feat: added skeleton for item transaction apis
This commit is contained in:
Sathishkumar Krishnan
@@ -194,4 +194,25 @@ module.exports = {
|
||||
next(error);
|
||||
}
|
||||
},
|
||||
pickItem: async (req, res, next) => {
|
||||
res.status(500).send({ success: false, error: "Not Implemented" });
|
||||
},
|
||||
putItem: async (req, res, next) => {
|
||||
res.status(500).send({ success: false, error: "Not Implemented" });
|
||||
},
|
||||
reserveItem: async (req, res, next) => {
|
||||
res.status(500).send({ success: false, error: "Not Implemented" });
|
||||
},
|
||||
checkInItem: async (req, res, next) => {
|
||||
res.status(500).send({ success: false, error: "Not Implemented" });
|
||||
},
|
||||
checkOutItem: async (req, res, next) => {
|
||||
res.status(500).send({ success: false, error: "Not Implemented" });
|
||||
},
|
||||
reportItem: async (req, res, next) => {
|
||||
res.status(500).send({ success: false, error: "Not Implemented" });
|
||||
},
|
||||
adjustItem: async (req, res, next) => {
|
||||
res.status(500).send({ success: false, error: "Not Implemented" });
|
||||
},
|
||||
};
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
const router = require("express").Router();
|
||||
const controller = require("./item.controller");
|
||||
|
||||
const { ItemTransactionCheck } = require("./utils/authorize");
|
||||
/**
|
||||
* @route /item/
|
||||
*/
|
||||
@@ -21,4 +21,39 @@ router.get("/filter", controller.getItemsByFilter);
|
||||
*/
|
||||
router.get("/:id", controller.getItemByID);
|
||||
|
||||
/**
|
||||
* @route /item/:id/pick
|
||||
*/
|
||||
router.post("/:id/pick", ItemTransactionCheck, controller.pickItem);
|
||||
|
||||
/**
|
||||
* @route /item/:id/put
|
||||
*/
|
||||
router.post("/:id/put", ItemTransactionCheck, controller.putItem);
|
||||
|
||||
/**
|
||||
* @route /item/:id/reserve
|
||||
*/
|
||||
router.post("/:id/reserve", ItemTransactionCheck, controller.reserveItem);
|
||||
|
||||
/**
|
||||
* @route /item/:id/check-in
|
||||
*/
|
||||
router.post("/:id/check-in", ItemTransactionCheck, controller.checkInItem);
|
||||
|
||||
/**
|
||||
* @route /item/:id/check-out
|
||||
*/
|
||||
router.post("/:id/check-out", ItemTransactionCheck, controller.checkOutItem);
|
||||
|
||||
/**
|
||||
* @route /item/:id/report
|
||||
*/
|
||||
router.post("/:id/report", ItemTransactionCheck, controller.reportItem);
|
||||
|
||||
/**
|
||||
* @route /item/:id/adjust
|
||||
*/
|
||||
router.post("/:id/adjust", ItemTransactionCheck, controller.adjustItem);
|
||||
|
||||
module.exports = router;
|
||||
|
||||
@@ -1,38 +1,22 @@
|
||||
const jwt = require("jsonwebtoken");
|
||||
const User = require("../../models/User");
|
||||
const UserRole = require("../../models/UserRole");
|
||||
const {
|
||||
SUPER_ADMIN_ROLE,
|
||||
AUTHORIZATION_FAILURE_ERROR_MESSAGE,
|
||||
} = require("../../config/constants");
|
||||
const { SUPER_ADMIN_ROLE, AUTHORIZATION_FAILURE_ERROR_MESSAGE } = require("../../config/constants");
|
||||
const { JWT_SECRET } = require("../../config/env");
|
||||
const constants = require("../../config/constants");
|
||||
|
||||
const authenticate = async (token) => {
|
||||
const decodedToken = jwt.verify(token, JWT_SECRET);
|
||||
if (decodedToken) {
|
||||
return await User.findById(decodedToken.id)
|
||||
.populate({ path: "roles", populate: "permissions" })
|
||||
.populate("permissions");
|
||||
return await User.findById(decodedToken.id).populate({ path: "roles", populate: "permissions" }).populate("permissions");
|
||||
}
|
||||
};
|
||||
|
||||
const authorize = async (
|
||||
user,
|
||||
requiredRoles = [],
|
||||
requiredPermissions = []
|
||||
) => {
|
||||
const authorize = async (user, requiredRoles = [], requiredPermissions = []) => {
|
||||
const userRoles = user.roles.map((_) => _._id);
|
||||
const userPermissions = [
|
||||
...user.permissions.map((_) => _._id),
|
||||
...userRoles.map((_) => _.permissions).flat(),
|
||||
];
|
||||
const userPermissions = [...user.permissions.map((_) => _._id), ...userRoles.map((_) => _.permissions).flat()];
|
||||
|
||||
return (
|
||||
user != undefined &&
|
||||
requiredRoles.every((_) => userRoles.includes(_)) &&
|
||||
requiredPermissions.every((_) => userPermissions.includes(_))
|
||||
);
|
||||
return user != undefined && requiredRoles.every((_) => userRoles.includes(_)) && requiredPermissions.every((_) => userPermissions.includes(_));
|
||||
};
|
||||
|
||||
module.exports = {
|
||||
@@ -41,11 +25,13 @@ module.exports = {
|
||||
if (authorize(res.locals.user, [SuperAdmin.id])) {
|
||||
next();
|
||||
} else {
|
||||
res
|
||||
.status(403)
|
||||
.send({ success: false, error: AUTHORIZATION_FAILURE_ERROR_MESSAGE });
|
||||
res.status(403).send({ success: false, error: AUTHORIZATION_FAILURE_ERROR_MESSAGE });
|
||||
}
|
||||
},
|
||||
ItemTransactionCheck: async (req, res, next) => {
|
||||
// WIP
|
||||
next();
|
||||
},
|
||||
AuthenticateMiddleware: async (req, res, next) => {
|
||||
try {
|
||||
const token = req.headers.authorization || "";
|
||||
|
||||
Reference in New Issue
Block a user