Merge remote-tracking branch 'upstream/develop' into dev-develop

sumanvpacewisdom · sumanvpacewisdom · commit 3ebb56e3e4ab · 2024-03-19T14:26:08.000+05:30
Merge from upstream develop to local develop
diff --git a/src/.env.sample b/src/.env.sample
@@ -164,3 +164,6 @@ EVENT_ORG_LISTENER_URLS='http://interface:3567/mentoring/v1/organization/eventLi
 EVENT_ENABLE_ORG_EVENTS=true
 #Generic Email template for new users
 GENERIC_INVITATION_EMAIL_TEMPLATE_CODE=generic_invite
+
+# Allowed host by CORS
+ALLOWED_HOST = "http://examplDomain.com"
diff --git a/src/app.js b/src/app.js
@@ -65,6 +65,12 @@ app.use(bodyParser.json({ limit: '50MB' }))
 
 app.use(express.static('public'))
 
+// Middleware to set Access-Control-Allow-Origin header
+app.use((req, res, next) => {
+	res.setHeader('Access-Control-Allow-Origin', process.env.ALLOWED_HOST)
+	next()
+})
+
 /* Logs request info if environment is configured to enable log */
 app.all('*', (req, res, next) => {
 	logger.info('***User Service Request Log***', {
diff --git a/src/controllers/v1/organization.js b/src/controllers/v1/organization.js
@@ -160,4 +160,27 @@ module.exports = class Organization {
 			return error
 		}
 	}
+
+	async addRelatedOrg(req) {
+		try {
+			const result = await orgService.addRelatedOrg(
+				req.params.id ? req.params.id : '',
+				req.body.related_orgs ? req.body.related_orgs : []
+			)
+			return result
+		} catch (error) {
+			return error
+		}
+	}
+	async removeRelatedOrg(req) {
+		try {
+			const result = await orgService.removeRelatedOrg(
+				req.params.id ? req.params.id : '',
+				req.body.related_orgs ? req.body.related_orgs : []
+			)
+			return result
+		} catch (error) {
+			return error
+		}
+	}
 }
diff --git a/src/database/migrations/20240313130050-add-admin-permissions-for-related-orgs-apis.js b/src/database/migrations/20240313130050-add-admin-permissions-for-related-orgs-apis.js
@@ -0,0 +1,63 @@
+'use strict'
+
+/** @type {import('sequelize-cli').Migration} */
+module.exports = {
+	async up(queryInterface, Sequelize) {
+		try {
+			const permissionsData = [
+				{
+					code: 'organization_data_update',
+					module: 'organization',
+					request_type: ['POST'],
+					api_path: 'user/v1/organization/update/*',
+					status: 'ACTIVE',
+				},
+				{
+					code: 'organization_append_relatedOrg',
+					module: 'organization',
+					request_type: ['POST'],
+					api_path: 'user/v1/organization/addRelatedOrg/*',
+					status: 'ACTIVE',
+				},
+				{
+					code: 'organization_remove_relatedOrg',
+					module: 'organization',
+					request_type: ['POST'],
+					api_path: 'user/v1/organization/removeRelatedOrg/*',
+					status: 'ACTIVE',
+				},
+			]
+
+			// Batch insert permissions
+			await queryInterface.bulkInsert(
+				'permissions',
+				permissionsData.map((permission) => ({
+					...permission,
+					created_at: new Date(),
+					updated_at: new Date(),
+				}))
+			)
+		} catch (error) {
+			console.error('Error in migration:', error)
+			throw error
+		}
+	},
+
+	async down(queryInterface, Sequelize) {
+		try {
+			// Rollback the batch insert
+			await queryInterface.bulkDelete('permissions', {
+				code: {
+					[Sequelize.Op.in]: [
+						'organization_data_update',
+						'organization_append_relatedOrg',
+						'organization_remove_relatedOrg',
+					],
+				},
+			})
+		} catch (error) {
+			console.error('Error rolling back migration:', error)
+			throw error
+		}
+	},
+}
diff --git a/src/database/migrations/20240313134927-add-admin-role-permission-mapping-for-related-orgs-apis.js b/src/database/migrations/20240313134927-add-admin-role-permission-mapping-for-related-orgs-apis.js
@@ -0,0 +1,118 @@
+'use strict'
+
+/** @type {import('sequelize-cli').Migration} */
+
+require('module-alias/register')
+require('dotenv').config()
+const common = require('@constants/common')
+const Permissions = require('@database/models/index').Permission
+const rolePermission = require('@database/models/index').RolePermission
+
+const getPermissionId = async (module, request_type, api_path) => {
+	try {
+		const permission = await Permissions.findOne({
+			where: { module, request_type, api_path },
+		})
+		if (!permission) {
+			throw new Error(
+				`Permission not found for module: ${module}, request_type: ${request_type}, api_path: ${api_path}`
+			)
+		}
+		return permission.id
+	} catch (error) {
+		throw new Error(`Error while fetching permission: ${error.message}`)
+	}
+}
+
+module.exports = {
+	async up(queryInterface, Sequelize) {
+		try {
+			const rolePermissionsData = await Promise.all([
+				{
+					role_title: common.ADMIN_ROLE,
+					permission_id: await getPermissionId('organization', ['POST'], 'user/v1/organization/update/*'),
+					module: 'organization',
+					request_type: ['POST'],
+					api_path: 'user/v1/organization/update/*',
+				},
+				{
+					role_title: common.ADMIN_ROLE,
+					permission_id: await getPermissionId(
+						'organization',
+						['POST'],
+						'user/v1/organization/addRelatedOrg/*'
+					),
+					module: 'organization',
+					request_type: ['POST'],
+					api_path: 'user/v1/organization/addRelatedOrg/*',
+				},
+				{
+					role_title: common.ADMIN_ROLE,
+					permission_id: await getPermissionId(
+						'organization',
+						['POST'],
+						'user/v1/organization/removeRelatedOrg/*'
+					),
+					module: 'organization',
+					request_type: ['POST'],
+					api_path: 'user/v1/organization/removeRelatedOrg/*',
+				},
+			])
+
+			await queryInterface.bulkInsert(
+				'role_permission_mapping',
+				rolePermissionsData.map((data) => ({
+					...data,
+					created_at: new Date(),
+					updated_at: new Date(),
+					created_by: 0,
+				}))
+			)
+		} catch (error) {
+			console.log(error)
+			console.error(`Migration error: ${error.message}`)
+			throw error
+		}
+	},
+
+	async down(queryInterface, Sequelize) {
+		try {
+			// Array of objects representing data to be deleted
+			const dataToDelete = [
+				{
+					role_title: common.ADMIN_ROLE,
+					module: 'organization',
+					request_type: ['POST'],
+					api_path: 'user/v1/organization/update/*',
+				},
+				{
+					role_title: common.ADMIN_ROLE,
+					module: 'organization',
+					request_type: ['POST'],
+					api_path: 'user/v1/organization/addRelatedOrg/*',
+				},
+				{
+					role_title: common.ADMIN_ROLE,
+					module: 'organization',
+					request_type: ['POST'],
+					api_path: 'user/v1/organization/removeRelatedOrg/*',
+				},
+			]
+
+			// Delete records based on each object's criteria
+			for (const item of dataToDelete) {
+				const permissionId = await getPermissionId(item.module, item.request_type, item.api_path)
+
+				await queryInterface.bulkDelete('role_permission_mapping', {
+					role_title: item.role_title,
+					permission_id: permissionId,
+					module: item.module,
+					api_path: item.api_path,
+				})
+			}
+		} catch (error) {
+			console.error('Error rolling back migration:', error)
+			throw error
+		}
+	},
+}
diff --git a/src/envVariables.js b/src/envVariables.js
@@ -232,6 +232,11 @@ let enviromentVariables = {
 		optional: true,
 		default: 'generic_invite',
 	},
+	ALLOWED_HOST: {
+		message: 'Required CORS allowed host',
+		optional: true,
+		default: '*',
+	},
 }
 
 let success = true
diff --git a/src/locales/en.json b/src/locales/en.json
@@ -112,5 +112,6 @@
 	"ROLE_NOT_DELETED": "Roles not deleted",
 	"ROLES_HAS_EMPTY_LIST": "Empty roles list",
 	"COLUMN_DOES_NOT_EXISTS": "Role column does not exists",
-	"PERMISSION_DENIED": "You do not have the required permissions to access this resource. Please contact your administrator for assistance."
+	"PERMISSION_DENIED": "You do not have the required permissions to access this resource. Please contact your administrator for assistance.",
+	"RELATED_ORG_REMOVAL_FAILED": "Requested organization not related the organization. Please check the values."
 }
diff --git a/src/services/account.js b/src/services/account.js
@@ -895,8 +895,30 @@ module.exports = class AccountHelper {
 			delete user.password
 			delete user.otpInfo
 
+			let defaultOrg = await organizationQueries.findOne(
+				{ code: process.env.DEFAULT_ORGANISATION_CODE },
+				{ attributes: ['id'] }
+			)
+			let defaultOrgId = defaultOrg.id
+			const modelName = await userQueries.getModelName()
+
+			let validationData = await entityTypeQueries.findUserEntityTypesAndEntities({
+				status: 'ACTIVE',
+				organization_id: {
+					[Op.in]: [user.organization_id, defaultOrgId],
+				},
+				model_names: { [Op.contains]: [modelName] },
+			})
+
+			const prunedEntities = removeDefaultOrgEntityTypes(validationData, user.organization_id)
+			user = utils.processDbResponse(user, prunedEntities)
+
 			// Check if user and user.image exist, then fetch a downloadable URL for the image
-			if (user && user.image) user.image = await utils.getDownloadableUrl(user.image)
+			if (user && user.image) {
+				user.image = await utils.getDownloadableUrl(user.image)
+			}
+			user.email = plaintextEmailId
+
 			const result = { access_token: accessToken, refresh_token: refreshToken, user }
 			return responses.successResponse({
 				statusCode: httpStatusCode.ok,
diff --git a/src/services/organization.js b/src/services/organization.js

Original file line number	Diff line number	Diff line change
`@@ -112,5 +112,6 @@`
`112`	`112`	`"ROLE_NOT_DELETED": "Roles not deleted",`
`113`	`113`	`"ROLES_HAS_EMPTY_LIST": "Empty roles list",`
`114`	`114`	`"COLUMN_DOES_NOT_EXISTS": "Role column does not exists",`
`115`		`- "PERMISSION_DENIED": "You do not have the required permissions to access this resource. Please contact your administrator for assistance."`
	`115`	`+ "PERMISSION_DENIED": "You do not have the required permissions to access this resource. Please contact your administrator for assistance.",`
	`116`	`+ "RELATED_ORG_REMOVAL_FAILED": "Requested organization not related the organization. Please check the values."`
`116`	`117`	`}`