mirror of
https://github.com/OneUptime/oneuptime.git
synced 2026-01-16 23:00:51 +00:00
482 lines
12 KiB
TypeScript
482 lines
12 KiB
TypeScript
import Project from "./Project";
|
|
import Team from "./Team";
|
|
import User from "./User";
|
|
import BaseModel from "./DatabaseBaseModel/DatabaseBaseModel";
|
|
import Route from "../../Types/API/Route";
|
|
import { PlanType } from "../../Types/Billing/SubscriptionPlan";
|
|
import ColumnAccessControl from "../../Types/Database/AccessControl/ColumnAccessControl";
|
|
import TableAccessControl from "../../Types/Database/AccessControl/TableAccessControl";
|
|
import TableBillingAccessControl from "../../Types/Database/AccessControl/TableBillingAccessControl";
|
|
import ColumnLength from "../../Types/Database/ColumnLength";
|
|
import ColumnType from "../../Types/Database/ColumnType";
|
|
import CrudApiEndpoint from "../../Types/Database/CrudApiEndpoint";
|
|
import TableColumn from "../../Types/Database/TableColumn";
|
|
import TableColumnType from "../../Types/Database/TableColumnType";
|
|
import TableMetadata from "../../Types/Database/TableMetadata";
|
|
import TenantColumn from "../../Types/Database/TenantColumn";
|
|
import UniqueColumnBy from "../../Types/Database/UniqueColumnBy";
|
|
import IconProp from "../../Types/Icon/IconProp";
|
|
import ObjectID from "../../Types/ObjectID";
|
|
import Permission from "../../Types/Permission";
|
|
import {
|
|
Column,
|
|
Entity,
|
|
Index,
|
|
JoinColumn,
|
|
JoinTable,
|
|
ManyToMany,
|
|
ManyToOne,
|
|
} from "typeorm";
|
|
|
|
@TableBillingAccessControl({
|
|
create: PlanType.Scale,
|
|
read: PlanType.Scale,
|
|
update: PlanType.Scale,
|
|
delete: PlanType.Scale,
|
|
})
|
|
@TenantColumn("projectId")
|
|
@TableAccessControl({
|
|
create: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.CreateProjectSSO,
|
|
],
|
|
read: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.ProjectMember,
|
|
Permission.ReadProjectSSO,
|
|
],
|
|
delete: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.DeleteProjectSSO,
|
|
],
|
|
update: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.EditProjectSSO,
|
|
],
|
|
})
|
|
@CrudApiEndpoint(new Route("/project-scim"))
|
|
@TableMetadata({
|
|
tableName: "ProjectSCIM",
|
|
singularName: "SCIM",
|
|
pluralName: "SCIM",
|
|
icon: IconProp.Lock,
|
|
tableDescription: "Manage SCIM auto-provisioning for your project",
|
|
})
|
|
@Entity({
|
|
name: "ProjectSCIM",
|
|
})
|
|
export default class ProjectSCIM extends BaseModel {
|
|
@ColumnAccessControl({
|
|
create: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.CreateProjectSSO,
|
|
],
|
|
read: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.ProjectMember,
|
|
Permission.ReadProjectSSO,
|
|
],
|
|
update: [],
|
|
})
|
|
@TableColumn({
|
|
manyToOneRelationColumn: "projectId",
|
|
type: TableColumnType.Entity,
|
|
modelType: Project,
|
|
title: "Project",
|
|
description: "Relation to Project Resource in which this object belongs",
|
|
})
|
|
@ManyToOne(
|
|
() => {
|
|
return Project;
|
|
},
|
|
{
|
|
eager: false,
|
|
nullable: true,
|
|
onDelete: "CASCADE",
|
|
orphanedRowAction: "nullify",
|
|
},
|
|
)
|
|
@JoinColumn({ name: "projectId" })
|
|
public project?: Project = undefined;
|
|
|
|
@ColumnAccessControl({
|
|
create: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.CreateProjectSSO,
|
|
],
|
|
read: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.ProjectMember,
|
|
Permission.ReadProjectSSO,
|
|
],
|
|
update: [],
|
|
})
|
|
@Index()
|
|
@TableColumn({
|
|
type: TableColumnType.ObjectID,
|
|
required: true,
|
|
canReadOnRelationQuery: true,
|
|
title: "Project ID",
|
|
description: "ID of your OneUptime Project in which this object belongs",
|
|
})
|
|
@Column({
|
|
type: ColumnType.ObjectID,
|
|
nullable: false,
|
|
transformer: ObjectID.getDatabaseTransformer(),
|
|
})
|
|
public projectId?: ObjectID = undefined;
|
|
|
|
@ColumnAccessControl({
|
|
create: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.CreateProjectSSO,
|
|
],
|
|
read: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.ProjectMember,
|
|
Permission.ReadProjectSSO,
|
|
],
|
|
update: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.EditProjectSSO,
|
|
],
|
|
})
|
|
@TableColumn({
|
|
required: true,
|
|
type: TableColumnType.ShortText,
|
|
canReadOnRelationQuery: true,
|
|
title: "Name",
|
|
description: "Any friendly name for this SCIM configuration",
|
|
})
|
|
@Column({
|
|
nullable: false,
|
|
type: ColumnType.ShortText,
|
|
length: ColumnLength.ShortText,
|
|
})
|
|
@UniqueColumnBy("projectId")
|
|
public name?: string = undefined;
|
|
|
|
@ColumnAccessControl({
|
|
create: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.CreateProjectSSO,
|
|
],
|
|
read: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.ProjectMember,
|
|
Permission.ReadProjectSSO,
|
|
],
|
|
update: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.EditProjectSSO,
|
|
],
|
|
})
|
|
@TableColumn({
|
|
required: false,
|
|
type: TableColumnType.LongText,
|
|
title: "Description",
|
|
description: "Friendly description to help you remember",
|
|
})
|
|
@Column({
|
|
nullable: true,
|
|
type: ColumnType.LongText,
|
|
length: ColumnLength.LongText,
|
|
})
|
|
public description?: string = undefined;
|
|
|
|
@ColumnAccessControl({
|
|
create: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.CreateProjectSSO,
|
|
],
|
|
read: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.ReadProjectSSO,
|
|
],
|
|
update: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.EditProjectSSO,
|
|
],
|
|
})
|
|
@TableColumn({
|
|
required: true,
|
|
type: TableColumnType.LongText,
|
|
title: "Bearer Token",
|
|
description: "Bearer token for SCIM authentication. Keep this secure.",
|
|
})
|
|
@Column({
|
|
nullable: false,
|
|
type: ColumnType.LongText,
|
|
length: ColumnLength.LongText,
|
|
})
|
|
public bearerToken?: string = undefined;
|
|
|
|
@ColumnAccessControl({
|
|
create: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.CreateProjectSSO,
|
|
],
|
|
read: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.ProjectMember,
|
|
Permission.ReadProjectSSO,
|
|
],
|
|
update: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.EditProjectSSO,
|
|
],
|
|
})
|
|
@TableColumn({
|
|
required: false,
|
|
type: TableColumnType.EntityArray,
|
|
modelType: Team,
|
|
title: "Default Teams",
|
|
description: "Default teams that new users will be added to via SCIM",
|
|
})
|
|
@ManyToMany(
|
|
() => {
|
|
return Team;
|
|
},
|
|
{ eager: false },
|
|
)
|
|
@JoinTable({
|
|
name: "ProjectScimTeam",
|
|
inverseJoinColumn: {
|
|
name: "teamId",
|
|
referencedColumnName: "_id",
|
|
},
|
|
joinColumn: {
|
|
name: "projectScimId",
|
|
referencedColumnName: "_id",
|
|
},
|
|
})
|
|
public teams?: Array<Team> = undefined;
|
|
|
|
@ColumnAccessControl({
|
|
create: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.CreateProjectSSO,
|
|
],
|
|
read: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.ProjectMember,
|
|
Permission.ReadProjectSSO,
|
|
],
|
|
update: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.EditProjectSSO,
|
|
],
|
|
})
|
|
@TableColumn({
|
|
isDefaultValueColumn: true,
|
|
type: TableColumnType.Boolean,
|
|
title: "Auto Provision Users",
|
|
description: "Automatically create users when they are added via SCIM",
|
|
defaultValue: true,
|
|
})
|
|
@Column({
|
|
type: ColumnType.Boolean,
|
|
default: true,
|
|
})
|
|
public autoProvisionUsers?: boolean = undefined;
|
|
|
|
@ColumnAccessControl({
|
|
create: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.CreateProjectSSO,
|
|
],
|
|
read: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.ProjectMember,
|
|
Permission.ReadProjectSSO,
|
|
],
|
|
update: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.EditProjectSSO,
|
|
],
|
|
})
|
|
@TableColumn({
|
|
isDefaultValueColumn: true,
|
|
type: TableColumnType.Boolean,
|
|
title: "Auto Deprovision Users",
|
|
description: "Automatically remove users when they are removed via SCIM",
|
|
defaultValue: true,
|
|
})
|
|
@Column({
|
|
type: ColumnType.Boolean,
|
|
default: true,
|
|
})
|
|
public autoDeprovisionUsers?: boolean = undefined;
|
|
|
|
@ColumnAccessControl({
|
|
create: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.CreateProjectSSO,
|
|
],
|
|
read: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.ProjectMember,
|
|
Permission.ReadProjectSSO,
|
|
],
|
|
update: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.EditProjectSSO,
|
|
],
|
|
})
|
|
@TableColumn({
|
|
isDefaultValueColumn: true,
|
|
type: TableColumnType.Boolean,
|
|
title: "Enable Push Groups",
|
|
description: "Enable push groups provisioning instead of default teams",
|
|
defaultValue: false,
|
|
})
|
|
@Column({
|
|
type: ColumnType.Boolean,
|
|
default: false,
|
|
})
|
|
public enablePushGroups?: boolean = undefined;
|
|
|
|
@ColumnAccessControl({
|
|
create: [],
|
|
read: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.ProjectMember,
|
|
Permission.ReadProjectSSO,
|
|
],
|
|
update: [],
|
|
})
|
|
@TableColumn({
|
|
manyToOneRelationColumn: "createdByUserId",
|
|
type: TableColumnType.Entity,
|
|
modelType: User,
|
|
title: "Created by User",
|
|
description:
|
|
"Relation to User who created this object (if this object was created by a User)",
|
|
})
|
|
@ManyToOne(
|
|
() => {
|
|
return User;
|
|
},
|
|
{
|
|
eager: false,
|
|
nullable: true,
|
|
onDelete: "SET NULL",
|
|
orphanedRowAction: "nullify",
|
|
},
|
|
)
|
|
@JoinColumn({ name: "createdByUserId" })
|
|
public createdByUser?: User = undefined;
|
|
|
|
@ColumnAccessControl({
|
|
create: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.CreateProjectSSO,
|
|
],
|
|
read: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.ProjectMember,
|
|
Permission.ReadProjectSSO,
|
|
],
|
|
update: [],
|
|
})
|
|
@TableColumn({
|
|
type: TableColumnType.ObjectID,
|
|
title: "Created by User ID",
|
|
description:
|
|
"User ID who created this object (if this object was created by a User)",
|
|
})
|
|
@Column({
|
|
type: ColumnType.ObjectID,
|
|
nullable: true,
|
|
transformer: ObjectID.getDatabaseTransformer(),
|
|
})
|
|
public createdByUserId?: ObjectID = undefined;
|
|
|
|
@ColumnAccessControl({
|
|
create: [],
|
|
read: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.ProjectMember,
|
|
Permission.ReadProjectSSO,
|
|
],
|
|
update: [],
|
|
})
|
|
@TableColumn({
|
|
manyToOneRelationColumn: "deletedByUserId",
|
|
type: TableColumnType.Entity,
|
|
modelType: User,
|
|
title: "Deleted by User",
|
|
description:
|
|
"Relation to User who deleted this object (if this object was deleted by a User)",
|
|
})
|
|
@ManyToOne(
|
|
() => {
|
|
return User;
|
|
},
|
|
{
|
|
cascade: false,
|
|
eager: false,
|
|
nullable: true,
|
|
onDelete: "SET NULL",
|
|
orphanedRowAction: "nullify",
|
|
},
|
|
)
|
|
@JoinColumn({ name: "deletedByUserId" })
|
|
public deletedByUser?: User = undefined;
|
|
|
|
@ColumnAccessControl({
|
|
create: [],
|
|
read: [
|
|
Permission.ProjectOwner,
|
|
Permission.ProjectAdmin,
|
|
Permission.ProjectMember,
|
|
Permission.ReadProjectSSO,
|
|
],
|
|
update: [],
|
|
})
|
|
@TableColumn({
|
|
type: TableColumnType.ObjectID,
|
|
title: "Deleted by User ID",
|
|
description:
|
|
"User ID who deleted this object (if this object was deleted by a User)",
|
|
})
|
|
@Column({
|
|
type: ColumnType.ObjectID,
|
|
nullable: true,
|
|
transformer: ObjectID.getDatabaseTransformer(),
|
|
})
|
|
public deletedByUserId?: ObjectID = undefined;
|
|
}
|