alepha 0.14.2 → 0.14.3

package/src/api/users/controllers/AdminIdentityController.spec.ts

@@ -0,0 +1,365 @@
+import { Alepha } from "alepha";
+import { DbEntityNotFoundError } from "alepha/orm";
+import { AlephaSecurity } from "alepha/security";
+import { describe, it } from "vitest";
+import {
+  AdminIdentityController,
+  AlephaApiUsers,
+  IdentityService,
+  UserService,
+} from "../index.ts";
+
+const setup = async () => {
+  const alepha = Alepha.create({
+    env: { LOG_LEVEL: "error" },
+  });
+
+  alepha.with(AlephaSecurity);
+  alepha.with(AlephaApiUsers);
+
+  await alepha.start();
+
+  return {
+    alepha,
+    identityService: alepha.inject(IdentityService),
+    userService: alepha.inject(UserService),
+    controller: alepha.inject(AdminIdentityController),
+  };
+};
+
+describe("alepha/api/users - AdminIdentityController", () => {
+  it("should get an identity by ID", async ({ expect }) => {
+    const { identityService, userService, controller } = await setup();
+
+    // Create a test user
+    const user = await userService.users().create({
+      username: "identityuser",
+      email: "identity@example.com",
+      roles: ["user"],
+    });
+
+    // Create an identity
+    const identity = await identityService.identities().create({
+      userId: user.id,
+      provider: "google",
+      providerUserId: "google-123456",
+      providerData: {
+        name: "Test User",
+        picture: "https://example.com/photo.jpg",
+      },
+    });
+
+    const result = await controller.getIdentity({
+      params: { id: identity.id },
+    });
+
+    expect(result.id).toBe(identity.id);
+    expect(result.userId).toBe(user.id);
+    expect(result.provider).toBe("google");
+    expect(result.providerUserId).toBe("google-123456");
+    expect(result.providerData).toEqual({
+      name: "Test User",
+      picture: "https://example.com/photo.jpg",
+    });
+  });
+
+  it("should throw error for non-existent identity", async ({ expect }) => {
+    const { controller } = await setup();
+
+    await expect(
+      controller.getIdentity({
+        params: { id: "550e8400-e29b-41d4-a716-446655440000" },
+      }),
+    ).rejects.toThrowError(DbEntityNotFoundError);
+  });
+
+  it("should delete an identity", async ({ expect }) => {
+    const { identityService, userService, controller } = await setup();
+
+    const user = await userService.users().create({
+      username: "deleteidentityuser",
+      email: "deleteidentity@example.com",
+      roles: ["user"],
+    });
+
+    const identity = await identityService.identities().create({
+      userId: user.id,
+      provider: "github",
+      providerUserId: "github-789",
+    });
+
+    const result = await controller.deleteIdentity({
+      params: { id: identity.id },
+    });
+
+    expect(result.ok).toBe(true);
+    expect(result.id).toBe(identity.id);
+
+    // Verify identity is deleted
+    await expect(
+      controller.getIdentity({
+        params: { id: identity.id },
+      }),
+    ).rejects.toThrowError(DbEntityNotFoundError);
+  });
+
+  it("should find identities with pagination", async ({ expect }) => {
+    const { identityService, userService, controller } = await setup();
+
+    const user = await userService.users().create({
+      username: "multiidentityuser",
+      email: "multiidentity@example.com",
+      roles: ["user"],
+    });
+
+    // Create multiple identities
+    const identity1 = await identityService.identities().create({
+      userId: user.id,
+      provider: "google",
+      providerUserId: "google-1",
+    });
+    const identity2 = await identityService.identities().create({
+      userId: user.id,
+      provider: "github",
+      providerUserId: "github-1",
+    });
+    const identity3 = await identityService.identities().create({
+      userId: user.id,
+      provider: "apple",
+      providerUserId: "apple-1",
+    });
+
+    const result = await controller.findIdentities({
+      query: { userId: user.id },
+    });
+
+    expect(result.content.length).toBeGreaterThanOrEqual(3);
+
+    // Verify all created identities are in the results
+    const identityIds = result.content.map((i) => i.id);
+    expect(identityIds).toContain(identity1.id);
+    expect(identityIds).toContain(identity2.id);
+    expect(identityIds).toContain(identity3.id);
+  });
+
+  it("should filter identities by userId", async ({ expect }) => {
+    const { identityService, userService, controller } = await setup();
+
+    const user1 = await userService.users().create({
+      username: "user1identity",
+      email: "user1identity@example.com",
+      roles: ["user"],
+    });
+    const user2 = await userService.users().create({
+      username: "user2identity",
+      email: "user2identity@example.com",
+      roles: ["user"],
+    });
+
+    await identityService.identities().create({
+      userId: user1.id,
+      provider: "google",
+      providerUserId: "google-user1-1",
+    });
+    await identityService.identities().create({
+      userId: user1.id,
+      provider: "github",
+      providerUserId: "github-user1-1",
+    });
+    await identityService.identities().create({
+      userId: user2.id,
+      provider: "google",
+      providerUserId: "google-user2-1",
+    });
+
+    const result = await controller.findIdentities({
+      query: { userId: user1.id },
+    });
+
+    expect(result.content.every((i) => i.userId === user1.id)).toBe(true);
+    expect(result.content.length).toBeGreaterThanOrEqual(2);
+  });
+
+  it("should filter identities by provider", async ({ expect }) => {
+    const { identityService, userService, controller } = await setup();
+
+    const user = await userService.users().create({
+      username: "providerfilteruser",
+      email: "providerfilter@example.com",
+      roles: ["user"],
+    });
+
+    await identityService.identities().create({
+      userId: user.id,
+      provider: "google",
+      providerUserId: "google-1",
+    });
+    await identityService.identities().create({
+      userId: user.id,
+      provider: "github",
+      providerUserId: "github-1",
+    });
+    await identityService.identities().create({
+      userId: user.id,
+      provider: "google",
+      providerUserId: "google-2",
+    });
+
+    const result = await controller.findIdentities({
+      query: { provider: "%google%" },
+    });
+
+    expect(result.content.every((i) => i.provider === "google")).toBe(true);
+    expect(result.content.length).toBeGreaterThanOrEqual(2);
+  });
+
+  it("should sort identities by creation date (newest first)", async ({
+    expect,
+  }) => {
+    const { identityService, userService, controller } = await setup();
+
+    const user = await userService.users().create({
+      username: "sortidentityuser",
+      email: "sortidentity@example.com",
+      roles: ["user"],
+    });
+
+    const identity1 = await identityService.identities().create({
+      userId: user.id,
+      provider: "google",
+      providerUserId: "google-sort-1",
+    });
+    const identity2 = await identityService.identities().create({
+      userId: user.id,
+      provider: "github",
+      providerUserId: "github-sort-1",
+    });
+    const identity3 = await identityService.identities().create({
+      userId: user.id,
+      provider: "apple",
+      providerUserId: "apple-sort-1",
+    });
+
+    const result = await controller.findIdentities({
+      query: { userId: user.id },
+    });
+
+    const identityIds = result.content.map((i) => i.id);
+    expect(identityIds.indexOf(identity3.id)).toBeLessThan(
+      identityIds.indexOf(identity2.id),
+    );
+    expect(identityIds.indexOf(identity2.id)).toBeLessThan(
+      identityIds.indexOf(identity1.id),
+    );
+  });
+
+  it("should handle identities with provider data", async ({ expect }) => {
+    const { identityService, userService, controller } = await setup();
+
+    const user = await userService.users().create({
+      username: "providerdatauser",
+      email: "providerdata@example.com",
+      roles: ["user"],
+    });
+
+    const googleIdentity = await identityService.identities().create({
+      userId: user.id,
+      provider: "google",
+      providerUserId: "google-data-1",
+      providerData: {
+        email: "test@gmail.com",
+        verified_email: true,
+        name: "Test User",
+        picture: "https://example.com/photo.jpg",
+        locale: "en",
+      },
+    });
+
+    const githubIdentity = await identityService.identities().create({
+      userId: user.id,
+      provider: "github",
+      providerUserId: "github-data-1",
+      providerData: {
+        login: "testuser",
+        avatar_url: "https://github.com/avatar.jpg",
+        bio: "Software Developer",
+      },
+    });
+
+    const googleResult = await controller.getIdentity({
+      params: { id: googleIdentity.id },
+    });
+    expect(googleResult.providerData).toEqual({
+      email: "test@gmail.com",
+      verified_email: true,
+      name: "Test User",
+      picture: "https://example.com/photo.jpg",
+      locale: "en",
+    });
+
+    const githubResult = await controller.getIdentity({
+      params: { id: githubIdentity.id },
+    });
+    expect(githubResult.providerData).toEqual({
+      login: "testuser",
+      avatar_url: "https://github.com/avatar.jpg",
+      bio: "Software Developer",
+    });
+  });
+
+  it("should handle identities without provider data", async ({ expect }) => {
+    const { identityService, userService, controller } = await setup();
+
+    const user = await userService.users().create({
+      username: "noproviderdatauser",
+      email: "noproviderdata@example.com",
+      roles: ["user"],
+    });
+
+    const identity = await identityService.identities().create({
+      userId: user.id,
+      provider: "custom",
+      providerUserId: "custom-123",
+    });
+
+    const result = await controller.getIdentity({
+      params: { id: identity.id },
+    });
+
+    expect(result.providerData).toBeUndefined();
+  });
+
+  it("should handle multiple providers for same user", async ({ expect }) => {
+    const { identityService, userService, controller } = await setup();
+
+    const user = await userService.users().create({
+      username: "multiprovideruser",
+      email: "multiprovider@example.com",
+      roles: ["user"],
+    });
+
+    await identityService.identities().create({
+      userId: user.id,
+      provider: "google",
+      providerUserId: "google-multi-1",
+    });
+    await identityService.identities().create({
+      userId: user.id,
+      provider: "github",
+      providerUserId: "github-multi-1",
+    });
+    await identityService.identities().create({
+      userId: user.id,
+      provider: "apple",
+      providerUserId: "apple-multi-1",
+    });
+
+    const result = await controller.findIdentities({
+      query: { userId: user.id },
+    });
+
+    expect(result.content.length).toBe(3);
+    const providers = result.content.map((i) => i.provider).sort();
+    expect(providers).toEqual(["apple", "github", "google"]);
+  });
+});

package/src/api/users/controllers/{IdentityController.ts → AdminIdentityController.ts}

@@ -1,13 +1,12 @@
 import { $inject, t } from "alepha";
-import { pg } from "alepha/orm";
 import { $action, okSchema } from "alepha/server";
 import { identityQuerySchema } from "../schemas/identityQuerySchema.ts";
 import { identityResourceSchema } from "../schemas/identityResourceSchema.ts";
 import { IdentityService } from "../services/IdentityService.ts";
 
-export class IdentityController {
+export class AdminIdentityController {
   protected readonly url = "/identities";
-  protected readonly group = "identities";
+  protected readonly group = "admin:identities";
   protected readonly identityService = $inject(IdentityService);
 
   /**
@@ -21,7 +20,7 @@ export class IdentityController {
       query: t.extend(identityQuerySchema, {
         userRealmName: t.optional(t.string()),
       }),
-      response: pg.page(identityResourceSchema),
+      response: t.page(identityResourceSchema),
     },
     handler: ({ query }) => {
       const { userRealmName, ...q } = query;

package/src/api/users/controllers/AdminSessionController.spec.ts

@@ -0,0 +1,274 @@
+import { Alepha } from "alepha";
+import { DateTimeProvider } from "alepha/datetime";
+import { DbEntityNotFoundError } from "alepha/orm";
+import { AlephaSecurity } from "alepha/security";
+import { describe, it } from "vitest";
+import {
+  AdminSessionController,
+  AlephaApiUsers,
+  SessionCrudService,
+  UserService,
+} from "../index.ts";
+
+const setup = async () => {
+  const alepha = Alepha.create({
+    env: { LOG_LEVEL: "error" },
+  });
+
+  alepha.with(AlephaSecurity);
+  alepha.with(AlephaApiUsers);
+
+  await alepha.start();
+
+  return {
+    alepha,
+    sessionService: alepha.inject(SessionCrudService),
+    userService: alepha.inject(UserService),
+    controller: alepha.inject(AdminSessionController),
+    dateTimeProvider: alepha.inject(DateTimeProvider),
+  };
+};
+
+describe("alepha/api/users - AdminSessionController", () => {
+  it("should get a session by ID", async ({ expect }) => {
+    const { sessionService, userService, controller, dateTimeProvider } =
+      await setup();
+
+    // Create a test user
+    const user = await userService.users().create({
+      username: "sessionuser",
+      email: "session@example.com",
+      roles: ["user"],
+    });
+
+    // Create a session
+    const session = await sessionService.sessions().create({
+      userId: user.id,
+      refreshToken: crypto.randomUUID(),
+      expiresAt: dateTimeProvider.now().add(7, "days").toISOString(),
+      ip: "127.0.0.1",
+      userAgent: {
+        os: "macOS",
+        browser: "Chrome",
+        device: "DESKTOP",
+      },
+    });
+
+    const result = await controller.getSession({
+      params: { id: session.id },
+    });
+
+    expect(result.id).toBe(session.id);
+    expect(result.userId).toBe(user.id);
+    expect(result.ip).toBe("127.0.0.1");
+    expect(result.userAgent?.browser).toBe("Chrome");
+  });
+
+  it("should throw error for non-existent session", async ({ expect }) => {
+    const { controller } = await setup();
+
+    await expect(
+      controller.getSession({
+        params: { id: "550e8400-e29b-41d4-a716-446655440000" },
+      }),
+    ).rejects.toThrowError(DbEntityNotFoundError);
+  });
+
+  it("should delete a session", async ({ expect }) => {
+    const { sessionService, userService, controller, dateTimeProvider } =
+      await setup();
+
+    const user = await userService.users().create({
+      username: "deletesessionuser",
+      email: "deletesession@example.com",
+      roles: ["user"],
+    });
+
+    const session = await sessionService.sessions().create({
+      userId: user.id,
+      refreshToken: crypto.randomUUID(),
+      expiresAt: dateTimeProvider.now().add(7, "days").toISOString(),
+    });
+
+    const result = await controller.deleteSession({
+      params: { id: session.id },
+    });
+
+    expect(result.ok).toBe(true);
+    expect(result.id).toBe(session.id);
+
+    // Verify session is deleted
+    await expect(
+      controller.getSession({
+        params: { id: session.id },
+      }),
+    ).rejects.toThrowError(DbEntityNotFoundError);
+  });
+
+  it("should find sessions with pagination", async ({ expect }) => {
+    const { sessionService, userService, controller, dateTimeProvider } =
+      await setup();
+
+    const user = await userService.users().create({
+      username: "multisessionuser",
+      email: "multisession@example.com",
+      roles: ["user"],
+    });
+
+    // Create multiple sessions
+    const session1 = await sessionService.sessions().create({
+      userId: user.id,
+      refreshToken: crypto.randomUUID(),
+      expiresAt: dateTimeProvider.now().add(7, "days").toISOString(),
+    });
+    const session2 = await sessionService.sessions().create({
+      userId: user.id,
+      refreshToken: crypto.randomUUID(),
+      expiresAt: dateTimeProvider.now().add(7, "days").toISOString(),
+    });
+    const session3 = await sessionService.sessions().create({
+      userId: user.id,
+      refreshToken: crypto.randomUUID(),
+      expiresAt: dateTimeProvider.now().add(7, "days").toISOString(),
+    });
+
+    const result = await controller.findSessions({
+      query: { userId: user.id },
+    });
+
+    expect(result.content.length).toBeGreaterThanOrEqual(3);
+
+    // Verify all created sessions are in the results
+    const sessionIds = result.content.map((s) => s.id);
+    expect(sessionIds).toContain(session1.id);
+    expect(sessionIds).toContain(session2.id);
+    expect(sessionIds).toContain(session3.id);
+  });
+
+  it("should filter sessions by userId", async ({ expect }) => {
+    const { sessionService, userService, controller, dateTimeProvider } =
+      await setup();
+
+    const user1 = await userService.users().create({
+      username: "user1",
+      email: "user1@example.com",
+      roles: ["user"],
+    });
+    const user2 = await userService.users().create({
+      username: "user2",
+      email: "user2@example.com",
+      roles: ["user"],
+    });
+
+    await sessionService.sessions().create({
+      userId: user1.id,
+      refreshToken: crypto.randomUUID(),
+      expiresAt: dateTimeProvider.now().add(7, "days").toISOString(),
+    });
+    await sessionService.sessions().create({
+      userId: user1.id,
+      refreshToken: crypto.randomUUID(),
+      expiresAt: dateTimeProvider.now().add(7, "days").toISOString(),
+    });
+    await sessionService.sessions().create({
+      userId: user2.id,
+      refreshToken: crypto.randomUUID(),
+      expiresAt: dateTimeProvider.now().add(7, "days").toISOString(),
+    });
+
+    const result = await controller.findSessions({
+      query: { userId: user1.id },
+    });
+
+    expect(result.content.every((s) => s.userId === user1.id)).toBe(true);
+    expect(result.content.length).toBeGreaterThanOrEqual(2);
+  });
+
+  it("should sort sessions by creation date (newest first)", async ({
+    expect,
+  }) => {
+    const { sessionService, userService, controller, dateTimeProvider } =
+      await setup();
+
+    const user = await userService.users().create({
+      username: "sorttestuser",
+      email: "sorttest@example.com",
+      roles: ["user"],
+    });
+
+    const session1 = await sessionService.sessions().create({
+      userId: user.id,
+      refreshToken: crypto.randomUUID(),
+      expiresAt: dateTimeProvider.now().add(7, "days").toISOString(),
+    });
+    const session2 = await sessionService.sessions().create({
+      userId: user.id,
+      refreshToken: crypto.randomUUID(),
+      expiresAt: dateTimeProvider.now().add(7, "days").toISOString(),
+    });
+    const session3 = await sessionService.sessions().create({
+      userId: user.id,
+      refreshToken: crypto.randomUUID(),
+      expiresAt: dateTimeProvider.now().add(7, "days").toISOString(),
+    });
+
+    const result = await controller.findSessions({
+      query: { userId: user.id },
+    });
+
+    const sessionIds = result.content.map((s) => s.id);
+    expect(sessionIds.indexOf(session3.id)).toBeLessThan(
+      sessionIds.indexOf(session2.id),
+    );
+    expect(sessionIds.indexOf(session2.id)).toBeLessThan(
+      sessionIds.indexOf(session1.id),
+    );
+  });
+
+  it("should handle sessions with different user agents", async ({
+    expect,
+  }) => {
+    const { sessionService, userService, controller, dateTimeProvider } =
+      await setup();
+
+    const user = await userService.users().create({
+      username: "useragentuser",
+      email: "useragent@example.com",
+      roles: ["user"],
+    });
+
+    const desktopSession = await sessionService.sessions().create({
+      userId: user.id,
+      refreshToken: crypto.randomUUID(),
+      expiresAt: dateTimeProvider.now().add(7, "days").toISOString(),
+      userAgent: {
+        os: "Windows",
+        browser: "Edge",
+        device: "DESKTOP",
+      },
+    });
+
+    const mobileSession = await sessionService.sessions().create({
+      userId: user.id,
+      refreshToken: crypto.randomUUID(),
+      expiresAt: dateTimeProvider.now().add(7, "days").toISOString(),
+      userAgent: {
+        os: "iOS",
+        browser: "Safari",
+        device: "MOBILE",
+      },
+    });
+
+    const desktopResult = await controller.getSession({
+      params: { id: desktopSession.id },
+    });
+    expect(desktopResult.userAgent?.device).toBe("DESKTOP");
+    expect(desktopResult.userAgent?.browser).toBe("Edge");
+
+    const mobileResult = await controller.getSession({
+      params: { id: mobileSession.id },
+    });
+    expect(mobileResult.userAgent?.device).toBe("MOBILE");
+    expect(mobileResult.userAgent?.browser).toBe("Safari");
+  });
+});

package/src/api/users/controllers/{SessionController.ts → AdminSessionController.ts}

@@ -1,13 +1,12 @@
 import { $inject, t } from "alepha";
-import { pg } from "alepha/orm";
 import { $action, okSchema } from "alepha/server";
 import { sessionQuerySchema } from "../schemas/sessionQuerySchema.ts";
 import { sessionResourceSchema } from "../schemas/sessionResourceSchema.ts";
 import { SessionCrudService } from "../services/SessionCrudService.ts";
 
-export class SessionController {
+export class AdminSessionController {
   protected readonly url = "/sessions";
-  protected readonly group = "sessions";
+  protected readonly group = "admin:sessions";
   protected readonly sessionService = $inject(SessionCrudService);
 
   /**
@@ -21,7 +20,7 @@ export class SessionController {
       query: t.extend(sessionQuerySchema, {
         userRealmName: t.optional(t.string()),
       }),
-      response: pg.page(sessionResourceSchema),
+      response: t.page(sessionResourceSchema),
     },
     handler: ({ query }) => {
       const { userRealmName, ...q } = query;