Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

added user microservice permissions #16

Merged
merged 2 commits into from
Jan 12, 2025
Merged

added user microservice permissions #16

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
275796e
added user microservice permissions
guipeeix7 Jan 12, 2025
73d2613
Merge branch 'master' into fix_permissions_system
guipeeix7 Jan 12, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
130 changes: 128 additions & 2 deletions src/Utils/initDatabase.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,9 +27,135 @@ const initializeRoles = async () => {
{ name: "read", description: "Permission to read resources" },
{ name: "update", description: "Permission to update resources" },
{ name: "delete", description: "Permission to delete resources" },

{ name: "usuarios_criar", description: "Permission to create users" },
{ name: "usuarios_editar", description: "Permission to update users" },
{ name: "usuarios_deletar", description: "Permission to delete users" },
{
name: "usuarios_visualizar",
description: "Permission to read users",
},

{ name: "perfis_criar", description: "Permission to create profiles" },
{ name: "perfis_editar", description: "Permission to update profiles" },
{
name: "perfis_deletar",
description: "Permission to delete profiles",
},
{
name: "perfis_visualizar",
description: "Permission to read profiles",
},

{
name: "orgaos_criar",
description: "Permission to create organizations",
},
{
name: "orgaos_editar",
description: "Permission to update organizations",
},
{
name: "orgaos_deletar",
description: "Permission to delete organizations",
},
{
name: "orgaos_visualizar",
description: "Permission to read organizations",
},

{
name: "fornecedores_criar",
description: "Permission to create suppliers",
},
{
name: "fornecedores_editar",
description: "Permission to update suppliers",
},
{
name: "fornecedores_deletar",
description: "Permission to delete suppliers",
},
{
name: "fornecedores_visualizar",
description: "Permission to read suppliers",
},

{
name: "contas_bancarias_criar",
description: "Permission to create bank accounts",
},
{
name: "contas_bancarias_editar",
description: "Permission to update bank accounts",
},
{
name: "contas_bancarias_deletar",
description: "Permission to delete bank accounts",
},
{
name: "contas_bancarias_visualizar",
description: "Permission to read bank accounts",
},

{
name: "movimentacao_financeira_criar",
description: "Permission to create financial transactions",
},
{
name: "movimentacao_financeira_editar",
description: "Permission to update financial transactions",
},
{
name: "movimentacao_financeira_deletar",
description: "Permission to delete financial transactions",
},
{
name: "movimentacao_financeira_visualizar",
description: "Permission to read financial transactions",
},

{
name: "permissoes_criar",
description: "Permission to create permissions",
},
{
name: "permissoes_editar",
description: "Permission to update permissions",
},
{
name: "permissoes_deletar",
description: "Permission to delete permissions",
},
{
name: "permissoes_visualizar",
description: "Permission to read permissions",
},

{
name: "beneficios_criar",
description: "Permission to create benefits",
},
{
name: "beneficios_editar",
description: "Permission to update benefits",
},
{
name: "beneficios_deletar",
description: "Permission to delete benefits",
},
{
name: "beneficios_visualizar",
description: "Permission to read benefits",
},

{ name: "perfis_criar", description: "Permission to create roles" },
{ name: "perfis_editar", description: "Permission to update roles" },
{ name: "perfis_deletar", description: "Permission to delete roles" },
{ name: "perfis_visualizar", description: "Permission to read roles" },
{
name: "call in the grau",
description: "Special permission for privileged actions",
name: "permissoes_visualizar",
description: "Permission to search permissions",
},
];

Expand Down
174 changes: 127 additions & 47 deletions src/routes.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
const UserController = require("./Controllers/userController");
const RoleController = require("./Controllers/roleController");

const { tokenValidation } = require("./Utils/token");

Check failure on line 6 in src/routes.js

View workflow job for this annotation

GitHub Actions / lint 

'tokenValidation' is assigned a value but never used

const MembershipForm = require("./Controllers/membershipController");
const TokenController = require("./Controllers/tokenController");
Expand All @@ -12,88 +12,168 @@
const checkPermissions = require("./Middlewares/accessControlMiddleware");

//// Private Routes
// --user
routes.get("/users", tokenValidation, UserController.getUsers);
routes.get("/users/:id", tokenValidation, UserController.getUserById);
routes.get("/user", tokenValidation, UserController.getLoggedUser);
routes.patch("/users/patch/:id", tokenValidation, UserController.patchUser);
routes.delete("/users/delete/:id", tokenValidation, UserController.deleteUser);
routes.put("/user", tokenValidation, UserController.update);

// --roles
routes.get("/teste-permission", checkPermissions("read"), async (req, res) => {
return res.status(200).send("has permission");
});
// Users Routes
routes.get(
"/users",
checkPermissions("usuarios_visualizar"),
UserController.getUsers
);
routes.get(
"/users/:id",
checkPermissions("usuarios_visualizar"),
UserController.getUserById
);
routes.get(
"/user",
checkPermissions("usuarios_visualizar"),
UserController.getLoggedUser
);
routes.patch(
"/users/patch/:id",
checkPermissions("usuarios_editar"),
UserController.patchUser
);
routes.delete(
"/users/delete/:id",
checkPermissions("usuarios_deletar"),
UserController.deleteUser
);
routes.put("/user", checkPermissions("usuarios_editar"), UserController.update);

routes.post("/role/create", RoleController.createRole);
routes.get("/role", RoleController.getAllRoles);
routes.get("/role/:id", RoleController.getRoleById);
routes.patch("/role/patch/:id", RoleController.updateRoleById);
routes.delete("/role/delete/:id", RoleController.deleteRoleById);
// Roles Routes
routes.post(
"/role/create",
checkPermissions("perfis_criar"),
RoleController.createRole
);
routes.get(
"/role",
checkPermissions("perfis_visualizar"),
RoleController.getAllRoles
);
routes.get(
"/role/:id",
checkPermissions("perfis_visualizar"),
RoleController.getRoleById
);
routes.patch(
"/role/patch/:id",
checkPermissions("perfis_editar"),
RoleController.updateRoleById
);
routes.delete(
"/role/delete/:id",
checkPermissions("perfis_deletar"),
RoleController.deleteRoleById
);
routes.put(
"/roles/:roleId/permissions",
checkPermissions("permissoes_editar"),
RoleController.assignPermissionsToRole
);

// Permissions Routes
routes.post(
"/permission/create",
//[tokenValidation],
checkPermissions("permissoes_criar"),
permissionController.createPermission
);
routes.get(
"/permission",
//[tokenValidation],
checkPermissions("permissoes_visualizar"),
permissionController.getAllPermissions
);
routes.get(
"/permission/:id",
[tokenValidation],
checkPermissions("permissoes_visualizar"),
permissionController.getPermissionById
);
routes.patch(
"/permission/patch/:id",
[tokenValidation],
checkPermissions("permissoes_editar"),
permissionController.updatePermissionById
);
routes.delete(
"/permission/delete/:id",
[tokenValidation],
checkPermissions("permissoes_deletar"),
permissionController.deletePermissionById
);
routes.post("/permission/search", permissionController.searchPermissionByName);

// --organ
routes.post("/organ/create", OrganController.createOrgan);
routes.get("/organ/list", OrganController.listOrgans);
routes.patch("/organ/update/:id", OrganController.updateOrgan);
routes.get("/organ/get/:id", OrganController.getOrganById);
routes.delete("/organ/delete/:id", OrganController.deleteOrganById);
routes.get(
"/permissions/search",
checkPermissions("permissoes_visualizar"),
permissionController.searchPermissionByName
);

//// Public Routes (No token required)
// --user and memberShip
routes.post("/signup", UserController.signUp);
routes.post("/login", UserController.login);
routes.post("/users/recover-password", UserController.recoverPassword);
routes.post("/verify-token", TokenController.getToken);
routes.patch("/users/change-password/:id", UserController.changePassword);
// Organ Routes
routes.post(
"/organ/create",
checkPermissions("orgaos_criar"),
OrganController.createOrgan
);
routes.get(
"/organ/list",
checkPermissions("orgaos_visualizar"),
OrganController.listOrgans
);
routes.patch(
"/users/renew-password",
tokenValidation,
UserController.changePasswordInProfile
"/organ/update/:id",
checkPermissions("orgaos_editar"),
OrganController.updateOrgan
);
routes.get(
"/organ/get/:id",
checkPermissions("orgaos_visualizar"),
OrganController.getOrganById
);
routes.delete(
"/organ/delete/:id",
checkPermissions("orgaos_deletar"),
OrganController.deleteOrganById
);

//
routes.post("/membership/create", MembershipForm.createMembershipForm);
routes.get("/membership", MembershipForm.getMembershipForm);
routes.get("/logged-membership", MembershipForm.getLoggedMembershipForm);

routes.delete("/membership/delete/:id", MembershipForm.deleteMembershipForm);
// Membership Routes
routes.post(
"/membership/create",
checkPermissions("beneficios_criar"),
MembershipForm.createMembershipForm
);
routes.get(
"/membership",
checkPermissions("beneficios_visualizar"),
MembershipForm.getMembershipForm
);
routes.get(
"/logged-membership",
checkPermissions("beneficios_visualizar"),
MembershipForm.getLoggedMembershipForm
);
routes.delete(
"/membership/delete/:id",
checkPermissions("beneficios_deletar"),
MembershipForm.deleteMembershipForm
);
routes.patch(
"/membership/updateStatus/:id",
checkPermissions("beneficios_editar"),
MembershipForm.updateStatusMembership
);
routes.patch("/membership/update/:id", MembershipForm.updateMembership);
routes.get("/membership/:id", MembershipForm.getMembershipById);
routes.patch(
"/membership/update/:id",
checkPermissions("beneficios_editar"),
MembershipForm.updateMembership
);
routes.get(
"/membership/:id",
checkPermissions("beneficios_visualizar"),
MembershipForm.getMembershipById
);

routes.post("/signup", UserController.signUp);
routes.post("/login", UserController.login);
routes.post("/users/recover-password", UserController.recoverPassword);
routes.post("/verify-token", TokenController.getToken);
routes.patch("/users/change-password/:id", UserController.changePassword);
routes.patch("/users/renew-password", UserController.changePasswordInProfile);

module.exports = routes;
Loading