542 lines
14 KiB
JavaScript
542 lines
14 KiB
JavaScript
|
|
const db = require('../models');
|
|
const FileDBApi = require('./file');
|
|
const crypto = require('crypto');
|
|
const Utils = require('../utils');
|
|
|
|
|
|
|
|
const Sequelize = db.Sequelize;
|
|
const Op = Sequelize.Op;
|
|
|
|
module.exports = class Security_settingsDBApi {
|
|
|
|
|
|
|
|
static async create(data, options) {
|
|
const currentUser = (options && options.currentUser) || { id: null };
|
|
const transaction = (options && options.transaction) || undefined;
|
|
|
|
const security_settings = await db.security_settings.create(
|
|
{
|
|
id: data.id || undefined,
|
|
|
|
require_mfa: data.require_mfa
|
|
||
|
|
false
|
|
|
|
,
|
|
|
|
max_failed_logins: data.max_failed_logins
|
|
||
|
|
null
|
|
,
|
|
|
|
lockout_minutes: data.lockout_minutes
|
|
||
|
|
null
|
|
,
|
|
|
|
rate_limit_per_minute: data.rate_limit_per_minute
|
|
||
|
|
null
|
|
,
|
|
|
|
hmac_secret_hint: data.hmac_secret_hint
|
|
||
|
|
null
|
|
,
|
|
|
|
rotated_at: data.rotated_at
|
|
||
|
|
null
|
|
,
|
|
|
|
importHash: data.importHash || null,
|
|
createdById: currentUser.id,
|
|
updatedById: currentUser.id,
|
|
},
|
|
{ transaction },
|
|
);
|
|
|
|
|
|
await security_settings.setRotated_by( data.rotated_by || null, {
|
|
transaction,
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
|
|
return security_settings;
|
|
}
|
|
|
|
|
|
static async bulkImport(data, options) {
|
|
const currentUser = (options && options.currentUser) || { id: null };
|
|
const transaction = (options && options.transaction) || undefined;
|
|
|
|
// Prepare data - wrapping individual data transformations in a map() method
|
|
const security_settingsData = data.map((item, index) => ({
|
|
id: item.id || undefined,
|
|
|
|
require_mfa: item.require_mfa
|
|
||
|
|
false
|
|
|
|
,
|
|
|
|
max_failed_logins: item.max_failed_logins
|
|
||
|
|
null
|
|
,
|
|
|
|
lockout_minutes: item.lockout_minutes
|
|
||
|
|
null
|
|
,
|
|
|
|
rate_limit_per_minute: item.rate_limit_per_minute
|
|
||
|
|
null
|
|
,
|
|
|
|
hmac_secret_hint: item.hmac_secret_hint
|
|
||
|
|
null
|
|
,
|
|
|
|
rotated_at: item.rotated_at
|
|
||
|
|
null
|
|
,
|
|
|
|
importHash: item.importHash || null,
|
|
createdById: currentUser.id,
|
|
updatedById: currentUser.id,
|
|
createdAt: new Date(Date.now() + index * 1000),
|
|
}));
|
|
|
|
// Bulk create items
|
|
const security_settings = await db.security_settings.bulkCreate(security_settingsData, { transaction });
|
|
|
|
// For each item created, replace relation files
|
|
|
|
|
|
return security_settings;
|
|
}
|
|
|
|
static async update(id, data, options) {
|
|
const currentUser = (options && options.currentUser) || {id: null};
|
|
const transaction = (options && options.transaction) || undefined;
|
|
|
|
|
|
const security_settings = await db.security_settings.findByPk(id, {}, {transaction});
|
|
|
|
|
|
|
|
|
|
const updatePayload = {};
|
|
|
|
if (data.require_mfa !== undefined) updatePayload.require_mfa = data.require_mfa;
|
|
|
|
|
|
if (data.max_failed_logins !== undefined) updatePayload.max_failed_logins = data.max_failed_logins;
|
|
|
|
|
|
if (data.lockout_minutes !== undefined) updatePayload.lockout_minutes = data.lockout_minutes;
|
|
|
|
|
|
if (data.rate_limit_per_minute !== undefined) updatePayload.rate_limit_per_minute = data.rate_limit_per_minute;
|
|
|
|
|
|
if (data.hmac_secret_hint !== undefined) updatePayload.hmac_secret_hint = data.hmac_secret_hint;
|
|
|
|
|
|
if (data.rotated_at !== undefined) updatePayload.rotated_at = data.rotated_at;
|
|
|
|
|
|
updatePayload.updatedById = currentUser.id;
|
|
|
|
await security_settings.update(updatePayload, {transaction});
|
|
|
|
|
|
|
|
if (data.rotated_by !== undefined) {
|
|
await security_settings.setRotated_by(
|
|
|
|
data.rotated_by,
|
|
|
|
{ transaction }
|
|
);
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
return security_settings;
|
|
}
|
|
|
|
static async deleteByIds(ids, options) {
|
|
const currentUser = (options && options.currentUser) || { id: null };
|
|
const transaction = (options && options.transaction) || undefined;
|
|
|
|
const security_settings = await db.security_settings.findAll({
|
|
where: {
|
|
id: {
|
|
[Op.in]: ids,
|
|
},
|
|
},
|
|
transaction,
|
|
});
|
|
|
|
await db.sequelize.transaction(async (transaction) => {
|
|
for (const record of security_settings) {
|
|
await record.update(
|
|
{deletedBy: currentUser.id},
|
|
{transaction}
|
|
);
|
|
}
|
|
for (const record of security_settings) {
|
|
await record.destroy({transaction});
|
|
}
|
|
});
|
|
|
|
|
|
return security_settings;
|
|
}
|
|
|
|
static async remove(id, options) {
|
|
const currentUser = (options && options.currentUser) || {id: null};
|
|
const transaction = (options && options.transaction) || undefined;
|
|
|
|
const security_settings = await db.security_settings.findByPk(id, options);
|
|
|
|
await security_settings.update({
|
|
deletedBy: currentUser.id
|
|
}, {
|
|
transaction,
|
|
});
|
|
|
|
await security_settings.destroy({
|
|
transaction
|
|
});
|
|
|
|
return security_settings;
|
|
}
|
|
|
|
static async findBy(where, options) {
|
|
const transaction = (options && options.transaction) || undefined;
|
|
|
|
const security_settings = await db.security_settings.findOne(
|
|
{ where },
|
|
{ transaction },
|
|
);
|
|
|
|
if (!security_settings) {
|
|
return security_settings;
|
|
}
|
|
|
|
const output = security_settings.get({plain: true});
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
output.rotated_by = await security_settings.getRotated_by({
|
|
transaction
|
|
});
|
|
|
|
|
|
|
|
return output;
|
|
}
|
|
|
|
static async findAll(
|
|
filter,
|
|
options
|
|
) {
|
|
const limit = filter.limit || 0;
|
|
let offset = 0;
|
|
let where = {};
|
|
const currentPage = +filter.page;
|
|
|
|
|
|
|
|
|
|
|
|
offset = currentPage * limit;
|
|
|
|
const orderBy = null;
|
|
|
|
const transaction = (options && options.transaction) || undefined;
|
|
|
|
let include = [
|
|
|
|
{
|
|
model: db.users,
|
|
as: 'rotated_by',
|
|
|
|
where: filter.rotated_by ? {
|
|
[Op.or]: [
|
|
{ id: { [Op.in]: filter.rotated_by.split('|').map(term => Utils.uuid(term)) } },
|
|
{
|
|
firstName: {
|
|
[Op.or]: filter.rotated_by.split('|').map(term => ({ [Op.iLike]: `%${term}%` }))
|
|
}
|
|
},
|
|
]
|
|
} : {},
|
|
|
|
},
|
|
|
|
|
|
|
|
];
|
|
|
|
if (filter) {
|
|
if (filter.id) {
|
|
where = {
|
|
...where,
|
|
['id']: Utils.uuid(filter.id),
|
|
};
|
|
}
|
|
|
|
|
|
if (filter.hmac_secret_hint) {
|
|
where = {
|
|
...where,
|
|
[Op.and]: Utils.ilike(
|
|
'security_settings',
|
|
'hmac_secret_hint',
|
|
filter.hmac_secret_hint,
|
|
),
|
|
};
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (filter.max_failed_loginsRange) {
|
|
const [start, end] = filter.max_failed_loginsRange;
|
|
|
|
if (start !== undefined && start !== null && start !== '') {
|
|
where = {
|
|
...where,
|
|
max_failed_logins: {
|
|
...where.max_failed_logins,
|
|
[Op.gte]: start,
|
|
},
|
|
};
|
|
}
|
|
|
|
if (end !== undefined && end !== null && end !== '') {
|
|
where = {
|
|
...where,
|
|
max_failed_logins: {
|
|
...where.max_failed_logins,
|
|
[Op.lte]: end,
|
|
},
|
|
};
|
|
}
|
|
}
|
|
|
|
if (filter.lockout_minutesRange) {
|
|
const [start, end] = filter.lockout_minutesRange;
|
|
|
|
if (start !== undefined && start !== null && start !== '') {
|
|
where = {
|
|
...where,
|
|
lockout_minutes: {
|
|
...where.lockout_minutes,
|
|
[Op.gte]: start,
|
|
},
|
|
};
|
|
}
|
|
|
|
if (end !== undefined && end !== null && end !== '') {
|
|
where = {
|
|
...where,
|
|
lockout_minutes: {
|
|
...where.lockout_minutes,
|
|
[Op.lte]: end,
|
|
},
|
|
};
|
|
}
|
|
}
|
|
|
|
if (filter.rate_limit_per_minuteRange) {
|
|
const [start, end] = filter.rate_limit_per_minuteRange;
|
|
|
|
if (start !== undefined && start !== null && start !== '') {
|
|
where = {
|
|
...where,
|
|
rate_limit_per_minute: {
|
|
...where.rate_limit_per_minute,
|
|
[Op.gte]: start,
|
|
},
|
|
};
|
|
}
|
|
|
|
if (end !== undefined && end !== null && end !== '') {
|
|
where = {
|
|
...where,
|
|
rate_limit_per_minute: {
|
|
...where.rate_limit_per_minute,
|
|
[Op.lte]: end,
|
|
},
|
|
};
|
|
}
|
|
}
|
|
|
|
if (filter.rotated_atRange) {
|
|
const [start, end] = filter.rotated_atRange;
|
|
|
|
if (start !== undefined && start !== null && start !== '') {
|
|
where = {
|
|
...where,
|
|
rotated_at: {
|
|
...where.rotated_at,
|
|
[Op.gte]: start,
|
|
},
|
|
};
|
|
}
|
|
|
|
if (end !== undefined && end !== null && end !== '') {
|
|
where = {
|
|
...where,
|
|
rotated_at: {
|
|
...where.rotated_at,
|
|
[Op.lte]: end,
|
|
},
|
|
};
|
|
}
|
|
}
|
|
|
|
|
|
if (filter.active !== undefined) {
|
|
where = {
|
|
...where,
|
|
active: filter.active === true || filter.active === 'true'
|
|
};
|
|
}
|
|
|
|
|
|
if (filter.require_mfa) {
|
|
where = {
|
|
...where,
|
|
require_mfa: filter.require_mfa,
|
|
};
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (filter.createdAtRange) {
|
|
const [start, end] = filter.createdAtRange;
|
|
|
|
if (start !== undefined && start !== null && start !== '') {
|
|
where = {
|
|
...where,
|
|
['createdAt']: {
|
|
...where.createdAt,
|
|
[Op.gte]: start,
|
|
},
|
|
};
|
|
}
|
|
|
|
if (end !== undefined && end !== null && end !== '') {
|
|
where = {
|
|
...where,
|
|
['createdAt']: {
|
|
...where.createdAt,
|
|
[Op.lte]: end,
|
|
},
|
|
};
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
|
|
|
|
const queryOptions = {
|
|
where,
|
|
include,
|
|
distinct: true,
|
|
order: filter.field && filter.sort
|
|
? [[filter.field, filter.sort]]
|
|
: [['createdAt', 'desc']],
|
|
transaction: options?.transaction,
|
|
logging: console.log
|
|
};
|
|
|
|
if (!options?.countOnly) {
|
|
queryOptions.limit = limit ? Number(limit) : undefined;
|
|
queryOptions.offset = offset ? Number(offset) : undefined;
|
|
}
|
|
|
|
try {
|
|
const { rows, count } = await db.security_settings.findAndCountAll(queryOptions);
|
|
|
|
return {
|
|
rows: options?.countOnly ? [] : rows,
|
|
count: count
|
|
};
|
|
} catch (error) {
|
|
console.error('Error executing query:', error);
|
|
throw error;
|
|
}
|
|
}
|
|
|
|
static async findAllAutocomplete(query, limit, offset, ) {
|
|
let where = {};
|
|
|
|
|
|
|
|
if (query) {
|
|
where = {
|
|
[Op.or]: [
|
|
{ ['id']: Utils.uuid(query) },
|
|
Utils.ilike(
|
|
'security_settings',
|
|
'hmac_secret_hint',
|
|
query,
|
|
),
|
|
],
|
|
};
|
|
}
|
|
|
|
const records = await db.security_settings.findAll({
|
|
attributes: [ 'id', 'hmac_secret_hint' ],
|
|
where,
|
|
limit: limit ? Number(limit) : undefined,
|
|
offset: offset ? Number(offset) : undefined,
|
|
orderBy: [['hmac_secret_hint', 'ASC']],
|
|
});
|
|
|
|
return records.map((record) => ({
|
|
id: record.id,
|
|
label: record.hmac_secret_hint,
|
|
}));
|
|
}
|
|
|
|
|
|
};
|
|
|