mirror of
https://github.com/ToolJet/ToolJet
synced 2026-05-24 09:28:31 +00:00
0545528504
* multi org changes * Initial changes * changes * manage sso page * Multi-organization changes * Multi organization changes * multi-org changes * multi-org changes * multi-org changes * multi-org fixes * env variables app.json changes * multi-org-fix * user invitation token fix * multi-org group permission fix * multi-org app privilege * google oauth fix * Remove enable signup for form login * Multi organization fixes * multi-org user invite flow changes * multi-org sign up fix * rebase and multi-org fixes * revert testing logs * test logs revert * migration changes * migration file fix * error message changes * git login for private email fix * dropdown fix * test cases * e2e test cases added * test cases fix * documentation changes * testcases fix * testcases added * replace findOne with findOneOrFail * accept invite testcases * login page fixes * added encrypted tag * review comments * migration fixes * improvements * manage sso loading fix * review comments * migration file changes * new organization creation bug fix * added e2e testcases * added testcases * Update data_sources.controller.ts
99 lines
3.4 KiB
TypeScript
99 lines
3.4 KiB
TypeScript
import {
|
|
Controller,
|
|
Post,
|
|
Body,
|
|
Get,
|
|
Patch,
|
|
Param,
|
|
Delete,
|
|
UseGuards,
|
|
Query,
|
|
ForbiddenException,
|
|
} from '@nestjs/common';
|
|
import { ThreadService } from '../services/thread.service';
|
|
import { CreateThreadDto, UpdateThreadDto } from '../dto/thread.dto';
|
|
import { Thread } from '../entities/thread.entity';
|
|
import { JwtAuthGuard } from '../modules/auth/jwt-auth.guard';
|
|
import { ThreadsAbilityFactory } from 'src/modules/casl/abilities/threads-ability.factory';
|
|
import { User } from 'src/decorators/user.decorator';
|
|
|
|
@Controller('threads')
|
|
export class ThreadController {
|
|
constructor(private threadService: ThreadService, private threadsAbilityFactory: ThreadsAbilityFactory) {}
|
|
|
|
@UseGuards(JwtAuthGuard)
|
|
@Post()
|
|
public async createThread(@User() user, @Body() createThreadDto: CreateThreadDto): Promise<Thread> {
|
|
const ability = await this.threadsAbilityFactory.appsActions(user, createThreadDto.appId);
|
|
|
|
if (!ability.can('createThread', Thread)) {
|
|
throw new ForbiddenException('You do not have permissions to perform this action');
|
|
}
|
|
const thread = await this.threadService.createThread(createThreadDto, user.id, user.organizationId);
|
|
return thread;
|
|
}
|
|
|
|
@UseGuards(JwtAuthGuard)
|
|
@Get('/:appId/all')
|
|
public async getThreads(@User() user, @Param('appId') appId: string, @Query() query): Promise<Thread[]> {
|
|
const ability = await this.threadsAbilityFactory.appsActions(user, appId);
|
|
|
|
if (!ability.can('fetchThreads', Thread)) {
|
|
throw new ForbiddenException('You do not have permissions to perform this action');
|
|
}
|
|
const threads = await this.threadService.getThreads(appId, user.organizationId, query.appVersionsId);
|
|
return threads;
|
|
}
|
|
|
|
@UseGuards(JwtAuthGuard)
|
|
@Get('/:threadId')
|
|
public async getThread(@Param('threadId') threadId: number, @User() user) {
|
|
const _response = await Thread.findOne({
|
|
where: { id: threadId },
|
|
});
|
|
|
|
const ability = await this.threadsAbilityFactory.appsActions(user, _response.appId);
|
|
|
|
if (!ability.can('fetchThreads', Thread)) {
|
|
throw new ForbiddenException('You do not have permissions to perform this action');
|
|
}
|
|
const thread = await this.threadService.getThread(threadId);
|
|
return thread;
|
|
}
|
|
|
|
@UseGuards(JwtAuthGuard)
|
|
@Patch('/:threadId')
|
|
public async editThread(
|
|
@Body() updateThreadDto: UpdateThreadDto,
|
|
@Param('threadId') threadId: string,
|
|
@User() user
|
|
): Promise<Thread> {
|
|
const _response = await Thread.findOne({
|
|
where: { id: threadId },
|
|
});
|
|
|
|
const ability = await this.threadsAbilityFactory.appsActions(user, _response.appId);
|
|
|
|
if (!ability.can('updateThread', Thread)) {
|
|
throw new ForbiddenException('You do not have permissions to perform this action');
|
|
}
|
|
const thread = await this.threadService.editThread(threadId, updateThreadDto);
|
|
return thread;
|
|
}
|
|
|
|
@UseGuards(JwtAuthGuard)
|
|
@Delete('/:threadId')
|
|
public async deleteThread(@Param('threadId') threadId: string, @User() user) {
|
|
const _response = await Thread.findOne({
|
|
where: { id: threadId },
|
|
});
|
|
|
|
const ability = await this.threadsAbilityFactory.appsActions(user, _response.appId);
|
|
|
|
if (!ability.can('deleteThread', Thread)) {
|
|
throw new ForbiddenException('You do not have permissions to perform this action');
|
|
}
|
|
const deletedThread = await this.threadService.deleteThread(threadId);
|
|
return deletedThread;
|
|
}
|
|
}
|