QT/bigcapital
1
0
Fork 0
mirror of https://github.com/bigcapitalhq/bigcapital.git synced 2026-02-19 22:30:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(server): premissions guard for read and write endpoints

Browse Source
This commit is contained in:
Ahmed Bouhuolia
2026-02-15 22:55:10 +02:00
parent af80afcf59
commit 2d39e38578
31 changed files with 423 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
packages/server/src/modules/Roles/dtos/Role.dto.ts
View File

@@ -1,3 +1,4 @@
import { IsOptional } from '@/common/decorators/Validators';
import { ApiProperty } from '@nestjs/swagger';
import { Type } from 'class-transformer';
import {
@@ -41,7 +42,7 @@ export class CommandRolePermissionDto {
export class CreateRolePermissionDto extends CommandRolePermissionDto { }
export class EditRolePermissionDto extends CommandRolePermissionDto {
@IsNumber()
@IsNotEmpty()
@IsOptional()
@ApiProperty({
example: 1,
description: 'The permission ID',
@@ -59,7 +60,6 @@ class CommandRoleDto {
roleName: string;
@IsString()
@IsNotEmpty()
@ApiProperty({
example: 'Administrator',
description: 'The description of the role',
@@ -71,9 +71,9 @@ export class CreateRoleDto extends CommandRoleDto {
@IsArray()
@ArrayMinSize(1)
@ValidateNested({ each: true })
@Type(() => CommandRolePermissionDto)
@Type(() => CreateRolePermissionDto)
@ApiProperty({
type: [CommandRolePermissionDto],
type: [CreateRolePermissionDto],
description: 'The permissions of the role',
})
permissions: Array<CreateRolePermissionDto>;