merge dev in staging (#41)

package-lock.json

@@ -17,7 +17,7 @@
         "cors": "^2.8.5",
         "express": "^4.18.2",
         "jsonwebtoken": "^9.0.0",
-        "le-coffre-resources": "git@github.com:smart-chain-fr/leCoffre-resources.git#v2.44",
+        "le-coffre-resources": "git@github.com:smart-chain-fr/leCoffre-resources.git#v2.47",
         "module-alias": "^2.2.2",
         "multer": "^1.4.5-lts.1",
         "next": "^13.1.5",
@@ -29,7 +29,8 @@
         "tslib": "^2.4.1",
         "typedi": "^0.10.0",
         "typescript": "^4.9.4",
-        "uuid": "^9.0.0"
+        "uuid": "^9.0.0",
+        "uuidv4": "^6.2.13"
       },
       "devDependencies": {
         "@types/cors": "^2.8.13",
@@ -2371,9 +2372,9 @@
       "integrity": "sha512-WMwm9LhRUo+WUaRN+vRuETqG89IgZphVSNkdFgeb6sS/E4OrDIN7t48CAewSHXc6C8lefD8KKfr5vY61brQlow=="
     },
     "node_modules/electron-to-chromium": {
-      "version": "1.4.389",
-      "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.389.tgz",
-      "integrity": "sha512-WDgWUOK8ROR7sDFyYmxCUOoDc50lPgYAHAHwnnD1iN3SKO/mpqftb9iIPiEkMKmqYdkrR0j3N/O+YB/U7lSxwg==",
+      "version": "1.4.391",
+      "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.391.tgz",
+      "integrity": "sha512-GqydVV1+kUWY5qlEzaw34/hyWTApuQrHiGrcGA2Kk/56nEK44i+YUW45VH43JuZT0Oo7uY8aVtpPhBBZXEWtSA==",
       "dev": true
     },
     "node_modules/emittery": {
@@ -3861,7 +3862,7 @@
       }
     },
     "node_modules/le-coffre-resources": {
-      "resolved": "git+ssh://git@github.com/smart-chain-fr/leCoffre-resources.git#30c8ee50b872a8bc6bec0f5d8c4626d8f4490177",
+      "resolved": "git+ssh://git@github.com/smart-chain-fr/leCoffre-resources.git#467b34a484adbd6dfa3fd6082bb7677f6178da51",
       "license": "MIT",
       "dependencies": {
         "class-transformer": "^0.5.1",
@@ -5666,6 +5667,28 @@
         "uuid": "dist/bin/uuid"
       }
     },
+    "node_modules/uuidv4": {
+      "version": "6.2.13",
+      "resolved": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz",
+      "integrity": "sha512-AXyzMjazYB3ovL3q051VLH06Ixj//Knx7QnUSi1T//Ie3io6CpsPu9nVMOx5MoLWh6xV0B9J0hIaxungxXUbPQ==",
+      "dependencies": {
+        "@types/uuid": "8.3.4",
+        "uuid": "8.3.2"
+      }
+    },
+    "node_modules/uuidv4/node_modules/@types/uuid": {
+      "version": "8.3.4",
+      "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz",
+      "integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw=="
+    },
+    "node_modules/uuidv4/node_modules/uuid": {
+      "version": "8.3.2",
+      "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz",
+      "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==",
+      "bin": {
+        "uuid": "dist/bin/uuid"
+      }
+    },
     "node_modules/v8-compile-cache-lib": {
       "version": "3.0.1",
       "resolved": "https://registry.npmjs.org/v8-compile-cache-lib/-/v8-compile-cache-lib-3.0.1.tgz",

package.json

@@ -48,7 +48,7 @@
     "cors": "^2.8.5",
     "express": "^4.18.2",
     "jsonwebtoken": "^9.0.0",
-    "le-coffre-resources": "git@github.com:smart-chain-fr/leCoffre-resources.git#v2.44",
+    "le-coffre-resources": "git@github.com:smart-chain-fr/leCoffre-resources.git#v2.47",
     "module-alias": "^2.2.2",
     "multer": "^1.4.5-lts.1",
     "next": "^13.1.5",
@@ -60,7 +60,8 @@
     "tslib": "^2.4.1",
     "typedi": "^0.10.0",
     "typescript": "^4.9.4",
-    "uuid": "^9.0.0"
+    "uuid": "^9.0.0",
+    "uuidv4": "^6.2.13"
   },
   "devDependencies": {
     "@types/cors": "^2.8.13",
@@ -80,6 +81,6 @@
   },
   "prisma": {
     "schema": "src/common/databases/schema.prisma",
-    "seed": "ts-node src/common/databases/seeders/seeder.ts"
+    "seed": "ts-node src/common/databases/seeders/seeder2.ts"
   }
 }

src/app/api/super-admin/FilesController.ts

@@ -39,6 +39,26 @@ export default class FilesController extends ApiController {
 		}
 	}
 
+	/**
+	 * @description Get a specific File by uid
+	 */
+	@Get("/api/v1/super-admin/files/upload/:uid")
+	protected async getFileData(req: Request, response: Response) {
+		try {
+			const uid = req.params["uid"];
+			if (!uid) {
+				throw new Error("No uid provided");
+			}
+
+			const file = await this.filesService.updload(uid);
+			
+			this.httpSuccess(response, file);
+		} catch (error) {
+			this.httpBadRequest(response, error);
+			return;
+		}
+	}
+
 	/**
 	 * @description Create a new File
 	 * @returns File created
@@ -135,7 +155,7 @@ export default class FilesController extends ApiController {
 	/**
 	 * @description Get a specific File by uid
 	 */
-	@Get("/api/v1/super-admin/Files/:uid")
+	@Get("/api/v1/super-admin/files/:uid")
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];

src/common/config/variables/Variables.ts

@@ -54,9 +54,6 @@ export class BackendVariables {
 	@IsNotEmpty()
 	public readonly PINATA_GATEWAY!: string;
 
-	@IsNotEmpty()
-	public readonly KEY_DATA!: string;
-
 	public constructor() {
 		dotenv.config();
 		this.DATABASE_PORT = process.env["DATABASE_PORT"]!;
@@ -75,7 +72,6 @@ export class BackendVariables {
 		this.PINATA_API_KEY = process.env["PINATA_API_KEY"]!;
 		this.PINATA_API_SECRET = process.env["PINATA_API_SECRET"]!;
 		this.PINATA_GATEWAY = process.env["PINATA_GATEWAY"]!;
-		this.KEY_DATA = process.env["KEY_DATA"]!;
 	}
 	public async validate() {
 		await validateOrReject(this);

src/common/databases/migrations/20230510204321_v4/migration.sql

@@ -0,0 +1,9 @@
+/*
+  Warnings:
+
+  - You are about to drop the column `iv` on the `files` table. All the data in the column will be lost.
+
+*/
+-- AlterTable
+ALTER TABLE "files" DROP COLUMN "iv",
+ADD COLUMN     "key" VARCHAR(255);

src/common/databases/migrations/20230511085908_v5/migration.sql

@@ -0,0 +1,2 @@
+-- AlterTable
+ALTER TABLE "files" ADD COLUMN     "archived_at" TIMESTAMP(3);

src/common/databases/schema.prisma

@@ -39,7 +39,7 @@ model Contacts {
   cell_phone_number String     @unique @db.VarChar(50)
   civility          ECivility  @default(MALE)
   address           Addresses? @relation(fields: [address_uid], references: [uid], onDelete: Cascade)
-  address_uid       String?     @unique @db.VarChar(255)
+  address_uid       String?    @unique @db.VarChar(255)
   birthdate         DateTime?
   created_at        DateTime?  @default(now())
   updated_at        DateTime?  @updatedAt
@@ -204,7 +204,8 @@ model Files {
   document_uid String    @db.VarChar(255)
   file_path    String    @unique @db.VarChar(255)
   file_name    String    @db.VarChar(255)
-  iv           String    @db.VarChar(255)
+  archived_at  DateTime?
+  key          String?   @db.VarChar(255)
   created_at   DateTime? @default(now())
   updated_at   DateTime? @updatedAt
 

src/common/databases/seeders/seeder.ts

@@ -25,12 +25,6 @@ import {
 (async () => {
 	const prisma = new PrismaClient();
 
-	const existingData = await prisma.contacts.findFirst({ where: { email: "john.doe@example.com" } });
-	if (existingData) {
-		console.log("Seed data already exists. Skipping seeding process.");
-		return;
-	}
-
 	const randomString = () => {
 		const chars = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
 		let result = "";
@@ -73,9 +67,13 @@ import {
 
 	const uidDocument1: string = randomString();
 	const uidDocument2: string = randomString();
+	const uidDocument3: string = randomString();
+	const uidDocument4: string = randomString();
+	const uidDocument5: string = randomString();
 
 	const uidDocumentType1: string = randomString();
 	const uidDocumentType2: string = randomString();
+	const uidDocumentType3: string = randomString();
 
 	const uidOfficeFolderHasCustomer1: string = randomString();
 	const uidOfficeFolderHasCustomer2: string = randomString();
@@ -92,6 +90,13 @@ import {
 	const uidDocumentHistory1: string = randomString();
 	const uidDocumentHistory2: string = randomString();
 
+	// const existingData = await prisma.contacts.findFirst({ where: { uid: uidContact4 } });
+	// if (existingData) {
+	// 	console.log("Seed data already exists. Skipping seeding process.");
+	// 	return;
+	// }
+
+
 	const customers: Customers[] = [
 		{
 			uid: uidCustomer1,
@@ -379,6 +384,36 @@ import {
 			created_at: new Date(),
 			updated_at: new Date(),
 		},
+		{
+			uid: uidDocument3,
+			blockchain_anchor_uid: null,
+			depositor_uid: uidCustomer1,
+			document_status: EDocumentStatus.ASKED,
+			folder_uid: uidOfficeFolder1,
+			document_type_uid: uidDocumentType3,
+			created_at: new Date(),
+			updated_at: new Date(),
+		},
+		{
+			uid: uidDocument4,
+			blockchain_anchor_uid: null,
+			depositor_uid: uidCustomer1,
+			document_status: EDocumentStatus.ASKED,
+			folder_uid: uidOfficeFolder1,
+			document_type_uid: uidDocumentType2,
+			created_at: new Date(),
+			updated_at: new Date(),
+		},
+		{
+			uid: uidDocument5,
+			blockchain_anchor_uid: null,
+			depositor_uid: uidCustomer1,
+			document_status: EDocumentStatus.ASKED,
+			folder_uid: uidOfficeFolder1,
+			document_type_uid: uidDocumentType1,
+			created_at: new Date(),
+			updated_at: new Date(),
+		},
 	];
 
 	const documentTypes: DocumentTypes[] = [
@@ -396,7 +431,17 @@ import {
 			uid: uidDocumentType2,
 			archived_at: null,
 			name: "Carte d'identité",
-			office_uid: uidOffice2,
+			office_uid: uidOffice1,
+			private_description: "Ce document est confidentiel, demander un recto-verso au client",
+			public_description: "Carte d'identité est un document officiel qui atteste de l'identité d'une personne",
+			created_at: new Date(),
+			updated_at: new Date(),
+		},
+		{
+			uid: uidDocumentType3,
+			archived_at: null,
+			name: "Autres documents",
+			office_uid: uidOffice1,
 			private_description: "Ce document est confidentiel, demander un recto-verso au client",
 			public_description: "Carte d'identité est un document officiel qui atteste de l'identité d'une personne",
 			created_at: new Date(),
@@ -427,7 +472,8 @@ import {
 			document_uid: uidDocument1,
 			file_name: "fileName1",
 			file_path: "https://www.google1.com",
-			iv: "randomIv1",
+			key: '',
+			archived_at: null,
 			created_at: new Date(),
 			updated_at: new Date(),
 		},
@@ -436,7 +482,8 @@ import {
 			document_uid: uidDocument1,
 			file_name: "fileName2",
 			file_path: "https://www.google2.com",
-			iv: "randomIv2",
+			key: '',
+			archived_at: null,
 			created_at: new Date(),
 			updated_at: new Date(),
 		},

src/common/repositories/FilesRepository.ts

@@ -27,7 +27,7 @@ export default class FilesRepository extends BaseRepository {
 	/**
 	 * @description : Create a file linked to a document
 	 */
-	public async create(file: File): Promise<Files> {
+	public async create(file: File, key: string): Promise<Files> {
 		return this.model.create({
 			data: {
 				document: {
@@ -37,7 +37,7 @@ export default class FilesRepository extends BaseRepository {
 				},
 				file_name: file.file_name,
 				file_path: file.file_path,
-				iv: file.iv
+				key: key
 			},
 			include: { document: true }
 		});
@@ -61,10 +61,14 @@ export default class FilesRepository extends BaseRepository {
 	 * @description : Delete a file
 	 */
 	public async delete(uid: string): Promise<Files> {
-		return this.model.delete({
+		return this.model.update({
 			where: {
 				uid: uid,
 			},
+			data: {
+				key: null,
+				archived_at: new Date(Date.now())
+			}
 		});
 	}
 

src/services/private-services/CryptoService/CryptoService.ts

@@ -5,62 +5,44 @@ import crypto from "crypto";
 
 @Service()
 export default class CryptoService extends BaseService {
-	private jwkKey: JsonWebKey;
-	private subtle: SubtleCrypto = crypto.webcrypto.subtle
+
+	private static readonly CRYPTO_ALGORITHM = "aes-256-ctr";
+
 	constructor(protected variables: BackendVariables) {
 		super();
-		this.jwkKey = {
-			kty: "oct",
-			k: variables.KEY_DATA,
-			alg: "A256GCM",
-			ext: true,
-		};
 	}
 
-	private async getKey() {
-		return await this.subtle.importKey("jwk", this.jwkKey, {name: "AES-GCM"}, false, ["encrypt", "decrypt"]);
+	private getKey(key: string) {
+		return crypto.createHash('sha256').update(String(key)).digest('base64').slice(0, 32);
 	}
 
 	/**
 	 * @description : encrypt data
 	 * @throws {Error} If data cannot be encrypted
 	 */
-	public async encrypt(data: string) {
-		const encodedData = Buffer.from(data);
-		const iv = crypto.webcrypto.getRandomValues(new Uint8Array(16))
-		const key = await this.getKey();
-		const cipherData = await this.subtle.encrypt(
-			{
-				name: "AES-GCM",
-				iv,
-			},
-			key,
-			encodedData,
-		);
-
-		const cipherText = Buffer.from(cipherData).toString('base64');
-		const ivStringified = Buffer.from(iv).toString('base64');
-
-		return { cipherText, ivStringified };
+	public async encrypt(buffer: Buffer, key: string): Promise<Buffer> {
+		// Create an initialization vector
+		const iv = crypto.randomBytes(16);
+		// Create a new cipher using the algorithm, key, and iv
+		const cipher = crypto.createCipheriv(CryptoService.CRYPTO_ALGORITHM, this.getKey(key), iv);
+		// Create the new (encrypted) buffer
+		const result = Buffer.concat([iv, cipher.update(buffer), cipher.final()]);
+		return result;
 	}
 	
 	/**
 	 * @description : decrypt data with an initialization vector
 	 * @throws {Error} If data cannot be decrypted
 	 */
-	public async decrypt(cipherText: string, ivStringified: string): Promise<string> {
-		const cipherData = Buffer.from(cipherText, 'base64');
-		const iv =  Buffer.from(ivStringified, 'base64');
-		const key = await this.getKey();
-		const decryptedData = await this.subtle.decrypt(
-			{
-				name: "AES-GCM",
-				iv,
-			},
-			key,
-			cipherData,
-		);
-
-		return Buffer.from(decryptedData).toString('utf-8');
+	public async decrypt(encrypted: Buffer, key: string): Promise<Buffer> {
+		// Get the iv: the first 16 bytes
+		const iv = encrypted.subarray(0, 16);
+		// Get the rest
+		encrypted = encrypted.subarray(16);
+		// Create a decipher
+		const decipher = crypto.createDecipheriv(CryptoService.CRYPTO_ALGORITHM, this.getKey(key), iv);
+		// Actually decrypt it
+		const result = Buffer.concat([decipher.update(encrypted), decipher.final()]);
+		return result;
 	}
 }

src/services/private-services/FilesService/FilesService.ts

@@ -1,16 +1,21 @@
 import FilesRepository from "@Repositories/FilesRepository";
 import BaseService from "@Services/BaseService";
 import { Service } from "typedi";
-import { File } from "le-coffre-resources/dist/SuperAdmin"
+import { File } from "le-coffre-resources/dist/SuperAdmin";
 import CryptoService from "../CryptoService/CryptoService";
 import IpfsService from "../IpfsService/IpfsService";
-//import fs from "fs";
 import { BackendVariables } from "@Common/config/variables/Variables";
 import { Readable } from "stream";
+import { v4 } from "uuid";
 
 @Service()
 export default class FilesService extends BaseService {
-	constructor(private filesRepository: FilesRepository, private ipfsService: IpfsService, private variables: BackendVariables, private cryptoService: CryptoService) {
+	constructor(
+		private filesRepository: FilesRepository,
+		private ipfsService: IpfsService,
+		private variables: BackendVariables,
+		private cryptoService: CryptoService,
+	) {
 		super();
 	}
 
@@ -22,17 +27,39 @@ export default class FilesService extends BaseService {
 		return this.filesRepository.findMany(query);
 	}
 
+	/**
+	 * @description : Get a file by uid
+	 * @throws {Error} If project cannot be created
+	 */
+	public async getByUid(uid: string) {
+		return this.filesRepository.findOneByUid(uid);
+	}
+
+	/**
+	 * @description : view a file
+	 * @throws {Error} If file cannot be deleted
+	 */
+	public async updload(uid: string) {
+		const file = await this.filesRepository.findOneByUid(uid);
+		if (!file.key) throw new Error("file deleted");
+		const fileResult = await fetch(file.file_path);
+		const fileContent = await fileResult.arrayBuffer();
+		return await this.cryptoService.decrypt(Buffer.from(fileContent), file.key);
+	}
+
 	/**
 	 * @description : Create a new file
 	 * @throws {Error} If file cannot be created
 	 */
 	public async create(file: File, fileData: Express.Multer.File) {
-		const upload = await this.ipfsService.pinFile(Readable.from(fileData.buffer), fileData.originalname);
-		const encryptedPath = await this.cryptoService.encrypt(this.variables.PINATA_GATEWAY.concat(upload.IpfsHash));
-		file.file_name = fileData.originalname; 
-		file.file_path = encryptedPath.cipherText;
-		file.iv = encryptedPath.ivStringified;
-		return this.filesRepository.create(file);
+		const key = v4();
+		const encryptedFile = await this.cryptoService.encrypt(fileData.buffer, key);
+		//const encryptedFileName = await this.cryptoService.encrypt(Buffer.from(fileData.originalname, 'utf-8'), key);
+		const upload = await this.ipfsService.pinFile(Readable.from(encryptedFile), fileData.originalname);
+		file.file_name = fileData.originalname; //encryptedFileName.toString('utf-8')
+		file.file_path = this.variables.PINATA_GATEWAY.concat(upload.IpfsHash);
+
+		return this.filesRepository.create(file, key);
 	}
 
 	/**
@@ -50,21 +77,12 @@ export default class FilesService extends BaseService {
 	public async delete(uid: string) {
 		try {
 			const fileToUnpin = await this.filesRepository.findOneByUid(uid);
-			const decryptedFilePath = await this.cryptoService.decrypt(fileToUnpin.file_path, fileToUnpin.iv);
-			const fileHash= decryptedFilePath.substring(this.variables.PINATA_GATEWAY.length);
-			await this.ipfsService.unpinFile(fileHash)
-		} catch (error) {
-			console.log(error);
+		const fileHash = fileToUnpin.file_path.substring(this.variables.PINATA_GATEWAY.length);
+		await this.ipfsService.unpinFile(fileHash);
+		} catch(error) {
+			console.error(error);
 		}
 		
 		return this.filesRepository.delete(uid);
 	}
-
-	/**
-	 * @description : Get a file by uid
-	 * @throws {Error} If project cannot be created
-	 */
-	public async getByUid(uid: string) {
-		return this.filesRepository.findOneByUid(uid);
-	}
 }