Merge branch 'develop' of https://github.com/credebl/credebl-platform …

…into endorser-request-and-submit Signed-off-by: tipusinghaw <tipu.singh@ayanworks.com>
credebl · Oct 7, 2023 · b612161 · b612161
2 parents df9a665 + d7c49ec
commit b612161
Show file tree

Hide file tree

Showing 18 changed files with 671 additions and 108 deletions.
diff --git a/apps/api-gateway/common/exception-handler.ts b/apps/api-gateway/common/exception-handler.ts
@@ -14,6 +14,7 @@ export class CustomExceptionFilter extends BaseExceptionFilter {
     }
 
     this.logger.error(`exception ::: ${JSON.stringify(exception)}`);
+
     if ("Cannot read properties of undefined (reading 'response')" === exception.message) {
       exception.message = 'Oops! Something went wrong. Please try again';
     }
@@ -25,9 +26,11 @@ export class CustomExceptionFilter extends BaseExceptionFilter {
         message: 'Oops! Something went wrong. Please try again',
         error: 'Oops! Something went wrong. Please try again'
       };
-    } else if (exception && exception["error"] && exception["error"].message && exception["error"].statusCode) {
+    } else if (exception && exception["error"] && exception["error"].message && (exception["error"].statusCode || exception["error"].code)) {
+
+      const statusCode = exception["error"].statusCode || exception["error"].code || status;
       errorResponse = {
-        statusCode: exception["error"].statusCode ? exception["error"].statusCode : status,
+        statusCode,
         message: exception["error"].message || 'Internal server error',
         error: exception["error"].message || 'Internal server error'
       };

diff --git a/apps/api-gateway/src/authz/authz.module.ts b/apps/api-gateway/src/authz/authz.module.ts
@@ -16,6 +16,7 @@ import { SupabaseService } from '@credebl/supabase';
 import { UserModule } from '../user/user.module';
 import { UserService } from '../user/user.service';
 import { VerificationService } from '../verification/verification.service';
+import { EcosystemService } from '../ecosystem/ecosystem.service';
 
 //import { WebhookService } from "../../../platform-service/src/webhook/webhook.service";
 
@@ -48,7 +49,8 @@ import { VerificationService } from '../verification/verification.service';
     AgentService,
     CommonService,
     UserService,
-    SupabaseService
+    SupabaseService,
+    EcosystemService
   ],
   exports: [
     PassportModule,

diff --git a/apps/api-gateway/src/authz/decorators/roles.decorator.ts b/apps/api-gateway/src/authz/decorators/roles.decorator.ts
@@ -1,9 +1,12 @@
 import { CustomDecorator } from '@nestjs/common';
 import { OrgRoles } from 'libs/org-roles/enums';
 import { SetMetadata } from '@nestjs/common';
+import { EcosystemRoles } from '@credebl/enum/enum';
 
 export const ROLES_KEY = 'roles';
+export const ECOSYSTEM_ROLES_KEY = 'ecosystem_roles';
 export const Roles = (...roles: OrgRoles[]): CustomDecorator<string> => SetMetadata(ROLES_KEY, roles);
+export const EcosystemsRoles = (...roles: EcosystemRoles[]): CustomDecorator<string> => SetMetadata(ECOSYSTEM_ROLES_KEY, roles);
 export const Permissions = (...permissions: string[]): CustomDecorator<string> => SetMetadata('permissions', permissions);
 export const Subscriptions = (...subscriptions: string[]): CustomDecorator<string> => SetMetadata('subscriptions', subscriptions);
 
diff --git a/apps/api-gateway/src/authz/guards/ecosystem-roles.guard.ts b/apps/api-gateway/src/authz/guards/ecosystem-roles.guard.ts
@@ -0,0 +1,64 @@
+import { CanActivate, ExecutionContext, Logger } from '@nestjs/common';
+
+import { HttpException } from '@nestjs/common';
+import { HttpStatus } from '@nestjs/common';
+import { Injectable } from '@nestjs/common';
+import { ECOSYSTEM_ROLES_KEY } from '../decorators/roles.decorator';
+import { Reflector } from '@nestjs/core';
+import { EcosystemService } from '../../ecosystem/ecosystem.service';
+import { EcosystemRoles } from '@credebl/enum/enum';
+
+@Injectable()
+export class EcosystemRolesGuard implements CanActivate {
+  constructor(
+    private reflector: Reflector,
+    private readonly ecosystemService: EcosystemService // Inject the service
+    ) { }            
+
+
+  private logger = new Logger('Ecosystem Role Guard');
+  async canActivate(context: ExecutionContext): Promise<boolean> {
+    const requiredRoles = this.reflector.getAllAndOverride<EcosystemRoles[]>(ECOSYSTEM_ROLES_KEY, [
+      context.getHandler(),
+      context.getClass()
+    ]);
+    const requiredRolesNames = Object.values(requiredRoles) as string[];
+
+    if (!requiredRolesNames) {
+      return true;
+    }
+
+    // Request requires org check, proceed with it
+    const req = context.switchToHttp().getRequest();
+
+    const { user } = req;
+
+    if ((req.params.orgId || req.query.orgId || req.body.orgId) 
+    && (req.params.ecosystemId || req.query.ecosystemId || req.body.ecosystemId)) {
+
+      const orgId = req.params.orgId || req.query.orgId || req.body.orgId;
+      const ecosystemId = req.params.ecosystemId || req.query.ecosystemId || req.body.ecosystemId;
+
+
+      const ecosystemOrgData = await this.ecosystemService.fetchEcosystemOrg(ecosystemId, orgId);
+
+      if (!ecosystemOrgData) {
+        throw new HttpException('Organization does not match', HttpStatus.FORBIDDEN);
+      }
+
+      const {response} = ecosystemOrgData;
+
+      user.ecosystemOrgRole = response['ecosystemRole']['name'];
+
+      if (!user.ecosystemOrgRole) {
+        throw new HttpException('Ecosystem role not match', HttpStatus.FORBIDDEN);
+      }
+
+    } else {
+      throw new HttpException('organization & ecosystem is required', HttpStatus.BAD_REQUEST);
+    }
+
+    return requiredRoles.some((role) => user.ecosystemOrgRole === role);
+
+  }
+}
diff --git a/apps/api-gateway/src/ecosystem/dtos/accept-reject-ecosysteminvitation-dto.ts b/apps/api-gateway/src/ecosystem/dtos/accept-reject-ecosysteminvitation-dto.ts
@@ -0,0 +1,22 @@
+import { IsEnum, IsNotEmpty} from 'class-validator';
+
+import { ApiProperty } from '@nestjs/swagger';
+import { Invitation } from '@credebl/enum/enum';
+import { Transform } from 'class-transformer';
+import { trim } from '@credebl/common/cast.helper';
+
+export class AcceptRejectEcosystemInvitationDto {
+
+    ecosystemId: string;
+    invitationId: string;
+    orgId: string;
+
+    @ApiProperty({
+        enum: [Invitation.ACCEPTED, Invitation.REJECTED]
+    })
+    @Transform(({ value }) => trim(value))
+    @IsNotEmpty({ message: 'Please provide valid status' })
+    @IsEnum(Invitation)
+    status: Invitation.ACCEPTED | Invitation.REJECTED;
+
+}
diff --git a/apps/api-gateway/src/ecosystem/dtos/create-ecosystem-dto.ts b/apps/api-gateway/src/ecosystem/dtos/create-ecosystem-dto.ts
@@ -29,10 +29,6 @@ export class CreateEcosystemDto {
     @IsString({ message: 'tag must be in string format.' })
     tags?: string;
 
-    @ApiPropertyOptional()
-    @IsInt({ message: 'orgId must be in number format.' })
-    orgId: number;
-
     @ApiPropertyOptional()
     @IsInt({ message: 'UserId must be in number format.' })
     userId: number;
@@ -42,5 +38,7 @@ export class CreateEcosystemDto {
     @Transform(({ value }) => trim(value))
     @IsString({ message: 'logo must be in string format.' })
     logo?: string;
+
+    orgId?: string;
   }
 
diff --git a/apps/api-gateway/src/ecosystem/dtos/get-all-sent-invitations.dto.ts b/apps/api-gateway/src/ecosystem/dtos/get-all-sent-invitations.dto.ts
@@ -0,0 +1,25 @@
+import { Transform, Type } from 'class-transformer';
+import { toNumber } from '@credebl/common/cast.helper';
+
+import { ApiProperty } from '@nestjs/swagger';
+import { IsOptional } from 'class-validator';
+
+export class GetAllEcosystemInvitationsDto {
+    @ApiProperty({ required: false, default: 1 })
+    @IsOptional()
+    @Type(() => Number)
+    @Transform(({ value }) => toNumber(value))
+    pageNumber = 1;
+
+    @ApiProperty({ required: false })
+    @IsOptional()
+    @Type(() => String)
+    search = '';
+
+    @ApiProperty({ required: false })
+    @IsOptional()
+    @Type(() => Number)
+    @Transform(({ value }) => toNumber(value))
+    pageSize = 10;
+
+}