Added auth to all endpoints
This commit is contained in:
parent
cdfd0e0d64
commit
744faba7ee
|
@ -1,4 +1,4 @@
|
|||
import { Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
|
||||
import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
|
||||
import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
|
||||
import { getConnectionManager, Repository } from 'typeorm';
|
||||
import { PermissionIdsNotMatchingError, PermissionNeedsPrincipalError, PermissionNotFoundError } from '../errors/PermissionErrors';
|
||||
|
@ -24,6 +24,7 @@ export class PermissionController {
|
|||
}
|
||||
|
||||
@Get()
|
||||
@Authorized("PERMISSION:GET")
|
||||
@ResponseSchema(ResponsePermission, { isArray: true })
|
||||
@OpenAPI({ description: 'Lists all permissions.' })
|
||||
async getAll() {
|
||||
|
@ -37,6 +38,7 @@ export class PermissionController {
|
|||
|
||||
|
||||
@Get('/:id')
|
||||
@Authorized("PERMISSION:GET")
|
||||
@ResponseSchema(ResponsePermission)
|
||||
@ResponseSchema(PermissionNotFoundError, { statusCode: 404 })
|
||||
@OnUndefined(PermissionNotFoundError)
|
||||
|
@ -49,6 +51,7 @@ export class PermissionController {
|
|||
|
||||
|
||||
@Post()
|
||||
@Authorized("PERMISSION:CREATE")
|
||||
@ResponseSchema(ResponsePermission)
|
||||
@ResponseSchema(PrincipalNotFoundError, { statusCode: 404 })
|
||||
@OpenAPI({ description: 'Create a new runnerTeam object (id will be generated automagicly).' })
|
||||
|
@ -70,6 +73,7 @@ export class PermissionController {
|
|||
|
||||
|
||||
@Put('/:id')
|
||||
@Authorized("PERMISSION:UPDATE")
|
||||
@ResponseSchema(ResponsePrincipal)
|
||||
@ResponseSchema(PermissionNotFoundError, { statusCode: 404 })
|
||||
@ResponseSchema(PrincipalNotFoundError, { statusCode: 404 })
|
||||
|
@ -98,6 +102,7 @@ export class PermissionController {
|
|||
}
|
||||
|
||||
@Delete('/:id')
|
||||
@Authorized("PERMISSION:DELETE")
|
||||
@ResponseSchema(ResponsePermission)
|
||||
@ResponseSchema(ResponseEmpty, { statusCode: 204 })
|
||||
@OnUndefined(204)
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
import { Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
|
||||
import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
|
||||
import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
|
||||
import { getConnectionManager, Repository } from 'typeorm';
|
||||
import { RunnerGroupNeededError, RunnerIdsNotMatchingError, RunnerNotFoundError } from '../errors/RunnerErrors';
|
||||
|
@ -22,6 +22,7 @@ export class RunnerController {
|
|||
}
|
||||
|
||||
@Get()
|
||||
@Authorized("RUNNER:GET")
|
||||
@ResponseSchema(ResponseRunner, { isArray: true })
|
||||
@OpenAPI({ description: 'Lists all runners.' })
|
||||
async getAll() {
|
||||
|
@ -34,6 +35,7 @@ export class RunnerController {
|
|||
}
|
||||
|
||||
@Get('/:id')
|
||||
@Authorized("RUNNER:GET")
|
||||
@ResponseSchema(ResponseRunner)
|
||||
@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
|
||||
@OnUndefined(RunnerNotFoundError)
|
||||
|
@ -45,6 +47,7 @@ export class RunnerController {
|
|||
}
|
||||
|
||||
@Post()
|
||||
@Authorized("RUNNER:CREATE")
|
||||
@ResponseSchema(ResponseRunner)
|
||||
@ResponseSchema(RunnerGroupNeededError)
|
||||
@ResponseSchema(RunnerGroupNotFoundError)
|
||||
|
@ -62,6 +65,7 @@ export class RunnerController {
|
|||
}
|
||||
|
||||
@Put('/:id')
|
||||
@Authorized("RUNNER:UPDATE")
|
||||
@ResponseSchema(ResponseRunner)
|
||||
@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
|
||||
@ResponseSchema(RunnerIdsNotMatchingError, { statusCode: 406 })
|
||||
|
@ -82,6 +86,7 @@ export class RunnerController {
|
|||
}
|
||||
|
||||
@Delete('/:id')
|
||||
@Authorized("RUNNER:DELETE")
|
||||
@ResponseSchema(ResponseRunner)
|
||||
@ResponseSchema(ResponseEmpty, { statusCode: 204 })
|
||||
@OnUndefined(204)
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
import { Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
|
||||
import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
|
||||
import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
|
||||
import { getConnectionManager, Repository } from 'typeorm';
|
||||
import { EntityFromBody } from 'typeorm-routing-controllers-extensions';
|
||||
|
@ -24,6 +24,7 @@ export class RunnerOrganisationController {
|
|||
}
|
||||
|
||||
@Get()
|
||||
@Authorized("ORGANISATION:GET")
|
||||
@ResponseSchema(ResponseRunnerOrganisation, { isArray: true })
|
||||
@OpenAPI({ description: 'Lists all runnerOrganisations.' })
|
||||
async getAll() {
|
||||
|
@ -36,6 +37,7 @@ export class RunnerOrganisationController {
|
|||
}
|
||||
|
||||
@Get('/:id')
|
||||
@Authorized("ORGANISATION:GET")
|
||||
@ResponseSchema(ResponseRunnerOrganisation)
|
||||
@ResponseSchema(RunnerOrganisationNotFoundError, { statusCode: 404 })
|
||||
@OnUndefined(RunnerOrganisationNotFoundError)
|
||||
|
@ -47,6 +49,7 @@ export class RunnerOrganisationController {
|
|||
}
|
||||
|
||||
@Post()
|
||||
@Authorized("ORGANISATION:CREATE")
|
||||
@ResponseSchema(ResponseRunnerOrganisation)
|
||||
@OpenAPI({ description: 'Create a new runnerOrganisation object (id will be generated automagicly).' })
|
||||
async post(@Body({ validate: true }) createRunnerOrganisation: CreateRunnerOrganisation) {
|
||||
|
@ -63,6 +66,7 @@ export class RunnerOrganisationController {
|
|||
}
|
||||
|
||||
@Put('/:id')
|
||||
@Authorized("ORGANISATION:UPDATE")
|
||||
@ResponseSchema(ResponseRunnerOrganisation)
|
||||
@ResponseSchema(RunnerOrganisationNotFoundError, { statusCode: 404 })
|
||||
@ResponseSchema(RunnerOrganisationIdsNotMatchingError, { statusCode: 406 })
|
||||
|
@ -85,6 +89,7 @@ export class RunnerOrganisationController {
|
|||
}
|
||||
|
||||
@Delete('/:id')
|
||||
@Authorized("ORGANISATION:DELETE")
|
||||
@ResponseSchema(ResponseRunnerOrganisation)
|
||||
@ResponseSchema(ResponseEmpty, { statusCode: 204 })
|
||||
@ResponseSchema(RunnerOrganisationHasTeamsError, { statusCode: 406 })
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
import { Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
|
||||
import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
|
||||
import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
|
||||
import { getConnectionManager, Repository } from 'typeorm';
|
||||
import { RunnerTeamHasRunnersError, RunnerTeamIdsNotMatchingError, RunnerTeamNotFoundError } from '../errors/RunnerTeamErrors';
|
||||
|
@ -23,6 +23,7 @@ export class RunnerTeamController {
|
|||
}
|
||||
|
||||
@Get()
|
||||
@Authorized("TEAM:GET")
|
||||
@ResponseSchema(ResponseRunnerTeam, { isArray: true })
|
||||
@OpenAPI({ description: 'Lists all runnerTeams.' })
|
||||
async getAll() {
|
||||
|
@ -35,6 +36,7 @@ export class RunnerTeamController {
|
|||
}
|
||||
|
||||
@Get('/:id')
|
||||
@Authorized("TEAM:GET")
|
||||
@ResponseSchema(ResponseRunnerTeam)
|
||||
@ResponseSchema(RunnerTeamNotFoundError, { statusCode: 404 })
|
||||
@OnUndefined(RunnerTeamNotFoundError)
|
||||
|
@ -46,6 +48,7 @@ export class RunnerTeamController {
|
|||
}
|
||||
|
||||
@Post()
|
||||
@Authorized("TEAM:CREATE")
|
||||
@ResponseSchema(ResponseRunnerTeam)
|
||||
@OpenAPI({ description: 'Create a new runnerTeam object (id will be generated automagicly).' })
|
||||
async post(@Body({ validate: true }) createRunnerTeam: CreateRunnerTeam) {
|
||||
|
@ -63,6 +66,7 @@ export class RunnerTeamController {
|
|||
}
|
||||
|
||||
@Put('/:id')
|
||||
@Authorized("TEAM:UPDATE")
|
||||
@ResponseSchema(ResponseRunnerTeam)
|
||||
@ResponseSchema(RunnerTeamNotFoundError, { statusCode: 404 })
|
||||
@ResponseSchema(RunnerTeamIdsNotMatchingError, { statusCode: 406 })
|
||||
|
@ -84,6 +88,7 @@ export class RunnerTeamController {
|
|||
}
|
||||
|
||||
@Delete('/:id')
|
||||
@Authorized("TEAM:DELETE")
|
||||
@ResponseSchema(ResponseRunnerTeam)
|
||||
@ResponseSchema(ResponseEmpty, { statusCode: 204 })
|
||||
@ResponseSchema(RunnerTeamHasRunnersError, { statusCode: 406 })
|
||||
|
|
|
@ -21,7 +21,7 @@ export class TrackController {
|
|||
}
|
||||
|
||||
@Get()
|
||||
@Authorized("TRACK:READ")
|
||||
@Authorized("TRACK:GET")
|
||||
@ResponseSchema(ResponseTrack, { isArray: true })
|
||||
async getAll() {
|
||||
let responseTracks: ResponseTrack[] = new Array<ResponseTrack>();
|
||||
|
@ -33,6 +33,7 @@ export class TrackController {
|
|||
}
|
||||
|
||||
@Get('/:id')
|
||||
@Authorized("TRACK:GET")
|
||||
@ResponseSchema(ResponseTrack)
|
||||
@ResponseSchema(TrackNotFoundError, { statusCode: 404 })
|
||||
@OnUndefined(TrackNotFoundError)
|
||||
|
@ -44,6 +45,7 @@ export class TrackController {
|
|||
}
|
||||
|
||||
@Post()
|
||||
@Authorized("TRACK:CREATE")
|
||||
@ResponseSchema(ResponseTrack)
|
||||
@OpenAPI({ description: "Create a new track object (id will be generated automagicly)." })
|
||||
async post(
|
||||
|
@ -54,6 +56,7 @@ export class TrackController {
|
|||
}
|
||||
|
||||
@Put('/:id')
|
||||
@Authorized("TRACK:UPDATE")
|
||||
@ResponseSchema(ResponseTrack)
|
||||
@ResponseSchema(TrackNotFoundError, { statusCode: 404 })
|
||||
@ResponseSchema(TrackIdsNotMatchingError, { statusCode: 406 })
|
||||
|
@ -74,6 +77,7 @@ export class TrackController {
|
|||
}
|
||||
|
||||
@Delete('/:id')
|
||||
@Authorized("TRACK:DELETE")
|
||||
@ResponseSchema(ResponseTrack)
|
||||
@ResponseSchema(ResponseEmpty, { statusCode: 204 })
|
||||
@OnUndefined(204)
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
import { Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
|
||||
import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
|
||||
import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
|
||||
import { getConnectionManager, Repository } from 'typeorm';
|
||||
import { EntityFromBody } from 'typeorm-routing-controllers-extensions';
|
||||
|
@ -24,6 +24,7 @@ export class UserController {
|
|||
}
|
||||
|
||||
@Get()
|
||||
@Authorized("USER:GET")
|
||||
@ResponseSchema(User, { isArray: true })
|
||||
@OpenAPI({ description: 'Lists all users.' })
|
||||
async getAll() {
|
||||
|
@ -36,6 +37,7 @@ export class UserController {
|
|||
}
|
||||
|
||||
@Get('/:id')
|
||||
@Authorized("USER:GET")
|
||||
@ResponseSchema(User)
|
||||
@ResponseSchema(UserNotFoundError, { statusCode: 404 })
|
||||
@OnUndefined(UserNotFoundError)
|
||||
|
@ -47,6 +49,7 @@ export class UserController {
|
|||
}
|
||||
|
||||
@Post()
|
||||
@Authorized("USER:CREATE")
|
||||
@ResponseSchema(User)
|
||||
@ResponseSchema(UserGroupNotFoundError)
|
||||
@OpenAPI({ description: 'Create a new user object (id will be generated automagicly).' })
|
||||
|
@ -63,6 +66,7 @@ export class UserController {
|
|||
}
|
||||
|
||||
@Put('/:id')
|
||||
@Authorized("USER:UPDATE")
|
||||
@ResponseSchema(User)
|
||||
@ResponseSchema(UserNotFoundError, { statusCode: 404 })
|
||||
@ResponseSchema(UserIdsNotMatchingError, { statusCode: 406 })
|
||||
|
@ -83,6 +87,7 @@ export class UserController {
|
|||
}
|
||||
|
||||
@Delete('/:id')
|
||||
@Authorized("USER:DELETE")
|
||||
@ResponseSchema(User)
|
||||
@ResponseSchema(ResponseEmpty, { statusCode: 204 })
|
||||
@OnUndefined(204)
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
import { Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
|
||||
import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
|
||||
import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
|
||||
import { getConnectionManager, Repository } from 'typeorm';
|
||||
import { EntityFromBody } from 'typeorm-routing-controllers-extensions';
|
||||
|
@ -23,6 +23,7 @@ export class UserGroupController {
|
|||
}
|
||||
|
||||
@Get()
|
||||
@Authorized("USERGROUP:GET")
|
||||
@ResponseSchema(UserGroup, { isArray: true })
|
||||
@OpenAPI({ description: 'Lists all usergroups.' })
|
||||
getAll() {
|
||||
|
@ -30,6 +31,7 @@ export class UserGroupController {
|
|||
}
|
||||
|
||||
@Get('/:id')
|
||||
@Authorized("USERGROUP:GET")
|
||||
@ResponseSchema(UserGroup)
|
||||
@ResponseSchema(UserGroupNotFoundError, { statusCode: 404 })
|
||||
@OnUndefined(UserGroupNotFoundError)
|
||||
|
@ -39,6 +41,7 @@ export class UserGroupController {
|
|||
}
|
||||
|
||||
@Post()
|
||||
@Authorized("USERGROUP:CREATE")
|
||||
@ResponseSchema(UserGroup)
|
||||
@ResponseSchema(UserGroupNotFoundError)
|
||||
@OpenAPI({ description: 'Create a new usergroup object (id will be generated automagicly).' })
|
||||
|
@ -54,6 +57,7 @@ export class UserGroupController {
|
|||
}
|
||||
|
||||
@Put('/:id')
|
||||
@Authorized("USERGROUP:UPDATE")
|
||||
@ResponseSchema(UserGroup)
|
||||
@ResponseSchema(UserGroupNotFoundError, { statusCode: 404 })
|
||||
@ResponseSchema(UserGroupIdsNotMatchingError, { statusCode: 406 })
|
||||
|
@ -74,6 +78,7 @@ export class UserGroupController {
|
|||
}
|
||||
|
||||
@Delete('/:id')
|
||||
@Authorized("USERGROUP:DELETE")
|
||||
@ResponseSchema(ResponseUserGroup)
|
||||
@ResponseSchema(ResponseEmpty, { statusCode: 204 })
|
||||
@OnUndefined(204)
|
||||
|
|
Loading…
Reference in New Issue