,kCAAkC,EAAE,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;aACzG,MAAM,EAAE,CAAA;QAEX,OAAO,KAAK,IAAI,EAAE,CAAA;IACpB,CAAC;IAGK,AAAN,KAAK,CAAC,eAAe,CAAQ,OAAwB;QACnD,MAAM,UAAU,GAAG,YAAM,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,EAAE,CAAA;QAEjD,OAAO,UAAU,CAAA;IACnB,CAAC;IAGK,AAAN,KAAK,CAAC,MAAM,CAAS,IAAU;QAC7B,OAAO,MAAM,IAAA,qBAAa,EAAC,cAAM,CAAC,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAA;IACrE,CAAC;IAGK,AAAN,KAAK,CAAC,KAAK,CAAS,IAAU;QAC5B,OAAO,CACL,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,OAAO,CAAC;YAChC,KAAK,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE;YACtB,SAAS,EAAE,CAAC,OAAO,CAAC;SACrB,CAAC,CACH,CAAC,KAAK,CAAA;IACT,CAAC;IAGK,AAAN,KAAK,CAAC,UAAU,CAAS,IAAU;QACjC,OAAO,CACL,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,OAAO,CAAC;YAChC,KAAK,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE;YACtB,SAAS,EAAE,CAAC,YAAY,CAAC;SAC1B,CAAC,CACH,CAAC,UAAU,CAAA;IACd,CAAC;IAGK,AAAN,KAAK,CAAC,OAAO,CAAS,IAAU;QAC9B,OAAO,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAA;IACpE,CAAC;IAGK,AAAN,KAAK,CAAC,OAAO,CAAS,IAAU;QAC9B,OAAO,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAA;IACpE,CAAC;CACF,CAAA;AA7IY,8BAAS;AAGd;IAFL,IAAA,wBAAS,EAAC,oGAAoG,CAAC;IAC/G,IAAA,oBAAK,EAAC,OAAO,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,WAAW,EAAE,eAAe,EAAE,CAAC;IAC7C,mBAAA,IAAA,kBAAG,EAAC,MAAM,CAAC,CAAA;IAAgB,mBAAA,IAAA,kBAAG,GAAE,CAAA;;;;qCAM3C;AAIK;IAFL,IAAA,wBAAS,EAAC,oGAAoG,CAAC;IAC/G,IAAA,oBAAK,EAAC,OAAO,CAAC,EAAE,CAAC,wBAAQ,EAAE,EAAE,WAAW,EAAE,yBAAyB,EAAE,CAAC;IAC1D,mBAAA,IAAA,mBAAI,EAAC,IAAI,CAAC,EAAE,CAAC,iBAAS,CAAC,CAAA;IAAqB,mBAAA,IAAA,kBAAG,GAAE,CAAA;;6CAAjB,iBAAS;;sCAWrD;AAIK;IAFL,IAAA,wBAAS,EAAC,oGAAoG,CAAC;IAC/G,IAAA,oBAAK,EAAC,OAAO,CAAC,EAAE,CAAC,CAAC,6BAAa,CAAC,EAAE,EAAE,WAAW,EAAE,+BAA+B,EAAE,CAAC;IAC9D,mBAAA,IAAA,kBAAG,EAAC,QAAQ,CAAC,CAAA;IAAkB,mBAAA,IAAA,kBAAG,GAAE,CAAA;;;;+CA0BzD;AAIK;IAFL,IAAA,wBAAS,EAAC,oGAAoG,CAAC;IAC/G,IAAA,oBAAK,EAAC,OAAO,CAAC,EAAE,CAAC,CAAC,wBAAQ,CAAC,EAAE,EAAE,WAAW,EAAE,0BAA0B,EAAE,CAAC;IACzD,mBAAA,IAAA,kBAAG,EAAC,QAAQ,CAAC,CAAA;IAAkB,mBAAA,IAAA,kBAAG,GAAE,CAAA;;;;0CAyBpD;AAGK;IADL,IAAA,oBAAK,EAAC,OAAO,CAAC,EAAE,CAAC,CAAC,cAAI,CAAC,EAAE,EAAE,WAAW,EAAE,gCAAgC,EAAE,CAAC;IAC7D,mBAAA,IAAA,kBAAG,GAAE,CAAA;;;;wCAYnB;AAGK;IADL,IAAA,oBAAK,EAAC,OAAO,CAAC,EAAE,CAAC,CAAC,cAAI,CAAC,EAAE,EAAE,WAAW,EAAE,0CAA0C,EAAE,CAAC;IAC/D,mBAAA,IAAA,kBAAG,GAAE,CAAA;;;;gDAI3B;AAGK;IADL,IAAA,4BAAa,EAAC,IAAI,CAAC,EAAE,CAAC,cAAM,CAAC;IAChB,mBAAA,IAAA,mBAAI,GAAE,CAAA;;6CAAO,cAAI;;uCAE9B;AAGK;IADL,IAAA,4BAAa,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC,cAAI,CAAC,CAAC;IACjB,mBAAA,IAAA,mBAAI,GAAE,CAAA;;6CAAO,cAAI;;sCAO7B;AAGK;IADL,IAAA,4BAAa,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC,wBAAS,CAAC,CAAC;IACjB,mBAAA,IAAA,mBAAI,GAAE,CAAA;;6CAAO,cAAI;;2CAOlC;AAGK;IADL,IAAA,4BAAa,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,CAAC;IACb,mBAAA,IAAA,mBAAI,GAAE,CAAA;;6CAAO,cAAI;;wCAE/B;AAGK;IADL,IAAA,4BAAa,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,CAAC;IACb,mBAAA,IAAA,mBAAI,GAAE,CAAA;;6CAAO,cAAI;;wCAE/B;oBA5IU,SAAS;IADrB,IAAA,uBAAQ,EAAC,cAAI,CAAC;GACF,SAAS,CA6IrB","sourcesContent":["import { In } from 'typeorm'\nimport { Arg, Args, Ctx, Directive, FieldResolver, Query, Resolver, Root } from 'type-graphql'\nimport { SelectQueryBuilder } from 'typeorm'\n\nimport { config } from '@things-factory/env'\nimport { Domain, getQueryBuilderFromListParams, getRepository, ListParam } from '@things-factory/shell'\n\nimport { Privilege } from '../privilege/privilege.js'\nimport { User } from '../user/user.js'\nimport { Role } from './role.js'\nimport { RoleList, RolePrivilege, UserRole } from './role-types.js'\n\n@Resolver(Role)\nexport class RoleQuery {\n @Directive('@privilege(category: \"user\", privilege: \"query\", domainOwnerGranted: true, superUserGranted: true)')\n @Query(returns => Role, { description: 'To fetch role' })\n async role(@Arg('name') name: string, @Ctx() context: ResolverContext): Promise<Role> {\n const { domain } = context.state\n return await getRepository(Role).findOneBy({\n domain: { id: In([domain.id, domain.parentId].filter(Boolean)) },\n name\n })\n }\n\n @Directive('@privilege(category: \"user\", privilege: \"query\", domainOwnerGranted: true, superUserGranted: true)')\n @Query(returns => RoleList, { description: 'To fetch multiple users' })\n async roles(@Args(type => ListParam) params: ListParam, @Ctx() context: ResolverContext): Promise<RoleList> {\n const { domain } = context.state\n\n const [items, total] = await getQueryBuilderFromListParams({\n repository: getRepository(Role),\n params,\n domain,\n searchables: ['name', 'description']\n }).getManyAndCount()\n\n return { items, total }\n }\n\n @Directive('@privilege(category: \"user\", privilege: \"query\", domainOwnerGranted: true, superUserGranted: true)')\n @Query(returns => [RolePrivilege], { description: 'To fetch privileges of a role' })\n async rolePrivileges(@Arg('roleId') roleId: string, @Ctx() context: ResolverContext): Promise<RolePrivilege[]> {\n const rolePrivileges = await getRepository(Privilege).query(\n `\n SELECT\n id,\n name,\n category,\n description,\n CASE WHEN id IN (\n SELECT\n P.id\n FROM\n privileges P JOIN roles_privileges RP\n ON\n P.id = RP.privileges_id\n WHERE\n RP.roles_id = '${roleId}'\n ) THEN true\n ELSE false\n END AS assigned\n FROM\n privileges\n `\n )\n\n return rolePrivileges\n }\n\n @Directive('@privilege(category: \"user\", privilege: \"query\", domainOwnerGranted: true, superUserGranted: true)')\n @Query(returns => [UserRole], { description: 'To fetch roles of a user' })\n async userRoles(@Arg('userId') userId: string, @Ctx() context: ResolverContext): Promise<UserRole[]> {\n const userRoles = await getRepository(Role).query(\n `\n SELECT\n id,\n name,\n description,\n CASE WHEN id IN (\n SELECT\n R.id\n FROM\n roles R JOIN users_roles UR\n ON\n R.id = UR.roles_id\n WHERE\n UR.users_id = '${userId}'\n ) THEN true\n ELSE false\n END AS assigned\n FROM\n roles\n `\n )\n\n return userRoles\n }\n\n @Query(returns => [Role], { description: 'To fetch roles of current user' })\n async myRoles(@Ctx() context: ResolverContext): Promise<Role[]> {\n const { user, domain } = context.state\n\n const qb: SelectQueryBuilder<User> = await getRepository(User).createQueryBuilder('USER')\n const { roles }: User = await qb\n .leftJoinAndSelect('USER.roles', 'ROLE')\n .leftJoin('ROLE.domain', 'ROLE_DOMAIN')\n .where('USER.id = :userId', { userId: user.id })\n .andWhere('ROLE_DOMAIN.id In(:...domainIds)', { domainIds: [domain.id, domain.parentId].filter(Boolean) })\n .getOne()\n\n return roles || []\n }\n\n @Query(returns => [Role], { description: 'To fetch the preset of role for new user' })\n async checkRolePreset(@Ctx() context: ResolverContext): Promise<Role[]> {\n const rolePreset = config.get('rolePreset') || []\n\n return rolePreset\n }\n\n @FieldResolver(type => Domain)\n async domain(@Root() role: Role) {\n return await getRepository(Domain).findOneBy({ id: role.domainId })\n }\n\n @FieldResolver(type => [User])\n async users(@Root() role: Role) {\n return (\n await getRepository(Role).findOne({\n where: { id: role.id },\n relations: ['users']\n })\n ).users\n }\n\n @FieldResolver(type => [Privilege])\n async privileges(@Root() role: Role) {\n return (\n await getRepository(Role).findOne({\n where: { id: role.id },\n relations: ['privileges']\n })\n ).privileges\n }\n\n @FieldResolver(type => User)\n async updater(@Root() role: Role): Promise<User> {\n return await getRepository(User).findOneBy({ id: role.updaterId })\n }\n\n @FieldResolver(type => User)\n async creator(@Root() role: Role): Promise<User> {\n return await getRepository(User).findOneBy({ id: role.creatorId })\n }\n}\n"]}
1
+ {"version":3,"file":"role-query.js","sourceRoot":"","sources":["../../../server/service/role/role-query.ts"],"names":[],"mappings":";;;;AAAA,qCAA4B;AAC5B,+CAA8F;AAG9F,6CAA4C;AAC5C,iDAAuG;AAEvG,4DAAqD;AACrD,6CAAsC;AACtC,uCAAgC;AAChC,mDAA8E;AAGvE,IAAM,SAAS,GAAf,MAAM,SAAS;IAGd,AAAN,KAAK,CAAC,IAAI,CAAc,IAAY,EAAS,OAAwB;QACnE,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QAChC,OAAO,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,SAAS,CAAC;YACzC,MAAM,EAAE,EAAE,EAAE,EAAE,IAAA,YAAE,EAAC,CAAC,MAAM,CAAC,EAAE,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,EAAE;YAChE,IAAI;SACL,CAAC,CAAA;IACJ,CAAC;IAIK,AAAN,KAAK,CAAC,KAAK,CAA0B,MAAiB,EAAS,OAAwB;QACrF,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QAEhC,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,GAAG,MAAM,IAAA,qCAA6B,EAAC;YACzD,UAAU,EAAE,IAAA,qBAAa,EAAC,cAAI,CAAC;YAC/B,MAAM;YACN,MAAM;YACN,WAAW,EAAE,CAAC,MAAM,EAAE,aAAa,CAAC;SACrC,CAAC,CAAC,eAAe,EAAE,CAAA;QAEpB,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,CAAA;IACzB,CAAC;IAIK,AAAN,KAAK,CAAC,cAAc,CAAgB,MAAc,EAAS,OAAwB;QACjF,MAAM,cAAc,GAAG,MAAM,IAAA,qBAAa,EAAC,wBAAS,CAAC,CAAC,KAAK,CACzD;;;;;;;;;;;;;;+BAcyB,MAAM;;;;;;OAM9B,CACF,CAAA;QAED,OAAO,cAAc,CAAA;IACvB,CAAC;IAIK,AAAN,KAAK,CAAC,SAAS,CAAgB,MAAc,EAAS,OAAwB;QAC5E,MAAM,SAAS,GAAG,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,KAAK,CAC/C;;;;;;;;;;;;;+BAayB,MAAM;;;;;;OAM9B,CACF,CAAA;QAED,OAAO,SAAS,CAAA;IAClB,CAAC;IAGK,AAAN,KAAK,CAAC,OAAO,CAAQ,OAAwB;QAC3C,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QAEtC,MAAM,KAAK,GAAG,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC;aACpC,kBAAkB,CAAC,MAAM,CAAC;aAC1B,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;aAC9B,QAAQ,CAAC,aAAa,EAAE,aAAa,CAAC;aACtC,KAAK,CAAC,mBAAmB,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC;aAC/C,QAAQ,CAAC,kCAAkC,EAAE,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;aACzG,MAAM,CAAC,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;aAChC,OAAO,EAAE,CAAA;QAEZ,OAAO,KAAK,CAAA;IACd,CAAC;IAGK,AAAN,KAAK,CAAC,eAAe,CAAQ,OAAwB;QACnD,MAAM,UAAU,GAAG,YAAM,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,EAAE,CAAA;QAEjD,OAAO,UAAU,CAAA;IACnB,CAAC;IAGK,AAAN,KAAK,CAAC,MAAM,CAAS,IAAU;QAC7B,OAAO,MAAM,IAAA,qBAAa,EAAC,cAAM,CAAC,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAA;IACrE,CAAC;IAED;;;OAGG;IAGG,AAAN,KAAK,CAAC,KAAK,CAAS,IAAU,EAAS,OAAwB;QAC7D,MAAM,QAAQ,GAAG,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,OAAO,CAAC;YACjD,KAAK,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE;YACtB,SAAS,EAAE,CAAC,OAAO,CAAC;SACrB,CAAC,CAAA;QAEF,OAAO,QAAQ,EAAE,KAAK,IAAI,EAAE,CAAA;IAC9B,CAAC;IAGK,AAAN,KAAK,CAAC,UAAU,CAAS,IAAU;QACjC,OAAO,CACL,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,OAAO,CAAC;YAChC,KAAK,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE;YACtB,SAAS,EAAE,CAAC,YAAY,CAAC;SAC1B,CAAC,CACH,CAAC,UAAU,CAAA;IACd,CAAC;IAGK,AAAN,KAAK,CAAC,OAAO,CAAS,IAAU;QAC9B,OAAO,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAA;IACpE,CAAC;IAGK,AAAN,KAAK,CAAC,OAAO,CAAS,IAAU;QAC9B,OAAO,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAA;IACpE,CAAC;CACF,CAAA;AAnJY,8BAAS;AAGd;IAFL,IAAA,wBAAS,EAAC,oGAAoG,CAAC;IAC/G,IAAA,oBAAK,EAAC,OAAO,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,WAAW,EAAE,eAAe,EAAE,CAAC;IAC7C,mBAAA,IAAA,kBAAG,EAAC,MAAM,CAAC,CAAA;IAAgB,mBAAA,IAAA,kBAAG,GAAE,CAAA;;;;qCAM3C;AAIK;IAFL,IAAA,wBAAS,EAAC,oGAAoG,CAAC;IAC/G,IAAA,oBAAK,EAAC,OAAO,CAAC,EAAE,CAAC,wBAAQ,EAAE,EAAE,WAAW,EAAE,yBAAyB,EAAE,CAAC;IAC1D,mBAAA,IAAA,mBAAI,EAAC,IAAI,CAAC,EAAE,CAAC,iBAAS,CAAC,CAAA;IAAqB,mBAAA,IAAA,kBAAG,GAAE,CAAA;;6CAAjB,iBAAS;;sCAWrD;AAIK;IAFL,IAAA,wBAAS,EAAC,oGAAoG,CAAC;IAC/G,IAAA,oBAAK,EAAC,OAAO,CAAC,EAAE,CAAC,CAAC,6BAAa,CAAC,EAAE,EAAE,WAAW,EAAE,+BAA+B,EAAE,CAAC;IAC9D,mBAAA,IAAA,kBAAG,EAAC,QAAQ,CAAC,CAAA;IAAkB,mBAAA,IAAA,kBAAG,GAAE,CAAA;;;;+CA0BzD;AAIK;IAFL,IAAA,wBAAS,EAAC,oGAAoG,CAAC;IAC/G,IAAA,oBAAK,EAAC,OAAO,CAAC,EAAE,CAAC,CAAC,wBAAQ,CAAC,EAAE,EAAE,WAAW,EAAE,0BAA0B,EAAE,CAAC;IACzD,mBAAA,IAAA,kBAAG,EAAC,QAAQ,CAAC,CAAA;IAAkB,mBAAA,IAAA,kBAAG,GAAE,CAAA;;;;0CAyBpD;AAGK;IADL,IAAA,oBAAK,EAAC,OAAO,CAAC,EAAE,CAAC,CAAC,yBAAS,CAAC,EAAE,EAAE,WAAW,EAAE,gDAAgD,EAAE,CAAC;IAClF,mBAAA,IAAA,kBAAG,GAAE,CAAA;;;;wCAanB;AAGK;IADL,IAAA,oBAAK,EAAC,OAAO,CAAC,EAAE,CAAC,CAAC,cAAI,CAAC,EAAE,EAAE,WAAW,EAAE,0CAA0C,EAAE,CAAC;IAC/D,mBAAA,IAAA,kBAAG,GAAE,CAAA;;;;gDAI3B;AAGK;IADL,IAAA,4BAAa,EAAC,IAAI,CAAC,EAAE,CAAC,cAAM,CAAC;IAChB,mBAAA,IAAA,mBAAI,GAAE,CAAA;;6CAAO,cAAI;;uCAE9B;AAQK;IAFL,IAAA,wBAAS,EAAC,oGAAoG,CAAC;IAC/G,IAAA,4BAAa,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC,cAAI,CAAC,CAAC;IACjB,mBAAA,IAAA,mBAAI,GAAE,CAAA;IAAc,mBAAA,IAAA,kBAAG,GAAE,CAAA;;6CAAZ,cAAI;;sCAO7B;AAGK;IADL,IAAA,4BAAa,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC,wBAAS,CAAC,CAAC;IACjB,mBAAA,IAAA,mBAAI,GAAE,CAAA;;6CAAO,cAAI;;2CAOlC;AAGK;IADL,IAAA,4BAAa,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,CAAC;IACb,mBAAA,IAAA,mBAAI,GAAE,CAAA;;6CAAO,cAAI;;wCAE/B;AAGK;IADL,IAAA,4BAAa,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,CAAC;IACb,mBAAA,IAAA,mBAAI,GAAE,CAAA;;6CAAO,cAAI;;wCAE/B;oBAlJU,SAAS;IADrB,IAAA,uBAAQ,EAAC,cAAI,CAAC;GACF,SAAS,CAmJrB","sourcesContent":["import { In } from 'typeorm'\nimport { Arg, Args, Ctx, Directive, FieldResolver, Query, Resolver, Root } from 'type-graphql'\nimport { SelectQueryBuilder } from 'typeorm'\n\nimport { config } from '@things-factory/env'\nimport { Domain, getQueryBuilderFromListParams, getRepository, ListParam } from '@things-factory/shell'\n\nimport { Privilege } from '../privilege/privilege.js'\nimport { User } from '../user/user.js'\nimport { Role } from './role.js'\nimport { RoleList, RolePrivilege, UserRole, RoleBrief } from './role-types.js'\n\n@Resolver(Role)\nexport class RoleQuery {\n @Directive('@privilege(category: \"user\", privilege: \"query\", domainOwnerGranted: true, superUserGranted: true)')\n @Query(returns => Role, { description: 'To fetch role' })\n async role(@Arg('name') name: string, @Ctx() context: ResolverContext): Promise<Role> {\n const { domain } = context.state\n return await getRepository(Role).findOneBy({\n domain: { id: In([domain.id, domain.parentId].filter(Boolean)) },\n name\n })\n }\n\n @Directive('@privilege(category: \"user\", privilege: \"query\", domainOwnerGranted: true, superUserGranted: true)')\n @Query(returns => RoleList, { description: 'To fetch multiple users' })\n async roles(@Args(type => ListParam) params: ListParam, @Ctx() context: ResolverContext): Promise<RoleList> {\n const { domain } = context.state\n\n const [items, total] = await getQueryBuilderFromListParams({\n repository: getRepository(Role),\n params,\n domain,\n searchables: ['name', 'description']\n }).getManyAndCount()\n\n return { items, total }\n }\n\n @Directive('@privilege(category: \"user\", privilege: \"query\", domainOwnerGranted: true, superUserGranted: true)')\n @Query(returns => [RolePrivilege], { description: 'To fetch privileges of a role' })\n async rolePrivileges(@Arg('roleId') roleId: string, @Ctx() context: ResolverContext): Promise<RolePrivilege[]> {\n const rolePrivileges = await getRepository(Privilege).query(\n `\n SELECT\n id,\n name,\n category,\n description,\n CASE WHEN id IN (\n SELECT\n P.id\n FROM\n privileges P JOIN roles_privileges RP\n ON\n P.id = RP.privileges_id\n WHERE\n RP.roles_id = '${roleId}'\n ) THEN true\n ELSE false\n END AS assigned\n FROM\n privileges\n `\n )\n\n return rolePrivileges\n }\n\n @Directive('@privilege(category: \"user\", privilege: \"query\", domainOwnerGranted: true, superUserGranted: true)')\n @Query(returns => [UserRole], { description: 'To fetch roles of a user' })\n async userRoles(@Arg('userId') userId: string, @Ctx() context: ResolverContext): Promise<UserRole[]> {\n const userRoles = await getRepository(Role).query(\n `\n SELECT\n id,\n name,\n description,\n CASE WHEN id IN (\n SELECT\n R.id\n FROM\n roles R JOIN users_roles UR\n ON\n R.id = UR.roles_id\n WHERE\n UR.users_id = '${userId}'\n ) THEN true\n ELSE false\n END AS assigned\n FROM\n roles\n `\n )\n\n return userRoles\n }\n\n @Query(returns => [RoleBrief], { description: 'To fetch roles of current user (id, name only)' })\n async myRoles(@Ctx() context: ResolverContext): Promise<RoleBrief[]> {\n const { user, domain } = context.state\n\n const roles = await getRepository(Role)\n .createQueryBuilder('ROLE')\n .leftJoin('ROLE.users', 'USER')\n .leftJoin('ROLE.domain', 'ROLE_DOMAIN')\n .where('USER.id = :userId', { userId: user.id })\n .andWhere('ROLE_DOMAIN.id In(:...domainIds)', { domainIds: [domain.id, domain.parentId].filter(Boolean) })\n .select(['ROLE.id', 'ROLE.name'])\n .getMany()\n\n return roles\n }\n\n @Query(returns => [Role], { description: 'To fetch the preset of role for new user' })\n async checkRolePreset(@Ctx() context: ResolverContext): Promise<Role[]> {\n const rolePreset = config.get('rolePreset') || []\n\n return rolePreset\n }\n\n @FieldResolver(type => Domain)\n async domain(@Root() role: Role) {\n return await getRepository(Domain).findOneBy({ id: role.domainId })\n }\n\n /**\n * Role의 users 필드를 위한 리졸버\n * 사용자 조회 권한이 있는 경우에만 접근 가능\n */\n @Directive('@privilege(category: \"user\", privilege: \"query\", domainOwnerGranted: true, superUserGranted: true)')\n @FieldResolver(type => [User])\n async users(@Root() role: Role, @Ctx() context: ResolverContext) {\n const roleData = await getRepository(Role).findOne({\n where: { id: role.id },\n relations: ['users']\n })\n\n return roleData?.users || []\n }\n\n @FieldResolver(type => [Privilege])\n async privileges(@Root() role: Role) {\n return (\n await getRepository(Role).findOne({\n where: { id: role.id },\n relations: ['privileges']\n })\n ).privileges\n }\n\n @FieldResolver(type => User)\n async updater(@Root() role: Role): Promise<User> {\n return await getRepository(User).findOneBy({ id: role.updaterId })\n }\n\n @FieldResolver(type => User)\n async creator(@Root() role: Role): Promise<User> {\n return await getRepository(User).findOneBy({ id: role.creatorId })\n }\n}\n"]}
package/dist-server/service/role/role-types.d.ts CHANGED
@@ -18,6 +18,10 @@ export declare class RoleList {
18
18
  items?: Role[];
19
19
  total?: number;
20
20
  }
21
+ export declare class RoleBrief {
22
+ id?: string;
23
+ name?: string;
24
+ }
21
25
  export declare class RolePrivilege {
22
26
  id?: string;
23
27
  name?: string;