ammar/backend
1
0
Fork 0
mirror of https://github.com/SyncrowIOT/backend.git synced 2025-07-15 10:25:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update permission mappings and role permissions

Browse Source
This commit is contained in:
faris Aljohari
2025-01-22 06:47:12 -06:00
parent c3c30828ad
commit 19d6669a84
7 changed files with 55 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
libs/common/src/constants/permissions-mapping.ts
View File

@ -1,6 +1,14 @@
export const PermissionMapping = { export const PermissionMapping = {
DEVICE_MANAGEMENT: { DEVICE_MANAGEMENT: {
DEVICE: ['SINGLE_CONTROL', 'VIEW', 'DELETE', 'UPDATE', 'BATCH_CONTROL'], DEVICE: [
'SINGLE_CONTROL',
'VIEW',
'DELETE',
'UPDATE',
'BATCH_CONTROL',
'LOCATION_VIEW',
'LOCATION_UPDATE',
],
FIRMWARE: ['CONTROL', 'VIEW'], FIRMWARE: ['CONTROL', 'VIEW'],
}, },
COMMUNITY_MANAGEMENT: { COMMUNITY_MANAGEMENT: {

58
libs/common/src/constants/role-permissions.ts
View File

@ -7,11 +7,14 @@ export const RolePermissions = {
'DEVICE_DELETE', 'DEVICE_DELETE',
'DEVICE_UPDATE', 'DEVICE_UPDATE',
'DEVICE_BATCH_CONTROL', 'DEVICE_BATCH_CONTROL',
'DEVICE_LOCATION_VIEW',
'DEVICE_LOCATION_UPDATE',
'COMMUNITY_VIEW', 'COMMUNITY_VIEW',
'COMMUNITY_ADD', 'COMMUNITY_ADD',
'COMMUNITY_UPDATE', 'COMMUNITY_UPDATE',
'COMMUNITY_DELETE', 'COMMUNITY_DELETE',
'FIRMWARE_CONTROL', 'FIRMWARE_CONTROL',
'FIRMWARE_VIEW',
'SPACE_VIEW', 'SPACE_VIEW',
'SPACE_ADD', 'SPACE_ADD',
'SPACE_UPDATE', 'SPACE_UPDATE',
@ -20,19 +23,19 @@ export const RolePermissions = {
'SPACE_MODEL_VIEW', 'SPACE_MODEL_VIEW',
'SPACE_MODEL_UPDATE', 'SPACE_MODEL_UPDATE',
'SPACE_MODEL_DELETE', 'SPACE_MODEL_DELETE',
'ASSIGN_USER_TO_SPACE', 'SPACE_ASSIGN_USER_TO_SPACE',
'DELETE_USER_FROM_SPACE', 'SPACE_DELETE_USER_FROM_SPACE',
'SUBSPACE_VIEW', 'SUBSPACE_VIEW',
'SUBSPACE_ADD', 'SUBSPACE_ADD',
'SUBSPACE_UPDATE', 'SUBSPACE_UPDATE',
'SUBSPACE_DELETE', 'SUBSPACE_DELETE',
'ASSIGN_DEVICE_TO_SUBSPACE', 'SUBSPACE_ASSIGN_DEVICE_TO_SUBSPACE',
'DELETE_DEVICE_FROM_SUBSPACE', 'SUBSPACE_DELETE_DEVICE_FROM_SUBSPACE',
'VIEW_DEVICE_WIZARD', 'DEVICE_WIZARD_VIEW_DEVICE_WIZARD',
'VIEW_DEVICE_IN_SUBSPACE', 'SUBSPACE_DEVICE_VIEW_DEVICE_IN_SUBSPACE',
'VIEW_DEVICE_IN_SPACE', 'SPACE_DEVICE_VIEW_DEVICE_IN_SPACE',
'UPDATE_DEVICE_IN_SUBSPACE', 'SUBSPACE_DEVICE_UPDATE_DEVICE_IN_SUBSPACE',
'ASSIGN_DEVICE_TO_SPACE', 'SPACE_DEVICE_ASSIGN_DEVICE_TO_SPACE',
'AUTOMATION_VIEW', 'AUTOMATION_VIEW',
'AUTOMATION_ADD', 'AUTOMATION_ADD',
'AUTOMATION_UPDATE', 'AUTOMATION_UPDATE',
@ -45,6 +48,8 @@ export const RolePermissions = {
'SCENES_CONTROL', 'SCENES_CONTROL',
'VISITOR_PASSWORD_VIEW', 'VISITOR_PASSWORD_VIEW',
'VISITOR_PASSWORD_ADD', 'VISITOR_PASSWORD_ADD',
'VISITOR_PASSWORD_UPDATE',
'VISITOR_PASSWORD_DELETE',
'USER_ADD', 'USER_ADD',
'SPACE_MEMBER_ADD', 'SPACE_MEMBER_ADD',
], ],
@ -54,6 +59,8 @@ export const RolePermissions = {
'DEVICE_DELETE', 'DEVICE_DELETE',
'DEVICE_UPDATE', 'DEVICE_UPDATE',
'DEVICE_BATCH_CONTROL', 'DEVICE_BATCH_CONTROL',
'DEVICE_LOCATION_VIEW',
'DEVICE_LOCATION_UPDATE',
'COMMUNITY_VIEW', 'COMMUNITY_VIEW',
'COMMUNITY_ADD', 'COMMUNITY_ADD',
'COMMUNITY_UPDATE', 'COMMUNITY_UPDATE',
@ -67,19 +74,19 @@ export const RolePermissions = {
'SPACE_MODEL_VIEW', 'SPACE_MODEL_VIEW',
'SPACE_MODEL_UPDATE', 'SPACE_MODEL_UPDATE',
'SPACE_MODEL_DELETE', 'SPACE_MODEL_DELETE',
'ASSIGN_USER_TO_SPACE', 'SPACE_ASSIGN_USER_TO_SPACE',
'DELETE_USER_FROM_SPACE', 'SPACE_DELETE_USER_FROM_SPACE',
'SUBSPACE_VIEW', 'SUBSPACE_VIEW',
'SUBSPACE_ADD', 'SUBSPACE_ADD',
'SUBSPACE_UPDATE', 'SUBSPACE_UPDATE',
'SUBSPACE_DELETE', 'SUBSPACE_DELETE',
'ASSIGN_DEVICE_TO_SUBSPACE', 'SUBSPACE_ASSIGN_DEVICE_TO_SUBSPACE',
'DELETE_DEVICE_FROM_SUBSPACE', 'SUBSPACE_DELETE_DEVICE_FROM_SUBSPACE',
'VIEW_DEVICE_WIZARD', 'DEVICE_WIZARD_VIEW_DEVICE_WIZARD',
'VIEW_DEVICE_IN_SUBSPACE', 'SUBSPACE_DEVICE_VIEW_DEVICE_IN_SUBSPACE',
'VIEW_DEVICE_IN_SPACE', 'SPACE_DEVICE_VIEW_DEVICE_IN_SPACE',
'UPDATE_DEVICE_IN_SUBSPACE', 'SUBSPACE_DEVICE_UPDATE_DEVICE_IN_SUBSPACE',
'ASSIGN_DEVICE_TO_SPACE', 'SPACE_DEVICE_ASSIGN_DEVICE_TO_SPACE',
'AUTOMATION_VIEW', 'AUTOMATION_VIEW',
'AUTOMATION_ADD', 'AUTOMATION_ADD',
'AUTOMATION_UPDATE', 'AUTOMATION_UPDATE',
@ -92,6 +99,8 @@ export const RolePermissions = {
'SCENES_CONTROL', 'SCENES_CONTROL',
'VISITOR_PASSWORD_VIEW', 'VISITOR_PASSWORD_VIEW',
'VISITOR_PASSWORD_ADD', 'VISITOR_PASSWORD_ADD',
'VISITOR_PASSWORD_UPDATE',
'VISITOR_PASSWORD_DELETE',
'USER_ADD', 'USER_ADD',
'SPACE_MEMBER_ADD', 'SPACE_MEMBER_ADD',
], ],
@ -100,14 +109,13 @@ export const RolePermissions = {
'DEVICE_VIEW', 'DEVICE_VIEW',
'SPACE_VIEW', 'SPACE_VIEW',
'SUBSPACE_VIEW', 'SUBSPACE_VIEW',
'VIEW_DEVICE_WIZARD', 'DEVICE_WIZARD_VIEW_DEVICE_WIZARD',
'VIEW_DEVICE_IN_SUBSPACE', 'SUBSPACE_DEVICE_VIEW_DEVICE_IN_SUBSPACE',
'VIEW_DEVICE_IN_SPACE', 'SPACE_DEVICE_VIEW_DEVICE_IN_SPACE',
'AUTOMATION_VIEW', 'AUTOMATION_VIEW',
'AUTOMATION_CONTROL', 'AUTOMATION_CONTROL',
'SCENES_VIEW', 'SCENES_VIEW',
'SCENES_CONTROL', 'SCENES_CONTROL',
'VISITOR_PASSWORD_VIEW',
], ],
[RoleType.SPACE_OWNER]: [ [RoleType.SPACE_OWNER]: [
'DEVICE_SINGLE_CONTROL', 'DEVICE_SINGLE_CONTROL',
@ -115,6 +123,8 @@ export const RolePermissions = {
'FIRMWARE_CONTROL', 'FIRMWARE_CONTROL',
'FIRMWARE_VIEW', 'FIRMWARE_VIEW',
'SPACE_VIEW', 'SPACE_VIEW',
'DEVICE_LOCATION_VIEW',
'DEVICE_LOCATION_UPDATE',
'SPACE_MEMBER_ADD', 'SPACE_MEMBER_ADD',
'SUBSPACE_VIEW', 'SUBSPACE_VIEW',
'SUBSPACE_ADD', 'SUBSPACE_ADD',
@ -134,6 +144,8 @@ export const RolePermissions = {
'VISITOR_PASSWORD_ADD', 'VISITOR_PASSWORD_ADD',
'VISITOR_PASSWORD_UPDATE', 'VISITOR_PASSWORD_UPDATE',
'VISITOR_PASSWORD_DELETE', 'VISITOR_PASSWORD_DELETE',
'VIEW_DEVICE_WIZARD', 'DEVICE_WIZARD_VIEW_DEVICE_WIZARD',
'SPACE_ASSIGN_USER_TO_SPACE',
'SPACE_DELETE_USER_FROM_SPACE',
], ],
}; };

6
src/device/controllers/device.controller.ts
View File

@ -47,7 +47,7 @@ export class DeviceController {
constructor(private readonly deviceService: DeviceService) {} constructor(private readonly deviceService: DeviceService) {}
@ApiBearerAuth() @ApiBearerAuth()
@UseGuards(PermissionsGuard, CheckDeviceGuard) @UseGuards(PermissionsGuard, CheckDeviceGuard)
@Permissions('ASSIGN_DEVICE_TO_SPACE') @Permissions('SPACE_DEVICE_ASSIGN_DEVICE_TO_SPACE')
@Post() @Post()
@ApiOperation({ @ApiOperation({
summary: ControllerRoute.DEVICE.ACTIONS.ADD_DEVICE_TO_USER_SUMMARY, summary: ControllerRoute.DEVICE.ACTIONS.ADD_DEVICE_TO_USER_SUMMARY,
@ -77,7 +77,7 @@ export class DeviceController {
@ApiBearerAuth() @ApiBearerAuth()
@UseGuards(PermissionsGuard) @UseGuards(PermissionsGuard)
@Permissions('VIEW_DEVICE_IN_SPACE') @Permissions('SPACE_DEVICE_VIEW_DEVICE_IN_SPACE')
@Get('space/:spaceUuid') @Get('space/:spaceUuid')
@ApiOperation({ @ApiOperation({
summary: ControllerRoute.DEVICE.ACTIONS.GET_DEVICES_BY_SPACE_UUID_SUMMARY, summary: ControllerRoute.DEVICE.ACTIONS.GET_DEVICES_BY_SPACE_UUID_SUMMARY,
@ -89,7 +89,7 @@ export class DeviceController {
} }
@ApiBearerAuth() @ApiBearerAuth()
@UseGuards(PermissionsGuard, CheckRoomGuard) @UseGuards(PermissionsGuard, CheckRoomGuard)
@Permissions('UPDATE_DEVICE_IN_SUBSPACE') @Permissions('SUBSPACE_DEVICE_UPDATE_DEVICE_IN_SUBSPACE')
@Put('space') @Put('space')
@ApiOperation({ @ApiOperation({
summary: ControllerRoute.DEVICE.ACTIONS.UPDATE_DEVICE_IN_ROOM_SUMMARY, summary: ControllerRoute.DEVICE.ACTIONS.UPDATE_DEVICE_IN_ROOM_SUMMARY,

4
src/group/controllers/group.controller.ts
View File

@ -16,7 +16,7 @@ export class GroupController {
@ApiBearerAuth() @ApiBearerAuth()
@UseGuards(PermissionsGuard) @UseGuards(PermissionsGuard)
@Permissions('VIEW_DEVICE_WIZARD') @Permissions('DEVICE_WIZARD_VIEW_DEVICE_WIZARD')
@Get(':spaceUuid') @Get(':spaceUuid')
@ApiOperation({ @ApiOperation({
summary: ControllerRoute.GROUP.ACTIONS.GET_GROUPS_BY_SPACE_UUID_SUMMARY, summary: ControllerRoute.GROUP.ACTIONS.GET_GROUPS_BY_SPACE_UUID_SUMMARY,
@ -29,7 +29,7 @@ export class GroupController {
@ApiBearerAuth() @ApiBearerAuth()
@UseGuards(PermissionsGuard) @UseGuards(PermissionsGuard)
@Permissions('VIEW_DEVICE_WIZARD') @Permissions('DEVICE_WIZARD_VIEW_DEVICE_WIZARD')
@Get(':spaceUuid/devices/:groupName') @Get(':spaceUuid/devices/:groupName')
@ApiOperation({ @ApiOperation({
summary: summary:

2
src/space/controllers/space-device.controller.ts
View File

@ -17,7 +17,7 @@ export class SpaceDeviceController {
@ApiBearerAuth() @ApiBearerAuth()
@UseGuards(PermissionsGuard) @UseGuards(PermissionsGuard)
@Permissions('VIEW_DEVICE_IN_SPACE') @Permissions('SPACE_DEVICE_VIEW_DEVICE_IN_SPACE')
@ApiOperation({ @ApiOperation({
summary: ControllerRoute.SPACE_DEVICES.ACTIONS.LIST_SPACE_DEVICE_SUMMARY, summary: ControllerRoute.SPACE_DEVICES.ACTIONS.LIST_SPACE_DEVICE_SUMMARY,
description: description:

4
src/space/controllers/space-user.controller.ts
View File

@ -18,7 +18,7 @@ export class SpaceUserController {
@ApiBearerAuth() @ApiBearerAuth()
@Post('/:userUuid') @Post('/:userUuid')
@UseGuards(PermissionsGuard) @UseGuards(PermissionsGuard)
@Permissions('ASSIGN_USER_TO_SPACE') @Permissions('SPACE_ASSIGN_USER_TO_SPACE')
@ApiOperation({ @ApiOperation({
summary: summary:
ControllerRoute.SPACE_USER.ACTIONS.ASSOCIATE_SPACE_USER_DESCRIPTION, ControllerRoute.SPACE_USER.ACTIONS.ASSOCIATE_SPACE_USER_DESCRIPTION,
@ -34,7 +34,7 @@ export class SpaceUserController {
@ApiBearerAuth() @ApiBearerAuth()
@Delete('/:userUuid') @Delete('/:userUuid')
@UseGuards(PermissionsGuard) @UseGuards(PermissionsGuard)
@Permissions('DELETE_USER_FROM_SPACE') @Permissions('SPACE_ASSIGN_USER_TO_SPACE')
@ApiOperation({ @ApiOperation({
summary: ControllerRoute.SPACE_USER.ACTIONS.DISSOCIATE_SPACE_USER_SUMMARY, summary: ControllerRoute.SPACE_USER.ACTIONS.DISSOCIATE_SPACE_USER_SUMMARY,
description: description:

6
src/space/controllers/subspace/subspace-device.controller.ts
View File

@ -24,7 +24,7 @@ export class SubSpaceDeviceController {
@ApiBearerAuth() @ApiBearerAuth()
@UseGuards(PermissionsGuard) @UseGuards(PermissionsGuard)
@Permissions('VIEW_DEVICE_IN_SUBSPACE') @Permissions('SUBSPACE_DEVICE_VIEW_DEVICE_IN_SUBSPACE')
@ApiOperation({ @ApiOperation({
summary: summary:
ControllerRoute.SUBSPACE_DEVICE.ACTIONS.LIST_SUBSPACE_DEVICE_SUMMARY, ControllerRoute.SUBSPACE_DEVICE.ACTIONS.LIST_SUBSPACE_DEVICE_SUMMARY,
@ -40,7 +40,7 @@ export class SubSpaceDeviceController {
@ApiBearerAuth() @ApiBearerAuth()
@UseGuards(PermissionsGuard) @UseGuards(PermissionsGuard)
@Permissions('ASSIGN_DEVICE_TO_SUBSPACE') @Permissions('SUBSPACE_ASSIGN_DEVICE_TO_SUBSPACE')
@ApiOperation({ @ApiOperation({
summary: summary:
ControllerRoute.SUBSPACE_DEVICE.ACTIONS.ASSOCIATE_SUBSPACE_DEVICE_SUMMARY, ControllerRoute.SUBSPACE_DEVICE.ACTIONS.ASSOCIATE_SUBSPACE_DEVICE_SUMMARY,
@ -57,7 +57,7 @@ export class SubSpaceDeviceController {
@ApiBearerAuth() @ApiBearerAuth()
@UseGuards(PermissionsGuard) @UseGuards(PermissionsGuard)
@Permissions('DELETE_DEVICE_FROM_SUBSPACE') @Permissions('SUBSPACE_DELETE_DEVICE_FROM_SUBSPACE')
@ApiOperation({ @ApiOperation({
summary: summary:
ControllerRoute.SUBSPACE_DEVICE.ACTIONS ControllerRoute.SUBSPACE_DEVICE.ACTIONS