@lenne.tech/nest-server 10.3.1 → 10.3.3

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@lenne.tech/nest-server",
-  "version": "10.3.1",
+  "version": "10.3.3",
   "description": "Modern, fast, powerful Node.js web framework in TypeScript based on Nest with a GraphQL API and a connection to MongoDB (or other databases).",
   "keywords": [
     "node",
@@ -68,13 +68,13 @@
     "@lenne.tech/mongoose-gridfs": "1.4.2",
     "@lenne.tech/multer-gridfs-storage": "5.0.6",
     "@nestjs/apollo": "12.2.0",
-    "@nestjs/common": "10.4.0",
-    "@nestjs/core": "10.4.0",
+    "@nestjs/common": "10.4.1",
+    "@nestjs/core": "10.4.1",
     "@nestjs/graphql": "12.2.0",
     "@nestjs/jwt": "10.2.0",
     "@nestjs/mongoose": "10.0.10",
     "@nestjs/passport": "10.0.3",
-    "@nestjs/platform-express": "10.4.0",
+    "@nestjs/platform-express": "10.4.1",
     "@nestjs/schedule": "4.1.0",
     "@nestjs/terminus": "10.2.3",
     "apollo-server-core": "3.13.0",
@@ -94,7 +94,7 @@
     "light-my-request": "5.13.0",
     "lodash": "4.17.21",
     "mongodb": "6.8.0",
-    "mongoose": "7.8.0",
+    "mongoose": "7.8.1",
     "multer": "1.4.5-lts.1",
     "node-mailjet": "6.0.5",
     "nodemailer": "6.9.14",
@@ -112,10 +112,10 @@
     "@compodoc/compodoc": "1.1.25",
     "@lenne.tech/eslint-config-ts": "0.0.16",
     "@nestjs/cli": "10.4.4",
-    "@nestjs/schematics": "10.1.3",
-    "@nestjs/testing": "10.4.0",
+    "@nestjs/schematics": "10.1.4",
+    "@nestjs/testing": "10.4.1",
     "@swc/cli": "0.4.0",
-    "@swc/core": "1.7.10",
+    "@swc/core": "1.7.14",
     "@swc/jest": "0.2.36",
     "@types/compression": "1.7.5",
     "@types/cookie-parser": "1.4.7",
@@ -124,7 +124,7 @@
     "@types/jest": "29.5.12",
     "@types/lodash": "4.17.7",
     "@types/multer": "1.4.11",
-    "@types/node": "22.2.0",
+    "@types/node": "20.16.1",
     "@types/nodemailer": "6.4.15",
     "@types/passport": "1.0.16",
     "@types/supertest": "6.0.2",
@@ -133,14 +133,14 @@
     "coffeescript": "2.7.0",
     "eslint": "8.57.0",
     "eslint-config-prettier": "9.1.0",
-    "eslint-plugin-unused-imports": "3.2.0",
+    "eslint-plugin-unused-imports": "4.1.3",
     "find-file-up": "2.0.1",
     "grunt": "1.6.1",
     "grunt-bg-shell": "2.3.3",
     "grunt-contrib-clean": "2.0.1",
     "grunt-contrib-watch": "1.1.0",
     "grunt-sync": "0.8.2",
-    "husky": "9.1.4",
+    "husky": "9.1.5",
     "jest": "29.7.0",
     "npm-watch": "0.13.0",
     "pm2": "5.4.2",

package/src/config.env.ts

@@ -45,7 +45,7 @@ const config: { [env: string]: IServerOptions } = {
       driver: {
         introspection: true,
       },
-      maxComplexity: 20,
+      maxComplexity: 1000,
     },
     healthCheck: {
       configs: {
@@ -158,7 +158,7 @@ const config: { [env: string]: IServerOptions } = {
       driver: {
         introspection: true,
       },
-      maxComplexity: 20,
+      maxComplexity: 1000,
     },
     healthCheck: {
       configs: {
@@ -262,7 +262,7 @@ const config: { [env: string]: IServerOptions } = {
       driver: {
         introspection: true,
       },
-      maxComplexity: 20,
+      maxComplexity: 1000,
     },
     healthCheck: {
       configs: {

package/src/core/common/inputs/combined-filter.input.ts

@@ -1,10 +1,13 @@
 import { Field, InputType } from '@nestjs/graphql';
 
+import { Restricted } from '../decorators/restricted.decorator';
 import { LogicalOperatorEnum } from '../enums/logical-operator.enum';
+import { RoleEnum } from '../enums/role.enum';
 import { maps } from '../helpers/model.helper';
 import { CoreInput } from './core-input.input';
 import { FilterInput } from './filter.input';
 
+@Restricted(RoleEnum.S_EVERYONE)
 @InputType({
   description: 'Combination of multiple filters via logical operator',
 })
@@ -12,6 +15,7 @@ export class CombinedFilterInput extends CoreInput {
   /**
    * Logical Operator to combine filters
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field(type => LogicalOperatorEnum, {
     description: 'Logical Operator to combine filters',
   })
@@ -20,6 +24,7 @@ export class CombinedFilterInput extends CoreInput {
   /**
    * Filters to combine via logical operator
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field(type => [FilterInput], {
     description: 'Filters to combine via logical operator',
   })

package/src/core/common/inputs/filter.input.ts

@@ -1,5 +1,7 @@
 import { Field, InputType } from '@nestjs/graphql';
 
+import { Restricted } from '../decorators/restricted.decorator';
+import { RoleEnum } from '../enums/role.enum';
 import { CombinedFilterInput } from './combined-filter.input';
 import { CoreInput } from './core-input.input';
 import { SingleFilterInput } from './single-filter.input';
@@ -7,6 +9,7 @@ import { SingleFilterInput } from './single-filter.input';
 /**
  * Input for filtering. The `singleFilter` will be ignored if the `combinedFilter` is set.
  */
+@Restricted(RoleEnum.S_EVERYONE)
 @InputType({
   description: 'Input for filtering. The `singleFilter` will be ignored if the `combinedFilter` is set.',
 })
@@ -14,6 +17,7 @@ export class FilterInput extends CoreInput {
   /**
    * Combination of multiple filters via logical operator
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field(type => CombinedFilterInput, {
     description: 'Combination of multiple filters via logical operator',
     nullable: true,
@@ -23,6 +27,7 @@ export class FilterInput extends CoreInput {
   /**
    * Filter for a single property
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field(type => SingleFilterInput, {
     description: 'Filter for a single property',
     nullable: true,

package/src/core/common/inputs/single-filter.input.ts

@@ -1,17 +1,21 @@
 import { Field, InputType } from '@nestjs/graphql';
 
+import { Restricted } from '../decorators/restricted.decorator';
 import { ComparisonOperatorEnum } from '../enums/comparison-operator.enum';
+import { RoleEnum } from '../enums/role.enum';
 import { JSON } from '../scalars/json.scalar';
 import { CoreInput } from './core-input.input';
 
 /**
  * Input for a configuration of a filter
  */
+@Restricted(RoleEnum.S_EVERYONE)
 @InputType({ description: 'Input for a configuration of a filter' })
 export class SingleFilterInput extends CoreInput {
   /**
    * Convert value to ObjectId
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field({
     description: 'Convert value to ObjectId',
     nullable: true,
@@ -21,12 +25,14 @@ export class SingleFilterInput extends CoreInput {
   /**
    * Name of the property to be used for the filter
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field({ description: 'Name of the property to be used for the filter' })
   field: string = undefined;
 
   /**
    * Process value as reference
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field({
     description: 'Process value as reference',
     nullable: true,
@@ -36,6 +42,7 @@ export class SingleFilterInput extends CoreInput {
   /**
    * [Negate operator](https://docs.mongodb.com/manual/reference/operator/query/not/)
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field({
     description: '[Negate operator](https://docs.mongodb.com/manual/reference/operator/query/not/)',
     nullable: true,
@@ -45,6 +52,7 @@ export class SingleFilterInput extends CoreInput {
   /**
    * [Comparison operator](https://docs.mongodb.com/manual/reference/operator/query-comparison/)
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field(type => ComparisonOperatorEnum, {
     description: '[Comparison operator](https://docs.mongodb.com/manual/reference/operator/query-comparison/)',
   })
@@ -54,6 +62,7 @@ export class SingleFilterInput extends CoreInput {
    * [Options](https://docs.mongodb.com/manual/reference/operator/query/regex/#op._S_options) for
    * [REGEX](https://docs.mongodb.com/manual/reference/operator/query/regex/) operator
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field({
     description:
       '[Options](https://docs.mongodb.com/manual/reference/operator/query/regex/#op._S_options) for '
@@ -62,6 +71,7 @@ export class SingleFilterInput extends CoreInput {
   })
   options?: string = undefined;
 
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field(type => JSON, { description: 'Value of the property' })
   value: any = undefined;
 }

package/src/core/common/inputs/sort.input.ts

@@ -1,22 +1,27 @@
 import { Field, InputType } from '@nestjs/graphql';
 
+import { Restricted } from '../decorators/restricted.decorator';
+import { RoleEnum } from '../enums/role.enum';
 import { SortOrderEnum } from '../enums/sort-order.emum';
 import { CoreInput } from './core-input.input';
 
 /**
  * Sorting the returned elements
  */
+@Restricted(RoleEnum.S_EVERYONE)
 @InputType({ description: 'Sorting the returned elements' })
 export class SortInput extends CoreInput {
   /**
    * Field that is to be used for sorting
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field({ description: 'Field that is to be used for sorting' })
   field: string = undefined;
 
   /**
    * SortInput order of the field
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field(type => SortOrderEnum, { description: 'SortInput order of the field' })
   order: SortOrderEnum = undefined;
 }

package/src/core/common/models/core-persistence.model.ts

@@ -4,6 +4,7 @@ import { Types } from 'mongoose';
 
 import { Restricted } from '../decorators/restricted.decorator';
 import { RoleEnum } from '../enums/role.enum';
+import { getStringIds } from '../helpers/db.helper';
 import { CoreModel } from './core-model.model';
 
 /**
@@ -18,6 +19,7 @@ import { CoreModel } from './core-model.model';
  * with undefined if possible. If necessary and useful, the init method can then be used deliberately:
  * const corePersistenceModel = item ? CorePersistenceModel.map(item).init() : CorePersistenceModel.init();
  */
+@Restricted(RoleEnum.S_EVERYONE)
 @ObjectType({
   description: 'Persistence model which will be saved in DB',
   isAbstract: true,
@@ -100,4 +102,15 @@ export abstract class CorePersistenceModel extends CoreModel {
     this.updatedAt = this.tags === undefined ? this.createdAt : this.updatedAt;
     return this;
   }
+
+  /**
+   * Map input
+   */
+  override map(input) {
+    super.map(input);
+    if (input._id) {
+      this.id = getStringIds(input);
+    }
+    return this;
+  }
 }

package/src/core/modules/auth/core-auth.controller.ts

@@ -3,6 +3,8 @@ import { Args } from '@nestjs/graphql';
 import { Response as ResponseType } from 'express';
 
 import { CurrentUser } from '../../common/decorators/current-user.decorator';
+import { Roles } from '../../common/decorators/roles.decorator';
+import { RoleEnum } from '../../common/enums/role.enum';
 import { ConfigService } from '../../common/services/config.service';
 import { AuthGuardStrategy } from './auth-guard-strategy.enum';
 import { CoreAuthModel } from './core-auth.model';
@@ -13,6 +15,7 @@ import { ICoreAuthUser } from './interfaces/core-auth-user.interface';
 import { CoreAuthService } from './services/core-auth.service';
 import { Tokens } from './tokens.decorator';
 
+@Roles(RoleEnum.ADMIN)
 @Controller('auth')
 export class CoreAuthController {
   /**
@@ -26,6 +29,7 @@ export class CoreAuthController {
   /**
    * Logout user (from specific device)
    */
+  @Roles(RoleEnum.S_EVERYONE)
   @UseGuards(AuthGuard(AuthGuardStrategy.JWT))
   @Get()
   async logout(
@@ -41,6 +45,7 @@ export class CoreAuthController {
   /**
    * Refresh token (for specific device)
    */
+  @Roles(RoleEnum.S_EVERYONE)
   @UseGuards(AuthGuard(AuthGuardStrategy.JWT_REFRESH))
   @Get()
   async refreshToken(
@@ -55,6 +60,7 @@ export class CoreAuthController {
   /**
    * Sign in user via email and password (on specific device)
    */
+  @Roles(RoleEnum.S_EVERYONE)
   @Post()
   async signIn(@Res() res: ResponseType, @Body('input') input: CoreAuthSignInInput): Promise<CoreAuthModel> {
     const result = await this.authService.signIn(input);
@@ -64,6 +70,7 @@ export class CoreAuthController {
   /**
    * Register a new user account (on specific device)
    */
+  @Roles(RoleEnum.S_EVERYONE)
   @Post()
   async signUp(@Res() res: ResponseType, @Args('input') input: CoreAuthSignUpInput): Promise<CoreAuthModel> {
     const result = await this.authService.signUp(input);

package/src/core/modules/auth/core-auth.model.ts

@@ -1,11 +1,14 @@
 import { Field, ObjectType } from '@nestjs/graphql';
 
+import { Restricted } from '../../common/decorators/restricted.decorator';
+import { RoleEnum } from '../../common/enums/role.enum';
 import { CoreModel } from '../../common/models/core-model.model';
 import { CoreUserModel } from '../user/core-user.model';
 
 /**
  * CoreAuth model for the response after the sign in
  */
+@Restricted(RoleEnum.S_EVERYONE)
 @ObjectType({ description: 'CoreAuth', isAbstract: true })
 export class CoreAuthModel extends CoreModel {
   // ===================================================================================================================
@@ -15,18 +18,21 @@ export class CoreAuthModel extends CoreModel {
   /**
    * JavaScript Web Token (JWT)
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field({ description: 'JavaScript Web Token (JWT)', nullable: true })
   token?: string = undefined;
 
   /**
    * Refresh token
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field({ description: 'Refresh token', nullable: true })
   refreshToken?: string = undefined;
 
   /**
    * Current user
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field({ description: 'Current user' })
   user: CoreUserModel = undefined;
 

package/src/core/modules/auth/core-auth.resolver.ts

@@ -4,6 +4,8 @@ import { Response as ResponseType } from 'express';
 
 import { CurrentUser } from '../../common/decorators/current-user.decorator';
 import { GraphQLServiceOptions } from '../../common/decorators/graphql-service-options.decorator';
+import { Roles } from '../../common/decorators/roles.decorator';
+import { RoleEnum } from '../../common/enums/role.enum';
 import { ServiceOptions } from '../../common/interfaces/service-options.interface';
 import { ConfigService } from '../../common/services/config.service';
 import { AuthGuardStrategy } from './auth-guard-strategy.enum';
@@ -18,6 +20,7 @@ import { Tokens } from './tokens.decorator';
 /**
  * Authentication resolver for the sign in
  */
+@Roles(RoleEnum.ADMIN)
 @Resolver(of => CoreAuthModel, { isAbstract: true })
 export class CoreAuthResolver {
   /**
@@ -35,6 +38,7 @@ export class CoreAuthResolver {
   /**
    * Logout user (from specific device)
    */
+  @Roles(RoleEnum.S_EVERYONE)
   @UseGuards(AuthGuard(AuthGuardStrategy.JWT))
   @Mutation(returns => Boolean, { description: 'Logout user (from specific device)' })
   async logout(
@@ -50,6 +54,7 @@ export class CoreAuthResolver {
   /**
    * Refresh token (for specific device)
    */
+  @Roles(RoleEnum.S_EVERYONE)
   @UseGuards(AuthGuard(AuthGuardStrategy.JWT_REFRESH))
   @Mutation(returns => CoreAuthModel, { description: 'Refresh tokens (for specific device)' })
   async refreshToken(
@@ -64,6 +69,7 @@ export class CoreAuthResolver {
   /**
    * Sign in user via email and password (on specific device)
    */
+  @Roles(RoleEnum.S_EVERYONE)
   @Mutation(returns => CoreAuthModel, {
     description: 'Sign in user via email and password and get JWT tokens (for specific device)',
   })
@@ -79,6 +85,7 @@ export class CoreAuthResolver {
   /**
    * Register a new user account (on specific device)
    */
+  @Roles(RoleEnum.S_EVERYONE)
   @Mutation(returns => CoreAuthModel, { description: 'Register a new user account (on specific device)' })
   async signUp(
     @GraphQLServiceOptions({ gqlPath: 'signUp.user' }) serviceOptions: ServiceOptions,

package/src/core/modules/auth/inputs/core-auth-sign-in.input.ts

@@ -1,25 +1,32 @@
 import { Field, InputType } from '@nestjs/graphql';
 
+import { Restricted } from '../../../common/decorators/restricted.decorator';
+import { RoleEnum } from '../../../common/enums/role.enum';
 import { CoreInput } from '../../../common/inputs/core-input.input';
 
 /**
  * SignIn input
  */
+@Restricted(RoleEnum.S_EVERYONE)
 @InputType({ description: 'Sign-in input' })
 export class CoreAuthSignInInput extends CoreInput {
   // ===================================================================================================================
   // Properties
   // ===================================================================================================================
 
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field({ description: 'Device ID (is created automatically if it is not set)', nullable: true })
   deviceId?: string = undefined;
 
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field({ description: 'Device description', nullable: true })
   deviceDescription?: string = undefined;
 
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field({ description: 'Email', nullable: false })
   email: string = undefined;
 
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field({ description: 'Password', nullable: false })
   password: string = undefined;
 }

package/src/core/modules/auth/inputs/core-auth-sign-up.input.ts

@@ -1,9 +1,12 @@
 import { InputType } from '@nestjs/graphql';
 
+import { Restricted } from '../../../common/decorators/restricted.decorator';
+import { RoleEnum } from '../../../common/enums/role.enum';
 import { CoreAuthSignInInput } from './core-auth-sign-in.input';
 
 /**
  * SignUp input
  */
+@Restricted(RoleEnum.S_EVERYONE)
 @InputType({ description: 'Sign-up input' })
 export class CoreAuthSignUpInput extends CoreAuthSignInInput {}

package/src/core/modules/file/core-file-info.model.ts

@@ -2,17 +2,21 @@ import { Field, ObjectType } from '@nestjs/graphql';
 import { Prop } from '@nestjs/mongoose';
 import { Types } from 'mongoose';
 
+import { Restricted } from '../../common/decorators/restricted.decorator';
+import { RoleEnum } from '../../common/enums/role.enum';
 import { CoreModel } from '../../common/models/core-model.model';
 
 /**
  * File info
  */
+@Restricted(RoleEnum.S_EVERYONE)
 @ObjectType({ description: 'Information about file' })
 export class CoreFileInfo extends CoreModel {
   // ===========================================================================
   // Getter
   // ===========================================================================
 
+  @Restricted(RoleEnum.S_EVERYONE)
   get _id() {
     return new Types.ObjectId(this.id);
   }
@@ -21,9 +25,11 @@ export class CoreFileInfo extends CoreModel {
   // Properties
   // ===========================================================================
 
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field(() => String, { description: 'ID of the file' })
   id: string = undefined;
 
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field(() => Number, {
     description:
       'The size of each chunk in bytes. GridFS divides the document into chunks of size chunkSize, '
@@ -33,18 +39,22 @@ export class CoreFileInfo extends CoreModel {
   @Prop({ required: false, type: Number })
   chunkSize: number = undefined;
 
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field(() => String, { description: 'Content type', nullable: true })
   @Prop({ required: false, type: String })
   contentType?: string = undefined;
 
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field(() => String, { description: 'Name of the file', nullable: true })
   @Prop({ required: false, type: String })
   filename?: string = undefined;
 
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field(() => Number, { description: 'The size of the document in bytes', nullable: true })
   @Prop({ required: false, type: Number })
   length: number = undefined;
 
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field(() => Date, { description: 'The date the file was first stored', nullable: true })
   @Prop({ required: false, type: Date })
   uploadDate: Date = undefined;

package/src/core/modules/file/core-file.controller.ts

@@ -1,10 +1,13 @@
 import { BadRequestException, Controller, Get, NotFoundException, Param, Res } from '@nestjs/common';
 
+import { Roles } from '../../common/decorators/roles.decorator';
+import { RoleEnum } from '../../common/enums/role.enum';
 import { CoreFileService } from './core-file.service';
 
 /**
  * File controller
  */
+@Roles(RoleEnum.ADMIN)
 @Controller('files')
 export abstract class CoreFileController {
   /**
@@ -15,6 +18,7 @@ export abstract class CoreFileController {
   /**
    * Download file
    */
+  @Roles(RoleEnum.S_EVERYONE)
   @Get(':filename')
   async getFile(@Param('filename') filename: string, @Res() res) {
     if (!filename) {

package/src/core/modules/file/core-file.resolver.ts

@@ -1,6 +1,8 @@
 import { Args, Mutation, Query, Resolver } from '@nestjs/graphql';
 import * as GraphQLUpload from 'graphql-upload/GraphQLUpload.js';
 
+import { Roles } from '../../common/decorators/roles.decorator';
+import { RoleEnum } from '../../common/enums/role.enum';
 import { CoreFileService } from './core-file.service';
 import { CoreFileInfo } from './core-file-info.model';
 import { FileUpload } from './interfaces/file-upload.interface';
@@ -8,6 +10,7 @@ import { FileUpload } from './interfaces/file-upload.interface';
 /**
  * File resolver
  */
+@Roles(RoleEnum.ADMIN)
 @Resolver()
 export class CoreFileResolver {
   /**
@@ -22,6 +25,7 @@ export class CoreFileResolver {
   /**
    * Get file info
    */
+  @Roles(RoleEnum.S_EVERYONE)
   @Query(() => CoreFileInfo, { nullable: true })
   async getFileInfo(@Args({ name: 'filename', type: () => String }) filename: string): Promise<any> {
     return await this.fileService.getFileInfoByName(filename);
@@ -34,6 +38,7 @@ export class CoreFileResolver {
   /**
    * Delete file
    */
+  @Roles(RoleEnum.S_EVERYONE)
   @Mutation(() => CoreFileInfo)
   async deleteFile(@Args({ name: 'filename', type: () => String }) filename: string): Promise<any> {
     return await this.fileService.deleteFileByName(filename);
@@ -42,6 +47,7 @@ export class CoreFileResolver {
   /**
    * Upload file
    */
+  @Roles(RoleEnum.S_EVERYONE)
   @Mutation(() => CoreFileInfo)
   async uploadFile(@Args({ name: 'file', type: () => GraphQLUpload }) file: FileUpload): Promise<any> {
     return await this.fileService.createFile(file);
@@ -50,6 +56,7 @@ export class CoreFileResolver {
   /**
    * Upload files
    */
+  @Roles(RoleEnum.S_EVERYONE)
   @Mutation(() => [CoreFileInfo])
   async uploadFiles(@Args({ name: 'files', type: () => [GraphQLUpload] }) files: FileUpload[]): Promise<any> {
     return await this.fileService.createFiles(files);

package/src/core/modules/health-check/core-health-check-result.model.ts

@@ -1,11 +1,14 @@
 import { Field, ObjectType } from '@nestjs/graphql';
 
+import { Restricted } from '../../common/decorators/restricted.decorator';
+import { RoleEnum } from '../../common/enums/role.enum';
 import { CoreModel } from '../../common/models/core-model.model';
 import { JSON } from '../../common/scalars/json.scalar';
 
 /**
  * User model
  */
+@Restricted(RoleEnum.S_EVERYONE)
 @ObjectType({ description: 'Health check result' })
 export abstract class CoreHealthCheckResult extends CoreModel {
   // ===================================================================================================================
@@ -15,12 +18,14 @@ export abstract class CoreHealthCheckResult extends CoreModel {
   /**
    * The overall status of the Health Check
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field({ description: 'The overall status of the Health Check', nullable: false })
   status: 'error' | 'ok' | 'shutting_down' = undefined;
 
   /**
    * The info object contains information of each health indicator which is of status “up”
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field(type => JSON, {
     description: 'The info object contains information of each health indicator which is of status “up”',
     nullable: true,
@@ -30,6 +35,7 @@ export abstract class CoreHealthCheckResult extends CoreModel {
   /**
    * The error object contains information of each health indicator which is of status “down”
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field(type => JSON, {
     description: 'The error object contains information of each health indicator which is of status “down”',
     nullable: true,
@@ -39,6 +45,7 @@ export abstract class CoreHealthCheckResult extends CoreModel {
   /**
    * The details object contains information of every health indicator
    */
+  @Restricted(RoleEnum.S_EVERYONE)
   @Field(type => JSON, {
     description: 'The details object contains information of every health indicator',
     nullable: false,

package/src/core/modules/health-check/core-health-check.controller.ts

@@ -1,11 +1,14 @@
 import { Controller, Get } from '@nestjs/common';
 
+import { Roles } from '../../common/decorators/roles.decorator';
+import { RoleEnum } from '../../common/enums/role.enum';
 import { CoreHealthCheckService } from './core-health-check.service';
 
 /**
  * The HealthController class checks the health of various components including the database, memory, and disk.
  * Inspired by https://mobileappcircular.com/marketplace-backend-creating-a-health-check-endpoint-in-nestjs-app-using-terminus-25727e96c7d2
  */
+@Roles(RoleEnum.ADMIN)
 @Controller()
 export class CoreHealthCheckController {
   constructor(protected readonly healthCheckService: CoreHealthCheckService) {}
@@ -18,6 +21,7 @@ export class CoreHealthCheckController {
    * storage. The `healthCheck()` method will return a Promise that resolves with an array of objects
    * representing the results of each check
    */
+  @Roles(RoleEnum.S_EVERYONE)
   @Get('health-check')
   async healthCheck() {
     return this.healthCheckService.healthCheck();