feat: crud endpoints for user-permissions
This commit is contained in:
Sathishkumar Krishnan
@@ -12,6 +12,8 @@ const UserActions = [
|
||||
"Receive",
|
||||
];
|
||||
|
||||
const InventoryScopes = ["Inventory", "Material", "Item"];
|
||||
|
||||
const WarehouseScopes = [
|
||||
"Warehouse",
|
||||
"Zone",
|
||||
@@ -40,6 +42,7 @@ const CustomAttributeTypes = [
|
||||
|
||||
module.exports = {
|
||||
UserActions,
|
||||
InventoryScopes,
|
||||
WarehouseScopes,
|
||||
InventoryTypes,
|
||||
CustomAttributeTypes,
|
||||
|
||||
@@ -1,10 +1,19 @@
|
||||
const router = require("express").Router();
|
||||
const userRouter = require("./user.router");
|
||||
const userRoleRouter = require("./userRole.router");
|
||||
const userPermissionRouter = require("./userPermission.router");
|
||||
|
||||
router.use("/user", userRouter);
|
||||
router.use("/user-role", userRoleRouter);
|
||||
router.use("/user-permission", userPermissionRouter);
|
||||
|
||||
router.get("/", (req, res) => {
|
||||
res.send("Hello world");
|
||||
res.send({ success: true, message: "Hello world" });
|
||||
});
|
||||
|
||||
router.use(function (err, req, res, next) {
|
||||
console.error(err.stack);
|
||||
res.status(500).send({ error: `Error: ${err.message}` });
|
||||
});
|
||||
|
||||
module.exports = { router };
|
||||
|
||||
@@ -6,7 +6,7 @@ const {
|
||||
JWT_SECRET,
|
||||
JWT_REFRESH_EXPIRY_TIME,
|
||||
JWT_ACCESS_EXPIRY_TIME,
|
||||
} = require("../../config/env");
|
||||
} = require("./../config/env");
|
||||
|
||||
const createAccessToken = (id) => {
|
||||
return jwt.sign({ id }, JWT_SECRET, {
|
||||
|
||||
@@ -1,7 +1,96 @@
|
||||
module.exports = {
|
||||
getAllPermissions: async (req, res, next) => {},
|
||||
getPermission: async (req, res, next) => {},
|
||||
createPermission: async (req, res, next) => {},
|
||||
updatePermission: async (req, res, next) => {},
|
||||
deletePermission: async (req, res, next) => {},
|
||||
const mongoose = require("mongoose");
|
||||
|
||||
const UserPermission = require("./../models/UserPermission");
|
||||
const { InventoryScopes, WarehouseScopes } = require("./../config/constants");
|
||||
|
||||
const getScopes = async (scopes, searchSet) => {
|
||||
const verifiedScopes = [];
|
||||
if (scopes !== undefined && Array.isArray(scopes)) {
|
||||
for (const scope of scopes) {
|
||||
if (mongoose.isValidObjectId(scope.id)) {
|
||||
if (scope.type !== undefined && searchSet.contains(scope.type)) {
|
||||
const model = require(`../models/${scope.type}`);
|
||||
const inventoryObject = await model.findById(scope.id);
|
||||
if (inventoryObject == undefined) {
|
||||
continue;
|
||||
}
|
||||
verifiedScopes.push({
|
||||
id: inventoryObject._id,
|
||||
type: scope.type,
|
||||
});
|
||||
}
|
||||
} else {
|
||||
throw new Error(`invalid data format for object-id - ${scope.id}`);
|
||||
}
|
||||
}
|
||||
}
|
||||
return verifiedScopes;
|
||||
};
|
||||
|
||||
module.exports = {
|
||||
getAllPermissions: async (req, res, next) => {
|
||||
let { page, perPage } = req.query;
|
||||
page = page || 0;
|
||||
perPage = perPage || 10;
|
||||
|
||||
const result = await UserPermission.find(
|
||||
{},
|
||||
{ id: 1, name: 1, inventoryScopes: 1, warehouseScopes: 1, actions: 1 },
|
||||
{ skip: page * perPage, limit: perPage }
|
||||
);
|
||||
res.send({ success: true, data: result });
|
||||
},
|
||||
getPermission: async (req, res, next) => {
|
||||
try {
|
||||
const { id } = req.params;
|
||||
if (mongoose.isValidObjectId(id)) {
|
||||
const permission = await UserPermission.findById(id);
|
||||
res.send({ success: true, data: permission });
|
||||
} else {
|
||||
throw new Error(`invalid data format for object-id - ${id}`);
|
||||
}
|
||||
} catch (e) {
|
||||
next(e);
|
||||
}
|
||||
},
|
||||
createPermission: async (req, res, next) => {
|
||||
try {
|
||||
const { name, inventoryScopes, warehouseScopes, actions } = req.body;
|
||||
const verifiedInventoryScopes = await getScopes(
|
||||
inventoryScopes,
|
||||
InventoryScopes
|
||||
);
|
||||
const verifiedWarehouseScopes = await getScopes(
|
||||
warehouseScopes,
|
||||
WarehouseScopes
|
||||
);
|
||||
|
||||
const newUserPermission = await UserPermission.create({
|
||||
name,
|
||||
inventoryScopes: verifiedInventoryScopes,
|
||||
warehouseScopes: verifiedWarehouseScopes,
|
||||
actions: actions == undefined ? [] : actions,
|
||||
});
|
||||
res.send({ success: true, data: newUserPermission });
|
||||
} catch (e) {
|
||||
next(e);
|
||||
}
|
||||
},
|
||||
updatePermission: async (req, res, next) => {
|
||||
// Need more clarity
|
||||
res.send({ success: false, error: "not implemented" });
|
||||
},
|
||||
deletePermission: async (req, res, next) => {
|
||||
try {
|
||||
const { id } = req.params;
|
||||
if (mongoose.isValidObjectId(id)) {
|
||||
const result = await UserPermission.deleteOne({ _id: id });
|
||||
res.send({ success: true, data: result });
|
||||
} else {
|
||||
throw new Error(`invalid data format for object-id - ${id}`);
|
||||
}
|
||||
} catch (e) {
|
||||
next(e);
|
||||
}
|
||||
},
|
||||
};
|
||||
|
||||
@@ -4,7 +4,7 @@ const controller = require("./userPermission.controller");
|
||||
router.get("/all", controller.getAllPermissions);
|
||||
router.get("/:id", controller.getPermission);
|
||||
router.post("/create", controller.createPermission);
|
||||
router.patch("/:id", controller.updatePermission);
|
||||
router.post("/:id", controller.updatePermission);
|
||||
router.delete("/:id", controller.deletePermission);
|
||||
|
||||
module.exports = router;
|
||||
|
||||
@@ -1,33 +1,49 @@
|
||||
const mongoose = require("mongoose");
|
||||
const { UserActions, WarehouseScopes } = require("./../config/constants");
|
||||
const {
|
||||
UserActions,
|
||||
WarehouseScopes,
|
||||
InventoryScopes,
|
||||
} = require("./../config/constants");
|
||||
|
||||
const schema = new mongoose.Schema(
|
||||
{
|
||||
name: {
|
||||
type: String,
|
||||
required: true,
|
||||
unique: true,
|
||||
trim: true,
|
||||
},
|
||||
inventory: {
|
||||
type: mongoose.Schema.Types.ObjectId,
|
||||
ref: "Inventory",
|
||||
},
|
||||
warehouseScope: {
|
||||
on: {
|
||||
type: mongoose.Schema.Types.ObjectId,
|
||||
refPath: "onModel",
|
||||
inventoryScopes: [
|
||||
{
|
||||
id: {
|
||||
type: mongoose.Schema.Types.ObjectId,
|
||||
refPath: "type",
|
||||
},
|
||||
type: {
|
||||
type: String,
|
||||
enum: InventoryScopes,
|
||||
},
|
||||
},
|
||||
onModel: {
|
||||
],
|
||||
warehouseScopes: [
|
||||
{
|
||||
id: {
|
||||
type: mongoose.Schema.Types.ObjectId,
|
||||
refPath: "type",
|
||||
},
|
||||
type: {
|
||||
type: String,
|
||||
enum: WarehouseScopes,
|
||||
},
|
||||
},
|
||||
],
|
||||
actions: [
|
||||
{
|
||||
type: String,
|
||||
required: true,
|
||||
enum: WarehouseScopes,
|
||||
enum: UserActions,
|
||||
},
|
||||
},
|
||||
actions: {
|
||||
type: String,
|
||||
required: true,
|
||||
enum: UserActions,
|
||||
},
|
||||
],
|
||||
},
|
||||
{
|
||||
timestamps: true,
|
||||
|
||||
Reference in New Issue
Block a user