Compare commits

..

2 commits

Author SHA1 Message Date
3f0549bd44 api & permission services and commandHandler 2025-01-21 11:37:28 +01:00
ca6dbafaf1 extend api table by id 2025-01-21 11:25:26 +01:00
9 changed files with 335 additions and 9 deletions

View file

@ -0,0 +1,15 @@
export interface CreateApiCommand {
title: string;
token: string;
expiry?: Date;
}
export interface UpdateApiCommand {
id: number;
title: string;
expiry?: Date;
}
export interface DeleteApiCommand {
id: number;
}

View file

@ -0,0 +1,69 @@
import { dataSource } from "../../../data-source";
import { api } from "../../../entity/user/api";
import InternalException from "../../../exceptions/internalException";
import { CreateApiCommand, DeleteApiCommand, UpdateApiCommand } from "./apiCommand";
export default abstract class ApiCommandHandler {
/**
* @description create api
* @param {CreateApiCommand} createApi
* @returns {Promise<number>}
*/
static async create(createApi: CreateApiCommand): Promise<number> {
return await dataSource
.createQueryBuilder()
.insert()
.into(api)
.values({
token: createApi.token,
title: createApi.title,
expiry: createApi.expiry,
})
.execute()
.then((result) => {
return result.identifiers[0].token;
})
.catch((err) => {
throw new InternalException("Failed creating api", err);
});
}
/**
* @description update api
* @param {UpdateApiCommand} updateApi
* @returns {Promise<void>}
*/
static async update(updateApi: UpdateApiCommand): Promise<void> {
return await dataSource
.createQueryBuilder()
.update(api)
.set({
title: updateApi.title,
expiry: updateApi.expiry,
})
.where("id = :id", { id: updateApi.id })
.execute()
.then(() => {})
.catch((err) => {
throw new InternalException("Failed updating api", err);
});
}
/**
* @description delete api
* @param {DeleteApiCommand} deleteApi
* @returns {Promise<void>}
*/
static async delete(deleteApi: DeleteApiCommand): Promise<void> {
return await dataSource
.createQueryBuilder()
.delete()
.from(api)
.where("id = :id", { id: deleteApi.id })
.execute()
.then(() => {})
.catch((err) => {
throw new InternalException("Failed deleting api", err);
});
}
}

View file

@ -0,0 +1,16 @@
import { PermissionString } from "../../../type/permissionTypes";
export interface CreateApiPermissionCommand {
permission: PermissionString;
apiId: number;
}
export interface DeleteApiPermissionCommand {
permission: PermissionString;
apiId: number;
}
export interface UpdateApiPermissionsCommand {
apiId: number;
permissions: Array<PermissionString>;
}

View file

@ -0,0 +1,114 @@
import { DeleteResult, EntityManager, InsertResult } from "typeorm";
import { dataSource } from "../../../data-source";
import { apiPermission } from "../../../entity/user/api_permission";
import InternalException from "../../../exceptions/internalException";
import ApiService from "../../../service/user/apiService";
import {
CreateApiPermissionCommand,
DeleteApiPermissionCommand,
UpdateApiPermissionsCommand,
} from "./apiPermissionCommand";
import PermissionHelper from "../../../helpers/permissionHelper";
import ApiPermissionService from "../../../service/user/apiPermissionService";
import { PermissionString } from "../../../type/permissionTypes";
export default abstract class ApiPermissionCommandHandler {
/**
* @description update api permissions
* @param {UpdateApiPermissionsCommand} updateApiPermissions
* @returns {Promise<void>}
*/
static async updatePermissions(updateApiPermissions: UpdateApiPermissionsCommand): Promise<void> {
let currentPermissions = (await ApiPermissionService.getByApi(updateApiPermissions.apiId)).map((r) => r.permission);
return await dataSource.manager
.transaction(async (manager) => {
let newPermissions = PermissionHelper.getWhatToAdd(currentPermissions, updateApiPermissions.permissions);
let removePermissions = PermissionHelper.getWhatToRemove(currentPermissions, updateApiPermissions.permissions);
if (newPermissions.length != 0) {
await this.updatePermissionsAdd(manager, updateApiPermissions.apiId, newPermissions);
}
if (removePermissions.length != 0) {
await this.updatePermissionsRemove(manager, updateApiPermissions.apiId, removePermissions);
}
})
.then(() => {})
.catch((err) => {
throw new InternalException("Failed saving api permissions", err);
});
}
private static async updatePermissionsAdd(
manager: EntityManager,
apiId: number,
permissions: Array<PermissionString>
): Promise<InsertResult> {
return await manager
.createQueryBuilder()
.insert()
.into(apiPermission)
.values(
permissions.map((p) => ({
permission: p,
apiId: apiId,
}))
)
.orIgnore()
.execute();
}
private static async updatePermissionsRemove(
manager: EntityManager,
apiId: number,
permissions: Array<PermissionString>
): Promise<DeleteResult> {
return await manager
.createQueryBuilder()
.delete()
.from(apiPermission)
.where("apiId = :id", { id: apiId })
.andWhere("permission IN (:...permission)", { permission: permissions })
.execute();
}
/**
* @description grant permission to user
* @param {CreateApiPermissionCommand} createPermission
* @returns {Promise<number>}
*/
static async create(createPermission: CreateApiPermissionCommand): Promise<number> {
return await dataSource
.createQueryBuilder()
.insert()
.into(apiPermission)
.values({
permission: createPermission.permission,
apiId: createPermission.apiId,
})
.execute()
.then((result) => {
return result.identifiers[0].id;
})
.catch((err) => {
throw new InternalException("Failed saving api permission", err);
});
}
/**
* @description remove permission from api
* @param {DeleteApiPermissionCommand} deletePermission
* @returns {Promise<any>}
*/
static async delete(deletePermission: DeleteApiPermissionCommand): Promise<any> {
return await dataSource
.createQueryBuilder()
.delete()
.from(apiPermission)
.where("apiId = :id", { id: deletePermission.apiId })
.andWhere("permission = :permission", { permission: deletePermission.permission })
.execute()
.then(() => {})
.catch((err) => {
throw new InternalException("failed api permission removal", err);
});
}
}

View file

@ -2,7 +2,10 @@ import { Column, CreateDateColumn, Entity, PrimaryColumn } from "typeorm";
@Entity() @Entity()
export class api { export class api {
@PrimaryColumn({ type: "varchar", length: 255 }) @PrimaryColumn({ generated: "increment", type: "int" })
id: number;
@Column({ type: "varchar", length: 255, unique: true, select: false })
token: string; token: string;
@Column({ type: "varchar", length: 255 }) @Column({ type: "varchar", length: 255 })

View file

@ -5,7 +5,7 @@ import { api } from "./api";
@Entity() @Entity()
export class apiPermission { export class apiPermission {
@PrimaryColumn({ type: "int" }) @PrimaryColumn({ type: "int" })
apiToken: number; apiId: number;
@PrimaryColumn({ type: "varchar", length: 255 }) @PrimaryColumn({ type: "varchar", length: 255 })
permission: PermissionString; permission: PermissionString;

View file

@ -11,11 +11,12 @@ export class AddApiTokens1737453096674 implements MigrationInterface {
new Table({ new Table({
name: "api", name: "api",
columns: [ columns: [
{ name: "token", type: "varchar", length: "255", isPrimary: true, isNullable: false }, { name: "id", type: variableType_int, isPrimary: true, isNullable: false },
{ name: "token", type: "varchar", length: "255", isUnique: true, isNullable: false },
{ name: "title", type: "varchar", length: "255", isNullable: false }, { name: "title", type: "varchar", length: "255", isNullable: false },
{ name: "createdAt", type: "datetime", default: "CURRENT_TIMESTAMP(6)", isNullable: false }, { name: "createdAt", type: "datetime", default: "CURRENT_TIMESTAMP(6)", isNullable: false },
{ name: "lastUsage", type: "datetime", isNullable: true }, { name: "lastUsage", type: "datetime", isNullable: true, default: null },
{ name: "expiry", type: "datetime", isNullable: true }, { name: "expiry", type: "datetime", isNullable: true, default: null },
], ],
}), }),
true true
@ -25,17 +26,18 @@ export class AddApiTokens1737453096674 implements MigrationInterface {
new Table({ new Table({
name: "api_permission", name: "api_permission",
columns: [ columns: [
{ name: "apiToken", type: "varchar", length: "255", isPrimary: true, isNullable: false }, { name: "apiId", type: variableType_int, isPrimary: true, isNullable: false },
{ name: "permission", type: "varchar", length: "255", isPrimary: true, isNullable: false }, { name: "permission", type: "varchar", length: "255", isPrimary: true, isNullable: false },
], ],
}) }),
true
); );
await queryRunner.createForeignKey( await queryRunner.createForeignKey(
"api_permission", "api_permission",
new TableForeignKey({ new TableForeignKey({
columnNames: ["apiToken"], columnNames: ["apiId"],
referencedColumnNames: ["token"], referencedColumnNames: ["id"],
referencedTableName: "api", referencedTableName: "api",
onDelete: "CASCADE", onDelete: "CASCADE",
onUpdate: "RESTRICT", onUpdate: "RESTRICT",

View file

@ -0,0 +1,24 @@
import { dataSource } from "../../data-source";
import { apiPermission } from "../../entity/user/api_permission";
import InternalException from "../../exceptions/internalException";
export default abstract class ApiPermissionService {
/**
* @description get permission by api
* @param apiId number
* @returns {Promise<Array<apiPermission>>}
*/
static async getByApi(apiId: number): Promise<Array<apiPermission>> {
return await dataSource
.getRepository(apiPermission)
.createQueryBuilder("api_permission")
.where("api_permission.apiId = :apiId", { apiId: apiId })
.getMany()
.then((res) => {
return res;
})
.catch((err) => {
throw new InternalException("api permissions not found by api", err);
});
}
}

View file

@ -0,0 +1,83 @@
import { dataSource } from "../../data-source";
import { api } from "../../entity/user/api";
import InternalException from "../../exceptions/internalException";
export default abstract class ApiService {
/**
* @description get apis
* @returns {Promise<Array<api>>}
*/
static async getAll(): Promise<Array<api>> {
return await dataSource
.getRepository(api)
.createQueryBuilder("api")
.leftJoinAndSelect("api.permissions", "permissions")
.getMany()
.then((res) => {
return res;
})
.catch((err) => {
throw new InternalException("apis not found", err);
});
}
/**
* @description get api by id
* @param id number
* @returns {Promise<api>}
*/
static async getById(id: number): Promise<api> {
return await dataSource
.getRepository(api)
.createQueryBuilder("api")
.leftJoinAndSelect("api.permissions", "permissions")
.where("api.id = :id", { id: id })
.getOneOrFail()
.then((res) => {
return res;
})
.catch((err) => {
throw new InternalException("api not found by id", err);
});
}
/**
* @description get api by token
* @param token string
* @returns {Promise<api>}
*/
static async getByToken(token: string): Promise<api> {
return await dataSource
.getRepository(api)
.createQueryBuilder("api")
.leftJoinAndSelect("api.permissions", "permissions")
.where("api.token = :token", { token: token })
.getOneOrFail()
.then((res) => {
return res;
})
.catch((err) => {
throw new InternalException("api not found by token", err);
});
}
/**
* @description get api by id
* @param id number
* @returns {Promise<api>}
*/
static async getTokenById(id: number): Promise<api> {
return await dataSource
.getRepository(api)
.createQueryBuilder("api")
.select("token")
.where("api.id = :id", { id: id })
.getOneOrFail()
.then((res) => {
return res;
})
.catch((err) => {
throw new InternalException("api token not found by id", err);
});
}
}