@tomei/sso
Version:
Tomei SSO Package
985 lines • 72.7 kB
JavaScript
"use strict";
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
step((generator = generator.apply(thisArg, _arguments || [])).next());
});
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.Group = void 0;
const general_1 = require("@tomei/general");
const group_repository_1 = require("./group.repository");
const config_1 = require("@tomei/config");
const sequelize_1 = require("sequelize");
const activity_history_1 = require("@tomei/activity-history");
const group_system_access_repository_1 = require("../group-system-access/group-system-access.repository");
const system_entity_1 = require("../../models/system.entity");
const group_system_access_1 = require("../group-system-access");
const redis_service_1 = require("../../redis-client/redis.service");
const system_privilege_entity_1 = require("../../models/system-privilege.entity");
const group_privilege_repository_1 = require("../group-privilege/group-privilege.repository");
const system_privilege_1 = require("../system-privilege/system-privilege");
const group_privilege_entity_1 = require("../../models/group-privilege.entity");
const group_object_privilege_repository_1 = require("../group-object-privilege/group-object-privilege.repository");
const group_object_privilege_1 = require("../group-object-privilege/group-object-privilege");
const group_privilege_1 = require("../group-privilege/group-privilege");
const group_reporting_user_entity_1 = require("../../models/group-reporting-user.entity");
const group_entity_1 = require("../../models/group.entity");
const user_entity_1 = require("../../models/user.entity");
const user_group_1 = require("../user-group/user-group");
class Group extends general_1.TreeNodeBase {
get GroupCode() {
return this.ObjectId;
}
set GroupCode(value) {
this.ObjectId = value;
}
get CreatedById() {
return this._CreatedById;
}
get CreatedAt() {
return this._CreatedAt;
}
get UpdatedById() {
return this._UpdatedById;
}
get UpdatedAt() {
return this._UpdatedAt;
}
get Path() {
return this._Path;
}
set Path(value) {
this._Path = value;
}
constructor(groupAttr) {
super();
this.ObjectType = 'Group';
this._Path = '';
this.isChildrenLoaded = false;
this.isParentLoaded = false;
if (groupAttr) {
this.GroupCode = groupAttr.GroupCode;
this.Name = groupAttr.Name;
this.Description = groupAttr === null || groupAttr === void 0 ? void 0 : groupAttr.Description;
this.Type = groupAttr === null || groupAttr === void 0 ? void 0 : groupAttr.Type;
this.ParentGroupCode = groupAttr === null || groupAttr === void 0 ? void 0 : groupAttr.ParentGroupCode;
this.InheritParentPrivilegeYN = groupAttr === null || groupAttr === void 0 ? void 0 : groupAttr.InheritParentPrivilegeYN;
this.InheritParentSystemAccessYN = groupAttr === null || groupAttr === void 0 ? void 0 : groupAttr.InheritParentSystemAccessYN;
this.Status = groupAttr === null || groupAttr === void 0 ? void 0 : groupAttr.Status;
this._Path = groupAttr === null || groupAttr === void 0 ? void 0 : groupAttr.Path;
this._CreatedById = groupAttr.CreatedById;
this._CreatedAt = groupAttr.CreatedAt;
this._UpdatedById = groupAttr.UpdatedById;
this._UpdatedAt = groupAttr.UpdatedAt;
}
}
static init(dbTransaction, GroupCode) {
return __awaiter(this, void 0, void 0, function* () {
try {
Group._RedisService = yield redis_service_1.RedisService.init();
if (GroupCode) {
const group = yield Group._Repo.findByPk(GroupCode, {
transaction: dbTransaction,
});
if (group) {
return new Group(group);
}
else {
throw Error('Group not found');
}
}
return new Group();
}
catch (error) {
throw new general_1.ClassError('Group', 'GroupErrMsg01', 'Failed To Initialize Group');
}
});
}
loadChildren(dbTransaction) {
return __awaiter(this, void 0, void 0, function* () {
if (!this.GroupCode) {
throw Error('GroupCode is missing.');
}
const children = yield Group._Repo.findAll({
where: { ParentGroupCode: this.GroupCode },
order: [['CreatedAt', 'ASC']],
transaction: dbTransaction,
});
this.children = children.map((child) => {
return new Group(child.get({ plain: true }));
});
this.isChildrenLoaded = true;
});
}
loadParent(dbTransaction) {
return __awaiter(this, void 0, void 0, function* () {
if (!this.GroupCode) {
throw Error('GroupCode are missing.');
}
if (this.ParentGroupCode) {
if (this.ParentGroupCode !== this.GroupCode) {
const parent = yield Group._Repo.findByPk(this.ParentGroupCode, {
transaction: dbTransaction,
});
this.parent = new Group(parent.get({ plain: true }));
}
}
this.isParentLoaded = true;
});
}
isLeaf(dbTransaction) {
return __awaiter(this, void 0, void 0, function* () {
if (!this.isChildrenLoaded) {
yield this.loadChildren(dbTransaction);
}
return this.children.length === 0;
});
}
getPath(dbTransaction) {
return __awaiter(this, void 0, void 0, function* () {
if (!this.isParentLoaded) {
yield this.loadParent(dbTransaction);
}
if (this.parent) {
this._Path =
(yield this.parent.getPath(dbTransaction)) + '/' + this.GroupCode;
return this._Path;
}
this._Path = this.GroupCode;
return this._Path;
});
}
updatePath(dbTransaction) {
return __awaiter(this, void 0, void 0, function* () {
const path = yield this.getPath(dbTransaction);
this._Path = path;
});
}
setParent(parent, dbTransaction) {
return __awaiter(this, void 0, void 0, function* () {
this.parent = parent;
yield this.updatePath(dbTransaction);
});
}
getPathDetail(dbTransaction) {
return __awaiter(this, void 0, void 0, function* () {
const path = this._Path.split('/');
const groups = [];
for (let i = 0; i < path.length; i++) {
const group = yield Group.init(dbTransaction, path[i]);
groups.push(group);
}
return groups;
});
}
static findAll(page, row, dbTransaction, loginUser, search) {
return __awaiter(this, void 0, void 0, function* () {
const systemCode = config_1.ApplicationConfig.getComponentConfigValue('system-code');
const isPrivileged = yield loginUser.checkPrivileges(systemCode, 'GROUP_LIST');
if (!isPrivileged) {
throw new general_1.ClassError('Group', 'GroupErrMsg04', 'User is not privileged to list group');
}
const queryObj = {};
let options = {
transaction: dbTransaction,
};
if (page && row) {
options = Object.assign(Object.assign({}, options), { limit: row, offset: row * (page - 1), order: [['CreatedAt', 'DESC']], distinct: true });
}
if (search) {
Object.entries(search).forEach(([key, value]) => {
queryObj[key] = {
[sequelize_1.Op.substring]: value,
};
});
options = Object.assign(Object.assign({}, options), { where: queryObj });
const result = yield Group._Repo.findAllWithPagination(options);
return {
Count: result.count,
Groups: result.rows.map((group) => new Group(group.get({ plain: true }))),
};
}
});
}
static create(loginUser, dbTransaction, group) {
return __awaiter(this, void 0, void 0, function* () {
try {
const systemCode = config_1.ApplicationConfig.getComponentConfigValue('system-code');
const isPrivileged = yield loginUser.checkPrivileges(systemCode, 'GROUP_CREATE');
if (!isPrivileged) {
throw new Error('You do not have permission to create group');
}
if (!group.GroupCode) {
throw new general_1.ClassError('Group', 'GroupErrMsg02', 'Group Code is required');
}
if (!group.Name) {
throw new general_1.ClassError('Group', 'GroupErrMsg02', 'Group Name is required');
}
if (!group.Type) {
throw new general_1.ClassError('Group', 'GroupErrMsg02', 'Group Type is required');
}
const existingGroupCode = yield Group._Repo.findByPk(group.GroupCode, {
transaction: dbTransaction,
});
if (existingGroupCode) {
throw new general_1.ClassError('Group', 'GroupErrMsg03', 'Duplicate GroupCode found.');
}
if (group.ParentGroupCode) {
const parentGroup = yield Group._Repo.findByPk(group.ParentGroupCode, {
transaction: dbTransaction,
});
if (!parentGroup) {
throw new general_1.ClassError('Group', 'GroupErrMsg04', 'ParentGroupCode is not found.');
}
if (group.GroupCode === group.ParentGroupCode) {
throw new general_1.ClassError('Group', 'GroupErrMsg05', 'GroupCode and ParentGroupCode cannot be the same.');
}
}
const newGroup = new Group(group);
newGroup.ObjectId = group.GroupCode;
newGroup.Name = group.Name;
newGroup.Type = group.Type;
newGroup.Description = group.Description;
newGroup.ParentGroupCode = group.ParentGroupCode;
newGroup.InheritParentPrivilegeYN = group.InheritParentPrivilegeYN;
newGroup.InheritParentSystemAccessYN = group.InheritParentSystemAccessYN;
newGroup.Status = 'Active';
newGroup._CreatedById = loginUser.UserId;
newGroup._UpdatedById = loginUser.UserId;
newGroup._Path = yield newGroup.getPath(dbTransaction);
const entityGroupAfter = {
GroupCode: newGroup.ObjectId,
Name: newGroup.Name,
Type: newGroup.Type,
Description: newGroup.Description,
ParentGroupCode: newGroup.ParentGroupCode,
InheritParentPrivilegeYN: newGroup.InheritParentPrivilegeYN,
InheritParentSystemAccessYN: newGroup.InheritParentSystemAccessYN,
Path: newGroup._Path,
Status: newGroup.Status,
CreatedById: newGroup._CreatedById,
UpdatedById: newGroup._UpdatedById,
CreatedAt: newGroup._CreatedAt,
UpdatedAt: newGroup._UpdatedAt,
};
yield Group._Repo.create(entityGroupAfter, {
transaction: dbTransaction,
});
const entityValueBefore = {};
const activity = new activity_history_1.Activity();
activity.ActivityId = activity.createId();
activity.Action = activity_history_1.ActionEnum.CREATE;
activity.Description = 'Create Group';
activity.EntityType = 'Group';
activity.EntityId = newGroup.ObjectId;
activity.EntityValueBefore = JSON.stringify(entityValueBefore);
activity.EntityValueAfter = JSON.stringify(entityGroupAfter);
yield activity.create(loginUser.ObjectId, dbTransaction);
return newGroup;
}
catch (error) {
throw error;
}
});
}
static checkDuplicateGroupCode(dbTransaction, GroupCode) {
return __awaiter(this, void 0, void 0, function* () {
const isGroupCodeExist = yield Group._Repo.findOne({
where: { GroupCode },
transaction: dbTransaction,
});
if (isGroupCodeExist) {
throw new general_1.ClassError('Group', 'GroupErrMsg07', 'GroupCode already exists.');
}
});
}
updateChildrenPath(oldGroupCode, dbTransaction) {
return __awaiter(this, void 0, void 0, function* () {
try {
const isLeaf = yield this.isLeaf(dbTransaction);
if (isLeaf) {
return;
}
const childrens = yield Group._Repo.findAll({
where: {
Path: {
[sequelize_1.Op.like]: `${oldGroupCode}/%`,
},
},
transaction: dbTransaction,
});
childrens.forEach((children) => __awaiter(this, void 0, void 0, function* () {
const path = children.Path.split(`${oldGroupCode}/`);
const childPath = path[1];
yield children.update({ Path: `${this._Path}/${childPath}` }, { transaction: dbTransaction });
}));
}
catch (error) {
throw error;
}
});
}
update(loginUser, dbTransaction, group) {
return __awaiter(this, void 0, void 0, function* () {
const systemCode = config_1.ApplicationConfig.getComponentConfigValue('system-code');
const isPrivileged = yield loginUser.checkPrivileges(systemCode, 'GROUP_UPDATE');
if (!isPrivileged) {
throw new general_1.ClassError('Group', 'GroupErrMsg06', 'You do not have the privilege to update Group');
}
try {
if (group.NewGroupCode) {
yield Group.checkDuplicateGroupCode(dbTransaction, group.NewGroupCode);
}
const entityValueBefore = {
GroupCode: this.GroupCode,
Name: this.Name,
Type: this.Type,
Description: this.Description,
ParentGroupCode: this.ParentGroupCode,
InheritParentPrivilegeYN: this.InheritParentPrivilegeYN,
InheritParentSystemAccessYN: this.InheritParentSystemAccessYN,
Path: this.Path,
Status: this.Status,
CreatedById: this._CreatedById,
UpdatedById: this._UpdatedById,
CreatedAt: this._CreatedAt,
UpdatedAt: this._UpdatedAt,
};
let isPathChanged = false;
const oldGroupCode = this.GroupCode;
if (group.NewGroupCode) {
this.GroupCode = group.NewGroupCode;
isPathChanged = true;
}
if ((group.ParentGroupCode &&
this.ParentGroupCode !== group.ParentGroupCode) ||
(group.ParentGroupCode && !this.ParentGroupCode)) {
const parentGroup = yield Group.init(dbTransaction, group.ParentGroupCode);
if (!parentGroup) {
throw new general_1.ClassError('Group', 'GroupErrMsg08', 'Parent Group Code not found');
}
yield this.setParent(parentGroup);
isPathChanged = true;
}
else if (!group.ParentGroupCode && this.ParentGroupCode) {
yield this.setParent(null);
isPathChanged = true;
}
if (isPathChanged) {
yield this.updateChildrenPath(oldGroupCode, dbTransaction);
}
this.Name = (group === null || group === void 0 ? void 0 : group.Name) || this.Name;
this.Type = (group === null || group === void 0 ? void 0 : group.Type) || this.Type;
this.Description = (group === null || group === void 0 ? void 0 : group.Description) || this.Description;
this.ParentGroupCode = (group === null || group === void 0 ? void 0 : group.ParentGroupCode) || this.ParentGroupCode;
this.InheritParentPrivilegeYN =
(group === null || group === void 0 ? void 0 : group.InheritParentPrivilegeYN) || this.InheritParentPrivilegeYN;
this.InheritParentSystemAccessYN =
(group === null || group === void 0 ? void 0 : group.InheritParentSystemAccessYN) || this.InheritParentSystemAccessYN;
this.Status = (group === null || group === void 0 ? void 0 : group.Status) || this.Status;
this._UpdatedById = loginUser.UserId;
this._UpdatedAt = new Date();
yield Group._Repo.update({
GroupCode: this.GroupCode,
Name: this.Name,
Type: this.Type,
Description: this.Description,
ParentGroupCode: this.ParentGroupCode,
InheritParentPrivilegeYN: this.InheritParentPrivilegeYN,
InheritParentSystemAccessYN: this.InheritParentSystemAccessYN,
Status: this.Status,
Path: this._Path,
UpdatedById: this._UpdatedById,
UpdatedAt: this._UpdatedAt,
}, {
where: {
GroupCode: group.GroupCode,
},
transaction: dbTransaction,
});
const entityValueAfter = {
GroupCode: this.GroupCode,
Name: this.Name,
Type: this.Type,
Description: this.Description,
ParentGroupCode: this.ParentGroupCode,
InheritParentPrivilegeYN: this.InheritParentPrivilegeYN,
InheritParentSystemAccessYN: this.InheritParentSystemAccessYN,
Status: this.Status,
Path: this._Path,
CreatedById: this._CreatedById,
UpdatedById: this._UpdatedById,
CreatedAt: this._CreatedAt,
UpdatedAt: this._UpdatedAt,
};
const activity = new activity_history_1.Activity();
activity.ActivityId = activity.createId();
activity.Action = activity_history_1.ActionEnum.UPDATE;
activity.Description = `Update Group ${group.Type}`;
activity.EntityType = 'Group';
activity.EntityId = group.GroupCode;
activity.EntityValueBefore = JSON.stringify(entityValueBefore);
activity.EntityValueAfter = JSON.stringify(entityValueAfter);
yield activity.create(loginUser.ObjectId, dbTransaction);
return this;
}
catch (error) {
throw error;
}
});
}
static delete(loginUser, dbTransaction, GroupCode) {
return __awaiter(this, void 0, void 0, function* () {
const systemCode = config_1.ApplicationConfig.getComponentConfigValue('system-code');
const isPrivileged = yield loginUser.checkPrivileges(systemCode, 'GROUP_DELETE');
if (!isPrivileged) {
throw new general_1.ClassError('Group', 'GroupErrMsg03', 'You do not have the privilege to delete groups records.');
}
try {
const group = yield Group.init(dbTransaction, GroupCode);
if (group.Status === 'Active') {
throw new general_1.ClassError('Group', 'GroupErrMsg03', 'Active Group cant be deleted');
}
const relatedGroup = yield Group.findAll(1, Number.MAX_SAFE_INTEGER, dbTransaction, loginUser, {
ParentGroupCode: GroupCode,
});
if (relatedGroup.Count > 0) {
const listOfRelatedGroup = relatedGroup.Groups.map((group) => {
return group.GroupCode;
});
throw new general_1.ClassError('Group', 'GroupErrMsg03', `Group still has associated user group ${listOfRelatedGroup}`);
}
yield Group._Repo.delete(GroupCode, dbTransaction);
const EntityValueBefore = {
GroupCode: group.GroupCode,
Name: group.Name,
Type: group.Type,
Description: group.Description,
ParentGroupCode: group.ParentGroupCode,
InheritParentPrivilegeYN: group.InheritParentPrivilegeYN,
InheritParentSystemAccessYN: group.InheritParentSystemAccessYN,
Status: group.Status,
CreatedById: group._CreatedById,
UpdatedById: group._UpdatedById,
CreatedAt: group._CreatedAt,
UpdatedAt: group._UpdatedAt,
};
const activity = new activity_history_1.Activity();
activity.ActivityId = activity.createId();
activity.Action = activity_history_1.ActionEnum.DELETE;
activity.Description = 'Delete Group';
activity.EntityType = 'Group';
activity.EntityId = group.ObjectId;
activity.EntityValueBefore = JSON.stringify(EntityValueBefore);
activity.EntityValueAfter = JSON.stringify({});
yield activity.create(loginUser.ObjectId, dbTransaction);
return { Message: 'Group removed.' };
}
catch (error) {
throw error;
}
});
}
static getSystemAccesses(loginUser, dbTransaction, GroupCode, Page, Rows, Search) {
return __awaiter(this, void 0, void 0, function* () {
const systemCode = config_1.ApplicationConfig.getComponentConfigValue('system-code');
const isPrivileged = yield loginUser.checkPrivileges(systemCode, 'SYSTEM_ACCESS_VIEW');
if (!isPrivileged) {
throw new general_1.ClassError('Group', 'GroupErrMsg06', 'You do not have the privilege to view system access');
}
try {
yield Group.init(dbTransaction, GroupCode);
const queryObj = { GroupCode: GroupCode };
if (Search) {
Object.entries(Search).forEach(([key, value]) => {
queryObj[key] = value;
});
}
let options = {
where: queryObj,
distinct: true,
transaction: dbTransaction,
};
if (Page && Rows) {
options = Object.assign(Object.assign({}, options), { limit: Rows, offset: Rows * (Page - 1), order: [['CreatedAt', 'DESC']] });
}
const systemAccess = yield Group._GroupSystemAccessRepo.findAndCountAll(options);
return systemAccess;
}
catch (error) {
return error;
}
});
}
static getSystemAccessRoles(loginUser, dbTransaction, SystemCode, Page, Rows, Search) {
return __awaiter(this, void 0, void 0, function* () {
const systemCode = config_1.ApplicationConfig.getComponentConfigValue('system-code');
const isPrivileged = yield loginUser.checkPrivileges(systemCode, 'SYSTEM_ACCESS_VIEW');
if (!isPrivileged) {
throw new general_1.ClassError('Group', 'GroupErrMsg06', 'You do not have the privilege to view system access');
}
try {
const queryObj = { SystemCode: SystemCode };
if (Search) {
Object.entries(Search).forEach(([key, value]) => {
queryObj[key] = value;
});
}
let options = {
where: queryObj,
distinct: true,
transaction: dbTransaction,
};
if (Page && Rows) {
options = Object.assign(Object.assign({}, options), { limit: Rows, offset: Rows * (Page - 1), order: [['CreatedAt', 'DESC']], include: {
model: group_entity_1.default,
where: {
Type: 'Role',
},
} });
}
const systemAccess = yield Group._GroupSystemAccessRepo.findAndCountAll(options);
return systemAccess;
}
catch (error) {
return error;
}
});
}
static getInheritedSystemAccess(dbTransaction, group) {
return __awaiter(this, void 0, void 0, function* () {
const options = {
where: {
GroupCode: group.GroupCode,
Status: 'Active',
},
include: [
{
model: system_entity_1.default,
},
],
transaction: dbTransaction,
};
let systemAccess = yield Group._GroupSystemAccessRepo.findAll(options);
if (group.InheritParentSystemAccessYN === 'Y' && group.ParentGroupCode) {
const parentGroup = yield Group.init(dbTransaction, group.ParentGroupCode);
const parentSystemAccesses = yield this.getInheritedSystemAccess(dbTransaction, parentGroup);
systemAccess = systemAccess.concat(parentSystemAccesses);
}
return systemAccess;
});
}
static isGroupCodeInHierarchy(dbTransaction_1, GroupCode_1) {
return __awaiter(this, arguments, void 0, function* (dbTransaction, GroupCode, ListGroupCode = []) {
ListGroupCode.push(GroupCode);
const group = yield Group._Repo.findOne({
where: { GroupCode },
transaction: dbTransaction,
});
if (group === null || group === void 0 ? void 0 : group.ParentGroupCode) {
const isGroupCodeExist = ListGroupCode.includes(group.ParentGroupCode);
if (!isGroupCodeExist) {
yield this.isGroupCodeInHierarchy(dbTransaction, group.ParentGroupCode, ListGroupCode);
}
{
return false;
}
}
else {
return true;
}
});
}
static getParentSystemAccesses(loginUser, dbTransaction, GroupCode) {
return __awaiter(this, void 0, void 0, function* () {
const systemCode = config_1.ApplicationConfig.getComponentConfigValue('system-code');
const isPrivileged = yield loginUser.checkPrivileges(systemCode, 'SYSTEM_ACCESS_VIEW');
if (!isPrivileged) {
throw new general_1.ClassError('Group', 'GroupErrMsg06', 'You do not have the privilege to view system access');
}
try {
const group = yield Group.init(dbTransaction, GroupCode);
if (group.InheritParentSystemAccessYN !== 'Y' || !group.ParentGroupCode) {
return [];
}
else {
const parentGroup = yield Group.init(dbTransaction, group.ParentGroupCode);
const inheritSystemAccess = yield Group.getInheritedSystemAccess(dbTransaction, parentGroup);
return inheritSystemAccess;
}
}
catch (error) {
throw error;
}
});
}
static addSystemAccesses(loginUser, dbTransaction, GroupCode, SystemCodes) {
return __awaiter(this, void 0, void 0, function* () {
var _a;
const systemCode = config_1.ApplicationConfig.getComponentConfigValue('system-code');
const isPrivileged = yield loginUser.checkPrivileges(systemCode, 'SYSTEM_ACCESS_CREATE');
if (!isPrivileged) {
throw new general_1.ClassError('Group', 'GroupErrMsg07', 'You do not have the privilege to create system access');
}
try {
if (SystemCodes.length > 0) {
for (const element of SystemCodes) {
const CurrentGroupSystemAccess = yield Group.getSystemAccesses(loginUser, dbTransaction, GroupCode, 1, Number.MAX_SAFE_INTEGER, { SystemCode: element });
if ((CurrentGroupSystemAccess === null || CurrentGroupSystemAccess === void 0 ? void 0 : CurrentGroupSystemAccess.count) > 0) {
throw new general_1.ClassError('Group', 'GroupErrMsg08', 'System access already exists');
}
const groupSystemAccess = yield group_system_access_1.GroupSystemAccess.init(dbTransaction);
groupSystemAccess.createId();
groupSystemAccess.GroupCode = GroupCode;
groupSystemAccess.SystemCode = element;
groupSystemAccess.Status = 'Active';
groupSystemAccess.CreatedById = +loginUser.ObjectId;
groupSystemAccess.CreatedAt = new Date();
groupSystemAccess.UpdatedById = +loginUser.ObjectId;
groupSystemAccess.UpdatedAt = new Date();
const EntityValueAfter = {
GroupCode: groupSystemAccess.GroupCode,
SystemCode: groupSystemAccess.SystemCode,
Status: groupSystemAccess.Status,
CreatedById: groupSystemAccess.CreatedById,
CreatedAt: groupSystemAccess.CreatedAt,
UpdatedById: groupSystemAccess.UpdatedById,
UpdatedAt: groupSystemAccess.UpdatedAt,
};
const systemAccess = yield Group._GroupSystemAccessRepo.create(EntityValueAfter, {
transaction: dbTransaction,
});
const activity = new activity_history_1.Activity();
activity.ActivityId = activity.createId();
activity.Action = activity_history_1.ActionEnum.CREATE;
activity.Description = 'Create Group System Access';
activity.EntityType = 'GroupSystemAccess';
activity.EntityId = (_a = systemAccess.GroupSystemAccessId) === null || _a === void 0 ? void 0 : _a.toString();
activity.EntityValueBefore = JSON.stringify({});
activity.EntityValueAfter = JSON.stringify(EntityValueAfter);
yield activity.create(loginUser.ObjectId, dbTransaction);
}
return { Message: 'Successfully added.' };
}
}
catch (error) {
throw error;
}
});
}
static deleteSystemAccess(loginUser, dbTransaction, GroupCode, SystemCode) {
return __awaiter(this, void 0, void 0, function* () {
var _a, _b, _c, _d, _e, _f, _g, _h, _j;
const systemCode = config_1.ApplicationConfig.getComponentConfigValue('system-code');
const isPrivileged = yield loginUser.checkPrivileges(systemCode, 'SYSTEM_ACCESS_DELETE');
if (!isPrivileged) {
throw new general_1.ClassError('Group', 'GroupErrMsg08', 'You do not have the privilege to delete system access');
}
try {
const currentGroupSystemAccess = yield Group.getSystemAccesses(loginUser, dbTransaction, GroupCode, 1, Number.MAX_SAFE_INTEGER, { SystemCode: SystemCode });
if (currentGroupSystemAccess.count < 1) {
throw new general_1.ClassError('Group', 'GroupErrMsg10', 'No associated system access found.');
}
yield Group._GroupSystemAccessRepo.delete(GroupCode, SystemCode, dbTransaction);
const EntityValueBefore = {
GroupCode: (_a = currentGroupSystemAccess === null || currentGroupSystemAccess === void 0 ? void 0 : currentGroupSystemAccess.rows[0]) === null || _a === void 0 ? void 0 : _a.GroupCode,
SystemCode: (_b = currentGroupSystemAccess === null || currentGroupSystemAccess === void 0 ? void 0 : currentGroupSystemAccess.rows[0]) === null || _b === void 0 ? void 0 : _b.SystemCode,
Status: (_c = currentGroupSystemAccess === null || currentGroupSystemAccess === void 0 ? void 0 : currentGroupSystemAccess.rows[0]) === null || _c === void 0 ? void 0 : _c.Status,
CreatedById: (_d = currentGroupSystemAccess === null || currentGroupSystemAccess === void 0 ? void 0 : currentGroupSystemAccess.rows[0]) === null || _d === void 0 ? void 0 : _d.CreatedById,
CreatedAt: (_e = currentGroupSystemAccess === null || currentGroupSystemAccess === void 0 ? void 0 : currentGroupSystemAccess.rows[0]) === null || _e === void 0 ? void 0 : _e.CreatedAt,
UpdatedById: (_f = currentGroupSystemAccess === null || currentGroupSystemAccess === void 0 ? void 0 : currentGroupSystemAccess.rows[0]) === null || _f === void 0 ? void 0 : _f.UpdatedById,
UpdatedAt: (_g = currentGroupSystemAccess === null || currentGroupSystemAccess === void 0 ? void 0 : currentGroupSystemAccess.rows[0]) === null || _g === void 0 ? void 0 : _g.UpdatedAt,
};
const activity = new activity_history_1.Activity();
activity.ActivityId = activity.createId();
activity.Action = activity_history_1.ActionEnum.DELETE;
activity.Description = 'Delete Group System Access';
activity.EntityType = 'GroupSystemAccess';
activity.EntityId =
(_j = (_h = currentGroupSystemAccess === null || currentGroupSystemAccess === void 0 ? void 0 : currentGroupSystemAccess.rows[0]) === null || _h === void 0 ? void 0 : _h.GroupSystemAccessId) === null || _j === void 0 ? void 0 : _j.toString();
activity.EntityValueBefore = JSON.stringify(EntityValueBefore);
activity.EntityValueAfter = JSON.stringify({});
yield activity.create(loginUser.ObjectId, dbTransaction);
return { Message: 'System access removed.', SystemCode: SystemCode };
}
catch (error) {
throw error;
}
});
}
static getSystemPrivileges(loginUser, dbTransaction, GroupCode, search) {
return __awaiter(this, void 0, void 0, function* () {
try {
const systemCode = config_1.ApplicationConfig.getComponentConfigValue('system-code');
const isPrivileged = yield loginUser.checkPrivileges(systemCode, 'GROUP_PRIVILEGE_VIEW');
if (!isPrivileged) {
throw new general_1.ClassError('Group', 'GroupErrMsg11', 'You do not have the privilege to view group privileges');
}
yield Group.init(dbTransaction, GroupCode);
let where = {
GroupCode,
};
let systemWhere = {};
if (search) {
if (search.Status) {
where = Object.assign(Object.assign({}, where), { Status: search.Status });
}
if (search.SystemCode) {
systemWhere = {
SystemCode: {
[sequelize_1.Op.substring]: search.SystemCode,
},
};
}
}
const groupOwnPrivileges = yield Group._GroupPrivilegeRepo.findAll({
where,
include: [
{
model: system_privilege_entity_1.default,
where: systemWhere,
},
],
transaction: dbTransaction,
});
const privileges = [];
for (const groupPrivilege of groupOwnPrivileges) {
const systemPrivilege = yield system_privilege_1.SystemPrivilege.init(dbTransaction);
systemPrivilege.setAttributes(groupPrivilege.Privilege.get({ plain: true }));
privileges.push(systemPrivilege);
}
return privileges;
}
catch (error) {
throw error;
}
});
}
static getSystemPrivilegeRoles(loginUser, dbTransaction, SystemCode, search) {
return __awaiter(this, void 0, void 0, function* () {
try {
const systemCode = config_1.ApplicationConfig.getComponentConfigValue('system-code');
const isPrivileged = yield loginUser.checkPrivileges(systemCode, 'GROUP_PRIVILEGE_VIEW');
if (!isPrivileged) {
throw new general_1.ClassError('Group', 'GroupErrMsg11', 'You do not have the privilege to view group privileges');
}
let systemWhere = {};
if (SystemCode) {
systemWhere = {
SystemCode: {
[sequelize_1.Op.substring]: SystemCode,
},
};
}
const groupCodesPrivileges = [];
const allGroupCodePrivileges = yield Group._GroupPrivilegeRepo.findAll({
include: [
{
model: system_privilege_entity_1.default,
where: systemWhere,
},
{
model: group_entity_1.default,
where: {
Type: 'Role',
},
},
],
transaction: dbTransaction,
});
const privilegesMap = new Map();
for (const groupCodePrivilege of allGroupCodePrivileges) {
const { SystemPrivilegeId, GroupCode, Group } = groupCodePrivilege;
if (!privilegesMap.has(SystemPrivilegeId)) {
privilegesMap.set(SystemPrivilegeId, []);
}
if (GroupCode && (Group === null || Group === void 0 ? void 0 : Group.Name)) {
const groupCodes = privilegesMap.get(SystemPrivilegeId);
const newGroupEntry = { Code: GroupCode, Name: Group.Name };
if (groupCodes &&
!groupCodes.some((g) => g.Code === GroupCode && g.Name === Group.Name)) {
groupCodes.push(newGroupEntry);
}
}
}
privilegesMap.forEach((groupCodes, SystemPrivilegeId) => {
groupCodesPrivileges.push({
SystemPrivilegeId,
GroupCodes: groupCodes,
});
});
const allPrivileges = yield system_privilege_entity_1.default.findAll({
where: systemWhere,
transaction: dbTransaction,
});
const groupPrivilegeRoles = [];
for (const privilege of allPrivileges) {
const matchingGroupPrivilege = groupCodesPrivileges.find((groupPrivilege) => groupPrivilege.SystemPrivilegeId === privilege.SystemPrivilegeId);
if (matchingGroupPrivilege) {
groupPrivilegeRoles.push({
SystemPrivilegeId: privilege.SystemPrivilegeId,
PrivilegeCode: privilege.PrivilegeCode,
Description: privilege.Description,
GroupCodes: matchingGroupPrivilege.GroupCodes,
});
}
else {
groupPrivilegeRoles.push({
SystemPrivilegeId: privilege.SystemPrivilegeId,
PrivilegeCode: privilege.PrivilegeCode,
Description: privilege.Description,
GroupCodes: [],
});
}
}
const filteredGroupPrivilegeRoles = groupPrivilegeRoles
.map((role) => {
var _a;
if ((_a = search.GroupCode) === null || _a === void 0 ? void 0 : _a.length) {
const matchingGroupCodes = role.GroupCodes.filter((groupCode) => search.GroupCode.includes(groupCode.Code));
if (matchingGroupCodes.length === 0) {
return null;
}
return Object.assign(Object.assign({}, role), { GroupCodes: matchingGroupCodes });
}
return role;
})
.filter(Boolean);
return filteredGroupPrivilegeRoles;
}
catch (error) {
throw error;
}
});
}
static getInheritedSystemPrivileges(dbTransaction, GroupCode, search) {
return __awaiter(this, void 0, void 0, function* () {
try {
const where = {
GroupCode,
};
let groupPrivilegeWhere = {};
let systemPrivilegeWhere = {};
if (search) {
if (search.Status) {
groupPrivilegeWhere = {
Status: search.Status,
};
}
if (search.SystemCode) {
systemPrivilegeWhere = {
SystemCode: {
[sequelize_1.Op.substring]: search.SystemCode,
},
};
}
if (search.PrivilegeCode) {
systemPrivilegeWhere = Object.assign(Object.assign({}, systemPrivilegeWhere), { PrivilegeCode: {
[sequelize_1.Op.substring]: search.PrivilegeCode,
} });
}
}
const group = yield Group._Repo.findOne({
where: where,
include: [
{
model: group_privilege_entity_1.default,
where: groupPrivilegeWhere,
separate: true,
include: [
{
model: system_privilege_entity_1.default,
where: systemPrivilegeWhere,
},
],
},
],
transaction: dbTransaction,
});
const objectWhere = {
GroupCode,
};
const systemWhere = {};
if (search) {
Object.entries(search).forEach(([key, value]) => {
if (key === 'Status') {
objectWhere[key] = {
[sequelize_1.Op.substring]: value,
};
}
else {
systemWhere[key] = {
[sequelize_1.Op.substring]: value,
};
}
});
}
const groupObjectPrivileges = yield Group._GroupObjectPrivilegeRepo.findAll({
where: objectWhere,
include: [
{
model: system_privilege_entity_1.default,
where: systemWhere,
},
],
transaction: dbTransaction,
});
let privileges = [];
for (const groupPrivilege of group.GroupPrivileges) {
const systemPrivilege = yield system_privilege_1.SystemPrivilege.init(dbTransaction);
systemPrivilege.setAttributes(groupPrivilege.Privilege.get({ plain: true }));
privileges.push(systemPrivilege);
}
for (const groupObjectPrivilege of groupObjectPrivileges) {
const systemPrivilege = yield system_privilege_1.SystemPrivilege.init(dbTransaction);
systemPrivilege.setAttributes(groupObjectPrivilege.Privilege.get({ plain: true }));
privileges.push(systemPrivilege);
}
if (group.InheritParentPrivilegeYN === 'Y' && group.ParentGroupCode) {
const inheritedPrivileges = yield Group.getInheritedSystemPrivileges(dbTransaction, group.ParentGroupCode, search);
privileges = privileges.concat(inheritedPrivileges);
}
const uniquePrivileges = Array.from(new Set(privileges.map((a) => a.SystemPrivilegeId))).map((SystemPrivilegeId) => {
return privileges.find((a) => a.SystemPrivilegeId === SystemPrivilegeId);
});
return uniquePrivileges;
}
catch (error) {
throw error;
}
});
}
static getParentSystemPrivileges(loginUser, dbTransaction, GroupCode, search) {
return __awaiter(this, void 0, void 0, function* () {
try {
const systemCode = config_1.ApplicationConfig.getComponentConfigValue('system-code');
const isPrivileged = yield loginUser.checkPrivileges(systemCode, 'GROUP_PRIVILEGE_VIEW');
if (!isPrivileged) {
throw new general_1.ClassError('Group', 'GroupErrMsg11', 'You do not have the privilege to view group privileges');
}
const group = yield Group.init(dbTransaction, GroupCode);
if (group.InheritParentPrivilegeYN !== 'Y' || !group.ParentGroupCode) {
return [];
}
const privileges = yield Group.getInheritedSystemPrivileges(dbTransaction, group.ParentGroupCode, search);
return privileges;
}
catch (error) {
throw error;
}
});
}
static assignGroupObjectPrivilege(loginUser, dbTransaction, GroupCode, GroupObjectPrivileges, SystemCode) {
return __awaiter(this, void 0, void 0, function* () {
try {
const systemCode = config_1.ApplicationConfig.getComponentConfigValue('system-code');
const isPrivileged = yield loginUser.checkPrivileges(systemCode, 'GROUP_OBJECT_PRIVILEGE_ASSIGN');
if (!isPrivileged) {
throw new general_1.ClassError('Group', 'GroupErrMsg12', 'You do not have the privilege to assign group object privilege');
}
const group = yield Group.init(dbTransaction, GroupCode);
const groupSystemAccesses = yield Group.getSystemAccesses(loginUser, dbTransaction, GroupCode, 1, Numb