Taking 'identity' from new user-identity service

curveball · Jul 14, 2024 · ee3d6a8 · ee3d6a8
1 parent f07831c
commit ee3d6a8
Show file tree

Hide file tree

Showing 4 changed files with 81 additions and 4 deletions.
diff --git a/src/principal-identity/service.ts b/src/principal-identity/service.ts
@@ -0,0 +1,30 @@
+import { Principal, PrincipalIdentity } from "../types.js";
+import knex from '../database.js';
+import { PrincipalIdentityRecord } from "knex/types/tables.js";
+
+
+export async function findByPrincipal(principal: Principal): Promise<PrincipalIdentity[]> {
+
+  const result = await knex('principal_identity')
+    .select()
+    .where('principal_id', principal.id);
+
+  return result.map(
+    record => recordToModel(record)
+  );
+
+}
+
+function recordToModel(record: PrincipalIdentityRecord): PrincipalIdentity {
+
+  return {
+    id: record.id,
+    href: record.href,
+    label: record.label,
+    isPrimary: !!record.is_primary,
+    verifiedAt: record.verified_at ? new Date(record.verified_at) : null,
+    createdAt: new Date(record.created_at),
+    modifiedAt: new Date(record.modified_at),
+  }
+
+}
diff --git a/src/types.ts b/src/types.ts
@@ -78,6 +78,46 @@ export type NewPrincipal<TType extends PrincipalType> = {
   active: boolean;
 }
 
+export type PrincipalIdentity = {
+  id: number;
+  /**
+   * External URI for the principal. Usually a mailto: for an associated email
+   * address, or a tel: for a phone number.
+   */
+  href: string;
+
+  /**
+   * If this is the 'main' ID for a user, this is set to true.
+   * There should usually only be one identity that has this flag.
+   */
+  isPrimary: boolean;
+
+  /**
+   * Optional, user supplied label for the identity. For example 'Home', 'Work' or 'Mobile'.
+   */
+  label: string | null;
+
+  /**
+   * If set, when the user verified ownership of the id.
+   *
+   * For uuid IDs this will automatically be set to true, but email and tel ids may need
+   * to be sent a verification code which the user needs to enter back into the system.
+   *
+   * Trusted clients of the API may also set this.
+   */
+  verifiedAt: Date | null;
+
+  /**
+   * When the identity was first created.
+   */
+  createdAt: Date;
+
+  /**
+   * Last time the identity was updated.
+   */
+  modifiedAt: Date;
+}
+
 /**
  * Principal statistics
  */

diff --git a/src/user/controller/item.ts b/src/user/controller/item.ts
@@ -4,6 +4,7 @@ import * as privilegeService from '../../privilege/service.js';
 import * as userHal from '../formats/hal.js';
 import * as userService from '../service.js';
 import { PrincipalService } from '../../principal/service.js';
+import * as principalIdentityService from '../../principal-identity/service.js';
 
 type EditPrincipalBody = {
   nickname: string;
@@ -53,6 +54,7 @@ class UserController extends Controller {
       hasPassword,
       currentUserPrivileges,
       await principalService.findGroupsForPrincipal(principal),
+      await principalIdentityService.findByPrincipal(principal),
     );
 
   }

diff --git a/src/user/formats/hal.ts b/src/user/formats/hal.ts
@@ -1,5 +1,5 @@
 import { PrivilegeMap } from '../../privilege/types.js';
-import { Principal, Group, User } from '../../types.js';
+import { Principal, Group, User, PrincipalIdentity } from '../../types.js';
 import { HalResource } from 'hal-types';
 import { LazyPrivilegeBox } from '../../privilege/service.js';
 
@@ -33,19 +33,24 @@ export function collection(users: User[]): HalResource {
  * we're generating the repsonse for, or if the current authenticated user
  * has full admin privileges
  */
-export function item(user: User, privileges: PrivilegeMap, hasControl: boolean, hasPassword: boolean, currentUserPrivileges: LazyPrivilegeBox, groups: Group[]): HalResource {
+export function item(user: User, privileges: PrivilegeMap, hasControl: boolean, hasPassword: boolean, currentUserPrivileges: LazyPrivilegeBox, groups: Group[], identities: PrincipalIdentity[]): HalResource {
 
   const hal: HalResource = {
     _links: {
       'self': {href: user.href, title: user.nickname },
-      'me': { href: user.identity, title: user.nickname },
+      'me': identities.map( identity => (
+         { href: identity.href, title: user.nickname ?? undefined }
+      )),
       'auth-log': { href: `${user.href}/log`, title: 'Authentication log', type: 'text/csv' },
       'up' : { href: '/user', title: 'List of users' },
       'group': groups.map( group => ({
         href: group.href,
         title: group.nickname,
       })),
-
+      'identity-collection' : {
+        href: `${user.href}/identity`,
+        title: 'List of identities the user is associated with'
+      },
       'describedby': {
         href: 'https://curveballjs.org/schemas/a12nserver/user.json',
         type: 'application/schema+json',