Skip to content
Snippets Groups Projects
Select Git revision
  • f1743725f03a44bcac5c95af6215eb5f1bacc6b5
  • master default protected
  • improved-skeleton
  • xsrf-token
4 results

webapp-auth.md

Blame
    • admin.controller.ts 2.23 KiB 
    import { Body } from '@nestjs/common';
import { Controller, Get, Post, UseGuards } from '@nestjs/common';
import { ApiOperation } from '@nestjs/swagger';
import { JwtAuthGuard } from '../auth/guards/jwt-auth.guard';
import { StructuresService } from '../structures/services/structures.service';
import { Roles } from '../users/decorators/roles.decorator';
import { RolesGuard } from '../users/guards/roles.guard';
import { UsersService } from '../users/users.service';
import { PendingStructureDto } from './dto/pending-structure.dto';

@Controller('admin')
export class AdminController {
  constructor(private usersService: UsersService, private structuresService: StructuresService) {}

  @UseGuards(JwtAuthGuard, RolesGuard)
  @Roles('admin')
  @Get('pendingStructures')
  @ApiOperation({ description: 'Get pending structre for validation' })
  public async getPendingAttachments(): Promise<PendingStructureDto[]> {
    const pendingStructure = await this.usersService.getPendingStructures();
    return await Promise.all(
      pendingStructure.map(async (structure) => {
        structure.structureName = (await this.structuresService.findOne(structure.structureId)).structureName;
        return structure;
      })
    );
  }

  @UseGuards(JwtAuthGuard, RolesGuard)
  @Roles('admin')
  @Post('validatePendingStructure')
  @ApiOperation({ description: 'Validate structure ownership' })
  public async validatePendingStructure(@Body() pendingStructureDto: PendingStructureDto) {
    const structure = await this.structuresService.findOne(pendingStructureDto.structureId);
    return this.usersService.validatePendingStructure(
      pendingStructureDto.userEmail,
      pendingStructureDto.structureId,
      structure.structureName,
      true
    );
  }

  @UseGuards(JwtAuthGuard, RolesGuard)
  @Roles('admin')
  @Post('rejectPendingStructure')
  @ApiOperation({ description: 'Refuse structure ownership' })
  public async refusePendingStructure(@Body() pendingStructureDto: PendingStructureDto) {
    const structure = await this.structuresService.findOne(pendingStructureDto.structureId);
    return this.usersService.validatePendingStructure(
      pendingStructureDto.userEmail,
      pendingStructureDto.structureId,
      structure.structureName,
      false
    );
  }
}