@tomei/sso 0.31.6 → 0.32.1

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@tomei/sso",
-  "version": "0.31.6",
+  "version": "0.32.1",
   "description": "Tomei SSO Package",
   "main": "dist/index.js",
   "scripts": {
@@ -72,7 +72,8 @@
     "reflect-metadata": "^0.1.13",
     "sequelize": "^6.32.1",
     "sequelize-typescript": "^2.1.5",
-    "speakeasy": "^2.0.0"
+    "speakeasy": "^2.0.0",
+    "uuid": "^10.0.0"
   },
   "lint-staged": {
     "*/**/*.{js,ts,tsx}": [

package/src/components/group/group.ts

@@ -8,6 +8,7 @@ import { ApplicationConfig } from '@tomei/config';
 import { Op } from 'sequelize';
 import { ActionEnum, Activity } from '@tomei/activity-history';
 import { GroupSystemAccessRepository } from '../group-system-access/group-system-access.repository';
+import SystemModel from '../../models/system.entity';
 
 export class Group extends ObjectBase {
   ObjectId: string;
@@ -511,4 +512,76 @@ export class Group extends ObjectBase {
       return error;
     }
   }
+
+  private static async getInheritedSystemAccess(
+    dbTransaction: any,
+    group: Group,
+  ): Promise<any[]> {
+    const options: any = {
+      where: {
+        GroupCode: group.GroupCode,
+        Status: 'Active',
+      },
+      include: [
+        {
+          model: SystemModel,
+        },
+      ],
+      transaction: dbTransaction,
+    };
+    let systemAccess = await Group._SystemAccessRepo.findAll(options);
+
+    if (group.InheritParentSystemAccessYN === 'Y') {
+      const parentGroup = await Group.init(
+        dbTransaction,
+        group.ParentGroupCode,
+      );
+      const parentSystemAccesses = await this.getInheritedSystemAccess(
+        dbTransaction,
+        parentGroup,
+      );
+      systemAccess = systemAccess.concat(parentSystemAccesses);
+    }
+    return systemAccess;
+  }
+
+  public static async getParentSystemAccesses(
+    loginUser: LoginUser,
+    dbTransaction: any,
+    GroupCode: string,
+  ) {
+    // Part 1: Privilege Checking
+    const systemCode = ApplicationConfig.getComponentConfigValue('system-code');
+    const isPrivileged = await loginUser.checkPrivileges(
+      systemCode,
+      'SYSTEM_ACCESS_VIEW',
+    );
+
+    if (!isPrivileged) {
+      throw new ClassError(
+        'Group',
+        'GroupErrMsg06',
+        'You do not have the privilege to view system access',
+      );
+    }
+
+    try {
+      const group = await Group.init(dbTransaction, GroupCode);
+      if (group.InheritParentSystemAccessYN !== 'Y' && !group.ParentGroupCode) {
+        return [];
+      } else {
+        const parentGroup = await Group.init(
+          dbTransaction,
+          group.ParentGroupCode,
+        );
+        const inheritSystemAccess = await Group.getInheritedSystemAccess(
+          dbTransaction,
+          parentGroup,
+        );
+        return inheritSystemAccess;
+      }
+    } catch (error) {
+      throw error;
+    }
+  }
 }

package/src/components/system/system.ts

@@ -6,6 +6,7 @@ import { ApplicationConfig } from '@tomei/config';
 import { ActionEnum, Activity } from '@tomei/activity-history';
 import { ISystemSearchAttr } from '../../interfaces/system-search-attr.interface';
 import { Op } from 'sequelize';
+import { v4 as uuidv4 } from 'uuid';
 
 export class System extends ObjectBase {
   ObjectId: string;
@@ -272,4 +273,116 @@ export class System extends ObjectBase {
       throw error;
     }
   }
+
+  public static async renewApiKeyAndSecret(
+    loginUser: LoginUser,
+    dbTransaction: any,
+    systemCode: string,
+  ) {
+    try {
+      //Part 1: Privilege Checking
+      //Call loginUser.checkPrivilege() method to check if the user has the privilege to renew API Key and Secret.
+      const sc = ApplicationConfig.getComponentConfigValue('system-code');
+      const isPrivileged = await loginUser.checkPrivileges(sc, 'SYSTEM_UPDATE');
+
+      if (!isPrivileged) {
+        throw new ClassError(
+          'System',
+          'SystemErrMsg06',
+          'You do not have permission to renew API Key and Secret.',
+        );
+      }
+
+      //Part 2: Validation
+      //Instantiate existing System
+      const system = await System.init(dbTransaction, systemCode);
+
+      //Check if system.AccessURL got value. If not, throw new ClassError
+      if (!system.AccessURL) {
+        throw new ClassError(
+          'System',
+          'SystemErrMsg07',
+          'AccessURL is required for callback',
+        );
+      }
+
+      //Check if system.Status is "Active". If not, throw new ClassError
+      if (system.Status !== 'Active') {
+        throw new ClassError(
+          'System',
+          'SystemErrMsg08',
+          'Cannot do this operation on inactive system.',
+        );
+      }
+
+      //Set EntityValueBefore to system instance.
+      const entityValueBefore = {
+        SystemCode: system.SystemCode,
+        Name: system.Name,
+        Description: system.Description,
+        AccessURL: system.AccessURL,
+        GooglePlayURL: system.GooglePlayURL,
+        AppleStoreURL: system.AppleStoreURL,
+        APIKey: system.APIKey,
+        APISecret: system.APISecret,
+        Status: system.Status,
+      };
+
+      //Part 3: Generate API key and secret
+      //Use https://www.npmjs.com/package/uuid package to generate both the api key and api secret.
+      const apiKey = uuidv4();
+      const apiSecret = uuidv4();
+
+      //Update the system instance with new API key and secret.
+      system.APIKey = apiKey;
+      system.APISecret = apiSecret;
+      system._UpdatedById = loginUser.UserId;
+      system._UpdatedAt = new Date();
+      //Call System._Repo update() method to update the system record.
+      await System._Repo.update(
+        {
+          APIKey: apiKey,
+          APISecret: apiSecret,
+          UpdatedById: system._UpdatedById,
+          UpdatedAt: system._UpdatedAt,
+        },
+        {
+          where: {
+            SystemCode: systemCode,
+          },
+          transaction: dbTransaction,
+        },
+      );
+
+      //Part 4: Record Renew API Key and Secret Activity
+      //Set EntityValueAfter to system instance.
+      const entityValueAfter = {
+        SystemCode: system.SystemCode,
+        Name: system.Name,
+        Description: system.Description,
+        AccessURL: system.AccessURL,
+        GooglePlayURL: system.GooglePlayURL,
+        AppleStoreURL: system.AppleStoreURL,
+        APIKey: system.APIKey,
+        APISecret: system.APISecret,
+        Status: system.Status,
+      };
+
+      //Instantiate new activity from Activity class, call createId() method, then set the properties.
+      const activity = new Activity();
+      activity.ActivityId = activity.createId();
+      activity.Action = ActionEnum.UPDATE;
+      activity.Description = 'Renew API key and secret for a system';
+      activity.EntityType = 'System';
+      activity.EntityId = system.SystemCode;
+      activity.EntityValueBefore = JSON.stringify(entityValueBefore);
+      activity.EntityValueAfter = JSON.stringify(entityValueAfter);
+
+      await activity.create(loginUser.ObjectId, dbTransaction);
+      //Return the updated system instance.
+      return system;
+    } catch (error) {
+      throw error;
+    }
+  }
 }