[INIT] Initial Project Structure

lib/vix/AppGuards.ts

@@ -0,0 +1,15 @@
+import { IAMResource, ManagementResource } from "./AppResources";
+import { Policy, PolicyType } from "./AppPolicies";
+
+function appPolicies(...userPolicies: PolicyType[] | PolicyType[][]) {
+  const policies = userPolicies.length === 1 && Array.isArray(userPolicies[0]) ? userPolicies[0] : (userPolicies as PolicyType[]);
+  const requiredPolicies = Policy.parseResourcePolicies(policies);
+  return requiredPolicies;
+}
+
+export default class AppGuard {
+  static IAMRoot = appPolicies(`${IAMResource.Root}.root`);
+  static IAMAuthenticated = appPolicies(Object.values(IAMResource).map((iam) => `${iam}.root`) as PolicyType[]);
+  static ManageProjects = appPolicies(`${ManagementResource.ManageProject}.*`);
+  static CreateProjects = appPolicies(`${ManagementResource.ManageProject}.create`);
+}

lib/vix/AppPolicies.ts

@@ -0,0 +1,26 @@
+import { ResourcePolicy, ResourcePolicyComputeType, ResourcePolicyString, ResourcePolicyType } from "@dunemask/vix/util";
+import { IAMResource, ManagementResource, Resource } from "./AppResources";
+
+export const Policy = ResourcePolicy<Resource>;
+export declare type Policy = ResourcePolicy<Resource>;
+export declare type PolicyType = ResourcePolicyType<Resource>;
+export declare type PolicyComputeType = ResourcePolicyComputeType<Resource>;
+export declare type PolicyString = ResourcePolicyString<Resource>;
+export declare type PolicyDefault = { id: string; name: string; policies: Policy[] };
+
+export default class DefaultRolePolicies {
+  static Root = $unsafeGetRootPolicy();
+  static Admin = Policy.multiple<Resource>(
+    `${IAMResource.Admin}.root`,
+    `${ManagementResource.ManageProject}.root`,
+    `${ManagementResource.ManageUser}.root`,
+  );
+
+  static User = Policy.multiple<Resource>(`${IAMResource.User}.root`);
+}
+
+function $unsafeGetRootPolicy(): Policy[] {
+  const policies: PolicyString[] = [];
+  for (const resource of Object.values(Resource)) policies.push(`${resource}.root`);
+  return Policy.multiple<Resource>(...policies) as Policy[];
+}

lib/vix/AppResources.ts

@@ -0,0 +1,20 @@
+export enum IAMResource {
+  Root = "root",
+  Admin = "admin",
+  User = "user",
+  CairoProjectRoot = "cairo-project-root",
+}
+
+export enum ManagementResource {
+  ManageAdmin = "manage-admin",
+  ManageUser = "manage-user",
+  ManageProject = "manage-project",
+}
+
+export enum OtherResource {
+  Random = "Random",
+}
+
+type ResourceEnums<T extends Record<string, string>> = T[keyof T];
+export const Resource = { ...IAMResource, ...ManagementResource, ...OtherResource };
+export type Resource = ResourceEnums<typeof Resource>;

lib/vix/AppRouter.ts

@@ -0,0 +1,15 @@
+import "express-async-errors";
+import config from "@lib/config";
+import { VixpressRouter } from "@dunemask/vix";
+import { AuthRoute } from "@lib/modules/auth/auth.router";
+import { ProjectRoute } from "@lib/modules/projects/project.router";
+
+export default class AppRouter extends VixpressRouter {
+  protected routerImportUrl = import.meta.url; // Used to configure the relative static route
+  protected baseUrl = config.Server.basePath; // Path for static assets
+  async configureRoutes() {
+    // API Routes go here:
+    await this.useRoute("/api/:project/auth", AuthRoute);
+    await this.useRoute("/api/:project", ProjectRoute);
+  }
+}

lib/vix/ClientErrors.ts

@@ -0,0 +1,25 @@
+import { ClientError } from "@dunemask/vix/bridge";
+
+export class AuthErrors {
+  static readonly UnauthorizedRequiredProject = new ClientError(401, "Project required!");
+  static readonly UnauthorizedRequiredToken = new ClientError(401, "Token required!");
+  static readonly UnauthorizedRequiredUser = new ClientError(401, "User not set!");
+  static readonly UnauthorizedRole = new ClientError(403, "Insufficient Privileges");
+  static readonly UnauthorizedRequest = new ClientError(401, "Unauthorized!");
+  static readonly ForbiddenPermissions = new ClientError(403, "Insufficient privileges!");
+}
+
+export class UserErrors {
+  static readonly ConflictIdentityTaken = new ClientError(409, "Identity taken!");
+}
+
+export class ProjectErrors {
+  static readonly BadRequestSlugInvalid = new ClientError(400, "Project slug invalid!");
+  static readonly BadRequestProjectIncomplete = new ClientError(400, "Project incomplete!");
+  static readonly UnexpectedRootUserError = new ClientError(500, "Error creating root user!");
+  static readonly ConflictNonUnique = new ClientError(409, "Slug already taken!");
+}
+
+export class KeyPairErrors {
+  static readonly NotFoundKeypair = new ClientError(400, "Keypair not found!");
+}

lib/vix/RouteGuard.ts

@@ -0,0 +1,9 @@
+import policyMiddlewareGuard from "@lib/middlewares/policy-guard";
+import userGuard from "@lib/middlewares/user-guard";
+import AppGuard from "./AppGuards";
+
+export default class RouteGuard {
+  static User = userGuard();
+  static ManageProjectsRead = policyMiddlewareGuard(AppGuard.ManageProjects);
+  static MangeProjectsCreate = policyMiddlewareGuard(AppGuard.CreateProjects);
+}