@tomei/sso 0.13.0 → 0.15.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/__tests__/unit/components/login-user/login-user.spec.d.ts +1 -1
- package/dist/__tests__/unit/components/login-user/login-user.spec.js +662 -662
- package/dist/__tests__/unit/components/password-hash/password-hash.service.spec.d.ts +1 -1
- package/dist/__tests__/unit/components/password-hash/password-hash.service.spec.js +37 -37
- package/dist/__tests__/unit/redis-client/redis.service.spec.d.ts +1 -1
- package/dist/__tests__/unit/redis-client/redis.service.spec.js +31 -31
- package/dist/__tests__/unit/session/session.service.spec.d.ts +1 -1
- package/dist/__tests__/unit/session/session.service.spec.js +54 -54
- package/dist/__tests__/unit/system-privilege/system-privilage.spec.js +5 -5
- package/dist/index.d.ts +1 -1
- package/dist/index.js +17 -17
- package/dist/src/components/building/building.d.ts +39 -0
- package/dist/src/components/building/building.js +126 -0
- package/dist/src/components/building/building.js.map +1 -0
- package/dist/src/components/building/building.repository.d.ts +6 -0
- package/dist/src/components/building/building.repository.js +38 -0
- package/dist/src/components/building/building.repository.js.map +1 -0
- package/dist/src/components/building/index.d.ts +2 -0
- package/dist/src/components/building/index.js +19 -0
- package/dist/src/components/building/index.js.map +1 -0
- package/dist/src/components/building-type/building-type.repository.d.ts +5 -0
- package/dist/src/components/building-type/building-type.repository.js +12 -0
- package/dist/src/components/building-type/building-type.repository.js.map +1 -0
- package/dist/src/components/building-type/index.d.ts +1 -0
- package/dist/src/components/building-type/index.js +18 -0
- package/dist/src/components/building-type/index.js.map +1 -0
- package/dist/src/components/index.d.ts +9 -7
- package/dist/src/components/index.js +25 -23
- package/dist/src/components/index.js.map +1 -1
- package/dist/src/components/login-history/index.d.ts +1 -1
- package/dist/src/components/login-history/index.js +17 -17
- package/dist/src/components/login-history/login-history.repository.d.ts +5 -5
- package/dist/src/components/login-history/login-history.repository.js +11 -11
- package/dist/src/components/login-user/index.d.ts +3 -3
- package/dist/src/components/login-user/index.js +19 -19
- package/dist/src/components/login-user/interfaces/index.d.ts +1 -1
- package/dist/src/components/login-user/interfaces/index.js +17 -17
- package/dist/src/components/login-user/interfaces/user-info.interface.d.ts +9 -9
- package/dist/src/components/login-user/interfaces/user-info.interface.js +2 -2
- package/dist/src/components/login-user/login-user.d.ts +46 -46
- package/dist/src/components/login-user/login-user.js +430 -430
- package/dist/src/components/login-user/user.repository.d.ts +5 -5
- package/dist/src/components/login-user/user.repository.js +11 -11
- package/dist/src/components/password-hash/index.d.ts +2 -2
- package/dist/src/components/password-hash/index.js +18 -18
- package/dist/src/components/password-hash/interfaces/index.d.ts +1 -1
- package/dist/src/components/password-hash/interfaces/index.js +17 -17
- package/dist/src/components/password-hash/interfaces/password-hash-service.interface.d.ts +4 -4
- package/dist/src/components/password-hash/interfaces/password-hash-service.interface.js +2 -2
- package/dist/src/components/password-hash/password-hash.service.d.ts +6 -6
- package/dist/src/components/password-hash/password-hash.service.js +27 -27
- package/dist/src/components/system/index.d.ts +1 -1
- package/dist/src/components/system/index.js +17 -17
- package/dist/src/components/system/system.repository.d.ts +5 -5
- package/dist/src/components/system/system.repository.js +11 -11
- package/dist/src/components/system-access/index.d.ts +1 -1
- package/dist/src/components/system-access/index.js +17 -17
- package/dist/src/components/system-access/system-access.repository.d.ts +5 -5
- package/dist/src/components/system-access/system-access.repository.js +11 -11
- package/dist/src/components/system-privilege/privilege.d.ts +6 -6
- package/dist/src/components/system-privilege/privilege.js +76 -76
- package/dist/src/components/system-privilege/system-privilege.repository.d.ts +6 -6
- package/dist/src/components/system-privilege/system-privilege.repository.js +34 -34
- package/dist/src/components/user-group/index.d.ts +1 -1
- package/dist/src/components/user-group/index.js +17 -17
- package/dist/src/components/user-group/user-group.repository.d.ts +5 -5
- package/dist/src/components/user-group/user-group.repository.js +11 -11
- package/dist/src/components/user-user-group/index.d.ts +1 -1
- package/dist/src/components/user-user-group/index.js +17 -17
- package/dist/src/components/user-user-group/user-user-group.repository.d.ts +5 -5
- package/dist/src/components/user-user-group/user-user-group.repository.js +11 -11
- package/dist/src/database.d.ts +4 -4
- package/dist/src/database.js +14 -14
- package/dist/src/index.d.ts +5 -5
- package/dist/src/index.js +23 -23
- package/dist/src/interfaces/index.d.ts +2 -2
- package/dist/src/interfaces/index.js +18 -18
- package/dist/src/interfaces/system-login.interface.d.ts +6 -6
- package/dist/src/interfaces/system-login.interface.js +2 -2
- package/dist/src/interfaces/user-session.interface.d.ts +4 -4
- package/dist/src/interfaces/user-session.interface.js +2 -2
- package/dist/src/models/authorization-code.entity.d.ts +14 -14
- package/dist/src/models/authorization-code.entity.js +85 -85
- package/dist/src/models/bearer-token.entity.d.ts +11 -11
- package/dist/src/models/bearer-token.entity.js +71 -71
- package/dist/src/models/building-type.entity.d.ts +7 -7
- package/dist/src/models/building-type.entity.js +49 -49
- package/dist/src/models/building.entity.d.ts +39 -39
- package/dist/src/models/building.entity.js +250 -250
- package/dist/src/models/city.entity.d.ts +11 -11
- package/dist/src/models/city.entity.js +71 -71
- package/dist/src/models/company.entity.d.ts +18 -18
- package/dist/src/models/company.entity.js +113 -113
- package/dist/src/models/country.entity.d.ts +15 -15
- package/dist/src/models/country.entity.js +91 -91
- package/dist/src/models/department.entity.d.ts +19 -19
- package/dist/src/models/department.entity.js +111 -111
- package/dist/src/models/group-role-privilege.entity.d.ts +17 -17
- package/dist/src/models/group-role-privilege.entity.js +89 -89
- package/dist/src/models/group-system-access.entity.d.ts +11 -11
- package/dist/src/models/group-system-access.entity.js +61 -61
- package/dist/src/models/group-system-privilege.entity.d.ts +11 -11
- package/dist/src/models/group-system-privilege.entity.js +61 -61
- package/dist/src/models/group-system-role.entity.d.ts +11 -11
- package/dist/src/models/group-system-role.entity.js +61 -61
- package/dist/src/models/login-history.entity.d.ts +12 -12
- package/dist/src/models/login-history.entity.js +69 -69
- package/dist/src/models/oauth-token.entity.d.ts +14 -14
- package/dist/src/models/oauth-token.entity.js +85 -85
- package/dist/src/models/role.entity.d.ts +17 -17
- package/dist/src/models/role.entity.js +101 -101
- package/dist/src/models/staff-type.entity.d.ts +7 -7
- package/dist/src/models/staff-type.entity.js +49 -49
- package/dist/src/models/staff.entity.d.ts +39 -39
- package/dist/src/models/staff.entity.js +249 -249
- package/dist/src/models/state.entity.d.ts +10 -10
- package/dist/src/models/state.entity.js +63 -63
- package/dist/src/models/system-accesss.entity.d.ts +6 -6
- package/dist/src/models/system-accesss.entity.js +50 -50
- package/dist/src/models/system-privilege.entity.d.ts +16 -16
- package/dist/src/models/system-privilege.entity.js +89 -89
- package/dist/src/models/system-role-privilege.entity.d.ts +11 -11
- package/dist/src/models/system-role-privilege.entity.js +59 -59
- package/dist/src/models/system-role.entity.d.ts +11 -11
- package/dist/src/models/system-role.entity.js +82 -82
- package/dist/src/models/system.entity.d.ts +19 -19
- package/dist/src/models/system.entity.js +145 -145
- package/dist/src/models/user-group.entity.d.ts +23 -23
- package/dist/src/models/user-group.entity.js +139 -139
- package/dist/src/models/user-role.entity.d.ts +12 -12
- package/dist/src/models/user-role.entity.js +72 -72
- package/dist/src/models/user-system-privileges.entity.d.ts +13 -13
- package/dist/src/models/user-system-privileges.entity.js +88 -88
- package/dist/src/models/user-system-role.entity.d.ts +11 -11
- package/dist/src/models/user-system-role.entity.js +59 -59
- package/dist/src/models/user-user-group.entity.d.ts +14 -14
- package/dist/src/models/user-user-group.entity.js +72 -72
- package/dist/src/models/user.entity.d.ts +30 -30
- package/dist/src/models/user.entity.js +130 -130
- package/dist/src/redis-client/__mocks__/jest-initial-setup.d.ts +1 -1
- package/dist/src/redis-client/__mocks__/jest-initial-setup.js +4 -4
- package/dist/src/redis-client/__mocks__/redis-mock.d.ts +2 -2
- package/dist/src/redis-client/__mocks__/redis-mock.js +22 -22
- package/dist/src/redis-client/index.d.ts +1 -1
- package/dist/src/redis-client/index.js +17 -17
- package/dist/src/redis-client/redis.service.d.ts +7 -7
- package/dist/src/redis-client/redis.service.js +60 -60
- package/dist/src/session/index.d.ts +2 -2
- package/dist/src/session/index.js +18 -18
- package/dist/src/session/interfaces/index.d.ts +1 -1
- package/dist/src/session/interfaces/index.js +17 -17
- package/dist/src/session/interfaces/session-service.interface.d.ts +6 -6
- package/dist/src/session/interfaces/session-service.interface.js +2 -2
- package/dist/src/session/session.service.d.ts +10 -10
- package/dist/src/session/session.service.js +62 -62
- package/dist/tsconfig.tsbuildinfo +1 -1
- package/package.json +2 -2
- package/src/components/building/building.repository.ts +27 -0
- package/src/components/building/building.ts +170 -0
- package/src/components/building/index.ts +3 -0
- package/src/components/building-type/building-type.repository.ts +11 -0
- package/src/components/building-type/index.ts +2 -0
- package/src/components/index.ts +2 -0
- package/src/models/building-type.entity.ts +1 -1
|
@@ -1,215 +1,215 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
|
-
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
|
-
return new (P || (P = Promise))(function (resolve, reject) {
|
|
5
|
-
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
6
|
-
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
7
|
-
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
8
|
-
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
|
-
});
|
|
10
|
-
};
|
|
11
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
-
exports.LoginUser = void 0;
|
|
13
|
-
const general_1 = require("@tomei/general");
|
|
14
|
-
const user_repository_1 = require("./user.repository");
|
|
15
|
-
const system_repository_1 = require("../system/system.repository");
|
|
16
|
-
const system_access_repository_1 = require("../system-access/system-access.repository");
|
|
17
|
-
const login_history_repository_1 = require("../login-history/login-history.repository");
|
|
18
|
-
const user_user_group_repository_1 = require("../user-user-group/user-user-group.repository");
|
|
19
|
-
const password_hash_service_1 = require("../password-hash/password-hash.service");
|
|
20
|
-
const user_group_repository_1 = require("../user-group/user-group.repository");
|
|
21
|
-
const mailer_1 = require("@tomei/mailer");
|
|
22
|
-
const staff_entity_1 = require("../../models/staff.entity");
|
|
23
|
-
const system_privilege_entity_1 = require("../../models/system-privilege.entity");
|
|
24
|
-
const group_system_privilege_entity_1 = require("../../models/group-system-privilege.entity");
|
|
25
|
-
const group_role_privilege_entity_1 = require("../../models/group-role-privilege.entity");
|
|
26
|
-
const user_group_entity_1 = require("../../models/user-group.entity");
|
|
27
|
-
class LoginUser extends general_1.LoginUserBase {
|
|
28
|
-
getDetails() {
|
|
29
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
30
|
-
return {
|
|
31
|
-
FullName: this.FullName,
|
|
32
|
-
IDNo: this.IDNo,
|
|
33
|
-
IDType: this.IDType,
|
|
34
|
-
Email: this.Email,
|
|
35
|
-
ContactNo: this.ContactNo,
|
|
36
|
-
};
|
|
37
|
-
});
|
|
38
|
-
}
|
|
39
|
-
constructor(sessionService, dbTransaction, userInfo) {
|
|
40
|
-
super();
|
|
41
|
-
this.ObjectName = 'User';
|
|
42
|
-
this.TableName = 'sso_users';
|
|
43
|
-
this._PasswordHashService = new password_hash_service_1.PasswordHashService();
|
|
44
|
-
this._SessionService = sessionService;
|
|
45
|
-
if (dbTransaction) {
|
|
46
|
-
this._dbTransaction = dbTransaction;
|
|
47
|
-
}
|
|
48
|
-
if (userInfo) {
|
|
49
|
-
this.ObjectId = userInfo.ObjectId;
|
|
50
|
-
this.FullName = userInfo.FullName;
|
|
51
|
-
this.IDNo = userInfo.IDNo;
|
|
52
|
-
this.Email = userInfo.Email;
|
|
53
|
-
this.ContactNo = userInfo.ContactNo;
|
|
54
|
-
this.Password = userInfo.Password;
|
|
55
|
-
this.staffs = userInfo.staffs;
|
|
56
|
-
}
|
|
57
|
-
}
|
|
58
|
-
static init(sessionService, userId, dbTransaction = null) {
|
|
59
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
60
|
-
if (userId) {
|
|
61
|
-
if (dbTransaction) {
|
|
62
|
-
LoginUser._Repository = new user_repository_1.UserRepository();
|
|
63
|
-
}
|
|
64
|
-
const user = yield LoginUser._Repository.findOne({
|
|
65
|
-
where: {
|
|
66
|
-
id: Number(userId),
|
|
67
|
-
},
|
|
68
|
-
include: [
|
|
69
|
-
{
|
|
70
|
-
model: staff_entity_1.default,
|
|
71
|
-
},
|
|
72
|
-
],
|
|
73
|
-
});
|
|
74
|
-
if (!user) {
|
|
75
|
-
throw new Error('Invalid credentials.');
|
|
76
|
-
}
|
|
77
|
-
if (user) {
|
|
78
|
-
const userInfo = {
|
|
79
|
-
ObjectId: user.id.toString(),
|
|
80
|
-
FullName: user.Staff.FullName,
|
|
81
|
-
IDNo: user.Staff.IdNo,
|
|
82
|
-
ContactNo: user.Staff.Mobile,
|
|
83
|
-
Email: user.Email,
|
|
84
|
-
Password: user.Password,
|
|
85
|
-
staffs: user.Staff,
|
|
86
|
-
};
|
|
87
|
-
return new LoginUser(sessionService, dbTransaction, userInfo);
|
|
88
|
-
}
|
|
89
|
-
else {
|
|
90
|
-
throw new Error('User not found');
|
|
91
|
-
}
|
|
92
|
-
}
|
|
93
|
-
return new LoginUser(sessionService, dbTransaction);
|
|
94
|
-
});
|
|
95
|
-
}
|
|
96
|
-
login(systemCode, email, password, ipAddress) {
|
|
97
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
98
|
-
try {
|
|
99
|
-
if (!this.ObjectId) {
|
|
100
|
-
const user = yield LoginUser._Repository.findOne({
|
|
101
|
-
where: {
|
|
102
|
-
Email: email,
|
|
103
|
-
},
|
|
104
|
-
include: [
|
|
105
|
-
{
|
|
106
|
-
model: staff_entity_1.default,
|
|
107
|
-
},
|
|
108
|
-
],
|
|
109
|
-
});
|
|
110
|
-
const userInfo = {
|
|
111
|
-
ObjectId: user.id.toString(),
|
|
112
|
-
FullName: user.Staff.FullName,
|
|
113
|
-
IDNo: user.Staff.IdNo,
|
|
114
|
-
ContactNo: user.Staff.Mobile,
|
|
115
|
-
Email: user.Staff.Email,
|
|
116
|
-
Password: user.Password,
|
|
117
|
-
staffs: user.Staff,
|
|
118
|
-
};
|
|
119
|
-
this.ObjectId = userInfo.ObjectId;
|
|
120
|
-
this.FullName = userInfo.FullName;
|
|
121
|
-
this.IDNo = userInfo.IDNo;
|
|
122
|
-
this.Email = userInfo.Email;
|
|
123
|
-
this.ContactNo = userInfo.ContactNo;
|
|
124
|
-
this.Password = userInfo.Password;
|
|
125
|
-
this.staffs = userInfo.staffs;
|
|
126
|
-
}
|
|
127
|
-
if (this.ObjectId && this.Email !== email) {
|
|
128
|
-
throw new Error('Invalid credentials.');
|
|
129
|
-
}
|
|
130
|
-
const isPasswordValid = yield this._PasswordHashService.verify(password, this.Password);
|
|
131
|
-
if (!isPasswordValid) {
|
|
132
|
-
throw new Error('Invalid credentials.');
|
|
133
|
-
}
|
|
134
|
-
const system = yield LoginUser._SystemRepository.findOne({
|
|
135
|
-
where: {
|
|
136
|
-
code: systemCode,
|
|
137
|
-
},
|
|
138
|
-
});
|
|
139
|
-
if (!system) {
|
|
140
|
-
throw new Error('Invalid system code.');
|
|
141
|
-
}
|
|
142
|
-
yield this.checkSystemAccess(this.ObjectId, system.id);
|
|
143
|
-
const userSession = yield this._SessionService.retrieveUserSession(this.ObjectId);
|
|
144
|
-
let systemLogin = userSession.systemLogins.find((system) => system.code === systemCode);
|
|
145
|
-
const { randomUUID } = require('crypto');
|
|
146
|
-
const sessionId = randomUUID();
|
|
147
|
-
if (systemLogin) {
|
|
148
|
-
systemLogin = systemLogin.sessionId = sessionId;
|
|
149
|
-
userSession.systemLogins.map((system) => system.code === systemCode ? systemLogin : system);
|
|
150
|
-
}
|
|
151
|
-
else {
|
|
152
|
-
const newLogin = {
|
|
153
|
-
id: system.id.toString(),
|
|
154
|
-
code: system.Code,
|
|
155
|
-
sessionId: sessionId,
|
|
156
|
-
privileges: yield this.getPrivileges(system.Code),
|
|
157
|
-
};
|
|
158
|
-
userSession.systemLogins.push(newLogin);
|
|
159
|
-
}
|
|
160
|
-
this._SessionService.setUserSession(this.ObjectId, userSession);
|
|
161
|
-
yield LoginUser._LoginHistoryRepository.create({
|
|
162
|
-
UserId: this.ObjectId,
|
|
163
|
-
SystemId: system.id,
|
|
164
|
-
OriginIp: ipAddress,
|
|
165
|
-
CreatedAt: new Date(),
|
|
166
|
-
});
|
|
167
|
-
return `${this.ObjectId}:${sessionId}`;
|
|
168
|
-
}
|
|
169
|
-
catch (error) {
|
|
170
|
-
throw error;
|
|
171
|
-
}
|
|
172
|
-
});
|
|
173
|
-
}
|
|
174
|
-
checkSystemAccess(userId, systemId) {
|
|
175
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
176
|
-
try {
|
|
177
|
-
const systemAccess = yield LoginUser._SystemAccessRepository.findOne({
|
|
178
|
-
where: {
|
|
179
|
-
UserId: userId,
|
|
180
|
-
SystemId: systemId,
|
|
181
|
-
},
|
|
182
|
-
});
|
|
183
|
-
if (!systemAccess) {
|
|
184
|
-
throw new Error("User don't have access to the system.");
|
|
185
|
-
}
|
|
186
|
-
}
|
|
187
|
-
catch (error) {
|
|
188
|
-
throw error;
|
|
189
|
-
}
|
|
190
|
-
});
|
|
191
|
-
}
|
|
192
|
-
alertNewLogin(userId, systemId, ipAddress) {
|
|
193
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
194
|
-
try {
|
|
195
|
-
const userLogins = yield LoginUser._LoginHistoryRepository.findAll({
|
|
196
|
-
where: {
|
|
197
|
-
UserId: userId,
|
|
198
|
-
SystemId: systemId,
|
|
199
|
-
},
|
|
200
|
-
});
|
|
201
|
-
const gotPreviousLogins = (userLogins === null || userLogins === void 0 ? void 0 : userLogins.length) !== 0;
|
|
202
|
-
let ipFound = undefined;
|
|
203
|
-
if (gotPreviousLogins) {
|
|
204
|
-
ipFound = userLogins.find((item) => item.OriginIp === ipAddress);
|
|
205
|
-
}
|
|
206
|
-
if (gotPreviousLogins && !ipFound) {
|
|
207
|
-
const EMAIL_SENDER = process.env.EMAIL_SENDER || 'itd-system@tomei.com.my';
|
|
208
|
-
const transporter = new mailer_1.SMTPMailer();
|
|
209
|
-
yield transporter.sendMail({
|
|
210
|
-
from: EMAIL_SENDER,
|
|
211
|
-
to: this.Email,
|
|
212
|
-
subject: 'New Login Alert',
|
|
1
|
+
"use strict";
|
|
2
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
5
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
6
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
7
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
8
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
|
+
});
|
|
10
|
+
};
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
exports.LoginUser = void 0;
|
|
13
|
+
const general_1 = require("@tomei/general");
|
|
14
|
+
const user_repository_1 = require("./user.repository");
|
|
15
|
+
const system_repository_1 = require("../system/system.repository");
|
|
16
|
+
const system_access_repository_1 = require("../system-access/system-access.repository");
|
|
17
|
+
const login_history_repository_1 = require("../login-history/login-history.repository");
|
|
18
|
+
const user_user_group_repository_1 = require("../user-user-group/user-user-group.repository");
|
|
19
|
+
const password_hash_service_1 = require("../password-hash/password-hash.service");
|
|
20
|
+
const user_group_repository_1 = require("../user-group/user-group.repository");
|
|
21
|
+
const mailer_1 = require("@tomei/mailer");
|
|
22
|
+
const staff_entity_1 = require("../../models/staff.entity");
|
|
23
|
+
const system_privilege_entity_1 = require("../../models/system-privilege.entity");
|
|
24
|
+
const group_system_privilege_entity_1 = require("../../models/group-system-privilege.entity");
|
|
25
|
+
const group_role_privilege_entity_1 = require("../../models/group-role-privilege.entity");
|
|
26
|
+
const user_group_entity_1 = require("../../models/user-group.entity");
|
|
27
|
+
class LoginUser extends general_1.LoginUserBase {
|
|
28
|
+
getDetails() {
|
|
29
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
30
|
+
return {
|
|
31
|
+
FullName: this.FullName,
|
|
32
|
+
IDNo: this.IDNo,
|
|
33
|
+
IDType: this.IDType,
|
|
34
|
+
Email: this.Email,
|
|
35
|
+
ContactNo: this.ContactNo,
|
|
36
|
+
};
|
|
37
|
+
});
|
|
38
|
+
}
|
|
39
|
+
constructor(sessionService, dbTransaction, userInfo) {
|
|
40
|
+
super();
|
|
41
|
+
this.ObjectName = 'User';
|
|
42
|
+
this.TableName = 'sso_users';
|
|
43
|
+
this._PasswordHashService = new password_hash_service_1.PasswordHashService();
|
|
44
|
+
this._SessionService = sessionService;
|
|
45
|
+
if (dbTransaction) {
|
|
46
|
+
this._dbTransaction = dbTransaction;
|
|
47
|
+
}
|
|
48
|
+
if (userInfo) {
|
|
49
|
+
this.ObjectId = userInfo.ObjectId;
|
|
50
|
+
this.FullName = userInfo.FullName;
|
|
51
|
+
this.IDNo = userInfo.IDNo;
|
|
52
|
+
this.Email = userInfo.Email;
|
|
53
|
+
this.ContactNo = userInfo.ContactNo;
|
|
54
|
+
this.Password = userInfo.Password;
|
|
55
|
+
this.staffs = userInfo.staffs;
|
|
56
|
+
}
|
|
57
|
+
}
|
|
58
|
+
static init(sessionService, userId, dbTransaction = null) {
|
|
59
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
60
|
+
if (userId) {
|
|
61
|
+
if (dbTransaction) {
|
|
62
|
+
LoginUser._Repository = new user_repository_1.UserRepository();
|
|
63
|
+
}
|
|
64
|
+
const user = yield LoginUser._Repository.findOne({
|
|
65
|
+
where: {
|
|
66
|
+
id: Number(userId),
|
|
67
|
+
},
|
|
68
|
+
include: [
|
|
69
|
+
{
|
|
70
|
+
model: staff_entity_1.default,
|
|
71
|
+
},
|
|
72
|
+
],
|
|
73
|
+
});
|
|
74
|
+
if (!user) {
|
|
75
|
+
throw new Error('Invalid credentials.');
|
|
76
|
+
}
|
|
77
|
+
if (user) {
|
|
78
|
+
const userInfo = {
|
|
79
|
+
ObjectId: user.id.toString(),
|
|
80
|
+
FullName: user.Staff.FullName,
|
|
81
|
+
IDNo: user.Staff.IdNo,
|
|
82
|
+
ContactNo: user.Staff.Mobile,
|
|
83
|
+
Email: user.Email,
|
|
84
|
+
Password: user.Password,
|
|
85
|
+
staffs: user.Staff,
|
|
86
|
+
};
|
|
87
|
+
return new LoginUser(sessionService, dbTransaction, userInfo);
|
|
88
|
+
}
|
|
89
|
+
else {
|
|
90
|
+
throw new Error('User not found');
|
|
91
|
+
}
|
|
92
|
+
}
|
|
93
|
+
return new LoginUser(sessionService, dbTransaction);
|
|
94
|
+
});
|
|
95
|
+
}
|
|
96
|
+
login(systemCode, email, password, ipAddress) {
|
|
97
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
98
|
+
try {
|
|
99
|
+
if (!this.ObjectId) {
|
|
100
|
+
const user = yield LoginUser._Repository.findOne({
|
|
101
|
+
where: {
|
|
102
|
+
Email: email,
|
|
103
|
+
},
|
|
104
|
+
include: [
|
|
105
|
+
{
|
|
106
|
+
model: staff_entity_1.default,
|
|
107
|
+
},
|
|
108
|
+
],
|
|
109
|
+
});
|
|
110
|
+
const userInfo = {
|
|
111
|
+
ObjectId: user.id.toString(),
|
|
112
|
+
FullName: user.Staff.FullName,
|
|
113
|
+
IDNo: user.Staff.IdNo,
|
|
114
|
+
ContactNo: user.Staff.Mobile,
|
|
115
|
+
Email: user.Staff.Email,
|
|
116
|
+
Password: user.Password,
|
|
117
|
+
staffs: user.Staff,
|
|
118
|
+
};
|
|
119
|
+
this.ObjectId = userInfo.ObjectId;
|
|
120
|
+
this.FullName = userInfo.FullName;
|
|
121
|
+
this.IDNo = userInfo.IDNo;
|
|
122
|
+
this.Email = userInfo.Email;
|
|
123
|
+
this.ContactNo = userInfo.ContactNo;
|
|
124
|
+
this.Password = userInfo.Password;
|
|
125
|
+
this.staffs = userInfo.staffs;
|
|
126
|
+
}
|
|
127
|
+
if (this.ObjectId && this.Email !== email) {
|
|
128
|
+
throw new Error('Invalid credentials.');
|
|
129
|
+
}
|
|
130
|
+
const isPasswordValid = yield this._PasswordHashService.verify(password, this.Password);
|
|
131
|
+
if (!isPasswordValid) {
|
|
132
|
+
throw new Error('Invalid credentials.');
|
|
133
|
+
}
|
|
134
|
+
const system = yield LoginUser._SystemRepository.findOne({
|
|
135
|
+
where: {
|
|
136
|
+
code: systemCode,
|
|
137
|
+
},
|
|
138
|
+
});
|
|
139
|
+
if (!system) {
|
|
140
|
+
throw new Error('Invalid system code.');
|
|
141
|
+
}
|
|
142
|
+
yield this.checkSystemAccess(this.ObjectId, system.id);
|
|
143
|
+
const userSession = yield this._SessionService.retrieveUserSession(this.ObjectId);
|
|
144
|
+
let systemLogin = userSession.systemLogins.find((system) => system.code === systemCode);
|
|
145
|
+
const { randomUUID } = require('crypto');
|
|
146
|
+
const sessionId = randomUUID();
|
|
147
|
+
if (systemLogin) {
|
|
148
|
+
systemLogin = systemLogin.sessionId = sessionId;
|
|
149
|
+
userSession.systemLogins.map((system) => system.code === systemCode ? systemLogin : system);
|
|
150
|
+
}
|
|
151
|
+
else {
|
|
152
|
+
const newLogin = {
|
|
153
|
+
id: system.id.toString(),
|
|
154
|
+
code: system.Code,
|
|
155
|
+
sessionId: sessionId,
|
|
156
|
+
privileges: yield this.getPrivileges(system.Code),
|
|
157
|
+
};
|
|
158
|
+
userSession.systemLogins.push(newLogin);
|
|
159
|
+
}
|
|
160
|
+
this._SessionService.setUserSession(this.ObjectId, userSession);
|
|
161
|
+
yield LoginUser._LoginHistoryRepository.create({
|
|
162
|
+
UserId: this.ObjectId,
|
|
163
|
+
SystemId: system.id,
|
|
164
|
+
OriginIp: ipAddress,
|
|
165
|
+
CreatedAt: new Date(),
|
|
166
|
+
});
|
|
167
|
+
return `${this.ObjectId}:${sessionId}`;
|
|
168
|
+
}
|
|
169
|
+
catch (error) {
|
|
170
|
+
throw error;
|
|
171
|
+
}
|
|
172
|
+
});
|
|
173
|
+
}
|
|
174
|
+
checkSystemAccess(userId, systemId) {
|
|
175
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
176
|
+
try {
|
|
177
|
+
const systemAccess = yield LoginUser._SystemAccessRepository.findOne({
|
|
178
|
+
where: {
|
|
179
|
+
UserId: userId,
|
|
180
|
+
SystemId: systemId,
|
|
181
|
+
},
|
|
182
|
+
});
|
|
183
|
+
if (!systemAccess) {
|
|
184
|
+
throw new Error("User don't have access to the system.");
|
|
185
|
+
}
|
|
186
|
+
}
|
|
187
|
+
catch (error) {
|
|
188
|
+
throw error;
|
|
189
|
+
}
|
|
190
|
+
});
|
|
191
|
+
}
|
|
192
|
+
alertNewLogin(userId, systemId, ipAddress) {
|
|
193
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
194
|
+
try {
|
|
195
|
+
const userLogins = yield LoginUser._LoginHistoryRepository.findAll({
|
|
196
|
+
where: {
|
|
197
|
+
UserId: userId,
|
|
198
|
+
SystemId: systemId,
|
|
199
|
+
},
|
|
200
|
+
});
|
|
201
|
+
const gotPreviousLogins = (userLogins === null || userLogins === void 0 ? void 0 : userLogins.length) !== 0;
|
|
202
|
+
let ipFound = undefined;
|
|
203
|
+
if (gotPreviousLogins) {
|
|
204
|
+
ipFound = userLogins.find((item) => item.OriginIp === ipAddress);
|
|
205
|
+
}
|
|
206
|
+
if (gotPreviousLogins && !ipFound) {
|
|
207
|
+
const EMAIL_SENDER = process.env.EMAIL_SENDER || 'itd-system@tomei.com.my';
|
|
208
|
+
const transporter = new mailer_1.SMTPMailer();
|
|
209
|
+
yield transporter.sendMail({
|
|
210
|
+
from: EMAIL_SENDER,
|
|
211
|
+
to: this.Email,
|
|
212
|
+
subject: 'New Login Alert',
|
|
213
213
|
html: `<p>Dear ${this.FullName},</p>
|
|
214
214
|
<p>There was a new login to your account from ${ipAddress} on ${new Date().toLocaleString()}.</p>
|
|
215
215
|
<p>If this was you, you can safely ignore this email.</p>
|
|
@@ -218,222 +218,222 @@ class LoginUser extends general_1.LoginUserBase {
|
|
|
218
218
|
<p>
|
|
219
219
|
Best Regards,
|
|
220
220
|
IT Department
|
|
221
|
-
</p>`,
|
|
222
|
-
});
|
|
223
|
-
}
|
|
224
|
-
}
|
|
225
|
-
catch (error) {
|
|
226
|
-
throw error;
|
|
227
|
-
}
|
|
228
|
-
});
|
|
229
|
-
}
|
|
230
|
-
getPrivileges(systemCode) {
|
|
231
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
232
|
-
try {
|
|
233
|
-
const system = yield LoginUser._SystemRepository.findOne({
|
|
234
|
-
where: {
|
|
235
|
-
Code: systemCode,
|
|
236
|
-
},
|
|
237
|
-
});
|
|
238
|
-
if (!system) {
|
|
239
|
-
throw new Error('Invalid system code.');
|
|
240
|
-
}
|
|
241
|
-
const userUserGroups = yield this.getUserUserGroupFromDB(system.id);
|
|
242
|
-
const userGroupData = userUserGroups.map((u) => u.UserGroup);
|
|
243
|
-
let privileges = [];
|
|
244
|
-
for (const userGroup of userGroupData) {
|
|
245
|
-
const groupSystemPrivileges = userGroup.GroupSystemPrivileges.map((g) => g.SystemPrivilege.Code);
|
|
246
|
-
const groupRolePrivileges = userGroup.GroupRolePrivileges.map((g) => g.SystemPrivilege.Code);
|
|
247
|
-
if (userGroup.GroupLevel !== 0 &&
|
|
248
|
-
userGroup.AllowInheritFromParentYN === 'Y') {
|
|
249
|
-
const parentTreePrivileges = yield this.getPrivilegesFromUserGroup(userGroup.ParentGroupCode);
|
|
250
|
-
privileges = [...privileges, ...parentTreePrivileges];
|
|
251
|
-
}
|
|
252
|
-
privileges = [
|
|
253
|
-
...privileges,
|
|
254
|
-
...groupSystemPrivileges,
|
|
255
|
-
...groupRolePrivileges,
|
|
256
|
-
];
|
|
257
|
-
}
|
|
258
|
-
const userPrivileges = yield this.getUserPersonalPrivileges(system.id);
|
|
259
|
-
privileges = [...privileges, ...userPrivileges];
|
|
260
|
-
privileges = [...new Set(privileges)];
|
|
261
|
-
return privileges;
|
|
262
|
-
}
|
|
263
|
-
catch (error) {
|
|
264
|
-
throw error;
|
|
265
|
-
}
|
|
266
|
-
});
|
|
267
|
-
}
|
|
268
|
-
getPrivilegesFromUserGroup(groupCode) {
|
|
269
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
270
|
-
try {
|
|
271
|
-
const userGroup = yield this.getUserGroupFromDB(groupCode);
|
|
272
|
-
let privileges = [];
|
|
273
|
-
privileges = [
|
|
274
|
-
...privileges,
|
|
275
|
-
...userGroup.GroupSystemPrivileges.map((g) => g.SystemPrivilege.Code),
|
|
276
|
-
...userGroup.GroupRolePrivileges.map((g) => g.SystemPrivilege.Code),
|
|
277
|
-
];
|
|
278
|
-
const isContinue = userGroup.GroupLevel !== 0 &&
|
|
279
|
-
userGroup.AllowInheritFromParentYN === 'Y';
|
|
280
|
-
if (isContinue) {
|
|
281
|
-
const recursivePrivileges = yield this.getPrivilegesFromUserGroup(userGroup.ParentGroupCode);
|
|
282
|
-
privileges = privileges.concat(recursivePrivileges);
|
|
283
|
-
}
|
|
284
|
-
return privileges;
|
|
285
|
-
}
|
|
286
|
-
catch (error) {
|
|
287
|
-
throw error;
|
|
288
|
-
}
|
|
289
|
-
});
|
|
290
|
-
}
|
|
291
|
-
getUserGroupFromDB(groupCode) {
|
|
292
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
293
|
-
try {
|
|
294
|
-
const userGroup = yield LoginUser._UserGroupRepository.findOne({
|
|
295
|
-
where: {
|
|
296
|
-
GroupCode: groupCode,
|
|
297
|
-
},
|
|
298
|
-
include: [
|
|
299
|
-
{
|
|
300
|
-
model: group_system_privilege_entity_1.default,
|
|
301
|
-
include: {
|
|
302
|
-
model: system_privilege_entity_1.default,
|
|
303
|
-
},
|
|
304
|
-
},
|
|
305
|
-
{
|
|
306
|
-
model: group_role_privilege_entity_1.default,
|
|
307
|
-
include: {
|
|
308
|
-
model: system_privilege_entity_1.default,
|
|
309
|
-
},
|
|
310
|
-
},
|
|
311
|
-
],
|
|
312
|
-
});
|
|
313
|
-
return userGroup;
|
|
314
|
-
}
|
|
315
|
-
catch (error) {
|
|
316
|
-
throw error;
|
|
317
|
-
}
|
|
318
|
-
});
|
|
319
|
-
}
|
|
320
|
-
getUserUserGroupFromDB(systemCode) {
|
|
321
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
322
|
-
try {
|
|
323
|
-
return yield LoginUser._UserUserGroupRepository.findAll({
|
|
324
|
-
where: {
|
|
325
|
-
UserId: this.ObjectId,
|
|
326
|
-
SystemId: systemCode,
|
|
327
|
-
},
|
|
328
|
-
include: {
|
|
329
|
-
model: user_group_entity_1.default,
|
|
330
|
-
include: [
|
|
331
|
-
{
|
|
332
|
-
model: group_system_privilege_entity_1.default,
|
|
333
|
-
include: {
|
|
334
|
-
model: system_privilege_entity_1.default,
|
|
335
|
-
},
|
|
336
|
-
},
|
|
337
|
-
{
|
|
338
|
-
model: group_role_privilege_entity_1.default,
|
|
339
|
-
include: {
|
|
340
|
-
model: system_privilege_entity_1.default,
|
|
341
|
-
},
|
|
342
|
-
},
|
|
343
|
-
],
|
|
344
|
-
},
|
|
345
|
-
});
|
|
346
|
-
}
|
|
347
|
-
catch (error) {
|
|
348
|
-
throw error;
|
|
349
|
-
}
|
|
350
|
-
});
|
|
351
|
-
}
|
|
352
|
-
getUserPersonalPrivileges(systemId) {
|
|
353
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
354
|
-
try {
|
|
355
|
-
const userRole = yield LoginUser._Repository.findOne({
|
|
356
|
-
where: {
|
|
357
|
-
id: this.ObjectId,
|
|
358
|
-
},
|
|
359
|
-
include: {
|
|
360
|
-
model: system_privilege_entity_1.default,
|
|
361
|
-
},
|
|
362
|
-
});
|
|
363
|
-
let userSystemPrivileges = userRole.SystemPrivileges;
|
|
364
|
-
userSystemPrivileges = userSystemPrivileges.filter((u) => u.SystemId === systemId);
|
|
365
|
-
const userPrivileges = userSystemPrivileges.map((u) => u.Code);
|
|
366
|
-
return userPrivileges;
|
|
367
|
-
}
|
|
368
|
-
catch (error) {
|
|
369
|
-
throw error;
|
|
370
|
-
}
|
|
371
|
-
});
|
|
372
|
-
}
|
|
373
|
-
checkPrivileges(systemCode, privilegeName) {
|
|
374
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
375
|
-
try {
|
|
376
|
-
if (!this.ObjectId) {
|
|
377
|
-
throw new Error('ObjectId(UserId) is not set');
|
|
378
|
-
}
|
|
379
|
-
const userSession = yield this._SessionService.retrieveUserSession(this.ObjectId);
|
|
380
|
-
const systemLogin = userSession.systemLogins.find((system) => system.code === systemCode);
|
|
381
|
-
if (!systemLogin) {
|
|
382
|
-
return false;
|
|
383
|
-
}
|
|
384
|
-
const privileges = systemLogin.privileges;
|
|
385
|
-
const hasPrivilege = privileges.includes(privilegeName);
|
|
386
|
-
return hasPrivilege;
|
|
387
|
-
}
|
|
388
|
-
catch (error) {
|
|
389
|
-
throw error;
|
|
390
|
-
}
|
|
391
|
-
});
|
|
392
|
-
}
|
|
393
|
-
checkSession(systemCode, sessionId, userId) {
|
|
394
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
395
|
-
try {
|
|
396
|
-
const userSession = yield this._SessionService.retrieveUserSession(userId);
|
|
397
|
-
if (userSession.systemLogins.length === 0) {
|
|
398
|
-
throw new Error('Session expired.');
|
|
399
|
-
}
|
|
400
|
-
const systemLogin = userSession.systemLogins.find((sl) => sl.code === systemCode);
|
|
401
|
-
if (!systemLogin) {
|
|
402
|
-
throw new Error('Session expired.');
|
|
403
|
-
}
|
|
404
|
-
if (systemLogin.sessionId !== sessionId) {
|
|
405
|
-
throw new Error('Session expired.');
|
|
406
|
-
}
|
|
407
|
-
yield this._SessionService.refreshDuration(userId);
|
|
408
|
-
return systemLogin;
|
|
409
|
-
}
|
|
410
|
-
catch (error) {
|
|
411
|
-
throw error;
|
|
412
|
-
}
|
|
413
|
-
});
|
|
414
|
-
}
|
|
415
|
-
logout(systemCode) {
|
|
416
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
417
|
-
try {
|
|
418
|
-
if (!this.ObjectId) {
|
|
419
|
-
throw new Error('ObjectId(UserId) is not set');
|
|
420
|
-
}
|
|
421
|
-
const userSession = yield this._SessionService.retrieveUserSession(this.ObjectId);
|
|
422
|
-
const index = userSession.systemLogins.findIndex((system) => system.code === systemCode);
|
|
423
|
-
userSession.systemLogins.splice(index, 1);
|
|
424
|
-
this._SessionService.setUserSession(this.ObjectId, userSession);
|
|
425
|
-
}
|
|
426
|
-
catch (error) {
|
|
427
|
-
throw error;
|
|
428
|
-
}
|
|
429
|
-
});
|
|
430
|
-
}
|
|
431
|
-
}
|
|
432
|
-
exports.LoginUser = LoginUser;
|
|
433
|
-
LoginUser._Repository = new user_repository_1.UserRepository();
|
|
434
|
-
LoginUser._SystemRepository = new system_repository_1.SystemRepository();
|
|
435
|
-
LoginUser._SystemAccessRepository = new system_access_repository_1.SystemAccessRepository();
|
|
436
|
-
LoginUser._LoginHistoryRepository = new login_history_repository_1.LoginHistoryRepository();
|
|
437
|
-
LoginUser._UserUserGroupRepository = new user_user_group_repository_1.UserUserGroupRepository();
|
|
438
|
-
LoginUser._UserGroupRepository = new user_group_repository_1.UserGroupRepository();
|
|
221
|
+
</p>`,
|
|
222
|
+
});
|
|
223
|
+
}
|
|
224
|
+
}
|
|
225
|
+
catch (error) {
|
|
226
|
+
throw error;
|
|
227
|
+
}
|
|
228
|
+
});
|
|
229
|
+
}
|
|
230
|
+
getPrivileges(systemCode) {
|
|
231
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
232
|
+
try {
|
|
233
|
+
const system = yield LoginUser._SystemRepository.findOne({
|
|
234
|
+
where: {
|
|
235
|
+
Code: systemCode,
|
|
236
|
+
},
|
|
237
|
+
});
|
|
238
|
+
if (!system) {
|
|
239
|
+
throw new Error('Invalid system code.');
|
|
240
|
+
}
|
|
241
|
+
const userUserGroups = yield this.getUserUserGroupFromDB(system.id);
|
|
242
|
+
const userGroupData = userUserGroups.map((u) => u.UserGroup);
|
|
243
|
+
let privileges = [];
|
|
244
|
+
for (const userGroup of userGroupData) {
|
|
245
|
+
const groupSystemPrivileges = userGroup.GroupSystemPrivileges.map((g) => g.SystemPrivilege.Code);
|
|
246
|
+
const groupRolePrivileges = userGroup.GroupRolePrivileges.map((g) => g.SystemPrivilege.Code);
|
|
247
|
+
if (userGroup.GroupLevel !== 0 &&
|
|
248
|
+
userGroup.AllowInheritFromParentYN === 'Y') {
|
|
249
|
+
const parentTreePrivileges = yield this.getPrivilegesFromUserGroup(userGroup.ParentGroupCode);
|
|
250
|
+
privileges = [...privileges, ...parentTreePrivileges];
|
|
251
|
+
}
|
|
252
|
+
privileges = [
|
|
253
|
+
...privileges,
|
|
254
|
+
...groupSystemPrivileges,
|
|
255
|
+
...groupRolePrivileges,
|
|
256
|
+
];
|
|
257
|
+
}
|
|
258
|
+
const userPrivileges = yield this.getUserPersonalPrivileges(system.id);
|
|
259
|
+
privileges = [...privileges, ...userPrivileges];
|
|
260
|
+
privileges = [...new Set(privileges)];
|
|
261
|
+
return privileges;
|
|
262
|
+
}
|
|
263
|
+
catch (error) {
|
|
264
|
+
throw error;
|
|
265
|
+
}
|
|
266
|
+
});
|
|
267
|
+
}
|
|
268
|
+
getPrivilegesFromUserGroup(groupCode) {
|
|
269
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
270
|
+
try {
|
|
271
|
+
const userGroup = yield this.getUserGroupFromDB(groupCode);
|
|
272
|
+
let privileges = [];
|
|
273
|
+
privileges = [
|
|
274
|
+
...privileges,
|
|
275
|
+
...userGroup.GroupSystemPrivileges.map((g) => g.SystemPrivilege.Code),
|
|
276
|
+
...userGroup.GroupRolePrivileges.map((g) => g.SystemPrivilege.Code),
|
|
277
|
+
];
|
|
278
|
+
const isContinue = userGroup.GroupLevel !== 0 &&
|
|
279
|
+
userGroup.AllowInheritFromParentYN === 'Y';
|
|
280
|
+
if (isContinue) {
|
|
281
|
+
const recursivePrivileges = yield this.getPrivilegesFromUserGroup(userGroup.ParentGroupCode);
|
|
282
|
+
privileges = privileges.concat(recursivePrivileges);
|
|
283
|
+
}
|
|
284
|
+
return privileges;
|
|
285
|
+
}
|
|
286
|
+
catch (error) {
|
|
287
|
+
throw error;
|
|
288
|
+
}
|
|
289
|
+
});
|
|
290
|
+
}
|
|
291
|
+
getUserGroupFromDB(groupCode) {
|
|
292
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
293
|
+
try {
|
|
294
|
+
const userGroup = yield LoginUser._UserGroupRepository.findOne({
|
|
295
|
+
where: {
|
|
296
|
+
GroupCode: groupCode,
|
|
297
|
+
},
|
|
298
|
+
include: [
|
|
299
|
+
{
|
|
300
|
+
model: group_system_privilege_entity_1.default,
|
|
301
|
+
include: {
|
|
302
|
+
model: system_privilege_entity_1.default,
|
|
303
|
+
},
|
|
304
|
+
},
|
|
305
|
+
{
|
|
306
|
+
model: group_role_privilege_entity_1.default,
|
|
307
|
+
include: {
|
|
308
|
+
model: system_privilege_entity_1.default,
|
|
309
|
+
},
|
|
310
|
+
},
|
|
311
|
+
],
|
|
312
|
+
});
|
|
313
|
+
return userGroup;
|
|
314
|
+
}
|
|
315
|
+
catch (error) {
|
|
316
|
+
throw error;
|
|
317
|
+
}
|
|
318
|
+
});
|
|
319
|
+
}
|
|
320
|
+
getUserUserGroupFromDB(systemCode) {
|
|
321
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
322
|
+
try {
|
|
323
|
+
return yield LoginUser._UserUserGroupRepository.findAll({
|
|
324
|
+
where: {
|
|
325
|
+
UserId: this.ObjectId,
|
|
326
|
+
SystemId: systemCode,
|
|
327
|
+
},
|
|
328
|
+
include: {
|
|
329
|
+
model: user_group_entity_1.default,
|
|
330
|
+
include: [
|
|
331
|
+
{
|
|
332
|
+
model: group_system_privilege_entity_1.default,
|
|
333
|
+
include: {
|
|
334
|
+
model: system_privilege_entity_1.default,
|
|
335
|
+
},
|
|
336
|
+
},
|
|
337
|
+
{
|
|
338
|
+
model: group_role_privilege_entity_1.default,
|
|
339
|
+
include: {
|
|
340
|
+
model: system_privilege_entity_1.default,
|
|
341
|
+
},
|
|
342
|
+
},
|
|
343
|
+
],
|
|
344
|
+
},
|
|
345
|
+
});
|
|
346
|
+
}
|
|
347
|
+
catch (error) {
|
|
348
|
+
throw error;
|
|
349
|
+
}
|
|
350
|
+
});
|
|
351
|
+
}
|
|
352
|
+
getUserPersonalPrivileges(systemId) {
|
|
353
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
354
|
+
try {
|
|
355
|
+
const userRole = yield LoginUser._Repository.findOne({
|
|
356
|
+
where: {
|
|
357
|
+
id: this.ObjectId,
|
|
358
|
+
},
|
|
359
|
+
include: {
|
|
360
|
+
model: system_privilege_entity_1.default,
|
|
361
|
+
},
|
|
362
|
+
});
|
|
363
|
+
let userSystemPrivileges = userRole.SystemPrivileges;
|
|
364
|
+
userSystemPrivileges = userSystemPrivileges.filter((u) => u.SystemId === systemId);
|
|
365
|
+
const userPrivileges = userSystemPrivileges.map((u) => u.Code);
|
|
366
|
+
return userPrivileges;
|
|
367
|
+
}
|
|
368
|
+
catch (error) {
|
|
369
|
+
throw error;
|
|
370
|
+
}
|
|
371
|
+
});
|
|
372
|
+
}
|
|
373
|
+
checkPrivileges(systemCode, privilegeName) {
|
|
374
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
375
|
+
try {
|
|
376
|
+
if (!this.ObjectId) {
|
|
377
|
+
throw new Error('ObjectId(UserId) is not set');
|
|
378
|
+
}
|
|
379
|
+
const userSession = yield this._SessionService.retrieveUserSession(this.ObjectId);
|
|
380
|
+
const systemLogin = userSession.systemLogins.find((system) => system.code === systemCode);
|
|
381
|
+
if (!systemLogin) {
|
|
382
|
+
return false;
|
|
383
|
+
}
|
|
384
|
+
const privileges = systemLogin.privileges;
|
|
385
|
+
const hasPrivilege = privileges.includes(privilegeName);
|
|
386
|
+
return hasPrivilege;
|
|
387
|
+
}
|
|
388
|
+
catch (error) {
|
|
389
|
+
throw error;
|
|
390
|
+
}
|
|
391
|
+
});
|
|
392
|
+
}
|
|
393
|
+
checkSession(systemCode, sessionId, userId) {
|
|
394
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
395
|
+
try {
|
|
396
|
+
const userSession = yield this._SessionService.retrieveUserSession(userId);
|
|
397
|
+
if (userSession.systemLogins.length === 0) {
|
|
398
|
+
throw new Error('Session expired.');
|
|
399
|
+
}
|
|
400
|
+
const systemLogin = userSession.systemLogins.find((sl) => sl.code === systemCode);
|
|
401
|
+
if (!systemLogin) {
|
|
402
|
+
throw new Error('Session expired.');
|
|
403
|
+
}
|
|
404
|
+
if (systemLogin.sessionId !== sessionId) {
|
|
405
|
+
throw new Error('Session expired.');
|
|
406
|
+
}
|
|
407
|
+
yield this._SessionService.refreshDuration(userId);
|
|
408
|
+
return systemLogin;
|
|
409
|
+
}
|
|
410
|
+
catch (error) {
|
|
411
|
+
throw error;
|
|
412
|
+
}
|
|
413
|
+
});
|
|
414
|
+
}
|
|
415
|
+
logout(systemCode) {
|
|
416
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
417
|
+
try {
|
|
418
|
+
if (!this.ObjectId) {
|
|
419
|
+
throw new Error('ObjectId(UserId) is not set');
|
|
420
|
+
}
|
|
421
|
+
const userSession = yield this._SessionService.retrieveUserSession(this.ObjectId);
|
|
422
|
+
const index = userSession.systemLogins.findIndex((system) => system.code === systemCode);
|
|
423
|
+
userSession.systemLogins.splice(index, 1);
|
|
424
|
+
this._SessionService.setUserSession(this.ObjectId, userSession);
|
|
425
|
+
}
|
|
426
|
+
catch (error) {
|
|
427
|
+
throw error;
|
|
428
|
+
}
|
|
429
|
+
});
|
|
430
|
+
}
|
|
431
|
+
}
|
|
432
|
+
exports.LoginUser = LoginUser;
|
|
433
|
+
LoginUser._Repository = new user_repository_1.UserRepository();
|
|
434
|
+
LoginUser._SystemRepository = new system_repository_1.SystemRepository();
|
|
435
|
+
LoginUser._SystemAccessRepository = new system_access_repository_1.SystemAccessRepository();
|
|
436
|
+
LoginUser._LoginHistoryRepository = new login_history_repository_1.LoginHistoryRepository();
|
|
437
|
+
LoginUser._UserUserGroupRepository = new user_user_group_repository_1.UserUserGroupRepository();
|
|
438
|
+
LoginUser._UserGroupRepository = new user_group_repository_1.UserGroupRepository();
|
|
439
439
|
//# sourceMappingURL=login-user.js.map
|