diff --git a/admin/.eslintignore b/admin/.eslintignore index 94934f9e7..e19e2338d 100644 --- a/admin/.eslintignore +++ b/admin/.eslintignore @@ -1,3 +1,3 @@ node_modules/ -dist/ +build/ coverage/ \ No newline at end of file diff --git a/admin/.gitignore b/admin/.gitignore index a67d270bc..3bc7bb4b2 100644 --- a/admin/.gitignore +++ b/admin/.gitignore @@ -1,5 +1,5 @@ node_modules/ -dist/ +build/ .cache/ /.env diff --git a/admin/Dockerfile b/admin/Dockerfile index ed0623a63..029339f10 100644 --- a/admin/Dockerfile +++ b/admin/Dockerfile @@ -84,7 +84,7 @@ CMD /bin/sh -c "yarn run dev" FROM base as production # Copy "binary"-files from build image -COPY --from=build ${DOCKER_WORKDIR}/dist ./dist +COPY --from=build ${DOCKER_WORKDIR}/build ./build # We also copy the node_modules express and serve-static for the run script COPY --from=build ${DOCKER_WORKDIR}/node_modules ./node_modules # Copy static files diff --git a/admin/package.json b/admin/package.json index 04c9a60e8..7a3b36a7a 100644 --- a/admin/package.json +++ b/admin/package.json @@ -11,7 +11,7 @@ "serve": "vue-cli-service serve --open", "build": "vue-cli-service build", "dev": "yarn run serve", - "analyse-bundle": "yarn build && webpack-bundle-analyzer dist/webpack.stats.json", + "analyse-bundle": "yarn build && webpack-bundle-analyzer build/webpack.stats.json", "lint": "eslint --max-warnings=0 --ext .js,.vue,.json .", "stylelint": "stylelint --max-warnings=0 '**/*.{scss,vue}'", "test": "cross-env TZ=UTC jest", diff --git a/admin/run/server.js b/admin/run/server.js index bccefc65c..b5078a0cf 100644 --- a/admin/run/server.js +++ b/admin/run/server.js @@ -9,10 +9,10 @@ const port = process.env.PORT || 8080 // Express Server const app = express() // Serve files -app.use(express.static(path.join(__dirname, '../dist'))) +app.use(express.static(path.join(__dirname, '../build'))) // Default to index.html app.get('*', (req, res) => { - res.sendFile(path.join(__dirname, '../dist/index.html')) + res.sendFile(path.join(__dirname, '../build/index.html')) }) app.listen(port, hostname, () => { diff --git a/admin/src/store/store.js b/admin/src/store/store.js index 7d43c8ce8..0263cf33f 100644 --- a/admin/src/store/store.js +++ b/admin/src/store/store.js @@ -37,6 +37,7 @@ export const actions = { const store = new Vuex.Store({ plugins: [ createPersistedState({ + key: 'gradido-admin', storage: window.localStorage, }), ], diff --git a/admin/vue.config.js b/admin/vue.config.js index 8cc1e4b89..a92b26419 100644 --- a/admin/vue.config.js +++ b/admin/vue.config.js @@ -49,5 +49,5 @@ module.exports = { // Enable CSS source maps. sourceMap: CONFIG.NODE_ENV !== 'production', }, - outputDir: path.resolve(__dirname, './dist'), + outputDir: path.resolve(__dirname, './build'), } diff --git a/backend/.eslintignore b/backend/.eslintignore index f6b255e92..1ae86fe5e 100644 --- a/backend/.eslintignore +++ b/backend/.eslintignore @@ -1,3 +1,4 @@ node_modules **/*.min.js -build \ No newline at end of file +build +coverage \ No newline at end of file diff --git a/backend/.eslintrc.js b/backend/.eslintrc.js index d00b9199a..798bef1e6 100644 --- a/backend/.eslintrc.js +++ b/backend/.eslintrc.js @@ -12,6 +12,8 @@ module.exports = { 'plugin:prettier/recommended', 'plugin:import/recommended', 'plugin:import/typescript', + 'plugin:security/recommended', + 'plugin:@eslint-community/eslint-comments/recommended', ], settings: { 'import/parsers': { @@ -151,6 +153,11 @@ module.exports = { 'promise/valid-params': 'warn', 'promise/prefer-await-to-callbacks': 'error', 'promise/no-multiple-resolved': 'error', + // eslint comments + '@eslint-community/eslint-comments/disable-enable-pair': ['error', { allowWholeFile: true }], + '@eslint-community/eslint-comments/no-restricted-disable': 'error', + '@eslint-community/eslint-comments/no-use': 'off', + '@eslint-community/eslint-comments/require-description': 'off', }, overrides: [ // only for ts files @@ -159,6 +166,7 @@ module.exports = { extends: [ 'plugin:@typescript-eslint/recommended', 'plugin:@typescript-eslint/recommended-requiring-type-checking', + 'plugin:@typescript-eslint/strict', 'plugin:type-graphql/recommended', ], rules: { @@ -169,6 +177,8 @@ module.exports = { '@typescript-eslint/prefer-regexp-exec': 'off', // this should not run on ts files: https://github.com/import-js/eslint-plugin-import/issues/2215#issuecomment-911245486 'import/unambiguous': 'off', + // this is not compatible with typeorm, due to joined tables can be null, but are not defined as nullable + '@typescript-eslint/no-unnecessary-condition': 'off', }, parserOptions: { tsconfigRootDir: __dirname, diff --git a/backend/jest.config.js b/backend/jest.config.js index ca12668fa..3b251916a 100644 --- a/backend/jest.config.js +++ b/backend/jest.config.js @@ -7,7 +7,7 @@ module.exports = { collectCoverageFrom: ['src/**/*.ts', '!**/node_modules/**', '!src/seeds/**', '!build/**'], coverageThreshold: { global: { - lines: 85, + lines: 86, }, }, setupFiles: ['/test/testSetup.ts'], diff --git a/backend/package.json b/backend/package.json index c5e0df3c5..8a8d14e00 100644 --- a/backend/package.json +++ b/backend/package.json @@ -46,6 +46,7 @@ "uuid": "^8.3.2" }, "devDependencies": { + "@eslint-community/eslint-plugin-eslint-comments": "^3.2.1", "@types/email-templates": "^10.0.1", "@types/express": "^4.17.12", "@types/faker": "^5.5.9", @@ -68,6 +69,7 @@ "eslint-plugin-n": "^15.7.0", "eslint-plugin-prettier": "^4.2.1", "eslint-plugin-promise": "^6.1.1", + "eslint-plugin-security": "^1.7.1", "eslint-plugin-type-graphql": "^1.0.0", "faker": "^5.5.3", "graphql-tag": "^2.12.6", diff --git a/backend/src/apis/HttpRequest.ts b/backend/src/apis/HttpRequest.ts index f40d577bd..27578463a 100644 --- a/backend/src/apis/HttpRequest.ts +++ b/backend/src/apis/HttpRequest.ts @@ -7,7 +7,6 @@ import axios from 'axios' import { LogError } from '@/server/LogError' import { backendLogger as logger } from '@/server/logger' -// eslint-disable-next-line @typescript-eslint/no-explicit-any export const apiPost = async (url: string, payload: unknown): Promise => { logger.trace('POST', url, payload) try { @@ -25,7 +24,6 @@ export const apiPost = async (url: string, payload: unknown): Promise => { } } -// eslint-disable-next-line @typescript-eslint/no-explicit-any export const apiGet = async (url: string): Promise => { logger.trace('GET: url=' + url) try { diff --git a/backend/src/apis/KlicktippController.ts b/backend/src/apis/KlicktippController.ts index a4b5b6be7..a2a8f86cb 100644 --- a/backend/src/apis/KlicktippController.ts +++ b/backend/src/apis/KlicktippController.ts @@ -12,7 +12,7 @@ import KlicktippConnector from 'klicktipp-api' const klicktippConnector = new KlicktippConnector() -export const klicktippSignIn = async ( +export const subscribe = async ( email: string, language: string, firstName?: string, @@ -28,13 +28,6 @@ export const klicktippSignIn = async ( return result } -export const signout = async (email: string, language: string): Promise => { - if (!CONFIG.KLICKTIPP) return true - const apiKey = language === 'de' ? CONFIG.KLICKTIPP_APIKEY_DE : CONFIG.KLICKTIPP_APIKEY_EN - const result = await klicktippConnector.signoff(apiKey, email) - return result -} - export const unsubscribe = async (email: string): Promise => { if (!CONFIG.KLICKTIPP) return true const isLogin = await loginKlicktippUser() @@ -60,38 +53,6 @@ export const loginKlicktippUser = async (): Promise => { return await klicktippConnector.login(CONFIG.KLICKTIPP_USER, CONFIG.KLICKTIPP_PASSWORD) } -export const logoutKlicktippUser = async (): Promise => { - if (!CONFIG.KLICKTIPP) return true - return await klicktippConnector.logout() -} - -export const untagUser = async (email: string, tagId: string): Promise => { - if (!CONFIG.KLICKTIPP) return true - const isLogin = await loginKlicktippUser() - if (isLogin) { - return await klicktippConnector.untag(email, tagId) - } - return false -} - -export const tagUser = async (email: string, tagIds: string): Promise => { - if (!CONFIG.KLICKTIPP) return true - const isLogin = await loginKlicktippUser() - if (isLogin) { - return await klicktippConnector.tag(email, tagIds) - } - return false -} - -export const getKlicktippTagMap = async () => { - if (!CONFIG.KLICKTIPP) return true - const isLogin = await loginKlicktippUser() - if (isLogin) { - return await klicktippConnector.tagIndex() - } - return '' -} - export const addFieldsToSubscriber = async ( email: string, fields: any = {}, diff --git a/backend/src/auth/JWT.ts b/backend/src/auth/JWT.ts index 75a69cd0c..90e6947ba 100644 --- a/backend/src/auth/JWT.ts +++ b/backend/src/auth/JWT.ts @@ -8,7 +8,7 @@ import { CustomJwtPayload } from './CustomJwtPayload' export const decode = (token: string): CustomJwtPayload | null => { if (!token) throw new LogError('401 Unauthorized') try { - return verify(token, CONFIG.JWT_SECRET) + return verify(token, CONFIG.JWT_SECRET) as CustomJwtPayload } catch (err) { return null } diff --git a/backend/src/config/index.ts b/backend/src/config/index.ts index fc88011ea..8d1ed8ae6 100644 --- a/backend/src/config/index.ts +++ b/backend/src/config/index.ts @@ -12,11 +12,11 @@ Decimal.set({ }) const constants = { - DB_VERSION: '0065-refactor_communities_table', + DB_VERSION: '0066-x-community-sendcoins-transactions_table', DECAY_START_TIME: new Date('2021-05-13 17:46:31-0000'), // GMT+0 LOG4JS_CONFIG: 'log4js-config.json', // default log level on production should be info - LOG_LEVEL: process.env.LOG_LEVEL || 'info', + LOG_LEVEL: process.env.LOG_LEVEL ?? 'info', CONFIG_VERSION: { DEFAULT: 'DEFAULT', EXPECTED: 'v15.2023-02-07', @@ -25,67 +25,67 @@ const constants = { } const server = { - PORT: process.env.PORT || 4000, - JWT_SECRET: process.env.JWT_SECRET || 'secret123', - JWT_EXPIRES_IN: process.env.JWT_EXPIRES_IN || '10m', + PORT: process.env.PORT ?? 4000, + JWT_SECRET: process.env.JWT_SECRET ?? 'secret123', + JWT_EXPIRES_IN: process.env.JWT_EXPIRES_IN ?? '10m', GRAPHIQL: process.env.GRAPHIQL === 'true' || false, - GDT_API_URL: process.env.GDT_API_URL || 'https://gdt.gradido.net', + GDT_API_URL: process.env.GDT_API_URL ?? 'https://gdt.gradido.net', PRODUCTION: process.env.NODE_ENV === 'production' || false, } const database = { - DB_HOST: process.env.DB_HOST || 'localhost', + DB_HOST: process.env.DB_HOST ?? 'localhost', DB_PORT: process.env.DB_PORT ? parseInt(process.env.DB_PORT) : 3306, - DB_USER: process.env.DB_USER || 'root', - DB_PASSWORD: process.env.DB_PASSWORD || '', - DB_DATABASE: process.env.DB_DATABASE || 'gradido_community', - TYPEORM_LOGGING_RELATIVE_PATH: process.env.TYPEORM_LOGGING_RELATIVE_PATH || 'typeorm.backend.log', + DB_USER: process.env.DB_USER ?? 'root', + DB_PASSWORD: process.env.DB_PASSWORD ?? '', + DB_DATABASE: process.env.DB_DATABASE ?? 'gradido_community', + TYPEORM_LOGGING_RELATIVE_PATH: process.env.TYPEORM_LOGGING_RELATIVE_PATH ?? 'typeorm.backend.log', } const klicktipp = { KLICKTIPP: process.env.KLICKTIPP === 'true' || false, - KLICKTTIPP_API_URL: process.env.KLICKTIPP_API_URL || 'https://api.klicktipp.com', - KLICKTIPP_USER: process.env.KLICKTIPP_USER || 'gradido_test', - KLICKTIPP_PASSWORD: process.env.KLICKTIPP_PASSWORD || 'secret321', - KLICKTIPP_APIKEY_DE: process.env.KLICKTIPP_APIKEY_DE || 'SomeFakeKeyDE', - KLICKTIPP_APIKEY_EN: process.env.KLICKTIPP_APIKEY_EN || 'SomeFakeKeyEN', + KLICKTTIPP_API_URL: process.env.KLICKTIPP_API_URL ?? 'https://api.klicktipp.com', + KLICKTIPP_USER: process.env.KLICKTIPP_USER ?? 'gradido_test', + KLICKTIPP_PASSWORD: process.env.KLICKTIPP_PASSWORD ?? 'secret321', + KLICKTIPP_APIKEY_DE: process.env.KLICKTIPP_APIKEY_DE ?? 'SomeFakeKeyDE', + KLICKTIPP_APIKEY_EN: process.env.KLICKTIPP_APIKEY_EN ?? 'SomeFakeKeyEN', } const community = { - COMMUNITY_NAME: process.env.COMMUNITY_NAME || 'Gradido Entwicklung', - COMMUNITY_URL: process.env.COMMUNITY_URL || 'http://localhost/', - COMMUNITY_REGISTER_URL: process.env.COMMUNITY_REGISTER_URL || 'http://localhost/register', - COMMUNITY_REDEEM_URL: process.env.COMMUNITY_REDEEM_URL || 'http://localhost/redeem/{code}', + COMMUNITY_NAME: process.env.COMMUNITY_NAME ?? 'Gradido Entwicklung', + COMMUNITY_URL: process.env.COMMUNITY_URL ?? 'http://localhost/', + COMMUNITY_REGISTER_URL: process.env.COMMUNITY_REGISTER_URL ?? 'http://localhost/register', + COMMUNITY_REDEEM_URL: process.env.COMMUNITY_REDEEM_URL ?? 'http://localhost/redeem/{code}', COMMUNITY_REDEEM_CONTRIBUTION_URL: - process.env.COMMUNITY_REDEEM_CONTRIBUTION_URL || 'http://localhost/redeem/CL-{code}', + process.env.COMMUNITY_REDEEM_CONTRIBUTION_URL ?? 'http://localhost/redeem/CL-{code}', COMMUNITY_DESCRIPTION: - process.env.COMMUNITY_DESCRIPTION || 'Die lokale Entwicklungsumgebung von Gradido.', - COMMUNITY_SUPPORT_MAIL: process.env.COMMUNITY_SUPPORT_MAIL || 'support@supportmail.com', + process.env.COMMUNITY_DESCRIPTION ?? 'Die lokale Entwicklungsumgebung von Gradido.', + COMMUNITY_SUPPORT_MAIL: process.env.COMMUNITY_SUPPORT_MAIL ?? 'support@supportmail.com', } const loginServer = { - LOGIN_APP_SECRET: process.env.LOGIN_APP_SECRET || '21ffbbc616fe', - LOGIN_SERVER_KEY: process.env.LOGIN_SERVER_KEY || 'a51ef8ac7ef1abf162fb7a65261acd7a', + LOGIN_APP_SECRET: process.env.LOGIN_APP_SECRET ?? '21ffbbc616fe', + LOGIN_SERVER_KEY: process.env.LOGIN_SERVER_KEY ?? 'a51ef8ac7ef1abf162fb7a65261acd7a', } const email = { EMAIL: process.env.EMAIL === 'true' || false, EMAIL_TEST_MODUS: process.env.EMAIL_TEST_MODUS === 'true' || false, - EMAIL_TEST_RECEIVER: process.env.EMAIL_TEST_RECEIVER || 'stage1@gradido.net', - EMAIL_USERNAME: process.env.EMAIL_USERNAME || '', - EMAIL_SENDER: process.env.EMAIL_SENDER || 'info@gradido.net', - EMAIL_PASSWORD: process.env.EMAIL_PASSWORD || '', - EMAIL_SMTP_URL: process.env.EMAIL_SMTP_URL || 'mailserver', + EMAIL_TEST_RECEIVER: process.env.EMAIL_TEST_RECEIVER ?? 'stage1@gradido.net', + EMAIL_USERNAME: process.env.EMAIL_USERNAME ?? '', + EMAIL_SENDER: process.env.EMAIL_SENDER ?? 'info@gradido.net', + EMAIL_PASSWORD: process.env.EMAIL_PASSWORD ?? '', + EMAIL_SMTP_URL: process.env.EMAIL_SMTP_URL ?? 'mailserver', EMAIL_SMTP_PORT: Number(process.env.EMAIL_SMTP_PORT) || 1025, // eslint-disable-next-line no-unneeded-ternary EMAIL_TLS: process.env.EMAIL_TLS === 'false' ? false : true, EMAIL_LINK_VERIFICATION: - process.env.EMAIL_LINK_VERIFICATION || 'http://localhost/checkEmail/{optin}{code}', + process.env.EMAIL_LINK_VERIFICATION ?? 'http://localhost/checkEmail/{optin}{code}', EMAIL_LINK_SETPASSWORD: - process.env.EMAIL_LINK_SETPASSWORD || 'http://localhost/reset-password/{optin}', + process.env.EMAIL_LINK_SETPASSWORD ?? 'http://localhost/reset-password/{optin}', EMAIL_LINK_FORGOTPASSWORD: - process.env.EMAIL_LINK_FORGOTPASSWORD || 'http://localhost/forgot-password', - EMAIL_LINK_OVERVIEW: process.env.EMAIL_LINK_OVERVIEW || 'http://localhost/overview', + process.env.EMAIL_LINK_FORGOTPASSWORD ?? 'http://localhost/forgot-password', + EMAIL_LINK_OVERVIEW: process.env.EMAIL_LINK_OVERVIEW ?? 'http://localhost/overview', // time in minutes a optin code is valid EMAIL_CODE_VALID_TIME: process.env.EMAIL_CODE_VALID_TIME ? parseInt(process.env.EMAIL_CODE_VALID_TIME) || 1440 @@ -98,14 +98,14 @@ const email = { const webhook = { // Elopage - WEBHOOK_ELOPAGE_SECRET: process.env.WEBHOOK_ELOPAGE_SECRET || 'secret', + WEBHOOK_ELOPAGE_SECRET: process.env.WEBHOOK_ELOPAGE_SECRET ?? 'secret', } // This is needed by graphql-directive-auth process.env.APP_SECRET = server.JWT_SECRET // Check config version -constants.CONFIG_VERSION.CURRENT = process.env.CONFIG_VERSION || constants.CONFIG_VERSION.DEFAULT +constants.CONFIG_VERSION.CURRENT = process.env.CONFIG_VERSION ?? constants.CONFIG_VERSION.DEFAULT if ( ![constants.CONFIG_VERSION.EXPECTED, constants.CONFIG_VERSION.DEFAULT].includes( constants.CONFIG_VERSION.CURRENT, diff --git a/backend/src/federation/client/1_0/FederationClient.ts b/backend/src/federation/client/1_0/FederationClient.ts deleted file mode 100644 index 743d17348..000000000 --- a/backend/src/federation/client/1_0/FederationClient.ts +++ /dev/null @@ -1,44 +0,0 @@ -/* eslint-disable @typescript-eslint/no-unsafe-member-access */ -/* eslint-disable @typescript-eslint/no-unsafe-return */ -/* eslint-disable @typescript-eslint/no-unsafe-assignment */ -import { FederatedCommunity as DbFederatedCommunity } from '@entity/FederatedCommunity' -import { gql } from 'graphql-request' - -import { GraphQLGetClient } from '@/federation/client/GraphQLGetClient' -import { LogError } from '@/server/LogError' -import { backendLogger as logger } from '@/server/logger' - -export async function requestGetPublicKey( - dbCom: DbFederatedCommunity, -): Promise { - let endpoint = dbCom.endPoint.endsWith('/') ? dbCom.endPoint : dbCom.endPoint + '/' - endpoint = `${endpoint}${dbCom.apiVersion}/` - logger.info(`requestGetPublicKey with endpoint='${endpoint}'...`) - - const graphQLClient = GraphQLGetClient.getInstance(endpoint) - logger.debug(`graphQLClient=${JSON.stringify(graphQLClient)}`) - const query = gql` - query { - getPublicKey { - publicKey - } - } - ` - const variables = {} - - try { - const { data, errors, extensions, headers, status } = await graphQLClient.rawRequest( - query, - variables, - ) - logger.debug(`Response-Data:`, data, errors, extensions, headers, status) - if (data) { - logger.debug(`Response-PublicKey:`, data.getPublicKey.publicKey) - logger.info(`requestGetPublicKey processed successfully`) - return data.getPublicKey.publicKey - } - logger.warn(`requestGetPublicKey processed without response data`) - } catch (err) { - throw new LogError(`Request-Error:`, err) - } -} diff --git a/backend/src/federation/client/1_1/FederationClient.ts b/backend/src/federation/client/1_1/FederationClient.ts deleted file mode 100644 index 35c88bf3b..000000000 --- a/backend/src/federation/client/1_1/FederationClient.ts +++ /dev/null @@ -1,44 +0,0 @@ -/* eslint-disable @typescript-eslint/no-unsafe-return */ -/* eslint-disable @typescript-eslint/no-unsafe-assignment */ -/* eslint-disable @typescript-eslint/no-unsafe-member-access */ -import { FederatedCommunity as DbFederatedCommunity } from '@entity/FederatedCommunity' -import { gql } from 'graphql-request' - -import { GraphQLGetClient } from '@/federation/client/GraphQLGetClient' -import { LogError } from '@/server/LogError' -import { backendLogger as logger } from '@/server/logger' - -export async function requestGetPublicKey( - dbCom: DbFederatedCommunity, -): Promise { - let endpoint = dbCom.endPoint.endsWith('/') ? dbCom.endPoint : dbCom.endPoint + '/' - endpoint = `${endpoint}${dbCom.apiVersion}/` - logger.info(`requestGetPublicKey with endpoint='${endpoint}'...`) - - const graphQLClient = GraphQLGetClient.getInstance(endpoint) - logger.debug(`graphQLClient=${JSON.stringify(graphQLClient)}`) - const query = gql` - query { - getPublicKey { - publicKey - } - } - ` - const variables = {} - - try { - const { data, errors, extensions, headers, status } = await graphQLClient.rawRequest( - query, - variables, - ) - logger.debug(`Response-Data:`, data, errors, extensions, headers, status) - if (data) { - logger.debug(`Response-PublicKey:`, data.getPublicKey.publicKey) - logger.info(`requestGetPublicKey processed successfully`) - return data.getPublicKey.publicKey - } - logger.warn(`requestGetPublicKey processed without response data`) - } catch (err) { - throw new LogError(`Request-Error:`, err) - } -} diff --git a/backend/src/federation/client/Client.ts b/backend/src/federation/client/Client.ts new file mode 100644 index 000000000..98f63c127 --- /dev/null +++ b/backend/src/federation/client/Client.ts @@ -0,0 +1,58 @@ +import { FederatedCommunity as DbFederatedCommunity } from '@entity/FederatedCommunity' + +import { ApiVersionType } from '@/federation/enum/apiVersionType' + +// eslint-disable-next-line camelcase +import { Client_1_0 } from './Client_1_0' +// eslint-disable-next-line camelcase +import { Client_1_1 } from './Client_1_1' + +// eslint-disable-next-line camelcase +type FederationClient = Client_1_0 | Client_1_1 + +interface ClientInstance { + id: number + // eslint-disable-next-line no-use-before-define + client: FederationClient +} + +// eslint-disable-next-line @typescript-eslint/no-extraneous-class +export class Client { + private static instanceArray: ClientInstance[] = [] + + /** + * The Singleton's constructor should always be private to prevent direct + * construction calls with the `new` operator. + */ + // eslint-disable-next-line no-useless-constructor, @typescript-eslint/no-empty-function + private constructor() {} + + private static createFederationClient = (dbCom: DbFederatedCommunity) => { + switch (dbCom.apiVersion) { + case ApiVersionType.V1_0: + return new Client_1_0(dbCom) + case ApiVersionType.V1_1: + return new Client_1_1(dbCom) + default: + return null + } + } + + /** + * The static method that controls the access to the singleton instance. + * + * This implementation let you subclass the Singleton class while keeping + * just one instance of each subclass around. + */ + public static getInstance(dbCom: DbFederatedCommunity): FederationClient | null { + const instance = Client.instanceArray.find((instance) => instance.id === dbCom.id) + if (instance) { + return instance.client + } + const client = Client.createFederationClient(dbCom) + if (client) { + Client.instanceArray.push({ id: dbCom.id, client } as ClientInstance) + } + return client + } +} diff --git a/backend/src/federation/client/Client_1_0.ts b/backend/src/federation/client/Client_1_0.ts new file mode 100644 index 000000000..fd2f941a3 --- /dev/null +++ b/backend/src/federation/client/Client_1_0.ts @@ -0,0 +1,46 @@ +import { FederatedCommunity as DbFederatedCommunity } from '@entity/FederatedCommunity' +import { GraphQLClient } from 'graphql-request' + +import { getPublicKey } from '@/federation/query/getPublicKey' +import { LogError } from '@/server/LogError' +import { backendLogger as logger } from '@/server/logger' + +// eslint-disable-next-line camelcase +export class Client_1_0 { + dbCom: DbFederatedCommunity + endpoint: string + client: GraphQLClient + + constructor(dbCom: DbFederatedCommunity) { + this.dbCom = dbCom + this.endpoint = `${dbCom.endPoint.endsWith('/') ? dbCom.endPoint : dbCom.endPoint + '/'}${ + dbCom.apiVersion + }/` + this.client = new GraphQLClient(this.endpoint, { + method: 'GET', + jsonSerializer: { + parse: JSON.parse, + stringify: JSON.stringify, + }, + }) + } + + getPublicKey = async (): Promise => { + logger.info(`requestGetPublicKey with endpoint='${this.endpoint}'...`) + try { + // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment + const { data, errors, headers, status } = await this.client.rawRequest(getPublicKey, {}) + logger.debug('Response-Data:', data, errors, headers, status) + if (data) { + // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access + logger.debug('Response-PublicKey:', data.getPublicKey.publicKey) + logger.info(`requestGetPublicKey processed successfully`) + // eslint-disable-next-line @typescript-eslint/no-unsafe-return, @typescript-eslint/no-unsafe-member-access + return data.getPublicKey.publicKey + } + logger.warn(`requestGetPublicKey processed without response data`) + } catch (err) { + throw new LogError(`Request-Error:`, err) + } + } +} diff --git a/backend/src/federation/client/Client_1_1.ts b/backend/src/federation/client/Client_1_1.ts new file mode 100644 index 000000000..8525acc5d --- /dev/null +++ b/backend/src/federation/client/Client_1_1.ts @@ -0,0 +1,5 @@ +// eslint-disable-next-line camelcase +import { Client_1_0 } from './Client_1_0' + +// eslint-disable-next-line camelcase +export class Client_1_1 extends Client_1_0 {} diff --git a/backend/src/federation/client/GraphQLGetClient.ts b/backend/src/federation/client/GraphQLGetClient.ts deleted file mode 100644 index 2f5281532..000000000 --- a/backend/src/federation/client/GraphQLGetClient.ts +++ /dev/null @@ -1,43 +0,0 @@ -import { GraphQLClient } from 'graphql-request' -import { PatchedRequestInit } from 'graphql-request/dist/types' - -type ClientInstance = { - url: string - // eslint-disable-next-line no-use-before-define - client: GraphQLGetClient -} - -export class GraphQLGetClient extends GraphQLClient { - private static instanceArray: ClientInstance[] = [] - - /** - * The Singleton's constructor should always be private to prevent direct - * construction calls with the `new` operator. - */ - // eslint-disable-next-line no-useless-constructor - private constructor(url: string, options?: PatchedRequestInit) { - super(url, options) - } - - /** - * The static method that controls the access to the singleton instance. - * - * This implementation let you subclass the Singleton class while keeping - * just one instance of each subclass around. - */ - public static getInstance(url: string): GraphQLGetClient { - const instance = GraphQLGetClient.instanceArray.find((instance) => instance.url === url) - if (instance) { - return instance.client - } - const client = new GraphQLGetClient(url, { - method: 'GET', - jsonSerializer: { - parse: JSON.parse, - stringify: JSON.stringify, - }, - }) - GraphQLGetClient.instanceArray.push({ url, client } as ClientInstance) - return client - } -} diff --git a/backend/src/federation/query/getPublicKey.ts b/backend/src/federation/query/getPublicKey.ts new file mode 100644 index 000000000..a772a0cf1 --- /dev/null +++ b/backend/src/federation/query/getPublicKey.ts @@ -0,0 +1,9 @@ +import { gql } from 'graphql-request' + +export const getPublicKey = gql` + query { + getPublicKey { + publicKey + } + } +` diff --git a/backend/src/federation/validateCommunities.ts b/backend/src/federation/validateCommunities.ts index b38f38ee9..c0a8036a0 100644 --- a/backend/src/federation/validateCommunities.ts +++ b/backend/src/federation/validateCommunities.ts @@ -6,10 +6,7 @@ import { FederatedCommunity as DbFederatedCommunity } from '@entity/FederatedCom import { LogError } from '@/server/LogError' import { backendLogger as logger } from '@/server/logger' -// eslint-disable-next-line camelcase -import { requestGetPublicKey as v1_0_requestGetPublicKey } from './client/1_0/FederationClient' -// eslint-disable-next-line camelcase -import { requestGetPublicKey as v1_1_requestGetPublicKey } from './client/1_1/FederationClient' +import { Client } from './client/Client' import { ApiVersionType } from './enum/apiVersionType' export function startValidateCommunities(timerInterval: number): void { @@ -41,7 +38,7 @@ export async function validateCommunities(): Promise { `Federation: validate publicKey for dbCom: ${dbCom.id} with apiVersion=${dbCom.apiVersion}`, ) try { - const pubKey = await invokeVersionedRequestGetPublicKey(dbCom) + const pubKey = await Client.getInstance(dbCom)?.getPublicKey() logger.info( 'Federation: received publicKey from endpoint', pubKey, @@ -54,13 +51,13 @@ export async function validateCommunities(): Promise { } else { logger.warn( `Federation: received not matching publicKey -> received: ${ - pubKey || 'null' + pubKey ?? 'null' }, expected: ${dbCom.publicKey.toString()} `, ) // DbCommunity.delete({ id: dbCom.id }) } } catch (err) { - if (!isLogError(err)) { + if (!(err instanceof LogError)) { logger.error(`Error:`, err) } } @@ -72,20 +69,3 @@ export async function validateCommunities(): Promise { } } } - -function isLogError(err: unknown) { - return err instanceof LogError -} - -async function invokeVersionedRequestGetPublicKey( - dbCom: DbFederatedCommunity, -): Promise { - switch (dbCom.apiVersion) { - case ApiVersionType.V1_0: - return v1_0_requestGetPublicKey(dbCom) - case ApiVersionType.V1_1: - return v1_1_requestGetPublicKey(dbCom) - default: - return undefined - } -} diff --git a/backend/src/graphql/arg/UpdateUserInfosArgs.ts b/backend/src/graphql/arg/UpdateUserInfosArgs.ts index 2f9df8dd7..e57d4ec82 100644 --- a/backend/src/graphql/arg/UpdateUserInfosArgs.ts +++ b/backend/src/graphql/arg/UpdateUserInfosArgs.ts @@ -8,6 +8,9 @@ export class UpdateUserInfosArgs { @Field({ nullable: true }) lastName?: string + @Field({ nullable: true }) + alias?: string + @Field({ nullable: true }) language?: string diff --git a/backend/src/graphql/directive/isAuthorized.ts b/backend/src/graphql/directive/isAuthorized.ts index b8595a2bd..8f4c6e22c 100644 --- a/backend/src/graphql/directive/isAuthorized.ts +++ b/backend/src/graphql/directive/isAuthorized.ts @@ -12,7 +12,7 @@ export const isAuthorized: AuthChecker = async ({ context }, rights) => context.role = ROLE_UNAUTHORIZED // unauthorized user // is rights an inalienable right? - if ((rights).reduce((acc, right) => acc && INALIENABLE_RIGHTS.includes(right), true)) + if ((rights as RIGHTS[]).reduce((acc, right) => acc && INALIENABLE_RIGHTS.includes(right), true)) return true // Do we have a token? @@ -43,7 +43,7 @@ export const isAuthorized: AuthChecker = async ({ context }, rights) => } // check for correct rights - const missingRights = (rights).filter((right) => !context.role?.hasRight(right)) + const missingRights = (rights as RIGHTS[]).filter((right) => !context.role?.hasRight(right)) if (missingRights.length !== 0) { throw new LogError('401 Unauthorized') } diff --git a/backend/src/graphql/model/Balance.ts b/backend/src/graphql/model/Balance.ts index 162ccc3c0..d992677b1 100644 --- a/backend/src/graphql/model/Balance.ts +++ b/backend/src/graphql/model/Balance.ts @@ -10,7 +10,7 @@ export class Balance { linkCount: number }) { this.balance = data.balance - this.balanceGDT = data.balanceGDT || null + this.balanceGDT = data.balanceGDT ?? null this.count = data.count this.linkCount = data.linkCount } diff --git a/backend/src/graphql/model/Transaction.ts b/backend/src/graphql/model/Transaction.ts index 3334dea84..bfc96089b 100644 --- a/backend/src/graphql/model/Transaction.ts +++ b/backend/src/graphql/model/Transaction.ts @@ -43,13 +43,12 @@ export class Transaction { this.memo = transaction.memo this.creationDate = transaction.creationDate this.linkedUser = linkedUser - this.linkedTransactionId = transaction.linkedTransactionId || null + this.linkedTransactionId = transaction.linkedTransactionId ?? null this.linkId = transaction.contribution ? transaction.contribution.contributionLinkId - : transaction.transactionLinkId || null + : transaction.transactionLinkId ?? null this.previousBalance = - (transaction.previousTransaction && - transaction.previousTransaction.balance.toDecimalPlaces(2, Decimal.ROUND_DOWN)) || + transaction.previousTransaction?.balance.toDecimalPlaces(2, Decimal.ROUND_DOWN) ?? new Decimal(0) } diff --git a/backend/src/graphql/resolver/BalanceResolver.ts b/backend/src/graphql/resolver/BalanceResolver.ts index deedb9dff..c8fdacdcf 100644 --- a/backend/src/graphql/resolver/BalanceResolver.ts +++ b/backend/src/graphql/resolver/BalanceResolver.ts @@ -70,7 +70,10 @@ export class BalanceResolver { now, ) logger.info( - `calculatedDecay(balance=${lastTransaction.balance}, balanceDate=${lastTransaction.balanceDate})=${calculatedDecay}`, + 'calculatedDecay', + lastTransaction.balance, + lastTransaction.balanceDate, + calculatedDecay, ) // The final balance is reduced by the link amount withheld @@ -96,9 +99,7 @@ export class BalanceResolver { count, linkCount, }) - logger.info( - `new Balance(balance=${balance}, balanceGDT=${balanceGDT}, count=${count}, linkCount=${linkCount}) = ${newBalance}`, - ) + logger.info('new Balance', balance, balanceGDT, count, linkCount, newBalance) return newBalance } diff --git a/backend/src/graphql/resolver/ContributionResolver.test.ts b/backend/src/graphql/resolver/ContributionResolver.test.ts index 17c739fcb..d4c84b4f3 100644 --- a/backend/src/graphql/resolver/ContributionResolver.test.ts +++ b/backend/src/graphql/resolver/ContributionResolver.test.ts @@ -66,7 +66,7 @@ let testEnv: { query: ApolloServerTestClient['query'] con: Connection } -let creation: Contribution | void +let creation: Contribution | null let admin: User let pendingContribution: any let inProgressContribution: any @@ -2071,7 +2071,7 @@ describe('ContributionResolver', () => { mutate({ mutation: updateContribution, variables: { - contributionId: (adminContribution && adminContribution.id) || -1, + contributionId: adminContribution?.id ?? -1, amount: 100.0, memo: 'Test Test Test', creationDate: new Date().toString(), @@ -2565,8 +2565,8 @@ describe('ContributionResolver', () => { }) describe('confirm two creations one after the other quickly', () => { - let c1: Contribution | void - let c2: Contribution | void + let c1: Contribution | null + let c2: Contribution | null beforeAll(async () => { const now = new Date() diff --git a/backend/src/graphql/resolver/ContributionResolver.ts b/backend/src/graphql/resolver/ContributionResolver.ts index 1884fecc4..fa1590523 100644 --- a/backend/src/graphql/resolver/ContributionResolver.ts +++ b/backend/src/graphql/resolver/ContributionResolver.ts @@ -43,6 +43,7 @@ import { LogError } from '@/server/LogError' import { backendLogger as logger } from '@/server/logger' import { calculateDecay } from '@/util/decay' import { TRANSACTIONS_LOCK } from '@/util/TRANSACTIONS_LOCK' +import { fullName } from '@/util/utilities' import { MEMO_MAX_CHARS, MEMO_MIN_CHARS } from './const/const' import { @@ -269,7 +270,7 @@ export class ContributionResolver { withDeleted: true, relations: ['user'], }) - if (!emailContact || !emailContact.user) { + if (!emailContact?.user) { throw new LogError('Could not find user', email) } if (emailContact.deletedAt || emailContact.user.deletedAt) { @@ -500,6 +501,8 @@ export class ContributionResolver { transaction.typeId = TransactionTypeId.CREATION transaction.memo = contribution.memo transaction.userId = contribution.userId + transaction.userGradidoID = user.gradidoID + transaction.userName = fullName(user.firstName, user.lastName) transaction.previous = lastTransaction ? lastTransaction.id : null transaction.amount = contribution.amount transaction.creationDate = contribution.contributionDate diff --git a/backend/src/graphql/resolver/KlicktippResolver.ts b/backend/src/graphql/resolver/KlicktippResolver.ts index 6875abcc5..81290bdb6 100644 --- a/backend/src/graphql/resolver/KlicktippResolver.ts +++ b/backend/src/graphql/resolver/KlicktippResolver.ts @@ -1,6 +1,6 @@ import { Resolver, Authorized, Mutation, Ctx } from 'type-graphql' -import { unsubscribe, klicktippSignIn } from '@/apis/KlicktippController' +import { unsubscribe, subscribe } from '@/apis/KlicktippController' import { RIGHTS } from '@/auth/RIGHTS' import { EVENT_NEWSLETTER_SUBSCRIBE, EVENT_NEWSLETTER_UNSUBSCRIBE } from '@/event/Events' import { Context, getUser } from '@/server/context' @@ -20,6 +20,6 @@ export class KlicktippResolver { async subscribeNewsletter(@Ctx() context: Context): Promise { const user = getUser(context) await EVENT_NEWSLETTER_SUBSCRIBE(user) - return klicktippSignIn(user.emailContact.email, user.language) + return subscribe(user.emailContact.email, user.language) } } diff --git a/backend/src/graphql/resolver/TransactionLinkResolver.test.ts b/backend/src/graphql/resolver/TransactionLinkResolver.test.ts index 04df0dc86..3c6ba31ab 100644 --- a/backend/src/graphql/resolver/TransactionLinkResolver.test.ts +++ b/backend/src/graphql/resolver/TransactionLinkResolver.test.ts @@ -817,8 +817,8 @@ describe('TransactionLinkResolver', () => { const bibisTransaktionLinks = transactionLinks.filter( (transactionLink) => transactionLink.email === 'bibi@bloxberg.de', ) - for (let i = 0; i < bibisTransaktionLinks.length; i++) { - await transactionLinkFactory(testEnv, bibisTransaktionLinks[i]) + for (const bibisTransaktionLink of bibisTransaktionLinks) { + await transactionLinkFactory(testEnv, bibisTransaktionLink) } // admin: only now log in @@ -1040,6 +1040,7 @@ describe('TransactionLinkResolver', () => { }) it('returns a string that ends with the hex value of date', () => { + // eslint-disable-next-line security/detect-non-literal-regexp const regexp = new RegExp(date.getTime().toString(16) + '$') expect(transactionLinkCode(date)).toEqual(expect.stringMatching(regexp)) }) diff --git a/backend/src/graphql/resolver/TransactionLinkResolver.ts b/backend/src/graphql/resolver/TransactionLinkResolver.ts index ab322a50b..d6649814a 100644 --- a/backend/src/graphql/resolver/TransactionLinkResolver.ts +++ b/backend/src/graphql/resolver/TransactionLinkResolver.ts @@ -34,6 +34,7 @@ import { LogError } from '@/server/LogError' import { backendLogger as logger } from '@/server/logger' import { calculateDecay } from '@/util/decay' import { TRANSACTIONS_LOCK } from '@/util/TRANSACTIONS_LOCK' +import { fullName } from '@/util/utilities' import { calculateBalance } from '@/util/validate' import { executeTransaction } from './TransactionResolver' @@ -146,7 +147,7 @@ export class TransactionLinkResolver { const transactionLink = await DbTransactionLink.findOneOrFail({ code }, { withDeleted: true }) const user = await DbUser.findOneOrFail({ id: transactionLink.userId }) let redeemedBy: User | null = null - if (transactionLink && transactionLink.redeemedBy) { + if (transactionLink?.redeemedBy) { redeemedBy = new User(await DbUser.findOneOrFail({ id: transactionLink.redeemedBy })) } return new TransactionLink(transactionLink, new User(user), redeemedBy) @@ -266,6 +267,8 @@ export class TransactionLinkResolver { transaction.typeId = TransactionTypeId.CREATION transaction.memo = contribution.memo transaction.userId = contribution.userId + transaction.userGradidoID = user.gradidoID + transaction.userName = fullName(user.firstName, user.lastName) transaction.previous = lastTransaction ? lastTransaction.id : null transaction.amount = contribution.amount transaction.creationDate = contribution.contributionDate diff --git a/backend/src/graphql/resolver/TransactionResolver.ts b/backend/src/graphql/resolver/TransactionResolver.ts index bda108638..3c540b1f6 100644 --- a/backend/src/graphql/resolver/TransactionResolver.ts +++ b/backend/src/graphql/resolver/TransactionResolver.ts @@ -29,6 +29,7 @@ import { LogError } from '@/server/LogError' import { backendLogger as logger } from '@/server/logger' import { communityUser } from '@/util/communityUser' import { TRANSACTIONS_LOCK } from '@/util/TRANSACTIONS_LOCK' +import { fullName } from '@/util/utilities' import { calculateBalance } from '@/util/validate' import { virtualLinkTransaction, virtualDecayTransaction } from '@/util/virtualTransactions' @@ -48,9 +49,7 @@ export const executeTransaction = async ( // acquire lock const releaseLock = await TRANSACTIONS_LOCK.acquire() try { - logger.info( - `executeTransaction(amount=${amount}, memo=${memo}, sender=${sender}, recipient=${recipient})...`, - ) + logger.info('executeTransaction', amount, memo, sender, recipient) if (sender.id === recipient.id) { throw new LogError('Sender and Recipient are the same', sender.id) @@ -87,7 +86,11 @@ export const executeTransaction = async ( transactionSend.typeId = TransactionTypeId.SEND transactionSend.memo = memo transactionSend.userId = sender.id + transactionSend.userGradidoID = sender.gradidoID + transactionSend.userName = fullName(sender.firstName, sender.lastName) transactionSend.linkedUserId = recipient.id + transactionSend.linkedUserGradidoID = recipient.gradidoID + transactionSend.linkedUserName = fullName(recipient.firstName, recipient.lastName) transactionSend.amount = amount.mul(-1) transactionSend.balance = sendBalance.balance transactionSend.balanceDate = receivedCallDate @@ -103,7 +106,11 @@ export const executeTransaction = async ( transactionReceive.typeId = TransactionTypeId.RECEIVE transactionReceive.memo = memo transactionReceive.userId = recipient.id + transactionReceive.userGradidoID = recipient.gradidoID + transactionReceive.userName = fullName(recipient.firstName, recipient.lastName) transactionReceive.linkedUserId = sender.id + transactionReceive.linkedUserGradidoID = sender.gradidoID + transactionReceive.linkedUserName = fullName(sender.firstName, sender.lastName) transactionReceive.amount = amount const receiveBalance = await calculateBalance(recipient.id, amount, receivedCallDate) transactionReceive.balance = receiveBalance ? receiveBalance.balance : amount @@ -119,10 +126,10 @@ export const executeTransaction = async ( // Save linked transaction id for send transactionSend.linkedTransactionId = transactionReceive.id await queryRunner.manager.update(dbTransaction, { id: transactionSend.id }, transactionSend) - logger.debug(`send Transaction updated: ${transactionSend}`) + logger.debug('send Transaction updated', transactionSend) if (transactionLink) { - logger.info(`transactionLink: ${transactionLink}`) + logger.info('transactionLink', transactionLink) transactionLink.redeemedAt = receivedCallDate transactionLink.redeemedBy = recipient.id await queryRunner.manager.update( @@ -271,8 +278,8 @@ export class TransactionResolver { sumAmount.mul(-1), sumHoldAvailableAmount.mul(-1), sumHoldAvailableAmount.minus(sumAmount.toString()).mul(-1), - firstDate || now, - lastDate || now, + firstDate ?? now, + lastDate ?? now, self, (userTransactions.length && userTransactions[0].balance) || new Decimal(0), ), @@ -325,9 +332,7 @@ export class TransactionResolver { } await executeTransaction(amount, memo, senderUser, recipientUser) - logger.info( - `successful executeTransaction(amount=${amount}, memo=${memo}, senderUser=${senderUser}, recipientUser=${recipientUser})`, - ) + logger.info('successful executeTransaction', amount, memo, senderUser, recipientUser) return true } } diff --git a/backend/src/graphql/resolver/UserResolver.test.ts b/backend/src/graphql/resolver/UserResolver.test.ts index 0957c8bab..7d71d74b1 100644 --- a/backend/src/graphql/resolver/UserResolver.test.ts +++ b/backend/src/graphql/resolver/UserResolver.test.ts @@ -20,6 +20,7 @@ import { ContributionLink } from '@model/ContributionLink' import { testEnvironment, headerPushMock, resetToken, cleanDB } from '@test/helpers' import { logger, i18n as localization } from '@test/testSetup' +import { subscribe } from '@/apis/KlicktippController' import { CONFIG } from '@/config' import { sendAccountActivationEmail, @@ -61,8 +62,6 @@ import { stephenHawking } from '@/seeds/users/stephen-hawking' import { printTimeDuration } from '@/util/time' import { objectValuesToArray } from '@/util/utilities' -// import { klicktippSignIn } from '@/apis/KlicktippController' - jest.mock('@/emails/sendEmailVariants', () => { const originalModule = jest.requireActual('@/emails/sendEmailVariants') return { @@ -76,15 +75,13 @@ jest.mock('@/emails/sendEmailVariants', () => { } }) -/* - jest.mock('@/apis/KlicktippController', () => { return { __esModule: true, - klicktippSignIn: jest.fn(), + subscribe: jest.fn(), + getKlickTippUser: jest.fn(), } }) -*/ let admin: User let user: User @@ -556,16 +553,14 @@ describe('UserResolver', () => { expect(newUser.password.toString()).toEqual(encryptedPass.toString()) }) - /* it('calls the klicktipp API', () => { - expect(klicktippSignIn).toBeCalledWith( - user[0].email, - user[0].language, - user[0].firstName, - user[0].lastName, + expect(subscribe).toBeCalledWith( + newUser.emailContact.email, + newUser.language, + newUser.firstName, + newUser.lastName, ) }) - */ it('returns true', () => { expect(result).toBeTruthy() @@ -1203,6 +1198,28 @@ describe('UserResolver', () => { }) }) + describe('alias', () => { + beforeEach(() => { + jest.clearAllMocks() + }) + + describe('valid alias', () => { + it('updates the user in DB', async () => { + await mutate({ + mutation: updateUserInfos, + variables: { + alias: 'bibi_Bloxberg', + }, + }) + await expect(User.findOne()).resolves.toEqual( + expect.objectContaining({ + alias: 'bibi_Bloxberg', + }), + ) + }) + }) + }) + describe('language is not valid', () => { it('throws an error', async () => { jest.clearAllMocks() diff --git a/backend/src/graphql/resolver/UserResolver.ts b/backend/src/graphql/resolver/UserResolver.ts index 23b3c6aa4..0afbfcc5a 100644 --- a/backend/src/graphql/resolver/UserResolver.ts +++ b/backend/src/graphql/resolver/UserResolver.ts @@ -35,7 +35,7 @@ import { User } from '@model/User' import { UserAdmin, SearchUsersResult } from '@model/UserAdmin' import { UserRepository } from '@repository/User' -import { klicktippSignIn } from '@/apis/KlicktippController' +import { subscribe } from '@/apis/KlicktippController' import { encode } from '@/auth/JWT' import { RIGHTS } from '@/auth/RIGHTS' import { CONFIG } from '@/config' @@ -73,6 +73,7 @@ import { getTimeDurationObject, printTimeDuration } from '@/util/time' import { FULL_CREATION_AVAILABLE } from './const/const' import { getUserCreations } from './util/creations' import { findUserByIdentifier } from './util/findUserByIdentifier' +import { validateAlias } from './util/validateAlias' // eslint-disable-next-line @typescript-eslint/no-var-requires, import/no-commonjs const random = require('random-bigint') @@ -94,7 +95,7 @@ const newEmailContact = (email: string, userId: number): DbUserContact => { emailContact.emailChecked = false emailContact.emailOptInTypeId = OptInType.EMAIL_OPT_IN_REGISTER emailContact.emailVerificationCode = random(64) - logger.debug(`newEmailContact...successful: ${emailContact}`) + logger.debug('newEmailContact...successful', emailContact) return emailContact } @@ -225,7 +226,7 @@ export class UserResolver { email = email.trim().toLowerCase() if (await checkEmailExists(email)) { const foundUser = await findUserByEmail(email) - logger.info(`DbUser.findOne(email=${email}) = ${foundUser}`) + logger.info('DbUser.findOne', email, foundUser) if (foundUser) { // ATTENTION: this logger-message will be exactly expected during tests, next line @@ -275,7 +276,7 @@ export class UserResolver { dbUser.firstName = firstName dbUser.lastName = lastName dbUser.language = language - dbUser.publisherId = publisherId || 0 + dbUser.publisherId = publisherId ?? 0 dbUser.passwordEncryptionType = PasswordEncryptionType.NO_PASSWORD logger.debug('new dbUser', dbUser) if (redeemCode) { @@ -382,7 +383,7 @@ export class UserResolver { throw new LogError('Unable to save email verification code', user.emailContact) }) - logger.info(`optInCode for ${email}=${user.emailContact}`) + logger.info('optInCode for', email, user.emailContact) void sendResetPasswordEmail({ firstName: user.firstName, @@ -468,9 +469,9 @@ export class UserResolver { // TODO do we always signUp the user? How to handle things with old users? if (userContact.emailOptInTypeId === OptInType.EMAIL_OPT_IN_REGISTER) { try { - await klicktippSignIn(userContact.email, user.language, user.firstName, user.lastName) + await subscribe(userContact.email, user.language, user.firstName, user.lastName) logger.debug( - `klicktippSignIn(${userContact.email}, ${user.language}, ${user.firstName}, ${user.lastName})`, + `subscribe(${userContact.email}, ${user.language}, ${user.firstName}, ${user.lastName})`, ) } catch (e) { logger.error('Error subscribing to klicktipp', e) @@ -486,7 +487,7 @@ export class UserResolver { async queryOptIn(@Arg('optIn') optIn: string): Promise { logger.info(`queryOptIn(${optIn})...`) const userContact = await DbUserContact.findOneOrFail({ emailVerificationCode: optIn }) - logger.debug(`found optInCode=${userContact}`) + logger.debug('found optInCode', userContact) // Code is only valid for `CONFIG.EMAIL_CODE_VALID_TIME` minutes if (!isEmailVerificationCodeValid(userContact.updatedAt || userContact.createdAt)) { throw new LogError( @@ -504,6 +505,7 @@ export class UserResolver { { firstName, lastName, + alias, language, password, passwordNew, @@ -523,6 +525,10 @@ export class UserResolver { user.lastName = lastName } + if (alias && (await validateAlias(alias))) { + user.alias = alias + } + if (language) { if (!isLanguage(language)) { throw new LogError('Given language is not a valid language', language) @@ -586,7 +592,7 @@ export class UserResolver { logger.info(`hasElopage()...`) const userEntity = getUser(context) const elopageBuys = hasElopageBuys(userEntity.emailContact.email) - logger.debug(`has ElopageBuys = ${elopageBuys}`) + logger.debug('has ElopageBuys', elopageBuys) return elopageBuys } @@ -643,7 +649,7 @@ export class UserResolver { return 'user.' + fieldName }), searchText, - filters || null, + filters ?? null, currentPage, pageSize, ) @@ -709,14 +715,14 @@ export class UserResolver { // change isAdmin switch (user.isAdmin) { case null: - if (isAdmin === true) { + if (isAdmin) { user.isAdmin = new Date() } else { throw new LogError('User is already an usual user') } break default: - if (isAdmin === false) { + if (!isAdmin) { user.isAdmin = null } else { throw new LogError('User is already admin') diff --git a/backend/src/graphql/resolver/util/creations.ts b/backend/src/graphql/resolver/util/creations.ts index 1c0c0735e..d6f0e9af4 100644 --- a/backend/src/graphql/resolver/util/creations.ts +++ b/backend/src/graphql/resolver/util/creations.ts @@ -29,10 +29,12 @@ export const validateContribution = ( throw new LogError('No information for available creations for the given date', creationDate) } + // eslint-disable-next-line security/detect-object-injection if (amount.greaterThan(creations[index].toString())) { throw new LogError( 'The amount to be created exceeds the amount still available for this month', amount, + // eslint-disable-next-line security/detect-object-injection creations[index], ) } @@ -151,6 +153,7 @@ export const updateCreations = ( if (index < 0) { throw new LogError('You cannot create GDD for a month older than the last three months') } + // eslint-disable-next-line security/detect-object-injection creations[index] = creations[index].plus(contribution.amount.toString()) return creations } @@ -169,6 +172,7 @@ export const getOpenCreations = async ( return { month: date.getMonth(), year: date.getFullYear(), + // eslint-disable-next-line security/detect-object-injection amount: creations[index], } }) diff --git a/backend/src/graphql/resolver/util/findContributions.ts b/backend/src/graphql/resolver/util/findContributions.ts index a08631e2c..28984d5b1 100644 --- a/backend/src/graphql/resolver/util/findContributions.ts +++ b/backend/src/graphql/resolver/util/findContributions.ts @@ -24,7 +24,7 @@ export const findContributions = async ( } return DbContribution.findAndCount({ where: { - ...(statusFilter && statusFilter.length && { contributionStatus: In(statusFilter) }), + ...(statusFilter?.length && { contributionStatus: In(statusFilter) }), ...(userId && { userId }), }, withDeleted, diff --git a/backend/src/graphql/resolver/util/transactionLinkList.ts b/backend/src/graphql/resolver/util/transactionLinkList.ts index 0dba5a400..ee79216c8 100644 --- a/backend/src/graphql/resolver/util/transactionLinkList.ts +++ b/backend/src/graphql/resolver/util/transactionLinkList.ts @@ -14,7 +14,7 @@ export async function transactionLinkList( filters: TransactionLinkFilters | null, user: DbUser, ): Promise { - const { withDeleted, withExpired, withRedeemed } = filters || { + const { withDeleted, withExpired, withRedeemed } = filters ?? { withDeleted: false, withExpired: false, withRedeemed: false, diff --git a/backend/src/graphql/resolver/util/validateAlias.test.ts b/backend/src/graphql/resolver/util/validateAlias.test.ts new file mode 100644 index 000000000..0cb790edb --- /dev/null +++ b/backend/src/graphql/resolver/util/validateAlias.test.ts @@ -0,0 +1,125 @@ +import { Connection } from '@dbTools/typeorm' +import { User } from '@entity/User' +import { ApolloServerTestClient } from 'apollo-server-testing' + +import { testEnvironment, cleanDB } from '@test/helpers' +import { logger, i18n as localization } from '@test/testSetup' + +import { userFactory } from '@/seeds/factory/user' +import { bibiBloxberg } from '@/seeds/users/bibi-bloxberg' + +import { validateAlias } from './validateAlias' + +let con: Connection +let testEnv: { + mutate: ApolloServerTestClient['mutate'] + query: ApolloServerTestClient['query'] + con: Connection +} + +beforeAll(async () => { + testEnv = await testEnvironment(logger, localization) + con = testEnv.con + await cleanDB() +}) + +afterAll(async () => { + await cleanDB() + await con.close() +}) + +describe('validate alias', () => { + beforeAll(() => { + jest.clearAllMocks() + }) + + describe('alias too short', () => { + it('throws and logs an error', async () => { + await expect(validateAlias('Bi')).rejects.toEqual(new Error('Given alias is too short')) + expect(logger.error).toBeCalledWith('Given alias is too short', 'Bi') + }) + }) + + describe('alias too long', () => { + it('throws and logs an error', async () => { + await expect(validateAlias('BibiBloxbergHexHexHex')).rejects.toEqual( + new Error('Given alias is too long'), + ) + expect(logger.error).toBeCalledWith('Given alias is too long', 'BibiBloxbergHexHexHex') + }) + }) + + describe('alias contains invalid characters', () => { + it('throws and logs an error', async () => { + await expect(validateAlias('Bibi.Bloxberg')).rejects.toEqual( + new Error('Invalid characters in alias'), + ) + expect(logger.error).toBeCalledWith('Invalid characters in alias', 'Bibi.Bloxberg') + }) + }) + + describe('alias is a reserved word', () => { + it('throws and logs an error', async () => { + await expect(validateAlias('admin')).rejects.toEqual(new Error('Alias is not allowed')) + expect(logger.error).toBeCalledWith('Alias is not allowed', 'admin') + }) + }) + + describe('alias is a reserved word with uppercase characters', () => { + it('throws and logs an error', async () => { + await expect(validateAlias('Admin')).rejects.toEqual(new Error('Alias is not allowed')) + expect(logger.error).toBeCalledWith('Alias is not allowed', 'Admin') + }) + }) + + describe('hyphens and underscore', () => { + describe('alias starts with underscore', () => { + it('throws and logs an error', async () => { + await expect(validateAlias('_bibi')).rejects.toEqual( + new Error('Invalid characters in alias'), + ) + expect(logger.error).toBeCalledWith('Invalid characters in alias', '_bibi') + }) + }) + + describe('alias contains two following hyphens', () => { + it('throws and logs an error', async () => { + await expect(validateAlias('bi--bi')).rejects.toEqual( + new Error('Invalid characters in alias'), + ) + expect(logger.error).toBeCalledWith('Invalid characters in alias', 'bi--bi') + }) + }) + }) + + describe('test against existing alias in database', () => { + beforeAll(async () => { + const bibi = await userFactory(testEnv, bibiBloxberg) + const user = await User.findOne({ id: bibi.id }) + if (user) { + user.alias = 'b-b' + await user.save() + } + }) + + describe('alias exists in database', () => { + it('throws and logs an error', async () => { + await expect(validateAlias('b-b')).rejects.toEqual(new Error('Alias already in use')) + expect(logger.error).toBeCalledWith('Alias already in use', 'b-b') + }) + }) + + describe('alias exists in database with in lower-case', () => { + it('throws and logs an error', async () => { + await expect(validateAlias('b-B')).rejects.toEqual(new Error('Alias already in use')) + expect(logger.error).toBeCalledWith('Alias already in use', 'b-B') + }) + }) + + describe('valid alias', () => { + it('resolves to true', async () => { + await expect(validateAlias('bibi')).resolves.toEqual(true) + }) + }) + }) +}) diff --git a/backend/src/graphql/resolver/util/validateAlias.ts b/backend/src/graphql/resolver/util/validateAlias.ts new file mode 100644 index 000000000..dcea7824c --- /dev/null +++ b/backend/src/graphql/resolver/util/validateAlias.ts @@ -0,0 +1,38 @@ +import { Raw } from '@dbTools/typeorm' +import { User as DbUser } from '@entity/User' + +import { LogError } from '@/server/LogError' + +const reservedAlias = [ + 'admin', + 'email', + 'gast', + 'gdd', + 'gradido', + 'guest', + 'home', + 'root', + 'support', + 'temp', + 'tmp', + 'tmp', + 'user', + 'usr', + 'var', +] + +export const validateAlias = async (alias: string): Promise => { + if (alias.length < 3) throw new LogError('Given alias is too short', alias) + if (alias.length > 20) throw new LogError('Given alias is too long', alias) + /* eslint-disable-next-line security/detect-unsafe-regex */ + if (!alias.match(/^[0-9A-Za-z]([_-]?[A-Za-z0-9])+$/)) + throw new LogError('Invalid characters in alias', alias) + if (reservedAlias.includes(alias.toLowerCase())) throw new LogError('Alias is not allowed', alias) + const aliasInUse = await DbUser.find({ + where: { alias: Raw((a) => `LOWER(${a}) = "${alias.toLowerCase()}"`) }, + }) + if (aliasInUse.length !== 0) { + throw new LogError('Alias already in use', alias) + } + return true +} diff --git a/backend/src/index.ts b/backend/src/index.ts index 86f78326d..6e0191155 100644 --- a/backend/src/index.ts +++ b/backend/src/index.ts @@ -13,7 +13,7 @@ async function main() { console.log(`GraphIQL available at http://localhost:${CONFIG.PORT}`) } }) - void startValidateCommunities(Number(CONFIG.FEDERATION_VALIDATE_COMMUNITY_TIMER)) + startValidateCommunities(Number(CONFIG.FEDERATION_VALIDATE_COMMUNITY_TIMER)) } main().catch((e) => { diff --git a/backend/src/middleware/klicktippMiddleware.ts b/backend/src/middleware/klicktippMiddleware.ts index 4c5f8db4f..038bd3dd3 100644 --- a/backend/src/middleware/klicktippMiddleware.ts +++ b/backend/src/middleware/klicktippMiddleware.ts @@ -10,19 +10,6 @@ import { KlickTipp } from '@model/KlickTipp' import { getKlickTippUser } from '@/apis/KlicktippController' import { klickTippLogger as logger } from '@/server/logger' -// export const klicktippRegistrationMiddleware: MiddlewareFn = async ( -// // Only for demo -// /* eslint-disable-next-line @typescript-eslint/no-unused-vars */ -// { root, args, context, info }, -// next, -// ) => { -// // Do Something here before resolver is called -// const result = await next() -// // Do Something here after resolver is completed -// await klicktippSignIn(result.email, result.language, result.firstName, result.lastName) -// return result -// } - export const klicktippNewsletterStateMiddleware: MiddlewareFn = async ( /* eslint-disable-next-line @typescript-eslint/no-unused-vars */ { root, args, context, info }, diff --git a/backend/src/seeds/graphql/mutations.ts b/backend/src/seeds/graphql/mutations.ts index 2dfe96766..22e0b1b09 100644 --- a/backend/src/seeds/graphql/mutations.ts +++ b/backend/src/seeds/graphql/mutations.ts @@ -28,6 +28,7 @@ export const updateUserInfos = gql` mutation ( $firstName: String $lastName: String + $alias: String $password: String $passwordNew: String $locale: String @@ -37,6 +38,7 @@ export const updateUserInfos = gql` updateUserInfos( firstName: $firstName lastName: $lastName + alias: $alias password: $password passwordNew: $passwordNew language: $locale diff --git a/backend/src/seeds/index.ts b/backend/src/seeds/index.ts index c2533765e..77fa51990 100644 --- a/backend/src/seeds/index.ts +++ b/backend/src/seeds/index.ts @@ -31,8 +31,8 @@ const context = { export const cleanDB = async () => { // this only works as long we do not have foreign key constraints - for (let i = 0; i < entities.length; i++) { - await resetEntity(entities[i]) + for (const entity of entities) { + await resetEntity(entity) } } @@ -54,9 +54,8 @@ const run = async () => { logger.info('##seed## clean database successful...') // seed the standard users - for (let i = 0; i < users.length; i++) { - const dbUser = await userFactory(seedClient, users[i]) - logger.info(`##seed## seed standard users[ ${i} ]= ${JSON.stringify(dbUser, null, 2)}`) + for (const user of users) { + await userFactory(seedClient, user) } logger.info('##seed## seeding all standard users successful...') @@ -73,20 +72,20 @@ const run = async () => { logger.info('##seed## seeding all random users successful...') // create GDD - for (let i = 0; i < creations.length; i++) { - await creationFactory(seedClient, creations[i]) + for (const creation of creations) { + await creationFactory(seedClient, creation) } logger.info('##seed## seeding all creations successful...') // create Transaction Links - for (let i = 0; i < transactionLinks.length; i++) { - await transactionLinkFactory(seedClient, transactionLinks[i]) + for (const transactionLink of transactionLinks) { + await transactionLinkFactory(seedClient, transactionLink) } logger.info('##seed## seeding all transactionLinks successful...') // create Contribution Links - for (let i = 0; i < contributionLinks.length; i++) { - await contributionLinkFactory(seedClient, contributionLinks[i]) + for (const contributionLink of contributionLinks) { + await contributionLinkFactory(seedClient, contributionLink) } logger.info('##seed## seeding all contributionLinks successful...') diff --git a/backend/src/server/createServer.ts b/backend/src/server/createServer.ts index 777d6dfbe..d813c541e 100644 --- a/backend/src/server/createServer.ts +++ b/backend/src/server/createServer.ts @@ -21,7 +21,11 @@ import { plugins } from './plugins' // TODO implement // import queryComplexity, { simpleEstimator, fieldConfigEstimator } from "graphql-query-complexity"; -type ServerDef = { apollo: ApolloServer; app: Express; con: Connection } +interface ServerDef { + apollo: ApolloServer + app: Express + con: Connection +} export const createServer = async ( // eslint-disable-next-line @typescript-eslint/no-explicit-any @@ -34,7 +38,7 @@ export const createServer = async ( // open mysql connection const con = await connection() - if (!con || !con.isConnected) { + if (!con?.isConnected) { logger.fatal(`Couldn't open connection to database!`) throw new Error(`Fatal: Couldn't open connection to database`) } diff --git a/backend/src/server/logger.ts b/backend/src/server/logger.ts index d1edbd8fb..0f146b7f7 100644 --- a/backend/src/server/logger.ts +++ b/backend/src/server/logger.ts @@ -7,6 +7,7 @@ import { configure, getLogger } from 'log4js' import { CONFIG } from '@/config' +// eslint-disable-next-line security/detect-non-literal-fs-filename const options = JSON.parse(readFileSync(CONFIG.LOG4JS_CONFIG, 'utf-8')) options.categories.backend.level = CONFIG.LOG_LEVEL diff --git a/backend/src/server/plugins.ts b/backend/src/server/plugins.ts index 1da062b83..3e0fc50e1 100644 --- a/backend/src/server/plugins.ts +++ b/backend/src/server/plugins.ts @@ -12,7 +12,7 @@ const setHeadersPlugin = { return { willSendResponse(requestContext: any) { const { setHeaders = [] } = requestContext.context - setHeaders.forEach(({ key, value }: { [key: string]: string }) => { + setHeaders.forEach(({ key, value }: Record) => { if (requestContext.response.http.headers.get(key)) { requestContext.response.http.headers.set(key, value) } else { @@ -27,8 +27,8 @@ const setHeadersPlugin = { const filterVariables = (variables: any) => { const vars = clonedeep(variables) - if (vars && vars.password) vars.password = '***' - if (vars && vars.passwordNew) vars.passwordNew = '***' + if (vars?.password) vars.password = '***' + if (vars?.passwordNew) vars.passwordNew = '***' return vars } diff --git a/backend/src/typeorm/DBVersion.ts b/backend/src/typeorm/DBVersion.ts index c4c8d6c78..f465069d3 100644 --- a/backend/src/typeorm/DBVersion.ts +++ b/backend/src/typeorm/DBVersion.ts @@ -14,10 +14,10 @@ const getDBVersion = async (): Promise => { const checkDBVersion = async (DB_VERSION: string): Promise => { const dbVersion = await getDBVersion() - if (!dbVersion || dbVersion.indexOf(DB_VERSION) === -1) { + if (!dbVersion?.includes(DB_VERSION)) { logger.error( `Wrong database version detected - the backend requires '${DB_VERSION}' but found '${ - dbVersion || 'None' + dbVersion ?? 'None' }`, ) return false diff --git a/backend/src/util/klicktipp.ts b/backend/src/util/klicktipp.ts index e34a9c384..a0ba3c0f7 100644 --- a/backend/src/util/klicktipp.ts +++ b/backend/src/util/klicktipp.ts @@ -11,8 +11,7 @@ export async function retrieveNotRegisteredEmails(): Promise { } const users = await User.find({ relations: ['emailContact'] }) const notRegisteredUser = [] - for (let i = 0; i < users.length; i++) { - const user = users[i] + for (const user of users) { try { await getKlickTippUser(user.emailContact.email) } catch (err) { diff --git a/backend/src/util/utilities.ts b/backend/src/util/utilities.ts index 2cf53f1e4..904c86226 100644 --- a/backend/src/util/utilities.ts +++ b/backend/src/util/utilities.ts @@ -1,11 +1,9 @@ import { Decimal } from 'decimal.js-light' import i18n from 'i18n' -export const objectValuesToArray = (obj: { [x: string]: string }): Array => { - return Object.keys(obj).map(function (key) { - return obj[key] - }) -} +export const objectValuesToArray = (obj: Record): string[] => + // eslint-disable-next-line security/detect-object-injection + Object.keys(obj).map((key) => obj[key]) export const decimalSeparatorByLanguage = (a: Decimal, language: string): string => { const rememberLocaleToRestore = i18n.getLocale() @@ -14,3 +12,6 @@ export const decimalSeparatorByLanguage = (a: Decimal, language: string): string i18n.setLocale(rememberLocaleToRestore) return result } + +export const fullName = (firstName: string, lastName: string): string => + [firstName, lastName].filter(Boolean).join(' ') diff --git a/backend/src/util/virtualTransactions.ts b/backend/src/util/virtualTransactions.ts index 5d1fbbfd3..a10e566d1 100644 --- a/backend/src/util/virtualTransactions.ts +++ b/backend/src/util/virtualTransactions.ts @@ -54,6 +54,10 @@ const virtualLinkTransaction = ( creationDate: null, contribution: null, ...defaultModelFunctions, + userGradidoID: '', + userName: null, + linkedUserGradidoID: null, + linkedUserName: null, } return new Transaction(linkDbTransaction, user) } @@ -84,6 +88,10 @@ const virtualDecayTransaction = ( creationDate: null, contribution: null, ...defaultModelFunctions, + userGradidoID: '', + userName: null, + linkedUserGradidoID: null, + linkedUserName: null, } return new Transaction(decayDbTransaction, user) } diff --git a/backend/src/webhook/elopage.ts b/backend/src/webhook/elopage.ts index f386b6e99..07e7d4ecf 100644 --- a/backend/src/webhook/elopage.ts +++ b/backend/src/webhook/elopage.ts @@ -115,6 +115,7 @@ export const elopageWebhook = async (req: any, res: any): Promise => { ) { const email = loginElopageBuy.payerEmail + // eslint-disable-next-line security/detect-unsafe-regex const VALIDATE_EMAIL = /^[a-zA-Z0-9.!#$%&?*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)*$/ const VALIDATE_NAME = /^<>&;]{2,}$/ @@ -146,7 +147,7 @@ export const elopageWebhook = async (req: any, res: any): Promise => { email, firstName, lastName, - publisherId: loginElopageBuy.publisherId || 0, // This seemed to be the default value if not set + publisherId: loginElopageBuy.publisherId ?? 0, // This seemed to be the default value if not set }) } catch (error) { // eslint-disable-next-line no-console diff --git a/backend/test/helpers.ts b/backend/test/helpers.ts index d42db959f..7f55b3c70 100644 --- a/backend/test/helpers.ts +++ b/backend/test/helpers.ts @@ -22,8 +22,8 @@ const context = { export const cleanDB = async () => { // this only works as lond we do not have foreign key constraints - for (let i = 0; i < entities.length; i++) { - await resetEntity(entities[i]) + for (const entity of entities) { + await resetEntity(entity) } } diff --git a/backend/yarn.lock b/backend/yarn.lock index 1bc8c64fd..237a265e3 100644 --- a/backend/yarn.lock +++ b/backend/yarn.lock @@ -382,6 +382,14 @@ dependencies: "@cspotcode/source-map-consumer" "0.8.0" +"@eslint-community/eslint-plugin-eslint-comments@^3.2.1": + version "3.2.1" + resolved "https://registry.yarnpkg.com/@eslint-community/eslint-plugin-eslint-comments/-/eslint-plugin-eslint-comments-3.2.1.tgz#3c65061e27f155eae3744c3b30c5a8253a959040" + integrity sha512-/HZbjIGaVO2zLlWX3gRgiHmKRVvvqrC0zVu3eXnIj1ORxoyfGSj50l0PfDfqihyZAqrDYzSMdJesXzFjvAoiLQ== + dependencies: + escape-string-regexp "^1.0.5" + ignore "^5.2.4" + "@eslint-community/eslint-utils@^4.2.0": version "4.2.0" resolved "https://registry.yarnpkg.com/@eslint-community/eslint-utils/-/eslint-utils-4.2.0.tgz#a831e6e468b4b2b5ae42bf658bea015bf10bc518" @@ -3005,6 +3013,13 @@ eslint-plugin-promise@^6.1.1: resolved "https://registry.yarnpkg.com/eslint-plugin-promise/-/eslint-plugin-promise-6.1.1.tgz#269a3e2772f62875661220631bd4dafcb4083816" integrity sha512-tjqWDwVZQo7UIPMeDReOpUgHCmCiH+ePnVT+5zVapL0uuHnegBUs2smM13CzOs2Xb5+MHMRFTs9v24yjba4Oig== +eslint-plugin-security@^1.7.1: + version "1.7.1" + resolved "https://registry.yarnpkg.com/eslint-plugin-security/-/eslint-plugin-security-1.7.1.tgz#0e9c4a471f6e4d3ca16413c7a4a51f3966ba16e4" + integrity sha512-sMStceig8AFglhhT2LqlU5r+/fn9OwsA72O5bBuQVTssPCdQAOQzL+oMn/ZcpeUY6KcNfLJArgcrsSULNjYYdQ== + dependencies: + safe-regex "^2.1.1" + eslint-plugin-type-graphql@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/eslint-plugin-type-graphql/-/eslint-plugin-type-graphql-1.0.0.tgz#d348560ed628d6ca1dfcea35a02891432daafe6b" @@ -3649,7 +3664,7 @@ graceful-fs@^4.1.6, graceful-fs@^4.2.0: integrity sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA== "gradido-database@file:../database": - version "1.19.1" + version "1.20.0" dependencies: "@types/uuid" "^8.3.4" cross-env "^7.0.3" @@ -3977,7 +3992,7 @@ ignore@^5.1.1: resolved "https://registry.yarnpkg.com/ignore/-/ignore-5.1.8.tgz#f150a8b50a34289b33e22f5889abd4d8016f0e57" integrity sha512-BMpfD7PpiETpBl/A6S498BaIJ6Y/ABT93ETbby2fP00v4EbvPBXWEoaR1UBPKs3iR53pJY7EtZk5KACI57i1Uw== -ignore@^5.2.0: +ignore@^5.2.0, ignore@^5.2.4: version "5.2.4" resolved "https://registry.yarnpkg.com/ignore/-/ignore-5.2.4.tgz#a291c0c6178ff1b960befe47fcdec301674a6324" integrity sha512-MAb38BcSbH0eHNBxn7ql2NH/kX33OkB3lZ1BNdh7ENeRChHTYsTvWrMubiIAMNS2llXEEgZ1MUOBtXChP3kaFQ== @@ -6140,6 +6155,11 @@ reflect-metadata@^0.1.13: resolved "https://registry.yarnpkg.com/reflect-metadata/-/reflect-metadata-0.1.13.tgz#67ae3ca57c972a2aa1642b10fe363fe32d49dc08" integrity sha512-Ts1Y/anZELhSsjMcU605fU9RE4Oi3p5ORujwbIKXfWa+0Zxs510Qrmrce5/Jowq3cHSZSJqBjypxmHarc+vEWg== +regexp-tree@~0.1.1: + version "0.1.27" + resolved "https://registry.yarnpkg.com/regexp-tree/-/regexp-tree-0.1.27.tgz#2198f0ef54518ffa743fe74d983b56ffd631b6cd" + integrity sha512-iETxpjK6YoRWJG5o6hXLwvjYAoW+FEZn9os0PD/b6AP6xQwsa/Y7lCVgIixBbUPMfhu+i2LtdeAqVTgGlQarfA== + regexp.prototype.flags@^1.4.3: version "1.4.3" resolved "https://registry.yarnpkg.com/regexp.prototype.flags/-/regexp.prototype.flags-1.4.3.tgz#87cab30f80f66660181a3bb7bf5981a872b367ac" @@ -6279,6 +6299,13 @@ safe-regex-test@^1.0.0: get-intrinsic "^1.1.3" is-regex "^1.1.4" +safe-regex@^2.1.1: + version "2.1.1" + resolved "https://registry.yarnpkg.com/safe-regex/-/safe-regex-2.1.1.tgz#f7128f00d056e2fe5c11e81a1324dd974aadced2" + integrity sha512-rx+x8AMzKb5Q5lQ95Zoi6ZbJqwCLkqi3XuJXp5P3rT8OEc6sZCJG5AE5dU3lsgRr/F4Bs31jSlVN+j5KrsGu9A== + dependencies: + regexp-tree "~0.1.1" + "safer-buffer@>= 2.1.2 < 3", "safer-buffer@>= 2.1.2 < 3.0.0": version "2.1.2" resolved "https://registry.yarnpkg.com/safer-buffer/-/safer-buffer-2.1.2.tgz#44fa161b0187b9549dd84bb91802f9bd8385cd6a" diff --git a/database/entity/0066-x-community-sendcoins-transactions_table/Transaction.ts b/database/entity/0066-x-community-sendcoins-transactions_table/Transaction.ts new file mode 100644 index 000000000..4220cfadc --- /dev/null +++ b/database/entity/0066-x-community-sendcoins-transactions_table/Transaction.ts @@ -0,0 +1,139 @@ +import Decimal from 'decimal.js-light' +import { BaseEntity, Entity, PrimaryGeneratedColumn, Column, OneToOne, JoinColumn } from 'typeorm' +import { DecimalTransformer } from '../../src/typeorm/DecimalTransformer' +import { Contribution } from '../Contribution' + +@Entity('transactions') +export class Transaction extends BaseEntity { + @PrimaryGeneratedColumn('increment', { unsigned: true }) + id: number + + @Column({ type: 'int', unsigned: true, unique: true, nullable: true, default: null }) + previous: number | null + + @Column({ name: 'type_id', unsigned: true, nullable: false }) + typeId: number + + @Column({ + name: 'transaction_link_id', + type: 'int', + unsigned: true, + nullable: true, + default: null, + }) + transactionLinkId?: number | null + + @Column({ + type: 'decimal', + precision: 40, + scale: 20, + nullable: false, + transformer: DecimalTransformer, + }) + amount: Decimal + + @Column({ + type: 'decimal', + precision: 40, + scale: 20, + nullable: false, + transformer: DecimalTransformer, + }) + balance: Decimal + + @Column({ + name: 'balance_date', + type: 'datetime', + default: () => 'CURRENT_TIMESTAMP', + nullable: false, + }) + balanceDate: Date + + @Column({ + type: 'decimal', + precision: 40, + scale: 20, + nullable: false, + transformer: DecimalTransformer, + }) + decay: Decimal + + @Column({ + name: 'decay_start', + type: 'datetime', + nullable: true, + default: null, + }) + decayStart: Date | null + + @Column({ length: 255, nullable: false, collation: 'utf8mb4_unicode_ci' }) + memo: string + + @Column({ name: 'creation_date', type: 'datetime', nullable: true, default: null }) + creationDate: Date | null + + @Column({ name: 'user_id', unsigned: true, nullable: false }) + userId: number + + @Column({ + name: 'user_gradido_id', + type: 'varchar', + length: 36, + nullable: false, + collation: 'utf8mb4_unicode_ci', + }) + userGradidoID: string + + @Column({ + name: 'user_name', + type: 'varchar', + length: 512, + nullable: true, + collation: 'utf8mb4_unicode_ci', + }) + userName: string | null + + @Column({ + name: 'linked_user_id', + type: 'int', + unsigned: true, + nullable: true, + default: null, + }) + linkedUserId?: number | null + + @Column({ + name: 'linked_user_gradido_id', + type: 'varchar', + length: 36, + nullable: true, + collation: 'utf8mb4_unicode_ci', + }) + linkedUserGradidoID: string | null + + @Column({ + name: 'linked_user_name', + type: 'varchar', + length: 512, + nullable: true, + collation: 'utf8mb4_unicode_ci', + }) + linkedUserName: string | null + + @Column({ + name: 'linked_transaction_id', + type: 'int', + unsigned: true, + nullable: true, + default: null, + }) + linkedTransactionId?: number | null + + @OneToOne(() => Contribution, (contribution) => contribution.transaction) + @JoinColumn({ name: 'id', referencedColumnName: 'transactionId' }) + contribution?: Contribution | null + + @OneToOne(() => Transaction) + @JoinColumn({ name: 'previous' }) + previousTransaction?: Transaction | null +} diff --git a/database/entity/Transaction.ts b/database/entity/Transaction.ts index 5365b0f70..4000e3c85 100644 --- a/database/entity/Transaction.ts +++ b/database/entity/Transaction.ts @@ -1 +1 @@ -export { Transaction } from './0036-unique_previous_in_transactions/Transaction' +export { Transaction } from './0066-x-community-sendcoins-transactions_table/Transaction' diff --git a/database/migrations/0066-x-community-sendcoins-transactions_table.ts b/database/migrations/0066-x-community-sendcoins-transactions_table.ts new file mode 100644 index 000000000..2a90f297a --- /dev/null +++ b/database/migrations/0066-x-community-sendcoins-transactions_table.ts @@ -0,0 +1,76 @@ +/* MIGRATION TO add users that have a transaction but do not exist */ + +/* eslint-disable @typescript-eslint/explicit-module-boundary-types */ +/* eslint-disable @typescript-eslint/no-explicit-any */ + +export async function upgrade(queryFn: (query: string, values?: any[]) => Promise>) { + await queryFn( + 'ALTER TABLE `transactions` MODIFY COLUMN `previous` int(10) unsigned DEFAULT NULL NULL AFTER `id`;', + ) + await queryFn( + 'ALTER TABLE `transactions` MODIFY COLUMN `type_id` int(10) DEFAULT NULL NULL AFTER `previous`;', + ) + await queryFn( + 'ALTER TABLE `transactions` MODIFY COLUMN `transaction_link_id` int(10) unsigned DEFAULT NULL NULL AFTER `type_id`;', + ) + await queryFn( + 'ALTER TABLE `transactions` MODIFY COLUMN `amount` decimal(40,20) DEFAULT NULL NULL AFTER `transaction_link_id`;', + ) + await queryFn( + 'ALTER TABLE `transactions` MODIFY COLUMN `balance` decimal(40,20) DEFAULT NULL NULL AFTER `amount`;', + ) + await queryFn( + 'ALTER TABLE `transactions` MODIFY COLUMN `balance_date` datetime(3) DEFAULT current_timestamp(3) NOT NULL AFTER `balance`;', + ) + await queryFn( + 'ALTER TABLE `transactions` MODIFY COLUMN `decay` decimal(40,20) DEFAULT NULL NULL AFTER `balance_date`;', + ) + await queryFn( + 'ALTER TABLE `transactions` MODIFY COLUMN `decay_start` datetime(3) DEFAULT NULL NULL AFTER `decay`;', + ) + await queryFn( + 'ALTER TABLE `transactions` MODIFY COLUMN `memo` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL AFTER `decay_start`;', + ) + await queryFn( + 'ALTER TABLE `transactions` MODIFY COLUMN `creation_date` datetime(3) DEFAULT NULL NULL AFTER `memo`;', + ) + await queryFn( + 'ALTER TABLE `transactions` MODIFY COLUMN `user_id` int(10) unsigned NOT NULL AFTER `creation_date`;', + ) + await queryFn( + 'ALTER TABLE `transactions` ADD COLUMN `user_gradido_id` char(36) DEFAULT NULL NULL AFTER `user_id`;', + ) + await queryFn( + 'ALTER TABLE `transactions` ADD COLUMN `user_name` varchar(512) COLLATE utf8mb4_unicode_ci DEFAULT NULL NULL AFTER `user_gradido_id`;', + ) + await queryFn( + 'ALTER TABLE `transactions` MODIFY COLUMN `linked_user_id` int(10) unsigned DEFAULT NULL NULL AFTER `user_name`;', + ) + await queryFn( + 'ALTER TABLE `transactions` ADD COLUMN `linked_user_gradido_id` char(36) DEFAULT NULL NULL AFTER `linked_user_id`;', + ) + await queryFn( + 'ALTER TABLE `transactions` ADD COLUMN `linked_user_name` varchar(512) COLLATE utf8mb4_unicode_ci DEFAULT NULL NULL AFTER `linked_user_gradido_id`;', + ) + await queryFn( + 'ALTER TABLE `transactions` MODIFY COLUMN `linked_transaction_id` int(10) DEFAULT NULL NULL AFTER `linked_user_name`;', + ) + await queryFn( + `UPDATE transactions t, users u SET t.user_gradido_id = u.gradido_id, t.user_name = concat(u.first_name, ' ', u.last_name) WHERE t.user_id = u.id and t.user_gradido_id is null;`, + ) + await queryFn( + 'ALTER TABLE `transactions` MODIFY COLUMN `user_gradido_id` char(36) NOT NULL AFTER `user_id`;', + ) + await queryFn( + `UPDATE transactions t, users u SET t.linked_user_gradido_id = u.gradido_id, t.linked_user_name = concat(u.first_name, ' ', u.last_name) WHERE t.linked_user_id = u.id and t.linked_user_gradido_id is null;`, + ) +} + +/* eslint-disable @typescript-eslint/no-empty-function */ +/* eslint-disable-next-line @typescript-eslint/no-unused-vars */ +export async function downgrade(queryFn: (query: string, values?: any[]) => Promise>) { + await queryFn('ALTER TABLE `transactions` DROP COLUMN `user_gradido_id`;') + await queryFn('ALTER TABLE `transactions` DROP COLUMN `user_name`;') + await queryFn('ALTER TABLE `transactions` DROP COLUMN `linked_user_gradido_id`;') + await queryFn('ALTER TABLE `transactions` DROP COLUMN `linked_user_name`;') +} diff --git a/deployment/bare_metal/nginx/sites-available/gradido.conf.ssl.template b/deployment/bare_metal/nginx/sites-available/gradido.conf.ssl.template index ddb0724b0..a99327745 100644 --- a/deployment/bare_metal/nginx/sites-available/gradido.conf.ssl.template +++ b/deployment/bare_metal/nginx/sites-available/gradido.conf.ssl.template @@ -117,7 +117,7 @@ server { # TODO this could be a performance optimization #location /vue { - # alias /var/www/html/gradido/frontend/dist; + # alias /var/www/html/gradido/frontend/build; # index index.html; # # location ~* \.(png)$ { diff --git a/deployment/bare_metal/nginx/sites-available/gradido.conf.template b/deployment/bare_metal/nginx/sites-available/gradido.conf.template index 42a5a1851..f6149a818 100644 --- a/deployment/bare_metal/nginx/sites-available/gradido.conf.template +++ b/deployment/bare_metal/nginx/sites-available/gradido.conf.template @@ -103,7 +103,7 @@ server { # TODO this could be a performance optimization #location /vue { - # alias /var/www/html/gradido/frontend/dist; + # alias /var/www/html/gradido/frontend/build; # index index.html; # # location ~* \.(png)$ { diff --git a/deployment/bare_metal/old/build_frontend.sh b/deployment/bare_metal/old/build_frontend.sh index 4b3a8a444..a9103c19f 100755 --- a/deployment/bare_metal/old/build_frontend.sh +++ b/deployment/bare_metal/old/build_frontend.sh @@ -15,6 +15,6 @@ export NVM_DIR="/root/.nvm" $NPM_BIN install $NPM_BIN run build # prezip for faster deliver throw nginx -cd dist +cd build find . -type f -name "*.css" -exec gzip -9 -k {} \; find . -type f -name "*.js" -exec gzip -9 -k {} \; diff --git a/deployment/bare_metal/start.sh b/deployment/bare_metal/start.sh index b30d90f19..5d5744bd6 100755 --- a/deployment/bare_metal/start.sh +++ b/deployment/bare_metal/start.sh @@ -130,6 +130,15 @@ rm -Rf $PROJECT_ROOT/admin/node_modules rm -Rf $PROJECT_ROOT/dht-node/node_modules rm -Rf $PROJECT_ROOT/federation/node_modules +# Remove build folders +# we had problems with corrupted incremtal builds +rm -Rf $PROJECT_ROOT/database/build +rm -Rf $PROJECT_ROOT/backend/build +rm -Rf $PROJECT_ROOT/frontend/build +rm -Rf $PROJECT_ROOT/admin/build +rm -Rf $PROJECT_ROOT/dht-node/build +rm -Rf $PROJECT_ROOT/federation/build + # Regenerate .env files cp -f $PROJECT_ROOT/database/.env $PROJECT_ROOT/database/.env.bak cp -f $PROJECT_ROOT/backend/.env $PROJECT_ROOT/backend/.env.bak diff --git a/dht-node/src/config/index.ts b/dht-node/src/config/index.ts index 5c4676337..eca5dbbb5 100644 --- a/dht-node/src/config/index.ts +++ b/dht-node/src/config/index.ts @@ -3,7 +3,7 @@ import dotenv from 'dotenv' dotenv.config() const constants = { - DB_VERSION: '0065-refactor_communities_table', + DB_VERSION: '0066-x-community-sendcoins-transactions_table', LOG4JS_CONFIG: 'log4js-config.json', // default log level on production should be info LOG_LEVEL: process.env.LOG_LEVEL || 'info', diff --git a/e2e-tests/cypress/support/e2e.ts b/e2e-tests/cypress/support/e2e.ts index 2f3557566..6866cae3e 100644 --- a/e2e-tests/cypress/support/e2e.ts +++ b/e2e-tests/cypress/support/e2e.ts @@ -35,6 +35,6 @@ Cypress.Commands.add('login', (email, password) => { } cy.visit('/') - window.localStorage.setItem('vuex', JSON.stringify(vuexToken)) + window.localStorage.setItem('gradido-frontend', JSON.stringify(vuexToken)) }) }) diff --git a/federation/src/config/index.ts b/federation/src/config/index.ts index 70a155d63..66d8a056c 100644 --- a/federation/src/config/index.ts +++ b/federation/src/config/index.ts @@ -11,7 +11,7 @@ Decimal.set({ */ const constants = { - DB_VERSION: '0065-refactor_communities_table', + DB_VERSION: '0066-x-community-sendcoins-transactions_table', // DECAY_START_TIME: new Date('2021-05-13 17:46:31-0000'), // GMT+0 LOG4JS_CONFIG: 'log4js-config.json', // default log level on production should be info diff --git a/federation/src/server/plugins.ts b/federation/src/server/plugins.ts index 541c68ca2..38fdfbe9f 100644 --- a/federation/src/server/plugins.ts +++ b/federation/src/server/plugins.ts @@ -23,8 +23,8 @@ const setHeadersPlugin = { const filterVariables = (variables: any) => { const vars = clonedeep(variables) - if (vars.password) vars.password = '***' - if (vars.passwordNew) vars.passwordNew = '***' + if (vars && vars.password) vars.password = '***' + if (vars && vars.passwordNew) vars.passwordNew = '***' return vars } diff --git a/frontend/.eslintignore b/frontend/.eslintignore index 94934f9e7..e19e2338d 100644 --- a/frontend/.eslintignore +++ b/frontend/.eslintignore @@ -1,3 +1,3 @@ node_modules/ -dist/ +build/ coverage/ \ No newline at end of file diff --git a/frontend/.gitignore b/frontend/.gitignore index 0a541ba06..843f840a1 100644 --- a/frontend/.gitignore +++ b/frontend/.gitignore @@ -1,6 +1,6 @@ .DS_Store node_modules/ -dist/ +build/ .cache/ npm-debug.log* yarn-debug.log* diff --git a/frontend/Dockerfile b/frontend/Dockerfile index a93199fad..1a4d8ca5c 100644 --- a/frontend/Dockerfile +++ b/frontend/Dockerfile @@ -84,7 +84,7 @@ CMD /bin/sh -c "yarn run dev" FROM base as production # Copy "binary"-files from build image -COPY --from=build ${DOCKER_WORKDIR}/dist ./dist +COPY --from=build ${DOCKER_WORKDIR}/build ./build # We also copy the node_modules express and serve-static for the run script COPY --from=build ${DOCKER_WORKDIR}/node_modules ./node_modules # Copy static files diff --git a/frontend/package.json b/frontend/package.json index f07284da6..7d89fba7c 100755 --- a/frontend/package.json +++ b/frontend/package.json @@ -7,7 +7,7 @@ "serve": "vue-cli-service serve --open", "build": "vue-cli-service build", "dev": "yarn run serve", - "analyse-bundle": "yarn build && webpack-bundle-analyzer dist/webpack.stats.json", + "analyse-bundle": "yarn build && webpack-bundle-analyzer build/webpack.stats.json", "lint": "eslint --max-warnings=0 --ext .js,.vue,.json .", "stylelint": "stylelint --max-warnings=0 '**/*.{scss,vue}'", "test": "cross-env TZ=UTC jest", diff --git a/frontend/run/server.js b/frontend/run/server.js index 7d75acba8..4a49dcd75 100644 --- a/frontend/run/server.js +++ b/frontend/run/server.js @@ -9,10 +9,10 @@ const port = process.env.PORT || 3000 // Express Server const app = express() // Serve files -app.use(express.static(path.join(__dirname, '../dist'))) +app.use(express.static(path.join(__dirname, '../build'))) // Default to index.html app.get('*', (req, res) => { - res.sendFile(path.join(__dirname, '../dist/index.html')) + res.sendFile(path.join(__dirname, '../build/index.html')) }) app.listen(port, hostname, () => { diff --git a/frontend/src/store/store.js b/frontend/src/store/store.js index 436a2d32b..f4fea20b7 100644 --- a/frontend/src/store/store.js +++ b/frontend/src/store/store.js @@ -91,6 +91,7 @@ try { store = new Vuex.Store({ plugins: [ createPersistedState({ + key: 'gradido-frontend', storage: window.localStorage, }), ], diff --git a/frontend/vue.config.js b/frontend/vue.config.js index 573f2a70b..7fb5d5fc2 100644 --- a/frontend/vue.config.js +++ b/frontend/vue.config.js @@ -64,5 +64,5 @@ module.exports = { // Enable CSS source maps. sourceMap: CONFIG.NODE_ENV !== 'production', }, - outputDir: path.resolve(__dirname, './dist'), + outputDir: path.resolve(__dirname, './build'), } diff --git a/nginx/gradido.conf b/nginx/gradido.conf index bfb079d32..403a2766b 100644 --- a/nginx/gradido.conf +++ b/nginx/gradido.conf @@ -71,7 +71,7 @@ server { # TODO this could be a performance optimization #location /vue { - # alias /var/www/html/gradido/frontend/dist; + # alias /var/www/html/gradido/frontend/build; # index index.html; # # location ~* \.(png)$ {