ghostfolio/apps/api/src/app/user/user.service.ts

import { SubscriptionService } from '@ghostfolio/api/app/subscription/subscription.service';
import { ConfigurationService } from '@ghostfolio/api/services/configuration.service';
import { PrismaService } from '@ghostfolio/api/services/prisma.service';
import { baseCurrency, locale } from '@ghostfolio/common/config';
import { User as IUser, UserWithSettings } from '@ghostfolio/common/interfaces';
import { getPermissions, permissions } from '@ghostfolio/common/permissions';
import { SubscriptionType } from '@ghostfolio/common/types/subscription.type';
import { Injectable } from '@nestjs/common';
import { Prisma, Provider, User, ViewMode } from '@prisma/client';

import { UserSettingsParams } from './interfaces/user-settings-params.interface';
import { UserSettings } from './interfaces/user-settings.interface';

const crypto = require('crypto');

@Injectable()
export class UserService {
  public static DEFAULT_CURRENCY = 'USD';

  public constructor(
    private readonly configurationService: ConfigurationService,
    private readonly prismaService: PrismaService,
    private readonly subscriptionService: SubscriptionService
  ) {}

  public async getUser({
    Account,
    alias,
    id,
    permissions,
    Settings,
    subscription
  }: UserWithSettings): Promise<IUser> {
    const access = await this.prismaService.access.findMany({
      include: {
        User: true
      },
      orderBy: { User: { alias: 'asc' } },
      where: { GranteeUser: { id } }
    });

    return {
      alias,
      id,
      permissions,
      subscription,
      access: access.map((accessItem) => {
        return {
          alias: accessItem.User.alias,
          id: accessItem.id
        };
      }),
      accounts: Account,
      settings: {
        ...(<UserSettings>Settings.settings),
        locale,
        baseCurrency: Settings?.currency ?? UserService.DEFAULT_CURRENCY,
        viewMode: Settings?.viewMode ?? ViewMode.DEFAULT
      }
    };
  }

  public isRestrictedView(aUser: UserWithSettings) {
    return (aUser.Settings.settings as UserSettings)?.isRestrictedView ?? false;
  }

  public async user(
    userWhereUniqueInput: Prisma.UserWhereUniqueInput
  ): Promise<UserWithSettings | null> {
    const userFromDatabase = await this.prismaService.user.findUnique({
      include: { Account: true, Settings: true, Subscription: true },
      where: userWhereUniqueInput
    });

    const user: UserWithSettings = userFromDatabase;

    const currentPermissions = getPermissions(userFromDatabase.role);

    if (this.configurationService.get('ENABLE_FEATURE_FEAR_AND_GREED_INDEX')) {
      currentPermissions.push(permissions.accessFearAndGreedIndex);
    }

    user.permissions = currentPermissions;

    if (userFromDatabase?.Settings) {
      if (!userFromDatabase.Settings.currency) {
        // Set default currency if needed
        userFromDatabase.Settings.currency = UserService.DEFAULT_CURRENCY;
      }
    } else if (userFromDatabase) {
      // Set default settings if needed
      userFromDatabase.Settings = {
        currency: UserService.DEFAULT_CURRENCY,
        settings: null,
        updatedAt: new Date(),
        userId: userFromDatabase?.id,
        viewMode: ViewMode.DEFAULT
      };
    }

    if (this.configurationService.get('ENABLE_FEATURE_SUBSCRIPTION')) {
      user.subscription = this.subscriptionService.getSubscription(
        userFromDatabase?.Subscription
      );

      if (user.subscription.type === SubscriptionType.Basic) {
        user.permissions = user.permissions.filter((permission) => {
          return permission !== permissions.updateViewMode;
        });
        user.Settings.viewMode = ViewMode.ZEN;
      }
    }

    return user;
  }

  public async users(params: {
    skip?: number;
    take?: number;
    cursor?: Prisma.UserWhereUniqueInput;
    where?: Prisma.UserWhereInput;
    orderBy?: Prisma.UserOrderByWithRelationInput;
  }): Promise<User[]> {
    const { skip, take, cursor, where, orderBy } = params;
    return this.prismaService.user.findMany({
      skip,
      take,
      cursor,
      where,
      orderBy
    });
  }

  public createAccessToken(password: string, salt: string): string {
    const hash = crypto.createHmac('sha512', salt);
    hash.update(password);

    return hash.digest('hex');
  }

  public async createUser(data?: Prisma.UserCreateInput): Promise<User> {
    let user = await this.prismaService.user.create({
      data: {
        ...data,
        Account: {
          create: {
            currency: baseCurrency,
            isDefault: true,
            name: 'Default Account'
          }
        },
        Settings: {
          create: {
            currency: baseCurrency
          }
        }
      }
    });

    if (data.provider === Provider.ANONYMOUS) {
      const accessToken = this.createAccessToken(
        user.id,
        this.getRandomString(10)
      );

      const hashedAccessToken = this.createAccessToken(
        accessToken,
        process.env.ACCESS_TOKEN_SALT
      );

      user = await this.prismaService.user.update({
        data: { accessToken: hashedAccessToken },
        where: { id: user.id }
      });

      return { ...user, accessToken };
    }

    return user;
  }

  public async updateUser(params: {
    where: Prisma.UserWhereUniqueInput;
    data: Prisma.UserUpdateInput;
  }): Promise<User> {
    const { where, data } = params;
    return this.prismaService.user.update({
      data,
      where
    });
  }

  public async deleteUser(where: Prisma.UserWhereUniqueInput): Promise<User> {
    await this.prismaService.access.deleteMany({
      where: { OR: [{ granteeUserId: where.id }, { userId: where.id }] }
    });

    await this.prismaService.account.deleteMany({
      where: { userId: where.id }
    });

    await this.prismaService.analytics.delete({
      where: { userId: where.id }
    });

    await this.prismaService.order.deleteMany({
      where: { userId: where.id }
    });

    try {
      await this.prismaService.settings.delete({
        where: { userId: where.id }
      });
    } catch {}

    return this.prismaService.user.delete({
      where
    });
  }

  public async updateUserSetting({
    userId,
    userSettings
  }: {
    userId: string;
    userSettings: UserSettings;
  }) {
    const settings = userSettings as Prisma.JsonObject;

    await this.prismaService.settings.upsert({
      create: {
        settings,
        User: {
          connect: {
            id: userId
          }
        }
      },
      update: {
        settings
      },
      where: {
        userId: userId
      }
    });

    return;
  }

  public async updateUserSettings({
    currency,
    userId,
    viewMode
  }: UserSettingsParams) {
    await this.prismaService.settings.upsert({
      create: {
        currency,
        User: {
          connect: {
            id: userId
          }
        },
        viewMode
      },
      update: {
        currency,
        viewMode
      },
      where: {
        userId: userId
      }
    });

    return;
  }

  private getRandomString(length: number) {
    const characters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
    const result = [];

    for (let i = 0; i < length; i++) {
      result.push(
        characters.charAt(Math.floor(Math.random() * characters.length))
      );
    }
    return result.join('');
  }
}
Feature/add subscription type to the admin user table (#311) * Add the subscription type to the user table in the admin control panel * Update changelog 3 years ago			`import { SubscriptionService } from '@ghostfolio/api/app/subscription/subscription.service';`
Feature/improve imports with paths in tsconfig (#32) * Improve imports 3 years ago			`import { ConfigurationService } from '@ghostfolio/api/services/configuration.service';`
			`import { PrismaService } from '@ghostfolio/api/services/prisma.service';`
Feature/support unlimited currencies (#387) * Support unlimited currencies * Update changelog 3 years ago			`import { baseCurrency, locale } from '@ghostfolio/common/config';`
Introduce @ghostfolio/common lib (#102) 3 years ago			`import { User as IUser, UserWithSettings } from '@ghostfolio/common/interfaces';`
			`import { getPermissions, permissions } from '@ghostfolio/common/permissions';`
Feature/extend pricing page (#130) * Extend pricing page * Feature/align pricing page with subscription model (#135) * Align pricing page with subscription model * Update changelog 3 years ago			`import { SubscriptionType } from '@ghostfolio/common/types/subscription.type';`
Initial commit 4 years ago			`import { Injectable } from '@nestjs/common';`
Feature/support unlimited currencies (#387) * Support unlimited currencies * Update changelog 3 years ago			`import { Prisma, Provider, User, ViewMode } from '@prisma/client';`
Feature/setup subscription with stripe (#178) * Set up stripe for subscriptions * Update permissions and add discount * Update changelog 3 years ago
			`import { UserSettingsParams } from './interfaces/user-settings-params.interface';`
Feature/add restricted view (#295) * Add restricted view * Update changelog 3 years ago			`import { UserSettings } from './interfaces/user-settings.interface';`
Initial commit 4 years ago
			`const crypto = require('crypto');`

			`@Injectable()`
			`export class UserService {`
Feature/support unlimited currencies (#387) * Support unlimited currencies * Update changelog 3 years ago			`public static DEFAULT_CURRENCY = 'USD';`
Initial commit 4 years ago
Simplify initial project setup (#12) * Simplify initial project setup * Added a validation for environment variables * Added support for feature flags to simplify the initial project setup * Add configuration service to test * Optimize data gathering and exchange rate calculation (#14) * Clean up changelog 3 years ago			`public constructor(`
			`private readonly configurationService: ConfigurationService,`
Feature/add subscription type to the admin user table (#311) * Add the subscription type to the user table in the admin control panel * Update changelog 3 years ago			`private readonly prismaService: PrismaService,`
			`private readonly subscriptionService: SubscriptionService`
Simplify initial project setup (#12) * Simplify initial project setup * Added a validation for environment variables * Added support for feature flags to simplify the initial project setup * Add configuration service to test * Optimize data gathering and exchange rate calculation (#14) * Clean up changelog 3 years ago			`) {}`
Initial commit 4 years ago
			`public async getUser({`
Prepare for multi accounts support: store account for new transactions (#46) 3 years ago			`Account,`
Initial commit 4 years ago			`alias,`
			`id,`
Feature/setup subscription with stripe (#178) * Set up stripe for subscriptions * Update permissions and add discount * Update changelog 3 years ago			`permissions,`
Feature/extend pricing page (#130) * Extend pricing page * Feature/align pricing page with subscription model (#135) * Align pricing page with subscription model * Update changelog 3 years ago			`Settings,`
			`subscription`
Initial commit 4 years ago			`}: UserWithSettings): Promise<IUser> {`
Harmonize prisma service (#266) 3 years ago			`const access = await this.prismaService.access.findMany({`
Initial commit 4 years ago			`include: {`
			`User: true`
			`},`
			`orderBy: { User: { alias: 'asc' } },`
			`where: { GranteeUser: { id } }`
			`});`

			`return {`
			`alias,`
			`id,`
Feature/setup subscription with stripe (#178) * Set up stripe for subscriptions * Update permissions and add discount * Update changelog 3 years ago			`permissions,`
Feature/extend pricing page (#130) * Extend pricing page * Feature/align pricing page with subscription model (#135) * Align pricing page with subscription model * Update changelog 3 years ago			`subscription,`
Initial commit 4 years ago			`access: access.map((accessItem) => {`
			`return {`
			`alias: accessItem.User.alias,`
			`id: accessItem.id`
			`};`
			`}),`
Prepare for multi accounts support: store account for new transactions (#46) 3 years ago			`accounts: Account,`
Initial commit 4 years ago			`settings: {`
Feature/add restricted view (#295) * Add restricted view * Update changelog 3 years ago			`...(<UserSettings>Settings.settings),`
Feature/zen mode (#110) * Start with implementation * Refactor AuthGuard, persist displayMode in user settings * Refactor DisplayMode to ViewMode * Update changelog 3 years ago			`locale,`
			`baseCurrency: Settings?.currency ?? UserService.DEFAULT_CURRENCY,`
Feature/extend pricing page (#130) * Extend pricing page * Feature/align pricing page with subscription model (#135) * Align pricing page with subscription model * Update changelog 3 years ago			`viewMode: Settings?.viewMode ?? ViewMode.DEFAULT`
Initial commit 4 years ago			`}`
			`};`
			`}`

Feature/add restricted view (#295) * Add restricted view * Update changelog 3 years ago			`public isRestrictedView(aUser: UserWithSettings) {`
			`return (aUser.Settings.settings as UserSettings)?.isRestrictedView ?? false;`
			`}`

Initial commit 4 years ago			`public async user(`
			`userWhereUniqueInput: Prisma.UserWhereUniqueInput`
			`): Promise<UserWithSettings \| null> {`
Harmonize prisma service (#266) 3 years ago			`const userFromDatabase = await this.prismaService.user.findUnique({`
Feature/extend pricing page (#130) * Extend pricing page * Feature/align pricing page with subscription model (#135) * Align pricing page with subscription model * Update changelog 3 years ago			`include: { Account: true, Settings: true, Subscription: true },`
Initial commit 4 years ago			`where: userWhereUniqueInput`
			`});`

Feature/extend pricing page (#130) * Extend pricing page * Feature/align pricing page with subscription model (#135) * Align pricing page with subscription model * Update changelog 3 years ago			`const user: UserWithSettings = userFromDatabase;`

Feature/setup subscription with stripe (#178) * Set up stripe for subscriptions * Update permissions and add discount * Update changelog 3 years ago			`const currentPermissions = getPermissions(userFromDatabase.role);`

			`if (this.configurationService.get('ENABLE_FEATURE_FEAR_AND_GREED_INDEX')) {`
			`currentPermissions.push(permissions.accessFearAndGreedIndex);`
			`}`

			`user.permissions = currentPermissions;`

Feature/extend pricing page (#130) * Extend pricing page * Feature/align pricing page with subscription model (#135) * Align pricing page with subscription model * Update changelog 3 years ago			`if (userFromDatabase?.Settings) {`
			`if (!userFromDatabase.Settings.currency) {`
Initial commit 4 years ago			`// Set default currency if needed`
Feature/extend pricing page (#130) * Extend pricing page * Feature/align pricing page with subscription model (#135) * Align pricing page with subscription model * Update changelog 3 years ago			`userFromDatabase.Settings.currency = UserService.DEFAULT_CURRENCY;`
Initial commit 4 years ago			`}`
Feature/extend pricing page (#130) * Extend pricing page * Feature/align pricing page with subscription model (#135) * Align pricing page with subscription model * Update changelog 3 years ago			`} else if (userFromDatabase) {`
Initial commit 4 years ago			`// Set default settings if needed`
Feature/extend pricing page (#130) * Extend pricing page * Feature/align pricing page with subscription model (#135) * Align pricing page with subscription model * Update changelog 3 years ago			`userFromDatabase.Settings = {`
Initial commit 4 years ago			`currency: UserService.DEFAULT_CURRENCY,`
Feature/add restricted view (#295) * Add restricted view * Update changelog 3 years ago			`settings: null,`
Initial commit 4 years ago			`updatedAt: new Date(),`
Feature/extend pricing page (#130) * Extend pricing page * Feature/align pricing page with subscription model (#135) * Align pricing page with subscription model * Update changelog 3 years ago			`userId: userFromDatabase?.id,`
Feature/zen mode (#110) * Start with implementation * Refactor AuthGuard, persist displayMode in user settings * Refactor DisplayMode to ViewMode * Update changelog 3 years ago			`viewMode: ViewMode.DEFAULT`
Initial commit 4 years ago			`};`
			`}`

Feature/extend pricing page (#130) * Extend pricing page * Feature/align pricing page with subscription model (#135) * Align pricing page with subscription model * Update changelog 3 years ago			`if (this.configurationService.get('ENABLE_FEATURE_SUBSCRIPTION')) {`
Feature/add subscription type to the admin user table (#311) * Add the subscription type to the user table in the admin control panel * Update changelog 3 years ago			`user.subscription = this.subscriptionService.getSubscription(`
			`userFromDatabase?.Subscription`
			`);`
Feature/setup subscription with stripe (#178) * Set up stripe for subscriptions * Update permissions and add discount * Update changelog 3 years ago
			`if (user.subscription.type === SubscriptionType.Basic) {`
			`user.permissions = user.permissions.filter((permission) => {`
			`return permission !== permissions.updateViewMode;`
			`});`
			`user.Settings.viewMode = ViewMode.ZEN;`
			`}`
Feature/extend pricing page (#130) * Extend pricing page * Feature/align pricing page with subscription model (#135) * Align pricing page with subscription model * Update changelog 3 years ago			`}`

Initial commit 4 years ago			`return user;`
			`}`

			`public async users(params: {`
			`skip?: number;`
			`take?: number;`
			`cursor?: Prisma.UserWhereUniqueInput;`
			`where?: Prisma.UserWhereInput;`
Feature/upgrade prisma to version 3.6.0 (#518) * Upgrade prisma from version 2.30.2 to 3.6.0 * Update changelog 3 years ago			`orderBy?: Prisma.UserOrderByWithRelationInput;`
Initial commit 4 years ago			`}): Promise<User[]> {`
			`const { skip, take, cursor, where, orderBy } = params;`
Harmonize prisma service (#266) 3 years ago			`return this.prismaService.user.findMany({`
Initial commit 4 years ago			`skip,`
			`take,`
			`cursor,`
			`where,`
			`orderBy`
			`});`
			`}`

			`public createAccessToken(password: string, salt: string): string {`
			`const hash = crypto.createHmac('sha512', salt);`
			`hash.update(password);`

			`return hash.digest('hex');`
			`}`

			`public async createUser(data?: Prisma.UserCreateInput): Promise<User> {`
Harmonize prisma service (#266) 3 years ago			`let user = await this.prismaService.user.create({`
Prepare for multi accounts support (#42) 3 years ago			`data: {`
			`...data,`
			`Account: {`
			`create: {`
Feature/support unlimited currencies (#387) * Support unlimited currencies * Update changelog 3 years ago			`currency: baseCurrency,`
Prepare for multi accounts support (#42) 3 years ago			`isDefault: true,`
			`name: 'Default Account'`
			`}`
Feature/support unlimited currencies (#387) * Support unlimited currencies * Update changelog 3 years ago			`},`
			`Settings: {`
			`create: {`
			`currency: baseCurrency`
			`}`
Prepare for multi accounts support (#42) 3 years ago			`}`
			`}`
Initial commit 4 years ago			`});`

			`if (data.provider === Provider.ANONYMOUS) {`
			`const accessToken = this.createAccessToken(`
			`user.id,`
			`this.getRandomString(10)`
			`);`

			`const hashedAccessToken = this.createAccessToken(`
			`accessToken,`
			`process.env.ACCESS_TOKEN_SALT`
			`);`

Harmonize prisma service (#266) 3 years ago			`user = await this.prismaService.user.update({`
Initial commit 4 years ago			`data: { accessToken: hashedAccessToken },`
			`where: { id: user.id }`
			`});`

			`return { ...user, accessToken };`
			`}`

			`return user;`
			`}`

			`public async updateUser(params: {`
			`where: Prisma.UserWhereUniqueInput;`
			`data: Prisma.UserUpdateInput;`
			`}): Promise<User> {`
			`const { where, data } = params;`
Harmonize prisma service (#266) 3 years ago			`return this.prismaService.user.update({`
Initial commit 4 years ago			`data,`
			`where`
			`});`
			`}`

			`public async deleteUser(where: Prisma.UserWhereUniqueInput): Promise<User> {`
Harmonize prisma service (#266) 3 years ago			`await this.prismaService.access.deleteMany({`
Feature/allow to delete users (#64) * Allow to delete users * Update changelog 3 years ago			`where: { OR: [{ granteeUserId: where.id }, { userId: where.id }] }`
			`});`

Harmonize prisma service (#266) 3 years ago			`await this.prismaService.account.deleteMany({`
Feature/allow to delete users (#64) * Allow to delete users * Update changelog 3 years ago			`where: { userId: where.id }`
			`});`

Harmonize prisma service (#266) 3 years ago			`await this.prismaService.analytics.delete({`
Feature/allow to delete users (#64) * Allow to delete users * Update changelog 3 years ago			`where: { userId: where.id }`
			`});`

Harmonize prisma service (#266) 3 years ago			`await this.prismaService.order.deleteMany({`
Feature/allow to delete users (#64) * Allow to delete users * Update changelog 3 years ago			`where: { userId: where.id }`
			`});`

			`try {`
Harmonize prisma service (#266) 3 years ago			`await this.prismaService.settings.delete({`
Feature/allow to delete users (#64) * Allow to delete users * Update changelog 3 years ago			`where: { userId: where.id }`
			`});`
			`} catch {}`

Harmonize prisma service (#266) 3 years ago			`return this.prismaService.user.delete({`
Initial commit 4 years ago			`where`
			`});`
			`}`

Feature/add restricted view (#295) * Add restricted view * Update changelog 3 years ago			`public async updateUserSetting({`
			`userId,`
			`userSettings`
			`}: {`
			`userId: string;`
			`userSettings: UserSettings;`
			`}) {`
			`const settings = userSettings as Prisma.JsonObject;`

			`await this.prismaService.settings.upsert({`
			`create: {`
			`settings,`
			`User: {`
			`connect: {`
			`id: userId`
			`}`
			`}`
			`},`
			`update: {`
			`settings`
			`},`
			`where: {`
			`userId: userId`
			`}`
			`});`

			`return;`
			`}`

Initial commit 4 years ago			`public async updateUserSettings({`
			`currency,`
Feature/zen mode (#110) * Start with implementation * Refactor AuthGuard, persist displayMode in user settings * Refactor DisplayMode to ViewMode * Update changelog 3 years ago			`userId,`
			`viewMode`
Feature/setup subscription with stripe (#178) * Set up stripe for subscriptions * Update permissions and add discount * Update changelog 3 years ago			`}: UserSettingsParams) {`
Harmonize prisma service (#266) 3 years ago			`await this.prismaService.settings.upsert({`
Initial commit 4 years ago			`create: {`
			`currency,`
			`User: {`
			`connect: {`
			`id: userId`
			`}`
Feature/zen mode (#110) * Start with implementation * Refactor AuthGuard, persist displayMode in user settings * Refactor DisplayMode to ViewMode * Update changelog 3 years ago			`},`
			`viewMode`
Initial commit 4 years ago			`},`
			`update: {`
Feature/zen mode (#110) * Start with implementation * Refactor AuthGuard, persist displayMode in user settings * Refactor DisplayMode to ViewMode * Update changelog 3 years ago			`currency,`
			`viewMode`
Initial commit 4 years ago			`},`
			`where: {`
			`userId: userId`
			`}`
			`});`

			`return;`
			`}`
Improve scraper (#28) 3 years ago
			`private getRandomString(length: number) {`
			`const characters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';`
			`const result = [];`

			`for (let i = 0; i < length; i++) {`
			`result.push(`
			`characters.charAt(Math.floor(Math.random() * characters.length))`
			`);`
			`}`
			`return result.join('');`
			`}`
Initial commit 4 years ago			`}`