From 275796e6d5f5b4354fbddc01a0a0f646953f201a Mon Sep 17 00:00:00 2001 From: Guilherme Peixoto Date: Sun, 12 Jan 2025 02:35:28 -0300 Subject: [PATCH] added user microservice permissions --- src/Utils/initDatabase.js | 130 +++++++++++++++++++- src/routes.js | 252 +++++++++++++++++++++++++++++++------- 2 files changed, 333 insertions(+), 49 deletions(-) diff --git a/src/Utils/initDatabase.js b/src/Utils/initDatabase.js index 7813987..2bf7100 100644 --- a/src/Utils/initDatabase.js +++ b/src/Utils/initDatabase.js @@ -27,9 +27,135 @@ const initializeRoles = async () => { { name: "read", description: "Permission to read resources" }, { name: "update", description: "Permission to update resources" }, { name: "delete", description: "Permission to delete resources" }, + + { name: "usuarios_criar", description: "Permission to create users" }, + { name: "usuarios_editar", description: "Permission to update users" }, + { name: "usuarios_deletar", description: "Permission to delete users" }, + { + name: "usuarios_visualizar", + description: "Permission to read users", + }, + + { name: "perfis_criar", description: "Permission to create profiles" }, + { name: "perfis_editar", description: "Permission to update profiles" }, + { + name: "perfis_deletar", + description: "Permission to delete profiles", + }, + { + name: "perfis_visualizar", + description: "Permission to read profiles", + }, + + { + name: "orgaos_criar", + description: "Permission to create organizations", + }, + { + name: "orgaos_editar", + description: "Permission to update organizations", + }, + { + name: "orgaos_deletar", + description: "Permission to delete organizations", + }, + { + name: "orgaos_visualizar", + description: "Permission to read organizations", + }, + + { + name: "fornecedores_criar", + description: "Permission to create suppliers", + }, + { + name: "fornecedores_editar", + description: "Permission to update suppliers", + }, + { + name: "fornecedores_deletar", + description: "Permission to delete suppliers", + }, + { + name: "fornecedores_visualizar", + description: "Permission to read suppliers", + }, + + { + name: "contas_bancarias_criar", + description: "Permission to create bank accounts", + }, + { + name: "contas_bancarias_editar", + description: "Permission to update bank accounts", + }, + { + name: "contas_bancarias_deletar", + description: "Permission to delete bank accounts", + }, + { + name: "contas_bancarias_visualizar", + description: "Permission to read bank accounts", + }, + + { + name: "movimentacao_financeira_criar", + description: "Permission to create financial transactions", + }, + { + name: "movimentacao_financeira_editar", + description: "Permission to update financial transactions", + }, + { + name: "movimentacao_financeira_deletar", + description: "Permission to delete financial transactions", + }, + { + name: "movimentacao_financeira_visualizar", + description: "Permission to read financial transactions", + }, + + { + name: "permissoes_criar", + description: "Permission to create permissions", + }, + { + name: "permissoes_editar", + description: "Permission to update permissions", + }, + { + name: "permissoes_deletar", + description: "Permission to delete permissions", + }, + { + name: "permissoes_visualizar", + description: "Permission to read permissions", + }, + + { + name: "beneficios_criar", + description: "Permission to create benefits", + }, + { + name: "beneficios_editar", + description: "Permission to update benefits", + }, + { + name: "beneficios_deletar", + description: "Permission to delete benefits", + }, + { + name: "beneficios_visualizar", + description: "Permission to read benefits", + }, + + { name: "perfis_criar", description: "Permission to create roles" }, + { name: "perfis_editar", description: "Permission to update roles" }, + { name: "perfis_deletar", description: "Permission to delete roles" }, + { name: "perfis_visualizar", description: "Permission to read roles" }, { - name: "call in the grau", - description: "Special permission for privileged actions", + name: "permissoes_visualizar", + description: "Permission to search permissions", }, ]; diff --git a/src/routes.js b/src/routes.js index a0720d4..18cf4cc 100644 --- a/src/routes.js +++ b/src/routes.js @@ -12,88 +12,246 @@ const permissionController = require("./Controllers/permissionsController"); const checkPermissions = require("./Middlewares/accessControlMiddleware"); //// Private Routes -// --user -routes.get("/users", tokenValidation, UserController.getUsers); -routes.get("/users/:id", tokenValidation, UserController.getUserById); -routes.get("/user", tokenValidation, UserController.getLoggedUser); -routes.patch("/users/patch/:id", tokenValidation, UserController.patchUser); -routes.delete("/users/delete/:id", tokenValidation, UserController.deleteUser); -routes.put("/user", tokenValidation, UserController.update); - -// --roles -routes.get("/teste-permission", checkPermissions("read"), async (req, res) => { - return res.status(200).send("has permission"); -}); - -routes.post("/role/create", RoleController.createRole); -routes.get("/role", RoleController.getAllRoles); -routes.get("/role/:id", RoleController.getRoleById); -routes.patch("/role/patch/:id", RoleController.updateRoleById); -routes.delete("/role/delete/:id", RoleController.deleteRoleById); +// Users Routes +routes.get( + "/users", + checkPermissions("usuarios_visualizar"), + UserController.getUsers +); +routes.get( + "/users/:id", + checkPermissions("usuarios_visualizar"), + UserController.getUserById +); +routes.get( + "/user", + checkPermissions("usuarios_visualizar"), + UserController.getLoggedUser +); +routes.patch( + "/users/patch/:id", + checkPermissions("usuarios_editar"), + UserController.patchUser +); +routes.delete( + "/users/delete/:id", + checkPermissions("usuarios_deletar"), + UserController.deleteUser +); +routes.put("/user", checkPermissions("usuarios_editar"), UserController.update); + +// Roles Routes +routes.post( + "/role/create", + checkPermissions("perfis_criar"), + RoleController.createRole +); +routes.get( + "/role", + checkPermissions("perfis_visualizar"), + RoleController.getAllRoles +); +routes.get( + "/role/:id", + checkPermissions("perfis_visualizar"), + RoleController.getRoleById +); +routes.patch( + "/role/patch/:id", + checkPermissions("perfis_editar"), + RoleController.updateRoleById +); +routes.delete( + "/role/delete/:id", + checkPermissions("perfis_deletar"), + RoleController.deleteRoleById +); routes.put( "/roles/:roleId/permissions", + checkPermissions("permissoes_editar"), RoleController.assignPermissionsToRole ); // Permissions Routes routes.post( "/permission/create", - [tokenValidation], + checkPermissions("permissoes_criar"), permissionController.createPermission ); routes.get( "/permission", - [tokenValidation], + checkPermissions("permissoes_visualizar"), permissionController.getAllPermissions ); routes.get( "/permission/:id", - [tokenValidation], + checkPermissions("permissoes_visualizar"), permissionController.getPermissionById ); routes.patch( "/permission/patch/:id", - [tokenValidation], + checkPermissions("permissoes_editar"), permissionController.updatePermissionById ); routes.delete( "/permission/delete/:id", - [tokenValidation], + checkPermissions("permissoes_deletar"), permissionController.deletePermissionById ); -routes.get("/permissions/search", permissionController.searchPermissionByName); +routes.get( + "/permissions/search", + checkPermissions("permissoes_visualizar"), + permissionController.searchPermissionByName +); + +// Organ Routes +routes.post( + "/organ/create", + checkPermissions("orgaos_criar"), + OrganController.createOrgan +); +routes.get( + "/organ/list", + checkPermissions("orgaos_visualizar"), + OrganController.listOrgans +); +routes.patch( + "/organ/update/:id", + checkPermissions("orgaos_editar"), + OrganController.updateOrgan +); +routes.get( + "/organ/get/:id", + checkPermissions("orgaos_visualizar"), + OrganController.getOrganById +); +routes.delete( + "/organ/delete/:id", + checkPermissions("orgaos_deletar"), + OrganController.deleteOrganById +); -// --organ -routes.post("/organ/create", OrganController.createOrgan); -routes.get("/organ/list", OrganController.listOrgans); -routes.patch("/organ/update/:id", OrganController.updateOrgan); -routes.get("/organ/get/:id", OrganController.getOrganById); -routes.delete("/organ/delete/:id", OrganController.deleteOrganById); +// Membership Routes +routes.post( + "/membership/create", + checkPermissions("beneficios_criar"), + MembershipForm.createMembershipForm +); +routes.get( + "/membership", + checkPermissions("beneficios_visualizar"), + MembershipForm.getMembershipForm +); +routes.get( + "/logged-membership", + checkPermissions("beneficios_visualizar"), + MembershipForm.getLoggedMembershipForm +); +routes.delete( + "/membership/delete/:id", + checkPermissions("beneficios_deletar"), + MembershipForm.deleteMembershipForm +); +routes.patch( + "/membership/updateStatus/:id", + checkPermissions("beneficios_editar"), + MembershipForm.updateStatusMembership +); +routes.patch( + "/membership/update/:id", + checkPermissions("beneficios_editar"), + MembershipForm.updateMembership +); +routes.get( + "/membership/:id", + checkPermissions("beneficios_visualizar"), + MembershipForm.getMembershipById +); -//// Public Routes (No token required) -// --user and memberShip routes.post("/signup", UserController.signUp); routes.post("/login", UserController.login); routes.post("/users/recover-password", UserController.recoverPassword); routes.post("/verify-token", TokenController.getToken); routes.patch("/users/change-password/:id", UserController.changePassword); -routes.patch( - "/users/renew-password", - tokenValidation, - UserController.changePasswordInProfile -); +routes.patch("/users/renew-password", UserController.changePasswordInProfile); + +// --user +// routes.get("/users", UserController.getUsers); +// routes.get("/users/:id", UserController.getUserById); +// routes.get("/user", UserController.getLoggedUser); +// routes.patch("/users/patch/:id", UserController.patchUser); +// routes.delete("/users/delete/:id", UserController.deleteUser); +// routes.put("/user", UserController.update); + +// // --roles +// routes.get("/teste-permission", checkPermissions("read"), async (req, res) => { +// return res.status(200).send("has permission"); +// }); +// routes.post("/role/create", RoleController.createRole); +// routes.get("/role", RoleController.getAllRoles); +// routes.get("/role/:id", RoleController.getRoleById); +// routes.patch("/role/patch/:id", RoleController.updateRoleById); +// routes.delete("/role/delete/:id", RoleController.deleteRoleById); +// routes.put( +// "/roles/:roleId/permissions", +// RoleController.assignPermissionsToRole +// ); + +// // Permissions Routes +// routes.post( +// "/permission/create", +// permissionController.createPermission +// ); +// routes.get( +// "/permission", +// permissionController.getAllPermissions +// ); +// routes.get( +// "/permission/:id", +// permissionController.getPermissionById +// ); +// routes.patch( +// "/permission/patch/:id", +// permissionController.updatePermissionById +// ); +// routes.delete( +// "/permission/delete/:id", +// permissionController.deletePermissionById +// ); +// routes.get("/permissions/search", permissionController.searchPermissionByName); + +// // --organ +// routes.post("/organ/create", OrganController.createOrgan); +// routes.get("/organ/list", OrganController.listOrgans); +// routes.patch("/organ/update/:id", OrganController.updateOrgan); +// routes.get("/organ/get/:id", OrganController.getOrganById); +// routes.delete("/organ/delete/:id", OrganController.deleteOrganById); + +// //// Public Routes (No token required) +// // --user and memberShip +// routes.post("/signup", UserController.signUp); +// routes.post("/login", UserController.login); +// routes.post("/users/recover-password", UserController.recoverPassword); +// routes.post("/verify-token", TokenController.getToken); +// routes.patch("/users/change-password/:id", UserController.changePassword); +// routes.patch( +// "/users/renew-password", // -routes.post("/membership/create", MembershipForm.createMembershipForm); -routes.get("/membership", MembershipForm.getMembershipForm); -routes.get("/logged-membership", MembershipForm.getLoggedMembershipForm); +// UserController.changePasswordInProfile +// ); -routes.delete("/membership/delete/:id", MembershipForm.deleteMembershipForm); -routes.patch( - "/membership/updateStatus/:id", - MembershipForm.updateStatusMembership -); -routes.patch("/membership/update/:id", MembershipForm.updateMembership); -routes.get("/membership/:id", MembershipForm.getMembershipById); +// // +// routes.post("/membership/create", MembershipForm.createMembershipForm); +// routes.get("/membership", MembershipForm.getMembershipForm); +// routes.get("/logged-membership", MembershipForm.getLoggedMembershipForm); + +// routes.delete("/membership/delete/:id", MembershipForm.deleteMembershipForm); +// routes.patch( +// "/membership/updateStatus/:id", +// MembershipForm.updateStatusMembership +// ); +// routes.patch("/membership/update/:id", MembershipForm.updateMembership); +// routes.get("/membership/:id", MembershipForm.getMembershipById); module.exports = routes;