diff --git a/src/common/guards/modules.guard.ts b/src/common/guards/modules.guard.ts index a37e83b..6ca2907 100644 --- a/src/common/guards/modules.guard.ts +++ b/src/common/guards/modules.guard.ts @@ -6,7 +6,7 @@ import { } from '@nestjs/common'; import { Reflector } from '@nestjs/core'; import { MODULES_KEY } from '../decorators/modules-guard.decorators'; -import { Modules, Roles } from '.prisma/client'; +import { Modules } from '.prisma/client'; diff --git a/src/common/shared/role-groupes.ts b/src/common/shared/role-groupes.ts index 7f769c4..dadeaa9 100644 --- a/src/common/shared/role-groupes.ts +++ b/src/common/shared/role-groupes.ts @@ -1,20 +1,20 @@ -import { Roles as RoleEnum } from ".prisma/client"; +// import { Roles as RoleEnum } from ".prisma/client"; -export const GLOBAL_CONTROLLER_ROLES: readonly RoleEnum[] = [ - RoleEnum.EMPLOYEE, - RoleEnum.ACCOUNTING, - RoleEnum.HR, - RoleEnum.SUPERVISOR, - RoleEnum.ADMIN, -]; +// export const GLOBAL_CONTROLLER_ROLES: readonly RoleEnum[] = [ +// RoleEnum.EMPLOYEE, +// RoleEnum.ACCOUNTING, +// RoleEnum.HR, +// RoleEnum.SUPERVISOR, +// RoleEnum.ADMIN, +// ]; -export const MANAGER_ROLES: readonly RoleEnum[] = [ - RoleEnum.HR, - RoleEnum.SUPERVISOR, - RoleEnum.ADMIN, -] +// export const MANAGER_ROLES: readonly RoleEnum[] = [ +// RoleEnum.HR, +// RoleEnum.SUPERVISOR, +// RoleEnum.ADMIN, +// ] -export const PAY_SERVICE: readonly RoleEnum[] = [ - RoleEnum.HR, - RoleEnum.ACCOUNTING, -] \ No newline at end of file +// export const PAY_SERVICE: readonly RoleEnum[] = [ +// RoleEnum.HR, +// RoleEnum.ACCOUNTING, +// ] \ No newline at end of file diff --git a/src/identity-and-account/employees/controllers/employees.controller.ts b/src/identity-and-account/employees/controllers/employees.controller.ts index d1ce485..4ea15d1 100644 --- a/src/identity-and-account/employees/controllers/employees.controller.ts +++ b/src/identity-and-account/employees/controllers/employees.controller.ts @@ -7,8 +7,6 @@ import { EmployeesService } from "src/identity-and-account/employees/services/em import { ModuleAccessAllowed } from "src/common/decorators/modules-guard.decorators"; import { Modules as ModulesEnum } from ".prisma/client"; -//TODO: create a custom decorator to replace the findModuleAcces call function - @Controller('employees') export class EmployeesController { constructor(private readonly employeesService: EmployeesService) { } diff --git a/src/identity-and-account/preferences/controllers/preferences.controller.ts b/src/identity-and-account/preferences/controllers/preferences.controller.ts index b1aa246..a426c26 100644 --- a/src/identity-and-account/preferences/controllers/preferences.controller.ts +++ b/src/identity-and-account/preferences/controllers/preferences.controller.ts @@ -1,20 +1,24 @@ -import { Body, Controller, Get, Patch, Query, Req } from "@nestjs/common"; +import { Body, Controller, Get, Patch, Query } from "@nestjs/common"; import { PreferencesService } from "../services/preferences.service"; import { PreferencesDto } from "../dtos/preferences.dto"; import { Result } from "src/common/errors/result-error.factory"; import { Access } from "src/common/decorators/module-access.decorators"; +import { ModuleAccessAllowed } from "src/common/decorators/modules-guard.decorators"; +import { Modules as ModulesEnum } from ".prisma/client"; @Controller('preferences') export class PreferencesController { constructor(private readonly service: PreferencesService) { } @Patch('update') + @ModuleAccessAllowed(ModulesEnum.personal_profile) async updatePreferences(@Access('email') email: string, @Body() payload: PreferencesDto ): Promise> { return this.service.updatePreferences(email, payload); } @Get() + @ModuleAccessAllowed(ModulesEnum.personal_profile) async findPreferences(@Access('email') email: string, @Query() employee_email?: string) { return this.service.findPreferences(email, employee_email); } diff --git a/src/identity-and-account/user-module-access/controllers/module-access.controller.ts b/src/identity-and-account/user-module-access/controllers/module-access.controller.ts index 4f792a3..5e9ca0f 100644 --- a/src/identity-and-account/user-module-access/controllers/module-access.controller.ts +++ b/src/identity-and-account/user-module-access/controllers/module-access.controller.ts @@ -4,6 +4,8 @@ import { Result } from "src/common/errors/result-error.factory"; import { ModuleAccess } from "src/identity-and-account/user-module-access/dtos/module-acces.dto"; import { AccessGetService } from "src/identity-and-account/user-module-access/services/module-access-get.service"; import { AccessUpdateService } from "src/identity-and-account/user-module-access/services/module-access-update.service"; +import { ModuleAccessAllowed } from "src/common/decorators/modules-guard.decorators"; +import { Modules as ModulesEnum } from ".prisma/client"; @Controller('module_access') export class ModuleAccessController { @@ -13,24 +15,17 @@ export class ModuleAccessController { ) { } @Get() + @ModuleAccessAllowed(ModulesEnum.employee_management) async findAccess(@Access('email') email: string, @Query('employee_email') employee_email?: string ): Promise> { - const granted_access = await this.getService.findModuleAccess(email); - if (!granted_access.success) return { success: false, error: 'INVALID_USER' }; - if (!granted_access.data.employee_management) return { success: false, error: 'UNAUTHORIZED_ACCESS' }; - await this.getService.findModuleAccess(email, employee_email); return { success: true, data: true }; }; @Patch('update') + @ModuleAccessAllowed(ModulesEnum.employee_management) async updateAccess(@Access('email') email: string, @Body() dto: ModuleAccess, @Query('employee_email') employee_email?: string ): Promise> { - const granted_access = await this.getService.findModuleAccess(email); - if (!granted_access.success) return { success: false, error: 'INVALID_USER' }; - //check if credentials are enough to use this resource - if (!granted_access.data.employee_management) return { success: false, error: 'UNAUTHORIZED_ACCESS' }; - await this.updateService.updateModuleAccess(email, dto, employee_email); return { success: true, data: true }; };