open-condo-software
diff --git a/Diff for: ‎.github/workflows/nodejs.condo.ci.yml
+64-1 b/Diff for: ‎.github/workflows/nodejs.condo.ci.yml
+64-1
diff --git a/Diff for: ‎.gitignore
+1 b/Diff for: ‎.gitignore
+1
diff --git a/Diff for: ‎.stylelintrc.json
+6 b/Diff for: ‎.stylelintrc.json
+6
diff --git a/Diff for: ‎apps/condo/bin/create-user.js
+53-17 b/Diff for: ‎apps/condo/bin/create-user.js
+53-17
diff --git a/Diff for: ‎apps/dev-api/.env.example
+1-2 b/Diff for: ‎apps/dev-api/.env.example
+1-2
diff --git a/Diff for: ‎apps/dev-api/bin/prepare.js
+50-1 b/Diff for: ‎apps/dev-api/bin/prepare.js
+50-1
diff --git a/Diff for: ‎apps/dev-api/domains/common/constants/common.js
+5 b/Diff for: ‎apps/dev-api/domains/common/constants/common.js
+5
diff --git a/Diff for: ‎apps/dev-api/domains/common/constants/errors.js
+7 b/Diff for: ‎apps/dev-api/domains/common/constants/errors.js
+7
diff --git a/Diff for: ‎apps/dev-api/domains/common/utils/files.js
+37 b/Diff for: ‎apps/dev-api/domains/common/utils/files.js
+37
diff --git a/Diff for: ‎apps/dev-api/domains/common/utils/serverClients.js
+30 b/Diff for: ‎apps/dev-api/domains/common/utils/serverClients.js
+30
diff --git a/Diff for: ‎apps/dev-api/domains/condo/gql.js
+9 b/Diff for: ‎apps/dev-api/domains/condo/gql.js
+9
@@ -11,6 +11,8 @@ on:
 
 env:
   DOCKER_IMAGE_FULL: ${{ secrets.DOCKER_REGISTRY }}/condo/condo-image:${{ github.sha }}
+  PG_IMAGE_FULL: ${{ secrets.DOCKER_REGISTRY }}/doma/utils/postgres:13.2
+  REDIS_IMAGE_FULL: ${{ secrets.DOCKER_REGISTRY }}/doma/utils/redis:6.2
 
 jobs:
   build-image:
@@ -48,7 +50,7 @@ jobs:
       - name: Login to cloud registry
         uses: docker/login-action@v3
         with:
-          registry: swr.ru-moscow-1.hc.sbercloud.ru
+          registry: ${{ secrets.DOCKER_REGISTRY }}
           username: ${{ secrets.SBERCLOUD_CR_USERNAME }}
           password: ${{ secrets.SBERCLOUD_CR_PASSWORD }}
       - name: Build repo image
@@ -78,6 +80,29 @@ jobs:
             ./docker-logs
           retention-days: 2
 
+  # SRC: https://how.wtf/run-workflow-step-or-job-based-on-file-changes-github-actions.html
+  detect-changes:
+    name: Define job list based on changed files
+    runs-on: ubuntu-latest
+    outputs:
+      dev-api: ${{ steps.detect-changes.outputs.dev-api }}
+    steps:
+      - name: Checkout code with submodules
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+          submodules: recursive
+          ssh-key: ${{ secrets.SSH_DOCK_SERVER_PRIVATE_KEY }}
+      - name: Scan changed files
+        uses: dorny/paths-filter@v2
+        id: detect-changes
+        with:
+          filters: |
+            dev-api:
+              - 'apps/dev-api/**'
+              - 'apps/condo/domains/miniapp/**'
+
+
   lint:
     name: Lint source code
     runs-on: ubuntu-latest
@@ -120,3 +145,41 @@ jobs:
       # Fetch project source with GitHub Actions Checkout.
       - uses: actions/checkout@v3
       - run: ./bin/run-semgrep.sh -a
+
+  run-dev-api-tests:
+    name: DEV-API Tests
+    runs-on: ubuntu-latest
+    needs:
+      - detect-changes
+      - build-image
+    if: ${{ needs.detect-changes.outputs.dev-api == 'true' }}
+    steps:
+      - name: Login to cloud registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ secrets.DOCKER_REGISTRY }}
+          username: ${{ secrets.SBERCLOUD_CR_USERNAME }}
+          password: ${{ secrets.SBERCLOUD_CR_PASSWORD }}
+      - name: Setup PG db
+        run: |
+          docker run -e POSTGRES_USER=$POSTGRES_USER -e POSTGRES_PASSWORD=$POSTGRES_PASSWORD -e POSTGRES_DB=$POSTGRES_DB -p="127.0.0.1:5432:5432" -d ${{ env.PG_IMAGE_FULL }}
+        env:
+          POSTGRES_USER: postgres
+          POSTGRES_PASSWORD: postgres
+          POSTGRES_DB: main
+      - name: Setup Redis db
+        run: |
+          docker run -p="127.0.0.1:6379:6379" -d ${{ env.REDIS_IMAGE_FULL }}
+      - name: Run condo container with daemon
+        run: |
+          docker run --network="host" --name condo-container -dit ${{ env.DOCKER_IMAGE_FULL }} sh
+      - name: Prepare apps
+        run: |
+          docker exec condo-container node bin/prepare.js -f condo dev-api
+      - name: Run apps and tests
+        run: |
+          docker exec condo-container sh -c "(\
+          yarn workspace @app/condo start & \
+          yarn workspace @app/dev-api start & \
+          node bin/wait-apps-apis.js -f condo dev-api) && \
+          yarn workspace @app/dev-api test"
@@ -19,6 +19,7 @@ codegen.yaml
 
 schema.graphql
 !apps/condo/schema.graphql
+!apps/dev-api/schema.graphql
 
 # yarn + npm
 yarn-error.log
 
@@ -4,6 +4,12 @@
     "stylelint-config-rational-order"
   ],
   "rules": {
+    "selector-pseudo-class-no-unknown": [
+      true,
+      {
+        "ignorePseudoClasses": ["global"]
+      }
+    ],
     "at-rule-no-unknown": [true, {
       "ignoreAtRules": ["tailwind"]
     }],
 
@@ -2,7 +2,7 @@ const path = require('path')
 
 const { getRandomString, prepareKeystoneExpressApp } = require('@open-condo/keystone/prepareKeystoneApp')
 
-const { User } = require('@condo/domains/user/utils/serverSchema')
+const { User, UserRightsSet } = require('@condo/domains/user/utils/serverSchema')
 
 function getJson (data) {
     try {
@@ -13,31 +13,67 @@ function getJson (data) {
 }
 
 async function main (args) {
-    const [email, options] = args
-    let optionsJson = getJson(options)
-    if (!email || !email.includes('@')) throw new Error('use: create-user <email> [<options>]')
-    if (options && !optionsJson) throw new Error('<options> argument should be a valid json')
-    const json = optionsJson || {}
+    const [email, userOptions, rightsSet] = args
+    if (!email || !email.includes('@')) throw new Error('use: create-user <email> [<options>] [<rightsSet>]')
+    const parsedUserOptions = getJson(userOptions)
+    if (userOptions && !parsedUserOptions) throw new Error('<options> argument should be a valid json object')
+    const parsedRightsSet = getJson(rightsSet)
+    if (rightsSet && !parsedRightsSet) throw new Error('<rightsSet> argument should be a valid json object')
+
+    const userPayload = parsedUserOptions || {}
 
     const { keystone: context } = await prepareKeystoneExpressApp(path.resolve('./index.js'), { excludeApps: ['NextApp', 'AdminUIApp'] })
 
     console.info(`EMAIL: ${email}`)
-    const user = await User.getOne(context, { email })
-    if (!json.dv) json.dv = 1
-    if (!json.sender) json.sender = { 'dv': 1, 'fingerprint': 'create-user-script' }
-    if (!user) {
-        if (!json.password) {
-            json.password = getRandomString()
-            console.info(`PASSWORD: ${json.password}`)
+    const existingUser = await User.getOne(context, { email })
+    userPayload.dv ??= 1
+    userPayload.sender ??= { 'dv': 1, 'fingerprint': 'create-user-script' }
+    let rightSetId
+    let userId
+
+    if (!existingUser) {
+        if (!userPayload.password) {
+            userPayload.password = getRandomString()
+            console.info(`PASSWORD: ${userPayload.password}`)
         }
-        if (!json.name) json.name = email.split('@')[0]
-        await User.create(context, {
-            email, ...json,
+        userPayload.name ??= email.split('@')[0]
+        const user =  await User.create(context, {
+            email,
+            ...userPayload,
         })
         console.info('User created!')
+        userId = user.id
+        if (user.rightsSet) {
+            rightSetId = user.rightsSet.id
+        }
     } else {
-        await User.update(context, user.id, json)
+        const user = await User.update(context, existingUser.id, userPayload)
         console.info('User updated!')
+        userId = existingUser.id
+        if (user.rightsSet) {
+            rightSetId = user.rightsSet.id
+        }
+    }
+
+    if (parsedRightsSet) {
+        const rightSetPayload = {
+            dv: 1,
+            sender: { dv: 1, fingerprint: 'create-user-script' },
+            ...parsedRightsSet,
+        }
+        if (rightSetId) {
+            await UserRightsSet.update(context, rightSetId, rightSetPayload)
+            console.info('UserRightsSet updated!')
+        } else {
+            await User.update(context, userId, {
+                dv: 1,
+                sender: { dv: 1, fingerprint: 'create-user-script' },
+                rightsSet: {
+                    create: rightSetPayload,
+                },
+            })
+            console.info('UserRightsSet created and linked!')
+        }
     }
 }
 
 
@@ -1,5 +1,4 @@
 SMS_WHITE_LIST='{"+79990001234": "1234"}'
 IP_WHITE_LIST='["::ffff:127.0.0.1"]'
 SMS_PROVIDER=fake
-CONDO_DEV_BOT_CONFIG='{"apiUrl": "http://localhost:4004", "email": "[email protected]", "password": "your-secret-pass" }'
-CONDO_PROD_BOT_CONFIG='{"apiUrl": "http://localhost:4004", "email": "[email protected]", "password": "your-secret-pass" }'
+FILE_FIELD_ADAPTER=local
@@ -1,11 +1,60 @@
 const path = require('path')
 
-const { prepareAppEnvLocalAdminUsers } = require('@open-condo/cli')
+const { faker } = require('@faker-js/faker')
+
+const { prepareAppEnvLocalAdminUsers, getAppEnvValue, updateAppEnvFile, safeExec } = require('@open-condo/cli')
 
 const APP_NAME = path.basename(path.resolve(__dirname, '..'))
+const BOT_RIGHTS_SET = {
+    name: '[DEV-API] Service bot permissions',
+    canReadB2BApps: true,
+    canReadB2BAppAccessRights: true,
+    canReadB2BAppAccessRightSets: true,
+    canReadB2BAppPermissions: true,
+    canReadB2BAppNewsSharingConfigs: true,
+    canReadB2CApps: true,
+    canReadB2CAppAccessRights: true,
+    canReadB2CAppBuilds: true,
+    canReadB2CAppProperties: true,
+
+    canManageB2BApps: true,
+    canManageB2BAppAccessRights: true,
+    canManageB2BAppAccessRightSets: true,
+    canManageB2BAppPermissions: true,
+    canManageB2BAppNewsSharingConfigs: true,
+    canManageB2CApps: true,
+    canManageB2CAppAccessRights: true,
+    canManageB2CAppBuilds: true,
+    canManageB2CAppProperties: true,
+
+    canExecuteRegisterNewServiceUser: true,
+    canExecuteSendMessage: true,
+}
 
 async function main () {
     await prepareAppEnvLocalAdminUsers(APP_NAME, 'phone')
+
+    const condoUrl = await getAppEnvValue(APP_NAME, 'CONDO_DOMAIN')
+    const devBotEnvValue = await getAppEnvValue(APP_NAME, 'CONDO_DEV_BOT_CONFIG')
+    const devBotConfig = devBotEnvValue ? JSON.parse(devBotEnvValue) : {
+        email: '[email protected]',
+        password: faker.internet.password(16),
+    }
+    devBotConfig.apiUrl = `${condoUrl}/admin/api`
+    await updateAppEnvFile(APP_NAME, 'CONDO_DEV_BOT_CONFIG', JSON.stringify(devBotConfig))
+
+    const prodBotEnvValue = await getAppEnvValue(APP_NAME, 'CONDO_PROD_BOT_CONFIG')
+    const prodBotConfig = prodBotEnvValue ? JSON.parse(prodBotEnvValue) : {
+        email: '[email protected]',
+        password: faker.internet.password(16),
+    }
+    prodBotConfig.apiUrl = `${condoUrl}/admin/api`
+    await updateAppEnvFile(APP_NAME, 'CONDO_PROD_BOT_CONFIG', JSON.stringify(prodBotConfig))
+
+    const devBotOptions = { type: 'service', password: devBotConfig.password, name: '[DEV-API] Dev bot' }
+    const prodBotOptions = { type: 'service', password: prodBotConfig.password, name: '[DEV-API] Prod bot' }
+    await safeExec(`yarn workspace @app/condo node bin/create-user.js ${devBotConfig.email} '${JSON.stringify(devBotOptions)}' '${JSON.stringify(BOT_RIGHTS_SET)}'`)
+    await safeExec(`yarn workspace @app/condo node bin/create-user.js ${prodBotConfig.email} '${JSON.stringify(prodBotOptions)}' '${JSON.stringify(BOT_RIGHTS_SET)}'`)
 }
 
 main().then(() => {
 
@@ -0,0 +1,5 @@
+const REMOTE_SYSTEM = 'dev-api'
+
+module.exports = {
+    REMOTE_SYSTEM,
+}
@@ -0,0 +1,7 @@
+const INVALID_MIMETYPE = 'INVALID_MIMETYPE'
+const MULTIPLE_FOUND = 'MULTIPLE_FOUND'
+
+module.exports = {
+    INVALID_MIMETYPE,
+    MULTIPLE_FOUND,
+}
@@ -0,0 +1,37 @@
+const get = require('lodash/get')
+
+const { GQLError, GQLErrorCode: { BAD_USER_INPUT } } = require('@open-condo/keystone/errors')
+
+
+// TODO: Move everything to @open-condo/keystone or somewhere outside of condo to avoid possible side-effects
+const FileAdapter = require('@condo/domains/common/utils/fileAdapter')
+const { getFileMetaAfterChange, makeFileAdapterMiddleware } = require('@condo/domains/common/utils/fileAdapter')
+const { INVALID_MIMETYPE } = require('@dev-api/domains/common/constants/errors')
+
+const ERRORS = {
+    INVALID_MIMETYPE: {
+        code: BAD_USER_INPUT,
+        type: INVALID_MIMETYPE,
+        message: 'Attached file have invalid mimetype',
+        messageForUser: 'errors.INVALID_MIMETYPE.message',
+    },
+}
+
+function getMimeTypesValidator ({ allowedTypes }) {
+    return function validateInput ({ resolvedData, fieldPath, context }) {
+        const mimeType = get(resolvedData, [fieldPath, 'mimetype'])
+        if (!allowedTypes.includes(mimeType)) {
+            throw new GQLError({
+                ...ERRORS.INVALID_MIMETYPE,
+                messageInterpolation: { types: allowedTypes },
+            }, context)
+        }
+    }
+}
+
+module.exports = {
+    FileAdapter,
+    getFileMetaAfterChange,
+    makeFileAdapterMiddleware,
+    getMimeTypesValidator,
+}
@@ -2,7 +2,10 @@ const get = require('lodash/get')
 
 const { ApolloServerClient } = require('@open-condo/apollo-server-client')
 const conf = require('@open-condo/config')
+const { GQLError, GQLErrorCode: { INTERNAL_ERROR } } = require('@open-condo/keystone/errors')
 
+const { REMOTE_SYSTEM } = require('@dev-api/domains/common/constants/common')
+const { MULTIPLE_FOUND } = require('@dev-api/domains/common/constants/errors')
 const { DEFAULT_LOCALE } = require('@dev-api/domains/common/constants/locales')
 const { SEND_MESSAGE_MUTATION } = require('@dev-api/domains/common/gql')
 
@@ -19,6 +22,15 @@ function _getClientRequisites (config) {
     }
 }
 
+const ERRORS = {
+    MULTIPLE_FOUND: {
+        code: INTERNAL_ERROR,
+        type: MULTIPLE_FOUND,
+        message: 'Unable to determine the object to update because multiple objects were found for the specified importID and exportId',
+        messageForUser: 'errors.MULTIPLE_FOUND.message',
+    },
+}
+
 
 class CondoClient extends ApolloServerClient {
     constructor ({ endpoint, authRequisites, opts }) {
@@ -42,6 +54,24 @@ class CondoClient extends ApolloServerClient {
             },
         })
     }
+
+    async findExportedModel ({ modelGql, exportId, id, context }) {
+        const searchConditions = []
+        if (exportId) searchConditions.push({ id: exportId })
+        searchConditions.push({ AND: [{ importId: id, importRemoteSystem: REMOTE_SYSTEM }] })
+        const objs = await this.getModels({
+            modelGql,
+            first: 2,
+            where: {
+                OR: searchConditions,
+            },
+        })
+        if (objs.length > 1) {
+            throw new GQLError(ERRORS.MULTIPLE_FOUND, context)
+        }
+
+        return objs.length ? objs[0] : null
+    }
 }
 
 const developmentClient = new CondoClient({
 
@@ -0,0 +1,9 @@
+const { generateGqlQueries } = require('@open-condo/codegen/generate.gql')
+
+const CondoB2CAppGql = generateGqlQueries('B2CApp', '{ id }')
+const CondoB2CAppBuildGql = generateGqlQueries('B2CAppBuild', '{ id }')
+
+module.exports = {
+    CondoB2CAppGql,
+    CondoB2CAppBuildGql,
+}