adds context id to role and role helpers
This commit is contained in:
parent
5d9cf51c10
commit
de84113066
@ -0,0 +1,18 @@
|
|||||||
|
import { MigrationInterface, QueryRunner, TableColumn } from 'typeorm';
|
||||||
|
|
||||||
|
export class AddContextIdToUserRole1641570023672 implements MigrationInterface {
|
||||||
|
public async up(queryRunner: QueryRunner): Promise<void> {
|
||||||
|
await queryRunner.addColumn(
|
||||||
|
'user_role',
|
||||||
|
new TableColumn({
|
||||||
|
name: 'contextId',
|
||||||
|
type: 'text',
|
||||||
|
default: "'root'", // default values must include single quotes for text
|
||||||
|
}),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
public async down(queryRunner: QueryRunner): Promise<void> {
|
||||||
|
await queryRunner.dropColumn('user_role', 'contextId');
|
||||||
|
}
|
||||||
|
}
|
@ -13,6 +13,9 @@ export class UserRole {
|
|||||||
@Column()
|
@Column()
|
||||||
userId: number;
|
userId: number;
|
||||||
|
|
||||||
|
@Column()
|
||||||
|
contextId: string;
|
||||||
|
|
||||||
@ManyToOne(() => Role, (role) => role.userRoles)
|
@ManyToOne(() => Role, (role) => role.userRoles)
|
||||||
role: Role;
|
role: Role;
|
||||||
|
|
||||||
|
@ -3,12 +3,19 @@ import { InjectRepository } from '@nestjs/typeorm';
|
|||||||
import { Repository } from 'typeorm';
|
import { Repository } from 'typeorm';
|
||||||
import * as bcrypt from 'bcrypt';
|
import * as bcrypt from 'bcrypt';
|
||||||
import { User } from '../../entities/user.entity';
|
import { User } from '../../entities/user.entity';
|
||||||
|
import { Role, RoleKey } from 'server/entities/role.entity';
|
||||||
|
import { UserRole } from 'server/entities/user_role.entity';
|
||||||
|
import { intersection, isEmpty } from 'lodash';
|
||||||
|
|
||||||
@Injectable()
|
@Injectable()
|
||||||
export class UsersService {
|
export class UsersService {
|
||||||
constructor(
|
constructor(
|
||||||
@InjectRepository(User)
|
@InjectRepository(User)
|
||||||
private usersRespository: Repository<User>,
|
private usersRespository: Repository<User>,
|
||||||
|
@InjectRepository(UserRole)
|
||||||
|
private userRolesRepository: Repository<UserRole>,
|
||||||
|
@InjectRepository(Role)
|
||||||
|
private rolesRepository: Repository<Role>,
|
||||||
) {}
|
) {}
|
||||||
|
|
||||||
findAll(relations: string[] = []) {
|
findAll(relations: string[] = []) {
|
||||||
@ -33,4 +40,35 @@ export class UsersService {
|
|||||||
const verified: boolean = await bcrypt.compare(password, user.passwordHash);
|
const verified: boolean = await bcrypt.compare(password, user.passwordHash);
|
||||||
return { verified, user: verified ? user : null };
|
return { verified, user: verified ? user : null };
|
||||||
}
|
}
|
||||||
|
|
||||||
|
addUserToRoleInContext(userId: number, contextId: string, ...roleKeys: RoleKey[]) {
|
||||||
|
return Promise.all(
|
||||||
|
roleKeys.map(async (key) => {
|
||||||
|
const role = await this.rolesRepository.findOne({ key });
|
||||||
|
const userRole = new UserRole();
|
||||||
|
userRole.userId = userId;
|
||||||
|
userRole.contextId = contextId;
|
||||||
|
userRole.role = role;
|
||||||
|
await this.userRolesRepository.save(userRole);
|
||||||
|
}),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
addUserToRootRole(userId: number, ...roleKeys: RoleKey[]) {
|
||||||
|
return this.addUserToRoleInContext(userId, 'root', ...roleKeys);
|
||||||
|
}
|
||||||
|
|
||||||
|
// if multiple roles are passed then will return true if user has any of the listed roles.
|
||||||
|
async hasRoleInContext(userId: number, contextId: string, ...roleKeys: RoleKey[]) {
|
||||||
|
const userRoles = await this.userRolesRepository.find({
|
||||||
|
where: { userId, contextId },
|
||||||
|
relations: ['role'],
|
||||||
|
});
|
||||||
|
const usersRoleKeys = userRoles.map((userRole) => userRole.role.key);
|
||||||
|
return !isEmpty(intersection(roleKeys, usersRoleKeys));
|
||||||
|
}
|
||||||
|
|
||||||
|
async hasRootRole(userId: number, ...roleKeys: RoleKey[]) {
|
||||||
|
return this.hasRoleInContext(userId, 'root', ...roleKeys);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user