divers pour la validation

Author: alainabbas

package.json

@@ -64,6 +64,7 @@
     "ajv": "^8.16.0",
     "ajv-errors": "^3.0.0",
     "ajv-formats": "^3.0.1",
+    "ajv-i18n": "^4.2.0",
     "argon2": "^0.41.1",
     "awesome-phonenumber": "^6.10.0",
     "bullmq": "^5.8.2",

src/config.ts

@@ -15,6 +15,7 @@ export interface MongoosePlugin {
 }
 export interface ConfigInstance {
   application: {
+    lang: string
     logLevel: string;
     nameQueue: string;
     bodyParser: {
@@ -80,6 +81,7 @@ export interface ConfigInstance {
 
 export default (): ConfigInstance => ({
   application: {
+    lang: process.env['LANG'] || 'en',
     logLevel: process.env['SESAME_LOG_LEVEL'] || 'info',
     nameQueue: process.env['SESAME_NAME_QUEUE'] || 'sesame',
     bodyParser: {

src/management/identities/_dto/_parts/inetOrgPerson.dto.ts

@@ -1,6 +1,6 @@
 import { ApiProperty, PartialType } from '@nestjs/swagger';
 import { Type } from 'class-transformer';
-import { IsString, IsEmail, IsOptional, IsArray } from 'class-validator';
+import {IsString, IsEmail, IsOptional, IsArray, ValidateIf} from 'class-validator';
 
 export class inetOrgPersonCreateDto {
   @IsString()
@@ -56,6 +56,9 @@ export class inetOrgPersonCreateDto {
   @IsOptional()
   public labeledURI?: string;
 
+  @ValidateIf(o => {
+    return o.mail && o.mail.length > 0;
+  })
   @IsEmail()
   @ApiProperty({ required: false })
   @IsOptional()

src/management/identities/_dto/identities.dto.ts

@@ -35,7 +35,6 @@ export class IdentitiesCreateDto extends IntersectionType(CustomFieldsDto, Metad
   public lifecycle: number;
 
   @IsObject()
-  @ValidateNested()
   @Type(() => inetOrgPersonDto)
   @ApiProperty({ type: inetOrgPersonDto })
   public inetOrgPerson: inetOrgPersonDto;

src/management/identities/abstract-identities.service.ts

@@ -189,4 +189,50 @@ export abstract class AbstractIdentitiesService extends AbstractServiceSchema {
       throw new HttpException('Id not found', 400);
     }
   }
+  /**
+   * Check if mail and uid are unique. If mail is empty  it is not checked
+   * @param data
+   * @private
+   */
+  protected async checkMailAndUid(data): Promise <boolean> {
+    let dataDup=[];
+    if (data.inetOrgPerson.hasOwnProperty('mail')  && data.inetOrgPerson.mail !== ''){
+      const id=new Types.ObjectId(data['_id']);
+      const f: any = { '_id': {$ne : id},$or: [{ 'inetOrgPerson.uid': data.inetOrgPerson.uid }, { 'inetOrgPerson.mail': data.inetOrgPerson.mail }] };
+      dataDup = await this._model.find(f).exec()
+    }else{
+      const id=new Types.ObjectId(data['_id']);
+      const f: any = { '_id': {$ne : id},'inetOrgPerson.uid': data.inetOrgPerson.uid };
+      dataDup = await this._model.find(f).exec()
+    }
+    if (dataDup.length > 0) {
+      return false
+    }else{
+      return true
+    }
+  }
+  protected async checkMail(data): Promise <boolean> {
+    let dataDup=0;
+    if (data.inetOrgPerson.hasOwnProperty('mail')  && data.inetOrgPerson.mail !== ''){
+      const id=new Types.ObjectId(data['_id']);
+      const f: any =  { '_id': {$ne : id},'inetOrgPerson.mail': data.inetOrgPerson.mail };
+      dataDup = await this._model.countDocuments(f).exec()
+    }
+    if (dataDup> 0) {
+      return false
+    }else{
+      return true
+    }
+  }
+  protected async checkUid(data): Promise <boolean> {
+    let dataDup=0;
+    const id=new Types.ObjectId(data['_id']);
+    const f: any = {'_id': {$ne : id}, 'inetOrgPerson.uid': data.inetOrgPerson.uid };
+    dataDup = await this._model.countDocuments(f).exec()
+    if (dataDup > 0) {
+      return false
+    }else{
+      return true
+    }
+  }
 }

src/management/identities/identities-crud.service.ts

@@ -14,13 +14,19 @@ export class IdentitiesCrudService extends AbstractIdentitiesService {
   ): Promise<Document<T, any, T>> {
     data = this.transformNullsToString(data);
     await this.checkInetOrgPersonJpegPhoto(data);
-    //recherche si email oy uid deja present
-    const f: any = { $or: [{ 'inetOrgPerson.uid': data.inetOrgPerson.uid }, { 'inetOrgPerson.mail': data.inetOrgPerson.mail }] };
-    let dataDup = await this._model.countDocuments(f).exec()
-    if (dataDup > 0) {
-      this.logger.error('Identité existante');
+    if(await this.checkMailAndUid(data) === false){
+      this.logger.error('Uid ou mail déjà présent dans une autre identité');
       throw new HttpException("Uid ou mail déjà présent dans une autre identité", 400);
     }
+    const logPrefix = `Validation [${data.inetOrgPerson.cn}]:`;
+    this.logger.log(`${logPrefix} Starting inetOrgPerson validation.`);
+    const check={
+       objectClasses: ['inetorgperson'],
+       attributes:{ 'inetorgperson':data.inetOrgPerson}
+    }
+    //pour la validation le employeeNumber doit exister on en met un avec une valeur par defaut
+    check.attributes.inetorgperson.employeeNumber=["1"];
+    let validations = await this._validation.validate(check);
     const created: Document<T, any, T> = await super.create(data, options);
     return created;
   }
@@ -31,15 +37,29 @@ export class IdentitiesCrudService extends AbstractIdentitiesService {
   ): Promise<ModifyResult<Query<T, T, any, T>>> {
     update = this.transformNullsToString(update);
     // noinspection UnnecessaryLocalVariableJS
+
     //TODO : add validation logic here
     const logPrefix = `Validation [${update.inetOrgPerson.cn}]:`;
     try {
       this.logger.log(`${logPrefix} Starting additionalFields transformation.`);
+      if(update.hasOwnProperty('metadata')){
+        //suppresion de la clé metadata
+        delete(update.metadata);
+      }
+
       await this._validation.transform(update.additionalFields);
-      this.logger.log(`${logPrefix} Starting additionalFields validation.`);
-      const validations = await this._validation.validate(update.additionalFields);
+
+      this.logger.log(`${logPrefix} Starting inetOrgPerson validation.`);
+      const check={
+        objectClasses: ['inetorgperson'],
+        attributes:{ 'inetorgperson':update.inetOrgPerson}
+      }
+      let validationsInetOrg = await this._validation.validate(check);
+      let validationsAdFields = await this._validation.validate(update.additionalFields);
+
       this.logger.log(`${logPrefix} AdditionalFields validation successful.`);
-      this.logger.log(`Validations : ${validations}`);
+      this.logger.log(`Validations InetOrgPerson: ${validationsInetOrg}`);
+      this.logger.log(`Validations Additional fields: ${validationsAdFields}`);
     } catch (error) {
       console.log(error);
       if (error instanceof ValidationConfigException) {
@@ -55,7 +75,11 @@ export class IdentitiesCrudService extends AbstractIdentitiesService {
         throw error; // Rethrow the original error if it's not one of the handled types.
       }
     }
-
+    // check mail and Uid
+    if(await this.checkMailAndUid(update) === false){
+      this.logger.error('Uid ou mail déjà présent dans une autre identité');
+      throw new HttpException("Uid ou mail déjà présent dans une autre identité", 400);
+    }
     // if (update.state === IdentityState.TO_COMPLETE) {
     update = { ...update, state: IdentityState.TO_VALIDATE };
 
@@ -110,4 +134,6 @@ export class IdentitiesCrudService extends AbstractIdentitiesService {
     const deleted = await super.delete(_id, options);
     return deleted;
   }
+
+
 }

src/management/identities/identities-upsert.service.ts

@@ -55,7 +55,14 @@ export class IdentitiesUpsertService extends AbstractIdentitiesService {
       this.logger.log(`${logPrefix} Starting additionalFields transformation.`);
       await this._validation.transform(data.additionalFields);
       this.logger.log(`${logPrefix} Starting additionalFields validation.`);
-      const validations = await this._validation.validate(data.additionalFields);
+      let validations = await this._validation.validate(data.additionalFields);
+      //validation email and uid
+      if (await this.checkMail(data) === false){
+        validations['inetOrgPerson.mail']="Email déjà présent dans une autre identité"
+      }
+      if (await this.checkUid(data) === false){
+        validations['inetOrgPerson.uid']="Uid déjà présent dans une autre identité"
+      }
       this.logger.log(`${logPrefix} AdditionalFields validation successful.`);
       this.logger.log(`Validations : ${JSON.stringify(validations)}`);
       crushedUpdate['state'] = IdentityState.TO_VALIDATE;

src/management/identities/validations/_config/validSchema.ts

@@ -31,6 +31,10 @@ const validSchema = {
               enum: ['date', 'email','number','time','date-time','duration','uri','uri-reference','hostname','ipv4','ipv6','regex','uuid'],
               errorMessage: "Format invalide",
             },
+            contains: {
+              type: 'object',
+              errorMessage: "Le champ 'required' doit être un booléen.",
+            },
             items: {
               type: 'object',
               errorMessage: "Le champ 'required' doit être un booléen.",

src/management/identities/validations/identities.validation.service.ts

@@ -6,10 +6,12 @@ import { diff } from 'radash';
 import { AdditionalFieldsPart } from '../_schemas/_parts/additionalFields.part.schema';
 import Ajv from 'ajv';
 import addFormats from 'ajv-formats';
+import localize from 'ajv-i18n';
 import validSchema from './_config/validSchema';
 import ajvErrors from 'ajv-errors';
 import { ValidationConfigException, ValidationSchemaException } from '~/_common/errors/ValidationException';
 import { additionalFieldsPartDto } from '../_dto/_parts/additionalFields.dto';
+import {ConfigService} from "@nestjs/config";
 
 /**
  * Service responsible for validating identities.
@@ -20,12 +22,13 @@ export class IdentitiesValidationService implements OnApplicationBootstrap {
   private validateSchema;
   private logger: Logger;
 
-  public constructor() {
+  public constructor(protected config: ConfigService) {
     addFormats(this.ajv);
     ajvErrors(this.ajv);
     this.ajv.addFormat('number', /^\d*$/);
     this.validateSchema = this.ajv.compile(validSchema);
     this.logger = new Logger(IdentitiesValidationService.name);
+
   }
 
   public onApplicationBootstrap(): void {
@@ -57,14 +60,15 @@ export class IdentitiesValidationService implements OnApplicationBootstrap {
   }
 
   private resolveConfigPath(key: string): string | null {
-    const hardConfigPath = `./src/management/identities/validations/_config/${key}.yml`;
+    //lecture deja dans le repertoire /validation pour les schemas non modifiables
+    const hardConfigPath = `./validation/${key}.yml`;
     const dynamicConfigPath = `./configs/identities/validations/${key}.yml`;
-    if (existsSync(dynamicConfigPath)) {
-      return dynamicConfigPath;
-    }
     if (existsSync(hardConfigPath)) {
       return hardConfigPath;
     }
+    if (existsSync(dynamicConfigPath)) {
+      return dynamicConfigPath;
+    }
     return null;
   }
 
@@ -309,7 +313,23 @@ export class IdentitiesValidationService implements OnApplicationBootstrap {
       throw new BadRequestException('schema for ' + key + ' does not exist');
     }
     const schema: any = parse(readFileSync(path, 'utf8'));
-
+    // mise de min length et minItems dans les champs requis
+    if (schema.hasOwnProperty('required')) {
+      for (const required of schema['required']) {
+        switch(schema['properties'][required]['type']){
+          case 'array':
+            if (!schema['properties'][required]['minItems']){
+              schema['properties'][required]['minItems']=1
+            }
+            break;
+          case 'string':
+            if (!schema['properties'][required]['minLength']){
+              schema['properties'][required]['minLength']=1
+            }
+            break;
+        }
+      }
+    }
     for (const [index, def] of Object.entries(schema?.properties || {})) {
       if (typeof data[key][index] === 'undefined' || data[key][index] === null) {
         switch ((def as any).type) {
@@ -342,6 +362,7 @@ export class IdentitiesValidationService implements OnApplicationBootstrap {
     const ok = await this.ajv.validate(schema, data[key]);
     if (ok === false) {
       const retErrors = {};
+      await this.translateAjv(this.ajv.errors)
       for (const err of this.ajv.errors) {
         retErrors[err['instancePath'].substring(1)] = err['instancePath'].substring(1) + ' ' + err['message']
       }
@@ -409,9 +430,9 @@ export class IdentitiesValidationService implements OnApplicationBootstrap {
     this.logger.debug(['findOne', JSON.stringify(Object.values(arguments))].join(' '));
     let filePath = '';
     if (schema === 'inetorgperson') {
-      filePath = './validation/inetorgperson.json';
+      filePath = './validation/inetorgperson.yml';
       if (!existsSync(filePath)) {
-        const message = `File not found /validation/inetorgperson.json`;
+        const message = `File not found /validation/inetorgperson.yml`;
         throw new ValidationConfigException({ message });
       }
     } else {
@@ -423,4 +444,15 @@ export class IdentitiesValidationService implements OnApplicationBootstrap {
     }
     return parse(readFileSync(filePath, 'utf-8'));
   }
+  private async translateAjv(messages){
+    switch(this.config.get('application.lang')){
+      case 'en':
+        break
+      case 'fr':
+      case 'fr_FR.UTF-8':
+      case 'fr_FR':
+        localize.fr(messages)
+        break
+    }
+  }
 }