@tomei/sso 0.58.1 → 0.58.4

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@tomei/sso",
-  "version": "0.58.1",
+  "version": "0.58.4",
   "description": "Tomei SSO Package",
   "main": "dist/index.js",
   "scripts": {

package/src/components/api-key/api-key.ts

@@ -301,6 +301,7 @@ export class APIKey extends ObjectBase {
         offset,
         limit: pagination.limit,
         transaction: dbTransaction,
+        distinct: true,
       });
 
       // Return the list of API keys including:

package/src/components/group/group.ts

@@ -239,6 +239,7 @@ export class Group extends TreeNodeBase<Group> {
         limit: row,
         offset: row * (page - 1),
         order: [['CreatedAt', 'DESC']],
+        distinct: true,
       };
     }
 

package/src/components/login-user/login-user.ts

@@ -9,6 +9,9 @@ import { IUserAttr, IUserInfo } from './interfaces/user-info.interface';
 import Staff from '../../models/staff.entity';
 import UserModel from '../../models/user.entity';
 import { createHash, randomBytes } from 'crypto';
+import { UserGroupRepository } from '../user-group/user-group.repository';
+import GroupSystemAccessModel from '../../models/group-system-access.entity';
+import SystemModel from '../../models/system.entity';
 
 export class LoginUser extends User implements ILoginUser {
   session = {
@@ -219,11 +222,71 @@ export class LoginUser extends User implements ILoginUser {
           UpdatedById: systemAccess[i].UpdatedById,
           CreatedAt: systemAccess[i].CreatedAt,
           UpdatedAt: systemAccess[i].UpdatedAt,
+          inheritedBy: ['OWN'],
           System: system,
         });
       }
     }
 
+    let userGroupRepository = new UserGroupRepository();
+    const userGroups = await userGroupRepository.findAll({
+      where: {
+        UserId: loginUser.UserId,
+        Status: 'Active',
+      },
+      include: [
+        {
+          model: GroupModel,
+          required: true,
+          where: {
+            Status: 'Active',
+          },
+          include: [
+            {
+              model: GroupSystemAccessModel,
+              where: {
+                Status: 'Active',
+              },
+              include: [
+                {
+                  model: SystemModel,
+                },
+              ],
+            },
+          ],
+        },
+      ],
+      transaction: dbTransaction,
+    });
+
+    if (userGroups) {
+      for (let i = 0; i < userGroups.length; i++) {
+        let systemAccessList = userGroups[i].Group.GroupSystemAccesses;
+        for (let j = 0; j < systemAccessList.length; j++) {
+          let systemDetails = systemAccessList[j];
+          let isFound = output.findIndex(
+            (e) => e.SystemCode === systemDetails.SystemCode,
+          );
+          if (isFound > -1) {
+            output[isFound].inheritedBy.push(userGroups[i].GroupCode);
+          } else {
+            output.push({
+              UserSystemAccessId: systemDetails.GroupSystemAccessId,
+              UserId: systemDetails.GroupSystemAccessId,
+              SystemCode: systemDetails.SystemCode,
+              Status: systemDetails.Status,
+              CreatedById: systemDetails.CreatedById,
+              UpdatedById: systemDetails.UpdatedById,
+              CreatedAt: systemDetails.CreatedAt,
+              UpdatedAt: systemDetails.UpdatedAt,
+              inheritedBy: [userGroups[i].GroupCode],
+              System: systemDetails.System,
+            });
+          }
+        }
+      }
+    }
+
     // Part 3: Map Result to System Object
     return output;
   }

package/src/components/login-user/user.ts

@@ -2132,25 +2132,26 @@ export class User extends UserBase {
       DepartmentCode?: string;
       ContactNo?: string;
       IdNo?: string;
+      FullName?: string;
     },
     loginUser: User,
     dbTransaction: any,
   ) {
     //Part 1: Privilege Checking
-    const systemCode = ApplicationConfig.getComponentConfigValue('system-code');
-    const isPrivileged = await loginUser.checkPrivileges(
-      systemCode,
-      'User - Update',
-    );
-
-    //If user does not have privilege to update user, throw a ClassError
-    if (!isPrivileged) {
-      throw new ClassError(
-        'LoginUser',
-        'LoginUserErrMsg0X',
-        'You do not have the privilege to update user',
-      );
-    }
+    // const systemCode = ApplicationConfig.getComponentConfigValue('system-code');
+    // const isPrivileged = await loginUser.checkPrivileges(
+    //   systemCode,
+    //   'User - Update',
+    // );
+
+    // //If user does not have privilege to update user, throw a ClassError
+    // if (!isPrivileged) {
+    //   throw new ClassError(
+    //     'LoginUser',
+    //     'LoginUserErrMsg0X',
+    //     'You do not have the privilege to update user',
+    //   );
+    // }
 
     //Part 2: Validation
     //Make sure UserId got values. If not, throw new ClassError
@@ -2422,6 +2423,7 @@ export class User extends UserBase {
 
     //Update user record
     this.UserName = data.UserName;
+    this.FullName = data.FullName;
     this.Email = data.Email;
     this.Status = data.Status;
     this.RecoveryEmail = data.RecoveryEmail;
@@ -2434,6 +2436,7 @@ export class User extends UserBase {
     await User._Repository.update(
       {
         UserName: this.UserName,
+        FullName: this.FullName,
         Email: this.Email,
         Status: this.Status,
         RecoveryEmail: this.RecoveryEmail,
@@ -2499,22 +2502,22 @@ export class User extends UserBase {
     dbTransaction: any,
     UserId: string,
   ) {
-    const systemCode = ApplicationConfig.getComponentConfigValue('system-code');
-    if ('loginUser' in AuthContext) {
-      const isPrivileged = await AuthContext.loginUser.checkPrivileges(
-        systemCode,
-        'USER_VIEW',
-      );
-
-      //If user does not have privilege to update user, throw a ClassError
-      if (!isPrivileged) {
-        throw new ClassError(
-          'LoginUser',
-          'LoginUserErrMsg0X',
-          'You do not have the privilege to find user',
-        );
-      }
-    }
+    // const systemCode = ApplicationConfig.getComponentConfigValue('system-code');
+    // if ('loginUser' in AuthContext) {
+    //   const isPrivileged = await AuthContext.loginUser.checkPrivileges(
+    //     systemCode,
+    //     'USER_VIEW',
+    //   );
+
+    //   //If user does not have privilege to update user, throw a ClassError
+    //   if (!isPrivileged) {
+    //     throw new ClassError(
+    //       'LoginUser',
+    //       'LoginUserErrMsg0X',
+    //       'You do not have the privilege to find user',
+    //     );
+    //   }
+    // }
 
     const user = await User._Repository.findOne({
       where: {
@@ -2800,6 +2803,114 @@ export class User extends UserBase {
     }
   }
 
+  async updatePassword(
+    loginUser: User,
+    oldPassword: string,
+    newPassword: string,
+    dbTransaction: any,
+  ) {
+    try {
+      const passwordHashService = new PasswordHashService();
+      const isPasswordValid = await passwordHashService.verify(
+        oldPassword,
+        this.Password,
+      );
+      if (!isPasswordValid) {
+        throw new Error(
+          'The old password you entered is incorrect. Please try again.',
+        );
+      }
+
+      const passwordHash = await passwordHashService.hashPassword(newPassword);
+
+      const entityValueBefore: IUserAttr = {
+        UserId: this.UserId,
+        UserName: this.UserName,
+        FullName: this.FullName,
+        IDNo: this.IDNo,
+        IDType: this.IDType,
+        ContactNo: this.ContactNo,
+        Email: this.Email,
+        Password: this.Password,
+        Status: this.Status,
+        DefaultPasswordChangedYN: this.DefaultPasswordChangedYN,
+        FirstLoginAt: this.FirstLoginAt,
+        LastLoginAt: this.LastLoginAt,
+        MFAEnabled: this.MFAEnabled,
+        MFAConfig: this.MFAConfig,
+        RecoveryEmail: this.RecoveryEmail,
+        FailedLoginAttemptCount: this.FailedLoginAttemptCount,
+        LastFailedLoginAt: this.LastFailedLoginAt,
+        LastPasswordChangedAt: this.LastPasswordChangedAt,
+        NeedToChangePasswordYN: this.NeedToChangePasswordYN,
+        CreatedById: this.CreatedById,
+        CreatedAt: this.CreatedAt,
+        UpdatedById: this.UpdatedById,
+        UpdatedAt: this.UpdatedAt,
+        PasscodeHash: this.PasscodeHash,
+        PasscodeUpdatedAt: this.PasscodeUpdatedAt,
+      };
+
+      this.Password = passwordHash;
+      this.LastPasswordChangedAt = new Date();
+
+      const entityValueAfter: IUserAttr = {
+        UserId: this.UserId,
+        UserName: this.UserName,
+        FullName: this.FullName,
+        IDNo: this.IDNo,
+        IDType: this.IDType,
+        ContactNo: this.ContactNo,
+        Email: this.Email,
+        Password: this.Password,
+        Status: this.Status,
+        DefaultPasswordChangedYN: this.DefaultPasswordChangedYN,
+        FirstLoginAt: this.FirstLoginAt,
+        LastLoginAt: this.LastLoginAt,
+        MFAEnabled: this.MFAEnabled,
+        MFAConfig: this.MFAConfig,
+        RecoveryEmail: this.RecoveryEmail,
+        FailedLoginAttemptCount: this.FailedLoginAttemptCount,
+        LastFailedLoginAt: this.LastFailedLoginAt,
+        LastPasswordChangedAt: this.LastPasswordChangedAt,
+        NeedToChangePasswordYN: this.NeedToChangePasswordYN,
+        CreatedById: this.CreatedById,
+        CreatedAt: this.CreatedAt,
+        UpdatedById: this.UpdatedById,
+        UpdatedAt: this.UpdatedAt,
+        PasscodeHash: this.PasscodeHash,
+        PasscodeUpdatedAt: this.PasscodeUpdatedAt,
+      };
+
+      await User._Repository.update(
+        {
+          Password: this.Password,
+          LastPasswordChangedAt: this.LastPasswordChangedAt,
+        },
+        {
+          where: {
+            UserId: this.UserId,
+          },
+          transaction: dbTransaction,
+        },
+      );
+
+      // Record update activity using Activity class create method.
+      const activity = new Activity();
+      activity.ActivityId = activity.createId();
+      activity.Action = ActionEnum.UPDATE;
+      activity.Description = 'Update Password';
+      activity.EntityType = 'LoginUser';
+      activity.EntityId = this.UserId.toString();
+      activity.EntityValueBefore = JSON.stringify(entityValueBefore);
+      activity.EntityValueAfter = JSON.stringify(entityValueAfter);
+
+      await activity.create(loginUser.ObjectId, dbTransaction);
+    } catch (error) {
+      throw error;
+    }
+  }
+
   async verifyPasscode(passcode: string) {
     try {
       // Return error if this._Userid is empty "User is not created yet."

package/src/components/system/system.ts

@@ -260,6 +260,7 @@ export class System extends ObjectBase {
 
       //Call System._Repo findAll() method by passing queryObj and whereObj
       const result = await System._Repo.findAllWithPagination({
+        distinct: true,
         where: queryObj,
         ...whereObj,
         order: [['CreatedAt', 'DESC']],

package/src/components/system-privilege/system-privilege.ts

@@ -252,6 +252,7 @@ export class SystemPrivilege extends ObjectBase {
 
       // Part 2: Retrieve listing
       const options: any = {
+        distinct: true,
         order: [['createdAt', 'DESC']],
         transaction: dbTransaction,
       };

package/src/components/user-privilege/user-privilege.ts

@@ -140,6 +140,7 @@ export class UserPrivilege extends ObjectBase {
       }
 
       const options: any = {
+        distinct: true,
         where: {
           UserId: whereOption.UserId,
         },

package/src/components/user-system-access/user-system-access.ts

@@ -138,6 +138,7 @@ export class UserSystemAccess extends ObjectBase {
       //   Set up pagination logic using the pagination parameter:
       //     Calculate offset based on page and limit.
       const options: any = {
+        distinct: true,
         where: {
           UserId: whereOption.UserId,
         },