prow-authority 3.6.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (168) hide show
  1. package/.claude/settings.local.json +11 -0
  2. package/.dockerignore +11 -0
  3. package/.github/workflows/_deploy.yml +191 -0
  4. package/.github/workflows/deploy-dev.yml +30 -0
  5. package/.github/workflows/deploy-prod.yml +34 -0
  6. package/CLAUDE.md +114 -0
  7. package/Dockerfile +61 -0
  8. package/Dockerfile.dev +24 -0
  9. package/README.md +1 -0
  10. package/package.json +61 -0
  11. package/src/App.ts +40 -0
  12. package/src/helpers/api-error.ts +21 -0
  13. package/src/helpers/authority.ts +216 -0
  14. package/src/helpers/config.ts +4 -0
  15. package/src/helpers/holded.ts +105 -0
  16. package/src/helpers/mysql.ts +15 -0
  17. package/src/helpers/notifications.ts +55 -0
  18. package/src/helpers/random.ts +18 -0
  19. package/src/helpers/s3.ts +43 -0
  20. package/src/helpers/stripe.ts +8 -0
  21. package/src/index.ts +47 -0
  22. package/src/v1/common-types.ts +12 -0
  23. package/src/v1/controllers/admin/accounting-seat-controller.ts +148 -0
  24. package/src/v1/controllers/admin/billing-cycle-controller.ts +171 -0
  25. package/src/v1/controllers/admin/invoice-controller.ts +222 -0
  26. package/src/v1/controllers/admin/license-controller.ts +190 -0
  27. package/src/v1/controllers/admin/license-limit-controller.ts +160 -0
  28. package/src/v1/controllers/admin/notification-controller.ts +115 -0
  29. package/src/v1/controllers/admin/organization-controller.ts +210 -0
  30. package/src/v1/controllers/admin/organization-license-controller.ts +224 -0
  31. package/src/v1/controllers/admin/organization-license-limit-controller.ts +196 -0
  32. package/src/v1/controllers/admin/organization-usage-controller.ts +167 -0
  33. package/src/v1/controllers/admin/payment-method-controller.ts +173 -0
  34. package/src/v1/controllers/admin/policy-controller.ts +138 -0
  35. package/src/v1/controllers/admin/policy-version-controller.ts +143 -0
  36. package/src/v1/controllers/admin/schedule-controller.ts +181 -0
  37. package/src/v1/controllers/admin/service-controller.ts +206 -0
  38. package/src/v1/controllers/admin/service-notification-controller.ts +166 -0
  39. package/src/v1/controllers/admin/user-controller.ts +282 -0
  40. package/src/v1/controllers/admin/user-organization-controller.ts +172 -0
  41. package/src/v1/controllers/admin/user-policy-controller.ts +164 -0
  42. package/src/v1/controllers/auth/@deprecated oauth-controller.ts +191 -0
  43. package/src/v1/controllers/auth/identity-token-controller.ts +286 -0
  44. package/src/v1/controllers/auth/organization-token-controller.ts +277 -0
  45. package/src/v1/controllers/auth/temp-code-controller.ts +60 -0
  46. package/src/v1/controllers/billing/billing-controller.ts +805 -0
  47. package/src/v1/controllers/organizations/public-organization-controller.ts +1796 -0
  48. package/src/v1/controllers/policies/public-policy-controller.ts +68 -0
  49. package/src/v1/controllers/services/public-service-controller.ts +177 -0
  50. package/src/v1/controllers/services/service-controller.ts +474 -0
  51. package/src/v1/controllers/users/public-user-controller.ts +471 -0
  52. package/src/v1/daos/@deprecated auth-dao.ts +173 -0
  53. package/src/v1/daos/accounting-seat-dao.ts +111 -0
  54. package/src/v1/daos/billing-cycle-dao.ts +107 -0
  55. package/src/v1/daos/invoice-dao.ts +131 -0
  56. package/src/v1/daos/license-dao.ts +152 -0
  57. package/src/v1/daos/license-limit-dao.ts +120 -0
  58. package/src/v1/daos/organization-dao.ts +109 -0
  59. package/src/v1/daos/organization-license-dao.ts +117 -0
  60. package/src/v1/daos/organization-license-limit-dao.ts +157 -0
  61. package/src/v1/daos/organization-usage-dao.ts +115 -0
  62. package/src/v1/daos/payment-method-dao.ts +110 -0
  63. package/src/v1/daos/policy-dao.ts +105 -0
  64. package/src/v1/daos/policy-version-dao.ts +112 -0
  65. package/src/v1/daos/redis-dao.ts +38 -0
  66. package/src/v1/daos/schema.sql +462 -0
  67. package/src/v1/daos/service-dao.ts +118 -0
  68. package/src/v1/daos/service-notification-dao.ts +120 -0
  69. package/src/v1/daos/user-dao.ts +127 -0
  70. package/src/v1/daos/user-organization-dao.ts +123 -0
  71. package/src/v1/daos/user-policy-dao.ts +109 -0
  72. package/src/v1/middlewares/auth/identity-token-middleware.ts +51 -0
  73. package/src/v1/middlewares/auth/organization-token-middleware.ts +73 -0
  74. package/src/v1/middlewares/auth/service-token-middleware.ts +167 -0
  75. package/src/v1/middlewares/authority-middleware.ts +97 -0
  76. package/src/v1/middlewares/organizations/organization-middleware.ts +94 -0
  77. package/src/v1/middlewares/static/static-middleware.ts +41 -0
  78. package/src/v1/middlewares/users/user-middleware.ts +41 -0
  79. package/src/v1/routes/admin/accounting-seat-router.ts +89 -0
  80. package/src/v1/routes/admin/admin-router.ts +61 -0
  81. package/src/v1/routes/admin/billing-cycle-router.ts +89 -0
  82. package/src/v1/routes/admin/invoice-router.ts +89 -0
  83. package/src/v1/routes/admin/license-limit-router.ts +89 -0
  84. package/src/v1/routes/admin/license-router.ts +89 -0
  85. package/src/v1/routes/admin/notification-router.ts +61 -0
  86. package/src/v1/routes/admin/organization-license-limit-router.ts +89 -0
  87. package/src/v1/routes/admin/organization-license-router.ts +89 -0
  88. package/src/v1/routes/admin/organization-router.ts +89 -0
  89. package/src/v1/routes/admin/payment-method-router.ts +89 -0
  90. package/src/v1/routes/admin/policy-router.ts +89 -0
  91. package/src/v1/routes/admin/policy-version-router.ts +89 -0
  92. package/src/v1/routes/admin/schedule-router.ts +75 -0
  93. package/src/v1/routes/admin/service-notification-router.ts +98 -0
  94. package/src/v1/routes/admin/service-router.ts +89 -0
  95. package/src/v1/routes/admin/user-organization-router.ts +89 -0
  96. package/src/v1/routes/admin/user-policy-router.ts +89 -0
  97. package/src/v1/routes/admin/user-router.ts +89 -0
  98. package/src/v1/routes/auth/@deprecated auth-router.ts +199 -0
  99. package/src/v1/routes/auth/identity-token-router.ts +147 -0
  100. package/src/v1/routes/auth/organization-token-router.ts +70 -0
  101. package/src/v1/routes/billing/billing-router.ts +227 -0
  102. package/src/v1/routes/organizations/invoices-router.ts +48 -0
  103. package/src/v1/routes/organizations/payments-router.ts +104 -0
  104. package/src/v1/routes/organizations/public-organization-router.ts +319 -0
  105. package/src/v1/routes/organizations/users-router.ts +139 -0
  106. package/src/v1/routes/policies/public-policy-router.ts +50 -0
  107. package/src/v1/routes/services/public-service-router.ts +89 -0
  108. package/src/v1/routes/services/service-router.ts +197 -0
  109. package/src/v1/routes/users/public-user-router.ts +230 -0
  110. package/src/v1/routes/v1-router.ts +50 -0
  111. package/src/v1/schemas/admin/accounting-seat-schemas.ts +22 -0
  112. package/src/v1/schemas/admin/billing-cycle-schemas.ts +20 -0
  113. package/src/v1/schemas/admin/invoice-schemas.ts +41 -0
  114. package/src/v1/schemas/admin/license-limit-schemas.ts +25 -0
  115. package/src/v1/schemas/admin/license-schemas.ts +30 -0
  116. package/src/v1/schemas/admin/organization-license-limit-schemas.ts +29 -0
  117. package/src/v1/schemas/admin/organization-license-schemas.ts +43 -0
  118. package/src/v1/schemas/admin/organization-schemas.ts +67 -0
  119. package/src/v1/schemas/admin/organization-usage-schemas.ts +15 -0
  120. package/src/v1/schemas/admin/payment-method-schemas.ts +40 -0
  121. package/src/v1/schemas/admin/policy-schemas.ts +31 -0
  122. package/src/v1/schemas/admin/service-notification-schemas.ts +23 -0
  123. package/src/v1/schemas/admin/service-schemas.ts +56 -0
  124. package/src/v1/schemas/admin/user-organization-schemas.ts +24 -0
  125. package/src/v1/schemas/admin/user-policy-schemas.ts +17 -0
  126. package/src/v1/schemas/admin/user-schemas.ts +52 -0
  127. package/src/v1/schemas/auth/auth-schemas.ts +55 -0
  128. package/src/v1/schemas/billing/billing-schemas.ts +32 -0
  129. package/src/v1/schemas/organizations/public-organization-schemas.ts +77 -0
  130. package/src/v1/schemas/payments/payment-method-schemas.ts +0 -0
  131. package/src/v1/schemas/services/public-service-schemas.ts +5 -0
  132. package/src/v1/schemas/services/service-schemas.ts +27 -0
  133. package/src/v1/schemas/users/public-user-schemas.ts +73 -0
  134. package/src/v1/types/admin/accounting-seat-types.ts +16 -0
  135. package/src/v1/types/admin/billing-cycle-types.ts +14 -0
  136. package/src/v1/types/admin/invoice-types.ts +39 -0
  137. package/src/v1/types/admin/license-limit-types.ts +16 -0
  138. package/src/v1/types/admin/license-types.ts +29 -0
  139. package/src/v1/types/admin/organization-license-limit-types.ts +13 -0
  140. package/src/v1/types/admin/organization-license-types.ts +21 -0
  141. package/src/v1/types/admin/organization-types.ts +60 -0
  142. package/src/v1/types/admin/organization-usage-types.ts +17 -0
  143. package/src/v1/types/admin/payment-method-types.ts +30 -0
  144. package/src/v1/types/admin/policy-types.ts +9 -0
  145. package/src/v1/types/admin/policy-version-types.ts +12 -0
  146. package/src/v1/types/admin/service-notification-types.ts +20 -0
  147. package/src/v1/types/admin/service-types.ts +36 -0
  148. package/src/v1/types/admin/user-organization-types.ts +31 -0
  149. package/src/v1/types/admin/user-types.ts +44 -0
  150. package/src/v1/types/auth/@deprecated auth-types.ts +26 -0
  151. package/src/v1/types/auth/common-types.ts +7 -0
  152. package/src/v1/types/auth/confirmation-types.ts +5 -0
  153. package/src/v1/types/auth/identity-token-types.ts +8 -0
  154. package/src/v1/types/auth/organization-token-types.ts +23 -0
  155. package/src/v1/types/auth/otp-types.ts +12 -0
  156. package/src/v1/types/billing/billing-types.ts +37 -0
  157. package/src/v1/types/billing/ue-types.ts +29 -0
  158. package/src/v1/types/organizations/public-organization-types.ts +76 -0
  159. package/src/v1/types/policies/public-policy-types.ts +7 -0
  160. package/src/v1/types/services/public-service-types.ts +20 -0
  161. package/src/v1/types/services/service-types.ts +43 -0
  162. package/src/v1/types/users/public-user-types.ts +15 -0
  163. package/src/v1/types/users/user-policy-types.ts +11 -0
  164. package/static/error.html +55 -0
  165. package/static/grant.html +117 -0
  166. package/static/login.html +54 -0
  167. package/static/oauth-client-logo.webp +0 -0
  168. package/tsconfig.json +20 -0
@@ -0,0 +1,172 @@
1
+ import { JSON2 } from "@beseif-solutions/utility-functions/dist/utils/json-utils";
2
+ import { Where } from "@beseif-solutions/utility-functions/dist/utils/sql-utils";
3
+ import { DeepPartial } from "@beseif-solutions/utility-functions/dist/utils/typing-utils";
4
+ import { Schema, Validator } from "@beseif-solutions/utility-functions/dist/utils/validation-utils";
5
+ import userOrganizationDao from "../../daos/user-organization-dao";
6
+ import { addUserOrganizationSchema, updateUserOrganizationSchema } from "../../schemas/admin/user-organization-schemas";
7
+ import { DBRecord, UserOrganization, UserOrganizationRole } from "../../types/admin/user-organization-types";
8
+ import organizationController from "./organization-controller";
9
+ import { Date2, Formats } from "@beseif-solutions/utility-functions/dist/utils/date-utils";
10
+ import userController from "./user-controller";
11
+ import { UserStatus } from "../../types/admin/user-types";
12
+ import { newUUIDv4 } from "@beseif-solutions/utility-functions/dist/utils/string-utils";
13
+ import { Modifiers } from "../../common-types";
14
+
15
+ type Add = Omit<UserOrganization, `id` | `created_date` | `modified_date`>;
16
+
17
+ type Update = DeepPartial<Add>;
18
+
19
+ class UserOrganizationCtrl {
20
+ public readonly get = async (id: number): Promise<UserOrganization[]> => {
21
+ try {
22
+ const db = await userOrganizationDao.get({ id: id });
23
+ const response = await this.parse(db);
24
+ return response;
25
+ } catch (e) { throw e; }
26
+ };
27
+
28
+ public readonly list = async (params: Where<UserOrganization>, options: Modifiers = {}): Promise<UserOrganization[]> => {
29
+ try {
30
+ const db = await userOrganizationDao.list({ ...params }, options);
31
+ const response = await this.parse(db);
32
+ return response;
33
+ } catch (e) { throw e; }
34
+ };
35
+
36
+ public readonly count = async (params: Where<UserOrganization>): Promise<{ count: number }> => {
37
+ try {
38
+ const response = (await userOrganizationDao.count({ ...params }))[0];
39
+ return response;
40
+ } catch (e) { throw e; }
41
+ };
42
+
43
+ public readonly add = async (data: Add): Promise<UserOrganization[]> => {
44
+ try {
45
+ Validator.validate(addUserOrganizationSchema, data);
46
+ await this.check(data);
47
+
48
+ const { insertId } = await userOrganizationDao.add({
49
+ user: data.user,
50
+ organization: data.organization,
51
+ role: data.role,
52
+ invite: data.invite,
53
+ invited_by: data.invited_by,
54
+ preferences: data.preferences,
55
+ enabled: data.enabled,
56
+ metadata: data.metadata,
57
+ });
58
+
59
+ return await this.get(insertId);
60
+ } catch (e) { throw e; }
61
+ };
62
+
63
+ public readonly update = async (id: number, data: Update): Promise<UserOrganization[]> => {
64
+ try {
65
+ Validator.validate(updateUserOrganizationSchema, data);
66
+
67
+ const old = (await this.get(id))[0];
68
+ if (!old) { throw new Error(`Organization with id ${id} doesn't exist`); }
69
+
70
+ const merged = JSON2.deepClean(JSON2.deepMerge({}, old, data)) as UserOrganization;
71
+
72
+ await this.check(merged, old);
73
+
74
+ const { affectedRows } = await userOrganizationDao.update({ id: id }, {
75
+ user: merged.user,
76
+ organization: merged.organization,
77
+ role: merged.role,
78
+ invite: merged.invite,
79
+ invited_by: merged.invited_by,
80
+ preferences: merged.preferences,
81
+ enabled: merged.enabled,
82
+ metadata: merged.metadata,
83
+ });
84
+
85
+ if (affectedRows <= 0) { throw new Error(`Could not update organization with id ${id}`); }
86
+
87
+ return await this.get(id);
88
+ } catch (e) { throw e; }
89
+
90
+ };
91
+
92
+ public readonly delete = async (id: number): Promise<{ deleted: boolean }> => {
93
+ try {
94
+ Validator.validate(Schema.number(), id);
95
+ const { affectedRows } = await userOrganizationDao.delete({ id: id });
96
+ return { deleted: affectedRows > 0 };
97
+ } catch (e) { throw e; }
98
+ };
99
+
100
+ private readonly check = async (data: Add | UserOrganization, old?: UserOrganization): Promise<void> => {
101
+ try {
102
+ if (!old || data.user !== old.user) {
103
+ const user = (await userController.list({ id: data.user, status: { is: UserStatus.Blocked, inverse: true } }, { password: false }))[0];
104
+ if (!user) { throw new Error(`No user ${data.user} found`); }
105
+ if (user.omnipotent) { throw new Error(`Invalid user ${data.user} provided`); }
106
+ }
107
+
108
+ if (data.invited_by && (!old || data.invited_by !== old.invited_by)) {
109
+ const invitedBy = (await userController.list({ id: data.invited_by, status: { is: UserStatus.Blocked, inverse: true } }, { password: false }))[0];
110
+ if (!invitedBy) { throw new Error(`No user ${data.invited_by} found`); }
111
+ }
112
+
113
+ if (!old || data.organization !== old.organization) {
114
+ const organization = (await organizationController.list({ id: data.organization }))[0];
115
+ if (!organization) { throw new Error(`No organization ${data.organization} found`); }
116
+ }
117
+
118
+ if (!old) {
119
+ const related = (await this.list({ organization: data.organization, user: data.user }))[0];
120
+ if (related) { throw new Error(`User ${data.user} is already on organization ${data.organization}`); }
121
+ }
122
+
123
+ if (data.role === UserOrganizationRole.Owner) {
124
+ const owner = (await this.list({ organization: data.organization, role: UserOrganizationRole.Owner }))[0];
125
+ if (owner && owner.user !== data.user) { throw new Error(`Only one owner is allowed per organization`); }
126
+ }
127
+ } catch (e) {
128
+ throw e;
129
+ }
130
+ };
131
+
132
+ public readonly getFreeInvite = async (id: number): Promise<string> => {
133
+ try {
134
+ let uuid: string;
135
+ do {
136
+ uuid = newUUIDv4({ case: `lower` });
137
+ const exists = (await userOrganizationDao.list({ invite: uuid, organization: id }))[0];
138
+ if (!exists) { break; }
139
+ } while (true);
140
+ return uuid;
141
+ } catch (e) { throw e; }
142
+ };
143
+
144
+ private readonly parse = async (records: DBRecord[]): Promise<UserOrganization[]> => {
145
+ try {
146
+ const response: UserOrganization[] = [];
147
+
148
+ for (const record of records) {
149
+ const p: UserOrganization = {
150
+ id: record.id,
151
+ user: record.user,
152
+ organization: record.organization,
153
+ role: record.role,
154
+ invite: record.invite,
155
+ invited_by: record.invited_by,
156
+ preferences: record.preferences,
157
+ created_date: new Date2(record.created_date).format(Formats.ISO),
158
+ modified_date: new Date2(record.modified_date).format(Formats.ISO),
159
+ enabled: record.enabled ? true : false,
160
+ metadata: record.metadata,
161
+ };
162
+
163
+ response.push(p);
164
+ }
165
+
166
+ return response;
167
+ } catch (e) { throw e; }
168
+ };
169
+ }
170
+
171
+ const userOrganizationController = new UserOrganizationCtrl();
172
+ export default userOrganizationController;
@@ -0,0 +1,164 @@
1
+ import { Date2, Formats } from "@beseif-solutions/utility-functions/dist/utils/date-utils";
2
+ import { Where } from "@beseif-solutions/utility-functions/dist/utils/sql-utils";
3
+ import { DeepPartial } from "@beseif-solutions/utility-functions/dist/utils/typing-utils";
4
+ import { Validator } from "@beseif-solutions/utility-functions/dist/utils/validation-utils";
5
+ import APIError, { StatusCodes } from '../../../helpers/api-error';
6
+ import userPolicyDao from '../../daos/user-policy-dao';
7
+ import { addUserPolicySchema, updateUserPolicySchema } from '../../schemas/admin/user-policy-schemas';
8
+ import { DBRecord, UserPolicy } from '../../types/users/user-policy-types';
9
+ import { Modifiers } from '../../common-types';
10
+ import policyController from './policy-controller';
11
+ import policyVersionController from './policy-version-controller';
12
+ import userController from './user-controller';
13
+ import { JSON2 } from "@beseif-solutions/utility-functions/dist/utils/json-utils";
14
+
15
+ type Add = Omit<UserPolicy, 'id' | 'informed_date'>;
16
+ type Update = DeepPartial<Omit<UserPolicy, 'id' | 'informed_date'>>;
17
+
18
+ class UserPolicyController {
19
+ public readonly get = async (id: number): Promise<UserPolicy[]> => {
20
+ try {
21
+ const db = await userPolicyDao.get({ id: id });
22
+ const response = await this.parse(db);
23
+ return response;
24
+ } catch (e) { throw e; }
25
+ };
26
+
27
+ public readonly list = async (params: Where<UserPolicy>, options: Modifiers = {}): Promise<UserPolicy[]> => {
28
+ try {
29
+ const db = await userPolicyDao.list(params, options);
30
+ const response = await this.parse(db);
31
+ return response;
32
+ } catch (e) {
33
+ throw e;
34
+ }
35
+ };
36
+
37
+ public readonly add = async (data: Add): Promise<UserPolicy[]> => {
38
+ try {
39
+ await Validator.validateAsync(addUserPolicySchema, data);
40
+ await this.check(data);
41
+
42
+ const { insertId } = await userPolicyDao.add({
43
+ user: data.user,
44
+ policy: data.policy,
45
+ version: data.version,
46
+ metadata: data.metadata || {},
47
+ internal: data.internal || {},
48
+ });
49
+
50
+ return await this.get(insertId);
51
+ } catch (e) { throw e; }
52
+ };
53
+
54
+ public readonly update = async (id: number, data: Update): Promise<UserPolicy[]> => {
55
+ try {
56
+ await Validator.validateAsync(updateUserPolicySchema, data);
57
+
58
+ const old = (await this.get(id))[0];
59
+ if (!old) {
60
+ throw new APIError({
61
+ code: StatusCodes.NOT_FOUND,
62
+ detail: `User policy with id ${id} not found.`,
63
+ });
64
+ }
65
+
66
+ const merged = JSON2.deepClean(JSON2.deepMerge({}, old, data)) as UserPolicy;
67
+ await this.check(merged, old);
68
+
69
+ const { affectedRows } = await userPolicyDao.update({ id: id }, {
70
+ user: merged.user,
71
+ policy: merged.policy,
72
+ version: merged.version,
73
+ metadata: merged.metadata,
74
+ internal: merged.internal,
75
+ });
76
+
77
+ if (affectedRows <= 0) {
78
+ throw new APIError({
79
+ code: StatusCodes.INTERNAL_SERVER_ERROR,
80
+ detail: `Could not update user policy with id ${id}`,
81
+ });
82
+ }
83
+
84
+ return await this.get(id);
85
+ } catch (e) { throw e; }
86
+ };
87
+
88
+ public readonly delete = async (id: number): Promise<{ deleted: boolean }> => {
89
+ try {
90
+ const userPolicy = (await this.get(id))[0];
91
+ if (!userPolicy) {
92
+ throw new APIError({
93
+ code: StatusCodes.NOT_FOUND,
94
+ detail: `User policy with id ${id} not found.`,
95
+ });
96
+ }
97
+
98
+ const { affectedRows } = await userPolicyDao.delete({ id: id });
99
+ return { deleted: affectedRows > 0 };
100
+ } catch (e) { throw e; }
101
+ };
102
+
103
+ private readonly check = async (data: Add | UserPolicy, old?: UserPolicy): Promise<void> => {
104
+ try {
105
+ // verify user exists
106
+ if (!old || data.user !== old.user) {
107
+ const user = (await userController.get(data.user, { password: false }))[0];
108
+ if (!user) {
109
+ throw new APIError({
110
+ code: StatusCodes.BAD_REQUEST,
111
+ detail: `User with id ${data.user} not found.`,
112
+ });
113
+ }
114
+ }
115
+
116
+ // verify policy exists
117
+ if (!old || data.policy !== old.policy) {
118
+ const policy = (await policyController.get(data.policy))[0];
119
+ if (!policy) {
120
+ throw new APIError({
121
+ code: StatusCodes.BAD_REQUEST,
122
+ detail: `Policy with id ${data.policy} not found.`,
123
+ });
124
+ }
125
+ }
126
+
127
+ // verify version exists and belongs to policy
128
+ if (!old || data.version !== old.version || data.policy !== old.policy) {
129
+ const version = (await policyVersionController.get(data.version))[0];
130
+ if (!version) {
131
+ throw new APIError({
132
+ code: StatusCodes.BAD_REQUEST,
133
+ detail: `Policy version with id ${data.version} not found.`,
134
+ });
135
+ }
136
+
137
+ if (version.policy !== data.policy) {
138
+ throw new APIError({
139
+ code: StatusCodes.BAD_REQUEST,
140
+ detail: `Policy version ${data.version} does not belong to policy ${data.policy}.`,
141
+ });
142
+ }
143
+ }
144
+ } catch (e) { throw e; }
145
+ };
146
+
147
+ private readonly parse = async (data: DBRecord[]): Promise<UserPolicy[]> => {
148
+ try {
149
+ const response: UserPolicy[] = data.map((record) => ({
150
+ id: record.id,
151
+ user: record.user,
152
+ policy: record.policy,
153
+ version: record.version,
154
+ metadata: record.metadata,
155
+ internal: record.internal,
156
+ informed_date: new Date2(record.informed_date).format(Formats.ISO),
157
+ }));
158
+ return response;
159
+ } catch (e) { throw e; }
160
+ };
161
+ }
162
+
163
+ const userPolicyController = new UserPolicyController();
164
+ export default userPolicyController;
@@ -0,0 +1,191 @@
1
+ // import { newUUIDv4 } from '@beseif-solutions/utility-functions/dist/utils/string-utils';
2
+ // import { Validator } from '@beseif-solutions/utility-functions/dist/utils/validation-utils';
3
+ // import APIError, { StatusCodes } from '../../../helpers/api-error';
4
+ // import nconf from '../../../helpers/config';
5
+ // import tokenDao from '../../daos/token-dao';
6
+ // import { refreshSchema } from '../../schemas/auth-schemas';
7
+ // import { AccessInformation, BearerAuthorization, RefreshInformation } from '../../types/auth-types';
8
+ // import { User, UserStatus } from '../../types/user-types';
9
+ // import userCtrl from '../user-controller';
10
+
11
+ // class OAuthController {
12
+
13
+ // public readonly checkToken = async (token: string): Promise<User> => {
14
+ // try {
15
+ // const payload = jwt.verify(token, nconf.get(`SECRET`));
16
+ // if (!payload) { throw new Error(`Invalid token`); }
17
+
18
+ // const user = await authDao.findUserLoginById(payload[`id`]);
19
+ // if (!user) { throw new Error(`Invalid or expired token`); }
20
+
21
+ // return await this.getUser(user);
22
+ // } catch (e) { throw e; }
23
+ // };
24
+
25
+ // // oauth credentials
26
+ // public readonly login = async (username: string, password: string): Promise<{ success: boolean, user?: UserLogin }> => {
27
+ // try {
28
+ // const user = await authDao.findUserLoginByUsername(username);
29
+ // if (!user || !(await bcrypt.compare(password, user.password))) { return { success: false }; }
30
+ // return { success: true, user: user };
31
+ // } catch (e) { throw e; }
32
+ // };
33
+
34
+ // public readonly startOAuthSession = async (data: StartOAuth): Promise<Session> => {
35
+ // try {
36
+ // if (data.response_type !== `code`) { throw new Error(`This OAuth implementation only allows code response_type`); }
37
+ // if (data.access_type !== `offline`) { throw new Error(`This OAuth implementation only allows offline access_type`); }
38
+ // if (_.some(data.scope.split(` `), (scope) => !SCOPES.includes(scope))) { throw new Error(`Invalid requested scope: ${data.scope}`); }
39
+
40
+ // const client = await authDao.findOAuthClientById(data.client_id);
41
+ // if (!client) { throw new Error(`Invalid client_id`); }
42
+
43
+ // if (!client.redirects.includes(data.redirect_uri)) { throw new Error(`Invalid redirect`); }
44
+
45
+ // const session = await authDao.addOAuthSession({
46
+ // client_id: client.id,
47
+ // redirect_uri: data.redirect_uri,
48
+ // scope: data.scope,
49
+ // });
50
+
51
+ // return {
52
+ // token: session.token,
53
+ // client: client,
54
+ // };
55
+ // } catch (e) { throw e; }
56
+ // };
57
+
58
+ // public readonly recoverOAuthSession = async (token: string): Promise<Session> => {
59
+ // try {
60
+ // const session = await authDao.findOAuthSessionByToken(token);
61
+ // if (!session) { throw new Error(`Invalid session token`); }
62
+
63
+ // const client = await authDao.findOAuthClientById(session.client_id);
64
+ // if (!client) { throw new Error(`Invalid client_id`); }
65
+
66
+ // return {
67
+ // token: session.token,
68
+ // client: client,
69
+ // };
70
+ // } catch (e) { throw e; }
71
+ // };
72
+
73
+ // public readonly setUserOnOAuthSession = async (token: string, id: number): Promise<Session> => {
74
+ // try {
75
+ // const user = await authDao.findUserLoginById(id);
76
+
77
+ // const session = await authDao.updateOAuthSession(token, { user: user.id });
78
+
79
+ // const client = await authDao.findOAuthClientById(session.client_id);
80
+ // if (!client) { throw new Error(`Invalid client_id`); }
81
+
82
+ // return {
83
+ // token: session.token,
84
+ // client: client,
85
+ // user: await this.getUser(user),
86
+ // };
87
+ // } catch (e) { throw e; }
88
+ // };
89
+
90
+ // public readonly grantOAuthSession = async (token: string): Promise<{ redirect: string }> => {
91
+ // try {
92
+ // const session = await authDao.findOAuthSessionByToken(token);
93
+ // if (!session) { throw new Error(`Invalid session token`); }
94
+ // if (!session.user) { throw new Error(`Invalid session`); }
95
+
96
+ // const { code } = await authDao.addOAuthCode({ session: session.token });
97
+
98
+ // const MAX_CONNECT_TIME = 30000;
99
+ // setTimeout(async (t: string, c: string) => {
100
+ // await authDao.deleteOAuthSessionByToken(t);
101
+ // await authDao.deleteOAuthCodeByCode(c);
102
+ // }, MAX_CONNECT_TIME, token, code);
103
+
104
+
105
+ // const url = new URL(session.redirect_uri);
106
+ // url.searchParams.set(`code`, code);
107
+
108
+ // return { redirect: url.toString() };
109
+ // } catch (e) { throw e; }
110
+ // };
111
+
112
+ // public readonly cancelOauthSession = async (token: string): Promise<{ redirect: string }> => {
113
+ // try {
114
+ // const session = await authDao.findOAuthSessionByToken(token);
115
+ // if (!session) { throw new Error(`Invalid session token`); }
116
+
117
+ // await authDao.deleteOAuthSessionByToken(token);
118
+
119
+ // const url = new URL(session.redirect_uri);
120
+ // url.searchParams.set(`error`, `access_denied`);
121
+ // url.searchParams.set(`error_description`, `User cancelled the OAuth process`);
122
+
123
+ // return { redirect: url.toString() };
124
+ // } catch (e) { throw e; }
125
+ // };
126
+
127
+ // // exchange code / refresh token
128
+ // public readonly oauthToken = async (data: Exchange): Promise<OAuth> => {
129
+ // try {
130
+ // const client = await authDao.findOAuthClientById(data.client_id);
131
+ // if (!client) { throw new Error(`Invalid code: not client_id`); }
132
+
133
+ // if (client.secret !== data.client_secret) { throw new Error(`Invalid code: client_secret`); }
134
+
135
+ // let id: string;
136
+ // let refresh: string;
137
+ // let user: User;
138
+ // if (data.grant_type === `authorization_code`) {
139
+ // const code = await authDao.findOAuthCodeByCode(data.code);
140
+ // if (!code) { throw new Error(`Invalid code: not found`); }
141
+
142
+ // const session = await authDao.findOAuthSessionByToken(code.session);
143
+ // if (!session) { throw new Error(`Expired code`); }
144
+
145
+ // if (data.redirect_uri !== session.redirect_uri) { throw new Error(`Invalid code: redirect_uri`); }
146
+ // if (data.client_id !== session.client_id) { throw new Error(`Invalid code: client_id`); }
147
+ // if (data.scope !== session.scope) { throw new Error(`Invalid code: scope`); }
148
+
149
+ // user = await authDao.findUserLoginById(session.user);
150
+ // if (!user) { throw new Error(`Invalid code: no user`); }
151
+
152
+ // id = jwt.sign(`${user.id}`, nconf.get(`SECRET`));
153
+ // await authDao.addOAuthLogin({ id: id });
154
+
155
+ // refresh = jwt.sign(id, nconf.get(`SECRET`));
156
+
157
+ // await authDao.deleteOAuthSessionByToken(session.token);
158
+ // await authDao.deleteOAuthCodeByCode(data.code);
159
+ // } else if (data.grant_type === `refresh_token`) {
160
+ // id = jwt.verify(data.refresh_token, nconf.get(`SECRET`)) as string;
161
+
162
+ // const login = await authDao.findOAuthLoginById(id);
163
+ // if (!login) { throw new Error(`Invalid refresh_token`); }
164
+
165
+ // const userId = parseInt(jwt.verify(login.id, nconf.get(`SECRET`)) as string, 10);
166
+ // user = await authDao.findUserLoginById(userId);
167
+ // if (!user) { throw new Error(`Invalid refresh_code: no user`); }
168
+ // } else { throw new Error(`This OAuth implementation doesn't allow specified grant_type`); }
169
+
170
+ // const EXPIRATION = 3600;
171
+ // const token = jwt.sign({ id: user.id }, nconf.get(`SECRET`), { expiresIn: EXPIRATION });
172
+ // return {
173
+ // id_token: id,
174
+ // token_type: `Bearer`,
175
+ // access_token: token,
176
+ // expires_in: EXPIRATION,
177
+ // refresh_token: refresh,
178
+ // };
179
+ // } catch (e) { throw e; }
180
+ // };
181
+
182
+ // // revoke token
183
+ // public readonly revokeToken = async (id: string): Promise<void> => {
184
+ // try {
185
+ // await authDao.deleteOAuthLoginById(id);
186
+ // } catch (e) { throw e; }
187
+ // };
188
+
189
+ // }
190
+ // const oauthController = new OAuthController();
191
+ // export default oauthController;