starta.microservice 0.1.4874 → 0.1.4879
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/adapters/database/DBScripts/DBInitialise.js +3 -12
- package/lib/adapters/database/DBScripts/DBInitialise.js.map +1 -1
- package/lib/adapters/database/index.js +45 -62
- package/lib/adapters/database/index.js.map +1 -1
- package/lib/adapters/logger/index.js +27 -17
- package/lib/adapters/logger/index.js.map +1 -1
- package/lib/adapters/{rabbitmq/index.d.ts → messageBroker/Rabbitmq.d.ts} +4 -6
- package/lib/adapters/messageBroker/Rabbitmq.js +159 -0
- package/lib/adapters/messageBroker/Rabbitmq.js.map +1 -0
- package/lib/adapters/messageBroker/SnsSqs.d.ts +18 -0
- package/lib/adapters/messageBroker/SnsSqs.js +273 -0
- package/lib/adapters/messageBroker/SnsSqs.js.map +1 -0
- package/lib/adapters/messageBroker/index.d.ts +16 -0
- package/lib/adapters/messageBroker/index.js +45 -0
- package/lib/adapters/messageBroker/index.js.map +1 -0
- package/lib/adapters/messageBroker/types.d.ts +11 -0
- package/lib/adapters/messageBroker/types.js +3 -0
- package/lib/adapters/messageBroker/types.js.map +1 -0
- package/lib/adapters/redisService/Publisher.js +2 -13
- package/lib/adapters/redisService/Publisher.js.map +1 -1
- package/lib/adapters/redisService/RedisAdapter.js +59 -100
- package/lib/adapters/redisService/RedisAdapter.js.map +1 -1
- package/lib/adapters/redisService/index.d.ts +0 -2
- package/lib/adapters/redisService/index.js +159 -281
- package/lib/adapters/redisService/index.js.map +1 -1
- package/lib/agenda/index.js +10 -20
- package/lib/agenda/index.js.map +1 -1
- package/lib/config.d.ts +2 -0
- package/lib/config.js +2 -0
- package/lib/config.js.map +1 -1
- package/lib/entities/Account.js +2 -14
- package/lib/entities/Account.js.map +1 -1
- package/lib/helpers/index.js +7 -1
- package/lib/helpers/index.js.map +1 -1
- package/lib/repositories/Repository.js +178 -207
- package/lib/repositories/Repository.js.map +1 -1
- package/lib/services/ServiceExecutor.d.ts +3 -3
- package/lib/services/ServiceExecutor.js +34 -48
- package/lib/services/ServiceExecutor.js.map +1 -1
- package/lib/services/ServiceExecutorHandler.js +264 -283
- package/lib/services/ServiceExecutorHandler.js.map +1 -1
- package/lib/services/ServiceFactoryBase.d.ts +3 -3
- package/lib/services/ServiceFactoryBase.js +2 -2
- package/lib/services/ServiceFactoryBase.js.map +1 -1
- package/lib/services/ServiceHandlerBase.d.ts +3 -3
- package/lib/services/ServiceHandlerBase.js +54 -72
- package/lib/services/ServiceHandlerBase.js.map +1 -1
- package/lib/services/dataSelectors.js +1 -1
- package/lib/services/dataSelectors.js.map +1 -1
- package/package.json +1 -1
- package/lib/adapters/rabbitmq/index.js +0 -184
- package/lib/adapters/rabbitmq/index.js.map +0 -1
|
@@ -22,15 +22,6 @@ var __importStar = (this && this.__importStar) || function (mod) {
|
|
|
22
22
|
__setModuleDefault(result, mod);
|
|
23
23
|
return result;
|
|
24
24
|
};
|
|
25
|
-
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
26
|
-
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
27
|
-
return new (P || (P = Promise))(function (resolve, reject) {
|
|
28
|
-
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
29
|
-
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
30
|
-
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
31
|
-
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
32
|
-
});
|
|
33
|
-
};
|
|
34
25
|
var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
|
|
35
26
|
if (kind === "m") throw new TypeError("Private method is not writable");
|
|
36
27
|
if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
|
|
@@ -73,319 +64,309 @@ class ServiceExecutorHandler {
|
|
|
73
64
|
__classPrivateFieldSet(this, _ServiceExecutorHandler_serviceExecutor, serviceExecutor, "f");
|
|
74
65
|
__classPrivateFieldSet(this, _ServiceExecutorHandler_serviceFactory, serviceFactory, "f");
|
|
75
66
|
}
|
|
76
|
-
execute(originalRequest, response) {
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
__classPrivateFieldGet(this,
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
}
|
|
119
|
-
if ((executionResult === null || executionResult === void 0 ? void 0 : executionResult._filePath) && executionResult._filePathToReplace) {
|
|
120
|
-
let diff = process.hrtime(startTime);
|
|
121
|
-
let timeInMilliseconds = diff[0] * 1000 + diff[1] / 1000000;
|
|
122
|
-
__classPrivateFieldGet(this, _ServiceExecutorHandler_logger, "f").generic.info("Request finished with download file, status: 200", { taskDuration: timeInMilliseconds, statusCode: 200 });
|
|
123
|
-
return response.download(path.resolve(executionResult._filePath), executionResult._filePathToReplace);
|
|
124
|
-
}
|
|
125
|
-
if (executionResult === null || executionResult === void 0 ? void 0 : executionResult._filePath) {
|
|
126
|
-
const s3 = aws_1.default.getS3();
|
|
127
|
-
var options = {
|
|
128
|
-
Bucket: config_1.default.aws.bucketname,
|
|
129
|
-
Key: executionResult === null || executionResult === void 0 ? void 0 : executionResult._filePath,
|
|
130
|
-
};
|
|
131
|
-
try {
|
|
132
|
-
yield s3.headObject(options).promise();
|
|
133
|
-
response.set('Cache-control', 'public, max-age=100000');
|
|
134
|
-
response.attachment(executionResult === null || executionResult === void 0 ? void 0 : executionResult._filePath);
|
|
135
|
-
var fileStream = s3.getObject(options).createReadStream();
|
|
136
|
-
let diff = process.hrtime(startTime);
|
|
137
|
-
let timeInMilliseconds = diff[0] * 1000 + diff[1] / 1000000;
|
|
138
|
-
__classPrivateFieldGet(this, _ServiceExecutorHandler_logger, "f").generic.info("Request finished with pipe file from s3, status: 200", { taskDuration: timeInMilliseconds, statusCode: 200 });
|
|
139
|
-
return fileStream.pipe(response);
|
|
140
|
-
}
|
|
141
|
-
catch (error) {
|
|
142
|
-
let diff = process.hrtime(startTime);
|
|
143
|
-
let timeInMilliseconds = diff[0] * 1000 + diff[1] / 1000000;
|
|
144
|
-
__classPrivateFieldGet(this, _ServiceExecutorHandler_logger, "f").generic.info("Request finished file not found, status: 404", { taskDuration: timeInMilliseconds, statusCode: 404 });
|
|
145
|
-
return response
|
|
146
|
-
.status(404)
|
|
147
|
-
.send(null);
|
|
148
|
-
}
|
|
149
|
-
}
|
|
150
|
-
if (executionResult === null || executionResult === void 0 ? void 0 : executionResult._fileStream) {
|
|
151
|
-
let diff = process.hrtime(startTime);
|
|
152
|
-
let timeInMilliseconds = diff[0] * 1000 + diff[1] / 1000000;
|
|
153
|
-
__classPrivateFieldGet(this, _ServiceExecutorHandler_logger, "f").generic.info("Request finished with pipe file, status: 200", { taskDuration: timeInMilliseconds, statusCode: 200 });
|
|
154
|
-
return executionResult._fileStream.pipe(response);
|
|
155
|
-
}
|
|
156
|
-
const statusCode = request.originalRequest.method === 'POST' ? 201 : 200;
|
|
67
|
+
async execute(originalRequest, response) {
|
|
68
|
+
const request = {
|
|
69
|
+
originalRequest,
|
|
70
|
+
contextType: '',
|
|
71
|
+
currentOrgPermissions: {},
|
|
72
|
+
session: null,
|
|
73
|
+
correlationId: originalRequest.headers['x-correlation-id']?.toString() || crypto_1.default.randomBytes(10).toString('hex')
|
|
74
|
+
};
|
|
75
|
+
response.setHeader('x-correlation-id', request.correlationId);
|
|
76
|
+
executionContext_1.default.setCorrelationId(request.correlationId);
|
|
77
|
+
__classPrivateFieldSet(this, _ServiceExecutorHandler_logger, __classPrivateFieldGet(this, _ServiceExecutorHandler_logger, "f").withParams({
|
|
78
|
+
correlationId: request.correlationId,
|
|
79
|
+
clientIp: dataSelectors_1.default.selectClientIp(request)?.clientIp,
|
|
80
|
+
clientCountry: dataSelectors_1.default.selectClientCountry(request)?.clientCountry,
|
|
81
|
+
clientUA: dataSelectors_1.default.selectUserAgent(request)?.userAgent,
|
|
82
|
+
request: {
|
|
83
|
+
url: request.originalRequest.url,
|
|
84
|
+
method: request.originalRequest.method,
|
|
85
|
+
}
|
|
86
|
+
}), "f");
|
|
87
|
+
loggerContext_1.default.setLogger(__classPrivateFieldGet(this, _ServiceExecutorHandler_logger, "f"));
|
|
88
|
+
let startTime = process.hrtime();
|
|
89
|
+
__classPrivateFieldGet(this, _ServiceExecutorHandler_logger, "f").generic.info("Request started");
|
|
90
|
+
try {
|
|
91
|
+
if (__classPrivateFieldGet(this, _ServiceExecutorHandler_serviceDescription, "f").isAuthorized()) {
|
|
92
|
+
await this.checkAuth(request, response, __classPrivateFieldGet(this, _ServiceExecutorHandler_serviceDescription, "f").allowAnonymous());
|
|
93
|
+
}
|
|
94
|
+
if (request.originalRequest.method !== 'GET' && (__classPrivateFieldGet(this, _ServiceExecutorHandler_serviceDescription, "f").getBodyParser && __classPrivateFieldGet(this, _ServiceExecutorHandler_serviceDescription, "f").getBodyParser()) !== 'raw') {
|
|
95
|
+
request.originalRequest.body.createdAt = timeProvider_1.default.jsDate();
|
|
96
|
+
request.originalRequest.body.createdBy = request.session?.account.login || '%anonymous';
|
|
97
|
+
}
|
|
98
|
+
await this.checkPermissions(request);
|
|
99
|
+
const executionResult = await this.executeRequest(request);
|
|
100
|
+
if (executionResult?._cookies) {
|
|
101
|
+
executionResult._cookies.forEach(cookie => response.cookie(cookie.name, cookie.value, cookie.options));
|
|
102
|
+
delete executionResult._cookies;
|
|
103
|
+
}
|
|
104
|
+
if (executionResult?._clearCookies) {
|
|
105
|
+
executionResult._clearCookies.forEach(cookie => response.clearCookie(cookie.name, cookie.options));
|
|
106
|
+
delete executionResult._clearCookies;
|
|
107
|
+
}
|
|
108
|
+
if (executionResult?._filePath && executionResult._filePathToReplace) {
|
|
157
109
|
let diff = process.hrtime(startTime);
|
|
158
110
|
let timeInMilliseconds = diff[0] * 1000 + diff[1] / 1000000;
|
|
159
|
-
__classPrivateFieldGet(this, _ServiceExecutorHandler_logger, "f").generic.info("Request finished, status: "
|
|
160
|
-
return response
|
|
161
|
-
.status(statusCode)
|
|
162
|
-
.send(executionResult);
|
|
111
|
+
__classPrivateFieldGet(this, _ServiceExecutorHandler_logger, "f").generic.info("Request finished with download file, status: 200", { taskDuration: timeInMilliseconds, statusCode: 200 });
|
|
112
|
+
return response.download(path.resolve(executionResult._filePath), executionResult._filePathToReplace);
|
|
163
113
|
}
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
|
|
167
|
-
|
|
168
|
-
|
|
114
|
+
if (executionResult?._filePath) {
|
|
115
|
+
const s3 = aws_1.default.getS3();
|
|
116
|
+
var options = {
|
|
117
|
+
Bucket: config_1.default.aws.bucketname,
|
|
118
|
+
Key: executionResult?._filePath,
|
|
119
|
+
};
|
|
120
|
+
try {
|
|
121
|
+
await s3.headObject(options).promise();
|
|
122
|
+
response.set('Cache-control', 'public, max-age=100000');
|
|
123
|
+
response.attachment(executionResult?._filePath);
|
|
124
|
+
var fileStream = s3.getObject(options).createReadStream();
|
|
169
125
|
let diff = process.hrtime(startTime);
|
|
170
126
|
let timeInMilliseconds = diff[0] * 1000 + diff[1] / 1000000;
|
|
171
|
-
__classPrivateFieldGet(this, _ServiceExecutorHandler_logger, "f").generic.info("Request finished, status: "
|
|
172
|
-
|
|
127
|
+
__classPrivateFieldGet(this, _ServiceExecutorHandler_logger, "f").generic.info("Request finished with pipe file from s3, status: 200", { taskDuration: timeInMilliseconds, statusCode: 200 });
|
|
128
|
+
return fileStream.pipe(response);
|
|
173
129
|
}
|
|
174
|
-
|
|
130
|
+
catch (error) {
|
|
175
131
|
let diff = process.hrtime(startTime);
|
|
176
132
|
let timeInMilliseconds = diff[0] * 1000 + diff[1] / 1000000;
|
|
177
|
-
__classPrivateFieldGet(this, _ServiceExecutorHandler_logger, "f").generic.
|
|
178
|
-
|
|
179
|
-
|
|
133
|
+
__classPrivateFieldGet(this, _ServiceExecutorHandler_logger, "f").generic.info("Request finished file not found, status: 404", { taskDuration: timeInMilliseconds, statusCode: 404 });
|
|
134
|
+
return response
|
|
135
|
+
.status(404)
|
|
136
|
+
.send(null);
|
|
180
137
|
}
|
|
181
138
|
}
|
|
182
|
-
|
|
183
|
-
|
|
184
|
-
|
|
185
|
-
|
|
186
|
-
|
|
187
|
-
const requestedAccountLogin = request.originalRequest.params._login;
|
|
188
|
-
request.contextType = requestedAccountLogin && (yield __classPrivateFieldGet(this, _ServiceExecutorHandler_redis, "f").getAccountType(requestedAccountLogin));
|
|
189
|
-
const endpointContext = __classPrivateFieldGet(this, _ServiceExecutorHandler_serviceDescription, "f").getEndpointContext();
|
|
190
|
-
if (requestedAccountLogin && !request.contextType) {
|
|
191
|
-
throw new Exception_1.default({
|
|
192
|
-
code: 'NOT_FOUND',
|
|
193
|
-
statusCode: 404,
|
|
194
|
-
fields: {
|
|
195
|
-
login: {
|
|
196
|
-
code: 'NOT_FOUND',
|
|
197
|
-
},
|
|
198
|
-
},
|
|
199
|
-
});
|
|
200
|
-
}
|
|
201
|
-
if (endpointContext !== 'any' && endpointContext !== request.contextType) {
|
|
202
|
-
throw new Exception_1.default({
|
|
203
|
-
code: 'NOT_FOUND',
|
|
204
|
-
statusCode: 404,
|
|
205
|
-
fields: {
|
|
206
|
-
login: {
|
|
207
|
-
code: 'NOT_FOUND',
|
|
208
|
-
},
|
|
209
|
-
},
|
|
210
|
-
});
|
|
211
|
-
}
|
|
212
|
-
if (!request.session) {
|
|
213
|
-
return;
|
|
139
|
+
if (executionResult?._fileStream) {
|
|
140
|
+
let diff = process.hrtime(startTime);
|
|
141
|
+
let timeInMilliseconds = diff[0] * 1000 + diff[1] / 1000000;
|
|
142
|
+
__classPrivateFieldGet(this, _ServiceExecutorHandler_logger, "f").generic.info("Request finished with pipe file, status: 200", { taskDuration: timeInMilliseconds, statusCode: 200 });
|
|
143
|
+
return executionResult._fileStream.pipe(response);
|
|
214
144
|
}
|
|
215
|
-
|
|
216
|
-
|
|
145
|
+
const statusCode = request.originalRequest.method === 'POST' ? 201 : 200;
|
|
146
|
+
let diff = process.hrtime(startTime);
|
|
147
|
+
let timeInMilliseconds = diff[0] * 1000 + diff[1] / 1000000;
|
|
148
|
+
__classPrivateFieldGet(this, _ServiceExecutorHandler_logger, "f").generic.info("Request finished, status: " + statusCode, { taskDuration: timeInMilliseconds, statusCode });
|
|
149
|
+
return response
|
|
150
|
+
.status(statusCode)
|
|
151
|
+
.send(executionResult);
|
|
152
|
+
}
|
|
153
|
+
catch (err) {
|
|
154
|
+
if (err instanceof Exception_1.default) {
|
|
155
|
+
__classPrivateFieldGet(this, _ServiceExecutorHandler_logger, "f").debugBadRequest(err, request);
|
|
156
|
+
const errorHash = err.toHash();
|
|
157
|
+
delete errorHash.statusCode;
|
|
158
|
+
let diff = process.hrtime(startTime);
|
|
159
|
+
let timeInMilliseconds = diff[0] * 1000 + diff[1] / 1000000;
|
|
160
|
+
__classPrivateFieldGet(this, _ServiceExecutorHandler_logger, "f").generic.info("Request finished, status: " + (err.statusCode || 400), { taskDuration: timeInMilliseconds, statusCode: err.statusCode || 400 });
|
|
161
|
+
response.status(err.statusCode || 400).send(errorHash);
|
|
217
162
|
}
|
|
218
|
-
|
|
219
|
-
|
|
220
|
-
|
|
163
|
+
else {
|
|
164
|
+
let diff = process.hrtime(startTime);
|
|
165
|
+
let timeInMilliseconds = diff[0] * 1000 + diff[1] / 1000000;
|
|
166
|
+
__classPrivateFieldGet(this, _ServiceExecutorHandler_logger, "f").generic.error("Request finished, status: 500", { taskDuration: timeInMilliseconds, statusCode: 500 });
|
|
167
|
+
__classPrivateFieldGet(this, _ServiceExecutorHandler_logger, "f").internalServerError(err, request);
|
|
168
|
+
response.status(500).send(err);
|
|
221
169
|
}
|
|
222
|
-
|
|
223
|
-
|
|
224
|
-
|
|
225
|
-
|
|
226
|
-
|
|
227
|
-
|
|
228
|
-
|
|
229
|
-
|
|
230
|
-
|
|
231
|
-
|
|
232
|
-
|
|
233
|
-
|
|
170
|
+
}
|
|
171
|
+
}
|
|
172
|
+
async checkPermissions(request) {
|
|
173
|
+
const requestedAccountLogin = request.originalRequest.params._login;
|
|
174
|
+
request.contextType = requestedAccountLogin && await __classPrivateFieldGet(this, _ServiceExecutorHandler_redis, "f").getAccountType(requestedAccountLogin);
|
|
175
|
+
const endpointContext = __classPrivateFieldGet(this, _ServiceExecutorHandler_serviceDescription, "f").getEndpointContext();
|
|
176
|
+
if (requestedAccountLogin && !request.contextType) {
|
|
177
|
+
throw new Exception_1.default({
|
|
178
|
+
code: 'NOT_FOUND',
|
|
179
|
+
statusCode: 404,
|
|
180
|
+
fields: {
|
|
181
|
+
login: {
|
|
182
|
+
code: 'NOT_FOUND',
|
|
183
|
+
},
|
|
184
|
+
},
|
|
185
|
+
});
|
|
186
|
+
}
|
|
187
|
+
if (endpointContext !== 'any' && endpointContext !== request.contextType) {
|
|
188
|
+
throw new Exception_1.default({
|
|
189
|
+
code: 'NOT_FOUND',
|
|
190
|
+
statusCode: 404,
|
|
191
|
+
fields: {
|
|
192
|
+
login: {
|
|
193
|
+
code: 'NOT_FOUND',
|
|
194
|
+
},
|
|
195
|
+
},
|
|
196
|
+
});
|
|
197
|
+
}
|
|
198
|
+
if (!request.session) {
|
|
199
|
+
return;
|
|
200
|
+
}
|
|
201
|
+
if (request.contextType == "organization") {
|
|
202
|
+
request.currentOrgPermissions = await __classPrivateFieldGet(this, _ServiceExecutorHandler_redis, "f").getOrganizationMemberPermissions(requestedAccountLogin, request.session.account.login);
|
|
203
|
+
}
|
|
204
|
+
const requiredPermissionsSchemas = __classPrivateFieldGet(this, _ServiceExecutorHandler_serviceDescription, "f").getRequiredPermissions();
|
|
205
|
+
if (!requiredPermissionsSchemas) {
|
|
206
|
+
return;
|
|
207
|
+
}
|
|
208
|
+
let hasPermissions = false;
|
|
209
|
+
if (requiredPermissionsSchemas.adminonly) {
|
|
210
|
+
hasPermissions = request.session.account.login === 'admin';
|
|
211
|
+
if (!hasPermissions) {
|
|
212
|
+
const permissions = await __classPrivateFieldGet(this, _ServiceExecutorHandler_redis, "f").getAdminPermissions(request.session.account.login);
|
|
213
|
+
if (permissions?.isAdmin) {
|
|
214
|
+
if (permissions.role === 'sale') {
|
|
215
|
+
hasPermissions = requiredPermissionsSchemas.salesadmins;
|
|
234
216
|
}
|
|
235
|
-
|
|
236
|
-
}
|
|
237
|
-
else if (request.contextType == "user") {
|
|
238
|
-
if ((_a = requiredPermissionsSchemas.user) === null || _a === void 0 ? void 0 : _a.myaccount) {
|
|
239
|
-
if (request.session.account.login === requestedAccountLogin || request.session.account.login === 'admin') {
|
|
217
|
+
else {
|
|
240
218
|
hasPermissions = true;
|
|
241
219
|
}
|
|
242
220
|
}
|
|
243
|
-
else {
|
|
244
|
-
hasPermissions = true;
|
|
245
|
-
}
|
|
246
221
|
}
|
|
247
|
-
|
|
248
|
-
|
|
222
|
+
}
|
|
223
|
+
else if (request.contextType == "user") {
|
|
224
|
+
if (requiredPermissionsSchemas.user?.myaccount) {
|
|
225
|
+
if (request.session.account.login === requestedAccountLogin || request.session.account.login === 'admin') {
|
|
249
226
|
hasPermissions = true;
|
|
250
227
|
}
|
|
251
|
-
|
|
252
|
-
|
|
253
|
-
|
|
254
|
-
|
|
255
|
-
|
|
256
|
-
|
|
257
|
-
|
|
258
|
-
|
|
259
|
-
|
|
260
|
-
|
|
261
|
-
|
|
262
|
-
|
|
263
|
-
|
|
264
|
-
|
|
228
|
+
}
|
|
229
|
+
else {
|
|
230
|
+
hasPermissions = true;
|
|
231
|
+
}
|
|
232
|
+
}
|
|
233
|
+
else if (request.contextType == "organization") {
|
|
234
|
+
if (!requiredPermissionsSchemas.organization) {
|
|
235
|
+
hasPermissions = true;
|
|
236
|
+
}
|
|
237
|
+
else {
|
|
238
|
+
if (request.currentOrgPermissions) {
|
|
239
|
+
let missingAnyPermission = false;
|
|
240
|
+
let hasAnyPrmission = false;
|
|
241
|
+
requiredPermissionsSchemas.organization.forEach(permission => {
|
|
242
|
+
if (!request.currentOrgPermissions[permission]) {
|
|
243
|
+
missingAnyPermission = true;
|
|
265
244
|
}
|
|
266
245
|
else {
|
|
267
|
-
|
|
246
|
+
hasAnyPrmission = true;
|
|
268
247
|
}
|
|
248
|
+
});
|
|
249
|
+
if (requiredPermissionsSchemas.organizationPermissionsFilter === 'oneOf') {
|
|
250
|
+
hasPermissions = hasAnyPrmission;
|
|
251
|
+
}
|
|
252
|
+
else {
|
|
253
|
+
hasPermissions = !missingAnyPermission;
|
|
269
254
|
}
|
|
270
|
-
if (!
|
|
271
|
-
const permissions =
|
|
272
|
-
if (permissions
|
|
255
|
+
if (!hasAnyPrmission && requiredPermissionsSchemas.organizationAllowForStartaAdmins) {
|
|
256
|
+
const permissions = await __classPrivateFieldGet(this, _ServiceExecutorHandler_redis, "f").getAdminPermissions(request.session.account.login);
|
|
257
|
+
if (permissions?.isAdmin) {
|
|
273
258
|
hasPermissions = true;
|
|
274
259
|
}
|
|
275
260
|
}
|
|
276
261
|
}
|
|
277
262
|
}
|
|
278
|
-
|
|
279
|
-
|
|
280
|
-
|
|
281
|
-
|
|
282
|
-
|
|
283
|
-
}
|
|
284
|
-
}
|
|
263
|
+
}
|
|
264
|
+
if (!hasPermissions) {
|
|
265
|
+
throw new Exception_1.default({
|
|
266
|
+
code: 'FORBIDDEN',
|
|
267
|
+
statusCode: 403,
|
|
268
|
+
});
|
|
269
|
+
}
|
|
285
270
|
}
|
|
286
|
-
checkAuth(request, response, allowAnonymous) {
|
|
287
|
-
|
|
288
|
-
|
|
289
|
-
|
|
290
|
-
e = e || new Exception_1.default({
|
|
291
|
-
code: 'UNAUTHORIZED',
|
|
292
|
-
statusCode: 401,
|
|
293
|
-
fields: {
|
|
294
|
-
scheme: 'BAD_SCHEME',
|
|
295
|
-
},
|
|
296
|
-
});
|
|
297
|
-
throw e;
|
|
298
|
-
}
|
|
299
|
-
};
|
|
300
|
-
let auth = null;
|
|
301
|
-
if (request.originalRequest.get('authorization')) {
|
|
302
|
-
try {
|
|
303
|
-
auth = authorization.parse(request.originalRequest.get('authorization'));
|
|
304
|
-
}
|
|
305
|
-
catch (e) {
|
|
306
|
-
return unauthorized();
|
|
307
|
-
}
|
|
308
|
-
if (auth.scheme !== 'Basic') {
|
|
309
|
-
return unauthorized();
|
|
310
|
-
}
|
|
311
|
-
}
|
|
312
|
-
if (!auth && request.originalRequest.cookies && request.originalRequest.cookies.Authorization) {
|
|
313
|
-
auth = { token: request.originalRequest.cookies.Authorization };
|
|
314
|
-
}
|
|
315
|
-
if (!auth) {
|
|
316
|
-
return unauthorized();
|
|
317
|
-
}
|
|
318
|
-
const [sessionId] = helpers_1.default.getSessionId(auth.token);
|
|
319
|
-
const sessionData = yield __classPrivateFieldGet(this, _ServiceExecutorHandler_redis, "f").getSession(sessionId);
|
|
320
|
-
if (!sessionData) {
|
|
321
|
-
return unauthorized(new Exception_1.default({
|
|
271
|
+
async checkAuth(request, response, allowAnonymous) {
|
|
272
|
+
const unauthorized = function (e) {
|
|
273
|
+
if (!allowAnonymous) {
|
|
274
|
+
e = e || new Exception_1.default({
|
|
322
275
|
code: 'UNAUTHORIZED',
|
|
323
276
|
statusCode: 401,
|
|
324
277
|
fields: {
|
|
325
|
-
|
|
278
|
+
scheme: 'BAD_SCHEME',
|
|
326
279
|
},
|
|
327
|
-
})
|
|
328
|
-
|
|
329
|
-
if (sessionData.clientIp !== request.originalRequest.connection.remoteAddress) {
|
|
330
|
-
//this.#logger.generic.warn('WRONG_CLIENT_IP_ADDRESS %s %s', sessionData.clientIp, request.connection.remoteAddress);
|
|
331
|
-
// return Promise.reject(new Exception({
|
|
332
|
-
// code: 'WRONG_CLIENT_IP_ADDRESS',
|
|
333
|
-
// statusCode: 400,
|
|
334
|
-
// fields: {
|
|
335
|
-
// remoteAddress: 'BAD_IP',
|
|
336
|
-
// },
|
|
337
|
-
// }));
|
|
338
|
-
}
|
|
339
|
-
request.session = {
|
|
340
|
-
sessionId,
|
|
341
|
-
account: new Account_1.default(sessionData.account),
|
|
342
|
-
date: timeProvider_1.default.jsDate(),
|
|
343
|
-
};
|
|
344
|
-
if (sessionData.account) {
|
|
345
|
-
response.cookie('Authorization', auth.token, { httpOnly: true, maxAge: sessionData.expirationTime * 1000, domain: new URL(config_1.default.siteUrl).hostname });
|
|
346
|
-
yield __classPrivateFieldGet(this, _ServiceExecutorHandler_redis, "f").resetSessionExpireTimeout(sessionId, sessionData.expirationTime);
|
|
347
|
-
}
|
|
348
|
-
__classPrivateFieldSet(this, _ServiceExecutorHandler_logger, __classPrivateFieldGet(this, _ServiceExecutorHandler_logger, "f").withParams({
|
|
349
|
-
login: request.session.account.login
|
|
350
|
-
}), "f");
|
|
351
|
-
executionContext_1.default.setAuthorizedUserLogin(request.session.account.login);
|
|
352
|
-
});
|
|
353
|
-
}
|
|
354
|
-
executeRequest(request, requestData = undefined, permissions) {
|
|
355
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
356
|
-
const serviceHandler = __classPrivateFieldGet(this, _ServiceExecutorHandler_serviceFactory, "f").createHandler(__classPrivateFieldGet(this, _ServiceExecutorHandler_serviceExecutor, "f"), request, __classPrivateFieldGet(this, _ServiceExecutorHandler_logger, "f"));
|
|
357
|
-
if (permissions) {
|
|
358
|
-
serviceHandler.Permissions = permissions;
|
|
280
|
+
});
|
|
281
|
+
throw e;
|
|
359
282
|
}
|
|
360
|
-
|
|
361
|
-
|
|
283
|
+
};
|
|
284
|
+
let auth = null;
|
|
285
|
+
if (request.originalRequest.get('authorization')) {
|
|
286
|
+
try {
|
|
287
|
+
auth = authorization.parse(request.originalRequest.get('authorization'));
|
|
362
288
|
}
|
|
363
|
-
|
|
364
|
-
|
|
365
|
-
objectRules = __classPrivateFieldGet(this, _ServiceExecutorHandler_serviceDescription, "f").getValidationRules(request);
|
|
289
|
+
catch (e) {
|
|
290
|
+
return unauthorized();
|
|
366
291
|
}
|
|
367
|
-
|
|
368
|
-
|
|
292
|
+
if (auth.scheme !== 'Basic') {
|
|
293
|
+
return unauthorized();
|
|
369
294
|
}
|
|
370
|
-
|
|
371
|
-
|
|
372
|
-
|
|
373
|
-
|
|
374
|
-
|
|
375
|
-
|
|
376
|
-
|
|
377
|
-
|
|
378
|
-
|
|
379
|
-
|
|
380
|
-
|
|
381
|
-
|
|
382
|
-
|
|
295
|
+
}
|
|
296
|
+
if (!auth && request.originalRequest.cookies && request.originalRequest.cookies.Authorization) {
|
|
297
|
+
auth = { token: request.originalRequest.cookies.Authorization };
|
|
298
|
+
}
|
|
299
|
+
if (!auth) {
|
|
300
|
+
return unauthorized();
|
|
301
|
+
}
|
|
302
|
+
const [sessionId] = helpers_1.default.getSessionId(auth.token);
|
|
303
|
+
const sessionData = await __classPrivateFieldGet(this, _ServiceExecutorHandler_redis, "f").getSession(sessionId);
|
|
304
|
+
if (!sessionData) {
|
|
305
|
+
return unauthorized(new Exception_1.default({
|
|
306
|
+
code: 'UNAUTHORIZED',
|
|
307
|
+
statusCode: 401,
|
|
308
|
+
fields: {
|
|
309
|
+
token: 'BAD_TOKEN',
|
|
310
|
+
},
|
|
311
|
+
}));
|
|
312
|
+
}
|
|
313
|
+
if (sessionData.clientIp !== request.originalRequest.connection.remoteAddress) {
|
|
314
|
+
//this.#logger.generic.warn('WRONG_CLIENT_IP_ADDRESS %s %s', sessionData.clientIp, request.connection.remoteAddress);
|
|
315
|
+
// return Promise.reject(new Exception({
|
|
316
|
+
// code: 'WRONG_CLIENT_IP_ADDRESS',
|
|
317
|
+
// statusCode: 400,
|
|
318
|
+
// fields: {
|
|
319
|
+
// remoteAddress: 'BAD_IP',
|
|
320
|
+
// },
|
|
321
|
+
// }));
|
|
322
|
+
}
|
|
323
|
+
request.session = {
|
|
324
|
+
sessionId,
|
|
325
|
+
account: new Account_1.default(sessionData.account),
|
|
326
|
+
date: timeProvider_1.default.jsDate(),
|
|
327
|
+
};
|
|
328
|
+
if (sessionData.account) {
|
|
329
|
+
response.cookie('Authorization', auth.token, { httpOnly: true, maxAge: sessionData.expirationTime * 1000, domain: new URL(config_1.default.siteUrl).hostname });
|
|
330
|
+
await __classPrivateFieldGet(this, _ServiceExecutorHandler_redis, "f").resetSessionExpireTimeout(sessionId, sessionData.expirationTime);
|
|
331
|
+
}
|
|
332
|
+
__classPrivateFieldSet(this, _ServiceExecutorHandler_logger, __classPrivateFieldGet(this, _ServiceExecutorHandler_logger, "f").withParams({
|
|
333
|
+
login: request.session.account.login
|
|
334
|
+
}), "f");
|
|
335
|
+
executionContext_1.default.setAuthorizedUserLogin(request.session.account.login);
|
|
336
|
+
}
|
|
337
|
+
async executeRequest(request, requestData = undefined, permissions) {
|
|
338
|
+
const serviceHandler = __classPrivateFieldGet(this, _ServiceExecutorHandler_serviceFactory, "f").createHandler(__classPrivateFieldGet(this, _ServiceExecutorHandler_serviceExecutor, "f"), request, __classPrivateFieldGet(this, _ServiceExecutorHandler_logger, "f"));
|
|
339
|
+
if (permissions) {
|
|
340
|
+
serviceHandler.Permissions = permissions;
|
|
341
|
+
}
|
|
342
|
+
if (request) {
|
|
343
|
+
requestData = serviceHandler.selectData();
|
|
344
|
+
}
|
|
345
|
+
let objectRules = null;
|
|
346
|
+
if (__classPrivateFieldGet(this, _ServiceExecutorHandler_serviceDescription, "f").getValidationRules) {
|
|
347
|
+
objectRules = __classPrivateFieldGet(this, _ServiceExecutorHandler_serviceDescription, "f").getValidationRules(request);
|
|
348
|
+
}
|
|
349
|
+
else if (__classPrivateFieldGet(this, _ServiceExecutorHandler_serviceDescription, "f").getValidationRulesPerContext && request?.contextType) {
|
|
350
|
+
objectRules = __classPrivateFieldGet(this, _ServiceExecutorHandler_serviceDescription, "f").getValidationRulesPerContext(request)[request.contextType];
|
|
351
|
+
}
|
|
352
|
+
if (objectRules) {
|
|
353
|
+
const rules = {
|
|
354
|
+
type: 'object',
|
|
355
|
+
rules: objectRules,
|
|
356
|
+
};
|
|
357
|
+
const validationResult = covalidation.createValidation(rules)(requestData);
|
|
358
|
+
if (validationResult.errors) {
|
|
359
|
+
throw new Exception_1.default({
|
|
360
|
+
code: 'FORMAT_ERROR',
|
|
361
|
+
fields: validationResult.errors,
|
|
362
|
+
});
|
|
383
363
|
}
|
|
384
|
-
|
|
385
|
-
|
|
386
|
-
|
|
387
|
-
|
|
388
|
-
|
|
364
|
+
requestData = validationResult.data;
|
|
365
|
+
}
|
|
366
|
+
//refactor
|
|
367
|
+
serviceHandler.requestData = requestData;
|
|
368
|
+
const executionResult = await serviceHandler.execute(requestData);
|
|
369
|
+
return executionResult;
|
|
389
370
|
}
|
|
390
371
|
}
|
|
391
372
|
_ServiceExecutorHandler_redis = new WeakMap(), _ServiceExecutorHandler_logger = new WeakMap(), _ServiceExecutorHandler_serviceDescription = new WeakMap(), _ServiceExecutorHandler_serviceFactory = new WeakMap(), _ServiceExecutorHandler_serviceExecutor = new WeakMap();
|