44 lines
1.3 KiB
TypeScript
44 lines
1.3 KiB
TypeScript
import { Injectable } from '@nestjs/common';
|
|
import { Client } from 'connect-redis';
|
|
import { OAuth2Client } from 'src/modules/objects/oauth2-client/oauth2-client.entity';
|
|
import { User } from 'src/modules/objects/user/user.entity';
|
|
import { FormUtilityService } from 'src/modules/utility/services/form-utility.service';
|
|
|
|
const UNPRIVILEGED_STRIP = ['openid', 'id_token', 'management', 'implicit'];
|
|
|
|
@Injectable()
|
|
export class AdminService {
|
|
constructor(private _form: FormUtilityService) {}
|
|
|
|
public stripClientInfo(client: OAuth2Client): Partial<OAuth2Client> {
|
|
return {
|
|
...client,
|
|
owner: client.owner
|
|
? this._form.pluckObject(client.owner, ['id', 'uuid', 'username'])
|
|
: null,
|
|
} as Partial<OAuth2Client>;
|
|
}
|
|
|
|
public userHasPrivilege(user: User, privilege: string): boolean {
|
|
return user.privileges.some(({ name }) => name === privilege);
|
|
}
|
|
|
|
public userCanEditClient(user: User, client: Client): boolean {
|
|
if (this.userHasPrivilege(user, 'admin:oauth2')) {
|
|
return true;
|
|
}
|
|
|
|
return client.owner?.id === user.id;
|
|
}
|
|
|
|
public removeUnprivileged(input: string[]): string[] {
|
|
return input.reduce((list, current) => {
|
|
if (UNPRIVILEGED_STRIP.includes(current)) {
|
|
return list;
|
|
}
|
|
|
|
return [...list, current];
|
|
}, []);
|
|
}
|
|
}
|