@misalon/common 1.0.12 → 1.0.15

package/build/index.d.ts

@@ -8,7 +8,7 @@ export * from './middlewares/current-user';
 export * from './middlewares/error-handler';
 export * from './middlewares/require-auth';
 export * from './middlewares/validate-request';
-export * from './middlewares/admin-auth';
+export * from './middlewares/restrict-by-role';
 export * from './events/base-listener';
 export * from './events/base-publisher';
 export * from './events/subjects';
@@ -18,3 +18,4 @@ export * from "./events/appointment--created-event";
 export * from "./events/appointment-cancelled-event";
 export * from './events/type/service-category';
 export * from './events/type/status';
+export * from './permissions/index';

package/build/index.js

@@ -24,7 +24,7 @@ __exportStar(require("./middlewares/current-user"), exports);
 __exportStar(require("./middlewares/error-handler"), exports);
 __exportStar(require("./middlewares/require-auth"), exports);
 __exportStar(require("./middlewares/validate-request"), exports);
-__exportStar(require("./middlewares/admin-auth"), exports);
+__exportStar(require("./middlewares/restrict-by-role"), exports);
 __exportStar(require("./events/base-listener"), exports);
 __exportStar(require("./events/base-publisher"), exports);
 __exportStar(require("./events/subjects"), exports);
@@ -34,3 +34,4 @@ __exportStar(require("./events/appointment--created-event"), exports);
 __exportStar(require("./events/appointment-cancelled-event"), exports);
 __exportStar(require("./events/type/service-category"), exports);
 __exportStar(require("./events/type/status"), exports);
+__exportStar(require("./permissions/index"), exports);

package/build/middlewares/restrict-by-role.d.ts

@@ -0,0 +1,2 @@
+import { Request, Response, NextFunction } from 'express';
+export declare const restrictByRole: (restrictedRoles: string[]) => (req: Request, res: Response, next: NextFunction) => void;

package/build/middlewares/restrict-by-role.js

@@ -0,0 +1,19 @@
+"use strict";
+// common/src/middlewares/restrict-by-role.ts
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.restrictByRole = void 0;
+var not_authorized_error_1 = require("../errors/not-authorized-error"); // Adjust path as needed
+var restrictByRole = function (restrictedRoles) {
+    return function (req, res, next) {
+        if (!req.currentUser) {
+            // If user is not authenticated, return a 401 error
+            res.status(401).send({ error: 'User not authenticated' });
+            return;
+        }
+        if (restrictedRoles.includes(req.currentUser.role)) {
+            throw new not_authorized_error_1.NotAuthorizedError();
+        }
+        next();
+    };
+};
+exports.restrictByRole = restrictByRole;

package/build/permissions/index.d.ts

@@ -0,0 +1,9 @@
+export declare const Roles: {
+    ADMIN: string;
+    USER: string;
+};
+export declare const RestrictedActions: {
+    CREATE_APPOINTMENT: string[];
+    CANCEL_APPOINTMENT: string[];
+    MANAGE_SERVICES: string[];
+};

package/build/permissions/index.js

@@ -0,0 +1,12 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RestrictedActions = exports.Roles = void 0;
+exports.Roles = {
+    ADMIN: 'admin',
+    USER: 'user',
+};
+exports.RestrictedActions = {
+    CREATE_APPOINTMENT: [exports.Roles.ADMIN], // Admins restricted from creating appointments
+    CANCEL_APPOINTMENT: [exports.Roles.ADMIN], // Admins restricted from canceling appointments
+    MANAGE_SERVICES: [exports.Roles.USER], // Users restricted from managing salon services
+};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@misalon/common",
-  "version": "1.0.12",
+  "version": "1.0.15",
   "main": "./build/index.js",
   "types": "./build/index.d.ts",
   "files": [