feat: keycloak user and role management

2024-04-02 09:25:44 +07:00 · 2024-04-02 09:25:44 +07:00 · 7a291fb3be
commit 7a291fb3be
parent bee7c0bfa5
2 changed files with 56 additions and 5 deletions
--- a/src/controllers/keycloak/user-controller.ts
+++ b/src/controllers/keycloak/user-controller.ts
@ -0,0 +1,51 @@
+import { Body, Controller, Delete, Get, Path, Post, Route, Security, Tags } from "tsoa";
+import { addUserRoles, createUser, getRoles, removeUserRoles } from "../../services/keycloak";
+
+@Route("api/keycloak")
+@Tags("Keycloak")
+@Security("keycloak")
+export class KeycloakController extends Controller {
+  @Post("user")
+  async createUser(
+    @Body() body: { username: string; password: string; firstName?: string; lastName?: string },
+  ) {
+    return await createUser(body.username, body.password, {
+      firstName: body.firstName,
+      lastName: body.lastName,
+    });
+  }
+
+  @Get("role")
+  async getRole() {
+    const role = await getRoles();
+    if (Array.isArray(role)) return role;
+    throw new Error("Failed. Cannot get role.");
+  }
+
+  @Post("{userId}/role")
+  async addRole(@Path() userId: string, @Body() body: { role: string[] }) {
+    const list = await getRoles();
+
+    if (!Array.isArray(list)) throw new Error("Failed. Cannot get role(s) data from the server.");
+
+    const result = await addUserRoles(
+      userId,
+      list.filter((v) => body.role.includes(v.id)),
+    );
+
+    if (!result) throw new Error("Failed. Cannot set user's role.");
+  }
+
+  @Delete("{userId}/role/{roleId}")
+  async deleteRole(@Path() userId: string, @Path() roleId: string) {
+    const list = await getRoles();
+
+    if (!Array.isArray(list)) throw new Error("Failed. Cannot get role(s) data from the server.");
+
+    const result = await removeUserRoles(
+      userId,
+      list.filter((v) => roleId === v.id),
+    );
+    if (!result) throw new Error("Failed. Cannot remove user's role.");
+  }
+}
--- a/src/services/keycloak.ts
+++ b/src/services/keycloak.ts
@ -121,7 +121,7 @@ export async function getRoles(name?: string) {
  const data = await res.json();

  if (Array.isArray(data)) {
-    return data.map((v: Record<string, any>) => ({ id: v.id, name: v.name }));
+    return data.map((v: Record<string, string>) => ({ id: v.id, name: v.name }));
  }

  return {
@ -137,7 +137,7 @@ export async function getRoles(name?: string) {
 *
 * @returns true if success, false otherwise.
 */
-export async function addUserRoles(userId: string, roleId: string[]) {
+export async function addUserRoles(userId: string, roles: { id: string; name: string }[]) {
  const res = await fetch(
    `${KC_URL}/admin/realms/${KC_REALM}/users/${userId}/role-mappings/realm`,
    {
@ -147,7 +147,7 @@ export async function addUserRoles(userId: string, roleId: string[]) {
      "content-type": `application/json`,
    },
      method: "POST",
-      body: JSON.stringify(roleId.map((v) => ({ id: v }))),
+      body: JSON.stringify(roles),
    },
  ).catch((e) => console.log(e));

@ -165,7 +165,7 @@ export async function addUserRoles(userId: string, roleId: string[]) {
 *
 * @returns true if success, false otherwise.
 */
-export async function removeUserRoles(userId: string, roleId: string[]) {
+export async function removeUserRoles(userId: string, roles: { id: string; name: string }[]) {
  const res = await fetch(
    `${KC_URL}/admin/realms/${KC_REALM}/users/${userId}/role-mappings/realm`,
    {
@ -175,7 +175,7 @@ export async function removeUserRoles(userId: string, roleId: string[]) {
      "content-type": `application/json`,
    },
      method: "DELETE",
-      body: JSON.stringify(roleId.map((v) => ({ id: v }))),
+      body: JSON.stringify(roles),
    },
  ).catch((e) => console.log(e));