src/businessUnit/business-unit.controller.ts
businessUnit
Methods |
|
| Async bulkDeleteBUUser | |||||||||
bulkDeleteBUUser(bulkDeleteBUUserDto: BulkDeleteBUUserDto, request)
|
|||||||||
Decorators :
@Delete('bulkDeleteBUUser')
|
|||||||||
|
Parameters :
Returns :
unknown
|
| defaultRoles |
defaultRoles()
|
Decorators :
@Get('defaultRole')
|
|
Returns :
any
|
| Async deleteBuisnessUnitAdmins |
deleteBuisnessUnitAdmins(id: number, userId: string, request)
|
Decorators :
@Delete(':id/users/:userId')
|
|
Returns :
unknown
|
| Async getApproversForBusinessUnit | ||||||
getApproversForBusinessUnit(id: number)
|
||||||
Decorators :
@Get(':id/approvers')
|
||||||
|
Parameters :
Returns :
Promise<string[]>
|
| getBUForUser | ||||||
getBUForUser(userId: string)
|
||||||
Decorators :
@Get(':userId')
|
||||||
|
Parameters :
Returns :
any
|
| Async getBusinessUnits | ||||
getBusinessUnits(request)
|
||||
Decorators :
@Get()
|
||||
|
Parameters :
Returns :
unknown
|
| Async isBUAdmin | ||||
isBUAdmin(request)
|
||||
Decorators :
@Get('isBUAdmin')
|
||||
|
Parameters :
Returns :
unknown
|
| roles |
roles()
|
Decorators :
@Get('roles')
|
|
Returns :
any
|
| Async setBusinessUnitUser | ||||||||||||
setBusinessUnitUser(id: number, updateBUUserDto: UpdateBUUserDto, request)
|
||||||||||||
Decorators :
@Post(':id/users/assign')
|
||||||||||||
|
Parameters :
Returns :
unknown
|
| users | ||||||
users(id: number)
|
||||||
Decorators :
@Get(':id/users')
|
||||||
|
Parameters :
Returns :
any
|
import { PolicyService } from "../iam";
import {
Body,
Controller,
Delete,
Get,
Param,
ParseIntPipe,
Post,
Request,
UnauthorizedException,
ValidationPipe,
} from "@nestjs/common";
import { ApiBearerAuth } from "@nestjs/swagger";
import {
BUSINESS_UNIT_DELETE_ACTION,
BUSINESS_UNIT_READ_ACTION,
BUSINESS_UNIT_RESOURCE_NAME,
BUSINESS_UNIT_UPDATE_ACTION,
} from "./business-unit.constants";
import { BusinessUnitService } from "./business-unit.service";
import { UpdateBUUserDto } from "./dto/update-bu-user.dto";
import { BulkDeleteBUUserDto } from "./dto/bulk-delete-bu-user.dto";
@ApiBearerAuth("access-token") // this appends authorization header for swagger UI
@Controller("businessUnit")
export class BusinessUnitController {
constructor(
private readonly businessUnitService: BusinessUnitService,
private readonly policyService: PolicyService,
) {}
@Get()
async getBusinessUnits(@Request() request) {
if (
!(await this.policyService.checkPermission(
request.user.permission,
0,
BUSINESS_UNIT_RESOURCE_NAME,
BUSINESS_UNIT_READ_ACTION,
))
) {
throw new UnauthorizedException();
}
const buList = await this.businessUnitService.findAll();
return await Promise.all(
buList.map(async (bu) => {
const users = await this.businessUnitService.getBUUsers(bu.id);
return {
...bu,
users: users,
};
}),
);
}
@Get(":id/approvers")
async getApproversForBusinessUnit(
@Param("id", new ParseIntPipe()) id: number,
): Promise<string[]> {
return this.businessUnitService.getApproversForBusinessUnit(id);
}
@Get(":id/users")
users(@Param("id", new ParseIntPipe()) id: number) {
return this.businessUnitService.getBUUsers(id);
}
@Get("roles")
roles() {
return this.businessUnitService.getBURoles();
}
@Get("defaultRole")
defaultRoles() {
return this.businessUnitService.getBUdefaultRoles();
}
@Get("isBUAdmin")
async isBUAdmin(@Request() request) {
return this.businessUnitService.isBUAdmin(request.user.id);
}
@Get(":userId")
getBUForUser(@Param("userId") userId: string) {
return this.businessUnitService.getBUForUser(userId);
}
@Post(":id/users/assign")
async setBusinessUnitUser(
@Param("id", new ParseIntPipe()) id: number,
@Body() updateBUUserDto: UpdateBUUserDto,
@Request() request,
) {
if (
!(await this.policyService.checkPermission(
request.user.permission,
0,
BUSINESS_UNIT_RESOURCE_NAME,
BUSINESS_UNIT_UPDATE_ACTION,
))
) {
throw new UnauthorizedException();
}
return this.businessUnitService.setBusinessUnitUser(
id,
updateBUUserDto.roleId,
updateBUUserDto.userId,
request.user.id,
);
}
@Delete(":id/users/:userId")
async deleteBuisnessUnitAdmins(
@Param("id", new ParseIntPipe()) id: number,
@Param("userId") userId: string,
@Request() request,
) {
if (
!(await this.policyService.checkPermission(
request.user.permission,
0,
BUSINESS_UNIT_RESOURCE_NAME,
BUSINESS_UNIT_DELETE_ACTION,
))
) {
throw new UnauthorizedException();
}
return this.businessUnitService.deleteBusinessUnitAdmins(
id,
userId,
request.user.id,
);
}
@Delete("bulkDeleteBUUser")
async bulkDeleteBUUser(
@Body(ValidationPipe) bulkDeleteBUUserDto: BulkDeleteBUUserDto,
@Request() request,
) {
if (
!(await this.policyService.checkPermission(
request.user.permission,
0,
BUSINESS_UNIT_RESOURCE_NAME,
BUSINESS_UNIT_DELETE_ACTION,
))
) {
throw new UnauthorizedException();
}
return this.businessUnitService.bulkDeleteBUUser(
bulkDeleteBUUserDto.userId,
bulkDeleteBUUserDto.ids,
request.user.id,
);
}
}