api & permission services and commandHandler

extend api table by id
2025-01-21 11:37:28 +01:00 · 2025-01-21 11:25:26 +01:00
9 changed files with 335 additions and 9 deletions
--- a/src/command/user/api/apiCommand.ts
+++ b/src/command/user/api/apiCommand.ts
@ -0,0 +1,15 @@
+export interface CreateApiCommand {
+  title: string;
+  token: string;
+  expiry?: Date;
+}
+
+export interface UpdateApiCommand {
+  id: number;
+  title: string;
+  expiry?: Date;
+}
+
+export interface DeleteApiCommand {
+  id: number;
+}
--- a/src/command/user/api/apiCommandHandler.ts
+++ b/src/command/user/api/apiCommandHandler.ts
@ -0,0 +1,69 @@
+import { dataSource } from "../../../data-source";
+import { api } from "../../../entity/user/api";
+import InternalException from "../../../exceptions/internalException";
+import { CreateApiCommand, DeleteApiCommand, UpdateApiCommand } from "./apiCommand";
+
+export default abstract class ApiCommandHandler {
+  /**
+   * @description create api
+   * @param {CreateApiCommand} createApi
+   * @returns {Promise<number>}
+   */
+  static async create(createApi: CreateApiCommand): Promise<number> {
+    return await dataSource
+      .createQueryBuilder()
+      .insert()
+      .into(api)
+      .values({
+        token: createApi.token,
+        title: createApi.title,
+        expiry: createApi.expiry,
+      })
+      .execute()
+      .then((result) => {
+        return result.identifiers[0].token;
+      })
+      .catch((err) => {
+        throw new InternalException("Failed creating api", err);
+      });
+  }
+
+  /**
+   * @description update api
+   * @param {UpdateApiCommand} updateApi
+   * @returns {Promise<void>}
+   */
+  static async update(updateApi: UpdateApiCommand): Promise<void> {
+    return await dataSource
+      .createQueryBuilder()
+      .update(api)
+      .set({
+        title: updateApi.title,
+        expiry: updateApi.expiry,
+      })
+      .where("id = :id", { id: updateApi.id })
+      .execute()
+      .then(() => {})
+      .catch((err) => {
+        throw new InternalException("Failed updating api", err);
+      });
+  }
+
+  /**
+   * @description delete api
+   * @param {DeleteApiCommand} deleteApi
+   * @returns {Promise<void>}
+   */
+  static async delete(deleteApi: DeleteApiCommand): Promise<void> {
+    return await dataSource
+      .createQueryBuilder()
+      .delete()
+      .from(api)
+      .where("id = :id", { id: deleteApi.id })
+      .execute()
+      .then(() => {})
+      .catch((err) => {
+        throw new InternalException("Failed deleting api", err);
+      });
+  }
+}
--- a/src/command/user/api/apiPermissionCommand.ts
+++ b/src/command/user/api/apiPermissionCommand.ts
@ -0,0 +1,16 @@
+import { PermissionString } from "../../../type/permissionTypes";
+
+export interface CreateApiPermissionCommand {
+  permission: PermissionString;
+  apiId: number;
+}
+
+export interface DeleteApiPermissionCommand {
+  permission: PermissionString;
+  apiId: number;
+}
+
+export interface UpdateApiPermissionsCommand {
+  apiId: number;
+  permissions: Array<PermissionString>;
+}
--- a/src/command/user/api/apiPermissionCommandHandler.ts
+++ b/src/command/user/api/apiPermissionCommandHandler.ts
@ -0,0 +1,114 @@
+import { DeleteResult, EntityManager, InsertResult } from "typeorm";
+import { dataSource } from "../../../data-source";
+import { apiPermission } from "../../../entity/user/api_permission";
+import InternalException from "../../../exceptions/internalException";
+import ApiService from "../../../service/user/apiService";
+import {
+  CreateApiPermissionCommand,
+  DeleteApiPermissionCommand,
+  UpdateApiPermissionsCommand,
+} from "./apiPermissionCommand";
+import PermissionHelper from "../../../helpers/permissionHelper";
+import ApiPermissionService from "../../../service/user/apiPermissionService";
+import { PermissionString } from "../../../type/permissionTypes";
+
+export default abstract class ApiPermissionCommandHandler {
+  /**
+   * @description update api permissions
+   * @param {UpdateApiPermissionsCommand} updateApiPermissions
+   * @returns {Promise<void>}
+   */
+  static async updatePermissions(updateApiPermissions: UpdateApiPermissionsCommand): Promise<void> {
+    let currentPermissions = (await ApiPermissionService.getByApi(updateApiPermissions.apiId)).map((r) => r.permission);
+    return await dataSource.manager
+      .transaction(async (manager) => {
+        let newPermissions = PermissionHelper.getWhatToAdd(currentPermissions, updateApiPermissions.permissions);
+        let removePermissions = PermissionHelper.getWhatToRemove(currentPermissions, updateApiPermissions.permissions);
+        if (newPermissions.length != 0) {
+          await this.updatePermissionsAdd(manager, updateApiPermissions.apiId, newPermissions);
+        }
+        if (removePermissions.length != 0) {
+          await this.updatePermissionsRemove(manager, updateApiPermissions.apiId, removePermissions);
+        }
+      })
+      .then(() => {})
+      .catch((err) => {
+        throw new InternalException("Failed saving api permissions", err);
+      });
+  }
+
+  private static async updatePermissionsAdd(
+    manager: EntityManager,
+    apiId: number,
+    permissions: Array<PermissionString>
+  ): Promise<InsertResult> {
+    return await manager
+      .createQueryBuilder()
+      .insert()
+      .into(apiPermission)
+      .values(
+        permissions.map((p) => ({
+          permission: p,
+          apiId: apiId,
+        }))
+      )
+      .orIgnore()
+      .execute();
+  }
+
+  private static async updatePermissionsRemove(
+    manager: EntityManager,
+    apiId: number,
+    permissions: Array<PermissionString>
+  ): Promise<DeleteResult> {
+    return await manager
+      .createQueryBuilder()
+      .delete()
+      .from(apiPermission)
+      .where("apiId = :id", { id: apiId })
+      .andWhere("permission IN (:...permission)", { permission: permissions })
+      .execute();
+  }
+
+  /**
+   * @description grant permission to user
+   * @param {CreateApiPermissionCommand} createPermission
+   * @returns {Promise<number>}
+   */
+  static async create(createPermission: CreateApiPermissionCommand): Promise<number> {
+    return await dataSource
+      .createQueryBuilder()
+      .insert()
+      .into(apiPermission)
+      .values({
+        permission: createPermission.permission,
+        apiId: createPermission.apiId,
+      })
+      .execute()
+      .then((result) => {
+        return result.identifiers[0].id;
+      })
+      .catch((err) => {
+        throw new InternalException("Failed saving api permission", err);
+      });
+  }
+
+  /**
+   * @description remove permission from api
+   * @param {DeleteApiPermissionCommand} deletePermission
+   * @returns {Promise<any>}
+   */
+  static async delete(deletePermission: DeleteApiPermissionCommand): Promise<any> {
+    return await dataSource
+      .createQueryBuilder()
+      .delete()
+      .from(apiPermission)
+      .where("apiId = :id", { id: deletePermission.apiId })
+      .andWhere("permission = :permission", { permission: deletePermission.permission })
+      .execute()
+      .then(() => {})
+      .catch((err) => {
+        throw new InternalException("failed api permission removal", err);
+      });
+  }
+}
--- a/src/entity/user/api.ts
+++ b/src/entity/user/api.ts
@ -2,7 +2,10 @@ import { Column, CreateDateColumn, Entity, PrimaryColumn } from "typeorm";

@Entity()
 export class api {
-  @PrimaryColumn({ type: "varchar", length: 255 })
+  @PrimaryColumn({ generated: "increment", type: "int" })
+  id: number;
+
+  @Column({ type: "varchar", length: 255, unique: true, select: false })
  token: string;

  @Column({ type: "varchar", length: 255 })
--- a/src/entity/user/api_permission.ts
+++ b/src/entity/user/api_permission.ts
@ -5,7 +5,7 @@ import { api } from "./api";
@Entity()
 export class apiPermission {
  @PrimaryColumn({ type: "int" })
-  apiToken: number;
+  apiId: number;

  @PrimaryColumn({ type: "varchar", length: 255 })
  permission: PermissionString;
--- a/src/migrations/1737453096674-addApiTokens.ts
+++ b/src/migrations/1737453096674-addApiTokens.ts
@ -11,11 +11,12 @@ export class AddApiTokens1737453096674 implements MigrationInterface {
      new Table({
        name: "api",
        columns: [
-          { name: "token", type: "varchar", length: "255", isPrimary: true, isNullable: false },
+          { name: "id", type: variableType_int, isPrimary: true, isNullable: false },
+          { name: "token", type: "varchar", length: "255", isUnique: true, isNullable: false },
          { name: "title", type: "varchar", length: "255", isNullable: false },
          { name: "createdAt", type: "datetime", default: "CURRENT_TIMESTAMP(6)", isNullable: false },
-          { name: "lastUsage", type: "datetime", isNullable: true },
-          { name: "expiry", type: "datetime", isNullable: true },
+          { name: "lastUsage", type: "datetime", isNullable: true, default: null },
+          { name: "expiry", type: "datetime", isNullable: true, default: null },
        ],
      }),
      true
@ -25,17 +26,18 @@ export class AddApiTokens1737453096674 implements MigrationInterface {
      new Table({
        name: "api_permission",
        columns: [
-          { name: "apiToken", type: "varchar", length: "255", isPrimary: true, isNullable: false },
+          { name: "apiId", type: variableType_int, isPrimary: true, isNullable: false },
          { name: "permission", type: "varchar", length: "255", isPrimary: true, isNullable: false },
        ],
-      })
+      }),
+      true
    );

    await queryRunner.createForeignKey(
      "api_permission",
      new TableForeignKey({
-        columnNames: ["apiToken"],
-        referencedColumnNames: ["token"],
+        columnNames: ["apiId"],
+        referencedColumnNames: ["id"],
        referencedTableName: "api",
        onDelete: "CASCADE",
        onUpdate: "RESTRICT",
--- a/src/service/user/apiPermissionService.ts
+++ b/src/service/user/apiPermissionService.ts
@ -0,0 +1,24 @@
+import { dataSource } from "../../data-source";
+import { apiPermission } from "../../entity/user/api_permission";
+import InternalException from "../../exceptions/internalException";
+
+export default abstract class ApiPermissionService {
+  /**
+   * @description get permission by api
+   * @param apiId number
+   * @returns {Promise<Array<apiPermission>>}
+   */
+  static async getByApi(apiId: number): Promise<Array<apiPermission>> {
+    return await dataSource
+      .getRepository(apiPermission)
+      .createQueryBuilder("api_permission")
+      .where("api_permission.apiId = :apiId", { apiId: apiId })
+      .getMany()
+      .then((res) => {
+        return res;
+      })
+      .catch((err) => {
+        throw new InternalException("api permissions not found by api", err);
+      });
+  }
+}
--- a/src/service/user/apiService.ts
+++ b/src/service/user/apiService.ts
@ -0,0 +1,83 @@
+import { dataSource } from "../../data-source";
+import { api } from "../../entity/user/api";
+import InternalException from "../../exceptions/internalException";
+
+export default abstract class ApiService {
+  /**
+   * @description get apis
+   * @returns {Promise<Array<api>>}
+   */
+  static async getAll(): Promise<Array<api>> {
+    return await dataSource
+      .getRepository(api)
+      .createQueryBuilder("api")
+      .leftJoinAndSelect("api.permissions", "permissions")
+      .getMany()
+      .then((res) => {
+        return res;
+      })
+      .catch((err) => {
+        throw new InternalException("apis not found", err);
+      });
+  }
+
+  /**
+   * @description get api by id
+   * @param id number
+   * @returns {Promise<api>}
+   */
+  static async getById(id: number): Promise<api> {
+    return await dataSource
+      .getRepository(api)
+      .createQueryBuilder("api")
+      .leftJoinAndSelect("api.permissions", "permissions")
+      .where("api.id = :id", { id: id })
+      .getOneOrFail()
+      .then((res) => {
+        return res;
+      })
+      .catch((err) => {
+        throw new InternalException("api not found by id", err);
+      });
+  }
+
+  /**
+   * @description get api by token
+   * @param token string
+   * @returns {Promise<api>}
+   */
+  static async getByToken(token: string): Promise<api> {
+    return await dataSource
+      .getRepository(api)
+      .createQueryBuilder("api")
+      .leftJoinAndSelect("api.permissions", "permissions")
+      .where("api.token = :token", { token: token })
+      .getOneOrFail()
+      .then((res) => {
+        return res;
+      })
+      .catch((err) => {
+        throw new InternalException("api not found by token", err);
+      });
+  }
+
+  /**
+   * @description get api by id
+   * @param id number
+   * @returns {Promise<api>}
+   */
+  static async getTokenById(id: number): Promise<api> {
+    return await dataSource
+      .getRepository(api)
+      .createQueryBuilder("api")
+      .select("token")
+      .where("api.id = :id", { id: id })
+      .getOneOrFail()
+      .then((res) => {
+        return res;
+      })
+      .catch((err) => {
+        throw new InternalException("api token not found by id", err);
+      });
+  }
+}
Author	SHA1	Message	Date
Julian Krauser	3f0549bd44	api & permission services and commandHandler	2025-01-21 11:37:28 +01:00
Julian Krauser	ca6dbafaf1	extend api table by id	2025-01-21 11:25:26 +01:00