diff --git a/src/controller/user.controller.js b/src/controller/user.controller.js index 2de0b76..04dc2a8 100644 --- a/src/controller/user.controller.js +++ b/src/controller/user.controller.js @@ -1,5 +1,6 @@ const bcrypt = require("bcrypt"); const jwt = require("jsonwebtoken"); +const mongoose = require("mongoose"); const User = require("./../models/User"); const { @@ -7,6 +8,8 @@ const { JWT_REFRESH_EXPIRY_TIME, JWT_ACCESS_EXPIRY_TIME, } = require("./../config/env"); +const UserRole = require("../models/UserRole"); +const UserPermission = require("../models/UserPermission"); const createAccessToken = (id) => { return jwt.sign({ id }, JWT_SECRET, { @@ -20,6 +23,18 @@ const createRefreshToken = (id) => { }); }; +const getValidIds = async (ids, model) => { + const verifiedIds = ids.filter((permission) => + mongoose.isValidObjectId(permission) + ); + const verifiedObjects = await model + .find({ + id: { $in: verifiedIds }, + }) + .select({ _id: 1 }); + return verifiedObjects.map((_) => _._id); +}; + module.exports = { registerUser: async (req, res, next) => { const { email, fullName, password } = req.body; @@ -66,5 +81,42 @@ module.exports = { next(err); } }, - updateUserAccessControl: async (req, res, next) => {}, + + addUserAccessControl: async (req, res, next) => { + const { user, roles, permissions } = req.body; + if (!mongoose.isValidObjectId(user)) { + throw new Error(`invalid format for user id field`); + } + const verifiedRoleIds = await getValidIds(roles, UserRole); + const verifiedPermissionIds = await getValidIds( + permissions, + UserPermission + ); + const response = await User.findByIdAndUpdate(user, { + $push: { + roles: { $each: verifiedRoleIds }, + permissions: { $each: verifiedPermissionIds }, + }, + }); + res.send({ success: true, data: response }); + }, + + removeUserAccessControl: async (req, res, next) => { + const { user, roles, permissions } = req.body; + if (!mongoose.isValidObjectId(user)) { + throw new Error(`invalid format for user id field`); + } + const verifiedRoleIds = await getValidIds(roles, UserRole); + const verifiedPermissionIds = await getValidIds( + permissions, + UserPermission + ); + const response = await User.findByIdAndUpdate(user, { + $pull: { + roles: { $in: verifiedRoleIds }, + permissions: { $in: verifiedPermissionIds }, + }, + }); + res.send({ success: true, data: response }); + }, }; diff --git a/src/controller/user.router.js b/src/controller/user.router.js index c773dc0..02e40e5 100644 --- a/src/controller/user.router.js +++ b/src/controller/user.router.js @@ -3,6 +3,7 @@ const controller = require("./user.controller"); router.post("/register", controller.registerUser); router.post("/login", controller.loginUser); -router.post("/:id/updateAccess", controller.updateUserAccessControl); +router.post("/:id/addAccess", controller.addUserAccessControl); +router.post("/:id/removeAccess", controller.removeUserAccessControl); module.exports = router; diff --git a/src/controller/userRole.controller.js b/src/controller/userRole.controller.js index 0352924..ad5b211 100644 --- a/src/controller/userRole.controller.js +++ b/src/controller/userRole.controller.js @@ -7,7 +7,7 @@ const getValidPermissions = async (permissions) => { mongoose.isValidObjectId(permission) ); const permissionObjects = await UserPermission.find({ - id: { in: verifiedPermissions }, + id: { $in: verifiedPermissions }, }).select({ _id: 1 }); return permissionObjects.map((_) => _._id); }; @@ -45,7 +45,7 @@ module.exports = { createRole: async (req, res, next) => { try { const { name, permissions } = req.body; - const verifiedPermissions = getValidPermissions(permissions); + const verifiedPermissions = await getValidPermissions(permissions); const newUserRole = await UserRole.create({ name, permissions: verifiedPermissions,