diff --git a/backend/src/collections/userdb/userdb.module.ts b/backend/src/collections/userdb/userdb.module.ts index ce0db0a..0e62c99 100644 --- a/backend/src/collections/userdb/userdb.module.ts +++ b/backend/src/collections/userdb/userdb.module.ts @@ -7,7 +7,6 @@ import { EarlyConfigModule } from '../../config/early/earlyconfig.module'; import { EUserBackend } from '../../models/entities/user.entity'; import { RolesModule } from '../roledb/roledb.module'; import { UsersService } from './userdb.service'; -import { UserRolesService } from './userrolesdb.service'; @Module({ imports: [ @@ -15,8 +14,8 @@ import { UserRolesService } from './userrolesdb.service'; RolesModule, TypeOrmModule.forFeature([EUserBackend]), ], - providers: [UsersService, UserRolesService], - exports: [UsersService, UserRolesService], + providers: [UsersService], + exports: [UsersService], }) export class UsersModule implements OnModuleInit { private readonly logger = new Logger('UsersModule'); diff --git a/backend/src/collections/userdb/userdb.service.ts b/backend/src/collections/userdb/userdb.service.ts index e2e9488..4ed5162 100644 --- a/backend/src/collections/userdb/userdb.service.ts +++ b/backend/src/collections/userdb/userdb.service.ts @@ -11,6 +11,7 @@ import { import { makeUnique } from 'picsur-shared/dist/util/unique'; import { strictValidate } from 'picsur-shared/dist/util/validate'; import { Repository } from 'typeorm'; +import { Permissions } from '../../models/dto/permissions.dto'; import { DefaultRolesList, SoulBoundRolesList @@ -22,6 +23,7 @@ import { } from '../../models/dto/specialusers.dto'; import { EUserBackend } from '../../models/entities/user.entity'; import { GetCols } from '../../models/util/collection'; +import { RolesService } from '../roledb/roledb.service'; // TODO: make this a configurable value const BCryptStrength = 12; @@ -33,6 +35,7 @@ export class UsersService { constructor( @InjectRepository(EUserBackend) private usersRepository: Repository, + private rolesService: RolesService, ) {} // Creation and deletion @@ -116,6 +119,33 @@ export class UsersService { } } + public async removeRoleEveryone(role: string): AsyncFailable { + try { + await this.usersRepository + .createQueryBuilder('user') + .update() + .set({ + roles: () => 'ARRAY_REMOVE(roles, :role)', + }) + .where('roles @> ARRAY[:role]', { role }) + .execute(); + } catch (e) { + this.logger.error(e); + return Fail("Couldn't remove role from everyone"); + } + + return true; + } + + public async getPermissions( + user: string | EUserBackend, + ): AsyncFailable { + const userToModify = await this.resolve(user); + if (HasFailed(userToModify)) return userToModify; + + return await this.rolesService.getPermissions(userToModify.roles); + } + public async updatePassword( user: string | EUserBackend, password: string, @@ -204,7 +234,7 @@ export class UsersService { // Internal resolver - public async resolve( + private async resolve( user: string | EUserBackend, ): AsyncFailable { if (typeof user === 'string') { diff --git a/backend/src/collections/userdb/userrolesdb.service.ts b/backend/src/collections/userdb/userrolesdb.service.ts deleted file mode 100644 index 4e155de..0000000 --- a/backend/src/collections/userdb/userrolesdb.service.ts +++ /dev/null @@ -1,76 +0,0 @@ -import { Injectable, Logger } from '@nestjs/common'; -import { InjectRepository } from '@nestjs/typeorm'; -import { AsyncFailable, Fail, HasFailed } from 'picsur-shared/dist/types'; -import { makeUnique } from 'picsur-shared/dist/util/unique'; -import { Repository } from 'typeorm'; -import { Permissions } from '../../models/dto/permissions.dto'; -import { EUserBackend } from '../../models/entities/user.entity'; -import { RolesService } from '../roledb/roledb.service'; -import { UsersService } from './userdb.service'; - -// Move some code here so it doesnt make the userdb service gigantic - -@Injectable() -export class UserRolesService { - private readonly logger = new Logger('UserRolesService'); - - constructor( - @InjectRepository(EUserBackend) - private usersRepository: Repository, - - private usersService: UsersService, - private rolesService: RolesService, - ) {} - - // Permissions and roles - public async getPermissions( - user: string | EUserBackend, - ): AsyncFailable { - const userToModify = await this.usersService.resolve(user); - if (HasFailed(userToModify)) return userToModify; - - return await this.rolesService.getPermissions(userToModify.roles); - } - - public async addRoles( - user: string | EUserBackend, - roles: string[], - ): AsyncFailable { - const userToModify = await this.usersService.resolve(user); - if (HasFailed(userToModify)) return userToModify; - - const newRoles = makeUnique([...userToModify.roles, ...roles]); - - return this.usersService.setRoles(userToModify, newRoles); - } - - public async removeRoles( - user: string | EUserBackend, - roles: string[], - ): AsyncFailable { - const userToModify = await this.usersService.resolve(user); - if (HasFailed(userToModify)) return userToModify; - - const newRoles = userToModify.roles.filter((role) => !roles.includes(role)); - - return this.usersService.setRoles(userToModify, newRoles); - } - - public async removeRoleEveryone(role: string): AsyncFailable { - try { - await this.usersRepository - .createQueryBuilder('user') - .update() - .set({ - roles: () => 'ARRAY_REMOVE(roles, :role)', - }) - .where('roles @> ARRAY[:role]', { role }) - .execute(); - } catch (e) { - this.logger.error(e); - return Fail("Couldn't remove role from everyone"); - } - - return true; - } -} diff --git a/backend/src/main.ts b/backend/src/main.ts index cb59140..45006a4 100644 --- a/backend/src/main.ts +++ b/backend/src/main.ts @@ -7,7 +7,7 @@ import { import * as multipart from 'fastify-multipart'; import { ValidateOptions } from 'picsur-shared/dist/util/validate'; import { AppModule } from './app.module'; -import { UserRolesService } from './collections/userdb/userrolesdb.service'; +import { UsersService } from './collections/userdb/userdb.service'; import { HostConfigService } from './config/early/host.config.service'; import { MainExceptionFilter } from './layers/httpexception/httpexception.filter'; import { SuccessInterceptor } from './layers/success/success.interceptor'; @@ -36,7 +36,7 @@ async function bootstrap() { app.useGlobalGuards( new MainAuthGuard( app.get(Reflector), - app.get(UserRolesService), + app.get(UsersService), ), ); diff --git a/backend/src/managers/auth/guards/main.guard.ts b/backend/src/managers/auth/guards/main.guard.ts index b262744..8c952c0 100644 --- a/backend/src/managers/auth/guards/main.guard.ts +++ b/backend/src/managers/auth/guards/main.guard.ts @@ -10,7 +10,7 @@ import { AuthGuard } from '@nestjs/passport'; import { plainToClass } from 'class-transformer'; import { Fail, Failable, HasFailed } from 'picsur-shared/dist/types'; import { strictValidate } from 'picsur-shared/dist/util/validate'; -import { UserRolesService } from '../../../collections/userdb/userrolesdb.service'; +import { UsersService } from '../../../collections/userdb/userdb.service'; import { Permissions } from '../../../models/dto/permissions.dto'; import { EUserBackend } from '../../../models/entities/user.entity'; import { isPermissionsArray } from '../../../models/validators/permissions.validator'; @@ -25,7 +25,7 @@ export class MainAuthGuard extends AuthGuard(['jwt', 'guest']) { constructor( private reflector: Reflector, - private userRolesService: UserRolesService, + private usersService: UsersService, ) { super(); } @@ -50,7 +50,7 @@ export class MainAuthGuard extends AuthGuard(['jwt', 'guest']) { } // These are the permissions the user has - const userPermissions = await this.userRolesService.getPermissions(user); + const userPermissions = await this.usersService.getPermissions(user); if (HasFailed(userPermissions)) { this.logger.warn('User Permissions: ' + userPermissions.getReason()); throw new InternalServerErrorException(); diff --git a/backend/src/routes/api/roles/roles.controller.ts b/backend/src/routes/api/roles/roles.controller.ts index a291192..037ad4e 100644 --- a/backend/src/routes/api/roles/roles.controller.ts +++ b/backend/src/routes/api/roles/roles.controller.ts @@ -20,7 +20,7 @@ import { } from 'picsur-shared/dist/dto/api/roles.dto'; import { HasFailed } from 'picsur-shared/dist/types'; import { RolesService } from '../../../collections/roledb/roledb.service'; -import { UserRolesService } from '../../../collections/userdb/userrolesdb.service'; +import { UsersService } from '../../../collections/userdb/userdb.service'; import { RequiredPermissions } from '../../../decorators/permissions.decorator'; import { Permission } from '../../../models/dto/permissions.dto'; import { @@ -38,7 +38,7 @@ export class RolesController { constructor( private rolesService: RolesService, - private userRolesService: UserRolesService, + private usersService: UsersService, ) {} @Get('list') @@ -115,7 +115,7 @@ export class RolesController { throw new InternalServerErrorException('Could not delete role'); } - const success = await this.userRolesService.removeRoleEveryone(role.name); + const success = await this.usersService.removeRoleEveryone(role.name); if (HasFailed(success)) { throw new InternalServerErrorException( 'Could not remove role from users', diff --git a/backend/src/routes/api/user/user.controller.ts b/backend/src/routes/api/user/user.controller.ts index 33a9095..23ae76e 100644 --- a/backend/src/routes/api/user/user.controller.ts +++ b/backend/src/routes/api/user/user.controller.ts @@ -16,7 +16,6 @@ import { } from 'picsur-shared/dist/dto/api/user.dto'; import { HasFailed } from 'picsur-shared/dist/types'; import { UsersService } from '../../../collections/userdb/userdb.service'; -import { UserRolesService } from '../../../collections/userdb/userrolesdb.service'; import { NoPermissions, RequiredPermissions, @@ -32,7 +31,6 @@ export class UserController { constructor( private usersService: UsersService, - private userRolesSerivce: UserRolesService, private authService: AuthManagerService, ) {} @@ -90,7 +88,7 @@ export class UserController { async refresh( @Request() req: AuthFasityRequest, ): Promise { - const permissions = await this.userRolesSerivce.getPermissions(req.user); + const permissions = await this.usersService.getPermissions(req.user); if (HasFailed(permissions)) { this.logger.warn(permissions.getReason()); throw new InternalServerErrorException('Could not get permissions');