rckrdmrd/template-saas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6bc6706726
template-saas/apps/backend/dist/modules/rbac/rbac.controller.js
rckrdmrd 26f0e52ca7 feat: Initial commit - template-saas 
Template base para proyectos SaaS multi-tenant.

Estructura inicial:
- apps/backend (NestJS API)
- apps/frontend (React/Vite)
- apps/database (PostgreSQL DDL)
- docs/ (Documentación)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-07 04:41:24 -06:00

215 lines
10 KiB
JavaScript
Raw Blame History

"use strict";
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
return c > 3 && r && Object.defineProperty(target, key, r), r;
};
var __metadata = (this && this.__metadata) || function (k, v) {
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
};
var __param = (this && this.__param) || function (paramIndex, decorator) {
return function (target, key) { decorator(target, key, paramIndex); }
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.RbacController = void 0;
const common_1 = require("@nestjs/common");
const swagger_1 = require("@nestjs/swagger");
const rbac_service_1 = require("./services/rbac.service");
const dto_1 = require("./dto");
const jwt_auth_guard_1 = require("../auth/guards/jwt-auth.guard");
const permissions_guard_1 = require("./guards/permissions.guard");
const current_user_decorator_1 = require("../auth/decorators/current-user.decorator");
let RbacController = class RbacController {
constructor(rbacService) {
this.rbacService = rbacService;
}
async findAllRoles(user) {
return this.rbacService.findAllRoles(user.tenant_id);
}
async findRoleById(id, user) {
return this.rbacService.getRoleWithPermissions(id, user.tenant_id);
}
async createRole(dto, user) {
return this.rbacService.createRole(dto, user.tenant_id);
}
async updateRole(id, dto, user) {
return this.rbacService.updateRole(id, dto, user.tenant_id);
}
async deleteRole(id, user) {
await this.rbacService.deleteRole(id, user.tenant_id);
return { message: 'Role eliminado correctamente' };
}
async findAllPermissions() {
return this.rbacService.findAllPermissions();
}
async findPermissionsByCategory(category) {
return this.rbacService.findPermissionsByCategory(category);
}
async getUserRoles(userId, user) {
return this.rbacService.getUserRoles(userId, user.tenant_id);
}
async getUserPermissions(userId, user) {
return this.rbacService.getUserPermissions(userId, user.tenant_id);
}
async assignRoleToUser(dto, user) {
return this.rbacService.assignRoleToUser(dto, user.tenant_id, user.id);
}
async removeRoleFromUser(userId, roleId, user) {
await this.rbacService.removeRoleFromUser(userId, roleId, user.tenant_id);
return { message: 'Role removido correctamente' };
}
async checkPermission(permission, user) {
const hasPermission = await this.rbacService.userHasPermission(user.id, user.tenant_id, permission);
return { hasPermission };
}
async getMyRoles(user) {
return this.rbacService.getUserRoles(user.id, user.tenant_id);
}
async getMyPermissions(user) {
return this.rbacService.getUserPermissions(user.id, user.tenant_id);
}
};
exports.RbacController = RbacController;
__decorate([
(0, common_1.Get)('roles'),
(0, permissions_guard_1.RequirePermissions)('roles:read'),
(0, swagger_1.ApiOperation)({ summary: 'List all roles' }),
__param(0, (0, current_user_decorator_1.CurrentUser)()),
__metadata("design:type", Function),
__metadata("design:paramtypes", [Object]),
__metadata("design:returntype", Promise)
], RbacController.prototype, "findAllRoles", null);
__decorate([
(0, common_1.Get)('roles/:id'),
(0, permissions_guard_1.RequirePermissions)('roles:read'),
(0, swagger_1.ApiOperation)({ summary: 'Get role by ID with permissions' }),
__param(0, (0, common_1.Param)('id')),
__param(1, (0, current_user_decorator_1.CurrentUser)()),
__metadata("design:type", Function),
__metadata("design:paramtypes", [String, Object]),
__metadata("design:returntype", Promise)
], RbacController.prototype, "findRoleById", null);
__decorate([
(0, common_1.Post)('roles'),
(0, permissions_guard_1.RequirePermissions)('roles:write'),
(0, swagger_1.ApiOperation)({ summary: 'Create new role' }),
(0, swagger_1.ApiResponse)({ status: 201, description: 'Role created' }),
__param(0, (0, common_1.Body)()),
__param(1, (0, current_user_decorator_1.CurrentUser)()),
__metadata("design:type", Function),
__metadata("design:paramtypes", [dto_1.CreateRoleDto, Object]),
__metadata("design:returntype", Promise)
], RbacController.prototype, "createRole", null);
__decorate([
(0, common_1.Patch)('roles/:id'),
(0, permissions_guard_1.RequirePermissions)('roles:write'),
(0, swagger_1.ApiOperation)({ summary: 'Update role' }),
__param(0, (0, common_1.Param)('id')),
__param(1, (0, common_1.Body)()),
__param(2, (0, current_user_decorator_1.CurrentUser)()),
__metadata("design:type", Function),
__metadata("design:paramtypes", [String, dto_1.UpdateRoleDto, Object]),
__metadata("design:returntype", Promise)
], RbacController.prototype, "updateRole", null);
__decorate([
(0, common_1.Delete)('roles/:id'),
(0, permissions_guard_1.RequirePermissions)('roles:delete'),
(0, swagger_1.ApiOperation)({ summary: 'Delete role' }),
__param(0, (0, common_1.Param)('id')),
__param(1, (0, current_user_decorator_1.CurrentUser)()),
__metadata("design:type", Function),
__metadata("design:paramtypes", [String, Object]),
__metadata("design:returntype", Promise)
], RbacController.prototype, "deleteRole", null);
__decorate([
(0, common_1.Get)('permissions'),
(0, permissions_guard_1.RequirePermissions)('roles:read'),
(0, swagger_1.ApiOperation)({ summary: 'List all permissions' }),
__metadata("design:type", Function),
__metadata("design:paramtypes", []),
__metadata("design:returntype", Promise)
], RbacController.prototype, "findAllPermissions", null);
__decorate([
(0, common_1.Get)('permissions/category/:category'),
(0, permissions_guard_1.RequirePermissions)('roles:read'),
(0, swagger_1.ApiOperation)({ summary: 'List permissions by category' }),
__param(0, (0, common_1.Param)('category')),
__metadata("design:type", Function),
__metadata("design:paramtypes", [String]),
__metadata("design:returntype", Promise)
], RbacController.prototype, "findPermissionsByCategory", null);
__decorate([
(0, common_1.Get)('users/:userId/roles'),
(0, permissions_guard_1.RequirePermissions)('users:read', 'roles:read'),
(0, swagger_1.ApiOperation)({ summary: 'Get user roles' }),
__param(0, (0, common_1.Param)('userId')),
__param(1, (0, current_user_decorator_1.CurrentUser)()),
__metadata("design:type", Function),
__metadata("design:paramtypes", [String, Object]),
__metadata("design:returntype", Promise)
], RbacController.prototype, "getUserRoles", null);
__decorate([
(0, common_1.Get)('users/:userId/permissions'),
(0, permissions_guard_1.RequirePermissions)('users:read', 'roles:read'),
(0, swagger_1.ApiOperation)({ summary: 'Get user permissions' }),
__param(0, (0, common_1.Param)('userId')),
__param(1, (0, current_user_decorator_1.CurrentUser)()),
__metadata("design:type", Function),
__metadata("design:paramtypes", [String, Object]),
__metadata("design:returntype", Promise)
], RbacController.prototype, "getUserPermissions", null);
__decorate([
(0, common_1.Post)('users/assign-role'),
(0, permissions_guard_1.RequirePermissions)('roles:assign'),
(0, swagger_1.ApiOperation)({ summary: 'Assign role to user' }),
__param(0, (0, common_1.Body)()),
__param(1, (0, current_user_decorator_1.CurrentUser)()),
__metadata("design:type", Function),
__metadata("design:paramtypes", [dto_1.AssignRoleDto, Object]),
__metadata("design:returntype", Promise)
], RbacController.prototype, "assignRoleToUser", null);
__decorate([
(0, common_1.Delete)('users/:userId/roles/:roleId'),
(0, permissions_guard_1.RequirePermissions)('roles:assign'),
(0, swagger_1.ApiOperation)({ summary: 'Remove role from user' }),
__param(0, (0, common_1.Param)('userId')),
__param(1, (0, common_1.Param)('roleId')),
__param(2, (0, current_user_decorator_1.CurrentUser)()),
__metadata("design:type", Function),
__metadata("design:paramtypes", [String, String, Object]),
__metadata("design:returntype", Promise)
], RbacController.prototype, "removeRoleFromUser", null);
__decorate([
(0, common_1.Get)('check'),
(0, swagger_1.ApiOperation)({ summary: 'Check if current user has permission' }),
__param(0, (0, common_1.Query)('permission')),
__param(1, (0, current_user_decorator_1.CurrentUser)()),
__metadata("design:type", Function),
__metadata("design:paramtypes", [String, Object]),
__metadata("design:returntype", Promise)
], RbacController.prototype, "checkPermission", null);
__decorate([
(0, common_1.Get)('me/roles'),
(0, swagger_1.ApiOperation)({ summary: 'Get current user roles' }),
__param(0, (0, current_user_decorator_1.CurrentUser)()),
__metadata("design:type", Function),
__metadata("design:paramtypes", [Object]),
__metadata("design:returntype", Promise)
], RbacController.prototype, "getMyRoles", null);
__decorate([
(0, common_1.Get)('me/permissions'),
(0, swagger_1.ApiOperation)({ summary: 'Get current user permissions' }),
__param(0, (0, current_user_decorator_1.CurrentUser)()),
__metadata("design:type", Function),
__metadata("design:paramtypes", [Object]),
__metadata("design:returntype", Promise)
], RbacController.prototype, "getMyPermissions", null);
exports.RbacController = RbacController = __decorate([
(0, swagger_1.ApiTags)('rbac'),
(0, common_1.Controller)('rbac'),
(0, common_1.UseGuards)(jwt_auth_guard_1.JwtAuthGuard, permissions_guard_1.PermissionsGuard),
(0, swagger_1.ApiBearerAuth)(),
__metadata("design:paramtypes", [rbac_service_1.RbacService])
], RbacController);
//# sourceMappingURL=rbac.controller.js.map
Reference in New Issue View Git Blame Copy Permalink