npm - @tomei/sso - Versions diffs - 0.45.3 → 0.46.0 - Mend

@tomei/sso 0.45.3 → 0.46.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (16) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@tomei/sso",
-  "version": "0.45.3",
+  "version": "0.46.0",
   "description": "Tomei SSO Package",
   "main": "dist/index.js",
   "scripts": {

package/src/components/user-group/user-group.ts CHANGED Viewed

@@ -5,6 +5,9 @@ import { LoginUser, User } from '../../components/login-user';
 import { Group } from '../../components/group';
 import { ApplicationConfig } from '@tomei/config';
 import { ActionEnum, Activity } from '@tomei/activity-history';
+import GroupSystemAccessModel from '../../models/group-system-access.entity';
+import GroupModel from '../../models/group.entity';
+import SystemModel from 'models/system.entity';
 export class UserGroup extends ObjectBase {
   ObjectType = 'UserGroup';
@@ -22,6 +25,8 @@ export class UserGroup extends ObjectBase {
   private _CreatedById: number;
   private _UpdatedById: number;
+  protected static _Repository = new UserGroupRepository();
   get CreatedAt() {
     return this._CreatedAt;
   }
@@ -38,8 +43,6 @@ export class UserGroup extends ObjectBase {
     return this._UpdatedById;
   }
-  private static _Repository = new UserGroupRepository();
   private constructor(userGroupAttr?: IUserGroupAttr) {
     super();
     if (userGroupAttr) {
@@ -296,4 +299,154 @@ export class UserGroup extends ObjectBase {
       throw error;
     }
   }
+  static async findAllInheritedSystemAccesses(
+    UserId: number,
+    loginUser: User,
+    dbTransaction: any,
+  ): Promise<
+    {
+      GroupCode: string;
+      GroupName: string;
+      InheritGroupPrivilegeYN: string;
+      InheritedGroupSystemAccesses: {
+        SystemCode: string;
+        SystemName: string;
+        AccessStatus: string;
+        CreatedAt: Date;
+        UpdatedAt: Date;
+      }[];
+    }[]
+  > {
+    try {
+      // Part 1: Privilege Checking
+      // Call  loginUser.checkPrivileges()  to ensure the user has permission to retrieve system access information.
+      // SystemCode: Retrieve from app config.
+      // PrivilegeCode:  'USER_SYSTEM_ACCESS_LIST'.
+      // If the privilege check fails, throw an error with a  403 Forbidden  status.
+      const systemCode =
+        ApplicationConfig.getComponentConfigValue('system-code');
+      const isPrivileged = await loginUser.checkPrivileges(
+        systemCode,
+        'USER_SYSTEM_ACCESS_LIST',
+      );
+      if (!isPrivileged) {
+        throw new ClassError(
+          'UserGroup',
+          'UserGroupErrMsg0X',
+          'User does not have privilege to view user system access.',
+          'findAllInheritedSystemAccesses',
+          403,
+        );
+      }
+      // Part 2: Retrieve User Groups
+      // Query the  sso_UserGroup  table to find all active groups the user belongs to.
+      // Join with the  sso_Group  table to retrieve the  GroupCode,  GroupName, and  InheritGroupSystemAccessYNfields.
+      // Ensure that the value of  InheritGroupSystemAccessYN  is explicitly  'Y'  or  'N'  for each group.
+      // If  InheritGroupSystemAccessYN  is not set, default it to  'N'.
+      // Return only active groups (based on  Status  field).
+      // The query should return the following fields for each group:
+      // GroupCode
+      // GroupName
+      // InheritGroupSystemAccessYN
+      const userGroups = await UserGroup._Repository.findAll({
+        where: {
+          UserId,
+          InheritGroupSystemAccessYN: 'Y',
+          Status: 'Active',
+        },
+        include: [
+          {
+            model: GroupModel,
+            required: true,
+            where: {
+              Status: 'Active',
+            },
+            include: [
+              {
+                model: GroupSystemAccessModel,
+                where: {
+                  Status: 'Active',
+                },
+                include: [
+                  {
+                    model: SystemModel,
+                  },
+                ],
+              },
+            ],
+          },
+        ],
+        transaction: dbTransaction,
+      });
+      const result: {
+        GroupCode: string;
+        GroupName: string;
+        InheritGroupPrivilegeYN: string;
+        InheritedGroupSystemAccesses: {
+          SystemCode: string;
+          SystemName: string;
+          AccessStatus: string;
+          CreatedAt: Date;
+          UpdatedAt: Date;
+        }[];
+      }[] = [];
+      for (const userGroup of userGroups) {
+        // Part 3: Retrieve System Access for Groups with Inheritance
+        // For each group where  InheritGroupSystemAccessYN = 'Y', query the  sso_GroupSystemAccess  table to retrieve system access details.
+        // Join with the  sso_System  table to fetch system details (SystemName,  SystemCode).
+        // Ensure only active system accesses (AccessStatus = 'Active') are included.
+        // For each system access, retrieve the following fields:
+        // SystemName  (from  sso_System.Name)
+        // SystemCode  (from  sso_System.SystemCode)
+        // AccessStatus  (from  sso_GroupSystemAccess.Status)
+        // CreatedAt  (from  sso_GroupSystemAccess.CreatedAt)
+        // UpdatedAt  (from  sso_GroupSystemAccess.UpdatedAt)
+        // Part 4: Handling Non-Inherited Groups
+        // For groups where  InheritGroupSystemAccessYN = 'N', return the group details without system access records.
+        // Set the  Systems  field to an empty array or  null  to indicate no inherited access for those groups.
+        // Part 5: Grouping Results
+        // Group the results by  GroupCode  and  GroupName.
+        // For each group, create an object with the following structure:
+        // GroupCode: Code of the group.
+        // GroupName: Name of the group.
+        // InheritGroupSystemAccessYN:  'Y'  or  'N', indicating whether the user inherits system access from the group.
+        // Systems: An array of system access objects (for groups where  InheritGroupSystemAccessYN = 'Y'), each including:
+        // SystemName
+        // SystemCode
+        // AccessStatus
+        // CreatedAt
+        // UpdatedAt
+        // For groups where  InheritGroupSystemAccessYN = 'N',  Systems  will be an empty array.
+        const groupData = {
+          GroupCode: userGroup.GroupCode,
+          GroupName: userGroup.Group.Name,
+          InheritGroupPrivilegeYN: userGroup.InheritGroupPrivilegeYN,
+          InheritedGroupSystemAccesses: [],
+        };
+        if (userGroup.InheritGroupSystemAccessYN === 'Y') {
+          groupData.InheritedGroupSystemAccesses =
+            userGroup.Group.GroupSystemAccesses.map((groupSystemAccess) => {
+              return {
+                SystemCode: groupSystemAccess.System.SystemCode,
+                SystemName: groupSystemAccess.System.Name,
+                AccessStatus: groupSystemAccess.Status,
+                CreatedAt: groupSystemAccess.CreatedAt,
+                UpdatedAt: groupSystemAccess.UpdatedAt,
+              };
+            });
+        }
+        result.push(groupData);
+      }
+      // Part 6: Return Grouped Data
+      // Return the array of grouped system accesses for the user's groups, including both inherited ('Y') and non-inherited ('N') system accesses.
+      return result;
+    } catch (error) {
+      throw error;
+    }
+  }
 }

package/src/components/user-system-access/user-system-access.ts CHANGED Viewed

@@ -1,6 +1,11 @@
 import { ClassError, ObjectBase } from '@tomei/general';
 import { UserSystemAccessRepository } from './user-system-access.repository';
 import { IUserSystemAccess } from '../../interfaces/user-system-access.interface';
+import { User } from '../login-user/user';
+import { System } from '../system/system';
+import { ApplicationConfig } from '@tomei/config';
+import SystemModel from '../../models/system.entity';
+import UserModel from '../../models/user.entity';
 export class UserSystemAccess extends ObjectBase {
   ObjectType = 'UserSystemAccess';
@@ -73,4 +78,104 @@ export class UserSystemAccess extends ObjectBase {
       throw error;
     }
   }
+  public static async findAll(
+    loginUser: User, //The currently logged-in user initiating the request.
+    dbTransaction: any, //The active database transaction to ensure consistency during the query.
+    whereOption: {
+      //An object containing filter criteria, specifically:
+      UserId: number; //The ID of the user whose system access records are to be retrieved.
+    },
+    pagination: {
+      //An object containing pagination parameters:
+      page: number; //The current page number to retrieve.
+      limit: number; //The number of records to retrieve per page.
+    },
+  ): Promise<{
+    records: {
+      SystemName: string;
+      SystemCode: string;
+      Status: string;
+      CreatedBy: string;
+      CreatedAt: Date;
+      UpdatedBy: string;
+      UpdatedAt: Date;
+    }[];
+    pagination: {
+      currentPage: number;
+      pageSize: number;
+      totalRecords: number;
+    };
+  }> {
+    try {
+      // Privilege Checking:
+      // Call loginUser.checkPrivileges() method by passing:
+      // SystemCode: Retrieve from app config.
+      //   PrivilegeCode: 'USER_SYSTEM_ACCESS_LIST'.
+      const systemCode =
+        ApplicationConfig.getComponentConfigValue('system-code');
+      const privilegeCode = 'USER_SYSTEM_ACCESS_LIST';
+      const isPrivileged = await loginUser.checkPrivileges(
+        systemCode,
+        privilegeCode,
+      );
+      if (!isPrivileged) {
+        throw new ClassError(
+          'UserSystemAccess',
+          'UserSystemAccessErrMsg01',
+          'You do not have permission to access this resource.',
+        );
+      }
+      // Create a where condition using whereOption to filter by UserId.
+      //   Set up pagination logic using the pagination parameter:
+      //     Calculate offset based on page and limit.
+      const options: any = {
+        where: {
+          UserId: whereOption.UserId,
+        },
+        offset: (pagination.page - 1) * pagination.limit,
+        limit: pagination.limit,
+        transaction: dbTransaction,
+        include: [
+          {
+            model: SystemModel,
+            attributes: ['SystemName', 'SystemCode'],
+          },
+          {
+            model: UserModel,
+            as: 'CreatedByUser',
+            attributes: ['FullName'],
+          },
+          {
+            model: UserModel,
+            as: 'UpdatedByUser',
+            attributes: ['FullName'],
+          },
+        ],
+      };
+      const userSystemAccesses = await this._Repository.findAllWithPagination(
+        options,
+      );
+      return {
+        records: userSystemAccesses.rows.map((userSystemAccess) => {
+          return {
+            SystemName: userSystemAccess.System.Name,
+            SystemCode: userSystemAccess.System.SystemCode,
+            Status: userSystemAccess.Status,
+            CreatedBy: userSystemAccess.CreatedByUser.FullName,
+            CreatedAt: userSystemAccess.CreatedAt,
+            UpdatedBy: userSystemAccess.UpdatedByUser.FullName,
+            UpdatedAt: userSystemAccess.UpdatedAt,
+          };
+        }),
+        pagination: {
+          currentPage: pagination.page,
+          pageSize: pagination.limit,
+          totalRecords: userSystemAccesses.count,
+        },
+      };
+    } catch (error) {
+      throw error;
+    }
+  }
 }

package/src/models/user-system-access.entity.ts CHANGED Viewed

@@ -64,15 +64,24 @@ export default class UserSystemAccessModel extends Model {
   @UpdatedAt
   UpdatedAt: Date;
-  @BelongsTo(() => User, 'UserId')
+  @BelongsTo(() => User, {
+    foreignKey: 'UserId',
+    as: 'User',
+  })
   User: User;
-  @BelongsTo(() => SystemModel, 'UserId')
+  @BelongsTo(() => SystemModel)
   System: SystemModel;
-  @BelongsTo(() => User, 'CreatedById')
+  @BelongsTo(() => User, {
+    foreignKey: 'CreatedById',
+    as: 'CreatedByUser',
+  })
   CreatedByUser: User;
-  @BelongsTo(() => User, 'UpdatedById')
+  @BelongsTo(() => User, {
+    foreignKey: 'UpdatedById',
+    as: 'UpdatedByUser',
+  })
   UpdatedByUser: User;
 }

package/src/models/user.entity.ts CHANGED Viewed

@@ -168,9 +168,15 @@ export default class User extends Model {
   @HasMany(() => UserObjectPrivilegeModel)
   UserObjectPrivileges: UserObjectPrivilegeModel[];
-  @BelongsTo(() => User, 'CreatedById')
+  @BelongsTo(() => User, {
+    as: 'CreatedBy',
+    foreignKey: 'CreatedById',
+  })
   CreatedBy: User;
-  @BelongsTo(() => User, 'UpdatedById')
+  @BelongsTo(() => User, {
+    as: 'UpdatedBy',
+    foreignKey: 'UpdatedById',
+  })
   UpdatedBy: User;
 }