npm - aloux-iam - Versions diffs - 0.0.141 → 0.0.143 - Mend

aloux-iam 0.0.141 → 0.0.143

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/lib/controllers/log.js CHANGED Viewed

@@ -9,9 +9,11 @@ self.create = async (req, res) => {
       req.header("Company") !== "undefined" ? req.header("Company") : null;
     const log = new Log(req.body);
+    const businessId = req.header("business") !== "undefined" ? req.header("business") : null;
     log.createdAt = new Date().getTime();
     log._user = req.user._id;
     log._company = companyId;
+    log._business = businessId;
     log.label = req.body.label;
     await log.save();
@@ -54,110 +56,36 @@ self.retrieve = async (req, res) => {
     const companyId =
       req.header("Company") !== "undefined" ? req.header("Company") : null;
-    const matchStage = { _company: companyId };
+    const query = { _company: companyId };
     if (req.body.users?.length) {
-      matchStage._user = {
+      query._user = {
         $in: req.body.users.map((id) => new mongoose.Types.ObjectId(id)),
       };
     }
     if (req.body.dateStart || req.body.dateEnd) {
-      matchStage.createdAt = {};
-      if (req.body.dateStart)
-        matchStage.createdAt.$gte = Number(req.body.dateStart);
-      if (req.body.dateEnd)
-        matchStage.createdAt.$lte = Number(req.body.dateEnd);
+      query.createdAt = {};
+      if (req.body.dateStart) query.createdAt.$gte = Number(req.body.dateStart);
+      if (req.body.dateEnd) query.createdAt.$lte = Number(req.body.dateEnd);
     }
-    const [totalCount, byLabel, byDate, byUser] = await Promise.all([
-      Log.countDocuments(matchStage),
-      Log.aggregate([
-        { $match: matchStage },
-        { $group: { _id: "$label", count: { $sum: 1 } } },
-        { $sort: { count: -1 } },
-      ]),
-      Log.aggregate([
-        { $match: matchStage },
-        {
-          $group: {
-            _id: {
-              $dateToString: {
-                format: "%Y-%m-%d",
-                date: { $toDate: "$createdAt" },
-              },
-            },
-            count: { $sum: 1 },
-          },
-        },
-        { $sort: { _id: 1 } },
-      ]),
-      Log.aggregate([
-        { $match: matchStage },
-        { $group: { _id: "$_user", count: { $sum: 1 } } },
-        {
-          $lookup: {
-            from: "users",
-            localField: "_id",
-            foreignField: "_id",
-            as: "user",
-          },
-        },
-        { $unwind: "$user" },
-        {
-          $project: {
-            name: { $concat: ["$user.name", " ", "$user.lastName"] },
-            count: 1,
-          },
-        },
-        { $sort: { count: -1 } },
-      ]),
-    ]);
-    const topUsers = byUser.slice(0, 10);
-    const leastUsers = [...byUser]
-      .sort((a, b) => a.count - b.count)
-      .slice(0, 10);
-    // for (let i in consulta) {
-    //   consulta[i].label = consulta[i]._label.label;
-    //   await consulta[i].save();
-    // }
+    if (req.body.business?.length) {
+      query._business = { $in: req.body.business };
+    }
+    const consulta = await Log.find(query).populate("_user", "name lastName email");
     const response = {
-      dataset0: { field: "Visualizaciones totales", count: totalCount },
-      dataset1: [],
-      dataset2: {
-        field: "Distribución de acciones",
-        counts: byLabel.map((i) => i.count),
-        operations: byLabel.map((i) => i._id),
-      },
-      dataset3: {
-        field: "Distribución de acciones",
-        items: byLabel.map((i) => ({
-          addGroup: i._id,
-          totalResponse: i.count,
-        })),
-      },
-      dataset4: {
-        field: "Actividad en la plataforma",
-        counts: byDate.map((i) => i.count),
-        actionsName: byDate.map((i) => formatDate(i._id)),
-      },
-      dataset5: [],
-      dataset6: {
-        field: "Usuarios con mas actividad en la plataforma",
-        counts: topUsers.map((i) => i.count),
-        actionsName: topUsers.map((i) => i.name.split(" ")),
-      },
-      dataset7: {
-        field: "Usuarios con menos actividad en la plataforma",
-        counts: leastUsers.map((i) => i.count),
-        actionsName: leastUsers.map((i) => i.name.split(" ")),
-      },
+      dataset0: { field: "Visualizaciones totales", count: consulta.length },
+      dataset1: processDataset1(consulta),
+      dataset2: processDataset2(consulta),
+      dataset3: processDataset3(consulta),
+      dataset4: processDataset4(consulta),
+      dataset5: processDataset5(consulta),
+      dataset6: processDataset6(consulta),
+      dataset7: processDataset7(consulta),
+      dataset8: processDataset8(consulta, req.body.search, req.body.page, req.body.limit),
     };
     res.status(200).send(response);
@@ -170,31 +98,20 @@ self.retrieve = async (req, res) => {
 function formatDate(isoDate) {
   const [year, month, day] = isoDate.split("-");
   const monthNames = [
-    "Ene",
-    "Feb",
-    "Mar",
-    "Abr",
-    "May",
-    "Jun",
-    "Jul",
-    "Ago",
-    "Sep",
-    "Oct",
-    "Nov",
-    "Dic",
+    "Ene", "Feb", "Mar", "Abr", "May", "Jun",
+    "Jul", "Ago", "Sep", "Oct", "Nov", "Dic",
   ];
   return `${day} ${monthNames[parseInt(month) - 1]} ${year}`;
 }
 function processDataset1(consulta) {
-  return consulta.map((item) => {
-    return {
-      _id: item._id,
-      labelDescription: item.label,
-      userName: item._user.name + " " + item._user.lastName,
-      createdAt: item.createdAt,
-    };
-  });
+  return consulta.map((item) => ({
+    _id: item._id,
+    labelDescription: item.label,
+    userName: item._user.name + " " + item._user.lastName,
+    userEmail: item._user.email,
+    createdAt: item.createdAt,
+  }));
 }
 function processDataset2(consulta) {
@@ -229,7 +146,8 @@ function processDataset3(consulta) {
 function processDataset4(consulta) {
   const dateCounts = consulta.reduce((acc, item) => {
-    const date = formatDate(new Date(item.createdAt));
+    const isoDate = new Date(item.createdAt).toISOString().split("T")[0];
+    const date = formatDate(isoDate);
     acc[date] = (acc[date] || 0) + 1;
     return acc;
   }, {});
@@ -246,7 +164,8 @@ function processDataset5(consulta) {
   const categories = new Set();
   consulta.forEach((item) => {
-    const date = formatDate(new Date(item.createdAt));
+    const isoDate = new Date(item.createdAt).toISOString().split("T")[0];
+    const date = formatDate(isoDate);
     const label = item.label;
     categories.add(date);
@@ -276,55 +195,80 @@ function processDataset5(consulta) {
 function processDataset6(data) {
   const userActivity = {};
-  // Count activity per user. Assuming data contains _user with name and lastName
   data.forEach((item) => {
     const fullName = `${item._user.name} ${item._user.lastName}`;
     userActivity[fullName] = (userActivity[fullName] || 0) + 1;
   });
-  // Sort users by activity count in descending order
-  const sortedUsers = Object.entries(userActivity).sort(
-    ([, countA], [, countB]) => countB - countA
-  );
-  // Extract top 10 users
-  const topUsers = sortedUsers.slice(0, 10);
+  const topUsers = Object.entries(userActivity)
+    .sort(([, a], [, b]) => b - a)
+    .slice(0, 10);
-  // Build the result object
-  const result = {
+  return {
+    field: "Usuarios con mas actividad en la plataforma",
     counts: topUsers.map(([, count]) => count),
     actionsName: topUsers.map(([fullName]) => fullName.split(" ")),
-    field: "Usuarios con mas actividad en la plataforma",
   };
-  return result;
 }
 function processDataset7(data) {
   const userActivity = {};
-  // Count activity per user. Assuming data contains _user with name and lastName
   data.forEach((item) => {
     const fullName = `${item._user.name} ${item._user.lastName}`;
     userActivity[fullName] = (userActivity[fullName] || 0) + 1;
   });
-  // Sort users by activity count in ascending order
-  const sortedUsers = Object.entries(userActivity).sort(
-    ([, countA], [, countB]) => countA - countB
-  );
+  const leastUsers = Object.entries(userActivity)
+    .sort(([, a], [, b]) => a - b)
+    .slice(0, 10);
-  // Extract top 10 least active users
-  const leastActiveUsers = sortedUsers.slice(0, 10);
-  // Build the result object
-  const result = {
-    counts: leastActiveUsers.map(([, count]) => count),
-    actionsName: leastActiveUsers.map(([fullName]) => fullName.split(" ")),
+  return {
     field: "Usuarios con menos actividad en la plataforma",
+    counts: leastUsers.map(([, count]) => count),
+    actionsName: leastUsers.map(([fullName]) => fullName.split(" ")),
   };
+}
-  return result;
+function processDataset8(data, search = "", page = 1, limit = 10) {
+  const userActivity = {};
+  data.forEach((item) => {
+    const fullName = `${item._user.name} ${item._user.lastName}`;
+    if (!userActivity[fullName]) {
+      userActivity[fullName] = {
+        name: item._user.name,
+        lastName: item._user.lastName,
+        email: item._user.email,
+        count: 0,
+      };
+    }
+    userActivity[fullName].count++;
+  });
+  let users = Object.values(userActivity).sort((a, b) => b.count - a.count);
+  if (search) {
+    const s = search.toLowerCase().normalize("NFD").replace(/[\u0300-\u036f]/g, "");
+    users = users.filter((u) => {
+      const full = `${u.name} ${u.lastName} ${u.email}`.toLowerCase().normalize("NFD").replace(/[\u0300-\u036f]/g, "");
+      return full.includes(s);
+    });
+  }
+  const total = users.length;
+  const totalPages = Math.ceil(total / limit);
+  const start = (page - 1) * limit;
+  const items = users.slice(start, start + limit);
+  return {
+    field: "Actividad de usuarios",
+    total,
+    page,
+    limit,
+    totalPages,
+    items,
+  };
 }
 self.get = async (req, res) => {

package/lib/controllers/user.js CHANGED Viewed

@@ -14,29 +14,29 @@ const self = module.exports;
 self.create = async (req, res) => {
   try {
-    let user = await serviceUser.create(req.body);
-    if (process.env.SEND_EMAIL_USER === "true") {
-      let file = _brand.template("TEMPLATE_ACCOUNT");
-      file = file.replace("{{user}}", user.name);
-      file = file.replace("{{email}}", req.body.email);
-      file = file.replace("{{password}}", req.body.pwd);
-      const app = process.env.APP;
-      const urlEmail = process.env[`URL_EMAIL_${app}`];
-      if (urlEmail) {
-        file = file.replaceAll("{{urlToken}}", urlEmail);
-      }
+    let user = await serviceUser.create(req.body)
+    if (process.env.SEND_EMAIL_USER === "true" && user.email) {
+      let file = _brand.template("TEMPLATE_ACCOUNT")
+      file = file.replace("{{user}}", user.name)
+      file = file.replace("{{email}}", req.body.email)
+      file = file.replace("{{password}}", req.body.pwd)
+      const app = process.env.APP
+      const urlEmail = process.env[`URL_EMAIL_${app}`]
+      if (urlEmail) file = file.replaceAll("{{urlToken}}", urlEmail)
       await AWS_SES.sendCustom(
         user.email,
         file,
         process.env.SUBJECT_EMAIL || "bienvenido"
-      );
+      )
     }
-    res.status(201).send(user);
+    res.status(201).send(user)
   } catch (error) {
-    utils.responseError(res, error, 400, "Error al crear usuario", "Revisa el detalle del error");
+    utils.responseError(res, error, 400, "Error al crear usuario", "Revisa el detalle del error")
   }
-};
+}
 self.update = async (req, resp) => {
   try {
@@ -936,7 +936,6 @@ self.addTimeToken = async (req, res) => {
       if (tokenObject) {
         tokenObject.dateEnd = Date.now() + process.env.SESSION_TIME * 60 * 1000;
-        // Guarda los cambios en la base de datos
         await User.updateOne(
           { _id: userTokens._id, "tokens.token": req.params.TOKEN },
           { $set: { "tokens.$.dateEnd": tokenObject.dateEnd } }

package/lib/middleware.js CHANGED Viewed

@@ -4,6 +4,15 @@ const Permission = require("./models/Permission");
 const historyController = require("./controllers/history");
 const getAccess = (user, resource) => {
+  // Cuenta de servicio
+  const userApis = user?.data?.apis || [];
+  if (userApis.length > 0) {
+    return userApis.some(
+      (apiId) => apiId.toString() === resource._id.toString(),
+    );
+  }
+  // Flujo normal
   for (let i in user._functions) {
     for (let j in user._functions[i]._permissions) {
       if (user._functions[i]._permissions[j].status === "Activo") {
@@ -50,7 +59,7 @@ const auth = async (req, res, next) => {
     const data = jwt.verify(token, process.env.AUTH_SECRET);
     const user = await User.findOne(
       { _id: data._id, "tokens.token": token, status: "Activo" },
-      { tokens: 0, pwd: 0 }
+      { tokens: 0, pwd: 0 },
     )
       .populate({ path: "_functions", populate: [{ path: "_permissions" }] })
       .lean();
@@ -69,7 +78,7 @@ const auth = async (req, res, next) => {
     if (process.env.SESSION_INTERRUPTOR === "true") {
       const userTokens = await User.findOne(
         { _id: user._id, status: "Activo" },
-        { tokens: 1 }
+        { tokens: 1 },
       ).lean();
       const tokenObject = userTokens.tokens.find((t) => t.token === token);
       if (tokenObject.dateEnd <= Date.now()) {
@@ -79,7 +88,7 @@ const auth = async (req, res, next) => {
             $pull: {
               tokens: { token: tokenObject.token }, // Condición para eliminar el token específico
             },
-          }
+          },
         );
         throw {
           code: 401,
@@ -113,15 +122,21 @@ const auth = async (req, res, next) => {
     if (resource.auth && !resource.default) {
       const access = getAccess(user, resource);
       if (!access) {
+        const userApis = user?.data?.apis || [];
         throw {
           code: 403,
-          title: "Error de permisos",
+          title: "Acceso denegado",
           detail:
-            "No cuentas con permisos para el recurso [" +
-            resource.api +
-            "] que: " +
-            (resource ? resource.description : "Recurso indefinido"),
-          suggestion: "Contacta con el administrador",
+            userApis.length > 0
+              ? "No cuentas con acceso a esta API"
+              : "No cuentas con permisos para el recurso [" +
+                resource.api +
+                "] que: " +
+                (resource ? resource.description : "Recurso indefinido"),
+          suggestion:
+            userApis.length > 0
+              ? "Contacta con el administrador para asignar acceso a esta API"
+              : "Contacta con el administrador",
           error: new Error(),
         };
       }

package/lib/models/Log.js CHANGED Viewed

@@ -5,6 +5,7 @@ const menuSchema = mongoose.Schema({
   label: { type: String, required: true },
   _user: { type: ObjectId, required: true, ref: "User" },
   _company: { type: ObjectId, required: false, ref: "Company" },
+  _business: { type: ObjectId, required: false, ref: "Business" },
   createdAt: { type: Number },
 });

package/lib/models/User.js CHANGED Viewed

@@ -8,9 +8,10 @@ const adminSchema = mongoose.Schema({
   lastName: { type: String, required: false, trim: true },
   email: {
     type: String,
-    required: true,
+    required: false,
     trim: true,
     unique: true,
+    sparse: true,
     lowercase: true,
   },
   pwd: { type: String, trim: true, minLength: 8 },
@@ -78,6 +79,7 @@ const adminSchema = mongoose.Schema({
       token: { type: String, required: true },
       date: { type: Number },
       dateEnd: { type: Number },
+      type: { type: String, enum: ["session", "api"], default: "session" },
     },
   ],

package/lib/services/user.js CHANGED Viewed

@@ -1,99 +1,159 @@
+const jwt = require("jsonwebtoken")
 const User = require('../models/User')
 const self = module.exports
 self.create = async (body) => {
-    let user
-    user = await User.findOne({email: body.email}).lean()
+  let user
+  const isServiceAccount = !body.email && !body.pwd
-    if(user){
+  const nullableUnique = ['username', 'phone', 'email']
+  nullableUnique.forEach(field => {
+    if (!body[field]) delete body[field]
+  })
+  if (isServiceAccount) {
+    user = new User(body)
+    user.createdAt = new Date().getTime()
+    user.status = body?.status ?? 'Activo'
+    user.data = { changePwd: false }
+    const token = jwt.sign({ _id: user._id }, process.env.AUTH_SECRET)
+    user.tokens = [{
+      token,
+      date: new Date().getTime(),
+      dateEnd: Number.MAX_SAFE_INTEGER,
+      type: 'api'
+    }]
+    try {
+      await user.save()
+    } catch (error) {
+      if (error.code === 11000) {
         throw {
-            code: 404,
-            title: 'Upss!',
-            detail: '',
-            suggestion: 'El correo ya se encuentra resgitrado',
-            error: new Error()
+          code: 409,
+          title: 'Upss!',
+          detail: 'Clave duplicada',
+          suggestion: 'El username ya se encuentra registrado',
+          error
         }
+      }
+      throw error
     }
-    user = new User(body)
-    user.createdAt = (new Date()).getTime()
-    user.status = body?.status ? body?.status : 'Activo'
-    delete user.pwd
-    user.data.changePwd = false
-    await user.save()
     return user
-}
+  }
+  // Flujo normal
+  if (body.email) {
+    const exists = await User.findOne({ email: body.email }).lean()
+    if (exists) {
+      throw {
+        code: 409,
+        title: 'Upss!',
+        detail: '',
+        suggestion: 'El correo ya se encuentra registrado',
+        error: new Error()
+      }
+    }
+  }
-self.update = async (USER_ID, body) => {
-    const _id = USER_ID
-    const user = await User.findOne({ _id }).countDocuments().lean()
+  user = new User(body)
+  user.createdAt = new Date().getTime()
+  user.status = body?.status ?? 'Activo'
+  user.data = { changePwd: false }
-    if (!user) {
-        throw {
-            code: 404,
-            title: 'Upss!',
-            detail: 'No se encontró el elemento',
-            suggestion: 'Verifica que el usuario aun este activo en la plataforma',
-            error: new Error()
-        }
+  try {
+    await user.save()
+  } catch (error) {
+    if (error.code === 11000) {
+      throw {
+        code: 409,
+        title: 'Upss!',
+        detail: 'Clave duplicada',
+        suggestion: 'El correo o username ya se encuentra registrado',
+        error
+      }
     }
+    throw error
+  }
+  return user
+}
-    if (body.phone) {
-        await User.updateOne({ _id }, { 'validateKey.validatePhone.validCodePhone': false })
+self.update = async (USER_ID, body) => {
+  const _id = USER_ID
+  const user = await User.findOne({ _id }).countDocuments().lean()
+  if (!user) {
+    throw {
+      code: 404,
+      title: 'Upss!',
+      detail: 'No se encontró el elemento',
+      suggestion: 'Verifica que el usuario aun este activo en la plataforma',
+      error: new Error()
     }
+  }
+  if (body.phone) {
+    await User.updateOne({ _id }, { 'validateKey.validatePhone.validCodePhone': false })
+  }
-    body.lastUpdate = (new Date()).getTime()
-    const result = await User.updateOne({ _id }, { $set: body })
+  body.lastUpdate = new Date().getTime()
+  const result = await User.updateOne({ _id }, { $set: body })
-    return result
+  return result
 }
 self.status = async (USER_ID, body) => {
-    const _id = USER_ID
-    const user = await User.findOne({ _id })
-    if (!user) {
-        throw {
-            code: 404,
-            title: 'Upss!',
-            detail: 'No se encontró el elemento',
-            suggestion: 'Verifica que el usuario aun este activo en la plataforma',
-            error: new Error()
-        }
+  const _id = USER_ID
+  const user = await User.findOne({ _id })
+  if (!user) {
+    throw {
+      code: 404,
+      title: 'Upss!',
+      detail: 'No se encontró el elemento',
+      suggestion: 'Verifica que el usuario aun este activo en la plataforma',
+      error: new Error()
     }
+  }
-    user.status = body.status
-    user.lastUpdate = (new Date()).getTime()
-    const result = await user.save()
+  user.status = body.status
+  user.lastUpdate = new Date().getTime()
-    return result
+  return await user.save()
 }
 self.updatepassword = async (body, USER_ID) => {
-    let user
-    user = User(body)
-    const _id = USER_ID
-    user = await User.findOne({ _id })
-    if (!user) {
-        throw {
-            code: 404,
-            title: 'Upss!',
-            detail: 'No se encontró el elemento',
-            suggestion: 'Verifica que el usuario aun este activo en la plataforma',
-            error: new Error()
-        }
+  const _id = USER_ID
+  const user = await User.findOne({ _id })
+  if (!user) {
+    throw {
+      code: 404,
+      title: 'Upss!',
+      detail: 'No se encontró el elemento',
+      suggestion: 'Verifica que el usuario aun este activo en la plataforma',
+      error: new Error()
     }
+  }
-    user.pwd = body.pwd
-    user.lastUpdate = (new Date()).getTime()
-    const result = await user.save()
+  user.pwd = body.pwd
+  user.lastUpdate = new Date().getTime()
-    return result
+  return await user.save()
 }
+self.checkUsername = async (name) => {
+  if (!name) {
+    throw {
+      code: 400,
+      title: 'El nombre es requerido',
+      detail: '',
+      suggestion: 'Envía un nombre para generar el username',
+      error: new Error()
+    }
+  }
+  const username = await generateUniqueUsername(name)
+  return { username }
+}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "aloux-iam",
-  "version": "0.0.141",
+  "version": "0.0.143",
   "description": "Aloux IAM for APIs ",
   "main": "index.js",
   "scripts": {