From 91812f822fdb0458b5d255acdb82481c7dfa2eb6 Mon Sep 17 00:00:00 2001
From: Michael Schramm <michael.schramm@gmail.com>
Date: Thu, 11 Jun 2020 10:13:12 +0200
Subject: [PATCH] add DEFAULT_ROLE and LOGIN_NOTE env variables
 https://github.com/ohmyform/ohmyform/issues/30

---
 CHANGELOG.md                             |  4 ++++
 src/resolver/setting/setting.resolver.ts |  8 +-------
 src/service/setting.service.ts           |  8 ++++++++
 src/service/user/user.create.service.ts  | 19 +++++++++++++++++++
 4 files changed, 32 insertions(+), 7 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b1c3686..0aeb3d5 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,10 @@ and this project adheres to [Semantic Versioning](http://semver.org/).
 ## [Unreleased]
  
 ### Added
+
+- `DEFAULT_ROLE` -> `admin` | `superuser` | `user` - with `user` being the default, making it possible that new users can create their own forms after creating
+- `LOGIN_NOTE` -> markdown for Login Page, to show info text on login page
+
 ### Changed
 ### Fixed
 
diff --git a/src/resolver/setting/setting.resolver.ts b/src/resolver/setting/setting.resolver.ts
index 2ed56d7..c95f772 100644
--- a/src/resolver/setting/setting.resolver.ts
+++ b/src/resolver/setting/setting.resolver.ts
@@ -1,20 +1,14 @@
 import {Injectable} from '@nestjs/common'
-import {ConfigService} from '@nestjs/config'
 import {Args, ID, Query} from '@nestjs/graphql'
 import {Roles} from '../../decorator/roles.decorator'
 import {User} from '../../decorator/user.decorator'
 import {PagerSettingModel} from '../../dto/setting/pager.setting.model'
 import {SettingModel} from '../../dto/setting/setting.model'
-import {UserModel} from '../../dto/user/user.model'
 import {UserDocument} from '../../schema/user.schema'
 import {SettingService} from '../../service/setting.service'
 
 @Injectable()
 export class SettingResolver {
-  private publicKeys: string[] = [
-    'SIGNUP_DISABLED',
-  ]
-
   constructor(
     private readonly settingService: SettingService,
   ) {
@@ -37,7 +31,7 @@ export class SettingResolver {
     @Args('key', {type: () => ID}) key: string,
     @User() user: UserDocument,
   ): Promise<SettingModel> {
-    if (!this.publicKeys.includes(key) && !user.roles.includes('superuser')) {
+    if (!this.settingService.isPublicKey(key) && !user.roles.includes('superuser')) {
       throw new Error(`no access to key ${key}`)
     }
 
diff --git a/src/service/setting.service.ts b/src/service/setting.service.ts
index e68e3c1..cc59feb 100644
--- a/src/service/setting.service.ts
+++ b/src/service/setting.service.ts
@@ -9,9 +9,17 @@ export class SettingService {
   ) {
   }
 
+  isPublicKey(key: string): boolean {
+    return [
+      'SIGNUP_DISABLED',
+      'LOGIN_NOTE',
+    ].includes(key)
+  }
+
   async getByKey(key: string): Promise<SettingModel> {
     switch (key) {
       case 'SIGNUP_DISABLED':
+      case 'LOGIN_NOTE':
         return new SettingModel(key, this.configService.get(key))
     }
 
diff --git a/src/service/user/user.create.service.ts b/src/service/user/user.create.service.ts
index 59a769b..db89e28 100644
--- a/src/service/user/user.create.service.ts
+++ b/src/service/user/user.create.service.ts
@@ -2,10 +2,12 @@ import { Injectable } from '@nestjs/common';
 import { InjectModel } from '@nestjs/mongoose';
 import { Model } from 'mongoose';
 import { PinoLogger } from 'nestjs-pino/dist';
+import {rolesType} from '../../config/roles'
 import { UserCreateInput } from '../../dto/user/user.create.input';
 import { UserDocument, UserSchemaName } from '../../schema/user.schema';
 import { PasswordService } from '../auth/password.service';
 import { MailService } from '../mail.service';
+import {SettingService} from '../setting.service'
 
 @Injectable()
 export class UserCreateService {
@@ -14,13 +16,30 @@ export class UserCreateService {
     private readonly mailerService: MailService,
     private readonly logger: PinoLogger,
     private readonly passwordService: PasswordService,
+    private readonly settingService: SettingService,
   ) {}
 
+  private async getDefaultRoles(): Promise<rolesType> {
+    const roleSetting = await this.settingService.getByKey('DEFAULT_ROLE')
+
+    switch (roleSetting.value) {
+      case 'superuser':
+        return ['superuser', 'admin', 'user']
+
+      case 'admin':
+        return ['admin', 'user']
+    }
+
+    return ['user']
+  }
+
   async create(user: UserCreateInput): Promise<UserDocument> {
     // TODO check for uniqueness of email & username!
 
+
     const entry = new this.userModel({
       ...user,
+      roles: await this.getDefaultRoles(),
       passwordHash: await this.passwordService.hash(user.password),
     })