chore: remove unused code

BREAKING CHANGE: remove auto incremental ids from user, group and permissions and add a virtual uid property that returns string value of documents object id

CHANGELOG.md

@@ -1,3 +1,160 @@
+## [0.34.2](https://github.com/sasjs/server/compare/v0.34.1...v0.34.2) (2023-05-01)
+
+
+### Bug Fixes
+
+* use custom logic for handling sequence ids ([dba53de](https://github.com/sasjs/server/commit/dba53de64664c9d8a40fe69de6281c53d1c73641))
+
+## [0.34.1](https://github.com/sasjs/server/compare/v0.34.0...v0.34.1) (2023-04-28)
+
+
+### Bug Fixes
+
+* **css:** fixed css loading ([9c5acd6](https://github.com/sasjs/server/commit/9c5acd6de32afdbc186f79ae5b35375dda2e49b0))
+* **log:** fixed chunk collapsing ([64b156f](https://github.com/sasjs/server/commit/64b156f7627969b7f13022726f984fbbfe1a33ef))
+
+# [0.34.0](https://github.com/sasjs/server/compare/v0.33.3...v0.34.0) (2023-04-28)
+
+
+### Bug Fixes
+
+* **log:** fixed checks for errors and warnings ([02e2b06](https://github.com/sasjs/server/commit/02e2b060f9bedf4806f45f5205fd87bfa2ecae90))
+* **log:** fixed default runtime ([e04300a](https://github.com/sasjs/server/commit/e04300ad2ac237be7b28a6332fa87a3bcf761c7b))
+* **log:** fixed parsing log for different runtime ([3b1e4a1](https://github.com/sasjs/server/commit/3b1e4a128b1f22ff6f3069f5aaada6bfb1b40d12))
+* **log:** fixed scrolling issue ([56a522c](https://github.com/sasjs/server/commit/56a522c07c6f6d4c26c6d3b7cd6e9ef7007067a9))
+* **log:** fixed single chunk display ([8254b78](https://github.com/sasjs/server/commit/8254b789555cb8bbb169f52b754b4ce24e876dd2))
+* **log:** fixed single chunk scrolling ([57b7f95](https://github.com/sasjs/server/commit/57b7f954a17936f39aa9b757998b5b25e9442601))
+* **log:** fixed switching runtime ([c7a7399](https://github.com/sasjs/server/commit/c7a73991a7aa25d0c75d0c00e712bdc78769300b))
+* **log:** fixing switching from SAS to other runtime ([c72ecc7](https://github.com/sasjs/server/commit/c72ecc7e5943af9536ee31cfa85398e016d5354f))
+
+
+### Features
+
+* **log:** added download chunk and entire log ([a38a9f9](https://github.com/sasjs/server/commit/a38a9f9c3dfe36bd55d32024c166147318216995))
+* **log:** added logComponent and LogTabWithIcons ([3a887de](https://github.com/sasjs/server/commit/3a887dec55371b6a00b92291bb681e4cccb770c0))
+* **log:** added parseErrorsAndWarnings utility ([7c1c1e2](https://github.com/sasjs/server/commit/7c1c1e241002313c10f94dd61702584b9f148010))
+* **log:** added time to downloaded log name ([3848bb0](https://github.com/sasjs/server/commit/3848bb0added69ca81a5c9419ea414bdd1c294bb))
+* **log:** put download log icon into log tab ([777b3a5](https://github.com/sasjs/server/commit/777b3a55be1ecf5b05bf755ce8b14735496509e1))
+* **log:** split large log into chunks ([75f5a3c](https://github.com/sasjs/server/commit/75f5a3c0b39665bef8b83dc7e1e8b3e5f23fc303))
+* **log:** use improved log for SAS run time only ([7b12591](https://github.com/sasjs/server/commit/7b12591595cdd5144d9311ffa06a80c5dab79364))
+
+## [0.33.3](https://github.com/sasjs/server/compare/v0.33.2...v0.33.3) (2023-04-27)
+
+
+### Bug Fixes
+
+* use RateLimiterMemory instead of RateLimiterMongo ([6a520f5](https://github.com/sasjs/server/commit/6a520f5b26a3e2ed6345721b30ff4e3d9bfa903d))
+
+## [0.33.2](https://github.com/sasjs/server/compare/v0.33.1...v0.33.2) (2023-04-24)
+
+
+### Bug Fixes
+
+* removing print redirection pending full [#274](https://github.com/sasjs/server/issues/274) fix ([d49ea47](https://github.com/sasjs/server/commit/d49ea47bd7a2add42bdb9a717082201f29e16597))
+
+## [0.33.1](https://github.com/sasjs/server/compare/v0.33.0...v0.33.1) (2023-04-20)
+
+
+### Bug Fixes
+
+* applying nologo only for sas.exe ([b4436ba](https://github.com/sasjs/server/commit/b4436bad0d24d5b5a402272632db1739b1018c90)), closes [#352](https://github.com/sasjs/server/issues/352)
+
+# [0.33.0](https://github.com/sasjs/server/compare/v0.32.0...v0.33.0) (2023-04-05)
+
+
+### Features
+
+* option to reset admin password on startup ([eda8e56](https://github.com/sasjs/server/commit/eda8e56bb0ea20fdaacabbbe7dcf1e3ea7bd215a))
+
+# [0.32.0](https://github.com/sasjs/server/compare/v0.31.0...v0.32.0) (2023-04-05)
+
+
+### Features
+
+* add an api endpoint for admin to get list of client ids ([6ffaa7e](https://github.com/sasjs/server/commit/6ffaa7e9e2a62c083bb9fcc3398dcbed10cebdb1))
+
+# [0.31.0](https://github.com/sasjs/server/compare/v0.30.3...v0.31.0) (2023-03-30)
+
+
+### Features
+
+* prevent brute force attack by rate limiting login endpoint ([a82cabb](https://github.com/sasjs/server/commit/a82cabb00134c79c5ee77afd1b1628a1f768e050))
+
+## [0.30.3](https://github.com/sasjs/server/compare/v0.30.2...v0.30.3) (2023-03-07)
+
+
+### Bug Fixes
+
+* add location.pathname to location.origin conditionally ([edab51c](https://github.com/sasjs/server/commit/edab51c51997f17553e037dc7c2b5e5fa6ea8ffe))
+
+## [0.30.2](https://github.com/sasjs/server/compare/v0.30.1...v0.30.2) (2023-03-07)
+
+
+### Bug Fixes
+
+* **web:** add path to base in launch program url ([2c31922](https://github.com/sasjs/server/commit/2c31922f58a8aa20d7fa6bfc95b53a350f90c798))
+
+## [0.30.1](https://github.com/sasjs/server/compare/v0.30.0...v0.30.1) (2023-03-01)
+
+
+### Bug Fixes
+
+* **web:** add proper base url in axios.defaults ([5e3ce8a](https://github.com/sasjs/server/commit/5e3ce8a98f1825e14c1d26d8da0c9821beeff7b3))
+
+# [0.30.0](https://github.com/sasjs/server/compare/v0.29.0...v0.30.0) (2023-02-28)
+
+
+### Bug Fixes
+
+* lint + remove default settings ([3de59ac](https://github.com/sasjs/server/commit/3de59ac4f8e3d95cad31f09e6963bd04c4811f26))
+
+
+### Features
+
+* add new env config DB_TYPE ([158f044](https://github.com/sasjs/server/commit/158f044363abf2576c8248f0ca9da4bc9cb7e9d8))
+
+# [0.29.0](https://github.com/sasjs/server/compare/v0.28.7...v0.29.0) (2023-02-06)
+
+
+### Features
+
+* Add /SASjsApi endpoint in permissions ([b3402ea](https://github.com/sasjs/server/commit/b3402ea80afb8802eee8b8b6cbbbcc29903424bc))
+
+## [0.28.7](https://github.com/sasjs/server/compare/v0.28.6...v0.28.7) (2023-02-03)
+
+
+### Bug Fixes
+
+* add user to all users group on user creation ([2bae52e](https://github.com/sasjs/server/commit/2bae52e307327d7ee4a94b19d843abdc0ccec9d1))
+
+## [0.28.6](https://github.com/sasjs/server/compare/v0.28.5...v0.28.6) (2023-01-26)
+
+
+### Bug Fixes
+
+* show loading spinner on login screen while request is in process ([69f2576](https://github.com/sasjs/server/commit/69f2576ee6d3d7b7f3325922a88656d511e3ac88))
+
+## [0.28.5](https://github.com/sasjs/server/compare/v0.28.4...v0.28.5) (2023-01-01)
+
+
+### Bug Fixes
+
+* adding NOPRNGETLIST system option for faster startup ([96eca3a](https://github.com/sasjs/server/commit/96eca3a35dce4521150257ee019beb4488c8a08f))
+
+## [0.28.4](https://github.com/sasjs/server/compare/v0.28.3...v0.28.4) (2022-12-07)
+
+
+### Bug Fixes
+
+* replace main class with container class ([71c429b](https://github.com/sasjs/server/commit/71c429b093b91e2444ae75d946579dccc2e48636))
+
+## [0.28.3](https://github.com/sasjs/server/compare/v0.28.2...v0.28.3) (2022-12-06)
+
+
+### Bug Fixes
+
+* stringify json file ([1192583](https://github.com/sasjs/server/commit/1192583843d7efd1a6ab6943207f394c3ae966be))
+
 ## [0.28.2](https://github.com/sasjs/server/compare/v0.28.1...v0.28.2) (2022-12-05)
 
 

README.md

@@ -137,6 +137,9 @@ CA_ROOT=fullchain.pem (optional)
 ## ENV variables required for MODE: `server`
 DB_CONNECT=mongodb+srv://<DB_USERNAME>:<DB_PASSWORD>@<CLUSTER>/<DB_NAME>?retryWrites=true&w=majority
 
+# options: [mongodb|cosmos_mongodb] default: mongodb
+DB_TYPE=
+
 # AUTH_PROVIDERS options: [ldap] default: ``
 AUTH_PROVIDERS=
 
@@ -172,6 +175,32 @@ HELMET_COEP=
 # }
 HELMET_CSP_CONFIG_PATH=./csp.config.json
 
+# To prevent brute force attack on login route we have implemented rate limiter
+# Only valid for MODE: server
+# Following are configurable env variable rate limiter
+
+# After this, access is blocked for 1 day
+MAX_WRONG_ATTEMPTS_BY_IP_PER_DAY = <number> default: 100;
+
+
+# After this, access is blocked for an hour
+# Store number for 24 days since first fail
+# Once a successful login is attempted, it resets
+MAX_CONSECUTIVE_FAILS_BY_USERNAME_AND_IP = <number> default: 10;
+
+# Name of the admin user that will be created on startup if not exists already
+# Default is `secretuser`
+ADMIN_USERNAME=secretuser
+
+# Temporary password for the ADMIN_USERNAME, which is in place until the first login
+# Default is `secretpassword`
+ADMIN_PASSWORD_INITIAL=secretpassword
+
+# Specify whether app has to reset the ADMIN_USERNAME's password or not
+# Default is NO. Possible options are YES and NO
+# If ADMIN_PASSWORD_RESET is YES then the ADMIN_USERNAME will be prompted to change the password from ADMIN_PASSWORD_INITIAL on their next login. This will repeat on every server restart, unless the option is removed / set to NO.
+ADMIN_PASSWORD_RESET=NO
+
 # LOG_FORMAT_MORGAN options: [combined|common|dev|short|tiny] default: `common`
 # Docs: https://www.npmjs.com/package/morgan#predefined-formats
 LOG_FORMAT_MORGAN=

api/.env.example

@@ -14,6 +14,7 @@ HELMET_CSP_CONFIG_PATH=./csp.config.json if omitted HELMET default will be used
 HELMET_COEP=[true|false] if omitted HELMET default will be used
 
 DB_CONNECT=mongodb+srv://<DB_USERNAME>:<DB_PASSWORD>@<CLUSTER>/<DB_NAME>?retryWrites=true&w=majority
+DB_TYPE=[mongodb|cosmos_mongodb] default considered as mongodb
 
 AUTH_PROVIDERS=[ldap]
 
@@ -23,6 +24,16 @@ LDAP_BIND_PASSWORD = <password>
 LDAP_USERS_BASE_DN = <ou=users,dc=cloudron>
 LDAP_GROUPS_BASE_DN = <ou=groups,dc=cloudron>
 
+#default value is 100
+MAX_WRONG_ATTEMPTS_BY_IP_PER_DAY=100 
+
+#default value is 10
+MAX_CONSECUTIVE_FAILS_BY_USERNAME_AND_IP=10
+
+ADMIN_USERNAME=secretuser
+ADMIN_PASSWORD_INITIAL=secretpassword
+ADMIN_PASSWORD_RESET=NO
+
 RUN_TIMES=[sas,js,py | js,py | sas | sas,js] default considered as sas
 SAS_PATH=/opt/sas/sas9/SASHome/SASFoundation/9.4/sas
 NODE_PATH=~/.nvm/versions/node/v16.14.0/bin/node

api/package.json

@@ -49,7 +49,7 @@
   "author": "4GL Ltd",
   "dependencies": {
     "@sasjs/core": "^4.40.1",
-    "@sasjs/utils": "2.48.1",
+    "@sasjs/utils": "3.2.0",
     "bcryptjs": "^2.4.3",
     "connect-mongo": "^4.6.0",
     "cookie-parser": "^1.4.6",
@@ -61,9 +61,9 @@
     "jsonwebtoken": "^8.5.1",
     "ldapjs": "2.3.3",
     "mongoose": "^6.0.12",
-    "mongoose-sequence": "^5.3.1",
     "morgan": "^1.10.0",
     "multer": "^1.4.5-lts.1",
+    "rate-limiter-flexible": "2.4.1",
     "rotating-file-stream": "^3.0.4",
     "swagger-ui-express": "4.3.0",
     "unzipper": "^0.10.11",
@@ -79,7 +79,6 @@
     "@types/jest": "^26.0.24",
     "@types/jsonwebtoken": "^8.5.5",
     "@types/ldapjs": "^2.2.4",
-    "@types/mongoose-sequence": "^3.0.6",
     "@types/morgan": "^1.9.3",
     "@types/multer": "^1.4.7",
     "@types/node": "^15.12.2",
@@ -92,7 +91,7 @@
     "dotenv": "^10.0.0",
     "http-headers-validation": "^0.0.1",
     "jest": "^27.0.6",
-    "mongodb-memory-server": "^8.0.0",
+    "mongodb-memory-server": "8.11.4",
     "nodejs-file-downloader": "4.10.2",
     "nodemon": "^2.0.7",
     "pkg": "5.6.0",

api/public/swagger.yaml

@@ -40,8 +40,7 @@ components:
                 clientId:
                     type: string
                 userId:
-                    type: number
+                    type: string
-                    format: double
             required:
                 - clientId
                 - userId
@@ -285,9 +284,8 @@ components:
             additionalProperties: false
         UserResponse:
             properties:
-                id:
+                uid:
-                    type: number
+                    type: string
-                    format: double
                 username:
                     type: string
                 displayName:
@@ -295,7 +293,7 @@ components:
                 isAdmin:
                     type: boolean
             required:
-                - id
+                - uid
                 - username
                 - displayName
                 - isAdmin
@@ -303,32 +301,30 @@ components:
             additionalProperties: false
         GroupResponse:
             properties:
-                groupId:
+                uid:
-                    type: number
+                    type: string
-                    format: double
                 name:
                     type: string
                 description:
                     type: string
             required:
-                - groupId
+                - uid
                 - name
                 - description
             type: object
             additionalProperties: false
         UserDetailsResponse:
             properties:
-                id:
+                uid:
-                    type: number
-                    format: double
-                displayName:
                     type: string
                 username:
                     type: string
-                isActive:
+                displayName:
-                    type: boolean
+                    type: string
                 isAdmin:
                     type: boolean
+                isActive:
+                    type: boolean
                 autoExec:
                     type: string
                 groups:
@@ -336,11 +332,11 @@ components:
                         $ref: '#/components/schemas/GroupResponse'
                     type: array
             required:
-                - id
+                - uid
-                - displayName
                 - username
-                - isActive
+                - displayName
                 - isAdmin
+                - isActive
             type: object
             additionalProperties: false
         UserPayload:
@@ -376,9 +372,8 @@ components:
             additionalProperties: false
         GroupDetailsResponse:
             properties:
-                groupId:
+                uid:
-                    type: number
+                    type: string
-                    format: double
                 name:
                     type: string
                 description:
@@ -390,7 +385,7 @@ components:
                         $ref: '#/components/schemas/UserResponse'
                     type: array
             required:
-                - groupId
+                - uid
                 - name
                 - description
                 - isActive
@@ -459,9 +454,8 @@ components:
             additionalProperties: false
         PermissionDetailsResponse:
             properties:
-                permissionId:
+                uid:
-                    type: number
+                    type: string
-                    format: double
                 path:
                     type: string
                 type:
@@ -473,7 +467,7 @@ components:
                 group:
                     $ref: '#/components/schemas/GroupDetailsResponse'
             required:
-                - permissionId
+                - uid
                 - path
                 - type
                 - setting
@@ -512,10 +506,8 @@ components:
                     description: 'Indicates the type of principal'
                     example: user
                 principalId:
-                    type: number
+                    type: string
-                    format: double
                     description: 'The id of user or group to which a rule is assigned.'
-                    example: 123
             required:
                 - path
                 - type
@@ -534,25 +526,37 @@ components:
                 - setting
             type: object
             additionalProperties: false
-        SessionResponse:
+        Pick_UserResponse.Exclude_keyofUserResponse.uid__:
             properties:
-                id:
-                    type: number
-                    format: double
                 username:
                     type: string
                 displayName:
                     type: string
                 isAdmin:
                     type: boolean
-                needsToUpdatePassword:
-                    type: boolean
             required:
-                - id
                 - username
                 - displayName
                 - isAdmin
-                - needsToUpdatePassword
+            type: object
+            description: 'From T, pick a set of properties whose keys are in the union K'
+        SessionResponse:
+            properties:
+                username:
+                    type: string
+                displayName:
+                    type: string
+                isAdmin:
+                    type: boolean
+                id:
+                    type: string
+                needsToUpdatePassword:
+                    type: boolean
+            required:
+                - username
+                - displayName
+                - isAdmin
+                - id
             type: object
             additionalProperties: false
         ExecutePostRequestPayload:
@@ -758,6 +762,27 @@ paths:
                     application/json:
                         schema:
                             $ref: '#/components/schemas/ClientPayload'
+        get:
+            operationId: GetAllClients
+            responses:
+                '200':
+                    description: Ok
+                    content:
+                        application/json:
+                            schema:
+                                items:
+                                    $ref: '#/components/schemas/ClientPayload'
+                                type: array
+                            examples:
+                                'Example 1':
+                                    value: [{clientId: someClientID1234, clientSecret: someRandomCryptoString, accessTokenExpiration: 86400}, {clientId: someOtherClientID, clientSecret: someOtherRandomCryptoString, accessTokenExpiration: 86400}]
+            summary: 'Admin only task. Returns the list of all the clients'
+            tags:
+                - Client
+            security:
+                -
+                    bearerAuth: []
+            parameters: []
     /SASjsApi/code/execute:
         post:
             operationId: ExecuteCode
@@ -1185,7 +1210,7 @@ paths:
                                 type: array
                             examples:
                                 'Example 1':
-                                    value: [{id: 123, username: johnusername, displayName: John, isAdmin: false}, {id: 456, username: starkusername, displayName: Stark, isAdmin: true}]
+                                    value: [{uid: userIdString, username: johnusername, displayName: John, isAdmin: false}, {uid: anotherUserIdString, username: starkusername, displayName: Stark, isAdmin: true}]
             summary: 'Get list of all users (username, displayname). All users can request this.'
             tags:
                 - User
@@ -1204,7 +1229,7 @@ paths:
                                 $ref: '#/components/schemas/UserDetailsResponse'
                             examples:
                                 'Example 1':
-                                    value: {id: 1234, displayName: 'John Snow', username: johnSnow01, isAdmin: false, isActive: true}
+                                    value: {uid: userIdString, displayName: 'John Snow', username: johnSnow01, isAdmin: false, isActive: true}
             summary: 'Create user with the following attributes: UserId, UserName, Password, isAdmin, isActive. Admin only task.'
             tags:
                 - User
@@ -1255,7 +1280,7 @@ paths:
                                 $ref: '#/components/schemas/UserDetailsResponse'
                             examples:
                                 'Example 1':
-                                    value: {id: 1234, displayName: 'John Snow', username: johnSnow01, isAdmin: false, isActive: true}
+                                    value: {uid: userIdString, displayName: 'John Snow', username: johnSnow01, isAdmin: false, isActive: true}
             summary: 'Update user properties - such as displayName. Can be performed either by admins, or the user in question.'
             tags:
                 - User
@@ -1306,7 +1331,7 @@ paths:
                                 password:
                                     type: string
                             type: object
-    '/SASjsApi/user/{userId}':
+    '/SASjsApi/user/{uid}':
         get:
             operationId: GetUser
             responses:
@@ -1325,14 +1350,12 @@ paths:
                     bearerAuth: []
             parameters:
                 -
-                    description: 'The user''s identifier'
                     in: path
-                    name: userId
+                    name: uid
                     required: true
                     schema:
-                        format: double
+                        type: string
-                        type: number
+    '/SASjsApi/user/{userId}':
-                    example: 1234
         patch:
             operationId: UpdateUser
             responses:
@@ -1344,7 +1367,7 @@ paths:
                                 $ref: '#/components/schemas/UserDetailsResponse'
                             examples:
                                 'Example 1':
-                                    value: {id: 1234, displayName: 'John Snow', username: johnSnow01, isAdmin: false, isActive: true}
+                                    value: {uid: userIdString, displayName: 'John Snow', username: johnSnow01, isAdmin: false, isActive: true}
             summary: 'Update user properties - such as displayName. Can be performed either by admins, or the user in question.'
             tags:
                 - User
@@ -1358,8 +1381,7 @@ paths:
                     name: userId
                     required: true
                     schema:
-                        format: double
+                        type: string
-                        type: number
                     example: '1234'
             requestBody:
                 required: true
@@ -1385,8 +1407,7 @@ paths:
                     name: userId
                     required: true
                     schema:
-                        format: double
+                        type: string
-                        type: number
                     example: 1234
             requestBody:
                 required: true
@@ -1411,7 +1432,7 @@ paths:
                                 type: array
                             examples:
                                 'Example 1':
-                                    value: [{groupId: 123, name: DCGroup, description: 'This group represents Data Controller Users'}]
+                                    value: [{uid: groupIdString, name: DCGroup, description: 'This group represents Data Controller Users'}]
             summary: 'Get list of all groups (groupName and groupDescription). All users can request this.'
             tags:
                 - Group
@@ -1430,7 +1451,7 @@ paths:
                                 $ref: '#/components/schemas/GroupDetailsResponse'
                             examples:
                                 'Example 1':
-                                    value: {groupId: 123, name: DCGroup, description: 'This group represents Data Controller Users', isActive: true, users: []}
+                                    value: {uid: groupIdString, name: DCGroup, description: 'This group represents Data Controller Users', isActive: true, users: []}
             summary: 'Create a new group. Admin only.'
             tags:
                 - Group
@@ -1446,7 +1467,7 @@ paths:
                             $ref: '#/components/schemas/GroupPayload'
     '/SASjsApi/group/by/groupname/{name}':
         get:
-            operationId: GetGroupByGroupName
+            operationId: GetGroupByName
             responses:
                 '200':
                     description: Ok
@@ -1468,7 +1489,7 @@ paths:
                     required: true
                     schema:
                         type: string
-    '/SASjsApi/group/{groupId}':
+    '/SASjsApi/group/{uid}':
         get:
             operationId: GetGroup
             responses:
@@ -1488,12 +1509,11 @@ paths:
                 -
                     description: 'The group''s identifier'
                     in: path
-                    name: groupId
+                    name: uid
                     required: true
                     schema:
-                        format: double
+                        type: string
-                        type: number
+                    example: 12ByteString
-                    example: 1234
         delete:
             operationId: DeleteGroup
             responses:
@@ -1515,13 +1535,12 @@ paths:
                 -
                     description: 'The group''s identifier'
                     in: path
-                    name: groupId
+                    name: uid
                     required: true
                     schema:
-                        format: double
+                        type: string
-                        type: number
+                    example: 12ByteString
-                    example: 1234
+    '/SASjsApi/group/{groupUid}/{userUid}':
-    '/SASjsApi/group/{groupId}/{userId}':
         post:
             operationId: AddUserToGroup
             responses:
@@ -1533,7 +1552,7 @@ paths:
                                 $ref: '#/components/schemas/GroupDetailsResponse'
                             examples:
                                 'Example 1':
-                                    value: {groupId: 123, name: DCGroup, description: 'This group represents Data Controller Users', isActive: true, users: []}
+                                    value: {uid: groupIdString, name: DCGroup, description: 'This group represents Data Controller Users', isActive: true, users: []}
             summary: 'Add a user to a group. Admin task only.'
             tags:
                 - Group
@@ -1544,21 +1563,18 @@ paths:
                 -
                     description: 'The group''s identifier'
                     in: path
-                    name: groupId
+                    name: groupUid
                     required: true
                     schema:
-                        format: double
+                        type: string
-                        type: number
+                    example: 12ByteString
-                    example: '1234'
                 -
                     description: 'The user''s identifier'
                     in: path
-                    name: userId
+                    name: userUid
                     required: true
                     schema:
-                        format: double
+                        type: string
-                        type: number
-                    example: '6789'
         delete:
             operationId: RemoveUserFromGroup
             responses:
@@ -1570,8 +1586,8 @@ paths:
                                 $ref: '#/components/schemas/GroupDetailsResponse'
                             examples:
                                 'Example 1':
-                                    value: {groupId: 123, name: DCGroup, description: 'This group represents Data Controller Users', isActive: true, users: []}
+                                    value: {uid: groupIdString, name: DCGroup, description: 'This group represents Data Controller Users', isActive: true, users: []}
-            summary: 'Remove a user to a group. Admin task only.'
+            summary: 'Remove a user from a group. Admin task only.'
             tags:
                 - Group
             security:
@@ -1581,21 +1597,19 @@ paths:
                 -
                     description: 'The group''s identifier'
                     in: path
-                    name: groupId
+                    name: groupUid
                     required: true
                     schema:
-                        format: double
+                        type: string
-                        type: number
+                    example: 12ByteString
-                    example: '1234'
                 -
                     description: 'The user''s identifier'
                     in: path
-                    name: userId
+                    name: userUid
                     required: true
                     schema:
-                        format: double
+                        type: string
-                        type: number
+                    example: 12ByteString
-                    example: '6789'
     /SASjsApi/info:
         get:
             operationId: Info
@@ -1646,7 +1660,7 @@ paths:
                                 type: array
                             examples:
                                 'Example 1':
-                                    value: [{permissionId: 123, path: /SASjsApi/code/execute, type: Route, setting: Grant, user: {id: 1, username: johnSnow01, displayName: 'John Snow', isAdmin: false}}, {permissionId: 124, path: /SASjsApi/code/execute, type: Route, setting: Grant, group: {groupId: 1, name: DCGroup, description: 'This group represents Data Controller Users', isActive: true, users: []}}]
+                                    value: [{uid: permissionId1String, path: /SASjsApi/code/execute, type: Route, setting: Grant, user: {uid: user1-id, username: johnSnow01, displayName: 'John Snow', isAdmin: false}}, {uid: permissionId2String, path: /SASjsApi/code/execute, type: Route, setting: Grant, group: {uid: group1-id, name: DCGroup, description: 'This group represents Data Controller Users', isActive: true, users: []}}]
             description: "Get the list of permission rules applicable the authenticated user.\nIf the user is an admin, all rules are returned."
             summary: 'Get the list of permission rules. If the user is admin, all rules are returned.'
             tags:
@@ -1666,7 +1680,7 @@ paths:
                                 $ref: '#/components/schemas/PermissionDetailsResponse'
                             examples:
                                 'Example 1':
-                                    value: {permissionId: 123, path: /SASjsApi/code/execute, type: Route, setting: Grant, user: {id: 1, username: johnSnow01, displayName: 'John Snow', isAdmin: false}}
+                                    value: {uid: permissionIdString, path: /SASjsApi/code/execute, type: Route, setting: Grant, user: {uid: userIdString, username: johnSnow01, displayName: 'John Snow', isAdmin: false}}
             summary: 'Create a new permission. Admin only.'
             tags:
                 - Permission
@@ -1680,7 +1694,7 @@ paths:
                     application/json:
                         schema:
                             $ref: '#/components/schemas/RegisterPermissionPayload'
-    '/SASjsApi/permission/{permissionId}':
+    '/SASjsApi/permission/{uid}':
         patch:
             operationId: UpdatePermission
             responses:
@@ -1692,7 +1706,7 @@ paths:
                                 $ref: '#/components/schemas/PermissionDetailsResponse'
                             examples:
                                 'Example 1':
-                                    value: {permissionId: 123, path: /SASjsApi/code/execute, type: Route, setting: Grant, user: {id: 1, username: johnSnow01, displayName: 'John Snow', isAdmin: false}}
+                                    value: {uid: permissionIdString, path: /SASjsApi/code/execute, type: Route, setting: Grant, user: {uid: userIdString, username: johnSnow01, displayName: 'John Snow', isAdmin: false}}
             summary: 'Update permission setting. Admin only'
             tags:
                 - Permission
@@ -1701,14 +1715,11 @@ paths:
                     bearerAuth: []
             parameters:
                 -
-                    description: 'The permission''s identifier'
                     in: path
-                    name: permissionId
+                    name: uid
                     required: true
                     schema:
-                        format: double
+                        type: string
-                        type: number
-                    example: 1234
             requestBody:
                 required: true
                 content:
@@ -1728,14 +1739,11 @@ paths:
                     bearerAuth: []
             parameters:
                 -
-                    description: 'The user''s identifier'
                     in: path
-                    name: permissionId
+                    name: uid
                     required: true
                     schema:
-                        format: double
+                        type: string
-                        type: number
-                    example: 1234
     /SASjsApi/session:
         get:
             operationId: Session
@@ -1748,7 +1756,7 @@ paths:
                                 $ref: '#/components/schemas/SessionResponse'
                             examples:
                                 'Example 1':
-                                    value: {id: 123, username: johnusername, displayName: John, isAdmin: false}
+                                    value: {id: userIdString, username: johnusername, displayName: John, isAdmin: false, needsToUpdatePassword: false}
             summary: 'Get session info (username).'
             tags:
                 - Session
@@ -1842,7 +1850,7 @@ paths:
                         application/json:
                             schema:
                                 properties:
-                                    user: {properties: {needsToUpdatePassword: {type: boolean}, isAdmin: {type: boolean}, displayName: {type: string}, username: {type: string}, id: {type: number, format: double}}, required: [needsToUpdatePassword, isAdmin, displayName, username, id], type: object}
+                                    user: {properties: {needsToUpdatePassword: {type: boolean}, isAdmin: {type: boolean}, displayName: {type: string}, username: {type: string}, id: {}}, required: [needsToUpdatePassword, isAdmin, displayName, username, id], type: object}
                                     loggedIn: {type: boolean}
                                 required:
                                     - user

api/src/app-modules/configureExpressSession.ts

@@ -3,19 +3,27 @@ import mongoose from 'mongoose'
 import session from 'express-session'
 import MongoStore from 'connect-mongo'
 
-import { ModeType, ProtocolType } from '../utils'
+import { DatabaseType, ModeType, ProtocolType } from '../utils'
 
 export const configureExpressSession = (app: Express) => {
-  const { MODE } = process.env
+  const { MODE, DB_TYPE } = process.env
 
   if (MODE === ModeType.Server) {
     let store: MongoStore | undefined
 
     if (process.env.NODE_ENV !== 'test') {
-      store = MongoStore.create({
+      if (DB_TYPE === DatabaseType.COSMOS_MONGODB) {
-        client: mongoose.connection!.getClient() as any,
+        // COSMOS DB requires specific connection options (compatibility mode)
-        collectionName: 'sessions'
+        // See: https://www.npmjs.com/package/connect-mongo#set-the-compatibility-mode
-      })
+        store = MongoStore.create({
+          client: mongoose.connection!.getClient() as any,
+          autoRemove: 'interval'
+        })
+      } else {
+        store = MongoStore.create({
+          client: mongoose.connection!.getClient() as any
+        })
+      }
     }
 
     const { PROTOCOL, ALLOWED_DOMAIN } = process.env

api/src/controllers/auth.ts

@@ -27,14 +27,14 @@ import User from '../model/User'
 @Tags('Auth')
 export class AuthController {
   static authCodes: { [key: string]: { [key: string]: string } } = {}
-  static saveCode = (userId: number, clientId: string, code: string) => {
+  static saveCode = (userId: string, clientId: string, code: string) => {
     if (AuthController.authCodes[userId])
       return (AuthController.authCodes[userId][clientId] = code)
 
     AuthController.authCodes[userId] = { [clientId]: code }
     return AuthController.authCodes[userId][clientId]
   }
-  static deleteCode = (userId: number, clientId: string) =>
+  static deleteCode = (userId: string, clientId: string) =>
     delete AuthController.authCodes[userId][clientId]
 
   /**
@@ -159,7 +159,7 @@ const updatePassword = async (
 ) => {
   const { currentPassword, newPassword } = data
   const userId = req.user?.userId
-  const dbUser = await User.findOne({ userId })
+  const dbUser = await User.findOne({ _id: userId })
 
   if (!dbUser)
     throw {

api/src/controllers/client.ts

@@ -1,4 +1,4 @@
-import { Security, Route, Tags, Example, Post, Body } from 'tsoa'
+import { Security, Route, Tags, Example, Post, Body, Get } from 'tsoa'
 
 import Client, {
   ClientPayload,
@@ -29,6 +29,28 @@ export class ClientController {
   ): Promise<ClientPayload> {
     return createClient(body)
   }
+
+  /**
+   * @summary Admin only task. Returns the list of all the clients
+   */
+  @Example<ClientPayload[]>([
+    {
+      clientId: 'someClientID1234',
+      clientSecret: 'someRandomCryptoString',
+      accessTokenExpiration: NUMBER_OF_SECONDS_IN_A_DAY,
+      refreshTokenExpiration: NUMBER_OF_SECONDS_IN_A_DAY * 30
+    },
+    {
+      clientId: 'someOtherClientID',
+      clientSecret: 'someOtherRandomCryptoString',
+      accessTokenExpiration: NUMBER_OF_SECONDS_IN_A_DAY,
+      refreshTokenExpiration: NUMBER_OF_SECONDS_IN_A_DAY * 30
+    }
+  ])
+  @Get('/')
+  public async getAllClients(): Promise<ClientPayload[]> {
+    return getAllClients()
+  }
 }
 
 const createClient = async (data: ClientPayload): Promise<ClientPayload> => {
@@ -60,3 +82,13 @@ const createClient = async (data: ClientPayload): Promise<ClientPayload> => {
     refreshTokenExpiration: savedClient.refreshTokenExpiration
   }
 }
+
+const getAllClients = async (): Promise<ClientPayload[]> => {
+  return Client.find({}).select({
+    _id: 0,
+    clientId: 1,
+    clientSecret: 1,
+    accessTokenExpiration: 1,
+    refreshTokenExpiration: 1
+  })
+}

api/src/controllers/group.ts

@@ -12,28 +12,29 @@ import {
 
 import Group, { GroupPayload, PUBLIC_GROUP_NAME } from '../model/Group'
 import User from '../model/User'
-import { AuthProviderType } from '../utils'
+import { GetUserBy, UserResponse } from './user'
-import { UserResponse } from './user'
 
 export interface GroupResponse {
-  groupId: number
+  uid: string
   name: string
   description: string
 }
 
-export interface GroupDetailsResponse {
+export interface GroupDetailsResponse extends GroupResponse {
-  groupId: number
-  name: string
-  description: string
   isActive: boolean
   users: UserResponse[]
 }
 
 interface GetGroupBy {
-  groupId?: number
+  _id?: string
   name?: string
 }
 
+enum GroupAction {
+  AddUser = 'addUser',
+  RemoveUser = 'removeUser'
+}
+
 @Security('bearerAuth')
 @Route('SASjsApi/group')
 @Tags('Group')
@@ -44,7 +45,7 @@ export class GroupController {
    */
   @Example<GroupResponse[]>([
     {
-      groupId: 123,
+      uid: 'groupIdString',
       name: 'DCGroup',
       description: 'This group represents Data Controller Users'
     }
@@ -59,7 +60,7 @@ export class GroupController {
    *
    */
   @Example<GroupDetailsResponse>({
-    groupId: 123,
+    uid: 'groupIdString',
     name: 'DCGroup',
     description: 'This group represents Data Controller Users',
     isActive: true,
@@ -78,7 +79,7 @@ export class GroupController {
    * @example dcgroup
    */
   @Get('by/groupname/{name}')
-  public async getGroupByGroupName(
+  public async getGroupByName(
     @Path() name: string
   ): Promise<GroupDetailsResponse> {
     return getGroup({ name })
@@ -86,68 +87,66 @@ export class GroupController {
 
   /**
    * @summary Get list of members of a group (userName). All users can request this.
-   * @param groupId The group's identifier
+   * @param uid The group's identifier
-   * @example groupId 1234
+   * @example uid "12ByteString"
    */
-  @Get('{groupId}')
+  @Get('{uid}')
-  public async getGroup(
+  public async getGroup(@Path() uid: string): Promise<GroupDetailsResponse> {
-    @Path() groupId: number
+    return getGroup({ _id: uid })
-  ): Promise<GroupDetailsResponse> {
-    return getGroup({ groupId })
   }
 
   /**
    * @summary Add a user to a group. Admin task only.
-   * @param groupId The group's identifier
+   * @param groupUid The group's identifier
-   * @example groupId "1234"
+   * @example groupUid "12ByteString"
-   * @param userId The user's identifier
+   * @param userUid The user's identifier
-   * @example userId "6789"
+   * @example userId "12ByteString"
    */
   @Example<GroupDetailsResponse>({
-    groupId: 123,
+    uid: 'groupIdString',
     name: 'DCGroup',
     description: 'This group represents Data Controller Users',
     isActive: true,
     users: []
   })
-  @Post('{groupId}/{userId}')
+  @Post('{groupUid}/{userUid}')
   public async addUserToGroup(
-    @Path() groupId: number,
+    @Path() groupUid: string,
-    @Path() userId: number
+    @Path() userUid: string
   ): Promise<GroupDetailsResponse> {
-    return addUserToGroup(groupId, userId)
+    return addUserToGroup(groupUid, userUid)
   }
 
   /**
-   * @summary Remove a user to a group. Admin task only.
+   * @summary Remove a user from a group. Admin task only.
-   * @param groupId The group's identifier
+   * @param groupUid The group's identifier
-   * @example groupId "1234"
+   * @example groupUid "12ByteString"
-   * @param userId The user's identifier
+   * @param userUid The user's identifier
-   * @example userId "6789"
+   * @example userUid "12ByteString"
    */
   @Example<GroupDetailsResponse>({
-    groupId: 123,
+    uid: 'groupIdString',
     name: 'DCGroup',
     description: 'This group represents Data Controller Users',
     isActive: true,
     users: []
   })
-  @Delete('{groupId}/{userId}')
+  @Delete('{groupUid}/{userUid}')
   public async removeUserFromGroup(
-    @Path() groupId: number,
+    @Path() groupUid: string,
-    @Path() userId: number
+    @Path() userUid: string
   ): Promise<GroupDetailsResponse> {
-    return removeUserFromGroup(groupId, userId)
+    return removeUserFromGroup(groupUid, userUid)
   }
 
   /**
    * @summary Delete a group. Admin task only.
-   * @param groupId The group's identifier
+   * @param uid The group's identifier
-   * @example groupId 1234
+   * @example uid "12ByteString"
    */
-  @Delete('{groupId}')
+  @Delete('{uid}')
-  public async deleteGroup(@Path() groupId: number) {
+  public async deleteGroup(@Path() uid: string) {
-    const group = await Group.findOne({ groupId })
+    const group = await Group.findOne({ _id: uid })
     if (!group)
       throw {
         code: 404,
@@ -160,9 +159,7 @@ export class GroupController {
 }
 
 const getAllGroups = async (): Promise<GroupResponse[]> =>
-  await Group.find({})
+  await Group.find({}).select('uid name description').exec()
-    .select({ _id: 0, groupId: 1, name: 1, description: 1 })
-    .exec()
 
 const createGroup = async ({
   name,
@@ -187,7 +184,7 @@ const createGroup = async ({
   const savedGroup = await group.save()
 
   return {
-    groupId: savedGroup.groupId,
+    uid: savedGroup.uid,
     name: savedGroup.name,
     description: savedGroup.description,
     isActive: savedGroup.isActive,
@@ -198,11 +195,12 @@ const createGroup = async ({
 const getGroup = async (findBy: GetGroupBy): Promise<GroupDetailsResponse> => {
   const group = (await Group.findOne(
     findBy,
-    'groupId name description isActive users -_id'
+    'uid name description isActive users'
   ).populate(
     'users',
-    'id username displayName isAdmin -_id'
+    'uid username displayName isAdmin'
   )) as unknown as GroupDetailsResponse
+
   if (!group)
     throw {
       code: 404,
@@ -211,7 +209,7 @@ const getGroup = async (findBy: GetGroupBy): Promise<GroupDetailsResponse> => {
     }
 
   return {
-    groupId: group.groupId,
+    uid: group.uid,
     name: group.name,
     description: group.description,
     isActive: group.isActive,
@@ -220,23 +218,23 @@ const getGroup = async (findBy: GetGroupBy): Promise<GroupDetailsResponse> => {
 }
 
 const addUserToGroup = async (
-  groupId: number,
+  groupUid: string,
-  userId: number
+  userUid: string
 ): Promise<GroupDetailsResponse> =>
-  updateUsersListInGroup(groupId, userId, 'addUser')
+  updateUsersListInGroup(groupUid, userUid, GroupAction.AddUser)
 
 const removeUserFromGroup = async (
-  groupId: number,
+  groupUid: string,
-  userId: number
+  userUid: string
 ): Promise<GroupDetailsResponse> =>
-  updateUsersListInGroup(groupId, userId, 'removeUser')
+  updateUsersListInGroup(groupUid, userUid, GroupAction.RemoveUser)
 
 const updateUsersListInGroup = async (
-  groupId: number,
+  groupUid: string,
-  userId: number,
+  userUid: string,
-  action: 'addUser' | 'removeUser'
+  action: GroupAction
 ): Promise<GroupDetailsResponse> => {
-  const group = await Group.findOne({ groupId })
+  const group = await Group.findOne({ _id: groupUid })
   if (!group)
     throw {
       code: 404,
@@ -258,7 +256,7 @@ const updateUsersListInGroup = async (
       message: `Can't add/remove user to group created by external auth provider.`
     }
 
-  const user = await User.findOne({ id: userId })
+  const user = await User.findOne({ _id: userUid })
   if (!user)
     throw {
       code: 404,
@@ -274,7 +272,7 @@ const updateUsersListInGroup = async (
     }
 
   const updatedGroup =
-    action === 'addUser'
+    action === GroupAction.AddUser
       ? await group.addUser(user)
       : await group.removeUser(user)
 
@@ -286,7 +284,7 @@ const updateUsersListInGroup = async (
     }
 
   return {
-    groupId: updatedGroup.groupId,
+    uid: updatedGroup.uid,
     name: updatedGroup.name,
     description: updatedGroup.description,
     isActive: updatedGroup.isActive,

api/src/controllers/internal/Session.ts

@@ -134,12 +134,13 @@ ${autoExecContent}`
       session.path,
       '-AUTOEXEC',
       autoExecPath,
-      isWindows() ? '-nologo' : '',
+      process.sasLoc!.endsWith('sas.exe') ? '-nologo' : '',
       process.sasLoc!.endsWith('sas.exe') ? '-nosplash' : '',
       process.sasLoc!.endsWith('sas.exe') ? '-icon' : '',
       process.sasLoc!.endsWith('sas.exe') ? '-nodms' : '',
       process.sasLoc!.endsWith('sas.exe') ? '-noterminal' : '',
       process.sasLoc!.endsWith('sas.exe') ? '-nostatuswin' : '',
+      process.sasLoc!.endsWith('sas.exe') ? '-NOPRNGETLIST' : '',
       process.sasLoc!.endsWith('sas.exe') ? '-SASINITIALFOLDER' : '',
       process.sasLoc!.endsWith('sas.exe') ? session.path : ''
     ])

api/src/controllers/internal/createSASProgram.ts

@@ -40,8 +40,6 @@ export const createSASProgram = async (
 %mend;
 %_sasjs_server_init()
 
-proc printto print="%sysfunc(getoption(log))";
-run;
 `
 
   program = `

api/src/controllers/permission.ts

@@ -56,9 +56,9 @@ interface RegisterPermissionPayload {
   principalType: PrincipalType
   /**
    * The id of user or group to which a rule is assigned.
-   * @example 123
+   * @example 'groupIdString'
    */
-  principalId: number
+  principalId: string
 }
 
 interface UpdatePermissionPayload {
@@ -70,7 +70,7 @@ interface UpdatePermissionPayload {
 }
 
 export interface PermissionDetailsResponse {
-  permissionId: number
+  uid: string
   path: string
   type: string
   setting: string
@@ -91,24 +91,24 @@ export class PermissionController {
    */
   @Example<PermissionDetailsResponse[]>([
     {
-      permissionId: 123,
+      uid: 'permissionId1String',
       path: '/SASjsApi/code/execute',
       type: 'Route',
       setting: 'Grant',
       user: {
-        id: 1,
+        uid: 'user1-id',
         username: 'johnSnow01',
         displayName: 'John Snow',
         isAdmin: false
       }
     },
     {
-      permissionId: 124,
+      uid: 'permissionId2String',
       path: '/SASjsApi/code/execute',
       type: 'Route',
       setting: 'Grant',
       group: {
-        groupId: 1,
+        uid: 'group1-id',
         name: 'DCGroup',
         description: 'This group represents Data Controller Users',
         isActive: true,
@@ -128,12 +128,12 @@ export class PermissionController {
    *
    */
   @Example<PermissionDetailsResponse>({
-    permissionId: 123,
+    uid: 'permissionIdString',
     path: '/SASjsApi/code/execute',
     type: 'Route',
     setting: 'Grant',
     user: {
-      id: 1,
+      uid: 'userIdString',
       username: 'johnSnow01',
       displayName: 'John Snow',
       isAdmin: false
@@ -149,36 +149,36 @@ export class PermissionController {
   /**
    * @summary Update permission setting. Admin only
    * @param permissionId The permission's identifier
-   * @example permissionId 1234
+   * @example permissionId "permissionIdString"
    */
   @Example<PermissionDetailsResponse>({
-    permissionId: 123,
+    uid: 'permissionIdString',
     path: '/SASjsApi/code/execute',
     type: 'Route',
     setting: 'Grant',
     user: {
-      id: 1,
+      uid: 'userIdString',
       username: 'johnSnow01',
       displayName: 'John Snow',
       isAdmin: false
     }
   })
-  @Patch('{permissionId}')
+  @Patch('{uid}')
   public async updatePermission(
-    @Path() permissionId: number,
+    @Path() uid: string,
     @Body() body: UpdatePermissionPayload
   ): Promise<PermissionDetailsResponse> {
-    return updatePermission(permissionId, body)
+    return updatePermission(uid, body)
   }
 
   /**
    * @summary Delete a permission. Admin only.
    * @param permissionId The user's identifier
-   * @example permissionId 1234
+   * @example permissionId "permissionIdString"
    */
-  @Delete('{permissionId}')
+  @Delete('{uid}')
-  public async deletePermission(@Path() permissionId: number) {
+  public async deletePermission(@Path() uid: string) {
-    return deletePermission(permissionId)
+    return deletePermission(uid)
   }
 }
 
@@ -191,7 +191,7 @@ const getAllPermissions = async (
   else {
     const permissions: PermissionDetailsResponse[] = []
 
-    const dbUser = await User.findOne({ id: user?.userId })
+    const dbUser = await User.findOne({ _id: user?.userId })
     if (!dbUser)
       throw {
         code: 404,
@@ -227,7 +227,7 @@ const createPermission = async ({
 
   switch (principalType) {
     case PrincipalType.user: {
-      const userInDB = await User.findOne({ id: principalId })
+      const userInDB = await User.findOne({ _id: principalId })
       if (!userInDB)
         throw {
           code: 404,
@@ -259,7 +259,7 @@ const createPermission = async ({
       permission.user = userInDB._id
 
       user = {
-        id: userInDB.id,
+        uid: userInDB.uid,
         username: userInDB.username,
         displayName: userInDB.displayName,
         isAdmin: userInDB.isAdmin
@@ -267,7 +267,7 @@ const createPermission = async ({
       break
     }
     case PrincipalType.group: {
-      const groupInDB = await Group.findOne({ groupId: principalId })
+      const groupInDB = await Group.findOne({ _id: principalId })
       if (!groupInDB)
         throw {
           code: 404,
@@ -291,13 +291,13 @@ const createPermission = async ({
       permission.group = groupInDB._id
 
       group = {
-        groupId: groupInDB.groupId,
+        uid: groupInDB.uid,
         name: groupInDB.name,
         description: groupInDB.description,
         isActive: groupInDB.isActive,
         users: groupInDB.populate({
           path: 'users',
-          select: 'id username displayName isAdmin -_id',
+          select: 'uid username displayName isAdmin -_id',
           options: { limit: 15 }
         }) as unknown as UserResponse[]
       }
@@ -314,7 +314,7 @@ const createPermission = async ({
   const savedPermission = await permission.save()
 
   return {
-    permissionId: savedPermission.permissionId,
+    uid: savedPermission.uid,
     path: savedPermission.path,
     type: savedPermission.type,
     setting: savedPermission.setting,
@@ -324,27 +324,21 @@ const createPermission = async ({
 }
 
 const updatePermission = async (
-  id: number,
+  uid: string,
   data: UpdatePermissionPayload
 ): Promise<PermissionDetailsResponse> => {
   const { setting } = data
 
   const updatedPermission = (await Permission.findOneAndUpdate(
-    { permissionId: id },
+    { _id: uid },
     { setting },
     { new: true }
   )
-    .select({
+    .select('uid path type setting')
-      _id: 0,
+    .populate({ path: 'user', select: 'uid username displayName isAdmin' })
-      permissionId: 1,
-      path: 1,
-      type: 1,
-      setting: 1
-    })
-    .populate({ path: 'user', select: 'id username displayName isAdmin -_id' })
     .populate({
       path: 'group',
-      select: 'groupId name description -_id'
+      select: 'groupId name description'
     })) as unknown as PermissionDetailsResponse
   if (!updatedPermission)
     throw {
@@ -356,13 +350,13 @@ const updatePermission = async (
   return updatedPermission
 }
 
-const deletePermission = async (id: number) => {
+const deletePermission = async (uid: string) => {
-  const permission = await Permission.findOne({ permissionId: id })
+  const permission = await Permission.findOne({ _id: uid })
   if (!permission)
     throw {
       code: 404,
       status: 'Not Found',
       message: 'Permission not found.'
     }
-  await Permission.deleteOne({ permissionId: id })
+  await Permission.deleteOne({ _id: uid })
 }

api/src/controllers/session.ts

@@ -2,8 +2,9 @@ import express from 'express'
 import { Request, Security, Route, Tags, Example, Get } from 'tsoa'
 import { UserResponse } from './user'
 
-interface SessionResponse extends UserResponse {
+interface SessionResponse extends Omit<UserResponse, 'uid'> {
-  needsToUpdatePassword: boolean
+  id: string
+  needsToUpdatePassword?: boolean
 }
 
 @Security('bearerAuth')
@@ -14,11 +15,12 @@ export class SessionController {
    * @summary Get session info (username).
    *
    */
-  @Example<UserResponse>({
+  @Example<SessionResponse>({
-    id: 123,
+    id: 'userIdString',
     username: 'johnusername',
     displayName: 'John',
-    isAdmin: false
+    isAdmin: false,
+    needsToUpdatePassword: false
   })
   @Get('/')
   public async session(

api/src/controllers/user.ts

@@ -21,23 +21,19 @@ import {
   getUserAutoExec,
   updateUserAutoExec,
   ModeType,
-  AuthProviderType
+  ALL_USERS_GROUP
 } from '../utils'
-import { GroupResponse } from './group'
+import { GroupController, GroupResponse } from './group'
 
 export interface UserResponse {
-  id: number
+  uid: string
   username: string
   displayName: string
   isAdmin: boolean
 }
 
-export interface UserDetailsResponse {
+export interface UserDetailsResponse extends UserResponse {
-  id: number
-  displayName: string
-  username: string
   isActive: boolean
-  isAdmin: boolean
   autoExec?: string
   groups?: GroupResponse[]
 }
@@ -52,13 +48,13 @@ export class UserController {
    */
   @Example<UserResponse[]>([
     {
-      id: 123,
+      uid: 'userIdString',
       username: 'johnusername',
       displayName: 'John',
       isAdmin: false
     },
     {
-      id: 456,
+      uid: 'anotherUserIdString',
       username: 'starkusername',
       displayName: 'Stark',
       isAdmin: true
@@ -74,7 +70,7 @@ export class UserController {
    *
    */
   @Example<UserDetailsResponse>({
-    id: 1234,
+    uid: 'userIdString',
     displayName: 'John Snow',
     username: 'johnSnow01',
     isAdmin: false,
@@ -111,20 +107,20 @@ export class UserController {
    * Only Admin or user itself will get user autoExec code.
    * @summary Get user properties - such as group memberships, userName, displayName.
    * @param userId The user's identifier
-   * @example userId 1234
+   * @example userId "userIdString"
    */
-  @Get('{userId}')
+  @Get('{uid}')
   public async getUser(
     @Request() req: express.Request,
-    @Path() userId: number
+    @Path() uid: string
   ): Promise<UserDetailsResponse> {
     const { MODE } = process.env
 
     if (MODE === ModeType.Desktop) return getDesktopAutoExec()
 
     const { user } = req
-    const getAutoExec = user!.isAdmin || user!.userId == userId
+    const getAutoExec = user!.isAdmin || user!.userId === uid
-    return getUser({ id: userId }, getAutoExec)
+    return getUser({ _id: uid }, getAutoExec)
   }
 
   /**
@@ -133,7 +129,7 @@ export class UserController {
    * @example username "johnSnow01"
    */
   @Example<UserDetailsResponse>({
-    id: 1234,
+    uid: 'userIdString',
     displayName: 'John Snow',
     username: 'johnSnow01',
     isAdmin: false,
@@ -158,7 +154,7 @@ export class UserController {
    * @example userId "1234"
    */
   @Example<UserDetailsResponse>({
-    id: 1234,
+    uid: 'userIdString',
     displayName: 'John Snow',
     username: 'johnSnow01',
     isAdmin: false,
@@ -166,7 +162,7 @@ export class UserController {
   })
   @Patch('{userId}')
   public async updateUser(
-    @Path() userId: number,
+    @Path() userId: string,
     @Body() body: UserPayload
   ): Promise<UserDetailsResponse> {
     const { MODE } = process.env
@@ -174,7 +170,7 @@ export class UserController {
     if (MODE === ModeType.Desktop)
       return updateDesktopAutoExec(body.autoExec ?? '')
 
-    return updateUser({ id: userId }, body)
+    return updateUser({ _id: userId }, body)
   }
 
   /**
@@ -198,18 +194,16 @@ export class UserController {
    */
   @Delete('{userId}')
   public async deleteUser(
-    @Path() userId: number,
+    @Path() userId: string,
     @Body() body: { password?: string },
     @Query() @Hidden() isAdmin: boolean = false
   ) {
-    return deleteUser({ id: userId }, isAdmin, body)
+    return deleteUser({ _id: userId }, isAdmin, body)
   }
 }
 
 const getAllUsers = async (): Promise<UserResponse[]> =>
-  await User.find({})
+  await User.find({}).select('uid username displayName isAdmin').exec()
-    .select({ _id: 0, id: 1, username: 1, displayName: 1, isAdmin: 1 })
-    .exec()
 
 const createUser = async (data: UserPayload): Promise<UserDetailsResponse> => {
   const { displayName, username, password, isAdmin, isActive, autoExec } = data
@@ -237,8 +231,17 @@ const createUser = async (data: UserPayload): Promise<UserDetailsResponse> => {
 
   const savedUser = await user.save()
 
+  const groupController = new GroupController()
+  const allUsersGroup = await groupController
+    .getGroupByName(ALL_USERS_GROUP.name)
+    .catch(() => {})
+
+  if (allUsersGroup) {
+    await groupController.addUserToGroup(allUsersGroup.uid, savedUser.uid)
+  }
+
   return {
-    id: savedUser.id,
+    uid: savedUser.uid,
     displayName: savedUser.displayName,
     username: savedUser.username,
     isActive: savedUser.isActive,
@@ -247,8 +250,8 @@ const createUser = async (data: UserPayload): Promise<UserDetailsResponse> => {
   }
 }
 
-interface GetUserBy {
+export interface GetUserBy {
-  id?: number
+  _id?: string
   username?: string
 }
 
@@ -258,10 +261,10 @@ const getUser = async (
 ): Promise<UserDetailsResponse> => {
   const user = (await User.findOne(
     findBy,
-    `id displayName username isActive isAdmin autoExec -_id`
+    `uid displayName username isActive isAdmin autoExec`
   ).populate(
     'groups',
-    'groupId name description -_id'
+    'uid name description'
   )) as unknown as UserDetailsResponse
 
   if (!user)
@@ -271,7 +274,7 @@ const getUser = async (
     }
 
   return {
-    id: user.id,
+    uid: user.uid,
     displayName: user.displayName,
     username: user.username,
     isActive: user.isActive,
@@ -284,7 +287,7 @@ const getUser = async (
 const getDesktopAutoExec = async () => {
   return {
     ...desktopUser,
-    id: desktopUser.userId,
+    uid: desktopUser.userId,
     autoExec: await getUserAutoExec()
   }
 }
@@ -320,8 +323,8 @@ const updateUser = async (
     const usernameExist = await User.findOne({ username })
     if (usernameExist) {
       if (
-        (findBy.id && usernameExist.id != findBy.id) ||
+        (findBy._id && usernameExist.uid !== findBy._id) ||
-        (findBy.username && usernameExist.username != findBy.username)
+        (findBy.username && usernameExist.username !== findBy.username)
       )
         throw {
           code: 409,
@@ -341,11 +344,11 @@ const updateUser = async (
   if (!updatedUser)
     throw {
       code: 404,
-      message: `Unable to find user with ${findBy.id || findBy.username}`
+      message: `Unable to find user with ${findBy._id || findBy.username}`
     }
 
   return {
-    id: updatedUser.id,
+    uid: updatedUser.uid,
     username: updatedUser.username,
     displayName: updatedUser.displayName,
     isAdmin: updatedUser.isAdmin,
@@ -358,7 +361,7 @@ const updateDesktopAutoExec = async (autoExec: string) => {
   await updateUserAutoExec(autoExec)
   return {
     ...desktopUser,
-    id: desktopUser.userId,
+    uid: desktopUser.userId,
     autoExec
   }
 }

api/src/controllers/web.ts

@@ -1,13 +1,14 @@
 import path from 'path'
 import express from 'express'
 import { Request, Route, Tags, Post, Body, Get, Example } from 'tsoa'
-import { readFile } from '@sasjs/utils'
+import { readFile, convertSecondsToHms } from '@sasjs/utils'
 
 import User from '../model/User'
 import Client from '../model/Client'
 import {
   getWebBuildFolder,
   generateAuthCode,
+  RateLimiter,
   AuthProviderType,
   LDAPClient
 } from '../utils'
@@ -83,19 +84,38 @@ const login = async (
 ) => {
   // Authenticate User
   const user = await User.findOne({ username })
-  if (!user) throw new Error('Username is not found.')
 
-  if (
+  let validPass = false
-    process.env.AUTH_PROVIDERS === AuthProviderType.LDAP &&
+
-    user.authProvider === AuthProviderType.LDAP
+  if (user) {
-  ) {
+    if (
-    const ldapClient = await LDAPClient.init()
+      process.env.AUTH_PROVIDERS === AuthProviderType.LDAP &&
-    await ldapClient.verifyUser(username, password)
+      user.authProvider === AuthProviderType.LDAP
-  } else {
+    ) {
-    const validPass = user.comparePassword(password)
+      const ldapClient = await LDAPClient.init()
-    if (!validPass) throw new Error('Invalid password.')
+      validPass = await ldapClient
+        .verifyUser(username, password)
+        .catch(() => false)
+    } else {
+      validPass = user.comparePassword(password)
+    }
   }
 
+  // code to prevent brute force attack
+
+  const rateLimiter = RateLimiter.getInstance()
+
+  if (!validPass) {
+    const retrySecs = await rateLimiter.consume(req.ip, user?.username)
+    if (retrySecs > 0) throw errors.tooManyRequests(retrySecs)
+  }
+
+  if (!user) throw errors.userNotFound
+  if (!validPass) throw errors.invalidPassword
+
+  // Reset on successful authorization
+  rateLimiter.resetOnSuccess(req.ip, user.username)
+
   req.session.loggedIn = true
   req.session.user = {
     userId: user.id,
@@ -172,3 +192,18 @@ interface AuthorizeResponse {
    */
   code: string
 }
+
+const errors = {
+  invalidPassword: {
+    code: 401,
+    message: 'Invalid Password.'
+  },
+  userNotFound: {
+    code: 401,
+    message: 'Username is not found.'
+  },
+  tooManyRequests: (seconds: number) => ({
+    code: 429,
+    message: `Too Many Requests! Retry after ${convertSecondsToHms(seconds)}`
+  })
+}

api/src/middlewares/authenticateToken.ts

@@ -76,7 +76,7 @@ const authenticateToken = async (
   const { MODE } = process.env
   if (MODE === ModeType.Desktop) {
     req.user = {
-      userId: 1234,
+      userId: '1234',
       clientId: 'desktopModeClientId',
       username: 'desktopModeUsername',
       displayName: 'desktopModeDisplayName',

api/src/middlewares/authorize.ts

@@ -5,7 +5,7 @@ import {
   PermissionSettingForRoute,
   PermissionType
 } from '../controllers/permission'
-import { getPath, isPublicRoute } from '../utils'
+import { getPath, isPublicRoute, TopLevelRoutes } from '../utils'
 
 export const authorize: RequestHandler = async (req, res, next) => {
   const { user } = req
@@ -18,10 +18,13 @@ export const authorize: RequestHandler = async (req, res, next) => {
   // no need to check for permissions when route is Public
   if (await isPublicRoute(req)) return next()
 
-  const dbUser = await User.findOne({ id: user.userId })
+  const dbUser = await User.findOne({ _id: user.userId })
   if (!dbUser) return res.sendStatus(401)
 
   const path = getPath(req)
+  const { baseUrl } = req
+  const topLevelRoute =
+    TopLevelRoutes.find((route) => baseUrl.startsWith(route)) || baseUrl
 
   // find permission w.r.t user
   const permission = await Permission.findOne({
@@ -35,6 +38,21 @@ export const authorize: RequestHandler = async (req, res, next) => {
     else return res.sendStatus(401)
   }
 
+  // find permission w.r.t user on top level
+  const topLevelPermission = await Permission.findOne({
+    path: topLevelRoute,
+    type: PermissionType.route,
+    user: dbUser._id
+  })
+
+  if (topLevelPermission) {
+    if (topLevelPermission.setting === PermissionSettingForRoute.grant)
+      return next()
+    else return res.sendStatus(401)
+  }
+
+  let isPermissionDenied = false
+
   // find permission w.r.t user's groups
   for (const group of dbUser.groups) {
     const groupPermission = await Permission.findOne({
@@ -42,8 +60,28 @@ export const authorize: RequestHandler = async (req, res, next) => {
       type: PermissionType.route,
       group
     })
-    if (groupPermission?.setting === PermissionSettingForRoute.grant)
+
-      return next()
+    if (groupPermission) {
+      if (groupPermission.setting === PermissionSettingForRoute.grant) {
+        return next()
+      } else {
+        isPermissionDenied = true
+      }
+    }
   }
+
+  if (!isPermissionDenied) {
+    // find permission w.r.t user's groups on top level
+    for (const group of dbUser.groups) {
+      const groupPermission = await Permission.findOne({
+        path: topLevelRoute,
+        type: PermissionType.route,
+        group
+      })
+      if (groupPermission?.setting === PermissionSettingForRoute.grant)
+        return next()
+    }
+  }
+
   return res.sendStatus(401)
 }

api/src/middlewares/bruteForceProtection.ts

@@ -0,0 +1,22 @@
+import { RequestHandler } from 'express'
+import { convertSecondsToHms } from '@sasjs/utils'
+import { RateLimiter } from '../utils'
+
+export const bruteForceProtection: RequestHandler = async (req, res, next) => {
+  const ip = req.ip
+  const username = req.body.username
+
+  const rateLimiter = RateLimiter.getInstance()
+
+  const retrySecs = await rateLimiter.check(ip, username)
+
+  if (retrySecs > 0) {
+    res
+      .status(429)
+      .send(`Too Many Requests! Retry after ${convertSecondsToHms(retrySecs)}`)
+
+    return
+  }
+
+  next()
+}

api/src/middlewares/desktop.ts

@@ -28,7 +28,7 @@ export const desktopRestrict: RequestHandler = (req, res, next) => {
 }
 
 export const desktopUser: RequestUser = {
-  userId: 12345,
+  userId: '12345',
   clientId: 'desktop_app',
   username: userInfo().username,
   displayName: userInfo().username,

api/src/middlewares/index.ts

@@ -4,3 +4,4 @@ export * from './csrfProtection'
 export * from './desktop'
 export * from './verifyAdmin'
 export * from './verifyAdminIfNeeded'
+export * from './bruteForceProtection'

api/src/middlewares/verifyAdminIfNeeded.ts

@@ -8,8 +8,8 @@ export const verifyAdminIfNeeded: RequestHandler = (req, res, next) => {
   if (!user?.isAdmin) {
     let adminAccountRequired: boolean = true
 
-    if (req.params.userId) {
+    if (req.params.uid) {
-      adminAccountRequired = user?.userId !== parseInt(req.params.userId)
+      adminAccountRequired = user?.userId !== req.params.uid
     } else if (req.params.username) {
       adminAccountRequired = user?.username !== req.params.username
     }

api/src/model/Group.ts

@@ -1,10 +1,9 @@
-import mongoose, { Schema, model, Document, Model } from 'mongoose'
+import { Schema, model, Document, Model } from 'mongoose'
 import { GroupDetailsResponse } from '../controllers'
 import User, { IUser } from './User'
 import { AuthProviderType } from '../utils'
-const AutoIncrement = require('mongoose-sequence')(mongoose)
 
-export const PUBLIC_GROUP_NAME = 'Public'
+export const PUBLIC_GROUP_NAME = 'public'
 
 export interface GroupPayload {
   /**
@@ -25,10 +24,12 @@ export interface GroupPayload {
 }
 
 interface IGroupDocument extends GroupPayload, Document {
-  groupId: number
   isActive: boolean
   users: Schema.Types.ObjectId[]
   authProvider?: AuthProviderType
+
+  // Declare virtual properties as read-only properties
+  readonly uid: string
 }
 
 interface IGroup extends IGroupDocument {
@@ -38,32 +39,46 @@ interface IGroup extends IGroupDocument {
 }
 interface IGroupModel extends Model<IGroup> {}
 
-const groupSchema = new Schema<IGroupDocument>({
+const opts = {
-  name: {
+  toJSON: {
-    type: String,
+    virtuals: true,
-    required: true,
+    transform: function (doc: any, ret: any, options: any) {
-    unique: true
+      delete ret._id
+      delete ret.id
+      return ret
+    }
+  }
+}
+const groupSchema = new Schema<IGroupDocument>(
+  {
+    name: {
+      type: String,
+      required: true,
+      unique: true
+    },
+    description: {
+      type: String,
+      default: 'Group description.'
+    },
+    authProvider: {
+      type: String,
+      enum: AuthProviderType
+    },
+    isActive: {
+      type: Boolean,
+      default: true
+    },
+    users: [{ type: Schema.Types.ObjectId, ref: 'User' }]
   },
-  description: {
+  opts
-    type: String,
+)
-    default: 'Group description.'
+
-  },
+groupSchema.virtual('uid').get(function () {
-  authProvider: {
+  return this._id.toString()
-    type: String,
-    enum: AuthProviderType
-  },
-  isActive: {
-    type: Boolean,
-    default: true
-  },
-  users: [{ type: Schema.Types.ObjectId, ref: 'User' }]
 })
 
-groupSchema.plugin(AutoIncrement, { inc_field: 'groupId' })
-
-// Hooks
 groupSchema.post('save', function (group: IGroup, next: Function) {
-  group.populate('users', 'id username displayName -_id').then(function () {
+  group.populate('users', 'uid username displayName').then(function () {
     next()
   })
 })

api/src/model/Permission.ts

@@ -1,5 +1,4 @@
-import mongoose, { Schema, model, Document, Model } from 'mongoose'
+import { Schema, model, Document, Model } from 'mongoose'
-const AutoIncrement = require('mongoose-sequence')(mongoose)
 import { PermissionDetailsResponse } from '../controllers'
 
 interface GetPermissionBy {
@@ -11,9 +10,11 @@ interface IPermissionDocument extends Document {
   path: string
   type: string
   setting: string
-  permissionId: number
   user: Schema.Types.ObjectId
   group: Schema.Types.ObjectId
+
+  // Declare virtual properties as read-only properties
+  readonly uid: string
 }
 
 interface IPermission extends IPermissionDocument {}
@@ -22,44 +23,54 @@ interface IPermissionModel extends Model<IPermission> {
   get(getBy: GetPermissionBy): Promise<PermissionDetailsResponse[]>
 }
 
-const permissionSchema = new Schema<IPermissionDocument>({
+const opts = {
-  path: {
+  toJSON: {
-    type: String,
+    virtuals: true,
-    required: true
+    transform: function (doc: any, ret: any, options: any) {
-  },
+      delete ret._id
-  type: {
+      delete ret.id
-    type: String,
+      return ret
-    required: true
+    }
-  },
+  }
-  setting: {
+}
-    type: String,
-    required: true
-  },
-  user: { type: Schema.Types.ObjectId, ref: 'User' },
-  group: { type: Schema.Types.ObjectId, ref: 'Group' }
-})
 
-permissionSchema.plugin(AutoIncrement, { inc_field: 'permissionId' })
+const permissionSchema = new Schema<IPermissionDocument>(
+  {
+    path: {
+      type: String,
+      required: true
+    },
+    type: {
+      type: String,
+      required: true
+    },
+    setting: {
+      type: String,
+      required: true
+    },
+    user: { type: Schema.Types.ObjectId, ref: 'User' },
+    group: { type: Schema.Types.ObjectId, ref: 'Group' }
+  },
+  opts
+)
+
+permissionSchema.virtual('uid').get(function () {
+  return this._id.toString()
+})
 
 // Static Methods
 permissionSchema.static('get', async function (getBy: GetPermissionBy): Promise<
   PermissionDetailsResponse[]
 > {
   return (await this.find(getBy)
-    .select({
+    .select('uid path type setting')
-      _id: 0,
+    .populate({ path: 'user', select: 'uid username displayName isAdmin' })
-      permissionId: 1,
-      path: 1,
-      type: 1,
-      setting: 1
-    })
-    .populate({ path: 'user', select: 'id username displayName isAdmin -_id' })
     .populate({
       path: 'group',
-      select: 'groupId name description -_id',
+      select: 'uid name description',
       populate: {
         path: 'users',
-        select: 'id username displayName isAdmin -_id',
+        select: 'uid username displayName isAdmin',
         options: { limit: 15 }
       }
     })) as unknown as PermissionDetailsResponse[]

api/src/model/User.ts

@@ -1,5 +1,4 @@
-import mongoose, { Schema, model, Document, Model } from 'mongoose'
+import { Schema, model, Document, Model, ObjectId } from 'mongoose'
-const AutoIncrement = require('mongoose-sequence')(mongoose)
 import bcrypt from 'bcryptjs'
 import { AuthProviderType } from '../utils'
 
@@ -37,7 +36,6 @@ export interface UserPayload {
 
 interface IUserDocument extends UserPayload, Document {
   _id: Schema.Types.ObjectId
-  id: number
   isAdmin: boolean
   isActive: boolean
   needsToUpdatePassword: boolean
@@ -45,6 +43,9 @@ interface IUserDocument extends UserPayload, Document {
   groups: Schema.Types.ObjectId[]
   tokens: [{ [key: string]: string }]
   authProvider?: AuthProviderType
+
+  // Declare virtual properties as read-only properties
+  readonly uid: string
 }
 
 export interface IUser extends IUserDocument {
@@ -55,59 +56,75 @@ export interface IUser extends IUserDocument {
 interface IUserModel extends Model<IUser> {
   hashPassword(password: string): string
 }
-
+const opts = {
-const userSchema = new Schema<IUserDocument>({
+  toJSON: {
-  displayName: {
+    virtuals: true,
-    type: String,
+    transform: function (doc: any, ret: any, options: any) {
-    required: true
+      delete ret._id
-  },
+      delete ret.id
-  username: {
+      return ret
-    type: String,
-    required: true,
-    unique: true
-  },
-  password: {
-    type: String,
-    required: true
-  },
-  authProvider: {
-    type: String,
-    enum: AuthProviderType
-  },
-  isAdmin: {
-    type: Boolean,
-    default: false
-  },
-  isActive: {
-    type: Boolean,
-    default: true
-  },
-  needsToUpdatePassword: {
-    type: Boolean,
-    default: true
-  },
-  autoExec: {
-    type: String
-  },
-  groups: [{ type: Schema.Types.ObjectId, ref: 'Group' }],
-  tokens: [
-    {
-      clientId: {
-        type: String,
-        required: true
-      },
-      accessToken: {
-        type: String,
-        required: true
-      },
-      refreshToken: {
-        type: String,
-        required: true
-      }
     }
-  ]
+  }
+}
+
+const userSchema = new Schema<IUserDocument>(
+  {
+    displayName: {
+      type: String,
+      required: true
+    },
+    username: {
+      type: String,
+      required: true,
+      unique: true
+    },
+    password: {
+      type: String,
+      required: true
+    },
+    authProvider: {
+      type: String,
+      enum: AuthProviderType
+    },
+    isAdmin: {
+      type: Boolean,
+      default: false
+    },
+    isActive: {
+      type: Boolean,
+      default: true
+    },
+    needsToUpdatePassword: {
+      type: Boolean,
+      default: true
+    },
+    autoExec: {
+      type: String
+    },
+    groups: [{ type: Schema.Types.ObjectId, ref: 'Group' }],
+    tokens: [
+      {
+        clientId: {
+          type: String,
+          required: true
+        },
+        accessToken: {
+          type: String,
+          required: true
+        },
+        refreshToken: {
+          type: String,
+          required: true
+        }
+      }
+    ]
+  },
+  opts
+)
+
+userSchema.virtual('uid').get(function () {
+  return this._id.toString()
 })
-userSchema.plugin(AutoIncrement, { inc_field: 'id' })
 
 // Static Methods
 userSchema.static('hashPassword', (password: string): string => {

api/src/routes/api/client.ts

@@ -1,6 +1,7 @@
 import express from 'express'
 import { ClientController } from '../../controllers'
 import { registerClientValidation } from '../../utils'
+import { authenticateAccessToken, verifyAdmin } from '../../middlewares'
 
 const clientRouter = express.Router()
 
@@ -17,4 +18,19 @@ clientRouter.post('/', async (req, res) => {
   }
 })
 
+clientRouter.get(
+  '/',
+  authenticateAccessToken,
+  verifyAdmin,
+  async (req, res) => {
+    const controller = new ClientController()
+    try {
+      const response = await controller.getAllClients()
+      res.send(response)
+    } catch (err: any) {
+      res.status(403).send(err.toString())
+    }
+  }
+)
+
 export default clientRouter

api/src/routes/api/group.ts

@@ -1,7 +1,11 @@
 import express from 'express'
 import { GroupController } from '../../controllers/'
 import { authenticateAccessToken, verifyAdmin } from '../../middlewares'
-import { getGroupValidation, registerGroupValidation } from '../../utils'
+import {
+  getGroupValidation,
+  registerGroupValidation,
+  uidValidation
+} from '../../utils'
 
 const groupRouter = express.Router()
 
@@ -33,12 +37,15 @@ groupRouter.get('/', authenticateAccessToken, async (req, res) => {
   }
 })
 
-groupRouter.get('/:groupId', authenticateAccessToken, async (req, res) => {
+groupRouter.get('/:uid', authenticateAccessToken, async (req, res) => {
-  const { groupId } = req.params
+  const { error: uidError, value: params } = uidValidation(req.params)
+  if (uidError) return res.status(400).send(uidError.details[0].message)
+
+  const { uid } = params
 
   const controller = new GroupController()
   try {
-    const response = await controller.getGroup(parseInt(groupId))
+    const response = await controller.getGroup(uid)
     res.send(response)
   } catch (err: any) {
     res.status(err.code).send(err.message)
@@ -56,7 +63,7 @@ groupRouter.get(
 
     const controller = new GroupController()
     try {
-      const response = await controller.getGroupByGroupName(name)
+      const response = await controller.getGroupByName(name)
       res.send(response)
     } catch (err: any) {
       res.status(err.code).send(err.message)
@@ -65,18 +72,15 @@ groupRouter.get(
 )
 
 groupRouter.post(
-  '/:groupId/:userId',
+  '/:groupUid/:userUid',
   authenticateAccessToken,
   verifyAdmin,
   async (req, res) => {
-    const { groupId, userId } = req.params
+    const { groupUid, userUid } = req.params
 
     const controller = new GroupController()
     try {
-      const response = await controller.addUserToGroup(
+      const response = await controller.addUserToGroup(groupUid, userUid)
-        parseInt(groupId),
-        parseInt(userId)
-      )
       res.send(response)
     } catch (err: any) {
       res.status(err.code).send(err.message)
@@ -85,18 +89,15 @@ groupRouter.post(
 )
 
 groupRouter.delete(
-  '/:groupId/:userId',
+  '/:groupUid/:userUid',
   authenticateAccessToken,
   verifyAdmin,
   async (req, res) => {
-    const { groupId, userId } = req.params
+    const { groupUid, userUid } = req.params
 
     const controller = new GroupController()
     try {
-      const response = await controller.removeUserFromGroup(
+      const response = await controller.removeUserFromGroup(groupUid, userUid)
-        parseInt(groupId),
-        parseInt(userId)
-      )
       res.send(response)
     } catch (err: any) {
       res.status(err.code).send(err.message)
@@ -105,15 +106,18 @@ groupRouter.delete(
 )
 
 groupRouter.delete(
-  '/:groupId',
+  '/:uid',
   authenticateAccessToken,
   verifyAdmin,
   async (req, res) => {
-    const { groupId } = req.params
+    const { error: uidError, value: params } = uidValidation(req.params)
+    if (uidError) return res.status(400).send(uidError.details[0].message)
+
+    const { uid } = params
 
     const controller = new GroupController()
     try {
-      await controller.deleteGroup(parseInt(groupId))
+      await controller.deleteGroup(uid)
       res.status(200).send('Group Deleted!')
     } catch (err: any) {
       res.status(err.code).send(err.message)

api/src/routes/api/permission.ts

@@ -3,6 +3,7 @@ import { PermissionController } from '../../controllers/'
 import { verifyAdmin } from '../../middlewares'
 import {
   registerPermissionValidation,
+  uidValidation,
   updatePermissionValidation
 } from '../../utils'
 
@@ -34,14 +35,17 @@ permissionRouter.post('/', verifyAdmin, async (req, res) => {
   }
 })
 
-permissionRouter.patch('/:permissionId', verifyAdmin, async (req: any, res) => {
+permissionRouter.patch('/:uid', verifyAdmin, async (req: any, res) => {
-  const { permissionId } = req.params
+  const { error: uidError, value: params } = uidValidation(req.params)
+  if (uidError) return res.status(400).send(uidError.details[0].message)
+
+  const { uid } = params
 
   const { error, value: body } = updatePermissionValidation(req.body)
   if (error) return res.status(400).send(error.details[0].message)
 
   try {
-    const response = await controller.updatePermission(permissionId, body)
+    const response = await controller.updatePermission(uid, body)
     res.send(response)
   } catch (err: any) {
     const statusCode = err.code
@@ -50,20 +54,18 @@ permissionRouter.patch('/:permissionId', verifyAdmin, async (req: any, res) => {
   }
 })
 
-permissionRouter.delete(
+permissionRouter.delete('/:uid', verifyAdmin, async (req: any, res) => {
-  '/:permissionId',
+  const { error: uidError, value: params } = uidValidation(req.params)
-  verifyAdmin,
+  if (uidError) return res.status(400).send(uidError.details[0].message)
-  async (req: any, res) => {
-    const { permissionId } = req.params
 
-    try {
+  const { uid } = params
-      await controller.deletePermission(permissionId)
+  try {
-      res.status(200).send('Permission Deleted!')
+    await controller.deletePermission(uid)
-    } catch (err: any) {
+    res.status(200).send('Permission Deleted!')
-      const statusCode = err.code
+  } catch (err: any) {
-      delete err.code
+    const statusCode = err.code
-      res.status(statusCode).send(err.message)
+    delete err.code
-    }
+    res.status(statusCode).send(err.message)
   }
-)
+})
 export default permissionRouter

api/src/routes/api/spec/auth.spec.ts

@@ -13,6 +13,7 @@ import {
   generateAccessToken,
   generateAuthCode,
   generateRefreshToken,
+  randomBytesHexString,
   saveTokensInDB,
   verifyTokenInDB
 } from '../../../utils'
@@ -20,7 +21,6 @@ import {
 const clientId = 'someclientID'
 const clientSecret = 'someclientSecret'
 const user = {
-  id: 1234,
   displayName: 'Test User',
   username: 'testUsername',
   password: '87654321',
@@ -52,7 +52,7 @@ describe('auth', () => {
   describe('token', () => {
     const userInfo: InfoJWT = {
       clientId,
-      userId: user.id
+      userId: randomBytesHexString(12)
     }
     beforeAll(async () => {
       await userController.createUser(user)
@@ -151,10 +151,10 @@ describe('auth', () => {
       currentUser = await userController.createUser(user)
       refreshToken = generateRefreshToken({
         clientId,
-        userId: currentUser.id
+        userId: currentUser.uid
       })
       await saveTokensInDB(
-        currentUser.id,
+        currentUser.uid,
         clientId,
         'accessToken',
         refreshToken
@@ -202,11 +202,11 @@ describe('auth', () => {
       currentUser = await userController.createUser(user)
       accessToken = generateAccessToken({
         clientId,
-        userId: currentUser.id
+        userId: currentUser.uid
       })
 
       await saveTokensInDB(
-        currentUser.id,
+        currentUser.uid,
         clientId,
         accessToken,
         'refreshToken'

api/src/routes/api/spec/client.spec.ts

@@ -5,6 +5,7 @@ import request from 'supertest'
 import appPromise from '../../../app'
 import { UserController, ClientController } from '../../../controllers/'
 import { generateAccessToken, saveTokensInDB } from '../../../utils'
+import { NUMBER_OF_SECONDS_IN_A_DAY } from '../../../model/Client'
 
 const client = {
   clientId: 'someclientID',
@@ -26,6 +27,7 @@ describe('client', () => {
   let app: Express
   let con: Mongoose
   let mongoServer: MongoMemoryServer
+  let adminAccessToken: string
   const userController = new UserController()
   const clientController = new ClientController()
 
@@ -34,6 +36,18 @@ describe('client', () => {
 
     mongoServer = await MongoMemoryServer.create()
     con = await mongoose.connect(mongoServer.getUri())
+
+    const dbUser = await userController.createUser(adminUser)
+    adminAccessToken = generateAccessToken({
+      clientId: client.clientId,
+      userId: dbUser.uid
+    })
+    await saveTokensInDB(
+      dbUser.uid,
+      client.clientId,
+      adminAccessToken,
+      'refreshToken'
+    )
   })
 
   afterAll(async () => {
@@ -43,22 +57,6 @@ describe('client', () => {
   })
 
   describe('create', () => {
-    let adminAccessToken: string
-
-    beforeAll(async () => {
-      const dbUser = await userController.createUser(adminUser)
-      adminAccessToken = generateAccessToken({
-        clientId: client.clientId,
-        userId: dbUser.id
-      })
-      await saveTokensInDB(
-        dbUser.id,
-        client.clientId,
-        adminAccessToken,
-        'refreshToken'
-      )
-    })
-
     afterEach(async () => {
       const collections = mongoose.connection.collections
       const collection = collections['clients']
@@ -97,10 +95,10 @@ describe('client', () => {
       const dbUser = await userController.createUser(user)
       const accessToken = generateAccessToken({
         clientId: client.clientId,
-        userId: dbUser.id
+        userId: dbUser.uid
       })
       await saveTokensInDB(
-        dbUser.id,
+        dbUser.uid,
         client.clientId,
         accessToken,
         'refreshToken'
@@ -157,4 +155,80 @@ describe('client', () => {
       expect(res.body).toEqual({})
     })
   })
+
+  describe('get', () => {
+    afterEach(async () => {
+      const collections = mongoose.connection.collections
+      const collection = collections['clients']
+      await collection.deleteMany({})
+    })
+
+    it('should respond with an array of all clients', async () => {
+      await clientController.createClient(newClient)
+      await clientController.createClient({
+        clientId: 'clientID',
+        clientSecret: 'clientSecret'
+      })
+
+      const res = await request(app)
+        .get('/SASjsApi/client')
+        .auth(adminAccessToken, { type: 'bearer' })
+        .send()
+        .expect(200)
+
+      const expected = [
+        {
+          clientId: 'newClientID',
+          clientSecret: 'newClientSecret',
+          accessTokenExpiration: NUMBER_OF_SECONDS_IN_A_DAY,
+          refreshTokenExpiration: NUMBER_OF_SECONDS_IN_A_DAY * 30
+        },
+        {
+          clientId: 'clientID',
+          clientSecret: 'clientSecret',
+          accessTokenExpiration: NUMBER_OF_SECONDS_IN_A_DAY,
+          refreshTokenExpiration: NUMBER_OF_SECONDS_IN_A_DAY * 30
+        }
+      ]
+
+      expect(res.body).toEqual(expected)
+    })
+
+    it('should respond with Unauthorized if access token is not present', async () => {
+      const res = await request(app).get('/SASjsApi/client').send().expect(401)
+
+      expect(res.text).toEqual('Unauthorized')
+      expect(res.body).toEqual({})
+    })
+
+    it('should respond with Forbideen if access token is not of an admin account', async () => {
+      const user = {
+        displayName: 'User 2',
+        username: 'username2',
+        password: '12345678',
+        isAdmin: false,
+        isActive: true
+      }
+      const dbUser = await userController.createUser(user)
+      const accessToken = generateAccessToken({
+        clientId: client.clientId,
+        userId: dbUser.uid
+      })
+      await saveTokensInDB(
+        dbUser.uid,
+        client.clientId,
+        accessToken,
+        'refreshToken'
+      )
+
+      const res = await request(app)
+        .get('/SASjsApi/client')
+        .auth(accessToken, { type: 'bearer' })
+        .send()
+        .expect(401)
+
+      expect(res.text).toEqual('Admin account required')
+      expect(res.body).toEqual({})
+    })
+  })
 })

api/src/routes/api/spec/drive.spec.ts

@@ -71,31 +71,31 @@ describe('drive', () => {
     con = await mongoose.connect(mongoServer.getUri())
 
     const dbUser = await controller.createUser(user)
-    accessToken = await generateAndSaveToken(dbUser.id)
+    accessToken = await generateAndSaveToken(dbUser.uid)
     await permissionController.createPermission({
       ...permission,
       path: '/SASjsApi/drive/deploy',
-      principalId: dbUser.id
+      principalId: dbUser.uid
     })
     await permissionController.createPermission({
       ...permission,
       path: '/SASjsApi/drive/deploy/upload',
-      principalId: dbUser.id
+      principalId: dbUser.uid
     })
     await permissionController.createPermission({
       ...permission,
       path: '/SASjsApi/drive/file',
-      principalId: dbUser.id
+      principalId: dbUser.uid
     })
     await permissionController.createPermission({
       ...permission,
       path: '/SASjsApi/drive/folder',
-      principalId: dbUser.id
+      principalId: dbUser.uid
     })
     await permissionController.createPermission({
       ...permission,
       path: '/SASjsApi/drive/rename',
-      principalId: dbUser.id
+      principalId: dbUser.uid
     })
   })
 
@@ -1197,7 +1197,7 @@ const getExampleService = (): ServiceMember =>
   ((getTreeExample().members[0] as FolderMember).members[0] as FolderMember)
     .members[0] as ServiceMember
 
-const generateAndSaveToken = async (userId: number) => {
+const generateAndSaveToken = async (userId: string) => {
   const adminAccessToken = generateAccessToken({
     clientId,
     userId

api/src/routes/api/spec/group.spec.ts

@@ -11,6 +11,7 @@ import {
 } from '../../../utils'
 import Group, { PUBLIC_GROUP_NAME } from '../../../model/Group'
 import User from '../../../model/User'
+import { randomBytes } from 'crypto'
 
 const clientId = 'someclientID'
 const adminUser = {
@@ -75,7 +76,7 @@ describe('group', () => {
         .send(group)
         .expect(200)
 
-      expect(res.body.groupId).toBeTruthy()
+      expect(res.body.uid).toBeTruthy()
       expect(res.body.name).toEqual(group.name)
       expect(res.body.description).toEqual(group.description)
       expect(res.body.isActive).toEqual(true)
@@ -155,7 +156,7 @@ describe('group', () => {
       const dbGroup = await groupController.createGroup(group)
 
       const res = await request(app)
-        .delete(`/SASjsApi/group/${dbGroup.groupId}`)
+        .delete(`/SASjsApi/group/${dbGroup.uid}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send()
         .expect(200)
@@ -174,17 +175,17 @@ describe('group', () => {
         username: 'deletegroup2'
       })
 
-      await groupController.addUserToGroup(dbGroup.groupId, dbUser1.id)
+      await groupController.addUserToGroup(dbGroup.uid, dbUser1.uid)
-      await groupController.addUserToGroup(dbGroup.groupId, dbUser2.id)
+      await groupController.addUserToGroup(dbGroup.uid, dbUser2.uid)
 
       await request(app)
-        .delete(`/SASjsApi/group/${dbGroup.groupId}`)
+        .delete(`/SASjsApi/group/${dbGroup.uid}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send()
         .expect(200)
 
       const res1 = await request(app)
-        .get(`/SASjsApi/user/${dbUser1.id}`)
+        .get(`/SASjsApi/user/${dbUser1.uid}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send()
         .expect(200)
@@ -192,7 +193,7 @@ describe('group', () => {
       expect(res1.body.groups).toEqual([])
 
       const res2 = await request(app)
-        .get(`/SASjsApi/user/${dbUser2.id}`)
+        .get(`/SASjsApi/user/${dbUser2.uid}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send()
         .expect(200)
@@ -201,8 +202,10 @@ describe('group', () => {
     })
 
     it('should respond with Not Found if groupId is incorrect', async () => {
+      const hexValue = randomBytes(12).toString('hex')
+
       const res = await request(app)
-        .delete(`/SASjsApi/group/1234`)
+        .delete(`/SASjsApi/group/${hexValue}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send()
         .expect(404)
@@ -229,7 +232,7 @@ describe('group', () => {
       })
 
       const res = await request(app)
-        .delete(`/SASjsApi/group/${dbGroup.groupId}`)
+        .delete(`/SASjsApi/group/${dbGroup.uid}`)
         .auth(accessToken, { type: 'bearer' })
         .send()
         .expect(401)
@@ -245,15 +248,15 @@ describe('group', () => {
     })
 
     it('should respond with group', async () => {
-      const { groupId } = await groupController.createGroup(group)
+      const { uid } = await groupController.createGroup(group)
 
       const res = await request(app)
-        .get(`/SASjsApi/group/${groupId}`)
+        .get(`/SASjsApi/group/${uid}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send()
         .expect(200)
 
-      expect(res.body.groupId).toBeTruthy()
+      expect(res.body.uid).toBeTruthy()
       expect(res.body.name).toEqual(group.name)
       expect(res.body.description).toEqual(group.description)
       expect(res.body.isActive).toEqual(true)
@@ -266,15 +269,15 @@ describe('group', () => {
         username: 'get' + user.username
       })
 
-      const { groupId } = await groupController.createGroup(group)
+      const { uid } = await groupController.createGroup(group)
 
       const res = await request(app)
-        .get(`/SASjsApi/group/${groupId}`)
+        .get(`/SASjsApi/group/${uid}`)
         .auth(accessToken, { type: 'bearer' })
         .send()
         .expect(200)
 
-      expect(res.body.groupId).toBeTruthy()
+      expect(res.body.uid).toBeTruthy()
       expect(res.body.name).toEqual(group.name)
       expect(res.body.description).toEqual(group.description)
       expect(res.body.isActive).toEqual(true)
@@ -292,8 +295,10 @@ describe('group', () => {
     })
 
     it('should respond with Not Found if groupId is incorrect', async () => {
+      const hexValue = randomBytes(12).toString('hex')
+
       const res = await request(app)
-        .get('/SASjsApi/group/1234')
+        .get(`/SASjsApi/group/${hexValue}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send()
         .expect(404)
@@ -312,7 +317,7 @@ describe('group', () => {
           .send()
           .expect(200)
 
-        expect(res.body.groupId).toBeTruthy()
+        expect(res.body.uid).toBeTruthy()
         expect(res.body.name).toEqual(group.name)
         expect(res.body.description).toEqual(group.description)
         expect(res.body.isActive).toEqual(true)
@@ -333,7 +338,7 @@ describe('group', () => {
           .send()
           .expect(200)
 
-        expect(res.body.groupId).toBeTruthy()
+        expect(res.body.uid).toBeTruthy()
         expect(res.body.name).toEqual(group.name)
         expect(res.body.description).toEqual(group.description)
         expect(res.body.isActive).toEqual(true)
@@ -379,7 +384,7 @@ describe('group', () => {
 
       expect(res.body).toEqual([
         {
-          groupId: expect.anything(),
+          uid: expect.anything(),
           name: group.name,
           description: group.description
         }
@@ -401,7 +406,7 @@ describe('group', () => {
 
       expect(res.body).toEqual([
         {
-          groupId: expect.anything(),
+          uid: expect.anything(),
           name: group.name,
           description: group.description
         }
@@ -426,18 +431,18 @@ describe('group', () => {
       const dbUser = await userController.createUser(user)
 
       const res = await request(app)
-        .post(`/SASjsApi/group/${dbGroup.groupId}/${dbUser.id}`)
+        .post(`/SASjsApi/group/${dbGroup.uid}/${dbUser.uid}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send()
         .expect(200)
 
-      expect(res.body.groupId).toBeTruthy()
+      expect(res.body.uid).toBeTruthy()
       expect(res.body.name).toEqual(group.name)
       expect(res.body.description).toEqual(group.description)
       expect(res.body.isActive).toEqual(true)
       expect(res.body.users).toEqual([
         {
-          id: expect.anything(),
+          uid: expect.anything(),
           username: user.username,
           displayName: user.displayName
         }
@@ -452,20 +457,20 @@ describe('group', () => {
       })
 
       await request(app)
-        .post(`/SASjsApi/group/${dbGroup.groupId}/${dbUser.id}`)
+        .post(`/SASjsApi/group/${dbGroup.uid}/${dbUser.uid}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send()
         .expect(200)
 
       const res = await request(app)
-        .get(`/SASjsApi/user/${dbUser.id}`)
+        .get(`/SASjsApi/user/${dbUser.uid}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send()
         .expect(200)
 
       expect(res.body.groups).toEqual([
         {
-          groupId: expect.anything(),
+          uid: expect.anything(),
           name: group.name,
           description: group.description
         }
@@ -478,21 +483,21 @@ describe('group', () => {
         ...user,
         username: 'addUserRandomUser'
       })
-      await groupController.addUserToGroup(dbGroup.groupId, dbUser.id)
+      await groupController.addUserToGroup(dbGroup.uid, dbUser.uid)
 
       const res = await request(app)
-        .post(`/SASjsApi/group/${dbGroup.groupId}/${dbUser.id}`)
+        .post(`/SASjsApi/group/${dbGroup.uid}/${dbUser.uid}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send()
         .expect(200)
 
-      expect(res.body.groupId).toBeTruthy()
+      expect(res.body.uid).toBeTruthy()
       expect(res.body.name).toEqual(group.name)
       expect(res.body.description).toEqual(group.description)
       expect(res.body.isActive).toEqual(true)
       expect(res.body.users).toEqual([
         {
-          id: expect.anything(),
+          uid: expect.anything(),
           username: 'addUserRandomUser',
           displayName: user.displayName
         }
@@ -526,8 +531,10 @@ describe('group', () => {
     })
 
     it('should respond with Not Found if groupId is incorrect', async () => {
+      const hexValue = randomBytes(12).toString('hex')
+
       const res = await request(app)
-        .post('/SASjsApi/group/123/123')
+        .post(`/SASjsApi/group/${hexValue}/123`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send()
         .expect(404)
@@ -538,8 +545,10 @@ describe('group', () => {
 
     it('should respond with Not Found if userId is incorrect', async () => {
       const dbGroup = await groupController.createGroup(group)
+      const hexValue = randomBytes(12).toString('hex')
+
       const res = await request(app)
-        .post(`/SASjsApi/group/${dbGroup.groupId}/123`)
+        .post(`/SASjsApi/group/${dbGroup.uid}/${hexValue}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send()
         .expect(404)
@@ -556,7 +565,7 @@ describe('group', () => {
       })
 
       const res = await request(app)
-        .post(`/SASjsApi/group/${dbGroup.groupId}/${dbUser.id}`)
+        .post(`/SASjsApi/group/${dbGroup.uid}/${dbUser.uid}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send()
         .expect(400)
@@ -577,7 +586,7 @@ describe('group', () => {
       })
 
       const res = await request(app)
-        .post(`/SASjsApi/group/${dbGroup.groupId}/${dbUser.id}`)
+        .post(`/SASjsApi/group/${dbGroup.uid}/${dbUser.uid}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send()
         .expect(405)
@@ -596,7 +605,7 @@ describe('group', () => {
       })
 
       const res = await request(app)
-        .post(`/SASjsApi/group/${dbGroup.groupId}/${dbUser.id}`)
+        .post(`/SASjsApi/group/${dbGroup.uid}/${dbUser.uid}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send()
         .expect(405)
@@ -618,15 +627,15 @@ describe('group', () => {
         ...user,
         username: 'removeUserRandomUser'
       })
-      await groupController.addUserToGroup(dbGroup.groupId, dbUser.id)
+      await groupController.addUserToGroup(dbGroup.uid, dbUser.uid)
 
       const res = await request(app)
-        .delete(`/SASjsApi/group/${dbGroup.groupId}/${dbUser.id}`)
+        .delete(`/SASjsApi/group/${dbGroup.uid}/${dbUser.uid}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send()
         .expect(200)
 
-      expect(res.body.groupId).toBeTruthy()
+      expect(res.body.uid).toBeTruthy()
       expect(res.body.name).toEqual(group.name)
       expect(res.body.description).toEqual(group.description)
       expect(res.body.isActive).toEqual(true)
@@ -639,16 +648,16 @@ describe('group', () => {
         ...user,
         username: 'removeGroupFromUser'
       })
-      await groupController.addUserToGroup(dbGroup.groupId, dbUser.id)
+      await groupController.addUserToGroup(dbGroup.uid, dbUser.uid)
 
       await request(app)
-        .delete(`/SASjsApi/group/${dbGroup.groupId}/${dbUser.id}`)
+        .delete(`/SASjsApi/group/${dbGroup.uid}/${dbUser.uid}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send()
         .expect(200)
 
       const res = await request(app)
-        .get(`/SASjsApi/user/${dbUser.id}`)
+        .get(`/SASjsApi/user/${dbUser.uid}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send()
         .expect(200)
@@ -667,7 +676,7 @@ describe('group', () => {
       })
 
       const res = await request(app)
-        .delete(`/SASjsApi/group/${dbGroup.groupId}/${dbUser.id}`)
+        .delete(`/SASjsApi/group/${dbGroup.uid}/${dbUser.uid}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send()
         .expect(405)
@@ -686,7 +695,7 @@ describe('group', () => {
       })
 
       const res = await request(app)
-        .delete(`/SASjsApi/group/${dbGroup.groupId}/${dbUser.id}`)
+        .delete(`/SASjsApi/group/${dbGroup.uid}/${dbUser.uid}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send()
         .expect(405)
@@ -723,8 +732,10 @@ describe('group', () => {
     })
 
     it('should respond with Not Found if groupId is incorrect', async () => {
+      const hexValue = randomBytes(12).toString('hex')
+
       const res = await request(app)
-        .delete('/SASjsApi/group/123/123')
+        .delete(`/SASjsApi/group/${hexValue}/123`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send()
         .expect(404)
@@ -735,8 +746,10 @@ describe('group', () => {
 
     it('should respond with Not Found if userId is incorrect', async () => {
       const dbGroup = await groupController.createGroup(group)
+      const hexValue = randomBytes(12).toString('hex')
+
       const res = await request(app)
-        .delete(`/SASjsApi/group/${dbGroup.groupId}/123`)
+        .delete(`/SASjsApi/group/${dbGroup.uid}/${hexValue}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send()
         .expect(404)
@@ -752,10 +765,10 @@ const generateSaveTokenAndCreateUser = async (
 ): Promise<string> => {
   const dbUser = await userController.createUser(someUser ?? adminUser)
 
-  return generateAndSaveToken(dbUser.id)
+  return generateAndSaveToken(dbUser.uid)
 }
 
-const generateAndSaveToken = async (userId: number) => {
+const generateAndSaveToken = async (userId: string) => {
   const adminAccessToken = generateAccessToken({
     clientId,
     userId

api/src/routes/api/spec/permission.spec.ts

@@ -17,6 +17,7 @@ import {
   PermissionDetailsResponse
 } from '../../../controllers'
 import { generateAccessToken, saveTokensInDB } from '../../../utils'
+import { randomBytes } from 'crypto'
 
 const deployPayload = {
   appLoc: 'string',
@@ -103,10 +104,10 @@ describe('permission', () => {
       const res = await request(app)
         .post('/SASjsApi/permission')
         .auth(adminAccessToken, { type: 'bearer' })
-        .send({ ...permission, principalId: dbUser.id })
+        .send({ ...permission, principalId: dbUser.uid })
         .expect(200)
 
-      expect(res.body.permissionId).toBeTruthy()
+      expect(res.body.uid).toBeTruthy()
       expect(res.body.path).toEqual(permission.path)
       expect(res.body.type).toEqual(permission.type)
       expect(res.body.setting).toEqual(permission.setting)
@@ -122,11 +123,11 @@ describe('permission', () => {
         .send({
           ...permission,
           principalType: 'group',
-          principalId: dbGroup.groupId
+          principalId: dbGroup.uid
         })
         .expect(200)
 
-      expect(res.body.permissionId).toBeTruthy()
+      expect(res.body.uid).toBeTruthy()
       expect(res.body.path).toEqual(permission.path)
       expect(res.body.type).toEqual(permission.type)
       expect(res.body.setting).toEqual(permission.setting)
@@ -144,7 +145,7 @@ describe('permission', () => {
     })
 
     it('should respond with Unauthorized if access token is not of an admin account', async () => {
-      const accessToken = await generateAndSaveToken(dbUser.id)
+      const accessToken = await generateAndSaveToken(dbUser.uid)
 
       const res = await request(app)
         .post('/SASjsApi/permission')
@@ -281,17 +282,19 @@ describe('permission', () => {
       expect(res.body).toEqual({})
     })
 
-    it('should respond with Bad Request if principalId is not a number', async () => {
+    it('should respond with Bad Request if principalId is not a string of 24 hex characters', async () => {
       const res = await request(app)
         .post('/SASjsApi/permission')
         .auth(adminAccessToken, { type: 'bearer' })
         .send({
           ...permission,
-          principalId: 'someCharacters'
+          principalId: randomBytes(10).toString('hex')
         })
         .expect(400)
 
-      expect(res.text).toEqual('"principalId" must be a number')
+      expect(res.text).toEqual(
+        '"principalId" length must be 24 characters long'
+      )
       expect(res.body).toEqual({})
     })
 
@@ -307,7 +310,7 @@ describe('permission', () => {
         .auth(adminAccessToken, { type: 'bearer' })
         .send({
           ...permission,
-          principalId: adminUser.id
+          principalId: adminUser.uid
         })
         .expect(400)
 
@@ -321,7 +324,7 @@ describe('permission', () => {
         .auth(adminAccessToken, { type: 'bearer' })
         .send({
           ...permission,
-          principalId: 123
+          principalId: randomBytes(12).toString('hex')
         })
         .expect(404)
 
@@ -336,7 +339,7 @@ describe('permission', () => {
         .send({
           ...permission,
           principalType: 'group',
-          principalId: 123
+          principalId: randomBytes(12).toString('hex')
         })
         .expect(404)
 
@@ -347,13 +350,13 @@ describe('permission', () => {
     it('should respond with Conflict (409) if permission already exists', async () => {
       await permissionController.createPermission({
         ...permission,
-        principalId: dbUser.id
+        principalId: dbUser.uid
       })
 
       const res = await request(app)
         .post('/SASjsApi/permission')
         .auth(adminAccessToken, { type: 'bearer' })
-        .send({ ...permission, principalId: dbUser.id })
+        .send({ ...permission, principalId: dbUser.uid })
         .expect(409)
 
       expect(res.text).toEqual(
@@ -368,7 +371,7 @@ describe('permission', () => {
     beforeAll(async () => {
       dbPermission = await permissionController.createPermission({
         ...permission,
-        principalId: dbUser.id
+        principalId: dbUser.uid
       })
     })
 
@@ -378,7 +381,7 @@ describe('permission', () => {
 
     it('should respond with updated permission', async () => {
       const res = await request(app)
-        .patch(`/SASjsApi/permission/${dbPermission?.permissionId}`)
+        .patch(`/SASjsApi/permission/${dbPermission?.uid}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send({ setting: PermissionSettingForRoute.deny })
         .expect(200)
@@ -388,7 +391,7 @@ describe('permission', () => {
 
     it('should respond with Unauthorized if access token is not present', async () => {
       const res = await request(app)
-        .patch(`/SASjsApi/permission/${dbPermission?.permissionId}`)
+        .patch(`/SASjsApi/permission/${dbPermission?.uid}`)
         .send()
         .expect(401)
 
@@ -403,7 +406,7 @@ describe('permission', () => {
       })
 
       const res = await request(app)
-        .patch(`/SASjsApi/permission/${dbPermission?.permissionId}`)
+        .patch(`/SASjsApi/permission/${dbPermission?.uid}`)
         .auth(accessToken, { type: 'bearer' })
         .send()
         .expect(401)
@@ -414,7 +417,7 @@ describe('permission', () => {
 
     it('should respond with Bad Request if setting is missing', async () => {
       const res = await request(app)
-        .patch(`/SASjsApi/permission/${dbPermission?.permissionId}`)
+        .patch(`/SASjsApi/permission/${dbPermission?.uid}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send()
         .expect(400)
@@ -425,7 +428,7 @@ describe('permission', () => {
 
     it('should respond with Bad Request if setting is  invalid', async () => {
       const res = await request(app)
-        .patch(`/SASjsApi/permission/${dbPermission?.permissionId}`)
+        .patch(`/SASjsApi/permission/${dbPermission?.uid}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send({
           setting: 'invalid'
@@ -437,8 +440,9 @@ describe('permission', () => {
     })
 
     it('should respond with not found (404) if permission with provided id does not exist', async () => {
+      const hexValue = randomBytes(12).toString('hex')
       const res = await request(app)
-        .patch('/SASjsApi/permission/123')
+        .patch(`/SASjsApi/permission/${hexValue}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send({
           setting: PermissionSettingForRoute.deny
@@ -454,10 +458,10 @@ describe('permission', () => {
     it('should delete permission', async () => {
       const dbPermission = await permissionController.createPermission({
         ...permission,
-        principalId: dbUser.id
+        principalId: dbUser.uid
       })
       const res = await request(app)
-        .delete(`/SASjsApi/permission/${dbPermission?.permissionId}`)
+        .delete(`/SASjsApi/permission/${dbPermission?.uid}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send()
         .expect(200)
@@ -466,8 +470,10 @@ describe('permission', () => {
     })
 
     it('should respond with not found (404) if permission with provided id does not exists', async () => {
+      const hexValue = randomBytes(12).toString('hex')
+
       const res = await request(app)
-        .delete('/SASjsApi/permission/123')
+        .delete(`/SASjsApi/permission/${hexValue}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send()
         .expect(404)
@@ -481,12 +487,12 @@ describe('permission', () => {
       await permissionController.createPermission({
         ...permission,
         path: '/test-1',
-        principalId: dbUser.id
+        principalId: dbUser.uid
       })
       await permissionController.createPermission({
         ...permission,
         path: '/test-2',
-        principalId: dbUser.id
+        principalId: dbUser.uid
       })
     })
 
@@ -505,12 +511,12 @@ describe('permission', () => {
         ...user,
         username: 'get' + user.username
       })
-      const accessToken = await generateAndSaveToken(nonAdminUser.id)
+      const accessToken = await generateAndSaveToken(nonAdminUser.uid)
       await permissionController.createPermission({
         path: '/test-1',
         type: PermissionType.route,
         principalType: PrincipalType.user,
-        principalId: nonAdminUser.id,
+        principalId: nonAdminUser.uid,
         setting: PermissionSettingForRoute.grant
       })
 
@@ -531,7 +537,7 @@ describe('permission', () => {
       await permissionController.createPermission({
         ...permission,
         path: '/SASjsApi/drive/deploy',
-        principalId: dbUser.id
+        principalId: dbUser.uid
       })
     })
 
@@ -551,7 +557,7 @@ describe('permission', () => {
     })
 
     it('should create files in SASJS drive', async () => {
-      const accessToken = await generateAndSaveToken(dbUser.id)
+      const accessToken = await generateAndSaveToken(dbUser.uid)
 
       await request(app)
         .get('/SASjsApi/drive/deploy')
@@ -561,7 +567,7 @@ describe('permission', () => {
     })
 
     it('should respond unauthorized', async () => {
-      const accessToken = await generateAndSaveToken(dbUser.id)
+      const accessToken = await generateAndSaveToken(dbUser.uid)
 
       await request(app)
         .get('/SASjsApi/drive/deploy/upload')
@@ -577,10 +583,10 @@ const generateSaveTokenAndCreateUser = async (
 ): Promise<string> => {
   const dbUser = await userController.createUser(someUser ?? adminUser)
 
-  return generateAndSaveToken(dbUser.id)
+  return generateAndSaveToken(dbUser.uid)
 }
 
-const generateAndSaveToken = async (userId: number) => {
+const generateAndSaveToken = async (userId: string) => {
   const adminAccessToken = generateAccessToken({
     clientId,
     userId

api/src/routes/api/spec/stp.spec.ts

@@ -58,12 +58,12 @@ describe('stp', () => {
     mongoServer = await MongoMemoryServer.create()
     con = await mongoose.connect(mongoServer.getUri())
     const dbUser = await userController.createUser(user)
-    accessToken = await generateAndSaveToken(dbUser.id)
+    accessToken = await generateAndSaveToken(dbUser.uid)
     await permissionController.createPermission({
       path: '/SASjsApi/stp/execute',
       type: PermissionType.route,
       principalType: PrincipalType.user,
-      principalId: dbUser.id,
+      principalId: dbUser.uid,
       setting: PermissionSettingForRoute.grant
     })
   })
@@ -456,7 +456,7 @@ const makeRequestAndAssert = async (
     )
 }
 
-const generateAndSaveToken = async (userId: number) => {
+const generateAndSaveToken = async (userId: string) => {
   const accessToken = generateAccessToken({
     clientId,
     userId

api/src/routes/api/spec/user.spec.ts

@@ -1,3 +1,4 @@
+import { randomBytes } from 'crypto'
 import { Express } from 'express'
 import mongoose, { Mongoose } from 'mongoose'
 import { MongoMemoryServer } from 'mongodb-memory-server'
@@ -101,9 +102,9 @@ describe('user', () => {
       const dbUser = await controller.createUser(user)
       const accessToken = generateAccessToken({
         clientId,
-        userId: dbUser.id
+        userId: dbUser.uid
       })
-      await saveTokensInDB(dbUser.id, clientId, accessToken, 'refreshToken')
+      await saveTokensInDB(dbUser.uid, clientId, accessToken, 'refreshToken')
 
       const res = await request(app)
         .post('/SASjsApi/user')
@@ -187,7 +188,7 @@ describe('user', () => {
       const newDisplayName = 'My new display Name'
 
       const res = await request(app)
-        .patch(`/SASjsApi/user/${dbUser.id}`)
+        .patch(`/SASjsApi/user/${dbUser.uid}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send({ ...user, displayName: newDisplayName })
         .expect(200)
@@ -200,11 +201,11 @@ describe('user', () => {
 
     it('should respond with updated user when user himself requests', async () => {
       const dbUser = await controller.createUser(user)
-      const accessToken = await generateAndSaveToken(dbUser.id)
+      const accessToken = await generateAndSaveToken(dbUser.uid)
       const newDisplayName = 'My new display Name'
 
       const res = await request(app)
-        .patch(`/SASjsApi/user/${dbUser.id}`)
+        .patch(`/SASjsApi/user/${dbUser.uid}`)
         .auth(accessToken, { type: 'bearer' })
         .send({
           displayName: newDisplayName,
@@ -221,11 +222,11 @@ describe('user', () => {
 
     it('should respond with Bad Request, only admin can update isAdmin/isActive', async () => {
       const dbUser = await controller.createUser(user)
-      const accessToken = await generateAndSaveToken(dbUser.id)
+      const accessToken = await generateAndSaveToken(dbUser.uid)
       const newDisplayName = 'My new display Name'
 
       await request(app)
-        .patch(`/SASjsApi/user/${dbUser.id}`)
+        .patch(`/SASjsApi/user/${dbUser.uid}`)
         .auth(accessToken, { type: 'bearer' })
         .send({ ...user, displayName: newDisplayName })
         .expect(400)
@@ -277,10 +278,10 @@ describe('user', () => {
         ...user,
         username: 'randomUser'
       })
-      const accessToken = await generateAndSaveToken(dbUser2.id)
+      const accessToken = await generateAndSaveToken(dbUser2.uid)
 
       const res = await request(app)
-        .patch(`/SASjsApi/user/${dbUser1.id}`)
+        .patch(`/SASjsApi/user/${dbUser1.uid}`)
         .auth(accessToken, { type: 'bearer' })
         .send(user)
         .expect(401)
@@ -297,7 +298,7 @@ describe('user', () => {
       })
 
       const res = await request(app)
-        .patch(`/SASjsApi/user/${dbUser1.id}`)
+        .patch(`/SASjsApi/user/${dbUser1.uid}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send({ username: dbUser2.username })
         .expect(409)
@@ -325,7 +326,7 @@ describe('user', () => {
 
       it('should respond with updated user when user himself requests', async () => {
         const dbUser = await controller.createUser(user)
-        const accessToken = await generateAndSaveToken(dbUser.id)
+        const accessToken = await generateAndSaveToken(dbUser.uid)
         const newDisplayName = 'My new display Name'
 
         const res = await request(app)
@@ -346,7 +347,7 @@ describe('user', () => {
 
       it('should respond with Bad Request, only admin can update isAdmin/isActive', async () => {
         const dbUser = await controller.createUser(user)
-        const accessToken = await generateAndSaveToken(dbUser.id)
+        const accessToken = await generateAndSaveToken(dbUser.uid)
         const newDisplayName = 'My new display Name'
 
         await request(app)
@@ -372,10 +373,10 @@ describe('user', () => {
           ...user,
           username: 'randomUser'
         })
-        const accessToken = await generateAndSaveToken(dbUser2.id)
+        const accessToken = await generateAndSaveToken(dbUser2.uid)
 
         const res = await request(app)
-          .patch(`/SASjsApi/user/${dbUser1.id}`)
+          .patch(`/SASjsApi/user/${dbUser1.uid}`)
           .auth(accessToken, { type: 'bearer' })
           .send(user)
           .expect(401)
@@ -418,7 +419,7 @@ describe('user', () => {
       const dbUser = await controller.createUser(user)
 
       const res = await request(app)
-        .delete(`/SASjsApi/user/${dbUser.id}`)
+        .delete(`/SASjsApi/user/${dbUser.uid}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send()
         .expect(200)
@@ -428,10 +429,10 @@ describe('user', () => {
 
     it('should respond with OK when user himself requests', async () => {
       const dbUser = await controller.createUser(user)
-      const accessToken = await generateAndSaveToken(dbUser.id)
+      const accessToken = await generateAndSaveToken(dbUser.uid)
 
       const res = await request(app)
-        .delete(`/SASjsApi/user/${dbUser.id}`)
+        .delete(`/SASjsApi/user/${dbUser.uid}`)
         .auth(accessToken, { type: 'bearer' })
         .send({ password: user.password })
         .expect(200)
@@ -441,10 +442,10 @@ describe('user', () => {
 
     it('should respond with Bad Request when user himself requests and password is missing', async () => {
       const dbUser = await controller.createUser(user)
-      const accessToken = await generateAndSaveToken(dbUser.id)
+      const accessToken = await generateAndSaveToken(dbUser.uid)
 
       const res = await request(app)
-        .delete(`/SASjsApi/user/${dbUser.id}`)
+        .delete(`/SASjsApi/user/${dbUser.uid}`)
         .auth(accessToken, { type: 'bearer' })
         .send()
         .expect(400)
@@ -469,10 +470,10 @@ describe('user', () => {
         ...user,
         username: 'randomUser'
       })
-      const accessToken = await generateAndSaveToken(dbUser2.id)
+      const accessToken = await generateAndSaveToken(dbUser2.uid)
 
       const res = await request(app)
-        .delete(`/SASjsApi/user/${dbUser1.id}`)
+        .delete(`/SASjsApi/user/${dbUser1.uid}`)
         .auth(accessToken, { type: 'bearer' })
         .send(user)
         .expect(401)
@@ -483,10 +484,10 @@ describe('user', () => {
 
     it('should respond with Unauthorized when user himself requests and password is incorrect', async () => {
       const dbUser = await controller.createUser(user)
-      const accessToken = await generateAndSaveToken(dbUser.id)
+      const accessToken = await generateAndSaveToken(dbUser.uid)
 
       const res = await request(app)
-        .delete(`/SASjsApi/user/${dbUser.id}`)
+        .delete(`/SASjsApi/user/${dbUser.uid}`)
         .auth(accessToken, { type: 'bearer' })
         .send({ password: 'incorrectpassword' })
         .expect(401)
@@ -510,7 +511,7 @@ describe('user', () => {
 
       it('should respond with OK when user himself requests', async () => {
         const dbUser = await controller.createUser(user)
-        const accessToken = await generateAndSaveToken(dbUser.id)
+        const accessToken = await generateAndSaveToken(dbUser.uid)
 
         const res = await request(app)
           .delete(`/SASjsApi/user/by/username/${dbUser.username}`)
@@ -523,7 +524,7 @@ describe('user', () => {
 
       it('should respond with Bad Request when user himself requests and password is missing', async () => {
         const dbUser = await controller.createUser(user)
-        const accessToken = await generateAndSaveToken(dbUser.id)
+        const accessToken = await generateAndSaveToken(dbUser.uid)
 
         const res = await request(app)
           .delete(`/SASjsApi/user/by/username/${dbUser.username}`)
@@ -551,7 +552,7 @@ describe('user', () => {
           ...user,
           username: 'randomUser'
         })
-        const accessToken = await generateAndSaveToken(dbUser2.id)
+        const accessToken = await generateAndSaveToken(dbUser2.uid)
 
         const res = await request(app)
           .delete(`/SASjsApi/user/by/username/${dbUser1.username}`)
@@ -565,7 +566,7 @@ describe('user', () => {
 
       it('should respond with Unauthorized when user himself requests and password is incorrect', async () => {
         const dbUser = await controller.createUser(user)
-        const accessToken = await generateAndSaveToken(dbUser.id)
+        const accessToken = await generateAndSaveToken(dbUser.uid)
 
         const res = await request(app)
           .delete(`/SASjsApi/user/by/username/${dbUser.username}`)
@@ -592,7 +593,7 @@ describe('user', () => {
 
     it('should respond with user autoExec when same user requests', async () => {
       const dbUser = await controller.createUser(user)
-      const userId = dbUser.id
+      const userId = dbUser.uid
       const accessToken = await generateAndSaveToken(userId)
 
       const res = await request(app)
@@ -611,7 +612,7 @@ describe('user', () => {
 
     it('should respond with user autoExec when admin user requests', async () => {
       const dbUser = await controller.createUser(user)
-      const userId = dbUser.id
+      const userId = dbUser.uid
 
       const res = await request(app)
         .get(`/SASjsApi/user/${userId}`)
@@ -634,7 +635,7 @@ describe('user', () => {
       })
 
       const dbUser = await controller.createUser(user)
-      const userId = dbUser.id
+      const userId = dbUser.uid
 
       const res = await request(app)
         .get(`/SASjsApi/user/${userId}`)
@@ -652,7 +653,7 @@ describe('user', () => {
 
     it('should respond with user along with associated groups', async () => {
       const dbUser = await controller.createUser(user)
-      const userId = dbUser.id
+      const userId = dbUser.uid
       const accessToken = await generateAndSaveToken(userId)
 
       const group = {
@@ -661,7 +662,7 @@ describe('user', () => {
       }
       const groupController = new GroupController()
       const dbGroup = await groupController.createGroup(group)
-      await groupController.addUserToGroup(dbGroup.groupId, dbUser.id)
+      await groupController.addUserToGroup(dbGroup.uid, dbUser.uid)
 
       const res = await request(app)
         .get(`/SASjsApi/user/${userId}`)
@@ -690,8 +691,10 @@ describe('user', () => {
     it('should respond with Not Found if userId is incorrect', async () => {
       await controller.createUser(user)
 
+      const hexValue = randomBytes(12).toString('hex')
+
       const res = await request(app)
-        .get('/SASjsApi/user/1234')
+        .get(`/SASjsApi/user/${hexValue}`)
         .auth(adminAccessToken, { type: 'bearer' })
         .send()
         .expect(404)
@@ -703,7 +706,7 @@ describe('user', () => {
     describe('by username', () => {
       it('should respond with user autoExec when same user requests', async () => {
         const dbUser = await controller.createUser(user)
-        const userId = dbUser.id
+        const userId = dbUser.uid
         const accessToken = await generateAndSaveToken(userId)
 
         const res = await request(app)
@@ -803,13 +806,13 @@ describe('user', () => {
 
       expect(res.body).toEqual([
         {
-          id: expect.anything(),
+          uid: expect.anything(),
           username: adminUser.username,
           displayName: adminUser.displayName,
           isAdmin: adminUser.isAdmin
         },
         {
-          id: expect.anything(),
+          uid: expect.anything(),
           username: user.username,
           displayName: user.displayName,
           isAdmin: user.isAdmin
@@ -831,13 +834,13 @@ describe('user', () => {
 
       expect(res.body).toEqual([
         {
-          id: expect.anything(),
+          uid: expect.anything(),
           username: adminUser.username,
           displayName: adminUser.displayName,
           isAdmin: adminUser.isAdmin
         },
         {
-          id: expect.anything(),
+          uid: expect.anything(),
           username: 'randomUser',
           displayName: user.displayName,
           isAdmin: user.isAdmin
@@ -859,10 +862,10 @@ const generateSaveTokenAndCreateUser = async (
 ): Promise<string> => {
   const dbUser = await controller.createUser(someUser ?? adminUser)
 
-  return generateAndSaveToken(dbUser.id)
+  return generateAndSaveToken(dbUser.uid)
 }
 
-const generateAndSaveToken = async (userId: number) => {
+const generateAndSaveToken = async (userId: string) => {
   const adminAccessToken = generateAccessToken({
     clientId,
     userId

api/src/routes/api/spec/web.spec.ts

@@ -47,73 +47,6 @@ describe('web', () => {
     })
   })
 
-  describe('SASLogon/login', () => {
-    let csrfToken: string
-
-    beforeAll(async () => {
-      ;({ csrfToken } = await getCSRF(app))
-    })
-
-    afterEach(async () => {
-      const collections = mongoose.connection.collections
-      const collection = collections['users']
-      await collection.deleteMany({})
-    })
-
-    it('should respond with successful login', async () => {
-      await userController.createUser(user)
-
-      const res = await request(app)
-        .post('/SASLogon/login')
-        .set('x-xsrf-token', csrfToken)
-        .send({
-          username: user.username,
-          password: user.password
-        })
-        .expect(200)
-
-      expect(res.body.loggedIn).toBeTruthy()
-      expect(res.body.user).toEqual({
-        id: expect.any(Number),
-        username: user.username,
-        displayName: user.displayName,
-        isAdmin: user.isAdmin,
-        needsToUpdatePassword: true
-      })
-    })
-
-    it('should respond with Bad Request if CSRF Token is not present', async () => {
-      await userController.createUser(user)
-
-      const res = await request(app)
-        .post('/SASLogon/login')
-        .send({
-          username: user.username,
-          password: user.password
-        })
-        .expect(400)
-
-      expect(res.text).toEqual('Invalid CSRF token!')
-      expect(res.body).toEqual({})
-    })
-
-    it('should respond with Bad Request if CSRF Token is invalid', async () => {
-      await userController.createUser(user)
-
-      const res = await request(app)
-        .post('/SASLogon/login')
-        .set('x-xsrf-token', 'INVALID_CSRF_TOKEN')
-        .send({
-          username: user.username,
-          password: user.password
-        })
-        .expect(400)
-
-      expect(res.text).toEqual('Invalid CSRF token!')
-      expect(res.body).toEqual({})
-    })
-  })
-
   describe('SASLogon/authorize', () => {
     let csrfToken: string
     let authCookies: string
@@ -184,6 +117,147 @@ describe('web', () => {
       expect(res.body).toEqual({})
     })
   })
+
+  describe('SASLogon/login', () => {
+    let csrfToken: string
+
+    beforeAll(async () => {
+      ;({ csrfToken } = await getCSRF(app))
+    })
+
+    afterEach(async () => {
+      const collections = mongoose.connection.collections
+      const collection = collections['users']
+      await collection.deleteMany({})
+    })
+
+    it('should respond with successful login', async () => {
+      await userController.createUser(user)
+
+      const res = await request(app)
+        .post('/SASLogon/login')
+        .set('x-xsrf-token', csrfToken)
+        .send({
+          username: user.username,
+          password: user.password
+        })
+        .expect(200)
+
+      expect(res.body.loggedIn).toBeTruthy()
+      expect(res.body.user).toEqual({
+        id: expect.any(String),
+        username: user.username,
+        displayName: user.displayName,
+        isAdmin: user.isAdmin,
+        needsToUpdatePassword: true
+      })
+    })
+
+    it('should respond with too many requests when attempting with invalid password for a same user too many times', async () => {
+      await userController.createUser(user)
+
+      const promises: request.Test[] = []
+
+      const maxConsecutiveFailsByUsernameAndIp = Number(
+        process.env.MAX_CONSECUTIVE_FAILS_BY_USERNAME_AND_IP
+      )
+
+      Array(maxConsecutiveFailsByUsernameAndIp + 1)
+        .fill(0)
+        .map((_, i) => {
+          promises.push(
+            request(app)
+              .post('/SASLogon/login')
+              .set('x-xsrf-token', csrfToken)
+              .send({
+                username: user.username,
+                password: 'invalid-password'
+              })
+          )
+        })
+
+      await Promise.all(promises)
+
+      const res = await request(app)
+        .post('/SASLogon/login')
+        .set('x-xsrf-token', csrfToken)
+        .send({
+          username: user.username,
+          password: user.password
+        })
+        .expect(429)
+
+      expect(res.text).toContain('Too Many Requests!')
+    })
+
+    it('should respond with too many requests when attempting with invalid credentials for different users but with same ip too many times', async () => {
+      await userController.createUser(user)
+
+      const promises: request.Test[] = []
+
+      const maxWrongAttemptsByIpPerDay = Number(
+        process.env.MAX_WRONG_ATTEMPTS_BY_IP_PER_DAY
+      )
+
+      Array(maxWrongAttemptsByIpPerDay + 1)
+        .fill(0)
+        .map((_, i) => {
+          promises.push(
+            request(app)
+              .post('/SASLogon/login')
+              .set('x-xsrf-token', csrfToken)
+              .send({
+                username: `user${i}`,
+                password: 'invalid-password'
+              })
+          )
+        })
+
+      await Promise.all(promises)
+
+      const res = await request(app)
+        .post('/SASLogon/login')
+        .set('x-xsrf-token', csrfToken)
+        .send({
+          username: user.username,
+          password: user.password
+        })
+        .expect(429)
+
+      expect(res.text).toContain('Too Many Requests!')
+    })
+
+    it('should respond with Bad Request if CSRF Token is not present', async () => {
+      await userController.createUser(user)
+
+      const res = await request(app)
+        .post('/SASLogon/login')
+        .send({
+          username: user.username,
+          password: user.password
+        })
+        .expect(400)
+
+      expect(res.text).toEqual('Invalid CSRF token!')
+      expect(res.body).toEqual({})
+    })
+
+    it('should respond with Bad Request if CSRF Token is invalid', async () => {
+      await userController.createUser(user)
+
+      const res = await request(app)
+        .post('/SASLogon/login')
+        .set('x-xsrf-token', 'INVALID_CSRF_TOKEN')
+        .send({
+          username: user.username,
+          password: user.password
+        })
+        .expect(400)
+
+      expect(res.text).toEqual('Invalid CSRF token!')
+      expect(res.body).toEqual({})
+    })
+  })
 })
 
 const getCSRF = async (app: Express) => {

api/src/routes/api/user.ts

@@ -9,6 +9,7 @@ import {
   deleteUserValidation,
   getUserValidation,
   registerUserValidation,
+  uidValidation,
   updateUserValidation
 } from '../../utils'
 
@@ -56,12 +57,15 @@ userRouter.get(
   }
 )
 
-userRouter.get('/:userId', authenticateAccessToken, async (req, res) => {
+userRouter.get('/:uid', authenticateAccessToken, async (req, res) => {
-  const { userId } = req.params
+  const { error, value: params } = uidValidation(req.params)
+  if (error) return res.status(400).send(error.details[0].message)
+
+  const { uid } = params
 
   const controller = new UserController()
   try {
-    const response = await controller.getUser(req, parseInt(userId))
+    const response = await controller.getUser(req, uid)
     res.send(response)
   } catch (err: any) {
     res.status(err.code).send(err.message)
@@ -97,12 +101,16 @@ userRouter.patch(
 )
 
 userRouter.patch(
-  '/:userId',
+  '/:uid',
   authenticateAccessToken,
   verifyAdminIfNeeded,
   async (req, res) => {
     const { user } = req
-    const { userId } = req.params
+
+    const { error: uidError, value: params } = uidValidation(req.params)
+    if (uidError) return res.status(400).send(uidError.details[0].message)
+
+    const { uid } = params
 
     // only an admin can update `isActive` and `isAdmin` fields
     const { error, value: body } = updateUserValidation(req.body, user!.isAdmin)
@@ -110,7 +118,7 @@ userRouter.patch(
 
     const controller = new UserController()
     try {
-      const response = await controller.updateUser(parseInt(userId), body)
+      const response = await controller.updateUser(uid, body)
       res.send(response)
     } catch (err: any) {
       res.status(err.code).send(err.message)
@@ -147,12 +155,16 @@ userRouter.delete(
 )
 
 userRouter.delete(
-  '/:userId',
+  '/:uid',
   authenticateAccessToken,
   verifyAdminIfNeeded,
   async (req, res) => {
     const { user } = req
-    const { userId } = req.params
+
+    const { error: uidError, value: params } = uidValidation(req.params)
+    if (uidError) return res.status(400).send(uidError.details[0].message)
+
+    const { uid } = params
 
     // only an admin can delete user without providing password
     const { error, value: data } = deleteUserValidation(req.body, user!.isAdmin)
@@ -160,7 +172,7 @@ userRouter.delete(
 
     const controller = new UserController()
     try {
-      await controller.deleteUser(parseInt(userId), data, user!.isAdmin)
+      await controller.deleteUser(uid, data, user!.isAdmin)
       res.status(200).send('Account Deleted!')
     } catch (err: any) {
       res.status(err.code).send(err.message)

api/src/routes/web/web.ts

@@ -1,7 +1,11 @@
 import express from 'express'
 import { generateCSRFToken } from '../../middlewares'
 import { WebController } from '../../controllers/web'
-import { authenticateAccessToken, desktopRestrict } from '../../middlewares'
+import {
+  authenticateAccessToken,
+  bruteForceProtection,
+  desktopRestrict
+} from '../../middlewares'
 import { authorizeValidation, loginWebValidation } from '../../utils'
 
 const webRouter = express.Router()
@@ -27,17 +31,26 @@ webRouter.get('/', async (req, res) => {
   }
 })
 
-webRouter.post('/SASLogon/login', desktopRestrict, async (req, res) => {
+webRouter.post(
-  const { error, value: body } = loginWebValidation(req.body)
+  '/SASLogon/login',
-  if (error) return res.status(400).send(error.details[0].message)
+  desktopRestrict,
+  bruteForceProtection,
+  async (req, res) => {
+    const { error, value: body } = loginWebValidation(req.body)
+    if (error) return res.status(400).send(error.details[0].message)
 
-  try {
+    try {
-    const response = await controller.login(req, body)
+      const response = await controller.login(req, body)
-    res.send(response)
+      res.send(response)
-  } catch (err: any) {
+    } catch (err: any) {
-    res.status(403).send(err.toString())
+      if (err instanceof Error) {
+        res.status(500).send(err.toString())
+      } else {
+        res.status(err.code).send(err.message)
+      }
+    }
   }
-})
+)
 
 webRouter.post(
   '/SASLogon/authorize',

api/src/types/InfoJWT.ts

@@ -1,4 +1,4 @@
 export interface InfoJWT {
   clientId: string
-  userId: number
+  userId: string
 }

api/src/types/PreProgramVars.ts

@@ -1,6 +1,6 @@
 export interface PreProgramVars {
   username: string
-  userId: number
+  userId: string
   displayName: string
   serverUrl: string
   httpHeaders: string[]

api/src/types/RequestUser.ts

@@ -1,5 +1,5 @@
 export interface RequestUser {
-  userId: number
+  userId: string
   clientId: string
   username: string
   displayName: string

api/src/utils/crypto.ts

@@ -0,0 +1,4 @@
+import { randomBytes } from 'crypto'
+
+export const randomBytesHexString = (bytesCount: number) =>
+  randomBytes(bytesCount).toString('hex')

api/src/utils/getAuthorizedRoutes.ts

@@ -1,7 +1,8 @@
 import { Request } from 'express'
 
+export const TopLevelRoutes = ['/AppStream', '/SASjsApi']
+
 const StaticAuthorizedRoutes = [
-  '/AppStream',
   '/SASjsApi/code/execute',
   '/SASjsApi/stp/execute',
   '/SASjsApi/drive/deploy',
@@ -15,7 +16,7 @@ const StaticAuthorizedRoutes = [
 export const getAuthorizedRoutes = () => {
   const streamingApps = Object.keys(process.appStreamConfig)
   const streamingAppsRoutes = streamingApps.map((app) => `/AppStream/${app}`)
-  return [...StaticAuthorizedRoutes, ...streamingAppsRoutes]
+  return [...TopLevelRoutes, ...StaticAuthorizedRoutes, ...streamingAppsRoutes]
 }
 
 export const getPath = (req: Request) => {

api/src/utils/getPreProgramVariables.ts

@@ -22,7 +22,7 @@ export const getPreProgramVariables = (req: Request): PreProgramVars => {
   //So this is workaround.
   return {
     username: user ? user.username : 'demo',
-    userId: user ? user.userId : 0,
+    userId: user ? user.userId : 'demoId',
     displayName: user ? user.displayName : 'demo',
     serverUrl: protocol + host,
     httpHeaders

api/src/utils/getTokensFromDB.ts

@@ -4,7 +4,7 @@ import User from '../model/User'
 const isValidToken = async (
   token: string,
   key: string,
-  userId: number,
+  userId: string,
   clientId: string
 ) => {
   const promise = new Promise<boolean>((resolve, reject) =>
@@ -22,8 +22,8 @@ const isValidToken = async (
   return await promise.then(() => true).catch(() => false)
 }
 
-export const getTokensFromDB = async (userId: number, clientId: string) => {
+export const getTokensFromDB = async (userId: string, clientId: string) => {
-  const user = await User.findOne({ id: userId })
+  const user = await User.findOne({ _id: userId })
   if (!user) return
 
   const currentTokenObj = user.tokens.find(

api/src/utils/index.ts

@@ -2,6 +2,7 @@ export * from './appStreamConfig'
 export * from './connectDB'
 export * from './copySASjsCore'
 export * from './createWeboutSasFile'
+export * from './crypto'
 export * from './desktopAutoExec'
 export * from './extractHeaders'
 export * from './extractName'
@@ -20,8 +21,8 @@ export * from './instantiateLogger'
 export * from './isDebugOn'
 export * from './isPublicRoute'
 export * from './ldapClient'
-export * from './zipped'
 export * from './parseLogToArray'
+export * from './rateLimiter'
 export * from './removeTokensInDB'
 export * from './saveTokensInDB'
 export * from './seedDB'
@@ -32,3 +33,4 @@ export * from './upload'
 export * from './validation'
 export * from './verifyEnvVariables'
 export * from './verifyTokenInDB'
+export * from './zipped'

api/src/utils/isPublicRoute.ts

@@ -22,7 +22,7 @@ export const isPublicRoute = async (req: Request): Promise<boolean> => {
 }
 
 export const publicUser: RequestUser = {
-  userId: 0,
+  userId: 'public_user_id',
   clientId: 'public_app',
   username: 'publicUser',
   displayName: 'Public User',

api/src/utils/rateLimiter.ts

@@ -0,0 +1,123 @@
+import { RateLimiterMemory } from 'rate-limiter-flexible'
+
+export class RateLimiter {
+  private static instance: RateLimiter
+  private limiterSlowBruteByIP: RateLimiterMemory
+  private limiterConsecutiveFailsByUsernameAndIP: RateLimiterMemory
+  private maxWrongAttemptsByIpPerDay: number
+  private maxConsecutiveFailsByUsernameAndIp: number
+
+  private constructor() {
+    const {
+      MAX_WRONG_ATTEMPTS_BY_IP_PER_DAY,
+      MAX_CONSECUTIVE_FAILS_BY_USERNAME_AND_IP
+    } = process.env
+
+    this.maxWrongAttemptsByIpPerDay = Number(MAX_WRONG_ATTEMPTS_BY_IP_PER_DAY)
+    this.maxConsecutiveFailsByUsernameAndIp = Number(
+      MAX_CONSECUTIVE_FAILS_BY_USERNAME_AND_IP
+    )
+
+    this.limiterSlowBruteByIP = new RateLimiterMemory({
+      keyPrefix: 'login_fail_ip_per_day',
+      points: this.maxWrongAttemptsByIpPerDay,
+      duration: 60 * 60 * 24,
+      blockDuration: 60 * 60 * 24 // Block for 1 day
+    })
+
+    this.limiterConsecutiveFailsByUsernameAndIP = new RateLimiterMemory({
+      keyPrefix: 'login_fail_consecutive_username_and_ip',
+      points: this.maxConsecutiveFailsByUsernameAndIp,
+      duration: 60 * 60 * 24 * 24, // Store number for 24 days since first fail
+      blockDuration: 60 * 60 // Block for 1 hour
+    })
+  }
+
+  public static getInstance() {
+    if (!RateLimiter.instance) {
+      RateLimiter.instance = new RateLimiter()
+    }
+    return RateLimiter.instance
+  }
+
+  private getUsernameIPKey(ip: string, username: string) {
+    return `${username}_${ip}`
+  }
+
+  /**
+   *  This method checks for brute force attack
+   *  If attack is detected then returns the number of seconds after which user can make another request
+   *  Else returns 0
+   */
+  public async check(ip: string, username: string) {
+    const usernameIPkey = this.getUsernameIPKey(ip, username)
+
+    const [resSlowByIP, resUsernameAndIP] = await Promise.all([
+      this.limiterSlowBruteByIP.get(ip),
+      this.limiterConsecutiveFailsByUsernameAndIP.get(usernameIPkey)
+    ])
+
+    // NOTE: To make use of blockDuration option, comparison in both following if statements should have greater than symbol
+    //       otherwise, blockDuration option will not work
+    // For more info see: https://github.com/animir/node-rate-limiter-flexible/wiki/Options#blockduration
+
+    // Check if IP or Username + IP is already blocked
+    if (
+      resSlowByIP !== null &&
+      resSlowByIP.consumedPoints > this.maxWrongAttemptsByIpPerDay
+    ) {
+      return Math.ceil(resSlowByIP.msBeforeNext / 1000)
+    } else if (
+      resUsernameAndIP !== null &&
+      resUsernameAndIP.consumedPoints > this.maxConsecutiveFailsByUsernameAndIp
+    ) {
+      return Math.ceil(resUsernameAndIP.msBeforeNext / 1000)
+    }
+
+    return 0
+  }
+
+  /**
+   * Consume 1 point from limiters on wrong attempt and block if limits reached
+   * If limit is reached, return the number of seconds after which user can make another request
+   * Else return 0
+   */
+  public async consume(ip: string, username?: string) {
+    try {
+      const promises = [this.limiterSlowBruteByIP.consume(ip)]
+      if (username) {
+        const usernameIPkey = this.getUsernameIPKey(ip, username)
+
+        // Count failed attempts by Username + IP only for registered users
+        promises.push(
+          this.limiterConsecutiveFailsByUsernameAndIP.consume(usernameIPkey)
+        )
+      }
+
+      await Promise.all(promises)
+    } catch (rlRejected: any) {
+      if (rlRejected instanceof Error) {
+        throw rlRejected
+      } else {
+        // based upon the implementation of consume method of RateLimiterMemory
+        // we are sure that rlRejected will contain msBeforeNext
+        // for further reference,
+        // see https://github.com/animir/node-rate-limiter-flexible/wiki/Overall-example#login-endpoint-protection
+        // or see https://github.com/animir/node-rate-limiter-flexible#ratelimiterres-object
+        return Math.ceil(rlRejected.msBeforeNext / 1000)
+      }
+    }
+
+    return 0
+  }
+
+  public async resetOnSuccess(ip: string, username: string) {
+    const usernameIPkey = this.getUsernameIPKey(ip, username)
+    const resUsernameAndIP =
+      await this.limiterConsecutiveFailsByUsernameAndIP.get(usernameIPkey)
+
+    if (resUsernameAndIP !== null && resUsernameAndIP.consumedPoints > 0) {
+      await this.limiterConsecutiveFailsByUsernameAndIP.delete(usernameIPkey)
+    }
+  }
+}

api/src/utils/removeTokensInDB.ts

@@ -1,7 +1,7 @@
 import User from '../model/User'
 
-export const removeTokensInDB = async (userId: number, clientId: string) => {
+export const removeTokensInDB = async (userId: string, clientId: string) => {
-  const user = await User.findOne({ id: userId })
+  const user = await User.findOne({ _id: userId })
   if (!user) return
 
   const tokenObjIndex = user.tokens.findIndex(

api/src/utils/saveTokensInDB.ts

@@ -1,12 +1,12 @@
 import User from '../model/User'
 
 export const saveTokensInDB = async (
-  userId: number,
+  userId: string,
   clientId: string,
   accessToken: string,
   refreshToken: string
 ) => {
-  const user = await User.findOne({ id: userId })
+  const user = await User.findOne({ _id: userId })
   if (!user) return
 
   const currentTokenObj = user.tokens.find(

api/src/utils/seedDB.ts

@@ -1,7 +1,9 @@
+import bcrypt from 'bcryptjs'
 import Client from '../model/Client'
 import Group, { PUBLIC_GROUP_NAME } from '../model/Group'
-import User from '../model/User'
+import User, { IUser } from '../model/User'
 import Configuration, { ConfigurationType } from '../model/Configuration'
+import { ResetAdminPasswordType } from './verifyEnvVariables'
 
 import { randomBytes } from 'crypto'
 
@@ -23,12 +25,12 @@ export const seedDB = async (): Promise<ConfigurationType> => {
   }
 
   // Checking if 'AllUsers' Group is already in the database
-  let groupExist = await Group.findOne({ name: GROUP.name })
+  let groupExist = await Group.findOne({ name: ALL_USERS_GROUP.name })
   if (!groupExist) {
-    const group = new Group(GROUP)
+    const group = new Group(ALL_USERS_GROUP)
     groupExist = await group.save()
 
-    process.logger.success(`DB Seed - Group created: ${GROUP.name}`)
+    process.logger.success(`DB Seed - Group created: ${ALL_USERS_GROUP.name}`)
   }
 
   // Checking if 'Public' Group is already in the database
@@ -40,9 +42,13 @@ export const seedDB = async (): Promise<ConfigurationType> => {
     process.logger.success(`DB Seed - Group created: ${PUBLIC_GROUP.name}`)
   }
 
+  const ADMIN_USER = getAdminUser()
+
   // Checking if user is already in the database
   let usernameExist = await User.findOne({ username: ADMIN_USER.username })
-  if (!usernameExist) {
+  if (usernameExist) {
+    usernameExist = await resetAdminPassword(usernameExist, ADMIN_USER.password)
+  } else {
     const user = new User(ADMIN_USER)
     usernameExist = await user.save()
 
@@ -51,10 +57,10 @@ export const seedDB = async (): Promise<ConfigurationType> => {
     )
   }
 
-  if (!groupExist.hasUser(usernameExist)) {
+  if (usernameExist.isAdmin && !groupExist.hasUser(usernameExist)) {
     groupExist.addUser(usernameExist)
     process.logger.success(
-      `DB Seed - admin account '${ADMIN_USER.username}' added to Group '${GROUP.name}'`
+      `DB Seed - admin account '${ADMIN_USER.username}' added to Group '${ALL_USERS_GROUP.name}'`
     )
   }
 
@@ -75,8 +81,8 @@ export const seedDB = async (): Promise<ConfigurationType> => {
   }
 }
 
-const GROUP = {
+export const ALL_USERS_GROUP = {
-  name: 'AllUsers',
+  name: 'all-users',
   description: 'Group contains all users'
 }
 
@@ -90,11 +96,52 @@ const CLIENT = {
   clientId: 'clientID1',
   clientSecret: 'clientSecret'
 }
-const ADMIN_USER = {
+
-  id: 1,
+const getAdminUser = () => {
-  displayName: 'Super Admin',
+  const { ADMIN_USERNAME, ADMIN_PASSWORD_INITIAL } = process.env
-  username: 'secretuser',
+
-  password: '$2a$10$hKvcVEZdhEQZCcxt6npazO6mY4jJkrzWvfQ5stdBZi8VTTwVMCVXO',
+  const salt = bcrypt.genSaltSync(10)
-  isAdmin: true,
+  const hashedPassword = bcrypt.hashSync(ADMIN_PASSWORD_INITIAL as string, salt)
-  isActive: true
+
+  return {
+    displayName: 'Super Admin',
+    username: ADMIN_USERNAME,
+    password: hashedPassword,
+    isAdmin: true,
+    isActive: true
+  }
+}
+
+const resetAdminPassword = async (user: IUser, password: string) => {
+  const { ADMIN_PASSWORD_RESET } = process.env
+
+  if (ADMIN_PASSWORD_RESET === ResetAdminPasswordType.YES) {
+    if (!user.isAdmin) {
+      process.logger.error(
+        `Can not reset the password of non-admin user (${user.username}) on startup.`
+      )
+
+      return user
+    }
+
+    if (user.authProvider) {
+      process.logger.error(
+        `Can not reset the password of admin (${user.username}) with ${user.authProvider} as authentication mechanism.`
+      )
+
+      return user
+    }
+
+    process.logger.info(
+      `DB Seed - resetting password for admin user: ${user.username}`
+    )
+
+    user.password = password
+    user.needsToUpdatePassword = true
+    user = await user.save()
+
+    process.logger.success(`DB Seed - successfully reset the password`)
+  }
+
+  return user
 }

api/src/utils/validation.ts

@@ -12,6 +12,11 @@ const groupnameSchema = Joi.string().lowercase().alphanum().min(3).max(16)
 
 export const blockFileRegex = /\.(exe|sh|htaccess)$/i
 
+export const uidValidation = (data: any) =>
+  Joi.object({
+    uid: Joi.string().length(24).hex().required()
+  }).validate(data)
+
 export const getUserValidation = (data: any): Joi.ValidationResult =>
   Joi.object({
     username: usernameSchema.required()
@@ -113,7 +118,7 @@ export const registerPermissionValidation = (data: any): Joi.ValidationResult =>
     principalType: Joi.string()
       .required()
       .valid(...Object.values(PrincipalType)),
-    principalId: Joi.number().required()
+    principalId: Joi.string().length(24).hex().required()
   }).validate(data)
 
 export const updatePermissionValidation = (data: any): Joi.ValidationResult =>

api/src/utils/verifyEnvVariables.ts

@@ -47,6 +47,16 @@ export enum ReturnCode {
   InvalidEnv
 }
 
+export enum DatabaseType {
+  MONGO = 'mongodb',
+  COSMOS_MONGODB = 'cosmos_mongodb'
+}
+
+export enum ResetAdminPasswordType {
+  YES = 'YES',
+  NO = 'NO'
+}
+
 export const verifyEnvVariables = (): ReturnCode => {
   const errors: string[] = []
 
@@ -70,6 +80,12 @@ export const verifyEnvVariables = (): ReturnCode => {
 
   errors.push(...verifyLDAPVariables())
 
+  errors.push(...verifyDbType())
+
+  errors.push(...verifyRateLimiter())
+
+  errors.push(...verifyAdminUserConfig())
+
   if (errors.length) {
     process.logger?.error(
       `Invalid environment variable(s) provided: \n${errors.join('\n')}`
@@ -342,11 +358,111 @@ const verifyLDAPVariables = () => {
   return errors
 }
 
+const verifyDbType = () => {
+  const errors: string[] = []
+
+  const { MODE, DB_TYPE } = process.env
+
+  if (MODE === ModeType.Server) {
+    if (DB_TYPE) {
+      const dbTypes = Object.values(DatabaseType)
+      if (!dbTypes.includes(DB_TYPE as DatabaseType))
+        errors.push(`- DB_TYPE '${DB_TYPE}'\n - valid options ${dbTypes}`)
+    } else {
+      process.env.DB_TYPE = DEFAULTS.DB_TYPE
+    }
+  }
+
+  return errors
+}
+
+const verifyRateLimiter = () => {
+  const errors: string[] = []
+  const {
+    MODE,
+    MAX_WRONG_ATTEMPTS_BY_IP_PER_DAY,
+    MAX_CONSECUTIVE_FAILS_BY_USERNAME_AND_IP
+  } = process.env
+  if (MODE === ModeType.Server) {
+    if (MAX_WRONG_ATTEMPTS_BY_IP_PER_DAY) {
+      if (
+        !isNumeric(MAX_WRONG_ATTEMPTS_BY_IP_PER_DAY) ||
+        Number(MAX_WRONG_ATTEMPTS_BY_IP_PER_DAY) < 1
+      ) {
+        errors.push(
+          `- Invalid value for 'MAX_WRONG_ATTEMPTS_BY_IP_PER_DAY' - Only positive number is acceptable`
+        )
+      }
+    } else {
+      process.env.MAX_WRONG_ATTEMPTS_BY_IP_PER_DAY =
+        DEFAULTS.MAX_WRONG_ATTEMPTS_BY_IP_PER_DAY
+    }
+
+    if (MAX_CONSECUTIVE_FAILS_BY_USERNAME_AND_IP) {
+      if (
+        !isNumeric(MAX_CONSECUTIVE_FAILS_BY_USERNAME_AND_IP) ||
+        Number(MAX_CONSECUTIVE_FAILS_BY_USERNAME_AND_IP) < 1
+      ) {
+        errors.push(
+          `- Invalid value for 'MAX_CONSECUTIVE_FAILS_BY_USERNAME_AND_IP' - Only positive number is acceptable`
+        )
+      }
+    } else {
+      process.env.MAX_CONSECUTIVE_FAILS_BY_USERNAME_AND_IP =
+        DEFAULTS.MAX_CONSECUTIVE_FAILS_BY_USERNAME_AND_IP
+    }
+  }
+
+  return errors
+}
+
+const verifyAdminUserConfig = () => {
+  const errors: string[] = []
+  const { MODE, ADMIN_USERNAME, ADMIN_PASSWORD_INITIAL, ADMIN_PASSWORD_RESET } =
+    process.env
+  if (MODE === ModeType.Server) {
+    if (ADMIN_USERNAME) {
+      process.env.ADMIN_USERNAME = ADMIN_USERNAME.toLowerCase()
+    } else {
+      process.env.ADMIN_USERNAME = DEFAULTS.ADMIN_USERNAME
+    }
+
+    if (!ADMIN_PASSWORD_INITIAL)
+      process.env.ADMIN_PASSWORD_INITIAL = DEFAULTS.ADMIN_PASSWORD_INITIAL
+
+    if (ADMIN_PASSWORD_RESET) {
+      const resetPasswordTypes = Object.values(ResetAdminPasswordType)
+      if (
+        !resetPasswordTypes.includes(
+          ADMIN_PASSWORD_RESET as ResetAdminPasswordType
+        )
+      )
+        errors.push(
+          `- ADMIN_PASSWORD_RESET '${ADMIN_PASSWORD_RESET}'\n - valid options ${resetPasswordTypes}`
+        )
+    } else {
+      process.env.ADMIN_PASSWORD_RESET = DEFAULTS.ADMIN_PASSWORD_RESET
+    }
+  }
+
+  return errors
+}
+
+const isNumeric = (val: string): boolean => {
+  return !isNaN(Number(val))
+}
+
 const DEFAULTS = {
   MODE: ModeType.Desktop,
   PROTOCOL: ProtocolType.HTTP,
   PORT: '5000',
   HELMET_COEP: HelmetCoepType.TRUE,
   LOG_FORMAT_MORGAN: LOG_FORMAT_MORGANType.Common,
-  RUN_TIMES: RunTimeType.SAS
+  RUN_TIMES: RunTimeType.SAS,
+  DB_TYPE: DatabaseType.MONGO,
+  MAX_WRONG_ATTEMPTS_BY_IP_PER_DAY: '100',
+  MAX_CONSECUTIVE_FAILS_BY_USERNAME_AND_IP: '10',
+  ADMIN_USERNAME: 'secretuser',
+  ADMIN_PASSWORD_INITIAL: 'secretpassword',
+  ADMIN_PASSWORD_RESET: ResetAdminPasswordType.NO
 }

api/src/utils/verifyTokenInDB.ts

@@ -4,7 +4,7 @@ import { RequestUser } from '../types'
 export const fetchLatestAutoExec = async (
   reqUser: RequestUser
 ): Promise<RequestUser | undefined> => {
-  const dbUser = await User.findOne({ id: reqUser.userId })
+  const dbUser = await User.findOne({ _id: reqUser.userId })
 
   if (!dbUser) return undefined
 
@@ -21,12 +21,12 @@ export const fetchLatestAutoExec = async (
 }
 
 export const verifyTokenInDB = async (
-  userId: number,
+  userId: string,
   clientId: string,
   token: string,
   tokenType: 'accessToken' | 'refreshToken'
 ): Promise<RequestUser | undefined> => {
-  const dbUser = await User.findOne({ id: userId })
+  const dbUser = await User.findOne({ _id: userId })
 
   if (!dbUser) return undefined
 

web/package.json

@@ -25,6 +25,7 @@
     "react": "^17.0.2",
     "react-copy-to-clipboard": "^5.1.0",
     "react-dom": "^17.0.2",
+    "react-highlight": "^0.15.0",
     "react-monaco-editor": "^0.48.0",
     "react-router-dom": "^6.3.0",
     "react-toastify": "^9.0.1"
@@ -41,6 +42,7 @@
     "@types/react": "^17.0.37",
     "@types/react-copy-to-clipboard": "^5.0.2",
     "@types/react-dom": "^17.0.11",
+    "@types/react-highlight": "^0.12.5",
     "@types/react-router-dom": "^5.3.1",
     "babel-loader": "^8.2.3",
     "babel-plugin-prismjs": "^2.1.0",
@@ -59,6 +61,7 @@
     "style-loader": "^3.3.1",
     "ts-loader": "^9.2.6",
     "typescript": "^4.5.2",
+    "typescript-plugin-css-modules": "^5.0.1",
     "webpack": "5.64.3",
     "webpack-cli": "^4.9.2",
     "webpack-dev-server": "4.7.4"

web/src/components/home.tsx

@@ -5,7 +5,7 @@ import Box from '@mui/material/Box'
 
 const Home = () => {
   return (
-    <Box className="main">
+    <Box className="container">
       <CssBaseline />
       <h2>Welcome to SASjs Server!</h2>
       <p>

web/src/components/login.tsx

@@ -2,7 +2,14 @@ import axios from 'axios'
 import React, { useState, useContext } from 'react'
 import PropTypes from 'prop-types'
 
-import { CssBaseline, Box, TextField, Button } from '@mui/material'
+import {
+  Backdrop,
+  CircularProgress,
+  CssBaseline,
+  Box,
+  TextField,
+  Button
+} from '@mui/material'
 import { AppContext } from '../context/appContext'
 
 const login = async (payload: { username: string; password: string }) =>
@@ -10,21 +17,27 @@ const login = async (payload: { username: string; password: string }) =>
 
 const Login = () => {
   const appContext = useContext(AppContext)
+  const [isLoading, setIsLoading] = useState(false)
   const [username, setUsername] = useState('')
   const [password, setPassword] = useState('')
   const [errorMessage, setErrorMessage] = useState('')
 
   const handleSubmit = async (e: any) => {
+    setIsLoading(true)
     setErrorMessage('')
     e.preventDefault()
 
     const { loggedIn, user } = await login({
       username,
       password
-    }).catch((err: any) => {
-      setErrorMessage(err.response?.data || err.toString())
-      return {}
     })
+      .catch((err: any) => {
+        setErrorMessage(err.response?.data || err.toString())
+        return {}
+      })
+      .finally(() => {
+        setIsLoading(false)
+      })
 
     if (loggedIn) {
       appContext.setUserId?.(user.id)
@@ -37,42 +50,51 @@ const Login = () => {
   }
 
   return (
-    <Box
+    <>
-      className="main"
+      <Backdrop
-      component="form"
+        sx={{ color: '#fff', zIndex: (theme) => theme.zIndex.drawer + 1 }}
-      onSubmit={handleSubmit}
+        open={isLoading}
-      sx={{
-        '& > :not(style)': { m: 1, width: '25ch' }
-      }}
-    >
-      <CssBaseline />
-      <br />
-      <h2 style={{ width: 'auto' }}>Welcome to SASjs Server!</h2>
-      <TextField
-        id="username"
-        label="Username"
-        type="text"
-        variant="outlined"
-        onChange={(e: any) => setUsername(e.target.value)}
-        required
-      />
-      <TextField
-        id="password"
-        label="Password"
-        type="password"
-        variant="outlined"
-        onChange={(e: any) => setPassword(e.target.value)}
-        required
-      />
-      {errorMessage && <span>{errorMessage}</span>}
-      <Button
-        type="submit"
-        variant="outlined"
-        disabled={!appContext.setLoggedIn}
       >
-        Submit
+        <CircularProgress color="inherit" />
-      </Button>
+      </Backdrop>
-    </Box>
+
+      <Box
+        className="container"
+        component="form"
+        onSubmit={handleSubmit}
+        sx={{
+          '& > :not(style)': { m: 1, width: '25ch' }
+        }}
+      >
+        <CssBaseline />
+        <br />
+        <h2 style={{ width: 'auto' }}>Welcome to SASjs Server!</h2>
+        <TextField
+          id="username"
+          label="Username"
+          type="text"
+          variant="outlined"
+          onChange={(e: any) => setUsername(e.target.value)}
+          required
+        />
+        <TextField
+          id="password"
+          label="Password"
+          type="password"
+          variant="outlined"
+          onChange={(e: any) => setPassword(e.target.value)}
+          required
+        />
+        {errorMessage && <span>{errorMessage}</span>}
+        <Button
+          type="submit"
+          variant="outlined"
+          disabled={!appContext.setLoggedIn}
+        >
+          Submit
+        </Button>
+      </Box>
+    </>
   )
 }
 

web/src/components/updatePassword.tsx

@@ -69,7 +69,7 @@ const UpdatePassword = () => {
     />
   ) : (
     <Box
-      className="main"
+      className="container"
       component="form"
       onSubmit={handleSubmit}
       sx={{

web/src/containers/AuthCode/index.tsx

@@ -47,7 +47,7 @@ const AuthCode = () => {
   }
 
   return (
-    <Box className="main">
+    <Box className="container">
       <CssBaseline />
       <br />
       <h2>Authorization Code</h2>

web/src/containers/Settings/internal/components/addPermissionModal.tsx

@@ -99,8 +99,8 @@ const AddPermissionModal = ({
         principalType: principalType.toLowerCase(),
         principalId:
           principalType.toLowerCase() === 'user'
-            ? userPrincipal?.id
+            ? userPrincipal?.uid
-            : groupPrincipal?.groupId
+            : groupPrincipal?.uid
       }
 
       permissions.push(addPermissionPayload)

web/src/containers/Settings/internal/components/permissionTable.tsx

@@ -61,7 +61,7 @@ const PermissionTable = ({
         </TableHead>
         <TableBody>
           {permissions.map((permission) => (
-            <TableRow key={permission.permissionId}>
+            <TableRow key={permission.uid}>
               <BootstrapTableCell>{permission.path}</BootstrapTableCell>
               <BootstrapTableCell>{permission.type}</BootstrapTableCell>
               <BootstrapTableCell>

web/src/containers/Settings/internal/hooks/useAddPermission.tsx

@@ -9,7 +9,7 @@ import { PermissionsContext } from '../../../../context/permissionsContext'
 import {
   findExistingPermission,
   findUpdatingPermission
-} from '../../../../utils/helper'
+} from '../../../../utils'
 
 const useAddPermission = () => {
   const {
@@ -69,7 +69,7 @@ const useAddPermission = () => {
 
     for (const permission of updatingPermissions) {
       await axios
-        .patch(`/SASjsApi/permission/${permission.permissionId}`, {
+        .patch(`/SASjsApi/permission/${permission.uid}`, {
           setting: permission.setting === 'Grant' ? 'Deny' : 'Grant'
         })
         .then((res) => {

web/src/containers/Settings/internal/hooks/useDeletePermissionModal.tsx

@@ -24,7 +24,7 @@ const useDeletePermissionModal = () => {
     setDeleteConfirmationModalOpen(false)
     setIsLoading(true)
     axios
-      .delete(`/SASjsApi/permission/${selectedPermission?.permissionId}`)
+      .delete(`/SASjsApi/permission/${selectedPermission?.uid}`)
       .then((res: any) => {
         fetchPermissions()
         setSnackbarMessage('Permission deleted!')

web/src/containers/Settings/internal/hooks/useFilterPermissions.tsx

@@ -62,21 +62,17 @@ const useFilterPermissions = () => {
         : permissions
 
     let filteredArray = uriFilteredPermissions.filter((permission) =>
-      principalFilteredPermissions.some(
+      principalFilteredPermissions.some((item) => item.uid === permission.uid)
-        (item) => item.permissionId === permission.permissionId
-      )
     )
 
     filteredArray = filteredArray.filter((permission) =>
       principalTypeFilteredPermissions.some(
-        (item) => item.permissionId === permission.permissionId
+        (item) => item.uid === permission.uid
       )
     )
 
     filteredArray = filteredArray.filter((permission) =>
-      settingFilteredPermissions.some(
+      settingFilteredPermissions.some((item) => item.uid === permission.uid)
-        (item) => item.permissionId === permission.permissionId
-      )
     )
 
     setFilteredPermissions(filteredArray)

web/src/containers/Settings/internal/hooks/useUpdatePermissionModal.tsx

@@ -24,7 +24,7 @@ const useUpdatePermissionModal = () => {
     setUpdatePermissionModalOpen(false)
     setIsLoading(true)
     axios
-      .patch(`/SASjsApi/permission/${selectedPermission?.permissionId}`, {
+      .patch(`/SASjsApi/permission/${selectedPermission?.uid}`, {
         setting
       })
       .then((res: any) => {

web/src/containers/Settings/profile.tsx

@@ -26,18 +26,20 @@ const Profile = () => {
   const [isPasswordModalOpen, setIsPasswordModalOpen] = useState(false)
 
   useEffect(() => {
-    setIsLoading(true)
+    if (appContext.userId) {
-    axios
+      setIsLoading(true)
-      .get(`/SASjsApi/user/${appContext.userId}`)
+      axios
-      .then((res: any) => {
+        .get(`/SASjsApi/user/${appContext.userId}`)
-        setUser(res.data)
+        .then((res: any) => {
-      })
+          setUser(res.data)
-      .catch((err) => {
+        })
-        console.log(err)
+        .catch((err) => {
-      })
+          console.log(err)
-      .finally(() => {
+        })
-        setIsLoading(false)
+        .finally(() => {
-      })
+          setIsLoading(false)
+        })
+    }
   }, [appContext.userId])
 
   const handleChange = (event: any) => {

web/src/containers/Studio/editor.tsx

@@ -1,4 +1,4 @@
-import React, { Dispatch, SetStateAction } from 'react'
+import { Dispatch, SetStateAction } from 'react'
 
 import {
   Backdrop,
@@ -17,10 +17,14 @@ import { TabContext, TabList, TabPanel } from '@mui/lab'
 import FilePathInputModal from '../../components/filePathInputModal'
 import FileMenu from './internal/components/fileMenu'
 import RunMenu from './internal/components/runMenu'
+import LogComponent from './internal/components/log/logComponent'
+import LogTabWithIcons from './internal/components/log/logTabWithIcons'
 
 import { usePrompt } from '../../utils/hooks'
 import { getLanguageFromExtension } from './internal/helper'
 import useEditor from './internal/hooks/useEditor'
+import { RunTimeType } from '../../context/appContext'
+import { LogObject } from '../../utils'
 
 const StyledTabPanel = styled(TabPanel)(() => ({
   padding: '10px'
@@ -108,6 +112,10 @@ const SASjsEditor = ({
     />
   )
 
+  // INFO: variable indicating if selected run type is SAS if there are any errors or warnings in the log
+  const logWithErrorsOrWarnings =
+    selectedRunTime === RunTimeType.SAS && log && typeof log === 'object'
+
   return (
     <Box sx={{ width: '100%', typography: 'body1', marginTop: '50px' }}>
       <Backdrop
@@ -145,7 +153,22 @@ const SASjsEditor = ({
           >
             <TabList onChange={handleTabChange} centered>
               <StyledTab label="Code" value="code" />
-              <StyledTab label="Log" value="log" />
+              <StyledTab
+                label={logWithErrorsOrWarnings ? '' : 'log'}
+                value="log"
+                icon={
+                  logWithErrorsOrWarnings ? (
+                    <LogTabWithIcons log={log as LogObject} />
+                  ) : (
+                    ''
+                  )
+                }
+                onClick={() => {
+                  const logWrapper = document.querySelector(`#logWrapper`)
+
+                  if (logWrapper) logWrapper.scrollTop = 0
+                }}
+              />
               <StyledTab
                 label={
                   <Tooltip title="Displays content from the _webout fileref">
@@ -195,15 +218,9 @@ const SASjsEditor = ({
             </Paper>
           </StyledTabPanel>
           <StyledTabPanel value="log">
-            <div>
+            {log && (
-              <h2>Log</h2>
+              <LogComponent log={log} selectedRunTime={selectedRunTime} />
-              <pre
+            )}
-                id="log"
-                style={{ overflow: 'auto', height: 'calc(100vh - 220px)' }}
-              >
-                {log}
-              </pre>
-            </div>
           </StyledTabPanel>
           <StyledTabPanel value="webout">
             <div>

web/src/containers/Studio/internal/components/log/log.module.css

@@ -0,0 +1,86 @@
+.ChunkHeader {
+  color: #444;
+  cursor: pointer;
+  padding: 18px;
+  width: 100%;
+  text-align: left;
+  border: none;
+  outline: none;
+  transition: 0.4s;
+  box-shadow: rgba(0, 0, 0, 0.2) 0px 2px 1px -1px,
+    rgba(0, 0, 0, 0.14) 0px 1px 1px 0px, rgba(0, 0, 0, 0.12) 0px 1px 3px 0px;
+}
+
+.ChunkDetails {
+  display: flex;
+  flex-direction: row;
+  gap: 6px;
+  align-items: center;
+}
+
+.ChunkExpandIcon {
+  margin-left: auto;
+}
+
+.ChunkBody {
+  background-color: white;
+  overflow: hidden;
+}
+
+.ChunksContainer {
+  display: flex;
+  flex-direction: column;
+  gap: 10px;
+}
+
+.LogContainer {
+  background-color: #fbfbfb;
+  border: 1px solid #e2e2e2;
+  border-radius: 3px;
+  min-height: 50px;
+  padding: 10px;
+  box-sizing: border-box;
+  white-space: pre-wrap;
+  font-family: Monaco, Courier, monospace;
+  position: relative;
+  width: 100%;
+}
+
+.LogWrapper {
+  overflow-y: auto;
+  max-height: calc(100vh - 130px);
+}
+
+.LogBody {
+  overflow: auto;
+  height: calc(100vh - 220px);
+}
+
+.TreeContainer {
+  background-color: white;
+  padding-top: 10px;
+  padding-bottom: 10px;
+}
+
+.TabContainer {
+  display: flex;
+  flex-direction: row;
+  gap: 6px;
+  align-items: center;
+}
+
+.TabDownloadIcon {
+  margin-left: 20px;
+}
+
+.HighlightedLine {
+  background-color: #f6e30599;
+}
+
+.Icon {
+  font-size: 20px !important;
+}
+
+.GreenIcon {
+  color: green;
+}

web/src/containers/Studio/internal/components/log/logChunk.tsx

@@ -0,0 +1,171 @@
+import { useState, useEffect, SyntheticEvent } from 'react'
+import { Typography } from '@mui/material'
+import Highlight from 'react-highlight'
+import { ErrorOutline, Warning } from '@mui/icons-material'
+import ContentCopyIcon from '@mui/icons-material/ContentCopy'
+import ExpandMoreIcon from '@mui/icons-material/ExpandMore'
+import CheckIcon from '@mui/icons-material/Check'
+import FileDownloadIcon from '@mui/icons-material/FileDownload'
+import {
+  defaultChunkSize,
+  parseErrorsAndWarnings,
+  LogInstance,
+  clearErrorsAndWarningsHtmlWrapping,
+  download
+} from '../../../../../utils'
+import { logStyles } from './logComponent'
+import classes from './log.module.css'
+
+interface LogChunkProps {
+  id: number
+  text: string
+  expanded: boolean
+  logLineCount: number
+  onClick: (evt: any, id: number) => void
+  scrollToLogInstance?: LogInstance
+  updated: number
+}
+
+const LogChunk = (props: LogChunkProps) => {
+  const { id, text, logLineCount } = props
+  const [scrollToLogInstance, setScrollToLogInstance] = useState(
+    props.scrollToLogInstance
+  )
+  const rowText = clearErrorsAndWarningsHtmlWrapping(text)
+  const styles = logStyles()
+  const [expanded, setExpanded] = useState(props.expanded)
+  const [copied, setCopied] = useState(false)
+
+  useEffect(() => {
+    setExpanded(props.expanded)
+  }, [props.expanded])
+
+  useEffect(() => {
+    if (props.expanded !== expanded) {
+      setExpanded(props.expanded)
+    }
+
+    if (
+      props.scrollToLogInstance &&
+      props.scrollToLogInstance !== scrollToLogInstance
+    ) {
+      setScrollToLogInstance(props.scrollToLogInstance)
+    }
+  }, [props])
+
+  useEffect(() => {
+    if (expanded && scrollToLogInstance) {
+      const { type, id } = scrollToLogInstance
+      const line = document.getElementById(`${type}_${id}`)
+      const logWrapper: HTMLDivElement | null =
+        document.querySelector(`#logWrapper`)
+      const logContainer: HTMLHeadElement | null =
+        document.querySelector(`#log_container`)
+
+      if (line && logWrapper && logContainer) {
+        line.className = classes.HighlightedLine
+
+        line.scrollIntoView({ behavior: 'smooth', block: 'start' })
+
+        setTimeout(() => {
+          line.classList.remove(classes.HighlightedLine)
+
+          setScrollToLogInstance(undefined)
+        }, 3000)
+      }
+    }
+  }, [expanded, scrollToLogInstance, props])
+
+  const { errors, warnings } = parseErrorsAndWarnings(text)
+
+  const getLineRange = (separator = ' ... ') =>
+    `${id * defaultChunkSize}${separator}${
+      (id + 1) * defaultChunkSize < logLineCount
+        ? (id + 1) * defaultChunkSize
+        : logLineCount
+    }`
+
+  return (
+    <div onClick={(evt) => props.onClick(evt, id)}>
+      <button className={classes.ChunkHeader}>
+        <Typography variant="subtitle1">
+          <div className={classes.ChunkDetails}>
+            <span>{`Lines: ${getLineRange()}`}</span>
+            {copied ? (
+              <CheckIcon
+                className={[classes.Icon, classes.GreenIcon].join(' ')}
+              />
+            ) : (
+              <ContentCopyIcon
+                className={classes.Icon}
+                onClick={(evt: SyntheticEvent) => {
+                  evt.stopPropagation()
+
+                  navigator.clipboard.writeText(rowText)
+
+                  setCopied(true)
+
+                  setTimeout(() => {
+                    setCopied(false)
+                  }, 1000)
+                }}
+              />
+            )}
+            <FileDownloadIcon
+              onClick={(evt: SyntheticEvent) => {
+                download(evt, rowText, `.${getLineRange('-')}`)
+              }}
+            />
+            {errors && errors.length !== 0 && (
+              <ErrorOutline
+                color="error"
+                className={classes.Icon}
+                onClick={() => {
+                  setScrollToLogInstance(errors[0])
+                }}
+              />
+            )}
+            {warnings && warnings.length !== 0 && (
+              <Warning
+                className={[classes.Icon, classes.GreenIcon].join(' ')}
+                onClick={(evt) => {
+                  if (expanded) evt.stopPropagation()
+
+                  setScrollToLogInstance(warnings[0])
+                }}
+              />
+            )}{' '}
+            <ExpandMoreIcon
+              className={classes.ChunkExpandIcon}
+              style={{
+                transform: expanded ? 'rotate(180deg)' : 'unset'
+              }}
+            />
+          </div>
+        </Typography>
+      </button>
+      <div
+        className={classes.ChunkBody}
+        style={{
+          display: expanded ? 'block' : 'none'
+        }}
+        onClick={(evt) => {
+          evt.stopPropagation()
+        }}
+      >
+        <div
+          id={`log_container`}
+          className={[styles.expansionDescription, classes.LogContainer].join(
+            ' '
+          )}
+        >
+          <Highlight className={'html'} innerHTML={true}>
+            {expanded ? text : ''}
+          </Highlight>
+        </div>
+      </div>
+    </div>
+  )
+}
+
+export default LogChunk

web/src/containers/Studio/internal/components/log/logComponent.tsx

@@ -0,0 +1,243 @@
+import { useEffect, useState } from 'react'
+import TreeView from '@mui/lab/TreeView'
+import TreeItem from '@mui/lab/TreeItem'
+import { ChevronRight, ExpandMore } from '@mui/icons-material'
+import { Typography } from '@mui/material'
+import { ListItemText } from '@mui/material'
+import { makeStyles } from '@mui/styles'
+import Highlight from 'react-highlight'
+import { LogObject, defaultChunkSize } from '../../../../../utils'
+import { RunTimeType } from '../../../../../context/appContext'
+import { splitIntoChunks, LogInstance } from '../../../../../utils'
+import LogChunk from './logChunk'
+import classes from './log.module.css'
+
+export const logStyles: any = makeStyles((theme: any) => ({
+  expansionDescription: {
+    [theme.breakpoints.down('sm')]: {
+      fontSize: theme.typography.pxToRem(12)
+    },
+    [theme.breakpoints.up('md')]: {
+      fontSize: theme.typography.pxToRem(16)
+    }
+  }
+}))
+
+interface LogComponentProps {
+  log: LogObject | string
+  selectedRunTime: RunTimeType | string
+}
+
+const LogComponent = (props: LogComponentProps) => {
+  const { log, selectedRunTime } = props
+  const logObject = log as LogObject
+  const logChunks = splitIntoChunks(logObject?.body || '')
+  const [logChunksState, setLogChunksState] = useState<boolean[]>(
+    new Array(logChunks.length).fill(false)
+  )
+  const [scrollToLogInstance, setScrollToLogInstance] = useState<LogInstance>()
+  const [oldestExpandedChunk, setOldestExpandedChunk] = useState<number>(
+    logChunksState.length - 1
+  )
+  const maxOpenedChunks = 2
+
+  const styles = logStyles()
+
+  const goToLogLine = (logInstance: LogInstance, ind: number) => {
+    let chunkNumber = 0
+
+    for (
+      let i = 0;
+      i <= Math.ceil(logObject.linesCount / defaultChunkSize);
+      i++
+    ) {
+      if (logInstance.line < (i + 1) * defaultChunkSize) {
+        chunkNumber = i
+
+        break
+      }
+    }
+
+    setLogChunksState((prevState) => {
+      const newState = [...prevState]
+      newState[chunkNumber] = true
+
+      const chunkToCollapse = getChunkToAutoCollapse()
+
+      if (chunkToCollapse !== undefined) {
+        newState[chunkToCollapse] = false
+      }
+
+      return newState
+    })
+
+    setScrollToLogInstance(logInstance)
+  }
+
+  useEffect(() => {
+    // INFO: expand the last chunk by default
+    setLogChunksState((prevState) => {
+      const lastChunk = prevState.length - 1
+
+      const newState = [...prevState]
+      newState[lastChunk] = true
+
+      return newState
+    })
+
+    setTimeout(() => {
+      scrollToTheBottom()
+    }, 100)
+  }, [])
+
+  // INFO: scroll to the bottom of the log
+  const scrollToTheBottom = () => {
+    const logWrapper: HTMLDivElement | null =
+      document.querySelector(`#logWrapper`)
+
+    if (logWrapper) {
+      logWrapper.scrollTop = logWrapper.scrollHeight
+    }
+  }
+
+  const getChunkToAutoCollapse = () => {
+    const openedChunks = logChunksState
+      .map((chunkState: boolean, id: number) => (chunkState ? id : undefined))
+      .filter((chunk) => chunk !== undefined)
+
+    if (openedChunks.length < maxOpenedChunks) return undefined
+    else {
+      const chunkToCollapse = oldestExpandedChunk
+      const newOldestChunk = openedChunks.filter(
+        (chunk) => chunk !== chunkToCollapse
+      )[0]
+
+      if (newOldestChunk !== undefined) {
+        setOldestExpandedChunk(newOldestChunk)
+
+        return chunkToCollapse
+      }
+
+      return undefined
+    }
+  }
+
+  const hasErrorsOrWarnings =
+    logObject.errors?.length !== 0 || logObject.warnings?.length !== 0
+  const logBody = typeof log === 'string' ? log : log.body
+
+  return (
+    <>
+      {selectedRunTime === RunTimeType.SAS && logObject.body ? (
+        <div id="logWrapper" className={classes.LogWrapper}>
+          <div>
+            {hasErrorsOrWarnings && (
+              <div className={classes.TreeContainer}>
+                <TreeView
+                  defaultCollapseIcon={<ExpandMore />}
+                  defaultExpandIcon={<ChevronRight />}
+                >
+                  {logObject.errors && logObject.errors.length !== 0 && (
+                    <TreeItem
+                      nodeId="errors"
+                      label={
+                        <Typography color="error">
+                          {`Errors (${logObject.errors.length})`}
+                        </Typography>
+                      }
+                    >
+                      {logObject.errors &&
+                        logObject.errors.map((error, ind) => (
+                          <TreeItem
+                            nodeId={`error_${ind}`}
+                            label={<ListItemText primary={error.body} />}
+                            key={`error_${ind}`}
+                            onClick={() => goToLogLine(error, ind)}
+                          />
+                        ))}
+                    </TreeItem>
+                  )}
+                  {logObject.warnings && logObject.warnings.length !== 0 && (
+                    <TreeItem
+                      nodeId="warnings"
+                      label={
+                        <Typography>{`Warnings (${logObject.warnings.length})`}</Typography>
+                      }
+                    >
+                      {logObject.warnings &&
+                        logObject.warnings.map((warning, ind) => (
+                          <TreeItem
+                            nodeId={`warning_${ind}`}
+                            label={<ListItemText primary={warning.body} />}
+                            key={`warning_${ind}`}
+                            onClick={() => goToLogLine(warning, ind)}
+                          />
+                        ))}
+                    </TreeItem>
+                  )}
+                </TreeView>
+              </div>
+            )}
+          </div>
+          <div className={classes.ChunksContainer}>
+            {Array.isArray(logChunks) ? (
+              logChunks.map((chunk: string, id: number) => (
+                <LogChunk
+                  id={id}
+                  text={chunk}
+                  expanded={logChunksState[id]}
+                  key={`log-chunk-${id}`}
+                  logLineCount={logObject.linesCount}
+                  scrollToLogInstance={scrollToLogInstance}
+                  updated={Date.now()}
+                  onClick={(_, chunkNumber) => {
+                    setLogChunksState((prevState) => {
+                      const newState = [...prevState]
+                      const expand = !newState[chunkNumber]
+
+                      newState[chunkNumber] = expand
+
+                      if (expand) {
+                        const chunkToCollapse = getChunkToAutoCollapse()
+
+                        if (chunkToCollapse !== undefined) {
+                          newState[chunkToCollapse] = false
+                        }
+                      }
+
+                      return newState
+                    })
+
+                    setScrollToLogInstance(undefined)
+                  }}
+                />
+              ))
+            ) : (
+              <Typography
+                id={`log_container`}
+                variant="h5"
+                className={[
+                  styles.expansionDescription,
+                  classes.LogContainer
+                ].join(' ')}
+              >
+                <Highlight className={'html'} innerHTML={true}>
+                  {logChunks}
+                </Highlight>
+              </Typography>
+            )}
+          </div>
+        </div>
+      ) : (
+        <div>
+          <h2>Log</h2>
+          <pre id="log" className={classes.LogBody}>
+            {logBody}
+          </pre>
+        </div>
+      )}
+    </>
+  )
+}
+
+export default LogComponent

web/src/containers/Studio/internal/components/log/logTabWithIcons.tsx

@@ -0,0 +1,41 @@
+import { ErrorOutline, Warning } from '@mui/icons-material'
+import FileDownloadIcon from '@mui/icons-material/FileDownload'
+import {
+  LogObject,
+  download,
+  clearErrorsAndWarningsHtmlWrapping
+} from '../../../../../utils'
+import Tooltip from '@mui/material/Tooltip'
+import classes from './log.module.css'
+
+interface LogTabProps {
+  log: LogObject
+}
+
+const LogTabWithIcons = (props: LogTabProps) => {
+  const { errors, warnings, body } = props.log
+
+  return (
+    <div className={classes.TabContainer}>
+      <span>log</span>
+      {errors && errors.length !== 0 && (
+        <ErrorOutline color="error" className={classes.Icon} />
+      )}
+      {warnings && warnings.length !== 0 && (
+        <Warning className={[classes.Icon, classes.GreenIcon].join(' ')} />
+      )}
+      <Tooltip
+        title="Download entire log"
+        onClick={(evt) => {
+          download(evt, clearErrorsAndWarningsHtmlWrapping(body))
+        }}
+      >
+        <FileDownloadIcon
+          className={[classes.Icon, classes.TabDownloadIcon].join(' ')}
+        />
+      </Tooltip>
+    </div>
+  )
+}
+
+export default LogTabWithIcons

web/src/containers/Studio/internal/components/runMenu.tsx

@@ -31,7 +31,10 @@ const RunMenu = ({
   handleRunBtnClick
 }: RunMenuProps) => {
   const launchProgram = () => {
-    const baseUrl = window.location.origin
+    const pathName =
+      window.location.pathname === '/' ? '' : window.location.pathname
+    const baseUrl = window.location.origin + pathName
+
     window.open(`${baseUrl}/SASjsApi/stp/execute?_program=${selectedFilePath}`)
   }
 

web/src/containers/Studio/internal/hooks/useEditor.ts

@@ -18,6 +18,7 @@ import {
   useSnackbar,
   useStateWithCallback
 } from '../../../../utils/hooks'
+import { parseErrorsAndWarnings, LogObject } from '../../../../utils'
 
 const SASJS_LOGS_SEPARATOR =
   'SASJS_LOGS_SEPARATOR_163ee17b6ff24f028928972d80a26784'
@@ -41,10 +42,12 @@ const useEditor = ({
 
   const [prevFileContent, setPrevFileContent] = useStateWithCallback('')
   const [fileContent, setFileContent] = useState('')
-  const [log, setLog] = useState('')
+  const [log, setLog] = useState<LogObject | string>()
   const [webout, setWebout] = useState('')
   const [runTimes, setRunTimes] = useState<string[]>([])
-  const [selectedRunTime, setSelectedRunTime] = useState('')
+  const [selectedRunTime, setSelectedRunTime] = useState<RunTimeType | string>(
+    ''
+  )
   const [selectedFileExtension, setSelectedFileExtension] = useState('')
   const [openFilePathInputModal, setOpenFilePathInputModal] = useState(false)
   const [showDiff, setShowDiff] = useState(false)
@@ -150,6 +153,13 @@ const useEditor = ({
   const runCode = useCallback(
     (code: string) => {
       setIsLoading(true)
+
+      // Scroll to bottom of log
+      const logElement = document.getElementById('log')
+      if (logElement) logElement.scrollTop = logElement.scrollHeight
+
+      setIsLoading(false)
+
       axios
         .post(`/SASjsApi/code/execute`, {
           code: programPathInjection(
@@ -160,8 +170,24 @@ const useEditor = ({
           runTime: selectedRunTime
         })
         .then((res: any) => {
+          if (selectedRunTime === RunTimeType.SAS) {
+            const { errors, warnings, logLines } = parseErrorsAndWarnings(
+              res.data.split(SASJS_LOGS_SEPARATOR)[1]
+            )
+
+            const log: LogObject = {
+              body: logLines.join(`\n`),
+              errors,
+              warnings,
+              linesCount: logLines.length
+            }
+
+            setLog(log)
+          } else {
+            setLog(res.data.split(SASJS_LOGS_SEPARATOR)[1] ?? '')
+          }
+
           setWebout(res.data.split(SASJS_LOGS_SEPARATOR)[0] ?? '')
-          setLog(res.data.split(SASJS_LOGS_SEPARATOR)[1] ?? '')
           setTab('log')
 
           // Scroll to bottom of log
@@ -249,7 +275,7 @@ const useEditor = ({
   }, [appContext.runTimes])
 
   useEffect(() => {
-    if (runTimes.length) setSelectedRunTime(runTimes[0])
+    if (runTimes.length) setSelectedRunTime(runTimes[0] as RunTimeType)
   }, [runTimes])
 
   useEffect(() => {
@@ -261,8 +287,10 @@ const useEditor = ({
       axios
         .get(`/SASjsApi/drive/file?_filePath=${selectedFilePath}`)
         .then((res: any) => {
-          setPrevFileContent(res.data)
+          const content =
-          setFileContent(res.data)
+            typeof res.data === 'object' ? JSON.stringify(res.data) : res.data
+          setPrevFileContent(content)
+          setFileContent(content)
         })
         .catch((err) => {
           setModalTitle('Abort')
@@ -278,7 +306,6 @@ const useEditor = ({
       const content = localStorage.getItem('fileContent') ?? ''
       setFileContent(content)
     }
-    setLog('')
     setWebout('')
     setTab('code')
     // eslint-disable-next-line react-hooks/exhaustive-deps
@@ -292,7 +319,9 @@ const useEditor = ({
 
   useEffect(() => {
     const fileExtension = selectedFileExtension.toLowerCase()
-    if (runTimes.includes(fileExtension)) setSelectedRunTime(fileExtension)
+
+    if (runTimes.includes(fileExtension))
+      setSelectedRunTime(fileExtension as RunTimeType)
   }, [selectedFileExtension, runTimes])
 
   return {

web/src/context/appContext.tsx

@@ -24,39 +24,32 @@ export enum RunTimeType {
 interface AppContextProps {
   checkingSession: boolean
   loggedIn: boolean
-  setLoggedIn: Dispatch<SetStateAction<boolean>> | null
+  setLoggedIn?: Dispatch<SetStateAction<boolean>>
   needsToUpdatePassword: boolean
-  setNeedsToUpdatePassword: Dispatch<SetStateAction<boolean>> | null
+  setNeedsToUpdatePassword?: Dispatch<SetStateAction<boolean>>
-  userId: number
+  userId?: string
-  setUserId: Dispatch<SetStateAction<number>> | null
+  setUserId?: Dispatch<SetStateAction<string | undefined>>
   username: string
-  setUsername: Dispatch<SetStateAction<string>> | null
+  setUsername?: Dispatch<SetStateAction<string>>
   displayName: string
-  setDisplayName: Dispatch<SetStateAction<string>> | null
+  setDisplayName?: Dispatch<SetStateAction<string>>
   isAdmin: boolean
-  setIsAdmin: Dispatch<SetStateAction<boolean>> | null
+  setIsAdmin?: Dispatch<SetStateAction<boolean>>
   mode: ModeType
   runTimes: RunTimeType[]
-  logout: (() => void) | null
+  logout?: () => void
 }
 
 export const AppContext = createContext<AppContextProps>({
   checkingSession: false,
   loggedIn: false,
-  setLoggedIn: null,
   needsToUpdatePassword: false,
-  setNeedsToUpdatePassword: null,
+  userId: '',
-  userId: 0,
-  setUserId: null,
   username: '',
-  setUsername: null,
   displayName: '',
-  setDisplayName: null,
   isAdmin: false,
-  setIsAdmin: null,
   mode: ModeType.Server,
-  runTimes: [],
+  runTimes: []
-  logout: null
 })
 
 const AppContextProvider = (props: { children: ReactNode }) => {
@@ -64,7 +57,7 @@ const AppContextProvider = (props: { children: ReactNode }) => {
   const [checkingSession, setCheckingSession] = useState(false)
   const [loggedIn, setLoggedIn] = useState(false)
   const [needsToUpdatePassword, setNeedsToUpdatePassword] = useState(false)
-  const [userId, setUserId] = useState(0)
+  const [userId, setUserId] = useState<string>()
   const [username, setUsername] = useState('')
   const [displayName, setDisplayName] = useState('')
   const [isAdmin, setIsAdmin] = useState(false)

web/src/index.css

@@ -12,7 +12,7 @@ code {
     monospace;
 }
 
-.main {
+.container {
   margin: 50px 10px 0 10px;
   display: flex;
   flex-direction: column;

web/src/index.tsx

@@ -9,7 +9,9 @@ import axios from 'axios'
 const NODE_ENV = process.env.NODE_ENV
 const PORT_API = process.env.PORT_API
 const baseUrl =
-  NODE_ENV === 'development' ? `http://localhost:${PORT_API ?? 5000}` : ''
+  NODE_ENV === 'development'
+    ? `http://localhost:${PORT_API ?? 5000}`
+    : window.location.origin + window.location.pathname
 
 axios.defaults = Object.assign(axios.defaults, {
   withCredentials: true,

web/src/types/declaration.d.ts

@@ -0,0 +1,4 @@
+declare module '*.module.css' {
+  const classes: { [key: string]: string }
+  export default classes
+}

web/src/utils/helper.ts

@@ -6,13 +6,13 @@ export const findExistingPermission = (
 ) => {
   for (const permission of existingPermissions) {
     if (
-      permission.user?.id === newPermission.principalId &&
+      permission.user?.uid === newPermission.principalId &&
       hasSameCombination(permission, newPermission)
     )
       return permission
 
     if (
-      permission.group?.groupId === newPermission.principalId &&
+      permission.group?.uid === newPermission.principalId &&
       hasSameCombination(permission, newPermission)
     )
       return permission
@@ -27,13 +27,13 @@ export const findUpdatingPermission = (
 ) => {
   for (const permission of existingPermissions) {
     if (
-      permission.user?.id === newPermission.principalId &&
+      permission.user?.uid === newPermission.principalId &&
       hasDifferentSetting(permission, newPermission)
     )
       return permission
 
     if (
-      permission.group?.groupId === newPermission.principalId &&
+      permission.group?.uid === newPermission.principalId &&
       hasDifferentSetting(permission, newPermission)
     )
       return permission

web/src/utils/index.ts

@@ -0,0 +1,3 @@
+export * from './log'
+export * from './types'
+export * from './helper'

web/src/utils/log.ts

@@ -0,0 +1,133 @@
+import { SyntheticEvent } from 'react'
+import { LogInstance } from './'
+
+export const parseErrorsAndWarnings = (log: string) => {
+  const logLines = log.split('\n')
+  const errorLines: LogInstance[] = []
+  const warningLines: LogInstance[] = []
+
+  logLines.forEach((line: string, index: number) => {
+    // INFO: check if content in element starts with ERROR
+    if (/<.*>ERROR/gm.test(line)) {
+      const errorLine = line.substring(line.indexOf('E'), line.length - 1)
+
+      errorLines.push({
+        body: errorLine,
+        line: index,
+        type: 'error',
+        id: errorLines.length
+      })
+    }
+
+    // INFO: check if line starts with ERROR
+    else if (/^ERROR/gm.test(line)) {
+      errorLines.push({
+        body: line,
+        line: index,
+        type: 'error',
+        id: errorLines.length
+      })
+
+      logLines[index] =
+        `<font id="error_${
+          errorLines.length - 1
+        }" style="color: red;" ref={scrollTo}>` +
+        logLines[index] +
+        '</font>'
+    }
+
+    // INFO: check if content in element starts with WARNING
+    else if (/<.*>WARNING/gm.test(line)) {
+      const warningLine = line.substring(line.indexOf('W'), line.length - 1)
+
+      warningLines.push({
+        body: warningLine,
+        line: index,
+        type: 'warning',
+        id: warningLines.length
+      })
+    }
+
+    // INFO: check if line starts with WARNING
+    else if (/^WARNING/gm.test(line)) {
+      warningLines.push({
+        body: line,
+        line: index,
+        type: 'warning',
+        id: warningLines.length
+      })
+
+      logLines[index] =
+        `<font id="warning_${warningLines.length - 1}" style="color: green;">` +
+        logLines[index] +
+        '</font>'
+    }
+  })
+
+  return { errors: errorLines, warnings: warningLines, logLines }
+}
+
+export const defaultChunkSize = 20000
+
+export const isTheLastChunk = (
+  lineCount: number,
+  chunkNumber: number,
+  chunkSize = defaultChunkSize
+) => {
+  if (lineCount <= chunkSize) return true
+
+  const chunksNumber = Math.ceil(lineCount / chunkSize)
+
+  return chunkNumber === chunksNumber
+}
+
+export const splitIntoChunks = (log: string, chunkSize = defaultChunkSize) => {
+  if (!log) return []
+
+  const logLines: string[] = log.split(`\n`)
+
+  if (logLines.length <= chunkSize) return [log]
+
+  const chunks: string[] = []
+
+  while (logLines.length) {
+    const chunk = logLines.splice(0, chunkSize)
+
+    chunks.push(chunk.join(`\n`))
+  }
+
+  return chunks
+}
+
+export const clearErrorsAndWarningsHtmlWrapping = (log: string) =>
+  log.replace(/^<font[^>]*>/gm, '').replace(/<\/font>/gm, '')
+
+export const download = (evt: SyntheticEvent, log: string, fileName = '') => {
+  evt.stopPropagation()
+
+  const padWithZero = (num: number) => (num < 9 ? `0${num}` : `${num}`)
+
+  const date = new Date()
+  const datePrefix = [
+    date.getFullYear(),
+    padWithZero(date.getMonth() + 1),
+    padWithZero(date.getDate()),
+    padWithZero(date.getHours()),
+    padWithZero(date.getMinutes()),
+    padWithZero(date.getSeconds())
+  ].join('')
+
+  const file = new Blob([log])
+  const url = URL.createObjectURL(file)
+
+  const a = document.createElement('a')
+  a.href = url
+  a.download = `${datePrefix}${fileName}.log`
+  document.body.appendChild(a)
+  a.click()
+
+  setTimeout(() => {
+    document.body.removeChild(a)
+    window.URL.revokeObjectURL(url)
+  }, 0)
+}

web/src/utils/types.ts

@@ -1,12 +1,12 @@
 export interface UserResponse {
-  id: number
+  uid: string
   username: string
   displayName: string
   isAdmin: boolean
 }
 
 export interface GroupResponse {
-  groupId: number
+  uid: string
   name: string
   description: string
 }
@@ -17,7 +17,7 @@ export interface GroupDetailsResponse extends GroupResponse {
 }
 
 export interface PermissionResponse {
-  permissionId: number
+  uid: string
   path: string
   type: string
   setting: string
@@ -30,7 +30,7 @@ export interface RegisterPermissionPayload {
   type: string
   setting: string
   principalType: string
-  principalId: number
+  principalId: string
 }
 
 export interface TreeNode {
@@ -39,3 +39,18 @@ export interface TreeNode {
   isFolder: boolean
   children: Array<TreeNode>
 }
+
+export interface LogInstance {
+  body: string
+  line: number
+  type: 'error' | 'warning'
+  id: number
+  ref?: any
+}
+
+export interface LogObject {
+  body: string
+  errors?: LogInstance[]
+  warnings?: LogInstance[]
+  linesCount: number
+}

web/tsconfig.json

@@ -14,7 +14,8 @@
     "resolveJsonModule": true,
     "isolatedModules": true,
     "noEmit": true,
-    "jsx": "react-jsx"
+    "jsx": "react-jsx",
+    "plugins": [{ "name": "typescript-plugin-css-modules" }]
   },
   "include": ["src"]
 }

web/webpack.common.ts

@@ -33,9 +33,23 @@ const config: Configuration = {
       },
       {
         test: /\.css$/,
-        exclude: ['/node_modules/'],
+        exclude: ['/node_modules/', /\.module\.css$/],
         use: ['style-loader', 'css-loader']
       },
+      {
+        test: /\.module\.css$/i,
+        use: [
+          'style-loader',
+          {
+            loader: 'css-loader',
+            options: {
+              modules: {
+                localIdentName: '[local]--[hash:base64:5]'
+              }
+            }
+          }
+        ]
+      },
       {
         test: /\.scss$/,
         exclude: ['/node_modules/'],