Merge pull request #143 from Xitija/Shiksha-2.0

Task #218147 refactor : modified find priviledge method
tekdi · Apr 30, 2024 · ee85332 · ee85332
2 parents 062e9d8 + 6e72e51
commit ee85332
Show file tree

Hide file tree

Showing 3 changed files with 26 additions and 32 deletions.
diff --git a/src/auth/auth.controller.ts b/src/auth/auth.controller.ts
@@ -14,19 +14,21 @@ import {
   SerializeOptions,
   Req,
   Res,
-  Request,
   Response,
   HttpStatus,
   HttpCode,
   UsePipes,
   ValidationPipe,
+  UseGuards,
 } from "@nestjs/common";
 import {
   AuthDto,
   RefreshTokenRequestBody,
   LogoutRequestBody,
 } from "./dto/auth-dto";
 import { AuthService } from "./auth.service";
+import { JwtAuthGuard } from "src/common/guards/keycloak.guard";
+import { RbacAuthGuard } from "src/common/guards/rbac.guard";
 
 @ApiTags("Auth")
 @Controller("auth")
@@ -43,19 +45,19 @@ export class AuthController {
   }
 
   @Get("/user")
+  @ApiHeader({
+    name: "rbac_token",
+  })
+  @UseGuards(JwtAuthGuard, RbacAuthGuard)
   @ApiBasicAuth("access-token")
   @ApiOkResponse({ description: "User detail." })
   @ApiForbiddenResponse({ description: "Forbidden" })
   @SerializeOptions({
     strategy: "excludeAll",
   })
-  @ApiHeader({
-    name: "tenantid",
-  })
-  public async getUserByAuth(
-    @Req() request: Request,
-    @Res() response: Response
-  ) {
+  public async getUserByAuth(@Req() request, @Res() response: Response) {
+    console.log(request.user, "user");
+    console.log(request.user.userData, "user");
     // const tenantId = headers["tenantid"];
     return this.authService.getUserByAuth(request, response);
   }

diff --git a/src/authRbac/authRbac.controller.ts b/src/authRbac/authRbac.controller.ts
@@ -1,16 +1,13 @@
 import {
-  Body,
   Controller,
-  Post,
   HttpCode,
   HttpStatus,
-  Param,
   Get,
   UseGuards,
   Req,
 } from "@nestjs/common";
 import { AuthRbacService } from "./authRbac.service";
-import { ApiBasicAuth, ApiTags } from "@nestjs/swagger";
+import { ApiBasicAuth, ApiHeader, ApiTags } from "@nestjs/swagger";
 import { JwtAuthGuard } from "src/common/guards/keycloak.guard";
 
 @ApiTags("AuthRbac")
@@ -20,10 +17,13 @@ export class AuthRbacController {
 
   @HttpCode(HttpStatus.OK)
   @Get("/token")
+  @ApiHeader({
+    name: "tenantid",
+  })
   @ApiBasicAuth("access-token")
   @UseGuards(JwtAuthGuard)
   signInRbac(@Req() req) {
-    // console.log(req.user, "user");
-    return this.authService.signInRbac(req.user.username);
+    const tenantId = req.headers["tenantid"];
+    return this.authService.signInRbac(req.user.username, tenantId);
   }
 }
diff --git a/src/authRbac/authRbac.service.ts b/src/authRbac/authRbac.service.ts
@@ -3,7 +3,6 @@ import { ConfigService } from "@nestjs/config";
 import { JwtService } from "@nestjs/jwt";
 import { PostgresRoleService } from "src/adapters/postgres/rbac/role-adapter";
 import { UserAdapter } from "src/user/useradapter";
-// import { UsersService } from '../users/users.service';
 
 @Injectable()
 export class AuthRbacService {
@@ -21,7 +20,7 @@ export class AuthRbacService {
     this.audience = this.configService.get<string>("AUDIENCE");
     this.jwt_expires_In = this.configService.get("RBAC_JWT_EXPIRES_IN");
     this.jwt_secret = this.configService.get<string>("RBAC_JWT_SECRET");
-  } // private usersService: UsersService,
+  }
 
   async generateToken(payload) {
     const plainObject = JSON.parse(JSON.stringify(payload));
@@ -32,25 +31,22 @@ export class AuthRbacService {
     return token;
   }
 
-  async signInRbac(username: string): Promise<any> {
+  async signInRbac(username: string, tenantId: string): Promise<any> {
     let userData = await this.userAdapter
       .buildUserAdapter()
       .findUserDetails(null, username);
 
-    // console.log(userData, "user Id");
-
     if (!userData) {
       throw new UnauthorizedException();
     }
 
     userData["roles"] = await this.postgresRoleService.findUserRoleData(
       userData?.userId,
-      userData?.tenantId
+      tenantId
     );
 
     userData["priviledges"] = await this.getPrivileges(userData.roles);
-
-    // console.log(userData, "roleDta");
+    userData["tenantId"] = tenantId;
 
     const issuer = this.issuer;
     const audience = this.audience;
@@ -67,17 +63,13 @@ export class AuthRbacService {
   }
 
   async getPrivileges(userRoleData) {
-    let privileges = [];
-    for (let data of userRoleData) {
-      const result = await this.postgresRoleService.findPrivilegeByRoleId(
-        data.roleid
-      );
-      privileges = result.map((privilege) => ({
-        privilegeId: privilege.privilegeid,
-        title: privilege.name,
-        code: privilege.code,
-      }));
+    const roleIds = userRoleData.map(({ roleid }) => roleid);
+    if (!roleIds.length) {
+      return [];
     }
+    const privileges = await this.postgresRoleService.findPrivilegeByRoleId(
+      roleIds
+    );
     return privileges;
   }
 }