2024-05-29 14:01:53 +07:00
|
|
|
import {
|
|
|
|
|
Body,
|
|
|
|
|
Controller,
|
|
|
|
|
Delete,
|
|
|
|
|
Get,
|
|
|
|
|
Path,
|
|
|
|
|
Post,
|
|
|
|
|
Put,
|
|
|
|
|
Query,
|
|
|
|
|
Request,
|
|
|
|
|
Route,
|
|
|
|
|
Security,
|
|
|
|
|
Tags,
|
|
|
|
|
} from "tsoa";
|
|
|
|
|
import {
|
|
|
|
|
addUserGroup,
|
|
|
|
|
addUserRoles,
|
|
|
|
|
createGroup,
|
|
|
|
|
createUser,
|
|
|
|
|
deleteGroup,
|
|
|
|
|
deleteUser,
|
|
|
|
|
editUser,
|
|
|
|
|
getGroups,
|
|
|
|
|
getRoles,
|
|
|
|
|
getUser,
|
|
|
|
|
getUserGroups,
|
|
|
|
|
getUserList,
|
|
|
|
|
removeUserGroup,
|
|
|
|
|
removeUserRoles,
|
2024-05-29 16:17:53 +07:00
|
|
|
getRoleMappings,
|
2024-05-31 10:39:12 +07:00
|
|
|
getUserCount,
|
2024-06-14 16:23:36 +07:00
|
|
|
enableStatus,
|
2025-01-29 12:13:16 +07:00
|
|
|
getUserByUsername,
|
2025-02-21 11:49:04 +07:00
|
|
|
changeUserPassword,
|
2025-03-04 22:03:23 +07:00
|
|
|
resetPassword,
|
2024-05-29 14:01:53 +07:00
|
|
|
} from "../keycloak";
|
2024-06-13 14:49:50 +07:00
|
|
|
import { AppDataSource } from "../database/data-source";
|
|
|
|
|
import { Profile } from "../entities/Profile";
|
|
|
|
|
import { ProfileEmployee } from "../entities/ProfileEmployee";
|
2024-10-10 00:35:17 +07:00
|
|
|
import { RequestWithUser } from "../middlewares/user";
|
2024-11-11 18:13:11 +07:00
|
|
|
import HttpSuccess from "../interfaces/http-success";
|
2025-03-14 13:26:37 +07:00
|
|
|
import { Brackets, In, IsNull, Not } from "typeorm";
|
2024-11-12 09:11:39 +07:00
|
|
|
import HttpError from "../interfaces/http-error";
|
|
|
|
|
import HttpStatus from "../interfaces/http-status";
|
|
|
|
|
import { RoleKeycloak } from "../entities/RoleKeycloak";
|
2024-11-13 10:22:20 +07:00
|
|
|
import { addLogSequence } from "../interfaces/utils";
|
2024-11-14 09:45:00 +07:00
|
|
|
import { OrgRevision } from "../entities/OrgRevision";
|
|
|
|
|
import { Uuid } from "@elastic/elasticsearch/lib/api/types";
|
2024-05-29 14:01:53 +07:00
|
|
|
// import * as io from "../lib/websocket";
|
|
|
|
|
// import elasticsearch from "../elasticsearch";
|
|
|
|
|
// import { StorageFolder } from "../interfaces/storage-fs";
|
|
|
|
|
|
|
|
|
|
// if (!process.env.MINIO_BUCKET) throw Error("Default MinIO bucket must be specified.");
|
|
|
|
|
// if (!process.env.ELASTICSEARCH_INDEX) throw Error("Default ElasticSearch index must be specified.");
|
|
|
|
|
|
|
|
|
|
// const DEFAULT_INDEX = process.env.ELASTICSEARCH_INDEX;
|
|
|
|
|
function stripLeadingSlash(str: string) {
|
|
|
|
|
return str.replace(/^\//, "");
|
|
|
|
|
}
|
|
|
|
|
|
2024-05-29 18:11:30 +07:00
|
|
|
@Route("api/v1/org/keycloak")
|
2024-05-29 14:01:53 +07:00
|
|
|
@Tags("Single-Sign On")
|
|
|
|
|
@Security("bearerAuth")
|
|
|
|
|
export class KeycloakController extends Controller {
|
2024-06-13 14:49:50 +07:00
|
|
|
private profileRepo = AppDataSource.getRepository(Profile);
|
|
|
|
|
private profileEmpRepo = AppDataSource.getRepository(ProfileEmployee);
|
2024-11-12 09:11:39 +07:00
|
|
|
private roleKeycloakRepo = AppDataSource.getRepository(RoleKeycloak);
|
2024-06-13 14:49:50 +07:00
|
|
|
|
2024-05-29 14:01:53 +07:00
|
|
|
@Get("user/{id}")
|
2024-05-29 16:17:53 +07:00
|
|
|
async getUser(@Path("id") id: string) {
|
|
|
|
|
const userData = await getUser(id);
|
|
|
|
|
if (!userData) {
|
|
|
|
|
throw new Error("User not found");
|
|
|
|
|
}
|
|
|
|
|
const rolesData = await getRoleMappings(id);
|
|
|
|
|
if (!rolesData) {
|
|
|
|
|
throw new Error("Role mappings not found");
|
|
|
|
|
}
|
|
|
|
|
const userDataWithRoles = {
|
|
|
|
|
...userData,
|
|
|
|
|
roles: rolesData,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
return userDataWithRoles;
|
2024-05-29 14:01:53 +07:00
|
|
|
}
|
|
|
|
|
|
2025-01-29 18:02:50 +07:00
|
|
|
@Post("user")
|
|
|
|
|
@Security("bearerAuth", ["system", "admin"])
|
|
|
|
|
async createUser(
|
|
|
|
|
@Request() request: { user: { sub: string; preferred_username: string } },
|
|
|
|
|
@Body()
|
|
|
|
|
body: {
|
|
|
|
|
username: string;
|
|
|
|
|
password: string;
|
|
|
|
|
firstName?: string;
|
|
|
|
|
lastName?: string;
|
|
|
|
|
email?: string;
|
|
|
|
|
roles: string[];
|
|
|
|
|
profileId?: string;
|
|
|
|
|
},
|
|
|
|
|
) {
|
|
|
|
|
const checkUser = await getUserByUsername(body.username);
|
|
|
|
|
let userId: any = "";
|
|
|
|
|
if (checkUser.length == 0) {
|
|
|
|
|
userId = await createUser(body.username, body.password, {
|
|
|
|
|
firstName: body.firstName,
|
|
|
|
|
lastName: body.lastName,
|
|
|
|
|
// email: body.email,
|
|
|
|
|
});
|
|
|
|
|
if (typeof userId !== "string") {
|
|
|
|
|
throw new Error(userId.errorMessage);
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
userId = checkUser[0].id;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const list = await getRoles();
|
|
|
|
|
if (!Array.isArray(list)) throw new Error("Failed. Cannot get role(s) data from the server.");
|
|
|
|
|
const result = await addUserRoles(
|
|
|
|
|
userId,
|
|
|
|
|
list.filter((v) => body.roles.includes(v.id)),
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
if (!result) {
|
|
|
|
|
throw new Error("Failed. Cannot set user's role.");
|
|
|
|
|
}
|
|
|
|
|
const profile = await this.profileRepo.findOne({
|
|
|
|
|
where: {
|
|
|
|
|
id: body.profileId,
|
|
|
|
|
},
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
if (profile) {
|
|
|
|
|
let _null: any = null;
|
|
|
|
|
if (typeof userId === "string") {
|
|
|
|
|
profile.keycloak = userId;
|
|
|
|
|
}
|
|
|
|
|
profile.email = body.email == null ? _null : body.email;
|
|
|
|
|
await this.profileRepo.save(profile);
|
|
|
|
|
if (body.roles != null && body.roles.length > 0) {
|
|
|
|
|
const roleKeycloak = await this.roleKeycloakRepo.find({
|
|
|
|
|
where: { id: In(body.roles) },
|
|
|
|
|
});
|
|
|
|
|
const _profile = await this.profileRepo.findOne({
|
|
|
|
|
where: { keycloak: userId },
|
|
|
|
|
relations: ["roleKeycloaks"],
|
|
|
|
|
});
|
|
|
|
|
if (_profile) {
|
|
|
|
|
_profile.roleKeycloaks = Array.from(
|
|
|
|
|
new Set([..._profile.roleKeycloaks, ...roleKeycloak]),
|
|
|
|
|
);
|
|
|
|
|
this.profileRepo.save(_profile);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return userId;
|
|
|
|
|
}
|
|
|
|
|
|
2024-11-27 11:06:05 +07:00
|
|
|
@Post("user-emp")
|
|
|
|
|
@Security("bearerAuth", ["system", "admin"])
|
|
|
|
|
async createUserEmployee(
|
|
|
|
|
@Request() request: { user: { sub: string; preferred_username: string } },
|
|
|
|
|
@Body()
|
|
|
|
|
body: {
|
|
|
|
|
username: string;
|
|
|
|
|
password: string;
|
|
|
|
|
firstName?: string;
|
|
|
|
|
lastName?: string;
|
|
|
|
|
email?: string;
|
|
|
|
|
roles: string[];
|
|
|
|
|
profileId?: string;
|
|
|
|
|
},
|
|
|
|
|
) {
|
|
|
|
|
const userId = await createUser(body.username, body.password, {
|
|
|
|
|
firstName: body.firstName,
|
|
|
|
|
lastName: body.lastName,
|
|
|
|
|
// email: body.email,
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
if (typeof userId !== "string") {
|
|
|
|
|
throw new Error(userId.errorMessage);
|
|
|
|
|
}
|
|
|
|
|
const list = await getRoles();
|
|
|
|
|
if (!Array.isArray(list)) throw new Error("Failed. Cannot get role(s) data from the server.");
|
|
|
|
|
const profile = await this.profileEmpRepo.findOne({
|
|
|
|
|
where: {
|
|
|
|
|
id: body.profileId,
|
|
|
|
|
},
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
if (profile) {
|
|
|
|
|
let _null: any = null;
|
|
|
|
|
if (typeof userId === "string") {
|
|
|
|
|
profile.keycloak = userId;
|
|
|
|
|
}
|
|
|
|
|
profile.email = body.email == null ? _null : body.email;
|
|
|
|
|
await this.profileEmpRepo.save(profile);
|
|
|
|
|
if (body.roles != null && body.roles.length > 0) {
|
|
|
|
|
const roleKeycloak = await this.roleKeycloakRepo.find({
|
|
|
|
|
where: { id: In(body.roles) },
|
|
|
|
|
});
|
|
|
|
|
const _profile = await this.profileEmpRepo.findOne({
|
|
|
|
|
where: { keycloak: userId },
|
|
|
|
|
relations: ["roleKeycloaks"],
|
|
|
|
|
});
|
|
|
|
|
if (_profile) {
|
|
|
|
|
_profile.roleKeycloaks = Array.from(
|
|
|
|
|
new Set([..._profile.roleKeycloaks, ...roleKeycloak]),
|
|
|
|
|
);
|
|
|
|
|
this.profileEmpRepo.save(_profile);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return userId;
|
|
|
|
|
}
|
|
|
|
|
|
2024-05-29 14:01:53 +07:00
|
|
|
@Put("user/{userId}")
|
|
|
|
|
async editUser(
|
|
|
|
|
@Path() userId: string,
|
|
|
|
|
@Body()
|
|
|
|
|
body: {
|
|
|
|
|
username?: string;
|
|
|
|
|
password?: string;
|
|
|
|
|
firstName?: string;
|
|
|
|
|
lastName?: string;
|
|
|
|
|
email?: string;
|
2024-05-30 17:52:31 +07:00
|
|
|
attributes?: object;
|
|
|
|
|
// roles?: string[];
|
2024-05-29 14:01:53 +07:00
|
|
|
},
|
|
|
|
|
) {
|
2024-05-30 14:16:00 +07:00
|
|
|
// return await editUser(userId, body);
|
|
|
|
|
const chkUpdate = await editUser(userId, body);
|
|
|
|
|
if (typeof chkUpdate !== "boolean") {
|
|
|
|
|
throw new Error(chkUpdate.errorMessage);
|
|
|
|
|
}
|
2024-05-30 17:52:31 +07:00
|
|
|
// const _rolesUpdate = {
|
|
|
|
|
// role: body.roles || [],
|
|
|
|
|
// };
|
2024-05-31 10:39:12 +07:00
|
|
|
return chkUpdate;
|
2024-05-29 14:01:53 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Delete("user/{userId}")
|
|
|
|
|
async deleteUser(@Path() userId: string) {
|
2024-05-29 14:20:37 +07:00
|
|
|
const result = await deleteUser(userId);
|
|
|
|
|
if (!result) throw new Error("Failed. Cannot delete userId.");
|
2024-06-13 17:38:01 +07:00
|
|
|
|
|
|
|
|
const profile = await this.profileRepo.findOne({
|
|
|
|
|
where: {
|
2024-10-25 14:36:32 +07:00
|
|
|
keycloak: userId,
|
2024-06-13 17:38:01 +07:00
|
|
|
},
|
2024-11-12 09:11:39 +07:00
|
|
|
relations: ["roleKeycloaks"],
|
2024-06-13 17:38:01 +07:00
|
|
|
});
|
2024-11-12 09:11:39 +07:00
|
|
|
if (!profile) {
|
|
|
|
|
const profileEmp = await this.profileEmpRepo.findOne({
|
|
|
|
|
where: {
|
|
|
|
|
keycloak: userId,
|
2025-01-17 12:10:23 +07:00
|
|
|
employeeClass: "PERM",
|
2024-11-12 09:11:39 +07:00
|
|
|
},
|
|
|
|
|
relations: ["roleKeycloaks"],
|
|
|
|
|
});
|
|
|
|
|
if (!profileEmp) {
|
|
|
|
|
} else {
|
2025-03-10 09:52:50 +07:00
|
|
|
const _null: any = null;
|
|
|
|
|
profileEmp.keycloak = _null;
|
2024-11-12 09:11:39 +07:00
|
|
|
profileEmp.roleKeycloaks = [];
|
|
|
|
|
await this.profileEmpRepo.save(profileEmp);
|
|
|
|
|
}
|
|
|
|
|
} else {
|
2025-03-10 09:52:50 +07:00
|
|
|
const _null: any = null;
|
|
|
|
|
profile.keycloak = _null;
|
2024-11-12 09:11:39 +07:00
|
|
|
profile.roleKeycloaks = [];
|
2024-06-13 17:38:01 +07:00
|
|
|
await this.profileRepo.save(profile);
|
2024-11-21 15:39:38 +07:00
|
|
|
return new HttpSuccess();
|
2024-06-13 17:38:01 +07:00
|
|
|
}
|
2024-05-29 14:01:53 +07:00
|
|
|
}
|
2024-05-29 14:20:37 +07:00
|
|
|
// @Security("bearerAuth", ["system", "admin"])
|
2024-05-29 14:01:53 +07:00
|
|
|
|
|
|
|
|
@Get("role")
|
|
|
|
|
async getRole() {
|
|
|
|
|
const role = await getRoles();
|
|
|
|
|
if (Array.isArray(role))
|
|
|
|
|
return role.filter(
|
|
|
|
|
(a) =>
|
|
|
|
|
!["uma_authorization", "offline_access", "default-roles"].some((b) => a.name.includes(b)),
|
|
|
|
|
);
|
|
|
|
|
throw new Error("Failed. Cannot get role.");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Post("{userId}/role")
|
|
|
|
|
async addRole(@Path() userId: string, @Body() body: { role: string[] }) {
|
|
|
|
|
const list = await getRoles();
|
|
|
|
|
if (!Array.isArray(list)) throw new Error("Failed. Cannot get role(s) data from the server.");
|
|
|
|
|
const result = await addUserRoles(
|
|
|
|
|
userId,
|
|
|
|
|
list.filter((v) => body.role.includes(v.id)),
|
|
|
|
|
);
|
|
|
|
|
|
2024-11-21 16:22:08 +07:00
|
|
|
if (!result) {
|
|
|
|
|
throw new Error("Failed. Cannot set user's role.");
|
2024-11-27 10:19:15 +07:00
|
|
|
}
|
2024-11-21 17:05:01 +07:00
|
|
|
|
|
|
|
|
const roleKeycloak = await this.roleKeycloakRepo.find({
|
|
|
|
|
where: { id: In(body.role) },
|
|
|
|
|
});
|
|
|
|
|
const profile = await this.profileRepo.findOne({
|
|
|
|
|
where: { keycloak: userId },
|
|
|
|
|
relations: ["roleKeycloaks"],
|
|
|
|
|
});
|
|
|
|
|
if (!profile) {
|
|
|
|
|
const profileEmp = await this.profileEmpRepo.findOne({
|
2025-01-17 12:10:23 +07:00
|
|
|
where: { keycloak: userId, employeeClass: "PERM" },
|
2024-11-21 16:22:08 +07:00
|
|
|
relations: ["roleKeycloaks"],
|
|
|
|
|
});
|
2024-11-21 17:05:01 +07:00
|
|
|
// if (!profileEmp) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
|
2024-11-27 10:19:15 +07:00
|
|
|
if (profileEmp) {
|
2024-11-21 16:22:08 +07:00
|
|
|
profileEmp.roleKeycloaks = Array.from(
|
|
|
|
|
new Set([...profileEmp.roleKeycloaks, ...roleKeycloak]),
|
|
|
|
|
);
|
|
|
|
|
this.profileEmpRepo.save(profileEmp);
|
|
|
|
|
}
|
2024-11-27 10:19:15 +07:00
|
|
|
} else {
|
2024-11-21 17:05:01 +07:00
|
|
|
profile.roleKeycloaks = Array.from(new Set([...profile.roleKeycloaks, ...roleKeycloak]));
|
|
|
|
|
this.profileRepo.save(profile);
|
2024-11-21 16:22:08 +07:00
|
|
|
}
|
|
|
|
|
|
2024-11-21 15:39:38 +07:00
|
|
|
return new HttpSuccess();
|
2024-05-29 14:01:53 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Delete("{userId}/role/{roleId}")
|
|
|
|
|
async deleteRole(@Path() userId: string, @Path() roleId: string) {
|
2024-11-12 09:11:39 +07:00
|
|
|
const profile = await this.profileRepo.findOne({
|
|
|
|
|
where: { keycloak: userId },
|
|
|
|
|
relations: ["roleKeycloaks"],
|
|
|
|
|
});
|
|
|
|
|
if (!profile) {
|
|
|
|
|
const profileEmp = await this.profileEmpRepo.findOne({
|
2025-01-17 12:10:23 +07:00
|
|
|
where: { keycloak: userId, employeeClass: "PERM" },
|
2024-11-12 09:11:39 +07:00
|
|
|
relations: ["roleKeycloaks"],
|
|
|
|
|
});
|
|
|
|
|
if (!profileEmp) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
|
|
|
|
|
profileEmp.roleKeycloaks = profileEmp.roleKeycloaks.filter((x) => x.id != roleId);
|
|
|
|
|
this.profileEmpRepo.save(profileEmp);
|
|
|
|
|
} else {
|
|
|
|
|
profile.roleKeycloaks = profile.roleKeycloaks.filter((x) => x.id != roleId);
|
|
|
|
|
this.profileRepo.save(profile);
|
|
|
|
|
}
|
|
|
|
|
|
2024-05-29 14:01:53 +07:00
|
|
|
const list = await getRoles();
|
|
|
|
|
|
|
|
|
|
if (!Array.isArray(list)) throw new Error("Failed. Cannot get role(s) data from the server.");
|
|
|
|
|
|
|
|
|
|
const result = await removeUserRoles(
|
|
|
|
|
userId,
|
|
|
|
|
list.filter((v) => roleId === v.id),
|
|
|
|
|
);
|
|
|
|
|
if (!result) throw new Error("Failed. Cannot remove user's role.");
|
2024-11-21 15:39:38 +07:00
|
|
|
return new HttpSuccess();
|
2024-05-29 14:01:53 +07:00
|
|
|
}
|
|
|
|
|
|
2024-11-11 18:13:11 +07:00
|
|
|
/*@Get("user")
|
2024-10-10 00:35:17 +07:00
|
|
|
async getUserList(
|
|
|
|
|
@Request() request: RequestWithUser,
|
|
|
|
|
@Query() first = "",
|
|
|
|
|
@Query() max = "",
|
|
|
|
|
@Query() search = "",
|
|
|
|
|
) {
|
|
|
|
|
// let _data: any = {
|
|
|
|
|
// root: null,
|
|
|
|
|
// child1: null,
|
|
|
|
|
// child2: null,
|
|
|
|
|
// child3: null,
|
|
|
|
|
// child4: null,
|
|
|
|
|
// };
|
|
|
|
|
// if (!request.user.role.includes("SUPER_ADMIN")) {
|
|
|
|
|
// _data = await new permission().PermissionOrgList(request, "SYS_ORG");
|
|
|
|
|
// }
|
|
|
|
|
// const profiles = await this.profileRepo
|
|
|
|
|
// .createQueryBuilder("profile")
|
|
|
|
|
// .leftJoinAndSelect("profile.current_holders", "current_holders")
|
|
|
|
|
// .leftJoinAndSelect("current_holders.orgRoot", "orgRoot")
|
|
|
|
|
// .leftJoinAndSelect("current_holders.orgChild1", "orgChild1")
|
|
|
|
|
// .leftJoinAndSelect("current_holders.orgChild2", "orgChild2")
|
|
|
|
|
// .leftJoinAndSelect("current_holders.orgChild3", "orgChild3")
|
|
|
|
|
// .leftJoinAndSelect("current_holders.orgChild4", "orgChild4")
|
|
|
|
|
// .andWhere(
|
|
|
|
|
// _data.root != undefined && _data.root != null
|
|
|
|
|
// ? _data.root[0] != null
|
|
|
|
|
// ? `current_holders.orgRootId IN (:...root)`
|
|
|
|
|
// : `current_holders.orgRootId is null`
|
|
|
|
|
// : "1=1",
|
|
|
|
|
// {
|
|
|
|
|
// root: _data.root,
|
|
|
|
|
// },
|
|
|
|
|
// )
|
|
|
|
|
// .andWhere(
|
|
|
|
|
// _data.child1 != undefined && _data.child1 != null
|
|
|
|
|
// ? _data.child1[0] != null
|
|
|
|
|
// ? `current_holders.orgChild1Id IN (:...child1)`
|
|
|
|
|
// : `current_holders.orgChild1Id is null`
|
|
|
|
|
// : "1=1",
|
|
|
|
|
// {
|
|
|
|
|
// child1: _data.child1,
|
|
|
|
|
// },
|
|
|
|
|
// )
|
|
|
|
|
// .andWhere(
|
|
|
|
|
// _data.child2 != undefined && _data.child2 != null
|
|
|
|
|
// ? _data.child2[0] != null
|
|
|
|
|
// ? `current_holders.orgChild2Id IN (:...child2)`
|
|
|
|
|
// : `current_holders.orgChild2Id is null`
|
|
|
|
|
// : "1=1",
|
|
|
|
|
// {
|
|
|
|
|
// child2: _data.child2,
|
|
|
|
|
// },
|
|
|
|
|
// )
|
|
|
|
|
// .andWhere(
|
|
|
|
|
// _data.child3 != undefined && _data.child3 != null
|
|
|
|
|
// ? _data.child3[0] != null
|
|
|
|
|
// ? `current_holders.orgChild3Id IN (:...child3)`
|
|
|
|
|
// : `current_holders.orgChild3Id is null`
|
|
|
|
|
// : "1=1",
|
|
|
|
|
// {
|
|
|
|
|
// child3: _data.child3,
|
|
|
|
|
// },
|
|
|
|
|
// )
|
|
|
|
|
// .andWhere(
|
|
|
|
|
// _data.child4 != undefined && _data.child4 != null
|
|
|
|
|
// ? _data.child4[0] != null
|
|
|
|
|
// ? `current_holders.orgChild4Id IN (:...child4)`
|
|
|
|
|
// : `current_holders.orgChild4Id is null`
|
|
|
|
|
// : "1=1",
|
|
|
|
|
// {
|
|
|
|
|
// child4: _data.child4,
|
|
|
|
|
// },
|
|
|
|
|
// )
|
|
|
|
|
// .andWhere({ keycloak: Not(IsNull()) })
|
|
|
|
|
// .andWhere({ keycloak: Not("") })
|
|
|
|
|
// .select("profile.keycloak", "keycloak")
|
|
|
|
|
// .getRawMany();
|
|
|
|
|
// let keycloakArray = profiles.map((p) => p.keycloak);
|
|
|
|
|
|
|
|
|
|
// const total = await getUserCountOrg(first, max, search, keycloakArray);
|
|
|
|
|
// const result = await getUserListOrg(first, max, search, keycloakArray);
|
|
|
|
|
|
2024-05-31 13:53:08 +07:00
|
|
|
const total = await getUserCount(first, max, search);
|
2024-05-30 15:24:38 +07:00
|
|
|
const result = await getUserList(first, max, search);
|
2024-05-29 14:01:53 +07:00
|
|
|
|
|
|
|
|
if (Array.isArray(result)) {
|
2024-05-31 10:39:12 +07:00
|
|
|
const mappedData = await Promise.all(
|
|
|
|
|
result.map(async (x) => {
|
|
|
|
|
const roles = await getRoleMappings(x.id);
|
|
|
|
|
return {
|
|
|
|
|
id: x.id,
|
|
|
|
|
username: x.username,
|
|
|
|
|
firstname: x.firstName,
|
|
|
|
|
lastname: x.lastName,
|
|
|
|
|
email: x.email,
|
|
|
|
|
roles: roles,
|
2024-06-14 16:23:36 +07:00
|
|
|
enabled: x.enabled,
|
2024-05-31 10:39:12 +07:00
|
|
|
};
|
|
|
|
|
}),
|
|
|
|
|
);
|
|
|
|
|
|
2024-05-30 17:13:48 +07:00
|
|
|
const _mapData = {
|
|
|
|
|
data: mappedData,
|
2024-05-31 10:39:12 +07:00
|
|
|
total: total,
|
2024-05-30 17:13:48 +07:00
|
|
|
};
|
2024-05-31 10:39:12 +07:00
|
|
|
|
2024-05-30 17:13:48 +07:00
|
|
|
return _mapData;
|
2024-05-29 14:01:53 +07:00
|
|
|
}
|
|
|
|
|
throw new Error("Failed. Cannot get user list.");
|
2024-11-11 18:13:11 +07:00
|
|
|
}*/
|
|
|
|
|
|
|
|
|
|
@Get("user")
|
|
|
|
|
async listUserKeycloak(
|
|
|
|
|
@Query("page") page: number = 1,
|
|
|
|
|
@Query("pageSize") pageSize: number = 10,
|
|
|
|
|
@Query() keyword: string = "",
|
|
|
|
|
@Query() type: string = "",
|
2024-11-14 09:45:00 +07:00
|
|
|
@Request() req: RequestWithUser,
|
2024-11-11 18:13:11 +07:00
|
|
|
) {
|
2024-11-14 09:45:00 +07:00
|
|
|
let condition: any = {};
|
|
|
|
|
|
2024-11-21 10:54:09 +07:00
|
|
|
if (req.user.role.includes("ADMIN") && !req.user.role.includes("SUPER_ADMIN")) {
|
2024-11-20 16:40:00 +07:00
|
|
|
const profile = await this.profileRepo.findOne({
|
|
|
|
|
relations: ["current_holders", "current_holders.orgRevision"],
|
|
|
|
|
where: {
|
2024-11-14 09:45:00 +07:00
|
|
|
keycloak: req.user.sub,
|
2024-11-20 16:40:00 +07:00
|
|
|
current_holders: {
|
|
|
|
|
orgRevision: {
|
2024-11-14 09:45:00 +07:00
|
|
|
orgRevisionIsCurrent: true,
|
2024-11-20 16:40:00 +07:00
|
|
|
orgRevisionIsDraft: false,
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
},
|
2024-11-14 09:45:00 +07:00
|
|
|
});
|
|
|
|
|
|
2024-11-20 16:40:00 +07:00
|
|
|
if (
|
|
|
|
|
profile?.current_holders[0]?.orgRootId &&
|
|
|
|
|
profile?.current_holders[0]?.orgChild1Id == null
|
|
|
|
|
) {
|
|
|
|
|
condition = `current_holders.orgRootId = '${profile?.current_holders[0]?.orgRootId}'
|
2024-11-14 09:45:00 +07:00
|
|
|
and current_holders.orgChild1Id IS NULL
|
|
|
|
|
and current_holders.orgChild2Id IS NULL
|
|
|
|
|
and current_holders.orgChild3Id IS NULL
|
|
|
|
|
and current_holders.orgChild4Id IS NULL`;
|
2024-11-20 16:40:00 +07:00
|
|
|
} else if (
|
|
|
|
|
profile?.current_holders[0]?.orgChild1Id &&
|
|
|
|
|
profile?.current_holders[0]?.orgChild2Id == null
|
|
|
|
|
) {
|
|
|
|
|
condition = `current_holders.orgRootId = '${profile?.current_holders[0]?.orgRootId}'
|
|
|
|
|
and current_holders.orgChild1Id = '${profile?.current_holders[0]?.orgChild1Id}'
|
2024-11-14 09:45:00 +07:00
|
|
|
and current_holders.orgChild2Id IS NULL
|
|
|
|
|
and current_holders.orgChild3Id IS NULL
|
|
|
|
|
and current_holders.orgChild4Id IS NULL`;
|
2024-11-20 16:40:00 +07:00
|
|
|
} else if (
|
|
|
|
|
profile?.current_holders[0]?.orgChild2Id &&
|
|
|
|
|
profile?.current_holders[0]?.orgChild3Id == null
|
|
|
|
|
) {
|
|
|
|
|
condition = `current_holders.orgRootId = '${profile?.current_holders[0]?.orgRootId}'
|
|
|
|
|
and current_holders.orgChild1Id = '${profile?.current_holders[0]?.orgChild1Id}'
|
|
|
|
|
and current_holders.orgChild2Id = '${profile?.current_holders[0]?.orgChild2Id}'
|
2024-11-14 09:45:00 +07:00
|
|
|
and current_holders.orgChild3Id IS NULL
|
|
|
|
|
and current_holders.orgChild4Id IS NULL`;
|
2024-11-20 16:40:00 +07:00
|
|
|
} else if (
|
|
|
|
|
profile?.current_holders[0]?.orgChild3Id &&
|
|
|
|
|
profile?.current_holders[0]?.orgChild4Id == null
|
|
|
|
|
) {
|
|
|
|
|
condition = `current_holders.orgRootId = '${profile?.current_holders[0]?.orgRootId}'
|
|
|
|
|
and current_holders.orgChild1Id = '${profile?.current_holders[0]?.orgChild1Id}'
|
|
|
|
|
and current_holders.orgChild2Id = '${profile?.current_holders[0]?.orgChild2Id}'
|
|
|
|
|
and current_holders.orgChild3Id = '${profile?.current_holders[0]?.orgChild3Id}'
|
2024-11-14 09:45:00 +07:00
|
|
|
and current_holders.orgChild4Id IS NULL`;
|
2024-11-20 16:40:00 +07:00
|
|
|
} else if (profile?.current_holders[0]?.orgChild4Id) {
|
|
|
|
|
condition = `current_holders.orgRootId = '${profile?.current_holders[0]?.orgRootId}'
|
|
|
|
|
and current_holders.orgChild1Id = '${profile?.current_holders[0]?.orgChild1Id}'
|
|
|
|
|
and current_holders.orgChild2Id = '${profile?.current_holders[0]?.orgChild2Id}'
|
|
|
|
|
and current_holders.orgChild3Id = '${profile?.current_holders[0]?.orgChild3Id}'
|
|
|
|
|
and current_holders.orgChild4Id = '${profile?.current_holders[0]?.orgChild4Id}'`;
|
2024-11-14 09:45:00 +07:00
|
|
|
}
|
|
|
|
|
}
|
2024-11-12 09:11:39 +07:00
|
|
|
let profiles: any = [];
|
2024-11-11 18:13:11 +07:00
|
|
|
let total: any;
|
2024-11-12 09:11:39 +07:00
|
|
|
if (type.trim().toUpperCase() == "OFFICER") {
|
2024-11-11 18:13:11 +07:00
|
|
|
[profiles, total] = await this.profileRepo
|
2024-11-12 09:11:39 +07:00
|
|
|
.createQueryBuilder("profile")
|
|
|
|
|
.leftJoinAndSelect("profile.roleKeycloaks", "roleKeycloaks")
|
2024-11-14 09:45:00 +07:00
|
|
|
.leftJoinAndSelect("profile.current_holders", "current_holders")
|
2024-11-12 09:11:39 +07:00
|
|
|
.where("profile.keycloak IS NOT NULL AND profile.keycloak != ''")
|
2024-11-14 09:45:00 +07:00
|
|
|
.andWhere(condition)
|
2024-11-12 09:11:39 +07:00
|
|
|
.andWhere(
|
|
|
|
|
new Brackets((qb) => {
|
|
|
|
|
qb.orWhere(
|
|
|
|
|
keyword != null && keyword != "" ? `profile.citizenId like '%${keyword}%'` : "1=1",
|
|
|
|
|
)
|
|
|
|
|
.orWhere(
|
|
|
|
|
keyword != null && keyword != "" ? `profile.email like '%${keyword}%'` : "1=1",
|
|
|
|
|
)
|
|
|
|
|
.orWhere(
|
|
|
|
|
keyword != null && keyword != ""
|
|
|
|
|
? `CONCAT(profile.prefix, profile.firstName," ",profile.lastName) like '%${keyword}%'`
|
|
|
|
|
: "1=1",
|
|
|
|
|
);
|
|
|
|
|
}),
|
|
|
|
|
)
|
2024-11-21 15:39:38 +07:00
|
|
|
.orderBy("profile.citizenId", "ASC")
|
2024-11-12 09:11:39 +07:00
|
|
|
.skip((page - 1) * pageSize)
|
|
|
|
|
.take(pageSize)
|
|
|
|
|
.getManyAndCount();
|
|
|
|
|
} else if (type.trim().toUpperCase() == "EMPLOYEE") {
|
2024-11-11 18:13:11 +07:00
|
|
|
[profiles, total] = await this.profileEmpRepo
|
2024-11-12 09:11:39 +07:00
|
|
|
.createQueryBuilder("profileEmployee")
|
|
|
|
|
.leftJoinAndSelect("profileEmployee.roleKeycloaks", "roleKeycloaks")
|
2024-11-14 09:45:00 +07:00
|
|
|
.leftJoinAndSelect("profileEmployee.current_holders", "current_holders")
|
2024-11-12 09:11:39 +07:00
|
|
|
.where("profileEmployee.keycloak IS NOT NULL AND profileEmployee.keycloak != ''")
|
2024-11-14 09:45:00 +07:00
|
|
|
.andWhere(condition)
|
2025-01-17 12:10:23 +07:00
|
|
|
.andWhere({ employeeClass: "PERM" })
|
2024-11-12 09:11:39 +07:00
|
|
|
.andWhere(
|
|
|
|
|
new Brackets((qb) => {
|
|
|
|
|
qb.orWhere(
|
|
|
|
|
keyword != null && keyword != ""
|
|
|
|
|
? `profileEmployee.citizenId like '%${keyword}%'`
|
|
|
|
|
: "1=1",
|
|
|
|
|
)
|
|
|
|
|
.orWhere(
|
|
|
|
|
keyword != null && keyword != ""
|
|
|
|
|
? `profileEmployee.email like '%${keyword}%'`
|
|
|
|
|
: "1=1",
|
|
|
|
|
)
|
|
|
|
|
.orWhere(
|
|
|
|
|
keyword != null && keyword != ""
|
|
|
|
|
? `CONCAT(profileEmployee.prefix, profileEmployee.firstName," ",profileEmployee.lastName) like '%${keyword}%'`
|
|
|
|
|
: "1=1",
|
|
|
|
|
);
|
|
|
|
|
}),
|
|
|
|
|
)
|
2024-11-21 15:39:38 +07:00
|
|
|
.orderBy("profileEmployee.citizenId", "ASC")
|
2024-11-12 09:11:39 +07:00
|
|
|
.skip((page - 1) * pageSize)
|
|
|
|
|
.take(pageSize)
|
|
|
|
|
.getManyAndCount();
|
2024-11-11 18:13:11 +07:00
|
|
|
}
|
2024-11-12 09:11:39 +07:00
|
|
|
|
|
|
|
|
const _profiles = profiles.map((_data: any) => ({
|
|
|
|
|
id: _data.keycloak,
|
2024-11-11 18:13:11 +07:00
|
|
|
firstname: _data.firstName,
|
|
|
|
|
lastname: _data.lastName,
|
|
|
|
|
email: _data.email,
|
|
|
|
|
username: _data.citizenId,
|
|
|
|
|
citizenId: _data.citizenId,
|
2024-11-12 09:11:39 +07:00
|
|
|
roles: _data.roleKeycloaks,
|
2024-11-11 18:13:11 +07:00
|
|
|
enabled: _data.isActive,
|
|
|
|
|
}));
|
|
|
|
|
return new HttpSuccess({ data: _profiles, total });
|
2024-05-29 14:01:53 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Get("group")
|
|
|
|
|
async getGroup() {
|
|
|
|
|
const group = await getGroups();
|
|
|
|
|
if (Array.isArray(group)) return group;
|
|
|
|
|
throw new Error("Failed. Cannot get group.");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Post("group")
|
|
|
|
|
async createGroup(@Body() body: { name: string }) {
|
|
|
|
|
const result = await createGroup(body.name);
|
|
|
|
|
if (!result) throw new Error("Failed. Cannot create group.");
|
|
|
|
|
}
|
2024-11-13 15:59:08 +07:00
|
|
|
|
2024-11-13 10:22:20 +07:00
|
|
|
@Post("log/sso")
|
|
|
|
|
async addLogSSO(
|
|
|
|
|
@Request() req: RequestWithUser,
|
2024-11-13 15:59:08 +07:00
|
|
|
@Body()
|
|
|
|
|
body: {
|
|
|
|
|
text: string;
|
|
|
|
|
},
|
2024-11-13 10:22:20 +07:00
|
|
|
) {
|
|
|
|
|
try {
|
|
|
|
|
addLogSequence(req, {
|
|
|
|
|
action: "request",
|
|
|
|
|
status: "success",
|
|
|
|
|
description: "connected",
|
|
|
|
|
request: {
|
|
|
|
|
response: JSON.stringify(body.text),
|
|
|
|
|
},
|
|
|
|
|
});
|
|
|
|
|
return new HttpSuccess();
|
|
|
|
|
} catch (error) {
|
|
|
|
|
addLogSequence(req, {
|
|
|
|
|
action: "request",
|
|
|
|
|
status: "error",
|
|
|
|
|
description: "unconnected",
|
|
|
|
|
request: {
|
|
|
|
|
response: JSON.stringify(error),
|
|
|
|
|
},
|
|
|
|
|
});
|
|
|
|
|
throw error;
|
|
|
|
|
}
|
|
|
|
|
}
|
2024-05-29 14:01:53 +07:00
|
|
|
|
2025-01-29 17:56:05 +07:00
|
|
|
@Post("user/emp")
|
|
|
|
|
@Security("bearerAuth", ["system", "admin"])
|
2025-01-29 18:02:50 +07:00
|
|
|
async createUserEmp(
|
2025-01-29 17:56:05 +07:00
|
|
|
@Request() request: { user: { sub: string; preferred_username: string } },
|
|
|
|
|
@Body()
|
|
|
|
|
body: {
|
|
|
|
|
username: string;
|
|
|
|
|
password: string;
|
|
|
|
|
firstName?: string;
|
|
|
|
|
lastName?: string;
|
|
|
|
|
email?: string;
|
|
|
|
|
roles: string[];
|
|
|
|
|
profileId?: string;
|
|
|
|
|
},
|
|
|
|
|
) {
|
|
|
|
|
const checkUser = await getUserByUsername(body.username);
|
|
|
|
|
let userId: any = "";
|
|
|
|
|
if (checkUser.length == 0) {
|
|
|
|
|
userId = await createUser(body.username, body.password, {
|
|
|
|
|
firstName: body.firstName,
|
|
|
|
|
lastName: body.lastName,
|
|
|
|
|
// email: body.email,
|
|
|
|
|
});
|
|
|
|
|
if (typeof userId !== "string") {
|
|
|
|
|
throw new Error(userId.errorMessage);
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
userId = checkUser[0].id;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const list = await getRoles();
|
|
|
|
|
if (!Array.isArray(list)) throw new Error("Failed. Cannot get role(s) data from the server.");
|
|
|
|
|
const result = await addUserRoles(
|
|
|
|
|
userId,
|
|
|
|
|
list.filter((v) => body.roles.includes(v.id)),
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
if (!result) {
|
|
|
|
|
throw new Error("Failed. Cannot set user's role.");
|
|
|
|
|
}
|
2025-01-29 18:02:50 +07:00
|
|
|
const profile = await this.profileEmpRepo.findOne({
|
2025-01-29 17:56:05 +07:00
|
|
|
where: {
|
|
|
|
|
id: body.profileId,
|
|
|
|
|
},
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
if (profile) {
|
|
|
|
|
let _null: any = null;
|
|
|
|
|
if (typeof userId === "string") {
|
|
|
|
|
profile.keycloak = userId;
|
|
|
|
|
}
|
|
|
|
|
profile.email = body.email == null ? _null : body.email;
|
2025-01-29 18:02:50 +07:00
|
|
|
await this.profileEmpRepo.save(profile);
|
2025-01-29 17:56:05 +07:00
|
|
|
if (body.roles != null && body.roles.length > 0) {
|
|
|
|
|
const roleKeycloak = await this.roleKeycloakRepo.find({
|
|
|
|
|
where: { id: In(body.roles) },
|
|
|
|
|
});
|
2025-01-29 18:02:50 +07:00
|
|
|
const _profile = await this.profileEmpRepo.findOne({
|
2025-01-29 17:56:05 +07:00
|
|
|
where: { keycloak: userId },
|
|
|
|
|
relations: ["roleKeycloaks"],
|
|
|
|
|
});
|
|
|
|
|
if (_profile) {
|
|
|
|
|
_profile.roleKeycloaks = Array.from(
|
|
|
|
|
new Set([..._profile.roleKeycloaks, ...roleKeycloak]),
|
|
|
|
|
);
|
2025-01-29 18:02:50 +07:00
|
|
|
this.profileEmpRepo.save(_profile);
|
2025-01-29 17:56:05 +07:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return userId;
|
|
|
|
|
}
|
|
|
|
|
|
2024-05-29 14:01:53 +07:00
|
|
|
@Delete("group/{groupId}")
|
|
|
|
|
async deleteGroup(@Path() groupId: string) {
|
|
|
|
|
const result = await deleteGroup(groupId);
|
|
|
|
|
if (!result) throw new Error("Failed. Cannot delete group.");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Get("user/{userId}/group")
|
|
|
|
|
async getUserGroup(@Path() userId: string) {
|
|
|
|
|
const result = await getUserGroups(userId);
|
|
|
|
|
if (!result) throw new Error("Failed. Cannot list group to user.");
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Post("user/{userId}/group/{groupId}")
|
|
|
|
|
async addUserGroup(@Path() userId: string, @Path() groupId: string) {
|
|
|
|
|
const result = await addUserGroup(userId, groupId);
|
|
|
|
|
if (!result) throw new Error("Failed. Cannot assign group to user.");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Delete("user/{userId}/group/{groupId}")
|
|
|
|
|
async removeUserGroup(@Path() userId: string, @Path() groupId: string) {
|
|
|
|
|
const result = await removeUserGroup(userId, groupId);
|
|
|
|
|
if (!result) throw new Error("Failed. Cannot remove group to user.");
|
|
|
|
|
}
|
2024-05-31 10:39:12 +07:00
|
|
|
|
|
|
|
|
@Get("user/role/{id}")
|
|
|
|
|
async getRoleUser(@Path("id") id: string) {
|
2024-11-12 09:11:39 +07:00
|
|
|
const profile = await this.profileRepo.findOne({
|
|
|
|
|
where: { keycloak: id },
|
|
|
|
|
relations: ["roleKeycloaks"],
|
|
|
|
|
});
|
|
|
|
|
if (!profile) {
|
|
|
|
|
const profileEmp = await this.profileEmpRepo.findOne({
|
2025-01-17 12:10:23 +07:00
|
|
|
where: { keycloak: id, employeeClass: "PERM" },
|
2024-11-12 09:11:39 +07:00
|
|
|
relations: ["roleKeycloaks"],
|
|
|
|
|
});
|
|
|
|
|
if (!profileEmp) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
|
|
|
|
|
return profileEmp.roleKeycloaks;
|
2024-05-31 10:39:12 +07:00
|
|
|
}
|
2024-11-12 09:11:39 +07:00
|
|
|
// const result = await getRoleMappings(id);
|
|
|
|
|
// if (!result) {
|
|
|
|
|
// throw new Error("Role mappings not found");
|
|
|
|
|
// }
|
|
|
|
|
return profile.roleKeycloaks;
|
2024-05-31 10:39:12 +07:00
|
|
|
}
|
2024-06-14 16:23:36 +07:00
|
|
|
|
2025-01-22 17:42:23 +07:00
|
|
|
@Get("user/username/{citizenId}")
|
|
|
|
|
async getUserByUsername(@Path("citizenId") citizenId: string) {
|
|
|
|
|
const userData = await getUserByUsername(citizenId);
|
|
|
|
|
if (!userData || userData.length == 0) {
|
|
|
|
|
throw new Error("User not found");
|
|
|
|
|
}
|
|
|
|
|
const rolesData = await getRoleMappings(userData[0].id);
|
|
|
|
|
if (!rolesData) {
|
|
|
|
|
throw new Error("Role mappings not found");
|
|
|
|
|
}
|
|
|
|
|
const userDataWithRoles = {
|
|
|
|
|
...userData,
|
|
|
|
|
roles: rolesData,
|
|
|
|
|
};
|
|
|
|
|
|
2025-01-29 12:13:16 +07:00
|
|
|
return userDataWithRoles;
|
2025-01-22 17:42:23 +07:00
|
|
|
}
|
|
|
|
|
|
2024-10-17 16:39:42 +07:00
|
|
|
@Put("user/{userId}/enableStatus/{status}") //#log?
|
2024-06-14 16:23:36 +07:00
|
|
|
async changeEnableStatus(@Path() userId: string, @Path() status: boolean) {
|
2024-11-12 09:11:39 +07:00
|
|
|
const profile = await this.profileRepo.findOne({
|
|
|
|
|
where: { keycloak: userId },
|
|
|
|
|
});
|
|
|
|
|
if (!profile) {
|
|
|
|
|
const profileEmp = await this.profileEmpRepo.findOne({
|
2025-01-17 12:10:23 +07:00
|
|
|
where: { keycloak: userId, employeeClass: "PERM" },
|
2024-11-12 09:11:39 +07:00
|
|
|
});
|
|
|
|
|
if (!profileEmp) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
|
|
|
|
|
profileEmp.isActive = status;
|
|
|
|
|
this.profileEmpRepo.save(profileEmp);
|
|
|
|
|
} else {
|
|
|
|
|
profile.isActive = status;
|
|
|
|
|
this.profileRepo.save(profile);
|
|
|
|
|
}
|
2024-06-14 16:23:36 +07:00
|
|
|
const result = await enableStatus(userId, status);
|
2024-06-14 16:30:46 +07:00
|
|
|
if (!result) {
|
|
|
|
|
throw new Error("Failed. Cannot change enable status.");
|
|
|
|
|
}
|
|
|
|
|
return result;
|
2024-06-14 16:23:36 +07:00
|
|
|
}
|
2025-02-21 11:49:04 +07:00
|
|
|
|
|
|
|
|
@Post("user/change-password")
|
|
|
|
|
async changeUserPassword(
|
|
|
|
|
@Request() request: { user: { sub: string; preferred_username: string } },
|
|
|
|
|
@Body()
|
|
|
|
|
body: {
|
|
|
|
|
password: string;
|
|
|
|
|
},
|
|
|
|
|
) {
|
|
|
|
|
const result = await changeUserPassword(request.user.sub, body.password);
|
|
|
|
|
if (!result) {
|
|
|
|
|
throw new Error("Failed. Cannot change password.");
|
|
|
|
|
}
|
|
|
|
|
return result;
|
|
|
|
|
}
|
2025-02-21 17:26:11 +07:00
|
|
|
|
2025-03-14 13:26:37 +07:00
|
|
|
@Post("user/create")
|
2025-03-04 22:03:23 +07:00
|
|
|
@Security("bearerAuth", ["system", "admin"])
|
|
|
|
|
async createUserImport(
|
|
|
|
|
@Request() request: { user: { sub: string; preferred_username: string } },
|
|
|
|
|
) {
|
|
|
|
|
const profiles = await this.profileRepo.find({
|
2025-03-05 12:18:24 +07:00
|
|
|
where: {
|
|
|
|
|
keycloak: IsNull(),
|
|
|
|
|
},
|
2025-03-04 22:03:23 +07:00
|
|
|
relations: ["roleKeycloaks"],
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
for await (const _item of profiles) {
|
|
|
|
|
let password = _item.citizenId;
|
|
|
|
|
if (_item.birthDate != null) {
|
|
|
|
|
const gregorianYear = _item.birthDate.getFullYear() + 543;
|
|
|
|
|
|
|
|
|
|
const formattedDate =
|
|
|
|
|
_item.birthDate.toISOString().slice(8, 10) +
|
|
|
|
|
_item.birthDate.toISOString().slice(5, 7) +
|
|
|
|
|
gregorianYear;
|
|
|
|
|
password = formattedDate;
|
|
|
|
|
}
|
|
|
|
|
const checkUser = await getUserByUsername(_item.citizenId);
|
|
|
|
|
let userId: any = "";
|
|
|
|
|
if (checkUser.length == 0) {
|
|
|
|
|
userId = await createUser(_item.citizenId, password, {
|
|
|
|
|
firstName: _item.firstName,
|
|
|
|
|
lastName: _item.lastName,
|
|
|
|
|
// email: _item.email,
|
|
|
|
|
});
|
|
|
|
|
if (typeof userId !== "string") {
|
|
|
|
|
throw new Error(userId.errorMessage);
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
userId = checkUser[0].id;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const list = await getRoles();
|
|
|
|
|
if (!Array.isArray(list)) throw new Error("Failed. Cannot get role(s) data from the server.");
|
|
|
|
|
const result = await addUserRoles(
|
|
|
|
|
userId,
|
2025-03-14 13:26:37 +07:00
|
|
|
list.filter((v) => v.id == "f8619dc2-dc0d-4aab-957f-66bdf905e9d0"),
|
2025-03-04 22:03:23 +07:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
if (!result) {
|
|
|
|
|
throw new Error("Failed. Cannot set user's role.");
|
|
|
|
|
}
|
|
|
|
|
if (typeof userId === "string") {
|
|
|
|
|
_item.keycloak = userId;
|
|
|
|
|
}
|
|
|
|
|
const roleKeycloak = await this.roleKeycloakRepo.find({
|
2025-03-14 13:26:37 +07:00
|
|
|
where: { id: "f8619dc2-dc0d-4aab-957f-66bdf905e9d0" },
|
2025-03-04 22:03:23 +07:00
|
|
|
});
|
|
|
|
|
if (_item) {
|
|
|
|
|
_item.roleKeycloaks = Array.from(new Set([..._item.roleKeycloaks, ...roleKeycloak]));
|
|
|
|
|
this.profileRepo.save(_item);
|
|
|
|
|
}
|
|
|
|
|
}
|
2025-03-14 13:26:37 +07:00
|
|
|
return "";
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Post("user/change-password-all")
|
|
|
|
|
async changeUserPasswordAll(
|
|
|
|
|
@Request() request: { user: { sub: string; preferred_username: string } },
|
|
|
|
|
) {
|
|
|
|
|
const profiles = await this.profileRepo.find({
|
|
|
|
|
where: {
|
|
|
|
|
keycloak: Not(IsNull()),
|
|
|
|
|
},
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
for await (const _item of profiles) {
|
|
|
|
|
const result = await changeUserPassword(_item.keycloak, "P@ssw0rd");
|
|
|
|
|
if (!result) {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return;
|
2025-03-04 22:03:23 +07:00
|
|
|
}
|
2024-05-29 14:01:53 +07:00
|
|
|
}
|
