fix(controller): added ModuleAccess tag
This commit is contained in:
Matthieu Haineault
parent
ebc1cd77d8
commit
68477c17b7
|
|
@ -6,7 +6,7 @@ import {
|
|||
} from '@nestjs/common';
|
||||
import { Reflector } from '@nestjs/core';
|
||||
import { MODULES_KEY } from '../decorators/modules-guard.decorators';
|
||||
import { Modules, Roles } from '.prisma/client';
|
||||
import { Modules } from '.prisma/client';
|
||||
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -1,20 +1,20 @@
|
|||
import { Roles as RoleEnum } from ".prisma/client";
|
||||
// import { Roles as RoleEnum } from ".prisma/client";
|
||||
|
||||
export const GLOBAL_CONTROLLER_ROLES: readonly RoleEnum[] = [
|
||||
RoleEnum.EMPLOYEE,
|
||||
RoleEnum.ACCOUNTING,
|
||||
RoleEnum.HR,
|
||||
RoleEnum.SUPERVISOR,
|
||||
RoleEnum.ADMIN,
|
||||
];
|
||||
// export const GLOBAL_CONTROLLER_ROLES: readonly RoleEnum[] = [
|
||||
// RoleEnum.EMPLOYEE,
|
||||
// RoleEnum.ACCOUNTING,
|
||||
// RoleEnum.HR,
|
||||
// RoleEnum.SUPERVISOR,
|
||||
// RoleEnum.ADMIN,
|
||||
// ];
|
||||
|
||||
export const MANAGER_ROLES: readonly RoleEnum[] = [
|
||||
RoleEnum.HR,
|
||||
RoleEnum.SUPERVISOR,
|
||||
RoleEnum.ADMIN,
|
||||
]
|
||||
// export const MANAGER_ROLES: readonly RoleEnum[] = [
|
||||
// RoleEnum.HR,
|
||||
// RoleEnum.SUPERVISOR,
|
||||
// RoleEnum.ADMIN,
|
||||
// ]
|
||||
|
||||
export const PAY_SERVICE: readonly RoleEnum[] = [
|
||||
RoleEnum.HR,
|
||||
RoleEnum.ACCOUNTING,
|
||||
]
|
||||
// export const PAY_SERVICE: readonly RoleEnum[] = [
|
||||
// RoleEnum.HR,
|
||||
// RoleEnum.ACCOUNTING,
|
||||
// ]
|
||||
|
|
@ -7,8 +7,6 @@ import { EmployeesService } from "src/identity-and-account/employees/services/em
|
|||
import { ModuleAccessAllowed } from "src/common/decorators/modules-guard.decorators";
|
||||
import { Modules as ModulesEnum } from ".prisma/client";
|
||||
|
||||
//TODO: create a custom decorator to replace the findModuleAcces call function
|
||||
|
||||
@Controller('employees')
|
||||
export class EmployeesController {
|
||||
constructor(private readonly employeesService: EmployeesService) { }
|
||||
|
|
|
|||
|
|
@ -1,20 +1,24 @@
|
|||
import { Body, Controller, Get, Patch, Query, Req } from "@nestjs/common";
|
||||
import { Body, Controller, Get, Patch, Query } from "@nestjs/common";
|
||||
import { PreferencesService } from "../services/preferences.service";
|
||||
import { PreferencesDto } from "../dtos/preferences.dto";
|
||||
import { Result } from "src/common/errors/result-error.factory";
|
||||
import { Access } from "src/common/decorators/module-access.decorators";
|
||||
import { ModuleAccessAllowed } from "src/common/decorators/modules-guard.decorators";
|
||||
import { Modules as ModulesEnum } from ".prisma/client";
|
||||
|
||||
@Controller('preferences')
|
||||
export class PreferencesController {
|
||||
constructor(private readonly service: PreferencesService) { }
|
||||
|
||||
@Patch('update')
|
||||
@ModuleAccessAllowed(ModulesEnum.personal_profile)
|
||||
async updatePreferences(@Access('email') email: string, @Body() payload: PreferencesDto
|
||||
): Promise<Result<PreferencesDto, string>> {
|
||||
return this.service.updatePreferences(email, payload);
|
||||
}
|
||||
|
||||
@Get()
|
||||
@ModuleAccessAllowed(ModulesEnum.personal_profile)
|
||||
async findPreferences(@Access('email') email: string, @Query() employee_email?: string) {
|
||||
return this.service.findPreferences(email, employee_email);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,6 +4,8 @@ import { Result } from "src/common/errors/result-error.factory";
|
|||
import { ModuleAccess } from "src/identity-and-account/user-module-access/dtos/module-acces.dto";
|
||||
import { AccessGetService } from "src/identity-and-account/user-module-access/services/module-access-get.service";
|
||||
import { AccessUpdateService } from "src/identity-and-account/user-module-access/services/module-access-update.service";
|
||||
import { ModuleAccessAllowed } from "src/common/decorators/modules-guard.decorators";
|
||||
import { Modules as ModulesEnum } from ".prisma/client";
|
||||
|
||||
@Controller('module_access')
|
||||
export class ModuleAccessController {
|
||||
|
|
@ -13,24 +15,17 @@ export class ModuleAccessController {
|
|||
) { }
|
||||
|
||||
@Get()
|
||||
@ModuleAccessAllowed(ModulesEnum.employee_management)
|
||||
async findAccess(@Access('email') email: string, @Query('employee_email') employee_email?: string
|
||||
): Promise<Result<boolean, string>> {
|
||||
const granted_access = await this.getService.findModuleAccess(email);
|
||||
if (!granted_access.success) return { success: false, error: 'INVALID_USER' };
|
||||
if (!granted_access.data.employee_management) return { success: false, error: 'UNAUTHORIZED_ACCESS' };
|
||||
|
||||
await this.getService.findModuleAccess(email, employee_email);
|
||||
return { success: true, data: true };
|
||||
};
|
||||
|
||||
@Patch('update')
|
||||
@ModuleAccessAllowed(ModulesEnum.employee_management)
|
||||
async updateAccess(@Access('email') email: string, @Body() dto: ModuleAccess, @Query('employee_email') employee_email?: string
|
||||
): Promise<Result<boolean, string>> {
|
||||
const granted_access = await this.getService.findModuleAccess(email);
|
||||
if (!granted_access.success) return { success: false, error: 'INVALID_USER' };
|
||||
//check if credentials are enough to use this resource
|
||||
if (!granted_access.data.employee_management) return { success: false, error: 'UNAUTHORIZED_ACCESS' };
|
||||
|
||||
await this.updateService.updateModuleAccess(email, dto, employee_email);
|
||||
return { success: true, data: true };
|
||||
};
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user