feat: verify online and management role

2023-12-04 15:11:51 +07:00 · 2023-12-04 15:11:51 +07:00 · a7f012bda2
commit a7f012bda2
parent d6bf3ed879
10 changed files with 117 additions and 62 deletions
--- a/Services/server/src/controllers/cabinetController.ts
+++ b/Services/server/src/controllers/cabinetController.ts
@ -64,7 +64,7 @@ export class CabinetController extends Controller {

  @Post("/")
  @Tags("ตู้เอกสาร")
-  @Security("bearerAuth", ["admin"])
+  @Security("bearerAuth", ["admin", "management-role"])
  @Response(HttpStatusCode.INTERNAL_SERVER_ERROR, "เกิดข้อผิดพลาดกับระบบจัดการไฟล์")
  @SuccessResponse(HttpStatusCode.CREATED, "สำเร็จ")
  public async createCabinet(
@ -94,7 +94,7 @@ export class CabinetController extends Controller {
   */
  @Put("/{cabinetName}")
  @Tags("ตู้เอกสาร")
-  @Security("bearerAuth", ["admin"])
+  @Security("bearerAuth", ["admin", "management-role"])
  @Response(HttpStatusCode.INTERNAL_SERVER_ERROR, "เกิดข้อผิดพลาดไม่สามารถย้ายไฟล์ได้")
  @SuccessResponse(HttpStatusCode.NO_CONTENT, "สำเร็จ")
  public async editCabinet(
@ -163,7 +163,7 @@ export class CabinetController extends Controller {
   */
  @Delete("/{cabinetName}")
  @Tags("ตู้เอกสาร")
-  @Security("bearerAuth", ["admin"])
+  @Security("bearerAuth", ["admin", "management-role"])
  @Response(HttpStatusCode.INTERNAL_SERVER_ERROR, "เกิดข้อผิดพลาด ไม่สามารถลบไฟล์ได้")
  @SuccessResponse(HttpStatusCode.NO_CONTENT, "สำเร็จ")
  public async deleteCabinet(@Path() cabinetName: string) {
--- a/Services/server/src/controllers/drawerController.ts
+++ b/Services/server/src/controllers/drawerController.ts
@ -71,7 +71,7 @@ export class DrawerController extends Controller {
   */
  @Post("/")
  @Tags("ลิ้นชัก")
-  @Security("bearerAuth", ["admin"])
+  @Security("bearerAuth", ["admin", "management-role"])
  @Response(HttpStatusCode.NOT_FOUND, "ไม่พบลิ้นชัก")
  @Response(HttpStatusCode.INTERNAL_SERVER_ERROR, "เกิดข้อผิดพลาดกับระบบจัดการไฟล์")
  @SuccessResponse(HttpStatusCode.CREATED, "สำเร็จ")
@ -110,7 +110,7 @@ export class DrawerController extends Controller {
   */
  @Put("/{drawerName}")
  @Tags("ลิ้นชัก")
-  @Security("bearerAuth", ["admin"])
+  @Security("bearerAuth", ["admin", "management-role"])
  @Response(HttpStatusCode.INTERNAL_SERVER_ERROR, "เกิดข้อผิดพลาดไม่สามารถย้ายไฟล์ได้")
  @SuccessResponse(HttpStatusCode.NO_CONTENT, "สำเร็จ")
  public async editDrawer(
@ -181,7 +181,7 @@ export class DrawerController extends Controller {
   */
  @Delete("/{drawerName}")
  @Tags("ลิ้นชัก")
-  @Security("bearerAuth", ["admin"])
+  @Security("bearerAuth", ["admin", "management-role"])
  @SuccessResponse(HttpStatusCode.NO_CONTENT, "สำเร็จ")
  public async deleteDrawer(@Path() cabinetName: string, @Path() drawerName: string) {
    await new Promise<void>((resolve, reject) => {
--- a/Services/server/src/controllers/fileController.ts
+++ b/Services/server/src/controllers/fileController.ts
@ -93,7 +93,7 @@ export class FileController extends Controller {
   */
  @Post("/")
  @Tags("ไฟล์")
-  @Security("bearerAuth", ["admin"])
+  @Security("bearerAuth", ["admin", "management-role"])
  @Response(
    HttpStatusCode.NOT_FOUND,
    "ตำแหน่งที่ระบุไม่พบ กรุณาเตรียมตำแหน่งที่ต้องการก่อนดำเนินการ",
@ -180,7 +180,7 @@ export class FileController extends Controller {
    const metadata: Partial<StorageFile> = {
      pathname,
      path: basePath,
-      fileName: replaceIllegalChars( body.file ),
+      fileName: replaceIllegalChars(body.file),
      fileSize: 0,
      fileType: "",
      title: body.title ?? "",
@ -218,7 +218,7 @@ export class FileController extends Controller {
   */
  @Patch("/{fileName}")
  @Tags("ไฟล์")
-  @Security("bearerAuth", ["admin"])
+  @Security("bearerAuth", ["admin", "management-role"])
  @Response(HttpStatusCode.NOT_FOUND, "ไม่พบตำแหน่งที่ต้องการสร้างแฟ้ม")
  @Response(HttpStatusCode.NO_CONTENT, "สำเร็จ")
  @SuccessResponse(HttpStatusCode.OK, "สำเร็จ")
@ -345,7 +345,7 @@ export class FileController extends Controller {
   */
  @Delete("/{fileName}")
  @Tags("ไฟล์")
-  @Security("bearerAuth", ["admin"])
+  @Security("bearerAuth", ["admin", "management-role"])
  @SuccessResponse(HttpStatusCode.OK, "สำเร็จ")
  public async deleteFile(
    @Path() cabinetName: string,
--- a/Services/server/src/controllers/folderController.ts
+++ b/Services/server/src/controllers/folderController.ts
@ -75,7 +75,7 @@ export class FolderController extends Controller {
   */
  @Post("/")
  @Tags("แฟ้ม")
-  @Security("bearerAuth", ["admin"])
+  @Security("bearerAuth", ["admin", "management-role"])
  @Response(HttpStatusCode.NOT_FOUND, "ไม่พบตำแหน่งที่ต้องการสร้างแฟ้ม")
  @Response(HttpStatusCode.INTERNAL_SERVER_ERROR, "เกิดข้อผิดพลาดกับระบบจัดการไฟล์")
  @SuccessResponse(HttpStatusCode.CREATED, "สำเร็จ")
@ -116,7 +116,7 @@ export class FolderController extends Controller {
   */
  @Put("/{folderName}")
  @Tags("แฟ้ม")
-  @Security("bearerAuth", ["admin"])
+  @Security("bearerAuth", ["admin", "management-role"])
  @Response(HttpStatusCode.INTERNAL_SERVER_ERROR, "เกิดข้อผิดพลาดไม่สามารถย้ายไฟล์ได้")
  @SuccessResponse(HttpStatusCode.NO_CONTENT, "สำเร็จ")
  public async editFolder(
@ -189,7 +189,7 @@ export class FolderController extends Controller {
   */
  @Delete("/{folderName}")
  @Tags("แฟ้ม")
-  @Security("bearerAuth", ["admin"])
+  @Security("bearerAuth", ["admin", "management-role"])
  @SuccessResponse(HttpStatusCode.NO_CONTENT, "สำเร็จ")
  public async deleteFolder(
    @Path() cabinetName: string,
--- a/Services/server/src/controllers/subFolderController.ts
+++ b/Services/server/src/controllers/subFolderController.ts
@ -79,7 +79,7 @@ export class SubFolderController extends Controller {
   */
  @Post("/")
  @Tags("แฟ้มย่อย")
-  @Security("bearerAuth", ["admin"])
+  @Security("bearerAuth", ["admin", "management-role"])
  @Response(HttpStatusCode.NOT_FOUND, "ไม่พบของแฟ้ม")
  @Response(HttpStatusCode.INTERNAL_SERVER_ERROR, "เกิดข้อผิดพลาดกับระบบจัดการไฟล์")
  @SuccessResponse(HttpStatusCode.CREATED, "สำเร็จ")
@ -116,7 +116,7 @@ export class SubFolderController extends Controller {
   */
  @Put("/{subFolderName}")
  @Tags("แฟ้มย่อย")
-  @Security("bearerAuth", ["admin"])
+  @Security("bearerAuth", ["admin", "management-role"])
  @Response(HttpStatusCode.INTERNAL_SERVER_ERROR, "เกิดข้อผิดพลาดไม่สามารถย้ายไฟล์ได้")
  @SuccessResponse(HttpStatusCode.NO_CONTENT, "สำเร็จ")
  public async editFolder(
@ -193,7 +193,7 @@ export class SubFolderController extends Controller {
   */
  @Delete("/{subFolderName}")
  @Tags("แฟ้มย่อย")
-  @Security("bearerAuth", ["admin"])
+  @Security("bearerAuth", ["admin", "management-role"])
  @SuccessResponse(HttpStatusCode.NO_CONTENT, "สำเร็จ")
  public async deleteFolder(
    @Path() cabinetName: string,
--- a/Services/server/src/controllers/subFolderFileController.ts
+++ b/Services/server/src/controllers/subFolderFileController.ts
@ -98,7 +98,7 @@ export class SubFolderFileController extends Controller {
   */
  @Post("/")
  @Tags("ไฟล์")
-  @Security("bearerAuth", ["admin"])
+  @Security("bearerAuth", ["admin", "management-role"])
  @Response(
    HttpStatusCode.NOT_FOUND,
    "ตำแหน่งที่ระบุไม่พบ กรุณาเตรียมตำแหน่งที่ต้องการก่อนดำเนินการ",
@ -225,7 +225,7 @@ export class SubFolderFileController extends Controller {
   */
  @Patch("/{fileName}")
  @Tags("ไฟล์")
-  @Security("bearerAuth", ["admin"])
+  @Security("bearerAuth", ["admin", "management-role"])
  @Response(HttpStatusCode.NOT_FOUND, "ไม่พบตำแหน่งที่ต้องการสร้างแฟ้ม")
  @SuccessResponse(HttpStatusCode.OK, "สำเร็จ")
  public async updateFile(
@ -352,7 +352,7 @@ export class SubFolderFileController extends Controller {
   */
  @Delete("/{fileName}")
  @Tags("ไฟล์")
-  @Security("bearerAuth", ["admin"])
+  @Security("bearerAuth", ["admin", "management-role"])
  @SuccessResponse(HttpStatusCode.OK, "สำเร็จ")
  public async deleteFile(
    @Path() cabinetName: string,