Merge pull request #1553 from rocket-admin/backend_security_report

Artuomka · web-flow · commit 2aa16e17599b · 2026-02-03T11:34:51.000+02:00
Selfosted operations module
diff --git a/backend/src/app.module.ts b/backend/src/app.module.ts
@@ -47,6 +47,7 @@ import { PersonalTableSettingsModule } from './entities/table-settings/personal-
 import { SavedDbQueryModule } from './entities/visualizations/saved-db-query/saved-db-query.module.js';
 import { DashboardModule } from './entities/visualizations/dashboard/dashboards.module.js';
 import { DashboardWidgetModule } from './entities/visualizations/dashboard-widget/dashboard-widget.module.js';
+import { SelfHostedOperationsModule } from './selfhosted-operations/selhosted-operations.module.js';
 
 @Module({
 	imports: [
@@ -98,6 +99,7 @@ import { DashboardWidgetModule } from './entities/visualizations/dashboard-widge
 		SavedDbQueryModule,
 		DashboardModule,
 		DashboardWidgetModule,
+		SelfHostedOperationsModule.register(),
 	],
 	controllers: [AppController],
 	providers: [
diff --git a/backend/src/common/data-injection.tokens.ts b/backend/src/common/data-injection.tokens.ts
@@ -202,4 +202,7 @@ export enum UseCaseType {
 	CREATE_DASHBOARD_WIDGET = 'CREATE_DASHBOARD_WIDGET',
 	UPDATE_DASHBOARD_WIDGET = 'UPDATE_DASHBOARD_WIDGET',
 	DELETE_DASHBOARD_WIDGET = 'DELETE_DASHBOARD_WIDGET',
+
+	IS_CONFIGURED = 'IS_CONFIGURED',
+	CREATE_INITIAL_USER = 'CREATE_INITIAL_USER',
 }
diff --git a/backend/src/entities/ai/ai-conversation-history/ai-chat-messages/ai-chat-message.entity.ts b/backend/src/entities/ai/ai-conversation-history/ai-chat-messages/ai-chat-message.entity.ts
@@ -34,6 +34,7 @@ export class AiChatMessageEntity {
 	@ManyToOne(
 		() => UserAiChatEntity,
 		(ai_chat) => ai_chat.messages,
+		{ onDelete: 'CASCADE' },
 	)
 	@JoinColumn({ name: 'ai_chat_id' })
 	ai_chat: Relation<UserAiChatEntity>;
diff --git a/backend/src/entities/ai/ai-conversation-history/user-ai-chat/user-ai-chat.entity.ts b/backend/src/entities/ai/ai-conversation-history/user-ai-chat/user-ai-chat.entity.ts
@@ -29,6 +29,7 @@ export class UserAiChatEntity {
 	@ManyToOne(
 		() => UserEntity,
 		(user) => user.ai_chats,
+		{ onDelete: 'CASCADE' },
 	)
 	@JoinColumn({ name: 'user_id' })
 	user: Relation<UserEntity>;
diff --git a/backend/src/entities/connection/connection.entity.ts b/backend/src/entities/connection/connection.entity.ts
@@ -272,6 +272,7 @@ export class ConnectionEntity {
 	@ManyToOne(
 		(_) => CompanyInfoEntity,
 		(company) => company.connections,
+		{ onDelete: 'CASCADE' },
 	)
 	@JoinTable()
 	company: Relation<CompanyInfoEntity>;
diff --git a/backend/src/exceptions/text/messages.ts b/backend/src/exceptions/text/messages.ts
@@ -382,4 +382,6 @@ export const Messages = {
 	SECRET_DELETED_SUCCESSFULLY: 'Secret deleted successfully',
 	USER_NOT_FOUND_OR_NOT_IN_COMPANY: 'User not found or not associated with a company',
 	PERSONAL_TABLE_SETTINGS_NOT_FOUND: 'Personal table settings with this parameters not found',
+	SELF_HOSTED_ALREADY_CONFIGURED: 'Instance is already configured',
+	ENDPOINT_NOT_AVAILABLE_IN_THIS_MODE: 'This endpoint is not available in the current mode',
 };
diff --git a/backend/src/migrations/1770043047971-AddedCascadeOptionToAiChatEntities.ts b/backend/src/migrations/1770043047971-AddedCascadeOptionToAiChatEntities.ts
@@ -0,0 +1,27 @@
+import { MigrationInterface, QueryRunner } from 'typeorm';
+
+export class AddedCascadeOptionToAiChatEntities1770043047971 implements MigrationInterface {
+	name = 'AddedCascadeOptionToAiChatEntities1770043047971';
+
+	public async up(queryRunner: QueryRunner): Promise<void> {
+		await queryRunner.query(`ALTER TABLE "ai_chat_message" DROP CONSTRAINT "FK_03bc49058afd5262d6a503bf123"`);
+		await queryRunner.query(`ALTER TABLE "user_ai_chat" DROP CONSTRAINT "FK_0f95dbd767d42e637345636cb5d"`);
+		await queryRunner.query(
+			`ALTER TABLE "ai_chat_message" ADD CONSTRAINT "FK_03bc49058afd5262d6a503bf123" FOREIGN KEY ("ai_chat_id") REFERENCES "user_ai_chat"("id") ON DELETE CASCADE ON UPDATE NO ACTION`,
+		);
+		await queryRunner.query(
+			`ALTER TABLE "user_ai_chat" ADD CONSTRAINT "FK_0f95dbd767d42e637345636cb5d" FOREIGN KEY ("user_id") REFERENCES "user"("id") ON DELETE CASCADE ON UPDATE NO ACTION`,
+		);
+	}
+
+	public async down(queryRunner: QueryRunner): Promise<void> {
+		await queryRunner.query(`ALTER TABLE "user_ai_chat" DROP CONSTRAINT "FK_0f95dbd767d42e637345636cb5d"`);
+		await queryRunner.query(`ALTER TABLE "ai_chat_message" DROP CONSTRAINT "FK_03bc49058afd5262d6a503bf123"`);
+		await queryRunner.query(
+			`ALTER TABLE "user_ai_chat" ADD CONSTRAINT "FK_0f95dbd767d42e637345636cb5d" FOREIGN KEY ("user_id") REFERENCES "user"("id") ON DELETE NO ACTION ON UPDATE NO ACTION`,
+		);
+		await queryRunner.query(
+			`ALTER TABLE "ai_chat_message" ADD CONSTRAINT "FK_03bc49058afd5262d6a503bf123" FOREIGN KEY ("ai_chat_id") REFERENCES "user_ai_chat"("id") ON DELETE NO ACTION ON UPDATE NO ACTION`,
+		);
+	}
+}
diff --git a/backend/src/migrations/1770045005400-AddCascadeOptionToConnectionEntity.ts b/backend/src/migrations/1770045005400-AddCascadeOptionToConnectionEntity.ts
@@ -0,0 +1,19 @@
+import { MigrationInterface, QueryRunner } from 'typeorm';
+
+export class AddCascadeOptionToConnectionEntity1770045005400 implements MigrationInterface {
+	name = 'AddCascadeOptionToConnectionEntity1770045005400';
+
+	public async up(queryRunner: QueryRunner): Promise<void> {
+		await queryRunner.query(`ALTER TABLE "connection" DROP CONSTRAINT "FK_3c56723750fad39864878239cf4"`);
+		await queryRunner.query(
+			`ALTER TABLE "connection" ADD CONSTRAINT "FK_3c56723750fad39864878239cf4" FOREIGN KEY ("companyId") REFERENCES "company_info"("id") ON DELETE CASCADE ON UPDATE NO ACTION`,
+		);
+	}
+
+	public async down(queryRunner: QueryRunner): Promise<void> {
+		await queryRunner.query(`ALTER TABLE "connection" DROP CONSTRAINT "FK_3c56723750fad39864878239cf4"`);
+		await queryRunner.query(
+			`ALTER TABLE "connection" ADD CONSTRAINT "FK_3c56723750fad39864878239cf4" FOREIGN KEY ("companyId") REFERENCES "company_info"("id") ON DELETE NO ACTION ON UPDATE NO ACTION`,
+		);
+	}
+}
diff --git a/backend/src/selfhosted-operations/application/data-structures/create-initial-user.ds.ts b/backend/src/selfhosted-operations/application/data-structures/create-initial-user.ds.ts
@@ -0,0 +1,4 @@
+export class CreateInitialUserDs {
+	email: string;
+	password: string;
+}
diff --git a/backend/src/selfhosted-operations/application/dto/create-initial-admin-user.dto.ts b/backend/src/selfhosted-operations/application/dto/create-initial-admin-user.dto.ts
@@ -0,0 +1,17 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { IsEmail, IsNotEmpty, IsString, MaxLength, MinLength } from 'class-validator';
+
+export class CreateInitialUserDto {
+  @ApiProperty({ description: 'User email' })
+  @IsNotEmpty()
+  @IsString()
+  @IsEmail()
+  readonly email: string;
+
+  @ApiProperty({ description: 'Admin user password' })
+  @IsNotEmpty()
+  @IsString()
+  @MinLength(8)
+  @MaxLength(255)
+  readonly password: string;
+}
diff --git a/backend/src/selfhosted-operations/application/responce-objects/is-configured.ro.ts b/backend/src/selfhosted-operations/application/responce-objects/is-configured.ro.ts
@@ -0,0 +1,6 @@
+import { ApiProperty } from '@nestjs/swagger';
+
+export class IsConfiguredRo {
+	@ApiProperty({ example: true, description: 'Indicates whether the self-hosted instance is configured' })
+	public isConfigured: boolean;
+}
diff --git a/backend/src/selfhosted-operations/application/use-cases/create-initial-user.use.case.ts b/backend/src/selfhosted-operations/application/use-cases/create-initial-user.use.case.ts
@@ -0,0 +1,60 @@
+import { BadRequestException, Inject, Injectable } from '@nestjs/common';
+import AbstractUseCase from '../../../common/abstract-use.case.js';
+import { IGlobalDatabaseContext } from '../../../common/application/global-database-context.interface.js';
+import { BaseType } from '../../../common/data-injection.tokens.js';
+import { SimpleFoundUserInfoDs } from '../../../entities/user/dto/found-user.dto.js';
+import { ICreateInitialUserUseCase } from './selfhosted-use-cases.interfaces.js';
+import { CreateInitialUserDs } from '../data-structures/create-initial-user.ds.js';
+import { isSaaS } from '../../../helpers/app/is-saas.js';
+import { Messages } from '../../../exceptions/text/messages.js';
+import { RegisterUserDs } from '../../../entities/user/application/data-structures/register-user-ds.js';
+import { UserRoleEnum } from '../../../entities/user/enums/user-role.enum.js';
+import { buildRegisteringUser } from '../../../entities/user/utils/build-registering-user.util.js';
+import { CompanyInfoEntity } from '../../../entities/company-info/company-info.entity.js';
+import { Encryptor } from '../../../helpers/encryption/encryptor.js';
+import { buildSimpleUserInfoDs } from '../../../entities/user/utils/build-created-user.ds.js';
+
+@Injectable()
+export class CreateInitialUserUseCase
+	extends AbstractUseCase<CreateInitialUserDs, SimpleFoundUserInfoDs>
+	implements ICreateInitialUserUseCase
+{
+	constructor(
+		@Inject(BaseType.GLOBAL_DB_CONTEXT)
+		protected _dbContext: IGlobalDatabaseContext,
+	) {
+		super();
+	}
+
+	protected async implementation(inputData: CreateInitialUserDs): Promise<SimpleFoundUserInfoDs> {
+		if (isSaaS()) {
+			throw new BadRequestException(Messages.ENDPOINT_NOT_AVAILABLE_IN_THIS_MODE);
+		}
+
+		const userCount = await this._dbContext.userRepository.count();
+		if (userCount > 0) {
+			throw new BadRequestException(Messages.SELF_HOSTED_ALREADY_CONFIGURED);
+		}
+
+		const { email, password } = inputData;
+		const registerUserData: RegisterUserDs = {
+			email: email,
+			password: password,
+			isActive: true,
+			gclidValue: null,
+			name: 'Admin',
+			role: UserRoleEnum.ADMIN,
+		};
+
+		const savedUser = await this._dbContext.userRepository.saveUserEntity(buildRegisteringUser(registerUserData));
+
+		const newCompanyInfo = new CompanyInfoEntity();
+		newCompanyInfo.id = Encryptor.generateUUID();
+		const savedCompanyInfo = await this._dbContext.companyInfoRepository.save(newCompanyInfo);
+
+		savedUser.company = savedCompanyInfo;
+		const finalUser = await this._dbContext.userRepository.saveUserEntity(savedUser);
+
+		return buildSimpleUserInfoDs(finalUser);
+	}
+}
diff --git a/backend/src/selfhosted-operations/application/use-cases/is-configured.use.case.ts b/backend/src/selfhosted-operations/application/use-cases/is-configured.use.case.ts
@@ -0,0 +1,25 @@
+import { Inject, Injectable } from '@nestjs/common';
+import AbstractUseCase from '../../../common/abstract-use.case.js';
+import { IGlobalDatabaseContext } from '../../../common/application/global-database-context.interface.js';
+import { BaseType } from '../../../common/data-injection.tokens.js';
+import { IsConfiguredRo } from '../responce-objects/is-configured.ro.js';
+import { IIsConfiguredUseCase } from './selfhosted-use-cases.interfaces.js';
+import { isSaaS } from '../../../helpers/app/is-saas.js';
+
+@Injectable()
+export class IsConfiguredUseCase extends AbstractUseCase<void, IsConfiguredRo> implements IIsConfiguredUseCase {
+	constructor(
+		@Inject(BaseType.GLOBAL_DB_CONTEXT)
+		protected _dbContext: IGlobalDatabaseContext,
+	) {
+		super();
+	}
+
+	protected async implementation(): Promise<IsConfiguredRo> {
+		if (isSaaS()) {
+			return { isConfigured: true };
+		}
+		const userCount = await this._dbContext.userRepository.count();
+		return { isConfigured: userCount > 0 };
+	}
+}
diff --git a/backend/src/selfhosted-operations/application/use-cases/selfhosted-use-cases.interfaces.ts b/backend/src/selfhosted-operations/application/use-cases/selfhosted-use-cases.interfaces.ts
@@ -0,0 +1,12 @@
+import { InTransactionEnum } from '../../../enums/index.js';
+import { SimpleFoundUserInfoDs } from '../../../entities/user/dto/found-user.dto.js';
+import { IsConfiguredRo } from '../responce-objects/is-configured.ro.js';
+import { CreateInitialUserDs } from '../data-structures/create-initial-user.ds.js';
+
+export interface IIsConfiguredUseCase {
+	execute(inputData: undefined, inTransaction: InTransactionEnum): Promise<IsConfiguredRo>;
+}
+
+export interface ICreateInitialUserUseCase {
+	execute(inputData: CreateInitialUserDs, inTransaction: InTransactionEnum): Promise<SimpleFoundUserInfoDs>;
+}
diff --git a/backend/src/selfhosted-operations/selfhosted-operations.controller.ts b/backend/src/selfhosted-operations/selfhosted-operations.controller.ts
@@ -0,0 +1,51 @@
+import { Body, Controller, Get, HttpStatus, Inject, Post, UseInterceptors } from '@nestjs/common';
+import { ApiBody, ApiOperation, ApiResponse, ApiTags } from '@nestjs/swagger';
+import { SentryInterceptor } from '../interceptors/index.js';
+import { IsConfiguredRo } from './application/responce-objects/is-configured.ro.js';
+import { CreateInitialUserDto } from './application/dto/create-initial-admin-user.dto.js';
+import { SimpleFoundUserInfoDs } from '../entities/user/dto/found-user.dto.js';
+import { UseCaseType } from '../common/data-injection.tokens.js';
+import {
+	IIsConfiguredUseCase,
+	ICreateInitialUserUseCase,
+} from './application/use-cases/selfhosted-use-cases.interfaces.js';
+import { InTransactionEnum } from '../enums/index.js';
+
+@UseInterceptors(SentryInterceptor)
+@Controller('selfhosted')
+@ApiTags('Selfhosted Operations')
+export class SelfHostedOperationsController {
+	constructor(
+		@Inject(UseCaseType.IS_CONFIGURED)
+		private readonly isConfiguredUseCase: IIsConfiguredUseCase,
+		@Inject(UseCaseType.CREATE_INITIAL_USER)
+		private readonly createInitialUserUseCase: ICreateInitialUserUseCase,
+	) {}
+
+	@Get('/is-configured')
+	@ApiOperation({ summary: 'Check if self-hosted instance is configured' })
+	@ApiResponse({
+		status: HttpStatus.OK,
+		description: 'Returns whether the instance is configured',
+		type: IsConfiguredRo,
+	})
+	public async isConfigured(): Promise<IsConfiguredRo> {
+		return await this.isConfiguredUseCase.execute(undefined, InTransactionEnum.OFF);
+	}
+
+	@Post('/initial-user')
+	@ApiOperation({ summary: 'Create initial user for self-hosted instance' })
+	@ApiBody({ type: CreateInitialUserDto })
+	@ApiResponse({
+		status: HttpStatus.CREATED,
+		description: 'Initial user created successfully',
+		type: SimpleFoundUserInfoDs,
+	})
+	@ApiResponse({
+		status: HttpStatus.BAD_REQUEST,
+		description: 'Instance already configured or endpoint not available in SaaS mode',
+	})
+	public async createInitialUser(@Body() createInitialUserDto: CreateInitialUserDto): Promise<SimpleFoundUserInfoDs> {
+		return await this.createInitialUserUseCase.execute(createInitialUserDto, InTransactionEnum.OFF);
+	}
+}
diff --git a/backend/src/selfhosted-operations/selhosted-operations.module.ts b/backend/src/selfhosted-operations/selhosted-operations.module.ts
@@ -0,0 +1,45 @@
+import { DynamicModule, Module } from '@nestjs/common';
+import { TypeOrmModule } from '@nestjs/typeorm';
+import { UserEntity } from '../entities/user/user.entity.js';
+import { CompanyInfoEntity } from '../entities/company-info/company-info.entity.js';
+import { SelfHostedOperationsController } from './selfhosted-operations.controller.js';
+import { GlobalDatabaseContext } from '../common/application/global-database-context.js';
+import { BaseType, UseCaseType } from '../common/data-injection.tokens.js';
+import { IsConfiguredUseCase } from './application/use-cases/is-configured.use.case.js';
+import { CreateInitialUserUseCase } from './application/use-cases/create-initial-user.use.case.js';
+import { isSaaS } from '../helpers/app/is-saas.js';
+
+@Module({})
+export class SelfHostedOperationsModule {
+	static register(): DynamicModule {
+		if (isSaaS()) {
+			// Return empty module in SaaS mode
+			return {
+				module: SelfHostedOperationsModule,
+				imports: [],
+				controllers: [],
+				providers: [],
+			};
+		}
+
+		return {
+			module: SelfHostedOperationsModule,
+			imports: [TypeOrmModule.forFeature([UserEntity, CompanyInfoEntity])],
+			controllers: [SelfHostedOperationsController],
+			providers: [
+				{
+					provide: BaseType.GLOBAL_DB_CONTEXT,
+					useClass: GlobalDatabaseContext,
+				},
+				{
+					provide: UseCaseType.IS_CONFIGURED,
+					useClass: IsConfiguredUseCase,
+				},
+				{
+					provide: UseCaseType.CREATE_INITIAL_USER,
+					useClass: CreateInitialUserUseCase,
+				},
+			],
+		};
+	}
+}
diff --git a/backend/test/ava-tests/non-saas-tests/non-saas-selfhosted-operations-e2e.test.ts b/backend/test/ava-tests/non-saas-tests/non-saas-selfhosted-operations-e2e.test.ts

Original file line number	Diff line number	Diff line change
`@@ -202,4 +202,7 @@ export enum UseCaseType {`
`202`	`202`	`CREATE_DASHBOARD_WIDGET = 'CREATE_DASHBOARD_WIDGET',`
`203`	`203`	`UPDATE_DASHBOARD_WIDGET = 'UPDATE_DASHBOARD_WIDGET',`
`204`	`204`	`DELETE_DASHBOARD_WIDGET = 'DELETE_DASHBOARD_WIDGET',`
	`205`	`+`
	`206`	`+ IS_CONFIGURED = 'IS_CONFIGURED',`
	`207`	`+ CREATE_INITIAL_USER = 'CREATE_INITIAL_USER',`
`205`	`208`	`}`
Original file line number	Diff line number	Diff line change
`@@ -34,6 +34,7 @@ export class AiChatMessageEntity {`
`34`	`34`	`@ManyToOne(`
`35`	`35`	`() => UserAiChatEntity,`
`36`	`36`	`(ai_chat) => ai_chat.messages,`
	`37`	`+ { onDelete: 'CASCADE' },`
`37`	`38`	`)`
`38`	`39`	`@JoinColumn({ name: 'ai_chat_id' })`
`39`	`40`	`ai_chat: Relation<UserAiChatEntity>;`
Original file line number	Diff line number	Diff line change
`@@ -29,6 +29,7 @@ export class UserAiChatEntity {`
`29`	`29`	`@ManyToOne(`
`30`	`30`	`() => UserEntity,`
`31`	`31`	`(user) => user.ai_chats,`
	`32`	`+ { onDelete: 'CASCADE' },`
`32`	`33`	`)`
`33`	`34`	`@JoinColumn({ name: 'user_id' })`
`34`	`35`	`user: Relation<UserEntity>;`
Original file line number	Diff line number	Diff line change
`@@ -272,6 +272,7 @@ export class ConnectionEntity {`
`272`	`272`	`@ManyToOne(`
`273`	`273`	`(_) => CompanyInfoEntity,`
`274`	`274`	`(company) => company.connections,`
	`275`	`+ { onDelete: 'CASCADE' },`
`275`	`276`	`)`
`276`	`277`	`@JoinTable()`
`277`	`278`	`company: Relation<CompanyInfoEntity>;`