Merge branch 'main' into secrets

Author: gugu

backend/src/app.module.ts

@@ -40,6 +40,7 @@ import { ThrottlerModule, ThrottlerGuard } from '@nestjs/throttler';
 import { SharedJobsModule } from './entities/shared-jobs/shared-jobs.module.js';
 import { TableCategoriesModule } from './entities/table-categories/table-categories.module.js';
 import { UserSecretModule } from './entities/user-secret/user-secret.module.js';
+import { SignInAuditModule } from './entities/user-sign-in-audit/sign-in-audit.module.js';
 
 @Module({
   imports: [
@@ -83,6 +84,7 @@ import { UserSecretModule } from './entities/user-secret/user-secret.module.js';
     SharedJobsModule,
     TableCategoriesModule,
     UserSecretModule,
+    SignInAuditModule,
   ],
   controllers: [AppController],
   providers: [

backend/src/common/application/global-database-context.interface.ts

@@ -52,6 +52,8 @@ import { UserSecretEntity } from '../../entities/user-secret/user-secret.entity.
 import { IUserSecretRepository } from '../../entities/user-secret/repository/user-secret-repository.interface.js';
 import { SecretAccessLogEntity } from '../../entities/secret-access-log/secret-access-log.entity.js';
 import { ISecretAccessLogRepository } from '../../entities/secret-access-log/repository/secret-access-log-repository.interface.js';
+import { SignInAuditEntity } from '../../entities/user-sign-in-audit/sign-in-audit.entity.js';
+import { ISignInAuditRepository } from '../../entities/user-sign-in-audit/repository/sign-in-audit-repository.interface.js';
 
 export interface IGlobalDatabaseContext extends IDatabaseContext {
   userRepository: Repository<UserEntity> & IUserRepository;
@@ -89,4 +91,5 @@ export interface IGlobalDatabaseContext extends IDatabaseContext {
   tableCategoriesRepository: Repository<TableCategoriesEntity> & ITableCategoriesCustomRepository;
   userSecretRepository: Repository<UserSecretEntity> & IUserSecretRepository;
   secretAccessLogRepository: Repository<SecretAccessLogEntity> & ISecretAccessLogRepository;
+  signInAuditRepository: Repository<SignInAuditEntity> & ISignInAuditRepository;
 }

backend/src/common/application/global-database-context.ts

@@ -96,6 +96,9 @@ import { userSecretRepositoryExtension } from '../../entities/user-secret/reposi
 import { SecretAccessLogEntity } from '../../entities/secret-access-log/secret-access-log.entity.js';
 import { ISecretAccessLogRepository } from '../../entities/secret-access-log/repository/secret-access-log-repository.interface.js';
 import { secretAccessLogRepositoryExtension } from '../../entities/secret-access-log/repository/secret-access-log-repository.extension.js';
+import { SignInAuditEntity } from '../../entities/user-sign-in-audit/sign-in-audit.entity.js';
+import { ISignInAuditRepository } from '../../entities/user-sign-in-audit/repository/sign-in-audit-repository.interface.js';
+import { signInAuditCustomRepositoryExtension } from '../../entities/user-sign-in-audit/repository/sign-in-audit-custom-repository-extension.js';
 
 @Injectable({ scope: Scope.REQUEST })
 export class GlobalDatabaseContext implements IGlobalDatabaseContext {
@@ -136,6 +139,7 @@ export class GlobalDatabaseContext implements IGlobalDatabaseContext {
   private _tableCategoriesRepository: Repository<TableCategoriesEntity> & ITableCategoriesCustomRepository;
   private _userSecretRepository: Repository<UserSecretEntity> & IUserSecretRepository;
   private _secretAccessLogRepository: Repository<SecretAccessLogEntity> & ISecretAccessLogRepository;
+  private _signInAuditRepository: Repository<SignInAuditEntity> & ISignInAuditRepository;
 
   public constructor(
     @Inject(BaseType.DATA_SOURCE)
@@ -230,6 +234,9 @@ export class GlobalDatabaseContext implements IGlobalDatabaseContext {
     this._secretAccessLogRepository = this.appDataSource
       .getRepository(SecretAccessLogEntity)
       .extend(secretAccessLogRepositoryExtension);
+    this._signInAuditRepository = this.appDataSource
+      .getRepository(SignInAuditEntity)
+      .extend(signInAuditCustomRepositoryExtension);
   }
 
   public get userRepository(): Repository<UserEntity> & IUserRepository {
@@ -372,6 +379,10 @@ export class GlobalDatabaseContext implements IGlobalDatabaseContext {
     return this._secretAccessLogRepository;
   }
 
+  public get signInAuditRepository(): Repository<SignInAuditEntity> & ISignInAuditRepository {
+    return this._signInAuditRepository;
+  }
+
   public startTransaction(): Promise<void> {
     this._queryRunner = this.appDataSource.createQueryRunner();
     this._queryRunner.startTransaction();

backend/src/common/data-injection.tokens.ts

@@ -178,4 +178,5 @@ export enum UseCaseType {
   UPDATE_SECRET = 'UPDATE_SECRET',
   DELETE_SECRET = 'DELETE_SECRET',
   GET_SECRET_AUDIT_LOG = 'GET_SECRET_AUDIT_LOG',
+  FIND_SIGN_IN_AUDIT_LOGS = 'FIND_SIGN_IN_AUDIT_LOGS',
 }

backend/src/entities/connection/connection.controller.ts

@@ -83,6 +83,7 @@ import {
 import { TokenValidationResult } from './use-cases/validate-connection-token.use.case.js';
 import { isTestConnectionUtil } from './utils/is-test-connection-util.js';
 import { SkipThrottle } from '@nestjs/throttler';
+import { isRedisConnectionUrl } from '@rocketadmin/shared-code/dist/src/data-access-layer/shared/create-data-access-object.js';
 
 @UseInterceptors(SentryInterceptor)
 @Controller()
@@ -243,7 +244,11 @@ export class ConnectionController {
     @UserId() userId: string,
     @MasterPassword() masterPwd: string,
   ): Promise<CreatedConnectionDTO> {
-    if (!createConnectionDto.password && !isConnectionTypeAgent(createConnectionDto.type)) {
+    if (
+      !createConnectionDto.password &&
+      !isConnectionTypeAgent(createConnectionDto.type) &&
+      !isRedisConnectionUrl(createConnectionDto.host)
+    ) {
       throw new BadRequestException(Messages.PASSWORD_MISSING);
     }
     if (createConnectionDto.masterEncryption && !masterPwd) {
@@ -709,6 +714,10 @@ export class ConnectionController {
         return errors;
       }
 
+      if (isRedisConnectionUrl(connectionData.host)) {
+        return errors;
+      }
+
       if (!connectionData.username && connectionData.type !== ConnectionTypesEnum.redis)
         errors.push(Messages.USERNAME_MISSING);
 

backend/src/entities/connection/use-cases/test-connection.use.case.ts

@@ -3,7 +3,10 @@ import { getRepository } from 'typeorm';
 import AbstractUseCase from '../../../common/abstract-use.case.js';
 import { IGlobalDatabaseContext } from '../../../common/application/global-database-context.interface.js';
 import { BaseType } from '../../../common/data-injection.tokens.js';
-import { getDataAccessObject } from '@rocketadmin/shared-code/dist/src/data-access-layer/shared/create-data-access-object.js';
+import {
+  getDataAccessObject,
+  isRedisConnectionUrl,
+} from '@rocketadmin/shared-code/dist/src/data-access-layer/shared/create-data-access-object.js';
 import { Messages } from '../../../exceptions/text/messages.js';
 import { processExceptionMessage } from '../../../exceptions/utils/process-exception-message.js';
 import { isConnectionTypeAgent, slackPostMessage } from '../../../helpers/index.js';
@@ -96,7 +99,8 @@ export class TestConnectionUseCase
         if (
           !connectionData.password &&
           (connectionData.host !== toUpdate.host || connectionData.port !== toUpdate.port) &&
-          !isConnectionTypeAgent(connectionData.type)
+          !isConnectionTypeAgent(connectionData.type) &&
+          !isRedisConnectionUrl(connectionData.host)
         ) {
           return {
             result: false,
@@ -125,7 +129,7 @@ export class TestConnectionUseCase
         };
       }
     } else {
-      if (!connectionData.password) {
+      if (!connectionData.password && !isConnectionTypeAgent(connectionData.type) && !isRedisConnectionUrl(connectionData.host)) {
         return {
           result: false,
           message: Messages.PASSWORD_MISSING,

backend/src/entities/user-sign-in-audit/dto/create-sign-in-audit-record.ds.ts

@@ -0,0 +1,12 @@
+import { SignInMethodEnum } from '../enums/sign-in-method.enum.js';
+import { SignInStatusEnum } from '../enums/sign-in-status.enum.js';
+
+export class CreateSignInAuditRecordDs {
+  email: string;
+  userId?: string;
+  status: SignInStatusEnum;
+  signInMethod: SignInMethodEnum;
+  ipAddress?: string;
+  userAgent?: string;
+  failureReason?: string;
+}

backend/src/entities/user-sign-in-audit/dto/find-sign-in-audit-logs.ds.ts

@@ -0,0 +1,17 @@
+import { SignInMethodEnum } from '../enums/sign-in-method.enum.js';
+import { SignInStatusEnum } from '../enums/sign-in-status.enum.js';
+
+export class FindSignInAuditLogsDs {
+  userId: string;
+  companyId: string;
+  query: {
+    order?: string;
+    page?: number;
+    perPage?: number;
+    dateFrom?: string;
+    dateTo?: string;
+    email?: string;
+    status?: SignInStatusEnum;
+    signInMethod?: SignInMethodEnum;
+  };
+}

backend/src/entities/user-sign-in-audit/dto/found-sign-in-audit-logs.ds.ts

@@ -0,0 +1,11 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { PaginationDs } from '../../table/application/data-structures/pagination.ds.js';
+import { FoundSignInAuditRecordDs } from './found-sign-in-audit-record.ds.js';
+
+export class FoundSignInAuditLogsDs {
+  @ApiProperty({ isArray: true, type: FoundSignInAuditRecordDs })
+  logs: Array<FoundSignInAuditRecordDs>;
+
+  @ApiProperty({ type: PaginationDs })
+  pagination: PaginationDs;
+}

backend/src/entities/user-sign-in-audit/dto/found-sign-in-audit-record.ds.ts

@@ -0,0 +1,32 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { SignInMethodEnum } from '../enums/sign-in-method.enum.js';
+import { SignInStatusEnum } from '../enums/sign-in-status.enum.js';
+
+export class FoundSignInAuditRecordDs {
+  @ApiProperty()
+  id: string;
+
+  @ApiProperty()
+  email: string;
+
+  @ApiProperty({ enum: SignInStatusEnum })
+  status: SignInStatusEnum;
+
+  @ApiProperty({ enum: SignInMethodEnum })
+  signInMethod: SignInMethodEnum;
+
+  @ApiProperty()
+  ipAddress: string;
+
+  @ApiProperty()
+  userAgent: string;
+
+  @ApiProperty()
+  failureReason: string;
+
+  @ApiProperty()
+  createdAt: Date;
+
+  @ApiProperty()
+  userId: string;
+}