[finishes #187354254] permissions and role implementation

finishes role and permission assigning functionality modified: package.json new file: src/controllers/permissionController.ts modified: src/controllers/roleControllers.ts new file: src/database/migrations/20240401004514-create-permissions-table.js modified: src/database/migrations/20240413203456-create-role.js renamed: src/database/migrations/20240425195548-create-user.js -> src/database/migrations/20240435195548-create-user.js new file: src/database/migrations/20240505075748-role_permissions.js new file: src/database/models/permission.ts modified: src/database/models/role.ts new file: src/database/models/rolePermissions.ts modified: src/database/models/user.ts modified: src/database/seeders/20240427082911-create-default-role.js new file: src/database/seeders/20240501105101-permissions.js new file: src/database/seeders/20240502080814-create-default-users.js new file: src/database/seeders/20240502093711-role_permissions.js new file: src/docs/permissions.yaml modified: src/middlewares/authMiddlewares.ts modified: src/routes/index.ts new file: src/routes/permissionRoute.ts modified: src/routes/roleRoute.ts new file: src/test/permissionController.test.ts
atlp-rwanda · May 6, 2024 · fa1ee4c · fa1ee4c
1 parent 5ed1800
commit fa1ee4c
Show file tree

Hide file tree

Showing 21 changed files with 1,048 additions and 60 deletions.
diff --git a/package.json b/package.json
@@ -15,8 +15,9 @@
     "prepare": "husky install && npx husky add .husky/pre-commit \"npx lint-staged\"",
     "migrate": "npx sequelize-cli db:migrate",
     "migrate:undo": "npx sequelize-cli db:migrate:undo",
+    "migrate:undo:all": "npx sequelize-cli db:migrate:undo:all",
     "seed": "npx sequelize-cli db:seed:all",
-    "seed:undo": "npx sequelize-cli db:seed:undo"
+    "seed:undo": "npx sequelize-cli db:seed:undo:all"
   },
   "keywords": [],
   "author": "",
@@ -35,14 +36,14 @@
     "glob": "^10.3.12",
     "jsonwebtoken": "^9.0.2",
     "mailgen": "^2.0.28",
+    "multer": "^1.4.5-lts.1",
     "nodemailer": "^6.9.13",
     "passport": "^0.7.0",
     "passport-google-oauth20": "^2.0.0",
     "passport-jwt": "^4.0.1",
-    "multer": "^1.4.5-lts.1",
     "pg": "^8.11.5",
     "pg-hstore": "^2.3.4",
-    "sequelize": "^6.37.2",
+    "sequelize": "^6.37.3",
     "swagger-ui-express": "^5.0.0",
     "uuid": "^9.0.1",
     "winston": "^3.13.0",
@@ -93,4 +94,4 @@
       "eslint --fix"
     ]
   }
-}
+}
diff --git a/src/controllers/permissionController.ts b/src/controllers/permissionController.ts
@@ -0,0 +1,83 @@
+import { Request, Response } from 'express';
+import { sendInternalErrorResponse } from '../validations';
+import Permission from '../database/models/permission';
+import { validateFields } from '../validations/index';
+
+// create a permission
+export const createPermission = async (req: Request, res: Response): Promise<void> => {
+  try {
+    const validFields = validateFields(req, ['name']);
+    if (validFields.length) {
+      res.status(400).json({ ok: false, errorMessage: `Missing required fields: ${validFields.join(', ')}` });
+      return;
+    }
+    const createdPermission = await Permission.create({ name: req.body.name });
+    res.status(201).json({ ok: true, data: createdPermission });
+  } catch (error) {
+    sendInternalErrorResponse(res, error);
+    return;
+  }
+};
+// get all permissions
+export const getAllPermissions = async (req: Request, res: Response): Promise<void> => {
+  try {
+    const permissions = await Permission.findAll({ attributes: ['id', 'name'] });
+    res.status(200).json({ ok: true, data: permissions });
+  } catch (error) {
+    sendInternalErrorResponse(res, error);
+    return;
+  }
+};
+// get a single permission
+export const getSinglePermission = async (req: Request, res: Response): Promise<void> => {
+  try {
+    const permission = await Permission.findByPk(req.params.id);
+    if (!permission) {
+      res.status(404).json({ ok: false, errorMessage: 'Permission not found' });
+      return;
+    }
+    res.status(200).json({ ok: true, data: permission });
+  } catch (error) {
+    sendInternalErrorResponse(res, error);
+    return;
+  }
+};
+// update a permission
+export const updatePermission = async (req: Request, res: Response): Promise<void> => {
+  try {
+    const validFields = validateFields(req, ['name']);
+    if (validFields.length) {
+      res.status(400).json({ ok: false, errorMessage: `Missing required fields: ${validFields.join(', ')}` });
+      return;
+    }
+    const permissionToUpdate = await Permission.findByPk(req.params.id);
+    if (!permissionToUpdate) {
+      res.status(404).json({ ok: false, errorMessage: 'Permission not found' });
+      return;
+    }
+    if (!req.body.name) res.status(400).json({ ok: false, errorMessage: 'Name is required' });
+
+    permissionToUpdate.name = req.body.name;
+
+    await permissionToUpdate.save();
+    res.status(200).json({ ok: true, data: permissionToUpdate });
+  } catch (error) {
+    sendInternalErrorResponse(res, error);
+    return;
+  }
+};
+// delete a permission
+export const deletePermission = async (req: Request, res: Response): Promise<void> => {
+  try {
+    const permissionToDelete = await Permission.findByPk(req.params.id);
+    if (!permissionToDelete) {
+      res.status(404).json({ ok: false, errorMessage: 'Permission not found' });
+      return;
+    }
+    await permissionToDelete.destroy();
+    res.status(200).json({ ok: true, message: 'permission deleted successfully!' });
+  } catch (error) {
+    sendInternalErrorResponse(res, error);
+    return;
+  }
+};
diff --git a/src/controllers/roleControllers.ts b/src/controllers/roleControllers.ts
@@ -1,17 +1,31 @@
 import logger from '../logs/config';
 import { Request, Response } from 'express';
 import Role from '../database/models/role';
+import Permision from '../database/models/permission';
 import { sendInternalErrorResponse, validateFields } from '../validations';
+import User from '../database/models/user';
 
 const createRole = async (req: Request, res: Response): Promise<void> => {
   try {
     if (validateFields(req, ['name']).length !== 0) {
       res.status(400).json({ ok: false, errorMessage: 'Role name is required' });
       return;
     }
-    const { name, displayName } = req.body;
-    const createdRole = await Role.create({ name, displayName });
-    res.status(201).json({ ok: true, data: createdRole });
+    const { name, permissionIds } = req.body;
+    const permissions = await Permision.findAll({ where: { id: permissionIds } });
+    if (permissions.length !== permissionIds.length) {
+      logger.error(`Adding role: One or more permissions not found`);
+      res.status(404).json({
+        ok: false,
+        message: 'roles create permissions Not Found',
+      });
+      return;
+    }
+    const role = await Role.create({ name });
+
+    await (role as any).addPermissions(permissions);
+
+    res.status(201).json({ ok: true, message: 'role created successfully' });
   } catch (error) {
     logger.error(error);
     sendInternalErrorResponse(res, error);
@@ -20,7 +34,7 @@ const createRole = async (req: Request, res: Response): Promise<void> => {
 };
 const getAllRoles = async (req: Request, res: Response): Promise<void> => {
   try {
-    const roles = await Role.findAll();
+    const roles = await Role.findAll({ include: { model: Permision, attributes: ['name'] } });
     res.status(200).json({ ok: true, data: roles });
   } catch (error) {
     logger.error(error);
@@ -29,9 +43,8 @@ const getAllRoles = async (req: Request, res: Response): Promise<void> => {
   }
 };
 const getSingleRole = async (req: Request, res: Response): Promise<void> => {
-  const { id } = req.params;
   try {
-    const role = await Role.findByPk(id);
+    const role = await Role.findByPk(req.params.id, { include: { model: Permision, attributes: ['name'] } });
     if (!role) {
       res.status(404).json({ ok: false, errorMessage: 'Roles can not be found' });
       return;
@@ -44,34 +57,33 @@ const getSingleRole = async (req: Request, res: Response): Promise<void> => {
   }
 };
 const updateRole = async (req: Request, res: Response): Promise<void> => {
-  const { id } = req.params;
-  const contentsToUpdate = { ...req.body };
   try {
-    const roleToupdate = await Role.findByPk(id);
+    const roleToupdate = await Role.findByPk(req.params.id);
     if (!roleToupdate) {
+      logger.error(`Role not found`);
       res.status(404).json({ ok: false, errorMessage: 'Role not found' });
       return;
     }
-    if (contentsToUpdate.name) {
-      roleToupdate.name = contentsToUpdate.name;
-    }
-    if (contentsToUpdate.displayName) {
-      roleToupdate.displayName = contentsToUpdate.displayName;
+    if (!req.body.name) {
+      logger.error(`Name is required`);
+      res.status(400).json({ ok: false, errorMessage: 'Name is required' });
+      return;
     }
-    await roleToupdate.save();
-    res.status(200).json({ ok: true, data: roleToupdate });
+    roleToupdate.name = req.body.name;
+    const updatedRole = await roleToupdate.save();
+    await (updatedRole as any).setPermissions(req.body.permissionIds);
+    res.status(200).json({ ok: true, message: 'role updated successfully' });
   } catch (error) {
     logger.error(error);
     sendInternalErrorResponse(res, error);
     return;
   }
 };
 const deleteRole = async (req: Request, res: Response): Promise<void> => {
-  const { id } = req.params;
   try {
-    const deletedCount = await Role.destroy({ where: { id } });
+    const deletedCount = await Role.destroy({ where: { id: req.params.id } });
     if (deletedCount === 1) {
-      res.status(200).json({ ok: true, data: deletedCount });
+      res.status(200).json({ ok: true, message: 'Role deleted successfully' });
     } else {
       res.status(404).json({ ok: false, errorMessage: 'Role not found' });
     }
@@ -81,5 +93,35 @@ const deleteRole = async (req: Request, res: Response): Promise<void> => {
     return;
   }
 };
-
-export { createRole, getAllRoles, getSingleRole, updateRole, deleteRole };
+const verifyRoleRequest = async (req: Request, res: Response): Promise<void> => {
+  console.log(req.files);
+  res.send('files received');
+  // const { userId } = req.params;
+  // const { roleId } = req.body;
+  // try {
+  //   const role = await Role.findByPk(roleId);
+  //   if (!role) {
+  //     logger.error('Role not found');
+  //     res.status(404).json({ ok: false, errorMessage: 'Role not found' });
+  //     return;
+  //   }
+  //   const user = await User.findByPk(userId);
+  //   if (!user) {
+  //     logger.error('User not found');
+  //     res.status(404).json({ ok: false, errorMessage: 'User not found' });
+  //     return;
+  //   }
+  //   if ((user as any).RoleId === roleId) {
+  //     logger.error('User has that role already');
+  //     res.status(400).json({ ok: false, errorMessage: 'User has that role already' });
+  //     return;
+  //   }
+  //   await (user as any).setRole(role);
+  //   res.status(200).json({ ok: true, message: 'Role assigned successfully' });
+  // } catch (error) {
+  //   logger.error(error);
+  //   sendInternalErrorResponse(res, error);
+  //   return;
+  // }
+};
+export { createRole, getAllRoles, getSingleRole, updateRole, deleteRole, verifyRoleRequest };
diff --git a/src/database/migrations/20240401004514-create-permissions-table.js b/src/database/migrations/20240401004514-create-permissions-table.js
@@ -0,0 +1,32 @@
+'use strict';
+
+/** @type {import('sequelize-cli').Migration} */
+module.exports = {
+  async up(queryInterface, Sequelize) {
+    await queryInterface.createTable('Permissions', {
+      id: {
+        type: Sequelize.INTEGER,
+        primaryKey: true,
+        autoIncrement: true,
+      },
+      name: {
+        type: Sequelize.STRING,
+        allowNull: false,
+        defaultValue: 'read',
+        unique: true,
+      },
+      createdAt: {
+        allowNull: false,
+        type: Sequelize.DATE,
+      },
+      updatedAt: {
+        allowNull: false,
+        type: Sequelize.DATE,
+      },
+    });
+  },
+
+  async down(queryInterface, Sequelize) {
+    await queryInterface.dropTable('Permissions');
+  },
+};
diff --git a/src/database/migrations/20240413203456-create-role.js b/src/database/migrations/20240413203456-create-role.js
@@ -4,21 +4,19 @@ module.exports = {
   async up(queryInterface, Sequelize) {
     await queryInterface.createTable('Roles', {
       id: {
-        allowNull: false,
+        type: Sequelize.INTEGER,
         primaryKey: true,
-        type: Sequelize.UUID,
-        defaultValue: Sequelize.UUIDV4,
-        unique: true,
+        autoIncrement: true,
       },
       name: {
-        type: Sequelize.STRING,
+        type: Sequelize.ENUM('admin', 'buyer', 'guest', 'vendor'),
         allowNull: false,
         unique: true,
+        set(value) {
+          this.setDataValue('name', value.toLowerCase());
+        },
       },
-      displayName: {
-        type: Sequelize.STRING,
-        allowNull: true,
-      },
+
       createdAt: {
         allowNull: false,
         type: Sequelize.DATE,

diff --git a/.../migrations/20240425195548-create-user.js → .../migrations/20240435195548-create-user.js b/.../migrations/20240425195548-create-user.js → .../migrations/20240435195548-create-user.js
@@ -62,7 +62,7 @@ module.exports = {
         defaultValue: 'active',
       },
       RoleId: {
-        type: Sequelize.UUID,
+        type: Sequelize.INTEGER,
         allowNull: false,
         references: {
           model: 'Roles',

diff --git a/src/database/migrations/20240505075748-role_permissions.js b/src/database/migrations/20240505075748-role_permissions.js
@@ -0,0 +1,40 @@
+'use strict';
+
+/** @type {import('sequelize-cli').Migration} */
+module.exports = {
+  async up(queryInterface, Sequelize) {
+    await queryInterface.createTable('role_permissions', {
+      roleId: {
+        type: Sequelize.INTEGER,
+        allowNull: true,
+        references: {
+          model: 'Roles',
+          key: 'id',
+        },
+        onUpdate: 'CASCADE',
+        onDelete: 'CASCADE',
+      },
+      permissionId: {
+        type: Sequelize.INTEGER,
+        allowNull: true,
+        references: {
+          model: 'Permissions',
+          key: 'id',
+        },
+        onUpdate: 'CASCADE',
+        onDelete: 'CASCADE',
+      },
+      createdAt: {
+        allowNull: false,
+        type: Sequelize.DATE,
+      },
+      updatedAt: {
+        allowNull: false,
+        type: Sequelize.DATE,
+      },
+    });
+  },
+  async down(queryInterface, Sequelize) {
+    await queryInterface.dropTable('role_permissions');
+  },
+};