@ackplus/nest-auth 1.1.1 → 1.1.5

package/src/lib/admin-console/controllers/admin-console.controller.d.ts

@@ -0,0 +1,14 @@
+import { OnModuleInit } from '@nestjs/common';
+import { Response } from 'express';
+import { AdminConsoleConfigService } from '../services/admin-console-config.service';
+export declare class AdminConsoleController implements OnModuleInit {
+    private readonly config;
+    private readonly logger;
+    private cachedIndexHtml;
+    private staticRoot;
+    private readonly indexPath;
+    constructor(config: AdminConsoleConfigService);
+    onModuleInit(): void;
+    serveIndex(res: Response): Promise<void>;
+}
+//# sourceMappingURL=admin-console.controller.d.ts.map

package/src/lib/admin-console/controllers/admin-console.controller.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"admin-console.controller.d.ts","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/admin-console/controllers/admin-console.controller.ts"],"names":[],"mappings":"AAAA,OAAO,EAA2B,YAAY,EAAc,MAAM,gBAAgB,CAAC;AACnF,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAGnC,OAAO,EAAE,yBAAyB,EAAE,MAAM,0CAA0C,CAAC;AAsBrF,qBACa,sBAAuB,YAAW,YAAY;IAM7C,OAAO,CAAC,QAAQ,CAAC,MAAM;IALnC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA2C;IAClE,OAAO,CAAC,eAAe,CAAuB;IAC9C,OAAO,CAAC,UAAU,CAAuB;IACzC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAuC;gBAEpC,MAAM,EAAE,yBAAyB;IAE9D,YAAY;IAcN,UAAU,CAAQ,GAAG,EAAE,QAAQ;CAgCtC"}

package/src/lib/admin-console/controllers/admin-console.controller.js

@@ -0,0 +1,87 @@
+"use strict";
+var AdminConsoleController_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AdminConsoleController = void 0;
+const tslib_1 = require("tslib");
+const common_1 = require("@nestjs/common");
+const path_1 = require("path");
+const fs_1 = require("fs");
+const admin_console_config_service_1 = require("../services/admin-console-config.service");
+const candidateStaticRoots = [
+    // When the library itself is built (dist/packages/nest-auth/...)
+    (0, path_1.join)(__dirname, '..', 'static'),
+    // When the library is consumed via ts-node/tsconfig paths during development
+    (0, path_1.join)(process.cwd(), 'packages', 'nest-auth', 'src', 'lib', 'admin-console', 'static'),
+    // When the consumer (apps/nest-examples) compiles everything into dist/apps/...
+    (0, path_1.join)(process.cwd(), 'dist', 'apps', 'nest-examples', 'packages', 'nest-auth', 'src', 'lib', 'admin-console', 'static'),
+    // Generic fallback: dist/packages/... in monorepo root
+    (0, path_1.join)(process.cwd(), 'dist', 'packages', 'nest-auth', 'src', 'lib', 'admin-console', 'static'),
+];
+function resolveStaticRoot() {
+    for (const root of candidateStaticRoots) {
+        if ((0, fs_1.existsSync)((0, path_1.join)(root, 'index.html'))) {
+            return root;
+        }
+    }
+    return candidateStaticRoots[1];
+}
+let AdminConsoleController = AdminConsoleController_1 = class AdminConsoleController {
+    constructor(config) {
+        this.config = config;
+        this.logger = new common_1.Logger(AdminConsoleController_1.name);
+        this.cachedIndexHtml = null;
+        this.staticRoot = resolveStaticRoot();
+        this.indexPath = (0, path_1.join)(this.staticRoot, 'index.html');
+    }
+    onModuleInit() {
+        if (!(0, fs_1.existsSync)(this.indexPath)) {
+            this.logger.error('Admin console index.html not found at startup', { path: this.indexPath });
+            throw new Error(`Admin console index.html not found at ${this.indexPath}`);
+        }
+        try {
+            this.cachedIndexHtml = (0, fs_1.readFileSync)(this.indexPath, 'utf8');
+            this.logger.log('Admin console index.html cached successfully');
+        }
+        catch (error) {
+            this.logger.error('Failed to read admin console index.html on startup', { path: this.indexPath, message: error.message }, error.stack);
+        }
+    }
+    async serveIndex(res) {
+        this.config.ensureEnabled();
+        if (!this.cachedIndexHtml) {
+            this.logger.error('Cached index.html is not available');
+            res.status(500).send('Internal Server Error');
+            return;
+        }
+        try {
+            let content = this.cachedIndexHtml;
+            const basePath = this.config.getBasePath();
+            const config = { basePath };
+            const js = `window.__NEST_AUTH_CONFIG__ = ${JSON.stringify(config)};`;
+            // Inject external config script tag to satisfy CSP (no inline script)
+            const configScriptTag = `<script>${js}</script>`;
+            // Insert config script before closing </head> tag or at the start of <body>
+            if (content.includes('<head>')) {
+                content = content.replace('<head>', `${configScriptTag}<head>`);
+            }
+            res.setHeader('Content-Type', 'text/html');
+            res.send(content);
+        }
+        catch (error) {
+            this.logger.error('Failed to serve admin console index.html', { path: this.indexPath, message: error.message }, error.stack);
+            res.status(500).send('Internal Server Error');
+        }
+    }
+};
+exports.AdminConsoleController = AdminConsoleController;
+tslib_1.__decorate([
+    (0, common_1.Get)(),
+    tslib_1.__param(0, (0, common_1.Res)()),
+    tslib_1.__metadata("design:type", Function),
+    tslib_1.__metadata("design:paramtypes", [Object]),
+    tslib_1.__metadata("design:returntype", Promise)
+], AdminConsoleController.prototype, "serveIndex", null);
+exports.AdminConsoleController = AdminConsoleController = AdminConsoleController_1 = tslib_1.__decorate([
+    (0, common_1.Controller)('auth/admin'),
+    tslib_1.__metadata("design:paramtypes", [admin_console_config_service_1.AdminConsoleConfigService])
+], AdminConsoleController);

package/src/lib/admin-console/controllers/admin-permissions.controller.d.ts

@@ -0,0 +1,86 @@
+import { AdminCreatePermissionDto, AdminUpdatePermissionDto } from '../dto/admin-permission.dto';
+import { PermissionService } from '../../permission/services/permission.service';
+import { RoleService } from '../../role/services/role.service';
+import { Repository } from 'typeorm';
+import { NestAuthRole } from '../../role/entities/role.entity';
+export declare class AdminPermissionsController {
+    private readonly permissionService;
+    private readonly roleService;
+    private roleRepository;
+    constructor(permissionService: PermissionService, roleService: RoleService, roleRepository: Repository<NestAuthRole>);
+    listPermissions(search?: string, category?: string, guard?: string, limit?: string): Promise<{
+        data: {
+            id: string;
+            name: string;
+            guard: string;
+            description: string;
+            category: string;
+            metadata: Record<string, any>;
+            createdAt: Date;
+            updatedAt: Date;
+        }[];
+    }>;
+    getGuards(): Promise<{
+        data: string[];
+    }>;
+    searchPermissions(query: string, guard?: string, limit?: string): Promise<{
+        data: {
+            id: string;
+            name: string;
+            guard: string;
+            description: string;
+            category: string;
+            metadata: Record<string, any>;
+            createdAt: Date;
+            updatedAt: Date;
+        }[];
+    }>;
+    getCategories(): Promise<{
+        data: string[];
+    }>;
+    createPermission(dto: AdminCreatePermissionDto): Promise<{
+        permission: {
+            id: string;
+            name: string;
+            guard: string;
+            description: string;
+            category: string;
+            metadata: Record<string, any>;
+            createdAt: Date;
+            updatedAt: Date;
+        };
+    }>;
+    getPermission(id: string): Promise<{
+        permission: {
+            id: string;
+            name: string;
+            guard: string;
+            description: string;
+            category: string;
+            metadata: Record<string, any>;
+            createdAt: Date;
+            updatedAt: Date;
+        };
+    }>;
+    updatePermission(id: string, dto: AdminUpdatePermissionDto): Promise<{
+        permission: {
+            id: string;
+            name: string;
+            guard: string;
+            description: string;
+            category: string;
+            metadata: Record<string, any>;
+            createdAt: Date;
+            updatedAt: Date;
+        };
+    }>;
+    /**
+     * Update permission name in all roles that use it
+     */
+    private updatePermissionInRoles;
+    deletePermission(id: string): Promise<{
+        message: string;
+    }>;
+    private toSafePermission;
+}
+//# sourceMappingURL=admin-permissions.controller.d.ts.map

package/src/lib/admin-console/controllers/admin-permissions.controller.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"admin-permissions.controller.d.ts","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/admin-console/controllers/admin-permissions.controller.ts"],"names":[],"mappings":"AAaA,OAAO,EAAE,wBAAwB,EAAE,wBAAwB,EAAE,MAAM,6BAA6B,CAAC;AACjG,OAAO,EAAE,iBAAiB,EAAE,MAAM,8CAA8C,CAAC;AAEjF,OAAO,EAAE,WAAW,EAAE,MAAM,kCAAkC,CAAC;AAE/D,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,YAAY,EAAE,MAAM,iCAAiC,CAAC;AAE/D,qBAEa,0BAA0B;IAE/B,OAAO,CAAC,QAAQ,CAAC,iBAAiB;IAClC,OAAO,CAAC,QAAQ,CAAC,WAAW;IAE5B,OAAO,CAAC,cAAc;gBAHL,iBAAiB,EAAE,iBAAiB,EACpC,WAAW,EAAE,WAAW,EAEjC,cAAc,EAAE,UAAU,CAAC,YAAY,CAAC;IAI9C,eAAe,CACA,MAAM,CAAC,EAAE,MAAM,EACb,QAAQ,CAAC,EAAE,MAAM,EACpB,KAAK,CAAC,EAAE,MAAM,EACd,KAAK,CAAC,EAAE,MAAM;;;;;;;;;;;;IAgB5B,SAAS;;;IAMT,iBAAiB,CACP,KAAK,EAAE,MAAM,EACT,KAAK,CAAC,EAAE,MAAM,EACd,KAAK,CAAC,EAAE,MAAM;;;;;;;;;;;;IAe5B,aAAa;;;IAMb,gBAAgB,CAAS,GAAG,EAAE,wBAAwB;;;;;;;;;;;;IAetD,aAAa,CAAc,EAAE,EAAE,MAAM;;;;;;;;;;;;IAerC,gBAAgB,CACL,EAAE,EAAE,MAAM,EACf,GAAG,EAAE,wBAAwB;;;;;;;;;;;;IAwBzC;;OAEG;YACW,uBAAuB;IAqB/B,gBAAgB,CAAc,EAAE,EAAE,MAAM;;;IAK9C,OAAO,CAAC,gBAAgB;CAY3B"}

package/src/lib/admin-console/controllers/admin-permissions.controller.js

@@ -0,0 +1,195 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AdminPermissionsController = void 0;
+const tslib_1 = require("tslib");
+const common_1 = require("@nestjs/common");
+const common_2 = require("@nestjs/common");
+const admin_session_guard_1 = require("../guards/admin-session.guard");
+const admin_permission_dto_1 = require("../dto/admin-permission.dto");
+const permission_service_1 = require("../../permission/services/permission.service");
+const role_service_1 = require("../../role/services/role.service");
+const typeorm_1 = require("@nestjs/typeorm");
+const typeorm_2 = require("typeorm");
+const role_entity_1 = require("../../role/entities/role.entity");
+let AdminPermissionsController = class AdminPermissionsController {
+    constructor(permissionService, roleService, roleRepository) {
+        this.permissionService = permissionService;
+        this.roleService = roleService;
+        this.roleRepository = roleRepository;
+    }
+    async listPermissions(search, category, guard, limit) {
+        const limitNum = limit ? parseInt(limit, 10) : undefined;
+        const permissions = await this.permissionService.getPermissions({
+            search,
+            category,
+            guard,
+            limit: limitNum,
+        });
+        return {
+            data: permissions.map((p) => this.toSafePermission(p)),
+        };
+    }
+    async getGuards() {
+        const guards = await this.permissionService.getGuards();
+        return { data: guards };
+    }
+    async searchPermissions(query, guard, limit) {
+        if (!query || query.trim().length === 0) {
+            return { data: [] };
+        }
+        const limitNum = limit ? parseInt(limit, 10) : 20;
+        const permissions = await this.permissionService.searchPermissions(query.trim(), guard, limitNum);
+        return {
+            data: permissions.map((p) => this.toSafePermission(p)),
+        };
+    }
+    async getCategories() {
+        const categories = await this.permissionService.getCategories();
+        return { data: categories };
+    }
+    async createPermission(dto) {
+        const permission = await this.permissionService.createPermission({
+            name: dto.name,
+            guard: dto.guard,
+            description: dto.description,
+            category: dto.category,
+            metadata: dto.metadata,
+        });
+        return {
+            permission: this.toSafePermission(permission),
+        };
+    }
+    async getPermission(id) {
+        try {
+            const permission = await this.permissionService.getPermissionById(id);
+            return {
+                permission: this.toSafePermission(permission),
+            };
+        }
+        catch (error) {
+            if (error instanceof common_2.NotFoundException) {
+                throw error;
+            }
+            throw new common_2.NotFoundException('Permission not found');
+        }
+    }
+    async updatePermission(id, dto) {
+        const oldPermission = await this.permissionService.getPermissionById(id);
+        const oldName = oldPermission.name;
+        const oldGuard = oldPermission.guard;
+        const permission = await this.permissionService.updatePermission(id, {
+            name: dto.name,
+            guard: dto.guard,
+            description: dto.description,
+            category: dto.category,
+            metadata: dto.metadata,
+        });
+        // If name changed and user wants to update in roles, update all roles
+        if (dto.name && dto.name !== oldName && dto.updateInRoles === true) {
+            await this.updatePermissionInRoles(oldName, oldGuard, dto.name);
+        }
+        return {
+            permission: this.toSafePermission(permission),
+        };
+    }
+    /**
+     * Update permission name in all roles that use it
+     */
+    async updatePermissionInRoles(oldPermissionName, guard, newPermissionName) {
+        // Find all roles with this guard that contain the old permission
+        const roles = await this.roleRepository.find({
+            where: { guard },
+        });
+        for (const role of roles) {
+            if (role.permissions && role.permissions.includes(oldPermissionName)) {
+                role.permissions = role.permissions.map((perm) => (perm === oldPermissionName ? newPermissionName : perm));
+                await this.roleRepository.save(role);
+            }
+        }
+    }
+    async deletePermission(id) {
+        await this.permissionService.deletePermission(id);
+        return { message: 'Permission deleted successfully' };
+    }
+    toSafePermission(permission) {
+        return {
+            id: permission.id,
+            name: permission.name,
+            guard: permission.guard,
+            description: permission.description,
+            category: permission.category,
+            metadata: permission.metadata || {},
+            createdAt: permission.createdAt,
+            updatedAt: permission.updatedAt,
+        };
+    }
+};
+exports.AdminPermissionsController = AdminPermissionsController;
+tslib_1.__decorate([
+    (0, common_1.Get)(),
+    tslib_1.__param(0, (0, common_1.Query)('search')),
+    tslib_1.__param(1, (0, common_1.Query)('category')),
+    tslib_1.__param(2, (0, common_1.Query)('guard')),
+    tslib_1.__param(3, (0, common_1.Query)('limit')),
+    tslib_1.__metadata("design:type", Function),
+    tslib_1.__metadata("design:paramtypes", [String, String, String, String]),
+    tslib_1.__metadata("design:returntype", Promise)
+], AdminPermissionsController.prototype, "listPermissions", null);
+tslib_1.__decorate([
+    (0, common_1.Get)('guards'),
+    tslib_1.__metadata("design:type", Function),
+    tslib_1.__metadata("design:paramtypes", []),
+    tslib_1.__metadata("design:returntype", Promise)
+], AdminPermissionsController.prototype, "getGuards", null);
+tslib_1.__decorate([
+    (0, common_1.Get)('search'),
+    tslib_1.__param(0, (0, common_1.Query)('q')),
+    tslib_1.__param(1, (0, common_1.Query)('guard')),
+    tslib_1.__param(2, (0, common_1.Query)('limit')),
+    tslib_1.__metadata("design:type", Function),
+    tslib_1.__metadata("design:paramtypes", [String, String, String]),
+    tslib_1.__metadata("design:returntype", Promise)
+], AdminPermissionsController.prototype, "searchPermissions", null);
+tslib_1.__decorate([
+    (0, common_1.Get)('categories'),
+    tslib_1.__metadata("design:type", Function),
+    tslib_1.__metadata("design:paramtypes", []),
+    tslib_1.__metadata("design:returntype", Promise)
+], AdminPermissionsController.prototype, "getCategories", null);
+tslib_1.__decorate([
+    (0, common_1.Post)(),
+    tslib_1.__param(0, (0, common_1.Body)()),
+    tslib_1.__metadata("design:type", Function),
+    tslib_1.__metadata("design:paramtypes", [admin_permission_dto_1.AdminCreatePermissionDto]),
+    tslib_1.__metadata("design:returntype", Promise)
+], AdminPermissionsController.prototype, "createPermission", null);
+tslib_1.__decorate([
+    (0, common_1.Get)(':id'),
+    tslib_1.__param(0, (0, common_1.Param)('id')),
+    tslib_1.__metadata("design:type", Function),
+    tslib_1.__metadata("design:paramtypes", [String]),
+    tslib_1.__metadata("design:returntype", Promise)
+], AdminPermissionsController.prototype, "getPermission", null);
+tslib_1.__decorate([
+    (0, common_1.Patch)(':id'),
+    tslib_1.__param(0, (0, common_1.Param)('id')),
+    tslib_1.__param(1, (0, common_1.Body)()),
+    tslib_1.__metadata("design:type", Function),
+    tslib_1.__metadata("design:paramtypes", [String, admin_permission_dto_1.AdminUpdatePermissionDto]),
+    tslib_1.__metadata("design:returntype", Promise)
+], AdminPermissionsController.prototype, "updatePermission", null);
+tslib_1.__decorate([
+    (0, common_1.Delete)(':id'),
+    tslib_1.__param(0, (0, common_1.Param)('id')),
+    tslib_1.__metadata("design:type", Function),
+    tslib_1.__metadata("design:paramtypes", [String]),
+    tslib_1.__metadata("design:returntype", Promise)
+], AdminPermissionsController.prototype, "deletePermission", null);
+exports.AdminPermissionsController = AdminPermissionsController = tslib_1.__decorate([
+    (0, common_1.Controller)('auth/admin/api/permissions'),
+    (0, common_1.UseGuards)(admin_session_guard_1.AdminSessionGuard),
+    tslib_1.__param(2, (0, typeorm_1.InjectRepository)(role_entity_1.NestAuthRole)),
+    tslib_1.__metadata("design:paramtypes", [permission_service_1.PermissionService,
+        role_service_1.RoleService,
+        typeorm_2.Repository])
+], AdminPermissionsController);

package/src/lib/admin-console/controllers/admin-roles.controller.d.ts

@@ -0,0 +1,47 @@
+import { RoleService } from '../../role/services/role.service';
+import { AdminCreateRoleDto, AdminUpdateRoleDto } from '../dto/admin-role.dto';
+export declare class AdminRolesController {
+    private readonly roles;
+    constructor(roles: RoleService);
+    listRoles(): Promise<{
+        data: {
+            id: string;
+            name: string;
+            guard: string;
+            isSystem: boolean;
+            tenantId: string;
+            permissions: string[];
+            createdAt: Date;
+            updatedAt: Date;
+        }[];
+    }>;
+    createRole(dto: AdminCreateRoleDto): Promise<{
+        role: {
+            id: string;
+            name: string;
+            guard: string;
+            isSystem: boolean;
+            tenantId: string;
+            permissions: string[];
+            createdAt: Date;
+            updatedAt: Date;
+        };
+    }>;
+    updateRole(id: string, dto: AdminUpdateRoleDto): Promise<{
+        role: {
+            id: string;
+            name: string;
+            guard: string;
+            isSystem: boolean;
+            tenantId: string;
+            permissions: string[];
+            createdAt: Date;
+            updatedAt: Date;
+        };
+    }>;
+    deleteRole(id: string): Promise<{
+        message: string;
+    }>;
+    private toSafeRole;
+}
+//# sourceMappingURL=admin-roles.controller.d.ts.map

package/src/lib/admin-console/controllers/admin-roles.controller.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"admin-roles.controller.d.ts","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/admin-console/controllers/admin-roles.controller.ts"],"names":[],"mappings":"AAYA,OAAO,EAAE,WAAW,EAAE,MAAM,kCAAkC,CAAC;AAC/D,OAAO,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAI/E,qBAEa,oBAAoB;IACnB,OAAO,CAAC,QAAQ,CAAC,KAAK;gBAAL,KAAK,EAAE,WAAW;IAGzC,SAAS;;;;;;;;;;;;IAUT,UAAU,CAAS,GAAG,EAAE,kBAAkB;;;;;;;;;;;;IAY1C,UAAU,CAAc,EAAE,EAAE,MAAM,EAAU,GAAG,EAAE,kBAAkB;;;;;;;;;;;;IA0BnE,UAAU,CAAc,EAAE,EAAE,MAAM;;;IAKxC,OAAO,CAAC,UAAU;CAYnB"}

package/src/lib/admin-console/controllers/admin-roles.controller.js

@@ -0,0 +1,95 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AdminRolesController = void 0;
+const tslib_1 = require("tslib");
+const common_1 = require("@nestjs/common");
+const admin_session_guard_1 = require("../guards/admin-session.guard");
+const role_service_1 = require("../../role/services/role.service");
+const admin_role_dto_1 = require("../dto/admin-role.dto");
+const auth_constants_1 = require("../../auth.constants");
+let AdminRolesController = class AdminRolesController {
+    constructor(roles) {
+        this.roles = roles;
+    }
+    async listRoles() {
+        const roles = await this.roles.getRoles({
+            order: { name: 'ASC' },
+        });
+        return {
+            data: roles.map((role) => this.toSafeRole(role)),
+        };
+    }
+    async createRole(dto) {
+        const role = await this.roles.createRole(dto.name, dto.guard ?? auth_constants_1.DEFAULT_GUARD_NAME, dto.tenantId, dto.isSystem ?? false, dto.permissions);
+        return { role: this.toSafeRole(role) };
+    }
+    async updateRole(id, dto) {
+        // Validate at least one field is provided
+        if (!dto.permissions && !dto.name && !dto.guard) {
+            throw new common_1.BadRequestException('At least one field must be provided for update (permissions, name, or guard)');
+        }
+        // Apply updates sequentially without overwriting results
+        if (dto.permissions) {
+            await this.roles.updateRolePermissions(id, dto.permissions);
+        }
+        if (dto.name || dto.guard) {
+            await this.roles.updateRole(id, {
+                name: dto.name,
+                guard: dto.guard,
+            });
+        }
+        // Fetch the final updated role once
+        const role = await this.roles.getRoleById(id);
+        return { role: this.toSafeRole(role) };
+    }
+    async deleteRole(id) {
+        await this.roles.deleteRole(id);
+        return { message: 'Role removed' };
+    }
+    toSafeRole(role) {
+        return {
+            id: role.id,
+            name: role.name,
+            guard: role.guard,
+            isSystem: role.isSystem,
+            tenantId: role.tenantId,
+            permissions: role.permissions ?? [],
+            createdAt: role.createdAt,
+            updatedAt: role.updatedAt,
+        };
+    }
+};
+exports.AdminRolesController = AdminRolesController;
+tslib_1.__decorate([
+    (0, common_1.Get)(),
+    tslib_1.__metadata("design:type", Function),
+    tslib_1.__metadata("design:paramtypes", []),
+    tslib_1.__metadata("design:returntype", Promise)
+], AdminRolesController.prototype, "listRoles", null);
+tslib_1.__decorate([
+    (0, common_1.Post)(),
+    tslib_1.__param(0, (0, common_1.Body)()),
+    tslib_1.__metadata("design:type", Function),
+    tslib_1.__metadata("design:paramtypes", [admin_role_dto_1.AdminCreateRoleDto]),
+    tslib_1.__metadata("design:returntype", Promise)
+], AdminRolesController.prototype, "createRole", null);
+tslib_1.__decorate([
+    (0, common_1.Patch)(':id'),
+    tslib_1.__param(0, (0, common_1.Param)('id')),
+    tslib_1.__param(1, (0, common_1.Body)()),
+    tslib_1.__metadata("design:type", Function),
+    tslib_1.__metadata("design:paramtypes", [String, admin_role_dto_1.AdminUpdateRoleDto]),
+    tslib_1.__metadata("design:returntype", Promise)
+], AdminRolesController.prototype, "updateRole", null);
+tslib_1.__decorate([
+    (0, common_1.Delete)(':id'),
+    tslib_1.__param(0, (0, common_1.Param)('id')),
+    tslib_1.__metadata("design:type", Function),
+    tslib_1.__metadata("design:paramtypes", [String]),
+    tslib_1.__metadata("design:returntype", Promise)
+], AdminRolesController.prototype, "deleteRole", null);
+exports.AdminRolesController = AdminRolesController = tslib_1.__decorate([
+    (0, common_1.Controller)('auth/admin/api/roles'),
+    (0, common_1.UseGuards)(admin_session_guard_1.AdminSessionGuard),
+    tslib_1.__metadata("design:paramtypes", [role_service_1.RoleService])
+], AdminRolesController);

package/src/lib/admin-console/controllers/admin-tenants.controller.d.ts

@@ -0,0 +1,44 @@
+import { TenantService } from '../../tenant/services/tenant.service';
+import { AdminCreateTenantDto, AdminUpdateTenantDto } from '../dto/admin-tenant.dto';
+export declare class AdminTenantsController {
+    private readonly tenants;
+    constructor(tenants: TenantService);
+    listTenants(): Promise<{
+        data: {
+            id: string;
+            name: string;
+            slug: string;
+            description: string;
+            metadata: Record<string, any>;
+            createdAt: Date;
+            updatedAt: Date;
+        }[];
+    }>;
+    createTenant(dto: AdminCreateTenantDto): Promise<{
+        tenant: {
+            id: string;
+            name: string;
+            slug: string;
+            description: string;
+            metadata: Record<string, any>;
+            createdAt: Date;
+            updatedAt: Date;
+        };
+    }>;
+    updateTenant(id: string, dto: AdminUpdateTenantDto): Promise<{
+        tenant: {
+            id: string;
+            name: string;
+            slug: string;
+            description: string;
+            metadata: Record<string, any>;
+            createdAt: Date;
+            updatedAt: Date;
+        };
+    }>;
+    deleteTenant(id: string): Promise<{
+        message: string;
+    }>;
+    private toSafeTenant;
+}
+//# sourceMappingURL=admin-tenants.controller.d.ts.map

package/src/lib/admin-console/controllers/admin-tenants.controller.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"admin-tenants.controller.d.ts","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/admin-console/controllers/admin-tenants.controller.ts"],"names":[],"mappings":"AAWA,OAAO,EAAE,aAAa,EAAE,MAAM,sCAAsC,CAAC;AACrE,OAAO,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,MAAM,yBAAyB,CAAC;AAGrF,qBAEa,sBAAsB;IACrB,OAAO,CAAC,QAAQ,CAAC,OAAO;gBAAP,OAAO,EAAE,aAAa;IAG7C,WAAW;;;;;;;;;;;IAQX,YAAY,CAAS,GAAG,EAAE,oBAAoB;;;;;;;;;;;IAW9C,YAAY,CAAc,EAAE,EAAE,MAAM,EAAU,GAAG,EAAE,oBAAoB;;;;;;;;;;;IAWvE,YAAY,CAAc,EAAE,EAAE,MAAM;;;IAK1C,OAAO,CAAC,YAAY;CAWrB"}

package/src/lib/admin-console/controllers/admin-tenants.controller.js

@@ -0,0 +1,86 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AdminTenantsController = void 0;
+const tslib_1 = require("tslib");
+const common_1 = require("@nestjs/common");
+const admin_session_guard_1 = require("../guards/admin-session.guard");
+const tenant_service_1 = require("../../tenant/services/tenant.service");
+const admin_tenant_dto_1 = require("../dto/admin-tenant.dto");
+let AdminTenantsController = class AdminTenantsController {
+    constructor(tenants) {
+        this.tenants = tenants;
+    }
+    async listTenants() {
+        const tenants = await this.tenants.getTenants({ order: { createdAt: 'DESC' } });
+        return {
+            data: tenants.map((tenant) => this.toSafeTenant(tenant)),
+        };
+    }
+    async createTenant(dto) {
+        const tenant = await this.tenants.createTenant({
+            name: dto.name,
+            slug: dto.slug,
+            description: dto.description,
+            metadata: dto.metadata ?? {},
+        });
+        return { tenant: this.toSafeTenant(tenant) };
+    }
+    async updateTenant(id, dto) {
+        const tenant = await this.tenants.updateTenant(id, {
+            name: dto.name,
+            slug: dto.slug,
+            description: dto.description,
+            metadata: dto.metadata ?? {},
+        });
+        return { tenant: this.toSafeTenant(tenant) };
+    }
+    async deleteTenant(id) {
+        await this.tenants.deleteTenant(id);
+        return { message: 'Tenant removed' };
+    }
+    toSafeTenant(tenant) {
+        return {
+            id: tenant.id,
+            name: tenant.name,
+            slug: tenant.slug,
+            description: tenant.description,
+            metadata: tenant.metadata ?? {},
+            createdAt: tenant.createdAt,
+            updatedAt: tenant.updatedAt,
+        };
+    }
+};
+exports.AdminTenantsController = AdminTenantsController;
+tslib_1.__decorate([
+    (0, common_1.Get)(),
+    tslib_1.__metadata("design:type", Function),
+    tslib_1.__metadata("design:paramtypes", []),
+    tslib_1.__metadata("design:returntype", Promise)
+], AdminTenantsController.prototype, "listTenants", null);
+tslib_1.__decorate([
+    (0, common_1.Post)(),
+    tslib_1.__param(0, (0, common_1.Body)()),
+    tslib_1.__metadata("design:type", Function),
+    tslib_1.__metadata("design:paramtypes", [admin_tenant_dto_1.AdminCreateTenantDto]),
+    tslib_1.__metadata("design:returntype", Promise)
+], AdminTenantsController.prototype, "createTenant", null);
+tslib_1.__decorate([
+    (0, common_1.Patch)(':id'),
+    tslib_1.__param(0, (0, common_1.Param)('id')),
+    tslib_1.__param(1, (0, common_1.Body)()),
+    tslib_1.__metadata("design:type", Function),
+    tslib_1.__metadata("design:paramtypes", [String, admin_tenant_dto_1.AdminUpdateTenantDto]),
+    tslib_1.__metadata("design:returntype", Promise)
+], AdminTenantsController.prototype, "updateTenant", null);
+tslib_1.__decorate([
+    (0, common_1.Delete)(':id'),
+    tslib_1.__param(0, (0, common_1.Param)('id')),
+    tslib_1.__metadata("design:type", Function),
+    tslib_1.__metadata("design:paramtypes", [String]),
+    tslib_1.__metadata("design:returntype", Promise)
+], AdminTenantsController.prototype, "deleteTenant", null);
+exports.AdminTenantsController = AdminTenantsController = tslib_1.__decorate([
+    (0, common_1.Controller)('auth/admin/api/tenants'),
+    (0, common_1.UseGuards)(admin_session_guard_1.AdminSessionGuard),
+    tslib_1.__metadata("design:paramtypes", [tenant_service_1.TenantService])
+], AdminTenantsController);