chore(Amplication): Update Generated Code for basic-auth-provider

apps/basic-auth-provider-admin/src/App.tsx

@@ -129,7 +129,7 @@ import { UserList } from "./user/UserList";
 import { UserCreate } from "./user/UserCreate";
 import { UserEdit } from "./user/UserEdit";
 import { UserShow } from "./user/UserShow";
-import { jwtAuthProvider } from "./auth-provider/ra-auth-jwt";
+import { httpAuthProvider } from "./auth-provider/ra-auth-http";
 
 const App = (): React.ReactElement => {
   const [dataProvider, setDataProvider] = useState<DataProvider | null>(null);
@@ -150,7 +150,7 @@ const App = (): React.ReactElement => {
       <Admin
         title={"Basic Auth Provider"}
         dataProvider={dataProvider}
-        authProvider={jwtAuthProvider}
+        authProvider={httpAuthProvider}
         theme={theme}
         dashboard={Dashboard}
         loginPage={Login}

apps/basic-auth-provider/.env

@@ -5,4 +5,6 @@ DB_PASSWORD=admin
 DB_PORT=5432
 DB_URL=postgres://admin:admin@localhost:5432/my-db
 DB_USER=admin
+JWT_EXPIRATION=2d
+JWT_SECRET_KEY=Change_ME!!!
 PORT=3000

apps/basic-auth-provider/package.json

@@ -38,6 +38,7 @@
     "dotenv": "16.3.1",
     "graphql": "^16.8.1",
     "graphql-type-json": "0.3.2",
+    "nest-access-control": "^3.1.0",
     "npm-run-all": "4.1.5",
     "passport": "0.6.0",
     "passport-http": "0.3.0",

apps/basic-auth-provider/scripts/customSeed.ts

@@ -2,6 +2,16 @@ import { PrismaClient } from "@prisma/client";
 
 export async function customSeed() {
   const client = new PrismaClient();
+  const username = "admin";
+
+  //replace this sample code to populate your database
+  //with data that is required for your service to start
+  await client.user.update({
+    where: { username: username },
+    data: {
+      username,
+    },
+  });
 
   client.$disconnect();
 }

apps/basic-auth-provider/scripts/seed.ts

@@ -1,6 +1,8 @@
 import * as dotenv from "dotenv";
 import { PrismaClient } from "@prisma/client";
 import { customSeed } from "./customSeed";
+import { Salt, parseSalt } from "../src/auth/password.service";
+import { hash } from "bcrypt";
 
 if (require.main === module) {
   dotenv.config();
@@ -10,12 +12,34 @@ if (require.main === module) {
   if (!BCRYPT_SALT) {
     throw new Error("BCRYPT_SALT environment variable must be defined");
   }
+  const salt = parseSalt(BCRYPT_SALT);
+
+  seed(salt).catch((error) => {
+    console.error(error);
+    process.exit(1);
+  });
 }
 
-async function seed() {
+async function seed(bcryptSalt: Salt) {
   console.info("Seeding database...");
 
   const client = new PrismaClient();
+
+  const data = {
+    username: "admin",
+    password: await hash("admin", bcryptSalt),
+    roles: ["user"],
+  };
+
+  await client.user.upsert({
+    where: {
+      username: data.username,
+    },
+
+    update: {},
+    create: data,
+  });
+
   void client.$disconnect();
 
   console.info("Seeding database with custom seed...");

apps/basic-auth-provider/src/account/account.controller.ts

@@ -1,12 +1,17 @@
 import * as common from "@nestjs/common";
 import * as swagger from "@nestjs/swagger";
+import * as nestAccessControl from "nest-access-control";
 import { AccountService } from "./account.service";
 import { AccountControllerBase } from "./base/account.controller.base";
 
 @swagger.ApiTags("accounts")
 @common.Controller("accounts")
 export class AccountController extends AccountControllerBase {
-  constructor(protected readonly service: AccountService) {
-    super(service);
+  constructor(
+    protected readonly service: AccountService,
+    @nestAccessControl.InjectRolesBuilder()
+    protected readonly rolesBuilder: nestAccessControl.RolesBuilder
+  ) {
+    super(service, rolesBuilder);
   }
 }

apps/basic-auth-provider/src/account/account.module.ts

@@ -1,11 +1,12 @@
-import { Module } from "@nestjs/common";
+import { Module, forwardRef } from "@nestjs/common";
+import { AuthModule } from "../auth/auth.module";
 import { AccountModuleBase } from "./base/account.module.base";
 import { AccountService } from "./account.service";
 import { AccountController } from "./account.controller";
 import { AccountResolver } from "./account.resolver";
 
 @Module({
-  imports: [AccountModuleBase],
+  imports: [AccountModuleBase, forwardRef(() => AuthModule)],
   controllers: [AccountController],
   providers: [AccountService, AccountResolver],
   exports: [AccountService],

apps/basic-auth-provider/src/account/account.resolver.ts

@@ -1,11 +1,20 @@
 import * as graphql from "@nestjs/graphql";
+import * as nestAccessControl from "nest-access-control";
+import * as gqlACGuard from "../auth/gqlAC.guard";
+import { GqlDefaultAuthGuard } from "../auth/gqlDefaultAuth.guard";
+import * as common from "@nestjs/common";
 import { AccountResolverBase } from "./base/account.resolver.base";
 import { Account } from "./base/Account";
 import { AccountService } from "./account.service";
 
+@common.UseGuards(GqlDefaultAuthGuard, gqlACGuard.GqlACGuard)
 @graphql.Resolver(() => Account)
 export class AccountResolver extends AccountResolverBase {
-  constructor(protected readonly service: AccountService) {
-    super(service);
+  constructor(
+    protected readonly service: AccountService,
+    @nestAccessControl.InjectRolesBuilder()
+    protected readonly rolesBuilder: nestAccessControl.RolesBuilder
+  ) {
+    super(service, rolesBuilder);
   }
 }

apps/basic-auth-provider/src/account/base/account.controller.base.ts

@@ -16,17 +16,35 @@ import * as errors from "../../errors";
 import { Request } from "express";
 import { plainToClass } from "class-transformer";
 import { ApiNestedQuery } from "../../decorators/api-nested-query.decorator";
+import * as nestAccessControl from "nest-access-control";
+import * as defaultAuthGuard from "../../auth/defaultAuth.guard";
 import { AccountService } from "../account.service";
+import { AclValidateRequestInterceptor } from "../../interceptors/aclValidateRequest.interceptor";
+import { AclFilterResponseInterceptor } from "../../interceptors/aclFilterResponse.interceptor";
 import { AccountCreateInput } from "./AccountCreateInput";
 import { Account } from "./Account";
 import { AccountFindManyArgs } from "./AccountFindManyArgs";
 import { AccountWhereUniqueInput } from "./AccountWhereUniqueInput";
 import { AccountUpdateInput } from "./AccountUpdateInput";
 
+@swagger.ApiBearerAuth()
+@common.UseGuards(defaultAuthGuard.DefaultAuthGuard, nestAccessControl.ACGuard)
 export class AccountControllerBase {
-  constructor(protected readonly service: AccountService) {}
+  constructor(
+    protected readonly service: AccountService,
+    protected readonly rolesBuilder: nestAccessControl.RolesBuilder
+  ) {}
+  @common.UseInterceptors(AclValidateRequestInterceptor)
   @common.Post()
   @swagger.ApiCreatedResponse({ type: Account })
+  @nestAccessControl.UseRoles({
+    resource: "Account",
+    action: "create",
+    possession: "any",
+  })
+  @swagger.ApiForbiddenResponse({
+    type: errors.ForbiddenException,
+  })
   async createAccount(
     @common.Body() data: AccountCreateInput
   ): Promise<Account> {
@@ -62,9 +80,18 @@ export class AccountControllerBase {
     });
   }
 
+  @common.UseInterceptors(AclFilterResponseInterceptor)
   @common.Get()
   @swagger.ApiOkResponse({ type: [Account] })
   @ApiNestedQuery(AccountFindManyArgs)
+  @nestAccessControl.UseRoles({
+    resource: "Account",
+    action: "read",
+    possession: "any",
+  })
+  @swagger.ApiForbiddenResponse({
+    type: errors.ForbiddenException,
+  })
   async accounts(@common.Req() request: Request): Promise<Account[]> {
     const args = plainToClass(AccountFindManyArgs, request.query);
     return this.service.accounts({
@@ -91,9 +118,18 @@ export class AccountControllerBase {
     });
   }
 
+  @common.UseInterceptors(AclFilterResponseInterceptor)
   @common.Get("/:id")
   @swagger.ApiOkResponse({ type: Account })
   @swagger.ApiNotFoundResponse({ type: errors.NotFoundException })
+  @nestAccessControl.UseRoles({
+    resource: "Account",
+    action: "read",
+    possession: "own",
+  })
+  @swagger.ApiForbiddenResponse({
+    type: errors.ForbiddenException,
+  })
   async account(
     @common.Param() params: AccountWhereUniqueInput
   ): Promise<Account | null> {
@@ -127,9 +163,18 @@ export class AccountControllerBase {
     return result;
   }
 
+  @common.UseInterceptors(AclValidateRequestInterceptor)
   @common.Patch("/:id")
   @swagger.ApiOkResponse({ type: Account })
   @swagger.ApiNotFoundResponse({ type: errors.NotFoundException })
+  @nestAccessControl.UseRoles({
+    resource: "Account",
+    action: "update",
+    possession: "any",
+  })
+  @swagger.ApiForbiddenResponse({
+    type: errors.ForbiddenException,
+  })
   async updateAccount(
     @common.Param() params: AccountWhereUniqueInput,
     @common.Body() data: AccountUpdateInput
@@ -179,6 +224,14 @@ export class AccountControllerBase {
   @common.Delete("/:id")
   @swagger.ApiOkResponse({ type: Account })
   @swagger.ApiNotFoundResponse({ type: errors.NotFoundException })
+  @nestAccessControl.UseRoles({
+    resource: "Account",
+    action: "delete",
+    possession: "any",
+  })
+  @swagger.ApiForbiddenResponse({
+    type: errors.ForbiddenException,
+  })
   async deleteAccount(
     @common.Param() params: AccountWhereUniqueInput
   ): Promise<Account | null> {

apps/basic-auth-provider/src/account/base/account.module.base.ts

@@ -10,9 +10,9 @@ https://docs.amplication.com/how-to/custom-code
 ------------------------------------------------------------------------------
   */
 import { Module } from "@nestjs/common";
-
+import { ACLModule } from "../../auth/acl.module";
 @Module({
-  imports: [],
-  exports: [],
+  imports: [ACLModule],
+  exports: [ACLModule],
 })
 export class AccountModuleBase {}

apps/basic-auth-provider/src/account/base/account.resolver.base.ts

@@ -13,6 +13,12 @@ import * as graphql from "@nestjs/graphql";
 import { GraphQLError } from "graphql";
 import { isRecordNotFoundError } from "../../prisma.util";
 import { MetaQueryPayload } from "../../util/MetaQueryPayload";
+import * as nestAccessControl from "nest-access-control";
+import * as gqlACGuard from "../../auth/gqlAC.guard";
+import { GqlDefaultAuthGuard } from "../../auth/gqlDefaultAuth.guard";
+import * as common from "@nestjs/common";
+import { AclFilterResponseInterceptor } from "../../interceptors/aclFilterResponse.interceptor";
+import { AclValidateRequestInterceptor } from "../../interceptors/aclValidateRequest.interceptor";
 import { Account } from "./Account";
 import { AccountCountArgs } from "./AccountCountArgs";
 import { AccountFindManyArgs } from "./AccountFindManyArgs";
@@ -22,10 +28,20 @@ import { UpdateAccountArgs } from "./UpdateAccountArgs";
 import { DeleteAccountArgs } from "./DeleteAccountArgs";
 import { OrigUser } from "../../origUser/base/OrigUser";
 import { AccountService } from "../account.service";
+@common.UseGuards(GqlDefaultAuthGuard, gqlACGuard.GqlACGuard)
 @graphql.Resolver(() => Account)
 export class AccountResolverBase {
-  constructor(protected readonly service: AccountService) {}
+  constructor(
+    protected readonly service: AccountService,
+    protected readonly rolesBuilder: nestAccessControl.RolesBuilder
+  ) {}
 
+  @graphql.Query(() => MetaQueryPayload)
+  @nestAccessControl.UseRoles({
+    resource: "Account",
+    action: "read",
+    possession: "any",
+  })
   async _accountsMeta(
     @graphql.Args() args: AccountCountArgs
   ): Promise<MetaQueryPayload> {
@@ -35,14 +51,26 @@ export class AccountResolverBase {
     };
   }
 
+  @common.UseInterceptors(AclFilterResponseInterceptor)
   @graphql.Query(() => [Account])
+  @nestAccessControl.UseRoles({
+    resource: "Account",
+    action: "read",
+    possession: "any",
+  })
   async accounts(
     @graphql.Args() args: AccountFindManyArgs
   ): Promise<Account[]> {
     return this.service.accounts(args);
   }
 
+  @common.UseInterceptors(AclFilterResponseInterceptor)
   @graphql.Query(() => Account, { nullable: true })
+  @nestAccessControl.UseRoles({
+    resource: "Account",
+    action: "read",
+    possession: "own",
+  })
   async account(
     @graphql.Args() args: AccountFindUniqueArgs
   ): Promise<Account | null> {
@@ -53,7 +81,13 @@ export class AccountResolverBase {
     return result;
   }
 
+  @common.UseInterceptors(AclValidateRequestInterceptor)
   @graphql.Mutation(() => Account)
+  @nestAccessControl.UseRoles({
+    resource: "Account",
+    action: "create",
+    possession: "any",
+  })
   async createAccount(
     @graphql.Args() args: CreateAccountArgs
   ): Promise<Account> {
@@ -71,7 +105,13 @@ export class AccountResolverBase {
     });
   }
 
+  @common.UseInterceptors(AclValidateRequestInterceptor)
   @graphql.Mutation(() => Account)
+  @nestAccessControl.UseRoles({
+    resource: "Account",
+    action: "update",
+    possession: "any",
+  })
   async updateAccount(
     @graphql.Args() args: UpdateAccountArgs
   ): Promise<Account | null> {
@@ -99,6 +139,11 @@ export class AccountResolverBase {
   }
 
   @graphql.Mutation(() => Account)
+  @nestAccessControl.UseRoles({
+    resource: "Account",
+    action: "delete",
+    possession: "any",
+  })
   async deleteAccount(
     @graphql.Args() args: DeleteAccountArgs
   ): Promise<Account | null> {
@@ -114,10 +159,16 @@ export class AccountResolverBase {
     }
   }
 
+  @common.UseInterceptors(AclFilterResponseInterceptor)
   @graphql.ResolveField(() => OrigUser, {
     nullable: true,
     name: "user",
   })
+  @nestAccessControl.UseRoles({
+    resource: "OrigUser",
+    action: "read",
+    possession: "any",
+  })
   async getUser(@graphql.Parent() parent: Account): Promise<OrigUser | null> {
     const result = await this.service.getUser(parent.id);