@flusys/nestjs-shared 3.0.0-rc → 3.0.1

package/cjs/classes/api-controller.class.js

@@ -72,11 +72,11 @@ function _ts_param(paramIndex, decorator) {
             // Apply PermissionGuard to check permissions from cache
             decorators.push((0, _common.UseGuards)(_guards.JwtAuthGuard, _guards.PermissionGuard));
             decorators.push((0, _swagger.ApiBearerAuth)());
-            // Check for complex nested condition first
-            if (security.condition) {
-                decorators.push((0, _decorators.RequirePermissionCondition)(security.condition));
+            // Check for complex logic first
+            if (security.logic) {
+                decorators.push((0, _decorators.RequirePermissionLogic)(security.logic));
             } else if (security.permissions && security.permissions.length > 0) {
-                if (security.operator === 'or') {
+                if (security.operator === 'OR') {
                     decorators.push((0, _decorators.RequireAnyPermission)(...security.permissions));
                 } else {
                     // AND is default and most secure

package/cjs/constants/permissions.js

@@ -1,13 +1,4 @@
-/**
- * Centralized Permission Codes
- *
- * Single source of truth for all permission codes used across the application.
- * Use these constants instead of hardcoded strings to prevent typos and enable easy refactoring.
- *
- * Naming Convention: <entity>.<action>
- * - entity: The resource being accessed (e.g., user, role, company)
- * - action: The operation being performed (create, read, update, delete, assign)
- */ // ==================== AUTH MODULE ====================
+// ==================== AUTH MODULE ====================
 "use strict";
 Object.defineProperty(exports, "__esModule", {
     value: true
@@ -37,6 +28,12 @@ _export(exports, {
     get EMAIL_TEMPLATE_PERMISSIONS () {
         return EMAIL_TEMPLATE_PERMISSIONS;
     },
+    get EVENT_PARTICIPANT_PERMISSIONS () {
+        return EVENT_PARTICIPANT_PERMISSIONS;
+    },
+    get EVENT_PERMISSIONS () {
+        return EVENT_PERMISSIONS;
+    },
     get FILE_PERMISSIONS () {
         return FILE_PERMISSIONS;
     },
@@ -49,6 +46,9 @@ _export(exports, {
     get FORM_RESULT_PERMISSIONS () {
         return FORM_RESULT_PERMISSIONS;
     },
+    get NOTIFICATION_PERMISSIONS () {
+        return NOTIFICATION_PERMISSIONS;
+    },
     get PERMISSIONS () {
         return PERMISSIONS;
     },
@@ -159,6 +159,24 @@ const FORM_RESULT_PERMISSIONS = {
     UPDATE: 'form-result.update',
     DELETE: 'form-result.delete'
 };
+const EVENT_PERMISSIONS = {
+    CREATE: 'event.create',
+    READ: 'event.read',
+    UPDATE: 'event.update',
+    DELETE: 'event.delete'
+};
+const EVENT_PARTICIPANT_PERMISSIONS = {
+    CREATE: 'event-participant.create',
+    READ: 'event-participant.read',
+    UPDATE: 'event-participant.update',
+    DELETE: 'event-participant.delete'
+};
+const NOTIFICATION_PERMISSIONS = {
+    CREATE: 'notification.create',
+    READ: 'notification.read',
+    UPDATE: 'notification.update',
+    DELETE: 'notification.delete'
+};
 const PERMISSIONS = {
     // Auth
     USER: USER_PERMISSIONS,
@@ -180,5 +198,10 @@ const PERMISSIONS = {
     EMAIL_TEMPLATE: EMAIL_TEMPLATE_PERMISSIONS,
     // Form Builder
     FORM: FORM_PERMISSIONS,
-    FORM_RESULT: FORM_RESULT_PERMISSIONS
+    FORM_RESULT: FORM_RESULT_PERMISSIONS,
+    // Event Manager
+    EVENT: EVENT_PERMISSIONS,
+    EVENT_PARTICIPANT: EVENT_PARTICIPANT_PERMISSIONS,
+    // Notification
+    NOTIFICATION: NOTIFICATION_PERMISSIONS
 };

package/cjs/decorators/require-permission.decorator.js

@@ -17,16 +17,20 @@ _export(exports, {
     },
     get RequirePermissionCondition () {
         return RequirePermissionCondition;
+    },
+    get RequirePermissionLogic () {
+        return RequirePermissionLogic;
     }
 });
 const _common = require("@nestjs/common");
 const _constants = require("../constants");
 const RequirePermission = (...permissions)=>(0, _common.SetMetadata)(_constants.PERMISSIONS_KEY, {
         permissions,
-        operator: 'and'
+        operator: 'AND'
     });
 const RequireAnyPermission = (...permissions)=>(0, _common.SetMetadata)(_constants.PERMISSIONS_KEY, {
         permissions,
-        operator: 'or'
+        operator: 'OR'
     });
-const RequirePermissionCondition = (condition)=>(0, _common.SetMetadata)(_constants.PERMISSIONS_KEY, condition);
+const RequirePermissionLogic = (logic)=>(0, _common.SetMetadata)(_constants.PERMISSIONS_KEY, logic);
+const RequirePermissionCondition = RequirePermissionLogic;

package/cjs/enums/index.js

@@ -0,0 +1,20 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+    value: true
+});
+_export_star(require("./notification-type.enum"), exports);
+_export_star(require("./participant-status.enum"), exports);
+_export_star(require("./recurrence-type.enum"), exports);
+function _export_star(from, to) {
+    Object.keys(from).forEach(function(k) {
+        if (k !== "default" && !Object.prototype.hasOwnProperty.call(to, k)) {
+            Object.defineProperty(to, k, {
+                enumerable: true,
+                get: function() {
+                    return from[k];
+                }
+            });
+        }
+    });
+    return from;
+}

package/cjs/enums/notification-type.enum.js

@@ -0,0 +1,17 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+    value: true
+});
+Object.defineProperty(exports, "NotificationType", {
+    enumerable: true,
+    get: function() {
+        return NotificationType;
+    }
+});
+var NotificationType = /*#__PURE__*/ function(NotificationType) {
+    NotificationType["INFO"] = "info";
+    NotificationType["WARNING"] = "warning";
+    NotificationType["SUCCESS"] = "success";
+    NotificationType["ERROR"] = "error";
+    return NotificationType;
+}({});

package/cjs/enums/participant-status.enum.js

@@ -0,0 +1,17 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+    value: true
+});
+Object.defineProperty(exports, "ParticipantStatus", {
+    enumerable: true,
+    get: function() {
+        return ParticipantStatus;
+    }
+});
+var ParticipantStatus = /*#__PURE__*/ function(ParticipantStatus) {
+    ParticipantStatus["PENDING"] = "pending";
+    ParticipantStatus["ACCEPTED"] = "accepted";
+    ParticipantStatus["DECLINED"] = "declined";
+    ParticipantStatus["TENTATIVE"] = "tentative";
+    return ParticipantStatus;
+}({});

package/cjs/enums/recurrence-type.enum.js

@@ -0,0 +1,18 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+    value: true
+});
+Object.defineProperty(exports, "RecurrenceType", {
+    enumerable: true,
+    get: function() {
+        return RecurrenceType;
+    }
+});
+var RecurrenceType = /*#__PURE__*/ function(RecurrenceType) {
+    RecurrenceType["NONE"] = "none";
+    RecurrenceType["DAILY"] = "daily";
+    RecurrenceType["WEEKLY"] = "weekly";
+    RecurrenceType["BIWEEKLY"] = "biweekly";
+    RecurrenceType["MONTHLY"] = "monthly";
+    return RecurrenceType;
+}({});

package/cjs/exceptions/permission.exception.js

@@ -30,8 +30,8 @@ let PermissionSystemUnavailableException = class PermissionSystemUnavailableExce
     }
 };
 let InsufficientPermissionsException = class InsufficientPermissionsException extends _common.ForbiddenException {
-    constructor(missingPermissions, operator = 'and'){
-        const message = operator === 'or' ? `Requires at least one of: ${missingPermissions.join(', ')}` : `Missing required permissions: ${missingPermissions.join(', ')}`;
+    constructor(missingPermissions, operator = 'AND'){
+        const message = operator === 'OR' ? `Requires at least one of: ${missingPermissions.join(', ')}` : `Missing required permissions: ${missingPermissions.join(', ')}`;
         super({
             success: false,
             message,

package/cjs/guards/permission.guard.js

@@ -55,8 +55,6 @@ let PermissionGuard = class PermissionGuard {
             context.getClass()
         ]);
         if (!permissionConfig) return true;
-        const { permissions: requiredPermissions, operator } = this.normalizePermissionConfig(permissionConfig);
-        if (!requiredPermissions || requiredPermissions.length === 0) return true;
         const request = context.switchToHttp().getRequest();
         const user = request.user;
         if (!user) throw new _common.UnauthorizedException('Authentication required');
@@ -69,90 +67,93 @@ let PermissionGuard = class PermissionGuard {
             this.logger.warn(`No permissions found (userId: ${user.id})`, 'PermissionGuard');
             throw new _permissionexception.NoPermissionsFoundException();
         }
-        if (this.isNestedCondition(permissionConfig)) {
-            const result = this.evaluateCondition(permissionConfig, userPermissions);
-            if (!result.passed) {
-                this.logger.warn(`Permission denied (userId: ${user.id})`, 'PermissionGuard');
-                throw new _permissionexception.InsufficientPermissionsException(result.missingPermissions, result.operator);
-            }
-        } else {
-            this.validateSimplePermissions(requiredPermissions, userPermissions, operator);
+        const logicNode = this.normalizeToLogicNode(permissionConfig);
+        if (!logicNode) return true;
+        const result = this.evaluateLogicNode(logicNode, userPermissions);
+        if (!result.passed) {
+            this.logger.warn(`Permission denied (userId: ${user.id})`, 'PermissionGuard');
+            throw new _permissionexception.InsufficientPermissionsException(result.missingPermissions, result.operator);
         }
         return true;
     }
-    normalizePermissionConfig(config) {
-        if (Array.isArray(config)) return {
-            permissions: config,
-            operator: 'and'
-        };
-        return {
-            permissions: config.permissions || [],
-            operator: config.operator || 'and'
-        };
-    }
-    validateSimplePermissions(requiredPermissions, userPermissions, operator) {
-        if (operator === 'or') {
-            const hasAny = requiredPermissions.some((p)=>this.hasPermission(userPermissions, p));
-            if (!hasAny) throw new _permissionexception.InsufficientPermissionsException(requiredPermissions, 'or');
-        } else {
-            const hasAll = requiredPermissions.every((p)=>this.hasPermission(userPermissions, p));
-            if (!hasAll) {
-                const missing = requiredPermissions.filter((p)=>!this.hasPermission(userPermissions, p));
-                throw new _permissionexception.InsufficientPermissionsException(missing, 'and');
-            }
+    normalizeToLogicNode(config) {
+        // string - single permission
+        if (typeof config === 'string') {
+            return config ? {
+                type: 'action',
+                actionId: config
+            } : null;
         }
+        // string[] - treat as AND of multiple permissions
+        if (Array.isArray(config)) {
+            if (config.length === 0) return null;
+            if (config.length === 1) return {
+                type: 'action',
+                actionId: config[0]
+            };
+            return {
+                type: 'group',
+                operator: 'AND',
+                children: config.map((p)=>({
+                        type: 'action',
+                        actionId: p
+                    }))
+            };
+        }
+        // SimplePermissionConfig - { permissions: string[], operator: 'AND'|'OR' }
+        if ('permissions' in config && Array.isArray(config.permissions)) {
+            const simple = config;
+            if (simple.permissions.length === 0) return null;
+            if (simple.permissions.length === 1) return {
+                type: 'action',
+                actionId: simple.permissions[0]
+            };
+            return {
+                type: 'group',
+                operator: simple.operator || 'AND',
+                children: simple.permissions.map((p)=>({
+                        type: 'action',
+                        actionId: p
+                    }))
+            };
+        }
+        // ILogicNode
+        return config;
     }
-    isNestedCondition(config) {
-        if (Array.isArray(config)) return false;
-        return 'children' in config && Array.isArray(config.children) && config.children.length > 0;
-    }
-    evaluateCondition(condition, userPermissions) {
-        const { permissions = [], operator, children = [] } = condition;
-        // SECURITY: Fail-closed - deny access when no permissions configured (empty condition)
-        if (permissions.length === 0 && children.length === 0) {
+    evaluateLogicNode(node, userPermissions) {
+        if (node.type === 'action') {
+            const passed = this.hasPermission(userPermissions, node.actionId);
+            return {
+                passed,
+                missingPermissions: passed ? [] : [
+                    node.actionId
+                ],
+                operator: 'AND'
+            };
+        }
+        // Group node
+        const { operator, children } = node;
+        // SECURITY: Fail-closed - deny access when no children configured
+        if (!children || children.length === 0) {
             return {
                 passed: false,
-                message: 'No permissions configured - access denied by default',
                 missingPermissions: [],
                 operator
             };
         }
         const results = [];
-        const failureDetails = [];
         const missingPermissions = [];
-        if (permissions.length > 0) {
-            if (operator === 'or') {
-                const hasAny = permissions.some((p)=>this.hasPermission(userPermissions, p));
-                results.push(hasAny);
-                if (!hasAny) {
-                    failureDetails.push(`needs one of: [${permissions.join(', ')}]`);
-                    missingPermissions.push(...permissions);
-                }
-            } else {
-                const hasAll = permissions.every((p)=>this.hasPermission(userPermissions, p));
-                results.push(hasAll);
-                if (!hasAll) {
-                    const missing = permissions.filter((p)=>!this.hasPermission(userPermissions, p));
-                    failureDetails.push(`missing: [${missing.join(', ')}]`);
-                    missingPermissions.push(...missing);
-                }
-            }
-        }
         for (const child of children){
-            const childResult = this.evaluateCondition(child, userPermissions);
+            const childResult = this.evaluateLogicNode(child, userPermissions);
             results.push(childResult.passed);
             if (!childResult.passed) {
-                failureDetails.push(`(${childResult.message})`);
                 missingPermissions.push(...childResult.missingPermissions);
             }
         }
-        // Evaluate based on operator - empty results already handled above
-        const passed = operator === 'or' ? results.some((r)=>r) : results.every((r)=>r);
-        const message = passed ? 'OK' : `Denied: ${failureDetails.join(` ${operator.toUpperCase()} `)}`;
+        const passed = operator === 'OR' ? results.some((r)=>r) : results.every((r)=>r);
         return {
             passed,
-            message,
-            missingPermissions,
+            missingPermissions: passed ? [] : missingPermissions,
             operator
         };
     }

package/cjs/index.js

@@ -7,6 +7,7 @@ _export_star(require("./constants"), exports);
 _export_star(require("./decorators"), exports);
 _export_star(require("./dtos"), exports);
 _export_star(require("./entities"), exports);
+_export_star(require("./enums"), exports);
 _export_star(require("./exceptions"), exports);
 _export_star(require("./guards"), exports);
 _export_star(require("./interceptors"), exports);

package/cjs/interfaces/event-manager-adapter.interface.js

@@ -0,0 +1,11 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+    value: true
+});
+Object.defineProperty(exports, "EVENT_MANAGER_ADAPTER", {
+    enumerable: true,
+    get: function() {
+        return EVENT_MANAGER_ADAPTER;
+    }
+});
+const EVENT_MANAGER_ADAPTER = 'EVENT_MANAGER_ADAPTER';

package/cjs/interfaces/index.js

@@ -4,10 +4,12 @@ Object.defineProperty(exports, "__esModule", {
 });
 _export_star(require("./api.interface"), exports);
 _export_star(require("./datasource.interface"), exports);
+_export_star(require("./event-manager-adapter.interface"), exports);
 _export_star(require("./identity.interface"), exports);
 _export_star(require("./logged-user-info.interface"), exports);
 _export_star(require("./logger.interface"), exports);
 _export_star(require("./module-config.interface"), exports);
+_export_star(require("./notification-adapter.interface"), exports);
 _export_star(require("./permission.interface"), exports);
 function _export_star(from, to) {
     Object.keys(from).forEach(function(k) {

package/cjs/interfaces/notification-adapter.interface.js

@@ -0,0 +1,11 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+    value: true
+});
+Object.defineProperty(exports, "NOTIFICATION_ADAPTER", {
+    enumerable: true,
+    get: function() {
+        return NOTIFICATION_ADAPTER;
+    }
+});
+const NOTIFICATION_ADAPTER = 'NOTIFICATION_ADAPTER';

package/cjs/interfaces/permission.interface.js

@@ -1,4 +1,4 @@
-"use strict";
+/** Action node - checks a single permission/action code */ "use strict";
 Object.defineProperty(exports, "__esModule", {
     value: true
 });

package/cjs/utils/html-sanitizer.util.js

@@ -1,11 +1,4 @@
-/**
- * HTML Sanitizer Utilities
- *
- * Provides functions for escaping HTML content to prevent XSS attacks.
- * Use these utilities when interpolating user-provided variables into HTML content.
- */ /**
- * HTML entity mapping for escaping special characters
- */ "use strict";
+"use strict";
 Object.defineProperty(exports, "__esModule", {
     value: true
 });
@@ -23,7 +16,14 @@ _export(exports, {
         return escapeHtmlVariables;
     }
 });
-const HTML_ESCAPE_MAP = {
+/**
+ * HTML Sanitizer Utilities
+ *
+ * Provides functions for escaping HTML content to prevent XSS attacks.
+ * Use these utilities when interpolating user-provided variables into HTML content.
+ */ /**
+ * HTML entity mapping for escaping special characters
+ */ const HTML_ESCAPE_MAP = {
     '&': '&',
     '<': '&lt;',
     '>': '&gt;',

package/cjs/utils/request.util.js

@@ -19,6 +19,7 @@ _export(exports, {
         return parseDurationToMs;
     }
 });
+const _config = require("@flusys/nestjs-core/config");
 const _constants = require("../constants");
 /** Time unit multipliers in milliseconds */ const TIME_UNIT_MS = {
     s: 1000,
@@ -45,7 +46,7 @@ function isBrowserRequest(req) {
 function buildCookieOptions(req) {
     const hostname = req.hostname || '';
     const origin = req.headers.origin || '';
-    const isProduction = process.env.NODE_ENV === 'production';
+    const isProduction = _config.envConfig.isProduction();
     const forwardedProto = req.headers['x-forwarded-proto'];
     const isHttps = isProduction || forwardedProto === 'https' || origin.startsWith('https://') || req.secure;
     let domain;

package/classes/api-controller.class.d.ts

@@ -1,14 +1,14 @@
 import { BulkResponseDto, DeleteDto, FilterAndPaginationDto, GetByIdBodyDto, ListResponseDto, MessageResponseDto, SingleResponseDto } from '../dtos';
 import { Identity } from '../entities';
-import { ILoggedUserInfo, IService, PermissionCondition, PermissionOperator } from '../interfaces';
+import { ILoggedUserInfo, IPermissionLogic, IService } from '../interfaces';
 import { Type } from '@nestjs/common';
 export type ApiEndpoint = 'insert' | 'insertMany' | 'getById' | 'getAll' | 'update' | 'updateMany' | 'delete';
 export type SecurityLevel = 'public' | 'jwt' | 'permission';
 export interface EndpointSecurity {
     level: SecurityLevel;
     permissions?: string[];
-    operator?: PermissionOperator;
-    condition?: PermissionCondition;
+    operator?: 'AND' | 'OR';
+    logic?: IPermissionLogic;
 }
 export type ApiSecurityConfig = {
     [K in ApiEndpoint]?: EndpointSecurity | SecurityLevel;

package/constants/permissions.d.ts

@@ -86,6 +86,24 @@ export declare const FORM_RESULT_PERMISSIONS: {
     readonly UPDATE: "form-result.update";
     readonly DELETE: "form-result.delete";
 };
+export declare const EVENT_PERMISSIONS: {
+    readonly CREATE: "event.create";
+    readonly READ: "event.read";
+    readonly UPDATE: "event.update";
+    readonly DELETE: "event.delete";
+};
+export declare const EVENT_PARTICIPANT_PERMISSIONS: {
+    readonly CREATE: "event-participant.create";
+    readonly READ: "event-participant.read";
+    readonly UPDATE: "event-participant.update";
+    readonly DELETE: "event-participant.delete";
+};
+export declare const NOTIFICATION_PERMISSIONS: {
+    readonly CREATE: "notification.create";
+    readonly READ: "notification.read";
+    readonly UPDATE: "notification.update";
+    readonly DELETE: "notification.delete";
+};
 export declare const PERMISSIONS: {
     readonly USER: {
         readonly CREATE: "user.create";
@@ -175,5 +193,23 @@ export declare const PERMISSIONS: {
         readonly UPDATE: "form-result.update";
         readonly DELETE: "form-result.delete";
     };
+    readonly EVENT: {
+        readonly CREATE: "event.create";
+        readonly READ: "event.read";
+        readonly UPDATE: "event.update";
+        readonly DELETE: "event.delete";
+    };
+    readonly EVENT_PARTICIPANT: {
+        readonly CREATE: "event-participant.create";
+        readonly READ: "event-participant.read";
+        readonly UPDATE: "event-participant.update";
+        readonly DELETE: "event-participant.delete";
+    };
+    readonly NOTIFICATION: {
+        readonly CREATE: "notification.create";
+        readonly READ: "notification.read";
+        readonly UPDATE: "notification.update";
+        readonly DELETE: "notification.delete";
+    };
 };
 export type PermissionCode = (typeof PERMISSIONS)[keyof typeof PERMISSIONS][keyof (typeof PERMISSIONS)[keyof typeof PERMISSIONS]];

package/decorators/require-permission.decorator.d.ts

@@ -1,4 +1,5 @@
-import { PermissionCondition } from '../interfaces/permission.interface';
+import { IPermissionLogic } from '../interfaces/permission.interface';
 export declare const RequirePermission: (...permissions: string[]) => import("@nestjs/common").CustomDecorator<string>;
 export declare const RequireAnyPermission: (...permissions: string[]) => import("@nestjs/common").CustomDecorator<string>;
-export declare const RequirePermissionCondition: (condition: PermissionCondition) => import("@nestjs/common").CustomDecorator<string>;
+export declare const RequirePermissionLogic: (logic: IPermissionLogic) => import("@nestjs/common").CustomDecorator<string>;
+export declare const RequirePermissionCondition: (logic: IPermissionLogic) => import("@nestjs/common").CustomDecorator<string>;

package/enums/index.d.ts

@@ -0,0 +1,3 @@
+export * from './notification-type.enum';
+export * from './participant-status.enum';
+export * from './recurrence-type.enum';

package/enums/notification-type.enum.d.ts

@@ -0,0 +1,6 @@
+export declare enum NotificationType {
+    INFO = "info",
+    WARNING = "warning",
+    SUCCESS = "success",
+    ERROR = "error"
+}

package/enums/participant-status.enum.d.ts

@@ -0,0 +1,6 @@
+export declare enum ParticipantStatus {
+    PENDING = "pending",
+    ACCEPTED = "accepted",
+    DECLINED = "declined",
+    TENTATIVE = "tentative"
+}

package/enums/recurrence-type.enum.d.ts

@@ -0,0 +1,7 @@
+export declare enum RecurrenceType {
+    NONE = "none",
+    DAILY = "daily",
+    WEEKLY = "weekly",
+    BIWEEKLY = "biweekly",
+    MONTHLY = "monthly"
+}

package/exceptions/permission.exception.d.ts

@@ -3,7 +3,7 @@ export declare class PermissionSystemUnavailableException extends InternalServer
     constructor(message?: string);
 }
 export declare class InsufficientPermissionsException extends ForbiddenException {
-    constructor(missingPermissions: string[], operator?: 'and' | 'or');
+    constructor(missingPermissions: string[], operator?: 'AND' | 'OR');
 }
 export declare class NoPermissionsFoundException extends ForbiddenException {
     constructor();

package/fesm/classes/api-controller.class.js

@@ -25,7 +25,7 @@ function _ts_param(paramIndex, decorator) {
         decorator(target, key, paramIndex);
     };
 }
-import { CurrentUser, Public, RequirePermission, RequireAnyPermission, RequirePermissionCondition } from '../decorators';
+import { CurrentUser, Public, RequirePermission, RequireAnyPermission, RequirePermissionLogic } from '../decorators';
 import { DeleteDto, FilterAndPaginationDto, GetByIdBodyDto } from '../dtos';
 import { JwtAuthGuard, PermissionGuard } from '../guards';
 import { IdempotencyInterceptor, SetCreatedByOnBody, SetDeletedByOnBody, SetUpdateByOnBody, Slug } from '../interceptors';
@@ -62,11 +62,11 @@ import { ApiResponseDto } from '../decorators/api-response.decorator';
             // Apply PermissionGuard to check permissions from cache
             decorators.push(UseGuards(JwtAuthGuard, PermissionGuard));
             decorators.push(ApiBearerAuth());
-            // Check for complex nested condition first
-            if (security.condition) {
-                decorators.push(RequirePermissionCondition(security.condition));
+            // Check for complex logic first
+            if (security.logic) {
+                decorators.push(RequirePermissionLogic(security.logic));
             } else if (security.permissions && security.permissions.length > 0) {
-                if (security.operator === 'or') {
+                if (security.operator === 'OR') {
                     decorators.push(RequireAnyPermission(...security.permissions));
                 } else {
                     // AND is default and most secure