diff --git a/src/app.ts b/src/app.ts index 6a3e801..9e15de1 100644 --- a/src/app.ts +++ b/src/app.ts @@ -3,11 +3,15 @@ import * as dotenvSafe from "dotenv-safe"; import { createExpressServer } from "routing-controllers"; import consola from "consola"; import loaders from "./loaders/index"; +import authchecker from "./authchecker"; +import { ErrorHandler } from './middlewares/ErrorHandler'; dotenvSafe.config(); const PORT = process.env.APP_PORT || 4010; const app = createExpressServer({ + authorizationChecker: authchecker, + middlewares: [ErrorHandler], development: process.env.NODE_ENV === "production", cors: true, routePrefix: "/api", diff --git a/src/controllers/TrackController.ts b/src/controllers/TrackController.ts index 965fde9..b826582 100644 --- a/src/controllers/TrackController.ts +++ b/src/controllers/TrackController.ts @@ -1,4 +1,4 @@ -import { JsonController, Param, Body, Get, Post, Put, Delete, NotFoundError, OnUndefined, NotAcceptableError } from 'routing-controllers'; +import { JsonController, Param, Body, Get, Post, Put, Delete, NotFoundError, OnUndefined, NotAcceptableError, Authorized } from 'routing-controllers'; import { getConnectionManager, Repository } from 'typeorm'; import { EntityFromBody } from 'typeorm-routing-controllers-extensions'; import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi'; @@ -22,6 +22,7 @@ export class TrackNotFoundError extends NotFoundError { } @JsonController('/tracks') +@Authorized("TRACKS:read") export class TrackController { private trackRepository: Repository; @@ -34,7 +35,7 @@ export class TrackController { @Get() @ResponseSchema(Track, { isArray: true }) - @OpenAPI({description: "Lists all tracks."}) + @OpenAPI({ description: "Lists all tracks." }) getAll() { return this.trackRepository.find(); } @@ -42,14 +43,14 @@ export class TrackController { @Get('/:id') @ResponseSchema(Track) @OnUndefined(TrackNotFoundError) - @OpenAPI({description: "Returns a track of a specified id (if it exists)"}) + @OpenAPI({ description: "Returns a track of a specified id (if it exists)" }) getOne(@Param('id') id: number) { return this.trackRepository.findOne({ id: id }); } @Post() @ResponseSchema(Track) - @OpenAPI({description: "Create a new track object (id will be generated automagicly)."}) + @OpenAPI({ description: "Create a new track object (id will be generated automagicly)." }) post( @Body({ validate: true }) track: CreateTrack @@ -59,15 +60,15 @@ export class TrackController { @Put('/:id') @ResponseSchema(Track) - @OpenAPI({description: "Update a track object (id can't be changed)."}) + @OpenAPI({ description: "Update a track object (id can't be changed)." }) async put(@Param('id') id: number, @EntityFromBody() track: Track) { let oldTrack = await this.trackRepository.findOne({ id: id }); if (!oldTrack) { - throw new TrackNotFoundError(); + throw new TrackNotFoundError(); } - if(oldTrack.id != track.id){ + if (oldTrack.id != track.id) { throw new NotAcceptableError("The id's don't match!"); } @@ -77,7 +78,7 @@ export class TrackController { @Delete('/:id') @ResponseSchema(Track) - @OpenAPI({description: "Delete a specified track (if it exists)."}) + @OpenAPI({ description: "Delete a specified track (if it exists)." }) async remove(@Param('id') id: number) { let track = await this.trackRepository.findOne({ id: id });