@tomei/sso 0.51.8 → 0.51.10

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@tomei/sso",
-  "version": "0.51.8",
+  "version": "0.51.10",
   "description": "Tomei SSO Package",
   "main": "dist/index.js",
   "scripts": {

package/src/components/group/group.ts

@@ -754,6 +754,71 @@ export class Group extends TreeNodeBase<Group> {
     }
   }
 
+  public static async getSystemAccessRoles(
+    loginUser: LoginUser,
+    dbTransaction: any,
+    SystemCode: string,
+    Page: number,
+    Rows: number,
+    Search: {
+      GroupCode?: string;
+      Status?: string;
+    },
+  ) {
+    // Part 1: Privilege Checking
+    const systemCode = ApplicationConfig.getComponentConfigValue('system-code');
+    const isPrivileged = await loginUser.checkPrivileges(
+      systemCode,
+      'SYSTEM_ACCESS_VIEW',
+    );
+
+    if (!isPrivileged) {
+      throw new ClassError(
+        'Group',
+        'GroupErrMsg06',
+        'You do not have the privilege to view system access',
+      );
+    }
+
+    try {
+      // Part 2: Retrieve System Access and returns
+      const queryObj: any = { SystemCode: SystemCode };
+
+      if (Search) {
+        Object.entries(Search).forEach(([key, value]) => {
+          queryObj[key] = value;
+        });
+      }
+
+      let options: any = {
+        where: queryObj,
+        distinct: true,
+        transaction: dbTransaction,
+      };
+
+      if (Page && Rows) {
+        options = {
+          ...options,
+          limit: Rows,
+          offset: Rows * (Page - 1),
+          order: [['CreatedAt', 'DESC']],
+          include: {
+            model: GroupModel,
+            where: {
+              Type: 'Role',
+            },
+          },
+        };
+      }
+
+      const systemAccess =
+        await Group._GroupSystemAccessRepo.findAndCountAll(options);
+      return systemAccess;
+    } catch (error) {
+      return error;
+    }
+  }
+
   private static async getInheritedSystemAccess(
     dbTransaction: any,
     group: Group,
@@ -1097,6 +1162,175 @@ export class Group extends TreeNodeBase<Group> {
     }
   }
 
+  public static async getSystemPrivilegeRoles(
+    loginUser: LoginUser,
+    dbTransaction: any,
+    SystemCode: string,
+    search?: {
+      GroupCode?: string[];
+      Status?: string;
+    },
+  ) {
+    try {
+      //Part 1: Privilege Checking
+      const systemCode =
+        ApplicationConfig.getComponentConfigValue('system-code');
+      const isPrivileged = await loginUser.checkPrivileges(
+        systemCode,
+        'GROUP_PRIVILEGE_VIEW',
+      );
+
+      if (!isPrivileged) {
+        throw new ClassError(
+          'Group',
+          'GroupErrMsg11',
+          'You do not have the privilege to view group privileges',
+        );
+      }
+
+      //Part 2: Retrieve Roles Based on Privilege
+      //Retrieve Roles based on privilege on a system
+      let systemWhere: any = {};
+
+      if (search) {
+        if (search.GroupCode.length) {
+        }
+      }
+
+      if (SystemCode) {
+        systemWhere = {
+          SystemCode: {
+            [Op.substring]: SystemCode,
+          },
+        };
+      }
+
+      const groupCodesPrivileges: {
+        SystemPrivilegeId: string;
+        GroupCodes: { Code: string; Name: string }[];
+      }[] = [];
+
+      const allGroupCodePrivileges = await Group._GroupPrivilegeRepo.findAll({
+        include: [
+          {
+            model: SystemPrivilegeModel,
+            where: systemWhere,
+          },
+          {
+            model: GroupModel,
+            where: {
+              Type: 'Role',
+            },
+          },
+        ],
+        transaction: dbTransaction,
+      });
+
+      // Use a Map to group by SystemPrivilegeId
+      const privilegesMap = new Map<string, { Code: string; Name: string }[]>();
+
+      for (const groupCodePrivilege of allGroupCodePrivileges) {
+        const { SystemPrivilegeId, GroupCode, Group } = groupCodePrivilege; // `Group` contains Name from GroupModel
+
+        if (!privilegesMap.has(SystemPrivilegeId)) {
+          // Initialize with an empty array if not already present
+          privilegesMap.set(SystemPrivilegeId, []);
+        }
+
+        // Add the GroupCode and Name to the array if it exists and is not already present
+        if (GroupCode && Group?.Name) {
+          const groupCodes = privilegesMap.get(SystemPrivilegeId);
+          const newGroupEntry = { Code: GroupCode, Name: Group.Name };
+
+          // Ensure no duplicates
+          if (
+            groupCodes &&
+            !groupCodes.some(
+              (g) => g.Code === GroupCode && g.Name === Group.Name,
+            )
+          ) {
+            groupCodes.push(newGroupEntry);
+          }
+        }
+      }
+
+      // Convert the Map to the desired array format
+      privilegesMap.forEach((groupCodes, SystemPrivilegeId) => {
+        groupCodesPrivileges.push({
+          SystemPrivilegeId,
+          GroupCodes: groupCodes,
+        });
+      });
+
+      const allPrivileges = await SystemPrivilegeModel.findAll({
+        where: systemWhere,
+        transaction: dbTransaction,
+      });
+
+      const groupPrivilegeRoles: {
+        SystemPrivilegeId: string;
+        PrivilegeCode: string;
+        Description: string;
+        GroupCodes: { Code: string; Name: string }[];
+      }[] = [];
+
+      // Iterate through allPrivileges to check for matches in groupCodesPrivileges
+      for (const privilege of allPrivileges) {
+        const matchingGroupPrivilege = groupCodesPrivileges.find(
+          (groupPrivilege) =>
+            groupPrivilege.SystemPrivilegeId === privilege.SystemPrivilegeId,
+        );
+
+        if (matchingGroupPrivilege) {
+          // If match is found, push to groupPrivilegeRoles with GroupCodes
+          groupPrivilegeRoles.push({
+            SystemPrivilegeId: privilege.SystemPrivilegeId,
+            PrivilegeCode: privilege.PrivilegeCode,
+            Description: privilege.Description,
+            GroupCodes: matchingGroupPrivilege.GroupCodes,
+          });
+        } else {
+          // If no match is found, push with an empty array of GroupCodes
+          groupPrivilegeRoles.push({
+            SystemPrivilegeId: privilege.SystemPrivilegeId,
+            PrivilegeCode: privilege.PrivilegeCode,
+            Description: privilege.Description,
+            GroupCodes: [],
+          });
+        }
+      }
+
+      const filteredGroupPrivilegeRoles = groupPrivilegeRoles
+        .map((role) => {
+          if (search.GroupCode?.length) {
+            // Filter GroupCodes to only include matching Codes
+            const matchingGroupCodes = role.GroupCodes.filter((groupCode) =>
+              search.GroupCode.includes(groupCode.Code),
+            );
+
+            // If there are no matching GroupCodes, exclude this role
+            if (matchingGroupCodes.length === 0) {
+              return null;
+            }
+
+            // Return the role with filtered GroupCodes
+            return {
+              ...role,
+              GroupCodes: matchingGroupCodes,
+            };
+          }
+
+          // If search.GroupCode is not provided, include all data
+          return role;
+        })
+        .filter(Boolean); // Remove any null values
+
+      return filteredGroupPrivilegeRoles;
+    } catch (error) {
+      throw error;
+    }
+  }
+
   public static async getInheritedSystemPrivileges(
     dbTransaction: any,
     GroupCode: string,

package/src/components/group-reporting-user/group-reporting-user.ts

@@ -1,3 +1,4 @@
+import { Op, Transaction } from 'sequelize';
 import { ClassError, ObjectBase } from '@tomei/general';
 import { GroupReportingUserRepository } from './group-reporting-user.repository';
 import { IGroupReportingUserAttr } from '../../interfaces/group-reporting-user.interface';
@@ -6,7 +7,6 @@ import UserModel from '../../models/user.entity';
 import { Group } from '../group/group';
 import { ApplicationConfig } from '@tomei/config';
 import { ActionEnum, Activity } from '@tomei/activity-history';
-import { Transaction } from 'sequelize';
 
 export class GroupReportingUser extends ObjectBase {
   ObjectId: string;
@@ -216,6 +216,151 @@ export class GroupReportingUser extends ObjectBase {
     }
   }
 
+  async updateGroupReportingUser(
+    loginUser: User, //The user performing the operation(typically the logged -in user).
+    dbTransaction: any, //Database transaction object to ensure the operation is atomic.
+    groupCode: string, //The code of the group to which the user is being assigned.
+    userId: number, //The ID of the user to be added to the group.
+    rank: number, //The rank to be assigned to the user in the group.
+    status: 'Active' | 'Inactive', //The initial status of the user in the group.
+  ): Promise<GroupReportingUser> {
+    // Returns a GroupReportingUser instance representing the updated record.
+    try {
+      //Update a group reporting user entry in the sso_GroupReportingUser table.
+
+      // Validate Input Parameters
+      // Ensure groupCode exists in the sso_Group table by calling the Group.init() method.
+      await Group.init(dbTransaction, groupCode);
+      // Ensure userId exists in the sso_User table by calling the User.init() method.
+      await User.init(dbTransaction, userId);
+      // Privilege Checking
+      // Call the loginUser.checkPrivileges() method by passing:
+      // SystemCode: Retrieve from app config.
+      //   PrivilegeCode: "GROUP_REPORTING_USER_UPDATE".
+
+      const systemCode =
+        ApplicationConfig.getComponentConfigValue('system-code');
+      const isPrivileged = await loginUser.checkPrivileges(
+        systemCode,
+        'GROUP_REPORTING_USER_CREATE',
+      );
+      if (!isPrivileged) {
+        throw new ClassError(
+          'GroupReportingUser',
+          'GroupReportingUserErrMsg02',
+          'Insufficient privileges to update a user to the group',
+        );
+      }
+
+      //Get the current groupReportingUser
+      const currentGroupReportingUser = await GroupReportingUser._Repo.findOne({
+        where: {
+          GroupCode: groupCode,
+          GroupReportingUserId: this.GroupReportingUserId,
+        },
+        transaction: dbTransaction,
+      });
+
+      // Check for Duplicate User in Group
+      // Query the sso_GroupReportingUser table to see if the userId already exists in the specified groupCode.
+      const groupReportingUser = await GroupReportingUser._Repo.findOne({
+        where: {
+          GroupCode: groupCode,
+          UserId: userId,
+          GroupReportingUserId: {
+            [Op.ne]: this.GroupReportingUserId,
+          },
+        },
+        transaction: dbTransaction,
+      });
+      // If the user already exists in the group, throw an error indicating the user is already part of the group.
+      if (groupReportingUser) {
+        throw new ClassError(
+          'GroupReportingUser',
+          'GroupReportingUserErrMsg03',
+          'User already exists in the group',
+          'updateGroupReportingUser',
+        );
+      }
+      //Query the sso_GroupReportingUser table to see if the rank already exists in the specified groupCode.
+      //If the rank already exists in the group, throw an error indicating the rank is already in of the group.
+      const groupReportingUserRank = await GroupReportingUser._Repo.findOne({
+        where: {
+          GroupCode: groupCode,
+          Rank: rank,
+          GroupReportingUserId: {
+            [Op.ne]: this.GroupReportingUserId,
+          },
+        },
+        transaction: dbTransaction,
+      });
+      if (groupReportingUserRank) {
+        throw new ClassError(
+          'GroupReportingUser',
+          'GroupReportingUserErrMsg04',
+          'Rank already exists in the group',
+          'updateGroupReportingUser',
+        );
+      }
+
+      // UPDATE GroupReportingUser Entry
+      // If validation and privilege checks pass, insert a new record in the sso_GroupReportingUser table with the provided groupCode, userId, rank, status, and loginUser.UserId.Automatically capture the current timestamp for CreatedAt.
+      this.GroupCode = groupCode;
+      this.UserId = userId;
+      this.Rank = rank;
+      this.Status = status;
+      this._CreatedById = currentGroupReportingUser.CreatedById;
+      this._CreatedAt = currentGroupReportingUser.CreatedAt;
+      this._UpdatedAt = new Date();
+      this._UpdatedById = loginUser.UserId;
+
+      const entityValueAfter: any = {
+        GroupCode: groupCode,
+        UserId: userId,
+        Rank: rank,
+        Status: status,
+        CreatedById: currentGroupReportingUser.CreatedById,
+        CreatedAt: this._CreatedAt,
+        UpdatedById: loginUser.UserId,
+        UpdatedAt: this._UpdatedAt,
+      };
+
+      await GroupReportingUser._Repo.update(entityValueAfter, {
+        where: {
+          GroupReportingUserId: this.GroupReportingUserId,
+        },
+        transaction: dbTransaction,
+      });
+
+      // Record Update Activity
+      // Instantiate a new activity from the Activity class, and set:\
+      // ActivityId: activity.createId()
+      // Action: ActionEnum.Update
+      // Description: Update Group Reporting User
+      // EntityType: GroupReportingUser
+      // EntityId: newGroupReportingUser.GroupReportingUserId
+      // EntityValueBefore: Stringified empty object({})
+      // EntityValueAfter: EntityValueAfter(stringified representation of the newly created entity)
+      const activity = new Activity();
+      activity.ActivityId = activity.createId();
+      activity.Action = ActionEnum.UPDATE;
+      activity.Description = 'Update Group Reporting User';
+      activity.EntityType = 'GroupReportingUser';
+      activity.EntityId = this.GroupReportingUserId.toString();
+      activity.EntityValueBefore = JSON.stringify({});
+      activity.EntityValueAfter = JSON.stringify(entityValueAfter);
+      // Call the activity create() method by passing:
+      // dbTransaction
+      // userId: loginUser.UserId
+      await activity.create(loginUser.ObjectId, dbTransaction);
+      // Return the Updated GroupReportingUser
+      // Return the updated GroupReportingUser instance, including all the relevant details like GroupReportingUserId, groupCode, userId, rank, status, and timestamps for CreatedAt.
+      return this;
+    } catch (error) {
+      throw error;
+    }
+  }
+
   public static async findAllGroupReportingUsers(
     loginUser: User, //The authenticated user requesting the information.
     dbTransaction: any, //The database transaction to be used for this operation.