@tomei/sso 0.38.8 → 0.39.0

package/migrations/20240528063108-create-api-key-table.js

@@ -0,0 +1,89 @@
+'use strict';
+
+/** @type {import('sequelize-cli').Migration} */
+module.exports = {
+  async up(queryInterface, Sequelize) {
+    await queryInterface.createTable(
+      'sso_APIKey',
+      {
+        APIKeyId: {
+          primaryKey: true,
+          type: Sequelize.INTEGER,
+          allowNull: false,
+          autoIncrement: true,
+        },
+        APIKey: {
+          type: Sequelize.STRING(128),
+          allowNull: false,
+          unique: true,
+        },
+        Name: {
+          type: Sequelize.STRING(255),
+          allowNull: false,
+        },
+        Description: {
+          type: Sequelize.TEXT,
+          allowNull: true,
+        },
+        Status: {
+          type: Sequelize.STRING(50),
+          defaultValue: 'Active',
+          allowNull: false,
+        },
+        ExpirationDate: {
+          allowNull: false,
+          type: Sequelize.DATE,
+        },
+        CreatedAt: {
+          allowNull: false,
+          defaultValue: Sequelize.literal('CURRENT_TIMESTAMP(3)'),
+          type: Sequelize.DATE,
+        },
+        CreatedById: {
+          type: Sequelize.INTEGER,
+          allowNull: true,
+          references: {
+            model: 'sso_User',
+            key: 'UserId',
+          },
+          onDelete: 'CASCADE',
+          onUpdate: 'CASCADE',
+        },
+        InvokedAt: {
+          allowNull: true,
+          type: Sequelize.DATE,
+        },
+        InvokedById: {
+          type: Sequelize.INTEGER,
+          allowNull: true,
+          references: {
+            model: 'sso_User',
+            key: 'UserId',
+          },
+          onDelete: 'CASCADE',
+          onUpdate: 'CASCADE',
+        },
+      },
+      {
+        uniqueKeys: {
+          IDX_ApiKey: {
+            customIndex: true,
+            fields: ['APIKey'],
+          },
+          IDX_CreatedById: {
+            customIndex: true,
+            fields: ['CreatedById'],
+          },
+          IDX_InvokedById: {
+            customIndex: true,
+            fields: ['InvokedById'],
+          },
+        },
+      },
+    );
+  },
+
+  async down(queryInterface, Sequelize) {
+    await queryInterface.dropTable('sso_APIKey');
+  },
+};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@tomei/sso",
-  "version": "0.38.8",
+  "version": "0.39.0",
   "description": "Tomei SSO Package",
   "main": "dist/index.js",
   "scripts": {

package/src/components/api-key/api-key.repository.ts

@@ -0,0 +1,15 @@
+import { RepositoryBase, IRepositoryBase } from '@tomei/general';
+import APIKeyModel from 'models/api-key-entity';
+
+export class APIKeyRepository
+  extends RepositoryBase<APIKeyModel>
+  implements IRepositoryBase<APIKeyModel>
+{
+  constructor() {
+    super(APIKeyModel);
+  }
+
+  async findByPk(id: string, options?: any): Promise<APIKeyModel> {
+    return await APIKeyModel.findByPk(parseInt(id), options);
+  }
+}

package/src/components/api-key/api-key.ts

@@ -0,0 +1,196 @@
+import { ClassError, ObjectBase } from '@tomei/general';
+import { APIKeyStatusEnum } from '../../enum/api-key.enum';
+import { APIKeyRepository } from './api-key.repository';
+import { IAPIKeyAttr } from '../../interfaces/api-key-attr.interface';
+import { LoginUser } from '../login-user/login-user';
+import { ApplicationConfig } from '@tomei/config';
+import { randomUUID, randomBytes } from 'crypto';
+import { ActionEnum, Activity } from '@tomei/activity-history';
+
+export class APIKey extends ObjectBase {
+  ObjectId: string;
+  ObjectName: string;
+  ObjectType: 'ApiKey';
+  TableName: 'sso_APIKey';
+
+  ApiKey: string;
+  Name: string;
+  Description: string;
+  Status: APIKeyStatusEnum;
+  ExperationDate: Date;
+  _InvokedById: number;
+  _InvokedAt: Date;
+  _CreatedAt: Date;
+  _CreatedById: number;
+
+  get APIKeyId(): number {
+    return parseInt(this.ObjectId);
+  }
+
+  set APIKeyId(value: number) {
+    this.ObjectId = value.toString();
+  }
+
+  get InvokedById(): number {
+    return this._InvokedById;
+  }
+
+  get InvokedAt(): Date {
+    return this._InvokedAt;
+  }
+
+  get CreatedAt(): Date {
+    return this._CreatedAt;
+  }
+
+  get CreatedById(): number {
+    return this._CreatedById;
+  }
+
+  protected static _Repo = new APIKeyRepository();
+
+  protected constructor(apiKeyAttr?: IAPIKeyAttr) {
+    super();
+    if (apiKeyAttr) {
+      this.APIKeyId = apiKeyAttr.APIKeyId;
+      this.ApiKey = apiKeyAttr.ApiKey;
+      this.Name = apiKeyAttr.Name;
+      this.Description = apiKeyAttr.Description;
+      this.Status = apiKeyAttr.Status;
+      this.ExperationDate = apiKeyAttr.ExperationDate;
+      this._InvokedById = apiKeyAttr.InvokedById;
+      this._InvokedAt = apiKeyAttr.InvokedAt;
+      this._CreatedAt = apiKeyAttr.CreatedAt;
+      this._CreatedById = apiKeyAttr.CreatedById;
+    }
+  }
+
+  public static async init(ApiKeyId?: number, dbTransaction?: any) {
+    try {
+      if (ApiKeyId) {
+        const apiKeyAttr = await this._Repo.findByPk(
+          ApiKeyId.toString(),
+          dbTransaction,
+        );
+        if (apiKeyAttr) {
+          return new APIKey(apiKeyAttr);
+        } else {
+          throw new ClassError(
+            'APIKey',
+            'APIKeyErrMsgO1',
+            'APIKey not found',
+            'init',
+          );
+        }
+      }
+      return new APIKey();
+    } catch (error) {
+      throw error;
+    }
+  }
+
+  async generate(loginUser: LoginUser, dbTransaction?: any) {
+    //This method generates a new API key and saves it into the database.
+    try {
+      // Part 2: Privilege Checking
+      // Call loginUser.checkPrivileges() method by passing:
+      // SystemCode: <get_from_app_config>
+      // PrivilegeCode: "API_KEY_CREATE"
+      const systemCode =
+        ApplicationConfig.getComponentConfigValue('system-code');
+      const isPrivileged = await loginUser.checkPrivileges(
+        systemCode,
+        'API_KEY_CREATE',
+      );
+
+      if (!isPrivileged) {
+        throw new ClassError(
+          'APIKey',
+          'APIKeyErrMsgO2',
+          'User does not have privilege to generate API key.',
+          'generate',
+        );
+      }
+
+      // Part 3: Generate API Key
+      // Populate the following attributes:
+      // CreatedById: Set to loginUser.UserId.
+      this._CreatedById = loginUser.UserId;
+      // CreatedAt: Set to current date time.
+      this._CreatedAt = new Date();
+      // Generate a unique API key string:
+      // Use a secure random function or crypto module to generate a 64-character hexadecimal string.
+      // Assign the generated string to this.ApiKey.
+      this.ApiKey = randomBytes(64).toString('hex');
+
+      // Part 4: Save API Key to Database
+      // Call APIKey._Repo.create() by passing:
+      // loginUser
+      // dbTransaction
+      // This APIKey instance.
+      const EntityValueAfter: any = {
+        ApiKey: this.ApiKey,
+        Name: this.Name,
+        Status: this.Status,
+        ExpirationDate: this.ExperationDate,
+        CreatedAt: this.CreatedAt,
+        CreatedById: this.CreatedById,
+        InvokedAt: this.InvokedAt,
+        InvokedById: this.InvokedById,
+      };
+
+      const data = await APIKey._Repo.create(EntityValueAfter, {
+        transaction: dbTransaction,
+      });
+
+      EntityValueAfter.ApiKeyId = data.APIKeyId;
+
+      // Part 5: Record Generate API Key Activity
+      // Initialise EntityValueBefore variable and set to empty object.
+      const EntityValueBefore = {};
+      // Initialise EntityValueAfter variable and set to this APIKey instance.
+      // Instantiate new activity from Activity class, call createId() method, then set:
+      const activity = new Activity();
+      activity.ActivityId = activity.createId();
+      // Action: ActionEnum.Create
+      // Description: "Generate API key."
+      // EntityType: "APIKey"
+      // EntityId: <this.APIKeyId>
+      // EntityValueBefore: EntityValueBefore
+      // EntityValueAfter: EntityValueAfter
+      activity.Action = ActionEnum.CREATE;
+      activity.Description = 'Generate API key.';
+      activity.EntityType = 'APIKey';
+      activity.EntityId = this.ObjectId;
+      activity.EntityValueBefore = JSON.stringify(EntityValueBefore);
+      activity.EntityValueAfter = JSON.stringify(EntityValueAfter);
+      // Call new activity create method by passing:
+      // dbTransaction
+      // userId: loginUser.ObjectId
+      await activity.create(loginUser.ObjectId, dbTransaction);
+
+      // Part 6: Returns
+      // Translate the created APIKey entity into an object and return the following fields:
+      // ApiKey
+      // Name
+      // Status
+      // ExpirationDate
+      // CreatedAt
+      // CreatedById
+      // InvokedAt
+      // InvokedById
+      return {
+        ApiKey: this.ApiKey,
+        Name: this.Name,
+        Status: this.Status,
+        ExpirationDate: this.ExperationDate,
+        CreatedAt: this.CreatedAt,
+        CreatedById: this.CreatedById,
+        InvokedAt: this.InvokedAt,
+        InvokedById: this.InvokedById,
+      };
+    } catch (error) {
+      throw error;
+    }
+  }
+}

package/src/components/api-key/index.ts

@@ -0,0 +1,4 @@
+import { APIKeyRepository } from './api-key.repository';
+import { APIKey } from './api-key';
+
+export { APIKeyRepository, APIKey };

package/src/components/group/group.ts

@@ -72,6 +72,10 @@ export class Group extends TreeNodeBase<Group> {
     return this._UpdatedAt;
   }
 
+  get Path(): string {
+    return this._Path;
+  }
+
   set Path(value: string) {
     this._Path = value;
   }
@@ -434,10 +438,12 @@ export class Group extends TreeNodeBase<Group> {
         //Break the path into array with oldGroupCode/ as separator;
         const path = children.Path.split(`${oldGroupCode}/`);
         //Retrive the last element of the array
-        const childPath = path[path.length - 1];
-        //Combine the childPath with this.Path
-        children.Path = `${this.Path}/${childPath}`;
-        await children.update({ Path: path }, { transaction: dbTransaction });
+        const childPath = path[1];
+        //Combine the childPath with this.Path then save it to the children.Path
+        await children.update(
+          { Path: `${this._Path}/${childPath}` },
+          { transaction: dbTransaction },
+        );
       });
     } catch (error) {
       throw error;
@@ -474,39 +480,38 @@ export class Group extends TreeNodeBase<Group> {
       );
     }
     try {
-      const currentGroup = await Group.init(dbTransaction, group.GroupCode);
       if (group.NewGroupCode) {
         await Group.checkDuplicateGroupCode(dbTransaction, group.NewGroupCode);
       }
 
       const entityValueBefore = {
-        GroupCode: currentGroup.GroupCode,
-        Name: currentGroup.Name,
-        Type: currentGroup.Type,
-        Description: currentGroup.Description,
-        ParentGroupCode: currentGroup.ParentGroupCode,
-        InheritParentPrivilegeYN: currentGroup.InheritParentPrivilegeYN,
-        InheritParentSystemAccessYN: currentGroup.InheritParentSystemAccessYN,
-        Path: currentGroup.Path,
-        Status: currentGroup.Status,
-        CreatedById: currentGroup._CreatedById,
-        UpdatedById: currentGroup._UpdatedById,
-        CreatedAt: currentGroup._CreatedAt,
-        UpdatedAt: currentGroup._UpdatedAt,
+        GroupCode: this.GroupCode,
+        Name: this.Name,
+        Type: this.Type,
+        Description: this.Description,
+        ParentGroupCode: this.ParentGroupCode,
+        InheritParentPrivilegeYN: this.InheritParentPrivilegeYN,
+        InheritParentSystemAccessYN: this.InheritParentSystemAccessYN,
+        Path: this.Path,
+        Status: this.Status,
+        CreatedById: this._CreatedById,
+        UpdatedById: this._UpdatedById,
+        CreatedAt: this._CreatedAt,
+        UpdatedAt: this._UpdatedAt,
       };
 
       let isPathChanged = false;
-      const oldGroupCode = currentGroup.GroupCode;
+      const oldGroupCode = this.GroupCode;
       if (group.NewGroupCode) {
-        currentGroup.GroupCode = group.NewGroupCode;
+        this.GroupCode = group.NewGroupCode;
         isPathChanged = true;
       }
 
       //Check if ParentGroupCode is changed or added
       if (
         (group.ParentGroupCode &&
-          currentGroup.ParentGroupCode !== group.ParentGroupCode) ||
-        (group.ParentGroupCode && !currentGroup.ParentGroupCode)
+          this.ParentGroupCode !== group.ParentGroupCode) ||
+        (group.ParentGroupCode && !this.ParentGroupCode)
       ) {
         const parentGroup = await Group.init(
           dbTransaction,
@@ -519,46 +524,43 @@ export class Group extends TreeNodeBase<Group> {
             'Parent Group Code not found',
           );
         }
-        await currentGroup.setParent(parentGroup);
+        await this.setParent(parentGroup);
         //Check if ParentGroupCode is removed
         isPathChanged = true;
-      } else if (!group.ParentGroupCode && currentGroup.ParentGroupCode) {
-        await currentGroup.setParent(null);
+      } else if (!group.ParentGroupCode && this.ParentGroupCode) {
+        await this.setParent(null);
         isPathChanged = true;
       }
 
       if (isPathChanged) {
-        await currentGroup.updateChildrenPath(oldGroupCode, dbTransaction);
+        await this.updateChildrenPath(oldGroupCode, dbTransaction);
       }
 
-      currentGroup.Name = group?.Name || currentGroup.Name;
-      currentGroup.Type = group?.Type || currentGroup.Type;
-      currentGroup.Description = group?.Description || currentGroup.Description;
-      currentGroup.ParentGroupCode =
-        group?.ParentGroupCode || currentGroup.ParentGroupCode;
-      currentGroup.InheritParentPrivilegeYN =
-        group?.InheritParentPrivilegeYN ||
-        currentGroup.InheritParentPrivilegeYN;
-      currentGroup.InheritParentSystemAccessYN =
-        group?.InheritParentSystemAccessYN ||
-        currentGroup.InheritParentSystemAccessYN;
-      currentGroup.Status = group?.Status || currentGroup.Status;
-      currentGroup._UpdatedById = loginUser.UserId;
-      currentGroup._UpdatedAt = new Date();
+      this.Name = group?.Name || this.Name;
+      this.Type = group?.Type || this.Type;
+      this.Description = group?.Description || this.Description;
+      this.ParentGroupCode = group?.ParentGroupCode || this.ParentGroupCode;
+      this.InheritParentPrivilegeYN =
+        group?.InheritParentPrivilegeYN || this.InheritParentPrivilegeYN;
+      this.InheritParentSystemAccessYN =
+        group?.InheritParentSystemAccessYN || this.InheritParentSystemAccessYN;
+      this.Status = group?.Status || this.Status;
+      this._UpdatedById = loginUser.UserId;
+      this._UpdatedAt = new Date();
 
       await Group._Repo.update(
         {
-          GroupCode: currentGroup.GroupCode,
-          Name: currentGroup.Name,
-          Type: currentGroup.Type,
-          Description: currentGroup.Description,
-          ParentGroupCode: currentGroup.ParentGroupCode,
-          InheritParentPrivilegeYN: currentGroup.InheritParentPrivilegeYN,
-          InheritParentSystemAccessYN: currentGroup.InheritParentSystemAccessYN,
-          Status: currentGroup.Status,
-          Path: currentGroup._Path,
-          UpdatedById: currentGroup._UpdatedById,
-          UpdatedAt: currentGroup._UpdatedAt,
+          GroupCode: this.GroupCode,
+          Name: this.Name,
+          Type: this.Type,
+          Description: this.Description,
+          ParentGroupCode: this.ParentGroupCode,
+          InheritParentPrivilegeYN: this.InheritParentPrivilegeYN,
+          InheritParentSystemAccessYN: this.InheritParentSystemAccessYN,
+          Status: this.Status,
+          Path: this._Path,
+          UpdatedById: this._UpdatedById,
+          UpdatedAt: this._UpdatedAt,
         },
         {
           where: {
@@ -569,19 +571,19 @@ export class Group extends TreeNodeBase<Group> {
       );
 
       const entityValueAfter = {
-        GroupCode: currentGroup.GroupCode,
-        Name: currentGroup.Name,
-        Type: currentGroup.Type,
-        Description: currentGroup.Description,
-        ParentGroupCode: currentGroup.ParentGroupCode,
-        InheritParentPrivilegeYN: currentGroup.InheritParentPrivilegeYN,
-        InheritParentSystemAccessYN: currentGroup.InheritParentSystemAccessYN,
-        Status: currentGroup.Status,
-        Path: currentGroup._Path,
-        CreatedById: currentGroup._CreatedById,
-        UpdatedById: currentGroup._UpdatedById,
-        CreatedAt: currentGroup._CreatedAt,
-        UpdatedAt: currentGroup._UpdatedAt,
+        GroupCode: this.GroupCode,
+        Name: this.Name,
+        Type: this.Type,
+        Description: this.Description,
+        ParentGroupCode: this.ParentGroupCode,
+        InheritParentPrivilegeYN: this.InheritParentPrivilegeYN,
+        InheritParentSystemAccessYN: this.InheritParentSystemAccessYN,
+        Status: this.Status,
+        Path: this._Path,
+        CreatedById: this._CreatedById,
+        UpdatedById: this._UpdatedById,
+        CreatedAt: this._CreatedAt,
+        UpdatedAt: this._UpdatedAt,
       };
 
       const activity = new Activity();
@@ -594,7 +596,7 @@ export class Group extends TreeNodeBase<Group> {
       activity.EntityValueAfter = JSON.stringify(entityValueAfter);
       await activity.create(loginUser.ObjectId, dbTransaction);
 
-      return currentGroup;
+      return this;
     } catch (error) {
       throw error;
     }

package/src/components/login-user/user.ts

@@ -32,6 +32,7 @@ import { LoginStatusEnum } from '../../enum/login-status.enum';
 import { RedisService } from '../../redis-client/redis.service';
 import { LoginUser } from './login-user';
 import { SessionService } from '../../session/session.service';
+import { randomUUID } from 'crypto';
 
 export class User extends UserBase {
   ObjectId: string;
@@ -565,16 +566,15 @@ export class User extends UserBase {
       const userSession = await this._SessionService.retrieveUserSession(
         this.ObjectId,
       );
-      let systemLogin = userSession.systemLogins.find(
+      const systemLogin = userSession.systemLogins.find(
         (system) => system.code === systemCode,
       );
 
       // generate new session id
-      const { randomUUID } = require('crypto');
-      const sessionId = randomUUID();
+      const sessionId: string = randomUUID();
 
       if (systemLogin) {
-        systemLogin = systemLogin.sessionId = sessionId;
+        systemLogin.sessionId = sessionId;
         userSession.systemLogins.map((system) =>
           system.code === systemCode ? systemLogin : system,
         );

package/src/enum/api-key.enum.ts

@@ -0,0 +1,5 @@
+export enum APIKeyStatusEnum {
+  ACTIVE = 'Active',
+  INACTIVE = 'Inactive',
+  EXPIRED = 'Expired',
+}

package/src/enum/index.ts

@@ -3,3 +3,4 @@ export * from './user-status.enum';
 export * from './group-type.enum';
 export * from './object-status.enum';
 export * from './login-status.enum';
+export * from './api-key.enum';

package/src/interfaces/api-key-attr.interface.ts

@@ -0,0 +1,14 @@
+import { APIKeyStatusEnum } from '../enum/api-key.enum';
+
+export interface IAPIKeyAttr {
+  APIKeyId: number;
+  ApiKey: string;
+  Name: string;
+  Description: string;
+  Status: APIKeyStatusEnum;
+  ExperationDate: Date;
+  CreatedById: number;
+  InvokedById: number;
+  CreatedAt: Date;
+  InvokedAt: Date;
+}

package/src/interfaces/index.ts

@@ -10,3 +10,4 @@ export * from './group-object-privilege.interface';
 export * from './group-privilege.interface';
 export * from './system-search-attr.interface';
 export * from './group-search-attr.interface';
+export * from './api-key-attr.interface';

package/src/models/api-key-entity.ts

@@ -0,0 +1,87 @@
+import {
+  BelongsTo,
+  Column,
+  CreatedAt,
+  DataType,
+  ForeignKey,
+  Index,
+  Model,
+  Table,
+} from 'sequelize-typescript';
+import User from './user.entity';
+import { APIKeyStatusEnum } from '../enum/api-key.enum';
+
+@Table({
+  tableName: 'sso_ApiKey',
+  timestamps: true,
+  createdAt: 'CreatedAt',
+  updatedAt: false,
+})
+export default class APIKeyModel extends Model {
+  @Column({
+    primaryKey: true,
+    type: DataType.INTEGER,
+    allowNull: false,
+    autoIncrement: true,
+  })
+  APIKeyId: number;
+
+  @Column({
+    type: DataType.STRING(128),
+  })
+  @Index('IDX_ApiKey')
+  ApiKey: string;
+
+  @Column({
+    type: DataType.STRING(255),
+    allowNull: false,
+  })
+  Name: string;
+
+  @Column({
+    type: DataType.TEXT,
+    allowNull: true,
+  })
+  Description: string;
+
+  @Column({
+    type: DataType.STRING(50),
+    allowNull: false,
+  })
+  Status: APIKeyStatusEnum;
+
+  @Column({
+    type: DataType.DATE,
+    allowNull: true,
+  })
+  ExperationDate: Date;
+
+  @ForeignKey(() => User)
+  @Column({
+    type: DataType.INTEGER,
+  })
+  @Index('IDX_CreatedById')
+  CreatedById: number;
+
+  @ForeignKey(() => User)
+  @Column({
+    type: DataType.INTEGER,
+  })
+  @Index('IDX_InvokedById')
+  InvokedById: number;
+
+  @CreatedAt
+  CreatedAt: Date;
+
+  @Column({
+    type: DataType.DATE,
+    allowNull: true,
+  })
+  InvokedAt: Date;
+
+  @BelongsTo(() => User, 'CreatedById')
+  CreatedByUser: User;
+
+  @BelongsTo(() => User, 'RevokedById')
+  UpdatedByUser: User;
+}