adapt-authoring-users 0.0.1

package/.eslintignore

@@ -0,0 +1 @@
+node_modules

package/.eslintrc

@@ -0,0 +1,14 @@
+{
+  "env": {
+      "browser": false,
+      "node": true,
+      "commonjs": false,
+      "es2020": true
+  },
+  "extends": [
+      "standard"
+  ],
+  "parserOptions": {
+      "ecmaVersion": 2020
+  }
+}

package/.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,55 @@
+name: Bug Report
+description: File a bug report
+labels: ["bug"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to fill out this bug report!
+  - type: textarea
+    id: description
+    attributes:
+      label: What happened?
+      description: Please describe the issue
+    validations:
+      required: true
+  - type: textarea
+    id: expected
+    attributes:
+      label: Expected behaviour
+      description: Tell us what should have happened
+  - type: textarea
+    id: repro-steps
+    attributes:
+      label: Steps to reproduce
+      description: Tell us how to reproduce the issue
+    validations:
+      required: true
+  - type: input
+    id: aat-version
+    attributes:
+      label: Authoring tool version
+      description: What version of the Adapt authoring tool are you running?
+    validations:
+      required: true
+  - type: input
+    id: fw-version
+    attributes:
+      label: Framework version
+      description: What version of the Adapt framework are you running?
+  - type: dropdown
+    id: browsers
+    attributes:
+      label: What browsers are you seeing the problem on?
+      multiple: true
+      options:
+        - Firefox
+        - Chrome
+        - Safari
+        - Microsoft Edge
+  - type: textarea
+    id: logs
+    attributes:
+      label: Relevant log output
+      description: Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks.
+      render: sh

package/.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1 @@
+blank_issues_enabled: false

package/.github/ISSUE_TEMPLATE/feature_request.yml

@@ -0,0 +1,22 @@
+name: Feature request
+description: Request a new feature
+labels: ["enhancement"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to request a new feature in the Adapt authoring tool! The Adapt team will consider all new feature requests, but unfortunately cannot commit to every one.
+  - type: textarea
+    id: description
+    attributes:
+      label: Feature description
+      description: Please describe your feature request
+    validations:
+      required: true
+  - type: checkboxes
+    id: contribute
+    attributes:
+      label: Can you work on this feature?
+      description: If you are able to commit your own time to work on this feature, it will greatly increase the liklihood of it being implemented by the core dev team. Otherwise, it will be triaged and prioritised alongside the core team's current priorities.
+      options:
+        - label: I can contribute

package/.github/dependabot.yml

@@ -0,0 +1,11 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
+version: 2
+updates:
+  - package-ecosystem: "npm" # See documentation for possible values
+    directory: "/" # Location of package manifests
+    schedule:
+      interval: "weekly"

package/.github/pull_request_template.md

@@ -0,0 +1,25 @@
+[//]: # (Please title your PR according to eslint commit conventions)
+[//]: # (See https://github.com/conventional-changelog/conventional-changelog/tree/master/packages/conventional-changelog-eslint#eslint-convention for details)
+
+[//]: # (Add a link to the original issue)
+
+[//]: # (Delete as appropriate)
+### Fix
+* A sentence describing each fix
+
+### Update
+* A sentence describing each udpate
+
+### New
+* A sentence describing each new feature
+
+### Breaking
+* A sentence describing each breaking change
+
+[//]: # (List appropriate steps for testing if needed)
+### Testing
+1. Steps for testing
+
+[//]: # (Mention any other dependencies)
+
+

package/.github/workflows/labelled_prs.yml

@@ -0,0 +1,16 @@
+name: Add labelled PRs to project
+
+on:
+  pull_request:
+    types: [ labeled ]
+
+jobs:
+  add-to-project:
+    if: ${{ github.event.label.name == 'dependencies' }}
+    name: Add to main project
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/add-to-project@v0.1.0
+        with:
+          project-url: https://github.com/orgs/adapt-security/projects/5
+          github-token: ${{ secrets.PROJECTS_SECRET }}

package/.github/workflows/new.yml

@@ -0,0 +1,19 @@
+name: Add to main project
+
+on:
+  issues:
+    types:
+      - opened
+  pull_request:
+    types:
+      - opened
+
+jobs:
+  add-to-project:
+    name: Add to main project
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/add-to-project@v0.1.0
+        with:
+          project-url: https://github.com/orgs/adapt-security/projects/5
+          github-token: ${{ secrets.PROJECTS_SECRET }}

package/adapt-authoring.json

@@ -0,0 +1,5 @@
+{
+  "documentation": {
+    "enable": true
+  }
+}

package/conf/config.schema.json

@@ -0,0 +1,11 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "type": "object",
+  "properties": {
+    "forceLowerCaseEmail": {
+      "description": "If true, all user emails will be converted to lower-case",
+      "type": "boolean",
+      "default": true
+    }
+  }
+}

package/errors/errors.json

@@ -0,0 +1,16 @@
+{
+  "DUPL_USER": {
+    "data": {
+      "email": "Email address of the user"
+    },
+    "description": "A user already exists with the passed email address",
+    "statusCode": 400
+  },
+  "USER_SELF_DELETE_ILLEGAL": {
+    "data": {
+      "id": "_id of the user"
+    },
+    "description": "You cannot delete your own user account",
+    "statusCode": 400
+  }
+}

package/index.js

@@ -0,0 +1,5 @@
+/**
+ * User data functionlity
+ * @namespace users
+ */
+export { default } from './lib/UsersModule.js'

package/lib/UsersModule.js

@@ -0,0 +1,112 @@
+import AbstractApiModule from 'adapt-authoring-api'
+/**
+ * Module which handles user management
+ * @memberof users
+ * @extends {AbstractApiModule}
+ */
+class UsersModule extends AbstractApiModule {
+  /** @override */
+  async setValues () {
+    /** @ignore */ this.root = 'users'
+    /** @ignore */ this.schemaName = 'user'
+    /** @ignore */ this.collectionName = 'users'
+
+    this.useDefaultRouteConfig()
+    // remove POST / route
+    delete this.routes.find(r => r.route === '/').handlers.post
+
+    const desc = method => `This endpoint is shorthand for \`${method}\` \`/api/${this.root}/:_id\`, see the documentation for that endpoint for more details`
+
+    this.routes = [{
+      route: '/me',
+      modifiers: ['put', 'patch'],
+      handlers: { get: this.requestHandler(), put: this.requestHandler(), patch: this.requestHandler() },
+      permissions: { get: ['read:me'], put: ['write:me'], patch: ['write:me'] },
+      meta: {
+        get: { summary: 'Retrieve your own user data', description: desc('GET') },
+        put: { summary: 'Replace your own user data', description: desc('PUT') },
+        patch: { summary: 'Update your own user data', description: desc('PATCH') }
+      }
+    }, ...this.routes]
+  }
+
+  /**
+   * Initialises the module
+   * @return {Promise}
+   */
+  async init () {
+    await super.init()
+    const [mongodb, server] = await this.app.waitForModule('mongodb', 'server')
+    await mongodb.setIndex(this.collectionName, 'email', { unique: true })
+
+    server.api.addHandlerMiddleware(this.updateAccess.bind(this))
+
+    this.requestHook.tap(this.onRequest.bind(this))
+
+    if (this.getConfig('forceLowerCaseEmail')) {
+      this.preInsertHook.tap(this.forceLowerCaseEmail)
+      this.preUpdateHook.tap(this.forceLowerCaseEmail)
+    }
+  }
+
+  forceLowerCaseEmail (data) {
+    if (data.email) data.email = data.email.toLowerCase()
+  }
+
+  /** @override */
+  async processRequestMiddleware (req, res, next) {
+    super.processRequestMiddleware(req, res, () => {
+      req.apiData.schemaName = req.auth.userSchemaName
+      next()
+    })
+  }
+
+  /**
+   * Updates the user access timestamp
+   * @param {external:ExpressRequest} req
+   * @param {external:ExpressResponse} res
+   * @param {Function} next
+   */
+  updateAccess (req, res, next) {
+    const _id = req.auth?.user?._id
+    if (_id) { // note we only log any errors, as it's not necessarily a problem
+      this.update({ _id }, { lastAccess: new Date().toISOString() })
+        .catch(e => this.log('warn', `Failed to update user lastAccess, ${e}`))
+    }
+    next()
+  }
+
+  /**
+   * Adds the current user _id to an incoming request to API
+   * @param {external:ExpressRequest} req
+   */
+  async onRequest (req) {
+    if (req.apiData.config.route === '/me') {
+      req.params._id = req.apiData.query._id = req.auth.user._id
+      // users shouldn't be able to disable themselves
+      if (req.apiData.data.isEnabled) delete req.apiData.data.isEnabled
+    }
+    if (req.method === 'DELETE' && (req.apiData.query._id === req.auth.user._id)) {
+      throw this.app.errors.USER_SELF_DELETE_ILLEGAL
+        .setData({ id: req.user._id })
+    }
+  }
+
+  /** @override */
+  async insert (data, options, mongoOptions) {
+    try {
+      return await super.insert(data, options, mongoOptions)
+    } catch (e) {
+      if (e.code === this.app.errors.MONGO_DUPL_INDEX) throw this.app.errors.DUPL_USER.setData({ email: data.email })
+      throw e
+    }
+  }
+
+  /** @override */
+  async find (query, options = {}, mongoOptions = {}) {
+    query.email = this.getConfig('forceLowerCaseEmail') ? query.email?.toLowerCase() : undefined
+    return super.find(query, options, mongoOptions)
+  }
+}
+
+export default UsersModule

package/package.json

@@ -0,0 +1,18 @@
+{
+  "name": "adapt-authoring-users",
+  "version": "0.0.1",
+  "description": "Module for managing users",
+  "homepage": "https://github.com/adapt-security/adapt-authoring-users",
+  "license": "GPL-3.0",
+  "type": "module",
+  "main": "index.js",
+  "repository": "github:adapt-security/adapt-authoring-users",
+  "peerDependencies": {
+    "adapt-authoring-api": "github:adapt-security/adapt-authoring-api",
+    "adapt-authoring-core": "github:adapt-security/adapt-authoring-core"
+  },
+  "devDependencies": {
+    "eslint": "^9.12.0",
+    "standard": "^17.1.0"
+  }
+}

package/schema/user.schema.json

@@ -0,0 +1,36 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$anchor": "user",
+  "description": "A system user",
+  "type": "object",
+  "properties": {
+    "email": {
+      "description": "Email address for the user",
+      "type": "string"
+    },
+    "firstName": {
+      "description": "First name of the user",
+      "type": "string",
+      "default": "Adapt"
+    },
+    "lastName": {
+      "description": "Last name of the user",
+      "type": "string",
+      "default": "User"
+    },
+    "isEnabled": {
+      "description": "Whether the user is able to access the system",
+      "type": "boolean",
+      "isReadOnly": true,
+      "default": true
+    },
+    "lastAccess": {
+      "description": "Timestamp of the last access",
+      "type": "string",
+      "format": "date-time",
+      "isReadOnly": true,
+      "isDate": true
+    }
+  },
+  "required": ["email"]
+}