refactor(nestjs): Implement users module

packages/server/src/modules/UsersModule/Users.application.ts

@@ -0,0 +1,122 @@
+import { Injectable } from '@nestjs/common';
+import { ActivateUserService } from './commands/ActivateUser.service';
+import { DeleteUserService } from './commands/DeleteUser.service';
+import { EditUserService } from './commands/EditUser.service';
+import { InactivateUserService } from './commands/InactivateUser.service';
+import { GetUserService } from './queries/GetUser.service';
+import { AcceptInviteUserService } from './commands/AcceptInviteUser.service';
+import { EditUserDto } from './dtos/EditUser.dto';
+import { InviteUserDto, SendInviteUserDto } from './dtos/InviteUser.dto';
+import { GetUsersService } from './queries/GetUsers.service';
+import { InviteTenantUserService } from './commands/InviteUser.service';
+
+@Injectable()
+export class UsersApplication {
+  constructor(
+    private readonly activateUserService: ActivateUserService,
+    private readonly deleteUserService: DeleteUserService,
+    private readonly editUserService: EditUserService,
+    private readonly inactivateUserService: InactivateUserService,
+    private readonly getUserService: GetUserService,
+    private readonly getUsersService: GetUsersService,
+    private readonly acceptInviteUserService: AcceptInviteUserService,
+    private readonly inviteservice: InviteTenantUserService,
+  ) {}
+
+  /**
+   * Activates a user.
+   * @param {number} userId - User ID to activate.
+   * @returns {Promise<void>}
+   */
+  async activateUser(userId: number): Promise<void> {
+    return this.activateUserService.activateUser(userId);
+  }
+
+  /**
+   * Inactivates a user.
+   * @param {number} tenantId - Tenant ID.
+   * @param {number} userId - User ID to inactivate.
+   * @param {ModelObject<TenantUser>} authorizedUser - The user performing the action.
+   * @returns {Promise<void>}
+   */
+  async inactivateUser(userId: number): Promise<void> {
+    return this.inactivateUserService.inactivateUser(userId);
+  }
+
+  /**
+   * Edits a user's details.
+   * @param {number} userId - User ID to edit.
+   * @param {IEditUserDTO} editUserDTO - User data to update.
+   * @returns {Promise<void>}
+   */
+  async editUser(userId: number, editUserDTO: EditUserDto): Promise<void> {
+    return this.editUserService.editUser(userId, editUserDTO);
+  }
+
+  /**
+   * Deletes a user (soft delete).
+   * @param {number} tenantId - Tenant ID.
+   * @param {number} userId - User ID to delete.
+   * @returns {Promise<void>}
+   */
+  async deleteUser(userId: number): Promise<void> {
+    return this.deleteUserService.deleteUser(userId);
+  }
+
+  /**
+   * Gets a user by ID.
+   * @param {number} userId - User ID to retrieve.
+   * @returns {Promise<any>} User details.
+   */
+  async getUser(userId: number): Promise<any> {
+    return this.getUserService.getUser(userId);
+  }
+
+  /**
+   * Gets users list based on the given filter.
+   */
+  async getUsers() {
+    return this.getUsersService.getUsers();
+  }
+
+  /**
+   * Accepts a user invitation.
+   * @param {string} token - Invitation token.
+   * @param {IInviteUserInput} inviteUserDTO - User data for accepting the invitation.
+   * @returns {Promise<void>}
+   */
+  async acceptInvite(
+    token: string,
+    inviteUserDTO: InviteUserDto,
+  ): Promise<void> {
+    return this.acceptInviteUserService.acceptInvite(token, inviteUserDTO);
+  }
+
+  /**
+   * Checks if an invitation token is valid.
+   * @param {string} token - Invitation token to validate.
+   * @returns {Promise<{ inviteToken: any; orgName: string }>} Invitation details.
+   */
+  async checkInvite(
+    token: string,
+  ): Promise<{ inviteToken: any; orgName: string }> {
+    return this.acceptInviteUserService.checkInvite(token);
+  }
+  /**
+   * Sends an invitation to a new user.
+   * @param {IUserSendInviteDTO} sendInviteDTO - User invitation data.
+   * @returns {Promise<{ invitedUser: ITenantUser }>} The invited user details.
+   */
+  async sendInvite(sendInviteDTO: SendInviteUserDto) {
+    return this.inviteservice.sendInvite(sendInviteDTO);
+  }
+
+  /**
+   * Resends an invitation to an existing user.
+   * @param {number} userId - ID of the user to resend invitation to.
+   * @returns {Promise<{ user: ITenantUser }>} The user details.
+   */
+  async resendInvite(userId: number) {
+    return this.inviteservice.resendInvite(userId);
+  }
+}

packages/server/src/modules/UsersModule/Users.constants.ts

@@ -0,0 +1,20 @@
+export const ERRORS = {
+  CANNOT_DELETE_LAST_USER: 'CANNOT_DELETE_LAST_USER',
+  USER_ALREADY_ACTIVE: 'USER_ALREADY_ACTIVE',
+  USER_ALREADY_INACTIVE: 'USER_ALREADY_INACTIVE',
+  EMAIL_ALREADY_EXISTS: 'EMAIL_ALREADY_EXISTS',
+  PHONE_NUMBER_ALREADY_EXIST: 'PHONE_NUMBER_ALREADY_EXIST',
+  USER_NOT_FOUND: 'USER_NOT_FOUND',
+  USER_SAME_THE_AUTHORIZED_USER: 'USER_SAME_THE_AUTHORIZED_USER',
+  CANNOT_AUTHORIZED_USER_MUTATE_ROLE: 'CANNOT_AUTHORIZED_USER_MUTATE_ROLE',
+
+  EMAIL_ALREADY_INVITED: 'EMAIL_ALREADY_INVITED',
+  INVITE_TOKEN_INVALID: 'INVITE_TOKEN_INVALID',
+  PHONE_NUMBER_EXISTS: 'PHONE_NUMBER_EXISTS',
+  EMAIL_EXISTS: 'EMAIL_EXISTS',
+  EMAIL_NOT_EXISTS: 'EMAIL_NOT_EXISTS',
+  USER_RECENTLY_INVITED: 'USER_RECENTLY_INVITED',
+};
+
+export const SendInviteUserMailQueue = 'SendInviteUserMailQueue';
+export const SendInviteUserMailJob = 'SendInviteUserMailJob';

packages/server/src/modules/UsersModule/Users.controller.ts

@@ -0,0 +1,100 @@
+import {
+  Body,
+  Controller,
+  Delete,
+  Get,
+  Param,
+  Post,
+  Put,
+  Query,
+} from '@nestjs/common';
+import { ApiOperation, ApiTags } from '@nestjs/swagger';
+import { UsersApplication } from './Users.application';
+import { EditUserDto } from './dtos/EditUser.dto';
+
+@Controller('users')
+@ApiTags('users')
+export class UsersController {
+  constructor(private readonly usersApplication: UsersApplication) {}
+
+  /**
+   * Edit details of the given user.
+   */
+  @Post(':id')
+  @ApiOperation({ summary: 'Edit details of the given user.' })
+  async editUser(
+    @Param('id') userId: number,
+    @Body() editUserDTO: EditUserDto,
+  ) {
+    await this.usersApplication.editUser(userId, editUserDTO);
+
+    return {
+      id: userId,
+      message: 'The user has been edited successfully.',
+    };
+  }
+
+  /**
+   * Soft deleting the given user.
+   */
+  @Delete(':id')
+  @ApiOperation({ summary: 'Soft deleting the given user.' })
+  async deleteUser(@Param('id') userId: number) {
+    await this.usersApplication.deleteUser(userId);
+
+    return {
+      id: userId,
+      message: 'The user has been deleted successfully.',
+    };
+  }
+
+  /**
+   * Retrieve user details of the given user id.
+   */
+  @Get(':id')
+  @ApiOperation({ summary: 'Retrieve user details of the given user id.' })
+  async getUser(@Param('id') userId: number) {
+    return this.usersApplication.getUser(userId);
+  }
+
+  /**
+   * Retrieve the list of users.
+   */
+  @Get()
+  @ApiOperation({ summary: 'Retrieve the list of users.' })
+  async listUsers(
+    @Query('page_size') pageSize?: number,
+    @Query('page') page?: number,
+  ) {
+    return this.usersApplication.getUsers();
+  }
+
+  /**
+   * Activate the given user.
+   */
+  @Put(':id/activate')
+  @ApiOperation({ summary: 'Activate the given user.' })
+  async activateUser(@Param('id') userId: number) {
+    await this.usersApplication.activateUser(userId);
+
+    return {
+      id: userId,
+      message: 'The user has been activated successfully.',
+    };
+  }
+
+  /**
+   * Inactivate the given user.
+   */
+  @Put(':id/inactivate')
+  @ApiOperation({ summary: 'Inactivate the given user.' })
+  async inactivateUser(@Param('id') userId: number) {
+    await this.usersApplication.inactivateUser(userId);
+
+    return {
+      id: userId,
+      message: 'The user has been inactivated successfully.',
+    };
+  }
+
+}

packages/server/src/modules/UsersModule/Users.module.ts

@@ -0,0 +1,46 @@
+import { Module } from '@nestjs/common';
+import { ActivateUserService } from './commands/ActivateUser.service';
+import { DeleteUserService } from './commands/DeleteUser.service';
+import { EditUserService } from './commands/EditUser.service';
+import { InactivateUserService } from './commands/InactivateUser.service';
+import { GetUserService } from './queries/GetUser.service';
+import { PurgeUserAbilityCacheSubscriber } from './subscribers/PurgeUserAbilityCache.subscriber';
+import { SyncTenantUserDeleteSubscriber } from './subscribers/SyncTenantUserDeleted.subscriber';
+import { SyncTenantUserMutateSubscriber } from './subscribers/SyncTenantUserSaved.subscriber';
+import { SyncSystemSendInviteSubscriber } from './subscribers/SyncSystemSendInvite.subscriber';
+import { SyncTenantAcceptInviteSubscriber } from './subscribers/SyncTenantAcceptInvite.subscriber';
+import { UsersController } from './Users.controller';
+import { UserInvite } from './models/InviteUser.model';
+import { TenancyModule } from '../Tenancy/Tenancy.module';
+import { UsersApplication } from './Users.application';
+import { GetUsersService } from './queries/GetUsers.service';
+import { AcceptInviteUserService } from './commands/AcceptInviteUser.service';
+import { InviteTenantUserService } from './commands/InviteUser.service';
+import { UsersInviteController } from './UsersInvite.controller';
+import { InjectSystemModel } from '../System/SystemModels/SystemModels.module';
+
+const models = [InjectSystemModel(UserInvite)];
+
+@Module({
+  imports: [TenancyModule],
+  exports: [...models],
+  providers: [
+    ...models,
+    ActivateUserService,
+    DeleteUserService,
+    EditUserService,
+    InactivateUserService,
+    GetUserService,
+    GetUsersService,
+    AcceptInviteUserService,
+    InviteTenantUserService,
+    PurgeUserAbilityCacheSubscriber,
+    SyncTenantUserDeleteSubscriber,
+    SyncTenantUserMutateSubscriber,
+    SyncSystemSendInviteSubscriber,
+    SyncTenantAcceptInviteSubscriber,
+    UsersApplication
+  ],
+  controllers: [UsersController, UsersInviteController],
+})
+export class UsersModule {}

packages/server/src/modules/UsersModule/Users.types.ts

@@ -0,0 +1,65 @@
+import { ModelObject } from 'objection';
+import { TenantUser } from '../Tenancy/TenancyModels/models/TenantUser.model';
+import { EditUserDto } from './dtos/EditUser.dto';
+import { UserInvite } from './models/InviteUser.model';
+import { SystemUser } from '../System/models/SystemUser';
+import { InviteUserDto } from './dtos/InviteUser.dto';
+import { TenantModel } from '../System/models/TenantModel';
+import { TenantJobPayload } from '@/interfaces/Tenant';
+
+export interface ITenantUserEditedPayload {
+  userId: number;
+  editUserDTO: EditUserDto;
+  tenantUser: ModelObject<TenantUser>;
+  oldTenantUser: ModelObject<TenantUser>;
+}
+
+export interface ITenantUserActivatedPayload {
+  userId: number;
+  tenantUser: ModelObject<TenantUser>;
+}
+
+export interface ITenantUserInactivatedPayload {
+  userId: number;
+  tenantUser: ModelObject<TenantUser>;
+}
+
+export interface ITenantUserDeletedPayload {
+  userId: number;
+  tenantUser: ModelObject<TenantUser>;
+}
+
+export interface IUserInvitedEventPayload {
+  inviteToken: string;
+  user: ModelObject<TenantUser>;
+}
+export interface IUserInviteTenantSyncedEventPayload {
+  invite: ModelObject<UserInvite>;
+  user: ModelObject<TenantUser>;
+}
+
+export interface IUserInviteResendEventPayload {
+  inviteToken: string;
+  user: ModelObject<TenantUser>;
+}
+
+export interface IAcceptInviteEventPayload {
+  inviteToken: ModelObject<UserInvite>;
+  user: ModelObject<SystemUser>;
+  inviteUserDTO: InviteUserDto;
+}
+
+export interface ICheckInviteEventPayload {
+  inviteToken: ModelObject<UserInvite>;
+  tenant: ModelObject<TenantModel>;
+}
+
+export interface IUserSendInviteDTO {
+  email: string;
+  roleId: number;
+}
+
+export interface SendInviteUserMailJobPayload extends TenantJobPayload {
+  fromUser: ModelObject<TenantUser>;
+  invite: ModelObject<UserInvite>;
+}

packages/server/src/modules/UsersModule/UsersInvite.controller.ts

@@ -0,0 +1,65 @@
+import { Body, Controller, Get, Param, Post } from '@nestjs/common';
+import { ApiOperation, ApiTags } from '@nestjs/swagger';
+import { UsersApplication } from './Users.application';
+import { InviteUserDto, SendInviteUserDto } from './dtos/InviteUser.dto';
+
+@Controller('invite')
+@ApiTags('users')
+export class UsersInviteController {
+  constructor(private readonly usersApplication: UsersApplication) {}
+
+  /**
+   * Accept a user invitation.
+   */
+  @Post('accept/:token')
+  @ApiOperation({ summary: 'Accept a user invitation.' })
+  async acceptInvite(
+    @Param('token') token: string,
+    @Body() inviteUserDTO: InviteUserDto,
+  ) {
+    await this.usersApplication.acceptInvite(token, inviteUserDTO);
+
+    return {
+      message: 'The invitation has been accepted successfully.',
+    };
+  }
+
+  /**
+   * Check if an invitation token is valid.
+   */
+  @Get('check/:token')
+  @ApiOperation({ summary: 'Check if an invitation token is valid.' })
+  async checkInvite(@Param('token') token: string) {
+    const inviteDetails = await this.usersApplication.checkInvite(token);
+
+    return inviteDetails;
+  }
+
+  /**
+   * Send an invitation to a new user.
+   */
+  @Post()
+  @ApiOperation({ summary: 'Send an invitation to a new user.' })
+  async sendInvite(@Body() sendInviteDTO: SendInviteUserDto) {
+    const result = await this.usersApplication.sendInvite(sendInviteDTO);
+
+    return {
+      invitedUser: result.invitedUser,
+      message: 'The invitation has been sent successfully.',
+    };
+  }
+
+  /**
+   * Resend an invitation to an existing user.
+   */
+  @Post('users/:id/resend')
+  @ApiOperation({ summary: 'Resend an invitation to an existing user.' })
+  async resendInvite(@Param('id') userId: number) {
+    const result = await this.usersApplication.resendInvite(userId);
+
+    return {
+      user: result.user,
+      message: 'The invitation has been resent successfully.',
+    };
+  }
+}

packages/server/src/modules/UsersModule/commands/AcceptInviteUser.service.ts

@@ -0,0 +1,139 @@
+import { Inject, Injectable } from '@nestjs/common';
+import * as moment from 'moment';
+import { EventEmitter2 } from '@nestjs/event-emitter';
+import {
+  IAcceptInviteEventPayload,
+  ICheckInviteEventPayload,
+} from '../Users.types';
+import { SystemUser } from '@/modules/System/models/SystemUser';
+import { events } from '@/common/events/events';
+import { hashPassword } from '@/modules/Auth/Auth.utils';
+import { TenantModel } from '@/modules/System/models/TenantModel';
+import { ServiceError } from '@/modules/Items/ServiceError';
+import { ERRORS } from '../Users.constants';
+import { UserInvite } from '../models/InviteUser.model';
+import { ModelObject } from 'objection';
+import { InviteUserDto } from '../dtos/InviteUser.dto';
+
+@Injectable()
+export class AcceptInviteUserService {
+  constructor(
+    @Inject(SystemUser.name)
+    private readonly systemUserModel: typeof SystemUser,
+
+    @Inject(TenantModel.name)
+    private readonly tenantModel: typeof TenantModel,
+
+    @Inject(UserInvite.name)
+    private readonly userInviteModel: typeof UserInvite,
+    private readonly eventEmitter: EventEmitter2,
+  ) {}
+
+  /**
+   * Accept the received invite.
+   * @param {string} token
+   * @param {IInviteUserInput} inviteUserInput
+   * @throws {ServiceErrors}
+   * @returns {Promise<void>}
+   */
+  public async acceptInvite(
+    token: string,
+    inviteUserDTO: InviteUserDto,
+  ): Promise<void> {
+    // Retrieve the invite token or throw not found error.
+    const inviteToken = await this.getInviteTokenOrThrowError(token);
+
+    // Hash the given password.
+    const hashedPassword = await hashPassword(inviteUserDTO.password);
+
+    // Retrieve the system user.
+    const user = await this.systemUserModel
+      .query()
+      .findOne('email', inviteToken.email);
+
+    // Sets the invited user details after invite accepting.
+    const systemUser = await this.systemUserModel
+      .query()
+      .updateAndFetchById(inviteToken.userId, {
+        ...inviteUserDTO,
+        inviteAcceptedAt: moment().format('YYYY-MM-DD'),
+        password: hashedPassword,
+      });
+    // Clear invite token by the given user id.
+    await this.clearInviteTokensByUserId(inviteToken.userId);
+
+    // Triggers `onUserAcceptInvite` event.
+    await this.eventEmitter.emitAsync(events.inviteUser.acceptInvite, {
+      inviteToken,
+      user: systemUser,
+      inviteUserDTO,
+    } as IAcceptInviteEventPayload);
+  }
+
+  /**
+   * Validate the given invite token.
+   * @param {string} token - the given token string.
+   * @throws {ServiceError}
+   */
+  public async checkInvite(
+    token: string,
+  ): Promise<{ inviteToken: ModelObject<UserInvite>; orgName: string }> {
+    const inviteToken = await this.getInviteTokenOrThrowError(token);
+
+    // Find the tenant that associated to the given token.
+    const tenant = await this.tenantModel
+      .query()
+      .findById(inviteToken.tenantId)
+      .withGraphFetched('metadata');
+
+    // Triggers `onUserCheckInvite` event.
+    await this.eventEmitter.emitAsync(events.inviteUser.checkInvite, {
+      inviteToken,
+      tenant,
+    } as ICheckInviteEventPayload);
+
+    return { inviteToken, orgName: tenant.metadata.name };
+  }
+
+  /**
+   * Retrieve invite model from the given token or throw error.
+   * @param {string} token - Then given token string.
+   * @throws {ServiceError}
+   * @returns {Invite}
+   */
+  private getInviteTokenOrThrowError = async (
+    token: string,
+  ): Promise<ModelObject<UserInvite>> => {
+    const inviteToken = await this.userInviteModel
+      .query()
+      .modify('notExpired')
+      .findOne('token', token);
+
+    if (!inviteToken) {
+      throw new ServiceError(ERRORS.INVITE_TOKEN_INVALID);
+    }
+    return inviteToken;
+  };
+
+  /**
+   * Validate the given user email and phone number uniquine.
+   * @param {IInviteUserInput} inviteUserInput
+   */
+  private validateUserPhoneNumberNotExists = async (
+    phoneNumber: string,
+  ): Promise<void> => {
+    const foundUser = await SystemUser.query().findOne({ phoneNumber });
+
+    if (foundUser) {
+      throw new ServiceError(ERRORS.PHONE_NUMBER_EXISTS);
+    }
+  };
+
+  /**
+   * Clear invite tokens of the given user id.
+   * @param {number} userId - User id.
+   */
+  private clearInviteTokensByUserId = async (userId: number) => {
+    await this.userInviteModel.query().where('user_id', userId).delete();
+  };
+}

packages/server/src/modules/UsersModule/commands/ActivateUser.service.ts

@@ -0,0 +1,76 @@
+import { events } from '@/common/events/events';
+import { ServiceError } from '@/modules/Items/ServiceError';
+import { TenantModelProxy } from '@/modules/System/models/TenantBaseModel';
+import { TenancyContext } from '@/modules/Tenancy/TenancyContext.service';
+import { TenantUser } from '@/modules/Tenancy/TenancyModels/models/TenantUser.model';
+import { Inject, Injectable } from '@nestjs/common';
+import { EventEmitter2 } from '@nestjs/event-emitter';
+import { ERRORS } from '../Users.constants';
+import { ModelObject } from 'objection';
+import { SystemUser } from '@/modules/System/models/SystemUser';
+import { ITenantUserActivatedPayload } from '../Users.types';
+
+@Injectable()
+export class ActivateUserService {
+  constructor(
+    @Inject(TenantUser.name)
+    private readonly tenantUserModel: TenantModelProxy<typeof TenantUser>,
+    private readonly tenancyContext: TenancyContext,
+    private readonly eventEmitter: EventEmitter2,
+  ) {}
+
+  /**
+   * Activate the given user id.
+   * @param {number} userId - User id.
+   * @return {Promise<void>}
+   */
+  public async activateUser(userId: number): Promise<void> {
+    const authorizedUser = await this.tenancyContext.getSystemUser();
+
+    // Throw service error if the given user is equals the authorized user.
+    this.throwErrorIfUserSameAuthorizedUser(userId, authorizedUser);
+
+    // Retrieve the user or throw not found service error.
+    const tenantUser = await this.tenantUserModel().query().findById(userId);
+
+    // Throw serivce error if the user is already activated.
+    this.throwErrorIfUserActive(tenantUser);
+
+    // Marks the tenant user as active.
+    await this.tenantUserModel()
+      .query()
+      .findById(userId)
+      .update({ active: true });
+
+    // Triggers `onTenantUserActivated` event.
+    await this.eventEmitter.emitAsync(events.tenantUser.onActivated, {
+      userId,
+      tenantUser,
+    } as ITenantUserActivatedPayload);
+  }
+
+  /**
+   * Throws service error in case the user was already active.
+   * @param {ISystemUser} user
+   * @throws {ServiceError}
+   */
+  private throwErrorIfUserActive(user: ModelObject<TenantUser>) {
+    if (user.active) {
+      throw new ServiceError(ERRORS.USER_ALREADY_ACTIVE);
+    }
+  }
+
+  /**
+   * Throw service error in case the given user same the authorized user.
+   * @param {number} userId
+   * @param {ModelObject<TenantUser>} authorizedUser
+   */
+  private throwErrorIfUserSameAuthorizedUser(
+    userId: number,
+    authorizedUser: ModelObject<SystemUser>,
+  ) {
+    if (userId === authorizedUser.id) {
+      throw new ServiceError(ERRORS.USER_SAME_THE_AUTHORIZED_USER);
+    }
+  }
+}

packages/server/src/modules/UsersModule/commands/DeleteUser.service.ts

@@ -0,0 +1,54 @@
+import { EventEmitter2 } from '@nestjs/event-emitter';
+import { Inject, Injectable } from '@nestjs/common';
+import { TenantModelProxy } from '@/modules/System/models/TenantBaseModel';
+import { TenantUser } from '@/modules/Tenancy/TenancyModels/models/TenantUser.model';
+import { ITenantUserDeletedPayload } from '../Users.types';
+import { events } from '@/common/events/events';
+import { ServiceError } from '@/modules/Items/ServiceError';
+import { ERRORS } from '../Users.constants';
+
+@Injectable()
+export class DeleteUserService {
+  constructor(
+    @Inject(TenantUser.name)
+    private readonly tenantUserModel: TenantModelProxy<typeof TenantUser>,
+    private readonly eventEmitter: EventEmitter2,
+  ) {}
+
+  /**
+   * Deletes the given user id.
+   * @param {number} userId - User id.
+   */
+  async deleteUser(userId: number): Promise<void> {
+    // Retrieve user details or throw not found service error.
+    const tenantUser = await this.tenantUserModel().query().findById(userId);
+
+    // Validate the delete user should not be the last active user.
+    if (tenantUser.isInviteAccepted) {
+      await this.validateNotLastUserDelete();
+    }
+    // Delete user from the storage.
+    await this.tenantUserModel().query().findById(userId).delete();
+
+    // Triggers `onTenantUserDeleted` event.
+    await this.eventEmitter.emitAsync(events.tenantUser.onDeleted, {
+      userId,
+      tenantUser,
+    } as ITenantUserDeletedPayload);
+  }
+
+  /**
+   * Validate the delete user should not be the last user.
+   * @param {number} tenantId
+   */
+  private async validateNotLastUserDelete() {
+    const inviteAcceptedUsers = await this.tenantUserModel()
+      .query()
+      .select(['id'])
+      .whereNotNull('invite_accepted_at');
+
+    if (inviteAcceptedUsers.length === 1) {
+      throw new ServiceError(ERRORS.CANNOT_DELETE_LAST_USER);
+    }
+  }
+}

packages/server/src/modules/UsersModule/commands/EditUser.service.ts

@@ -0,0 +1,102 @@
+import { Inject, Injectable } from '@nestjs/common';
+import { EventEmitter2 } from '@nestjs/event-emitter';
+import { events } from '@/common/events/events';
+import { TenantModelProxy } from '@/modules/System/models/TenantBaseModel';
+import { TenantUser } from '@/modules/Tenancy/TenancyModels/models/TenantUser.model';
+import { ITenantUserEditedPayload } from '../Users.types';
+import { EditUserDto } from '../dtos/EditUser.dto';
+import { ServiceError } from '@/modules/Items/ServiceError';
+import { ERRORS } from '../Users.constants';
+import { ModelObject } from 'objection';
+import { SystemUser } from '@/modules/System/models/SystemUser';
+import { TenancyContext } from '@/modules/Tenancy/TenancyContext.service';
+
+@Injectable()
+export class EditUserService {
+  constructor(
+    @Inject(TenantUser.name)
+    private readonly tenantUserModel: TenantModelProxy<typeof TenantUser>,
+    private readonly eventEmitter: EventEmitter2,
+    private readonly tenancyContext: TenancyContext,
+  ) {}
+
+  /**
+   * Creates a new user.
+   * @param {number} userId - User id.
+   * @param {IUserDTO} editUserDTO - Edit user DTO.
+   * @return {Promise<ISystemUser>}
+   */
+  public async editUser(
+    userId: number,
+    editUserDTO: EditUserDto,
+  ): Promise<any> {
+    const { email } = editUserDTO;
+    const authorizedUser = await this.tenancyContext.getSystemUser();
+
+    // Retrieve the tenant user or throw not found service error.
+    const oldTenantUser = await this.tenantUserModel()
+      .query()
+      .findById(userId)
+      .throwIfNotFound();
+
+    // Validate cannot mutate the authorized user.
+    this.validateMutateRoleNotAuthorizedUser(
+      oldTenantUser,
+      editUserDTO,
+      authorizedUser,
+    );
+    // Validate user email should be unique.
+    await this.validateUserEmailUniquiness(email, userId);
+
+    // Updates the tenant user.
+    const tenantUser = await this.tenantUserModel()
+      .query()
+      .updateAndFetchById(userId, {
+        ...editUserDTO,
+      });
+    // Triggers `onTenantUserEdited` event.
+    await this.eventEmitter.emitAsync(events.tenantUser.onEdited, {
+      userId,
+      editUserDTO,
+      tenantUser,
+      oldTenantUser,
+    } as ITenantUserEditedPayload);
+
+    return tenantUser;
+  }
+
+  /**
+   * Validate the given user email should be unique in the storage.
+   * @param {string} email - User email.
+   * @param {number} userId - User id.
+   */
+  async validateUserEmailUniquiness(email: string, userId: number) {
+    const userByEmail = await this.tenantUserModel()
+      .query()
+      .findOne('email', email)
+      .whereNot('id', userId);
+
+    if (userByEmail) {
+      throw new ServiceError(ERRORS.EMAIL_ALREADY_EXISTS);
+    }
+  }
+
+  /**
+   * Validate the authorized user cannot mutate its role.
+   * @param {ITenantUser} oldTenantUser - Old tenant user.
+   * @param {IEditUserDTO} editUserDTO - Edit user dto.
+   * @param {ISystemUser} authorizedUser - Authorized user.
+   */
+  validateMutateRoleNotAuthorizedUser(
+    oldTenantUser: ModelObject<TenantUser>,
+    editUserDTO: EditUserDto,
+    authorizedUser: ModelObject<SystemUser>,
+  ) {
+    if (
+      authorizedUser.id === oldTenantUser.systemUserId &&
+      editUserDTO.roleId !== oldTenantUser.roleId
+    ) {
+      throw new ServiceError(ERRORS.CANNOT_AUTHORIZED_USER_MUTATE_ROLE);
+    }
+  }
+}

packages/server/src/modules/UsersModule/commands/InactivateUser.service.ts

@@ -0,0 +1,83 @@
+import { Inject, Injectable } from '@nestjs/common';
+import { EventEmitter2 } from '@nestjs/event-emitter';
+import { ModelObject } from 'objection';
+import { ServiceError } from '@/modules/Items/ServiceError';
+import { TenantModelProxy } from '@/modules/System/models/TenantBaseModel';
+import { TenantUser } from '@/modules/Tenancy/TenancyModels/models/TenantUser.model';
+import { ERRORS } from '../Users.constants';
+import { ITenantUserInactivatedPayload } from '../Users.types';
+import { TenancyContext } from '@/modules/Tenancy/TenancyContext.service';
+import { events } from '@/common/events/events';
+
+@Injectable()
+export class InactivateUserService {
+  constructor(
+    @Inject(TenantUser.name)
+    private readonly tenantUserModel: TenantModelProxy<typeof TenantUser>,
+
+    private readonly eventEmitter: EventEmitter2,
+    private readonly tenancyContext: TenancyContext,
+  ) {}
+
+  /**
+   * Inactivate the given user id.
+   * @param {number} userId
+   * @return {Promise<void>}
+   */
+  public async inactivateUser(userId: number): Promise<void> {
+    const authorizedUser = await this.tenancyContext.getSystemUser();
+    const authorizedTenantUser = await this.tenantUserModel()
+      .query()
+      .findOne({ systemUserId: authorizedUser.id })
+      .throwIfNotFound();
+
+    // Throw service error if the given user is equals the authorized user.
+    this.throwErrorIfUserSameAuthorizedUser(userId, authorizedTenantUser);
+
+    // Retrieve the user or throw not found service error.
+    const tenantUser = await this.tenantUserModel()
+      .query()
+      .findById(userId)
+      .throwIfNotFound();
+
+    // Throw serivce error if the user is already inactivated.
+    this.throwErrorIfUserInactive(tenantUser);
+
+    // Marks the tenant user as active.
+    await this.tenantUserModel()
+      .query()
+      .findById(userId)
+      .update({ active: true });
+
+    // Triggers `onTenantUserActivated` event.
+    await this.eventEmitter.emitAsync(events.tenantUser.onInactivated, {
+      userId,
+      tenantUser,
+    } as ITenantUserInactivatedPayload);
+  }
+
+  /**
+   * Throw service error in case the given user same the authorized user.
+   * @param {number} userId
+   * @param {ModelObject<TenantUser>} authorizedUser
+   */
+  private throwErrorIfUserSameAuthorizedUser(
+    userId: number,
+    authorizedUser: ModelObject<TenantUser>,
+  ) {
+    if (userId === authorizedUser.id) {
+      throw new ServiceError(ERRORS.USER_SAME_THE_AUTHORIZED_USER);
+    }
+  }
+
+  /**
+   * Throws service error in case the user was already inactive.
+   * @param {ModelObject<TenantUser>} user
+   * @throws {ServiceError}
+   */
+  private throwErrorIfUserInactive(user: ModelObject<TenantUser>) {
+    if (!user.active) {
+      throw new ServiceError(ERRORS.USER_ALREADY_INACTIVE);
+    }
+  }
+}

packages/server/src/modules/UsersModule/commands/InviteUser.service.ts

@@ -0,0 +1,149 @@
+import { Inject, Injectable } from '@nestjs/common';
+import * as uniqid from 'uniqid';
+import * as moment from 'moment';
+import {
+  IUserSendInviteDTO,
+  IUserInvitedEventPayload,
+  IUserInviteResendEventPayload,
+} from '../Users.types';
+import { ERRORS } from '../Users.constants';
+import { ServiceError } from '@/modules/Items/ServiceError';
+import { TenantModelProxy } from '@/modules/System/models/TenantBaseModel';
+import { TenantUser } from '@/modules/Tenancy/TenancyModels/models/TenantUser.model';
+import { EventEmitter2 } from '@nestjs/event-emitter';
+import { events } from '@/common/events/events';
+import { Role } from '@/modules/Roles/models/Role.model';
+import { ModelObject } from 'objection';
+import { SendInviteUserDto } from '../dtos/InviteUser.dto';
+
+@Injectable()
+export class InviteTenantUserService {
+  constructor(
+    private readonly eventEmitter: EventEmitter2,
+
+    @Inject(TenantUser.name)
+    private readonly tenantUserModel: TenantModelProxy<typeof TenantUser>,
+
+    @Inject(Role.name)
+    private readonly roleModel: TenantModelProxy<typeof Role>,
+  ) {}
+
+  /**
+   * Sends invite mail to the given email from the given tenant and user.
+   * @param {string} email -
+   * @param {IUser} authorizedUser -
+   * @return {Promise<IUserInvite>}
+   */
+  public async sendInvite(sendInviteDTO: SendInviteUserDto): Promise<{
+    invitedUser: TenantUser;
+  }> {
+    // Get the given role or throw not found service error.
+    const role = await this.roleModel().query().findById(sendInviteDTO.roleId);
+
+    // Validates the given email not exists on the storage.
+    await this.validateUserEmailNotExists(sendInviteDTO.email);
+
+    // Generates a new invite token.
+    const inviteToken = uniqid();
+
+    // Creates and fetches a tenant user.
+    const user = await this.tenantUserModel().query().insertAndFetch({
+      email: sendInviteDTO.email,
+      roleId: sendInviteDTO.roleId,
+      active: true,
+      invitedAt: new Date(),
+    });
+    // Triggers `onUserSendInvite` event.
+    await this.eventEmitter.emitAsync(events.inviteUser.sendInvite, {
+      inviteToken,
+      user,
+    } as IUserInvitedEventPayload);
+
+    return { invitedUser: user };
+  }
+
+  /**
+   * Re-send user invite.
+   * @param {number} tenantId -
+   * @param {string} email -
+   * @return {Promise<{ invite: IUserInvite }>}
+   */
+  public async resendInvite(userId: number): Promise<{ user: ModelObject<TenantUser> }> {
+    // Retrieve the user by id or throw not found service error.
+    const user = await this.getUserByIdOrThrowError(userId);
+
+    // Validate the user is not invited recently.
+    this.validateUserInviteThrottle(user);
+
+    // Validate the given user is not accepted yet.
+    this.validateInviteUserNotAccept(user);
+
+    // Generates a new invite token.
+    const inviteToken = uniqid();
+
+    // Triggers `onUserSendInvite` event.
+    await this.eventEmitter.emitAsync(events.inviteUser.resendInvite, {
+      user,
+      inviteToken,
+    } as IUserInviteResendEventPayload);
+
+    return { user };
+  }
+
+  /**
+   * Validate the given user has no active invite token.
+   * @param {number} tenantId
+   * @param {number} userId - User id.
+   */
+  private validateInviteUserNotAccept = (user: ModelObject<TenantUser>) => {
+    // Throw the error if the one invite tokens is still active.
+    if (user.inviteAcceptedAt) {
+      throw new ServiceError(ERRORS.USER_RECENTLY_INVITED);
+    }
+  };
+
+  /**
+   * Validates user invite is not invited recently before specific time point.
+   * @param {ITenantUser} user
+   */
+  private validateUserInviteThrottle = (user: ModelObject<TenantUser>) => {
+    const PARSE_FORMAT = 'M/D/YYYY, H:mm:ss A';
+    const beforeTime = moment().subtract(5, 'minutes');
+
+    if (moment(user.invitedAt, PARSE_FORMAT).isAfter(beforeTime)) {
+      throw new ServiceError(ERRORS.USER_RECENTLY_INVITED);
+    }
+  };
+
+  /**
+   * Retrieve the given user by id or throw not found service error.
+   * @param {number} userId - User id.
+   */
+  private getUserByIdOrThrowError = async (
+    userId: number,
+  ): Promise<TenantUser> => {
+    // Retrieve the tenant user.
+    const user = await this.tenantUserModel().query().findById(userId);
+
+    // Throw if the user not found.
+    if (!user) {
+      throw new ServiceError(ERRORS.USER_NOT_FOUND);
+    }
+    return user;
+  };
+
+  /**
+   * Throws error in case the given user email not exists on the storage.
+   * @param {string} email
+   * @throws {ServiceError}
+   */
+  private async validateUserEmailNotExists(email: string): Promise<void> {
+    const foundUser = await this.tenantUserModel()
+      .query()
+      .findOne('email', email);
+
+    if (foundUser) {
+      throw new ServiceError(ERRORS.EMAIL_EXISTS);
+    }
+  }
+}

packages/server/src/modules/UsersModule/commands/SendInviteUsersMailMessage.service.ts

@@ -0,0 +1,55 @@
+import * as path from 'path';
+import { Injectable } from '@nestjs/common';
+import { ConfigService } from '@nestjs/config';
+import { ModelObject } from 'objection';
+import { Mail } from '@/modules/Mail/Mail';
+import { MailTransporter } from '@/modules/Mail/MailTransporter.service';
+import { SystemUser } from '@/modules/System/models/SystemUser';
+import { TenancyContext } from '@/modules/Tenancy/TenancyContext.service';
+import { UserInvite } from '../models/InviteUser.model';
+import { TenantUser } from '@/modules/Tenancy/TenancyModels/models/TenantUser.model';
+
+@Injectable()
+export class SendInviteUsersMailMessage {
+  constructor(
+    private readonly mailTransporter: MailTransporter,
+    private readonly tenancyContext: TenancyContext,
+    private readonly configService: ConfigService,
+  ) {}
+
+  /**
+   * Sends invite mail to the given email.
+   * @param {ModelObject<TenantUser>} user
+   * @param {ModelObject<UserInvite>} invite
+   */
+  async sendInviteMail(
+    fromUser: ModelObject<TenantUser>,
+    invite: ModelObject<UserInvite>,
+  ) {
+    const tenant = await this.tenancyContext.getTenant(true);
+    const root = path.join(global.__views_dir, '/images/bigcapital.png');
+    const baseURL = this.configService.get('baseURL');
+
+    const mail = new Mail()
+      .setSubject(`${fromUser.firstName} has invited you to join a Bigcapital`)
+      .setView('mail/UserInvite.html')
+      .setTo(invite.email)
+      .setAttachments([
+        {
+          filename: 'bigcapital.png',
+          path: root,
+          cid: 'bigcapital_logo',
+        },
+      ])
+      .setData({
+        root,
+        acceptUrl: `${baseURL}/auth/invite/${invite.token}/accept`,
+        fullName: `${fromUser.firstName} ${fromUser.lastName}`,
+        firstName: fromUser.firstName,
+        lastName: fromUser.lastName,
+        email: fromUser.email,
+        organizationName: tenant.metadata.name,
+      });
+    this.mailTransporter.send(mail);
+  }
+}

packages/server/src/modules/UsersModule/dtos/EditUser.dto.ts

@@ -0,0 +1,16 @@
+import { IsEmail, IsNotEmpty } from 'class-validator';
+
+export class EditUserDto {
+  @IsNotEmpty()
+  firstName: string;
+
+  @IsNotEmpty()
+  lastName: string;
+
+  @IsEmail()
+  @IsNotEmpty()
+  email: string;
+
+  @IsNotEmpty()
+  roleId: number;
+}

packages/server/src/modules/UsersModule/dtos/InviteUser.dto.ts

@@ -0,0 +1,26 @@
+import { IsNotEmpty, IsNumber, IsString } from 'class-validator';
+
+export class InviteUserDto {
+  @IsString()
+  @IsNotEmpty()
+  firstName: string;
+
+  @IsString()
+  @IsNotEmpty()
+  lastName: string;
+
+  @IsString()
+  @IsNotEmpty()
+  password: string;
+}
+
+
+export class SendInviteUserDto {
+  @IsString()
+  @IsNotEmpty()
+  email: string;
+
+  @IsNumber()
+  @IsNotEmpty()
+  roleId: number;
+}

packages/server/src/modules/UsersModule/models/InviteUser.model.ts

@@ -0,0 +1,35 @@
+import moment from 'moment';
+import { BaseModel } from '@/models/Model';
+
+export class UserInvite extends BaseModel {
+  token!: string;
+  userId!: number;
+  tenantId!: number;
+  email!: string;
+
+  /**
+   * Table name.
+   */
+  static get tableName() {
+    return 'user_invites';
+  }
+
+  /**
+   * Timestamps columns.
+   */
+  get timestamps() {
+    return ['createdAt'];
+  }
+
+  /**
+   * Model modifiers.
+   */
+  static get modifiers() {
+    return {
+      notExpired(query) {
+        const comp = moment().subtract(24, 'hours').toMySqlDateTime();
+        query.where('created_at', '>=', comp);
+      },
+    };
+  }
+}

packages/server/src/modules/UsersModule/processors/SendInviteUserMail.processor.ts

@@ -0,0 +1,39 @@
+import { JOB_REF, Process, Processor } from '@nestjs/bull';
+import { Job } from 'bull';
+import { Inject, Scope } from '@nestjs/common';
+import { REQUEST } from '@nestjs/core';
+import { ClsService, UseCls } from 'nestjs-cls';
+import {
+  SendInviteUserMailJob,
+  SendInviteUserMailQueue,
+} from '../Users.constants';
+import { SendInviteUserMailJobPayload } from '../Users.types';
+import { SendInviteUsersMailMessage } from '../commands/SendInviteUsersMailMessage.service';
+
+@Processor({
+  name: SendInviteUserMailQueue,
+  scope: Scope.REQUEST,
+})
+export class SendInviteUserMailProcessor {
+  constructor(
+    private readonly sendInviteUsersMailService: SendInviteUsersMailMessage,
+    @Inject(REQUEST) private readonly request: Request,
+    @Inject(JOB_REF)
+    private readonly jobRef: Job<SendInviteUserMailJobPayload>,
+    private readonly clsService: ClsService,
+  ) {}
+
+  @Process(SendInviteUserMailJob)
+  async handleSendInviteMail() {
+    const { fromUser, invite, organizationId, userId } = this.jobRef.data;
+
+    this.clsService.set('organizationId', organizationId);
+    this.clsService.set('userId', userId);
+
+    try {
+      await this.sendInviteUsersMailService.sendInviteMail(fromUser, invite);
+    } catch (error) {
+      console.log(error);
+    }
+  }
+}

packages/server/src/modules/UsersModule/queries/GetUser.service.ts

@@ -0,0 +1,24 @@
+import { SystemUser } from '@/modules/System/models/SystemUser';
+import { TenantModelProxy } from '@/modules/System/models/TenantBaseModel';
+import { TenantUser } from '@/modules/Tenancy/TenancyModels/models/TenantUser.model';
+import { Inject, Injectable } from '@nestjs/common';
+
+@Injectable()
+export class GetUserService {
+  constructor(
+    @Inject(TenantUser.name)
+    private readonly tenantUserModel: TenantModelProxy<typeof TenantUser>,
+  ) {}
+
+  /**
+   * Retrieve the given user details.
+   * @param {number} tenantId - Tenant id.
+   * @param {number} userId - User id.
+   */
+  public async getUser(userId: number) {
+    // Retrieve the system user.
+    const user = await this.tenantUserModel().query().findById(userId);
+
+    return user;
+  }
+}

packages/server/src/modules/UsersModule/queries/GetUsers.service.ts

@@ -0,0 +1,26 @@
+import { TenantModelProxy } from '@/modules/System/models/TenantBaseModel';
+import { TenantUser } from '@/modules/Tenancy/TenancyModels/models/TenantUser.model';
+import { TransformerInjectable } from '@/modules/Transformer/TransformerInjectable.service';
+import { Inject } from '@nestjs/common';
+import { UserTransformer } from './User.transformer';
+
+export class GetUsersService {
+  constructor(
+    @Inject(TenantUser.name)
+    private readonly tenantUserModel: TenantModelProxy<typeof TenantUser>,
+    private readonly transformerInjectable: TransformerInjectable,
+  ) {}
+
+  /**
+   * Retrieve users list based on the given filter.
+   * @param {object} filter
+   */
+  public async getUsers() {
+    const users = await this.tenantUserModel().query().withGraphFetched('role');
+
+    return this.transformerInjectable.transform(
+      users,
+      new UserTransformer(),
+    );
+  }
+}

packages/server/src/modules/UsersModule/queries/User.transformer.ts

@@ -0,0 +1,50 @@
+import { Transformer } from '@/modules/Transformer/Transformer';
+
+export class UserTransformer extends Transformer {
+  /**
+   * Exclude these attributes from user object.
+   * @returns {Array}
+   */
+  public excludeAttributes = (): string[] => {
+    return ['role'];
+  };
+
+  /**
+   * Includeded attributes.
+   * @returns {string[]}
+   */
+  public includeAttributes = (): string[] => {
+    return ['roleName', 'roleDescription', 'roleSlug'];
+  };
+
+  /**
+   * Retrieves the localized role name if is predefined or stored name.
+   * @param role
+   * @returns {string}
+   */
+  public roleName(user) {
+    return user.role.predefined
+      ? this.context.i18n.t(user.role.name)
+      : user.role.name;
+  }
+
+  /**
+   * Retrieves the localized role description if is predefined or stored description.
+   * @param user
+   * @returns {string}
+   */
+  public roleDescription(user) {
+    return user.role.predefined
+      ? this.context.i18n.t(user.role.description)
+      : user.role.description;
+  }
+
+  /**
+   * Retrieves the role slug.
+   * @param user
+   * @returns {string}
+   */
+  public roleSlug(user) {
+    return user.role.slug;
+  }
+}

packages/server/src/modules/UsersModule/subscribers/InviteSendMailNotification.subscriber.ts

@@ -0,0 +1,46 @@
+import { Injectable } from '@nestjs/common';
+import { InjectQueue } from '@nestjs/bull';
+import { Queue } from 'bull';
+import { events } from '@/common/events/events';
+import { OnEvent } from '@nestjs/event-emitter';
+import {
+  IUserInviteTenantSyncedEventPayload,
+  SendInviteUserMailJobPayload,
+} from '../Users.types';
+import {
+  SendInviteUserMailJob,
+  SendInviteUserMailQueue,
+} from '../Users.constants';
+import { TenancyContext } from '@/modules/Tenancy/TenancyContext.service';
+
+@Injectable()
+export default class InviteSendMainNotificationSubscribe {
+  constructor(
+    @InjectQueue(SendInviteUserMailQueue)
+    private readonly sendInviteMailQueue: Queue,
+    private readonly tenancyContext: TenancyContext,
+  ) {}
+
+  /**
+   * Sends mail notification.
+   * @param {IUserInvitedEventPayload} payload
+   */
+  @OnEvent(events.inviteUser.sendInviteTenantSynced)
+  async sendMailNotification({
+    invite,
+    user,
+  }: IUserInviteTenantSyncedEventPayload) {
+    const tenant = await this.tenancyContext.getTenant();
+    const authedUser = await this.tenancyContext.getSystemUser();
+
+    const organizationId = tenant.organizationId;
+    const userId = authedUser.id;
+
+    this.sendInviteMailQueue.add(SendInviteUserMailJob, {
+      fromUser: user,
+      invite,
+      userId,
+      organizationId,
+    } as SendInviteUserMailJobPayload);
+  }
+}

packages/server/src/modules/UsersModule/subscribers/PurgeUserAbilityCache.subscriber.ts

@@ -0,0 +1,29 @@
+import {
+  ITenantUserInactivatedPayload,
+  ITenantUserActivatedPayload,
+  ITenantUserDeletedPayload,
+  ITenantUserEditedPayload,
+} from '../Users.types';
+import { OnEvent } from '@nestjs/event-emitter';
+import { Injectable } from '@nestjs/common';
+import { events } from '@/common/events/events';
+import { ABILITIES_CACHE } from '@/modules/Roles/TenantAbilities';
+
+@Injectable()
+export class PurgeUserAbilityCacheSubscriber {
+  /**
+   * Purges authorized user ability once the user mutate.
+   */
+  @OnEvent(events.tenantUser.onEdited)
+  @OnEvent(events.tenantUser.onActivated)
+  @OnEvent(events.tenantUser.onInactivated)
+  purgeAuthorizedUserAbility({
+    tenantUser,
+  }:
+    | ITenantUserInactivatedPayload
+    | ITenantUserActivatedPayload
+    | ITenantUserDeletedPayload
+    | ITenantUserEditedPayload) {
+    ABILITIES_CACHE.del(tenantUser.systemUserId);
+  }
+}

packages/server/src/modules/UsersModule/subscribers/SyncSystemSendInvite.subscriber.ts

@@ -0,0 +1,106 @@
+
+import { EventEmitter2, OnEvent } from '@nestjs/event-emitter';
+import { Inject, Injectable } from '@nestjs/common';
+import {
+  IUserInvitedEventPayload,
+  IUserInviteResendEventPayload,
+  IUserInviteTenantSyncedEventPayload,
+} from '../Users.types';
+import { events } from '@/common/events/events';
+import { TenantModelProxy } from '@/modules/System/models/TenantBaseModel';
+import { TenantUser } from '@/modules/Tenancy/TenancyModels/models/TenantUser.model';
+import { UserInvite } from '../models/InviteUser.model';
+import { SystemUser } from '@/modules/System/models/SystemUser';
+import { TenancyContext } from '@/modules/Tenancy/TenancyContext.service';
+
+@Injectable()
+export class SyncSystemSendInviteSubscriber {
+  constructor(
+    @Inject(TenantUser.name)
+    private readonly tenantUserModel: TenantModelProxy<typeof TenantUser>,
+
+    @Inject(SystemUser.name)
+    private readonly systemUserModel: typeof SystemUser,
+
+    @Inject(UserInvite.name)
+    private readonly inviteModel: typeof UserInvite,
+    private readonly eventEmitter: EventEmitter2,
+    private readonly tenancyContext: TenancyContext
+  ) {}
+
+  /**
+   * Syncs send invite to system user.
+   * @param {IUserInvitedEventPayload} payload -
+   */
+  @OnEvent(events.inviteUser.sendInvite)
+  async syncSendInviteSystem({ inviteToken, user }: IUserInvitedEventPayload) {
+    const authorizedUser = await this.tenancyContext.getSystemUser();
+    const tenantId = authorizedUser.tenantId;
+
+    // Creates a new system user.
+    const systemUser = await this.systemUserModel.query().insert({
+      email: user.email,
+      active: user.active,
+      tenantId,
+
+      // Email should be verified since the user got the invite token through email.
+      verified: true,
+    });
+    // Creates a invite user token.
+    const invite = await this.inviteModel.query().insert({
+      email: user.email,
+      tenantId,
+      userId: systemUser.id,
+      token: inviteToken,
+    });
+    // Links the tenant user with created system user.
+    await this.tenantUserModel().query().findById(user.id).patch({
+      systemUserId: systemUser.id,
+    });
+    // Triggers `onUserSendInviteTenantSynced` event.
+    await this.eventEmitter.emitAsync(
+      events.inviteUser.sendInviteTenantSynced,
+      {
+        invite,
+        user,
+      } as IUserInviteTenantSyncedEventPayload,
+    );
+  }
+
+  /**
+   * Syncs resend invite to system user.
+   * @param {IUserInviteResendEventPayload} payload -
+   */
+  @OnEvent(events.inviteUser.resendInvite)
+  async syncResendInviteSystemUser({
+    inviteToken,
+    user,
+  }: IUserInviteResendEventPayload) {
+    const authorizedUser = await this.tenancyContext.getSystemUser();
+    const tenantId = authorizedUser.tenantId;
+
+    // Clear all invite tokens of the given user id.
+    await this.clearInviteTokensByUserId(tenantId, user.systemUserId);
+
+    const invite = await this.inviteModel.query().insert({
+      email: user.email,
+      tenantId,
+      userId: user.systemUserId,
+      token: inviteToken,
+    });
+  }
+
+  /**
+   * Clear invite tokens of the given user id.
+   * @param {number} userId - User id.
+   */
+  private clearInviteTokensByUserId = async (tenantId: number, userId: number) => {
+    await this.inviteModel
+      .query()
+      .where({
+        userId,
+        tenantId,
+      })
+      .delete();
+  };
+}

packages/server/src/modules/UsersModule/subscribers/SyncTenantAcceptInvite.subscriber.ts

@@ -0,0 +1,35 @@
+import { omit } from 'lodash';
+import * as moment from 'moment';
+import { Inject, Injectable } from '@nestjs/common';
+import { OnEvent } from '@nestjs/event-emitter';
+import { TenantModelProxy } from '@/modules/System/models/TenantBaseModel';
+import { TenantUser } from '@/modules/Tenancy/TenancyModels/models/TenantUser.model';
+import { events } from '@/common/events/events';
+import { IAcceptInviteEventPayload } from '../Users.types';
+
+@Injectable()
+export class SyncTenantAcceptInviteSubscriber {
+  constructor(
+    @Inject(TenantUser.name)
+    private readonly tenantUserModel: TenantModelProxy<typeof TenantUser>,
+  ) {}
+
+  /**
+   * Syncs accept invite to tenant user.
+   * @param {IAcceptInviteEventPayload} payload -
+   */
+  @OnEvent(events.inviteUser.acceptInvite)
+  async syncTenantAcceptInvite({
+    inviteToken,
+    user,
+    inviteUserDTO,
+  }: IAcceptInviteEventPayload) {
+    await this.tenantUserModel()
+      .query()
+      .where('systemUserId', inviteToken.userId)
+      .update({
+        ...omit(inviteUserDTO, ['password']),
+        inviteAcceptedAt: moment().format('YYYY-MM-DD'),
+      });
+  }
+}

packages/server/src/modules/UsersModule/subscribers/SyncTenantUserDeleted.subscriber.ts

@@ -0,0 +1,27 @@
+import { events } from '@/common/events/events';
+import { SystemUser } from '@/modules/System/models/SystemUser';
+import { Inject, Injectable } from '@nestjs/common';
+import { OnEvent } from '@nestjs/event-emitter';
+import { ITenantUserDeletedPayload } from '../Users.types';
+
+@Injectable()
+export class SyncTenantUserDeleteSubscriber {
+  constructor(
+    @Inject(SystemUser.name)
+    private readonly systemUserModel: typeof SystemUser,
+  ) {}
+
+  /**
+   * Deletes the system user once tenant user be deleted.
+   * @param {ITenantUserDeletedPayload} payload -
+   */
+  @OnEvent(events.tenantUser.onDeleted)
+  async syncSystemUserOnceUserDeleted({
+    tenantUser,
+  }: ITenantUserDeletedPayload) {
+    await this.systemUserModel
+      .query()
+      .where('id', tenantUser.systemUserId)
+      .delete();
+  }
+}

packages/server/src/modules/UsersModule/subscribers/SyncTenantUserSaved.subscriber.ts

@@ -0,0 +1,69 @@
+import { pick } from 'lodash';
+import { Inject, Injectable } from '@nestjs/common';
+import {
+  ITenantUserActivatedPayload,
+  ITenantUserEditedPayload,
+  ITenantUserInactivatedPayload,
+} from '../Users.types'
+import { OnEvent } from '@nestjs/event-emitter';
+import { SystemUser } from '@/modules/System/models/SystemUser';
+import { events } from '@/common/events/events';
+
+@Injectable()
+export class SyncTenantUserMutateSubscriber {
+  constructor(
+    @Inject(SystemUser.name)
+    private readonly systemUserModel: typeof SystemUser,
+  ) {}
+
+  /**
+   * @param {ITenantUserEditedPayload} payload
+   */
+  @OnEvent(events.tenantUser.onEdited)
+  async syncSystemUserOnceEdited({ tenantUser }: ITenantUserEditedPayload) {
+    await this.systemUserModel
+      .query()
+      .where('id', tenantUser.systemUserId)
+      .patch({
+        ...pick(tenantUser, [
+          'firstName',
+          'lastName',
+          'email',
+          'active',
+          'phoneNumber',
+        ]),
+      });
+  }
+
+  /**
+   * Syncs activate system user.
+   * @param {ITenantUserInactivatedPayload} payload -
+   */
+  @OnEvent(events.tenantUser.onActivated)
+  async syncSystemUserOnceActivated({
+    tenantUser,
+  }: ITenantUserInactivatedPayload) {
+    await this.systemUserModel
+      .query()
+      .where('id', tenantUser.systemUserId)
+      .patch({
+        active: true,
+      });
+  }
+
+  /**
+   * Syncs inactivate system user.
+   * @param {ITenantUserActivatedPayload} payload -
+   */
+  @OnEvent(events.tenantUser.onInactivated)
+  async syncSystemUserOnceInactivated({
+    tenantUser,
+  }: ITenantUserActivatedPayload) {
+    await this.systemUserModel
+      .query()
+      .where('id', tenantUser.systemUserId)
+      .patch({
+        active: false,
+      });
+  }
+}