add rules middleware
This commit is contained in:
OxSaitama
parent
8ff4cc2afd
commit
e1b2bec912
@ -1,94 +0,0 @@
|
||||
import { Response, Request } from "express";
|
||||
import { Controller, Post } from "@ControllerPattern/index";
|
||||
import ApiController from "@Common/system/controller-pattern/ApiController";
|
||||
import { Service } from "typedi";
|
||||
import AuthService from "@Services/private-services/AuthService/AuthService";
|
||||
import UsersService from "@Services/super-admin/UsersService/UsersService";
|
||||
import User from "le-coffre-resources/dist/SuperAdmin";
|
||||
import { JwtPayload } from "jsonwebtoken";
|
||||
import { validateOrReject } from "class-validator";
|
||||
//import User from "le-coffre-resources/dist/Notary";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
export default class UserInfoController extends ApiController {
|
||||
constructor(private authService: AuthService, private userService: UsersService) {
|
||||
super();
|
||||
}
|
||||
|
||||
/**
|
||||
* @description Get user created from IdNot authentification
|
||||
* @returns User
|
||||
*/
|
||||
@Post("/api/v1/idnot-user/:code")
|
||||
protected async getUserInfosFromIdnot(req: Request, response: Response) {
|
||||
try {
|
||||
const code = req.params["code"];
|
||||
const user = await this.authService.getUserFromIdNotTokens(code!);
|
||||
//success
|
||||
this.httpSuccess(response, user);
|
||||
} catch (error) {
|
||||
this.httpInternalError(response);
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
@Post("/api/v1/login/:idnot")
|
||||
protected async login(req: Request, response: Response) {
|
||||
try {
|
||||
const id = req.params["idnot"];
|
||||
if (!id) throw new Error("idnot is required");
|
||||
|
||||
const users = await this.userService.get({ where: { idNot: id } , include: {contact: true, role: true, office_membership: true}});
|
||||
const user = User.hydrate<User>(users[0]!, { strategy: "excludeAll" });
|
||||
await validateOrReject(user, { groups: ["auth"] })
|
||||
console.log(user)
|
||||
const accessToken = this.authService.generateAccessToken(user);
|
||||
const refreshToken = this.authService.generateRefreshToken(user);
|
||||
|
||||
//success
|
||||
this.httpSuccess(response, { accessToken, refreshToken });
|
||||
} catch (error) {
|
||||
console.log(error);
|
||||
this.httpInternalError(response);
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
@Post("/api/v1/refresh-token")
|
||||
protected async refreshToken(req: Request, response: Response) {
|
||||
try {
|
||||
const authHeader = req.headers["authorization"];
|
||||
const token = authHeader && authHeader.split(" ")[1];
|
||||
|
||||
if (!token) {
|
||||
this.httpBadRequest(response);
|
||||
return;
|
||||
}
|
||||
|
||||
let accessToken;
|
||||
this.authService.verifyRefreshToken(token, (err, userPayload) => {
|
||||
if (err) {
|
||||
this.httpUnauthorized(response);
|
||||
return;
|
||||
}
|
||||
|
||||
const user = userPayload as JwtPayload;
|
||||
console.log(userPayload)
|
||||
// const user = User.hydrate<User>(userPayload!, { strategy: "excludeAll" });
|
||||
// const user = await this.userService.getByUid(userPayload!.uid);
|
||||
// const users = await this.userService.getByUid(userPayload!.uid);
|
||||
delete user.iat;
|
||||
delete user!.exp;
|
||||
accessToken = this.authService.generateAccessToken(user);
|
||||
});
|
||||
|
||||
//success
|
||||
this.httpSuccess(response, accessToken);
|
||||
} catch (error) {
|
||||
console.log(error)
|
||||
this.httpInternalError(response);
|
||||
return;
|
||||
}
|
||||
}
|
||||
}
|
||||
85
src/app/api/idnot/UserController.ts
Normal file
85
src/app/api/idnot/UserController.ts
Normal file
@ -0,0 +1,85 @@
|
||||
import { Response, Request } from "express";
|
||||
import { Controller, Post } from "@ControllerPattern/index";
|
||||
import ApiController from "@Common/system/controller-pattern/ApiController";
|
||||
import { Service } from "typedi";
|
||||
import AuthService from "@Services/common/AuthService/AuthService";
|
||||
import { JwtPayload } from "jsonwebtoken";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
export default class UserController extends ApiController {
|
||||
constructor(private authService: AuthService) {
|
||||
super();
|
||||
}
|
||||
|
||||
/**
|
||||
* @description Get user created from IdNot authentification
|
||||
* @todo Used for test, should be removed
|
||||
* @returns User
|
||||
*/
|
||||
// @Post("/api/v1/idnot/user/:code")
|
||||
// protected async getUserInfosFromIdnot(req: Request, response: Response) {
|
||||
// console.warn("/api/v1/idnot/user/:code used for test, should be removed");
|
||||
|
||||
// try {
|
||||
// const code = req.params["code"];
|
||||
// const user = await this.authService.getUserFromIdNotTokens(code!);
|
||||
// //success
|
||||
// this.httpSuccess(response, user);
|
||||
// } catch (error) {
|
||||
// this.httpInternalError(response);
|
||||
// return;
|
||||
// }
|
||||
// }
|
||||
|
||||
@Post("/api/v1/idnot/user/login/:idnot")
|
||||
protected async login(req: Request, response: Response) {
|
||||
try {
|
||||
const id = req.params["idnot"];
|
||||
if (!id) throw new Error("idnot is required");
|
||||
|
||||
const payload = await this.authService.getUserPayload(id!);
|
||||
const accessToken = this.authService.generateAccessToken(payload);
|
||||
const refreshToken = this.authService.generateRefreshToken(payload);
|
||||
|
||||
//success
|
||||
this.httpSuccess(response, { accessToken, refreshToken });
|
||||
} catch (error) {
|
||||
console.log(error)
|
||||
this.httpInternalError(response);
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
@Post("/api/v1/idnot/user/refresh-token")
|
||||
protected async refreshToken(req: Request, response: Response) {
|
||||
try {
|
||||
const authHeader = req.headers["authorization"];
|
||||
const token = authHeader && authHeader.split(" ")[1];
|
||||
|
||||
if (!token) {
|
||||
this.httpBadRequest(response);
|
||||
return;
|
||||
}
|
||||
|
||||
let accessToken;
|
||||
this.authService.verifyRefreshToken(token, (err, userPayload) => {
|
||||
if (err) {
|
||||
this.httpUnauthorized(response);
|
||||
return;
|
||||
}
|
||||
|
||||
const user = userPayload as JwtPayload;
|
||||
delete user.iat;
|
||||
delete user!.exp;
|
||||
accessToken = this.authService.generateAccessToken(user);
|
||||
});
|
||||
|
||||
//success
|
||||
this.httpSuccess(response, accessToken);
|
||||
} catch (error) {
|
||||
this.httpInternalError(response);
|
||||
return;
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -6,6 +6,8 @@ import { Service } from "typedi";
|
||||
import { Customer } from "le-coffre-resources/dist/SuperAdmin";
|
||||
import { Customers } from "@prisma/client";
|
||||
import { validateOrReject } from "class-validator";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -17,7 +19,7 @@ export default class CustomersController extends ApiController {
|
||||
/**
|
||||
* @description Get all customers
|
||||
*/
|
||||
@Get("/api/v1/super-admin/customers")
|
||||
@Get("/api/v1/super-admin/customers", [authHandler,ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -40,7 +42,7 @@ export default class CustomersController extends ApiController {
|
||||
/**
|
||||
* @description Create a new customer
|
||||
*/
|
||||
@Post("/api/v1/super-admin/customers")
|
||||
@Post("/api/v1/super-admin/customers", [authHandler,ruleHandler])
|
||||
protected async post(req: Request, response: Response) {
|
||||
try {
|
||||
//init IUser resource with request body values
|
||||
@ -66,7 +68,7 @@ export default class CustomersController extends ApiController {
|
||||
/**
|
||||
* @description Modify a specific customer by uid
|
||||
*/
|
||||
@Put("/api/v1/super-admin/customers/:uid")
|
||||
@Put("/api/v1/super-admin/customers/:uid", [authHandler,ruleHandler])
|
||||
protected async put(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -107,7 +109,7 @@ export default class CustomersController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific customer by uid
|
||||
*/
|
||||
@Get("/api/v1/super-admin/customers/:uid")
|
||||
@Get("/api/v1/super-admin/customers/:uid", [authHandler,ruleHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -6,6 +6,8 @@ import DeedTypesService from "@Services/super-admin/DeedTypesService/DeedTypesSe
|
||||
import { DeedTypes } from "@prisma/client";
|
||||
import { DeedType } from "le-coffre-resources/dist/SuperAdmin";
|
||||
import { validateOrReject } from "class-validator";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -18,7 +20,7 @@ export default class DeedTypesController extends ApiController {
|
||||
* @description Get all deedtypes
|
||||
* @returns Deedtype[] list of deedtypes
|
||||
*/
|
||||
@Get("/api/v1/super-admin/deed-types")
|
||||
@Get("/api/v1/super-admin/deed-types", [authHandler,ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -41,7 +43,7 @@ export default class DeedTypesController extends ApiController {
|
||||
* @description Create a new deedtype
|
||||
* @returns Deedtype created
|
||||
*/
|
||||
@Post("/api/v1/super-admin/deed-types")
|
||||
@Post("/api/v1/super-admin/deed-types", [authHandler,ruleHandler])
|
||||
protected async post(req: Request, response: Response) {
|
||||
try {
|
||||
//init DeedType resource with request body values
|
||||
@ -70,7 +72,7 @@ export default class DeedTypesController extends ApiController {
|
||||
* @description Modify a specific deedtype by uid
|
||||
* @returns Deedtype modified
|
||||
*/
|
||||
@Put("/api/v1/super-admin/deed-types/:uid")
|
||||
@Put("/api/v1/super-admin/deed-types/:uid", [authHandler,ruleHandler])
|
||||
protected async put(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -112,7 +114,7 @@ export default class DeedTypesController extends ApiController {
|
||||
* @description Get a specific deedtype by uid
|
||||
* @returns IDeedtype
|
||||
*/
|
||||
@Get("/api/v1/super-admin/deed-types/:uid")
|
||||
@Get("/api/v1/super-admin/deed-types/:uid", [authHandler,ruleHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -6,6 +6,8 @@ import { Service } from "typedi";
|
||||
import { Deeds } from "@prisma/client";
|
||||
import { Deed } from "le-coffre-resources/dist/SuperAdmin";
|
||||
import { validateOrReject } from "class-validator";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -18,7 +20,7 @@ export default class DeedsController extends ApiController {
|
||||
* @description Get all deeds
|
||||
* @returns Deed[] list of deeds
|
||||
*/
|
||||
@Get("/api/v1/super-admin/deeds")
|
||||
@Get("/api/v1/super-admin/deeds", [authHandler,ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -41,7 +43,7 @@ export default class DeedsController extends ApiController {
|
||||
* @description Get a specific deed by uid
|
||||
* @returns Deed
|
||||
*/
|
||||
@Get("/api/v1/super-admin/deeds/:uid")
|
||||
@Get("/api/v1/super-admin/deeds/:uid", [authHandler,ruleHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -79,7 +81,7 @@ export default class DeedsController extends ApiController {
|
||||
/**
|
||||
* @description Modify a specific deed by uid
|
||||
*/
|
||||
@Put("/api/v1/super-admin/deeds/:uid")
|
||||
@Put("/api/v1/super-admin/deeds/:uid", [authHandler,ruleHandler])
|
||||
protected async put(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -7,6 +7,8 @@ import { DocumentTypes } from "@prisma/client";
|
||||
import ObjectHydrate from "@Common/helpers/ObjectHydrate";
|
||||
import { DocumentType } from "le-coffre-resources/dist/SuperAdmin";
|
||||
import { validateOrReject } from "class-validator";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -18,7 +20,7 @@ export default class DocumentTypesController extends ApiController {
|
||||
/**
|
||||
* @description Get all document-types
|
||||
*/
|
||||
@Get("/api/v1/super-admin/document-types")
|
||||
@Get("/api/v1/super-admin/document-types", [authHandler,ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -43,7 +45,7 @@ export default class DocumentTypesController extends ApiController {
|
||||
/**
|
||||
* @description Create a new documentType
|
||||
*/
|
||||
@Post("/api/v1/super-admin/document-types")
|
||||
@Post("/api/v1/super-admin/document-types", [authHandler,ruleHandler])
|
||||
protected async post(req: Request, response: Response) {
|
||||
try {
|
||||
//init DocumentType resource with request body values
|
||||
@ -67,7 +69,7 @@ export default class DocumentTypesController extends ApiController {
|
||||
/**
|
||||
* @description Modify a specific documentType by uid
|
||||
*/
|
||||
@Put("/api/v1/super-admin/document-types/:uid")
|
||||
@Put("/api/v1/super-admin/document-types/:uid", [authHandler,ruleHandler])
|
||||
protected async put(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -107,7 +109,7 @@ export default class DocumentTypesController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific documentType by uid
|
||||
*/
|
||||
@Get("/api/v1/super-admin/document-types/:uid")
|
||||
@Get("/api/v1/super-admin/document-types/:uid", [authHandler,ruleHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -6,6 +6,8 @@ import DocumentsService from "@Services/super-admin/DocumentsService/DocumentsSe
|
||||
import { Documents } from "@prisma/client";
|
||||
import { Document } from "le-coffre-resources/dist/SuperAdmin";
|
||||
import { validateOrReject } from "class-validator";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -18,7 +20,7 @@ export default class DocumentsController extends ApiController {
|
||||
* @description Get all documents
|
||||
* @returns IDocument[] list of documents
|
||||
*/
|
||||
@Get("/api/v1/super-admin/documents")
|
||||
@Get("/api/v1/super-admin/documents", [authHandler,ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -42,7 +44,7 @@ export default class DocumentsController extends ApiController {
|
||||
* @description Create a new document
|
||||
* @returns IDocument created
|
||||
*/
|
||||
@Post("/api/v1/super-admin/documents")
|
||||
@Post("/api/v1/super-admin/documents", [authHandler,ruleHandler])
|
||||
protected async post(req: Request, response: Response) {
|
||||
try {
|
||||
//init Document resource with request body values
|
||||
@ -70,7 +72,7 @@ export default class DocumentsController extends ApiController {
|
||||
/**
|
||||
* @description Update a specific document
|
||||
*/
|
||||
@Put("/api/v1/super-admin/documents/:uid")
|
||||
@Put("/api/v1/super-admin/documents/:uid", [authHandler,ruleHandler])
|
||||
protected async update(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -109,7 +111,7 @@ export default class DocumentsController extends ApiController {
|
||||
/**
|
||||
* @description Delete a specific document
|
||||
*/
|
||||
@Delete("/api/v1/super-admin/documents/:uid")
|
||||
@Delete("/api/v1/super-admin/documents/:uid", [authHandler,ruleHandler])
|
||||
protected async delete(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -142,7 +144,7 @@ export default class DocumentsController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific document by uid
|
||||
*/
|
||||
@Get("/api/v1/super-admin/documents/:uid")
|
||||
@Get("/api/v1/super-admin/documents/:uid", [authHandler,ruleHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -2,11 +2,13 @@ import { Response, Request } from "express";
|
||||
import { Controller, Delete, Get, Post, Put } from "@ControllerPattern/index";
|
||||
import ApiController from "@Common/system/controller-pattern/ApiController";
|
||||
import { Service } from "typedi";
|
||||
import FilesService from "@Services/private-services/FilesService/FilesService";
|
||||
import FilesService from "@Services/common/FilesService/FilesService";
|
||||
import { Files } from "@prisma/client";
|
||||
import { File } from "le-coffre-resources/dist/SuperAdmin";
|
||||
import { validateOrReject } from "class-validator";
|
||||
import DocumentsService from "@Services/super-admin/DocumentsService/DocumentsService";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -19,7 +21,7 @@ export default class FilesController extends ApiController {
|
||||
* @description Get all Files
|
||||
* @returns File[] list of Files
|
||||
*/
|
||||
@Get("/api/v1/super-admin/files")
|
||||
@Get("/api/v1/super-admin/files", [authHandler,ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -42,7 +44,7 @@ export default class FilesController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific File by uid
|
||||
*/
|
||||
@Get("/api/v1/super-admin/files/download/:uid")
|
||||
@Get("/api/v1/super-admin/files/download/:uid", [authHandler,ruleHandler])
|
||||
protected async download(req: Request, response: Response) {
|
||||
const uid = req.params["uid"];
|
||||
if (!uid) {
|
||||
@ -71,7 +73,7 @@ export default class FilesController extends ApiController {
|
||||
* @description Create a new File
|
||||
* @returns File created
|
||||
*/
|
||||
@Post("/api/v1/super-admin/files")
|
||||
@Post("/api/v1/super-admin/files", [authHandler,ruleHandler])
|
||||
protected async post(req: Request, response: Response) {
|
||||
try {
|
||||
//get file
|
||||
@ -112,7 +114,7 @@ export default class FilesController extends ApiController {
|
||||
/**
|
||||
* @description Update a specific file
|
||||
*/
|
||||
@Put("/api/v1/super-admin/files/:uid")
|
||||
@Put("/api/v1/super-admin/files/:uid", [authHandler,ruleHandler])
|
||||
protected async update(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -150,7 +152,7 @@ export default class FilesController extends ApiController {
|
||||
/**
|
||||
* @description Delete a specific File
|
||||
*/
|
||||
@Delete("/api/v1/super-admin/files/:uid")
|
||||
@Delete("/api/v1/super-admin/files/:uid", [authHandler,ruleHandler])
|
||||
protected async delete(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -188,7 +190,7 @@ export default class FilesController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific File by uid
|
||||
*/
|
||||
@Get("/api/v1/super-admin/files/:uid")
|
||||
@Get("/api/v1/super-admin/files/:uid", [authHandler,ruleHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -6,6 +6,8 @@ import { Service } from "typedi";
|
||||
import { OfficeFolders } from "@prisma/client";
|
||||
import { OfficeFolder } from "le-coffre-resources/dist/SuperAdmin";
|
||||
import { validateOrReject } from "class-validator";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -17,7 +19,7 @@ export default class OfficeFoldersController extends ApiController {
|
||||
/**
|
||||
* @description Get all folders
|
||||
*/
|
||||
@Get("/api/v1/super-admin/folders")
|
||||
@Get("/api/v1/super-admin/folders", [authHandler,ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -41,7 +43,7 @@ export default class OfficeFoldersController extends ApiController {
|
||||
/**
|
||||
* @description Create a new folder
|
||||
*/
|
||||
@Post("/api/v1/super-admin/folders")
|
||||
@Post("/api/v1/super-admin/folders", [authHandler,ruleHandler])
|
||||
protected async post(req: Request, response: Response) {
|
||||
try {
|
||||
//init OfficeFolder resource with request body values
|
||||
@ -78,7 +80,7 @@ export default class OfficeFoldersController extends ApiController {
|
||||
/**
|
||||
* @description Modify a specific folder by uid
|
||||
*/
|
||||
@Put("/api/v1/super-admin/folders/:uid")
|
||||
@Put("/api/v1/super-admin/folders/:uid", [authHandler,ruleHandler])
|
||||
protected async put(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -120,7 +122,7 @@ export default class OfficeFoldersController extends ApiController {
|
||||
* @description Get a specific folder by uid
|
||||
* @returns IFolder
|
||||
*/
|
||||
@Get("/api/v1/super-admin/folders/:uid")
|
||||
@Get("/api/v1/super-admin/folders/:uid", [authHandler,ruleHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -159,7 +161,7 @@ export default class OfficeFoldersController extends ApiController {
|
||||
/**
|
||||
* @description Delete a specific folder
|
||||
*/
|
||||
@Delete("/api/v1/super-admin/folders/:uid")
|
||||
@Delete("/api/v1/super-admin/folders/:uid", [authHandler,ruleHandler])
|
||||
protected async delete(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -6,6 +6,8 @@ import { Service } from "typedi";
|
||||
import { Offices } from "@prisma/client";
|
||||
import { Office as OfficeResource } from "le-coffre-resources/dist/SuperAdmin";
|
||||
import { validateOrReject } from "class-validator";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -16,7 +18,7 @@ export default class OfficesController extends ApiController {
|
||||
/**
|
||||
* @description Get all offices
|
||||
*/
|
||||
@Get("/api/v1/super-admin/offices")
|
||||
@Get("/api/v1/super-admin/offices", [authHandler, ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -35,7 +37,7 @@ export default class OfficesController extends ApiController {
|
||||
/**
|
||||
* @description Create a new office
|
||||
*/
|
||||
@Post("/api/v1/super-admin/offices")
|
||||
@Post("/api/v1/super-admin/offices", [authHandler,ruleHandler])
|
||||
protected async post(req: Request, response: Response) {
|
||||
try {
|
||||
//init IUser resource with request body values
|
||||
@ -58,7 +60,7 @@ export default class OfficesController extends ApiController {
|
||||
/**
|
||||
* @description Modify a specific office by uid
|
||||
*/
|
||||
@Put("/api/v1/super-admin/offices/:uid")
|
||||
@Put("/api/v1/super-admin/offices/:uid", [authHandler,ruleHandler])
|
||||
protected async put(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -93,7 +95,7 @@ export default class OfficesController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific office by uid
|
||||
*/
|
||||
@Get("/api/v1/super-admin/offices/:uid")
|
||||
@Get("/api/v1/super-admin/offices/:uid", [authHandler,ruleHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -6,6 +6,8 @@ import { Service } from "typedi";
|
||||
import { validateOrReject } from "class-validator";
|
||||
import { Role } from "le-coffre-resources/dist/Notary";
|
||||
import { Roles } from "@prisma/client";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -17,7 +19,7 @@ export default class RolesController extends ApiController {
|
||||
/**
|
||||
* @description Get all roles
|
||||
*/
|
||||
@Get("/api/v1/super-admin/roles")
|
||||
@Get("/api/v1/super-admin/roles", [authHandler,ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -40,7 +42,7 @@ export default class RolesController extends ApiController {
|
||||
/**
|
||||
* @description Create a new role
|
||||
*/
|
||||
@Post("/api/v1/super-admin/roles")
|
||||
@Post("/api/v1/super-admin/roles", [authHandler,ruleHandler])
|
||||
protected async getAddresses(req: Request, response: Response) {
|
||||
try {
|
||||
//init IRole resource with request body values
|
||||
@ -68,7 +70,7 @@ export default class RolesController extends ApiController {
|
||||
/**
|
||||
* @description Modify a specific role by uid
|
||||
*/
|
||||
@Put("/api/v1/super-admin/roles/:uid")
|
||||
@Put("/api/v1/super-admin/roles/:uid", [authHandler,ruleHandler])
|
||||
protected async put(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -109,7 +111,7 @@ export default class RolesController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific role by uid
|
||||
*/
|
||||
@Get("/api/v1/super-admin/roles/:uid")
|
||||
@Get("/api/v1/super-admin/roles/:uid", [authHandler,ruleHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -6,6 +6,8 @@ import { Service } from "typedi";
|
||||
import { validateOrReject } from "class-validator";
|
||||
import { Rule } from "le-coffre-resources/dist/Notary";
|
||||
import { Rules } from "@prisma/client";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -17,7 +19,7 @@ export default class RulesController extends ApiController {
|
||||
/**
|
||||
* @description Get all rules
|
||||
*/
|
||||
@Get("/api/v1/super-admin/rules")
|
||||
@Get("/api/v1/super-admin/rules", [authHandler,ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -40,7 +42,7 @@ export default class RulesController extends ApiController {
|
||||
/**
|
||||
* @description Create a new rule
|
||||
*/
|
||||
@Post("/api/v1/super-admin/rules")
|
||||
@Post("/api/v1/super-admin/rules", [authHandler,ruleHandler])
|
||||
protected async getAddresses(req: Request, response: Response) {
|
||||
try {
|
||||
//init IRule resource with request body values
|
||||
@ -68,7 +70,7 @@ export default class RulesController extends ApiController {
|
||||
/**
|
||||
* @description Modify a specific rule by uid
|
||||
*/
|
||||
@Put("/api/v1/super-admin/rules/:uid")
|
||||
@Put("/api/v1/super-admin/rules/:uid", [authHandler,ruleHandler])
|
||||
protected async put(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -109,7 +111,7 @@ export default class RulesController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific rule by uid
|
||||
*/
|
||||
@Get("/api/v1/super-admin/rules/:uid")
|
||||
@Get("/api/v1/super-admin/rules/:uid", [authHandler,ruleHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -7,6 +7,7 @@ import { validateOrReject } from "class-validator";
|
||||
import User from "le-coffre-resources/dist/Notary";
|
||||
import { Users } from "@prisma/client";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -18,7 +19,7 @@ export default class UsersController extends ApiController {
|
||||
/**
|
||||
* @description Get all users
|
||||
*/
|
||||
@Get("/api/v1/super-admin/users", [authHandler])
|
||||
@Get("/api/v1/super-admin/users", [authHandler,ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -41,7 +42,7 @@ export default class UsersController extends ApiController {
|
||||
/**
|
||||
* @description Create a new user
|
||||
*/
|
||||
@Post("/api/v1/super-admin/users", [authHandler])
|
||||
@Post("/api/v1/super-admin/users", [authHandler, ruleHandler])
|
||||
protected async getAddresses(req: Request, response: Response) {
|
||||
try {
|
||||
//init IUser resource with request body values
|
||||
@ -69,7 +70,7 @@ export default class UsersController extends ApiController {
|
||||
/**
|
||||
* @description Modify a specific user by uid
|
||||
*/
|
||||
@Put("/api/v1/super-admin/users/:uid")
|
||||
@Put("/api/v1/super-admin/users/:uid", [authHandler,ruleHandler])
|
||||
protected async put(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -110,7 +111,7 @@ export default class UsersController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific user by uid
|
||||
*/
|
||||
@Get("/api/v1/super-admin/users/:uid")
|
||||
@Get("/api/v1/super-admin/users/:uid",[authHandler,ruleHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -8,7 +8,7 @@ import DeedsController from "./api/super-admin/DeedsController";
|
||||
import DeedTypesController from "./api/super-admin/DeedTypesController";
|
||||
import DocumentsController from "./api/super-admin/DocumentsController";
|
||||
import DocumentTypesController from "./api/super-admin/DocumentTypesController";
|
||||
import IdNotUserInfoController from "./api/idnot-user/UserInfoController";
|
||||
import IdNotUserController from "./api/idnot/UserController";
|
||||
import DocumentsControllerCustomer from "./api/customer/DocumentsController";
|
||||
import FilesController from "./api/super-admin/FilesController";
|
||||
import RulesController from "./api/super-admin/RolesController";
|
||||
@ -29,7 +29,7 @@ export default {
|
||||
Container.get(DeedTypesController);
|
||||
Container.get(DocumentsController);
|
||||
Container.get(DocumentTypesController);
|
||||
Container.get(IdNotUserInfoController);
|
||||
Container.get(IdNotUserController);
|
||||
Container.get(FilesController);
|
||||
Container.get(DocumentsControllerCustomer);
|
||||
Container.get(RulesController);
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
import HttpCodes from "@Common/system/controller-pattern/HttpCodes";
|
||||
import AuthService from "@Services/private-services/AuthService/AuthService";
|
||||
import AuthService from "@Services/common/AuthService/AuthService";
|
||||
import { NextFunction, Request, Response } from "express";
|
||||
import Container from "typedi";
|
||||
|
||||
@ -7,14 +7,20 @@ export default function authHandler(req: Request, response: Response, next: Next
|
||||
const authHeader = req.headers['authorization'];
|
||||
const token = authHeader && authHeader.split(' ')[1];
|
||||
|
||||
if (!token) return response.sendStatus(HttpCodes.UNAUTHORIZED)
|
||||
if (!token) {
|
||||
response.sendStatus(HttpCodes.UNAUTHORIZED)
|
||||
return;
|
||||
}
|
||||
|
||||
const authService = Container.get(AuthService);
|
||||
authService.verifyAccessToken(token, (err, userPayload) => {
|
||||
if (err) return response.sendStatus(HttpCodes.UNAUTHORIZED);
|
||||
req.body.user = userPayload;
|
||||
if (err) {
|
||||
response.sendStatus(HttpCodes.UNAUTHORIZED);
|
||||
return;
|
||||
})
|
||||
return next();
|
||||
}
|
||||
console.log(userPayload);
|
||||
req.body.user = userPayload
|
||||
next();
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
22
src/app/middlewares/RulesHandler.ts
Normal file
22
src/app/middlewares/RulesHandler.ts
Normal file
@ -0,0 +1,22 @@
|
||||
import HttpCodes from "@Common/system/controller-pattern/HttpCodes";
|
||||
import { NextFunction, Request, Response } from "express";
|
||||
|
||||
export default async function ruleHandler(req: Request, response: Response, next: NextFunction) {
|
||||
const rules = req.body.user.rules;
|
||||
const service = req.path && req.path.split('/')[4];
|
||||
const namespace = req.path && req.path.split('/')[3];
|
||||
const role = req.body.user.role;
|
||||
|
||||
if(namespace != 'notary' && role != namespace) {
|
||||
response.sendStatus(HttpCodes.UNAUTHORIZED);
|
||||
return;
|
||||
}
|
||||
|
||||
if(!rules.includes(req.method + ' ' + service)) {
|
||||
response.sendStatus(HttpCodes.UNAUTHORIZED);
|
||||
return;
|
||||
}
|
||||
|
||||
next();
|
||||
}
|
||||
|
||||
@ -0,0 +1,37 @@
|
||||
/*
|
||||
Warnings:
|
||||
|
||||
- You are about to drop the column `office_role_has_rules_uid` on the `rules` table. All the data in the column will be lost.
|
||||
- You are about to drop the column `role_has_rules_uid` on the `rules` table. All the data in the column will be lost.
|
||||
- Added the required column `office_uid` to the `office_role_has_rules` table without a default value. This is not possible if the table is not empty.
|
||||
|
||||
*/
|
||||
-- DropForeignKey
|
||||
ALTER TABLE "rules" DROP CONSTRAINT "rules_office_role_has_rules_uid_fkey";
|
||||
|
||||
-- DropForeignKey
|
||||
ALTER TABLE "rules" DROP CONSTRAINT "rules_role_has_rules_uid_fkey";
|
||||
|
||||
-- DropForeignKey
|
||||
ALTER TABLE "users" DROP CONSTRAINT "users_roles_uid_fkey";
|
||||
|
||||
-- AlterTable
|
||||
ALTER TABLE "office_role_has_rules" ADD COLUMN "office_uid" VARCHAR(255) NOT NULL;
|
||||
|
||||
-- AlterTable
|
||||
ALTER TABLE "rules" DROP COLUMN "office_role_has_rules_uid",
|
||||
DROP COLUMN "role_has_rules_uid",
|
||||
ADD COLUMN "officesRolesHasRulesUid" TEXT,
|
||||
ADD COLUMN "rolesHasRulesUid" TEXT;
|
||||
|
||||
-- AddForeignKey
|
||||
ALTER TABLE "users" ADD CONSTRAINT "users_roles_uid_fkey" FOREIGN KEY ("roles_uid") REFERENCES "roles"("uid") ON DELETE CASCADE ON UPDATE CASCADE;
|
||||
|
||||
-- AddForeignKey
|
||||
ALTER TABLE "rules" ADD CONSTRAINT "rules_rolesHasRulesUid_fkey" FOREIGN KEY ("rolesHasRulesUid") REFERENCES "role_has_rules"("uid") ON DELETE SET NULL ON UPDATE CASCADE;
|
||||
|
||||
-- AddForeignKey
|
||||
ALTER TABLE "rules" ADD CONSTRAINT "rules_officesRolesHasRulesUid_fkey" FOREIGN KEY ("officesRolesHasRulesUid") REFERENCES "office_role_has_rules"("uid") ON DELETE SET NULL ON UPDATE CASCADE;
|
||||
|
||||
-- AddForeignKey
|
||||
ALTER TABLE "office_role_has_rules" ADD CONSTRAINT "office_role_has_rules_office_uid_fkey" FOREIGN KEY ("office_uid") REFERENCES "offices"("uid") ON DELETE CASCADE ON UPDATE CASCADE;
|
||||
@ -0,0 +1,24 @@
|
||||
/*
|
||||
Warnings:
|
||||
|
||||
- You are about to drop the column `officesRolesHasRulesUid` on the `rules` table. All the data in the column will be lost.
|
||||
- You are about to drop the column `rolesHasRulesUid` on the `rules` table. All the data in the column will be lost.
|
||||
|
||||
*/
|
||||
-- DropForeignKey
|
||||
ALTER TABLE "rules" DROP CONSTRAINT "rules_officesRolesHasRulesUid_fkey";
|
||||
|
||||
-- DropForeignKey
|
||||
ALTER TABLE "rules" DROP CONSTRAINT "rules_rolesHasRulesUid_fkey";
|
||||
|
||||
-- AlterTable
|
||||
ALTER TABLE "rules" DROP COLUMN "officesRolesHasRulesUid",
|
||||
DROP COLUMN "rolesHasRulesUid",
|
||||
ADD COLUMN "office_role_has_rules_uid" TEXT,
|
||||
ADD COLUMN "role_has_rules_uid" TEXT;
|
||||
|
||||
-- AddForeignKey
|
||||
ALTER TABLE "rules" ADD CONSTRAINT "rules_role_has_rules_uid_fkey" FOREIGN KEY ("role_has_rules_uid") REFERENCES "role_has_rules"("uid") ON DELETE SET NULL ON UPDATE CASCADE;
|
||||
|
||||
-- AddForeignKey
|
||||
ALTER TABLE "rules" ADD CONSTRAINT "rules_office_role_has_rules_uid_fkey" FOREIGN KEY ("office_role_has_rules_uid") REFERENCES "office_role_has_rules"("uid") ON DELETE SET NULL ON UPDATE CASCADE;
|
||||
@ -0,0 +1,12 @@
|
||||
/*
|
||||
Warnings:
|
||||
|
||||
- You are about to drop the column `rule_uid` on the `office_role_has_rules` table. All the data in the column will be lost.
|
||||
- You are about to drop the column `rule_uid` on the `role_has_rules` table. All the data in the column will be lost.
|
||||
|
||||
*/
|
||||
-- AlterTable
|
||||
ALTER TABLE "office_role_has_rules" DROP COLUMN "rule_uid";
|
||||
|
||||
-- AlterTable
|
||||
ALTER TABLE "role_has_rules" DROP COLUMN "rule_uid";
|
||||
@ -0,0 +1,30 @@
|
||||
/*
|
||||
Warnings:
|
||||
|
||||
- You are about to drop the column `office_role_has_rules_uid` on the `rules` table. All the data in the column will be lost.
|
||||
- You are about to drop the column `role_has_rules_uid` on the `rules` table. All the data in the column will be lost.
|
||||
- Added the required column `rule_uid` to the `office_role_has_rules` table without a default value. This is not possible if the table is not empty.
|
||||
- Added the required column `rule_uid` to the `role_has_rules` table without a default value. This is not possible if the table is not empty.
|
||||
|
||||
*/
|
||||
-- DropForeignKey
|
||||
ALTER TABLE "rules" DROP CONSTRAINT "rules_office_role_has_rules_uid_fkey";
|
||||
|
||||
-- DropForeignKey
|
||||
ALTER TABLE "rules" DROP CONSTRAINT "rules_role_has_rules_uid_fkey";
|
||||
|
||||
-- AlterTable
|
||||
ALTER TABLE "office_role_has_rules" ADD COLUMN "rule_uid" VARCHAR(255) NOT NULL;
|
||||
|
||||
-- AlterTable
|
||||
ALTER TABLE "role_has_rules" ADD COLUMN "rule_uid" VARCHAR(255) NOT NULL;
|
||||
|
||||
-- AlterTable
|
||||
ALTER TABLE "rules" DROP COLUMN "office_role_has_rules_uid",
|
||||
DROP COLUMN "role_has_rules_uid";
|
||||
|
||||
-- AddForeignKey
|
||||
ALTER TABLE "role_has_rules" ADD CONSTRAINT "role_has_rules_rule_uid_fkey" FOREIGN KEY ("rule_uid") REFERENCES "rules"("uid") ON DELETE CASCADE ON UPDATE CASCADE;
|
||||
|
||||
-- AddForeignKey
|
||||
ALTER TABLE "office_role_has_rules" ADD CONSTRAINT "office_role_has_rules_rule_uid_fkey" FOREIGN KEY ("rule_uid") REFERENCES "rules"("uid") ON DELETE CASCADE ON UPDATE CASCADE;
|
||||
@ -80,6 +80,7 @@ model Offices {
|
||||
users Users[]
|
||||
office_folders OfficeFolders[]
|
||||
document_types DocumentTypes[]
|
||||
office_role_has_rules OfficesRolesHasRules[]
|
||||
|
||||
@@map("offices")
|
||||
}
|
||||
@ -315,10 +316,8 @@ model Rules {
|
||||
name String @db.VarChar(255)
|
||||
created_at DateTime? @default(now())
|
||||
updated_at DateTime? @updatedAt
|
||||
role_has_rules RolesHasRules? @relation(fields: [role_has_rules_uid], references: [uid])
|
||||
role_has_rules_uid String?
|
||||
office_role_has_rules OfficesRolesHasRules? @relation(fields: [office_role_has_rules_uid], references: [uid])
|
||||
office_role_has_rules_uid String?
|
||||
role_has_rules RolesHasRules[]
|
||||
office_roles_has_rules OfficesRolesHasRules[]
|
||||
|
||||
@@map("rules")
|
||||
}
|
||||
@ -327,22 +326,24 @@ model RolesHasRules {
|
||||
uid String @id @unique @default(uuid())
|
||||
role Roles @relation(fields: [role_uid], references: [uid], onDelete: Cascade)
|
||||
role_uid String @db.VarChar(255)
|
||||
rule Rules @relation(fields: [rule_uid], references: [uid], onDelete: Cascade)
|
||||
rule_uid String @db.VarChar(255)
|
||||
created_at DateTime? @default(now())
|
||||
updated_at DateTime? @updatedAt
|
||||
rules Rules[]
|
||||
|
||||
@@map("role_has_rules")
|
||||
}
|
||||
|
||||
model OfficesRolesHasRules {
|
||||
uid String @id @unique @default(uuid())
|
||||
office Offices @relation(fields: [office_uid], references: [uid], onDelete: Cascade)
|
||||
role Roles @relation(fields: [role_uid], references: [uid], onDelete: Cascade)
|
||||
rule Rules @relation(fields: [rule_uid], references: [uid], onDelete: Cascade)
|
||||
office_uid String @db.VarChar(255)
|
||||
role_uid String @db.VarChar(255)
|
||||
rule_uid String @db.VarChar(255)
|
||||
created_at DateTime? @default(now())
|
||||
updated_at DateTime? @updatedAt
|
||||
rules Rules[]
|
||||
|
||||
@@map("office_role_has_rules")
|
||||
}
|
||||
|
||||
@ -18,6 +18,9 @@ import {
|
||||
ECustomerStatus,
|
||||
PrismaClient,
|
||||
Roles,
|
||||
OfficesRolesHasRules,
|
||||
RolesHasRules,
|
||||
Rules,
|
||||
} from "@prisma/client";
|
||||
|
||||
(async () => {
|
||||
@ -104,6 +107,9 @@ import {
|
||||
const uidRole1: string = randomString();
|
||||
const uidRole2: string = randomString();
|
||||
|
||||
const uidRule1: string = randomString();
|
||||
const uidRule2: string = randomString();
|
||||
|
||||
const uidOfficeFolder1: string = randomString();
|
||||
const uidOfficeFolder2: string = randomString();
|
||||
const uidOfficeFolder3: string = randomString();
|
||||
@ -167,6 +173,12 @@ import {
|
||||
const uidOfficeFolderHasCustomer3: string = randomString();
|
||||
const uidOfficeFolderHasCustomer4: string = randomString();
|
||||
|
||||
const uidOfficeRoleHasRule1: string = randomString();
|
||||
const uidOfficeRoleHasRule2: string = randomString();
|
||||
|
||||
const uidRoleHasRule1: string = randomString();
|
||||
const uidRoleHasRule2: string = randomString();
|
||||
|
||||
const uidDeedHasDocumentType1: string = randomString();
|
||||
const uidDeedHasDocumentType2: string = randomString();
|
||||
const uidDeedHasDocumentType3: string = randomString();
|
||||
@ -1688,6 +1700,57 @@ import {
|
||||
},
|
||||
];
|
||||
|
||||
const officeRoleHasRules: OfficesRolesHasRules[] = [
|
||||
{
|
||||
uid: uidOfficeRoleHasRule1,
|
||||
office_uid: uidOffice1,
|
||||
role_uid: uidRole1,
|
||||
rule_uid: uidRule1,
|
||||
created_at: new Date(),
|
||||
updated_at: new Date(),
|
||||
},
|
||||
{
|
||||
uid: uidOfficeRoleHasRule2,
|
||||
office_uid: uidOffice1,
|
||||
role_uid: uidRole2,
|
||||
rule_uid: uidRule2,
|
||||
created_at: new Date(),
|
||||
updated_at: new Date(),
|
||||
},
|
||||
];
|
||||
|
||||
const roleHasRules: RolesHasRules[] = [
|
||||
{
|
||||
uid: uidRoleHasRule1,
|
||||
role_uid: uidRole1,
|
||||
rule_uid: uidRule2,
|
||||
created_at: new Date(),
|
||||
updated_at: new Date(),
|
||||
},
|
||||
{
|
||||
uid: uidRoleHasRule2,
|
||||
role_uid: uidRole2,
|
||||
rule_uid: uidRule1,
|
||||
created_at: new Date(),
|
||||
updated_at: new Date(),
|
||||
},
|
||||
];
|
||||
|
||||
const rules: Rules[] = [
|
||||
{
|
||||
uid: uidRule1,
|
||||
name: 'GET users',
|
||||
created_at: new Date(),
|
||||
updated_at: new Date(),
|
||||
},
|
||||
{
|
||||
uid: uidRule2,
|
||||
name: 'GET offices',
|
||||
created_at: new Date(),
|
||||
updated_at: new Date(),
|
||||
}
|
||||
];
|
||||
|
||||
const deedTypeHasDocumentTypes: DeedTypeHasDocumentTypes[] = [
|
||||
{
|
||||
uid: uidDeedTypeHasDocumentType1,
|
||||
@ -1868,6 +1931,10 @@ import {
|
||||
await prisma.roles.create({ data: role });
|
||||
}
|
||||
|
||||
for (const rule of rules) {
|
||||
await prisma.rules.create({ data: rule });
|
||||
}
|
||||
|
||||
for (const user of users) {
|
||||
await prisma.users.create({ data: user });
|
||||
}
|
||||
@ -1899,6 +1966,14 @@ import {
|
||||
await prisma.officeFolderHasCustomers.create({ data: officeFolderHasCustomer });
|
||||
}
|
||||
|
||||
for (const officeRoleHasRule of officeRoleHasRules) {
|
||||
await prisma.officesRolesHasRules.create({ data: officeRoleHasRule });
|
||||
}
|
||||
|
||||
for (const roleHasRule of roleHasRules) {
|
||||
await prisma.rolesHasRules.create({ data: roleHasRule });
|
||||
}
|
||||
|
||||
for (const deedHasDocumentType of deedHasDocumentTypes) {
|
||||
await prisma.deedHasDocumentTypes.create({ data: deedHasDocumentType });
|
||||
}
|
||||
|
||||
@ -41,6 +41,17 @@ export default class RolesRepository extends BaseRepository {
|
||||
},
|
||||
},
|
||||
};
|
||||
if (role.office_role_has_rules) {
|
||||
createArgs.data.office_role_has_rules = {
|
||||
createMany: {
|
||||
data: role.office_role_has_rules.rules.map((relation) => ({
|
||||
office_uid: role.office_role_has_rules!.office.uid!,
|
||||
rule_uid: relation.uid!,
|
||||
})),
|
||||
skipDuplicates: true,
|
||||
},
|
||||
};
|
||||
}
|
||||
|
||||
return this.model.create(createArgs);
|
||||
}
|
||||
@ -71,6 +82,7 @@ export default class RolesRepository extends BaseRepository {
|
||||
deleteMany: { role_uid: role.uid },
|
||||
createMany: {
|
||||
data: role.office_role_has_rules.rules.map((relation) => ({
|
||||
office_uid: role.office_role_has_rules!.office.uid!,
|
||||
rule_uid: relation.uid!,
|
||||
})),
|
||||
skipDuplicates: true,
|
||||
|
||||
16
src/common/system/OpenIdInterface.ts
Normal file
16
src/common/system/OpenIdInterface.ts
Normal file
@ -0,0 +1,16 @@
|
||||
export type Payload = {
|
||||
sub: string;
|
||||
email: string;
|
||||
};
|
||||
|
||||
export type Tokens = {
|
||||
access_token: string;
|
||||
expires_in: number;
|
||||
id_token: string;
|
||||
token_type: string;
|
||||
};
|
||||
|
||||
export default interface OpenIdInterface {
|
||||
verifyIdToken(signingKey: string): Promise<Payload>;
|
||||
getSigningKeys(jwksUri: string): Promise<string[]>;
|
||||
}
|
||||
@ -11,6 +11,7 @@ import { BackendVariables } from "@Common/config/variables/Variables";
|
||||
//import fileHandler from "@App/middlewares/FileHandler";
|
||||
import multer from "multer";
|
||||
|
||||
|
||||
const storage = multer.memoryStorage();
|
||||
|
||||
(async () => {
|
||||
|
||||
65
src/services/common/AuthService/AuthService.ts
Normal file
65
src/services/common/AuthService/AuthService.ts
Normal file
@ -0,0 +1,65 @@
|
||||
import jwt, { VerifyCallback } from "jsonwebtoken";
|
||||
import BaseService from "@Services/BaseService";
|
||||
import "reflect-metadata";
|
||||
import { BackendVariables } from "@Common/config/variables/Variables";
|
||||
import { Service } from "typedi";
|
||||
import UsersService from "@Services/super-admin/UsersService/UsersService";
|
||||
|
||||
export type UserPayload = {
|
||||
uid: string;
|
||||
idNot: string;
|
||||
office_idNot: string;
|
||||
role: string;
|
||||
rules: string[];
|
||||
};
|
||||
|
||||
@Service()
|
||||
export default class AuthService extends BaseService {
|
||||
constructor(protected variables: BackendVariables, private userService: UsersService) {
|
||||
super();
|
||||
}
|
||||
|
||||
public async getUserPayload(id: string): Promise<UserPayload> {
|
||||
const user: any = (
|
||||
await this.userService.get({
|
||||
where: { idNot: id },
|
||||
include: {
|
||||
role: { include: { role_has_rules: { include: { rule: true } }, office_role_has_rules: { include: { rule: true } } } },
|
||||
office_membership: true,
|
||||
},
|
||||
})
|
||||
)[0];
|
||||
|
||||
if (!user) throw new Error("User not found");
|
||||
|
||||
let rules: string[] = [];
|
||||
if (user.role.office_role_has_rules.length) {
|
||||
user.role.office_role_has_rules.forEach((relation: any) => {
|
||||
if (relation.office_uid === user.office_membership.uid) rules.push(relation.rule.name);
|
||||
});
|
||||
return { uid: user.uid, idNot: user.idNot, office_idNot: user.office_membership.idNot, role: user.role.name, rules: rules };
|
||||
}
|
||||
if (!rules.length) {
|
||||
user.role.role_has_rules.forEach((relation: any) => {
|
||||
rules.push(relation.rule.name);
|
||||
});
|
||||
}
|
||||
return { uid: user.uid, idNot: user.idNot, office_idNot: user.office_membership.idNot, role: user.role.name, rules: rules };
|
||||
}
|
||||
|
||||
public generateAccessToken(user: any): string {
|
||||
return jwt.sign({ ...user }, this.variables.ACCESS_TOKEN_SECRET, { expiresIn: "15m" });
|
||||
}
|
||||
|
||||
public generateRefreshToken(user: any): string {
|
||||
return jwt.sign({ ...user }, this.variables.REFRESH_TOKEN_SECRET, { expiresIn: "1h" });
|
||||
}
|
||||
|
||||
public verifyAccessToken(token: string, callback?: VerifyCallback) {
|
||||
return jwt.verify(token, this.variables.ACCESS_TOKEN_SECRET, callback);
|
||||
}
|
||||
|
||||
public verifyRefreshToken(token: string, callback?: VerifyCallback) {
|
||||
return jwt.verify(token, this.variables.REFRESH_TOKEN_SECRET, callback);
|
||||
}
|
||||
}
|
||||
@ -1,69 +0,0 @@
|
||||
import jwt, { VerifyCallback } from "jsonwebtoken";
|
||||
import BaseService from "@Services/BaseService";
|
||||
import "reflect-metadata";
|
||||
import { BackendVariables } from "@Common/config/variables/Variables";
|
||||
import { Service } from "typedi";
|
||||
|
||||
type IdNotTokens = {
|
||||
access_token: string;
|
||||
id_token: string;
|
||||
};
|
||||
|
||||
@Service()
|
||||
export default class AuthService extends BaseService {
|
||||
|
||||
constructor(protected variables: BackendVariables) {
|
||||
super();
|
||||
}
|
||||
|
||||
/**
|
||||
* @description : Get IdNot id_token and access_token
|
||||
* @throws {Error} If jwt pair cannot be get
|
||||
*/
|
||||
public async getUserFromIdNotTokens(code: string) {
|
||||
const tokens = await this.getIdNotTokens(code);
|
||||
return jwt.decode(tokens.id_token);
|
||||
}
|
||||
|
||||
private async getIdNotTokens(code: string): Promise<IdNotTokens> {
|
||||
const url = new URL(
|
||||
this.variables.IDNOT_CONNEXION_URL.concat("?") +
|
||||
new URLSearchParams({
|
||||
client_id: this.variables.IDNOT_CLIENT_ID,
|
||||
client_secret: this.variables.IDNOT_CLIENT_SECRET,
|
||||
redirect_uri: this.variables.IDNOT_REDIRECT_URL,
|
||||
code: code,
|
||||
grant_type: "authorization_code",
|
||||
}),
|
||||
);
|
||||
try {
|
||||
const headers = new Headers({
|
||||
"Content-Type": "application/x-www-form-urlencoded",
|
||||
});
|
||||
const res = await fetch(url, {
|
||||
method: "POST",
|
||||
headers: headers,
|
||||
});
|
||||
const data = await res.json();
|
||||
return data as IdNotTokens;
|
||||
} catch (error) {
|
||||
throw new Error();
|
||||
}
|
||||
}
|
||||
|
||||
public generateAccessToken(user: any) {
|
||||
return jwt.sign({...user}, this.variables.ACCESS_TOKEN_SECRET, { expiresIn: "15m" });
|
||||
}
|
||||
|
||||
public generateRefreshToken(user: any) {
|
||||
return jwt.sign({...user}, this.variables.REFRESH_TOKEN_SECRET, { expiresIn: "1h" });
|
||||
}
|
||||
|
||||
public verifyAccessToken(token: string, callback?: VerifyCallback) {
|
||||
return jwt.verify(token, this.variables.ACCESS_TOKEN_SECRET, callback);
|
||||
}
|
||||
|
||||
public verifyRefreshToken(token: string, callback?: VerifyCallback) {
|
||||
return jwt.verify(token, this.variables.REFRESH_TOKEN_SECRET, callback);
|
||||
}
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user