45 lines
1.4 KiB
TypeScript
45 lines
1.4 KiB
TypeScript
import { Request, Router } from "express";
|
|
import { GetUserMiddleware } from "../middlewares/user";
|
|
import RequestError, { HttpStatusCode } from "../../helper/request_error";
|
|
import promiseMiddleware from "../../helper/promiseMiddleware";
|
|
import Permission from "../../models/permissions";
|
|
import verify, { Types } from "../middlewares/verify";
|
|
import Client from "../../models/client";
|
|
|
|
const PermissionRoute: Router = Router();
|
|
PermissionRoute.use(GetUserMiddleware(true, true), (req: Request, res, next) => {
|
|
if (!req.isAdmin) res.sendStatus(HttpStatusCode.FORBIDDEN)
|
|
else next()
|
|
});
|
|
|
|
|
|
PermissionRoute.route("/")
|
|
.get(promiseMiddleware(async (req, res) => {
|
|
let permission = await Permission.find({});
|
|
res.json(permission);
|
|
}))
|
|
.post(verify({
|
|
clientId: {
|
|
type: Types.NUMBER
|
|
},
|
|
name: {
|
|
type: Types.STRING
|
|
},
|
|
description: {
|
|
type: Types.STRING
|
|
}
|
|
}, true), promiseMiddleware(async (req, res) => {
|
|
let client = await Client.findById(req.body.clientId);
|
|
if (!client) {
|
|
throw new RequestError("Client not found", HttpStatusCode.BAD_REQUEST);
|
|
}
|
|
let permission = Permission.new({
|
|
description: req.body.description,
|
|
name: req.body.name,
|
|
client: client._id
|
|
});
|
|
await Permission.save(permission);
|
|
res.json(permission);
|
|
}))
|
|
|
|
export default PermissionRoute; |