gemcap-be-common 1.3.187 → 1.4.2

package/services/users.service.ts

@@ -1,24 +1,19 @@
 import { jwtDecode } from 'jwt-decode';
-import _ from 'lodash';
 import express from 'express';
 import axios from 'axios';
-import dayjs from 'dayjs';
 import mongoose from 'mongoose';
-import qs from 'qs';
 
-import { createLog, ICreateLogParams } from '../db/user-logs.db';
-import { IKeycloakUser } from '../interfaces/keycloak-user.interface';
-import { IUser, IUserDocument, UserModel } from '../models/User.model';
 import { BorrowerCompliance } from '../models/BorrowerCompliance.model';
 import { UserMobileAccess } from '../models/UserMobileAccess.model';
-import { ELogActionType, ELogType, UserLog } from '../models/UserLog.model';
-import { IGroupedKeycloakRoles, IKeycloakRole } from '../interfaces/keycloak-role.interface';
+import { UserLog } from '../models/UserLog.model';
+import { IUser } from '../interfaces/auth-user.interface';
 
 interface IKeycloakConfig {
   keycloakHost: string;
   realm: string;
   adminUser: string;
   adminPass: string;
+  baseUrl: string;
 }
 
 export class UsersService {
@@ -28,410 +23,123 @@ export class UsersService {
     this.config = config;
   }
 
-  async getUserByKeyCloakId(keycloakUserId: string): Promise<IUserDocument> {
-    return UserModel.findOne({ keycloakUserId }).lean();
-  }
-
-  async getUserByToken(req: express.Request): Promise<IUserDocument> {
+  async getUserAccessByRequest(req: express.Request): Promise<IUser | null> {
     const authorization = req.get('Authorization');
     if (!authorization) {
       return null;
     }
-    const { sub: keycloakUserId }: { sub: string } = jwtDecode(authorization);
-    return this.getUserByKeyCloakId(keycloakUserId);
-  }
-
-  async getUserIdByToken(req: express.Request): Promise<string> {
-    const user = await this.getUserByToken(req);
-    if (user) {
-      return user._id.toString();
+    const { sub }: { sub: string } = jwtDecode(authorization);
+    const user = await this.getUserById(sub);
+    if (!user) {
+      return null;
     }
-    return null;
-  }
-
-  async getUserRepresentationById(authorization: string, userId: string): Promise<IKeycloakUser> {
-    const options = {
-      method: 'GET',
-      url: `${this.config.keycloakHost}/admin/realms/${this.config.realm}/users/${userId}`,
-      headers: {
-        'Content-Type': 'application/json',
-        Authorization: `Bearer ${authorization}`,
-      },
-    };
-    const result = await axios.request(options);
-    return result.data;
-  }
-
-  async getUserRepresentationByUsername(authorization: string, username: string): Promise<IKeycloakUser> {
-    const options = {
-      method: 'GET',
-      url: `${this.config.keycloakHost}/admin/realms/${this.config.realm}/users?username=${username}`,
-      headers: {
-        'Content-Type': 'application/json',
-        Authorization: `Bearer ${authorization}`,
-      },
-    };
-    const result = await axios.request(options);
-    const users: IKeycloakUser[] = result.data;
-    return users.find((user) => user.username === username);
+    return user;
   }
 
-  async getKeyCloakAdminBearer() {
-    const url = `${this.config.keycloakHost}/realms/master/protocol/openid-connect/token`;
-
-    const data = qs.stringify({
-      username: this.config.adminUser,
-      password: this.config.adminPass,
-      client_id: 'admin-cli',
-      grant_type: 'password',
-    });
-
-    const headers = {
-      'Content-Type': 'application/x-www-form-urlencoded',
-    };
-
-    const response = await axios.post(url, data, { headers });
-    return response.data;
+  async getUserById(userId: string): Promise<IUser | null> {
+    const { data } = await axios.get(`${this.config.baseUrl}/users/by-id/${userId}`);
+    return data ?? null;
   }
 
-  async getUserList(authorization: string): Promise<IKeycloakUser[]> {
-    const options = {
-      method: 'GET',
-      url: `${this.config.keycloakHost}/admin/realms/${this.config.realm}/users`,
-      headers: {
-        'Content-Type': 'application/json',
-        Authorization: `Bearer ${authorization}`,
-      },
-    };
-    const result = await axios.request(options);
-    return result.data;
+  async getUserByUsername(username: string): Promise<IUser | null> {
+    const { data } = await axios.get(`${this.config.baseUrl}/users/by-username/${username}`);
+    return data ?? null;
   }
 
-  async getUsersWithRoles(authorization: string) {
-    const users = await this.getUserList(authorization);
-    const usersWithNames = users.map((user) => ({ firstName: '', lastName: '', ...user }));
-    const usersWithRoles = await this
-      .mapRolesToUsers(
-        authorization,
-        usersWithNames.sort((a, b) => a.createdTimestamp - b.createdTimestamp),
-      );
-    const usersAndAccess = (await this.addUserAccess(usersWithRoles)).filter((user) => !!user);
-    const newUser = usersAndAccess.find((user) => user.username === '!new user');
-    if (newUser) {
-      return [newUser, ...usersAndAccess.slice(0, usersAndAccess.length - 1)];
+  async getUserByToken(req: express.Request): Promise<IUser | null> {
+    const authorization = req.get('Authorization');
+    if (!authorization) {
+      return null;
     }
-    return usersAndAccess;
+    const { sub: keycloakUserId }: { sub: string } = jwtDecode(authorization);
+    return this.getUserById(keycloakUserId);
   }
 
-  async getUserRoles(authorization: string, userId: string): Promise<{ realmMappings: IKeycloakRole[] }> {
-    const options = {
-      method: 'GET',
-      url: `${this.config.keycloakHost}/admin/realms/${this.config.realm}/users/${userId}/role-mappings`,
-      headers: {
-        'Content-Type': 'application/json',
-        Authorization: `Bearer ${authorization}`,
-      },
-    };
-    const result = await axios.request(options);
-    return result.data;
+  async getUserIdByToken(req: express.Request): Promise<string | null> {
+    const user = await this.getUserByToken(req);
+    if (user) {
+      return user.id;
+    }
+    return null;
   }
 
-  async createUser(authorization: string, user): Promise<any> {
-    const options = {
-      method: 'POST',
-      url: `${this.config.keycloakHost}/admin/realms/${this.config.realm}/users`,
-      headers: {
-        'Content-Type': 'application/json',
-        Authorization: `Bearer ${authorization}`,
-      },
-      data: {
-        ...user,
-      },
-    };
-    const result = await axios.request(options);
-    return result.data;
+  async getUserList(): Promise<IUser[]> {
+    const { data } = await axios.get(`${this.config.baseUrl}/users/users`);
+    return data ?? null;
   }
 
-  async updateUser(authorization: string, userId: string, keyValue): Promise<any> {
-    const options = {
-      method: 'PUT',
-      url: `${this.config.keycloakHost}/admin/realms/${this.config.realm}/users/${userId}`,
-      headers: {
-        'Content-Type': 'application/json',
-        Authorization: `Bearer ${authorization}`,
-      },
-      data: keyValue,
-    };
-    const result = await axios.request(options);
-    return result.data;
+  async getUserRoles(userId: string) { // TODO add full description
+    const user = await this.getUserById(userId);
+    return user.roles;
   }
 
   async updateMobileUser(userId: string, keyValue: { [key: string]: string | number | boolean }) {
     await UserMobileAccess.findOneAndUpdate({ keycloakUserId: userId }, keyValue, { upsert: true });
   }
 
-  async updateUserAccess(keycloakUserId: string, userAccess) {
-    await UserModel
-      .findOneAndUpdate({ keycloakUserId }, userAccess);
-  }
-
-  async removeUserRoles(authorization: string, userId: string, roles: IKeycloakRole[]): Promise<any> {
-    const options = {
-      method: 'DELETE',
-      url: `${this.config.keycloakHost}/admin/realms/${this.config.realm}/users/${userId}/role-mappings/realm`,
-      headers: {
-        'Content-Type': 'application/json',
-        Authorization: `Bearer ${authorization}`,
-      },
-      data: [...roles],
-    };
-    const result = await axios.request(options);
-    return result.data;
-  }
-
-  async addUserRoles(authorization: string, userId: string, roles: IKeycloakRole[]): Promise<any> {
-    const options = {
-      method: 'POST',
-      url: `${this.config.keycloakHost}/admin/realms/${this.config.realm}/users/${userId}/role-mappings/realm`,
-      headers: {
-        'Content-Type': 'application/json',
-        Authorization: `Bearer ${authorization}`,
-      },
-      data: [...roles],
-    };
-    const result = await axios.request(options);
-    return result.data;
-  }
-
-  async resetPassword(authorization: string, userId: string, temporaryPassword: string): Promise<any> {
-    const options = {
-      method: 'PUT',
-      url: `${this.config.keycloakHost}/admin/realms/${this.config.realm}/users/${userId}/reset-password`,
-      headers: {
-        'Content-Type': 'application/json',
-        Authorization: `Bearer ${authorization}`,
-      },
-      data: { value: temporaryPassword, temporary: true },
-    };
-    const result = await axios.request(options);
-    return result.data;
-  }
-
-  async createNewPasswordWithEmail(authorization: string, userId: string, newPassword: string) {
-    const options = {
-      method: 'PUT',
-      url: `${this.config.keycloakHost}/admin/realms/${this.config.realm}/users/${userId}/reset-password`,
-      headers: {
-        'Content-Type': 'application/json',
-        Authorization: `Bearer ${authorization}`,
-      },
-      data: {
-        type: 'password',
-        value: newPassword,
-        temporary: false,
-      },
-    };
-    const response = await axios.request(options);
-    return response;
-  }
-
-  async deleteUser(authorization: string, userId: string) {
-    const deletedUser = await this.getUserRepresentationById(authorization, userId);
-    const url = `${this.config.keycloakHost}/admin/realms/${this.config.realm}/users/${userId}`;
-    const options = {
-      method: 'DELETE',
-      url,
-      headers: { 'Content-Type': 'application/json', Authorization: `Bearer ${authorization}` },
-    };
-    try {
-      await axios.request(options);
-      const update = {
-        isDeleted: true,
-        firstName: deletedUser.firstName ?? deletedUser.username,
-        lastName: deletedUser.lastName ?? '',
-      };
-      await UserModel.findOneAndUpdate({ keycloakUserId: userId }, update);
-    } catch (error) {
-      console.log(error);
-    }
-  }
-
-  async getRoleList(authorization: string): Promise<IKeycloakRole[]> {
-    const options = {
-      method: 'GET',
-      url: `${this.config.keycloakHost}/admin/realms/${this.config.realm}/roles`,
-      headers: {
-        'Content-Type': 'application/json',
-        Authorization: `Bearer ${authorization}`,
-      },
-    };
-    const result = await axios.request(options);
-    return result.data;
-  }
-
-  groupRoles(roles: IKeycloakRole[]): IGroupedKeycloakRoles {
-    return roles.reduce((acc, role) => {
-      const [module, roleName] = role.name.split('/');
-      if (!roleName) {
-        return acc;
-      }
-      const addedRoles = acc[module] ?? [];
-      return { ...acc, [module]: [...addedRoles, { ...role, representation: roleName }] };
-    }, {});
-  }
-
-  mapRolesToUsers(authorization: string, users: IKeycloakUser[]) {
-    const usersWithRolesPromise = users.map(async (user) => {
-      const roles = await this.getUserRoles(authorization, user.id);
-      return { ...user, roles: this.groupRoles(roles.realmMappings) };
-    });
-    return Promise.all(usersWithRolesPromise);
-  }
-
-  addUserAccess(users: IKeycloakUser[]) {
-    const usersWithRolesPromise = users.map(async (user) => {
-      const foundUser = await UserModel.findOne({ keycloakUserId: user.id }).lean();
-      const foundMobileUser = await UserMobileAccess.findOne({ keycloakUserId: user.id }).lean();
-      if (!foundUser) {
-        return null;
-      }
-      return {
-        ...(_.omit(user, ['id'])),
-        keycloakUserId: user.id,
-        _id: foundUser._id,
-        allBorrowers: foundUser.allBorrowers,
-        borrowersAccess: foundUser.borrowersAccess,
-        lastLogin: foundUser.lastLogin,
-        mobileAccess: {
-          hasAccess: foundMobileUser?.hasAccess ?? false,
-          canSignDocument: foundMobileUser?.canSignDocument ?? false,
-        },
-      };
-    });
-    return Promise.all(usersWithRolesPromise);
-  }
-
-  async getUserAccess(keycloakUserId: string) {
-    const foundUser = await UserModel.findOne({ keycloakUserId }).lean();
-    const borrowersAccess = foundUser.borrowersAccess.map((b) => ({ borrower: b.borrower }));
+  async getUserAccess(userId: string) {
+    const foundUser = await this.getUserById(userId);
+    const borrowersAccess = foundUser.borrowersAccess;
     const complianceBorrowersAccess =
-      (await BorrowerCompliance.find({ 'borrower': { $in: borrowersAccess.map((b) => b.borrower) } }))
+      (await BorrowerCompliance.find({ 'borrower': { $in: borrowersAccess } }))
         .map((b) => ({ borrower: b._id.toString() }));
-    return { allBorrowers: foundUser.allBorrowers, borrowersAccess, complianceBorrowersAccess } as IUser;
-  }
-
-  async getUserAccessByRequest(req): Promise<IUser> {
-    const authorization = req.get('Authorization');
-    if (!authorization) {
-      return null;
-    }
-    const { sub: keycloakUserId }: { sub: string } = jwtDecode(authorization);
-    return await this.getUserAccess(keycloakUserId);
-  }
-
-  async updateUserLastLogin(authorization: string) {
-    const allUsers = await UserModel.find({}).lean();
-
-    await Promise.all(allUsers.map(async (user) => {
-      const reqUrl = `${this.config.keycloakHost}/admin/realms/${this.config.realm}/events?type=LOGIN&user=${user.keycloakUserId}&max=1`;
-      const options = {
-        method: 'GET',
-        url: reqUrl,
-        headers: {
-          'Content-Type': 'application/json',
-          Authorization: `Bearer ${authorization}`,
-        },
-      };
-      const result = await axios.request(options);
-      if (result.data.length > 0) {
-        await UserModel.findByIdAndUpdate(user._id, { lastLogin: new Date(result.data[0].time) });
-      }
-    }));
+    return { allBorrowers: foundUser.allBorrowers, borrowersAccess, complianceBorrowersAccess };
   }
 
   async createUserLoginLog() {
-    const { access_token } = await this.getKeyCloakAdminBearer();
-    const dateFrom = dayjs().subtract(1, 'day').format('YYYY-MM-DD');
-    const reqUrl = `${this.config.keycloakHost}/admin/realms/${this.config.realm}/events?type=LOGIN&dateFrom=${dateFrom}&max=10000`;
-    const options = {
-      method: 'GET',
-      url: reqUrl,
-      headers: {
-        'Content-Type': 'application/json',
-        Authorization: `Bearer ${access_token}`,
-      },
-    };
-    try {
-      const result = await axios.request(options);
-      const userDates: { [userId: string]: Set<string> } = {};
-      result.data.forEach((log: { userId: string, time: number }) => {
-        const timestamp = new Date(log.time);
-        const formattedDate = timestamp.getFullYear() +
-          '-' + ('0' + (timestamp.getMonth() + 1)).slice(-2) +
-          '-' + ('0' + timestamp.getDate()).slice(-2) +
-          'T' + ('0' + timestamp.getHours()).slice(-2) +
-          ':' + ('0' + timestamp.getMinutes()).slice(-2);
-
-        const userId = log.userId;
-        if (!userDates[userId]) {
-          userDates[userId] = new Set<string>();
-        }
-        userDates[userId].add(formattedDate);
-      });
-      await Promise.all(Object.entries(userDates).map(async ([userId, dateSet]) => {
-        const user = await UserModel.findOne({ keycloakUserId: userId });
-        if (!user) {
-          return;
-        }
-        await Promise.all(Array.from(dateSet).map(async (date) => {
-          const existingLog = await this.getUserLogByDate(String(user._id), new Date(date));
-          if (!existingLog) {
-            const newLog: ICreateLogParams = {
-              action: ELogActionType.CREATE,
-              timestamp: new Date(date),
-              logType: ELogType.LOGIN,
-              userId: String(user._id),
-              details: {},
-            };
-            await createLog(newLog);
-          }
-        }));
-      }));
-    } catch (e) {
-      console.error(e);
-    }
+    // const { access_token } = await this.getKeyCloakAdminBearer();
+    // const dateFrom = dayjs().subtract(1, 'day').format('YYYY-MM-DD');
+    // const reqUrl = `${this.config.keycloakHost}/admin/realms/${this.config.realm}/events?type=LOGIN&dateFrom=${dateFrom}&max=10000`;
+    // const options = {
+    //   method: 'GET',
+    //   url: reqUrl,
+    //   headers: {
+    //     'Content-Type': 'application/json',
+    //     Authorization: `Bearer ${access_token}`,
+    //   },
+    // };
+    // try {
+    //   const result = await axios.request(options);
+    //   const userDates: { [userId: string]: Set<string> } = {};
+    //   result.data.forEach((log: { userId: string, time: number }) => {
+    //     const timestamp = new Date(log.time);
+    //     const formattedDate = timestamp.getFullYear() +
+    //       '-' + ('0' + (timestamp.getMonth() + 1)).slice(-2) +
+    //       '-' + ('0' + timestamp.getDate()).slice(-2) +
+    //       'T' + ('0' + timestamp.getHours()).slice(-2) +
+    //       ':' + ('0' + timestamp.getMinutes()).slice(-2);
+    //
+    //     const userId = log.userId;
+    //     if (!userDates[userId]) {
+    //       userDates[userId] = new Set<string>();
+    //     }
+    //     userDates[userId].add(formattedDate);
+    //   });
+    //   await Promise.all(Object.entries(userDates).map(async ([userId, dateSet]) => {
+    //     const user = await UserModel.findOne({ keycloakUserId: userId });
+    //     if (!user) {
+    //       return;
+    //     }
+    //     await Promise.all(Array.from(dateSet).map(async (date) => {
+    //       const existingLog = await this.getUserLogByDate(String(user._id), new Date(date));
+    //       if (!existingLog) {
+    //         const newLog: ICreateLogParams = {
+    //           action: ELogActionType.CREATE,
+    //           timestamp: new Date(date),
+    //           logType: ELogType.LOGIN,
+    //           userId: String(user._id),
+    //           details: {},
+    //         };
+    //         await createLog(newLog);
+    //       }
+    //     }));
+    //   }));
+    // } catch (e) {
+    //   console.error(e);
+    // }
   }
 
   async getUserLogByDate(userId: string, date: Date) {
     return UserLog.findOne({ userId: new mongoose.Types.ObjectId(userId), timestamp: date }).lean();
   }
-
-  async getUserSecrets(keycloakUserId: string, adminAccessToken: string) {
-    const reqUrl = `${this.config.keycloakHost}/admin/realms/${this.config.realm}/users/${keycloakUserId}/credentials`;
-    const options = {
-      method: 'GET',
-      url: reqUrl,
-      headers: {
-        'Content-Type': 'application/json',
-        Authorization: `Bearer ${adminAccessToken}`,
-      },
-    };
-    const result = await axios.request(options);
-    console.log(result.data);
-  }
-
-  async updateUserNames() {
-    const { access_token } = await this.getKeyCloakAdminBearer();
-    const keycloakUsers = await this.getUserList(access_token);
-    const users = await UserModel.find({}).lean();
-    await Promise.all(users.map(async (user) => {
-      const keycloakUser = keycloakUsers.find((u) => u.id === user.keycloakUserId);
-      if (keycloakUser) {
-        await UserModel.findByIdAndUpdate(user._id, {
-          firstName: keycloakUser.firstName,
-          lastName: keycloakUser.lastName,
-        });
-      }
-    }));
-  }
 }