add userdatabse

Author: mms-gianni

server/package.json

@@ -20,7 +20,16 @@
     "test:watch": "jest --watch",
     "test:cov": "jest --coverage",
     "test:debug": "node --inspect-brk -r tsconfig-paths/register -r ts-node/register node_modules/.bin/jest --runInBand",
-    "test:e2e": "jest --config ./test/jest-e2e.json"
+    "test:e2e": "jest --config ./test/jest-e2e.json",
+    "prisma:generate": "npx prisma generate",
+    "prisma:studio": "npx prisma studio",
+    "prisma:reset": "npx prisma migrate reset --force",
+    "prisma:init": "npx prisma migrate dev --name init --create-only",
+    "prisma:deploy": "npx prisma migrate deploy",
+    "prisma:migrate": "npx prisma migrate deploy",
+    "prisma:push": "npx prisma db push",
+    "prisma:db:seed": "npx prisma db seed --preview-feature",
+    "prisma:db:seed:test": "npx prisma db seed --preview-feature --schema=./prisma/schema.prod.prisma"
   },
   "dependencies": {
     "@kubernetes/client-node": "^0.22.3",

server/prisma/dev_qa.db

@@ -0,0 +1,135 @@
+-- CreateTable
+CREATE TABLE "Audit" (
+    "id" INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+    "timestamp" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "user" TEXT NOT NULL,
+    "severity" TEXT NOT NULL DEFAULT 'normal',
+    "action" TEXT NOT NULL,
+    "namespace" TEXT NOT NULL,
+    "phase" TEXT NOT NULL,
+    "app" TEXT NOT NULL,
+    "pipeline" TEXT NOT NULL,
+    "resource" TEXT NOT NULL DEFAULT 'unknown',
+    "message" TEXT NOT NULL,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL
+);
+
+-- CreateTable
+CREATE TABLE "User" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "name" TEXT,
+    "email" TEXT NOT NULL,
+    "emailVerified" DATETIME,
+    "password" TEXT NOT NULL,
+    "twoFaSecret" TEXT,
+    "twoFaEnabled" BOOLEAN NOT NULL DEFAULT false,
+    "image" TEXT,
+    "roleId" TEXT,
+    "isActive" BOOLEAN NOT NULL DEFAULT true,
+    "lastLogin" DATETIME,
+    "lastIp" TEXT,
+    "provider" TEXT DEFAULT 'local',
+    "providerId" TEXT,
+    "providerData" TEXT,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL,
+    CONSTRAINT "User_roleId_fkey" FOREIGN KEY ("roleId") REFERENCES "Role" ("id") ON DELETE SET NULL ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "UserGroup" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "name" TEXT NOT NULL,
+    "description" TEXT,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL
+);
+
+-- CreateTable
+CREATE TABLE "Role" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "name" TEXT NOT NULL,
+    "description" TEXT,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL
+);
+
+-- CreateTable
+CREATE TABLE "Token" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "userId" TEXT NOT NULL,
+    "token" TEXT NOT NULL,
+    "expiresAt" DATETIME NOT NULL,
+    "isActive" BOOLEAN NOT NULL DEFAULT true,
+    "lastUsed" DATETIME,
+    "lastIp" TEXT,
+    "description" TEXT,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL,
+    CONSTRAINT "Token_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User" ("id") ON DELETE RESTRICT ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "Permission" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "resource" TEXT NOT NULL,
+    "action" TEXT NOT NULL,
+    "namespace" TEXT,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL
+);
+
+-- CreateTable
+CREATE TABLE "_UserToUserGroup" (
+    "A" TEXT NOT NULL,
+    "B" TEXT NOT NULL,
+    CONSTRAINT "_UserToUserGroup_A_fkey" FOREIGN KEY ("A") REFERENCES "User" ("id") ON DELETE CASCADE ON UPDATE CASCADE,
+    CONSTRAINT "_UserToUserGroup_B_fkey" FOREIGN KEY ("B") REFERENCES "UserGroup" ("id") ON DELETE CASCADE ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "_PermissionToRole" (
+    "A" TEXT NOT NULL,
+    "B" TEXT NOT NULL,
+    CONSTRAINT "_PermissionToRole_A_fkey" FOREIGN KEY ("A") REFERENCES "Permission" ("id") ON DELETE CASCADE ON UPDATE CASCADE,
+    CONSTRAINT "_PermissionToRole_B_fkey" FOREIGN KEY ("B") REFERENCES "Role" ("id") ON DELETE CASCADE ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "_PermissionToToken" (
+    "A" TEXT NOT NULL,
+    "B" TEXT NOT NULL,
+    CONSTRAINT "_PermissionToToken_A_fkey" FOREIGN KEY ("A") REFERENCES "Permission" ("id") ON DELETE CASCADE ON UPDATE CASCADE,
+    CONSTRAINT "_PermissionToToken_B_fkey" FOREIGN KEY ("B") REFERENCES "Token" ("id") ON DELETE CASCADE ON UPDATE CASCADE
+);
+
+-- CreateIndex
+CREATE UNIQUE INDEX "User_email_key" ON "User"("email");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "UserGroup_name_key" ON "UserGroup"("name");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "Role_name_key" ON "Role"("name");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "Token_token_key" ON "Token"("token");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "_UserToUserGroup_AB_unique" ON "_UserToUserGroup"("A", "B");
+
+-- CreateIndex
+CREATE INDEX "_UserToUserGroup_B_index" ON "_UserToUserGroup"("B");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "_PermissionToRole_AB_unique" ON "_PermissionToRole"("A", "B");
+
+-- CreateIndex
+CREATE INDEX "_PermissionToRole_B_index" ON "_PermissionToRole"("B");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "_PermissionToToken_AB_unique" ON "_PermissionToToken"("A", "B");
+
+-- CreateIndex
+CREATE INDEX "_PermissionToToken_B_index" ON "_PermissionToToken"("B");

server/prisma/migrations/20250612204421_init/migration.sql

@@ -19,17 +19,20 @@ generator client {
 }
 
 model Audit {
-  id        Int      @id @default(autoincrement())
-  timestamp DateTime @default(now())
+  id        Int          @id @default(autoincrement())
+  timestamp DateTime     @default(now())
   user      String
-  severity  Severity @default(normal)
+  severity  Severity     @default(normal)
   action    String
   namespace String
   phase     String
   app       String
   pipeline  String
-  resource  ResourceType  @default(unknown)
+  resource  ResourceType @default(unknown)
   message   String
+
+  createdAt DateTime @default(now())
+  updatedAt DateTime @updatedAt
 }
 
 enum Severity {
@@ -58,4 +61,85 @@ enum ResourceType {
   config
   addons
   kubernetes
-}
+}
+
+model User {
+  id            String    @id @default(cuid())
+  name          String?
+  email         String    @unique
+  emailVerified DateTime?
+  password      String
+  twoFaSecret   String?
+  twoFaEnabled  Boolean   @default(false)
+  image         String?
+
+  roleId     String?
+  role       Role?       @relation(fields: [roleId], references: [id])
+  userGroups UserGroup[] // Many-to-many relationship with UserGroup
+
+  isActive  Boolean   @default(true)
+  lastLogin DateTime?
+  lastIp    String? // Last known IP address
+
+  provider     String? @default("local") // e.g., "github", "local", ...
+  providerId   String? // ID from the external provider (e.g., GitHub ID)
+  providerData String? // JSON string for additional provider data
+
+  tokens Token[]
+
+  createdAt DateTime @default(now())
+  updatedAt DateTime @updatedAt
+}
+
+model UserGroup {
+  id          String  @id @default(uuid())
+  name        String  @unique
+  description String?
+
+  users User[]
+
+  createdAt         DateTime            @default(now())
+  updatedAt         DateTime            @updatedAt
+}
+
+model Role {
+  id          String  @id @default(cuid())
+  name        String  @unique
+  description String?
+
+  users User[] // Users associated with this role
+  permissions Permission[] // Permissions directly assigned to this role
+
+  createdAt DateTime @default(now())
+  updatedAt DateTime @updatedAt
+}
+
+model Token {
+  id          String    @id @default(cuid())
+  userId      String
+  user        User      @relation(fields: [userId], references: [id])
+  token       String    @unique
+  expiresAt   DateTime
+  isActive    Boolean   @default(true)
+  lastUsed    DateTime?
+  lastIp      String? // Last known IP address used for this token
+  description String? // Description of the token's purpose
+
+  permissions Permission[] // Permissions associated with this token
+
+  createdAt          DateTime             @default(now())
+  updatedAt          DateTime             @updatedAt
+}
+
+model Permission {
+  id        String       @id @default(cuid())
+  resource  ResourceType
+  action    String // e.g., "create", "read", "update", "delete"
+  namespace String? // Optional namespace for scoping permissions
+
+  roles     Role[]     // Roles that have this permission
+  tokens    Token[]    // Tokens that have this permission
+
+  createdAt          DateTime             @default(now())
+  updatedAt          DateTime             @updatedAt
+}

server/prisma/migrations/20250618115501_init/migration.sql

@@ -18,6 +18,8 @@ export class AuditService {
       this.enabled = false;
       Logger.log('⏸️ Audit logging not enabled', 'Feature');
       return;
+    } else {
+      Logger.log('✅ Audit logging enabled', 'Feature');
     }
     this.init();
   }
@@ -26,9 +28,6 @@ export class AuditService {
     if (!this.enabled) {
       return;
     }
-    // Prisma migriert das Schema automatisch, falls nötig (z.B. mit prisma migrate deploy)
-    Logger.log('✅ Audit logging enabled', 'Feature');
-
     const auditEntry: AuditEntry = {
       user: 'kubero',
       severity: 'normal',
@@ -41,7 +40,7 @@ export class AuditService {
       message: 'server started',
     };
 
-    await this.log(auditEntry);
+    await this.logDelayed(auditEntry, 5000);
   }
 
   public logDelayed(entry: AuditEntry, delay: number = 1000) {

server/prisma/schema.prisma

@@ -2,7 +2,7 @@ import { Global, Module, Logger } from '@nestjs/common';
 import { DatabaseService } from './database.service';
 import { PrismaClient } from '@prisma/client';
 
-DatabaseService.Init();
+DatabaseService.Init(); // configing the database connection initialization
 
 @Global()
 @Module({

server/src/audit/audit.service.ts

@@ -6,7 +6,8 @@ export class DatabaseService {
 
   public static async Init() {
     if (process.env.DATABASE_URL === '' || process.env.DATABASE_URL === undefined) {
-      process.env.DATABASE_URL = 'file:../db/kubero.db';
+      process.env.DATABASE_URL = 'file:../db/kubero.sqlite';
+      process.env.DATABASE_TYPE = 'sqlite';
       Logger.debug(
         'DATABASE_URL is not set. Using SQLite database: ' + process.env.DATABASE_URL,
         'DatabaseService',

server/src/database/database.module.ts

@@ -31,7 +31,7 @@ async function bootstrap() {
     cors: true,
   });
 
-  await DatabaseService.RunMigrations();
+  DatabaseService.RunMigrations();
 
   app.use(
     helmet({

server/src/database/database.service.ts

@@ -8,20 +8,6 @@ export type User = any;
 
 @Injectable()
 export class UsersService {
-  /*
-  private readonly users = [
-    {
-      userId: 1,
-      username: 'foo',
-      password: 'bar',
-    },
-    {
-      userId: 2,
-      username: 'mms-gianni',
-      password: 'bar',
-    },
-  ];
-  */
   private readonly users = [] as User[];
   private logger = new Logger(UsersService.name);