feat: replace ID with UID

BREAKING CHANGE: remove auto incremental ids from user, group and permissions and add a virtual uid property that returns string value of documents object id

api/src/middlewares/authenticateToken.ts

@@ -76,7 +76,7 @@ const authenticateToken = async (
   const { MODE } = process.env
   if (MODE === ModeType.Desktop) {
     req.user = {
-      userId: 1234,
+      userId: '1234',
       clientId: 'desktopModeClientId',
       username: 'desktopModeUsername',
       displayName: 'desktopModeDisplayName',

api/src/middlewares/authorize.ts

@@ -18,7 +18,7 @@ export const authorize: RequestHandler = async (req, res, next) => {
   // no need to check for permissions when route is Public
   if (await isPublicRoute(req)) return next()
 
-  const dbUser = await User.findOne({ id: user.userId })
+  const dbUser = await User.findOne({ _id: user.userId })
   if (!dbUser) return res.sendStatus(401)
 
   const path = getPath(req)

api/src/middlewares/desktop.ts

@@ -28,7 +28,7 @@ export const desktopRestrict: RequestHandler = (req, res, next) => {
 }
 
 export const desktopUser: RequestUser = {
-  userId: 12345,
+  userId: '12345',
   clientId: 'desktop_app',
   username: userInfo().username,
   displayName: userInfo().username,

api/src/middlewares/verifyAdminIfNeeded.ts

@@ -9,7 +9,7 @@ export const verifyAdminIfNeeded: RequestHandler = (req, res, next) => {
     let adminAccountRequired: boolean = true
 
     if (req.params.userId) {
-      adminAccountRequired = user?.userId !== parseInt(req.params.userId)
+      adminAccountRequired = user?.userId !== req.params.userId
     } else if (req.params.username) {
       adminAccountRequired = user?.username !== req.params.username
     }