bug fictadvisor#248: made permissions global for FE and BE

- permissions enum is now in a shared utils package
- changed FE and BE dockerfiles to build shared packages
- changed docker container execution context in github workflows
- fixed the bug with group page not displaying
- fixed test user's permissions on dev

closes fictadvisor#248

.dockerignore

@@ -0,0 +1,4 @@
+/node_modules
+
+.idea/
+.turbo/

.github/workflows/build-back.yml

@@ -46,5 +46,6 @@ jobs:
       - name: Build and push app Docker image
         uses: docker/build-push-action@v2
         with:
-          context: ./fictadvisor-api
+          context: .
+          file: ./fictadvisor-api/Dockerfile
           tags: fictadvisor/fictadvisor-api

.github/workflows/build-front.yml

@@ -24,7 +24,8 @@ jobs:
       - name: Build and push app Docker image
         uses: docker/build-push-action@v2
         with:
-          context: ./fictadvisor-web
+          context: .
+          file: ./fictadvisor-web/Dockerfile
           build-args:
             NODE_ENV=${{ github.ref_name == 'master' && 'production' || 'development' }}
           tags: fictadvisor/fictadvisor-web

.github/workflows/deploy-back.yml

@@ -50,6 +50,7 @@ jobs:
       - name: Build and push app Docker image
         uses: docker/build-push-action@v2
         with:
-          context: ./fictadvisor-api
+          context: .
+          file: ./fictadvisor-api/Dockerfile
           push: true
           tags: fictadvisor/fictadvisor-api:${{ github.ref_name }}

.github/workflows/deploy-front.yml

@@ -24,7 +24,8 @@ jobs:
       - name: Build and push app Docker image
         uses: docker/build-push-action@v2
         with:
-          context: ./fictadvisor-web
+          context: .
+          file: ./fictadvisor-web/Dockerfile
           push: true
           build-args:
             NODE_ENV=${{ github.ref_name == 'master' && 'production' || 'development' }}

.gitignore

@@ -3,3 +3,4 @@
 .turbo
 /env/postgres-dev.env
 /env/postgres.env
+./out

fictadvisor-api/Dockerfile

@@ -2,22 +2,37 @@
 # BUILD FOR PRODUCTION
 ###################
 
-FROM node:18-alpine3.17 as build
+FROM node:18-alpine3.17 as pruner
 
 WORKDIR /app
 
-COPY . ./
+COPY . .
+
+RUN npm i -g turbo && \
+    turbo prune api --docker
+
+
+FROM node:18-alpine3.17 as builder
+
+WORKDIR /app
+
+COPY --from=pruner ./app/out/full/ ./
+COPY --from=pruner ./app/out/yarn.lock ./
+
+RUN npm install && \
+    npx prisma generate --schema ./fictadvisor-api/prisma/schema.prisma && \
+    npx turbo build --filter api && \
+    npm prune --prod && \
+    rm -rf ./fictadvisor-api/src && \
+    rm -rf ./fictadvisor-api/prisma && \
+    rm -rf ./utils/src && \
+    mv ./fictadvisor-api/dist/* ./fictadvisor-api && \
+    rm -rf dist && \
+    mv -T fictadvisor-api/src fictadvisor-api/dist && \
+    mv ./fictadvisor-api/email . && \
+    mkdir ./static && \
+    mkdir ./private
 
-RUN yarn install --prod && \
-    yarn add @vercel/ncc && \
-    yarn ncc build src/main.ts -o dist && \
-    mv dist/client/* dist && \
-    mkdir dist/static && \
-    mkdir dist/private && \
-    mkdir dist/swagger && \
-    cp node_modules/swagger-ui-dist/swagger-ui* dist/swagger && \
-    mkdir -p dist/email/templates && \
-    cp email/templates/template.hbs dist/email/templates
 
 ###################
 # PRODUCTION
@@ -32,7 +47,7 @@ RUN apk --no-cache add -U \
     nodejs~18 \
     dumb-init
 
-COPY --from=build /app/dist/ ./
+COPY --from=builder /app ./
 
-CMD [ "dumb-init", "node", "index.js" ]
+CMD [ "dumb-init", "node", "./fictadvisor-api/dist/main.js" ]
 

fictadvisor-api/package.json

@@ -5,6 +5,7 @@
   "author": "",
   "private": true,
   "license": "UNLICENSED",
+  "packageManager": "[email protected]",
   "prisma": {
     "seed": "ts-node prisma/seed.ts"
   },
@@ -33,6 +34,7 @@
     "migrate:dev": "dotenv -e .development.env -- npx prisma migrate dev"
   },
   "dependencies": {
+    "@fictadvisor/utils": "*",
     "@nestjs-modules/mailer": "^1.8.1",
     "@nestjs/common": "^9.2.1",
     "@nestjs/config": "^2.2.0",

fictadvisor-api/src/main.ts

@@ -6,7 +6,7 @@ import { HttpExceptionFilter, validationExceptionFactory } from './v2/security/e
 import { NestExpressApplication } from '@nestjs/platform-express';
 import { applyStaticMiddleware } from './v2/utils/StaticUtil';
 import { DocumentBuilder, SwaggerModule } from '@nestjs/swagger';
-import { join } from 'path';
+import { join, resolve } from 'path';
 
 (BigInt.prototype as any).toJSON = function () {
   const int = Number.parseInt(this.toString());
@@ -46,13 +46,7 @@ async function bootstrap () {
   const document = SwaggerModule.createDocument(app, config);
   SwaggerModule.setup('api', app, document);
 
-  if (process.env.NODE_ENV === 'production') {
-    app.useStaticAssets(join(__dirname, '/swagger'), {
-      prefix: '/api',
-    });
-  }
-
-  app.useStaticAssets(join(__dirname, '/static/'));
+  app.useStaticAssets(join(resolve(), '/static/'));
 
   await app.listen(port);
 

fictadvisor-api/src/v2/api/controllers/CathedraController.ts

@@ -9,7 +9,7 @@ import {
 } from '@nestjs/swagger';
 import { ApiEndpoint } from '../../utils/documentation/decorators';
 import { Body, Controller, Delete, Param, Patch, Post, Get, Query } from '@nestjs/common';
-import { PERMISSION } from '../../security/PERMISSION';
+import { PERMISSION } from '@fictadvisor/utils/security';
 import { CathedraService } from '../services/CathedraService';
 import { CathedraMapper } from '../../mappers/CathedraMapper';
 import { CathedraByIdPipe } from '../pipes/CathedraByIdPipe';

fictadvisor-api/src/v2/api/controllers/DisciplineController.ts

@@ -3,7 +3,7 @@ import { DisciplineService } from '../services/DisciplineService';
 import { CreateDisciplineDTO } from '../dtos/CreateDisciplineDTO';
 import { GroupByDisciplineGuard } from '../../security/group-guard/GroupByDisciplineGuard';
 import { Access } from 'src/v2/security/Access';
-import { PERMISSION } from '../../security/PERMISSION';
+import { PERMISSION } from '@fictadvisor/utils/security';
 import {
   ApiBadRequestResponse,
   ApiBearerAuth,

fictadvisor-api/src/v2/api/controllers/DisciplineTeacherController.ts

@@ -3,7 +3,7 @@ import { DisciplineTeacherService } from '../services/DisciplineTeacherService';
 import { CreateAnswersDTO, CreateAnswersWithUserIdDTO } from '../dtos/CreateAnswersDTO';
 import { GroupByDisciplineTeacherGuard } from 'src/v2/security/group-guard/GroupByDisciplineTeacherGuard';
 import { Access } from 'src/v2/security/Access';
-import { PERMISSION } from '../../security/PERMISSION';
+import { PERMISSION } from '@fictadvisor/utils/security';
 import { DisciplineTeacherByIdPipe } from '../pipes/DisciplineTeacherByIdPipe';
 import { TelegramGuard } from '../../security/TelegramGuard';
 import { ResponseDTO } from '../dtos/ResponseDTO';

fictadvisor-api/src/v2/api/controllers/EntrantController.ts

@@ -3,7 +3,7 @@ import { CreateContractDTO } from '../dtos/CreateContractDTO';
 import { Actions, EntrantService } from '../services/EntrantService';
 import { EntrantMapper } from '../../mappers/EntrantMapper';
 import { Access } from '../../security/Access';
-import { PERMISSION } from '../../security/PERMISSION';
+import { PERMISSION } from '@fictadvisor/utils/security';
 import {
   ApiBadRequestResponse,
   ApiBearerAuth,

fictadvisor-api/src/v2/api/controllers/GroupController.ts

@@ -7,7 +7,7 @@ import { ApproveDTO } from '../dtos/ApproveDTO';
 import { RoleDTO } from '../dtos/RoleDTO';
 import { UserByIdPipe } from '../pipes/UserByIdPipe';
 import { UpdateGroupDTO } from '../dtos/UpdateGroupDTO';
-import { PERMISSION } from '../../security/PERMISSION';
+import { PERMISSION } from '@fictadvisor/utils/security';
 import { StudentMapper } from '../../mappers/StudentMapper';
 import { AbsenceOfCaptainException } from '../../utils/exceptions/AbsenceOfCaptainException';
 import { GroupMapper } from '../../mappers/GroupMapper';

fictadvisor-api/src/v2/api/controllers/PageTextController.ts

@@ -1,5 +1,5 @@
 import { Body, Controller, Get, Patch, Post, Query } from '@nestjs/common';
-import { PERMISSION } from '../../security/PERMISSION';
+import { PERMISSION } from '@fictadvisor/utils/security';
 import {
   ApiBadRequestResponse,
   ApiBearerAuth,

fictadvisor-api/src/v2/api/controllers/PollController.ts

@@ -1,6 +1,6 @@
 import { Body, Controller, Delete, Get, Patch, Param, Post, Query } from '@nestjs/common';
 import { PollService } from '../services/PollService';
-import { PERMISSION } from '../../security/PERMISSION';
+import { PERMISSION } from '@fictadvisor/utils/security';
 import { QuestionByIdPipe } from '../pipes/QuestionByIdPipe';
 import { QuestionByRoleAndIdPipe } from '../pipes/QuestionByRoleAndIdPipe';
 import { UserByIdPipe } from '../pipes/UserByIdPipe';

fictadvisor-api/src/v2/api/controllers/ResourceController.ts

@@ -3,7 +3,7 @@ import { ResourceService } from '../services/ResourceService';
 import { ResourceByIdPipe } from '../pipes/ResourceByIdPipe';
 import { CreateResourceDTO } from '../dtos/CreateResourceDTO';
 import { UpdateResourceDTO } from '../dtos/UpdateResourceDTO';
-import { PERMISSION } from '../../security/PERMISSION';
+import { PERMISSION } from '@fictadvisor/utils/security';
 import {
   ApiBadRequestResponse,
   ApiBearerAuth,

fictadvisor-api/src/v2/api/controllers/RoleController.ts

@@ -21,7 +21,7 @@ import {
 import { RoleService } from '../services/RoleService';
 import { GrantMapper } from '../../mappers/GrantMapper';
 import { RoleMapper } from '../../mappers/RoleMapper';
-import { PERMISSION } from '../../security/PERMISSION';
+import { PERMISSION } from '@fictadvisor/utils/security';
 import { ApiEndpoint } from '../../utils/documentation/decorators';
 import { BaseRoleResponse, RoleResponse } from '../responses/RoleResponse';
 import { RolesResponse } from '../responses/RolesResponse';

fictadvisor-api/src/v2/api/controllers/ScheduleController.ts

@@ -14,7 +14,7 @@ import { ScheduleService } from '../services/ScheduleService';
 import { GroupByIdPipe } from '../pipes/GroupByIdPipe';
 import { ScheduleMapper } from '../../mappers/ScheduleMapper';
 import { Access } from '../../security/Access';
-import { PERMISSION } from '../../security/PERMISSION';
+import { PERMISSION } from '@fictadvisor/utils/security';
 import {
   ApiBadRequestResponse,
   ApiBearerAuth,

fictadvisor-api/src/v2/api/controllers/StudentController.ts

@@ -11,7 +11,7 @@ import { StudentMapper } from '../../mappers/StudentMapper';
 import { StudentService } from '../services/StudentService';
 import { AllStudentsPipe } from '../pipes/AllStudentsPipe';
 import { ApiEndpoint } from '../../utils/documentation/decorators';
-import { PERMISSION } from '../../security/PERMISSION';
+import { PERMISSION } from '@fictadvisor/utils/security';
 import {
   FullStudentResponse,
   SimpleStudentResponse,

fictadvisor-api/src/v2/api/controllers/SubjectController.ts

@@ -3,7 +3,7 @@ import { SubjectService } from '../services/SubjectService';
 import { SubjectByIdPipe } from '../pipes/SubjectByIdPipe';
 import { QueryAllSubjectDTO } from '../dtos/QueryAllSubjectDTO';
 import { Access } from 'src/v2/security/Access';
-import { PERMISSION } from '../../security/PERMISSION';
+import { PERMISSION } from '@fictadvisor/utils/security';
 import { SubjectMapper } from '../../mappers/SubjectMapper';
 import { CreateSubjectDTO } from '../dtos/CreateSubjectDTO';
 import { UpdateSubjectDTO } from '../dtos/UpdateSubjectDTO';

fictadvisor-api/src/v2/api/controllers/TeacherController.ts

@@ -7,7 +7,7 @@ import { UpdateTeacherDTO } from '../dtos/UpdateTeacherDTO';
 import { CreateContactDTO } from '../dtos/CreateContactDTO';
 import { UpdateContactDTO } from '../dtos/UpdateContactDTO';
 import { Access } from 'src/v2/security/Access';
-import { PERMISSION } from '../../security/PERMISSION';
+import { PERMISSION } from '@fictadvisor/utils/security';
 import { TeacherByIdPipe } from '../pipes/TeacherByIdPipe';
 import { ContactByNamePipe } from '../pipes/ContactByNamePipe';
 import { SubjectByIdPipe } from '../pipes/SubjectByIdPipe';

fictadvisor-api/src/v2/api/controllers/UserController.ts

@@ -11,7 +11,7 @@ import { UpdateUserDTO } from '../dtos/UpdateUserDTO';
 import { UpdateStudentDTO } from '../dtos/UpdateStudentDTO';
 import { ContactByUserIdPipe } from '../pipes/ContactByUserIdPipe';
 import { GroupRequestDTO } from '../dtos/GroupRequestDTO';
-import { PERMISSION } from '../../security/PERMISSION';
+import { PERMISSION } from '@fictadvisor/utils/security';
 import { TelegramDTO } from '../dtos/TelegramDTO';
 import { UserMapper } from '../../mappers/UserMapper';
 import { AvatarValidationPipe } from '../pipes/AvatarValidationPipe';

fictadvisor-api/src/v2/api/dtos/CheckPermissionsDTO.ts

@@ -1,6 +1,6 @@
 import { IsArray, IsEnum, IsObject, IsOptional } from 'class-validator';
 import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger';
-import { PERMISSION } from '../../security/PERMISSION';
+import { PERMISSION } from '@fictadvisor/utils/security';
 
 export class CheckPermissionsDTO {
     @ApiProperty({

fictadvisor-api/src/v2/api/services/PermissionService.ispec.ts

@@ -4,7 +4,7 @@ import { MapperModule } from '../../modules/MapperModule';
 import { State } from '@prisma/client';
 import { PrismaService } from '../../database/PrismaService';
 import { PermissionService } from './PermissionService';
-import { PERMISSION } from '../../security/PERMISSION';
+import { PERMISSION } from '@fictadvisor/utils/security';
 import { DataNotFoundException } from '../../utils/exceptions/DataNotFoundException';
 
 describe('PermissionService', () => {

fictadvisor-api/src/v2/utils/documentation/decorators.ts

@@ -1,6 +1,6 @@
 import { applyDecorators, UseGuards } from '@nestjs/common';
 import { ApiOperation } from '@nestjs/swagger';
-import { PERMISSION } from '../../security/PERMISSION';
+import { PERMISSION } from '@fictadvisor/utils/security';
 import { JwtGuard } from '../../security/JwtGuard';
 import { PermissionGuard } from '../../security/permission-guard/PermissionGuard';
 import { Permissions } from '../../security/permission-guard/Permissions';

fictadvisor-api/src/v2/utils/files/FileService.ts

@@ -1,7 +1,7 @@
 import { Injectable } from '@nestjs/common';
 import { Express } from 'express';
 import { createHash } from 'crypto';
-import { join, extname } from 'path';
+import { join, extname, resolve as pathResolve } from 'path';
 import { resolve } from 'url';
 import PizZip from 'pizzip';
 import Docxtemplater from 'docxtemplater';
@@ -16,7 +16,7 @@ import { MINUTE } from '../date/DateService';
 export class FileService {
   async saveByHash (file: Express.Multer.File, directory: string) {
     const fileName = createHash('md5').update(file.buffer).digest('hex');
-    const filePath = join(__dirname, 'static', directory, fileName + extname(file.originalname));
+    const filePath = join(pathResolve(), 'static', directory, fileName + extname(file.originalname));
 
     await fs.promises.writeFile(filePath, file.buffer);
 
@@ -29,22 +29,22 @@ export class FileService {
   }
 
   checkFileExist (path: string, isPrivate = true): boolean {
-    const filePath = join(__dirname, isPrivate ? 'private' : 'static', path);
+    const filePath = join(pathResolve(), isPrivate ? 'private' : 'static', path);
     return fs.existsSync(filePath);
   }
 
   async deleteFile (path: string, isPrivate = true) {
-    const filePath = join(__dirname, isPrivate ? 'private' : 'static', path);
+    const filePath = join(pathResolve(), isPrivate ? 'private' : 'static', path);
     await fs.promises.unlink(filePath);
   }
 
   getFileContent (path: string, isPrivate = true) {
-    const filePath = join(__dirname, isPrivate ? 'private' : 'static', path);
+    const filePath = join(pathResolve(), isPrivate ? 'private' : 'static', path);
     return fs.readFileSync(filePath, 'utf-8');
   }
 
   fillTemplate (fileName: string, data: object) {
-    const path = join(__dirname, 'private/templates', fileName);
+    const path = join(pathResolve(), 'private/templates', fileName);
     const zip = new PizZip(fs.readFileSync(path, 'binary'));
 
     const doc = new Docxtemplater(zip, {
@@ -62,7 +62,7 @@ export class FileService {
 
   generateGroupList (students: StudentWithContactsData[]) {
     const fileName = `${v4()}.csv`;
-    const path = join(__dirname, 'static', 'lists', fileName);
+    const path = join(pathResolve(), 'static', 'lists', fileName);
 
     let result = 'lastName,firstName,middleName,email,telegram,github,instagram,facebook,twitter,discord,youtube,mail';
     for (const student of students) {