From 19d6669a849830eeea9167bc3ed2dc11bd771dc9 Mon Sep 17 00:00:00 2001 From: faris Aljohari <83524184+farisaljohari@users.noreply.github.com> Date: Wed, 22 Jan 2025 06:47:12 -0600 Subject: [PATCH] Update permission mappings and role permissions --- .../src/constants/permissions-mapping.ts | 10 +++- libs/common/src/constants/role-permissions.ts | 58 +++++++++++-------- src/device/controllers/device.controller.ts | 6 +- src/group/controllers/group.controller.ts | 4 +- .../controllers/space-device.controller.ts | 2 +- .../controllers/space-user.controller.ts | 4 +- .../subspace/subspace-device.controller.ts | 6 +- 7 files changed, 55 insertions(+), 35 deletions(-) diff --git a/libs/common/src/constants/permissions-mapping.ts b/libs/common/src/constants/permissions-mapping.ts index 09a4914..91cc595 100644 --- a/libs/common/src/constants/permissions-mapping.ts +++ b/libs/common/src/constants/permissions-mapping.ts @@ -1,6 +1,14 @@ export const PermissionMapping = { DEVICE_MANAGEMENT: { - DEVICE: ['SINGLE_CONTROL', 'VIEW', 'DELETE', 'UPDATE', 'BATCH_CONTROL'], + DEVICE: [ + 'SINGLE_CONTROL', + 'VIEW', + 'DELETE', + 'UPDATE', + 'BATCH_CONTROL', + 'LOCATION_VIEW', + 'LOCATION_UPDATE', + ], FIRMWARE: ['CONTROL', 'VIEW'], }, COMMUNITY_MANAGEMENT: { diff --git a/libs/common/src/constants/role-permissions.ts b/libs/common/src/constants/role-permissions.ts index 10b6067..906cbd2 100644 --- a/libs/common/src/constants/role-permissions.ts +++ b/libs/common/src/constants/role-permissions.ts @@ -7,11 +7,14 @@ export const RolePermissions = { 'DEVICE_DELETE', 'DEVICE_UPDATE', 'DEVICE_BATCH_CONTROL', + 'DEVICE_LOCATION_VIEW', + 'DEVICE_LOCATION_UPDATE', 'COMMUNITY_VIEW', 'COMMUNITY_ADD', 'COMMUNITY_UPDATE', 'COMMUNITY_DELETE', 'FIRMWARE_CONTROL', + 'FIRMWARE_VIEW', 'SPACE_VIEW', 'SPACE_ADD', 'SPACE_UPDATE', @@ -20,19 +23,19 @@ export const RolePermissions = { 'SPACE_MODEL_VIEW', 'SPACE_MODEL_UPDATE', 'SPACE_MODEL_DELETE', - 'ASSIGN_USER_TO_SPACE', - 'DELETE_USER_FROM_SPACE', + 'SPACE_ASSIGN_USER_TO_SPACE', + 'SPACE_DELETE_USER_FROM_SPACE', 'SUBSPACE_VIEW', 'SUBSPACE_ADD', 'SUBSPACE_UPDATE', 'SUBSPACE_DELETE', - 'ASSIGN_DEVICE_TO_SUBSPACE', - 'DELETE_DEVICE_FROM_SUBSPACE', - 'VIEW_DEVICE_WIZARD', - 'VIEW_DEVICE_IN_SUBSPACE', - 'VIEW_DEVICE_IN_SPACE', - 'UPDATE_DEVICE_IN_SUBSPACE', - 'ASSIGN_DEVICE_TO_SPACE', + 'SUBSPACE_ASSIGN_DEVICE_TO_SUBSPACE', + 'SUBSPACE_DELETE_DEVICE_FROM_SUBSPACE', + 'DEVICE_WIZARD_VIEW_DEVICE_WIZARD', + 'SUBSPACE_DEVICE_VIEW_DEVICE_IN_SUBSPACE', + 'SPACE_DEVICE_VIEW_DEVICE_IN_SPACE', + 'SUBSPACE_DEVICE_UPDATE_DEVICE_IN_SUBSPACE', + 'SPACE_DEVICE_ASSIGN_DEVICE_TO_SPACE', 'AUTOMATION_VIEW', 'AUTOMATION_ADD', 'AUTOMATION_UPDATE', @@ -45,6 +48,8 @@ export const RolePermissions = { 'SCENES_CONTROL', 'VISITOR_PASSWORD_VIEW', 'VISITOR_PASSWORD_ADD', + 'VISITOR_PASSWORD_UPDATE', + 'VISITOR_PASSWORD_DELETE', 'USER_ADD', 'SPACE_MEMBER_ADD', ], @@ -54,6 +59,8 @@ export const RolePermissions = { 'DEVICE_DELETE', 'DEVICE_UPDATE', 'DEVICE_BATCH_CONTROL', + 'DEVICE_LOCATION_VIEW', + 'DEVICE_LOCATION_UPDATE', 'COMMUNITY_VIEW', 'COMMUNITY_ADD', 'COMMUNITY_UPDATE', @@ -67,19 +74,19 @@ export const RolePermissions = { 'SPACE_MODEL_VIEW', 'SPACE_MODEL_UPDATE', 'SPACE_MODEL_DELETE', - 'ASSIGN_USER_TO_SPACE', - 'DELETE_USER_FROM_SPACE', + 'SPACE_ASSIGN_USER_TO_SPACE', + 'SPACE_DELETE_USER_FROM_SPACE', 'SUBSPACE_VIEW', 'SUBSPACE_ADD', 'SUBSPACE_UPDATE', 'SUBSPACE_DELETE', - 'ASSIGN_DEVICE_TO_SUBSPACE', - 'DELETE_DEVICE_FROM_SUBSPACE', - 'VIEW_DEVICE_WIZARD', - 'VIEW_DEVICE_IN_SUBSPACE', - 'VIEW_DEVICE_IN_SPACE', - 'UPDATE_DEVICE_IN_SUBSPACE', - 'ASSIGN_DEVICE_TO_SPACE', + 'SUBSPACE_ASSIGN_DEVICE_TO_SUBSPACE', + 'SUBSPACE_DELETE_DEVICE_FROM_SUBSPACE', + 'DEVICE_WIZARD_VIEW_DEVICE_WIZARD', + 'SUBSPACE_DEVICE_VIEW_DEVICE_IN_SUBSPACE', + 'SPACE_DEVICE_VIEW_DEVICE_IN_SPACE', + 'SUBSPACE_DEVICE_UPDATE_DEVICE_IN_SUBSPACE', + 'SPACE_DEVICE_ASSIGN_DEVICE_TO_SPACE', 'AUTOMATION_VIEW', 'AUTOMATION_ADD', 'AUTOMATION_UPDATE', @@ -92,6 +99,8 @@ export const RolePermissions = { 'SCENES_CONTROL', 'VISITOR_PASSWORD_VIEW', 'VISITOR_PASSWORD_ADD', + 'VISITOR_PASSWORD_UPDATE', + 'VISITOR_PASSWORD_DELETE', 'USER_ADD', 'SPACE_MEMBER_ADD', ], @@ -100,14 +109,13 @@ export const RolePermissions = { 'DEVICE_VIEW', 'SPACE_VIEW', 'SUBSPACE_VIEW', - 'VIEW_DEVICE_WIZARD', - 'VIEW_DEVICE_IN_SUBSPACE', - 'VIEW_DEVICE_IN_SPACE', + 'DEVICE_WIZARD_VIEW_DEVICE_WIZARD', + 'SUBSPACE_DEVICE_VIEW_DEVICE_IN_SUBSPACE', + 'SPACE_DEVICE_VIEW_DEVICE_IN_SPACE', 'AUTOMATION_VIEW', 'AUTOMATION_CONTROL', 'SCENES_VIEW', 'SCENES_CONTROL', - 'VISITOR_PASSWORD_VIEW', ], [RoleType.SPACE_OWNER]: [ 'DEVICE_SINGLE_CONTROL', @@ -115,6 +123,8 @@ export const RolePermissions = { 'FIRMWARE_CONTROL', 'FIRMWARE_VIEW', 'SPACE_VIEW', + 'DEVICE_LOCATION_VIEW', + 'DEVICE_LOCATION_UPDATE', 'SPACE_MEMBER_ADD', 'SUBSPACE_VIEW', 'SUBSPACE_ADD', @@ -134,6 +144,8 @@ export const RolePermissions = { 'VISITOR_PASSWORD_ADD', 'VISITOR_PASSWORD_UPDATE', 'VISITOR_PASSWORD_DELETE', - 'VIEW_DEVICE_WIZARD', + 'DEVICE_WIZARD_VIEW_DEVICE_WIZARD', + 'SPACE_ASSIGN_USER_TO_SPACE', + 'SPACE_DELETE_USER_FROM_SPACE', ], }; diff --git a/src/device/controllers/device.controller.ts b/src/device/controllers/device.controller.ts index 26b49ea..1ec8c6c 100644 --- a/src/device/controllers/device.controller.ts +++ b/src/device/controllers/device.controller.ts @@ -47,7 +47,7 @@ export class DeviceController { constructor(private readonly deviceService: DeviceService) {} @ApiBearerAuth() @UseGuards(PermissionsGuard, CheckDeviceGuard) - @Permissions('ASSIGN_DEVICE_TO_SPACE') + @Permissions('SPACE_DEVICE_ASSIGN_DEVICE_TO_SPACE') @Post() @ApiOperation({ summary: ControllerRoute.DEVICE.ACTIONS.ADD_DEVICE_TO_USER_SUMMARY, @@ -77,7 +77,7 @@ export class DeviceController { @ApiBearerAuth() @UseGuards(PermissionsGuard) - @Permissions('VIEW_DEVICE_IN_SPACE') + @Permissions('SPACE_DEVICE_VIEW_DEVICE_IN_SPACE') @Get('space/:spaceUuid') @ApiOperation({ summary: ControllerRoute.DEVICE.ACTIONS.GET_DEVICES_BY_SPACE_UUID_SUMMARY, @@ -89,7 +89,7 @@ export class DeviceController { } @ApiBearerAuth() @UseGuards(PermissionsGuard, CheckRoomGuard) - @Permissions('UPDATE_DEVICE_IN_SUBSPACE') + @Permissions('SUBSPACE_DEVICE_UPDATE_DEVICE_IN_SUBSPACE') @Put('space') @ApiOperation({ summary: ControllerRoute.DEVICE.ACTIONS.UPDATE_DEVICE_IN_ROOM_SUMMARY, diff --git a/src/group/controllers/group.controller.ts b/src/group/controllers/group.controller.ts index 513bbeb..a183cad 100644 --- a/src/group/controllers/group.controller.ts +++ b/src/group/controllers/group.controller.ts @@ -16,7 +16,7 @@ export class GroupController { @ApiBearerAuth() @UseGuards(PermissionsGuard) - @Permissions('VIEW_DEVICE_WIZARD') + @Permissions('DEVICE_WIZARD_VIEW_DEVICE_WIZARD') @Get(':spaceUuid') @ApiOperation({ summary: ControllerRoute.GROUP.ACTIONS.GET_GROUPS_BY_SPACE_UUID_SUMMARY, @@ -29,7 +29,7 @@ export class GroupController { @ApiBearerAuth() @UseGuards(PermissionsGuard) - @Permissions('VIEW_DEVICE_WIZARD') + @Permissions('DEVICE_WIZARD_VIEW_DEVICE_WIZARD') @Get(':spaceUuid/devices/:groupName') @ApiOperation({ summary: diff --git a/src/space/controllers/space-device.controller.ts b/src/space/controllers/space-device.controller.ts index dbb1585..7009531 100644 --- a/src/space/controllers/space-device.controller.ts +++ b/src/space/controllers/space-device.controller.ts @@ -17,7 +17,7 @@ export class SpaceDeviceController { @ApiBearerAuth() @UseGuards(PermissionsGuard) - @Permissions('VIEW_DEVICE_IN_SPACE') + @Permissions('SPACE_DEVICE_VIEW_DEVICE_IN_SPACE') @ApiOperation({ summary: ControllerRoute.SPACE_DEVICES.ACTIONS.LIST_SPACE_DEVICE_SUMMARY, description: diff --git a/src/space/controllers/space-user.controller.ts b/src/space/controllers/space-user.controller.ts index faf887a..d2709ad 100644 --- a/src/space/controllers/space-user.controller.ts +++ b/src/space/controllers/space-user.controller.ts @@ -18,7 +18,7 @@ export class SpaceUserController { @ApiBearerAuth() @Post('/:userUuid') @UseGuards(PermissionsGuard) - @Permissions('ASSIGN_USER_TO_SPACE') + @Permissions('SPACE_ASSIGN_USER_TO_SPACE') @ApiOperation({ summary: ControllerRoute.SPACE_USER.ACTIONS.ASSOCIATE_SPACE_USER_DESCRIPTION, @@ -34,7 +34,7 @@ export class SpaceUserController { @ApiBearerAuth() @Delete('/:userUuid') @UseGuards(PermissionsGuard) - @Permissions('DELETE_USER_FROM_SPACE') + @Permissions('SPACE_ASSIGN_USER_TO_SPACE') @ApiOperation({ summary: ControllerRoute.SPACE_USER.ACTIONS.DISSOCIATE_SPACE_USER_SUMMARY, description: diff --git a/src/space/controllers/subspace/subspace-device.controller.ts b/src/space/controllers/subspace/subspace-device.controller.ts index 1bb3db4..664cf38 100644 --- a/src/space/controllers/subspace/subspace-device.controller.ts +++ b/src/space/controllers/subspace/subspace-device.controller.ts @@ -24,7 +24,7 @@ export class SubSpaceDeviceController { @ApiBearerAuth() @UseGuards(PermissionsGuard) - @Permissions('VIEW_DEVICE_IN_SUBSPACE') + @Permissions('SUBSPACE_DEVICE_VIEW_DEVICE_IN_SUBSPACE') @ApiOperation({ summary: ControllerRoute.SUBSPACE_DEVICE.ACTIONS.LIST_SUBSPACE_DEVICE_SUMMARY, @@ -40,7 +40,7 @@ export class SubSpaceDeviceController { @ApiBearerAuth() @UseGuards(PermissionsGuard) - @Permissions('ASSIGN_DEVICE_TO_SUBSPACE') + @Permissions('SUBSPACE_ASSIGN_DEVICE_TO_SUBSPACE') @ApiOperation({ summary: ControllerRoute.SUBSPACE_DEVICE.ACTIONS.ASSOCIATE_SUBSPACE_DEVICE_SUMMARY, @@ -57,7 +57,7 @@ export class SubSpaceDeviceController { @ApiBearerAuth() @UseGuards(PermissionsGuard) - @Permissions('DELETE_DEVICE_FROM_SUBSPACE') + @Permissions('SUBSPACE_DELETE_DEVICE_FROM_SUBSPACE') @ApiOperation({ summary: ControllerRoute.SUBSPACE_DEVICE.ACTIONS