138 lines
2.9 KiB
TypeScript
138 lines
2.9 KiB
TypeScript
import {
|
|
Controller,
|
|
Get,
|
|
Post,
|
|
Put,
|
|
Delete,
|
|
Body,
|
|
Param,
|
|
UseGuards,
|
|
Inject,
|
|
} from '@nestjs/common';
|
|
import { JwtAuthGuard } from '../auth/jwt-auth.guard';
|
|
import { Role } from '../models/role.model';
|
|
import { RoleRule } from '../models/role-rule.model';
|
|
import { Knex } from 'knex';
|
|
|
|
export class CreateRoleDto {
|
|
name: string;
|
|
guardName?: string;
|
|
description?: string;
|
|
}
|
|
|
|
export class UpdateRoleDto {
|
|
name?: string;
|
|
description?: string;
|
|
}
|
|
|
|
export class CreateRoleRuleDto {
|
|
roleId: string;
|
|
rulesJson: any[]; // Array of CASL rules
|
|
}
|
|
|
|
export class UpdateRoleRuleDto {
|
|
rulesJson: any[];
|
|
}
|
|
|
|
@Controller('roles')
|
|
@UseGuards(JwtAuthGuard)
|
|
export class RoleController {
|
|
constructor(@Inject('KnexConnection') private readonly knex: Knex) {}
|
|
|
|
/**
|
|
* List all roles
|
|
*/
|
|
@Get()
|
|
async list() {
|
|
return Role.query(this.knex).withGraphFetched('[roleRules]');
|
|
}
|
|
|
|
/**
|
|
* Get a single role by ID
|
|
*/
|
|
@Get(':id')
|
|
async get(@Param('id') id: string) {
|
|
return Role.query(this.knex)
|
|
.findById(id)
|
|
.withGraphFetched('[roleRules, permissions]');
|
|
}
|
|
|
|
/**
|
|
* Create a new role
|
|
*/
|
|
@Post()
|
|
async create(@Body() createDto: CreateRoleDto) {
|
|
return Role.query(this.knex).insert({
|
|
name: createDto.name,
|
|
guardName: createDto.guardName || 'api',
|
|
description: createDto.description,
|
|
});
|
|
}
|
|
|
|
/**
|
|
* Update a role
|
|
*/
|
|
@Put(':id')
|
|
async update(@Param('id') id: string, @Body() updateDto: UpdateRoleDto) {
|
|
return Role.query(this.knex).patchAndFetchById(id, updateDto);
|
|
}
|
|
|
|
/**
|
|
* Delete a role
|
|
*/
|
|
@Delete(':id')
|
|
async delete(@Param('id') id: string) {
|
|
await Role.query(this.knex).deleteById(id);
|
|
return { success: true };
|
|
}
|
|
}
|
|
|
|
@Controller('role-rules')
|
|
@UseGuards(JwtAuthGuard)
|
|
export class RoleRuleController {
|
|
constructor(@Inject('KnexConnection') private readonly knex: Knex) {}
|
|
|
|
/**
|
|
* Get rules for a role
|
|
*/
|
|
@Get('role/:roleId')
|
|
async getForRole(@Param('roleId') roleId: string) {
|
|
return RoleRule.query(this.knex).where('roleId', roleId);
|
|
}
|
|
|
|
/**
|
|
* Create or update role rules
|
|
* This will replace existing rules for the role
|
|
*/
|
|
@Post()
|
|
async createOrUpdate(@Body() dto: CreateRoleRuleDto) {
|
|
// Delete existing rules for this role
|
|
await RoleRule.query(this.knex).where('roleId', dto.roleId).delete();
|
|
|
|
// Insert new rules
|
|
return RoleRule.query(this.knex).insert({
|
|
roleId: dto.roleId,
|
|
rulesJson: dto.rulesJson,
|
|
});
|
|
}
|
|
|
|
/**
|
|
* Update role rules by ID
|
|
*/
|
|
@Put(':id')
|
|
async update(@Param('id') id: string, @Body() dto: UpdateRoleRuleDto) {
|
|
return RoleRule.query(this.knex).patchAndFetchById(id, {
|
|
rulesJson: dto.rulesJson,
|
|
});
|
|
}
|
|
|
|
/**
|
|
* Delete role rules
|
|
*/
|
|
@Delete(':id')
|
|
async delete(@Param('id') id: string) {
|
|
await RoleRule.query(this.knex).deleteById(id);
|
|
return { success: true };
|
|
}
|
|
}
|