From 8f5baac585efdc9d5df4d7782b86cd72a13e5848 Mon Sep 17 00:00:00 2001 From: Darcy Ye Date: Wed, 20 Mar 2024 00:47:56 +0800 Subject: [PATCH] refactor(core,schemas): refactor to improve lib method performance --- packages/core/src/libraries/jwt-customizer.ts | 87 +++++++++---------- packages/core/src/libraries/scope.ts | 30 +++++++ packages/core/src/routes/role.scope.ts | 18 +--- packages/core/src/tenants/Libraries.ts | 4 +- packages/schemas/src/types/jwt-customizer.ts | 47 +++++----- packages/schemas/src/types/user.ts | 25 ++---- 6 files changed, 102 insertions(+), 109 deletions(-) create mode 100644 packages/core/src/libraries/scope.ts diff --git a/packages/core/src/libraries/jwt-customizer.ts b/packages/core/src/libraries/jwt-customizer.ts index e51270a07..36f437145 100644 --- a/packages/core/src/libraries/jwt-customizer.ts +++ b/packages/core/src/libraries/jwt-customizer.ts @@ -1,71 +1,64 @@ import type { JwtCustomizerUserContext } from '@logto/schemas'; -import { - userInfoSelectFields, - OrganizationScopes, - jwtCustomizerUserContextGuard, -} from '@logto/schemas'; +import { userInfoSelectFields, jwtCustomizerUserContextGuard } from '@logto/schemas'; import { deduplicate, pick, pickState } from '@silverhand/essentials'; +import { type ScopeLibrary } from '#src/libraries/scope.js'; import { type UserLibrary } from '#src/libraries/user.js'; import type Queries from '#src/tenants/Queries.js'; -export const createJwtCustomizerLibrary = (queries: Queries, userLibrary: UserLibrary) => { +// Show top 20 organization roles. +const limit = 20; +const offset = 0; + +export const createJwtCustomizerLibrary = ( + queries: Queries, + userLibrary: UserLibrary, + scopeLibrary: ScopeLibrary +) => { const { users: { findUserById }, - rolesScopes: { findRolesScopesByRoleId }, - scopes: { findScopeById }, - resources: { findResourceById }, + rolesScopes: { findRolesScopesByRoleIds }, + scopes: { findScopesByIds }, userSsoIdentities, - organizations: { relations }, + organizations: { relations, roles: organizationRoles }, } = queries; const { findUserRoles } = userLibrary; + const { attachResourceToScopes } = scopeLibrary; const getUserContext = async (userId: string): Promise => { const user = await findUserById(userId); const fullSsoIdentities = await userSsoIdentities.findUserSsoIdentitiesByUserId(userId); const roles = await findUserRoles(userId); + const rolesScopes = await findRolesScopesByRoleIds(roles.map(({ id }) => id)); + const scopeIds = rolesScopes.map(({ scopeId }) => scopeId); + const scopes = await findScopesByIds(scopeIds); + const scopesWithResources = await attachResourceToScopes(scopes); const organizationsWithRoles = await relations.users.getOrganizationsByUserId(userId); + const [_, organizationRolesWithScopes] = await organizationRoles.findAll(limit, offset); const userContext = { ...pick(user, ...userInfoSelectFields), ssoIdentities: fullSsoIdentities.map(pickState('issuer', 'identityId', 'detail')), mfaVerificationFactors: deduplicate(user.mfaVerifications.map(({ type }) => type)), - roles: await Promise.all( - roles.map(async (role) => { - const fullRolesScopes = await findRolesScopesByRoleId(role.id); - const scopeIds = fullRolesScopes.map(({ scopeId }) => scopeId); - return { - ...pick(role, 'id', 'name', 'description'), - scopes: await Promise.all( - scopeIds.map(async (scopeId) => { - const scope = await findScopeById(scopeId); - return { - ...pick(scope, 'id', 'name', 'description'), - ...(await findResourceById(scope.resourceId).then( - ({ indicator, id: resourceId }) => ({ indicator, resourceId }) - )), - }; - }) - ), - }; - }) - ), - organizations: await Promise.all( - organizationsWithRoles.map(async ({ organizationRoles, ...organization }) => ({ - id: organization.id, - roles: await Promise.all( - organizationRoles.map(async ({ id, name }) => { - const [_, fullOrganizationScopes] = await relations.rolesScopes.getEntities( - OrganizationScopes, - { organizationRoleId: id } - ); - return { - id, - name, - scopes: fullOrganizationScopes.map(pickState('id', 'name', 'description')), - }; - }) - ), - })) + roles: roles.map((role) => { + const scopeIds = new Set( + rolesScopes.filter(({ roleId }) => roleId === role.id).map(({ scopeId }) => scopeId) + ); + return { + ...pick(role, 'id', 'name', 'description'), + scopes: scopesWithResources + .filter(({ id }) => scopeIds.has(id)) + .map(pickState('id', 'name', 'description', 'resourceId', 'resource')), + }; + }), + organizations: organizationsWithRoles.map(pickState('id', 'name', 'description')), + organizationRoles: organizationsWithRoles.flatMap( + ({ id: organizationId, organizationRoles }) => + organizationRoles.map(({ id: roleId, name: roleName }) => ({ + organizationId, + roleId, + roleName, + scopes: organizationRolesWithScopes.find(({ id }) => id === roleId)?.scopes ?? [], + })) ), }; diff --git a/packages/core/src/libraries/scope.ts b/packages/core/src/libraries/scope.ts new file mode 100644 index 000000000..2b6d60fed --- /dev/null +++ b/packages/core/src/libraries/scope.ts @@ -0,0 +1,30 @@ +import type { Scope, ScopeResponse } from '@logto/schemas'; + +import type Queries from '#src/tenants/Queries.js'; +import assertThat from '#src/utils/assert-that.js'; + +export type ScopeLibrary = ReturnType; + +export const createScopeLibrary = (queries: Queries) => { + const { + resources: { findResourcesByIds }, + } = queries; + + const attachResourceToScopes = async (scopes: readonly Scope[]): Promise => { + const resources = await findResourcesByIds(scopes.map(({ resourceId }) => resourceId)); + return scopes.map((scope) => { + const resource = resources.find(({ id }) => id === scope.resourceId); + + assertThat(resource, new Error(`Cannot find resource for id ${scope.resourceId}`)); + + return { + ...scope, + resource, + }; + }); + }; + + return { + attachResourceToScopes, + }; +}; diff --git a/packages/core/src/routes/role.scope.ts b/packages/core/src/routes/role.scope.ts index 8cbafdf39..61b731cb6 100644 --- a/packages/core/src/routes/role.scope.ts +++ b/packages/core/src/routes/role.scope.ts @@ -1,4 +1,3 @@ -import type { Scope, ScopeResponse } from '@logto/schemas'; import { scopeResponseGuard, Scopes } from '@logto/schemas'; import { generateStandardId } from '@logto/shared'; import { tryThat } from '@silverhand/essentials'; @@ -7,7 +6,6 @@ import { object, string } from 'zod'; import RequestError from '#src/errors/RequestError/index.js'; import koaGuard from '#src/middleware/koa-guard.js'; import koaPagination from '#src/middleware/koa-pagination.js'; -import assertThat from '#src/utils/assert-that.js'; import { parseSearchParamsForSearch } from '#src/utils/search.js'; import type { AuthedRouter, RouterInitArgs } from './types.js'; @@ -16,7 +14,6 @@ export default function roleScopeRoutes( ...[router, { queries, libraries }]: RouterInitArgs ) { const { - resources: { findResourcesByIds }, rolesScopes: { deleteRolesScope, findRolesScopesByRoleId, insertRolesScopes }, roles: { findRoleById }, scopes: { findScopesByIds, countScopesByScopeIds, searchScopesByScopeIds }, @@ -24,22 +21,9 @@ export default function roleScopeRoutes( const { quota, roleScopes: { validateRoleScopeAssignment }, + scopes: { attachResourceToScopes }, } = libraries; - const attachResourceToScopes = async (scopes: readonly Scope[]): Promise => { - const resources = await findResourcesByIds(scopes.map(({ resourceId }) => resourceId)); - return scopes.map((scope) => { - const resource = resources.find(({ id }) => id === scope.resourceId); - - assertThat(resource, new Error(`Cannot find resource for id ${scope.resourceId}`)); - - return { - ...scope, - resource, - }; - }); - }; - router.get( '/roles/:id/scopes', koaPagination({ isOptional: true }), diff --git a/packages/core/src/tenants/Libraries.ts b/packages/core/src/tenants/Libraries.ts index 449c92553..12a703748 100644 --- a/packages/core/src/tenants/Libraries.ts +++ b/packages/core/src/tenants/Libraries.ts @@ -10,6 +10,7 @@ import { createPhraseLibrary } from '#src/libraries/phrase.js'; import { createProtectedAppLibrary } from '#src/libraries/protected-app.js'; import { createQuotaLibrary } from '#src/libraries/quota.js'; import { createRoleScopeLibrary } from '#src/libraries/role-scope.js'; +import { createScopeLibrary } from '#src/libraries/scope.js'; import { createSignInExperienceLibrary } from '#src/libraries/sign-in-experience/index.js'; import { createSocialLibrary } from '#src/libraries/social.js'; import { createSsoConnectorLibrary } from '#src/libraries/sso-connector.js'; @@ -22,8 +23,9 @@ export default class Libraries { users = createUserLibrary(this.queries); phrases = createPhraseLibrary(this.queries); hooks = createHookLibrary(this.queries); + scopes = createScopeLibrary(this.queries); socials = createSocialLibrary(this.queries, this.connectors); - jwtCustomizers = createJwtCustomizerLibrary(this.queries, this.users); + jwtCustomizers = createJwtCustomizerLibrary(this.queries, this.users, this.scopes); passcodes = createPasscodeLibrary(this.queries, this.connectors); applications = createApplicationLibrary(this.queries); verificationStatuses = createVerificationStatusLibrary(this.queries); diff --git a/packages/schemas/src/types/jwt-customizer.ts b/packages/schemas/src/types/jwt-customizer.ts index 6d6e0b733..8ec51b1d3 100644 --- a/packages/schemas/src/types/jwt-customizer.ts +++ b/packages/schemas/src/types/jwt-customizer.ts @@ -1,44 +1,39 @@ import { z } from 'zod'; import { - OrganizationRoles, + Organizations, OrganizationScopes, - Resources, Roles, - Scopes, UserSsoIdentities, } from '../db-entries/index.js'; import { mfaFactorsGuard, jsonObjectGuard } from '../foundations/index.js'; import { jwtCustomizerGuard } from './logto-config/index.js'; +import { scopeResponseGuard } from './scope.js'; import { userInfoGuard } from './user.js'; -const organizationDetailGuard = z.object({ - id: z.string(), - roles: z.array( - OrganizationRoles.guard.pick({ id: true, name: true }).extend({ - scopes: z.array(OrganizationScopes.guard.pick({ id: true, name: true, description: true })), - }) - ), -}); - -export type OrganizationDetail = z.infer; - export const jwtCustomizerUserContextGuard = userInfoGuard.extend({ - ssoIdentities: z.array( - UserSsoIdentities.guard.pick({ issuer: true, identityId: true, detail: true }) - ), + ssoIdentities: UserSsoIdentities.guard + .pick({ issuer: true, identityId: true, detail: true }) + .array(), mfaVerificationFactors: mfaFactorsGuard, - roles: z.array( - Roles.guard.pick({ id: true, name: true, description: true }).extend({ - scopes: z.array( - Scopes.guard - .pick({ id: true, name: true, description: true, resourceId: true }) - .merge(Resources.guard.pick({ indicator: true })) - ), + roles: Roles.guard + .pick({ id: true, name: true, description: true }) + .extend({ + scopes: scopeResponseGuard + .pick({ id: true, name: true, description: true, resourceId: true, resource: true }) + .array(), }) - ), - organizations: z.array(organizationDetailGuard), + .array(), + organizations: Organizations.guard.pick({ id: true, name: true, description: true }).array(), + organizationRoles: z + .object({ + organizationId: z.string(), + roleId: z.string(), + roleName: z.string(), + scopes: OrganizationScopes.guard.pick({ id: true, name: true }).array(), + }) + .array(), }); export type JwtCustomizerUserContext = z.infer; diff --git a/packages/schemas/src/types/user.ts b/packages/schemas/src/types/user.ts index ea059930f..a34c763ce 100644 --- a/packages/schemas/src/types/user.ts +++ b/packages/schemas/src/types/user.ts @@ -18,24 +18,13 @@ export const userInfoSelectFields = Object.freeze([ 'isSuspended', ] as const); -/** - * The `pick` method of previous implementation will be overridden by `merge`/`extend` method, should explicitly specify keys in `pick` method. - * DO REMEMBER TO UPDATE THIS GUARD WHEN YOU UPDATE `userInfoSelectFields`. - */ -export const userInfoGuard = Users.guard.pick({ - id: true, - username: true, - primaryEmail: true, - primaryPhone: true, - name: true, - avatar: true, - customData: true, - identities: true, - lastSignInAt: true, - createdAt: true, - applicationId: true, - isSuspended: true, -}); +export const userInfoGuard = Users.guard.pick( + // eslint-disable-next-line no-restricted-syntax + Object.fromEntries(userInfoSelectFields.map((field) => [field, true])) as Record< + (typeof userInfoSelectFields)[number], + true + > +); export type UserInfo = z.infer;