From 25a1f3c4a44ee7a266a32d505b2676833080c3a3 Mon Sep 17 00:00:00 2001 From: Methapon2001 <61303214+Methapon2001@users.noreply.github.com> Date: Tue, 2 Jul 2024 16:54:19 +0700 Subject: [PATCH] feat: product related permission --- src/controllers/product/group-controller.ts | 7 ++++++- src/controllers/product/type-controller.ts | 6 +++++- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/src/controllers/product/group-controller.ts b/src/controllers/product/group-controller.ts index 0968394..d3dff29 100644 --- a/src/controllers/product/group-controller.ts +++ b/src/controllers/product/group-controller.ts @@ -35,14 +35,15 @@ type ProductGroupUpdate = { @Route("api/v1/product-group") @Tags("Product Group") -@Security("keycloak") export class ProductGroup extends Controller { @Get("stats") + @Security("keycloak") async getProductGroupStats() { return await prisma.productGroup.count(); } @Get() + @Security("keycloak") async getProductGroup( @Query() query: string = "", @Query() status?: Status, @@ -110,6 +111,7 @@ export class ProductGroup extends Controller { } @Get("{groupId}") + @Security("keycloak") async getProductGroupById(@Path() groupId: string) { const record = await prisma.productGroup.findFirst({ where: { id: groupId }, @@ -126,6 +128,7 @@ export class ProductGroup extends Controller { } @Post() + @Security("keycloak", ["system", "head_of_admin", "admin", "accountant"]) async createProductGroup(@Request() req: RequestWithUser, @Body() body: ProductGroupCreate) { const record = await prisma.$transaction( async (tx) => { @@ -163,6 +166,7 @@ export class ProductGroup extends Controller { } @Put("{groupId}") + @Security("keycloak", ["system", "head_of_admin", "admin", "accountant"]) async editProductGroup( @Request() req: RequestWithUser, @Body() body: ProductGroupUpdate, @@ -189,6 +193,7 @@ export class ProductGroup extends Controller { } @Delete("{groupId}") + @Security("keycloak", ["system", "head_of_admin", "admin", "accountant"]) async deleteProductGroup(@Path() groupId: string) { const record = await prisma.productGroup.findFirst({ where: { id: groupId } }); diff --git a/src/controllers/product/type-controller.ts b/src/controllers/product/type-controller.ts index 8e13c90..8f6e2b6 100644 --- a/src/controllers/product/type-controller.ts +++ b/src/controllers/product/type-controller.ts @@ -37,7 +37,6 @@ type ProductTypeUpdate = { @Route("api/v1/product-type") @Tags("Product Type") -@Security("keycloak") export class ProductType extends Controller { @Get("stats") async getProductTypeStats() { @@ -45,6 +44,7 @@ export class ProductType extends Controller { } @Get() + @Security("keycloak") async getProductType( @Query() query: string = "", @Query() productGroupId?: string, @@ -87,6 +87,7 @@ export class ProductType extends Controller { } @Get("{typeId}") + @Security("keycloak", ["system", "head_of_admin", "admin", "accountant"]) async getProductTypeById(@Path() typeId: string) { const record = await prisma.productType.findFirst({ where: { id: typeId }, @@ -103,6 +104,7 @@ export class ProductType extends Controller { } @Post() + @Security("keycloak", ["system", "head_of_admin", "admin", "accountant"]) async createProductType(@Request() req: RequestWithUser, @Body() body: ProductTypeCreate) { const productGroup = await prisma.productGroup.findFirst({ where: { id: body.productGroupId }, @@ -159,6 +161,7 @@ export class ProductType extends Controller { } @Put("{typeId}") + @Security("keycloak", ["system", "head_of_admin", "admin", "accountant"]) async editProductType( @Request() req: RequestWithUser, @Body() body: ProductTypeUpdate, @@ -207,6 +210,7 @@ export class ProductType extends Controller { } @Delete("{typeId}") + @Security("keycloak", ["system", "head_of_admin", "admin", "accountant"]) async deleteProductType(@Path() typeId: string) { const record = await prisma.productType.findFirst({ where: { id: typeId } });