diff --git a/apps/tickets/openapi.json b/apps/tickets/openapi.json index 5adf8d8f..63fb47ce 100644 --- a/apps/tickets/openapi.json +++ b/apps/tickets/openapi.json @@ -174,7 +174,7 @@ "tickets" ] }, - "put": { + "patch": { "operationId": "TicketsController_updateById", "summary": "Update a ticket - Scope : tickets:update_one", "description": "Update a ticket by id", diff --git a/apps/tickets/src/app/tickets/tickets.controller.ts b/apps/tickets/src/app/tickets/tickets.controller.ts index 8f5c0c5d..757b95c3 100644 --- a/apps/tickets/src/app/tickets/tickets.controller.ts +++ b/apps/tickets/src/app/tickets/tickets.controller.ts @@ -4,8 +4,8 @@ import { Get, HttpStatus, Param, + Patch, Post, - Put, Query, UseGuards, UsePipes, @@ -25,12 +25,17 @@ import { ApiNestedQuery, ApiPaginatedDto, CurrentUser, + PermissionCheck, } from '@ticketing/microservices/shared/decorators'; -import { OryAuthGuard } from '@ticketing/microservices/shared/guards'; +import { + OryAuthGuard, + OryPermissionGuard, +} from '@ticketing/microservices/shared/guards'; import { PaginatedDto, PaginateDto, PaginateQuery, + PermissionNamespaces, } from '@ticketing/microservices/shared/models'; import { ParseObjectId, @@ -39,6 +44,8 @@ import { import { Actions, Resources } from '@ticketing/shared/constants'; import { requestValidationErrorFactory } from '@ticketing/shared/errors'; import { User } from '@ticketing/shared/models'; +import { FastifyRequest } from 'fastify/types/request'; +import { get } from 'lodash-es'; import { CreateTicket, @@ -63,7 +70,7 @@ export class TicketsController { exceptionFactory: requestValidationErrorFactory, transformOptions: { enableImplicitConversion: true }, forbidUnknownValues: true, - }) + }), ) @ApiBearerAuth(SecurityRequirements.Bearer) @ApiCookieAuth(SecurityRequirements.Session) @@ -80,7 +87,7 @@ export class TicketsController { @Post('') create( @Body() ticket: CreateTicket, - @CurrentUser() currentUser: User + @CurrentUser() currentUser: User, ): Promise { return this.ticketsService.create(ticket, currentUser); } @@ -91,7 +98,7 @@ export class TicketsController { transform: true, transformOptions: { enableImplicitConversion: true }, // forbidUnknownValues: true, //! FIX issue with query parsing process - }) + }), ) @ApiOperation({ description: 'Filter tickets', @@ -101,7 +108,7 @@ export class TicketsController { @ApiPaginatedDto(TicketDto, 'Tickets found') @Get('') find( - @Query(ParseQuery) paginate: PaginateQuery + @Query(ParseQuery) paginate: PaginateQuery, ): Promise> { return this.ticketsService.find(paginate); } @@ -120,14 +127,27 @@ export class TicketsController { return this.ticketsService.findById(id); } - @UseGuards(OryAuthGuard) + @PermissionCheck( + ({ currentUserId, resourceId }) => + `${PermissionNamespaces[Resources.TICKETS]}:${resourceId}#owners@${ + PermissionNamespaces[Resources.USERS] + }:${currentUserId}`, + (ctx) => { + const req = ctx.switchToHttp().getRequest(); + return { + currentUserId: get(req, 'user.id'), + resourceId: get(req, 'params.id'), + }; + }, + ) + @UseGuards(OryAuthGuard, OryPermissionGuard) @UsePipes( new ValidationPipe({ transform: true, exceptionFactory: requestValidationErrorFactory, transformOptions: { enableImplicitConversion: true }, forbidUnknownValues: true, - }) + }), ) @ApiBearerAuth(SecurityRequirements.Bearer) @ApiCookieAuth(SecurityRequirements.Session) @@ -141,12 +161,11 @@ export class TicketsController { description: 'Ticket updated', type: TicketDto, }) - @Put(':id') + @Patch(':id') updateById( @Param('id', ParseObjectId) id: string, @Body() ticket: UpdateTicket, - @CurrentUser() user: User ): Promise { - return this.ticketsService.updateById(id, ticket, user); + return this.ticketsService.updateById(id, ticket); } } diff --git a/libs/ng/open-api/src/lib/generated/auth/services/users.service.ts b/libs/ng/open-api/src/lib/generated/auth/services/users.service.ts index 59670c9d..61a428c2 100644 --- a/libs/ng/open-api/src/lib/generated/auth/services/users.service.ts +++ b/libs/ng/open-api/src/lib/generated/auth/services/users.service.ts @@ -43,7 +43,7 @@ export class UsersService extends BaseService { const rb = new RequestBuilder( this.rootUrl, UsersService.UsersControllerOnSignUpPath, - 'post' + 'post', ); if (params) { rb.body(params.body, 'application/json'); @@ -54,13 +54,13 @@ export class UsersService extends BaseService { rb.build({ responseType: 'json', accept: 'application/json', - }) + }), ) .pipe( filter((r: any) => r instanceof HttpResponse), map((r: HttpResponse) => { return r as StrictHttpResponse; - }) + }), ); } @@ -78,7 +78,7 @@ export class UsersService extends BaseService { body: OnOrySignUpDto; }): Observable { return this.usersControllerOnSignUp$Response(params).pipe( - map((r: StrictHttpResponse) => r.body as OnOrySignUpDto) + map((r: StrictHttpResponse) => r.body as OnOrySignUpDto), ); } @@ -103,7 +103,7 @@ export class UsersService extends BaseService { const rb = new RequestBuilder( this.rootUrl, UsersService.UsersControllerOnSignInPath, - 'post' + 'post', ); if (params) { rb.body(params.body, 'application/json'); @@ -114,13 +114,13 @@ export class UsersService extends BaseService { rb.build({ responseType: 'json', accept: 'application/json', - }) + }), ) .pipe( filter((r: any) => r instanceof HttpResponse), map((r: HttpResponse) => { return r as StrictHttpResponse; - }) + }), ); } @@ -138,7 +138,7 @@ export class UsersService extends BaseService { body: OnOrySignInDto; }): Observable { return this.usersControllerOnSignIn$Response(params).pipe( - map((r: StrictHttpResponse) => r.body as OnOrySignInDto) + map((r: StrictHttpResponse) => r.body as OnOrySignInDto), ); } @@ -163,7 +163,7 @@ export class UsersService extends BaseService { const rb = new RequestBuilder( this.rootUrl, UsersService.UsersControllerSignUpPath, - 'post' + 'post', ); if (params) { rb.body(params.body, 'application/json'); @@ -174,13 +174,13 @@ export class UsersService extends BaseService { rb.build({ responseType: 'json', accept: 'application/json', - }) + }), ) .pipe( filter((r: any) => r instanceof HttpResponse), map((r: HttpResponse) => { return r as StrictHttpResponse; - }) + }), ); } @@ -198,7 +198,7 @@ export class UsersService extends BaseService { body: UserCredentialsDto; }): Observable { return this.usersControllerSignUp$Response(params).pipe( - map((r: StrictHttpResponse) => r.body as UserDto) + map((r: StrictHttpResponse) => r.body as UserDto), ); } @@ -223,7 +223,7 @@ export class UsersService extends BaseService { const rb = new RequestBuilder( this.rootUrl, UsersService.UsersControllerGetCurrentUserPath, - 'get' + 'get', ); if (params) { } @@ -233,13 +233,13 @@ export class UsersService extends BaseService { rb.build({ responseType: 'json', accept: 'application/json', - }) + }), ) .pipe( filter((r: any) => r instanceof HttpResponse), map((r: HttpResponse) => { return r as StrictHttpResponse; - }) + }), ); } @@ -255,7 +255,7 @@ export class UsersService extends BaseService { */ usersControllerGetCurrentUser(params?: {}): Observable { return this.usersControllerGetCurrentUser$Response(params).pipe( - map((r: StrictHttpResponse) => r.body as UserDto) + map((r: StrictHttpResponse) => r.body as UserDto), ); } } diff --git a/libs/ng/open-api/src/lib/generated/tickets/services/tickets.service.ts b/libs/ng/open-api/src/lib/generated/tickets/services/tickets.service.ts index 27002eeb..f4f0448f 100644 --- a/libs/ng/open-api/src/lib/generated/tickets/services/tickets.service.ts +++ b/libs/ng/open-api/src/lib/generated/tickets/services/tickets.service.ts @@ -22,10 +22,7 @@ import { UpdateTicketDto } from '../models/update-ticket-dto'; providedIn: 'root', }) export class TicketsService extends BaseService { - constructor( - config: ApiConfiguration, - http: HttpClient - ) { + constructor(config: ApiConfiguration, http: HttpClient) { super(config, http); } @@ -51,31 +48,50 @@ export class TicketsService extends BaseService { sort?: SortDto; filter?: Array; projection?: Array; - }): Observable; -}>> { - - const rb = new RequestBuilder(this.rootUrl, TicketsService.TicketsControllerFindPath, 'get'); + }): Observable< + StrictHttpResponse< + PaginatedDto & { + results?: Array; + } + > + > { + const rb = new RequestBuilder( + this.rootUrl, + TicketsService.TicketsControllerFindPath, + 'get', + ); if (params) { - rb.query('start_key', params.start_key, {"style":"deepObject","explode":true}); + rb.query('start_key', params.start_key, { + style: 'deepObject', + explode: true, + }); rb.query('skip', params.skip, {}); rb.query('limit', params.limit, {}); - rb.query('sort', params.sort, {"style":"deepObject","explode":false}); - rb.query('filter', params.filter, {"style":"deepObject","explode":true}); - rb.query('projection', params.projection, {"style":"deepObject","explode":true}); + rb.query('sort', params.sort, { style: 'deepObject', explode: false }); + rb.query('filter', params.filter, { style: 'deepObject', explode: true }); + rb.query('projection', params.projection, { + style: 'deepObject', + explode: true, + }); } - return this.http.request(rb.build({ - responseType: 'json', - accept: 'application/json' - })).pipe( - filter((r: any) => r instanceof HttpResponse), - map((r: HttpResponse) => { - return r as StrictHttpResponse; - }>; - }) - ); + return this.http + .request( + rb.build({ + responseType: 'json', + accept: 'application/json', + }), + ) + .pipe( + filter((r: any) => r instanceof HttpResponse), + map((r: HttpResponse) => { + return r as StrictHttpResponse< + PaginatedDto & { + results?: Array; + } + >; + }), + ); } /** @@ -95,16 +111,24 @@ export class TicketsService extends BaseService { sort?: SortDto; filter?: Array; projection?: Array; - }): Observable; -}> { - + }): Observable< + PaginatedDto & { + results?: Array; + } + > { return this.ticketsControllerFind$Response(params).pipe( - map((r: StrictHttpResponse; -}>) => r.body as PaginatedDto & { -'results'?: Array; -}) + map( + ( + r: StrictHttpResponse< + PaginatedDto & { + results?: Array; + } + >, + ) => + r.body as PaginatedDto & { + results?: Array; + }, + ), ); } @@ -124,23 +148,30 @@ export class TicketsService extends BaseService { * This method sends `application/json` and handles request body of type `application/json`. */ ticketsControllerCreate$Response(params: { - body: CreateTicketDto + body: CreateTicketDto; }): Observable> { - - const rb = new RequestBuilder(this.rootUrl, TicketsService.TicketsControllerCreatePath, 'post'); + const rb = new RequestBuilder( + this.rootUrl, + TicketsService.TicketsControllerCreatePath, + 'post', + ); if (params) { rb.body(params.body, 'application/json'); } - return this.http.request(rb.build({ - responseType: 'json', - accept: 'application/json' - })).pipe( - filter((r: any) => r instanceof HttpResponse), - map((r: HttpResponse) => { - return r as StrictHttpResponse; - }) - ); + return this.http + .request( + rb.build({ + responseType: 'json', + accept: 'application/json', + }), + ) + .pipe( + filter((r: any) => r instanceof HttpResponse), + map((r: HttpResponse) => { + return r as StrictHttpResponse; + }), + ); } /** @@ -154,11 +185,10 @@ export class TicketsService extends BaseService { * This method sends `application/json` and handles request body of type `application/json`. */ ticketsControllerCreate(params: { - body: CreateTicketDto + body: CreateTicketDto; }): Observable { - return this.ticketsControllerCreate$Response(params).pipe( - map((r: StrictHttpResponse) => r.body as TicketDto) + map((r: StrictHttpResponse) => r.body as TicketDto), ); } @@ -180,21 +210,28 @@ export class TicketsService extends BaseService { ticketsControllerFindById$Response(params: { id: string; }): Observable> { - - const rb = new RequestBuilder(this.rootUrl, TicketsService.TicketsControllerFindByIdPath, 'get'); + const rb = new RequestBuilder( + this.rootUrl, + TicketsService.TicketsControllerFindByIdPath, + 'get', + ); if (params) { rb.path('id', params.id, {}); } - return this.http.request(rb.build({ - responseType: 'json', - accept: 'application/json' - })).pipe( - filter((r: any) => r instanceof HttpResponse), - map((r: HttpResponse) => { - return r as StrictHttpResponse; - }) - ); + return this.http + .request( + rb.build({ + responseType: 'json', + accept: 'application/json', + }), + ) + .pipe( + filter((r: any) => r instanceof HttpResponse), + map((r: HttpResponse) => { + return r as StrictHttpResponse; + }), + ); } /** @@ -207,12 +244,9 @@ export class TicketsService extends BaseService { * * This method doesn't expect any request body. */ - ticketsControllerFindById(params: { - id: string; - }): Observable { - + ticketsControllerFindById(params: { id: string }): Observable { return this.ticketsControllerFindById$Response(params).pipe( - map((r: StrictHttpResponse) => r.body as TicketDto) + map((r: StrictHttpResponse) => r.body as TicketDto), ); } @@ -233,24 +267,31 @@ export class TicketsService extends BaseService { */ ticketsControllerUpdateById$Response(params: { id: string; - body: UpdateTicketDto + body: UpdateTicketDto; }): Observable> { - - const rb = new RequestBuilder(this.rootUrl, TicketsService.TicketsControllerUpdateByIdPath, 'put'); + const rb = new RequestBuilder( + this.rootUrl, + TicketsService.TicketsControllerUpdateByIdPath, + 'patch', + ); if (params) { rb.path('id', params.id, {}); rb.body(params.body, 'application/json'); } - return this.http.request(rb.build({ - responseType: 'json', - accept: 'application/json' - })).pipe( - filter((r: any) => r instanceof HttpResponse), - map((r: HttpResponse) => { - return r as StrictHttpResponse; - }) - ); + return this.http + .request( + rb.build({ + responseType: 'json', + accept: 'application/json', + }), + ) + .pipe( + filter((r: any) => r instanceof HttpResponse), + map((r: HttpResponse) => { + return r as StrictHttpResponse; + }), + ); } /** @@ -265,12 +306,10 @@ export class TicketsService extends BaseService { */ ticketsControllerUpdateById(params: { id: string; - body: UpdateTicketDto + body: UpdateTicketDto; }): Observable { - return this.ticketsControllerUpdateById$Response(params).pipe( - map((r: StrictHttpResponse) => r.body as TicketDto) + map((r: StrictHttpResponse) => r.body as TicketDto), ); } - }