"use strict"; var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; return c > 3 && r && Object.defineProperty(target, key, r), r; }; var __metadata = (this && this.__metadata) || function (k, v) { if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v); }; var __param = (this && this.__param) || function (paramIndex, decorator) { return function (target, key) { decorator(target, key, paramIndex); } }; Object.defineProperty(exports, "__esModule", { value: true }); exports.RbacController = void 0; const common_1 = require("@nestjs/common"); const swagger_1 = require("@nestjs/swagger"); const rbac_service_1 = require("./services/rbac.service"); const dto_1 = require("./dto"); const jwt_auth_guard_1 = require("../auth/guards/jwt-auth.guard"); const permissions_guard_1 = require("./guards/permissions.guard"); const current_user_decorator_1 = require("../auth/decorators/current-user.decorator"); let RbacController = class RbacController { constructor(rbacService) { this.rbacService = rbacService; } async findAllRoles(user) { return this.rbacService.findAllRoles(user.tenant_id); } async findRoleById(id, user) { return this.rbacService.getRoleWithPermissions(id, user.tenant_id); } async createRole(dto, user) { return this.rbacService.createRole(dto, user.tenant_id); } async updateRole(id, dto, user) { return this.rbacService.updateRole(id, dto, user.tenant_id); } async deleteRole(id, user) { await this.rbacService.deleteRole(id, user.tenant_id); return { message: 'Role eliminado correctamente' }; } async findAllPermissions() { return this.rbacService.findAllPermissions(); } async findPermissionsByCategory(category) { return this.rbacService.findPermissionsByCategory(category); } async getUserRoles(userId, user) { return this.rbacService.getUserRoles(userId, user.tenant_id); } async getUserPermissions(userId, user) { return this.rbacService.getUserPermissions(userId, user.tenant_id); } async assignRoleToUser(dto, user) { return this.rbacService.assignRoleToUser(dto, user.tenant_id, user.id); } async removeRoleFromUser(userId, roleId, user) { await this.rbacService.removeRoleFromUser(userId, roleId, user.tenant_id); return { message: 'Role removido correctamente' }; } async checkPermission(permission, user) { const hasPermission = await this.rbacService.userHasPermission(user.id, user.tenant_id, permission); return { hasPermission }; } async getMyRoles(user) { return this.rbacService.getUserRoles(user.id, user.tenant_id); } async getMyPermissions(user) { return this.rbacService.getUserPermissions(user.id, user.tenant_id); } }; exports.RbacController = RbacController; __decorate([ (0, common_1.Get)('roles'), (0, permissions_guard_1.RequirePermissions)('roles:read'), (0, swagger_1.ApiOperation)({ summary: 'List all roles' }), __param(0, (0, current_user_decorator_1.CurrentUser)()), __metadata("design:type", Function), __metadata("design:paramtypes", [Object]), __metadata("design:returntype", Promise) ], RbacController.prototype, "findAllRoles", null); __decorate([ (0, common_1.Get)('roles/:id'), (0, permissions_guard_1.RequirePermissions)('roles:read'), (0, swagger_1.ApiOperation)({ summary: 'Get role by ID with permissions' }), __param(0, (0, common_1.Param)('id')), __param(1, (0, current_user_decorator_1.CurrentUser)()), __metadata("design:type", Function), __metadata("design:paramtypes", [String, Object]), __metadata("design:returntype", Promise) ], RbacController.prototype, "findRoleById", null); __decorate([ (0, common_1.Post)('roles'), (0, permissions_guard_1.RequirePermissions)('roles:write'), (0, swagger_1.ApiOperation)({ summary: 'Create new role' }), (0, swagger_1.ApiResponse)({ status: 201, description: 'Role created' }), __param(0, (0, common_1.Body)()), __param(1, (0, current_user_decorator_1.CurrentUser)()), __metadata("design:type", Function), __metadata("design:paramtypes", [dto_1.CreateRoleDto, Object]), __metadata("design:returntype", Promise) ], RbacController.prototype, "createRole", null); __decorate([ (0, common_1.Patch)('roles/:id'), (0, permissions_guard_1.RequirePermissions)('roles:write'), (0, swagger_1.ApiOperation)({ summary: 'Update role' }), __param(0, (0, common_1.Param)('id')), __param(1, (0, common_1.Body)()), __param(2, (0, current_user_decorator_1.CurrentUser)()), __metadata("design:type", Function), __metadata("design:paramtypes", [String, dto_1.UpdateRoleDto, Object]), __metadata("design:returntype", Promise) ], RbacController.prototype, "updateRole", null); __decorate([ (0, common_1.Delete)('roles/:id'), (0, permissions_guard_1.RequirePermissions)('roles:delete'), (0, swagger_1.ApiOperation)({ summary: 'Delete role' }), __param(0, (0, common_1.Param)('id')), __param(1, (0, current_user_decorator_1.CurrentUser)()), __metadata("design:type", Function), __metadata("design:paramtypes", [String, Object]), __metadata("design:returntype", Promise) ], RbacController.prototype, "deleteRole", null); __decorate([ (0, common_1.Get)('permissions'), (0, permissions_guard_1.RequirePermissions)('roles:read'), (0, swagger_1.ApiOperation)({ summary: 'List all permissions' }), __metadata("design:type", Function), __metadata("design:paramtypes", []), __metadata("design:returntype", Promise) ], RbacController.prototype, "findAllPermissions", null); __decorate([ (0, common_1.Get)('permissions/category/:category'), (0, permissions_guard_1.RequirePermissions)('roles:read'), (0, swagger_1.ApiOperation)({ summary: 'List permissions by category' }), __param(0, (0, common_1.Param)('category')), __metadata("design:type", Function), __metadata("design:paramtypes", [String]), __metadata("design:returntype", Promise) ], RbacController.prototype, "findPermissionsByCategory", null); __decorate([ (0, common_1.Get)('users/:userId/roles'), (0, permissions_guard_1.RequirePermissions)('users:read', 'roles:read'), (0, swagger_1.ApiOperation)({ summary: 'Get user roles' }), __param(0, (0, common_1.Param)('userId')), __param(1, (0, current_user_decorator_1.CurrentUser)()), __metadata("design:type", Function), __metadata("design:paramtypes", [String, Object]), __metadata("design:returntype", Promise) ], RbacController.prototype, "getUserRoles", null); __decorate([ (0, common_1.Get)('users/:userId/permissions'), (0, permissions_guard_1.RequirePermissions)('users:read', 'roles:read'), (0, swagger_1.ApiOperation)({ summary: 'Get user permissions' }), __param(0, (0, common_1.Param)('userId')), __param(1, (0, current_user_decorator_1.CurrentUser)()), __metadata("design:type", Function), __metadata("design:paramtypes", [String, Object]), __metadata("design:returntype", Promise) ], RbacController.prototype, "getUserPermissions", null); __decorate([ (0, common_1.Post)('users/assign-role'), (0, permissions_guard_1.RequirePermissions)('roles:assign'), (0, swagger_1.ApiOperation)({ summary: 'Assign role to user' }), __param(0, (0, common_1.Body)()), __param(1, (0, current_user_decorator_1.CurrentUser)()), __metadata("design:type", Function), __metadata("design:paramtypes", [dto_1.AssignRoleDto, Object]), __metadata("design:returntype", Promise) ], RbacController.prototype, "assignRoleToUser", null); __decorate([ (0, common_1.Delete)('users/:userId/roles/:roleId'), (0, permissions_guard_1.RequirePermissions)('roles:assign'), (0, swagger_1.ApiOperation)({ summary: 'Remove role from user' }), __param(0, (0, common_1.Param)('userId')), __param(1, (0, common_1.Param)('roleId')), __param(2, (0, current_user_decorator_1.CurrentUser)()), __metadata("design:type", Function), __metadata("design:paramtypes", [String, String, Object]), __metadata("design:returntype", Promise) ], RbacController.prototype, "removeRoleFromUser", null); __decorate([ (0, common_1.Get)('check'), (0, swagger_1.ApiOperation)({ summary: 'Check if current user has permission' }), __param(0, (0, common_1.Query)('permission')), __param(1, (0, current_user_decorator_1.CurrentUser)()), __metadata("design:type", Function), __metadata("design:paramtypes", [String, Object]), __metadata("design:returntype", Promise) ], RbacController.prototype, "checkPermission", null); __decorate([ (0, common_1.Get)('me/roles'), (0, swagger_1.ApiOperation)({ summary: 'Get current user roles' }), __param(0, (0, current_user_decorator_1.CurrentUser)()), __metadata("design:type", Function), __metadata("design:paramtypes", [Object]), __metadata("design:returntype", Promise) ], RbacController.prototype, "getMyRoles", null); __decorate([ (0, common_1.Get)('me/permissions'), (0, swagger_1.ApiOperation)({ summary: 'Get current user permissions' }), __param(0, (0, current_user_decorator_1.CurrentUser)()), __metadata("design:type", Function), __metadata("design:paramtypes", [Object]), __metadata("design:returntype", Promise) ], RbacController.prototype, "getMyPermissions", null); exports.RbacController = RbacController = __decorate([ (0, swagger_1.ApiTags)('rbac'), (0, common_1.Controller)('rbac'), (0, common_1.UseGuards)(jwt_auth_guard_1.JwtAuthGuard, permissions_guard_1.PermissionsGuard), (0, swagger_1.ApiBearerAuth)(), __metadata("design:paramtypes", [rbac_service_1.RbacService]) ], RbacController); //# sourceMappingURL=rbac.controller.js.map