@bpinhosilva/agent-orchestrator 1.0.0-alpha.22 → 1.0.0-alpha.23

package/CHANGELOG.md

@@ -1,3 +1,12 @@
+# [1.0.0-alpha.23](https://github.com/bpinhosilva/agent-orchestrator/compare/v1.0.0-alpha.22...v1.0.0-alpha.23) (2026-04-02)
+
+
+### Features
+
+* enhance project management with user roles and member management ([877832f](https://github.com/bpinhosilva/agent-orchestrator/commit/877832fc4ad8d77499124a4da23c14a1270622a4))
+* implement release workflow with semantic release and build steps; remove old release.yml ([f17eb48](https://github.com/bpinhosilva/agent-orchestrator/commit/f17eb48c64b165c8fd05e142d175716f7990f670))
+* update CI workflow to include E2E and UI tests; bump lodash version ([b8ceee6](https://github.com/bpinhosilva/agent-orchestrator/commit/b8ceee6adf0855b54d4a45d959e87ec338c55887))
+
 # [1.0.0-alpha.22](https://github.com/bpinhosilva/agent-orchestrator/compare/v1.0.0-alpha.21...v1.0.0-alpha.22) (2026-04-02)
 
 

package/README.md

@@ -3,68 +3,230 @@
 [![CI](https://github.com/bpinhosilva/agent-orchestrator/actions/workflows/ci.yml/badge.svg)](https://github.com/bpinhosilva/agent-orchestrator/actions/workflows/ci.yml)
 [![Release](https://github.com/bpinhosilva/agent-orchestrator/actions/workflows/release.yml/badge.svg)](https://github.com/bpinhosilva/agent-orchestrator/actions/workflows/release.yml)
 [![Gitleaks](https://github.com/bpinhosilva/agent-orchestrator/actions/workflows/gitleaks.yml/badge.svg)](https://github.com/bpinhosilva/agent-orchestrator/actions/workflows/gitleaks.yml)
+[![Socket Badge](https://socket.dev/api/badge/npm/package/@bpinhosilva/agent-orchestrator)](https://socket.dev/npm/package/@bpinhosilva/agent-orchestrator)
 
 Agent Orchestrator is an open-source project designed to manage and orchestrate AI agents using both back-end services and front-end applications. It provides an automated agentic execution environment where you can create multiple agent profiles (e.g., Head Agent, Researcher, CMO) and delegate tasks to them through automated workflows.
 
 ## Features (In Progress & Planned)
 - **Agent Delegation**: Delegate tasks to specialized AI agents.
+- **Multi-Provider Support**: Google Gemini and Anthropic Claude providers.
 - **Job Scheduler**: Create and schedule recurring agentic tasks.
 - **Workflow Engine**: Drag-and-drop workflow builder supporting triggers, agent chaining, and outputs.
-- **Agent Capabilities**: File reading/writing, web search, email capabilities, and image generation using NanoBanana.
+- **Agent Capabilities**: File reading/writing, web search, email capabilities, and image generation.
+- **Role-Based Access Control**: Admin and member roles with project-level membership.
 - **TUI/CLI Tooling**: CLI executables to manage the installation and local agent configuration.
 
-## Current Architecture
-- **Backend Framework**: NestJS + TypeScript
-- **Frontend SPA**: React (Currently served as a single placeholder HTML file by the backend for MVP)
-- **Database**: PostgreSQL (via Docker Compose)
+## Architecture
+- **Backend Framework**: NestJS 11 + TypeScript 5
+- **Frontend SPA**: React (built separately, served as static files)
+- **Database**: PostgreSQL (production) / SQLite (development)
 - **Testing**: Jest (TDD Approach with Unit & E2E)
-- **Architecture**: 3-Tier (Controller, Service, DAL/Adapter Interfaces)
+- **Architecture**: 3-Tier (Controller → Service → Repository)
 
 ## Prerequisites
 - [Node.js](https://nodejs.org/) (v18+)
-- [Docker](https://www.docker.com/) and Docker Compose (Optional for local PostgreSQL deployment)
-- A [Google Gemini API Key](https://aistudio.google.com/)
+- [Docker](https://www.docker.com/) and Docker Compose (optional, for PostgreSQL)
+- A [Google Gemini API Key](https://aistudio.google.com/) or [Anthropic API Key](https://console.anthropic.com/)
 
-## Installation
+## Quick Start
+
+### 1. Install Dependencies
+
+```bash
+npm install
+```
+
+> **Note**: The project uses `ignore-scripts=true` in `.npmrc` for supply chain security. After installing, run `npm rebuild` to compile native modules (bcrypt, sqlite3).
+
+### 2. Configure Environment
+
+Create a `.env` file in the project root (or set `AGENT_ORCHESTRATOR_HOME` to point to a directory containing `.env`):
+
+```bash
+# Required
+JWT_SECRET="at-least-32-characters-long-secret-key"
+
+# AI Providers (at least one required for agent functionality)
+GEMINI_API_KEY="your-gemini-api-key"
+ANTHROPIC_API_KEY="your-anthropic-api-key"
+
+# Optional
+PORT=3000                           # Server port (default: 3000)
+NODE_ENV=development                # development | production | test
+DATABASE_URL=                       # PostgreSQL connection string (omit for SQLite)
+ALLOWED_ORIGINS=http://localhost:5173,http://localhost:3000
+SCHEDULER_ENABLED=true              # Enable/disable task scheduler CRON
+DB_LOGGING=false                    # Enable TypeORM query logging
+```
+
+### 3. Set Up the Database
+
+**Option A: SQLite (Development — zero config)**
+
+SQLite is used automatically when `DATABASE_URL` is not set. The database file is created at `local.sqlite` in the project root (or `$AGENT_ORCHESTRATOR_HOME/local.sqlite`).
+
+**Option B: PostgreSQL (Production)**
+
+```bash
+# Start PostgreSQL via Docker Compose
+docker compose up -d
+
+# Set the connection string
+export DATABASE_URL="postgresql://orchestrator:orchestrator_password@localhost:5433/agent_orchestrator"
+```
+
+Then run migrations and seed the admin user:
+
+```bash
+# Apply database migrations
+npm run migration:run
+
+# Create the initial admin user (interactive prompt)
+npm run seed:admin
+```
+
+### 4. Run the Application
+
+```bash
+# Development (API + UI with hot reload)
+npm run dev
+
+# Or API only in watch mode
+npm run start:dev
+
+# Production build
+npm run build
+npm run start:prod
+```
+
+The dashboard is available at `http://localhost:3000` and the API at `http://localhost:3000/api/v1/`.
+
+## Database Management
+
+The project uses [TypeORM](https://typeorm.io/) migrations to manage schema changes. **Never rely on `synchronize: true`** — it is disabled in all environments.
+
+### Migration Commands
 
 ```bash
-$ npm install
+# Generate a new migration from entity changes
+npm run typeorm -- migration:generate src/migrations/DescriptiveName
+
+# Apply all pending migrations
+npm run migration:run
+
+# Revert the last applied migration
+npm run migration:revert
+
+# Drop the entire database schema (use with caution!)
+npm run schema:drop
 ```
 
-## Running the app
+### Migration Workflow
 
-Before running the application, ensure you have set the `GEMINI_API_KEY` in your environment variables, as the default agent is the `GeminiAgent`.
+1. Modify your entity files in `src/`
+2. Generate a migration: `npm run typeorm -- migration:generate src/migrations/YourMigrationName`
+3. Review the generated file in `src/migrations/`
+4. Apply it: `npm run migration:run`
+5. Verify with tests: `npm run test:all`
+
+### Seeding
 
 ```bash
-# Start the PostgreSQL Database
-$ docker compose up -d
+# Create the initial admin user
+npm run seed:admin
+```
 
-# development
-$ GEMINI_API_KEY="your-api-key" npm run start
+This creates a user with the `admin` role. All subsequent users registered via `POST /auth/register` (admin-only endpoint) default to `member` role.
 
-# watch mode
-$ GEMINI_API_KEY="your-api-key" npm run start:dev
+## Deployment
 
-# production mode
-$ GEMINI_API_KEY="your-api-key" npm run start:prod
+### Production Checklist
+
+1. **Database**: Use PostgreSQL — set `DATABASE_URL` environment variable
+2. **Migrations**: Run `npm run migration:run` before starting the app
+3. **Environment**:
+   - `NODE_ENV=production` — disables Swagger UI and enables secure cookies
+   - `JWT_SECRET` — strong secret, minimum 32 characters
+   - `ALLOWED_ORIGINS` — comma-separated list of allowed CORS origins (required in production)
+4. **Build**: Run `npm run build` to compile TypeScript and bundle the UI
+5. **Start**: `npm run start:prod` (or `node dist/main.js`)
+
+### Docker
+
+```bash
+# Build and run with Docker Compose (includes PostgreSQL)
+docker compose up -d
+
+# Apply migrations
+DATABASE_URL="postgresql://orchestrator:orchestrator_password@localhost:5433/agent_orchestrator" \
+  npm run migration:run
+
+# Seed admin
+DATABASE_URL="postgresql://orchestrator:orchestrator_password@localhost:5433/agent_orchestrator" \
+  npm run seed:admin
 ```
 
-Once running, you can access the frontend dashboard container URL at `http://localhost:3000`. The API endpoints are accessible via `http://localhost:3000/api/v1/`.
+### Updating an Existing Deployment
+
+1. Pull the latest code
+2. Install dependencies: `npm ci && npm rebuild`
+3. Build: `npm run build`
+4. Run new migrations: `npm run migration:run`
+5. Restart the application
 
 ## Testing
 
 ```bash
-# unit tests
-$ npm run test
+# Unit tests
+npm test
 
-# e2e tests
-$ npm run test:e2e
+# Unit tests in watch mode
+npm run test:watch
 
-# test coverage
-$ npm run test:cov
+# E2E tests
+npm run test:e2e
+
+# All tests (unit + UI + E2E)
+npm run test:all
+
+# Test coverage
+npm run test:cov
+
+# Run a single test file
+npm test -- src/auth/auth.service.spec.ts
+
+# Run tests matching a name pattern
+npm test -- --testNamePattern="should validate email"
 ```
 
-## API usage
+## Security
+
+### Authentication & Authorization
+
+- **JWT-based authentication** with httpOnly cookie transport (no tokens in response bodies)
+- **Role-Based Access Control (RBAC)**: `admin` and `member` roles
+  - **Admin**: Full access to all resources
+  - **Member**: Access scoped to projects they own or are members of
+- **Project membership**: Many-to-many model with `owner` and `member` roles per project
+- **Rate limiting**: 60 req/min globally, 5 req/min on auth endpoints
+- All routes protected by default — use `@Public()` decorator for public endpoints
+
+### Supply Chain Protection
+
+- `.npmrc` hardened: registry pinned to `registry.npmjs.org`, install scripts disabled
+- `lockfile-lint` validates lockfile integrity in CI and pre-commit hooks
+- `npm audit signatures` checks package provenance in CI
+- [Socket.dev](https://socket.dev) monitors dependencies for supply chain risks
+
+### Additional Hardening
+
+- Helmet.js security headers with Content Security Policy
+- CORS restricted to `ALLOWED_ORIGINS` (deny-all in production without explicit config)
+- Swagger UI disabled in production
+- File upload validation: MIME type allowlist + 10MB size limit
+- Input length limits on all text fields via class-validator
+
+## API Usage
 
 **Endpoint**: `POST /api/v1/agents/process`
 **Payload**:
@@ -73,3 +235,11 @@ $ npm run test:cov
   "input": "Write a short poem about automation."
 }
 ```
+
+## Contributing
+
+See [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines.
+
+## License
+
+See [LICENSE](LICENSE) for details.

package/dist/agents/agents.controller.js

@@ -19,6 +19,8 @@ const agents_service_1 = require("./agents.service");
 const agent_request_dto_1 = require("./dto/agent-request.dto");
 const create_agent_dto_1 = require("./dto/create-agent.dto");
 const update_agent_dto_1 = require("./dto/update-agent.dto");
+const roles_decorator_1 = require("../auth/decorators/roles.decorator");
+const user_entity_1 = require("../users/entities/user.entity");
 let AgentsController = class AgentsController {
     agentsService;
     constructor(agentsService) {
@@ -48,6 +50,7 @@ let AgentsController = class AgentsController {
 };
 exports.AgentsController = AgentsController;
 __decorate([
+    (0, roles_decorator_1.Roles)(user_entity_1.UserRole.ADMIN),
     (0, common_1.Post)(),
     openapi.ApiResponse({ status: 201, type: require("./entities/agent.entity").AgentEntity }),
     __param(0, (0, common_1.Body)()),
@@ -71,6 +74,7 @@ __decorate([
     __metadata("design:returntype", void 0)
 ], AgentsController.prototype, "findOne", null);
 __decorate([
+    (0, roles_decorator_1.Roles)(user_entity_1.UserRole.ADMIN),
     (0, common_1.Patch)(':id'),
     openapi.ApiResponse({ status: 200, type: require("./entities/agent.entity").AgentEntity }),
     __param(0, (0, common_1.Param)('id')),
@@ -80,6 +84,7 @@ __decorate([
     __metadata("design:returntype", void 0)
 ], AgentsController.prototype, "update", null);
 __decorate([
+    (0, roles_decorator_1.Roles)(user_entity_1.UserRole.ADMIN),
     (0, common_1.Delete)(':id'),
     openapi.ApiResponse({ status: 200 }),
     __param(0, (0, common_1.Param)('id')),

package/dist/agents/agents.controller.js.map

@@ -1 +1 @@
-{"version":3,"file":"agents.controller.js","sourceRoot":"","sources":["../../src/agents/agents.controller.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CAUwB;AACxB,qDAAiD;AACjD,+DAA0D;AAE1D,6DAAwD;AACxD,6DAAwD;AAGjD,IAAM,gBAAgB,GAAtB,MAAM,gBAAgB;IACE;IAA7B,YAA6B,aAA4B;QAA5B,kBAAa,GAAb,aAAa,CAAe;IAAG,CAAC;IAG7D,MAAM,CAAS,cAA8B;QAC3C,OAAO,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;IACnD,CAAC;IAGD,OAAO;QACL,OAAO,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,CAAC;IACtC,CAAC;IAGD,OAAO,CAAc,EAAU;QAC7B,OAAO,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IACxC,CAAC;IAGD,MAAM,CAAc,EAAU,EAAU,cAA8B;QACpE,OAAO,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,EAAE,EAAE,cAAc,CAAC,CAAC;IACvD,CAAC;IAGD,MAAM,CAAc,EAAU;QAC5B,OAAO,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IACvC,CAAC;IAIK,AAAN,KAAK,CAAC,WAAW,CACP,UAA2B;QAEnC,OAAO,IAAI,CAAC,aAAa,CAAC,cAAc,CACtC,UAAU,CAAC,OAAO,EAClB,UAAU,CAAC,KAAK,CACjB,CAAC;IACJ,CAAC;IAIK,AAAN,KAAK,CAAC,KAAK,CAAS,UAA2B;QAC7C,OAAO,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,UAAU,CAAC,OAAO,EAAE,UAAU,CAAC,KAAK,CAAC,CAAC;IACxE,CAAC;CACF,CAAA;AA5CY,4CAAgB;AAI3B;IADC,IAAA,aAAI,GAAE;;IACC,WAAA,IAAA,aAAI,GAAE,CAAA;;qCAAiB,iCAAc;;8CAE5C;AAGD;IADC,IAAA,YAAG,GAAE;;;;;+CAGL;AAGD;IADC,IAAA,YAAG,EAAC,KAAK,CAAC;;IACF,WAAA,IAAA,cAAK,EAAC,IAAI,CAAC,CAAA;;;;+CAEnB;AAGD;IADC,IAAA,cAAK,EAAC,KAAK,CAAC;;IACL,WAAA,IAAA,cAAK,EAAC,IAAI,CAAC,CAAA;IAAc,WAAA,IAAA,aAAI,GAAE,CAAA;;6CAAiB,iCAAc;;8CAErE;AAGD;IADC,IAAA,eAAM,EAAC,KAAK,CAAC;;IACN,WAAA,IAAA,cAAK,EAAC,IAAI,CAAC,CAAA;;;;8CAElB;AAIK;IAFL,IAAA,aAAI,EAAC,SAAS,CAAC;IACf,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;kCAAd,mBAAU,CAAC,EAAE;IAEpB,WAAA,IAAA,aAAI,GAAE,CAAA;;qCAAa,mCAAe;;mDAMpC;AAIK;IAFL,IAAA,aAAI,EAAC,OAAO,CAAC;IACb,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;kCAAd,mBAAU,CAAC,EAAE;IACV,WAAA,IAAA,aAAI,GAAE,CAAA;;qCAAa,mCAAe;;6CAE9C;2BA3CU,gBAAgB;IAD5B,IAAA,mBAAU,EAAC,QAAQ,CAAC;qCAEyB,8BAAa;GAD9C,gBAAgB,CA4C5B"}
+{"version":3,"file":"agents.controller.js","sourceRoot":"","sources":["../../src/agents/agents.controller.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CAUwB;AACxB,qDAAiD;AACjD,+DAA0D;AAE1D,6DAAwD;AACxD,6DAAwD;AACxD,wEAA2D;AAC3D,+DAAyD;AAGlD,IAAM,gBAAgB,GAAtB,MAAM,gBAAgB;IACE;IAA7B,YAA6B,aAA4B;QAA5B,kBAAa,GAAb,aAAa,CAAe;IAAG,CAAC;IAI7D,MAAM,CAAS,cAA8B;QAC3C,OAAO,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;IACnD,CAAC;IAGD,OAAO;QACL,OAAO,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,CAAC;IACtC,CAAC;IAGD,OAAO,CAAc,EAAU;QAC7B,OAAO,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IACxC,CAAC;IAID,MAAM,CAAc,EAAU,EAAU,cAA8B;QACpE,OAAO,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,EAAE,EAAE,cAAc,CAAC,CAAC;IACvD,CAAC;IAID,MAAM,CAAc,EAAU;QAC5B,OAAO,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IACvC,CAAC;IAIK,AAAN,KAAK,CAAC,WAAW,CACP,UAA2B;QAEnC,OAAO,IAAI,CAAC,aAAa,CAAC,cAAc,CACtC,UAAU,CAAC,OAAO,EAClB,UAAU,CAAC,KAAK,CACjB,CAAC;IACJ,CAAC;IAIK,AAAN,KAAK,CAAC,KAAK,CAAS,UAA2B;QAC7C,OAAO,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,UAAU,CAAC,OAAO,EAAE,UAAU,CAAC,KAAK,CAAC,CAAC;IACxE,CAAC;CACF,CAAA;AA/CY,4CAAgB;AAK3B;IAFC,IAAA,uBAAK,EAAC,sBAAQ,CAAC,KAAK,CAAC;IACrB,IAAA,aAAI,GAAE;;IACC,WAAA,IAAA,aAAI,GAAE,CAAA;;qCAAiB,iCAAc;;8CAE5C;AAGD;IADC,IAAA,YAAG,GAAE;;;;;+CAGL;AAGD;IADC,IAAA,YAAG,EAAC,KAAK,CAAC;;IACF,WAAA,IAAA,cAAK,EAAC,IAAI,CAAC,CAAA;;;;+CAEnB;AAID;IAFC,IAAA,uBAAK,EAAC,sBAAQ,CAAC,KAAK,CAAC;IACrB,IAAA,cAAK,EAAC,KAAK,CAAC;;IACL,WAAA,IAAA,cAAK,EAAC,IAAI,CAAC,CAAA;IAAc,WAAA,IAAA,aAAI,GAAE,CAAA;;6CAAiB,iCAAc;;8CAErE;AAID;IAFC,IAAA,uBAAK,EAAC,sBAAQ,CAAC,KAAK,CAAC;IACrB,IAAA,eAAM,EAAC,KAAK,CAAC;;IACN,WAAA,IAAA,cAAK,EAAC,IAAI,CAAC,CAAA;;;;8CAElB;AAIK;IAFL,IAAA,aAAI,EAAC,SAAS,CAAC;IACf,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;kCAAd,mBAAU,CAAC,EAAE;IAEpB,WAAA,IAAA,aAAI,GAAE,CAAA;;qCAAa,mCAAe;;mDAMpC;AAIK;IAFL,IAAA,aAAI,EAAC,OAAO,CAAC;IACb,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;kCAAd,mBAAU,CAAC,EAAE;IACV,WAAA,IAAA,aAAI,GAAE,CAAA;;qCAAa,mCAAe;;6CAE9C;2BA9CU,gBAAgB;IAD5B,IAAA,mBAAU,EAAC,QAAQ,CAAC;qCAEyB,8BAAa;GAD9C,gBAAgB,CA+C5B"}

package/dist/agents/dto/agent-request.dto.js

@@ -16,7 +16,7 @@ class AgentRequestDto {
     agentId;
     input;
     static _OPENAPI_METADATA_FACTORY() {
-        return { agentId: { required: true, type: () => String }, input: { required: true, type: () => String } };
+        return { agentId: { required: true, type: () => String }, input: { required: true, type: () => String, maxLength: 50000 } };
     }
 }
 exports.AgentRequestDto = AgentRequestDto;
@@ -28,6 +28,7 @@ __decorate([
 __decorate([
     (0, class_validator_1.IsString)(),
     (0, class_validator_1.IsNotEmpty)(),
+    (0, class_validator_1.MaxLength)(50000),
     __metadata("design:type", String)
 ], AgentRequestDto.prototype, "input", void 0);
 //# sourceMappingURL=agent-request.dto.js.map

package/dist/agents/dto/agent-request.dto.js.map

@@ -1 +1 @@
-{"version":3,"file":"agent-request.dto.js","sourceRoot":"","sources":["../../../src/agents/dto/agent-request.dto.ts"],"names":[],"mappings":";;;;;;;;;;;;;AAAA,qDAAuD;AAEvD,MAAa,eAAe;IAG1B,OAAO,CAAS;IAIhB,KAAK,CAAS;;;;CACf;AARD,0CAQC;AALC;IAFC,IAAA,0BAAQ,GAAE;IACV,IAAA,4BAAU,GAAE;;gDACG;AAIhB;IAFC,IAAA,0BAAQ,GAAE;IACV,IAAA,4BAAU,GAAE;;8CACC"}
+{"version":3,"file":"agent-request.dto.js","sourceRoot":"","sources":["../../../src/agents/dto/agent-request.dto.ts"],"names":[],"mappings":";;;;;;;;;;;;;AAAA,qDAAkE;AAElE,MAAa,eAAe;IAG1B,OAAO,CAAS;IAKhB,KAAK,CAAS;;;;CACf;AATD,0CASC;AANC;IAFC,IAAA,0BAAQ,GAAE;IACV,IAAA,4BAAU,GAAE;;gDACG;AAKhB;IAHC,IAAA,0BAAQ,GAAE;IACV,IAAA,4BAAU,GAAE;IACZ,IAAA,2BAAS,EAAC,KAAK,CAAC;;8CACH"}

package/dist/agents/dto/create-agent.dto.js

@@ -21,28 +21,32 @@ class CreateAgentDto {
     status;
     providerId;
     static _OPENAPI_METADATA_FACTORY() {
-        return { name: { required: true, type: () => String }, description: { required: false, type: () => String }, role: { required: false, type: () => String }, systemInstructions: { required: false, type: () => String }, modelId: { required: true, type: () => String }, status: { required: false, type: () => String }, providerId: { required: true, type: () => String, format: "uuid" } };
+        return { name: { required: true, type: () => String, maxLength: 200 }, description: { required: false, type: () => String, maxLength: 2000 }, role: { required: false, type: () => String, maxLength: 200 }, systemInstructions: { required: false, type: () => String, maxLength: 10000 }, modelId: { required: true, type: () => String }, status: { required: false, type: () => String, enum: ['active', 'inactive'] }, providerId: { required: true, type: () => String, format: "uuid" } };
     }
 }
 exports.CreateAgentDto = CreateAgentDto;
 __decorate([
     (0, class_validator_1.IsString)(),
     (0, class_validator_1.IsNotEmpty)(),
+    (0, class_validator_1.MaxLength)(200),
     __metadata("design:type", String)
 ], CreateAgentDto.prototype, "name", void 0);
 __decorate([
     (0, class_validator_1.IsString)(),
     (0, class_validator_1.IsOptional)(),
+    (0, class_validator_1.MaxLength)(2000),
     __metadata("design:type", String)
 ], CreateAgentDto.prototype, "description", void 0);
 __decorate([
     (0, class_validator_1.IsString)(),
     (0, class_validator_1.IsOptional)(),
+    (0, class_validator_1.MaxLength)(200),
     __metadata("design:type", String)
 ], CreateAgentDto.prototype, "role", void 0);
 __decorate([
     (0, class_validator_1.IsString)(),
     (0, class_validator_1.IsOptional)(),
+    (0, class_validator_1.MaxLength)(10000),
     __metadata("design:type", String)
 ], CreateAgentDto.prototype, "systemInstructions", void 0);
 __decorate([
@@ -53,6 +57,7 @@ __decorate([
 __decorate([
     (0, class_validator_1.IsString)(),
     (0, class_validator_1.IsOptional)(),
+    (0, class_validator_1.IsIn)(['active', 'inactive']),
     __metadata("design:type", String)
 ], CreateAgentDto.prototype, "status", void 0);
 __decorate([

package/dist/agents/dto/create-agent.dto.js.map

@@ -1 +1 @@
-{"version":3,"file":"create-agent.dto.js","sourceRoot":"","sources":["../../../src/agents/dto/create-agent.dto.ts"],"names":[],"mappings":";;;;;;;;;;;;;AAAA,qDAA2E;AAE3E,MAAa,cAAc;IAGzB,IAAI,CAAS;IAIb,WAAW,CAAU;IAIrB,IAAI,CAAU;IAId,kBAAkB,CAAU;IAI5B,OAAO,CAAS;IAIhB,MAAM,CAAU;IAIhB,UAAU,CAAS;;;;CACpB;AA5BD,wCA4BC;AAzBC;IAFC,IAAA,0BAAQ,GAAE;IACV,IAAA,4BAAU,GAAE;;4CACA;AAIb;IAFC,IAAA,0BAAQ,GAAE;IACV,IAAA,4BAAU,GAAE;;mDACQ;AAIrB;IAFC,IAAA,0BAAQ,GAAE;IACV,IAAA,4BAAU,GAAE;;4CACC;AAId;IAFC,IAAA,0BAAQ,GAAE;IACV,IAAA,4BAAU,GAAE;;0DACe;AAI5B;IAFC,IAAA,0BAAQ,GAAE;IACV,IAAA,4BAAU,GAAE;;+CACG;AAIhB;IAFC,IAAA,0BAAQ,GAAE;IACV,IAAA,4BAAU,GAAE;;8CACG;AAIhB;IAFC,IAAA,wBAAM,GAAE;IACR,IAAA,4BAAU,GAAE;;kDACM"}
+{"version":3,"file":"create-agent.dto.js","sourceRoot":"","sources":["../../../src/agents/dto/create-agent.dto.ts"],"names":[],"mappings":";;;;;;;;;;;;;AAAA,qDAOyB;AAEzB,MAAa,cAAc;IAIzB,IAAI,CAAS;IAKb,WAAW,CAAU;IAKrB,IAAI,CAAU;IAKd,kBAAkB,CAAU;IAI5B,OAAO,CAAS;IAKhB,MAAM,CAAU;IAIhB,UAAU,CAAS;;0YALb,CAAC,QAAQ,EAAE,UAAU,CAAC;;CAM7B;AAjCD,wCAiCC;AA7BC;IAHC,IAAA,0BAAQ,GAAE;IACV,IAAA,4BAAU,GAAE;IACZ,IAAA,2BAAS,EAAC,GAAG,CAAC;;4CACF;AAKb;IAHC,IAAA,0BAAQ,GAAE;IACV,IAAA,4BAAU,GAAE;IACZ,IAAA,2BAAS,EAAC,IAAI,CAAC;;mDACK;AAKrB;IAHC,IAAA,0BAAQ,GAAE;IACV,IAAA,4BAAU,GAAE;IACZ,IAAA,2BAAS,EAAC,GAAG,CAAC;;4CACD;AAKd;IAHC,IAAA,0BAAQ,GAAE;IACV,IAAA,4BAAU,GAAE;IACZ,IAAA,2BAAS,EAAC,KAAK,CAAC;;0DACW;AAI5B;IAFC,IAAA,0BAAQ,GAAE;IACV,IAAA,4BAAU,GAAE;;+CACG;AAKhB;IAHC,IAAA,0BAAQ,GAAE;IACV,IAAA,4BAAU,GAAE;IACZ,IAAA,sBAAI,EAAC,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;;8CACb;AAIhB;IAFC,IAAA,wBAAM,GAAE;IACR,IAAA,4BAAU,GAAE;;kDACM"}

package/dist/app.module.js

@@ -28,6 +28,7 @@ const throttler_1 = require("@nestjs/throttler");
 const core_1 = require("@nestjs/core");
 const auth_module_1 = require("./auth/auth.module");
 const jwt_auth_guard_1 = require("./auth/guards/jwt-auth.guard");
+const roles_guard_1 = require("./auth/guards/roles.guard");
 const typeorm_2 = require("./config/typeorm");
 const APP_HOME = process.env.AGENT_ORCHESTRATOR_HOME;
 const ENV_PATH = APP_HOME ? (0, path_1.join)(APP_HOME, '.env') : '.env';
@@ -93,6 +94,10 @@ exports.AppModule = AppModule = __decorate([
                 provide: core_1.APP_GUARD,
                 useClass: jwt_auth_guard_1.JwtAuthGuard,
             },
+            {
+                provide: core_1.APP_GUARD,
+                useClass: roles_guard_1.RolesGuard,
+            },
         ],
     })
 ], AppModule);

package/dist/app.module.js.map

@@ -1 +1 @@
-{"version":3,"file":"app.module.js","sourceRoot":"","sources":["../src/app.module.ts"],"names":[],"mappings":";;;;;;;;;AAAA,2CAAwC;AACxC,uDAAyD;AACzD,6CAAgD;AAChD,+BAA4B;AAC5B,0DAAsD;AACtD,qDAAiD;AACjD,+CAA2C;AAC3C,mEAA+D;AAC/D,0DAAsD;AACtD,uDAAmD;AACnD,gEAA4D;AAC5D,uDAAmD;AACnD,0DAAsD;AACtD,6DAAyD;AACzD,+CAAkD;AAClD,2CAA6D;AAC7D,4DAA8D;AAC9D,iDAAoE;AACpE,uCAAyC;AACzC,oDAAgD;AAChD,iEAA4D;AAC5D,8CAAoD;AAEpD,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC;AACrD,MAAM,QAAQ,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAA,WAAI,EAAC,QAAQ,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;AA+DrD,IAAM,SAAS,GAAf,MAAM,SAAS;CAAG,CAAA;AAAZ,8BAAS;oBAAT,SAAS;IA7DrB,IAAA,eAAM,EAAC;QACN,OAAO,EAAE;YACP,qBAAY,CAAC,OAAO,CAAC;gBACnB,QAAQ,EAAE,IAAI;gBACd,gBAAgB,EAAE,oCAAmB;gBACrC,WAAW,EAAE,QAAQ;aACtB,CAAC;YACF,2BAAe,CAAC,YAAY,CAAC;gBAC3B,OAAO,EAAE,CAAC,qBAAY,CAAC;gBACvB,MAAM,EAAE,CAAC,sBAAa,CAAC;gBACvB,UAAU,EAAE,CAAC,MAAqB,EAAE,EAAE,CAAC;oBACrC;wBACE,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,KAAK;wBACxC,KAAK,EAAE,MAAM,CAAC,GAAG,CAAC,gBAAgB,CAAC,IAAI,EAAE;qBAC1C;iBACF;aACF,CAAC;YACF,yBAAc,CAAC,OAAO,EAAE;YACxB,uBAAa,CAAC,YAAY,CAAC;gBACzB,OAAO,EAAE,CAAC,qBAAY,CAAC;gBACvB,MAAM,EAAE,CAAC,sBAAa,CAAC;gBACvB,UAAU,EAAE,CAAC,aAA4B,EAAE,EAAE;oBAC3C,MAAM,UAAU,GAAG,IAAA,0BAAgB,EAAC,aAAa,CAAC,CAAC;oBACnD,OAAO;wBACL,GAAG,UAAU;wBACb,QAAQ,EAAE,EAAE;wBACZ,gBAAgB,EAAE,IAAI;wBACtB,WAAW,EAAE,UAAU,CAAC,WAAW;wBACnC,aAAa,EAAE,KAAK;qBACrB,CAAC;gBACJ,CAAC;aACF,CAAC;YACF,gCAAiB,CAAC,OAAO,CAAC;gBACxB,QAAQ,EACN,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY;oBACnC,CAAC,CAAC,IAAA,WAAI,EAAC,SAAS,EAAE,IAAI,CAAC;oBACvB,CAAC,CAAC,IAAA,WAAI,EAAC,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,CAAC;aAC1C,CAAC;YACF,4BAAY;YACZ,8BAAa;YACb,4BAAY;YACZ,kCAAe;YACf,4BAAY;YACZ,0BAAW;YACX,gCAAc;YACd,0BAAW;YACX,wBAAU;SACX;QACD,WAAW,EAAE,CAAC,8BAAa,CAAC;QAC5B,SAAS,EAAE;YACT,wBAAU;YACV;gBACE,OAAO,EAAE,gBAAS;gBAClB,QAAQ,EAAE,0BAAc;aACzB;YACD;gBACE,OAAO,EAAE,gBAAS;gBAClB,QAAQ,EAAE,6BAAY;aACvB;SACF;KACF,CAAC;GACW,SAAS,CAAG"}
+{"version":3,"file":"app.module.js","sourceRoot":"","sources":["../src/app.module.ts"],"names":[],"mappings":";;;;;;;;;AAAA,2CAAwC;AACxC,uDAAyD;AACzD,6CAAgD;AAChD,+BAA4B;AAC5B,0DAAsD;AACtD,qDAAiD;AACjD,+CAA2C;AAC3C,mEAA+D;AAC/D,0DAAsD;AACtD,uDAAmD;AACnD,gEAA4D;AAC5D,uDAAmD;AACnD,0DAAsD;AACtD,6DAAyD;AACzD,+CAAkD;AAClD,2CAA6D;AAC7D,4DAA8D;AAC9D,iDAAoE;AACpE,uCAAyC;AACzC,oDAAgD;AAChD,iEAA4D;AAC5D,2DAAuD;AACvD,8CAAoD;AAEpD,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC;AACrD,MAAM,QAAQ,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAA,WAAI,EAAC,QAAQ,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;AAmErD,IAAM,SAAS,GAAf,MAAM,SAAS;CAAG,CAAA;AAAZ,8BAAS;oBAAT,SAAS;IAjErB,IAAA,eAAM,EAAC;QACN,OAAO,EAAE;YACP,qBAAY,CAAC,OAAO,CAAC;gBACnB,QAAQ,EAAE,IAAI;gBACd,gBAAgB,EAAE,oCAAmB;gBACrC,WAAW,EAAE,QAAQ;aACtB,CAAC;YACF,2BAAe,CAAC,YAAY,CAAC;gBAC3B,OAAO,EAAE,CAAC,qBAAY,CAAC;gBACvB,MAAM,EAAE,CAAC,sBAAa,CAAC;gBACvB,UAAU,EAAE,CAAC,MAAqB,EAAE,EAAE,CAAC;oBACrC;wBACE,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,KAAK;wBACxC,KAAK,EAAE,MAAM,CAAC,GAAG,CAAC,gBAAgB,CAAC,IAAI,EAAE;qBAC1C;iBACF;aACF,CAAC;YACF,yBAAc,CAAC,OAAO,EAAE;YACxB,uBAAa,CAAC,YAAY,CAAC;gBACzB,OAAO,EAAE,CAAC,qBAAY,CAAC;gBACvB,MAAM,EAAE,CAAC,sBAAa,CAAC;gBACvB,UAAU,EAAE,CAAC,aAA4B,EAAE,EAAE;oBAC3C,MAAM,UAAU,GAAG,IAAA,0BAAgB,EAAC,aAAa,CAAC,CAAC;oBACnD,OAAO;wBACL,GAAG,UAAU;wBACb,QAAQ,EAAE,EAAE;wBACZ,gBAAgB,EAAE,IAAI;wBACtB,WAAW,EAAE,UAAU,CAAC,WAAW;wBACnC,aAAa,EAAE,KAAK;qBACrB,CAAC;gBACJ,CAAC;aACF,CAAC;YACF,gCAAiB,CAAC,OAAO,CAAC;gBACxB,QAAQ,EACN,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY;oBACnC,CAAC,CAAC,IAAA,WAAI,EAAC,SAAS,EAAE,IAAI,CAAC;oBACvB,CAAC,CAAC,IAAA,WAAI,EAAC,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,CAAC;aAC1C,CAAC;YACF,4BAAY;YACZ,8BAAa;YACb,4BAAY;YACZ,kCAAe;YACf,4BAAY;YACZ,0BAAW;YACX,gCAAc;YACd,0BAAW;YACX,wBAAU;SACX;QACD,WAAW,EAAE,CAAC,8BAAa,CAAC;QAC5B,SAAS,EAAE;YACT,wBAAU;YACV;gBACE,OAAO,EAAE,gBAAS;gBAClB,QAAQ,EAAE,0BAAc;aACzB;YACD;gBACE,OAAO,EAAE,gBAAS;gBAClB,QAAQ,EAAE,6BAAY;aACvB;YACD;gBACE,OAAO,EAAE,gBAAS;gBAClB,QAAQ,EAAE,wBAAU;aACrB;SACF;KACF,CAAC;GACW,SAAS,CAAG"}

package/dist/auth/auth.controller.d.ts

@@ -1,14 +1,19 @@
+import { ConfigService } from '@nestjs/config';
 import { AuthService } from './auth.service';
 import { RegisterDto } from './dto/register.dto';
 import { LoginDto } from './dto/login.dto';
+import { UserRole } from '../users/entities/user.entity';
 import type { Response as ExpressResponse, Request as ExpressRequest } from 'express';
 export declare class AuthController {
     private readonly authService;
-    constructor(authService: AuthService);
+    private readonly configService;
+    private readonly isProduction;
+    constructor(authService: AuthService, configService: ConfigService);
     register(registerDto: RegisterDto): Promise<{
         id: string;
         name: string;
         email: string;
+        role: UserRole;
         createdAt: Date;
         updatedAt: Date;
     }>;

package/dist/auth/auth.controller.js

@@ -16,15 +16,23 @@ exports.AuthController = void 0;
 const openapi = require("@nestjs/swagger");
 const common_1 = require("@nestjs/common");
 const throttler_1 = require("@nestjs/throttler");
+const config_1 = require("@nestjs/config");
 const auth_service_1 = require("./auth.service");
 const register_dto_1 = require("./dto/register.dto");
 const login_dto_1 = require("./dto/login.dto");
 const public_decorator_1 = require("./decorators/public.decorator");
+const roles_decorator_1 = require("./decorators/roles.decorator");
+const user_entity_1 = require("../users/entities/user.entity");
 const swagger_1 = require("@nestjs/swagger");
 let AuthController = class AuthController {
     authService;
-    constructor(authService) {
+    configService;
+    isProduction;
+    constructor(authService, configService) {
         this.authService = authService;
+        this.configService = configService;
+        this.isProduction =
+            this.configService.get('NODE_ENV') === 'production';
     }
     register(registerDto) {
         return this.authService.register(registerDto);
@@ -33,14 +41,14 @@ let AuthController = class AuthController {
         const data = await this.authService.login(loginDto);
         res.cookie('auth_token', data.access_token, {
             httpOnly: true,
-            secure: process.env.NODE_ENV === 'production',
+            secure: this.isProduction,
             sameSite: 'strict',
             maxAge: data.expires_in * 1000,
             path: '/',
         });
         res.cookie('refresh_token', data.refresh_token, {
             httpOnly: true,
-            secure: process.env.NODE_ENV === 'production',
+            secure: this.isProduction,
             sameSite: 'strict',
             maxAge: data.refresh_expires_in * 1000,
             path: '/',
@@ -56,15 +64,22 @@ let AuthController = class AuthController {
         }
         try {
             const data = await this.authService.refresh(refreshToken);
+            res.cookie('auth_token', data.access_token, {
+                httpOnly: true,
+                secure: this.isProduction,
+                sameSite: 'strict',
+                maxAge: data.expires_in * 1000,
+                path: '/',
+            });
             res.cookie('refresh_token', data.refresh_token, {
                 httpOnly: true,
-                secure: process.env.NODE_ENV === 'production',
+                secure: this.isProduction,
                 sameSite: 'strict',
                 maxAge: data.refresh_expires_in * 1000,
                 path: '/',
             });
             return res.json({
-                access_token: data.access_token,
+                message: 'Token refreshed successfully',
                 expires_in: data.expires_in,
                 token_type: data.token_type,
             });
@@ -92,7 +107,7 @@ let AuthController = class AuthController {
 };
 exports.AuthController = AuthController;
 __decorate([
-    (0, public_decorator_1.Public)(),
+    (0, roles_decorator_1.Roles)(user_entity_1.UserRole.ADMIN),
     (0, throttler_1.Throttle)({ default: { limit: 5, ttl: 60000 } }),
     (0, common_1.Post)('register'),
     openapi.ApiResponse({ status: 201 }),
@@ -145,6 +160,7 @@ __decorate([
 exports.AuthController = AuthController = __decorate([
     (0, swagger_1.ApiTags)('auth'),
     (0, common_1.Controller)('auth'),
-    __metadata("design:paramtypes", [auth_service_1.AuthService])
+    __metadata("design:paramtypes", [auth_service_1.AuthService,
+        config_1.ConfigService])
 ], AuthController);
 //# sourceMappingURL=auth.controller.js.map

package/dist/auth/auth.controller.js.map

@@ -1 +1 @@
-{"version":3,"file":"auth.controller.js","sourceRoot":"","sources":["../../src/auth/auth.controller.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CASwB;AACxB,iDAA6C;AAC7C,iDAA6C;AAC7C,qDAAiD;AACjD,+CAA2C;AAC3C,oEAAuD;AACvD,6CAA0C;AAQnC,IAAM,cAAc,GAApB,MAAM,cAAc;IACI;IAA7B,YAA6B,WAAwB;QAAxB,gBAAW,GAAX,WAAW,CAAa;IAAG,CAAC;IAKzD,QAAQ,CAAS,WAAwB;QACvC,OAAO,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IAChD,CAAC;IAMK,AAAN,KAAK,CAAC,KAAK,CAAS,QAAkB,EAAc,GAAoB;QACtE,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAGpD,GAAG,CAAC,MAAM,CAAC,YAAY,EAAE,IAAI,CAAC,YAAY,EAAE;YAC1C,QAAQ,EAAE,IAAI;YACd,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY;YAC7C,QAAQ,EAAE,QAAQ;YAClB,MAAM,EAAE,IAAI,CAAC,UAAU,GAAG,IAAI;YAC9B,IAAI,EAAE,GAAG;SACV,CAAC,CAAC;QAEH,GAAG,CAAC,MAAM,CAAC,eAAe,EAAE,IAAI,CAAC,aAAa,EAAE;YAC9C,QAAQ,EAAE,IAAI;YACd,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY;YAC7C,QAAQ,EAAE,QAAQ;YAClB,MAAM,EAAE,IAAI,CAAC,kBAAkB,GAAG,IAAI;YACtC,IAAI,EAAE,GAAG;SACV,CAAC,CAAC;QAEH,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,wBAAwB,EAAE,CAAC,CAAC;IAClD,CAAC;IAMK,AAAN,KAAK,CAAC,OAAO,CACA,GAAmB,EAClB,GAAoB;QAGhC,MAAM,YAAY,GAAG,GAAG,CAAC,OAAO,EAAE,aAAa,CAAC;QAEhD,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,OAAO,GAAG;iBACP,MAAM,CAAC,mBAAU,CAAC,YAAY,CAAC;iBAC/B,IAAI,CAAC,EAAE,OAAO,EAAE,yBAAyB,EAAE,CAAC,CAAC;QAClD,CAAC;QAED,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,YAAsB,CAAC,CAAC;YAGpE,GAAG,CAAC,MAAM,CAAC,eAAe,EAAE,IAAI,CAAC,aAAa,EAAE;gBAC9C,QAAQ,EAAE,IAAI;gBACd,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY;gBAC7C,QAAQ,EAAE,QAAQ;gBAClB,MAAM,EAAE,IAAI,CAAC,kBAAkB,GAAG,IAAI;gBACtC,IAAI,EAAE,GAAG;aACV,CAAC,CAAC;YAEH,OAAO,GAAG,CAAC,IAAI,CAAC;gBACd,YAAY,EAAE,IAAI,CAAC,YAAY;gBAC/B,UAAU,EAAE,IAAI,CAAC,UAAU;gBAC3B,UAAU,EAAE,IAAI,CAAC,UAAU;aAC5B,CAAC,CAAC;QACL,CAAC;QAAC,MAAM,CAAC;YAEP,GAAG,CAAC,WAAW,CAAC,YAAY,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC;YAC7C,GAAG,CAAC,WAAW,CAAC,eAAe,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC;YAChD,OAAO,GAAG;iBACP,MAAM,CAAC,mBAAU,CAAC,YAAY,CAAC;iBAC/B,IAAI,CAAC,EAAE,OAAO,EAAE,kCAAkC,EAAE,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC;IAGD,KAAK,CAAY,GAAsB;QACrC,OAAO,GAAG,CAAC,IAAI,CAAC;IAClB,CAAC;IAGK,AAAN,KAAK,CAAC,MAAM,CACC,GAAmB,EAClB,GAAoB;QAGhC,MAAM,YAAY,GAAG,GAAG,CAAC,OAAO,EAAE,aAAa,CAAC;QAGhD,IAAI,YAAY,EAAE,CAAC;YACjB,MAAM,IAAI,CAAC,WAAW,CAAC,kBAAkB,CAAC,YAAsB,CAAC,CAAC;QACpE,CAAC;QAED,GAAG,CAAC,WAAW,CAAC,YAAY,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC;QAC7C,GAAG,CAAC,WAAW,CAAC,eAAe,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC;QAChD,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,yBAAyB,EAAE,CAAC,CAAC;IACnD,CAAC;CACF,CAAA;AAvGY,wCAAc;AAMzB;IAHC,IAAA,yBAAM,GAAE;IACR,IAAA,oBAAQ,EAAC,EAAE,OAAO,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC;IAC/C,IAAA,aAAI,EAAC,UAAU,CAAC;;IACP,WAAA,IAAA,aAAI,GAAE,CAAA;;qCAAc,0BAAW;;8CAExC;AAMK;IAJL,IAAA,yBAAM,GAAE;IACR,IAAA,oBAAQ,EAAC,EAAE,OAAO,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC;IAC/C,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,aAAI,EAAC,OAAO,CAAC;kCADJ,mBAAU,CAAC,EAAE;IAEV,WAAA,IAAA,aAAI,GAAE,CAAA;IAAsB,WAAA,IAAA,iBAAQ,GAAE,CAAA;;qCAArB,oBAAQ;;2CAqBrC;AAMK;IAJL,IAAA,yBAAM,GAAE;IACR,IAAA,oBAAQ,EAAC,EAAE,OAAO,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC;IAChD,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,aAAI,EAAC,SAAS,CAAC;kCADN,mBAAU,CAAC,EAAE;IAGpB,WAAA,IAAA,gBAAO,GAAE,CAAA;IACT,WAAA,IAAA,iBAAQ,GAAE,CAAA;;;;6CAoCZ;AAGD;IADC,IAAA,YAAG,EAAC,IAAI,CAAC;;IACH,WAAA,IAAA,gBAAO,GAAE,CAAA;;;;2CAEf;AAGK;IADL,IAAA,aAAI,EAAC,QAAQ,CAAC;;IAEZ,WAAA,IAAA,gBAAO,GAAE,CAAA;IACT,WAAA,IAAA,iBAAQ,GAAE,CAAA;;;;4CAaZ;yBAtGU,cAAc;IAF1B,IAAA,iBAAO,EAAC,MAAM,CAAC;IACf,IAAA,mBAAU,EAAC,MAAM,CAAC;qCAEyB,0BAAW;GAD1C,cAAc,CAuG1B"}
+{"version":3,"file":"auth.controller.js","sourceRoot":"","sources":["../../src/auth/auth.controller.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CASwB;AACxB,iDAA6C;AAC7C,2CAA+C;AAC/C,iDAA6C;AAC7C,qDAAiD;AACjD,+CAA2C;AAC3C,oEAAuD;AACvD,kEAAqD;AACrD,+DAAyD;AACzD,6CAA0C;AAQnC,IAAM,cAAc,GAApB,MAAM,cAAc;IAIN;IACA;IAJF,YAAY,CAAU;IAEvC,YACmB,WAAwB,EACxB,aAA4B;QAD5B,gBAAW,GAAX,WAAW,CAAa;QACxB,kBAAa,GAAb,aAAa,CAAe;QAE7C,IAAI,CAAC,YAAY;YACf,IAAI,CAAC,aAAa,CAAC,GAAG,CAAS,UAAU,CAAC,KAAK,YAAY,CAAC;IAChE,CAAC;IAKD,QAAQ,CAAS,WAAwB;QACvC,OAAO,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IAChD,CAAC;IAMK,AAAN,KAAK,CAAC,KAAK,CAAS,QAAkB,EAAc,GAAoB;QACtE,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAGpD,GAAG,CAAC,MAAM,CAAC,YAAY,EAAE,IAAI,CAAC,YAAY,EAAE;YAC1C,QAAQ,EAAE,IAAI;YACd,MAAM,EAAE,IAAI,CAAC,YAAY;YACzB,QAAQ,EAAE,QAAQ;YAClB,MAAM,EAAE,IAAI,CAAC,UAAU,GAAG,IAAI;YAC9B,IAAI,EAAE,GAAG;SACV,CAAC,CAAC;QAEH,GAAG,CAAC,MAAM,CAAC,eAAe,EAAE,IAAI,CAAC,aAAa,EAAE;YAC9C,QAAQ,EAAE,IAAI;YACd,MAAM,EAAE,IAAI,CAAC,YAAY;YACzB,QAAQ,EAAE,QAAQ;YAClB,MAAM,EAAE,IAAI,CAAC,kBAAkB,GAAG,IAAI;YACtC,IAAI,EAAE,GAAG;SACV,CAAC,CAAC;QAEH,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,wBAAwB,EAAE,CAAC,CAAC;IAClD,CAAC;IAMK,AAAN,KAAK,CAAC,OAAO,CACA,GAAmB,EAClB,GAAoB;QAGhC,MAAM,YAAY,GAAG,GAAG,CAAC,OAAO,EAAE,aAAa,CAAC;QAEhD,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,OAAO,GAAG;iBACP,MAAM,CAAC,mBAAU,CAAC,YAAY,CAAC;iBAC/B,IAAI,CAAC,EAAE,OAAO,EAAE,yBAAyB,EAAE,CAAC,CAAC;QAClD,CAAC;QAED,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,YAAsB,CAAC,CAAC;YAGpE,GAAG,CAAC,MAAM,CAAC,YAAY,EAAE,IAAI,CAAC,YAAY,EAAE;gBAC1C,QAAQ,EAAE,IAAI;gBACd,MAAM,EAAE,IAAI,CAAC,YAAY;gBACzB,QAAQ,EAAE,QAAQ;gBAClB,MAAM,EAAE,IAAI,CAAC,UAAU,GAAG,IAAI;gBAC9B,IAAI,EAAE,GAAG;aACV,CAAC,CAAC;YAGH,GAAG,CAAC,MAAM,CAAC,eAAe,EAAE,IAAI,CAAC,aAAa,EAAE;gBAC9C,QAAQ,EAAE,IAAI;gBACd,MAAM,EAAE,IAAI,CAAC,YAAY;gBACzB,QAAQ,EAAE,QAAQ;gBAClB,MAAM,EAAE,IAAI,CAAC,kBAAkB,GAAG,IAAI;gBACtC,IAAI,EAAE,GAAG;aACV,CAAC,CAAC;YAEH,OAAO,GAAG,CAAC,IAAI,CAAC;gBACd,OAAO,EAAE,8BAA8B;gBACvC,UAAU,EAAE,IAAI,CAAC,UAAU;gBAC3B,UAAU,EAAE,IAAI,CAAC,UAAU;aAC5B,CAAC,CAAC;QACL,CAAC;QAAC,MAAM,CAAC;YAEP,GAAG,CAAC,WAAW,CAAC,YAAY,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC;YAC7C,GAAG,CAAC,WAAW,CAAC,eAAe,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC;YAChD,OAAO,GAAG;iBACP,MAAM,CAAC,mBAAU,CAAC,YAAY,CAAC;iBAC/B,IAAI,CAAC,EAAE,OAAO,EAAE,kCAAkC,EAAE,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC;IAGD,KAAK,CAAY,GAAsB;QACrC,OAAO,GAAG,CAAC,IAAI,CAAC;IAClB,CAAC;IAGK,AAAN,KAAK,CAAC,MAAM,CACC,GAAmB,EAClB,GAAoB;QAGhC,MAAM,YAAY,GAAG,GAAG,CAAC,OAAO,EAAE,aAAa,CAAC;QAGhD,IAAI,YAAY,EAAE,CAAC;YACjB,MAAM,IAAI,CAAC,WAAW,CAAC,kBAAkB,CAAC,YAAsB,CAAC,CAAC;QACpE,CAAC;QAED,GAAG,CAAC,WAAW,CAAC,YAAY,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC;QAC7C,GAAG,CAAC,WAAW,CAAC,eAAe,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC;QAChD,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,yBAAyB,EAAE,CAAC,CAAC;IACnD,CAAC;CACF,CAAA;AAxHY,wCAAc;AAczB;IAHC,IAAA,uBAAK,EAAC,sBAAQ,CAAC,KAAK,CAAC;IACrB,IAAA,oBAAQ,EAAC,EAAE,OAAO,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC;IAC/C,IAAA,aAAI,EAAC,UAAU,CAAC;;IACP,WAAA,IAAA,aAAI,GAAE,CAAA;;qCAAc,0BAAW;;8CAExC;AAMK;IAJL,IAAA,yBAAM,GAAE;IACR,IAAA,oBAAQ,EAAC,EAAE,OAAO,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC;IAC/C,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,aAAI,EAAC,OAAO,CAAC;kCADJ,mBAAU,CAAC,EAAE;IAEV,WAAA,IAAA,aAAI,GAAE,CAAA;IAAsB,WAAA,IAAA,iBAAQ,GAAE,CAAA;;qCAArB,oBAAQ;;2CAqBrC;AAMK;IAJL,IAAA,yBAAM,GAAE;IACR,IAAA,oBAAQ,EAAC,EAAE,OAAO,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC;IAChD,IAAA,iBAAQ,EAAC,mBAAU,CAAC,EAAE,CAAC;IACvB,IAAA,aAAI,EAAC,SAAS,CAAC;kCADN,mBAAU,CAAC,EAAE;IAGpB,WAAA,IAAA,gBAAO,GAAE,CAAA;IACT,WAAA,IAAA,iBAAQ,GAAE,CAAA;;;;6CA6CZ;AAGD;IADC,IAAA,YAAG,EAAC,IAAI,CAAC;;IACH,WAAA,IAAA,gBAAO,GAAE,CAAA;;;;2CAEf;AAGK;IADL,IAAA,aAAI,EAAC,QAAQ,CAAC;;IAEZ,WAAA,IAAA,gBAAO,GAAE,CAAA;IACT,WAAA,IAAA,iBAAQ,GAAE,CAAA;;;;4CAaZ;yBAvHU,cAAc;IAF1B,IAAA,iBAAO,EAAC,MAAM,CAAC;IACf,IAAA,mBAAU,EAAC,MAAM,CAAC;qCAKe,0BAAW;QACT,sBAAa;GALpC,cAAc,CAwH1B"}

package/dist/auth/auth.service.d.ts

@@ -23,6 +23,7 @@ export declare class AuthService {
         id: string;
         name: string;
         email: string;
+        role: import("../users/entities/user.entity").UserRole;
         createdAt: Date;
         updatedAt: Date;
     }>;

package/dist/auth/decorators/current-user.decorator.d.ts

@@ -0,0 +1 @@
+export declare const CurrentUser: (...dataOrPipes: unknown[]) => ParameterDecorator;

package/dist/auth/decorators/current-user.decorator.js

@@ -0,0 +1,9 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CurrentUser = void 0;
+const common_1 = require("@nestjs/common");
+exports.CurrentUser = (0, common_1.createParamDecorator)((data, ctx) => {
+    const request = ctx.switchToHttp().getRequest();
+    return request.user;
+});
+//# sourceMappingURL=current-user.decorator.js.map

package/dist/auth/decorators/current-user.decorator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"current-user.decorator.js","sourceRoot":"","sources":["../../../src/auth/decorators/current-user.decorator.ts"],"names":[],"mappings":";;;AAAA,2CAAwE;AAE3D,QAAA,WAAW,GAAG,IAAA,6BAAoB,EAC7C,CAAC,IAAa,EAAE,GAAqB,EAAE,EAAE;IACvC,MAAM,OAAO,GAAG,GAAG,CAAC,YAAY,EAAE,CAAC,UAAU,EAAqB,CAAC;IACnE,OAAO,OAAO,CAAC,IAAI,CAAC;AACtB,CAAC,CACF,CAAC"}

package/dist/auth/decorators/roles.decorator.d.ts

@@ -0,0 +1,3 @@
+import { UserRole } from '../../users/entities/user.entity';
+export declare const ROLES_KEY = "roles";
+export declare const Roles: (...roles: UserRole[]) => import("@nestjs/common").CustomDecorator<string>;

package/dist/auth/decorators/roles.decorator.js

@@ -0,0 +1,8 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Roles = exports.ROLES_KEY = void 0;
+const common_1 = require("@nestjs/common");
+exports.ROLES_KEY = 'roles';
+const Roles = (...roles) => (0, common_1.SetMetadata)(exports.ROLES_KEY, roles);
+exports.Roles = Roles;
+//# sourceMappingURL=roles.decorator.js.map

package/dist/auth/decorators/roles.decorator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"roles.decorator.js","sourceRoot":"","sources":["../../../src/auth/decorators/roles.decorator.ts"],"names":[],"mappings":";;;AAAA,2CAA6C;AAGhC,QAAA,SAAS,GAAG,OAAO,CAAC;AAC1B,MAAM,KAAK,GAAG,CAAC,GAAG,KAAiB,EAAE,EAAE,CAAC,IAAA,oBAAW,EAAC,iBAAS,EAAE,KAAK,CAAC,CAAC;AAAhE,QAAA,KAAK,SAA2D"}

package/dist/auth/entities/refresh-token.entity.js

@@ -67,6 +67,7 @@ __decorate([
 ], RefreshToken.prototype, "revokedAt", void 0);
 exports.RefreshToken = RefreshToken = __decorate([
     (0, typeorm_1.Entity)('refresh_tokens'),
-    (0, typeorm_1.Index)(['userId', 'expiresAt'])
+    (0, typeorm_1.Index)(['userId', 'expiresAt']),
+    (0, typeorm_1.Index)(['userId', 'revokedAt'])
 ], RefreshToken);
 //# sourceMappingURL=refresh-token.entity.js.map

package/dist/auth/entities/refresh-token.entity.js.map

@@ -1 +1 @@
-{"version":3,"file":"refresh-token.entity.js","sourceRoot":"","sources":["../../../src/auth/entities/refresh-token.entity.ts"],"names":[],"mappings":";;;;;;;;;;;;;AAAA,qCAQiB;AACjB,kEAAwD;AAIjD,IAAM,YAAY,GAAlB,MAAM,YAAY;IAEvB,EAAE,CAAS;IAGX,MAAM,CAAS;IAIf,IAAI,CAAO;IAGX,KAAK,CAAS;IAGd,QAAQ,CAAO;IAGf,SAAS,CAAO;IAGhB,cAAc,CAAO;IAGrB,SAAS,CAAO;IAGhB,SAAS,CAAc;;;;CACxB,CAAA;AA5BY,oCAAY;AAEvB;IADC,IAAA,gCAAsB,EAAC,MAAM,CAAC;;wCACpB;AAGX;IADC,IAAA,gBAAM,GAAE;;4CACM;AAIf;IAFC,IAAA,mBAAS,EAAC,GAAG,EAAE,CAAC,kBAAI,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;IAC9C,IAAA,oBAAU,EAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;8BACzB,kBAAI;0CAAC;AAGX;IADC,IAAA,gBAAM,EAAC,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;;2CACX;AAGd;IADC,IAAA,0BAAgB,GAAE;8BACT,IAAI;8CAAC;AAGf;IADC,IAAA,gBAAM,EAAC,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC;8BAClB,IAAI;+CAAC;AAGhB;IADC,IAAA,gBAAM,EAAC,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC;8BACb,IAAI;oDAAC;AAGrB;IADC,IAAA,0BAAgB,GAAE;8BACR,IAAI;+CAAC;AAGhB;IADC,IAAA,gBAAM,EAAC,EAAE,IAAI,EAAE,UAAU,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;+CACtB;uBA3BZ,YAAY;IAFxB,IAAA,gBAAM,EAAC,gBAAgB,CAAC;IACxB,IAAA,eAAK,EAAC,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;GAClB,YAAY,CA4BxB"}
+{"version":3,"file":"refresh-token.entity.js","sourceRoot":"","sources":["../../../src/auth/entities/refresh-token.entity.ts"],"names":[],"mappings":";;;;;;;;;;;;;AAAA,qCAQiB;AACjB,kEAAwD;AAKjD,IAAM,YAAY,GAAlB,MAAM,YAAY;IAEvB,EAAE,CAAS;IAGX,MAAM,CAAS;IAIf,IAAI,CAAO;IAGX,KAAK,CAAS;IAGd,QAAQ,CAAO;IAGf,SAAS,CAAO;IAGhB,cAAc,CAAO;IAGrB,SAAS,CAAO;IAGhB,SAAS,CAAc;;;;CACxB,CAAA;AA5BY,oCAAY;AAEvB;IADC,IAAA,gCAAsB,EAAC,MAAM,CAAC;;wCACpB;AAGX;IADC,IAAA,gBAAM,GAAE;;4CACM;AAIf;IAFC,IAAA,mBAAS,EAAC,GAAG,EAAE,CAAC,kBAAI,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;IAC9C,IAAA,oBAAU,EAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;8BACzB,kBAAI;0CAAC;AAGX;IADC,IAAA,gBAAM,EAAC,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;;2CACX;AAGd;IADC,IAAA,0BAAgB,GAAE;8BACT,IAAI;8CAAC;AAGf;IADC,IAAA,gBAAM,EAAC,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC;8BAClB,IAAI;+CAAC;AAGhB;IADC,IAAA,gBAAM,EAAC,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC;8BACb,IAAI;oDAAC;AAGrB;IADC,IAAA,0BAAgB,GAAE;8BACR,IAAI;+CAAC;AAGhB;IADC,IAAA,gBAAM,EAAC,EAAE,IAAI,EAAE,UAAU,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;+CACtB;uBA3BZ,YAAY;IAHxB,IAAA,gBAAM,EAAC,gBAAgB,CAAC;IACxB,IAAA,eAAK,EAAC,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;IAC9B,IAAA,eAAK,EAAC,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;GAClB,YAAY,CA4BxB"}

package/dist/auth/guards/roles.guard.d.ts

@@ -0,0 +1,7 @@
+import { CanActivate, ExecutionContext } from '@nestjs/common';
+import { Reflector } from '@nestjs/core';
+export declare class RolesGuard implements CanActivate {
+    private reflector;
+    constructor(reflector: Reflector);
+    canActivate(context: ExecutionContext): boolean;
+}