aloux-iam 0.0.142 → 0.0.144

package/lib/controllers/log.js

@@ -1,5 +1,6 @@
 const Log = require("../models/Log");
 const Label = require("../models/Label");
+const Functions = require("../models/Functions");
 const mongoose = require("mongoose");
 const self = module.exports;
 
@@ -9,7 +10,8 @@ self.create = async (req, res) => {
       req.header("Company") !== "undefined" ? req.header("Company") : null;
 
     const log = new Log(req.body);
-    const businessId = req.header("business") !== "undefined" ? req.header("business") : null;
+    const businessId =
+      req.header("business") !== "undefined" ? req.header("business") : null;
     log.createdAt = new Date().getTime();
     log._user = req.user._id;
     log._company = companyId;
@@ -56,6 +58,14 @@ self.retrieve = async (req, res) => {
     const companyId =
       req.header("Company") !== "undefined" ? req.header("Company") : null;
 
+    const excludeFunctions = req.body.excludeFunctions || [];
+
+    const excludeFuncs = await Functions.find({
+      name: { $in: excludeFunctions },
+    }).lean();
+
+    const excludeIds = excludeFuncs.map((f) => f._id);
+
     const query = { _company: companyId };
 
     if (req.body.users?.length) {
@@ -74,18 +84,29 @@ self.retrieve = async (req, res) => {
       query._business = { $in: req.body.business };
     }
 
-    const consulta = await Log.find(query).populate("_user", "name lastName email");
+    const consulta = await Log.find(query).populate({
+      path: "_user",
+      select: "name lastName email _functions",
+      match: excludeIds.length ? { _functions: { $nin: excludeIds } } : {},
+    });
+
+    const filtrados = consulta.filter((log) => log._user !== null);
 
     const response = {
-      dataset0: { field: "Visualizaciones totales", count: consulta.length },
-      dataset1: processDataset1(consulta),
-      dataset2: processDataset2(consulta),
-      dataset3: processDataset3(consulta),
-      dataset4: processDataset4(consulta),
-      dataset5: processDataset5(consulta),
-      dataset6: processDataset6(consulta),
-      dataset7: processDataset7(consulta),
-      dataset8: processDataset8(consulta, req.body.search, req.body.page, req.body.limit),
+      dataset0: { field: "Visualizaciones totales", count: filtrados.length },
+      dataset1: processDataset1(filtrados),
+      dataset2: processDataset2(filtrados),
+      dataset3: processDataset3(filtrados),
+      dataset4: processDataset4(filtrados),
+      dataset5: processDataset5(filtrados),
+      dataset6: processDataset6(filtrados),
+      dataset7: processDataset7(filtrados),
+      dataset8: processDataset8(
+        filtrados,
+        req.body.search,
+        req.body.page,
+        req.body.limit,
+      ),
     };
 
     res.status(200).send(response);
@@ -98,8 +119,18 @@ self.retrieve = async (req, res) => {
 function formatDate(isoDate) {
   const [year, month, day] = isoDate.split("-");
   const monthNames = [
-    "Ene", "Feb", "Mar", "Abr", "May", "Jun",
-    "Jul", "Ago", "Sep", "Oct", "Nov", "Dic",
+    "Ene",
+    "Feb",
+    "Mar",
+    "Abr",
+    "May",
+    "Jun",
+    "Jul",
+    "Ago",
+    "Sep",
+    "Oct",
+    "Nov",
+    "Dic",
   ];
   return `${day} ${monthNames[parseInt(month) - 1]} ${year}`;
 }
@@ -176,12 +207,12 @@ function processDataset5(consulta) {
   });
 
   const uniqueLabels = new Set(
-    Object.values(labelCountsByDate).flatMap(Object.keys)
+    Object.values(labelCountsByDate).flatMap(Object.keys),
   );
   const series = Array.from(uniqueLabels).map((label) => ({
     name: label,
     data: Array.from(categories).map(
-      (date) => labelCountsByDate[date]?.[label] || 0
+      (date) => labelCountsByDate[date]?.[label] || 0,
     ),
   }));
 
@@ -230,7 +261,7 @@ function processDataset7(data) {
   };
 }
 
-function processDataset8(data, search = "", page = 1, limit = 10) {
+function processDataset8(data, search = "", page = 1, limit = null) {
   const userActivity = {};
 
   data.forEach((item) => {
@@ -249,24 +280,32 @@ function processDataset8(data, search = "", page = 1, limit = 10) {
   let users = Object.values(userActivity).sort((a, b) => b.count - a.count);
 
   if (search) {
-    const s = search.toLowerCase().normalize("NFD").replace(/[\u0300-\u036f]/g, "");
+    const s = search
+      .toLowerCase()
+      .normalize("NFD")
+      .replace(/[\u0300-\u036f]/g, "");
     users = users.filter((u) => {
-      const full = `${u.name} ${u.lastName} ${u.email}`.toLowerCase().normalize("NFD").replace(/[\u0300-\u036f]/g, "");
+      const full = `${u.name} ${u.lastName} ${u.email}`
+        .toLowerCase()
+        .normalize("NFD")
+        .replace(/[\u0300-\u036f]/g, "");
       return full.includes(s);
     });
   }
 
   const total = users.length;
-  const totalPages = Math.ceil(total / limit);
-  const start = (page - 1) * limit;
-  const items = users.slice(start, start + limit);
+  const paginate = limit !== null && limit !== undefined;
+  const parsedLimit = paginate ? parseInt(limit) : total;
+  const parsedPage = parseInt(page);
+  const start = (parsedPage - 1) * parsedLimit;
+  const items = paginate ? users.slice(start, start + parsedLimit) : users;
 
   return {
     field: "Actividad de usuarios",
     total,
-    page,
-    limit,
-    totalPages,
+    page: parsedPage,
+    limit: parsedLimit,
+    totalPages: paginate ? Math.ceil(total / parsedLimit) : 1,
     items,
   };
 }
@@ -301,4 +340,4 @@ self.count = async (req, res) => {
   } catch (error) {
     res.status(400).send({ error: error.message });
   }
-};
+};

package/lib/controllers/user.js

@@ -936,7 +936,6 @@ self.addTimeToken = async (req, res) => {
 
       if (tokenObject) {
         tokenObject.dateEnd = Date.now() + process.env.SESSION_TIME * 60 * 1000;
-        // Guarda los cambios en la base de datos
         await User.updateOne(
           { _id: userTokens._id, "tokens.token": req.params.TOKEN },
           { $set: { "tokens.$.dateEnd": tokenObject.dateEnd } }
@@ -952,12 +951,3 @@ self.addTimeToken = async (req, res) => {
     res.status(400).send({ error: error.message });
   }
 };
-
-self.checkUsername = async (req, res) => {
-  try {
-    const result = await serviceUser.checkUsername(req.body.name)
-    res.status(200).send(result)
-  } catch (error) {
-    utils.responseError(res, error, 400, "Error al verificar username", "Revisa el detalle del error")
-  }
-}

package/lib/middleware.js

@@ -4,6 +4,15 @@ const Permission = require("./models/Permission");
 const historyController = require("./controllers/history");
 
 const getAccess = (user, resource) => {
+  // Cuenta de servicio
+  const userApis = user?.data?.apis || [];
+  if (userApis.length > 0) {
+    return userApis.some(
+      (apiId) => apiId.toString() === resource._id.toString(),
+    );
+  }
+
+  // Flujo normal
   for (let i in user._functions) {
     for (let j in user._functions[i]._permissions) {
       if (user._functions[i]._permissions[j].status === "Activo") {
@@ -50,7 +59,7 @@ const auth = async (req, res, next) => {
     const data = jwt.verify(token, process.env.AUTH_SECRET);
     const user = await User.findOne(
       { _id: data._id, "tokens.token": token, status: "Activo" },
-      { tokens: 0, pwd: 0 }
+      { tokens: 0, pwd: 0 },
     )
       .populate({ path: "_functions", populate: [{ path: "_permissions" }] })
       .lean();
@@ -69,7 +78,7 @@ const auth = async (req, res, next) => {
     if (process.env.SESSION_INTERRUPTOR === "true") {
       const userTokens = await User.findOne(
         { _id: user._id, status: "Activo" },
-        { tokens: 1 }
+        { tokens: 1 },
       ).lean();
       const tokenObject = userTokens.tokens.find((t) => t.token === token);
       if (tokenObject.dateEnd <= Date.now()) {
@@ -79,7 +88,7 @@ const auth = async (req, res, next) => {
             $pull: {
               tokens: { token: tokenObject.token }, // Condición para eliminar el token específico
             },
-          }
+          },
         );
         throw {
           code: 401,
@@ -113,15 +122,21 @@ const auth = async (req, res, next) => {
     if (resource.auth && !resource.default) {
       const access = getAccess(user, resource);
       if (!access) {
+        const userApis = user?.data?.apis || [];
         throw {
           code: 403,
-          title: "Error de permisos",
+          title: "Acceso denegado",
           detail:
-            "No cuentas con permisos para el recurso [" +
-            resource.api +
-            "] que: " +
-            (resource ? resource.description : "Recurso indefinido"),
-          suggestion: "Contacta con el administrador",
+            userApis.length > 0
+              ? "No cuentas con acceso a esta API"
+              : "No cuentas con permisos para el recurso [" +
+                resource.api +
+                "] que: " +
+                (resource ? resource.description : "Recurso indefinido"),
+          suggestion:
+            userApis.length > 0
+              ? "Contacta con el administrador para asignar acceso a esta API"
+              : "Contacta con el administrador",
           error: new Error(),
         };
       }

package/lib/models/User.js

@@ -14,13 +14,6 @@ const adminSchema = mongoose.Schema({
     sparse: true,
     lowercase: true,
   },
-  username: {
-    type: String,
-    trim: true,
-    unique: true,
-    sparse: true,
-    lowercase: true,
-  },
   pwd: { type: String, trim: true, minLength: 8 },
   phone: { type: String, trim: true, maxLength: 13 },
   phoneObj: {

package/lib/router.js

@@ -46,7 +46,6 @@ router.get("/iam/user", middleware, user.retrieve);
 router.post("/iam/user/pages", middleware, user.retrievePages);
 router.get("/iam/business/user", middleware, user.retrieveByBusiness);
 router.get("/iam/user/by/my/companies", middleware, user.retrieveByMyCompanies);
-router.post('/iam/user/check/username', middleware, user.checkUsername);
 router.get("/iam/user/:USER_ID", middleware, user.get);
 router.patch("/iam/user/:USER_ID", middleware, user.update);
 router.put("/iam/user/:USER_ID/status", middleware, user.status);

package/lib/services/user.js

@@ -2,29 +2,10 @@ const jwt = require("jsonwebtoken")
 const User = require('../models/User')
 const self = module.exports
 
-const generateUniqueUsername = async (name) => {
-  const base = name
-    .toLowerCase()
-    .normalize('NFD').replace(/[\u0300-\u036f]/g, '')
-    .replace(/\s+/g, '-')
-    .replace(/[^a-z0-9-]/g, '')
-
-  let username = base
-  let count = 1
-
-  while (await User.findOne({ username }).lean()) {
-    username = `${base}${count}`
-    count++
-  }
-
-  return username
-}
-
 self.create = async (body) => {
   let user
   const isServiceAccount = !body.email && !body.pwd
 
-  // Limpieza de campos únicos que pueden llegar como null
   const nullableUnique = ['username', 'phone', 'email']
   nullableUnique.forEach(field => {
     if (!body[field]) delete body[field]
@@ -32,7 +13,6 @@ self.create = async (body) => {
 
   if (isServiceAccount) {
     user = new User(body)
-    user.username = await generateUniqueUsername(body.name)
     user.createdAt = new Date().getTime()
     user.status = body?.status ?? 'Activo'
     user.data = { changePwd: false }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "aloux-iam",
-  "version": "0.0.142",
+  "version": "0.0.144",
   "description": "Aloux IAM for APIs ",
   "main": "index.js",
   "scripts": {