npm - @tomei/sso - Versions diffs - 0.46.9 → 0.46.10 - Mend

@tomei/sso 0.46.9 → 0.46.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@tomei/sso",
-  "version": "0.46.9",
+  "version": "0.46.10",
   "description": "Tomei SSO Package",
   "main": "dist/index.js",
   "scripts": {

package/src/components/user-privilege/user-privilege.repository.ts CHANGED Viewed

@@ -8,4 +8,18 @@ export class UserPrivilegeRepository
   constructor() {
     super(UserPrivilegeModel);
   }
+  async delete(UserPrivilegeId: number, dbTransaction?: any) {
+    try {
+      const options = {
+        where: {
+          UserPrivilegeId: UserPrivilegeId,
+        },
+        transaction: dbTransaction,
+      };
+      await UserPrivilegeModel.destroy(options);
+    } catch (error) {
+      throw new Error(`An Error occured when delete : ${error.message}`);
+    }
+  }
 }

package/src/components/user-privilege/user-privilege.ts CHANGED Viewed

@@ -9,6 +9,10 @@ import { UserGroupRepository } from '../user-group/user-group.repository';
 import GroupModel from '../../models/group.entity';
 import User from '../../models/user.entity';
 import { GroupPrivilegeRepository } from '../group-privilege/group-privilege.repository';
+import { User as UserLogin } from '../login-user/user';
+import { SystemPrivilegeRepository } from '../system-privilege/system-privilege.repository';
+import { Op } from 'sequelize';
+import { ActionEnum, Activity } from '@tomei/activity-history';
 export class UserPrivilege extends ObjectBase {
   TableName = 'sso_UserPrivilege';
@@ -43,6 +47,7 @@ export class UserPrivilege extends ObjectBase {
   private static _Repository = new UserPrivilegeRepository();
   private static _UserGroupRepository = new UserGroupRepository();
   private static _GroupPrivilegeRepository = new GroupPrivilegeRepository();
+  private static _SystemPrivilegeRepository = new SystemPrivilegeRepository();
   private constructor(userPrivilegeAttr?: IUserPrivilegeAttr) {
     super();
@@ -336,4 +341,319 @@ export class UserPrivilege extends ObjectBase {
       throw error;
     }
   }
+  public static async assignPrivileges(
+    loginUser: UserLogin, //The currently logged-in user initiating the request.
+    dbTransaction: any, //The active database transaction to ensure consistency during the query.
+    UserId: string, //The user ID for whom system access is being created.
+    SystemPrivilegeId: string, //The system code for which access is being granted.
+    Status: string, //The status of access ('Active' or 'Inactive').
+  ) {
+    try {
+      // Part 1: Privilege Check
+      // Call the LoginUser.checkPrivileges() method to validate if the loginUser has the privilege to create system privilege:
+      // SystemCode: retrieve from the application configuration.
+      // PrivilegeCode: set to "USER_PRIVILEGE_CREATE".
+      // If the user does not have the required privilege, throw an appropriate error.
+      const systemCode =
+        ApplicationConfig.getComponentConfigValue('system-code');
+      const privilegeCode = 'USER_PRIVILEGE_CREATE';
+      const isPrivileged = await loginUser.checkPrivileges(
+        systemCode,
+        privilegeCode,
+      );
+      if (!isPrivileged) {
+        throw new ClassError(
+          'UserSystemPrivilege',
+          'UserSystemPrivilegeErrMsg01',
+          'You do not have permission to access this resource.',
+        );
+      }
+      // Part 2: Validation
+      // Use UserPrivilege._SystemPrivilegeRepo.findOne method to check if the privileges exist:
+      // Pass the following parameters:
+      // - SystemPrivilegeId
+      // - dbTransaction
+      // If the record is not found, throw an error indicating that privileges don't exist.
+      // Use the UserPrivilege.findAll() method to check if the privileges has been assigned to the user:
+      // Pass the following parameters:
+      // - loginUser
+      // - dbTransaction
+      // - whereOption: set to UserId = UserId and SystemPrivilegeId = SystemPrivilegeId.
+      // If a record is found, throw an error indicating that access for this user and system already exists.
+      const isExist = await UserPrivilege._SystemPrivilegeRepository.findAll({
+        where: { SystemPrivilegeId: SystemPrivilegeId },
+        transaction: dbTransaction,
+      });
+      if (isExist?.length < 1) {
+        throw new ClassError(
+          'UserSystemPrivilege',
+          'UserSystemPrivilegeErrMsg02',
+          "system privileges don't exist",
+        );
+      }
+      const isUserAlreadyAssign = await UserPrivilege._Repository.findAll({
+        where: {
+          [Op.and]: [
+            { UserId: UserId },
+            { SystemPrivilegeId: SystemPrivilegeId },
+          ],
+        },
+        transaction: dbTransaction,
+      });
+      if (isUserAlreadyAssign?.length > 0) {
+        throw new ClassError(
+          'UserSystemPrivilege',
+          'UserSystemPrivilegeErrMsg03',
+          'User already have access to this privilege',
+        );
+      }
+      // Part 3: Insert User Privilege Record
+      // After successful validation, create a new instance of UserPrivilege with the following fields:
+      // - UserPrivilegeId: set to the result of createId
+      // - SystemPrivilegeId: set to payload.SystemPrivilegeId
+      // - Status: set to payload.Status
+      // - CreatedBy: set to LoginUser.UserId
+      // - CreatedAt: set to the current timestamps
+      // - UpdatedBy: set to LoginUser.UserId
+      // - UpdatedAt: set to the current timestamps
+      // Save the new UserPrivilege instance in the database within the dbTransaction.
+      const newUserPrivilege = new UserPrivilege();
+      newUserPrivilege.UserId = parseInt(UserId);
+      newUserPrivilege.SystemPrivilegeId = SystemPrivilegeId;
+      newUserPrivilege.Status = Status;
+      newUserPrivilege._CreatedById = loginUser.UserId;
+      newUserPrivilege._CreatedAt = new Date();
+      newUserPrivilege._UpdatedById = loginUser.UserId;
+      newUserPrivilege._UpdatedAt = new Date();
+      const payload = {
+        UserId: newUserPrivilege.UserId,
+        SystemPrivilegeId: newUserPrivilege.SystemPrivilegeId,
+        Status: newUserPrivilege.Status,
+        CreatedById: newUserPrivilege.CreatedById,
+        CreatedAt: newUserPrivilege.CreatedAt,
+        UpdatedById: newUserPrivilege.UpdatedById,
+        UpdatedAt: newUserPrivilege.UpdatedAt,
+      };
+      const userPrivilege = await UserPrivilege._Repository.create(payload, {
+        transaction: dbTransaction,
+      });
+      // Part 4: Record Activity History
+      // Initialize an empty object ({}) as EntityValueBefore.
+      // Set EntityValueAfter to the stringified version of the newly created UserPrivilege instance.
+      // Create a new activity log entry:
+      // - ActivityId: auto-generated by calling activity.createId().
+      // - Action: set to ActionEnum.Create.
+      // - Description: set to "Create User Privilege".
+      // - EntityType: set to UserPrivilege.
+      // - EntityId: set to the newly created UserPrivilege.UserPrivilegeId.
+      // - EntityValueBefore: set to {} (empty).
+      // - EntityValueAfter: set to the stringified version of the new record.
+      // Call the activity.create() method, passing:
+      // - dbTransaction
+      // - userId: set to loginUser.UserId.
+      const entityValueBefore = {};
+      //Instantiate new activity
+      const activity = new Activity();
+      activity.ActivityId = activity.createId();
+      activity.Action = ActionEnum.CREATE;
+      activity.Description = 'Create User Privilege';
+      activity.EntityType = 'UserPrivilege';
+      activity.EntityId = userPrivilege.UserPrivilegeId?.toString();
+      activity.EntityValueBefore = JSON.stringify(entityValueBefore);
+      activity.EntityValueAfter = JSON.stringify(payload);
+      //Call Activity.create method
+      await activity.create(loginUser.ObjectId, dbTransaction);
+      // Part 5: Return Newly Created Record
+      // Return the newly created UserPrivilege instance with all relevant fields, including UserPrivilegeId, SystemPrivilegeId, Status, CreatedAt, and CreatedById.
+      newUserPrivilege.UserPrivilegeId = userPrivilege.UserPrivilegeId;
+      return newUserPrivilege;
+    } catch (error) {
+      throw error;
+    }
+  }
+  public async update(
+    loginUser: UserLogin, //The user object representing the currently logged-in user.
+    dbTransaction: any, //The database transaction instance for managing the transaction scope.
+    Status: string, //The new access status (Active/Inactive) for the user privilege
+  ) {
+    try {
+      // Part 1: Update User Privilege
+      // Call the UserPrivilege._Repo.update() method to perform the update operation, passing:
+      // - Status: The new status.
+      // - UpdatedById: loginUser.UserId (to indicate who updated the record).
+      // - UpdatedAt: Set to the current date and time.
+      // - dbTransaction: The database transaction instance.
+      const entityValueBefore = {
+        UserPrivilegeId: this.UserPrivilegeId,
+        UserId: this.UserId,
+        SystemPrivilegeId: this.SystemPrivilegeId,
+        Status: this.Status,
+        CreatedById: this.CreatedById,
+        CreatedAt: this.CreatedAt,
+        UpdatedById: this.UpdatedById,
+        UpdatedAt: this.UpdatedAt,
+      };
+      await UserPrivilege._Repository.update(
+        {
+          Status: Status,
+          UpdatedById: loginUser.UserId,
+          UpdatedAt: new Date(),
+        },
+        {
+          where: {
+            UserPrivilegeId: this.UserPrivilegeId,
+          },
+          transaction: dbTransaction,
+        },
+      );
+      const entityValueAfter = {
+        UserPrivilegeId: this.UserPrivilegeId,
+        UserId: this.UserId,
+        SystemPrivilegeId: this.SystemPrivilegeId,
+        Status: Status,
+        CreatedById: this.CreatedById,
+        CreatedAt: this.CreatedAt,
+        UpdatedById: loginUser.UserId,
+        UpdatedAt: new Date(),
+      };
+      // Part 2: Record Activity History
+      // Initialize a variable entityValueBefore to store the current state of the user privilege record before the update.
+      // Create an instance of the Activity class and set the following properties:
+      // - ActivityId: Call activity.createId().
+      // - Action: Set to ActionEnum.Update.
+      // - Description: Set to Update User Privilege.
+      // - EntityType: Set to UserPrivilege.
+      // - EntityId: Use the ID of the updated user privilege record.
+      // - EntityValueBefore: Stringify entityValueBefore to capture the state before the update.
+      // - EntityValueAfter: Stringify the updated user privilege record to capture the new state after the update.
+      // Call the activity create method with the following parameters:
+      // - dbTransaction
+      // - userId: loginUser.UserId
+      const activity = new Activity();
+      activity.ActivityId = activity.createId();
+      activity.Action = ActionEnum.UPDATE;
+      activity.Description = 'Update User Privilege';
+      activity.EntityType = 'UserPrivilege';
+      activity.EntityId = this.SystemPrivilegeId + '';
+      activity.EntityValueBefore = JSON.stringify(entityValueBefore);
+      activity.EntityValueAfter = JSON.stringify(entityValueAfter);
+      await activity.create(loginUser.ObjectId, dbTransaction);
+      // Part 3: Return Updated Record
+      // Retrieve the updated user system access record from the database or return the updated instance as needed.
+      return entityValueAfter;
+    } catch (error) {
+      throw error;
+    }
+  }
+  public static async remove(
+    loginUser: UserLogin, //The currently logged-in user initiating the request.
+    dbTransaction: any, //The active database transaction to ensure consistency during the query.
+    UserPrivilegeId: number, //The unique identifier of the record to be deleted.
+  ) {
+    try {
+      // Part 1: Privilege Checking
+      // Call loginUser.checkPrivileges() method by passing:
+      // - SystemCode: Retrieve from app config.
+      // - PrivilegeCode: 'USER_PRIVILEGE_REMOVE'.
+      // If the user does not have the required privileges, throw an appropriate exception.
+      const systemCode =
+        ApplicationConfig.getComponentConfigValue('system-code');
+      const privilegeCode = 'USER_PRIVILEGE_REMOVE';
+      const isPrivileged = await loginUser.checkPrivileges(
+        systemCode,
+        privilegeCode,
+      );
+      if (!isPrivileged) {
+        throw new ClassError(
+          'UserSystemPrivilege',
+          'UserSystemPrivilegeErrMsg01',
+          'You do not have permission to access this resource.',
+        );
+      }
+      // Part 2: Retrieve Record
+      // Use the UserPrivilege._Repo.findById(UserPrivilegeId) method to retrieve the record.
+      // If the record does not exist, throw an exception indicating the record was not found.
+      const userPrivilege = await UserPrivilege._Repository.findOne({
+        where: {
+          UserPrivilegeId: UserPrivilegeId,
+        },
+        transaction: dbTransaction,
+      });
+      if (!userPrivilege) {
+        throw new ClassError(
+          'UserSystemPrivilege',
+          'UserSystemPrivilegeErrMsg01',
+          'User Privilege not Found',
+        );
+      }
+      // Part 3: Delete Record
+      // Call the UserPrivilege._Repo.delete() method, passing:
+      // - UserPrivilegeId
+      // - dbTransaction to permanently delete the record from the database.
+      await UserPrivilege._Repository.delete(UserPrivilegeId, dbTransaction);
+      const entityValueBefore = {
+        UserId: userPrivilege.UserId,
+        SystemPrivilegeId: userPrivilege.SystemPrivilegeId,
+        Status: userPrivilege.Status,
+        CreatedById: userPrivilege.CreatedById,
+        CreatedAt: userPrivilege.CreatedAt,
+        UpdatedById: userPrivilege.UpdatedById,
+        UpdatedAt: userPrivilege.UpdatedAt,
+      };
+      // Part 4: Record Activity History
+      // Instantiate a new activity from the Activity class, and set:
+      // - ActivityId: activity.createId()
+      // - Action: ActionEnum.Delete
+      // - Description: Delete User Privilege
+      // - EntityType: UserPrivilege
+      // - EntityId: UserPrivilegeId
+      // - EntityValueBefore: Stringified representation of the record before deletion.
+      // - EntityValueAfter: null.
+      // Call the activity.create() method by passing:
+      // - dbTransaction
+      // - userId: loginUser.UserId.
+      //Instantiate new activity
+      const activity = new Activity();
+      activity.ActivityId = activity.createId();
+      activity.Action = ActionEnum.DELETE;
+      activity.Description = 'Delete User Privilege';
+      activity.EntityType = 'UserPrivilege';
+      activity.EntityId = UserPrivilegeId?.toString();
+      activity.EntityValueBefore = JSON.stringify(entityValueBefore);
+      activity.EntityValueAfter = JSON.stringify({});
+      //Call Activity.create method
+      await activity.create(loginUser.ObjectId, dbTransaction);
+    } catch (error) {
+      throw error;
+    }
+  }
 }