add role handler for namespaces
This commit is contained in:
OxSaitama
parent
6111321649
commit
8b1934d49e
@ -7,6 +7,7 @@ import { Customer } from "le-coffre-resources/dist/Admin";
|
||||
import { validateOrReject } from "class-validator";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
import roleHandler from "@App/middlewares/RolesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -18,7 +19,7 @@ export default class CustomersController extends ApiController {
|
||||
/**
|
||||
* @description Get all customers
|
||||
*/
|
||||
@Get("/api/v1/admin/customers", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/admin/customers", [authHandler, roleHandler, ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -70,7 +71,7 @@ export default class CustomersController extends ApiController {
|
||||
/**
|
||||
* @description Modify a specific customer by uid
|
||||
*/
|
||||
@Put("/api/v1/admin/customers/:uid", [authHandler, ruleHandler])
|
||||
@Put("/api/v1/admin/customers/:uid", [authHandler, roleHandler, ruleHandler])
|
||||
protected async put(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -111,7 +112,7 @@ export default class CustomersController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific customer by uid
|
||||
*/
|
||||
@Get("/api/v1/admin/customers/:uid", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/admin/customers/:uid", [authHandler, roleHandler, ruleHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -9,6 +9,7 @@ import { validateOrReject } from "class-validator";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
import deedTypeHandler from "@App/middlewares/OfficeMembershipHandlers/DeedTypeHandler";
|
||||
import roleHandler from "@App/middlewares/RolesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -21,7 +22,7 @@ export default class DeedTypesController extends ApiController {
|
||||
* @description Get all deedtypes
|
||||
* @returns Deedtype[] list of deedtypes
|
||||
*/
|
||||
@Get("/api/v1/admin/deed-types", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/admin/deed-types", [authHandler, roleHandler, ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -65,7 +66,7 @@ export default class DeedTypesController extends ApiController {
|
||||
* @description Create a new deedtype
|
||||
* @returns Deedtype created
|
||||
*/
|
||||
@Post("/api/v1/admin/deed-types", [authHandler, ruleHandler, deedTypeHandler])
|
||||
@Post("/api/v1/admin/deed-types", [authHandler, roleHandler, ruleHandler, deedTypeHandler])
|
||||
protected async post(req: Request, response: Response) {
|
||||
try {
|
||||
//init DeedType resource with request body values
|
||||
@ -99,7 +100,7 @@ export default class DeedTypesController extends ApiController {
|
||||
* @description Modify a specific deedtype by uid
|
||||
* @returns Deedtype modified
|
||||
*/
|
||||
@Put("/api/v1/admin/deed-types/:uid", [authHandler, ruleHandler, deedTypeHandler])
|
||||
@Put("/api/v1/admin/deed-types/:uid", [authHandler, roleHandler, ruleHandler, deedTypeHandler])
|
||||
protected async put(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -141,7 +142,7 @@ export default class DeedTypesController extends ApiController {
|
||||
* @description Get a specific deedtype by uid
|
||||
* @returns IDeedtype
|
||||
*/
|
||||
@Get("/api/v1/admin/deed-types/:uid", [authHandler, ruleHandler, deedTypeHandler])
|
||||
@Get("/api/v1/admin/deed-types/:uid", [authHandler, roleHandler, ruleHandler, deedTypeHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -9,6 +9,7 @@ import { validateOrReject } from "class-validator";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
import deedHandler from "@App/middlewares/OfficeMembershipHandlers/DeedHandler";
|
||||
import roleHandler from "@App/middlewares/RolesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -21,7 +22,7 @@ export default class DeedsController extends ApiController {
|
||||
* @description Get all deeds
|
||||
* @returns Deed[] list of deeds
|
||||
*/
|
||||
@Get("/api/v1/admin/deeds", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/admin/deeds", [authHandler, roleHandler, ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -52,7 +53,7 @@ export default class DeedsController extends ApiController {
|
||||
* @description Get a specific deed by uid
|
||||
* @returns Deed
|
||||
*/
|
||||
@Get("/api/v1/admin/deeds/:uid", [authHandler, ruleHandler, deedHandler])
|
||||
@Get("/api/v1/admin/deeds/:uid", [authHandler, roleHandler, ruleHandler, deedHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -87,7 +88,7 @@ export default class DeedsController extends ApiController {
|
||||
/**
|
||||
* @description Modify a specific deed by uid
|
||||
*/
|
||||
@Put("/api/v1/admin/deeds/:uid", [authHandler, ruleHandler, deedHandler])
|
||||
@Put("/api/v1/admin/deeds/:uid", [authHandler, roleHandler, ruleHandler, deedHandler])
|
||||
protected async put(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -10,6 +10,7 @@ import { validateOrReject } from "class-validator";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
import documentTypeHandler from "@App/middlewares/OfficeMembershipHandlers/DocumentTypeHandler";
|
||||
import roleHandler from "@App/middlewares/RolesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -21,7 +22,7 @@ export default class DocumentTypesController extends ApiController {
|
||||
/**
|
||||
* @description Get all document-types
|
||||
*/
|
||||
@Get("/api/v1/admin/document-types", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/admin/document-types", [authHandler, roleHandler, ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -53,7 +54,7 @@ export default class DocumentTypesController extends ApiController {
|
||||
/**
|
||||
* @description Create a new documentType
|
||||
*/
|
||||
@Post("/api/v1/admin/document-types", [authHandler, ruleHandler, documentTypeHandler])
|
||||
@Post("/api/v1/admin/document-types", [authHandler, roleHandler, ruleHandler, documentTypeHandler])
|
||||
protected async post(req: Request, response: Response) {
|
||||
try {
|
||||
//init DocumentType resource with request body values
|
||||
@ -77,7 +78,7 @@ export default class DocumentTypesController extends ApiController {
|
||||
/**
|
||||
* @description Modify a specific documentType by uid
|
||||
*/
|
||||
@Put("/api/v1/admin/document-types/:uid", [authHandler, ruleHandler, documentTypeHandler])
|
||||
@Put("/api/v1/admin/document-types/:uid", [authHandler, roleHandler, ruleHandler, documentTypeHandler])
|
||||
protected async put(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -9,6 +9,7 @@ import { validateOrReject } from "class-validator";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
import documentHandler from "@App/middlewares/OfficeMembershipHandlers/DocumentHandler";
|
||||
import roleHandler from "@App/middlewares/RolesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -21,7 +22,7 @@ export default class DocumentsController extends ApiController {
|
||||
* @description Get all documents
|
||||
* @returns IDocument[] list of documents
|
||||
*/
|
||||
@Get("/api/v1/admin/documents", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/admin/documents", [authHandler, roleHandler, ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -52,7 +53,7 @@ export default class DocumentsController extends ApiController {
|
||||
* @description Create a new document
|
||||
* @returns IDocument created
|
||||
*/
|
||||
@Post("/api/v1/admin/documents", [authHandler, ruleHandler, documentHandler])
|
||||
@Post("/api/v1/admin/documents", [authHandler, roleHandler, ruleHandler, documentHandler])
|
||||
protected async post(req: Request, response: Response) {
|
||||
try {
|
||||
//init Document resource with request body values
|
||||
@ -80,7 +81,7 @@ export default class DocumentsController extends ApiController {
|
||||
/**
|
||||
* @description Update a specific document
|
||||
*/
|
||||
@Put("/api/v1/admin/documents/:uid", [authHandler, ruleHandler, documentHandler])
|
||||
@Put("/api/v1/admin/documents/:uid", [authHandler, roleHandler, ruleHandler, documentHandler])
|
||||
protected async update(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -119,7 +120,7 @@ export default class DocumentsController extends ApiController {
|
||||
/**
|
||||
* @description Delete a specific document
|
||||
*/
|
||||
@Delete("/api/v1/admin/documents/:uid", [authHandler, ruleHandler, documentHandler])
|
||||
@Delete("/api/v1/admin/documents/:uid", [authHandler, roleHandler, ruleHandler, documentHandler])
|
||||
protected async delete(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -152,7 +153,7 @@ export default class DocumentsController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific document by uid
|
||||
*/
|
||||
@Get("/api/v1/admin/documents/:uid", [authHandler, ruleHandler, documentHandler])
|
||||
@Get("/api/v1/admin/documents/:uid", [authHandler, roleHandler, ruleHandler, documentHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -8,6 +8,7 @@ import { File } from "le-coffre-resources/dist/Admin";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
import fileHandler from "@App/middlewares/OfficeMembershipHandlers/FileHandler";
|
||||
import roleHandler from "@App/middlewares/RolesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -20,7 +21,7 @@ export default class FilesController extends ApiController {
|
||||
* @description Get all Files
|
||||
* @returns File[] list of Files
|
||||
*/
|
||||
@Get("/api/v1/admin/files", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/admin/files", [authHandler, roleHandler, ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -49,7 +50,7 @@ export default class FilesController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific File by uid
|
||||
*/
|
||||
@Get("/api/v1/admin/files/download/:uid", [authHandler, ruleHandler, fileHandler])
|
||||
@Get("/api/v1/admin/files/download/:uid", [authHandler, roleHandler, ruleHandler, fileHandler])
|
||||
protected async download(req: Request, response: Response) {
|
||||
const uid = req.params["uid"];
|
||||
if (!uid) {
|
||||
@ -77,7 +78,7 @@ export default class FilesController extends ApiController {
|
||||
/**
|
||||
* @description Delete a specific File
|
||||
*/
|
||||
@Delete("/api/v1/admin/files/:uid", [authHandler, ruleHandler, fileHandler])
|
||||
@Delete("/api/v1/admin/files/:uid", [authHandler, roleHandler, ruleHandler, fileHandler])
|
||||
protected async delete(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -115,7 +116,7 @@ export default class FilesController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific File by uid
|
||||
*/
|
||||
@Get("/api/v1/admin/files/:uid", [authHandler, ruleHandler, fileHandler])
|
||||
@Get("/api/v1/admin/files/:uid", [authHandler, roleHandler, ruleHandler, fileHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -9,6 +9,7 @@ import { validateOrReject } from "class-validator";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
import folderHandler from "@App/middlewares/OfficeMembershipHandlers/FolderHandler";
|
||||
import roleHandler from "@App/middlewares/RolesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -20,7 +21,7 @@ export default class OfficeFoldersController extends ApiController {
|
||||
/**
|
||||
* @description Get all folders
|
||||
*/
|
||||
@Get("/api/v1/admin/folders", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/admin/folders", [authHandler, roleHandler, ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -80,7 +81,7 @@ export default class OfficeFoldersController extends ApiController {
|
||||
/**
|
||||
* @description Create a new folder
|
||||
*/
|
||||
@Post("/api/v1/admin/folders", [authHandler, ruleHandler, folderHandler])
|
||||
@Post("/api/v1/admin/folders", [authHandler, roleHandler, ruleHandler, folderHandler])
|
||||
protected async post(req: Request, response: Response) {
|
||||
try {
|
||||
//init OfficeFolder resource with request body values
|
||||
@ -104,7 +105,7 @@ export default class OfficeFoldersController extends ApiController {
|
||||
/**
|
||||
* @description Modify a specific folder by uid
|
||||
*/
|
||||
@Put("/api/v1/admin/folders/:uid", [authHandler, ruleHandler, folderHandler])
|
||||
@Put("/api/v1/admin/folders/:uid", [authHandler, roleHandler, ruleHandler, folderHandler])
|
||||
protected async put(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -146,7 +147,7 @@ export default class OfficeFoldersController extends ApiController {
|
||||
* @description Get a specific folder by uid
|
||||
* @returns IFolder
|
||||
*/
|
||||
@Get("/api/v1/admin/folders/:uid", [authHandler, ruleHandler, folderHandler])
|
||||
@Get("/api/v1/admin/folders/:uid", [authHandler, roleHandler, ruleHandler, folderHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -182,7 +183,7 @@ export default class OfficeFoldersController extends ApiController {
|
||||
/**
|
||||
* @description Delete a specific folder
|
||||
*/
|
||||
@Delete("/api/v1/admin/folders/:uid", [authHandler, ruleHandler, folderHandler])
|
||||
@Delete("/api/v1/admin/folders/:uid", [authHandler, roleHandler, ruleHandler, folderHandler])
|
||||
protected async delete(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -9,6 +9,7 @@ import { Prisma } from "@prisma/client";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
import officeRoleHandler from "@App/middlewares/OfficeMembershipHandlers/OfficeRoleHandler";
|
||||
import roleHandler from "@App/middlewares/RolesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -20,7 +21,7 @@ export default class OfficeRolesController extends ApiController {
|
||||
/**
|
||||
* @description Get all officeRoles
|
||||
*/
|
||||
@Get("/api/v1/admin/office-roles", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/admin/office-roles", [authHandler, roleHandler, ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -63,7 +64,7 @@ export default class OfficeRolesController extends ApiController {
|
||||
/**
|
||||
* @description Create a new officeRole
|
||||
*/
|
||||
@Post("/api/v1/admin/office-roles", [authHandler, ruleHandler, officeRoleHandler])
|
||||
@Post("/api/v1/admin/office-roles", [authHandler, roleHandler, ruleHandler, officeRoleHandler])
|
||||
protected async getAddresses(req: Request, response: Response) {
|
||||
try {
|
||||
//init IOfficeRole resource with request body values
|
||||
@ -91,7 +92,7 @@ export default class OfficeRolesController extends ApiController {
|
||||
/**
|
||||
* @description Modify a specific officeRole by uid
|
||||
*/
|
||||
@Put("/api/v1/admin/office-roles/:uid", [authHandler, ruleHandler, officeRoleHandler])
|
||||
@Put("/api/v1/admin/office-roles/:uid", [authHandler, roleHandler, ruleHandler, officeRoleHandler])
|
||||
protected async put(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -132,7 +133,7 @@ export default class OfficeRolesController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific officeRole by uid
|
||||
*/
|
||||
@Get("/api/v1/admin/office-roles/:uid", [authHandler, ruleHandler, officeRoleHandler])
|
||||
@Get("/api/v1/admin/office-roles/:uid", [authHandler, roleHandler, ruleHandler, officeRoleHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -7,6 +7,7 @@ import { Offices } from "@prisma/client";
|
||||
import { Office as OfficeResource } from "le-coffre-resources/dist/Admin";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import roleHandler from "@App/middlewares/RolesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -17,7 +18,7 @@ export default class OfficesController extends ApiController {
|
||||
/**
|
||||
* @description Get all offices
|
||||
*/
|
||||
@Get("/api/v1/admin/offices", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/admin/offices", [authHandler, roleHandler, ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -40,7 +41,7 @@ export default class OfficesController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific office by uid
|
||||
*/
|
||||
@Get("/api/v1/admin/offices/:uid", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/admin/offices/:uid", [authHandler, roleHandler, ruleHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -6,6 +6,7 @@ import { Service } from "typedi";
|
||||
import { Role } from "le-coffre-resources/dist/Admin";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
import roleHandler from "@App/middlewares/RolesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -17,7 +18,7 @@ export default class RolesController extends ApiController {
|
||||
/**
|
||||
* @description Get all roles
|
||||
*/
|
||||
@Get("/api/v1/admin/roles", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/admin/roles", [authHandler, roleHandler, ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -43,7 +44,7 @@ export default class RolesController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific role by uid
|
||||
*/
|
||||
@Get("/api/v1/admin/roles/:uid", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/admin/roles/:uid", [authHandler, roleHandler, ruleHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -6,6 +6,7 @@ import { Service } from "typedi";
|
||||
import { Rule } from "le-coffre-resources/dist/Admin";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
import roleHandler from "@App/middlewares/RolesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -17,7 +18,7 @@ export default class RulesController extends ApiController {
|
||||
/**
|
||||
* @description Get all rules
|
||||
*/
|
||||
@Get("/api/v1/admin/rules", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/admin/rules", [authHandler, roleHandler, ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -43,7 +44,7 @@ export default class RulesController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific rule by uid
|
||||
*/
|
||||
@Get("/api/v1/admin/rules/:uid", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/admin/rules/:uid", [authHandler, roleHandler, ruleHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -9,6 +9,7 @@ import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
import userHandler from "@App/middlewares/OfficeMembershipHandlers/UserHandler";
|
||||
import { validateOrReject } from "class-validator";
|
||||
import roleHandler from "@App/middlewares/RolesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -20,7 +21,7 @@ export default class UsersController extends ApiController {
|
||||
/**
|
||||
* @description Get all users
|
||||
*/
|
||||
@Get("/api/v1/admin/users", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/admin/users", [authHandler, roleHandler, ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -65,7 +66,7 @@ export default class UsersController extends ApiController {
|
||||
/**
|
||||
* @description Modify a specific user by uid
|
||||
*/
|
||||
@Put("/api/v1/admin/users/:uid", [authHandler, ruleHandler])
|
||||
@Put("/api/v1/admin/users/:uid", [authHandler, roleHandler, ruleHandler])
|
||||
protected async put(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -106,7 +107,7 @@ export default class UsersController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific user by uid
|
||||
*/
|
||||
@Get("/api/v1/admin/users/:uid", [authHandler, ruleHandler, userHandler])
|
||||
@Get("/api/v1/admin/users/:uid", [authHandler, roleHandler, ruleHandler, userHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -5,6 +5,7 @@ import AppointmentsService from "@Services/super-admin/AppointmentsService/Appoi
|
||||
import { Service } from "typedi";
|
||||
import { Appointment } from "le-coffre-resources/dist/SuperAdmin";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import roleHandler from "@App/middlewares/RolesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -16,7 +17,7 @@ export default class AppointmentsController extends ApiController {
|
||||
/**
|
||||
* @description Get all appointments
|
||||
*/
|
||||
@Get("/api/v1/super-admin/appointments", [authHandler])
|
||||
@Get("/api/v1/super-admin/appointments", [authHandler, roleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -42,7 +43,7 @@ export default class AppointmentsController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific appointment by uid
|
||||
*/
|
||||
@Get("/api/v1/super-admin/appointments/:uid", [authHandler])
|
||||
@Get("/api/v1/super-admin/appointments/:uid", [authHandler, roleHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -7,6 +7,7 @@ import { Customer } from "le-coffre-resources/dist/SuperAdmin";
|
||||
import { validateOrReject } from "class-validator";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
import roleHandler from "@App/middlewares/RolesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -18,7 +19,7 @@ export default class CustomersController extends ApiController {
|
||||
/**
|
||||
* @description Get all customers
|
||||
*/
|
||||
@Get("/api/v1/super-admin/customers", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/super-admin/customers", [authHandler, roleHandler, ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -44,7 +45,7 @@ export default class CustomersController extends ApiController {
|
||||
/**
|
||||
* @description Create a new customer
|
||||
*/
|
||||
@Post("/api/v1/super-admin/customers", [authHandler, ruleHandler])
|
||||
@Post("/api/v1/super-admin/customers", [authHandler, roleHandler, ruleHandler])
|
||||
protected async post(req: Request, response: Response) {
|
||||
try {
|
||||
//init IUser resource with request body values
|
||||
@ -70,7 +71,7 @@ export default class CustomersController extends ApiController {
|
||||
/**
|
||||
* @description Modify a specific customer by uid
|
||||
*/
|
||||
@Put("/api/v1/super-admin/customers/:uid", [authHandler, ruleHandler])
|
||||
@Put("/api/v1/super-admin/customers/:uid", [authHandler, roleHandler, ruleHandler])
|
||||
protected async put(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -111,7 +112,7 @@ export default class CustomersController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific customer by uid
|
||||
*/
|
||||
@Get("/api/v1/super-admin/customers/:uid", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/super-admin/customers/:uid", [authHandler, roleHandler, ruleHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -9,6 +9,7 @@ import { validateOrReject } from "class-validator";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
import deedTypeHandler from "@App/middlewares/OfficeMembershipHandlers/DeedTypeHandler";
|
||||
import roleHandler from "@App/middlewares/RolesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -21,7 +22,7 @@ export default class DeedTypesController extends ApiController {
|
||||
* @description Get all deedtypes
|
||||
* @returns Deedtype[] list of deedtypes
|
||||
*/
|
||||
@Get("/api/v1/super-admin/deed-types", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/super-admin/deed-types", [authHandler, roleHandler, ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -65,7 +66,7 @@ export default class DeedTypesController extends ApiController {
|
||||
* @description Create a new deedtype
|
||||
* @returns Deedtype created
|
||||
*/
|
||||
@Post("/api/v1/super-admin/deed-types", [authHandler, ruleHandler, deedTypeHandler])
|
||||
@Post("/api/v1/super-admin/deed-types", [authHandler, roleHandler, ruleHandler, deedTypeHandler])
|
||||
protected async post(req: Request, response: Response) {
|
||||
try {
|
||||
//init DeedType resource with request body values
|
||||
@ -94,7 +95,7 @@ export default class DeedTypesController extends ApiController {
|
||||
* @description Modify a specific deedtype by uid
|
||||
* @returns Deedtype modified
|
||||
*/
|
||||
@Put("/api/v1/super-admin/deed-types/:uid", [authHandler, ruleHandler, deedTypeHandler])
|
||||
@Put("/api/v1/super-admin/deed-types/:uid", [authHandler, roleHandler, ruleHandler, deedTypeHandler])
|
||||
protected async put(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -136,7 +137,7 @@ export default class DeedTypesController extends ApiController {
|
||||
* @description Get a specific deedtype by uid
|
||||
* @returns IDeedtype
|
||||
*/
|
||||
@Get("/api/v1/super-admin/deed-types/:uid", [authHandler, ruleHandler, deedTypeHandler])
|
||||
@Get("/api/v1/super-admin/deed-types/:uid", [authHandler, roleHandler, ruleHandler, deedTypeHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -9,6 +9,7 @@ import { validateOrReject } from "class-validator";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
import deedHandler from "@App/middlewares/OfficeMembershipHandlers/DeedHandler";
|
||||
import roleHandler from "@App/middlewares/RolesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -21,7 +22,7 @@ export default class DeedsController extends ApiController {
|
||||
* @description Get all deeds
|
||||
* @returns Deed[] list of deeds
|
||||
*/
|
||||
@Get("/api/v1/super-admin/deeds", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/super-admin/deeds", [authHandler, roleHandler, ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -52,7 +53,7 @@ export default class DeedsController extends ApiController {
|
||||
* @description Get a specific deed by uid
|
||||
* @returns Deed
|
||||
*/
|
||||
@Get("/api/v1/super-admin/deeds/:uid", [authHandler, ruleHandler, deedHandler])
|
||||
@Get("/api/v1/super-admin/deeds/:uid", [authHandler, roleHandler, ruleHandler, deedHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -87,7 +88,7 @@ export default class DeedsController extends ApiController {
|
||||
/**
|
||||
* @description Modify a specific deed by uid
|
||||
*/
|
||||
@Put("/api/v1/super-admin/deeds/:uid", [authHandler, ruleHandler, deedHandler])
|
||||
@Put("/api/v1/super-admin/deeds/:uid", [authHandler, roleHandler, ruleHandler, deedHandler])
|
||||
protected async put(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -10,6 +10,7 @@ import { validateOrReject } from "class-validator";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
import documentTypeHandler from "@App/middlewares/OfficeMembershipHandlers/DocumentTypeHandler";
|
||||
import roleHandler from "@App/middlewares/RolesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -21,7 +22,7 @@ export default class DocumentTypesController extends ApiController {
|
||||
/**
|
||||
* @description Get all document-types
|
||||
*/
|
||||
@Get("/api/v1/super-admin/document-types", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/super-admin/document-types", [authHandler, roleHandler, ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -53,7 +54,7 @@ export default class DocumentTypesController extends ApiController {
|
||||
/**
|
||||
* @description Create a new documentType
|
||||
*/
|
||||
@Post("/api/v1/super-admin/document-types", [authHandler, ruleHandler, documentTypeHandler])
|
||||
@Post("/api/v1/super-admin/document-types", [authHandler, roleHandler, ruleHandler, documentTypeHandler])
|
||||
protected async post(req: Request, response: Response) {
|
||||
try {
|
||||
//init DocumentType resource with request body values
|
||||
@ -82,7 +83,7 @@ export default class DocumentTypesController extends ApiController {
|
||||
/**
|
||||
* @description Modify a specific documentType by uid
|
||||
*/
|
||||
@Put("/api/v1/super-admin/document-types/:uid", [authHandler, ruleHandler, documentTypeHandler])
|
||||
@Put("/api/v1/super-admin/document-types/:uid", [authHandler, roleHandler, ruleHandler, documentTypeHandler])
|
||||
protected async put(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -122,7 +123,7 @@ export default class DocumentTypesController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific documentType by uid
|
||||
*/
|
||||
@Get("/api/v1/super-admin/document-types/:uid", [authHandler, ruleHandler, documentTypeHandler])
|
||||
@Get("/api/v1/super-admin/document-types/:uid", [authHandler, roleHandler, ruleHandler, documentTypeHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import documentHandler from "@App/middlewares/OfficeMembershipHandlers/DocumentHandler";
|
||||
import roleHandler from "@App/middlewares/RolesHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
import ApiController from "@Common/system/controller-pattern/ApiController";
|
||||
import { Controller, Delete, Get, Post, Put } from "@ControllerPattern/index";
|
||||
@ -21,7 +22,7 @@ export default class DocumentsController extends ApiController {
|
||||
* @description Get all documents
|
||||
* @returns IDocument[] list of documents
|
||||
*/
|
||||
@Get("/api/v1/super-admin/documents", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/super-admin/documents", [authHandler, roleHandler, ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -56,7 +57,7 @@ export default class DocumentsController extends ApiController {
|
||||
* @description Create a new document
|
||||
* @returns IDocument created
|
||||
*/
|
||||
@Post("/api/v1/super-admin/documents", [authHandler, ruleHandler, documentHandler])
|
||||
@Post("/api/v1/super-admin/documents", [authHandler, roleHandler, ruleHandler, documentHandler])
|
||||
protected async post(req: Request, response: Response) {
|
||||
try {
|
||||
//init Document resource with request body values
|
||||
@ -84,7 +85,7 @@ export default class DocumentsController extends ApiController {
|
||||
/**
|
||||
* @description Update a specific document
|
||||
*/
|
||||
@Put("/api/v1/super-admin/documents/:uid", [authHandler, ruleHandler, documentHandler])
|
||||
@Put("/api/v1/super-admin/documents/:uid", [authHandler, roleHandler, ruleHandler, documentHandler])
|
||||
protected async update(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -123,7 +124,7 @@ export default class DocumentsController extends ApiController {
|
||||
/**
|
||||
* @description Delete a specific document
|
||||
*/
|
||||
@Delete("/api/v1/super-admin/documents/:uid", [authHandler, ruleHandler, documentHandler])
|
||||
@Delete("/api/v1/super-admin/documents/:uid", [authHandler, roleHandler, ruleHandler, documentHandler])
|
||||
protected async delete(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -156,7 +157,7 @@ export default class DocumentsController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific document by uid
|
||||
*/
|
||||
@Get("/api/v1/super-admin/documents/:uid", [authHandler, ruleHandler, documentHandler])
|
||||
@Get("/api/v1/super-admin/documents/:uid", [authHandler, roleHandler, ruleHandler, documentHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -8,6 +8,7 @@ import { File } from "le-coffre-resources/dist/SuperAdmin";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
import fileHandler from "@App/middlewares/OfficeMembershipHandlers/FileHandler";
|
||||
import roleHandler from "@App/middlewares/RolesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -20,7 +21,7 @@ export default class FilesController extends ApiController {
|
||||
* @description Get all Files
|
||||
* @returns File[] list of Files
|
||||
*/
|
||||
@Get("/api/v1/super-admin/files", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/super-admin/files", [authHandler, roleHandler, ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -50,7 +51,7 @@ export default class FilesController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific File by uid
|
||||
*/
|
||||
@Get("/api/v1/super-admin/files/download/:uid", [authHandler, ruleHandler, fileHandler])
|
||||
@Get("/api/v1/super-admin/files/download/:uid", [authHandler, roleHandler, ruleHandler, fileHandler])
|
||||
protected async download(req: Request, response: Response) {
|
||||
const uid = req.params["uid"];
|
||||
if (!uid) {
|
||||
@ -78,7 +79,7 @@ export default class FilesController extends ApiController {
|
||||
/**
|
||||
* @description Delete a specific File
|
||||
*/
|
||||
@Delete("/api/v1/super-admin/files/:uid", [authHandler, ruleHandler, fileHandler])
|
||||
@Delete("/api/v1/super-admin/files/:uid", [authHandler, roleHandler, ruleHandler, fileHandler])
|
||||
protected async delete(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -116,7 +117,7 @@ export default class FilesController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific File by uid
|
||||
*/
|
||||
@Get("/api/v1/super-admin/files/:uid", [authHandler, ruleHandler, fileHandler])
|
||||
@Get("/api/v1/super-admin/files/:uid", [authHandler, roleHandler, ruleHandler, fileHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -1,4 +1,5 @@
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import roleHandler from "@App/middlewares/RolesHandler";
|
||||
import ApiController from "@Common/system/controller-pattern/ApiController";
|
||||
import { Controller, Post } from "@ControllerPattern/index";
|
||||
import { EAppointmentStatus } from "@prisma/client";
|
||||
@ -26,7 +27,7 @@ export default class LiveVoteController extends ApiController {
|
||||
/**
|
||||
* @description Create a new vote
|
||||
*/
|
||||
@Post("/api/v1/super-admin/live-votes", [authHandler])
|
||||
@Post("/api/v1/super-admin/live-votes", [authHandler, roleHandler])
|
||||
protected async post(req: Request, response: Response) {
|
||||
try {
|
||||
const userId = req.body.user.userId;
|
||||
|
||||
@ -9,6 +9,7 @@ import { validateOrReject } from "class-validator";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
import folderHandler from "@App/middlewares/OfficeMembershipHandlers/FolderHandler";
|
||||
import roleHandler from "@App/middlewares/RolesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -20,7 +21,7 @@ export default class OfficeFoldersController extends ApiController {
|
||||
/**
|
||||
* @description Get all folders
|
||||
*/
|
||||
@Get("/api/v1/super-admin/folders", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/super-admin/folders", [authHandler, roleHandler, ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -79,7 +80,7 @@ export default class OfficeFoldersController extends ApiController {
|
||||
/**
|
||||
* @description Create a new folder
|
||||
*/
|
||||
@Post("/api/v1/super-admin/folders", [authHandler, ruleHandler, folderHandler])
|
||||
@Post("/api/v1/super-admin/folders", [authHandler, roleHandler, ruleHandler, folderHandler])
|
||||
protected async post(req: Request, response: Response) {
|
||||
try {
|
||||
//init OfficeFolder resource with request body values
|
||||
@ -103,7 +104,7 @@ export default class OfficeFoldersController extends ApiController {
|
||||
/**
|
||||
* @description Modify a specific folder by uid
|
||||
*/
|
||||
@Put("/api/v1/super-admin/folders/:uid", [authHandler, ruleHandler, folderHandler])
|
||||
@Put("/api/v1/super-admin/folders/:uid", [authHandler, roleHandler, ruleHandler, folderHandler])
|
||||
protected async put(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -145,7 +146,7 @@ export default class OfficeFoldersController extends ApiController {
|
||||
* @description Get a specific folder by uid
|
||||
* @returns IFolder
|
||||
*/
|
||||
@Get("/api/v1/super-admin/folders/:uid", [authHandler, ruleHandler, folderHandler])
|
||||
@Get("/api/v1/super-admin/folders/:uid", [authHandler, roleHandler, ruleHandler, folderHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -180,7 +181,7 @@ export default class OfficeFoldersController extends ApiController {
|
||||
/**
|
||||
* @description Delete a specific folder
|
||||
*/
|
||||
@Delete("/api/v1/super-admin/folders/:uid", [authHandler, ruleHandler, folderHandler])
|
||||
@Delete("/api/v1/super-admin/folders/:uid", [authHandler, roleHandler, ruleHandler, folderHandler])
|
||||
protected async delete(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -9,6 +9,7 @@ import { Prisma } from "@prisma/client";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
import officeRoleHandler from "@App/middlewares/OfficeMembershipHandlers/OfficeRoleHandler";
|
||||
import roleHandler from "@App/middlewares/RolesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -20,7 +21,7 @@ export default class OfficeRolesController extends ApiController {
|
||||
/**
|
||||
* @description Get all officeRoles
|
||||
*/
|
||||
@Get("/api/v1/super-admin/office-roles", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/super-admin/office-roles", [authHandler, roleHandler, ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -62,7 +63,7 @@ export default class OfficeRolesController extends ApiController {
|
||||
/**
|
||||
* @description Create a new officeRole
|
||||
*/
|
||||
@Post("/api/v1/super-admin/office-roles", [authHandler, ruleHandler, officeRoleHandler])
|
||||
@Post("/api/v1/super-admin/office-roles", [authHandler, roleHandler, ruleHandler, officeRoleHandler])
|
||||
protected async getAddresses(req: Request, response: Response) {
|
||||
try {
|
||||
//init IOfficeRole resource with request body values
|
||||
@ -90,7 +91,7 @@ export default class OfficeRolesController extends ApiController {
|
||||
/**
|
||||
* @description Modify a specific officeRole by uid
|
||||
*/
|
||||
@Put("/api/v1/super-admin/office-roles/:uid", [authHandler, ruleHandler, officeRoleHandler])
|
||||
@Put("/api/v1/super-admin/office-roles/:uid", [authHandler, roleHandler, ruleHandler, officeRoleHandler])
|
||||
protected async put(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -131,7 +132,7 @@ export default class OfficeRolesController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific officeRole by uid
|
||||
*/
|
||||
@Get("/api/v1/super-admin/office-roles/:uid", [authHandler, ruleHandler, officeRoleHandler])
|
||||
@Get("/api/v1/super-admin/office-roles/:uid", [authHandler, roleHandler, ruleHandler, officeRoleHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -8,6 +8,7 @@ import { Office as OfficeResource } from "le-coffre-resources/dist/SuperAdmin";
|
||||
import { validateOrReject } from "class-validator";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import roleHandler from "@App/middlewares/RolesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -18,7 +19,7 @@ export default class OfficesController extends ApiController {
|
||||
/**
|
||||
* @description Get all offices
|
||||
*/
|
||||
@Get("/api/v1/super-admin/offices", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/super-admin/offices", [authHandler, roleHandler, ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -53,7 +54,7 @@ export default class OfficesController extends ApiController {
|
||||
/**
|
||||
* @description Create a new office
|
||||
*/
|
||||
@Post("/api/v1/super-admin/offices", [authHandler, ruleHandler])
|
||||
@Post("/api/v1/super-admin/offices", [authHandler, roleHandler, ruleHandler])
|
||||
protected async post(req: Request, response: Response) {
|
||||
try {
|
||||
//init IUser resource with request body values
|
||||
@ -76,7 +77,7 @@ export default class OfficesController extends ApiController {
|
||||
/**
|
||||
* @description Modify a specific office by uid
|
||||
*/
|
||||
@Put("/api/v1/super-admin/offices/:uid", [authHandler, ruleHandler])
|
||||
@Put("/api/v1/super-admin/offices/:uid", [authHandler, roleHandler, ruleHandler])
|
||||
protected async put(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -111,7 +112,7 @@ export default class OfficesController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific office by uid
|
||||
*/
|
||||
@Get("/api/v1/super-admin/offices/:uid", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/super-admin/offices/:uid", [authHandler, roleHandler, ruleHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -7,6 +7,7 @@ import { validateOrReject } from "class-validator";
|
||||
import { Role } from "le-coffre-resources/dist/SuperAdmin";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
import roleHandler from "@App/middlewares/RolesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -18,7 +19,7 @@ export default class RolesController extends ApiController {
|
||||
/**
|
||||
* @description Get all roles
|
||||
*/
|
||||
@Get("/api/v1/super-admin/roles", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/super-admin/roles", [authHandler, roleHandler, ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -44,7 +45,7 @@ export default class RolesController extends ApiController {
|
||||
/**
|
||||
* @description Create a new role
|
||||
*/
|
||||
@Post("/api/v1/super-admin/roles", [authHandler, ruleHandler])
|
||||
@Post("/api/v1/super-admin/roles", [authHandler, roleHandler, ruleHandler])
|
||||
protected async getAddresses(req: Request, response: Response) {
|
||||
try {
|
||||
//init IRole resource with request body values
|
||||
@ -72,7 +73,7 @@ export default class RolesController extends ApiController {
|
||||
/**
|
||||
* @description Modify a specific role by uid
|
||||
*/
|
||||
@Put("/api/v1/super-admin/roles/:uid", [authHandler, ruleHandler])
|
||||
@Put("/api/v1/super-admin/roles/:uid", [authHandler, roleHandler, ruleHandler])
|
||||
protected async put(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -113,7 +114,7 @@ export default class RolesController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific role by uid
|
||||
*/
|
||||
@Get("/api/v1/super-admin/roles/:uid", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/super-admin/roles/:uid", [authHandler, roleHandler, ruleHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -7,6 +7,7 @@ import { validateOrReject } from "class-validator";
|
||||
import { Rule } from "le-coffre-resources/dist/SuperAdmin";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
import roleHandler from "@App/middlewares/RolesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -18,7 +19,7 @@ export default class RulesController extends ApiController {
|
||||
/**
|
||||
* @description Get all rules
|
||||
*/
|
||||
@Get("/api/v1/super-admin/rules", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/super-admin/rules", [authHandler, roleHandler, ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -44,7 +45,7 @@ export default class RulesController extends ApiController {
|
||||
/**
|
||||
* @description Create a new rule
|
||||
*/
|
||||
@Post("/api/v1/super-admin/rules", [authHandler, ruleHandler])
|
||||
@Post("/api/v1/super-admin/rules", [authHandler, roleHandler, ruleHandler])
|
||||
protected async getAddresses(req: Request, response: Response) {
|
||||
try {
|
||||
//init IRule resource with request body values
|
||||
@ -72,7 +73,7 @@ export default class RulesController extends ApiController {
|
||||
/**
|
||||
* @description Modify a specific rule by uid
|
||||
*/
|
||||
@Put("/api/v1/super-admin/rules/:uid", [authHandler, ruleHandler])
|
||||
@Put("/api/v1/super-admin/rules/:uid", [authHandler, roleHandler, ruleHandler])
|
||||
protected async put(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -113,7 +114,7 @@ export default class RulesController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific rule by uid
|
||||
*/
|
||||
@Get("/api/v1/super-admin/rules/:uid", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/super-admin/rules/:uid", [authHandler, roleHandler, ruleHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -7,6 +7,7 @@ import { validateOrReject } from "class-validator";
|
||||
import User from "le-coffre-resources/dist/SuperAdmin";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import ruleHandler from "@App/middlewares/RulesHandler";
|
||||
import roleHandler from "@App/middlewares/RolesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -18,7 +19,7 @@ export default class UsersController extends ApiController {
|
||||
/**
|
||||
* @description Get all users
|
||||
*/
|
||||
@Get("/api/v1/super-admin/users", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/super-admin/users", [authHandler, roleHandler, ruleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -58,7 +59,7 @@ export default class UsersController extends ApiController {
|
||||
/**
|
||||
* @description Create a new user
|
||||
*/
|
||||
@Post("/api/v1/super-admin/users", [authHandler, ruleHandler])
|
||||
@Post("/api/v1/super-admin/users", [authHandler, roleHandler, ruleHandler])
|
||||
protected async create(req: Request, response: Response) {
|
||||
try {
|
||||
//init IUser resource with request body values
|
||||
@ -86,7 +87,7 @@ export default class UsersController extends ApiController {
|
||||
/**
|
||||
* @description Modify a specific user by uid
|
||||
*/
|
||||
@Put("/api/v1/super-admin/users/:uid", [authHandler, ruleHandler])
|
||||
@Put("/api/v1/super-admin/users/:uid", [authHandler, roleHandler, ruleHandler])
|
||||
protected async put(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -128,7 +129,7 @@ export default class UsersController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific user by uid
|
||||
*/
|
||||
@Get("/api/v1/super-admin/users/:uid", [authHandler, ruleHandler])
|
||||
@Get("/api/v1/super-admin/users/:uid", [authHandler, roleHandler, ruleHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
@ -6,6 +6,7 @@ import { Service } from "typedi";
|
||||
import { Vote } from "le-coffre-resources/dist/SuperAdmin";
|
||||
import authHandler from "@App/middlewares/AuthHandler";
|
||||
import { Votes } from "@prisma/client";
|
||||
import roleHandler from "@App/middlewares/RolesHandler";
|
||||
|
||||
@Controller()
|
||||
@Service()
|
||||
@ -17,7 +18,7 @@ export default class VotesController extends ApiController {
|
||||
/**
|
||||
* @description Get all votes
|
||||
*/
|
||||
@Get("/api/v1/super-admin/votes", [authHandler])
|
||||
@Get("/api/v1/super-admin/votes", [authHandler, roleHandler])
|
||||
protected async get(req: Request, response: Response) {
|
||||
try {
|
||||
//get query
|
||||
@ -43,7 +44,7 @@ export default class VotesController extends ApiController {
|
||||
/**
|
||||
* @description Get a specific vote by uid
|
||||
*/
|
||||
@Get("/api/v1/super-admin/votes/:uid", [authHandler])
|
||||
@Get("/api/v1/super-admin/votes/:uid", [authHandler, roleHandler])
|
||||
protected async getOneByUid(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
@ -78,7 +79,7 @@ export default class VotesController extends ApiController {
|
||||
/**
|
||||
* @description Delete a specific vote
|
||||
*/
|
||||
@Delete("/api/v1/super-admin/votes/:uid", [authHandler])
|
||||
@Delete("/api/v1/super-admin/votes/:uid", [authHandler, roleHandler])
|
||||
protected async delete(req: Request, response: Response) {
|
||||
try {
|
||||
const uid = req.params["uid"];
|
||||
|
||||
22
src/app/middlewares/RolesHandler.ts
Normal file
22
src/app/middlewares/RolesHandler.ts
Normal file
@ -0,0 +1,22 @@
|
||||
import HttpCodes from "@Common/system/controller-pattern/HttpCodes";
|
||||
import { NextFunction, Request, Response } from "express";
|
||||
|
||||
export default async function roleHandler(req: Request, response: Response, next: NextFunction) {
|
||||
try {
|
||||
|
||||
const namespace = req.path && req.path.split("/")[3];
|
||||
const role = req.body.user.role;
|
||||
|
||||
if (namespace != "notary" && role != namespace && role != "super-admin") {
|
||||
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this role");
|
||||
return;
|
||||
}
|
||||
|
||||
next();
|
||||
|
||||
} catch (error) {
|
||||
console.log(error);
|
||||
response.status(HttpCodes.INTERNAL_ERROR).send("Internal server error");
|
||||
return;
|
||||
}
|
||||
}
|
||||
@ -6,19 +6,7 @@ export default async function ruleHandler(req: Request, response: Response, next
|
||||
const rules = req.body.user.rules;
|
||||
const service = req.path && req.path.split("/")[4];
|
||||
|
||||
// if (!rules) {
|
||||
// response.status(HttpCodes.UNAUTHORIZED).send("Missing rules in JWT");
|
||||
// return;
|
||||
// }
|
||||
const namespace = req.path && req.path.split("/")[3];
|
||||
const role = req.body.user.role;
|
||||
|
||||
if (namespace != "notary" && role != namespace && role != "super-admin") {
|
||||
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this role");
|
||||
return;
|
||||
}
|
||||
|
||||
if (!rules.includes(req.method + " " + service) && role != "super-admin") {
|
||||
if (!rules.includes(req.method + " " + service)) {
|
||||
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with those rules");
|
||||
return;
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user