ammar/backend
1
0
Fork 0
mirror of https://github.com/SyncrowIOT/backend.git synced 2025-07-10 15:17:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #171 from SyncrowIOT/SP-901-be-invite-a-new-role-and-assign-spaces

Browse Source 
Sp 901 be invite a new role and assign spaces
This commit is contained in:
faris Aljohari
2024-12-17 00:42:18 -06:00
committed by GitHub
parent 37d016ea43 5e9a8f3f78
commit dcf6fe144b
63 changed files with 1035 additions and 243 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
libs/common/src/auth/interfaces/auth.interface.ts
View File

@ -4,5 +4,5 @@ export class AuthInterface {
uuid: string;
sessionId: string;
id: number;
roles?: string[];
role?: object;
}

5
libs/common/src/auth/services/auth.service.ts
View File

@ -39,7 +39,7 @@ export class AuthService {
}
: undefined,
},
relations: ['roles.roleType'],
relations: ['roleType'],
});
if (!user.isUserVerified) {
@ -85,9 +85,8 @@ export class AuthService {
email: user.email,
userId: user.userId,
uuid: user.uuid,
type: user.type,
sessionId: user.sessionId,
roles: user?.roles,
role: user?.role,
googleCode: user.googleCode,
};
if (payload.googleCode) {

2
libs/common/src/auth/strategies/jwt.strategy.ts
View File

@ -31,7 +31,7 @@ export class JwtStrategy extends PassportStrategy(Strategy, 'jwt') {
userUuid: payload.uuid,
uuid: payload.uuid,
sessionId: payload.sessionId,
roles: payload?.roles,
role: payload?.role,
};
} else {
throw new BadRequestException('Unauthorized');

2
libs/common/src/auth/strategies/refresh-token.strategy.ts
View File

@ -34,7 +34,7 @@ export class RefreshTokenStrategy extends PassportStrategy(
userUuid: payload.uuid,
uuid: payload.uuid,
sessionId: payload.sessionId,
roles: payload?.roles,
role: payload?.role,
};
} else {
throw new BadRequestException('Unauthorized');

20
libs/common/src/constants/controller-route.ts
View File

@ -721,4 +721,24 @@ export class ControllerRoute {
'This endpoint deletes a users subscription for device messages.';
};
};
static INVITE_USER = class {
public static readonly ROUTE = 'invite-user';
static ACTIONS = class {
public static readonly CREATE_USER_INVITATION_SUMMARY =
'Create user invitation';
public static readonly CREATE_USER_INVITATION_DESCRIPTION =
'This endpoint creates an invitation for a user to assign to role and spaces.';
};
};
static PERMISSION = class {
public static readonly ROUTE = 'permission';
static ACTIONS = class {
public static readonly GET_PERMISSION_BY_ROLE_SUMMARY =
'Get permissions by role';
public static readonly GET_PERMISSION_BY_ROLE_DESCRIPTION =
'This endpoint retrieves the permissions associated with a specific role.';
};
};
}

43
libs/common/src/constants/permissions-mapping.ts Normal file
View File

@ -0,0 +1,43 @@
export const PermissionMapping = {
DEVICE_MANAGEMENT: {
DEVICE: ['SINGLE_CONTROL', 'VIEW', 'DELETE', 'UPDATE', 'BATCH_CONTROL'],
FIRMWARE: ['CONTROL', 'VIEW'],
},
COMMUNITY_MANAGEMENT: {
COMMUNITY: ['VIEW', 'ADD', 'UPDATE', 'DELETE'],
},
SPACE_MANAGEMENT: {
SPACE: [
'VIEW',
'ADD',
'UPDATE',
'DELETE',
'MODULE_ADD',
'ASSIGN_USER_TO_SPACE',
'DELETE_USER_FROM_SPACE',
],
SUBSPACE: [
'VIEW',
'ADD',
'UPDATE',
'DELETE',
'ASSIGN_DEVICE_TO_SUBSPACE',
'DELETE_DEVICE_FROM_SUBSPACE',
],
},
DEVICE_WIZARD: {
DEVICE_WIZARD: ['VIEW_DEVICE_WIZARD'],
SPACE_DEVICE: ['VIEW_DEVICE_IN_SPACE', 'ASSIGN_DEVICE_TO_SPACE'],
SUBSPACE_DEVICE: ['VIEW_DEVICE_IN_SUBSPACE', 'UPDATE_DEVICE_IN_SUBSPACE'],
},
AUTOMATION_MANAGEMENT: {
AUTOMATION: ['VIEW', 'ADD', 'UPDATE', 'DELETE', 'CONTROL'],
SCENES: ['VIEW', 'ADD', 'UPDATE', 'DELETE', 'CONTROL'],
},
VISITOR_PASSWORD_MANAGEMENT: {
VISITOR_PASSWORD: ['VIEW', 'ADD', 'UPDATE', 'DELETE'],
},
USER_MANAGEMENT: {
USER: ['ADD'],
},
};

130
libs/common/src/constants/role-permissions.ts Normal file
View File

@ -0,0 +1,130 @@
import { RoleType } from './role.type.enum';
export const RolePermissions = {
[RoleType.SUPER_ADMIN]: [
'DEVICE_SINGLE_CONTROL',
'DEVICE_VIEW',
'DEVICE_DELETE',
'DEVICE_UPDATE',
'DEVICE_BATCH_CONTROL',
'COMMUNITY_VIEW',
'COMMUNITY_ADD',
'COMMUNITY_UPDATE',
'COMMUNITY_DELETE',
'FIRMWARE_CONTROL',
'SPACE_VIEW',
'SPACE_ADD',
'SPACE_UPDATE',
'SPACE_DELETE',
'SPACE_MODULE_ADD',
'ASSIGN_USER_TO_SPACE',
'DELETE_USER_FROM_SPACE',
'SUBSPACE_VIEW',
'SUBSPACE_ADD',
'SUBSPACE_UPDATE',
'SUBSPACE_DELETE',
'ASSIGN_DEVICE_TO_SUBSPACE',
'DELETE_DEVICE_FROM_SUBSPACE',
'VIEW_DEVICE_WIZARD',
'VIEW_DEVICE_IN_SUBSPACE',
'VIEW_DEVICE_IN_SPACE',
'UPDATE_DEVICE_IN_SUBSPACE',
'ASSIGN_DEVICE_TO_SPACE',
'AUTOMATION_VIEW',
'AUTOMATION_ADD',
'AUTOMATION_UPDATE',
'AUTOMATION_DELETE',
'AUTOMATION_CONTROL',
'SCENES_VIEW',
'SCENES_ADD',
'SCENES_UPDATE',
'SCENES_DELETE',
'SCENES_CONTROL',
'VISITOR_PASSWORD_VIEW',
'VISITOR_PASSWORD_ADD',
'USER_ADD',
],
[RoleType.ADMIN]: [
'DEVICE_SINGLE_CONTROL',
'DEVICE_VIEW',
'DEVICE_DELETE',
'DEVICE_UPDATE',
'DEVICE_BATCH_CONTROL',
'COMMUNITY_VIEW',
'COMMUNITY_ADD',
'COMMUNITY_UPDATE',
'COMMUNITY_DELETE',
'FIRMWARE_CONTROL',
'SPACE_VIEW',
'SPACE_ADD',
'SPACE_UPDATE',
'SPACE_DELETE',
'SPACE_MODULE_ADD',
'ASSIGN_USER_TO_SPACE',
'DELETE_USER_FROM_SPACE',
'SUBSPACE_VIEW',
'SUBSPACE_ADD',
'SUBSPACE_UPDATE',
'SUBSPACE_DELETE',
'ASSIGN_DEVICE_TO_SUBSPACE',
'DELETE_DEVICE_FROM_SUBSPACE',
'VIEW_DEVICE_WIZARD',
'VIEW_DEVICE_IN_SUBSPACE',
'VIEW_DEVICE_IN_SPACE',
'UPDATE_DEVICE_IN_SUBSPACE',
'ASSIGN_DEVICE_TO_SPACE',
'AUTOMATION_VIEW',
'AUTOMATION_ADD',
'AUTOMATION_UPDATE',
'AUTOMATION_DELETE',
'AUTOMATION_CONTROL',
'SCENES_VIEW',
'SCENES_ADD',
'SCENES_UPDATE',
'SCENES_DELETE',
'SCENES_CONTROL',
'VISITOR_PASSWORD_VIEW',
'VISITOR_PASSWORD_ADD',
'USER_ADD',
],
[RoleType.SPACE_MEMBER]: [
'DEVICE_SINGLE_CONTROL',
'DEVICE_VIEW',
'SPACE_VIEW',
'SUBSPACE_VIEW',
'VIEW_DEVICE_WIZARD',
'VIEW_DEVICE_IN_SUBSPACE',
'VIEW_DEVICE_IN_SPACE',
'AUTOMATION_VIEW',
'AUTOMATION_CONTROL',
'SCENES_VIEW',
'SCENES_CONTROL',
'VISITOR_PASSWORD_VIEW',
],
[RoleType.SPACE_OWNER]: [
'DEVICE_SINGLE_CONTROL',
'DEVICE_VIEW',
'FIRMWARE_CONTROL',
'FIRMWARE_VIEW',
'SPACE_VIEW',
'SPACE_MEMBER_ADD',
'SUBSPACE_VIEW',
'SUBSPACE_ADD',
'SUBSPACE_UPDATE',
'SUBSPACE_DELETE',
'AUTOMATION_VIEW',
'AUTOMATION_ADD',
'AUTOMATION_UPDATE',
'AUTOMATION_DELETE',
'AUTOMATION_CONTROL',
'SCENES_VIEW',
'SCENES_ADD',
'SCENES_UPDATE',
'SCENES_DELETE',
'SCENES_CONTROL',
'VISITOR_PASSWORD_VIEW',
'VISITOR_PASSWORD_ADD',
'VISITOR_PASSWORD_UPDATE',
'VISITOR_PASSWORD_DELETE',
],
};

2
libs/common/src/constants/role.type.enum.ts
View File

@ -1,4 +1,6 @@
export enum RoleType {
SUPER_ADMIN = 'SUPER_ADMIN',
ADMIN = 'ADMIN',
SPACE_OWNER = 'SPACE_OWNER',
SPACE_MEMBER = 'SPACE_MEMBER',
}

5
libs/common/src/constants/user-status.enum.ts Normal file
View File

@ -0,0 +1,5 @@
export enum UserStatusEnum {
ACTIVE = 'active',
INVITED = 'invited',
DISABLED = 'disabled',
}

8
libs/common/src/database/database.module.ts
View File

@ -15,7 +15,6 @@ import {
} from '../modules/space/entities';
import { UserSpaceEntity } from '../modules/user/entities';
import { DeviceUserPermissionEntity } from '../modules/device/entities';
import { UserRoleEntity } from '../modules/user/entities';
import { RoleTypeEntity } from '../modules/role-type/entities';
import { UserNotificationEntity } from '../modules/user/entities';
import { DeviceNotificationEntity } from '../modules/device/entities';
@ -34,6 +33,10 @@ import {
SpaceProductModelEntity,
SubspaceModelEntity,
} from '../modules/space-model/entities';
import {
InviteUserEntity,
InviteUserSpaceEntity,
} from '../modules/invite-user/entities';
@Module({
imports: [
TypeOrmModule.forRootAsync({
@ -63,7 +66,6 @@ import {
SpaceProductEntity,
UserSpaceEntity,
DeviceUserPermissionEntity,
UserRoleEntity,
RoleTypeEntity,
UserNotificationEntity,
DeviceNotificationEntity,
@ -78,6 +80,8 @@ import {
SpaceProductModelEntity,
SpaceProductItemModelEntity,
SubspaceModelEntity,
InviteUserEntity,
InviteUserSpaceEntity,
],
namingStrategy: new SnakeNamingStrategy(),
synchronize: Boolean(JSON.parse(configService.get('DB_SYNC'))),

13
libs/common/src/modules/Invite-user/Invite-user.repository.module.ts Normal file
View File

@ -0,0 +1,13 @@
import { Module } from '@nestjs/common';
import { TypeOrmModule } from '@nestjs/typeorm';
import { InviteUserEntity, InviteUserSpaceEntity } from './entities';
@Module({
providers: [],
exports: [],
controllers: [],
imports: [
TypeOrmModule.forFeature([InviteUserEntity, InviteUserSpaceEntity]),
],
})
export class InviteUserRepositoryModule {}

50
libs/common/src/modules/Invite-user/dtos/Invite-user.dto.ts Normal file
View File

@ -0,0 +1,50 @@
import { RoleType } from '@app/common/constants/role.type.enum';
import { UserStatusEnum } from '@app/common/constants/user-status.enum';
import { IsEnum, IsNotEmpty, IsString } from 'class-validator';
export class InviteUserDto {
@IsString()
@IsNotEmpty()
public uuid: string;
@IsString()
@IsNotEmpty()
public email: string;
@IsString()
@IsNotEmpty()
public jobTitle: string;
@IsEnum(UserStatusEnum)
@IsNotEmpty()
public status: UserStatusEnum;
@IsString()
@IsNotEmpty()
public firstName: string;
@IsString()
@IsNotEmpty()
public lastName: string;
@IsEnum(RoleType)
@IsNotEmpty()
public invitedBy: RoleType;
}
export class InviteUserSpaceDto {
@IsString()
@IsNotEmpty()
public uuid: string;
@IsString()
@IsNotEmpty()
public inviteUserUuid: string;
@IsString()
@IsNotEmpty()
public spaceUuid: string;
@IsString()
@IsNotEmpty()
public invitationCode: string;
}

1
libs/common/src/modules/Invite-user/dtos/index.ts Normal file
View File

@ -0,0 +1 @@
export * from './invite-user.dto';

119
libs/common/src/modules/Invite-user/entities/Invite-user.entity.ts Normal file
View File

@ -0,0 +1,119 @@
import {
Column,
Entity,
JoinColumn,
ManyToOne,
OneToMany,
OneToOne,
Unique,
} from 'typeorm';
import { InviteUserDto, InviteUserSpaceDto } from '../dtos';
import { AbstractEntity } from '../../abstract/entities/abstract.entity';
import { RoleTypeEntity } from '../../role-type/entities';
import { UserStatusEnum } from '@app/common/constants/user-status.enum';
import { UserEntity } from '../../user/entities';
import { SpaceEntity } from '../../space/entities';
import { RoleType } from '@app/common/constants/role.type.enum';
@Entity({ name: 'invite-user' })
@Unique(['email', 'invitationCode'])
export class InviteUserEntity extends AbstractEntity<InviteUserDto> {
@Column({
type: 'uuid',
default: () => 'gen_random_uuid()',
nullable: false,
})
public uuid: string;
@Column({
nullable: false,
unique: true,
})
email: string;
@Column({
nullable: false,
})
jobTitle: string;
@Column({
nullable: false,
enum: Object.values(UserStatusEnum),
})
status: string;
@Column()
public firstName: string;
@Column({
nullable: false,
})
public lastName: string;
@Column({
nullable: false,
})
public phoneNumber: string;
@Column({
nullable: false,
default: true,
})
public isEnabled: boolean;
@Column({
nullable: false,
default: true,
})
public isActive: boolean;
@Column({
nullable: false,
unique: true,
})
public invitationCode: string;
@Column({
nullable: false,
enum: Object.values(RoleType),
})
public invitedBy: string;
@ManyToOne(() => RoleTypeEntity, (roleType) => roleType.invitedUsers, {
nullable: false,
onDelete: 'CASCADE',
})
public roleType: RoleTypeEntity;
@OneToOne(() => UserEntity, (user) => user.inviteUser, { nullable: true })
@JoinColumn({ name: 'user_uuid' })
user: UserEntity;
@OneToMany(
() => InviteUserSpaceEntity,
(inviteUserSpace) => inviteUserSpace.inviteUser,
)
spaces: InviteUserSpaceEntity[];
constructor(partial: Partial<InviteUserEntity>) {
super();
Object.assign(this, partial);
}
}
@Entity({ name: 'invite-user-space' })
@Unique(['inviteUser', 'space'])
export class InviteUserSpaceEntity extends AbstractEntity<InviteUserSpaceDto> {
@Column({
type: 'uuid',
default: () => 'gen_random_uuid()',
nullable: false,
})
public uuid: string;
@ManyToOne(() => InviteUserEntity, (inviteUser) => inviteUser.spaces)
@JoinColumn({ name: 'invite_user_uuid' })
public inviteUser: InviteUserEntity;
@ManyToOne(() => SpaceEntity, (space) => space.invitedUsers)
@JoinColumn({ name: 'space_uuid' })
public space: SpaceEntity;
constructor(partial: Partial<InviteUserSpaceEntity>) {
super();
Object.assign(this, partial);
}
}

1
libs/common/src/modules/Invite-user/entities/index.ts Normal file
View File

@ -0,0 +1 @@
export * from './invite-user.entity';

16
libs/common/src/modules/Invite-user/repositories/Invite-user.repository.ts Normal file
View File

@ -0,0 +1,16 @@
import { DataSource, Repository } from 'typeorm';
import { Injectable } from '@nestjs/common';
import { InviteUserEntity, InviteUserSpaceEntity } from '../entities';
@Injectable()
export class InviteUserRepository extends Repository<InviteUserEntity> {
constructor(private dataSource: DataSource) {
super(InviteUserEntity, dataSource.createEntityManager());
}
}
@Injectable()
export class InviteUserSpaceRepository extends Repository<InviteUserSpaceEntity> {
constructor(private dataSource: DataSource) {
super(InviteUserSpaceEntity, dataSource.createEntityManager());
}
}

1
libs/common/src/modules/Invite-user/repositories/index.ts Normal file
View File

@ -0,0 +1 @@
export * from './invite-user.repository';

4
libs/common/src/modules/project/entities/project.entity.ts
View File

@ -3,6 +3,7 @@ import { AbstractEntity } from '../../abstract/entities/abstract.entity';
import { ProjectDto } from '../dtos';
import { CommunityEntity } from '../../community/entities';
import { SpaceModelEntity } from '../../space-model';
import { UserEntity } from '../../user/entities';
@Entity({ name: 'project' })
@Unique(['name'])
@ -28,6 +29,9 @@ export class ProjectEntity extends AbstractEntity<ProjectDto> {
@OneToMany(() => CommunityEntity, (community) => community.project)
communities: CommunityEntity[];
@OneToMany(() => UserEntity, (user) => user.project)
public users: UserEntity[];
constructor(partial: Partial<ProjectEntity>) {
super();
Object.assign(this, partial);

11
libs/common/src/modules/role-type/entities/role.type.entity.ts
View File

@ -2,7 +2,8 @@ import { Column, Entity, OneToMany, Unique } from 'typeorm';
import { AbstractEntity } from '../../abstract/entities/abstract.entity';
import { RoleTypeDto } from '../dtos/role.type.dto';
import { RoleType } from '@app/common/constants/role.type.enum';
import { UserRoleEntity } from '../../user/entities';
import { UserEntity } from '../../user/entities';
import { InviteUserEntity } from '../../invite-user/entities';
@Entity({ name: 'role-type' })
@Unique(['type'])
@ -12,10 +13,14 @@ export class RoleTypeEntity extends AbstractEntity<RoleTypeDto> {
enum: Object.values(RoleType),
})
type: string;
@OneToMany(() => UserRoleEntity, (role) => role.roleType, {
@OneToMany(() => UserEntity, (inviteUser) => inviteUser.roleType, {
nullable: true,
})
roles: UserRoleEntity[];
users: UserEntity[];
@OneToMany(() => InviteUserEntity, (inviteUser) => inviteUser.roleType, {
nullable: true,
})
invitedUsers: InviteUserEntity[];
constructor(partial: Partial<RoleTypeEntity>) {
super();
Object.assign(this, partial);

7
libs/common/src/modules/space/entities/space.entity.ts
View File

@ -15,6 +15,7 @@ import { SubspaceEntity } from './subspace.entity';
import { SpaceLinkEntity } from './space-link.entity';
import { SpaceProductEntity } from './space-product.entity';
import { SceneEntity } from '../../scene/entities';
import { InviteUserSpaceEntity } from '../../invite-user/entities';
@Entity({ name: 'space' })
@Unique(['invitationCode'])
@ -97,7 +98,11 @@ export class SpaceEntity extends AbstractEntity<SpaceDto> {
@OneToMany(() => SceneEntity, (scene) => scene.space)
scenes: SceneEntity[];
@OneToMany(
() => InviteUserSpaceEntity,
(inviteUserSpace) => inviteUserSpace.space,
)
invitedUsers: InviteUserSpaceEntity[];
constructor(partial: Partial<SpaceEntity>) {
super();
Object.assign(this, partial);

14
libs/common/src/modules/user/dtos/user.dto.ts
View File

@ -58,20 +58,6 @@ export class UserOtpDto {
public expiryTime: string;
}
export class UserRoleDto {
@IsString()
@IsNotEmpty()
public uuid: string;
@IsString()
@IsNotEmpty()
public userUuid: string;
@IsString()
@IsNotEmpty()
public roleTypeUuid: string;
}
export class UserSpaceDto {
@IsString()
@IsNotEmpty()

46
libs/common/src/modules/user/entities/user.entity.ts
View File

@ -2,15 +2,16 @@ import {
Column,
DeleteDateColumn,
Entity,
JoinColumn,
ManyToOne,
OneToMany,
OneToOne,
Unique,
} from 'typeorm';
import {
UserDto,
UserNotificationDto,
UserOtpDto,
UserRoleDto,
UserSpaceDto,
} from '../dtos';
import { AbstractEntity } from '../../abstract/entities/abstract.entity';
@ -26,6 +27,8 @@ import { OtpType } from '../../../../src/constants/otp-type.enum';
import { RoleTypeEntity } from '../../role-type/entities';
import { SpaceEntity } from '../../space/entities';
import { VisitorPasswordEntity } from '../../visitor-password/entities';
import { InviteUserEntity } from '../../invite-user/entities';
import { ProjectEntity } from '../../project/entities';
@Entity({ name: 'user' })
export class UserEntity extends AbstractEntity<UserDto> {
@ -100,10 +103,7 @@ export class UserEntity extends AbstractEntity<UserDto> {
(deviceUserNotification) => deviceUserNotification.user,
)
deviceUserNotification: DeviceNotificationEntity[];
@OneToMany(() => UserRoleEntity, (role) => role.user, {
nullable: true,
})
roles: UserRoleEntity[];
@ManyToOne(() => RegionEntity, (region) => region.users, { nullable: true })
region: RegionEntity;
@ManyToOne(() => TimeZoneEntity, (timezone) => timezone.users, {
@ -116,6 +116,21 @@ export class UserEntity extends AbstractEntity<UserDto> {
)
public visitorPasswords: VisitorPasswordEntity[];
@ManyToOne(() => RoleTypeEntity, (roleType) => roleType.users, {
nullable: false,
})
public roleType: RoleTypeEntity;
@OneToOne(() => InviteUserEntity, (inviteUser) => inviteUser.user, {
nullable: true,
})
@JoinColumn({ name: 'invite_user_uuid' })
inviteUser: InviteUserEntity;
@ManyToOne(() => ProjectEntity, (project) => project.users, {
nullable: true,
})
@JoinColumn({ name: 'project_uuid' })
public project: ProjectEntity;
constructor(partial: Partial<UserEntity>) {
super();
Object.assign(this, partial);
@ -125,7 +140,7 @@ export class UserEntity extends AbstractEntity<UserDto> {
@Entity({ name: 'user-notification' })
@Unique(['user', 'subscriptionUuid'])
export class UserNotificationEntity extends AbstractEntity<UserNotificationDto> {
@ManyToOne(() => UserEntity, (user) => user.roles, {
@ManyToOne(() => UserEntity, (user) => user.roleType, {
nullable: false,
})
user: UserEntity;
@ -178,25 +193,6 @@ export class UserOtpEntity extends AbstractEntity<UserOtpDto> {
}
}
@Entity({ name: 'user-role' })
@Unique(['user', 'roleType'])
export class UserRoleEntity extends AbstractEntity<UserRoleDto> {
@ManyToOne(() => UserEntity, (user) => user.roles, {
nullable: false,
})
user: UserEntity;
@ManyToOne(() => RoleTypeEntity, (roleType) => roleType.roles, {
nullable: false,
})
roleType: RoleTypeEntity;
constructor(partial: Partial<UserRoleEntity>) {
super();
Object.assign(this, partial);
}
}
@Entity({ name: 'user-space' })
@Unique(['user', 'space'])
export class UserSpaceEntity extends AbstractEntity<UserSpaceDto> {

8
libs/common/src/modules/user/repositories/user.repository.ts
View File

@ -4,7 +4,6 @@ import {
UserEntity,
UserNotificationEntity,
UserOtpEntity,
UserRoleEntity,
UserSpaceEntity,
} from '../entities/';
@ -29,13 +28,6 @@ export class UserOtpRepository extends Repository<UserOtpEntity> {
}
}
@Injectable()
export class UserRoleRepository extends Repository<UserRoleEntity> {
constructor(private dataSource: DataSource) {
super(UserRoleEntity, dataSource.createEntityManager());
}
}
@Injectable()
export class UserSpaceRepository extends Repository<UserSpaceEntity> {
constructor(private dataSource: DataSource) {

2
libs/common/src/modules/user/user.repository.module.ts
View File

@ -4,7 +4,6 @@ import {
UserEntity,
UserNotificationEntity,
UserOtpEntity,
UserRoleEntity,
UserSpaceEntity,
} from './entities';
@ -17,7 +16,6 @@ import {
UserEntity,
UserNotificationEntity,
UserOtpEntity,
UserRoleEntity,
UserSpaceEntity,
]),
],

2
libs/common/src/seed/seeder.module.ts
View File

@ -10,7 +10,6 @@ import { RoleTypeSeeder } from './services/role.type.seeder';
import { SpaceRepositoryModule } from '../modules/space/space.repository.module';
import { SuperAdminSeeder } from './services/supper.admin.seeder';
import { UserRepository } from '../modules/user/repositories';
import { UserRoleRepository } from '../modules/user/repositories';
import { UserRepositoryModule } from '../modules/user/user.repository.module';
import { RegionSeeder } from './services/regions.seeder';
import { RegionRepository } from '../modules/region/repositories';
@ -28,7 +27,6 @@ import { SceneIconRepository } from '../modules/scene/repositories';
RoleTypeRepository,
SuperAdminSeeder,
UserRepository,
UserRoleRepository,
RegionSeeder,
RegionRepository,
TimeZoneSeeder,

7
libs/common/src/seed/services/role.type.seeder.ts
View File

@ -19,7 +19,12 @@ export class RoleTypeSeeder {
if (!roleTypeNames.includes(RoleType.ADMIN)) {
missingRoleTypes.push(RoleType.ADMIN);
}
if (!roleTypeNames.includes(RoleType.SPACE_OWNER)) {
missingRoleTypes.push(RoleType.SPACE_OWNER);
}
if (!roleTypeNames.includes(RoleType.SPACE_MEMBER)) {
missingRoleTypes.push(RoleType.SPACE_MEMBER);
}
if (missingRoleTypes.length > 0) {
await this.addRoleTypeData(missingRoleTypes);
}

25
libs/common/src/seed/services/supper.admin.seeder.ts
View File

@ -1,7 +1,6 @@
import { Injectable } from '@nestjs/common';
import { UserRepository } from '@app/common/modules/user/repositories';
import { RoleType } from '@app/common/constants/role.type.enum';
import { UserRoleRepository } from '@app/common/modules/user/repositories';
import { RoleTypeRepository } from '@app/common/modules/role-type/repositories';
import { ConfigService } from '@nestjs/config';
import { HelperHashService } from '../../helper/services';
@ -11,19 +10,23 @@ export class SuperAdminSeeder {
constructor(
private readonly configService: ConfigService,
private readonly userRepository: UserRepository,
private readonly userRoleRepository: UserRoleRepository,
private readonly roleTypeRepository: RoleTypeRepository,
private readonly helperHashService: HelperHashService,
) {}
async createSuperAdminIfNotFound(): Promise<void> {
try {
const superAdminData = await this.userRoleRepository.find({
where: { roleType: { type: RoleType.SUPER_ADMIN } },
const superAdmin = await this.userRepository.findOne({
where: {
roleType: { type: RoleType.SUPER_ADMIN },
email: this.configService.get<string>(
'super-admin.SUPER_ADMIN_EMAIL',
),
},
relations: ['roleType'],
});
if (superAdminData.length <= 0) {
if (!superAdmin) {
// Create the super admin user if not found
console.log('Creating super admin user...');
@ -48,20 +51,16 @@ export class SuperAdminSeeder {
salt,
);
try {
const user = await this.userRepository.save({
const defaultUserRoleUuid = await this.getRoleUuidByRoleType(
RoleType.SUPER_ADMIN,
);
await this.userRepository.save({
email: this.configService.get<string>('super-admin.SUPER_ADMIN_EMAIL'),
password: hashedPassword,
firstName: 'Super',
lastName: 'Admin',
isUserVerified: true,
isActive: true,
});
const defaultUserRoleUuid = await this.getRoleUuidByRoleType(
RoleType.SUPER_ADMIN,
);
await this.userRoleRepository.save({
user: { uuid: user.uuid },
roleType: { uuid: defaultUserRoleUuid },
});
} catch (err) {

6
src/app.module.ts
View File

@ -7,7 +7,6 @@ import { GroupModule } from './group/group.module';
import { DeviceModule } from './device/device.module';
import { UserDevicePermissionModule } from './user-device-permission/user-device-permission.module';
import { CommunityModule } from './community/community.module';
import { RoleModule } from './role/role.module';
import { SeederModule } from '@app/common/seed/seeder.module';
import { UserNotificationModule } from './user-notification/user-notification.module';
import { DeviceMessagesSubscriptionModule } from './device-messages/device-messages.module';
@ -24,6 +23,8 @@ import { SpaceModule } from './space/space.module';
import { ProductModule } from './product';
import { ProjectModule } from './project';
import { SpaceModelModule } from './space-model';
import { InviteUserModule } from './invite-user/invite-user.module';
import { PermissionModule } from './permission/permission.module';
@Module({
imports: [
ConfigModule.forRoot({
@ -31,7 +32,7 @@ import { SpaceModelModule } from './space-model';
}),
AuthenticationModule,
UserModule,
RoleModule,
InviteUserModule,
CommunityModule,
SpaceModule,
@ -51,6 +52,7 @@ import { SpaceModelModule } from './space-model';
ScheduleModule,
ProductModule,
ProjectModule,
PermissionModule,
],
providers: [
{

6
src/auth/auth.module.ts
View File

@ -6,10 +6,7 @@ import { UserAuthController } from './controllers';
import { UserAuthService } from './services';
import { UserRepository } from '@app/common/modules/user/repositories';
import { UserSessionRepository } from '@app/common/modules/session/repositories/session.repository';
import {
UserRoleRepository,
UserOtpRepository,
} from '@app/common/modules/user/repositories';
import { UserOtpRepository } from '@app/common/modules/user/repositories';
import { RoleTypeRepository } from '@app/common/modules/role-type/repositories';
@Module({
@ -20,7 +17,6 @@ import { RoleTypeRepository } from '@app/common/modules/role-type/repositories';
UserRepository,
UserSessionRepository,
UserOtpRepository,
UserRoleRepository,
RoleTypeRepository,
],
exports: [UserAuthService],

5
src/auth/services/user-auth.service.ts
View File

@ -134,13 +134,12 @@ export class UserAuthService {
isLoggedOut: false,
}),
]);
const res = await this.authService.login({
email: user.email,
userId: user.uuid,
uuid: user.uuid,
roles: user?.roles?.map((role) => {
return { uuid: role.uuid, type: role.roleType.type };
}),
role: user.roleType,
sessionId: session[1].uuid,
});
return res;

21
src/automation/controllers/automation.controller.ts
View File

@ -16,10 +16,11 @@ import {
UpdateAutomationDto,
UpdateAutomationStatusDto,
} from '../dtos/automation.dto';
import { JwtAuthGuard } from '@app/common/guards/jwt.auth.guard';
import { EnableDisableStatusEnum } from '@app/common/constants/days.enum';
import { AutomationParamDto, SpaceParamDto } from '../dtos';
import { ControllerRoute } from '@app/common/constants/controller-route';
import { PermissionsGuard } from 'src/guards/permissions.guard';
import { Permissions } from 'src/decorators/permissions.decorator';
@ApiTags('Automation Module')
@Controller({
@ -30,7 +31,8 @@ export class AutomationController {
constructor(private readonly automationService: AutomationService) {}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('AUTOMATION_ADD')
@Post()
@ApiOperation({
summary: ControllerRoute.AUTOMATION.ACTIONS.ADD_AUTOMATION_SUMMARY,
@ -48,7 +50,8 @@ export class AutomationController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('AUTOMATION_VIEW')
@Get(':spaceUuid')
@ApiOperation({
summary: ControllerRoute.AUTOMATION.ACTIONS.GET_AUTOMATION_BY_SPACE_SUMMARY,
@ -63,7 +66,8 @@ export class AutomationController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('AUTOMATION_VIEW')
@Get('details/:automationUuid')
@ApiOperation({
summary: ControllerRoute.AUTOMATION.ACTIONS.GET_AUTOMATION_DETAILS_SUMMARY,
@ -78,7 +82,8 @@ export class AutomationController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('AUTOMATION_DELETE')
@Delete(':automationUuid')
@ApiOperation({
summary: ControllerRoute.AUTOMATION.ACTIONS.DELETE_AUTOMATION_SUMMARY,
@ -94,7 +99,8 @@ export class AutomationController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('AUTOMATION_UPDATE')
@Put(':automationUuid')
@ApiOperation({
summary: ControllerRoute.AUTOMATION.ACTIONS.UPDATE_AUTOMATION_SUMMARY,
@ -118,7 +124,8 @@ export class AutomationController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('AUTOMATION_UPDATE')
@Put('status/:automationUuid')
@ApiOperation({
summary:

18
src/community/controllers/community.controller.ts
View File

@ -15,11 +15,12 @@ import { AddCommunityDto } from '../dtos/add.community.dto';
import { GetCommunityParams } from '../dtos/get.community.dto';
import { UpdateCommunityNameDto } from '../dtos/update.community.dto';
// import { CheckUserCommunityGuard } from 'src/guards/user.community.guard';
import { JwtAuthGuard } from '@app/common/guards/jwt.auth.guard';
import { ControllerRoute } from '@app/common/constants/controller-route';
import { BaseResponseDto } from '@app/common/dto/base.response.dto';
import { PaginationRequestGetListDto } from '@app/common/dto/pagination.request.dto';
import { ProjectParam } from '../dtos';
import { PermissionsGuard } from 'src/guards/permissions.guard';
import { Permissions } from 'src/decorators/permissions.decorator';
@ApiTags('Community Module')
@Controller({
@ -30,7 +31,8 @@ export class CommunityController {
constructor(private readonly communityService: CommunityService) {}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('COMMUNITY_ADD')
@Post()
@ApiOperation({
summary: ControllerRoute.COMMUNITY.ACTIONS.CREATE_COMMUNITY_SUMMARY,
@ -44,7 +46,8 @@ export class CommunityController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('COMMUNITY_VIEW')
@ApiOperation({
summary: ControllerRoute.COMMUNITY.ACTIONS.GET_COMMUNITY_BY_ID_SUMMARY,
description:
@ -58,7 +61,8 @@ export class CommunityController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('COMMUNITY_VIEW')
@ApiOperation({
summary: ControllerRoute.COMMUNITY.ACTIONS.LIST_COMMUNITY_SUMMARY,
description: ControllerRoute.COMMUNITY.ACTIONS.LIST_COMMUNITY_DESCRIPTION,
@ -72,7 +76,8 @@ export class CommunityController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('COMMUNITY_UPDATE')
@ApiOperation({
summary: ControllerRoute.COMMUNITY.ACTIONS.UPDATE_COMMUNITY_SUMMARY,
description: ControllerRoute.COMMUNITY.ACTIONS.UPDATE_COMMUNITY_DESCRIPTION,
@ -86,7 +91,8 @@ export class CommunityController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('COMMUNITY_DELETE')
@Delete('/:communityUuid')
@ApiOperation({
summary: ControllerRoute.COMMUNITY.ACTIONS.DELETE_COMMUNITY_SUMMARY,

4
src/decorators/permissions.decorator.ts Normal file
View File

@ -0,0 +1,4 @@
import { SetMetadata } from '@nestjs/common';
export const Permissions = (...permissions: string[]) =>
SetMetadata('permissions', permissions);

64
src/device/controllers/device.controller.ts
View File

@ -28,15 +28,15 @@ import {
GetSceneFourSceneDeviceDto,
} from '../dtos/control.device.dto';
import { CheckRoomGuard } from 'src/guards/room.guard';
import { JwtAuthGuard } from '@app/common/guards/jwt.auth.guard';
import { CheckDeviceGuard } from 'src/guards/device.guard';
import { SuperAdminRoleGuard } from 'src/guards/super.admin.role.guard';
import { EnableDisableStatusEnum } from '@app/common/constants/days.enum';
import { CheckFourAndSixSceneDeviceTypeGuard } from 'src/guards/scene.device.type.guard';
import { ControllerRoute } from '@app/common/constants/controller-route';
import { BaseResponseDto } from '@app/common/dto/base.response.dto';
import { DeviceSceneParamDto } from '../dtos/device.param.dto';
import { DeleteSceneFromSceneDeviceDto } from '../dtos/delete.device.dto';
import { PermissionsGuard } from 'src/guards/permissions.guard';
import { Permissions } from 'src/decorators/permissions.decorator';
@ApiTags('Device Module')
@Controller({
@ -46,7 +46,8 @@ import { DeleteSceneFromSceneDeviceDto } from '../dtos/delete.device.dto';
export class DeviceController {
constructor(private readonly deviceService: DeviceService) {}
@ApiBearerAuth()
@UseGuards(SuperAdminRoleGuard, CheckDeviceGuard)
@UseGuards(PermissionsGuard, CheckDeviceGuard)
@Permissions('ASSIGN_DEVICE_TO_SPACE')
@Post()
@ApiOperation({
summary: ControllerRoute.DEVICE.ACTIONS.ADD_DEVICE_TO_USER_SUMMARY,
@ -63,7 +64,8 @@ export class DeviceController {
};
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('DEVICE_VIEW')
@Get('user/:userUuid')
@ApiOperation({
summary: ControllerRoute.DEVICE.ACTIONS.GET_DEVICES_BY_USER_SUMMARY,
@ -74,7 +76,8 @@ export class DeviceController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('VIEW_DEVICE_IN_SPACE')
@Get('space/:spaceUuid')
@ApiOperation({
summary: ControllerRoute.DEVICE.ACTIONS.GET_DEVICES_BY_SPACE_UUID_SUMMARY,
@ -85,7 +88,8 @@ export class DeviceController {
return await this.deviceService.getDevicesBySpaceUuid(spaceUuid);
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard, CheckRoomGuard)
@UseGuards(PermissionsGuard, CheckRoomGuard)
@Permissions('UPDATE_DEVICE_IN_SUBSPACE')
@Put('space')
@ApiOperation({
summary: ControllerRoute.DEVICE.ACTIONS.UPDATE_DEVICE_IN_ROOM_SUMMARY,
@ -108,7 +112,8 @@ export class DeviceController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('DEVICE_VIEW')
@Get(':deviceUuid')
@ApiOperation({
summary: ControllerRoute.DEVICE.ACTIONS.GET_DEVICE_DETAILS_SUMMARY,
@ -125,7 +130,8 @@ export class DeviceController {
);
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('DEVICE_UPDATE')
@Put(':deviceUuid')
@ApiOperation({
summary: ControllerRoute.DEVICE.ACTIONS.UPDATE_DEVICE_SUMMARY,
@ -149,7 +155,8 @@ export class DeviceController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('DEVICE_VIEW')
@Get(':deviceUuid/functions')
@ApiOperation({
summary: ControllerRoute.DEVICE.ACTIONS.GET_DEVICE_INSTRUCTION_SUMMARY,
@ -162,7 +169,8 @@ export class DeviceController {
return await this.deviceService.getDeviceInstructionByDeviceId(deviceUuid);
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('DEVICE_VIEW')
@Get(':deviceUuid/functions/status')
@ApiOperation({
summary: ControllerRoute.DEVICE.ACTIONS.GET_DEVICE_STATUS_SUMMARY,
@ -173,7 +181,8 @@ export class DeviceController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('DEVICE_SINGLE_CONTROL')
@Post(':deviceUuid/control')
@ApiOperation({
summary: ControllerRoute.DEVICE.ACTIONS.CONTROL_DEVICE_SUMMARY,
@ -186,7 +195,8 @@ export class DeviceController {
return await this.deviceService.controlDevice(controlDeviceDto, deviceUuid);
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('FIRMWARE_CONTROL')
@Post(':deviceUuid/firmware/:firmwareVersion')
@ApiOperation({
summary: ControllerRoute.DEVICE.ACTIONS.UPDATE_DEVICE_FIRMWARE_SUMMARY,
@ -203,7 +213,8 @@ export class DeviceController {
);
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('DEVICE_VIEW')
@Get('gateway/:gatewayUuid/devices')
@ApiOperation({
summary: ControllerRoute.DEVICE.ACTIONS.GET_DEVICES_IN_GATEWAY_SUMMARY,
@ -214,7 +225,8 @@ export class DeviceController {
return await this.deviceService.getDevicesInGateway(gatewayUuid);
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('DEVICE_VIEW')
@Get()
@ApiOperation({
summary: ControllerRoute.DEVICE.ACTIONS.GET_ALL_DEVICES_SUMMARY,
@ -225,7 +237,8 @@ export class DeviceController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('DEVICE_VIEW')
@Get('report-logs/:deviceUuid')
@ApiOperation({
summary: ControllerRoute.DEVICE.ACTIONS.GET_DEVICE_LOGS_SUMMARY,
@ -238,7 +251,8 @@ export class DeviceController {
return await this.deviceService.getDeviceLogs(deviceUuid, query);
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('DEVICE_BATCH_CONTROL')
@Post('control/batch')
@ApiOperation({
summary: ControllerRoute.DEVICE.ACTIONS.BATCH_CONTROL_DEVICES_SUMMARY,
@ -251,7 +265,8 @@ export class DeviceController {
return await this.deviceService.batchControlDevices(batchControlDevicesDto);
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('DEVICE_BATCH_CONTROL')
@Get('status/batch')
@ApiOperation({
summary: ControllerRoute.DEVICE.ACTIONS.BATCH_STATUS_DEVICES_SUMMARY,
@ -264,7 +279,8 @@ export class DeviceController {
return await this.deviceService.batchStatusDevices(batchStatusDevicesDto);
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('DEVICE_DELETE')
@Post('factory/reset/:deviceUuid')
@ApiOperation({
summary: ControllerRoute.DEVICE.ACTIONS.BATCH_FACTORY_RESET_DEVICES_SUMMARY,
@ -279,7 +295,8 @@ export class DeviceController {
);
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('DEVICE_VIEW')
@Get(':powerClampUuid/power-clamp/status')
@ApiOperation({
summary: ControllerRoute.DEVICE.ACTIONS.GET_POWER_CLAMP_STATUS_SUMMARY,
@ -294,7 +311,8 @@ export class DeviceController {
);
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard, CheckFourAndSixSceneDeviceTypeGuard)
@UseGuards(PermissionsGuard, CheckFourAndSixSceneDeviceTypeGuard)
@Permissions('DEVICE_SINGLE_CONTROL')
@ApiOperation({
summary: ControllerRoute.DEVICE.ACTIONS.ADD_SCENE_TO_DEVICE_SUMMARY,
description: ControllerRoute.DEVICE.ACTIONS.ADD_SCENE_TO_DEVICE_DESCRIPTION,
@ -317,7 +335,8 @@ export class DeviceController {
};
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard, CheckFourAndSixSceneDeviceTypeGuard)
@UseGuards(PermissionsGuard, CheckFourAndSixSceneDeviceTypeGuard)
@Permissions('DEVICE_VIEW')
@Get(':deviceUuid/scenes')
@ApiOperation({
summary: ControllerRoute.DEVICE.ACTIONS.GET_SCENES_BY_DEVICE_SUMMARY,
@ -334,7 +353,8 @@ export class DeviceController {
);
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('DEVICE_DELETE')
@Delete(':deviceUuid/scenes')
@ApiOperation({
summary:

9
src/group/controllers/group.controller.ts
View File

@ -1,9 +1,10 @@
import { GroupService } from '../services/group.service';
import { Controller, Get, UseGuards, Param, Req } from '@nestjs/common';
import { ApiTags, ApiBearerAuth, ApiOperation } from '@nestjs/swagger';
import { JwtAuthGuard } from '@app/common/guards/jwt.auth.guard';
import { EnableDisableStatusEnum } from '@app/common/constants/days.enum';
import { ControllerRoute } from '@app/common/constants/controller-route'; // Assuming this is where the routes are defined
import { PermissionsGuard } from 'src/guards/permissions.guard';
import { Permissions } from 'src/decorators/permissions.decorator';
@ApiTags('Group Module')
@Controller({
@ -14,7 +15,8 @@ export class GroupController {
constructor(private readonly groupService: GroupService) {}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('VIEW_DEVICE_WIZARD')
@Get(':spaceUuid')
@ApiOperation({
summary: ControllerRoute.GROUP.ACTIONS.GET_GROUPS_BY_SPACE_UUID_SUMMARY,
@ -26,7 +28,8 @@ export class GroupController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('VIEW_DEVICE_WIZARD')
@Get(':spaceUuid/devices/:groupName')
@ApiOperation({
summary:

11
src/guards/admin.role.guard.ts
View File

@ -7,11 +7,12 @@ export class AdminRoleGuard extends AuthGuard('jwt') {
if (err || !user) {
throw err || new UnauthorizedException();
} else {
const isAdmin = user.roles.some(
(role) =>
role.type === RoleType.SUPER_ADMIN || role.type === RoleType.ADMIN,
);
if (!isAdmin) {
if (
!(
user.role.type === RoleType.ADMIN ||
user.role.type === RoleType.SUPER_ADMIN
)
) {
throw new BadRequestException('Only admin role can access this route');
}
}

8
src/guards/community.permission.guard.ts
View File

@ -20,10 +20,10 @@ export class CommunityPermissionGuard implements CanActivate {
if (
user &&
user.roles &&
user.roles.some(
(role) =>
role.type === RoleType.ADMIN || role.type === RoleType.SUPER_ADMIN,
user.role &&
!(
user.role.type === RoleType.ADMIN ||
user.role.type === RoleType.SUPER_ADMIN
)
) {
return true;

43
src/guards/permissions.guard.ts Normal file
View File

@ -0,0 +1,43 @@
import { Injectable, ExecutionContext } from '@nestjs/common';
import { AuthGuard } from '@nestjs/passport';
import { Reflector } from '@nestjs/core';
import { RolePermissions } from '@app/common/constants/role-permissions';
import { RoleType } from '@app/common/constants/role.type.enum';
@Injectable()
export class PermissionsGuard extends AuthGuard('jwt') {
constructor(private reflector: Reflector) {
super();
}
async canActivate(context: ExecutionContext): Promise<boolean> {
// First, run the AuthGuard logic to validate the JWT
const isAuthenticated = await super.canActivate(context);
if (!isAuthenticated) {
return false;
}
// Authorization logic
const requiredPermissions = this.reflector.get<string[]>(
'permissions',
context.getHandler(),
);
if (!requiredPermissions) {
return true; // Allow if no permissions are specified
}
const request = context.switchToHttp().getRequest();
const user = request.user; // User is now available after AuthGuard
const userRole = user?.role.type as RoleType;
if (!userRole || !RolePermissions[userRole]) {
return false; // Deny if role or permissions are missing
}
const userPermissions = RolePermissions[userRole];
// Check if the user has the required permissions
return requiredPermissions.every((perm) => userPermissions.includes(perm));
}
}

5
src/guards/super.admin.role.guard.ts
View File

@ -7,10 +7,7 @@ export class SuperAdminRoleGuard extends AuthGuard('jwt') {
if (err || !user) {
throw err || new UnauthorizedException();
} else {
const isSuperAdmin = user.roles.some(
(role) => role.type === RoleType.SUPER_ADMIN,
);
if (!isSuperAdmin) {
if (!(user.role.type === RoleType.SUPER_ADMIN)) {
throw new BadRequestException(
'Only super admin role can access this route',
);

1
src/invite-user/controllers/index.ts Normal file
View File

@ -0,0 +1 @@
export * from './invite-user.controller';

37
src/invite-user/controllers/invite-user.controller.ts Normal file
View File

@ -0,0 +1,37 @@
import { InviteUserService } from '../services/invite-user.service';
import { Body, Controller, Post, Req, UseGuards } from '@nestjs/common';
import { ApiTags, ApiBearerAuth, ApiOperation } from '@nestjs/swagger';
import { AddUserInvitationDto } from '../dtos/add.invite-user.dto';
import { ControllerRoute } from '@app/common/constants/controller-route';
import { BaseResponseDto } from '@app/common/dto/base.response.dto';
import { PermissionsGuard } from 'src/guards/permissions.guard';
import { Permissions } from 'src/decorators/permissions.decorator';
@ApiTags('Invite User Module')
@Controller({
version: '1',
path: ControllerRoute.INVITE_USER.ROUTE,
})
export class InviteUserController {
constructor(private readonly inviteUserService: InviteUserService) {}
@ApiBearerAuth()
@UseGuards(PermissionsGuard)
@Permissions('USER_ADD')
@Post()
@ApiOperation({
summary: ControllerRoute.INVITE_USER.ACTIONS.CREATE_USER_INVITATION_SUMMARY,
description:
ControllerRoute.INVITE_USER.ACTIONS.CREATE_USER_INVITATION_DESCRIPTION,
})
async createUserInvitation(
@Body() addUserInvitationDto: AddUserInvitationDto,
@Req() request: any,
): Promise<BaseResponseDto> {
const user = request.user;
return await this.inviteUserService.createUserInvitation(
addUserInvitationDto,
user.role.type,
);
}
}

75
src/invite-user/dtos/add.invite-user.dto.ts Normal file
View File

@ -0,0 +1,75 @@
import { ApiProperty } from '@nestjs/swagger';
import {
ArrayMinSize,
IsArray,
IsNotEmpty,
IsOptional,
IsString,
} from 'class-validator';
export class AddUserInvitationDto {
@ApiProperty({
description: 'The first name of the user',
example: 'John',
required: true,
})
@IsString()
@IsNotEmpty()
public firstName: string;
@ApiProperty({
description: 'The last name of the user',
example: 'Doe',
required: true,
})
@IsString()
@IsNotEmpty()
public lastName: string;
@ApiProperty({
description: 'The email of the user',
example: 'OqM9A@example.com',
required: true,
})
@IsString()
@IsNotEmpty()
public email: string;
@ApiProperty({
description: 'The job title of the user',
example: 'Software Engineer',
required: true,
})
@IsString()
@IsNotEmpty()
public jobTitle: string;
@ApiProperty({
description: 'The phone number of the user',
example: '+1234567890',
required: true,
})
@IsString()
@IsOptional()
public phoneNumber?: string;
@ApiProperty({
description: 'The role uuid of the user',
example: 'd290f1ee-6c54-4b01-90e6-d701748f0851',
required: true,
})
@IsString()
@IsNotEmpty()
public roleUuid: string;
@ApiProperty({
description: 'The array of space UUIDs (at least one required)',
example: ['b5f3c9d2-58b7-4377-b3f7-60acb711d5d9'],
required: true,
})
@IsArray()
@ArrayMinSize(1)
public spaceUuids: string[];
constructor(dto: Partial<AddUserInvitationDto>) {
Object.assign(this, dto);
}
}

1
src/invite-user/dtos/index.ts Normal file
View File

@ -0,0 +1 @@
export * from './add.invite-user.dto';

23
src/invite-user/invite-user.module.ts Normal file
View File

@ -0,0 +1,23 @@
import { Module } from '@nestjs/common';
import { InviteUserService } from './services/invite-user.service';
import { InviteUserController } from './controllers/invite-user.controller';
import { ConfigModule } from '@nestjs/config';
import {
InviteUserRepository,
InviteUserSpaceRepository,
} from '@app/common/modules/invite-user/repositories';
import { UserRepository } from '@app/common/modules/user/repositories';
import { InviteUserRepositoryModule } from '@app/common/modules/invite-user/invite-user.repository.module';
@Module({
imports: [ConfigModule, InviteUserRepositoryModule],
controllers: [InviteUserController],
providers: [
InviteUserService,
InviteUserRepository,
UserRepository,
InviteUserSpaceRepository,
],
exports: [InviteUserService],
})
export class InviteUserModule {}

1
src/invite-user/services/index.ts Normal file
View File

@ -0,0 +1 @@
export * from './invite-user.service';

106
src/invite-user/services/invite-user.service.ts Normal file
View File

@ -0,0 +1,106 @@
import { InviteUserSpaceRepository } from '../../../libs/common/src/modules/invite-user/repositories/invite-user.repository';
import { Injectable, HttpException, HttpStatus } from '@nestjs/common';
import { AddUserInvitationDto } from '../dtos';
import { BaseResponseDto } from '@app/common/dto/base.response.dto';
import { InviteUserRepository } from '@app/common/modules/invite-user/repositories';
import { UserStatusEnum } from '@app/common/constants/user-status.enum';
import { SuccessResponseDto } from '@app/common/dto/success.response.dto';
import { generateRandomString } from '@app/common/helper/randomString';
import { IsNull, Not } from 'typeorm';
import { DataSource } from 'typeorm';
import { UserEntity } from '@app/common/modules/user/entities';
import { RoleType } from '@app/common/constants/role.type.enum';
@Injectable()
export class InviteUserService {
constructor(
private readonly inviteUserRepository: InviteUserRepository,
private readonly inviteUserSpaceRepository: InviteUserSpaceRepository,
private readonly dataSource: DataSource,
) {}
async createUserInvitation(
dto: AddUserInvitationDto,
roleType: RoleType,
): Promise<BaseResponseDto> {
const {
firstName,
lastName,
email,
jobTitle,
phoneNumber,
roleUuid,
spaceUuids,
} = dto;
const invitationCode = generateRandomString(6);
const queryRunner = this.dataSource.createQueryRunner();
await queryRunner.startTransaction();
try {
const userRepo = queryRunner.manager.getRepository(UserEntity);
const user = await userRepo.findOne({
where: {
email,
project: Not(IsNull()),
},
});
if (user) {
throw new HttpException(
'User already has a project',
HttpStatus.BAD_REQUEST,
);
}
const inviteUser = this.inviteUserRepository.create({
firstName,
lastName,
email,
jobTitle,
phoneNumber,
roleType: { uuid: roleUuid },
status: UserStatusEnum.INVITED,
invitationCode,
invitedBy: roleType,
});
const invitedUser = await queryRunner.manager.save(inviteUser);
const spacePromises = spaceUuids.map(async (spaceUuid) => {
const inviteUserSpace = this.inviteUserSpaceRepository.create({
inviteUser: { uuid: invitedUser.uuid },
space: { uuid: spaceUuid },
});
return queryRunner.manager.save(inviteUserSpace);
});
await Promise.all(spacePromises);
await queryRunner.commitTransaction();
return new SuccessResponseDto({
statusCode: HttpStatus.CREATED,
success: true,
data: {
invitationCode: invitedUser.invitationCode,
},
message: 'User invited successfully',
});
} catch (error) {
await queryRunner.rollbackTransaction();
if (error instanceof HttpException) {
throw error;
}
console.error('Error creating user invitation:', error);
throw new HttpException(
error.message || 'An unexpected error occurred while inviting the user',
error.status || HttpStatus.INTERNAL_SERVER_ERROR,
);
} finally {
await queryRunner.release();
}
}
}

1
src/permission/controllers/index.ts Normal file
View File

@ -0,0 +1 @@
export * from './permission.controller';

24
src/permission/controllers/permission.controller.ts Normal file
View File

@ -0,0 +1,24 @@
import { Controller, Get, Param } from '@nestjs/common';
import { ApiTags, ApiOperation } from '@nestjs/swagger';
import { ControllerRoute } from '@app/common/constants/controller-route';
import { EnableDisableStatusEnum } from '@app/common/constants/days.enum';
import { PermissionService } from '../services';
@ApiTags('Permission Module')
@Controller({
version: EnableDisableStatusEnum.ENABLED,
path: ControllerRoute.PERMISSION.ROUTE,
})
export class PermissionController {
constructor(private readonly permissionService: PermissionService) {}
@Get(':roleUuid')
@ApiOperation({
summary: ControllerRoute.PERMISSION.ACTIONS.GET_PERMISSION_BY_ROLE_SUMMARY,
description:
ControllerRoute.PERMISSION.ACTIONS.GET_PERMISSION_BY_ROLE_DESCRIPTION,
})
async getPermissionsByRole(@Param('roleUuid') roleUuid: string) {
return await this.permissionService.getPermissionsByRole(roleUuid);
}
}

14
src/permission/permission.module.ts Normal file
View File

@ -0,0 +1,14 @@
import { Module } from '@nestjs/common';
import { ConfigModule } from '@nestjs/config';
import { CommonModule } from '@app/common';
import { PermissionController } from './controllers';
import { PermissionService } from './services';
import { RoleTypeRepository } from '@app/common/modules/role-type/repositories';
@Module({
imports: [ConfigModule, CommonModule],
controllers: [PermissionController],
providers: [PermissionService, RoleTypeRepository],
exports: [PermissionService],
})
export class PermissionModule {}

1
src/permission/services/index.ts Normal file
View File

@ -0,0 +1 @@
export * from './permission.service';

52
src/permission/services/permission.service.ts Normal file
View File

@ -0,0 +1,52 @@
import { PermissionMapping } from '@app/common/constants/permissions-mapping';
import { RolePermissions } from '@app/common/constants/role-permissions';
import { RoleType } from '@app/common/constants/role.type.enum';
import { RoleTypeRepository } from '@app/common/modules/role-type/repositories';
import { HttpException, HttpStatus, Injectable } from '@nestjs/common';
@Injectable()
export class PermissionService {
constructor(private readonly roleTypeRepository: RoleTypeRepository) {}
async getPermissionsByRole(roleUuid: string) {
try {
const role = await this.roleTypeRepository.findOne({
where: {
uuid: roleUuid,
},
});
if (!role) {
throw new HttpException('Role not found', HttpStatus.NOT_FOUND);
}
const permissions = this.mapPermissions(role.type.toString() as RoleType);
return permissions;
} catch (err) {
throw new HttpException(
err.message || 'Internal Server Error',
err.status || HttpStatus.INTERNAL_SERVER_ERROR,
);
}
}
mapPermissions(role: RoleType): any[] {
const rolePermissions = RolePermissions[role]; // Permissions for the role
const mappedPermissions = Object.entries(PermissionMapping).map(
([title, subOptions]) => ({
title,
subOptions: Object.entries(subOptions).map(
([subTitle, permissions]) => ({
title: subTitle,
subOptions: permissions.map((permission) => ({
title: permission,
isChecked: rolePermissions.includes(`${subTitle}_${permission}`), // Check if the role has the permission
})),
}),
),
}),
);
return mappedPermissions;
}
}

15
src/role/controllers/role.controller.ts
View File

@ -36,19 +36,4 @@ export class RoleController {
data: roleTypes,
};
}
@ApiBearerAuth()
@UseGuards(SuperAdminRoleGuard)
@Post()
@ApiOperation({
summary: ControllerRoute.ROLE.ACTIONS.ADD_USER_ROLE_SUMMARY,
description: ControllerRoute.ROLE.ACTIONS.ADD_USER_ROLE_DESCRIPTION,
})
async addUserRoleType(@Body() addUserRoleDto: AddUserRoleDto) {
await this.roleService.addUserRoleType(addUserRoleDto);
return {
statusCode: HttpStatus.OK,
message: 'User Role Added Successfully',
};
}
}

2
src/role/role.module.ts
View File

@ -7,7 +7,6 @@ import { RoleController } from './controllers/role.controller';
import { DeviceUserPermissionRepository } from '@app/common/modules/device/repositories';
import { PermissionTypeRepository } from '@app/common/modules/permission/repositories';
import { RoleTypeRepository } from '@app/common/modules/role-type/repositories';
import { UserRoleRepository } from '@app/common/modules/user/repositories';
@Module({
imports: [ConfigModule, DeviceRepositoryModule],
@ -18,7 +17,6 @@ import { UserRoleRepository } from '@app/common/modules/user/repositories';
DeviceRepository,
RoleService,
RoleTypeRepository,
UserRoleRepository,
],
exports: [RoleService],
})

53
src/role/services/role.service.ts
View File

@ -1,55 +1,16 @@
import { Injectable } from '@nestjs/common';
import { RoleTypeRepository } from './../../../libs/common/src/modules/role-type/repositories/role.type.repository';
import { HttpException, HttpStatus, Injectable } from '@nestjs/common';
import { AddUserRoleDto } from '../dtos/role.add.dto';
import { UserRoleRepository } from '@app/common/modules/user/repositories';
import { QueryFailedError } from 'typeorm';
import { CommonErrorCodes } from '@app/common/constants/error-codes.enum';
import { RoleType } from '@app/common/constants/role.type.enum';
@Injectable()
export class RoleService {
constructor(
private readonly roleTypeRepository: RoleTypeRepository,
private readonly userRoleRepository: UserRoleRepository,
) {}
async addUserRoleType(addUserRoleDto: AddUserRoleDto) {
try {
const roleType = await this.fetchRoleByType(addUserRoleDto.roleType);
if (roleType.uuid) {
return await this.userRoleRepository.save({
user: { uuid: addUserRoleDto.userUuid },
roleType: { uuid: roleType.uuid },
});
}
} catch (error) {
if (
error instanceof QueryFailedError &&
error.driverError.code === CommonErrorCodes.DUPLICATE_ENTITY
) {
// Postgres unique constraint violation error code
throw new HttpException(
'This role already exists for this user',
HttpStatus.CONFLICT,
);
}
throw new HttpException(
error.message || 'Internal Server Error',
HttpStatus.INTERNAL_SERVER_ERROR,
);
}
}
constructor(private readonly roleTypeRepository: RoleTypeRepository) {}
async fetchRoleTypes() {
const roleTypes = await this.roleTypeRepository.find();
return roleTypes;
}
private async fetchRoleByType(roleType: string) {
return await this.roleTypeRepository.findOne({
where: {
type: roleType,
},
});
const roles = roleTypes.filter(
(roleType) => roleType.type !== RoleType.SUPER_ADMIN,
);
return roles;
}
}

24
src/scene/controllers/scene.controller.ts
View File

@ -16,11 +16,12 @@ import {
AddSceneTapToRunDto,
UpdateSceneTapToRunDto,
} from '../dtos/scene.dto';
import { JwtAuthGuard } from '@app/common/guards/jwt.auth.guard';
import { EnableDisableStatusEnum } from '@app/common/constants/days.enum';
import { SceneParamDto } from '../dtos';
import { BaseResponseDto } from '@app/common/dto/base.response.dto';
import { ControllerRoute } from '@app/common/constants/controller-route';
import { PermissionsGuard } from 'src/guards/permissions.guard';
import { Permissions } from 'src/decorators/permissions.decorator';
@ApiTags('Scene Module')
@Controller({
@ -31,7 +32,8 @@ export class SceneController {
constructor(private readonly sceneService: SceneService) {}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('SCENES_ADD')
@Post('tap-to-run')
@ApiOperation({
summary: ControllerRoute.SCENE.ACTIONS.CREATE_TAP_TO_RUN_SCENE_SUMMARY,
@ -45,7 +47,8 @@ export class SceneController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('SCENES_DELETE')
@Delete('tap-to-run/:sceneUuid')
@ApiOperation({
summary: ControllerRoute.SCENE.ACTIONS.DELETE_TAP_TO_RUN_SCENE_SUMMARY,
@ -59,7 +62,8 @@ export class SceneController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('SCENES_CONTROL')
@Post('tap-to-run/:sceneUuid/trigger')
@ApiOperation({
summary: ControllerRoute.SCENE.ACTIONS.TRIGGER_TAP_TO_RUN_SCENE_SUMMARY,
@ -71,7 +75,8 @@ export class SceneController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('SCENES_VIEW')
@Get('tap-to-run/:sceneUuid')
@ApiOperation({
summary: ControllerRoute.SCENE.ACTIONS.GET_TAP_TO_RUN_SCENE_SUMMARY,
@ -84,7 +89,8 @@ export class SceneController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('SCENES_UPDATE')
@Put('tap-to-run/:sceneUuid')
@ApiOperation({
summary: ControllerRoute.SCENE.ACTIONS.UPDATE_TAP_TO_RUN_SCENE_SUMMARY,
@ -102,7 +108,8 @@ export class SceneController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('SCENES_ADD')
@Post('icon')
async addSceneIcon(@Body() addSceneIconDto: AddSceneIconDto) {
const tapToRunScene = await this.sceneService.addSceneIcon(addSceneIconDto);
@ -114,7 +121,8 @@ export class SceneController {
};
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('SCENES_VIEW')
@Get('icon')
async getAllIcons() {
const icons = await this.sceneService.getAllIcons();

6
src/space-model/controllers/space-model.controller.ts
View File

@ -4,8 +4,9 @@ import { ApiBearerAuth, ApiOperation, ApiTags } from '@nestjs/swagger';
import { SpaceModelService } from '../services';
import { CreateSpaceModelDto } from '../dtos';
import { ProjectParam } from 'src/community/dtos';
import { JwtAuthGuard } from '@app/common/guards/jwt.auth.guard';
import { BaseResponseDto } from '@app/common/dto/base.response.dto';
import { PermissionsGuard } from 'src/guards/permissions.guard';
import { Permissions } from 'src/decorators/permissions.decorator';
@ApiTags('Space Model Module')
@Controller({
@ -16,7 +17,8 @@ export class SpaceModelController {
constructor(private readonly spaceModelService: SpaceModelService) {}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('SPACE_MODULE_ADD')
@ApiOperation({
summary: ControllerRoute.SPACE_MODEL.ACTIONS.CREATE_SPACE_MODEL_SUMMARY,
description:

6
src/space/controllers/space-device.controller.ts
View File

@ -1,10 +1,11 @@
import { ControllerRoute } from '@app/common/constants/controller-route';
import { Controller, Get, Param, UseGuards } from '@nestjs/common';
import { ApiBearerAuth, ApiOperation, ApiTags } from '@nestjs/swagger';
import { JwtAuthGuard } from '@app/common/guards/jwt.auth.guard';
import { GetSpaceParam } from '../dtos';
import { BaseResponseDto } from '@app/common/dto/base.response.dto';
import { SpaceDeviceService } from '../services';
import { PermissionsGuard } from 'src/guards/permissions.guard';
import { Permissions } from 'src/decorators/permissions.decorator';
@ApiTags('Space Module')
@Controller({
@ -15,7 +16,8 @@ export class SpaceDeviceController {
constructor(private readonly spaceDeviceService: SpaceDeviceService) {}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('VIEW_DEVICE_IN_SPACE')
@ApiOperation({
summary: ControllerRoute.SPACE_DEVICES.ACTIONS.LIST_SPACE_DEVICE_SUMMARY,
description:

6
src/space/controllers/space-scene.controller.ts
View File

@ -1,11 +1,12 @@
import { ControllerRoute } from '@app/common/constants/controller-route';
import { BaseResponseDto } from '@app/common/dto/base.response.dto';
import { JwtAuthGuard } from '@app/common/guards/jwt.auth.guard';
import { Controller, Get, Param, Query, UseGuards } from '@nestjs/common';
import { ApiBearerAuth, ApiOperation, ApiTags } from '@nestjs/swagger';
import { SpaceSceneService } from '../services';
import { GetSceneDto } from '../../scene/dtos';
import { GetSpaceParam } from '../dtos';
import { PermissionsGuard } from 'src/guards/permissions.guard';
import { Permissions } from 'src/decorators/permissions.decorator';
@ApiTags('Space Module')
@Controller({
@ -16,7 +17,8 @@ export class SpaceSceneController {
constructor(private readonly sceneService: SpaceSceneService) {}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('SCENES_VIEW')
@ApiOperation({
summary:
ControllerRoute.SPACE_SCENE.ACTIONS.GET_TAP_TO_RUN_SCENE_BY_SPACE_SUMMARY,

9
src/space/controllers/space-user.controller.ts
View File

@ -3,8 +3,9 @@ import { Controller, Delete, Param, Post, UseGuards } from '@nestjs/common';
import { ApiBearerAuth, ApiOperation, ApiTags } from '@nestjs/swagger';
import { SpaceUserService } from '../services';
import { BaseResponseDto } from '@app/common/dto/base.response.dto';
import { JwtAuthGuard } from '@app/common/guards/jwt.auth.guard';
import { UserSpaceParam } from '../dtos';
import { PermissionsGuard } from 'src/guards/permissions.guard';
import { Permissions } from 'src/decorators/permissions.decorator';
@ApiTags('Space Module')
@Controller({
@ -16,7 +17,8 @@ export class SpaceUserController {
@ApiBearerAuth()
@Post('/:userUuid')
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('ASSIGN_USER_TO_SPACE')
@ApiOperation({
summary:
ControllerRoute.SPACE_USER.ACTIONS.ASSOCIATE_SPACE_USER_DESCRIPTION,
@ -31,7 +33,8 @@ export class SpaceUserController {
@ApiBearerAuth()
@Delete('/:userUuid')
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('DELETE_USER_FROM_SPACE')
@ApiOperation({
summary: ControllerRoute.SPACE_USER.ACTIONS.DISSOCIATE_SPACE_USER_SUMMARY,
description:

24
src/space/controllers/space.controller.ts
View File

@ -11,10 +11,11 @@ import {
Put,
UseGuards,
} from '@nestjs/common';
import { JwtAuthGuard } from '@app/common/guards/jwt.auth.guard';
import { AddSpaceDto, CommunitySpaceParam, UpdateSpaceDto } from '../dtos';
import { BaseResponseDto } from '@app/common/dto/base.response.dto';
import { GetSpaceParam } from '../dtos/get.space.param';
import { PermissionsGuard } from 'src/guards/permissions.guard';
import { Permissions } from 'src/decorators/permissions.decorator';
@ApiTags('Space Module')
@Controller({
@ -25,7 +26,8 @@ export class SpaceController {
constructor(private readonly spaceService: SpaceService) {}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('SPACE_ADD')
@ApiOperation({
summary: ControllerRoute.SPACE.ACTIONS.CREATE_SPACE_SUMMARY,
description: ControllerRoute.SPACE.ACTIONS.CREATE_SPACE_DESCRIPTION,
@ -42,7 +44,8 @@ export class SpaceController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('SPACE_VIEW')
@ApiOperation({
summary:
ControllerRoute.SPACE.ACTIONS.GET_COMMUNITY_SPACES_HIERARCHY_SUMMARY,
@ -57,7 +60,8 @@ export class SpaceController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('SPACE_DELETE')
@ApiOperation({
summary: ControllerRoute.SPACE.ACTIONS.DELETE_SPACE_SUMMARY,
description: ControllerRoute.SPACE.ACTIONS.DELETE_SPACE_DESCRIPTION,
@ -68,7 +72,8 @@ export class SpaceController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('SPACE_UPDATE')
@Put('/:spaceUuid')
@ApiOperation({
summary: ControllerRoute.SPACE.ACTIONS.UPDATE_SPACE_SUMMARY,
@ -82,7 +87,8 @@ export class SpaceController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('SPACE_VIEW')
@ApiOperation({
summary: ControllerRoute.SPACE.ACTIONS.GET_SPACE_SUMMARY,
description: ControllerRoute.SPACE.ACTIONS.GET_SPACE_DESCRIPTION,
@ -93,7 +99,8 @@ export class SpaceController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('SPACE_VIEW')
@ApiOperation({
summary: ControllerRoute.SPACE.ACTIONS.GET_HEIRARCHY_SUMMARY,
description: ControllerRoute.SPACE.ACTIONS.GET_HEIRARCHY_DESCRIPTION,
@ -107,7 +114,8 @@ export class SpaceController {
//should it be post?
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('SPACE_MEMBER_ADD')
@ApiOperation({
summary: ControllerRoute.SPACE.ACTIONS.CREATE_INVITATION_CODE_SPACE_SUMMARY,
description:

12
src/space/controllers/subspace/subspace-device.controller.ts
View File

@ -1,5 +1,4 @@
import { ControllerRoute } from '@app/common/constants/controller-route';
import { JwtAuthGuard } from '@app/common/guards/jwt.auth.guard';
import {
Controller,
Delete,
@ -12,6 +11,8 @@ import { ApiBearerAuth, ApiOperation, ApiTags } from '@nestjs/swagger';
import { DeviceSubSpaceParam, GetSubSpaceParam } from '../../dtos';
import { SubspaceDeviceService } from 'src/space/services';
import { BaseResponseDto } from '@app/common/dto/base.response.dto';
import { PermissionsGuard } from 'src/guards/permissions.guard';
import { Permissions } from 'src/decorators/permissions.decorator';
@ApiTags('Space Module')
@Controller({
@ -22,7 +23,8 @@ export class SubSpaceDeviceController {
constructor(private readonly subspaceDeviceService: SubspaceDeviceService) {}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('VIEW_DEVICE_IN_SUBSPACE')
@ApiOperation({
summary:
ControllerRoute.SUBSPACE_DEVICE.ACTIONS.LIST_SUBSPACE_DEVICE_SUMMARY,
@ -37,7 +39,8 @@ export class SubSpaceDeviceController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('ASSIGN_DEVICE_TO_SUBSPACE')
@ApiOperation({
summary:
ControllerRoute.SUBSPACE_DEVICE.ACTIONS.ASSOCIATE_SUBSPACE_DEVICE_SUMMARY,
@ -53,7 +56,8 @@ export class SubSpaceDeviceController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('DELETE_DEVICE_FROM_SUBSPACE')
@ApiOperation({
summary:
ControllerRoute.SUBSPACE_DEVICE.ACTIONS

18
src/space/controllers/subspace/subspace.controller.ts
View File

@ -14,8 +14,9 @@ import { SubSpaceService } from '../../services';
import { ApiBearerAuth, ApiOperation, ApiTags } from '@nestjs/swagger';
import { AddSubspaceDto, GetSpaceParam, GetSubSpaceParam } from '../../dtos';
import { BaseResponseDto } from '@app/common/dto/base.response.dto';
import { JwtAuthGuard } from '@app/common/guards/jwt.auth.guard';
import { PaginationRequestGetListDto } from '@app/common/dto/pagination.request.dto';
import { PermissionsGuard } from 'src/guards/permissions.guard';
import { Permissions } from 'src/decorators/permissions.decorator';
@ApiTags('Space Module')
@Controller({
@ -26,7 +27,8 @@ export class SubSpaceController {
constructor(private readonly subSpaceService: SubSpaceService) {}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('SUBSPACE_ADD')
@Post()
@ApiOperation({
summary: ControllerRoute.SUBSPACE.ACTIONS.CREATE_SUBSPACE_SUMMARY,
@ -40,7 +42,8 @@ export class SubSpaceController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('SUBSPACE_VIEW')
@ApiOperation({
summary: ControllerRoute.SUBSPACE.ACTIONS.LIST_SUBSPACES_SUMMARY,
description: ControllerRoute.SUBSPACE.ACTIONS.LIST_SUBSPACES_DESCRIPTION,
@ -54,7 +57,8 @@ export class SubSpaceController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('SUBSPACE_VIEW')
@ApiOperation({
summary: ControllerRoute.SUBSPACE.ACTIONS.GET_SUBSPACE_SUMMARY,
description: ControllerRoute.SUBSPACE.ACTIONS.GET_SUBSPACE_DESCRIPTION,
@ -65,7 +69,8 @@ export class SubSpaceController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('SUBSPACE_UPDATE')
@ApiOperation({
summary: ControllerRoute.SUBSPACE.ACTIONS.UPDATE_SUBSPACE_SUMMARY,
description: ControllerRoute.SUBSPACE.ACTIONS.UPDATE_SUBSPACE_DESCRIPTION,
@ -79,7 +84,8 @@ export class SubSpaceController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('SUBSPACE_DELETE')
@ApiOperation({
summary: ControllerRoute.SUBSPACE.ACTIONS.DELETE_SUBSPACE_SUMMARY,
description: ControllerRoute.SUBSPACE.ACTIONS.DELETE_SUBSPACE_DESCRIPTION,

21
src/vistor-password/controllers/visitor-password.controller.ts
View File

@ -15,9 +15,10 @@ import {
AddDoorLockOnlineMultipleDto,
AddDoorLockOnlineOneTimeDto,
} from '../dtos/temp-pass.dto';
import { JwtAuthGuard } from '@app/common/guards/jwt.auth.guard';
import { EnableDisableStatusEnum } from '@app/common/constants/days.enum';
import { ControllerRoute } from '@app/common/constants/controller-route';
import { PermissionsGuard } from 'src/guards/permissions.guard';
import { Permissions } from 'src/decorators/permissions.decorator';
@ApiTags('Visitor Password Module')
@Controller({
@ -30,7 +31,8 @@ export class VisitorPasswordController {
) {}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('VISITOR_PASSWORD_ADD')
@Post('temporary-password/online/multiple-time')
@ApiOperation({
summary:
@ -58,7 +60,8 @@ export class VisitorPasswordController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('VISITOR_PASSWORD_ADD')
@Post('temporary-password/online/one-time')
@ApiOperation({
summary:
@ -86,7 +89,8 @@ export class VisitorPasswordController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('VISITOR_PASSWORD_ADD')
@Post('temporary-password/offline/one-time')
@ApiOperation({
summary:
@ -114,7 +118,8 @@ export class VisitorPasswordController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('VISITOR_PASSWORD_ADD')
@Post('temporary-password/offline/multiple-time')
@ApiOperation({
summary:
@ -143,7 +148,8 @@ export class VisitorPasswordController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('VISITOR_PASSWORD_VIEW')
@Get()
@ApiOperation({
summary:
@ -156,7 +162,8 @@ export class VisitorPasswordController {
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@UseGuards(PermissionsGuard)
@Permissions('VISITOR_PASSWORD_VIEW')
@Get('/devices')
@ApiOperation({
summary: