* feat(rbac): Implement role based access control

-define roles and permissions for vendors and buyers -assign roles and permissions to users during registration or profile update -enforce role-based access control throughout the application -write comprehensive unit tests [Delivers #34] * feat(rbac): integrate rbac into user registration -integrate role based access control into user registration [Delivers #34] * feat(rbac): integrate rbac into user registration -integrate role based access control into user registration [Delivers #34] --------- Co-authored-by: ambroisegithub <muhayimana21@gmail.com> Social Logins (#45) * squashing commits implementing routes for auth create passport callback function adding new user from Google creating new user check if user is exist in db implementing cookie session Fix error of TypeError: req.session.regenerate is not a function using Passport fix secret keys remove Google client secret keys working on facebook strategy get email from fb login and update the scope after verification save the user into db add profile image in db fixing minor bugs fix minor bugs in codes after rebasing & updating some fts link social login with userModel Addong Google client keys & FB client key into yml send confrim email after register a new user send email after register from facebook fix minor bugs * fix minor errors * remove lints errors user register register user test register user testing fix register user testing fix register user testing fix Authentication for User Added slint changes removed mocha added new features added new features Solved comflicts changed file added changes added new Test added new Test resolved test cases resolved test cases implemented two-factor authentication for enhanced security implemented two-factor authentication for enhanced security check whether the usertype is vendor to proceed with 2FA test the 2fa authentication add new tests for buyers login bug-fixes fixing bugs to remove conflicts with develop ft-password-recover-and-documentation This PR corrects some bugs on the user password recover function and add the documentation in th swagger bug-fixes fixing bugs on the recover password endpoints ft-password-rover Thi PR add a password recover by email feature, it also have a new email templates to send recovering token to email, and finally it resolve color contrast issue on the button nside the email template ft-password-recover-and-documentation This PR corrects some bugs on the user password recover function and add the documentation in th swagger bug-fixes fixing bugs on the recover password endpoints bug-fixes bug-fixes
atlp-rwanda · May 24, 2024 · 1a1306c · 1a1306c
1 parent a0dd1cf
commit 1a1306c
Show file tree

Hide file tree

Showing 4 changed files with 29 additions and 3 deletions.
diff --git a/src/__test__/testSetup.ts b/src/__test__/testSetup.ts
@@ -1,17 +1,21 @@
 import { DbConnection } from '../database/index';
 import UserModel from '../database/models/userModel';
 import { Role } from '../database/models';
+<<<<<<< HEAD
 import Category from '../database/models/categoryEntity';
 import Product from '../database/models/productEntity';
 import request from 'supertest';
 import app from '../app';
+=======
+>>>>>>> 4979604 (* feat(rbac): Implement role based access control)
 
 export async function beforeAllHook() {
   await DbConnection.instance.initializeDb();
 
   // Get repositories
   const userRepository = await DbConnection.connection.getRepository(UserModel);
   const roleRepository = await DbConnection.connection.getRepository(Role);
+<<<<<<< HEAD
   const categoryRepository =
     await DbConnection.connection.getRepository(Category);
   const productRepository =
@@ -23,6 +27,12 @@ export async function beforeAllHook() {
     await categoryRepository.createQueryBuilder().delete().execute();
     await userRepository.createQueryBuilder().delete().execute();
     await roleRepository.createQueryBuilder().delete().execute();
+=======
+
+  // Delete all users and roles
+  await userRepository.createQueryBuilder().delete().execute();
+  await roleRepository.createQueryBuilder().delete().execute();
+>>>>>>> 4979604 (* feat(rbac): Implement role based access control)
 }
 export async function getAdminToken() {
   const userRepository = await DbConnection.connection.getRepository(UserModel);

diff --git a/src/app.ts b/src/app.ts
@@ -4,14 +4,23 @@ import morgan from 'morgan';
 import swaggerUi from 'swagger-ui-express';
 import swaggerSpec from './docs/swaggerconfig';
 import 'reflect-metadata';
+<<<<<<< HEAD
 import router from './routes/index';
+=======
+import userRoute from './routes/userRoutes';
+import roleRoutes from './routes/roleRoutes';
+>>>>>>> 4979604 (* feat(rbac): Implement role based access control)
 
 import fs from 'fs';
 import path from 'path';
 import authRoutes from './routes/auth-routes';
 import cookieSession from 'cookie-session';
 import passport from 'passport';
+<<<<<<< HEAD
 import userRouter from './routes/userRoutes';
+=======
+
+>>>>>>> 4979604 (* feat(rbac): Implement role based access control)
 // Require Passport midleware
 require('./middlewares/passport-setup');
 
@@ -24,7 +33,13 @@ const logStream = fs.createWriteStream(path.join(__dirname, 'output.log'), {
   flags: 'a',
 });
 
+<<<<<<< HEAD
 //Data Sanitation Against SQL injection
+=======
+//Data Sanitation Against SQL injection 
+
+//Data Sanitation Against SiteScripts
+>>>>>>> 4979604 (* feat(rbac): Implement role based access control)
 
 morgan.token('type', function (req: Request) {
   return req.headers['content-type'];

diff --git a/src/database/models/userModel.ts b/src/database/models/userModel.ts
@@ -36,8 +36,11 @@ export default class UserModel {
   @Column({ default: false })
   isVerified: boolean;
 
+<<<<<<< HEAD
   @Column({ default: 'active' })
   status: 'active' | 'inactive';
+=======
+>>>>>>> 4979604 (* feat(rbac): Implement role based access control)
 
   @Column({ nullable: true }) 
   twoFactorCode: number;

diff --git a/src/docs/userAuth.ts b/src/docs/userAuth.ts
@@ -1,10 +1,7 @@
 /**
  * @swagger
-<<<<<<< HEAD
  * /api/v1/user/login:
-=======
  * /api/v1/login:
->>>>>>> 4979604 (* feat(rbac): Implement role based access control)
  *   post:
  *     summary: Login user
  *     tags: [Login]
@@ -95,3 +92,4 @@
  *                   type: string
  *                   description: An error message indicating internal server error
  */
+