npm - @verii/endpoints-organizations-registrar - Versions diffs - 1.0.0-pre.1752076816 - Mend

@verii/endpoints-organizations-registrar 1.0.0-pre.1752076816

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (259) hide show

package/src/entities/organization-services/domains/validate-services-for-delete.js ADDED Viewed

@@ -0,0 +1,32 @@
+const { serviceExists } = require('@verii/did-doc');
+const newError = require('http-errors');
+const { map, find } = require('lodash/fp');
+const validateServicesForDelete = ({
+  didDoc,
+  activatedServiceIds,
+  servicesIds = [],
+}) =>
+  map((serviceId) => {
+    if (!serviceExists(didDoc, serviceId)) {
+      throw newError(
+        400,
+        `Service ${serviceId} was not found in organization ${didDoc.id}`
+      );
+    }
+    if (
+      !find(
+        (activeServiceId) => activeServiceId === serviceId,
+        activatedServiceIds
+      )
+    ) {
+      throw newError(
+        400,
+        `Service ${serviceId} was not found in activated services of the organization ${didDoc.id}`
+      );
+    }
+  }, servicesIds);
+module.exports = {
+  validateServicesForDelete,
+};

package/src/entities/organization-services/index.js ADDED Viewed

@@ -0,0 +1,5 @@
+module.exports = {
+  ...require('./adapters'),
+  ...require('./domains'),
+  ...require('./orchestrators'),
+};

package/src/entities/organization-services/orchestrators/add-service.js ADDED Viewed

@@ -0,0 +1,106 @@
+/*
+ * Copyright 2025 Velocity Team
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+const { resolveDidWeb } = require('@verii/did-web');
+const { omit } = require('lodash/fp');
+const { publish } = require('@spencejs/spence-events');
+const {
+  validateByoDidDocService,
+  buildOrganizationService,
+  validateAdditionalService,
+  buildPublicService,
+} = require('../domains');
+const { acceptInvitation } = require('../../invitations');
+const { loadCaoServiceRefs } = require('./load-cao-service-refs');
+const {
+  initAddServiceToOrganization,
+} = require('./init-add-service-to-organization');
+const initAddService = (fastify) => {
+  const addServiceToOrganization = initAddServiceToOrganization(fastify);
+  return async (did, newService, context) => {
+    const { repos } = context;
+    const organization = await repos.organizations.findOneByDid(did, {
+      didDoc: 1,
+      profile: 1,
+      services: 1,
+      ids: 1,
+      activatedServiceIds: 1,
+      adminEmail: 1,
+      didNotCustodied: 1,
+      authClients: 1,
+    });
+    if (organization.didNotCustodied) {
+      const byoDidDocument = await resolveDidWeb(organization.didDoc.id);
+      const organizationKeys = await repos.organizationKeys.find({
+        filter: { organizationId: organization._id },
+      });
+      validateByoDidDocService(byoDidDocument, newService.id, organizationKeys);
+    }
+    const invitation = await acceptInvitation(
+      newService.invitationCode,
+      context
+    );
+    const newOrganizationService = buildOrganizationService(
+      omit(['invitationCode'], newService),
+      invitation
+    );
+    const caoServiceRefs = await loadCaoServiceRefs(
+      [newOrganizationService],
+      context
+    );
+    validateAdditionalService(
+      newOrganizationService,
+      organization.services,
+      caoServiceRefs,
+      context
+    );
+    const { authClient, createdService, newActivatedServiceIds } =
+      await addServiceToOrganization(
+        { organization, newService: newOrganizationService, invitation },
+        context
+      );
+    await publish(
+      'services',
+      'added',
+      {
+        organization,
+        invitation,
+        addedServices: [createdService],
+        activatedServiceIds: newActivatedServiceIds,
+        caoServiceRefs,
+      },
+      context
+    );
+    return {
+      service: buildPublicService(createdService),
+      authClient,
+    };
+  };
+};
+module.exports = {
+  initAddService,
+};

package/src/entities/organization-services/orchestrators/delete-service.js ADDED Viewed

@@ -0,0 +1,142 @@
+/*
+ * Copyright 2025 Velocity Team
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+const {
+  toRelativeServiceId,
+  removeServiceFromDidDoc,
+} = require('@verii/did-doc');
+const { remove, pull, partition, first } = require('lodash/fp');
+const newError = require('http-errors');
+const {
+  updateBlockchainPermissionsFromPermittedServices,
+} = require('../adapters');
+const {
+  initBuildOrganizationModificationsOnServiceChange,
+} = require('../../organizations/domains');
+const { removeMonitor } = require('../../monitors');
+const { initAuth0Provisioner } = require('../../oauth');
+const initDeleteService = (fastify) => {
+  const { removeAuth0Client } = initAuth0Provisioner(fastify.config);
+  const buildOrganizationModificationsOnServiceChange =
+    initBuildOrganizationModificationsOnServiceChange(fastify);
+  return async (did, serviceId, context) => {
+    const { repos, log, sendError } = context;
+    const organization = await repos.organizations.findOneByDid(did, {
+      didDoc: 1,
+      services: 1,
+      activatedServiceIds: 1,
+      authClients: 1,
+      didNotCustodied: 1,
+    });
+    const relativeServiceId = toRelativeServiceId(serviceId);
+    const services = remove({ id: relativeServiceId }, organization.services);
+    if (services.length === organization.services.length) {
+      throw new newError.NotFound(
+        `Service ${relativeServiceId} was not found in organization ${organization.didDoc.id}`
+      );
+    }
+    let updatedOrganization = await repos.organizations.update(
+      organization._id,
+      {
+        services,
+      }
+    );
+    if (!organization.didNotCustodied) {
+      const { didDoc } = removeServiceFromDidDoc({
+        didDoc: organization.didDoc,
+        serviceId: relativeServiceId,
+      });
+      updatedOrganization = await repos.organizations.update(organization._id, {
+        didDoc,
+      });
+    }
+    // Update Profile
+    const activatedServiceIds = pull(
+      relativeServiceId,
+      organization.activatedServiceIds
+    );
+    const organizationModifications =
+      await buildOrganizationModificationsOnServiceChange({
+        organization: updatedOrganization,
+        activatedServiceIds,
+      });
+    const updatedOrganizationWithRemovedService =
+      await repos.organizations.update(
+        organization._id,
+        organizationModifications
+      );
+    await updateBlockchainPermissionsFromPermittedServices(
+      {
+        organization: updatedOrganizationWithRemovedService,
+      },
+      context
+    );
+    // Update Auth0
+    log.info(
+      {
+        relativeServiceId,
+        authClients: organization.authClients,
+        oldServices: organization.services,
+        newServices: updatedOrganization.services,
+      },
+      'Updating "authClients"'
+    );
+    const [authClientsToDelete, remainingAuthClients] = partition(
+      { serviceId: relativeServiceId },
+      organization.authClients
+    );
+    try {
+      log.info({ authClientsToDelete }, 'Removing authClient');
+      await removeAuth0Client(first(authClientsToDelete));
+      await repos.organizations.update(organization._id, {
+        authClients: remainingAuthClients,
+      });
+    } catch (error) {
+      const message = 'Error Provisioning Auth0 Apps';
+      const messageContext = { authClientsToDelete };
+      log.error({ err: error, ...messageContext }, message);
+      sendError(error, messageContext);
+    }
+    try {
+      await removeMonitor(
+        {
+          orgId: organization.didDoc.id,
+          serviceId: relativeServiceId,
+        },
+        context
+      );
+    } catch (error) {
+      const message = 'Failed to remove organization service monitor';
+      log.error({ err: error }, message);
+      sendError(error, { message });
+    }
+  };
+};
+module.exports = { initDeleteService };

package/src/entities/organization-services/orchestrators/get-service.js ADDED Viewed

@@ -0,0 +1,36 @@
+/*
+ * Copyright 2025 Velocity Team
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+const { find } = require('lodash/fp');
+const newError = require('http-errors');
+const {
+  buildPublicService,
+  OrganizationServiceErrorMessages,
+} = require('../domains');
+const getService = async (did, serviceId, context) => {
+  const { repos } = context;
+  const organization = await repos.organizations.findOneByDid(did);
+  const service = find({ id: `#${serviceId}` }, organization.services);
+  if (service == null) {
+    throw newError.NotFound(
+      OrganizationServiceErrorMessages.ORGANIZATION_SERVICE_NOT_FOUND
+    );
+  }
+  return buildPublicService(service);
+};
+module.exports = { getService };

package/src/entities/organization-services/orchestrators/index.js ADDED Viewed

@@ -0,0 +1,8 @@
+module.exports = {
+  ...require('./add-service'),
+  ...require('./delete-service'),
+  ...require('./get-service'),
+  ...require('./init-add-service-to-organization'),
+  ...require('./load-cao-service-refs'),
+  ...require('./update-service'),
+};

package/src/entities/organization-services/orchestrators/init-add-service-to-organization.js ADDED Viewed

@@ -0,0 +1,141 @@
+/*
+ * Copyright 2025 Velocity Team
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+const { addServiceToDidDoc } = require('@verii/did-doc');
+const { concat, first, isEmpty } = require('lodash/fp');
+const { createStakesAccount } = require('@verii/fineract-client');
+const { initAuth0Provisioner } = require('../../oauth');
+const {
+  initBuildOrganizationModificationsOnServiceChange,
+} = require('../../organizations/domains');
+const {
+  initProvisionAuth0Clients,
+  updateBlockchainPermissionsFromPermittedServices,
+} = require('../adapters');
+const {
+  activateServices,
+  isNewNodeOperatorService,
+  getServiceConsentType,
+} = require('../domains');
+const initAddServiceToOrganization = (fastify) => {
+  const auth0Provisioner = initAuth0Provisioner(fastify.config);
+  const provisionAuth0Clients = initProvisionAuth0Clients(auth0Provisioner);
+  const buildOrganizationModificationsOnServiceChange =
+    initBuildOrganizationModificationsOnServiceChange(fastify);
+  return async ({ organization, newService }, context) => {
+    const { repos, user, config } = context;
+    const createdService = await repos.organizations.addService(
+      organization._id,
+      newService
+    );
+    if (!organization.didNotCustodied) {
+      const { didDoc } = addServiceToDidDoc({
+        didDoc: organization.didDoc,
+        service: newService,
+      });
+      await repos.organizations.update(organization._id, { didDoc });
+    }
+    // add consent
+    await repos.registrarConsents.registerConsent({
+      userId: user.sub,
+      organizationId: organization._id,
+      type: getServiceConsentType(createdService),
+      version: config.serviceConsentVersion,
+      serviceId: createdService.id,
+    });
+    // add stakes account
+    if (isNewNodeOperatorService(organization, createdService)) {
+      const stakesAccountId = await createStakesAccount(
+        organization.ids.fineractClientId,
+        organization.didDoc.id,
+        context
+      );
+      await context.repos.organizations.update(organization._id, {
+        ids: { ...organization.ids, stakesAccountId },
+      });
+    }
+    // Get activated services ids
+    const newActivatedServiceIds = activateServices(
+      organization.didDoc.id,
+      [createdService],
+      context
+    );
+    const createdAuthClients = await provisionAuth0Clients(
+      organization,
+      [createdService],
+      newActivatedServiceIds,
+      context
+    );
+    const organizationModifications =
+      await buildOrganizationModificationsOnServiceChange({
+        organization,
+        services: concat(organization.services, [createdService]),
+        activatedServiceIds: concat(
+          organization.activatedServiceIds ?? [],
+          newActivatedServiceIds
+        ),
+        authClients: concat(organization.authClients ?? [], createdAuthClients),
+      });
+    const activatedOrganization = await context.repos.organizations.update(
+      organization._id,
+      organizationModifications,
+      {
+        _id: 1,
+        didDoc: 1,
+        profile: 1,
+        services: 1,
+        activatedServiceIds: 1,
+        verifiableCredentialJwt: 1,
+        adminEmail: 1,
+        ids: 1,
+        authClients: 1,
+      }
+    );
+    if (!isEmpty(newActivatedServiceIds)) {
+      await updateBlockchainPermissionsFromPermittedServices(
+        {
+          organization: activatedOrganization,
+        },
+        context
+      );
+    }
+    return {
+      authClient: first(createdAuthClients),
+      createdService,
+      newActivatedServiceIds,
+    };
+  };
+};
+module.exports = {
+  initAddServiceToOrganization,
+};

package/src/entities/organization-services/orchestrators/load-cao-service-refs.js ADDED Viewed

@@ -0,0 +1,56 @@
+/*
+ * Copyright 2025 Velocity Team
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+const { isEmpty, flow, includes, map, find, fromPairs } = require('lodash/fp');
+const { splitDidUrlWithFragment } = require('@verii/did-doc');
+const { extractCaoServiceRefs } = require('../domains');
+const loadCaoServiceRefs = async (services, { repos }) => {
+  const caoServiceIds = extractCaoServiceRefs(services);
+  const caoOrganizations = await repos.organizations.findCaos(caoServiceIds);
+  return buildReferenceCaoServices({
+    caoServiceIds,
+    caoOrganizations,
+  });
+};
+const buildReferenceCaoServices = ({ caoServiceIds, caoOrganizations }) => {
+  if (isEmpty(caoOrganizations) || isEmpty(caoServiceIds)) {
+    return {};
+  }
+  return flow(
+    map((caoServiceId) => {
+      const [caoDid, serviceFragment] = splitDidUrlWithFragment(caoServiceId);
+      const caoOrganization = find((org) => {
+        return (
+          org.didDoc.id === caoDid || includes(org.didDoc.alsoKnownAs, caoDid)
+        );
+      }, caoOrganizations);
+      const caoService = find(
+        { id: serviceFragment },
+        caoOrganization?.services
+      );
+      return [caoServiceId, { caoOrganization, caoService }];
+    }),
+    fromPairs
+  )(caoServiceIds);
+};
+module.exports = {
+  loadCaoServiceRefs,
+  buildReferenceCaoServices,
+};

package/src/entities/organization-services/orchestrators/update-service.js ADDED Viewed

@@ -0,0 +1,103 @@
+/*
+ * Copyright 2025 Velocity Team
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+const { isEmpty, find } = require('lodash/fp');
+const newError = require('http-errors');
+const { resolveDidWeb } = require('@verii/did-web');
+const {
+  serviceExists,
+  toRelativeServiceId,
+  updateServicesOnDidDoc,
+} = require('@verii/did-doc');
+const {
+  buildPublicService,
+  OrganizationServiceErrorMessages,
+  buildOrganizationServiceForUpdate,
+  validateService,
+} = require('../domains');
+const { loadCaoServiceRefs } = require('./load-cao-service-refs');
+const updateService = async (did, serviceId, replacementService, context) => {
+  const { repos } = context;
+  const organization = await repos.organizations.findOneByDid(did);
+  // TODO remove and replace with schema update
+  if (!isEmpty(replacementService.id)) {
+    throw newError.BadRequest(
+      OrganizationServiceErrorMessages.SERVICE_ID_CANNOT_BE_UPDATED
+    );
+  }
+  if (!isEmpty(replacementService.type)) {
+    throw newError.BadRequest(
+      OrganizationServiceErrorMessages.SERVICE_TYPE_CANNOT_BE_UPDATED
+    );
+  }
+  const service = await updateOrganizationService(
+    {
+      organization,
+      serviceId: `#${serviceId}`,
+      updates: replacementService,
+    },
+    context
+  );
+  return buildPublicService(service);
+};
+const updateOrganizationService = async (
+  { organization, serviceId, updates },
+  context
+) => {
+  const { repos } = context;
+  const didDocument = organization.didNotCustodied
+    ? await resolveDidWeb(organization.didDoc.id)
+    : organization.didDoc;
+  // load and verify existing services from db and did document
+  const existingDidDocService = serviceExists(didDocument, serviceId);
+  const existingDbService = find(
+    { id: toRelativeServiceId(serviceId) },
+    organization.services
+  );
+  if (isEmpty(existingDidDocService) || isEmpty(existingDbService)) {
+    throw new newError.NotFound(
+      `Service ${serviceId} was not found in organization ${organization.didDoc.id}`
+    );
+  }
+  const caoServiceRefs = await loadCaoServiceRefs([updates], context);
+  const service = buildOrganizationServiceForUpdate(updates, existingDbService);
+  validateService(service, caoServiceRefs, context);
+  if (!organization.didNotCustodied) {
+    await updateDidDoc(organization, service, context);
+  }
+  return repos.organizations.updateService(organization._id, service);
+};
+const updateDidDoc = async (organization, service, context) => {
+  const { repos } = context;
+  const { didDoc } = updateServicesOnDidDoc({
+    didDoc: organization.didDoc,
+    services: [service],
+  });
+  await repos.organizations.update(organization._id, { didDoc });
+};
+module.exports = { updateService };

package/src/entities/organizations/adapters/index.js ADDED Viewed

@@ -0,0 +1,6 @@
+module.exports = {
+  ...require('./init-organization-registrar-emails'),
+  ...require('./init-send-activation-emails-to-caos'),
+  ...require('./send-email-invitation-accepted-to-inviter'),
+  ...require('./send-email-notifications'),
+};