Ehrenamt/ff-admin-server
2
0
Fork 0
Code Issues 17 Pull requests Projects Releases 36 Packages Wiki Activity Actions

permission system - permission formatting

Browse source
This commit is contained in:
Julian Krauser 2024-08-26 13:47:08 +02:00
parent d889f92643
commit 2f5d9d3f01
15 changed files with 352 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

30
src/controller/authController.ts
View file

@ -1,17 +1,15 @@
import { Request, Response } from "express";
import { JWTHelper } from "../helpers/jwtHelper";
import { JWTData, JWTToken } from "../type/jwtTypes";
import { JWTToken } from "../type/jwtTypes";
import InternalException from "../exceptions/internalException";
import RefreshCommandHandler from "../command/refreshCommandHandler";
import { CreateRefreshCommand, DeleteRefreshCommand } from "../command/refreshCommand";
import UserService from "../service/userService";
import speakeasy from "speakeasy";
import UnauthorizedRequestException from "../exceptions/unauthorizedRequestException";
import QRCode from "qrcode";
import { CreateUserCommand } from "../command/userCommand";
import UserCommandHandler from "../command/userCommandHandler";
import RefreshService from "../service/refreshService";
import BadRequestException from "../exceptions/badRequestException";
import PermissionService from "../service/permissionService";
import PermissionHelper from "../helpers/permissionHelper";
/**
* @description Check authentication status by token
@ -23,7 +21,7 @@ export async function login(req: Request, res: Response): Promise<any> {
let username = req.body.username;
let totp = req.body.totp;
let { id, secret } = await UserService.getByUsername(username);
let { id, secret, mail, firstname, lastname } = await UserService.getByUsername(username);
let valid = speakeasy.totp.verify({
secret: secret,
@ -36,10 +34,17 @@ export async function login(req: Request, res: Response): Promise<any> {
throw new UnauthorizedRequestException("Token not valid or expired");
}
let permissions = await PermissionService.getByUser(id);
let permissionStrings = permissions.map((e) => e.permission);
let permissionObject = PermissionHelper.convertToObject(permissionStrings);
let jwtData: JWTToken = {
userId: id,
mail: mail,
username: username,
rights: [],
firstname: firstname,
lastname: lastname,
permissions: permissionObject,
};
let accessToken: string;
@ -96,12 +101,19 @@ export async function refresh(req: Request, res: Response): Promise<any> {
throw new UnauthorizedRequestException("user not identified with token and refresh");
}
let { id, username } = await UserService.getById(tokenUserId);
let { id, username, mail, firstname, lastname } = await UserService.getById(tokenUserId);
let permissions = await PermissionService.getByUser(id);
let permissionStrings = permissions.map((e) => e.permission);
let permissionObject = PermissionHelper.convertToObject(permissionStrings);
let jwtData: JWTToken = {
userId: id,
mail: mail,
username: username,
rights: [],
firstname: firstname,
lastname: lastname,
permissions: permissionObject,
};
let accessToken: string;

19
src/controller/inviteController.ts
View file

@ -16,6 +16,8 @@ import InviteService from "../service/inviteService";
import UserService from "../service/userService";
import CustomRequestException from "../exceptions/customRequestException";
import { CLUB_NAME } from "../env.defaults";
import { CreatePermissionCommand } from "../command/permissionCommand";
import PermissionCommandHandler from "../command/permissionCommandHandler";
/**
* @description start first user
@ -98,7 +100,7 @@ export async function verifyInvite(req: Request, res: Response): Promise<any> {
* @param res {Response} Express res object
* @returns {Promise<*>}
*/
export async function finishInvite(req: Request, res: Response): Promise<any> {
export async function finishInvite(req: Request, res: Response, grantAdmin: boolean = false): Promise<any> {
let mail = req.body.mail;
let token = req.body.token;
let totp = req.body.totp;
@ -127,10 +129,23 @@ export async function finishInvite(req: Request, res: Response): Promise<any> {
};
let id = await UserCommandHandler.create(createUser);
if (grantAdmin) {
let createPermission: CreatePermissionCommand = {
permission: "*",
userId: id,
};
await PermissionCommandHandler.create(createPermission);
}
let jwtData: JWTToken = {
userId: id,
mail: mail,
username: username,
rights: [],
firstname: firstname,
lastname: lastname,
permissions: {
...(grantAdmin ? { admin: true } : {}),
},
};
let accessToken: string;