@flusys/nestjs-storage 1.1.0-beta → 2.0.0-rc.0

package/fesm/config/storage.constants.js

@@ -1,15 +1,7 @@
 /**
  * Storage Module Constants
  */ export const STORAGE_MODULE_OPTIONS = 'STORAGE_MODULE_OPTIONS';
-export const STORAGE_CONFIG_SERVICE = 'STORAGE_CONFIG_SERVICE';
-export const STORAGE_DATA_SOURCE_PROVIDER = 'STORAGE_DATA_SOURCE_PROVIDER';
 export const DEFAULT_MAX_FILE_SIZE = 100 * 1024 * 1024; // 100MB
 export const DEFAULT_ALLOWED_FILE_TYPES = [
     '*/*'
 ]; // All file types
-export const FILE_VALIDATION_MESSAGES = {
-    FILE_TOO_LARGE: 'File size exceeds the maximum allowed size',
-    INVALID_FILE_TYPE: 'File type is not allowed',
-    NO_FILE_PROVIDED: 'No file was provided',
-    UPLOAD_FAILED: 'File upload failed'
-};

package/fesm/controllers/file-manager.controller.js

@@ -26,7 +26,7 @@ function _ts_param(paramIndex, decorator) {
     };
 }
 import { BadRequestException, Body, Controller, HttpCode, Inject, Post, Req, UseGuards } from '@nestjs/common';
-import { createApiController } from '@flusys/nestjs-shared/classes';
+import { createApiController, FILE_PERMISSIONS } from '@flusys/nestjs-shared/classes';
 import { CurrentUser } from '@flusys/nestjs-shared/decorators';
 import { SingleResponseDto } from '@flusys/nestjs-shared/dtos';
 import { JwtAuthGuard } from '@flusys/nestjs-shared/guards';
@@ -36,7 +36,50 @@ import { ApiBearerAuth, ApiBody, ApiOperation, ApiResponse, ApiTags } from '@nes
 import { Request } from 'express';
 import { FileManagerService } from '../services/file-manager.service';
 export class FileManagerController extends createApiController(CreateFileManagerDto, UpdateFileManagerDto, FileManagerResponseDto, {
-    security: 'jwt'
+    security: {
+        insert: {
+            level: 'permission',
+            permissions: [
+                FILE_PERMISSIONS.CREATE
+            ]
+        },
+        insertMany: {
+            level: 'permission',
+            permissions: [
+                FILE_PERMISSIONS.CREATE
+            ]
+        },
+        getById: {
+            level: 'permission',
+            permissions: [
+                FILE_PERMISSIONS.READ
+            ]
+        },
+        getAll: {
+            level: 'permission',
+            permissions: [
+                FILE_PERMISSIONS.READ
+            ]
+        },
+        update: {
+            level: 'permission',
+            permissions: [
+                FILE_PERMISSIONS.UPDATE
+            ]
+        },
+        updateMany: {
+            level: 'permission',
+            permissions: [
+                FILE_PERMISSIONS.UPDATE
+            ]
+        },
+        delete: {
+            level: 'permission',
+            permissions: [
+                FILE_PERMISSIONS.DELETE
+            ]
+        }
+    }
 }) {
     async getFiles(dto, req, user) {
         if (!dto || !dto.length) {

package/fesm/controllers/folder.controller.js

@@ -25,13 +25,56 @@ function _ts_param(paramIndex, decorator) {
         decorator(target, key, paramIndex);
     };
 }
-import { createApiController } from '@flusys/nestjs-shared/classes';
+import { createApiController, FOLDER_PERMISSIONS } from '@flusys/nestjs-shared/classes';
 import { CreateFolderDto, FolderResponseDto, UpdateFolderDto } from '../dtos';
 import { Controller, Inject } from '@nestjs/common';
 import { ApiTags } from '@nestjs/swagger';
 import { FolderService } from '../services/folder.service';
 export class FolderController extends createApiController(CreateFolderDto, UpdateFolderDto, FolderResponseDto, {
-    security: 'jwt'
+    security: {
+        insert: {
+            level: 'permission',
+            permissions: [
+                FOLDER_PERMISSIONS.CREATE
+            ]
+        },
+        insertMany: {
+            level: 'permission',
+            permissions: [
+                FOLDER_PERMISSIONS.CREATE
+            ]
+        },
+        getById: {
+            level: 'permission',
+            permissions: [
+                FOLDER_PERMISSIONS.READ
+            ]
+        },
+        getAll: {
+            level: 'permission',
+            permissions: [
+                FOLDER_PERMISSIONS.READ
+            ]
+        },
+        update: {
+            level: 'permission',
+            permissions: [
+                FOLDER_PERMISSIONS.UPDATE
+            ]
+        },
+        updateMany: {
+            level: 'permission',
+            permissions: [
+                FOLDER_PERMISSIONS.UPDATE
+            ]
+        },
+        delete: {
+            level: 'permission',
+            permissions: [
+                FOLDER_PERMISSIONS.DELETE
+            ]
+        }
+    }
 }) {
     constructor(folderService){
         super(folderService), _define_property(this, "folderService", void 0), this.folderService = folderService;

package/fesm/controllers/storage-config.controller.js

@@ -25,13 +25,56 @@ function _ts_param(paramIndex, decorator) {
         decorator(target, key, paramIndex);
     };
 }
-import { createApiController } from '@flusys/nestjs-shared/classes';
+import { createApiController, STORAGE_CONFIG_PERMISSIONS } from '@flusys/nestjs-shared/classes';
 import { CreateStorageConfigDto, StorageConfigResponseDto, UpdateStorageConfigDto } from '../dtos';
 import { Controller, Inject } from '@nestjs/common';
 import { ApiTags } from '@nestjs/swagger';
 import { StorageProviderConfigService } from '../services/storage-provider-config.service';
 export class StorageConfigController extends createApiController(CreateStorageConfigDto, UpdateStorageConfigDto, StorageConfigResponseDto, {
-    security: 'jwt'
+    security: {
+        insert: {
+            level: 'permission',
+            permissions: [
+                STORAGE_CONFIG_PERMISSIONS.CREATE
+            ]
+        },
+        insertMany: {
+            level: 'permission',
+            permissions: [
+                STORAGE_CONFIG_PERMISSIONS.CREATE
+            ]
+        },
+        getById: {
+            level: 'permission',
+            permissions: [
+                STORAGE_CONFIG_PERMISSIONS.READ
+            ]
+        },
+        getAll: {
+            level: 'permission',
+            permissions: [
+                STORAGE_CONFIG_PERMISSIONS.READ
+            ]
+        },
+        update: {
+            level: 'permission',
+            permissions: [
+                STORAGE_CONFIG_PERMISSIONS.UPDATE
+            ]
+        },
+        updateMany: {
+            level: 'permission',
+            permissions: [
+                STORAGE_CONFIG_PERMISSIONS.UPDATE
+            ]
+        },
+        delete: {
+            level: 'permission',
+            permissions: [
+                STORAGE_CONFIG_PERMISSIONS.DELETE
+            ]
+        }
+    }
 }) {
     constructor(storageConfigService){
         super(storageConfigService), _define_property(this, "storageConfigService", void 0), this.storageConfigService = storageConfigService;

package/fesm/controllers/upload.controller.js

@@ -26,45 +26,38 @@ function _ts_param(paramIndex, decorator) {
     };
 }
 import { JwtAuthGuard } from '@flusys/nestjs-shared/guards';
-import { ApiResponseDto, CurrentUser } from '@flusys/nestjs-shared/decorators';
+import { ApiResponseDto, CurrentUser, RequirePermission } from '@flusys/nestjs-shared/decorators';
 import { ILoggedUserInfo } from '@flusys/nestjs-shared/interfaces';
 import { DeleteMultipleFileDto, DeleteSingleFileDto, FileUploadResponsePayloadDto, UploadOptionsDto } from '../dtos';
 import { Body, Controller, Inject, Post, Query, UploadedFile, UploadedFiles, UseGuards, UseInterceptors } from '@nestjs/common';
 import { FileInterceptor, FilesInterceptor } from '@nestjs/platform-express';
 import { ApiBearerAuth, ApiBody, ApiConsumes, ApiOperation, ApiQuery, ApiTags } from '@nestjs/swagger';
 import { UploadService } from '../services/upload.service';
-import { StorageConfigService } from '../config';
-import { StorageFactoryService } from '../providers/storage-factory.service';
 export class UploadController {
+    toFileUploadResponse(file) {
+        return {
+            size: this.uploadService.bytesToKb(file.size),
+            name: file.name,
+            key: file.key,
+            contentType: file.contentType,
+            location: file.location || 'local',
+            storageConfigId: file.storageConfigId || ''
+        };
+    }
     async uploadSingleFile(file, options, user) {
         const result = await this.uploadService.uploadSingleFile(file, options, user);
         return {
             success: true,
             message: 'File uploaded successfully',
-            data: {
-                size: this.uploadService.bytesToKb(result.size),
-                name: result.name,
-                key: result.key,
-                contentType: result.contentType,
-                location: result.location || 'local',
-                storageConfigId: result.storageConfigId || ''
-            }
+            data: this.toFileUploadResponse(result)
         };
     }
     async uploadMultipleFiles(files, options, user) {
         const uploadResponses = await this.uploadService.uploadMultipleFiles(files, options, user);
-        const responseData = uploadResponses.map((file)=>({
-                size: this.uploadService.bytesToKb(file.size),
-                name: file.name,
-                key: file.key,
-                contentType: file.contentType,
-                location: file.location || 'local',
-                storageConfigId: file.storageConfigId || ''
-            }));
         return {
             success: true,
             message: 'Files uploaded successfully',
-            data: responseData
+            data: uploadResponses.map((file)=>this.toFileUploadResponse(file))
         };
     }
     async deleteSingleFile(dto, user) {
@@ -83,17 +76,14 @@ export class UploadController {
             data
         };
     }
-    constructor(uploadService, storageConfigService, storageFactoryService){
+    constructor(uploadService){
         _define_property(this, "uploadService", void 0);
-        _define_property(this, "storageConfigService", void 0);
-        _define_property(this, "storageFactoryService", void 0);
         this.uploadService = uploadService;
-        this.storageConfigService = storageConfigService;
-        this.storageFactoryService = storageFactoryService;
     }
 }
 _ts_decorate([
     Post('single-file'),
+    RequirePermission('file.upload'),
     ApiResponseDto(FileUploadResponsePayloadDto, false),
     ApiOperation({
         summary: 'Upload a single file'
@@ -135,6 +125,7 @@ _ts_decorate([
 ], UploadController.prototype, "uploadSingleFile", null);
 _ts_decorate([
     Post('multiple-file'),
+    RequirePermission('file.upload'),
     ApiOperation({
         summary: 'Upload multiple files (up to 50)'
     }),
@@ -179,6 +170,7 @@ _ts_decorate([
 ], UploadController.prototype, "uploadMultipleFiles", null);
 _ts_decorate([
     Post('delete-single-file'),
+    RequirePermission('file.delete'),
     ApiOperation({
         summary: 'Delete a single file'
     }),
@@ -196,6 +188,7 @@ _ts_decorate([
 ], UploadController.prototype, "deleteSingleFile", null);
 _ts_decorate([
     Post('delete-multiple-file'),
+    RequirePermission('file.delete'),
     ApiOperation({
         summary: 'Delete multiple files'
     }),
@@ -217,12 +210,8 @@ UploadController = _ts_decorate([
     Controller('storage/upload'),
     UseGuards(JwtAuthGuard),
     _ts_param(0, Inject(UploadService)),
-    _ts_param(1, Inject(StorageConfigService)),
-    _ts_param(2, Inject(StorageFactoryService)),
     _ts_metadata("design:type", Function),
     _ts_metadata("design:paramtypes", [
-        typeof UploadService === "undefined" ? Object : UploadService,
-        typeof StorageConfigService === "undefined" ? Object : StorageConfigService,
-        typeof StorageFactoryService === "undefined" ? Object : StorageFactoryService
+        typeof UploadService === "undefined" ? Object : UploadService
     ])
 ], UploadController);

package/fesm/docs/storage-swagger.config.js

@@ -1,4 +1,4 @@
-/** Schema properties to exclude when company feature is disabled */ const COMPANY_SCHEMA_EXCLUSIONS = [
+const COMPANY_SCHEMA_EXCLUSIONS = [
     {
         schemaName: 'FileManagerResponseDto',
         properties: [
@@ -18,126 +18,18 @@
         ]
     }
 ];
-/**
- * Storage Module Swagger Configuration
- * Use this with setupSwaggerDocs() from @flusys/nestjs-core
- *
- * @param bootstrapConfig - Bootstrap configuration to determine feature visibility
- * @returns Swagger configuration with appropriate excludeSchemaProperties based on enableCompanyFeature
- */ export function storageSwaggerConfig(bootstrapConfig) {
-    const enableCompanyFeature = bootstrapConfig?.enableCompanyFeature ?? true;
-    return {
-        title: 'Storage API',
-        description: enableCompanyFeature ? `
-# Storage Management API
-
-Complete file storage and management system with multi-tenant support.
-
-## Features
-
-### 📁 File Management
-- Upload single or multiple files
-- Download files with presigned URLs
-- Delete files (single or batch)
-- File metadata management
-- Automatic compression and optimization
-- **Company isolation**
-
-### 🗂️ Folder Company
-- Create folder hierarchies
-- Organize files by folders
-- **Company-level permissions**
-- Automatic context filtering
-
-### ⚙️ Storage Configuration
-- Multiple storage providers (AWS S3, Azure, SFTP, Local)
-- Provider-specific configurations
-- Default storage settings
-- Dynamic provider switching
-
-### 🔒 Security
-- JWT authentication required
-- **Company isolation**
-- File access control
-- Presigned URL generation
-
-## Storage Providers
-
-### AWS S3
-- Scalable cloud storage
-- Automatic redundancy
-- Global CDN integration
-
-### Azure Blob Storage
-- Microsoft Azure integration
-- Geo-redundant storage
-- Advanced security features
-
-### SFTP
-- Secure file transfer
-- Legacy system integration
-- Custom server support
-
-### Local Storage
-- Same-server storage
-- Fast access
-- No external dependencies
-
+function buildDescription(enableCompanyFeature) {
+    const companyIsolation = enableCompanyFeature ? '\n- **Company isolation**' : '';
+    const companyPermissions = enableCompanyFeature ? '\n- **Company-level permissions**' : '';
+    const multiTenantSection = enableCompanyFeature ? `
 ## Multi-Tenant Support
 
 Files are automatically isolated by:
 - **Company ID**: Company-level storage
 
 All queries automatically filter by current user's company context.
-
-## File Validation
-
-### Size Limits
-Configure maximum file size per upload (default: 10MB)
-
-### File Types
-Restrict allowed file types (default: images, PDFs)
-
-### Image Compression
-- Automatic image optimization
-- Format conversion (JPEG, PNG, WebP, AVIF)
-- Resize to maximum dimensions
-- Quality control
-
-## Response Format
-
-All endpoints return standardized responses with success status, data, message, and timestamp.
-
-## Error Handling
-
-Errors return structured responses with success false, error message, error code, and timestamp.
-
-## Common Error Codes
-
-- **400 Bad Request**: Invalid input data
-- **401 Unauthorized**: Missing or invalid authentication
-- **403 Forbidden**: Insufficient permissions
-- **404 Not Found**: Resource not found
-- **413 Payload Too Large**: File exceeds size limit
-- **415 Unsupported Media Type**: File type not allowed
-- **500 Internal Server Error**: Server error
-
-## Getting Started
-
-1. **Authenticate**: Obtain JWT token from /auth/login
-2. **Configure Storage**: Create storage configuration via /storage/storage-config/insert
-3. **Create Folders**: Organize files with /storage/folder/insert
-4. **Upload Files**: Upload files via /storage/upload/single-file
-5. **Manage Files**: Track uploads in /storage/file-manager
-
-## API Endpoints
-
-All storage endpoints are prefixed with \`/storage\`:
-- \`/storage/file-manager/*\` - File metadata management
-- \`/storage/folder/*\` - Folder organization
-- \`/storage/storage-config/*\` - Storage configuration
-- \`/storage/upload/*\` - File upload/download
-
+` : '';
+    const examplesSection = enableCompanyFeature ? `
 ## Examples
 
 ### Upload a File
@@ -151,27 +43,11 @@ POST /storage/file-manager/get-all with JSON body containing page and pageSize p
 ### Create Folder
 
 POST /storage/folder/insert with JSON body containing folder name
-
-## Best Practices
-
-1. **Always authenticate**: Include JWT token in Authorization header
-2. **Use folders**: Organize files hierarchically
-3. **Check file size**: Validate before upload
-4. **Handle errors**: Implement proper error handling
-5. **Clean up**: Delete unused files regularly
-6. **Use presigned URLs**: Generate temporary URLs for file access
-7. **Compress images**: Enable compression for faster loading
-
-## Rate Limiting
-
-All endpoints are rate-limited to prevent abuse. Default limits:
-- **Upload**: 100 requests per hour
-- **Download**: 1000 requests per hour
-- **Delete**: 50 requests per hour
-      ` : `
+` : '';
+    return `
 # Storage Management API
 
-Complete file storage and management system.
+Complete file storage and management system${enableCompanyFeature ? ' with multi-tenant support' : ''}.
 
 ## Features
 
@@ -180,12 +56,12 @@ Complete file storage and management system.
 - Download files with presigned URLs
 - Delete files (single or batch)
 - File metadata management
-- Automatic compression and optimization
+- Automatic compression and optimization${companyIsolation}
 
-### 🗂️ Folder Company
+### 🗂️ Folder Organization
 - Create folder hierarchies
-- Organize files by folders
-- Folder-level company
+- Organize files by folders${companyPermissions}
+- Automatic context filtering
 
 ### ⚙️ Storage Configuration
 - Multiple storage providers (AWS S3, Azure, SFTP, Local)
@@ -194,7 +70,7 @@ Complete file storage and management system.
 - Dynamic provider switching
 
 ### 🔒 Security
-- JWT authentication required
+- JWT authentication required${companyIsolation}
 - File access control
 - Presigned URL generation
 
@@ -219,7 +95,7 @@ Complete file storage and management system.
 - Same-server storage
 - Fast access
 - No external dependencies
-
+${multiTenantSection}
 ## File Validation
 
 ### Size Limits
@@ -267,7 +143,7 @@ All storage endpoints are prefixed with \`/storage\`:
 - \`/storage/folder/*\` - Folder organization
 - \`/storage/storage-config/*\` - Storage configuration
 - \`/storage/upload/*\` - File upload/download
-
+${examplesSection}
 ## Best Practices
 
 1. **Always authenticate**: Include JWT token in Authorization header
@@ -284,7 +160,16 @@ All endpoints are rate-limited to prevent abuse. Default limits:
 - **Upload**: 100 requests per hour
 - **Download**: 1000 requests per hour
 - **Delete**: 50 requests per hour
-      `,
+`;
+}
+/**
+ * Storage Module Swagger Configuration
+ * Use this with setupSwaggerDocs() from @flusys/nestjs-core
+ */ export function storageSwaggerConfig(bootstrapConfig) {
+    const enableCompanyFeature = bootstrapConfig?.enableCompanyFeature ?? true;
+    return {
+        title: 'Storage API',
+        description: buildDescription(enableCompanyFeature),
         version: '1.0',
         path: 'api/docs/storage',
         bearerAuth: true,