From ceb8744073b769781c3c0cf6c58e06098c92e41b Mon Sep 17 00:00:00 2001 From: LWangllix Date: Tue, 16 Jan 2024 22:24:38 +0200 Subject: [PATCH] group filter for users --- services/permissions.service.ts | 58 +++++++++++++++++++++++---------- services/users.service.ts | 22 ++++++++----- 2 files changed, 53 insertions(+), 27 deletions(-) diff --git a/services/permissions.service.ts b/services/permissions.service.ts index b5a32f0..2cb5393 100644 --- a/services/permissions.service.ts +++ b/services/permissions.service.ts @@ -1,23 +1,24 @@ 'use strict'; +import { isEmpty } from 'lodash'; import moleculer, { Context } from 'moleculer'; import { Action, Method, Service } from 'moleculer-decorators'; -import { App, UsersAppAccesses } from './apps.service'; -import { Group } from './groups.service'; -import { UserGroup, UserGroupRole } from './userGroups.service'; -import { User, UserType } from './users.service'; import DbConnection from '../mixins/database.mixin'; import { - COMMON_FIELDS, + BaseModelInterface, COMMON_DEFAULT_SCOPES, + COMMON_FIELDS, COMMON_SCOPES, - BaseModelInterface, + DISABLE_REST_ACTIONS, throwBadRequestError, throwNotFoundError, throwUnauthorizedError, - DISABLE_REST_ACTIONS, } from '../types'; import { AppAuthMeta, UserAuthMeta } from './api.service'; +import { App, UsersAppAccesses } from './apps.service'; +import { Group } from './groups.service'; +import { UserGroup, UserGroupRole } from './userGroups.service'; +import { User, UserType } from './users.service'; export enum PermissionRole { USER = 'USER', @@ -403,7 +404,10 @@ export default class PermissionsService extends moleculer.Service { // }, }) async getVisibleUsersIds( - ctx: Context<{ userId: number; appId: number; edit: boolean }, UserAuthMeta & AppAuthMeta>, + ctx: Context< + { userId: number; appId: number; edit: boolean; groupIds: string[] }, + UserAuthMeta & AppAuthMeta + >, ) { let app: App = ctx.meta.app; let user: User = ctx.meta.user; @@ -420,13 +424,12 @@ export default class PermissionsService extends moleculer.Service { if (!app || !user) { throwNotFoundError('App not found'); } - if (user.type === UserType.SUPER_ADMIN) { - return ctx.call('inheritedUserApps.getUserIdsByApp', { - app: app.id, - }); - } - const usersIdsInGroup: Array = await this.getVisibleUsersIdsByUser(user.id, edit); + const usersIdsInGroup: Array = await this.getVisibleUsersIdsByUser( + user, + ctx.params?.groupIds, + edit, + ); const visibleUsersInGroupsWithApp: Array = await ctx.call( 'inheritedUserApps.getUserIdsByApp', @@ -935,17 +938,36 @@ export default class PermissionsService extends moleculer.Service { } @Method - async getVisibleUsersIdsByUser(userId: any, edit: boolean = false) { - const groupIds = await this.getVisibleGroupsByUser(userId, edit && UserGroupRole.ADMIN); + async getVisibleUsersIdsByUser(user: User, groupIds: string[], edit: boolean = false) { + if (user.type == UserType.SUPER_ADMIN) { + if (!groupIds || isEmpty(groupIds)) return []; + + const usersIds: Array = await this.broker.call('userGroups.find', { + query: { + group: { $in: groupIds }, + }, + fields: 'user', + }); + + return [...usersIds.map((i) => i.user), user.id]; + } + + let visibleGroupIds = await this.getVisibleGroupsByUser(user.id, edit && UserGroupRole.ADMIN); + + if (Array.isArray(groupIds)) { + visibleGroupIds = visibleGroupIds.filter((visibleGroupId) => + groupIds.includes(visibleGroupId.toString()), + ); + } const usersIds: Array = await this.broker.call('userGroups.find', { query: { - group: { $in: groupIds }, + group: { $in: visibleGroupIds }, }, fields: 'user', }); - return [...usersIds.map((i) => i.user), userId]; + return [...usersIds.map((i) => i.user), user.id]; } @Method diff --git a/services/users.service.ts b/services/users.service.ts index 0cf749c..dc696bb 100644 --- a/services/users.service.ts +++ b/services/users.service.ts @@ -3,25 +3,25 @@ import moleculer, { Context } from 'moleculer'; import { Action, Event, Method, Service } from 'moleculer-decorators'; -import { AppAuthMeta, UserAuthMeta, AuthStrategy } from './api.service'; import DbConnection from '../mixins/database.mixin'; import { - COMMON_FIELDS, + BaseModelInterface, COMMON_DEFAULT_SCOPES, + COMMON_FIELDS, COMMON_SCOPES, + DISABLE_REST_ACTIONS, FieldHookCallback, - BaseModelInterface, throwNotFoundError, throwUnauthorizedError, - DISABLE_REST_ACTIONS, } from '../types'; +import { AppAuthMeta, AuthStrategy, UserAuthMeta } from './api.service'; -import { UserLocal } from './usersLocal.service'; -import { UserEvartai } from './usersEvartai.service'; +import { toggleItemInArray } from '../utils/array'; import { App } from './apps.service'; -import { UserGroup, UserGroupRole } from './userGroups.service'; import { Group } from './groups.service'; -import { toggleItemInArray } from '../utils/array'; +import { UserGroup, UserGroupRole } from './userGroups.service'; +import { UserEvartai } from './usersEvartai.service'; +import { UserLocal } from './usersLocal.service'; export enum UserType { ADMIN = 'ADMIN', USER = 'USER', @@ -590,7 +590,11 @@ export default class UsersService extends moleculer.Service { ctx.params.query = ctx.params.query || {}; - const usersIds = await ctx.call('permissions.getVisibleUsersIds', {}, { meta: ctx.meta }); + const usersIds = await ctx.call( + 'permissions.getVisibleUsersIds', + { groupIds: ctx?.params?.query?.group?.$in }, + { meta: ctx.meta }, + ); if (!ctx.params.query.type) { ctx.params.query.type = {