Merge pull request #17 from foyzulkarim/feature/rbac/resource-management

Role and Resource Management Implementation

Author: foyzulkarim

src/domains/index.js

@@ -3,13 +3,15 @@ const userRoutes = require('./user');
 const repositoryRoutes = require('./repository');
 const prRoutes = require('./pull');
 const roleRoutes = require('./role');
+const resourceRoutes = require('./resource');
 
 const defineRoutes = async (expressRouter) => {
   productRoutes(expressRouter);
   userRoutes(expressRouter);
   repositoryRoutes(expressRouter);
   prRoutes(expressRouter);
   roleRoutes(expressRouter);
+  resourceRoutes(expressRouter);
 };
 
 module.exports = defineRoutes;

src/domains/resource/api.js

@@ -0,0 +1,127 @@
+const express = require('express');
+const logger = require('../../libraries/log/logger');
+const { AppError } = require('../../libraries/error-handling/AppError');
+
+const {
+  create,
+  search,
+  count,
+  getById,
+  updateById,
+  deleteById,
+} = require('./service');
+
+const {
+  createSchema,
+  updateSchema,
+  idSchema,
+  searchSchema,
+} = require('./request');
+const { validateRequest } = require('../../middlewares/request-validate');
+const { logRequest } = require('../../middlewares/log');
+const { isAuthorized } = require('../../middlewares/auth/authorization');
+
+const model = 'Resource';
+
+const routes = () => {
+  const router = express.Router();
+  logger.info(`Setting up routes for ${model}`);
+
+  router.get(
+    '/search',
+    logRequest({}),
+    validateRequest({ schema: searchSchema, isQuery: true }),
+    async (req, res, next) => {
+      try {
+        const items = await search(req.query);
+        res.json(items);
+      } catch (error) {
+        next(error);
+      }
+    }
+  );
+
+  router.get(
+    '/count',
+    logRequest({}),
+    validateRequest({ schema: searchSchema, isQuery: true }),
+    async (req, res, next) => {
+      try {
+        const total = await count(req.query);
+        res.json({ total });
+      } catch (error) {
+        next(error);
+      }
+    }
+  );
+
+  router.post(
+    '/',
+    logRequest({}),
+    isAuthorized,
+    validateRequest({ schema: createSchema }),
+    async (req, res, next) => {
+      try {
+        const item = await create(req.body);
+        res.status(201).json(item);
+      } catch (error) {
+        next(error);
+      }
+    }
+  );
+
+  router.get(
+    '/:id',
+    logRequest({}),
+    validateRequest({ schema: idSchema, isParam: true }),
+    async (req, res, next) => {
+      try {
+        const item = await getById(req.params.id);
+        if (!item) {
+          throw new AppError(`${model} not found`, `${model} not found`, 404);
+        }
+        res.status(200).json(item);
+      } catch (error) {
+        next(error);
+      }
+    }
+  );
+
+  router.put(
+    '/:id',
+    logRequest({}),
+    isAuthorized,
+    validateRequest({ schema: idSchema, isParam: true }),
+    validateRequest({ schema: updateSchema }),
+    async (req, res, next) => {
+      try {
+        const item = await updateById(req.params.id, req.body);
+        if (!item) {
+          throw new AppError(`${model} not found`, `${model} not found`, 404);
+        }
+        res.status(200).json(item);
+      } catch (error) {
+        next(error);
+      }
+    }
+  );
+
+  router.delete(
+    '/:id',
+    logRequest({}),
+    isAuthorized,
+    validateRequest({ schema: idSchema, isParam: true }),
+    async (req, res, next) => {
+      try {
+        await deleteById(req.params.id);
+        res.status(204).json({ message: `${model} is deleted` });
+      } catch (error) {
+        next(error);
+      }
+    }
+  );
+
+  return router;
+};
+
+module.exports = { routes };

src/domains/resource/event.js

@@ -0,0 +1,7 @@
+const { routes } = require('./api');
+
+const defineRoutes = (expressRouter) => {
+  expressRouter.use('/resources', routes());
+};
+
+module.exports = defineRoutes;

src/domains/resource/index.js

@@ -0,0 +1,39 @@
+const Joi = require('joi');
+const mongoose = require('mongoose');
+
+const createSchema = Joi.object().keys({
+  name: Joi.string().required().lowercase().trim(),
+  displayName: Joi.string().required(),
+  description: Joi.string().allow('').optional(),
+  identifier: Joi.string().required(),
+  type: Joi.string().valid('api', 'ui', 'menu').default('api')
+});
+
+const updateSchema = Joi.object().keys({
+  name: Joi.string().lowercase().trim(),
+  displayName: Joi.string(),
+  description: Joi.string().allow(''),
+  identifier: Joi.string(),
+  type: Joi.string().valid('api', 'ui', 'menu')
+});
+
+const idSchema = Joi.object().keys({
+  id: Joi.string()
+    .custom((value, helpers) => {
+      if (!mongoose.Types.ObjectId.isValid(value)) {
+        return helpers.error('any.invalid');
+      }
+      return value;
+    }, 'ObjectId validation')
+    .required(),
+});
+
+const searchSchema = Joi.object({
+  keyword: Joi.string().allow('').optional().max(50),
+  page: Joi.number().integer().min(0),
+  orderBy: Joi.string(),
+  order: Joi.string().valid('asc', 'desc'),
+  type: Joi.string().valid('api', 'ui', 'menu')
+});
+
+module.exports = { createSchema, updateSchema, idSchema, searchSchema };

src/domains/resource/request.js

@@ -0,0 +1,34 @@
+const mongoose = require('mongoose');
+const { baseSchema } = require('../../libraries/db/base-schema');
+
+const resourceSchema = new mongoose.Schema({
+  name: {
+    type: String,
+    required: true,
+    unique: true,
+    lowercase: true,
+    trim: true,
+  },
+  displayName: {
+    type: String,
+    required: true,
+  },
+  description: {
+    type: String,
+    default: '',
+  },
+  identifier: {
+    type: String,
+    required: true,
+    unique: true,
+  },
+  type: {
+    type: String,
+    enum: ['api', 'ui', 'menu'],
+    default: 'api',
+  },
+});
+
+resourceSchema.add(baseSchema);
+
+module.exports = mongoose.model('Resource', resourceSchema);

src/domains/resource/schema.js

@@ -0,0 +1,157 @@
+const logger = require('../../libraries/log/logger');
+const Model = require('./schema');
+const { AppError } = require('../../libraries/error-handling/AppError');
+
+const model = 'resource';
+
+const create = async (data) => {
+  try {
+    const item = new Model(data);
+    const saved = await item.save();
+    logger.info(`create(): ${model} created`, {
+      id: saved._id,
+    });
+    return saved;
+  } catch (error) {
+    logger.error(`create(): Failed to create ${model}`, error);
+    throw new AppError(`Failed to create ${model}`, error.message);
+  }
+};
+
+const search = async (query) => {
+  try {
+    logger.info(`search(): ${model} search`, { query });
+    const pageSize = 10;
+    const {
+      keyword,
+      page = 0,
+      orderBy = 'name',
+      order = 'asc',
+      type
+    } = query ?? {};
+
+    const filter = {};
+    if (keyword) {
+      filter.$or = [
+        { name: { $regex: keyword, $options: 'i' } },
+        { displayName: { $regex: keyword, $options: 'i' } },
+        { identifier: { $regex: keyword, $options: 'i' } }
+      ];
+    }
+    if (type) {
+      filter.type = type;
+    }
+
+    const items = await Model.find(filter)
+      .sort({ [orderBy]: order === 'asc' ? 1 : -1 })
+      .skip(page * pageSize)
+      .limit(pageSize);
+
+    logger.info('search(): filter and count', {
+      filter,
+      count: items.length,
+    });
+    return items;
+  } catch (error) {
+    logger.error(`search(): Failed to search ${model}`, error);
+    throw new AppError(`Failed to search ${model}`, error.message, 400);
+  }
+};
+
+const count = async (query) => {
+  try {
+    const { keyword, type } = query ?? {};
+    const filter = {};
+    if (keyword) {
+      filter.$or = [
+        { name: { $regex: keyword, $options: 'i' } },
+        { displayName: { $regex: keyword, $options: 'i' } },
+        { identifier: { $regex: keyword, $options: 'i' } }
+      ];
+    }
+    if (type) {
+      filter.type = type;
+    }
+    const total = await Model.countDocuments(filter);
+    logger.info('count(): filter and count', {
+      filter,
+      count: total,
+    });
+    return total;
+  } catch (error) {
+    logger.error(`count(): Failed to count ${model}`, error);
+    throw new AppError(`Failed to count ${model}`, error.message, 400);
+  }
+};
+
+const getById = async (id) => {
+  try {
+    const item = await Model.findById(id);
+    logger.info(`getById(): ${model} fetched`, { id });
+    return item;
+  } catch (error) {
+    logger.error(`getById(): Failed to get ${model}`, error);
+    throw new AppError(`Failed to get ${model}`, error.message);
+  }
+};
+
+const updateById = async (id, data) => {
+  try {
+    const item = await Model.findByIdAndUpdate(id, data, { new: true });
+    logger.info(`updateById(): ${model} updated`, { id });
+    return item;
+  } catch (error) {
+    logger.error(`updateById(): Failed to update ${model}`, error);
+    throw new AppError(`Failed to update ${model}`, error.message);
+  }
+};
+
+const deleteById = async (id) => {
+  try {
+    await Model.findByIdAndDelete(id);
+    logger.info(`deleteById(): ${model} deleted`, { id });
+    return true;
+  } catch (error) {
+    logger.error(`deleteById(): Failed to delete ${model}`, error);
+    throw new AppError(`Failed to delete ${model}`, error.message);
+  }
+};
+
+const getAllGroupedByType = async () => {
+  try {
+    const resources = await Model.find({})
+      .sort({ type: 1, displayName: 1 })
+      .lean();
+
+    // Group resources by type
+    const grouped = resources.reduce((acc, resource) => {
+      if (!acc[resource.type]) {
+        acc[resource.type] = [];
+      }
+      acc[resource.type].push({
+        id: resource._id,
+        name: resource.name,
+        displayName: resource.displayName,
+        description: resource.description,
+        identifier: resource.identifier
+      });
+      return acc;
+    }, {});
+
+    logger.info('getAllGroupedByType(): Resources fetched and grouped');
+    return grouped;
+  } catch (error) {
+    logger.error('getAllGroupedByType(): Failed to fetch resources', error);
+    throw new AppError('Failed to fetch resources', error.message, 400);
+  }
+};
+
+module.exports = {
+  create,
+  search,
+  count,
+  getById,
+  updateById,
+  deleteById,
+  getAllGroupedByType,
+};