From 27f82f36526cef87ab7ece64d8158e1963a28692 Mon Sep 17 00:00:00 2001 From: Bright Date: Thu, 21 Nov 2024 16:22:08 +0700 Subject: [PATCH 1/4] =?UTF-8?q?=E0=B9=80=E0=B8=8A=E0=B9=87=E0=B8=84=20upda?= =?UTF-8?q?te=20role=20keycloak=20#802?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/controllers/UserController.ts | 166 ++++++++++++++---------------- 1 file changed, 79 insertions(+), 87 deletions(-) diff --git a/src/controllers/UserController.ts b/src/controllers/UserController.ts index dafa6c60..dd99d62d 100644 --- a/src/controllers/UserController.ts +++ b/src/controllers/UserController.ts @@ -80,9 +80,6 @@ export class KeycloakController extends Controller { return userDataWithRoles; } - // async getUser(@Path() id: string) { - // return await getUser(id); - // } @Post("user") @Security("bearerAuth", ["system", "admin"]) @@ -106,70 +103,62 @@ export class KeycloakController extends Controller { }); if (typeof userId !== "string") { - // throw new Error("ไม่สามารถติดต่อกับระบบจัดการผู้ใช้งานได้"); throw new Error(userId.errorMessage); } + else { + const now = new Date().toISOString(); + const folderData: any = { + pathname: stripLeadingSlash(`${body.username.trim()}/`), + path: "", + name: body.username.trim(), + hidden: false, + permissionGroup: [], + permissionUser: [], + permissionOther: { + create: false, + read: false, + update: false, + delete: false, + perm: false, + }, + favourite: false, + color: "default", + type: "folder", + owner: body.username, + ownerId: userId, + createdAt: now, + createdBy: request.user.preferred_username, + createdByUserId: request.user.sub, + updatedAt: now, + updatedBy: request.user.preferred_username, + updatedByUserId: request.user.sub, + }; - const now = new Date().toISOString(); - const folderData: any = { - pathname: stripLeadingSlash(`${body.username.trim()}/`), - path: "", - name: body.username.trim(), - hidden: false, - permissionGroup: [], - permissionUser: [], - permissionOther: { - create: false, - read: false, - update: false, - delete: false, - perm: false, - }, - favourite: false, - color: "default", - type: "folder", - owner: body.username, - ownerId: userId, - createdAt: now, - createdBy: request.user.preferred_username, - createdByUserId: request.user.sub, - updatedAt: now, - updatedBy: request.user.preferred_username, - updatedByUserId: request.user.sub, - }; + const profile = await this.profileRepo.findOne({ + where: { + id: body.profileId, + }, + }); - // await elasticsearch.index({ - // index: DEFAULT_INDEX!, - // document: folderData, - // refresh: "wait_for", - // }); - - // io.getInstance()?.emit("FolderCreate", folderData); - - const profile = await this.profileRepo.findOne({ - where: { - id: body.profileId, - }, - }); - - if (profile) { - let _null: any = null; - profile.keycloak = userId; - profile.email = body.email == null ? _null : body.email; - await this.profileRepo.save(profile); - if (body.roles != null && body.roles.length > 0) { - const roleKeycloak = await this.roleKeycloakRepo.find({ - where: { id: In(body.roles) }, - }); - const _profile = await this.profileRepo.findOne({ - where: { keycloak: userId }, - relations: ["roleKeycloaks"], - }); - if (_profile) { - _profile.roleKeycloaks = Array.from( - new Set([..._profile.roleKeycloaks, ...roleKeycloak]), - ); - this.profileRepo.save(_profile); + if (profile) { + let _null: any = null; + profile.keycloak = userId; + profile.email = body.email == null ? _null : body.email; + await this.profileRepo.save(profile); + if (body.roles != null && body.roles.length > 0) { + const roleKeycloak = await this.roleKeycloakRepo.find({ + where: { id: In(body.roles) }, + }); + const _profile = await this.profileRepo.findOne({ + where: { keycloak: userId }, + relations: ["roleKeycloaks"], + }); + if (_profile) { + _profile.roleKeycloaks = Array.from( + new Set([..._profile.roleKeycloaks, ...roleKeycloak]), + ); + this.profileRepo.save(_profile); + } } } } @@ -249,38 +238,41 @@ export class KeycloakController extends Controller { @Post("{userId}/role") async addRole(@Path() userId: string, @Body() body: { role: string[] }) { - const roleKeycloak = await this.roleKeycloakRepo.find({ - where: { id: In(body.role) }, - }); - const profile = await this.profileRepo.findOne({ - where: { keycloak: userId }, - relations: ["roleKeycloaks"], - }); - if (!profile) { - const profileEmp = await this.profileEmpRepo.findOne({ - where: { keycloak: userId }, - relations: ["roleKeycloaks"], - }); - if (!profileEmp) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล"); - profileEmp.roleKeycloaks = Array.from( - new Set([...profileEmp.roleKeycloaks, ...roleKeycloak]), - ); - this.profileEmpRepo.save(profileEmp); - } else { - profile.roleKeycloaks = Array.from(new Set([...profile.roleKeycloaks, ...roleKeycloak])); - this.profileRepo.save(profile); - } const list = await getRoles(); - if (!Array.isArray(list)) throw new Error("Failed. Cannot get role(s) data from the server."); - const result = await addUserRoles( userId, list.filter((v) => body.role.includes(v.id)), ); - if (!result) throw new Error("Failed. Cannot set user's role."); + if (!result) { + throw new Error("Failed. Cannot set user's role."); + } + else { + const roleKeycloak = await this.roleKeycloakRepo.find({ + where: { id: In(body.role) }, + }); + const profile = await this.profileRepo.findOne({ + where: { keycloak: userId }, + relations: ["roleKeycloaks"], + }); + if (!profile) { + const profileEmp = await this.profileEmpRepo.findOne({ + where: { keycloak: userId }, + relations: ["roleKeycloaks"], + }); + if (!profileEmp) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล"); + profileEmp.roleKeycloaks = Array.from( + new Set([...profileEmp.roleKeycloaks, ...roleKeycloak]), + ); + this.profileEmpRepo.save(profileEmp); + } else { + profile.roleKeycloaks = Array.from(new Set([...profile.roleKeycloaks, ...roleKeycloak])); + this.profileRepo.save(profile); + } + } + return new HttpSuccess(); } From 34b872d142f39d3289909ceb0f386b24da8e0579 Mon Sep 17 00:00:00 2001 From: AdisakKanthawilang Date: Thu, 21 Nov 2024 17:01:35 +0700 Subject: [PATCH 2/4] fix path email --- src/controllers/ProfileController.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/controllers/ProfileController.ts b/src/controllers/ProfileController.ts index 2c468dca..c53be4fe 100644 --- a/src/controllers/ProfileController.ts +++ b/src/controllers/ProfileController.ts @@ -1887,7 +1887,7 @@ export class ProfileController extends Controller { const jwt = require('jsonwebtoken'); const token = jwt.sign({email_id: body.email, profileId: body.profileId}, process.env.AUTH_ACCOUNT_SECRET, {expiresIn: '15m'}); // console.log("[token]",token); - const link = process.env.URL + "/verifyemail/" + token; + const link = process.env.URL + "/verifyemail?upn=" + token; // console.log("[link]",link); await new CallAPI() From 9ed7447095ab09a153e892cc4710a0eb44cd334d Mon Sep 17 00:00:00 2001 From: Bright Date: Thu, 21 Nov 2024 17:05:01 +0700 Subject: [PATCH 3/4] update #802 --- src/controllers/UserController.ts | 135 +++++++++++++++--------------- 1 file changed, 69 insertions(+), 66 deletions(-) diff --git a/src/controllers/UserController.ts b/src/controllers/UserController.ts index dd99d62d..ab083d6a 100644 --- a/src/controllers/UserController.ts +++ b/src/controllers/UserController.ts @@ -99,66 +99,67 @@ export class KeycloakController extends Controller { const userId = await createUser(body.username, body.password, { firstName: body.firstName, lastName: body.lastName, - email: body.email, + // email: body.email, }); if (typeof userId !== "string") { throw new Error(userId.errorMessage); } - else { - const now = new Date().toISOString(); - const folderData: any = { - pathname: stripLeadingSlash(`${body.username.trim()}/`), - path: "", - name: body.username.trim(), - hidden: false, - permissionGroup: [], - permissionUser: [], - permissionOther: { - create: false, - read: false, - update: false, - delete: false, - perm: false, - }, - favourite: false, - color: "default", - type: "folder", - owner: body.username, - ownerId: userId, - createdAt: now, - createdBy: request.user.preferred_username, - createdByUserId: request.user.sub, - updatedAt: now, - updatedBy: request.user.preferred_username, - updatedByUserId: request.user.sub, - }; - const profile = await this.profileRepo.findOne({ - where: { - id: body.profileId, - }, - }); + const now = new Date().toISOString(); + const folderData: any = { + pathname: stripLeadingSlash(`${body.username.trim()}/`), + path: "", + name: body.username.trim(), + hidden: false, + permissionGroup: [], + permissionUser: [], + permissionOther: { + create: false, + read: false, + update: false, + delete: false, + perm: false, + }, + favourite: false, + color: "default", + type: "folder", + owner: body.username, + ownerId: userId, + createdAt: now, + createdBy: request.user.preferred_username, + createdByUserId: request.user.sub, + updatedAt: now, + updatedBy: request.user.preferred_username, + updatedByUserId: request.user.sub, + }; - if (profile) { - let _null: any = null; + const profile = await this.profileRepo.findOne({ + where: { + id: body.profileId, + }, + }); + + if (profile) { + let _null: any = null; + if (typeof userId === "string") { profile.keycloak = userId; - profile.email = body.email == null ? _null : body.email; - await this.profileRepo.save(profile); - if (body.roles != null && body.roles.length > 0) { - const roleKeycloak = await this.roleKeycloakRepo.find({ - where: { id: In(body.roles) }, - }); - const _profile = await this.profileRepo.findOne({ - where: { keycloak: userId }, - relations: ["roleKeycloaks"], - }); - if (_profile) { - _profile.roleKeycloaks = Array.from( - new Set([..._profile.roleKeycloaks, ...roleKeycloak]), - ); - this.profileRepo.save(_profile); - } + } + profile.email = body.email == null ? _null : body.email; + await this.profileRepo.save(profile); + if (body.roles != null && body.roles.length > 0) { + const roleKeycloak = await this.roleKeycloakRepo.find({ + where: { id: In(body.roles) }, + }); + const _profile = await this.profileRepo.findOne({ + where: { keycloak: userId }, + relations: ["roleKeycloaks"], + }); + if (_profile) { + _profile.roleKeycloaks = Array.from( + new Set([..._profile.roleKeycloaks, ...roleKeycloak]), + ); + this.profileRepo.save(_profile); } } } @@ -249,28 +250,30 @@ export class KeycloakController extends Controller { if (!result) { throw new Error("Failed. Cannot set user's role."); } - else { - const roleKeycloak = await this.roleKeycloakRepo.find({ - where: { id: In(body.role) }, - }); - const profile = await this.profileRepo.findOne({ + + const roleKeycloak = await this.roleKeycloakRepo.find({ + where: { id: In(body.role) }, + }); + const profile = await this.profileRepo.findOne({ + where: { keycloak: userId }, + relations: ["roleKeycloaks"], + }); + if (!profile) { + const profileEmp = await this.profileEmpRepo.findOne({ where: { keycloak: userId }, relations: ["roleKeycloaks"], }); - if (!profile) { - const profileEmp = await this.profileEmpRepo.findOne({ - where: { keycloak: userId }, - relations: ["roleKeycloaks"], - }); - if (!profileEmp) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล"); + // if (!profileEmp) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล"); + if(profileEmp) { profileEmp.roleKeycloaks = Array.from( new Set([...profileEmp.roleKeycloaks, ...roleKeycloak]), ); this.profileEmpRepo.save(profileEmp); - } else { - profile.roleKeycloaks = Array.from(new Set([...profile.roleKeycloaks, ...roleKeycloak])); - this.profileRepo.save(profile); } + } + else { + profile.roleKeycloaks = Array.from(new Set([...profile.roleKeycloaks, ...roleKeycloak])); + this.profileRepo.save(profile); } return new HttpSuccess(); From d01ca5f06171f9bfc45bd10b6db7e83c7edca634 Mon Sep 17 00:00:00 2001 From: AdisakKanthawilang Date: Thu, 21 Nov 2024 17:32:31 +0700 Subject: [PATCH 4/4] fix --- .../OrganizationUnauthorizeController.ts | 30 +++++++++++++++++++ src/controllers/ProfileController.ts | 29 ------------------ 2 files changed, 30 insertions(+), 29 deletions(-) diff --git a/src/controllers/OrganizationUnauthorizeController.ts b/src/controllers/OrganizationUnauthorizeController.ts index 4fdfbf92..caf55741 100644 --- a/src/controllers/OrganizationUnauthorizeController.ts +++ b/src/controllers/OrganizationUnauthorizeController.ts @@ -11,6 +11,7 @@ import { calculateRetireDate } from "../interfaces/utils"; import { EmployeePosMaster } from "../entities/EmployeePosMaster"; import { Profile } from "../entities/Profile"; import { ProfileEmployee } from "../entities/ProfileEmployee"; +import HttpStatus from "../interfaces/http-status"; @Route("api/v1/org/unauthorize") @Tags("OrganizationUnauthorize") @@ -1123,4 +1124,33 @@ export class OrganizationUnauthorizeController extends Controller { return new HttpSuccess(mapProfile); } + + /** + * API ยืนยัน Email + * + * @summary ยืนยัน Email + * + */ + @Post("verify-email") + async genLinkVerifyEmail(@Body() body: { token: string }) { + const jwt = require("jsonwebtoken"); + const secretKey = process.env.AUTH_ACCOUNT_SECRET || "defaultSecretKey"; + const decodedToken = jwt.verify(body.token, secretKey); + // console.log("[email]",decodedToken); + // console.log("[1]",decodedToken.email_id); + + const profile = await this.profileRepo.findOne({ + where: { + id: decodedToken.profileId, + email: decodedToken.email_id, + }, + }); + if (!profile) { + throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลโปรไฟล์"); + } + + Object.assign(profile, body); + profile.statusEmail = "VERIFIED"; + await this.profileRepo.save(profile); + } } diff --git a/src/controllers/ProfileController.ts b/src/controllers/ProfileController.ts index c53be4fe..0752fb01 100644 --- a/src/controllers/ProfileController.ts +++ b/src/controllers/ProfileController.ts @@ -1902,35 +1902,6 @@ export class ProfileController extends Controller { return new HttpSuccess(); } - /** - * API ยืนยัน Email - * - * @summary ยืนยัน Email - * - */ - @Post("verify-email") - async genLinkVerifyEmail(@Body() body: { token: string }) { - const jwt = require("jsonwebtoken"); - const secretKey = process.env.AUTH_ACCOUNT_SECRET || "defaultSecretKey"; - const decodedToken = jwt.verify(body.token, secretKey); - // console.log("[email]",decodedToken); - // console.log("[1]",decodedToken.email_id); - - const profile = await this.profileRepo.findOne({ - where: { - id: decodedToken.profileId, - email: decodedToken.email_id, - }, - }); - if (!profile) { - throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลโปรไฟล์"); - } - - Object.assign(profile, body); - profile.statusEmail = "VERIFIED"; - await this.profileRepo.save(profile); - } - /** * API ออกคำสั่ง คำสั่งให้ข้าราชการที่มีผลการทดลองปฏิบัติหน้าที่ราชการไม่ต่ำกว่ามาตรฐานที่กำหนดรับราชการต่อไป *